ChangeLog   [plain text]


2019-03-04  Babak Shafiei  <bshafiei@apple.com>

        Cherry-pick r242355. rdar://problem/48563891

    [iOS] Fullscreen "stay in page" option breaks video playback
    https://bugs.webkit.org/show_bug.cgi?id=195277
    <rdar://problem/48537317>
    
    Reviewed by Eric Carlson.
    
    Source/WebCore:
    
    Add a LOG entry when playback is rejected due to media playback suspension.
    
    * html/MediaElementSession.cpp:
    (WebCore::MediaElementSession::playbackPermitted const):
    
    Source/WebKit:
    
    Make sure we resume media playback when the user chooses "stay in page" from the deceptive
    website warning dialog.
    
    * UIProcess/ios/fullscreen/WKFullScreenViewController.mm:
    (-[WKFullScreenViewController _showPhishingAlert]):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@242355 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-03-04  Jer Noble  <jer.noble@apple.com>

            [iOS] Fullscreen "stay in page" option breaks video playback
            https://bugs.webkit.org/show_bug.cgi?id=195277
            <rdar://problem/48537317>

            Reviewed by Eric Carlson.

            Add a LOG entry when playback is rejected due to media playback suspension.

            * html/MediaElementSession.cpp:
            (WebCore::MediaElementSession::playbackPermitted const):

2019-03-01  Babak Shafiei  <bshafiei@apple.com>

        Cherry-pick r242248. rdar://problem/48503712

    [iOS] Dark flash when opening Google AMP pages
    https://bugs.webkit.org/show_bug.cgi?id=195193
    rdar://problem/48326442
    
    Reviewed by Zalan Bujtas.
    
    Source/WebCore:
    
    After the incremental compositing updates changes, it was possible for a change in the size
    of an overflow:hidden element to fail to update the "ancestor clipping layer" geometry on
    a composited descendant that is not a descendant in z-order. When Google search results
    create the <iframe> that contain AMP contents, we'd fail to update a zero-sized clipping layer,
    leaving the #222 background of an intermediate element visible.
    
    Fix by setting a flag in RenderLayer::updateLayerPosition() (which is called in containing block order)
    that sets the "needs geometry update" dirty bit on containing-block-descendant layers. Currently
    this flag affects all descendants; in future, we might be able to clear it for grand-children.
    
    Tests: compositing/geometry/ancestor-clip-change-interleaved-stacking-context.html
           compositing/geometry/ancestor-clip-change.html
    
    * rendering/RenderLayer.cpp:
    (WebCore::RenderLayer::updateLayerPositions):
    (WebCore::RenderLayer::updateLayerPosition):
    * rendering/RenderLayer.h:
    * rendering/RenderLayerBacking.cpp:
    (WebCore::RenderLayerBacking::updateAfterLayout):
    * rendering/RenderLayerBacking.h:
    
    LayoutTests:
    
    Tests that change the size of a clipping layer with non-z-order composited descendant, with
    a couple of layer tree configurations.
    
    * compositing/geometry/ancestor-clip-change-expected.html: Added.
    * compositing/geometry/ancestor-clip-change-interleaved-stacking-context-expected.html: Added.
    * compositing/geometry/ancestor-clip-change-interleaved-stacking-context.html: Added.
    * compositing/geometry/ancestor-clip-change.html: Added.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@242248 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-28  Simon Fraser  <simon.fraser@apple.com>

            [iOS] Dark flash when opening Google AMP pages
            https://bugs.webkit.org/show_bug.cgi?id=195193
            rdar://problem/48326442

            Reviewed by Zalan Bujtas.

            After the incremental compositing updates changes, it was possible for a change in the size
            of an overflow:hidden element to fail to update the "ancestor clipping layer" geometry on
            a composited descendant that is not a descendant in z-order. When Google search results
            create the <iframe> that contain AMP contents, we'd fail to update a zero-sized clipping layer,
            leaving the #222 background of an intermediate element visible.

            Fix by setting a flag in RenderLayer::updateLayerPosition() (which is called in containing block order)
            that sets the "needs geometry update" dirty bit on containing-block-descendant layers. Currently
            this flag affects all descendants; in future, we might be able to clear it for grand-children.

            Tests: compositing/geometry/ancestor-clip-change-interleaved-stacking-context.html
                   compositing/geometry/ancestor-clip-change.html

            * rendering/RenderLayer.cpp:
            (WebCore::RenderLayer::updateLayerPositions):
            (WebCore::RenderLayer::updateLayerPosition):
            * rendering/RenderLayer.h:
            * rendering/RenderLayerBacking.cpp:
            (WebCore::RenderLayerBacking::updateAfterLayout):
            * rendering/RenderLayerBacking.h:

2019-02-28  Alan Coon  <alancoon@apple.com>

        Cherry-pick r242204. rdar://problem/48483749

    Locale names can be nullptr
    https://bugs.webkit.org/show_bug.cgi?id=195171
    <rdar://problem/48262376>
    
    Reviewed by Dean Jackson.
    
    Nullptr can't be used in keys to HashMaps, so take an early out in this case.
    
    This is a partial revert of r241288.
    
    * platform/graphics/cocoa/FontDescriptionCocoa.cpp:
    (WebCore::FontDescription::platformResolveGenericFamily):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@242204 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-28  Myles C. Maxfield  <mmaxfield@apple.com>

            Locale names can be nullptr
            https://bugs.webkit.org/show_bug.cgi?id=195171
            <rdar://problem/48262376>

            Reviewed by Dean Jackson.

            Nullptr can't be used in keys to HashMaps, so take an early out in this case.

            This is a partial revert of r241288.

            * platform/graphics/cocoa/FontDescriptionCocoa.cpp:
            (WebCore::FontDescription::platformResolveGenericFamily):

2019-02-27  Alan Coon  <alancoon@apple.com>

        Cherry-pick r242138. rdar://problem/48444136

    Unable to log into chase.com on iPad when DeviceMotionEvent API is disabled
    https://bugs.webkit.org/show_bug.cgi?id=195101
    <rdar://problem/48423023>
    
    Reviewed by Geoffrey Garen.
    
    Add site-specific quirk for chase.com on iOS where we fire a dummy DeviceMotionEvent if the page
    tries to register a "devicemotion" event listener and fails because the API is disabled. This is
    needed to unblock the site and proceed with the login flow.
    
    Unfortunately, document()->settings().needsSiteSpecificQuirks() is false on iOS so I could not
    guard the quirk behind this flag.
    
    * page/DOMWindow.cpp:
    (WebCore::DOMWindow::addEventListener):
    (WebCore::DOMWindow::failedToRegisterDeviceMotionEventListener):
    * page/DOMWindow.h:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@242138 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-27  Chris Dumez  <cdumez@apple.com>

            Unable to log into chase.com on iPad when DeviceMotionEvent API is disabled
            https://bugs.webkit.org/show_bug.cgi?id=195101
            <rdar://problem/48423023>

            Reviewed by Geoffrey Garen.

            Add site-specific quirk for chase.com on iOS where we fire a dummy DeviceMotionEvent if the page
            tries to register a "devicemotion" event listener and fails because the API is disabled. This is
            needed to unblock the site and proceed with the login flow.

            Unfortunately, document()->settings().needsSiteSpecificQuirks() is false on iOS so I could not
            guard the quirk behind this flag.

            * page/DOMWindow.cpp:
            (WebCore::DOMWindow::addEventListener):
            (WebCore::DOMWindow::failedToRegisterDeviceMotionEventListener):
            * page/DOMWindow.h:

2019-02-27  Babak Shafiei  <bshafiei@apple.com>

        Cherry-pick r242099. rdar://problem/48429675

    [iOS] Regression(PSON) Scroll position is no longer restored when navigating back to reddit.com
    https://bugs.webkit.org/show_bug.cgi?id=195054
    <rdar://problem/48330549>
    
    Reviewed by Geoff Garen.
    
    Source/WebCore:
    
    Add MaintainMemoryCache flag to indicate that the memory cache should not get purged.
    
    * page/MemoryRelease.cpp:
    (WebCore::releaseNoncriticalMemory):
    (WebCore::releaseCriticalMemory):
    (WebCore::releaseMemory):
    * page/MemoryRelease.h:
    
    Source/WebKit:
    
    We attempt to restore the scroll position twice, on first layout and then on load completion.
    Before PSON, the scroll position would fail to get restored on first layout but would succeed
    on load completion because the view is tall enough by then. With PSON however, we would
    fail to restore the scroll position on load completion because the view would not be tall
    enough yet by this point. The reason is that the dynamic resources would not be in the memory cache
    and would then get reloaded abd finish loading *after* the load event.
    
    To address the issue, we now make sure to not purge the memory cache on process suspension on
    iOS if there is currently a SuspendedPageProxy in the UIProcess for this process.
    
    * UIProcess/SuspendedPageProxy.cpp:
    (WebKit::SuspendedPageProxy::SuspendedPageProxy):
    (WebKit::SuspendedPageProxy::~SuspendedPageProxy):
    * UIProcess/WebProcessProxy.cpp:
    (WebKit::WebProcessProxy::incrementSuspendedPageCount):
    (WebKit::WebProcessProxy::decrementSuspendedPageCount):
    * UIProcess/WebProcessProxy.h:
    * WebProcess/WebProcess.cpp:
    (WebKit::WebProcess::initializeWebProcess):
    (WebKit::WebProcess::setHasSuspendedPageProxy):
    * WebProcess/WebProcess.h:
    * WebProcess/WebProcess.messages.in:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@242099 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-26  Chris Dumez  <cdumez@apple.com>

            [iOS] Regression(PSON) Scroll position is no longer restored when navigating back to reddit.com
            https://bugs.webkit.org/show_bug.cgi?id=195054
            <rdar://problem/48330549>

            Reviewed by Geoff Garen.

            Add MaintainMemoryCache flag to indicate that the memory cache should not get purged.

            * page/MemoryRelease.cpp:
            (WebCore::releaseNoncriticalMemory):
            (WebCore::releaseCriticalMemory):
            (WebCore::releaseMemory):
            * page/MemoryRelease.h:

2019-02-24  Babak Shafiei  <bshafiei@apple.com>

        Cherry-pick r241986. rdar://problem/48350373

    Crash in SWServerJobQueue::runNextJobSynchronously
    https://bugs.webkit.org/show_bug.cgi?id=194974
    
    Reviewed by Geoffrey Garen.
    
    We suspect the crash is happening due to m_jobQueue being empty in runNextJobSynchronously
    or there is a timer heap corruption again :(
    
    Exit early when m_jobQueue is empty. Also add a debug assert that this should never happen
    but convert an existing release assert to a debug assert since this appears to be hitting
    too frequently in wild.
    
    * workers/service/server/SWServerJobQueue.cpp:
    (WebCore::SWServerJobQueue::runNextJobSynchronously):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241986 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-22  Ryosuke Niwa  <rniwa@webkit.org>

            Crash in SWServerJobQueue::runNextJobSynchronously
            https://bugs.webkit.org/show_bug.cgi?id=194974

            Reviewed by Geoffrey Garen.

            We suspect the crash is happening due to m_jobQueue being empty in runNextJobSynchronously
            or there is a timer heap corruption again :(

            Exit early when m_jobQueue is empty. Also add a debug assert that this should never happen
            but convert an existing release assert to a debug assert since this appears to be hitting
            too frequently in wild.

            * workers/service/server/SWServerJobQueue.cpp:
            (WebCore::SWServerJobQueue::runNextJobSynchronously):

2019-02-24  Babak Shafiei  <bshafiei@apple.com>

        Cherry-pick r241967. rdar://problem/48350358

    Crash under IDBServer::IDBConnectionToClient::identifier() const
    https://bugs.webkit.org/show_bug.cgi?id=194843
    <rdar://problem/48203102>
    
    Reviewed by Geoffrey Garen.
    
    UniqueIDBDatabase should ignore requests from connections that are already closed.
    
    Tests are hard to create without some tricks on UniqueIDBDatabase so this fix is verified manually.
    One test is created by adding delay to UniqueIDBDatabase::openBackingStore on the background thread to make sure
    disconnection of web process happens before UniqueIDBDatabase::didOpenBackingStore, because didOpenBackingStore
    may start a version change transaction and ask for identifier from the connection that is already gone.
    
    * Modules/indexeddb/server/IDBConnectionToClient.cpp:
    (WebCore::IDBServer::IDBConnectionToClient::connectionToClientClosed):
    * Modules/indexeddb/server/IDBConnectionToClient.h:
    (WebCore::IDBServer::IDBConnectionToClient::isClosed):
    * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
    (WebCore::IDBServer::UniqueIDBDatabase::clearStalePendingOpenDBRequests):
    (WebCore::IDBServer::UniqueIDBDatabase::handleDatabaseOperations):
    (WebCore::IDBServer::UniqueIDBDatabase::operationAndTransactionTimerFired):
    * Modules/indexeddb/server/UniqueIDBDatabase.h:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241967 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-22  Sihui Liu  <sihui_liu@apple.com>

            Crash under IDBServer::IDBConnectionToClient::identifier() const
            https://bugs.webkit.org/show_bug.cgi?id=194843
            <rdar://problem/48203102>

            Reviewed by Geoffrey Garen.

            UniqueIDBDatabase should ignore requests from connections that are already closed.

            Tests are hard to create without some tricks on UniqueIDBDatabase so this fix is verified manually.
            One test is created by adding delay to UniqueIDBDatabase::openBackingStore on the background thread to make sure
            disconnection of web process happens before UniqueIDBDatabase::didOpenBackingStore, because didOpenBackingStore
            may start a version change transaction and ask for identifier from the connection that is already gone.

            * Modules/indexeddb/server/IDBConnectionToClient.cpp:
            (WebCore::IDBServer::IDBConnectionToClient::connectionToClientClosed):
            * Modules/indexeddb/server/IDBConnectionToClient.h:
            (WebCore::IDBServer::IDBConnectionToClient::isClosed):
            * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
            (WebCore::IDBServer::UniqueIDBDatabase::clearStalePendingOpenDBRequests):
            (WebCore::IDBServer::UniqueIDBDatabase::handleDatabaseOperations):
            (WebCore::IDBServer::UniqueIDBDatabase::operationAndTransactionTimerFired):
            * Modules/indexeddb/server/UniqueIDBDatabase.h:

2019-02-24  Babak Shafiei  <bshafiei@apple.com>

        Cherry-pick r241915. rdar://problem/48298733

    Layout Test fast/text/international/khmer-selection.html is crashing
    https://bugs.webkit.org/show_bug.cgi?id=191368
    
    Reviewed by Brent Fulgham.
    
    Source/WebCore:
    
    GlyphBuffer's offset array wasn't getting filled by UniscribeController.
    Our underlining code requires this array.
    
    Uniscribe gives us a character -> glyph mapping, so we just have to compute
    the inverse and give it to the GlyphBuffer.
    
    This patch is written by Myles C. Maxfield.
    
    Test: fast/text/international/khmer-selection.html.
    
    * platform/graphics/GlyphBuffer.h:
    (WebCore::GlyphBuffer::add):
    * platform/graphics/displaylists/DisplayListItems.cpp:
    (WebCore::DisplayList::DrawGlyphs::generateGlyphBuffer const):
    * platform/graphics/win/UniscribeController.cpp:
    (WebCore::UniscribeController::advance):
    (WebCore::UniscribeController::itemizeShapeAndPlace):
    (WebCore::UniscribeController::shapeAndPlaceItem):
    * platform/graphics/win/UniscribeController.h:
    
    LayoutTests:
    
    * platform/win/TestExpectations:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241915 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-21  Per Arne Vollan  <pvollan@apple.com>

            Layout Test fast/text/international/khmer-selection.html is crashing
            https://bugs.webkit.org/show_bug.cgi?id=191368

            Reviewed by Brent Fulgham.

            GlyphBuffer's offset array wasn't getting filled by UniscribeController.
            Our underlining code requires this array.

            Uniscribe gives us a character -> glyph mapping, so we just have to compute
            the inverse and give it to the GlyphBuffer.

            This patch is written by Myles C. Maxfield.

            Test: fast/text/international/khmer-selection.html.

            * platform/graphics/GlyphBuffer.h:
            (WebCore::GlyphBuffer::add):
            * platform/graphics/displaylists/DisplayListItems.cpp:
            (WebCore::DisplayList::DrawGlyphs::generateGlyphBuffer const):
            * platform/graphics/win/UniscribeController.cpp:
            (WebCore::UniscribeController::advance):
            (WebCore::UniscribeController::itemizeShapeAndPlace):
            (WebCore::UniscribeController::shapeAndPlaceItem):
            * platform/graphics/win/UniscribeController.h:

2019-02-24  Babak Shafiei  <bshafiei@apple.com>

        Cherry-pick r241830. rdar://problem/48248202

    REGRESSION (r241788>): ASSERTION FAILED: !m_normalFlowListDirty in TestWebKitAPI.WebKit.ResizeReversePaginatedWebView test
    https://bugs.webkit.org/show_bug.cgi?id=194866
    
    Reviewed by Antti Koivisto.
    
    r241788 removed some calls that updated layer lists (normal flow and z-order) during compositing updates, causing
    a later call to RenderLayerCompositor::recursiveRepaintLayer() to assert when the lists were dirty. Fix by updating
    the lists in RenderLayerCompositor::recursiveRepaintLayer(), as we do in various other places.
    
    * rendering/RenderLayerCompositor.cpp:
    (WebCore::RenderLayerCompositor::recursiveRepaintLayer):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241830 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-20  Simon Fraser  <simon.fraser@apple.com>

            REGRESSION (r241788>): ASSERTION FAILED: !m_normalFlowListDirty in TestWebKitAPI.WebKit.ResizeReversePaginatedWebView test
            https://bugs.webkit.org/show_bug.cgi?id=194866

            Reviewed by Antti Koivisto.

            r241788 removed some calls that updated layer lists (normal flow and z-order) during compositing updates, causing
            a later call to RenderLayerCompositor::recursiveRepaintLayer() to assert when the lists were dirty. Fix by updating
            the lists in RenderLayerCompositor::recursiveRepaintLayer(), as we do in various other places.

            * rendering/RenderLayerCompositor.cpp:
            (WebCore::RenderLayerCompositor::recursiveRepaintLayer):

2019-02-21  Alan Coon  <alancoon@apple.com>

        Apply patch. rdar://problem/48229545

    2019-02-21  Ryosuke Niwa  <rniwa@webkit.org>

            REGRESSION(r240909): Release assertion in FrameLoader::loadPostRequest when opening new window
            https://bugs.webkit.org/show_bug.cgi?id=194820

            Reviewed by Geoffrey Garen and Brady Eidson.

            This release assertion was wrong. The invocation of PolicyChecker::checkNewWindowPolicy in FrameLoader
            doesn’t require PolicyChecker's load type to be set in PolicyChecker because FrameLoader's
            continueLoadAfterNewWindowPolicy invokes loadWithNavigationAction which sets the load type later,
            and we don't rely on PolicyChecker's load type until then.

            Fixed the crash by removing relese asserts before invoking checkNewWindowPolicy accordingly.

            This patch reverts r241015 since it too was asserting that PolicyChecker's load type is set before
            invoking checkNewWindowPolicy which is not the right assumption.

            Test: fast/loader/navigate-with-post-to-new-target-after-back-forward-navigation.html

            * loader/FrameLoader.cpp:
            (WebCore::FrameLoader::loadURL):
            (WebCore::FrameLoader::load):
            (WebCore::FrameLoader::loadPostRequest):

2019-02-20  Alan Coon  <alancoon@apple.com>

        Cherry-pick r241848. rdar://problem/48257838

    Crash in DOMWindowExtension::suspendForPageCache
    https://bugs.webkit.org/show_bug.cgi?id=194871
    
    Reviewed by Chris Dumez.
    
    This is a speculative fix for a crash in DOMWindowExtension::suspendForPageCache.
    
    We think it's possible for DOMWindowExtension::suspendForPageCache notifying the clients via
    dispatchWillDisconnectDOMWindowExtensionFromGlobalObject to remove other DOMWindowExtension's.
    Check that each DOMWindowProperty is still in m_properties before invoking suspendForPageCache
    to avoid the crash.
    
    * page/DOMWindow.cpp:
    (WebCore::DOMWindow::willDestroyCachedFrame):
    (WebCore::DOMWindow::willDestroyDocumentInFrame):
    (WebCore::DOMWindow::willDetachDocumentFromFrame):
    (WebCore::DOMWindow::suspendForPageCache):
    (WebCore::DOMWindow::resumeFromPageCache):
    * page/DOMWindowExtension.cpp:
    (WebCore::DOMWindowExtension::suspendForPageCache):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241848 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-20  Ryosuke Niwa  <rniwa@webkit.org>

            Crash in DOMWindowExtension::suspendForPageCache
            https://bugs.webkit.org/show_bug.cgi?id=194871

            Reviewed by Chris Dumez.

            This is a speculative fix for a crash in DOMWindowExtension::suspendForPageCache.

            We think it's possible for DOMWindowExtension::suspendForPageCache notifying the clients via
            dispatchWillDisconnectDOMWindowExtensionFromGlobalObject to remove other DOMWindowExtension's.
            Check that each DOMWindowProperty is still in m_properties before invoking suspendForPageCache
            to avoid the crash.

            * page/DOMWindow.cpp:
            (WebCore::DOMWindow::willDestroyCachedFrame):
            (WebCore::DOMWindow::willDestroyDocumentInFrame):
            (WebCore::DOMWindow::willDetachDocumentFromFrame):
            (WebCore::DOMWindow::suspendForPageCache):
            (WebCore::DOMWindow::resumeFromPageCache):
            * page/DOMWindowExtension.cpp:
            (WebCore::DOMWindowExtension::suspendForPageCache):

2019-02-20  Alan Coon  <alancoon@apple.com>

        Cherry-pick r241788. rdar://problem/48248202

    REGRESSION (r238090): Toggling visibility on the <html> element can result in a blank web view
    https://bugs.webkit.org/show_bug.cgi?id=194827
    rdar://problem/47620594
    
    Reviewed by Antti Koivisto.
    
    Source/WebCore:
    
    Incremental compositing updates, added in rr238090, use repaints as a trigger for re-evaluating
    layer configurations, since a repaint implies that a layer gains painted content. This is done
    via the call to setNeedsCompositingConfigurationUpdate() in RenderLayerBacking::setContentsNeedDisplay{InRect}.
    The RenderView's layer is opted out of this to avoid doing lots of redundant layer config recomputation
    for the root. The configuration state that matters here is whether the layer contains painted content,
    and therefore needs backing store; this is computed by RenderLayerBacking::isSimpleContainerCompositingLayer(),
    and feeds into GraphicsLayer::drawsContent().
    
    However, if <html> starts as "visibility:hidden" or "opacity:0", as some sites do to hide incremental loading,
    then we'll fail to recompute 'drawsContent' for the root and leave the root with drawsContent=false, which
    causes RenderLayerBacking::setContentsNeedDisplay{InRect} to short-circuit, and then we paint nothing.
    
    Ironically, 'drawsContent' doesn't actually save any backing store for the root, since it has no affect on
    the root tile caches; we always make tiles. So the simple fix here is to change RenderLayerBacking::isSimpleContainerCompositingLayer()
    to always return false for the RenderView's layer (the root).
    
    Testing this was tricky; ref testing doesn't work because we force repaint, and we normally skip
    properties of the root in layer tree dumps to hide WK1/WK2 differences. Therefore I had to add
    LAYER_TREE_INCLUDES_ROOT_LAYER_PROPERTIES and fix RenderLayerBacking::shouldDumpPropertyForLayer to
    respect it.
    
    Test: compositing/visibility/root-visibility-toggle.html
    
    * page/Frame.h:
    * platform/graphics/GraphicsLayer.cpp:
    (WebCore::GraphicsLayer::dumpProperties const):
    * platform/graphics/GraphicsLayerClient.h:
    (WebCore::GraphicsLayerClient::shouldDumpPropertyForLayer const):
    * rendering/RenderLayerBacking.cpp:
    (WebCore::RenderLayerBacking::isSimpleContainerCompositingLayer const):
    (WebCore::RenderLayerBacking::shouldDumpPropertyForLayer const):
    * rendering/RenderLayerBacking.h:
    * rendering/RenderLayerCompositor.cpp:
    (WebCore::RenderLayerCompositor::layerTreeAsText):
    * testing/Internals.cpp:
    (WebCore::toLayerTreeFlags):
    * testing/Internals.h:
    * testing/Internals.idl:
    
    LayoutTests:
    
    Test dumps layer tree with RenderLayerBacking::shouldDumpPropertyForLayer to show that the root has (drawsContent 1)
    
    * compositing/visibility/root-visibility-toggle-expected.txt: Added.
    * compositing/visibility/root-visibility-toggle.html: Added.
    * platform/mac-wk1/compositing/visibility/root-visibility-toggle-expected.txt: Added.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241788 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-19  Simon Fraser  <simon.fraser@apple.com>

            REGRESSION (r238090): Toggling visibility on the <html> element can result in a blank web view
            https://bugs.webkit.org/show_bug.cgi?id=194827
            rdar://problem/47620594

            Reviewed by Antti Koivisto.

            Incremental compositing updates, added in rr238090, use repaints as a trigger for re-evaluating
            layer configurations, since a repaint implies that a layer gains painted content. This is done
            via the call to setNeedsCompositingConfigurationUpdate() in RenderLayerBacking::setContentsNeedDisplay{InRect}.
            The RenderView's layer is opted out of this to avoid doing lots of redundant layer config recomputation
            for the root. The configuration state that matters here is whether the layer contains painted content,
            and therefore needs backing store; this is computed by RenderLayerBacking::isSimpleContainerCompositingLayer(),
            and feeds into GraphicsLayer::drawsContent().

            However, if <html> starts as "visibility:hidden" or "opacity:0", as some sites do to hide incremental loading,
            then we'll fail to recompute 'drawsContent' for the root and leave the root with drawsContent=false, which
            causes RenderLayerBacking::setContentsNeedDisplay{InRect} to short-circuit, and then we paint nothing.

            Ironically, 'drawsContent' doesn't actually save any backing store for the root, since it has no affect on
            the root tile caches; we always make tiles. So the simple fix here is to change RenderLayerBacking::isSimpleContainerCompositingLayer()
            to always return false for the RenderView's layer (the root).

            Testing this was tricky; ref testing doesn't work because we force repaint, and we normally skip
            properties of the root in layer tree dumps to hide WK1/WK2 differences. Therefore I had to add
            LAYER_TREE_INCLUDES_ROOT_LAYER_PROPERTIES and fix RenderLayerBacking::shouldDumpPropertyForLayer to
            respect it.

            Test: compositing/visibility/root-visibility-toggle.html

            * page/Frame.h:
            * platform/graphics/GraphicsLayer.cpp:
            (WebCore::GraphicsLayer::dumpProperties const):
            * platform/graphics/GraphicsLayerClient.h:
            (WebCore::GraphicsLayerClient::shouldDumpPropertyForLayer const):
            * rendering/RenderLayerBacking.cpp:
            (WebCore::RenderLayerBacking::isSimpleContainerCompositingLayer const):
            (WebCore::RenderLayerBacking::shouldDumpPropertyForLayer const):
            * rendering/RenderLayerBacking.h:
            * rendering/RenderLayerCompositor.cpp:
            (WebCore::RenderLayerCompositor::layerTreeAsText):
            * testing/Internals.cpp:
            (WebCore::toLayerTreeFlags):
            * testing/Internals.h:
            * testing/Internals.idl:

2019-02-20  Alan Coon  <alancoon@apple.com>

        Cherry-pick r241738. rdar://problem/48243338

    Uncaught Exception crash in MediaPlayerPrivateAVFoundationObjC::setShouldObserveTimeControlStatus()
    https://bugs.webkit.org/show_bug.cgi?id=194786
    
    Reviewed by Eric Carlson.
    
    Convert a runtime crash to a debug assert by wrapping the call to -[AVPlayer removeObserver:forKeyPath:]
    in an exception handler.
    
    * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
    (WebCore::MediaPlayerPrivateAVFoundationObjC::setShouldObserveTimeControlStatus):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241738 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-18  Jer Noble  <jer.noble@apple.com>

            Uncaught Exception crash in MediaPlayerPrivateAVFoundationObjC::setShouldObserveTimeControlStatus()
            https://bugs.webkit.org/show_bug.cgi?id=194786

            Reviewed by Eric Carlson.

            Convert a runtime crash to a debug assert by wrapping the call to -[AVPlayer removeObserver:forKeyPath:]
            in an exception handler.

            * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
            (WebCore::MediaPlayerPrivateAVFoundationObjC::setShouldObserveTimeControlStatus):

2019-02-20  Alan Coon  <alancoon@apple.com>

        Cherry-pick r241721. rdar://problem/48243376

    AX: PSON: Going back from apple.com to search results, cannot interact with HTML content. Disabling Swap Processes on Cross-Site Navigation resolves the issue.
    https://bugs.webkit.org/show_bug.cgi?id=194742
    
    Reviewed by Chris Dumez.
    
    Source/WebCore:
    
    With the new process model, WebProcess hits a case where it tries to send the "page loaded" notification before VoiceOver
    had a chance to register for any notifications. This leads to those notifications being dropped (and thus this bug).
    
    This change instead asks the UIProcess to send the notification, which we know VoiceOver has registered for, and can reliably
    receive notifications.
    
    It also sends the notification for "load failures," which to the VO users' perspective amounts to the same thing as a successful
    page load.
    
    * accessibility/mac/AXObjectCacheMac.mm:
    (WebCore::AXObjectCache::frameLoadingEventPlatformNotification):
    
    Source/WebKit:
    
    Re-initialize the accessibility web process tokens when swapping processes.
    Send page load notifications from the UIProcess instead of the WebProcess to improve reliability.
    
    * UIProcess/mac/PageClientImplMac.mm:
    (WebKit::PageClientImpl::didFinishLoadForMainFrame):
    (WebKit::PageClientImpl::didFailLoadForMainFrame):
    * WebProcess/WebPage/WebPage.cpp:
    (WebKit::WebPage::reinitializeWebPage):
    * WebProcess/WebPage/WebPage.h:
    * WebProcess/WebPage/gtk/WebPageGtk.cpp:
    (WebKit::WebPage::platformReinitialize):
    (WebKit::WebPage::platformDetach): Deleted.
    (WebKit::WebPage::platformEditorState const): Deleted.
    (WebKit::WebPage::updateAccessibilityTree): Deleted.
    (WebKit::WebPage::performDefaultBehaviorForKeyEvent): Deleted.
    (WebKit::WebPage::platformCanHandleRequest): Deleted.
    (WebKit::WebPage::platformUserAgent const): Deleted.
    (WebKit::WebPage::getCenterForZoomGesture): Deleted.
    (WebKit::WebPage::setInputMethodState): Deleted.
    (WebKit::WebPage::collapseSelectionInFrame): Deleted.
    * WebProcess/WebPage/ios/WebPageIOS.mm:
    (WebKit::WebPage::platformReinitialize):
    * WebProcess/WebPage/mac/WebPageMac.mm:
    (WebKit::WebPage::platformReinitialize):
    * WebProcess/WebPage/win/WebPageWin.cpp:
    (WebKit::WebPage::platformReinitialize):
    * WebProcess/WebPage/wpe/WebPageWPE.cpp:
    (WebKit::WebPage::platformReinitialize):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241721 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-18  Chris Fleizach  <cfleizach@apple.com>

            AX: PSON: Going back from apple.com to search results, cannot interact with HTML content. Disabling Swap Processes on Cross-Site Navigation resolves the issue.
            https://bugs.webkit.org/show_bug.cgi?id=194742

            Reviewed by Chris Dumez.

            With the new process model, WebProcess hits a case where it tries to send the "page loaded" notification before VoiceOver
            had a chance to register for any notifications. This leads to those notifications being dropped (and thus this bug).

            This change instead asks the UIProcess to send the notification, which we know VoiceOver has registered for, and can reliably
            receive notifications.

            It also sends the notification for "load failures," which to the VO users' perspective amounts to the same thing as a successful
            page load.

            * accessibility/mac/AXObjectCacheMac.mm:
            (WebCore::AXObjectCache::frameLoadingEventPlatformNotification):

2019-02-20  Alan Coon  <alancoon@apple.com>

        Cherry-pick r241626. rdar://problem/48243415

    Crash in the hit testing code via HTMLPlugInElement::isReplacementObscured()
    https://bugs.webkit.org/show_bug.cgi?id=194691
    
    Reviewed by Simon Fraser.
    
    Source/WebCore:
    
    The crash was caused by HTMLPlugInElement::isReplacementObscured updating the document
    without updating the layout of ancestor documents (i.e. documents in which frame owner
    elements appear) even though it hit-tests against the top-level document's RenderView.
    
    Fixed the bug by updating the layout of the top-level document as needed.
    
    Test: plugins/unsupported-plugin-with-replacement-in-iframe-crash.html
    
    * html/HTMLPlugInElement.cpp:
    (WebCore::HTMLPlugInElement::isReplacementObscured):
    
    LayoutTests:
    
    Added a regression test. It hits the newly added debug assertion without the fix.
    
    * platform/mac-wk1/TestExpectations: Skip the test since DumpRenderTree doesn't support
    testRunner.setPluginSupportedMode.
    * plugins/unsupported-plugin-with-replacement-in-iframe-crash-expected.txt: Added.
    * plugins/unsupported-plugin-with-replacement-in-iframe-crash.html: Added.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241626 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-15  Ryosuke Niwa  <rniwa@webkit.org>

            Crash in the hit testing code via HTMLPlugInElement::isReplacementObscured()
            https://bugs.webkit.org/show_bug.cgi?id=194691

            Reviewed by Simon Fraser.

            The crash was caused by HTMLPlugInElement::isReplacementObscured updating the document
            without updating the layout of ancestor documents (i.e. documents in which frame owner
            elements appear) even though it hit-tests against the top-level document's RenderView.

            Fixed the bug by updating the layout of the top-level document as needed.

            Test: plugins/unsupported-plugin-with-replacement-in-iframe-crash.html

            * html/HTMLPlugInElement.cpp:
            (WebCore::HTMLPlugInElement::isReplacementObscured):

2019-02-20  Alan Coon  <alancoon@apple.com>

        Cherry-pick r241567. rdar://problem/48243396

    Web Inspector: Occasional crash under WebCore::CSSStyleSheet::item called from Inspector
    https://bugs.webkit.org/show_bug.cgi?id=194671
    <rdar://problem/47628191>
    
    Patch by Joseph Pecoraro <pecoraro@apple.com> on 2019-02-14
    Reviewed by Devin Rousso.
    
    * css/CSSStyleSheet.cpp:
    (WebCore::CSSStyleSheet::item):
    A crash may happen if the m_childRuleCSSOMWrappers Vector gets out of
    sync with the m_contents list of rules. In particular if the wrappers
    vector is shorter than the rule list. We tried exercising code paths
    that modify these lists but were not able to reproduce the crash.
    To avoid a crash we can make this access safer and avoid the original
    overflow. At the same time we will keep and promote the assertion that
    would catch the lists getting out of sync in debug builds.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241567 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-14  Joseph Pecoraro  <pecoraro@apple.com>

            Web Inspector: Occasional crash under WebCore::CSSStyleSheet::item called from Inspector
            https://bugs.webkit.org/show_bug.cgi?id=194671
            <rdar://problem/47628191>

            Reviewed by Devin Rousso.

            * css/CSSStyleSheet.cpp:
            (WebCore::CSSStyleSheet::item):
            A crash may happen if the m_childRuleCSSOMWrappers Vector gets out of
            sync with the m_contents list of rules. In particular if the wrappers
            vector is shorter than the rule list. We tried exercising code paths
            that modify these lists but were not able to reproduce the crash.
            To avoid a crash we can make this access safer and avoid the original
            overflow. At the same time we will keep and promote the assertion that
            would catch the lists getting out of sync in debug builds.

2019-02-20  Alan Coon  <alancoon@apple.com>

        Cherry-pick r241547. rdar://problem/48220627

    Web Inspector: don't include accessibility role in DOM.Node object payloads
    https://bugs.webkit.org/show_bug.cgi?id=194623
    <rdar://problem/36384037>
    
    Reviewed by Devin Rousso.
    
    Source/JavaScriptCore:
    
    Remove property of DOM.Node that is no longer being sent.
    
    * inspector/protocol/DOM.json:
    
    Source/WebCore:
    
    Accessibility properties are complicated to fetch at all the points where we want to build and push nodes immediately.
    Turning on AX often indirectly causes style recalc and layout. This is bad because we are often building nodes in the
    first place due to a DOM node tree update (i.e., NodeInserted).
    
    It turns out that DOM.getAccessibilityPropertiesForNode is called every time we display
    the computed role in the Elements Tab > Nodes Sidebar > Accessibility Section. So it is not
    necessary to collect this information in a problematic way when initially pushing the node, as
    it will be updated anyway.
    
    No new tests, no change in behavior.
    
    * inspector/agents/InspectorDOMAgent.cpp:
    (WebCore::InspectorDOMAgent::buildObjectForNode):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241547 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-13  Brian Burg  <bburg@apple.com>

            Web Inspector: don't include accessibility role in DOM.Node object payloads
            https://bugs.webkit.org/show_bug.cgi?id=194623
            <rdar://problem/36384037>

            Reviewed by Devin Rousso.

            Accessibility properties are complicated to fetch at all the points where we want to build and push nodes immediately.
            Turning on AX often indirectly causes style recalc and layout. This is bad because we are often building nodes in the
            first place due to a DOM node tree update (i.e., NodeInserted).

            It turns out that DOM.getAccessibilityPropertiesForNode is called every time we display
            the computed role in the Elements Tab > Nodes Sidebar > Accessibility Section. So it is not
            necessary to collect this information in a problematic way when initially pushing the node, as
            it will be updated anyway.

            No new tests, no change in behavior.

            * inspector/agents/InspectorDOMAgent.cpp:
            (WebCore::InspectorDOMAgent::buildObjectForNode):

2019-02-20  Alan Coon  <alancoon@apple.com>

        Cherry-pick r241492. rdar://problem/48243254

    [Mac] PiP window can get "stuck" if PiP is closed while Safari window is minimized.
    https://bugs.webkit.org/show_bug.cgi?id=194621
    <rdar://problem/48002560>
    
    Reviewed by Eric Carlson.
    
    When Safari is minimized, no rAF() requests are executed. Don't gate responding to presentation
    change events in the media-controller.js on rAF().
    
    * Modules/modern-media-controls/media/media-controller.js:
    (MediaController.prototype._returnMediaLayerToInlineIfNeeded):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241492 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-13  Jer Noble  <jer.noble@apple.com>

            [Mac] PiP window can get "stuck" if PiP is closed while Safari window is minimized.
            https://bugs.webkit.org/show_bug.cgi?id=194621
            <rdar://problem/48002560>

            Reviewed by Eric Carlson.

            When Safari is minimized, no rAF() requests are executed. Don't gate responding to presentation
            change events in the media-controller.js on rAF().

            * Modules/modern-media-controls/media/media-controller.js:
            (MediaController.prototype._returnMediaLayerToInlineIfNeeded):

2019-02-20  Alan Coon  <alancoon@apple.com>

        Revert r237978. rdar://problem/48244945

2019-02-18  Babak Shafiei  <bshafiei@apple.com>

        Apply patch. rdar://problem/48122553

    Introduce a WebContent Process cache https://bugs.webkit.org/show_bug.cgi?id=194594 <rdar://problem/46793397>
    
    Reviewed by Geoff Garen.
    
    Source/WebCore:
    
    Update localizable strings.
    
    * en.lproj/Localizable.strings:
    
    Source/WebKit:
    
    Introduce a WebContent Process cache to reduce the number of process launches when
    process swap on navigation is enabled, and to reduce the power cost of the feature.
    
    If a WebProcess loaded pages from a single registrable domain then it is eligible
    for the cache. When process-swapping on navigation to a new registrable domain, we
    now attempt to retrieve a process from the cache for the domain in question instead
    of always launching a new one.
    
    The WebProcess cache currently has the following attributes:
    - It may contains 4 processes per GB of RAM the machine has, up to 30 processes.
    - WebProcesses automatically get evicted from the cache after 30 minutes.
    - If the application is no longer the active app, then the cache will get cleared
      after 5 minutes.
    - WebProcesses that are in the cache are reported as "(Cached)" in Activity Monitor.
    
    The WebProcess cache is currently disabled by default and can by enabled by the
    client via SPI.
    
    * Shared/WebBackForwardListItem.cpp:
    (WebKit::WebBackForwardListItem::WebBackForwardListItem):
    * Shared/WebBackForwardListItem.h:
    (WebKit::WebBackForwardListItem::lastProcessIdentifier const):
    (WebKit::WebBackForwardListItem::setLastProcessIdentifier):
    Add new lastProcessIdentifier data member that reflects which process this item
    was last loaded in. It is normally identical to the identifier of the process
    that created the item but it gets overriden in case of cross-site client-side
    redirect, since a new process takes over the item in this case.
    
    * Sources.txt:
    Add new source file.
    
    * UIProcess/API/APIProcessPoolConfiguration.cpp:
    (API::ProcessPoolConfiguration::copy):
    * UIProcess/API/APIProcessPoolConfiguration.h:
    * UIProcess/API/C/WKContextConfigurationRef.cpp:
    (WKContextConfigurationUsesWebProcessCache):
    (WKContextConfigurationSetUsesWebProcessCache):
    * UIProcess/API/C/WKContextConfigurationRef.h:
    * UIProcess/API/Cocoa/_WKProcessPoolConfiguration.h:
    * UIProcess/API/Cocoa/_WKProcessPoolConfiguration.mm:
    (-[_WKProcessPoolConfiguration setUsesWebProcessCache:]):
    (-[_WKProcessPoolConfiguration usesWebProcessCache]):
    Add new SPI to enable the WebProcess cache.
    
    * UIProcess/API/Cocoa/WKProcessPool.mm:
    (-[WKProcessPool _webProcessCountIgnoringPrewarmedAndCached]):
    * UIProcess/API/Cocoa/WKProcessPoolPrivate.h:
    Add new SPI for testing which returns the number of WebProcesses ignoring
    both prewarmed and cached ones.
    
    * UIProcess/Cocoa/WebProcessPoolCocoa.mm:
    (WebKit::WebProcessPool::registerNotificationObservers):
    (WebKit::WebProcessPool::unregisterNotificationObservers):
    Add application active state observers as the WebProcess cache gets cleared
    when the application resigns active state for more than 5 minutes.
    
    * UIProcess/ProvisionalPageProxy.cpp:
    (WebKit::ProvisionalPageProxy::loadRequest):
    When doing a load in a new process with the BackForwardList locked (i.e. client-side
    redirect), make sure we update the last process identifier for the BackForwardListItem.
    This is important because the logic in WebProcessPool::processForNavigation() relies on
    this identifier to select which process to do the history navigation into, and we want
    to do the load in the post-redirect process, not the pre-redirect one.
    
    * UIProcess/WebPageProxy.cpp:
    (WebKit::WebPageProxy::didStartProvisionalLoadForFrameShared):
    Tell the WebProcess whenever a main frame provisional load is started, providing the URL.
    
    * UIProcess/WebProcessCache.cpp: Added.
    (WebKit::WebProcessCache::WebProcessCache):
    (WebKit::WebProcessCache::addProcess):
    (WebKit::WebProcessCache::takeProcess):
    (WebKit::WebProcessCache::updateMaximumSize):
    (WebKit::WebProcessCache::clear):
    (WebKit::WebProcessCache::setApplicationIsActive):
    (WebKit::WebProcessCache::evictProcess):
    (WebKit::WebProcessCache::CachedProcess::CachedProcess):
    (WebKit::WebProcessCache::CachedProcess::~CachedProcess):
    (WebKit::WebProcessCache::CachedProcess::takeProcess):
    (WebKit::WebProcessCache::CachedProcess::evictionTimerFired):
    * UIProcess/WebProcessCache.h: Added.
    (WebKit::WebProcessCache::maximumSize):
    (WebKit::WebProcessCache::size const):
    (WebKit::WebProcessCache::CachedProcess::process):
    Add process cache implementation.
    
    * UIProcess/WebProcessPool.cpp:
    (WebKit::m_webProcessCache):
    WebProcessCache is stored on the WebProcessPool via m_webProcessCache data member.
    
    (WebKit::WebProcessPool::~WebProcessPool):
    Clear the WebProcess cache in the destructor.
    
    (WebKit::WebProcessPool::setApplicationIsActive):
    Notify the WebProcessCache whenever the application's active state changes.
    
    (WebKit::WebProcessPool::createWebPage):
    If the state of PSON changes via the experimental features menu, dynamically
    update the WebProcessCache's size. This is needed because the cache is disabled
    when PSON is disabled.
    
    (WebKit::WebProcessPool::handleMemoryPressureWarning):
    Clear the WebProcess cache on memory pressure.
    
    (WebKit::WebProcessPool::processForNavigationInternal):
    Query the WebProcessCache before attempting to create a new WebProcess for a cross-site
    navigation.
    
    (WebKit::WebProcessPool::findReusableSuspendedPageProcess):
    This logic was split out of processForNavigationInternal() to reduce the size
    of the method.
    
    * UIProcess/WebProcessPool.h:
    * UIProcess/WebProcessProxy.cpp:
    (WebKit::WebProcessProxy::setIsInProcessCache):
    Update the isInProcessCache flag on the WebProcessProxy and send an IPC to the WebContent
    process so that it can update its name in Activity Monitor.
    We also need to stop holding a strong reference to the WebProcessPool whenever the process
    is in the cache, similarly to what we do for pre-warmed processes, given that such processes
    should not keep the process pool alive.
    
    (WebKit::WebProcessProxy::addExistingWebPage):
    Assert that we never try to add a page to a cached process, it should be taken out of the
    cache before use.
    
    (WebKit::WebProcessProxy::hasProvisionalPageWithID const):
    (WebKit::WebProcessProxy::isAllowedToUpdateBackForwardItem const):
    (WebKit::WebProcessProxy::updateBackForwardItem):
    In case of client-side redirects, the previous process would sometimes send an IPC causing
    the UIProcess' backforward list item to get updated with the pre-redirect URL after we've
    already redirected. This previously would be unlikely to occur because we do not suspend
    client-redirect pages and their process would normally exit before getting a chance to send
    the IPC. However, with the process cache, the bug became obvious as the process would stay
    alive and send up the "bad" IPC. To address the issue, we now only let the IPC update the
    item if the item's page is (still) associated with the process. In the future, we may want
    to update the IPC so that it gets sent to the WebPageProxy instead of the WebProcessProxy.
    
    (WebKit::WebProcessProxy::processDidTerminateOrFailedToLaunch):
    If a cached WebProcess crashes, remove it from the cache so that we do not attempt to use
    it for a load later.
    
    (WebKit::WebProcessProxy::canBeAddedToWebProcessCache const):
    Only cache WebProcesses that have loaded a single registrable domain. Also prevent caching
    for service worker and inspector processes.
    
    (WebKit::WebProcessProxy::maybeShutDown):
    If the process is cacheable, add it to the cache instead of shutting it down right away.
    
    (WebKit::WebProcessProxy::canTerminateAuxiliaryProcess):
    Make sure we do not attempt to terminate a processes that is in the cache.
    
    (WebKit::WebProcessProxy::didStartProvisionalLoadForMainFrame):
    Whenever a main frame provisional load starts, make sure we update the process's associated
    registrable domain. nullopt indicates that there is no associated domain yet. Null string
    indicates that the process is associated with several registrable domain and is therefore
    not eligible for caching.
    
    * UIProcess/WebProcessProxy.h:
    (WebKit::WebProcessProxy::registrableDomain const):
    (WebKit::WebProcessProxy::isInProcessCache const):
    (WebKit::WebProcessProxy::provisionalPageCount const):
    Add convenience getters.
    
    * WebKit.xcodeproj/project.pbxproj:
    Add new files to project.
    
    * WebProcess/WebProcess.cpp:
    (WebKit::WebProcess::setIsInProcessCache):
    * WebProcess/WebProcess.h:
    * WebProcess/WebProcess.messages.in:
    * WebProcess/cocoa/WebProcessCocoa.mm:
    (WebKit::WebProcess::updateProcessName):
    Update the WebProcess' name in Activity Monitor whenever it goes into or out of the WebProcess
    cache.
    
    Tools:
    
    Update API tests to turn on the WebContent Process cache.
    
    * TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
    
    git-svn-id: http://svn.webkit.org/repository/webkit/trunk@241556 268f45cc-cd09-0410-ab3c-d52691b4dbfc
    (cherry picked from commit dc197d35fd5d947ff4c81c2e0f5636b9cad36b3c)

    2019-02-14  Chris Dumez  <cdumez@apple.com>

            [PSON] Introduce a WebContent Process cache
            https://bugs.webkit.org/show_bug.cgi?id=194594
            <rdar://problem/46793397>

            Reviewed by Geoff Garen.

            Update localizable strings.

            * en.lproj/Localizable.strings:

2019-02-13  Babak Shafiei  <bshafiei@apple.com>

        Cherry-pick r241499. rdar://problem/48065634

    Crash in DOMTimer::fired
    https://bugs.webkit.org/show_bug.cgi?id=194638
    
    Reviewed by Brent Fulgham.
    
    Source/WebCore:
    
    This patch continues the saga of hunting down timer related crashes after r239814, r225985, r227934.
    
    The crash was caused by the bug that we don't remove a DOMTimer from NestedTimersMap if a DOMTimer
    is created & installed inside another DOMTimer's callback (via execute call in DOMTimer::fired).
    
    Fixed the crash by using a Ref in NestedTimersMap. This will keep the timer alive until we exit
    from DOMTimer::fired. Because DOMTimer::fired always calls stopTracking() which clears the map
    we would not leak these DOM timers.
    
    We could, alternatively, use WeakPtr in NestedTimersMap but that would unnecessarily increase the
    size of DOMTimer for a very marginal benefit of DOMTimer objcets being deleted slightly earlier.
    Deleting itself in DOMTimer's destructor involves more logic & house keeping in the timer code,
    and is no longer the preferred approach when dealing with these classes of bugs in WebKit.
    
    Test: fast/dom/timer-destruction-during-firing.html
    
    * page/DOMTimer.cpp:
    (WebCore::NestedTimersMap::add):
    (WebCore::DOMTimer::install):
    (WebCore::DOMTimer::fired):
    
    LayoutTests:
    
    Added a regression test. It needs debug assertions without the fix.
    
    * fast/dom/timer-destruction-during-firing-expected.txt: Added.
    * fast/dom/timer-destruction-during-firing.html: Added.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241499 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-13  Ryosuke Niwa  <rniwa@webkit.org>

            Crash in DOMTimer::fired
            https://bugs.webkit.org/show_bug.cgi?id=194638

            Reviewed by Brent Fulgham.

            This patch continues the saga of hunting down timer related crashes after r239814, r225985, r227934.

            The crash was caused by the bug that we don't remove a DOMTimer from NestedTimersMap if a DOMTimer
            is created & installed inside another DOMTimer's callback (via execute call in DOMTimer::fired).

            Fixed the crash by using a Ref in NestedTimersMap. This will keep the timer alive until we exit
            from DOMTimer::fired. Because DOMTimer::fired always calls stopTracking() which clears the map
            we would not leak these DOM timers.

            We could, alternatively, use WeakPtr in NestedTimersMap but that would unnecessarily increase the
            size of DOMTimer for a very marginal benefit of DOMTimer objcets being deleted slightly earlier.
            Deleting itself in DOMTimer's destructor involves more logic & house keeping in the timer code,
            and is no longer the preferred approach when dealing with these classes of bugs in WebKit.

            Test: fast/dom/timer-destruction-during-firing.html

            * page/DOMTimer.cpp:
            (WebCore::NestedTimersMap::add):
            (WebCore::DOMTimer::install):
            (WebCore::DOMTimer::fired):

2019-02-13  Babak Shafiei  <bshafiei@apple.com>

        Cherry-pick r241494. rdar://problem/48065624

    AX: Crash in handleMenuOpen
    https://bugs.webkit.org/show_bug.cgi?id=194627
    
    Reviewed by Zalan Bujtas.
    
    Tests run under libGuardMalloc will cause crashes.
    
    This list of objects is a Node list, not an Element list, so we were
    not removing some nodes when they were being deallocated.
    
    * accessibility/AXObjectCache.cpp:
    (WebCore::AXObjectCache::remove):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241494 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-13  Chris Fleizach  <cfleizach@apple.com>

            AX: Crash in handleMenuOpen
            https://bugs.webkit.org/show_bug.cgi?id=194627

            Reviewed by Zalan Bujtas.

            Tests run under libGuardMalloc will cause crashes.

            This list of objects is a Node list, not an Element list, so we were
            not removing some nodes when they were being deallocated.

            * accessibility/AXObjectCache.cpp:
            (WebCore::AXObjectCache::remove):

2019-02-13  Babak Shafiei  <bshafiei@apple.com>

        Cherry-pick r241484. rdar://problem/48065620

    Entering fullscreen inside a shadow root will not set fullscreen pseudoclasses outside of root
    https://bugs.webkit.org/show_bug.cgi?id=194516
    <rdar://problem/44678353>
    
    Reviewed by Antoine Quint.
    
    Source/WebCore:
    
    Test: fast/shadow-dom/fullscreen-in-shadow-full-screen-ancestor.html
    
    When walking up the element ancestor chain, use parentElementInComposedTree() to
    walk past the shadow root boundary.
    
    * dom/Element.cpp:
    (WebCore::parentCrossingFrameBoundaries):
    
    LayoutTests:
    
    * fast/shadow-dom/fullscreen-in-shadow-full-screen-ancestor-expected.txt: Added.
    * fast/shadow-dom/fullscreen-in-shadow-full-screen-ancestor.html: Added.
    * platform/ios-wk2/TestExpectations:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241484 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-13  Jer Noble  <jer.noble@apple.com>

            Entering fullscreen inside a shadow root will not set fullscreen pseudoclasses outside of root
            https://bugs.webkit.org/show_bug.cgi?id=194516
            <rdar://problem/44678353>

            Reviewed by Antoine Quint.

            Test: fast/shadow-dom/fullscreen-in-shadow-full-screen-ancestor.html

            When walking up the element ancestor chain, use parentElementInComposedTree() to
            walk past the shadow root boundary.

            * dom/Element.cpp:
            (WebCore::parentCrossingFrameBoundaries):

2019-02-13  Babak Shafiei  <bshafiei@apple.com>

        Cherry-pick r241480. rdar://problem/48065618

    Further restricting webarchive loads
    https://bugs.webkit.org/show_bug.cgi?id=194567
    <rdar://problem/47610130>
    
    Reviewed by Youenn Fablet.
    
    Source/WebCore:
    
    This patch futher restricts main frame webarchive loads to the followings:
    1) loaded by clients;
    2) loaded by drag;
    3) reloaded from any of the previous two.
    
    It moves setAlwaysAllowLocalWebarchive, which is used for testing only, from Document
    to FrameLoader such that the option is remembered during redirections.
    
    Covered by API tests.
    
    * dom/Document.h:
    (WebCore::Document::setAlwaysAllowLocalWebarchive): Deleted.
    (WebCore::Document::alwaysAllowLocalWebarchive const): Deleted.
    * loader/DocumentLoader.cpp:
    (WebCore::DocumentLoader::disallowWebArchive const):
    * loader/DocumentLoader.h:
    (WebCore::DocumentLoader::setAllowsWebArchiveForMainFrame):
    (WebCore::DocumentLoader::allowsWebArchiveForMainFrame):
    * loader/FrameLoadRequest.h:
    (WebCore::FrameLoadRequest::setIsRequestFromClientOrUserInput):
    (WebCore::FrameLoadRequest::isRequestFromClientOrUserInput):
    * loader/FrameLoader.cpp:
    (WebCore::FrameLoader::load):
    (WebCore::FrameLoader::reload):
    * loader/FrameLoader.h:
    (WebCore::FrameLoader::setAlwaysAllowLocalWebarchive):
    (WebCore::FrameLoader::alwaysAllowLocalWebarchive const):
    * page/DragController.cpp:
    (WebCore::DragController::performDragOperation):
    * testing/Internals.cpp:
    (WebCore::Internals::setAlwaysAllowLocalWebarchive const):
    * testing/Internals.h:
    * testing/Internals.idl:
    
    Source/WebKit:
    
    * WebProcess/WebPage/WebPage.cpp:
    (WebKit::WebPage::loadRequest):
    Set a flag to indicate a load is started from clients.
    
    Tools:
    
    Besides adding API tests, this patch also enhances DragAndDropSimulator to allow
    navigations on drop.
    
    * TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
    * TestWebKitAPI/Tests/mac/LoadWebArchive.mm: Added.
    (-[TestLoadWebArchiveNavigationDelegate webView:didFinishNavigation:]):
    (-[TestLoadWebArchiveNavigationDelegate webView:didFailProvisionalNavigation:withError:]):
    (-[TestLoadWebArchiveNavigationDelegate webView:createWebViewWithConfiguration:forNavigationAction:windowFeatures:]):
    (TestWebKitAPI::TEST):
    * TestWebKitAPI/Tests/mac/helloworld.webarchive: Added.
    * TestWebKitAPI/Tests/mac/load-web-archive-1.html: Added.
    * TestWebKitAPI/Tests/mac/load-web-archive-2.html: Added.
    * TestWebKitAPI/cocoa/DragAndDropSimulator.h:
    * TestWebKitAPI/mac/DragAndDropSimulatorMac.mm:
    (-[DragAndDropSimulator initWithWebViewFrame:configuration:]):
    (-[DragAndDropSimulator _webView:dragDestinationActionMaskForDraggingInfo:]):
    
    LayoutTests:
    
    * platform/mac/fast/loader/webarchive-encoding-respected.html:
    * webarchive/loading/cache-expired-subresource.html:
    * webarchive/loading/javascript-url-iframe-crash.html:
    * webarchive/loading/mainresource-null-mimetype-crash.html:
    * webarchive/loading/missing-data.html:
    * webarchive/loading/object.html:
    * webarchive/loading/test-loading-archive-subresource-null-mimetype.html:
    * webarchive/loading/test-loading-archive-subresource.html:
    * webarchive/loading/test-loading-archive.html:
    * webarchive/loading/test-loading-top-archive.html:
    * webarchive/loading/video-in-webarchive.html:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241480 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-12  Jiewen Tan  <jiewen_tan@apple.com>

            Further restricting webarchive loads
            https://bugs.webkit.org/show_bug.cgi?id=194567
            <rdar://problem/47610130>

            Reviewed by Youenn Fablet.

            This patch futher restricts main frame webarchive loads to the followings:
            1) loaded by clients;
            2) loaded by drag;
            3) reloaded from any of the previous two.

            It moves setAlwaysAllowLocalWebarchive, which is used for testing only, from Document
            to FrameLoader such that the option is remembered during redirections.

            Covered by API tests.

            * dom/Document.h:
            (WebCore::Document::setAlwaysAllowLocalWebarchive): Deleted.
            (WebCore::Document::alwaysAllowLocalWebarchive const): Deleted.
            * loader/DocumentLoader.cpp:
            (WebCore::DocumentLoader::disallowWebArchive const):
            * loader/DocumentLoader.h:
            (WebCore::DocumentLoader::setAllowsWebArchiveForMainFrame):
            (WebCore::DocumentLoader::allowsWebArchiveForMainFrame):
            * loader/FrameLoadRequest.h:
            (WebCore::FrameLoadRequest::setIsRequestFromClientOrUserInput):
            (WebCore::FrameLoadRequest::isRequestFromClientOrUserInput):
            * loader/FrameLoader.cpp:
            (WebCore::FrameLoader::load):
            (WebCore::FrameLoader::reload):
            * loader/FrameLoader.h:
            (WebCore::FrameLoader::setAlwaysAllowLocalWebarchive):
            (WebCore::FrameLoader::alwaysAllowLocalWebarchive const):
            * page/DragController.cpp:
            (WebCore::DragController::performDragOperation):
            * testing/Internals.cpp:
            (WebCore::Internals::setAlwaysAllowLocalWebarchive const):
            * testing/Internals.h:
            * testing/Internals.idl:

2019-02-13  Babak Shafiei  <bshafiei@apple.com>

        Cherry-pick r241479. rdar://problem/48065642

    Null-deref crash at SourceBufferPrivateAVFObjC::outputObscuredDueToInsufficientExternalProtectionChanged()
    https://bugs.webkit.org/show_bug.cgi?id=194613
    <rdar://problem/48023912>
    
    Reviewed by Eric Carlson.
    
    * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
    (WebCore::SourceBufferPrivateAVFObjC::outputObscuredDueToInsufficientExternalProtectionChanged):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241479 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-13  Jer Noble  <jer.noble@apple.com>

            Null-deref crash at SourceBufferPrivateAVFObjC::outputObscuredDueToInsufficientExternalProtectionChanged()
            https://bugs.webkit.org/show_bug.cgi?id=194613
            <rdar://problem/48023912>

            Reviewed by Eric Carlson.

            * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
            (WebCore::SourceBufferPrivateAVFObjC::outputObscuredDueToInsufficientExternalProtectionChanged):

2019-02-13  Babak Shafiei  <bshafiei@apple.com>

        Cherry-pick r241437. rdar://problem/48065626

    [Cocoa] Switch to CVPixelBufferGetBytesPerRow() for calculating CVPixelBuffer base address size.
    https://bugs.webkit.org/show_bug.cgi?id=194580
    <rdar://problem/42727739>
    
    Reviewed by Eric Carlson.
    
    * platform/cocoa/CoreVideoSoftLink.cpp:
    * platform/cocoa/CoreVideoSoftLink.h:
    * platform/graphics/cv/PixelBufferConformerCV.cpp:
    (WebCore::CVPixelBufferGetBytePointerCallback):
    (WebCore::PixelBufferConformerCV::createImageFromPixelBuffer):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241437 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-13  Jer Noble  <jer.noble@apple.com>

            [Cocoa] Switch to CVPixelBufferGetBytesPerRow() for calculating CVPixelBuffer base address size.
            https://bugs.webkit.org/show_bug.cgi?id=194580
            <rdar://problem/42727739>

            Reviewed by Eric Carlson.

            * platform/cocoa/CoreVideoSoftLink.cpp:
            * platform/cocoa/CoreVideoSoftLink.h:
            * platform/graphics/cv/PixelBufferConformerCV.cpp:
            (WebCore::CVPixelBufferGetBytePointerCallback):
            (WebCore::PixelBufferConformerCV::createImageFromPixelBuffer):

2019-02-13  Alan Coon  <alancoon@apple.com>

        Cherry-pick r241319. rdar://problem/48015672

    Source/WebCore:
    Remove setDefersLoading infrastructure from WebKit2
    https://bugs.webkit.org/show_bug.cgi?id=194506
    
    Patch by Alex Christensen <achristensen@webkit.org> on 2019-02-12
    Reviewed by Brady Eidson.
    
    setDefersLoading is inherently racy from WebCore to the NetworkProcess,
    it adds unwanted complexity to the initialization and use of network objects,
    and it has led to many unrecoverable hang bugs over the years.
    We needed to force it into WebKit2 to transition some existing clients who relied on it,
    but we have recently finished transitioning those clients to other solutions, mostly
    completion handlers.
    
    * inspector/PageScriptDebugServer.cpp:
    (WebCore::PageScriptDebugServer::setJavaScriptPaused):
    
    LayoutTests:
    BitmapRenderer should handle existing ImageBuffers
    https://bugs.webkit.org/show_bug.cgi?id=194555
    <rdar://problem/47857150>
    
    Reviewed by Tim Horton.
    
    Test that creates a canvas, triggers an ImageBuffer to be created, then
    creates the bitmaprenderer context.
    
    * fast/canvas/bitmaprenderer-created-after-toBlob-expected.txt: Added.
    * fast/canvas/bitmaprenderer-created-after-toBlob.html: Added.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241319 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-12  Dean Jackson  <dino@apple.com>

        BitmapRenderer should handle existing ImageBuffers
        https://bugs.webkit.org/show_bug.cgi?id=194555
        <rdar://problem/47857150>

        Reviewed by Tim Horton.

        Our logic in ImageBitmapRenderingContext assumed that
        it had always created the ImageBuffer being used. However, it's
        valid to call something like toBlob() or toDataURL() before creating
        a context, so we need to handle the case where an ImageBuffer
        already exists.

        Test: fast/canvas/bitmaprenderer-created-after-toBlob.html

        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::createImageBuffer const): Move some logic into setImageBuffer.
        (WebCore::HTMLCanvasElement::setImageBuffer const): Make sure to clear the state saver.

2019-02-13  Alan Coon  <alancoon@apple.com>

        Cherry-pick r241300. rdar://problem/48016008

    Add some null checks in JSNodeCustom.h's root() and generated isReachableFromOpaqueRoots() functions.
    https://bugs.webkit.org/show_bug.cgi?id=194530
    <rdar://problem/47973274>
    
    Reviewed by Chris Dumez.
    
    This is needed to fix a null pointer dereference that arises from the following scenario:
    1. a Document detaches from its StyleSheetList.
    2. the JSStyleSheetList that is associated with the detached StyleSheetList has yet
       to be scanned and collected by the GC.
    3. the GC eventually looks for the opaque root of the StyleSheetList's owner, and
       discovers a null owner pointer.
    
    This patch fixes this issue by applying the following null checks:
    
    1. Add a null check in JSNodeCustom.h's root().
    
       root() is called from a isReachableFromOpaqueRoots() generated by CodeGeneratorJS.pm.
       isReachableFromOpaqueRoots() calls a ownerNode() method and passes its result
       to root().  However, depending on which class the ownerNode() method belongs to,
       it can either return a pointer or a reference.  The null check only makes sense
       in the pointer case.
    
       To accommodate the 2 forms, root() itself is has an overload that takes a
       reference instead of a pointer.
    
       Since CodeGeneratorJS.pm can't tell what the generated class' ownerNode()
       returns, it can't discern when the result is a pointer and apply the null check.
       Instead, we just add the null check to the version of root() that takes a
       pointer.  If the node pointer is null, we'll return a null opaque root.
    
    2. Fix CodeGeneratorJS.pm to null check the opaque root before using it.
    
    * bindings/js/JSNodeCustom.h:
    (WebCore::root):
    * bindings/scripts/CodeGeneratorJS.pm:
    (GenerateImplementation):
    * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
    (WebCore::JSTestGenerateIsReachableOwner::isReachableFromOpaqueRoots):
    
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241300 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-12  Mark Lam  <mark.lam@apple.com>

            Add some null checks in JSNodeCustom.h's root() and generated isReachableFromOpaqueRoots() functions.
            https://bugs.webkit.org/show_bug.cgi?id=194530
            <rdar://problem/47973274>

            Reviewed by Chris Dumez.

            This is needed to fix a null pointer dereference that arises from the following scenario:
            1. a Document detaches from its StyleSheetList.
            2. the JSStyleSheetList that is associated with the detached StyleSheetList has yet
               to be scanned and collected by the GC.
            3. the GC eventually looks for the opaque root of the StyleSheetList's owner, and
               discovers a null owner pointer.

            This patch fixes this issue by applying the following null checks:

            1. Add a null check in JSNodeCustom.h's root().

               root() is called from a isReachableFromOpaqueRoots() generated by CodeGeneratorJS.pm.
               isReachableFromOpaqueRoots() calls a ownerNode() method and passes its result
               to root().  However, depending on which class the ownerNode() method belongs to,
               it can either return a pointer or a reference.  The null check only makes sense
               in the pointer case.

               To accommodate the 2 forms, root() itself is has an overload that takes a
               reference instead of a pointer.

               Since CodeGeneratorJS.pm can't tell what the generated class' ownerNode()
               returns, it can't discern when the result is a pointer and apply the null check.
               Instead, we just add the null check to the version of root() that takes a
               pointer.  If the node pointer is null, we'll return a null opaque root.

            2. Fix CodeGeneratorJS.pm to null check the opaque root before using it.

            * bindings/js/JSNodeCustom.h:
            (WebCore::root):
            * bindings/scripts/CodeGeneratorJS.pm:
            (GenerateImplementation):
            * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
            (WebCore::JSTestGenerateIsReachableOwner::isReachableFromOpaqueRoots):

2019-02-13  Alan Coon  <alancoon@apple.com>

        Cherry-pick r241296. rdar://problem/48015654

    Crash in WebCore::ScrollingTree::updateTreeFromStateNode
    https://bugs.webkit.org/show_bug.cgi?id=194538
    <rdar://problem/47841926>
    
    Reviewed by Zalan Bujtas.
    
    * page/scrolling/ScrollingTree.cpp:
    (WebCore::ScrollingTree::updateTreeFromStateNode):
    
    Make sure we don't leave node entry behind in m_nodeMap in case we failed to add it to the parent.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241296 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-12  Antti Koivisto  <antti@apple.com>

            Crash in WebCore::ScrollingTree::updateTreeFromStateNode
            https://bugs.webkit.org/show_bug.cgi?id=194538
            <rdar://problem/47841926>

            Reviewed by Zalan Bujtas.

            * page/scrolling/ScrollingTree.cpp:
            (WebCore::ScrollingTree::updateTreeFromStateNode):

            Make sure we don't leave node entry behind in m_nodeMap in case we failed to add it to the parent.

2019-02-13  Alan Coon  <alancoon@apple.com>

        Cherry-pick r241289. rdar://problem/48015662

    AXObjectCache::childrenChanged shouldn't update layout or style during another style recalc
    https://bugs.webkit.org/show_bug.cgi?id=182280
    <rdar://problem/37018386>
    
    Reviewed by Alan Bujtas.
    
    Source/WebCore:
    
    Remove the possibility that changing children calls back into updating layout by
    handling children changes in a deferred manner.
    
    This follows the same architecture as many other deferred changes, but also requires us to check deferred changes
    in updateBackingStore, because things like aria-hidden changes won't trigger a layout, but will require us to update children.
    
    A few tests had to be modified to no longer change the tree and then check the children immediately. 
    
    * accessibility/AXObjectCache.cpp:
    (WebCore::AXObjectCache::remove):
    (WebCore::AXObjectCache::childrenChanged):
    (WebCore::AXObjectCache::prepareForDocumentDestruction):
    (WebCore::AXObjectCache::performDeferredCacheUpdate):
    * accessibility/AXObjectCache.h:
    * accessibility/AccessibilityObject.cpp:
    (WebCore::AccessibilityObject::updateBackingStore):
    * accessibility/mac/WebAccessibilityObjectWrapperBase.mm:
    (convertToNSArray):
    (-[WebAccessibilityObjectWrapperBase updateObjectBackingStore]):
    
    LayoutTests:
    
    * accessibility/aria-hidden-update.html:
    * accessibility/aria-hidden-updates-alldescendants.html:
    * accessibility/image-load-on-delay.html:
    * accessibility/mac/aria-hidden-changes-for-non-ignored-elements.html:
    * accessibility/removed-anonymous-block-child-causes-crash.html:
    
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241289 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-08  Chris Fleizach  <cfleizach@apple.com>

            AXObjectCache::childrenChanged shouldn't update layout or style during another style recalc
            https://bugs.webkit.org/show_bug.cgi?id=182280
            <rdar://problem/37018386>

            Reviewed by Alan Bujtas.

            Remove the possibility that changing children calls back into updating layout by
            handling children changes in a deferred manner.

            This follows the same architecture as many other deferred changes, but also requires us to check deferred changes
            in updateBackingStore, because things like aria-hidden changes won't trigger a layout, but will require us to update children.

            A few tests had to be modified to no longer change the tree and then check the children immediately.

            * accessibility/AXObjectCache.cpp:
            (WebCore::AXObjectCache::remove):
            (WebCore::AXObjectCache::childrenChanged):
            (WebCore::AXObjectCache::prepareForDocumentDestruction):
            (WebCore::AXObjectCache::performDeferredCacheUpdate):
            * accessibility/AXObjectCache.h:
            * accessibility/AccessibilityObject.cpp:
            (WebCore::AccessibilityObject::updateBackingStore):
            * accessibility/mac/WebAccessibilityObjectWrapperBase.mm:
            (convertToNSArray):
            (-[WebAccessibilityObjectWrapperBase updateObjectBackingStore]):

2019-02-13  Alan Coon  <alancoon@apple.com>

        Cherry-pick r241288. rdar://problem/47992210

    [Cocoa] Ask platform for generic font family mappings
    https://bugs.webkit.org/show_bug.cgi?id=187723
    <rdar://problem/41892438>
    
    Reviewed by Brent Fulgham.
    
    Source/WebCore:
    
    WebKit API allows setting the generic font families for the USCRIPT_COMMON script.
    When trying to style a character with a generic font family, we first look to see if
    we have a mapping for the particular script the character is rendered with, and if we
    don't find a match, we then check USCRIPT_COMMON.
    
    In the Cocoa ports, the only way families get set for non-USCRIPT_COMMON scripts (aka
    the only scripts which won't use the API families) is in
    SettingsBase::initializeDefaultFontFamilies(). That function only sets the families
    for the CJK scripts.
    
    The mappings inside SettingsBase are incorrect and conflict with our policy regarding
    user-installed fonts. Instead, we should be consulting with the platform for some of
    these mappings, by calling CTFontDescriptorCreateForCSSFamily(). However, the WebKit
    API still has to work to set the mappings for untagged content. Therefore, we use the
    system mappings for language-tagged content, and the API mappings for non-language-tagged
    content. This is a good balance that makes sure we always have a good mapping for every
    language, but API clients can still set the mappings, too.
    
    Test: fast/text/ja-sans-serif.html
    
    * css/CSSComputedStyleDeclaration.cpp:
    * css/CSSFontSelector.cpp:
    (WebCore::resolveGenericFamily):
    * css/parser/CSSPropertyParser.cpp:
    (WebCore::consumeFontFamily):
    * page/cocoa/SettingsBaseCocoa.mm:
    (WebCore::SettingsBase::initializeDefaultFontFamilies):
    (WebCore::osakaMonoIsInstalled): Deleted.
    * platform/graphics/FontDescription.cpp:
    (WebCore::FontDescription::platformResolveGenericFamily):
    * platform/graphics/FontDescription.h:
    * platform/graphics/cocoa/FontDescriptionCocoa.cpp:
    (WebCore::computeSpecializedChineseLocale):
    (WebCore::cachedSpecializedChineseLocale):
    (WebCore::languageChanged):
    (WebCore::FontDescription::platformResolveGenericFamily):
    * platform/graphics/cocoa/SystemFontDatabaseCoreText.cpp:
    (WebCore::SystemFontDatabaseCoreText::clear):
    (WebCore::genericFamily):
    (WebCore::SystemFontDatabaseCoreText::serifFamily):
    (WebCore::SystemFontDatabaseCoreText::sansSerifFamily):
    (WebCore::SystemFontDatabaseCoreText::cursiveFamily):
    (WebCore::SystemFontDatabaseCoreText::fantasyFamily):
    (WebCore::SystemFontDatabaseCoreText::monospaceFamily):
    * platform/graphics/cocoa/SystemFontDatabaseCoreText.h:
    
    Source/WebCore/PAL:
    
    * pal/spi/cocoa/CoreTextSPI.h:
    
    Source/WTF:
    
    Add an ENABLE in Platform.
    
    * wtf/Platform.h:
    
    Tools:
    
    Allow testing infrastructure to use fonts that are returned from CTFontDescriptorCreateForCSSFamily().
    
    * DumpRenderTree/mac/DumpRenderTree.mm:
    (allowedFontFamilySet):
    * WebKitTestRunner/mac/TestControllerMac.mm:
    (WTR::allowedFontFamilySet):
    
    LayoutTests:
    
    Update the tests to work with this new model.
    
    * fast/text/international/font-fallback-to-common-script-expected.html: Removed.
    * fast/text/international/font-fallback-to-common-script.html: Removed.
    * fast/text/international/lang-sensitive-fonts-expected.html:
    * fast/text/international/lang-sensitive-fonts-xml-expected.html:
    * fast/text/international/lang-sensitive-fonts-xml.xhtml:
    * fast/text/international/lang-sensitive-fonts.html:
    * fast/text/international/locale-sensitive-fonts-expected.html:
    * fast/text/international/locale-sensitive-fonts.html:
    * fast/text/ja-sans-serif-expected-mismatch.html: Added.
    * fast/text/ja-sans-serif.html: Added.
    * platform/ios/fast/block/float/016-expected.txt:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241288 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-11  Myles C. Maxfield  <mmaxfield@apple.com>

            [Cocoa] Ask platform for generic font family mappings
            https://bugs.webkit.org/show_bug.cgi?id=187723
            <rdar://problem/41892438>

            Reviewed by Brent Fulgham.

            WebKit API allows setting the generic font families for the USCRIPT_COMMON script.
            When trying to style a character with a generic font family, we first look to see if
            we have a mapping for the particular script the character is rendered with, and if we
            don't find a match, we then check USCRIPT_COMMON.

            In the Cocoa ports, the only way families get set for non-USCRIPT_COMMON scripts (aka
            the only scripts which won't use the API families) is in
            SettingsBase::initializeDefaultFontFamilies(). That function only sets the families
            for the CJK scripts.

            The mappings inside SettingsBase are incorrect and conflict with our policy regarding
            user-installed fonts. Instead, we should be consulting with the platform for some of
            these mappings, by calling CTFontDescriptorCreateForCSSFamily(). However, the WebKit
            API still has to work to set the mappings for untagged content. Therefore, we use the
            system mappings for language-tagged content, and the API mappings for non-language-tagged
            content. This is a good balance that makes sure we always have a good mapping for every
            language, but API clients can still set the mappings, too.

            Test: fast/text/ja-sans-serif.html

            * css/CSSComputedStyleDeclaration.cpp:
            * css/CSSFontSelector.cpp:
            (WebCore::resolveGenericFamily):
            * css/parser/CSSPropertyParser.cpp:
            (WebCore::consumeFontFamily):
            * page/cocoa/SettingsBaseCocoa.mm:
            (WebCore::SettingsBase::initializeDefaultFontFamilies):
            (WebCore::osakaMonoIsInstalled): Deleted.
            * platform/graphics/FontDescription.cpp:
            (WebCore::FontDescription::platformResolveGenericFamily):
            * platform/graphics/FontDescription.h:
            * platform/graphics/cocoa/FontDescriptionCocoa.cpp:
            (WebCore::computeSpecializedChineseLocale):
            (WebCore::cachedSpecializedChineseLocale):
            (WebCore::languageChanged):
            (WebCore::FontDescription::platformResolveGenericFamily):
            * platform/graphics/cocoa/SystemFontDatabaseCoreText.cpp:
            (WebCore::SystemFontDatabaseCoreText::clear):
            (WebCore::genericFamily):
            (WebCore::SystemFontDatabaseCoreText::serifFamily):
            (WebCore::SystemFontDatabaseCoreText::sansSerifFamily):
            (WebCore::SystemFontDatabaseCoreText::cursiveFamily):
            (WebCore::SystemFontDatabaseCoreText::fantasyFamily):
            (WebCore::SystemFontDatabaseCoreText::monospaceFamily):
            * platform/graphics/cocoa/SystemFontDatabaseCoreText.h:

2019-02-13  Alan Coon  <alancoon@apple.com>

        Cherry-pick r241231. rdar://problem/47971603

    [Cocoa] CTLineGetGlyphRuns() might return nullptr
    https://bugs.webkit.org/show_bug.cgi?id=194467
    <rdar://problem/42423999>
    
    Reviewed by Simon Fraser.
    
    Be somewhat defensive to try to make sure this sort of thing doesn't happen in the future.
    
    Covered by find/text/find-backwards.html
    
    * platform/graphics/mac/ComplexTextControllerCoreText.mm:
    (WebCore::ComplexTextController::collectComplexTextRunsForCharacters):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241231 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-08  Myles C. Maxfield  <mmaxfield@apple.com>

            [Cocoa] CTLineGetGlyphRuns() might return nullptr
            https://bugs.webkit.org/show_bug.cgi?id=194467
            <rdar://problem/42423999>

            Reviewed by Simon Fraser.

            Be somewhat defensive to try to make sure this sort of thing doesn't happen in the future.

            Covered by find/text/find-backwards.html

            * platform/graphics/mac/ComplexTextControllerCoreText.mm:
            (WebCore::ComplexTextController::collectComplexTextRunsForCharacters):

2019-02-13  Alan Coon  <alancoon@apple.com>

        Cherry-pick r241203. rdar://problem/47971610

    [WebVTT] Inline WebVTT styles should start with '::cue'
    https://bugs.webkit.org/show_bug.cgi?id=194227
    <rdar://problem/47791087>
    
    Reviewed by Eric Carlson.
    
    Source/WebCore:
    
    Check that the CSS string starts with '::cue' and is successfully parsed before adding it
    to the CSS stylesheet list. Also, the caption preferences CSS string should start with
    '::cue', since it is added inside the video shadow root element.
    
    Test: media/track/track-cue-css.html
    
    * html/track/WebVTTParser.cpp:
    (WebCore::WebVTTParser::checkAndStoreStyleSheet):
    * page/CaptionUserPreferencesMediaAF.cpp:
    (WebCore::CaptionUserPreferencesMediaAF::captionsStyleSheetOverride const):
    
    LayoutTests:
    
    * media/track/captions-webvtt/css-styling.vtt:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241203 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-08  Per Arne Vollan  <pvollan@apple.com>

            [WebVTT] Inline WebVTT styles should start with '::cue'
            https://bugs.webkit.org/show_bug.cgi?id=194227
            <rdar://problem/47791087>

            Reviewed by Eric Carlson.

            Check that the CSS string starts with '::cue' and is successfully parsed before adding it
            to the CSS stylesheet list. Also, the caption preferences CSS string should start with
            '::cue', since it is added inside the video shadow root element.

            Test: media/track/track-cue-css.html

            * html/track/WebVTTParser.cpp:
            (WebCore::WebVTTParser::checkAndStoreStyleSheet):
            * page/CaptionUserPreferencesMediaAF.cpp:
            (WebCore::CaptionUserPreferencesMediaAF::captionsStyleSheetOverride const):

2019-02-13  Alan Coon  <alancoon@apple.com>

        Cherry-pick r241200. rdar://problem/47971541

    Running RTCRtpSender.getCapabilities("video") before initial offer breaks VP8
    https://bugs.webkit.org/show_bug.cgi?id=194380
    <rdar://problem/47916514>
    
    Reviewed by Eric Carlson.
    
    Source/WebCore:
    
    Set whether VP8 is supported at creation of the page.
    This ensures that any call creating a peer connection factory will end up supporting the runtime flag configuration.
    
    Add internal API to enable resetting the factory to enable proper testing.
    
    Covered by updated test.
    
    * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
    (WebCore::createLibWebRTCPeerConnectionBackend):
    * page/Page.cpp:
    (WebCore::m_applicationManifest):
    * platform/mediastream/libwebrtc/LibWebRTCProvider.h:
    * testing/Internals.cpp:
    (WebCore::Internals::clearPeerConnectionFactory):
    * testing/Internals.h:
    * testing/Internals.idl:
    
    LayoutTests:
    
    * webrtc/video-mute-vp8-expected.txt:
    * webrtc/video-mute-vp8.html:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241200 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-08  Youenn Fablet  <youenn@apple.com>

            Running RTCRtpSender.getCapabilities("video") before initial offer breaks VP8
            https://bugs.webkit.org/show_bug.cgi?id=194380
            <rdar://problem/47916514>

            Reviewed by Eric Carlson.

            Set whether VP8 is supported at creation of the page.
            This ensures that any call creating a peer connection factory will end up supporting the runtime flag configuration.

            Add internal API to enable resetting the factory to enable proper testing.

            Covered by updated test.

            * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
            (WebCore::createLibWebRTCPeerConnectionBackend):
            * page/Page.cpp:
            (WebCore::m_applicationManifest):
            * platform/mediastream/libwebrtc/LibWebRTCProvider.h:
            * testing/Internals.cpp:
            (WebCore::Internals::clearPeerConnectionFactory):
            * testing/Internals.h:
            * testing/Internals.idl:

2019-02-13  Alan Coon  <alancoon@apple.com>

        Cherry-pick r241198. rdar://problem/47971587

    [WebIDL] Support serializing sequences and FrozenArrays of non-interfaces
    https://bugs.webkit.org/show_bug.cgi?id=190997
    <rdar://problem/35983035>
    
    Reviewed by Brent Fulgham.
    
    Source/WebCore:
    
    Support serializing sequences and FrozenArrays of types that aren't interfaces. This is
    needed to properly serialize PaymentAddress, which has a FrozenArray of DOMStrings.
    
    We should support serializing sequences of interfaces too, but that's slightly more
    complicated since it involves iterating the sequence and serializing each of its items. I
    left that as a follow-up task, since I don't see any IDLs that currently need this.
    
    We also don't support serializing sequences with the CachedAttribute or CustomGetter
    extended attributes, because WebIDL specifies that a new array should be created when
    converting an IDL sequence into an ECMAScript value.
    
    Added bindings test cases to TestSerialization.idl and PaymentAddress test cases to
    http/tests/paymentrequest/payment-address-attributes-and-toJSON-method.https.html.
    
    * bindings/scripts/CodeGenerator.pm:
    (GetInterfaceForType): Renamed from GetInterfaceForAttribute.
    (IsSerializableType): Modified to allow sequences and FrozenArrays of non-interface types.
    (hasCachedAttributeOrCustomGetterExtendedAttribute): Added a helper to determine if an
    attribute has the CachedAttribute or CustomGetter extended attributes.
    (IsSerializableAttribute): Checked for sequences with the CachedAttribute or CustomGetter
    extended attributes before calling IsSerializableType.
    (GetInterfaceForAttribute): Renamed to GetInterfaceForType.
    * bindings/scripts/test/JS/JSTestSerialization.cpp:
    * bindings/scripts/test/TestSerialization.idl:
    
    LayoutTests:
    
    * http/tests/paymentrequest/payment-address-attributes-and-toJSON-method.https.html:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241198 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-08  Andy Estes  <aestes@apple.com>

            [WebIDL] Support serializing sequences and FrozenArrays of non-interfaces
            https://bugs.webkit.org/show_bug.cgi?id=190997
            <rdar://problem/35983035>

            Reviewed by Brent Fulgham.

            Support serializing sequences and FrozenArrays of types that aren't interfaces. This is
            needed to properly serialize PaymentAddress, which has a FrozenArray of DOMStrings.

            We should support serializing sequences of interfaces too, but that's slightly more
            complicated since it involves iterating the sequence and serializing each of its items. I
            left that as a follow-up task, since I don't see any IDLs that currently need this.

            We also don't support serializing sequences with the CachedAttribute or CustomGetter
            extended attributes, because WebIDL specifies that a new array should be created when
            converting an IDL sequence into an ECMAScript value.

            Added bindings test cases to TestSerialization.idl and PaymentAddress test cases to
            http/tests/paymentrequest/payment-address-attributes-and-toJSON-method.https.html.

            * bindings/scripts/CodeGenerator.pm:
            (GetInterfaceForType): Renamed from GetInterfaceForAttribute.
            (IsSerializableType): Modified to allow sequences and FrozenArrays of non-interface types.
            (hasCachedAttributeOrCustomGetterExtendedAttribute): Added a helper to determine if an
            attribute has the CachedAttribute or CustomGetter extended attributes.
            (IsSerializableAttribute): Checked for sequences with the CachedAttribute or CustomGetter
            extended attributes before calling IsSerializableType.
            (GetInterfaceForAttribute): Renamed to GetInterfaceForType.
            * bindings/scripts/test/JS/JSTestSerialization.cpp:
            * bindings/scripts/test/TestSerialization.idl:

2019-02-13  Alan Coon  <alancoon@apple.com>

        Cherry-pick r241352. rdar://problem/48038900

    Release assert in PolicyCheckIdentifier::isValidFor via WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction
    https://bugs.webkit.org/show_bug.cgi?id=194582
    
    Reviewed by Antti Koivisto.
    
    Source/WebCore:
    
    Check the zero-ness of m_policyCheck first so that we can differentiate process ID being wrong
    from the non-generated identifier being sent to us as it was the case in this failure.
    
    * loader/PolicyChecker.cpp:
    (WebCore::PolicyCheckIdentifier::isValidFor):
    
    Source/WebKit:
    
    The bug was caused by WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction invoking the callback
    with responseIdentifier even when we had failed to send the policy check IPC. Clearly, responseIdentifier
    is invalid in that case, and we should be using requestIdentifier instead.
    
    Unfortunately no new tests since I'm not aware of a way to make sendSync fail in this case.
    
    * WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
    (WebKit::WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241352 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-13  Ryosuke Niwa  <rniwa@webkit.org>

            Release assert in PolicyCheckIdentifier::isValidFor via WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction
            https://bugs.webkit.org/show_bug.cgi?id=194582

            Reviewed by Antti Koivisto.

            Check the zero-ness of m_policyCheck first so that we can differentiate process ID being wrong
            from the non-generated identifier being sent to us as it was the case in this failure.

            * loader/PolicyChecker.cpp:
            (WebCore::PolicyCheckIdentifier::isValidFor):

2019-02-07  Babak Shafiei  <bshafiei@apple.com>

        Cherry-pick r241170. rdar://problem/47909341

    REGRESSION(r239887): Crash under IDBConnectionToClient::didDeleteDatabase(WebCore::IDBResultData const&)
    https://bugs.webkit.org/show_bug.cgi?id=194402
    <rdar://problem/47858241>
    
    Reviewed by Geoffrey Garen.
    
    r239887 removed a reference cycle of IDBConnectionToClient so that IDBConnectionToClient would no longer be
    around forever. Therefore, ServerOpenRequest should keep a reference to IDBConnectionToClient to make sure it
    is valid during access.
    
    * Modules/indexeddb/server/ServerOpenDBRequest.cpp:
    (WebCore::IDBServer::ServerOpenDBRequest::maybeNotifyRequestBlocked):
    (WebCore::IDBServer::ServerOpenDBRequest::notifyDidDeleteDatabase):
    * Modules/indexeddb/server/ServerOpenDBRequest.h:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241170 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-07  Sihui Liu  <sihui_liu@apple.com>

            REGRESSION(r239887): Crash under IDBConnectionToClient::didDeleteDatabase(WebCore::IDBResultData const&)
            https://bugs.webkit.org/show_bug.cgi?id=194402
            <rdar://problem/47858241>

            Reviewed by Geoffrey Garen.

            r239887 removed a reference cycle of IDBConnectionToClient so that IDBConnectionToClient would no longer be
            around forever. Therefore, ServerOpenRequest should keep a reference to IDBConnectionToClient to make sure it
            is valid during access.

            * Modules/indexeddb/server/ServerOpenDBRequest.cpp:
            (WebCore::IDBServer::ServerOpenDBRequest::maybeNotifyRequestBlocked):
            (WebCore::IDBServer::ServerOpenDBRequest::notifyDidDeleteDatabase):
            * Modules/indexeddb/server/ServerOpenDBRequest.h:

2019-02-07  Babak Shafiei  <bshafiei@apple.com>

        Cherry-pick r241150. rdar://problem/47908154

    Overflow element scrollbar is light for dark mode content.
    https://bugs.webkit.org/show_bug.cgi?id=194407
    rdar://problem/45991585
    
    Reviewed by Beth Dakin.
    
    Source/WebCore:
    
    Tested by css-dark-mode/supported-color-schemes-scrollbar.html.
    
    * page/ChromeClient.h:
    (WebCore::FrameView::preferredScrollbarOverlayStyle): Return WTF::nullopt by default to avoid
    short-circuiting auto detection in recalculateScrollbarOverlayStyle() for clients, like WK1,
    that do not implement preferredScrollbarOverlayStyle().
    * page/FrameView.cpp:
    (WebCore::FrameView::recalculateScrollbarOverlayStyle): Use WTF::nullopt in the false case
    to auto detect overlay style when page() is null.
    * rendering/RenderLayer.cpp:
    (WebCore::RenderLayer::useDarkAppearance const): Added.
    * rendering/RenderLayer.h:
    * testing/Internals.cpp:
    (WebCore::Internals::scrollbarOverlayStyle const): Added Node argument.
    (WebCore::Internals::scrollbarUsingDarkAppearance const): Added.
    * testing/Internals.h:
    * testing/Internals.idl:
    
    LayoutTests:
    
    Updated tests to look at overflow elements and if dark apearance
    is used by the scrollbar directly.
    
    * css-dark-mode/supported-color-schemes-scrollbar-expected.txt:
    * css-dark-mode/supported-color-schemes-scrollbar.html:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241150 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-07  Timothy Hatcher  <timothy@apple.com>

            Overflow element scrollbar is light for dark mode content.
            https://bugs.webkit.org/show_bug.cgi?id=194407
            rdar://problem/45991585

            Reviewed by Beth Dakin.

            Tested by css-dark-mode/supported-color-schemes-scrollbar.html.

            * page/ChromeClient.h:
            (WebCore::FrameView::preferredScrollbarOverlayStyle): Return WTF::nullopt by default to avoid
            short-circuiting auto detection in recalculateScrollbarOverlayStyle() for clients, like WK1,
            that do not implement preferredScrollbarOverlayStyle().
            * page/FrameView.cpp:
            (WebCore::FrameView::recalculateScrollbarOverlayStyle): Use WTF::nullopt in the false case
            to auto detect overlay style when page() is null.
            * rendering/RenderLayer.cpp:
            (WebCore::RenderLayer::useDarkAppearance const): Added.
            * rendering/RenderLayer.h:
            * testing/Internals.cpp:
            (WebCore::Internals::scrollbarOverlayStyle const): Added Node argument.
            (WebCore::Internals::scrollbarUsingDarkAppearance const): Added.
            * testing/Internals.h:
            * testing/Internals.idl:

2019-02-07  Alan Coon  <alancoon@apple.com>

        Cherry-pick r240710. rdar://problem/47776353

    AX: Support color well on iOS
    https://bugs.webkit.org/show_bug.cgi?id=194010
    
    Reviewed by Joanmarie Diggs.
    
    Source/WebCore:
    
    Test: accessibility/ios-simulator/color-well.html
    
    Add support for color well on iOS.
    
    * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
    (-[WebAccessibilityObjectWrapper accessibilityCanFuzzyHitTest]):
    (-[WebAccessibilityObjectWrapper determineIsAccessibilityElement]):
    (-[WebAccessibilityObjectWrapper accessibilityRoleDescription]):
    (-[WebAccessibilityObjectWrapper accessibilityColorStringValue]):
    * en.lproj/Localizable.strings:
    * platform/LocalizedStrings.cpp:
    (WebCore::AXColorWellText):
    * platform/LocalizedStrings.h:
    
    Tools:
    
    * WebKitTestRunner/InjectedBundle/ios/AccessibilityUIElementIOS.mm:
    (WTR::AccessibilityUIElement::stringAttributeValue):
    
    LayoutTests:
    
    * accessibility/ios-simulator/color-well-expected.txt: Added.
    * accessibility/ios-simulator/color-well.html: Added.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240710 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-30  Chris Fleizach  <cfleizach@apple.com>

            AX: Support color well on iOS
            https://bugs.webkit.org/show_bug.cgi?id=194010

            Reviewed by Joanmarie Diggs.

            Test: accessibility/ios-simulator/color-well.html

            Add support for color well on iOS.

            * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
            (-[WebAccessibilityObjectWrapper accessibilityCanFuzzyHitTest]):
            (-[WebAccessibilityObjectWrapper determineIsAccessibilityElement]):
            (-[WebAccessibilityObjectWrapper accessibilityRoleDescription]):
            (-[WebAccessibilityObjectWrapper accessibilityColorStringValue]):
            * en.lproj/Localizable.strings:
            * platform/LocalizedStrings.cpp:
            (WebCore::AXColorWellText):
            * platform/LocalizedStrings.h:

2019-02-07  Alan Coon  <alancoon@apple.com>

        Cherry-pick r241137. rdar://problem/47893603

    Unable to sign in leetcode.
    https://bugs.webkit.org/show_bug.cgi?id=194366
    rdar://problem/47259025.
    
    Reviewed by Chris Dumez.
    
    Source/WebCore:
    
    In case a signal is passed as part of a FetchRequestInit,
    the IDL binding code is throwing an exception in case signal is not an AbortSignal object.
    This breaks an AbortSignal shim used in some web sites.
    Relaxed the IDL binding rule by marking signal as any and doing the conversion in FetchRequest.
    
    Test: http/wpt/fetch/request-abort.html
    Also covered by manually signing in to leetcode.
    
    * Modules/fetch/FetchRequest.cpp:
    (WebCore::FetchRequest::initializeWith):
    * Modules/fetch/FetchRequestInit.h:
    (WebCore::FetchRequestInit::hasMembers const):
    * Modules/fetch/FetchRequestInit.idl:
    
    LayoutTests:
    
    * http/wpt/fetch/request-abort-expected.txt: Added.
    * http/wpt/fetch/request-abort.html: Added.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241137 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-07  Youenn Fablet  <youenn@apple.com>

            Unable to sign in leetcode.
            https://bugs.webkit.org/show_bug.cgi?id=194366
            rdar://problem/47259025.

            Reviewed by Chris Dumez.

            In case a signal is passed as part of a FetchRequestInit,
            the IDL binding code is throwing an exception in case signal is not an AbortSignal object.
            This breaks an AbortSignal shim used in some web sites.
            Relaxed the IDL binding rule by marking signal as any and doing the conversion in FetchRequest.

            Test: http/wpt/fetch/request-abort.html
            Also covered by manually signing in to leetcode.

            * Modules/fetch/FetchRequest.cpp:
            (WebCore::FetchRequest::initializeWith):
            * Modules/fetch/FetchRequestInit.h:
            (WebCore::FetchRequestInit::hasMembers const):
            * Modules/fetch/FetchRequestInit.idl:

2019-02-07  Alan Coon  <alancoon@apple.com>

        Cherry-pick r241130. rdar://problem/47893594

    HTMLMediaElement registers wrong ScriptExecutionContext with its ActiveDOMObject parent class
    https://bugs.webkit.org/show_bug.cgi?id=194360
    
    HTMLMediaElement registers the Document used to create it with ActiveDOMObject, when it should
    really use that Document's contextDocument(). Rather than just fix this in HTMLMediaElement,
    make sure that the correct document is used everywhere by adding a new ActiveDOMObject constructor
    taking a Document&, and making an explicitly deleted Document* constructor to catch any new cases.
    
    Reviewed by Geoffrey Garen.
    
    * Modules/applepay/ApplePaySession.cpp:
    (WebCore::ApplePaySession::ApplePaySession):
    * Modules/mediarecorder/MediaRecorder.cpp:
    (WebCore::MediaRecorder::MediaRecorder):
    * Modules/mediastream/MediaDevices.cpp:
    (WebCore::MediaDevices::MediaDevices):
    * Modules/mediastream/UserMediaRequest.cpp:
    (WebCore::UserMediaRequest::UserMediaRequest):
    * Modules/notifications/Notification.cpp:
    (WebCore::Notification::Notification):
    * Modules/paymentrequest/PaymentRequest.cpp:
    (WebCore::PaymentRequest::PaymentRequest):
    * Modules/webaudio/AudioContext.cpp:
    (WebCore::AudioContext::AudioContext):
    * animation/WebAnimation.cpp:
    (WebCore::WebAnimation::WebAnimation):
    * css/FontFaceSet.cpp:
    (WebCore::FontFaceSet::FontFaceSet):
    * dom/ActiveDOMObject.cpp:
    (WebCore::ActiveDOMObject::ActiveDOMObject):
    * dom/ActiveDOMObject.h:
    * dom/Document.h:
    (WebCore::ActiveDOMObject::ActiveDOMObject):
    * html/HTMLMarqueeElement.cpp:
    (WebCore::HTMLMarqueeElement::HTMLMarqueeElement):
    * html/HTMLMediaElement.cpp:
    (WebCore::HTMLMediaElement::HTMLMediaElement):
    * html/HTMLSourceElement.cpp:
    (WebCore::HTMLSourceElement::HTMLSourceElement):
    * page/IntersectionObserver.cpp:
    (WebCore::IntersectionObserver::IntersectionObserver):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241130 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-07  Jer Noble  <jer.noble@apple.com>

            HTMLMediaElement registers wrong ScriptExecutionContext with its ActiveDOMObject parent class
            https://bugs.webkit.org/show_bug.cgi?id=194360

            HTMLMediaElement registers the Document used to create it with ActiveDOMObject, when it should
            really use that Document's contextDocument(). Rather than just fix this in HTMLMediaElement,
            make sure that the correct document is used everywhere by adding a new ActiveDOMObject constructor
            taking a Document&, and making an explicitly deleted Document* constructor to catch any new cases.

            Reviewed by Geoffrey Garen.

            * Modules/applepay/ApplePaySession.cpp:
            (WebCore::ApplePaySession::ApplePaySession):
            * Modules/mediarecorder/MediaRecorder.cpp:
            (WebCore::MediaRecorder::MediaRecorder):
            * Modules/mediastream/MediaDevices.cpp:
            (WebCore::MediaDevices::MediaDevices):
            * Modules/mediastream/UserMediaRequest.cpp:
            (WebCore::UserMediaRequest::UserMediaRequest):
            * Modules/notifications/Notification.cpp:
            (WebCore::Notification::Notification):
            * Modules/paymentrequest/PaymentRequest.cpp:
            (WebCore::PaymentRequest::PaymentRequest):
            * Modules/webaudio/AudioContext.cpp:
            (WebCore::AudioContext::AudioContext):
            * animation/WebAnimation.cpp:
            (WebCore::WebAnimation::WebAnimation):
            * css/FontFaceSet.cpp:
            (WebCore::FontFaceSet::FontFaceSet):
            * dom/ActiveDOMObject.cpp:
            (WebCore::ActiveDOMObject::ActiveDOMObject):
            * dom/ActiveDOMObject.h:
            * dom/Document.h:
            (WebCore::ActiveDOMObject::ActiveDOMObject):
            * html/HTMLMarqueeElement.cpp:
            (WebCore::HTMLMarqueeElement::HTMLMarqueeElement):
            * html/HTMLMediaElement.cpp:
            (WebCore::HTMLMediaElement::HTMLMediaElement):
            * html/HTMLSourceElement.cpp:
            (WebCore::HTMLSourceElement::HTMLSourceElement):
            * page/IntersectionObserver.cpp:
            (WebCore::IntersectionObserver::IntersectionObserver):

2019-02-07  Alan Coon  <alancoon@apple.com>

        Cherry-pick r241121. rdar://problem/47893559

    Infinite recursion via CachedResource::~CachedResource
    https://bugs.webkit.org/show_bug.cgi?id=194378
    <rdar://problem/42023295>
    
    Reviewed by Daniel Bates.
    
    I don't know the exact steps to trigger this but the mechanism seems clear.
    
    1) An existing resource is removed from or replaced in CachedResourceLoader::m_documentResources map.
    2) This decrements the handle count of resource and causes it be deleted.
    3) CachedResource::~CachedResource calls m_owningCachedResourceLoader->removeCachedResource(*this). This only happens with
       resources that are "owned" by CachedResourceLoader which is a rare special case (used by image document and if memory cache is disabled).
    4) CachedResourceLoader::removeCachedResource looks up the resource from the map which causes a temporary CachedResourceHandle to be created.
       This increments the handle count of the resource from 0 back to 1.
    5) When the temporary dies, CachedResource::~CachedResource is called again and we cycle back to 3).
    
    The fix here is simply to remove CachedResourceLoader::removeCachedResource call from ~CachedResource.
    It is a leftover from when the map contained raw pointers instead of owning CachedResourceHandles.
    
    Since m_documentResources map has a handle to the resource, the only way we are in the destructor is that the resource
    has been removed from the map already (or is in process of being removed like in this crash). Any call that does anything
    other than bail out is going to crash.
    
    CachedResource::n_owningCachedResourceLoader member and CachedResourceLoader::removeCachedResource function only exist to
    support this erranous call so they are removed as well.
    
    * loader/ImageLoader.cpp:
    (WebCore::ImageLoader::updateFromElement):
    * loader/cache/CachedResource.cpp:
    (WebCore::CachedResource::~CachedResource):
    
    This is the substantive change. The rest just removes now-dead code.
    
    * loader/cache/CachedResource.h:
    (WebCore::CachedResource::setOwningCachedResourceLoader): Deleted.
    * loader/cache/CachedResourceLoader.cpp:
    (WebCore::CachedResourceLoader::~CachedResourceLoader):
    (WebCore::CachedResourceLoader::requestUserCSSStyleSheet):
    (WebCore::CachedResourceLoader::requestResource):
    (WebCore::CachedResourceLoader::loadResource):
    (WebCore::CachedResourceLoader::garbageCollectDocumentResources):
    (WebCore::CachedResourceLoader::removeCachedResource): Deleted.
    * loader/cache/CachedResourceLoader.h:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241121 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-07  Antti Koivisto  <antti@apple.com>

            Infinite recursion via CachedResource::~CachedResource
            https://bugs.webkit.org/show_bug.cgi?id=194378
            <rdar://problem/42023295>

            Reviewed by Daniel Bates.

            I don't know the exact steps to trigger this but the mechanism seems clear.

            1) An existing resource is removed from or replaced in CachedResourceLoader::m_documentResources map.
            2) This decrements the handle count of resource and causes it be deleted.
            3) CachedResource::~CachedResource calls m_owningCachedResourceLoader->removeCachedResource(*this). This only happens with
               resources that are "owned" by CachedResourceLoader which is a rare special case (used by image document and if memory cache is disabled).
            4) CachedResourceLoader::removeCachedResource looks up the resource from the map which causes a temporary CachedResourceHandle to be created.
               This increments the handle count of the resource from 0 back to 1.
            5) When the temporary dies, CachedResource::~CachedResource is called again and we cycle back to 3).

            The fix here is simply to remove CachedResourceLoader::removeCachedResource call from ~CachedResource.
            It is a leftover from when the map contained raw pointers instead of owning CachedResourceHandles.

            Since m_documentResources map has a handle to the resource, the only way we are in the destructor is that the resource
            has been removed from the map already (or is in process of being removed like in this crash). Any call that does anything
            other than bail out is going to crash.

            CachedResource::n_owningCachedResourceLoader member and CachedResourceLoader::removeCachedResource function only exist to
            support this erranous call so they are removed as well.

            * loader/ImageLoader.cpp:
            (WebCore::ImageLoader::updateFromElement):
            * loader/cache/CachedResource.cpp:
            (WebCore::CachedResource::~CachedResource):

            This is the substantive change. The rest just removes now-dead code.

            * loader/cache/CachedResource.h:
            (WebCore::CachedResource::setOwningCachedResourceLoader): Deleted.
            * loader/cache/CachedResourceLoader.cpp:
            (WebCore::CachedResourceLoader::~CachedResourceLoader):
            (WebCore::CachedResourceLoader::requestUserCSSStyleSheet):
            (WebCore::CachedResourceLoader::requestResource):
            (WebCore::CachedResourceLoader::loadResource):
            (WebCore::CachedResourceLoader::garbageCollectDocumentResources):
            (WebCore::CachedResourceLoader::removeCachedResource): Deleted.
            * loader/cache/CachedResourceLoader.h:

2019-02-07  Alan Coon  <alancoon@apple.com>

        Cherry-pick r241105. rdar://problem/47893571

    [Payment Request] It should be possible to require a phonetic name for shipping contacts
    https://bugs.webkit.org/show_bug.cgi?id=194311
    <rdar://46733045>
    
    Reviewed by Alex Christensen.
    
    Source/WebCore:
    
    It should be possible to require that a shipping contact has a phonetic name in Payment Request.
    To accomplish this, move requiredShippingContactFields from ApplePayPaymentRequest to
    ApplePayRequestBase so that it can be used as part of an Apple Pay payment method data.
    
    Since required shipping contact fields can now be specified both in
    requiredShippingContactFields and PaymentOptions, we merge the required fields from these
    two sources such that, e.g., email is required if it is specified in either place.
    
    So that clients can detect this new feature, the API version number is bumped from 5 to 6.
    
    Added test cases to ApplePayRequestShippingContact.https.html and ApplePayRequestShippingContactV3.https.html.
    
    * DerivedSources.make:
    * Modules/applepay/ApplePayPaymentRequest.h:
    * Modules/applepay/ApplePayPaymentRequest.idl:
    * Modules/applepay/ApplePayRequestBase.cpp:
    (WebCore::convertAndValidate):
    * Modules/applepay/ApplePayRequestBase.h:
    * Modules/applepay/ApplePayRequestBase.idl:
    * Modules/applepay/ApplePaySession.cpp:
    (WebCore::convertAndValidate):
    * Modules/applepay/PaymentCoordinatorClient.cpp: Added.
    (WebCore::PaymentCoordinatorClient::supportsVersion):
    * Modules/applepay/PaymentCoordinatorClient.h:
    * Modules/applepay/paymentrequest/ApplePayPaymentHandler.cpp:
    (WebCore::mergePaymentOptions):
    (WebCore::ApplePayPaymentHandler::show):
    * SourcesCocoa.txt:
    * WebCore.xcodeproj/project.pbxproj:
    * loader/EmptyClients.cpp:
    * testing/MockPaymentContactFields.h: Added.
    (WebCore::MockPaymentContactFields::MockPaymentContactFields):
    * testing/MockPaymentContactFields.idl: Added.
    * testing/MockPaymentCoordinator.cpp:
    (WebCore::MockPaymentCoordinator::showPaymentUI):
    (WebCore::MockPaymentCoordinator::supportsVersion): Deleted.
    * testing/MockPaymentCoordinator.h:
    * testing/MockPaymentCoordinator.idl:
    
    Source/WebKit:
    
    * WebProcess/ApplePay/WebPaymentCoordinator.cpp:
    (WebKit::WebPaymentCoordinator::supportsVersion): Deleted.
    * WebProcess/ApplePay/WebPaymentCoordinator.h:
    
    Source/WebKitLegacy/mac:
    
    * WebCoreSupport/WebPaymentCoordinatorClient.h:
    * WebCoreSupport/WebPaymentCoordinatorClient.mm:
    (WebPaymentCoordinatorClient::supportsVersion): Deleted.
    
    LayoutTests:
    
    * http/tests/ssl/applepay/ApplePayRequestShippingContact.https-expected.txt:
    * http/tests/ssl/applepay/ApplePayRequestShippingContact.https.html:
    * http/tests/ssl/applepay/ApplePayRequestShippingContactV3.https-expected.txt:
    * http/tests/ssl/applepay/ApplePayRequestShippingContactV3.https.html:
    * http/tests/ssl/applepay/PaymentRequest.https-expected.txt:
    * http/tests/ssl/applepay/PaymentRequest.https.html:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241105 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-06  Andy Estes  <aestes@apple.com>

            [Payment Request] It should be possible to require a phonetic name for shipping contacts
            https://bugs.webkit.org/show_bug.cgi?id=194311
            <rdar://46733045>

            Reviewed by Alex Christensen.

            It should be possible to require that a shipping contact has a phonetic name in Payment Request.
            To accomplish this, move requiredShippingContactFields from ApplePayPaymentRequest to
            ApplePayRequestBase so that it can be used as part of an Apple Pay payment method data.

            Since required shipping contact fields can now be specified both in
            requiredShippingContactFields and PaymentOptions, we merge the required fields from these
            two sources such that, e.g., email is required if it is specified in either place.

            So that clients can detect this new feature, the API version number is bumped from 5 to 6.

            Added test cases to ApplePayRequestShippingContact.https.html and ApplePayRequestShippingContactV3.https.html.

            * DerivedSources.make:
            * Modules/applepay/ApplePayPaymentRequest.h:
            * Modules/applepay/ApplePayPaymentRequest.idl:
            * Modules/applepay/ApplePayRequestBase.cpp:
            (WebCore::convertAndValidate):
            * Modules/applepay/ApplePayRequestBase.h:
            * Modules/applepay/ApplePayRequestBase.idl:
            * Modules/applepay/ApplePaySession.cpp:
            (WebCore::convertAndValidate):
            * Modules/applepay/PaymentCoordinatorClient.cpp: Added.
            (WebCore::PaymentCoordinatorClient::supportsVersion):
            * Modules/applepay/PaymentCoordinatorClient.h:
            * Modules/applepay/paymentrequest/ApplePayPaymentHandler.cpp:
            (WebCore::mergePaymentOptions):
            (WebCore::ApplePayPaymentHandler::show):
            * SourcesCocoa.txt:
            * WebCore.xcodeproj/project.pbxproj:
            * loader/EmptyClients.cpp:
            * testing/MockPaymentContactFields.h: Added.
            (WebCore::MockPaymentContactFields::MockPaymentContactFields):
            * testing/MockPaymentContactFields.idl: Added.
            * testing/MockPaymentCoordinator.cpp:
            (WebCore::MockPaymentCoordinator::showPaymentUI):
            (WebCore::MockPaymentCoordinator::supportsVersion): Deleted.
            * testing/MockPaymentCoordinator.h:
            * testing/MockPaymentCoordinator.idl:

2019-02-07  Alan Coon  <alancoon@apple.com>

        Cherry-pick r241022. rdar://problem/47893580

    CoreAudioCaptureSource should not configure its audio unit until it starts producing data
    https://bugs.webkit.org/show_bug.cgi?id=194310
    
    Reviewed by Eric Carlson.
    
    Delay the configuration of the audio unit until the source is instructed to start producing data.
    This allows the UIProcess to not start changing the audio unit when
    checking for constraints during getUserMedia call before the prompt.
    Covered by manual testing.
    
    * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
    (WebCore::CoreAudioCaptureSource::CoreAudioCaptureSource):
    (WebCore::CoreAudioCaptureSource::initializeToStartProducingData):
    (WebCore::CoreAudioCaptureSource::startProducingData):
    * platform/mediastream/mac/CoreAudioCaptureSource.h:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241022 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-06  Youenn Fablet  <youenn@apple.com>

            CoreAudioCaptureSource should not configure its audio unit until it starts producing data
            https://bugs.webkit.org/show_bug.cgi?id=194310

            Reviewed by Eric Carlson.

            Delay the configuration of the audio unit until the source is instructed to start producing data.
            This allows the UIProcess to not start changing the audio unit when
            checking for constraints during getUserMedia call before the prompt.
            Covered by manual testing.

            * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
            (WebCore::CoreAudioCaptureSource::CoreAudioCaptureSource):
            (WebCore::CoreAudioCaptureSource::initializeToStartProducingData):
            (WebCore::CoreAudioCaptureSource::startProducingData):
            * platform/mediastream/mac/CoreAudioCaptureSource.h:

2019-02-07  Alan Coon  <alancoon@apple.com>

        Cherry-pick r241021. rdar://problem/47893607

    Disable audio ducking at Audio Unit setup time
    https://bugs.webkit.org/show_bug.cgi?id=194303
    
    Reviewed by Eric Carlson.
    
    When creating a CoreAudioCaptureSource, the audio unit might be
    reconfigured if a past audio capture was done.
    This might trigger audio ducking which is undone in startInternal.
    In some cases, startInternal will never call start.
    In that case, the audio unit will continue ducking the other processing.
    To ensure ducking is disabled, unduck in setupAudioUnit as well as startInternal.
    
    In addition to that, once a shared unit is created, it stays alive until the UIProcess exits.
    This might affect all applications.
    Instead, whenever the shared unit is stopped, clean it so as to restore the state as if no capture ever happened.
    This has noticeable effects in the quality of audio being played on bluetooth devices.
    
    Covered by manual tests.
    
    * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
    (WebCore::CoreAudioSharedUnit::setupAudioUnit):
    (WebCore::CoreAudioSharedUnit::unduck):
    (WebCore::CoreAudioSharedUnit::startInternal):
    (WebCore::CoreAudioSharedUnit::captureFailed):
    (WebCore::CoreAudioSharedUnit::stopProducingData):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241021 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-06  Youenn Fablet  <youenn@apple.com>

            Disable audio ducking at Audio Unit setup time
            https://bugs.webkit.org/show_bug.cgi?id=194303

            Reviewed by Eric Carlson.

            When creating a CoreAudioCaptureSource, the audio unit might be
            reconfigured if a past audio capture was done.
            This might trigger audio ducking which is undone in startInternal.
            In some cases, startInternal will never call start.
            In that case, the audio unit will continue ducking the other processing.
            To ensure ducking is disabled, unduck in setupAudioUnit as well as startInternal.

            In addition to that, once a shared unit is created, it stays alive until the UIProcess exits.
            This might affect all applications.
            Instead, whenever the shared unit is stopped, clean it so as to restore the state as if no capture ever happened.
            This has noticeable effects in the quality of audio being played on bluetooth devices.

            Covered by manual tests.

            * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
            (WebCore::CoreAudioSharedUnit::setupAudioUnit):
            (WebCore::CoreAudioSharedUnit::unduck):
            (WebCore::CoreAudioSharedUnit::startInternal):
            (WebCore::CoreAudioSharedUnit::captureFailed):
            (WebCore::CoreAudioSharedUnit::stopProducingData):

2019-02-07  Alan Coon  <alancoon@apple.com>

        Cherry-pick r241018. rdar://problem/47893623

    RELEASE_ASSERT(!m_document.isResolvingTreeStyle()) in com.apple.WebKit.WebContent at WebCore: WebCore::StyleResolver::~StyleResolver
    https://bugs.webkit.org/show_bug.cgi?id=194333
    <rdar://problem/47822929>
    
    Reviewed by Zalan Bujtas.
    
    Source/WebCore:
    
    Content extensions may mutate the extension stylesheet in the middle of a style resolution as a result of
    the legacy animation code triggering a resource load.
    
    Test: http/tests/contentextensions/css-display-none-keyframe.html
    
    * style/StyleScope.cpp:
    (WebCore::Style::Scope::scheduleUpdate):
    
    Avoid clearing the style resolver if we are in the middle of a style resolution.
    A better fix that avoid doing this in the first place is tracked by https://bugs.webkit.org/show_bug.cgi?id=194335.
    
    LayoutTests:
    
    * http/tests/contentextensions/css-display-none-keyframe-expected.txt: Added.
    * http/tests/contentextensions/css-display-none-keyframe.html: Added.
    * http/tests/contentextensions/css-display-none-keyframe.html.json: Added.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241018 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-06  Antti Koivisto  <antti@apple.com>

            RELEASE_ASSERT(!m_document.isResolvingTreeStyle()) in com.apple.WebKit.WebContent at WebCore: WebCore::StyleResolver::~StyleResolver
            https://bugs.webkit.org/show_bug.cgi?id=194333
            <rdar://problem/47822929>

            Reviewed by Zalan Bujtas.

            Content extensions may mutate the extension stylesheet in the middle of a style resolution as a result of
            the legacy animation code triggering a resource load.

            Test: http/tests/contentextensions/css-display-none-keyframe.html

            * style/StyleScope.cpp:
            (WebCore::Style::Scope::scheduleUpdate):

            Avoid clearing the style resolver if we are in the middle of a style resolution.
            A better fix that avoid doing this in the first place is tracked by https://bugs.webkit.org/show_bug.cgi?id=194335.

2019-02-07  Alan Coon  <alancoon@apple.com>

        Cherry-pick r240808. rdar://problem/47774548

    Revert r238819 which is unneeded and caused a performance regression.
    https://bugs.webkit.org/show_bug.cgi?id=192272
    <rdar://problem/46664625>
    
    Source/WebCore:
    
    * loader/EmptyFrameLoaderClient.h:
    * loader/FrameLoader.cpp:
    (WebCore::FrameLoader::prepareForLoadStart):
    (WebCore::FrameLoader::continueLoadAfterNavigationPolicy):
    (WebCore::FrameLoader::loadProvisionalItemFromCachedPage):
    * loader/FrameLoader.h:
    * loader/FrameLoaderClient.h:
    
    Source/WebKit:
    
    * WebProcess/InjectedBundle/API/APIInjectedBundlePageLoaderClient.h:
    (API::InjectedBundle::PageLoaderClient::didStartProvisionalLoadForFrame):
    * WebProcess/InjectedBundle/API/Cocoa/WKWebProcessPlugInLoadDelegate.h:
    * WebProcess/InjectedBundle/API/glib/WebKitWebPage.cpp:
    * WebProcess/InjectedBundle/API/mac/WKWebProcessPlugInBrowserContextController.mm:
    (PageLoaderClient::didStartProvisionalLoadForFrame):
    * WebProcess/InjectedBundle/InjectedBundlePageLoaderClient.cpp:
    (WebKit::InjectedBundlePageLoaderClient::didStartProvisionalLoadForFrame):
    * WebProcess/InjectedBundle/InjectedBundlePageLoaderClient.h:
    * WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
    (WebKit::WebFrameLoaderClient::dispatchDidStartProvisionalLoad):
    * WebProcess/WebCoreSupport/WebFrameLoaderClient.h:
    
    Source/WebKitLegacy/mac:
    
    * WebCoreSupport/WebFrameLoaderClient.h:
    * WebCoreSupport/WebFrameLoaderClient.mm:
    (WebFrameLoaderClient::dispatchDidStartProvisionalLoad):
    
    Source/WebKitLegacy/win:
    
    * WebCoreSupport/WebFrameLoaderClient.cpp:
    (WebFrameLoaderClient::dispatchDidStartProvisionalLoad):
    * WebCoreSupport/WebFrameLoaderClient.h:
    
    Tools:
    
    * TestWebKitAPI/Tests/WebKitCocoa/ParserYieldTokenPlugIn.mm:
    (-[ParserYieldTokenPlugIn webProcessPlugInBrowserContextController:didCommitLoadForFrame:]):
    (-[ParserYieldTokenPlugIn webProcessPlugInBrowserContextController:willStartProvisionalLoadForFrame:completionHandler:]): Deleted.
    
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240808 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-31  Alex Christensen  <achristensen@webkit.org>

            Revert r238819 which is unneeded and caused a performance regression.
            https://bugs.webkit.org/show_bug.cgi?id=192272
            <rdar://problem/46664625>

            * loader/EmptyFrameLoaderClient.h:
            * loader/FrameLoader.cpp:
            (WebCore::FrameLoader::prepareForLoadStart):
            (WebCore::FrameLoader::continueLoadAfterNavigationPolicy):
            (WebCore::FrameLoader::loadProvisionalItemFromCachedPage):
            * loader/FrameLoader.h:
            * loader/FrameLoaderClient.h:

2019-02-07  Alan Coon  <alancoon@apple.com>

        Cherry-pick r239831. rdar://problem/47776468

    [css-grid] Let abspos items reference implicit grid lines
    https://bugs.webkit.org/show_bug.cgi?id=193313
    
    Patch by Oriol Brufau <obrufau@igalia.com> on 2019-01-10
    Reviewed by Manuel Rego Casasnovas.
    
    LayoutTests/imported/w3c:
    
    Import test changes from WPT.
    
    * web-platform-tests/css/css-grid/abspos/grid-positioned-items-padding-001.html:
    * web-platform-tests/css/css-grid/abspos/grid-positioned-items-unknown-named-grid-line-001.html:
    
    Source/WebCore:
    
    While they can't create new implicit grid lines, abspos items
    can reference existing ones as clarified in
    https://github.com/w3c/csswg-drafts/commit/511bb63
    
    This patch makes WebKit match Blink, Firefox and Edge.
    
    Tests: web-platform-tests/css/css-grid/abspos/grid-positioned-items-padding-001.html
           web-platform-tests/css/css-grid/abspos/grid-positioned-items-unknown-named-grid-line-001.html
    
    * rendering/RenderGrid.cpp:
    (WebCore::RenderGrid::populateExplicitGridAndOrderIterator const):
    Remove argument from spanSizeForAutoPlacedItem call.
    (WebCore::RenderGrid::createEmptyGridAreaAtSpecifiedPositionsOutsideGrid const):
    Remove argument from spanSizeForAutoPlacedItem call.
    (WebCore::RenderGrid::placeSpecifiedMajorAxisItemsOnGrid const):
    Remove argument from spanSizeForAutoPlacedItem call.
    (WebCore::RenderGrid::placeAutoMajorAxisItemOnGrid const):
    Remove argument from spanSizeForAutoPlacedItem call.
    (WebCore::RenderGrid::gridAreaBreadthForOutOfFlowChild):
    Don't treat implicit grid lines as 'auto'.
    * rendering/RenderGrid.h:
    Remove unused gridPositionIsAutoForOutOfFlow.
    * rendering/style/GridPositionsResolver.cpp:
    (WebCore::adjustGridPositionsFromStyle):
    Don't treat implicit grid lines as 'auto'.
    Remove unused gridContainerStyle parameter.
    (WebCore::GridPositionsResolver::spanSizeForAutoPlacedItem):
    Remove argument from adjustGridPositionsFromStyle call.
    Remove unused gridContainerStyle parameter.
    (WebCore::resolveGridPositionFromStyle):
    Remove unnecessary assert that uses isValidNamedLineOrArea.
    (WebCore::GridPositionsResolver::resolveGridPositionsFromStyle):
    Remove argument from adjustGridPositionsFromStyle call.
    * rendering/style/GridPositionsResolver.h:
    Remove unused isValidNamedLineOrArea.
    Remove unused parameter from spanSizeForAutoPlacedItem.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239831 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-10  Oriol Brufau  <obrufau@igalia.com>

            [css-grid] Let abspos items reference implicit grid lines
            https://bugs.webkit.org/show_bug.cgi?id=193313

            Reviewed by Manuel Rego Casasnovas.

            While they can't create new implicit grid lines, abspos items
            can reference existing ones as clarified in
            https://github.com/w3c/csswg-drafts/commit/511bb63

            This patch makes WebKit match Blink, Firefox and Edge.

            Tests: web-platform-tests/css/css-grid/abspos/grid-positioned-items-padding-001.html
                   web-platform-tests/css/css-grid/abspos/grid-positioned-items-unknown-named-grid-line-001.html

            * rendering/RenderGrid.cpp:
            (WebCore::RenderGrid::populateExplicitGridAndOrderIterator const):
            Remove argument from spanSizeForAutoPlacedItem call.
            (WebCore::RenderGrid::createEmptyGridAreaAtSpecifiedPositionsOutsideGrid const):
            Remove argument from spanSizeForAutoPlacedItem call.
            (WebCore::RenderGrid::placeSpecifiedMajorAxisItemsOnGrid const):
            Remove argument from spanSizeForAutoPlacedItem call.
            (WebCore::RenderGrid::placeAutoMajorAxisItemOnGrid const):
            Remove argument from spanSizeForAutoPlacedItem call.
            (WebCore::RenderGrid::gridAreaBreadthForOutOfFlowChild):
            Don't treat implicit grid lines as 'auto'.
            * rendering/RenderGrid.h:
            Remove unused gridPositionIsAutoForOutOfFlow.
            * rendering/style/GridPositionsResolver.cpp:
            (WebCore::adjustGridPositionsFromStyle):
            Don't treat implicit grid lines as 'auto'.
            Remove unused gridContainerStyle parameter.
            (WebCore::GridPositionsResolver::spanSizeForAutoPlacedItem):
            Remove argument from adjustGridPositionsFromStyle call.
            Remove unused gridContainerStyle parameter.
            (WebCore::resolveGridPositionFromStyle):
            Remove unnecessary assert that uses isValidNamedLineOrArea.
            (WebCore::GridPositionsResolver::resolveGridPositionsFromStyle):
            Remove argument from adjustGridPositionsFromStyle call.
            * rendering/style/GridPositionsResolver.h:
            Remove unused isValidNamedLineOrArea.
            Remove unused parameter from spanSizeForAutoPlacedItem.

2019-02-06  Alan Coon  <alancoon@apple.com>

        Cherry-pick r241015. rdar://problem/47866495

    REGRESSION (r240909): Release assert in FrameLoader::loadURL when navigating with a non-existent target name
    https://bugs.webkit.org/show_bug.cgi?id=194329
    
    Reviewed by Geoffrey Garen.
    
    Source/WebCore:
    
    The bug was caused by the code path for when navigating with a specific target frame name that does not exist
    never setting the load type of PolicyChecker. As a result, we would use whatever load type used in the previous
    navigation, resulting in this release assertion.
    
    Updating the load type here should in theory fix the underlying bug r240909 was meant to catch & fix.
    
    Test: fast/loader/navigate-with-new-target-after-back-forward-navigation.html
    
    * loader/FrameLoader.cpp:
    (WebCore::FrameLoader::loadURL):
    
    LayoutTests:
    
    Added a regression test.
    
    * fast/loader/navigate-with-new-target-after-back-forward-navigation-expected.txt: Added.
    * fast/loader/navigate-with-new-target-after-back-forward-navigation.html: Added.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241015 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-05  Ryosuke Niwa  <rniwa@webkit.org>

            REGRESSION (r240909): Release assert in FrameLoader::loadURL when navigating with a non-existent target name
            https://bugs.webkit.org/show_bug.cgi?id=194329

            Reviewed by Geoffrey Garen.

            The bug was caused by the code path for when navigating with a specific target frame name that does not exist
            never setting the load type of PolicyChecker. As a result, we would use whatever load type used in the previous
            navigation, resulting in this release assertion.

            Updating the load type here should in theory fix the underlying bug r240909 was meant to catch & fix.

            Test: fast/loader/navigate-with-new-target-after-back-forward-navigation.html

            * loader/FrameLoader.cpp:
            (WebCore::FrameLoader::loadURL):

2019-02-06  Alan Coon  <alancoon@apple.com>

        Apply patch. rdar://problem/47822019

    2019-02-06  Ryosuke Niwa  <rniwa@webkit.org>

            Validate navigation policy decisions to avoid crashes in continueLoadAfterNavigationPolicy
            https://bugs.webkit.org/show_bug.cgi?id=194189

            Reviewed by Geoffrey Garen.

            Introduced PolicyCheckIdentifier to pair each navigation policy check request with a decision,
            and deployed it in PolicyChecker. The identifier is passed from WebContent process to UI process
            in WebKit2, and passed it back with the policy decision.

            Because PolicyCheckIdentifier embeds the process identifier from which a navigation policy is checked,
            we would be able to detect when UI process had sent the decision to a wrong WebContent process.

            This patch also adds release assertions to make sure history().provisionalItem() is set whenever
            we're requesting a navigation policy check.

            These code changes should either:
            1. Fix crashes in FrameLoader::continueLoadAfterNavigationPolicy where isBackForwardLoadType would
               return true yet history().provisionalItem() is null.
            2. Detect a bug that UI process can send a navigation policy decision to a wrong WebContent process.
            3. Rule out the possibility that (2) exists.

            * loader/DocumentLoader.cpp:
            (WebCore::DocumentLoader::willSendRequest):
            (WebCore::DocumentLoader::responseReceived):
            * loader/EmptyClients.cpp:
            (WebCore::EmptyFrameLoaderClient::dispatchDecidePolicyForNewWindowAction):
            (WebCore::EmptyFrameLoaderClient::dispatchDecidePolicyForNavigationAction):
            * loader/EmptyFrameLoaderClient.h:
            * loader/FrameLoader.cpp:
            (WebCore::FrameLoader::checkContentPolicy):
            (WebCore::FrameLoader::loadURL):
            (WebCore::FrameLoader::load):
            (WebCore::FrameLoader::loadWithDocumentLoader):
            (WebCore::FrameLoader::loadPostRequest):
            * loader/FrameLoader.h:
            * loader/FrameLoaderClient.h:
            * loader/FrameLoaderTypes.h:
            (WebCore::PolicyCheckIdentifier): Added.
            (WebCore::PolicyCheckIdentifier::operator== const): Added.
            (WebCore::PolicyCheckIdentifier::PolicyCheckIdentifier): Added.
            (WebCore::PolicyCheckIdentifier::encode const): Added.
            (WebCore::PolicyCheckIdentifier::decode): Added.
            * loader/PolicyChecker.cpp:
            (WebCore::PolicyCheckIdentifier::generate):
            (WebCore::PolicyCheckIdentifier::isValidFor): Returns true if the identifer matches. Also release asserts
            that the process ID is same, and that m_check is always not zero (meaning it's a generated value).
            The failure of these release assertions would indicate that there is a bug in UI process, which results in
            a policy decision response being sent to a wrong Web process.
            (WebCore::PolicyChecker::checkNavigationPolicy): Exit early if isValidFor fails.
            (WebCore::PolicyChecker::checkNewWindowPolicy):

2019-02-06  Alan Coon  <alancoon@apple.com>

        Cherry-pick r240804. rdar://problem/47774520

    [Cocoa][EME] Modern EME uses a different path for SecureStop data than Legacy EME
    https://bugs.webkit.org/show_bug.cgi?id=193988
    
    Reviewed by Jon Lee.
    
    Modern EME is writing SecureStop data as a file at the same path as the
    directory used by Legacy EME; meaning, when Modern EME attempts to write
    to that file, it will fail because a directory exists at the same path.
    
    Add a migration step to take care of those instances where Modern EME Secure
    Stop data was already written to disk, and move that previously written data
    to the correct file path.
    
    * platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.h:
    * platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.mm:
    (WebCore::CDMInstanceFairPlayStreamingAVFObjC::initializeWithConfiguration):
    (WebCore::CDMInstanceFairPlayStreamingAVFObjC::setStorageDirectory):
    (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::updateLicense):
    (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::loadSession):
    (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::removeSessionData):
    (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::ensureSession):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240804 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-31  Jer Noble  <jer.noble@apple.com>

            [Cocoa][EME] Modern EME uses a different path for SecureStop data than Legacy EME
            https://bugs.webkit.org/show_bug.cgi?id=193988

            Reviewed by Jon Lee.

            Modern EME is writing SecureStop data as a file at the same path as the
            directory used by Legacy EME; meaning, when Modern EME attempts to write
            to that file, it will fail because a directory exists at the same path.

            Add a migration step to take care of those instances where Modern EME Secure
            Stop data was already written to disk, and move that previously written data
            to the correct file path.

            * platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.h:
            * platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.mm:
            (WebCore::CDMInstanceFairPlayStreamingAVFObjC::initializeWithConfiguration):
            (WebCore::CDMInstanceFairPlayStreamingAVFObjC::setStorageDirectory):
            (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::updateLicense):
            (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::loadSession):
            (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::removeSessionData):
            (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::ensureSession):

2019-02-06  Alan Coon  <alancoon@apple.com>

        Cherry-pick r240746. rdar://problem/47774550

    [Cocoa][EME] persistent-usage-record data not issued after MediaKeySession.remove()
    https://bugs.webkit.org/show_bug.cgi?id=193984
    
    Reviewed by Eric Carlson.
    
    MediaKeySession.sessionId is empty during the CDMInstance->requestLicense success callback handler. The
    KVO notification that AVContentKeySession.contentProtectionSessionIdentifier changed isn't called until
    after the -[AVContentKeyRequest makeStreamingContentKeyRequestDataForApp:contentIdentifier:options:completionHandler:]
    completion handler is called.
    
    Explicitly ask for the -contentProtectionSessionIdentifier inside that handler, and just in case the sessionID
    changes after that, add a new client callback method to notify the MediaKeySession that the ID has changed.
    
    * Modules/encryptedmedia/MediaKeySession.cpp:
    (WebCore::MediaKeySession::sessionIdChanged):
    * Modules/encryptedmedia/MediaKeySession.h:
    * platform/encryptedmedia/CDMInstanceSession.h:
    * platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.mm:
    (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::didProvideRequest):
    (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::nextRequest):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240746 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-30  Jer Noble  <jer.noble@apple.com>

            [Cocoa][EME] persistent-usage-record data not issued after MediaKeySession.remove()
            https://bugs.webkit.org/show_bug.cgi?id=193984

            Reviewed by Eric Carlson.

            MediaKeySession.sessionId is empty during the CDMInstance->requestLicense success callback handler. The
            KVO notification that AVContentKeySession.contentProtectionSessionIdentifier changed isn't called until
            after the -[AVContentKeyRequest makeStreamingContentKeyRequestDataForApp:contentIdentifier:options:completionHandler:]
            completion handler is called.

            Explicitly ask for the -contentProtectionSessionIdentifier inside that handler, and just in case the sessionID
            changes after that, add a new client callback method to notify the MediaKeySession that the ID has changed.

            * Modules/encryptedmedia/MediaKeySession.cpp:
            (WebCore::MediaKeySession::sessionIdChanged):
            * Modules/encryptedmedia/MediaKeySession.h:
            * platform/encryptedmedia/CDMInstanceSession.h:
            * platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.mm:
            (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::didProvideRequest):
            (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::nextRequest):

2019-02-05  Alan Coon  <alancoon@apple.com>

        Cherry-pick r239752. rdar://problem/47776478

    [WebAuthN] Support U2F HID Authenticators on macOS
    https://bugs.webkit.org/show_bug.cgi?id=191535
    <rdar://problem/47102027>
    
    Reviewed by Brent Fulgham.
    
    Source/WebCore:
    
    This patch changes U2fCommandConstructor to produce register commands with
    enforcing test of user presence. Otherwise, authenticators would silently
    generate credentials. It also renames readFromU2fSignResponse to
    readU2fSignResponse.
    
    Tests: http/wpt/webauthn/public-key-credential-create-failure-u2f-silent.https.html
           http/wpt/webauthn/public-key-credential-create-failure-u2f.https.html
           http/wpt/webauthn/public-key-credential-create-success-u2f.https.html
           http/wpt/webauthn/public-key-credential-get-failure-u2f-silent.https.html
           http/wpt/webauthn/public-key-credential-get-failure-u2f.https.html
           http/wpt/webauthn/public-key-credential-get-success-u2f.https.html
    
    * Modules/webauthn/fido/U2fCommandConstructor.cpp:
    (fido::WebCore::constructU2fRegisterCommand):
    * Modules/webauthn/fido/U2fResponseConverter.cpp:
    (fido::readU2fSignResponse):
    (fido::readFromU2fSignResponse): Deleted.
    * Modules/webauthn/fido/U2fResponseConverter.h:
    
    Source/WebKit:
    
    This patch implements the support for U2F authenticators, and enables it for hid devices.
    It follows the CTAP spec to map WebAuthN requests to U2F commands and return the responses:
    https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-authenticator-protocol-v2.0-id-20180227.html#u2f-interoperability
    Most of the parts are done before this patch, this patch focues on: 7.2.2 and 7.3.2.
    
    Besides implementing the U2fHidAuthenticator, this patch also adds support in the mocking
    environment for U2F authenticators. It is done by extending the stages in MockHidConnection
    from 4 to indefinite as multi-round communications are expected to map WebAuthN requests
    to U2F requests.
    
    * Sources.txt:
    * UIProcess/API/C/WKWebsiteDataStoreRef.cpp:
    (WKWebsiteDataStoreSetWebAuthenticationMockConfiguration):
    * UIProcess/WebAuthentication/Cocoa/HidService.mm:
    (WebKit::HidService::continueAddDeviceAfterGetInfo):
    * UIProcess/WebAuthentication/fido/CtapHidDriver.cpp:
    (WebKit::CtapHidDriver::continueAfterChannelAllocated):
    * UIProcess/WebAuthentication/fido/CtapHidDriver.h:
    (WebKit::CtapHidDriver::setProtocol):
    * UIProcess/WebAuthentication/fido/U2fHidAuthenticator.cpp: Added.
    (WebKit::U2fHidAuthenticator::U2fHidAuthenticator):
    (WebKit::U2fHidAuthenticator::makeCredential):
    (WebKit::U2fHidAuthenticator::checkExcludeList):
    (WebKit::U2fHidAuthenticator::issueRegisterCommand):
    (WebKit::U2fHidAuthenticator::getAssertion):
    (WebKit::U2fHidAuthenticator::issueSignCommand):
    (WebKit::U2fHidAuthenticator::issueNewCommand):
    (WebKit::U2fHidAuthenticator::issueCommand):
    (WebKit::U2fHidAuthenticator::responseReceived):
    (WebKit::U2fHidAuthenticator::continueRegisterCommandAfterResponseReceived):
    (WebKit::U2fHidAuthenticator::continueCheckOnlyCommandAfterResponseReceived):
    (WebKit::U2fHidAuthenticator::continueBogusCommandAfterResponseReceived):
    (WebKit::U2fHidAuthenticator::continueSignCommandAfterResponseReceived):
    * UIProcess/WebAuthentication/fido/U2fHidAuthenticator.h: Added.
    * UIProcess/WebAuthentication/Mock/MockHidConnection.cpp:
    (WebKit::MockHidConnection::parseRequest):
    (WebKit::MockHidConnection::feedReports):
    * UIProcess/WebAuthentication/Mock/MockHidConnection.h:
    * UIProcess/WebAuthentication/Mock/MockWebAuthenticationConfiguration.h:
    * WebKit.xcodeproj/project.pbxproj:
    
    Tools:
    
    This patch:
    1) adds support for U2F mocking mechanism;
    2) updates tests to reflect U2fCommandConstructor changes.
    
    * TestWebKitAPI/Tests/WebCore/CtapResponseTest.cpp:
    (TestWebKitAPI::TEST):
    * TestWebKitAPI/Tests/WebCore/FidoTestData.h:
    * WebKitTestRunner/InjectedBundle/TestRunner.cpp:
    (WTR::TestRunner::setWebAuthenticationMockConfiguration):
    
    LayoutTests:
    
    Besiding adding tests for U2F authenticators, it also changes payloadBase64 from
    a string to a vector of strings. New tests are skipped for iOS.
    
    * http/wpt/webauthn/ctap-hid-failure.https.html:
    * http/wpt/webauthn/ctap-hid-success.https.html:
    * http/wpt/webauthn/public-key-credential-create-failure-hid-silent.https.html:
    * http/wpt/webauthn/public-key-credential-create-failure-hid.https.html:
    * http/wpt/webauthn/public-key-credential-create-failure-u2f-silent.https-expected.txt: Added.
    * http/wpt/webauthn/public-key-credential-create-failure-u2f-silent.https.html: Added.
    * http/wpt/webauthn/public-key-credential-create-failure-u2f.https-expected.txt: Added.
    * http/wpt/webauthn/public-key-credential-create-failure-u2f.https.html: Added.
    * http/wpt/webauthn/public-key-credential-create-success-hid.https.html:
    * http/wpt/webauthn/public-key-credential-create-success-u2f.https-expected.txt: Added.
    * http/wpt/webauthn/public-key-credential-create-success-u2f.https.html: Copied from LayoutTests/http/wpt/webauthn/public-key-credential-create-success-hid.https.html.
    * http/wpt/webauthn/public-key-credential-get-failure-hid-silent.https.html:
    * http/wpt/webauthn/public-key-credential-get-failure-hid.https.html:
    * http/wpt/webauthn/public-key-credential-get-failure-u2f-silent.https-expected.txt: Added.
    * http/wpt/webauthn/public-key-credential-get-failure-u2f-silent.https.html: Added.
    * http/wpt/webauthn/public-key-credential-get-failure-u2f.https-expected.txt: Added.
    * http/wpt/webauthn/public-key-credential-get-failure-u2f.https.html: Added.
    * http/wpt/webauthn/public-key-credential-get-success-hid.https.html:
    * http/wpt/webauthn/public-key-credential-get-success-u2f.https-expected.txt: Added.
    * http/wpt/webauthn/public-key-credential-get-success-u2f.https.html: Added.
    * http/wpt/webauthn/resources/util.js:
    * platform/ios-wk2/TestExpectations:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239752 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-08  Jiewen Tan  <jiewen_tan@apple.com>

            [WebAuthN] Support U2F HID Authenticators on macOS
            https://bugs.webkit.org/show_bug.cgi?id=191535
            <rdar://problem/47102027>

            Reviewed by Brent Fulgham.

            This patch changes U2fCommandConstructor to produce register commands with
            enforcing test of user presence. Otherwise, authenticators would silently
            generate credentials. It also renames readFromU2fSignResponse to
            readU2fSignResponse.

            Tests: http/wpt/webauthn/public-key-credential-create-failure-u2f-silent.https.html
                   http/wpt/webauthn/public-key-credential-create-failure-u2f.https.html
                   http/wpt/webauthn/public-key-credential-create-success-u2f.https.html
                   http/wpt/webauthn/public-key-credential-get-failure-u2f-silent.https.html
                   http/wpt/webauthn/public-key-credential-get-failure-u2f.https.html
                   http/wpt/webauthn/public-key-credential-get-success-u2f.https.html

            * Modules/webauthn/fido/U2fCommandConstructor.cpp:
            (fido::WebCore::constructU2fRegisterCommand):
            * Modules/webauthn/fido/U2fResponseConverter.cpp:
            (fido::readU2fSignResponse):
            (fido::readFromU2fSignResponse): Deleted.
            * Modules/webauthn/fido/U2fResponseConverter.h:

2019-02-05  Alan Coon  <alancoon@apple.com>

        Cherry-pick r240930. rdar://problem/47810469

    Make sure to remove the device observer in AVVideoCaptureSource
    https://bugs.webkit.org/show_bug.cgi?id=194181
    <rdar://problem/47739247>
    
    Reviewed by Eric Carlson.
    
    Make sure to remove the device observer when the observer is destroyed.
    To simplify things, add the observer in AVVideoCaptureSource constructor and remove it in the destructor.
    
    Make also sure the session observer is also removed whenever the session is released by AVVideoCaptureSource.
    
    Covered by manual test.
    
           * platform/mediastream/mac/AVVideoCaptureSource.h:
    * platform/mediastream/mac/AVVideoCaptureSource.mm:
    (WebCore::AVVideoCaptureSource::AVVideoCaptureSource):
    (WebCore::AVVideoCaptureSource::~AVVideoCaptureSource):
    (WebCore::AVVideoCaptureSource::initializeSession):
    (WebCore::AVVideoCaptureSource::clearSession):
    (WebCore::AVVideoCaptureSource::stopProducingData):
    (WebCore::AVVideoCaptureSource::setupSession):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240930 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-04  Youenn Fablet  <youenn@apple.com>

            Make sure to remove the device observer in AVVideoCaptureSource
            https://bugs.webkit.org/show_bug.cgi?id=194181
            <rdar://problem/47739247>

            Reviewed by Eric Carlson.

            Make sure to remove the device observer when the observer is destroyed.
            To simplify things, add the observer in AVVideoCaptureSource constructor and remove it in the destructor.

            Make also sure the session observer is also removed whenever the session is released by AVVideoCaptureSource.

            Covered by manual test.

           * platform/mediastream/mac/AVVideoCaptureSource.h:
            * platform/mediastream/mac/AVVideoCaptureSource.mm:
            (WebCore::AVVideoCaptureSource::AVVideoCaptureSource):
            (WebCore::AVVideoCaptureSource::~AVVideoCaptureSource):
            (WebCore::AVVideoCaptureSource::initializeSession):
            (WebCore::AVVideoCaptureSource::clearSession):
            (WebCore::AVVideoCaptureSource::stopProducingData):
            (WebCore::AVVideoCaptureSource::setupSession):

2019-02-05  Alan Coon  <alancoon@apple.com>

        Cherry-pick r240880. rdar://problem/47774545

    REGRESSION: Flaky ASSERTION FAILED: m_uncommittedState.state == State::Committed on http/tests/cookies/same-site/fetch-after-top-level-navigation-initiated-from-iframe-in-cross-origin-page.html
    https://bugs.webkit.org/show_bug.cgi?id=193740
    <rdar://problem/47527267>
    
    Reviewed by Alex Christensen.
    
    Source/WebCore:
    
    * loader/DocumentLoader.cpp:
    (WebCore::DocumentLoader::willSendRequest):
    (WebCore::DocumentLoader::continueAfterContentPolicy):
    * loader/FrameLoader.cpp:
    (WebCore::FrameLoader::loadURL):
    (WebCore::FrameLoader::loadWithDocumentLoader):
    (WebCore::FrameLoader::continueLoadAfterNavigationPolicy):
    * loader/FrameLoader.h:
    * loader/FrameLoaderTypes.h:
    * loader/PolicyChecker.cpp:
    (WebCore::PolicyChecker::checkNavigationPolicy):
    (WebCore::PolicyChecker::checkNewWindowPolicy):
    * loader/PolicyChecker.h:
    
    Source/WebKit:
    
    The issue was happening when the page is triggering a cross-site navigation while in the middle of parsing. This would cause us to
    start a new provisional load in a new process before the previous process sends the DidFinishLoadForFrame() IPC to the UIProcess.
    Getting such IPC after a provisional load has started would mess up our state machine and trip assertions.
    
    This patch restores non-PSON behavior which is that the previous load in the old process now gets stopped so that no DidFinishLoadForFrame()
    / DidFailLoadForFrame() gets sent. To achieve this behavior, I introduced a new "StopAllLoads" PolicyAction that we now send the old
    process when the load is continuing in a new process, instead of sending it "Ignore".
    
    * NetworkProcess/NetworkDataTaskBlob.cpp:
    (WebKit::NetworkDataTaskBlob::dispatchDidReceiveResponse):
    * NetworkProcess/cocoa/NetworkSessionCocoa.mm:
    (toNSURLSessionResponseDisposition):
    * UIProcess/WebPageProxy.cpp:
    (WebKit::WebPageProxy::receivedNavigationPolicyDecision):
    
    Tools:
    
    Add API test coverage.
    
    * TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240880 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-02-01  Chris Dumez  <cdumez@apple.com>

            REGRESSION: Flaky ASSERTION FAILED: m_uncommittedState.state == State::Committed on http/tests/cookies/same-site/fetch-after-top-level-navigation-initiated-from-iframe-in-cross-origin-page.html
            https://bugs.webkit.org/show_bug.cgi?id=193740
            <rdar://problem/47527267>

            Reviewed by Alex Christensen.

            * loader/DocumentLoader.cpp:
            (WebCore::DocumentLoader::willSendRequest):
            (WebCore::DocumentLoader::continueAfterContentPolicy):
            * loader/FrameLoader.cpp:
            (WebCore::FrameLoader::loadURL):
            (WebCore::FrameLoader::loadWithDocumentLoader):
            (WebCore::FrameLoader::continueLoadAfterNavigationPolicy):
            * loader/FrameLoader.h:
            * loader/FrameLoaderTypes.h:
            * loader/PolicyChecker.cpp:
            (WebCore::PolicyChecker::checkNavigationPolicy):
            (WebCore::PolicyChecker::checkNewWindowPolicy):
            * loader/PolicyChecker.h:

2019-02-05  Alan Coon  <alancoon@apple.com>

        Cherry-pick r240833. rdar://problem/47774523

    [Cocoa][EME] AirPlaying a FairPlay-protected HLS stream fails to decrypt
    https://bugs.webkit.org/show_bug.cgi?id=194114
    
    Reviewed by Eric Carlson.
    
    The AVAssetResourceLoaderDelegate must explicitly... delegate responsibility for FairPlay key
    requests to the AVContentKeySession.
    
    * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
    (WebCore::MediaPlayerPrivateAVFoundationObjC::shouldWaitForLoadingOfResource):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240833 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-31  Jer Noble  <jer.noble@apple.com>

            [Cocoa][EME] AirPlaying a FairPlay-protected HLS stream fails to decrypt
            https://bugs.webkit.org/show_bug.cgi?id=194114

            Reviewed by Eric Carlson.

            The AVAssetResourceLoaderDelegate must explicitly... delegate responsibility for FairPlay key
            requests to the AVContentKeySession.

            * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
            (WebCore::MediaPlayerPrivateAVFoundationObjC::shouldWaitForLoadingOfResource):

2019-02-05  Alan Coon  <alancoon@apple.com>

        Cherry-pick r240822. rdar://problem/47774539

    [Mac] Requesting PiP from two different WebViews gets PiP window "stuck"
    https://bugs.webkit.org/show_bug.cgi?id=194099
    <rdar://problem/47271323>
    
    Reviewed by Eric Carlson.
    
    When a different client requests the PiP window, the PiP framework will call -pipDidClose: without
    first calling -pipActionStop:. This leaves the internal fullscreen state in a confused state where
    the WebView will attempt to re-enter PiP once it gets focus, and can lead to a state where the two
    WebViews will constantly try to steal PiP from one another, ad infinitum.
    
    When receiving a notification that the PiP window closed when our internal state tells us that the
    close was not requested, notify the client that PiP mode was exited, allowing them to set their
    expected state to a correct and sane value.
    
    * platform/mac/VideoFullscreenInterfaceMac.mm:
    (-[WebVideoFullscreenInterfaceMacObjC pipDidClose:]):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240822 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-31  Jer Noble  <jer.noble@apple.com>

            [Mac] Requesting PiP from two different WebViews gets PiP window "stuck"
            https://bugs.webkit.org/show_bug.cgi?id=194099
            <rdar://problem/47271323>

            Reviewed by Eric Carlson.

            When a different client requests the PiP window, the PiP framework will call -pipDidClose: without
            first calling -pipActionStop:. This leaves the internal fullscreen state in a confused state where
            the WebView will attempt to re-enter PiP once it gets focus, and can lead to a state where the two
            WebViews will constantly try to steal PiP from one another, ad infinitum.

            When receiving a notification that the PiP window closed when our internal state tells us that the
            close was not requested, notify the client that PiP mode was exited, allowing them to set their
            expected state to a correct and sane value.

            * platform/mac/VideoFullscreenInterfaceMac.mm:
            (-[WebVideoFullscreenInterfaceMacObjC pipDidClose:]):

2019-02-05  Alan Coon  <alancoon@apple.com>

        Cherry-pick r240773. rdar://problem/47774755

    ASSERTION FAILED: cache under WebCore::AXObjectCache::postTextStateChangePlatformNotification
    https://bugs.webkit.org/show_bug.cgi?id=189094
    <rdar://problem/43853526>
    
    Reviewed by Zalan Bujtas.
    
    Source/WebCore:
    
    Protect against access to objects and cache's that can be removed while an object is still in memory.
    
    Unskipped flaky tests on mac-wk2.
    
    * accessibility/mac/AXObjectCacheMac.mm:
    (WebCore::AXObjectCache::postTextStateChangePlatformNotification):
    * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
    (textMarkerForVisiblePosition):
    (textMarkerRangeFromVisiblePositions):
    
    LayoutTests:
    
    Unskip flaky test with crash resolved.
    
    * platform/mac-wk2/TestExpectations:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240773 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-31  Chris Fleizach  <cfleizach@apple.com>

            ASSERTION FAILED: cache under WebCore::AXObjectCache::postTextStateChangePlatformNotification
            https://bugs.webkit.org/show_bug.cgi?id=189094
            <rdar://problem/43853526>

            Reviewed by Zalan Bujtas.

            Protect against access to objects and cache's that can be removed while an object is still in memory.

            Unskipped flaky tests on mac-wk2.

            * accessibility/mac/AXObjectCacheMac.mm:
            (WebCore::AXObjectCache::postTextStateChangePlatformNotification):
            * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
            (textMarkerForVisiblePosition):
            (textMarkerRangeFromVisiblePositions):

2019-02-05  Alan Coon  <alancoon@apple.com>

        Cherry-pick r240750. rdar://problem/47774507

    Regression(PSON) History navigations to twitter.com lead to a 403 HTTP error
    https://bugs.webkit.org/show_bug.cgi?id=194023
    <rdar://problem/47417981>
    
    Reviewed by Geoffrey Garen.
    
    Source/WebCore:
    
    The issue was caused by the 'isTopSite' flag not getting properly set on the network request
    in case of a cross-site history navigation (with process-swap). As a result, twitter.com was
    not getting its same-site lax cookies.
    
    The 'isTopSite' flag normally gets set by FrameLoader::addExtraFieldsToRequest(), but we were
    bypassing this method entirely when continuing a load in a new process after a swap. This was
    intentional as the network request is normally already fully populated by the previous process
    and we do not want the new process to modify the request in any way (e.g. we would not want to
    add a Origin header back after it was removed by the previous process). However, in case of a
    History navigation, we do not actually pass a request along from one process to another. Instead,
    we pass a HistoryItem and then build a fresh new request from the HistoryItem in the new process.
    In this case, we *want* addExtraFieldsToRequest() to be called on the new request, even though
    we are technically continuing a load in a new process.
    
    We thus address the issue by bypassing FrameLoader::addExtraFieldsToRequest() only if we're
    continuing a load with a request and not when we're continuing a load with a HistoryItem.
    
    Test: http/tests/cookies/same-site/lax-samesite-cookie-after-cross-site-history-load.php
    
    * loader/FrameLoader.cpp:
    (WebCore::FrameLoader::load):
    (WebCore::FrameLoader::loadWithDocumentLoader):
    (WebCore::FrameLoader::addExtraFieldsToRequest):
    (WebCore::FrameLoader::loadDifferentDocumentItem):
    * loader/FrameLoader.h:
    (WebCore::FrameLoader::shouldTreatCurrentLoadAsContinuingLoad const):
    
    LayoutTests:
    
    Add layout test coverage.
    
    * http/tests/cookies/same-site/lax-samesite-cookie-after-cross-site-history-load-expected.txt: Added.
    * http/tests/cookies/same-site/lax-samesite-cookie-after-cross-site-history-load.php: Added.
    * http/tests/cookies/same-site/resources/navigate-back.html: Added.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240750 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-30  Chris Dumez  <cdumez@apple.com>

            Regression(PSON) History navigations to twitter.com lead to a 403 HTTP error
            https://bugs.webkit.org/show_bug.cgi?id=194023
            <rdar://problem/47417981>

            Reviewed by Geoffrey Garen.

            The issue was caused by the 'isTopSite' flag not getting properly set on the network request
            in case of a cross-site history navigation (with process-swap). As a result, twitter.com was
            not getting its same-site lax cookies.

            The 'isTopSite' flag normally gets set by FrameLoader::addExtraFieldsToRequest(), but we were
            bypassing this method entirely when continuing a load in a new process after a swap. This was
            intentional as the network request is normally already fully populated by the previous process
            and we do not want the new process to modify the request in any way (e.g. we would not want to
            add a Origin header back after it was removed by the previous process). However, in case of a
            History navigation, we do not actually pass a request along from one process to another. Instead,
            we pass a HistoryItem and then build a fresh new request from the HistoryItem in the new process.
            In this case, we *want* addExtraFieldsToRequest() to be called on the new request, even though
            we are technically continuing a load in a new process.

            We thus address the issue by bypassing FrameLoader::addExtraFieldsToRequest() only if we're
            continuing a load with a request and not when we're continuing a load with a HistoryItem.

            Test: http/tests/cookies/same-site/lax-samesite-cookie-after-cross-site-history-load.php

            * loader/FrameLoader.cpp:
            (WebCore::FrameLoader::load):
            (WebCore::FrameLoader::loadWithDocumentLoader):
            (WebCore::FrameLoader::addExtraFieldsToRequest):
            (WebCore::FrameLoader::loadDifferentDocumentItem):
            * loader/FrameLoader.h:
            (WebCore::FrameLoader::shouldTreatCurrentLoadAsContinuingLoad const):

2019-02-05  Alan Coon  <alancoon@apple.com>

        Cherry-pick r240727. rdar://problem/47776358

    LayoutTests/imported/w3c:
    ServiceWorkerJob should notify its client in case its job is cancelled
    https://bugs.webkit.org/show_bug.cgi?id=193747
    <rdar://problem/47498196>
    
    Reviewed by Chris Dumez.
    
    * web-platform-tests/service-workers/service-worker/registration-security-error.https-expected.txt:
    
    Source/WebCore:
    Refactor ServiceWorkerJob management by ServiceWorkerContainer to make it more memory safe
    https://bugs.webkit.org/show_bug.cgi?id=193747
    <rdar://problem/47498196>
    
    Reviewed by Chris Dumez.
    
    Make ServiceWorkerJob be no longer ref counted.
    Instead its lifetime is fully controlled by ServiceWorkerContainer.
    
    Make sure that a failing load will remove the job from ServiceWorkerContainer job map.
    This allows to ensure that these jobs do not stay forever.
    Before the patch, the jobs map was never cleared, which is creating a ref cycle whenever a job is not succesful.
    
    Before the patch, unsetPendingActivity was only called for successful jobs finishing.
    In case of failing loads, ServiceWorkerContainer would leak.
    Make sure that setPendingActivity/unsetPendingActivity is balanced by storing
    a pending activity in the job map next to the job.
    
    When ServiceWorkerContainer is stopped, notify that all jobs are cancelled to NetworkProcess.
    This makes these jobs in NetworkProcess-side to not stay until the corresponding WebProcess is gone.
    
    Simplify ServiceWorkerJob promise rejection handling so that it is clear when promise is rejected and when it is not.
    Update type of exception to be SecurityError when load fails due to AccessControl.
    
    Covered by existing tests.
    
    * workers/service/ServiceWorkerContainer.cpp:
    (WebCore::ServiceWorkerContainer::addRegistration):
    (WebCore::ServiceWorkerContainer::removeRegistration):
    (WebCore::ServiceWorkerContainer::updateRegistration):
    (WebCore::ServiceWorkerContainer::scheduleJob):
    (WebCore::ServiceWorkerContainer::jobFailedWithException):
    (WebCore::ServiceWorkerContainer::jobResolvedWithRegistration):
    (WebCore::ServiceWorkerContainer::jobResolvedWithUnregistrationResult):
    (WebCore::ServiceWorkerContainer::jobFailedLoadingScript):
    (WebCore::ServiceWorkerContainer::jobDidFinish):
    (WebCore::ServiceWorkerContainer::stop):
    (WebCore::ServiceWorkerContainer::job):
    * workers/service/ServiceWorkerContainer.h:
    * workers/service/ServiceWorkerJob.cpp:
    (WebCore::ServiceWorkerJob::failedWithException):
    (WebCore::ServiceWorkerJob::resolvedWithRegistration):
    (WebCore::ServiceWorkerJob::resolvedWithUnregistrationResult):
    (WebCore::ServiceWorkerJob::startScriptFetch):
    (WebCore::ServiceWorkerJob::didReceiveResponse):
    (WebCore::ServiceWorkerJob::notifyFinished):
    (WebCore::ServiceWorkerJob::cancelPendingLoad):
    * workers/service/ServiceWorkerJob.h:
    (WebCore::ServiceWorkerJob::hasPromise const):
    (WebCore::ServiceWorkerJob::takePromise):
    * workers/service/ServiceWorkerJobClient.h:
    * workers/service/server/SWServerJobQueue.cpp:
    (WebCore::SWServerJobQueue::scriptFetchFinished):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240727 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-30  Youenn Fablet  <youenn@apple.com>

            Refactor ServiceWorkerJob management by ServiceWorkerContainer to make it more memory safe
            https://bugs.webkit.org/show_bug.cgi?id=193747
            <rdar://problem/47498196>

            Reviewed by Chris Dumez.

            Make ServiceWorkerJob be no longer ref counted.
            Instead its lifetime is fully controlled by ServiceWorkerContainer.

            Make sure that a failing load will remove the job from ServiceWorkerContainer job map.
            This allows to ensure that these jobs do not stay forever.
            Before the patch, the jobs map was never cleared, which is creating a ref cycle whenever a job is not succesful.

            Before the patch, unsetPendingActivity was only called for successful jobs finishing.
            In case of failing loads, ServiceWorkerContainer would leak.
            Make sure that setPendingActivity/unsetPendingActivity is balanced by storing
            a pending activity in the job map next to the job.

            When ServiceWorkerContainer is stopped, notify that all jobs are cancelled to NetworkProcess.
            This makes these jobs in NetworkProcess-side to not stay until the corresponding WebProcess is gone.

            Simplify ServiceWorkerJob promise rejection handling so that it is clear when promise is rejected and when it is not.
            Update type of exception to be SecurityError when load fails due to AccessControl.

            Covered by existing tests.

            * workers/service/ServiceWorkerContainer.cpp:
            (WebCore::ServiceWorkerContainer::addRegistration):
            (WebCore::ServiceWorkerContainer::removeRegistration):
            (WebCore::ServiceWorkerContainer::updateRegistration):
            (WebCore::ServiceWorkerContainer::scheduleJob):
            (WebCore::ServiceWorkerContainer::jobFailedWithException):
            (WebCore::ServiceWorkerContainer::jobResolvedWithRegistration):
            (WebCore::ServiceWorkerContainer::jobResolvedWithUnregistrationResult):
            (WebCore::ServiceWorkerContainer::jobFailedLoadingScript):
            (WebCore::ServiceWorkerContainer::jobDidFinish):
            (WebCore::ServiceWorkerContainer::stop):
            (WebCore::ServiceWorkerContainer::job):
            * workers/service/ServiceWorkerContainer.h:
            * workers/service/ServiceWorkerJob.cpp:
            (WebCore::ServiceWorkerJob::failedWithException):
            (WebCore::ServiceWorkerJob::resolvedWithRegistration):
            (WebCore::ServiceWorkerJob::resolvedWithUnregistrationResult):
            (WebCore::ServiceWorkerJob::startScriptFetch):
            (WebCore::ServiceWorkerJob::didReceiveResponse):
            (WebCore::ServiceWorkerJob::notifyFinished):
            (WebCore::ServiceWorkerJob::cancelPendingLoad):
            * workers/service/ServiceWorkerJob.h:
            (WebCore::ServiceWorkerJob::hasPromise const):
            (WebCore::ServiceWorkerJob::takePromise):
            * workers/service/ServiceWorkerJobClient.h:
            * workers/service/server/SWServerJobQueue.cpp:
            (WebCore::SWServerJobQueue::scriptFetchFinished):

2019-02-05  Alan Coon  <alancoon@apple.com>

        Cherry-pick r240709. rdar://problem/47776349

    AX: Role=switch not returning correct accessibilityValue
    https://bugs.webkit.org/show_bug.cgi?id=194006
    
    Reviewed by Joanmarie Diggs.
    
    Source/WebCore:
    
    Return the toggle state of a role=switch element.
    
    Test: accessibility/ios-simulator/role-switch.html
    
    * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
    (-[WebAccessibilityObjectWrapper accessibilityValue]):
    
    LayoutTests:
    
    * accessibility/ios-simulator/role-switch-expected.txt: Added.
    * accessibility/ios-simulator/role-switch.html: Added.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240709 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-30  Chris Fleizach  <cfleizach@apple.com>

            AX: Role=switch not returning correct accessibilityValue
            https://bugs.webkit.org/show_bug.cgi?id=194006

            Reviewed by Joanmarie Diggs.

            Return the toggle state of a role=switch element.

            Test: accessibility/ios-simulator/role-switch.html

            * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
            (-[WebAccessibilityObjectWrapper accessibilityValue]):

2019-02-05  Alan Coon  <alancoon@apple.com>

        Cherry-pick r240697. rdar://problem/47774541

    Make sure we have a frame before trying to access its loader
    https://bugs.webkit.org/show_bug.cgi?id=193985
    <rdar://problem/47618239>
    
    Reviewed by Ryosuke Niwa.
    
    * loader/ResourceLoadObserver.cpp:
    (WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240697 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-29  Brent Fulgham  <bfulgham@apple.com>

            Make sure we have a frame before trying to access its loader
            https://bugs.webkit.org/show_bug.cgi?id=193985
            <rdar://problem/47618239>

            Reviewed by Ryosuke Niwa.

            * loader/ResourceLoadObserver.cpp:
            (WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution):

2019-02-05  Alan Coon  <alancoon@apple.com>

        Cherry-pick r240643. rdar://problem/47774515

    webkitcurrentplaybacktargetiswirelesschanged and webkitCurrentPlaybackIsWireless are non-deterministic.
    https://bugs.webkit.org/show_bug.cgi?id=193923
    <rdar://problem/45956595>
    
    Reviewed by Eric Carlson.
    
    The value of webkitCurrentPlaybackTargetIsWireless can change in between when the event is scheduled
    and when it's actually dispatched. To make this more deterministic, use a GenericTaskQueue to enqueue
    setting m_isPlayingToWirelessTarget and dispatch the changed event in the same run-loop.
    
    * html/HTMLMediaElement.cpp:
    (WebCore::HTMLMediaElement::clearMediaPlayer):
    (WebCore::HTMLMediaElement::mediaPlayerCurrentPlaybackTargetIsWirelessChanged):
    (WebCore::HTMLMediaElement::setIsPlayingToWirelessTarget):
    (WebCore::HTMLMediaElement::dispatchEvent):
    * html/HTMLMediaElement.h:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240643 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-28  Jer Noble  <jer.noble@apple.com>

            webkitcurrentplaybacktargetiswirelesschanged and webkitCurrentPlaybackIsWireless are non-deterministic.
            https://bugs.webkit.org/show_bug.cgi?id=193923
            <rdar://problem/45956595>

            Reviewed by Eric Carlson.

            The value of webkitCurrentPlaybackTargetIsWireless can change in between when the event is scheduled
            and when it's actually dispatched. To make this more deterministic, use a GenericTaskQueue to enqueue
            setting m_isPlayingToWirelessTarget and dispatch the changed event in the same run-loop.

            * html/HTMLMediaElement.cpp:
            (WebCore::HTMLMediaElement::clearMediaPlayer):
            (WebCore::HTMLMediaElement::mediaPlayerCurrentPlaybackTargetIsWirelessChanged):
            (WebCore::HTMLMediaElement::setIsPlayingToWirelessTarget):
            (WebCore::HTMLMediaElement::dispatchEvent):
            * html/HTMLMediaElement.h:

2019-02-05  Alan Coon  <alancoon@apple.com>

        Cherry-pick r240537. rdar://problem/47774500

    <video> elements not in the DOM should be allowed to AirPlay
    https://bugs.webkit.org/show_bug.cgi?id=193837
    Source/WebCore:
    
    <rdar://42559491>
    
    Reviewed by Eric Carlson.
    
    Test: media/airplay-allows-buffering.html
    
    Some websites will switch between <video> elements backed by MSE to one backed by
    a media file in order to implement an AirPlay control. But when a <video> element is
    removed from the DOM and paused, further buffering is blocked. For some ports (namely
    Cocoa ones), this keeps AirPlay from engaging. Relax this buffering restriction for
    elements who have been asked to play wirelessly, but whose wireless playback has not
    started yet.
    
    * html/MediaElementSession.cpp:
    (WebCore::MediaElementSession::dataBufferingPermitted const):
    (WebCore::MediaElementSession::setShouldPlayToPlaybackTarget):
    
    LayoutTests:
    
    Reviewed by Eric Carlson.
    
    * media/airplay-allows-buffering-expected.txt: Added.
    * media/airplay-allows-buffering.html: Added.
    * platform/ios/TestExpectations:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240537 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-25  Jer Noble  <jer.noble@apple.com>

            <video> elements not in the DOM should be allowed to AirPlay
            https://bugs.webkit.org/show_bug.cgi?id=193837
            <rdar://42559491>

            Reviewed by Eric Carlson.

            Test: media/airplay-allows-buffering.html

            Some websites will switch between <video> elements backed by MSE to one backed by
            a media file in order to implement an AirPlay control. But when a <video> element is
            removed from the DOM and paused, further buffering is blocked. For some ports (namely
            Cocoa ones), this keeps AirPlay from engaging. Relax this buffering restriction for
            elements who have been asked to play wirelessly, but whose wireless playback has not
            started yet.

            * html/MediaElementSession.cpp:
            (WebCore::MediaElementSession::dataBufferingPermitted const):
            (WebCore::MediaElementSession::setShouldPlayToPlaybackTarget):

2019-02-05  Alan Coon  <alancoon@apple.com>

        Cherry-pick r239881. rdar://problem/47776480

    [iOS] Precision drop state thrashes when dragging near the top edge of an editable element
    https://bugs.webkit.org/show_bug.cgi?id=193364
    <rdar://problem/47214117>
    
    Reviewed by Tim Horton.
    
    Source/WebCore:
    
    Add a new helper method on DragCaretController to compute the bounds of the editable element around the drop
    caret position. This is either the enclosing form control (in the case of text fields and text areas), or the
    highest editable root. See WebKit ChangeLog for more details.
    
    Test: DragAndDropTests.AvoidPreciseDropNearTopOfTextArea
    
    * editing/FrameSelection.cpp:
    (WebCore::DragCaretController::editableElementRectInRootViewCoordinates const):
    * editing/FrameSelection.h:
    
    Source/WebKit:
    
    On iOS, marking a UIDropProposal as precise offsets the hit-testing location of the drop by a small distance
    either upwards or downwards from the actual location of the user's finger. When dragging over an editable
    element, WebKit currently marks the drop proposal as precise; however, when dragging over the top edge of an
    editable element, what happens is that the hit-testing location is offset to a location outside of the editable
    element, which causes us to turn off precision drop mode; subsequently, turning off precision drop mode removes
    the offset, which causes us to hit-test within the editable element once again and re-enable precision mode, and
    the cycle continues.
    
    In order to mitigate this, bail out of precision drop mode when dragging near the top or bottom edges of the
    highest editable root that contains the current drop caret position (or, if the drop caret is inside of a text
    form control, use the form control as the editable element instead).
    
    * UIProcess/WebPageProxy.cpp:
    (WebKit::WebPageProxy::didPerformDragControllerAction):
    * UIProcess/WebPageProxy.h:
    (WebKit::WebPageProxy::currentDragCaretEditableElementRect const):
    * UIProcess/WebPageProxy.messages.in:
    * UIProcess/ios/WKContentViewInteraction.mm:
    (-[WKContentView dropInteraction:sessionDidUpdate:]):
    
    Avoid precise mode when we're less than 25pt away from the top and bottom edge of the editable element rect.
    Since the drag location offset amount is a fixed offset in window coordinates, we first convert this minimum
    distance to the content view's coordinate space by dividing by the content scale factor.
    
    * WebProcess/WebPage/WebPage.cpp:
    (WebKit::WebPage::performDragControllerAction):
    
    Tools:
    
    Add a test to verify that dragging near the top of a textarea element does not flag the drop proposal as
    precise, whereas dragging near the middle of the textarea does.
    
    * TestWebKitAPI/Tests/ios/DragAndDropTestsIOS.mm:
    (TestWebKitAPI::TEST):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239881 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-11  Wenson Hsieh  <wenson_hsieh@apple.com>

            [iOS] Precision drop state thrashes when dragging near the top edge of an editable element
            https://bugs.webkit.org/show_bug.cgi?id=193364
            <rdar://problem/47214117>

            Reviewed by Tim Horton.

            Add a new helper method on DragCaretController to compute the bounds of the editable element around the drop
            caret position. This is either the enclosing form control (in the case of text fields and text areas), or the
            highest editable root. See WebKit ChangeLog for more details.

            Test: DragAndDropTests.AvoidPreciseDropNearTopOfTextArea

            * editing/FrameSelection.cpp:
            (WebCore::DragCaretController::editableElementRectInRootViewCoordinates const):
            * editing/FrameSelection.h:

2019-01-30  Babak Shafiei  <bshafiei@apple.com>

        Cherry-pick r240633. rdar://problem/47682687

    [watchOS] Enable Parental Controls content filtering
    https://bugs.webkit.org/show_bug.cgi?id=193939
    <rdar://problem/46641912>
    
    Reviewed by Ryosuke Niwa.
    
    Source/JavaScriptCore:
    
    * Configurations/FeatureDefines.xcconfig:
    
    Source/WebCore:
    
    * Configurations/FeatureDefines.xcconfig:
    
    Source/WebCore/PAL:
    
    * Configurations/FeatureDefines.xcconfig:
    
    Source/WebKit:
    
    * Configurations/FeatureDefines.xcconfig:
    
    Source/WebKitLegacy/mac:
    
    * Configurations/FeatureDefines.xcconfig:
    
    Source/WTF:
    
    * wtf/Platform.h:
    
    Tools:
    
    * TestWebKitAPI/Configurations/FeatureDefines.xcconfig:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240633 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-28  Andy Estes  <aestes@apple.com>

            [watchOS] Enable Parental Controls content filtering
            https://bugs.webkit.org/show_bug.cgi?id=193939
            <rdar://problem/46641912>

            Reviewed by Ryosuke Niwa.

            * Configurations/FeatureDefines.xcconfig:

2019-01-28  Babak Shafiei  <bshafiei@apple.com>

        Cherry-pick r240451. rdar://problem/47586844

    Fix leak of AVSampleBufferRenderSynchronizer boundaryObserver object.
    https://bugs.webkit.org/show_bug.cgi?id=193778
    
    Reviewed by Jon Lee.
    
    * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
    (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::performTaskAtMediaTime):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240451 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-24  Jer Noble  <jer.noble@apple.com>

            Fix leak of AVSampleBufferRenderSynchronizer boundaryObserver object.
            https://bugs.webkit.org/show_bug.cgi?id=193778

            Reviewed by Jon Lee.

            * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
            (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::performTaskAtMediaTime):

2019-01-28  Babak Shafiei  <bshafiei@apple.com>

        Cherry-pick r240450. rdar://problem/47586830

    DidFirstVisuallyNonEmptyLayout milestone should always fire at some point.
    https://bugs.webkit.org/show_bug.cgi?id=193741
    <rdar://problem/47135030>
    
    Reviewed by Antti Koivisto and Simon Fraser.
    
    Source/WebCore:
    
    fireLayoutRelatedMilestonesIfNeeded() is part of the post-layout tasks. In certain cases when
        1. the received data is not "contentful" yet
        2. and we are expecting some more (loading is not complete yet)
        3. but no layout is initiated anymore
    nothing triggers the milestone firing.
    
    This patch ensures that we fire the DidFirstVisuallyNonEmptyLayout when the frame load is complete unless we already did.
    
    * page/FrameView.cpp:
    (WebCore::FrameView::FrameView):
    (WebCore::FrameView::loadProgressingStatusChanged):
    
    Tools:
    
    * TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
    * TestWebKitAPI/Tests/WebKit/LayoutMilestonesWithAllContentInFrame.cpp:
    (TestWebKitAPI::TEST):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240450 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-24  Zalan Bujtas  <zalan@apple.com>

            DidFirstVisuallyNonEmptyLayout milestone should always fire at some point.
            https://bugs.webkit.org/show_bug.cgi?id=193741
            <rdar://problem/47135030>

            Reviewed by Antti Koivisto and Simon Fraser.

            fireLayoutRelatedMilestonesIfNeeded() is part of the post-layout tasks. In certain cases when
                1. the received data is not "contentful" yet
                2. and we are expecting some more (loading is not complete yet)
                3. but no layout is initiated anymore
            nothing triggers the milestone firing.

            This patch ensures that we fire the DidFirstVisuallyNonEmptyLayout when the frame load is complete unless we already did.

            * page/FrameView.cpp:
            (WebCore::FrameView::FrameView):
            (WebCore::FrameView::loadProgressingStatusChanged):

2019-01-19  Youenn Fablet  <youenn@apple.com>

            Cherry-pick r240206. rdar://problem/47357218

        getUserMedia with a deviceId exact constraint with an empty string value should succeed
        https://bugs.webkit.org/show_bug.cgi?id=193541
        <rdar://problem/47357218>

        Reviewed by Eric Carlson.

        If there is a deviceId constraint, remove any empty string from ideal/exact string list.
        This will make the device selection be solely based on other constraints.
        An improvement might be for 'exact' constraint to pick the default device.
        There is currently no such notion of a default device.
        Picking the best fitting device seems a good tradeoff.
        Covered by updated test.

        * platform/mediastream/MediaConstraints.cpp:
        (WebCore::MediaTrackConstraintSetMap::set):
        * platform/mediastream/MediaConstraints.h:
        (WebCore::StringConstraint::removeEmptyStringConstraint):

2019-01-23  Alan Coon  <alancoon@apple.com>

        Cherry-pick r239965. rdar://problem/47295360

    Animation and other code is too aggressive about invalidating layer composition
    https://bugs.webkit.org/show_bug.cgi?id=193343
    
    Reviewed by Antoine Quint.
    
    Source/WebCore:
    
    We used to have the concept of a "SyntheticStyleChange", which was used to trigger
    style updates for animation, and also to get compositing updated.
    
    That morphed into a call to Element::invalidateStyleAndLayerComposition(), which causes
    a style update to result in a "RecompositeLayer" diff, which in turn triggers compositing work,
    and dirties DOM touch event regions (which can be expensive to update).
    
    However, not all the callers of Element::invalidateStyleAndLayerComposition() need to trigger
    compositing, and doing so from animations caused excessive touch event regions on yahoo.com,
    which has several visibility:hidden elements with background-position animation.
    
    So fix callers of invalidateStyleAndLayerComposition() which don't care about compositing to instead
    call just invalidateStyle().
    
    Also fix KeyframeAnimation::animate to correctly return true when animation state changes—it failed to
    do so, because fireAnimationEventsIfNeeded() can run the state machine and change state.
    
    * animation/KeyframeEffect.cpp:
    (WebCore::invalidateElement):
    * page/animation/AnimationBase.cpp:
    (WebCore::AnimationBase::setNeedsStyleRecalc):
    * page/animation/CSSAnimationController.cpp:
    (WebCore::CSSAnimationControllerPrivate::updateAnimations):
    (WebCore::CSSAnimationControllerPrivate::fireEventsAndUpdateStyle):
    (WebCore::CSSAnimationControllerPrivate::pauseAnimationAtTime):
    (WebCore::CSSAnimationControllerPrivate::pauseTransitionAtTime):
    (WebCore::CSSAnimationController::cancelAnimations):
    * page/animation/KeyframeAnimation.cpp:
    (WebCore::KeyframeAnimation::animate):
    * rendering/RenderImage.cpp:
    (WebCore::RenderImage::imageChanged):
    * rendering/RenderLayer.cpp:
    (WebCore::RenderLayer::calculateClipRects const):
    * rendering/svg/SVGResourcesCache.cpp:
    (WebCore::SVGResourcesCache::clientStyleChanged):
    * style/StyleTreeResolver.cpp:
    (WebCore::Style::TreeResolver::createAnimatedElementUpdate):
    * svg/SVGAnimateElementBase.cpp:
    (WebCore::applyCSSPropertyToTarget):
    (WebCore::removeCSSPropertyFromTarget):
    
    LayoutTests:
    
    This test was clobbering the 'box' class on the animating element and therefore making it disappear.
    
    * legacy-animation-engine/compositing/animation/animation-compositing.html:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239965 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-14  Simon Fraser  <simon.fraser@apple.com>

            Animation and other code is too aggressive about invalidating layer composition
            https://bugs.webkit.org/show_bug.cgi?id=193343

            Reviewed by Antoine Quint.

            We used to have the concept of a "SyntheticStyleChange", which was used to trigger
            style updates for animation, and also to get compositing updated.

            That morphed into a call to Element::invalidateStyleAndLayerComposition(), which causes
            a style update to result in a "RecompositeLayer" diff, which in turn triggers compositing work,
            and dirties DOM touch event regions (which can be expensive to update).

            However, not all the callers of Element::invalidateStyleAndLayerComposition() need to trigger
            compositing, and doing so from animations caused excessive touch event regions on yahoo.com,
            which has several visibility:hidden elements with background-position animation.

            So fix callers of invalidateStyleAndLayerComposition() which don't care about compositing to instead
            call just invalidateStyle().

            Also fix KeyframeAnimation::animate to correctly return true when animation state changes—it failed to
            do so, because fireAnimationEventsIfNeeded() can run the state machine and change state.

            * animation/KeyframeEffect.cpp:
            (WebCore::invalidateElement):
            * page/animation/AnimationBase.cpp:
            (WebCore::AnimationBase::setNeedsStyleRecalc):
            * page/animation/CSSAnimationController.cpp:
            (WebCore::CSSAnimationControllerPrivate::updateAnimations):
            (WebCore::CSSAnimationControllerPrivate::fireEventsAndUpdateStyle):
            (WebCore::CSSAnimationControllerPrivate::pauseAnimationAtTime):
            (WebCore::CSSAnimationControllerPrivate::pauseTransitionAtTime):
            (WebCore::CSSAnimationController::cancelAnimations):
            * page/animation/KeyframeAnimation.cpp:
            (WebCore::KeyframeAnimation::animate):
            * rendering/RenderImage.cpp:
            (WebCore::RenderImage::imageChanged):
            * rendering/RenderLayer.cpp:
            (WebCore::RenderLayer::calculateClipRects const):
            * rendering/svg/SVGResourcesCache.cpp:
            (WebCore::SVGResourcesCache::clientStyleChanged):
            * style/StyleTreeResolver.cpp:
            (WebCore::Style::TreeResolver::createAnimatedElementUpdate):
            * svg/SVGAnimateElementBase.cpp:
            (WebCore::applyCSSPropertyToTarget):
            (WebCore::removeCSSPropertyFromTarget):

2019-01-23  Alan Coon  <alancoon@apple.com>

        Cherry-pick r239947. rdar://problem/47295371

    Re-enable ability to build --cloop builds.
    https://bugs.webkit.org/show_bug.cgi?id=192955
    Source/JavaScriptCore:
    
    <rdar://problem/46882363>
    
    Reviewed by Saam barati and Keith Miller.
    
    * Configurations/FeatureDefines.xcconfig:
    
    Source/WebCore:
    
    
    Reviewed by Saam barati and Keith Miller.
    
    * Configurations/FeatureDefines.xcconfig:
    
    Source/WebCore/PAL:
    
    <rdar://problem/46882363>
    
    Reviewed by Saam barati and Keith Miller.
    
    * Configurations/FeatureDefines.xcconfig:
    
    Source/WebKit:
    
    <rdar://problem/46882363>
    
    Reviewed by Saam barati and Keith Miller.
    
    * Configurations/FeatureDefines.xcconfig:
    
    Source/WebKitLegacy/mac:
    
    <rdar://problem/46882363>
    
    Reviewed by Saam barati and Keith Miller.
    
    * Configurations/FeatureDefines.xcconfig:
    
    Tools:
    
    <rdar://problem/46882363>
    
    Reviewed by Saam barati and Keith Miller.
    
    The --cloop build option was being ignored this whole time since r236381.
    This patch makes it possible to build CLoop builds again.
    
    * Scripts/build-jsc:
    * Scripts/webkitperl/FeatureList.pm:
    * TestWebKitAPI/Configurations/FeatureDefines.xcconfig:
    
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239947 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-14  Mark Lam  <mark.lam@apple.com>

            Re-enable ability to build --cloop builds.
            https://bugs.webkit.org/show_bug.cgi?id=192955

            Reviewed by Saam barati and Keith Miller.

            * Configurations/FeatureDefines.xcconfig:

2019-01-23  Alan Coon  <alancoon@apple.com>

        Cherry-pick r239946. rdar://problem/47295375

    https://bugs.webkit.org/show_bug.cgi?id=193403
    <rdar://problem/46750743>
    
    Continue fix in r239711 by using WeakPtr in SourceBufferPrivateAVFObjC.
    
    Reviewed by Eric Carlson.
    
    * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
    * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
    (WebCore::SourceBufferPrivateAVFObjC::setCDMSession):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239946 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-14  Jer Noble  <jer.noble@apple.com>

            https://bugs.webkit.org/show_bug.cgi?id=193403
            <rdar://problem/46750743>

            Continue fix in r239711 by using WeakPtr in SourceBufferPrivateAVFObjC.

            Reviewed by Eric Carlson.

            * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
            * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
            (WebCore::SourceBufferPrivateAVFObjC::setCDMSession):

2019-01-23  Alan Coon  <alancoon@apple.com>

        Cherry-pick r239927. rdar://problem/47295363

    DOMCacheStorage: use-after-move in doSequentialMatch()
    https://bugs.webkit.org/show_bug.cgi?id=193396
    
    Reviewed by Youenn Fablet.
    
    Depending on the platform- and compiler-specific calling conventions,
    the doSequentialMatch() code can move out the Vector<Ref<DOMCache>>
    object into the callback lambda before the DOMCache object at the
    specified index is retrieved for the DOMCache::doMatch() invocation.
    
    This problem is now avoided by retrieving reference to the target
    DOMCache object in an earlier expression.
    
    * Modules/cache/DOMCacheStorage.cpp:
    (WebCore::doSequentialMatch):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239927 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-14  Zan Dobersek  <zdobersek@igalia.com>

            DOMCacheStorage: use-after-move in doSequentialMatch()
            https://bugs.webkit.org/show_bug.cgi?id=193396

            Reviewed by Youenn Fablet.

            Depending on the platform- and compiler-specific calling conventions,
            the doSequentialMatch() code can move out the Vector<Ref<DOMCache>>
            object into the callback lambda before the DOMCache object at the
            specified index is retrieved for the DOMCache::doMatch() invocation.

            This problem is now avoided by retrieving reference to the target
            DOMCache object in an earlier expression.

            * Modules/cache/DOMCacheStorage.cpp:
            (WebCore::doSequentialMatch):

2019-01-23  Alan Coon  <alancoon@apple.com>

        Cherry-pick r239905. rdar://problem/47494732

    Release assert with <img usemap> in shadow tree
    https://bugs.webkit.org/show_bug.cgi?id=193378
    
    Reviewed by Ryosuke Niwa.
    
    Source/WebCore:
    
    When a shadow host that has <img usemap> in the shadow tree is removed from the document, we try
    to remove the map from the scope of the host.
    
    * html/HTMLImageElement.cpp:
    (WebCore::HTMLImageElement::parseAttribute):
    (WebCore::HTMLImageElement::insertedIntoAncestor):
    (WebCore::HTMLImageElement::removedFromAncestor):
    
    Tree scope changes are relevant, not the connection to the document.
    
    LayoutTests:
    
    * fast/shadow-dom/image-map-tree-scope.html:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239905 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-13  Antti Koivisto  <antti@apple.com>

            Release assert with <img usemap> in shadow tree
            https://bugs.webkit.org/show_bug.cgi?id=193378

            Reviewed by Ryosuke Niwa.

            When a shadow host that has <img usemap> in the shadow tree is removed from the document, we try
            to remove the map from the scope of the host.

            * html/HTMLImageElement.cpp:
            (WebCore::HTMLImageElement::parseAttribute):
            (WebCore::HTMLImageElement::insertedIntoAncestor):
            (WebCore::HTMLImageElement::removedFromAncestor):

            Tree scope changes are relevant, not the connection to the document.

2019-01-23  Kocsen Chung  <kocsen_chung@apple.com>

        Revert r238815. rdar://problem/47457960

2019-01-23  Alan Coon  <alancoon@apple.com>

        Cherry-pick r240158. rdar://problem/47458281

    FetchResponse::url should return the empty string for tainted responses
    https://bugs.webkit.org/show_bug.cgi?id=193553
    
    Reviewed by Youenn Fablet.
    
    LayoutTests/imported/w3c:
    
    * web-platform-tests/fetch/api/basic/mode-no-cors.sub.any.js:
    (fetchNoCors):
    
    Source/WebCore:
    
    Check whether the response is tainted in FetchResponse::url, to match
    the behavior described in https://fetch.spec.whatwg.org/#concept-filtered-response-opaque.
    
    * Modules/fetch/FetchResponse.cpp:
    (WebCore::FetchResponse::url const):
    
    LayoutTests:
    
    * http/wpt/fetch/response-opaque-clone.html:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240158 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-18  Ali Juma  <ajuma@chromium.org>

            FetchResponse::url should return the empty string for tainted responses
            https://bugs.webkit.org/show_bug.cgi?id=193553

            Reviewed by Youenn Fablet.

            Check whether the response is tainted in FetchResponse::url, to match
            the behavior described in https://fetch.spec.whatwg.org/#concept-filtered-response-opaque.

            * Modules/fetch/FetchResponse.cpp:
            (WebCore::FetchResponse::url const):

2019-01-23  Alan Coon  <alancoon@apple.com>

        Cherry-pick r240152. rdar://problem/47458242

    A track source should be unmuted whenever reenabled after setDirection changes
    https://bugs.webkit.org/show_bug.cgi?id=193554
    <rdar://problem/47366196>
    
    Reviewed by Eric Carlson.
    
    Source/WebCore:
    
    Ensure that track gets unmuted after being fired as part of track event.
    Test is triggering some existing issues with MediaPlayerPrivateMediaStreamAVFObjC.
    Given the enqueuing of samples happens in a different frame than the thread used to update media stream and the active video track,
    some enqueued samples might not be from the right active video track or there might be no active video track.
    
    Test: webrtc/video-setDirection.html
    
    * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
    (WebCore::LibWebRTCMediaEndpoint::fireTrackEvent):
    * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.h:
    * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
    (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueVideoSample):
    (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::requestNotificationWhenReadyForVideoData):
    
    LayoutTests:
    
    * webrtc/video-setDirection-expected.txt: Added.
    * webrtc/video-setDirection.html: Added.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240152 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-18  Youenn Fablet  <youenn@apple.com>

            A track source should be unmuted whenever reenabled after setDirection changes
            https://bugs.webkit.org/show_bug.cgi?id=193554
            <rdar://problem/47366196>

            Reviewed by Eric Carlson.

            Ensure that track gets unmuted after being fired as part of track event.
            Test is triggering some existing issues with MediaPlayerPrivateMediaStreamAVFObjC.
            Given the enqueuing of samples happens in a different frame than the thread used to update media stream and the active video track,
            some enqueued samples might not be from the right active video track or there might be no active video track.

            Test: webrtc/video-setDirection.html

            * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
            (WebCore::LibWebRTCMediaEndpoint::fireTrackEvent):
            * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.h:
            * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
            (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueVideoSample):
            (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::requestNotificationWhenReadyForVideoData):

2019-01-23  Alan Coon  <alancoon@apple.com>

        Cherry-pick r240122. rdar://problem/47458135

    [Mac] Add a new quirk to HTMLFormControlElement::isMouseFocusable
    https://bugs.webkit.org/show_bug.cgi?id=193478
    <rdar://problem/34368591>
    
    Reviewed by Brent Fulgham.
    
    By default in macOS, submit buttons (controls) are not focusable. WebKit follows this system convention
    as suggested by the spec: https://html.spec.whatwg.org/multipage/interaction.html#focusable-area. This
    is also the convention Firefox respects. However, Chrome doesn't. ceac.state.gov is by far the only
    website that assumes submit buttons are focusable, and will prohibit users from completing immigration
    forms, such as DS160 if buttons are not. To help immigrations, we decide to add a new quirk to
    HTMLFormControlElement::isMouseFocusable such that submit buttons are mouse focusable.
    
    This quirk is for ceac.state.gov specifically, and therefore no tests.
    
    * html/HTMLFormControlElement.cpp:
    (WebCore::HTMLFormControlElement::isMouseFocusable const):
    (WebCore::HTMLFormControlElement::needsSiteSpecificQuirks const):
    * html/HTMLFormControlElement.h:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240122 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-17  Jiewen Tan  <jiewen_tan@apple.com>

            [Mac] Add a new quirk to HTMLFormControlElement::isMouseFocusable
            https://bugs.webkit.org/show_bug.cgi?id=193478
            <rdar://problem/34368591>

            Reviewed by Brent Fulgham.

            By default in macOS, submit buttons (controls) are not focusable. WebKit follows this system convention
            as suggested by the spec: https://html.spec.whatwg.org/multipage/interaction.html#focusable-area. This
            is also the convention Firefox respects. However, Chrome doesn't. ceac.state.gov is by far the only
            website that assumes submit buttons are focusable, and will prohibit users from completing immigration
            forms, such as DS160 if buttons are not. To help immigrations, we decide to add a new quirk to
            HTMLFormControlElement::isMouseFocusable such that submit buttons are mouse focusable.

            This quirk is for ceac.state.gov specifically, and therefore no tests.

            * html/HTMLFormControlElement.cpp:
            (WebCore::HTMLFormControlElement::isMouseFocusable const):
            (WebCore::HTMLFormControlElement::needsSiteSpecificQuirks const):
            * html/HTMLFormControlElement.h:

2019-01-23  Alan Coon  <alancoon@apple.com>

        Cherry-pick r240112. rdar://problem/47458291

    [EME] Remove Amazon Prime Video from quirks list
    https://bugs.webkit.org/show_bug.cgi?id=193514
    rdar://problem/47295330
    
    Reviewed by Jer Noble.
    
    * page/Quirks.cpp:
    (WebCore::Quirks::hasBrokenEncryptedMediaAPISupportQuirk const):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240112 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-17  Jon Lee  <jonlee@apple.com>

            [EME] Remove Amazon Prime Video from quirks list
            https://bugs.webkit.org/show_bug.cgi?id=193514
            rdar://problem/47295330

            Reviewed by Jer Noble.

            * page/Quirks.cpp:
            (WebCore::Quirks::hasBrokenEncryptedMediaAPISupportQuirk const):

2019-01-23  Alan Coon  <alancoon@apple.com>

        Cherry-pick r240049. rdar://problem/47458184

    ServiceWorkerContainer is leaking due to a ref cycle
    https://bugs.webkit.org/show_bug.cgi?id=193462
    <rdar://problem/47026303>
    
    Reviewed by Brady Eidson.
    
    ServiceWorkerContainer keeps a reference to its ready promise.
    The ready promise keeps a ref to its value which is a ServiceWorkerRegistration.
    ServiceWorkerRegistration keeps a ref to ServiceWorkerContainer.
    
    To break the reference cycle, set the ready promise to zero when ServiceWorkerContainer is stopped.
    
    Covered by imported/w3c/web-platform-tests/service-workers/service-worker/ready.https.html no longer leaking.
    
    * workers/service/ServiceWorkerContainer.cpp:
    (WebCore::ServiceWorkerContainer::stop):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240049 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-16  Youenn Fablet  <youenn@apple.com>

            ServiceWorkerContainer is leaking due to a ref cycle
            https://bugs.webkit.org/show_bug.cgi?id=193462
            <rdar://problem/47026303>

            Reviewed by Brady Eidson.

            ServiceWorkerContainer keeps a reference to its ready promise.
            The ready promise keeps a ref to its value which is a ServiceWorkerRegistration.
            ServiceWorkerRegistration keeps a ref to ServiceWorkerContainer.

            To break the reference cycle, set the ready promise to zero when ServiceWorkerContainer is stopped.

            Covered by imported/w3c/web-platform-tests/service-workers/service-worker/ready.https.html no longer leaking.

            * workers/service/ServiceWorkerContainer.cpp:
            (WebCore::ServiceWorkerContainer::stop):

2019-01-23  Alan Coon  <alancoon@apple.com>

        Cherry-pick r240037. rdar://problem/47458128

    Add more assertions to find root cause for release assert hit in StyleResolver
    https://bugs.webkit.org/show_bug.cgi?id=193488
    <rdar://problem/30983040>
    
    Reviewed by Zalan Bujtas.
    
    * css/StyleResolver.cpp:
    (WebCore::StyleResolver::~StyleResolver):
    
    Release assert we are not resolving tree style.
    
    * dom/Document.cpp:
    (WebCore::Document::setIsResolvingTreeStyle):
    * dom/Document.h:
    (WebCore::Document::isResolvingTreeStyle const):
    * style/StyleTreeResolver.cpp:
    (WebCore::Style::TreeResolver::Scope::Scope):
    (WebCore::Style::TreeResolver::Scope::~Scope):
    
    Set isResolvingTreeStyle bit when we have a tree resolver scope.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240037 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-16  Antti Koivisto  <antti@apple.com>

            Add more assertions to find root cause for release assert hit in StyleResolver
            https://bugs.webkit.org/show_bug.cgi?id=193488
            <rdar://problem/30983040>

            Reviewed by Zalan Bujtas.

            * css/StyleResolver.cpp:
            (WebCore::StyleResolver::~StyleResolver):

            Release assert we are not resolving tree style.

            * dom/Document.cpp:
            (WebCore::Document::setIsResolvingTreeStyle):
            * dom/Document.h:
            (WebCore::Document::isResolvingTreeStyle const):
            * style/StyleTreeResolver.cpp:
            (WebCore::Style::TreeResolver::Scope::Scope):
            (WebCore::Style::TreeResolver::Scope::~Scope):

            Set isResolvingTreeStyle bit when we have a tree resolver scope.

2019-01-23  Alan Coon  <alancoon@apple.com>

        Cherry-pick r240000. rdar://problem/47457985

    Correctly handle rotation for local video playback
    https://bugs.webkit.org/show_bug.cgi?id=193412
    
    Reviewed by Eric Carlson.
    
    Update AVVideoCaptureSource to compute the size given to settings after rotating the sample.
    This ensures computing the size of video elements appropriately.
    Also makes sure to notify observers of size change whenever rotation happens as settings() call will provide a different size.
    Covered by manual testing as we do not have yet emulation of local capture with rotation.
    
    * platform/mediastream/RealtimeMediaSource.cpp:
    (WebCore::RealtimeMediaSource::setIntrinsicSize):
    * platform/mediastream/mac/AVVideoCaptureSource.mm:
    (WebCore::AVVideoCaptureSource::settings):
    (WebCore::AVVideoCaptureSource::computeSampleRotation):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240000 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-15  Youenn Fablet  <youenn@apple.com>

            Correctly handle rotation for local video playback
            https://bugs.webkit.org/show_bug.cgi?id=193412

            Reviewed by Eric Carlson.

            Update AVVideoCaptureSource to compute the size given to settings after rotating the sample.
            This ensures computing the size of video elements appropriately.
            Also makes sure to notify observers of size change whenever rotation happens as settings() call will provide a different size.
            Covered by manual testing as we do not have yet emulation of local capture with rotation.

            * platform/mediastream/RealtimeMediaSource.cpp:
            (WebCore::RealtimeMediaSource::setIntrinsicSize):
            * platform/mediastream/mac/AVVideoCaptureSource.mm:
            (WebCore::AVVideoCaptureSource::settings):
            (WebCore::AVVideoCaptureSource::computeSampleRotation):

2019-01-23  Alan Coon  <alancoon@apple.com>

        Cherry-pick r239971. rdar://problem/47458229

    Only run the node comparison code in FrameSelection::respondToNodeModification() for range selections
    https://bugs.webkit.org/show_bug.cgi?id=193416
    
    Reviewed by Wenson Hsieh.
    
    The code inside the m_selection.firstRange() clause needs to only run for non-collapsed selections, and
    it shows up on Speedometer profiles so optimize to only run this code if we have a selection range.
    
    * editing/FrameSelection.cpp:
    (WebCore::FrameSelection::respondToNodeModification):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239971 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-14  Simon Fraser  <simon.fraser@apple.com>

            Only run the node comparison code in FrameSelection::respondToNodeModification() for range selections
            https://bugs.webkit.org/show_bug.cgi?id=193416

            Reviewed by Wenson Hsieh.

            The code inside the m_selection.firstRange() clause needs to only run for non-collapsed selections, and
            it shows up on Speedometer profiles so optimize to only run this code if we have a selection range.

            * editing/FrameSelection.cpp:
            (WebCore::FrameSelection::respondToNodeModification):

2019-01-22  Alan Coon  <alancoon@apple.com>

        Cherry-pick r240046. rdar://problem/47099573

    Regression(PSON) View becomes blank after click a cross-site download link
    https://bugs.webkit.org/show_bug.cgi?id=193361
    <rdar://problem/47099573>
    
    Reviewed by Geoffrey Garen.
    
    Source/WebCore:
    
    * loader/FrameLoader.cpp:
    (WebCore::FrameLoader::commitProvisionalLoad):
    When restoring from PageCache, make sure we notify the client that the load was committed
    *before* we tell it that the navigation is complete. This would confuse the ProvisionalPageProxy
    logic in the UIProcess.
    
    Source/WebKit:
    
    The issue tracked by rdar://problem/47099573 is that a provisional load may get
    canceled (or converted into a download) *after* we've decided to process-swap.
    In such cases, the view should keep displaying the current site and it should
    still be interactive. However, with the previous PSON model, the view (pageProxy)
    would have already swapped to the new process and would end up displaying the
    initially empty document.
    
    To address the issue, this patch introduces the concept of a provisional load
    in the UIProcess, handled by a ProvisionalPageProxy which has its own privisional
    process. The WebPageProxy owns the ProvisionalPageProxy but we do not commit the
    provisional page until after the load was committed in the new process. This means
    that the view / WebPageProxy keeps using the old process and displays the current
    content until a load has committed in the provisional page. If no load commits
    in the provisional process (e.g. because the load is cancelled or converted into
    a download), then we merely destroy the ProvisionalPageProxy and terminate its
    process, without impacting the WebPageProxy.
    
    * Shared/WebPageCreationParameters.cpp:
    (WebKit::WebPageCreationParameters::encode const):
    (WebKit::WebPageCreationParameters::decode):
    * Shared/WebPageCreationParameters.h:
    Rename isSwapFromSuspended to isProcessSwap for clarity as we always want to
    delay attaching the drawing area in case of a process-swap, no matter what
    now that the previous process is kept alive until the provisional load is
    committed in the new process.
    
    * Shared/WebPolicyAction.h:
    Drop Suspend policy action. At decidePolicyForNavigationAction time, in case of
    process-swap, we now tell the previous process to simply ignore the load, while
    we create a ProvisionalPageProxy to do the new load in a new process.
    Suspension of the previous page in the old process, happens later, when a load
    is actually committed in the new process.
    
    * Sources.txt:
    Add new ProvisionalPageProxy file.
    
    * UIProcess/API/Cocoa/WKWebView.mm:
    (-[WKWebView _killWebContentProcessAndResetState]):
    When calling _killWebContentProcessAndResetState on a WKWebView, kill both the current
    process and the provisional one, to maintain previous behavior in our API tests.
    
    * UIProcess/API/gtk/PageClientImpl.cpp:
    (WebKit::PageClientImpl::createDrawingAreaProxy):
    * UIProcess/API/gtk/PageClientImpl.h:
    * UIProcess/API/wpe/PageClientImpl.cpp:
    (WebKit::PageClientImpl::createDrawingAreaProxy):
    * UIProcess/API/wpe/PageClientImpl.h:
    * UIProcess/AcceleratedDrawingAreaProxy.cpp:
    (WebKit::AcceleratedDrawingAreaProxy::AcceleratedDrawingAreaProxy):
    (WebKit::AcceleratedDrawingAreaProxy::didUpdateBackingStoreState):
    (WebKit::AcceleratedDrawingAreaProxy::sendUpdateBackingStoreState):
    (WebKit::AcceleratedDrawingAreaProxy::waitForAndDispatchDidUpdateBackingStoreState):
    (WebKit::AcceleratedDrawingAreaProxy::setNativeSurfaceHandleForCompositing):
    (WebKit::AcceleratedDrawingAreaProxy::destroyNativeSurfaceHandleForCompositing):
    * UIProcess/AcceleratedDrawingAreaProxy.h:
    * UIProcess/Cocoa/WebViewImpl.h:
    * UIProcess/Cocoa/WebViewImpl.mm:
    (WebKit::WebViewImpl::createDrawingAreaProxy):
    * UIProcess/DrawingAreaProxy.cpp:
    (WebKit::DrawingAreaProxy::DrawingAreaProxy):
    (WebKit::DrawingAreaProxy::~DrawingAreaProxy):
    (WebKit::DrawingAreaProxy::viewExposedRectChangedTimerFired):
    * UIProcess/DrawingAreaProxy.h:
    (WebKit::DrawingAreaProxy::process):
    * UIProcess/DrawingAreaProxyImpl.cpp:
    (WebKit::DrawingAreaProxyImpl::DrawingAreaProxyImpl):
    (WebKit::DrawingAreaProxyImpl::update):
    * UIProcess/DrawingAreaProxyImpl.h:
    * UIProcess/PageClient.h:
    * UIProcess/RemoteLayerTree/RemoteLayerTreeDrawingAreaProxy.h:
    * UIProcess/RemoteLayerTree/RemoteLayerTreeDrawingAreaProxy.mm:
    (WebKit::RemoteLayerTreeDrawingAreaProxy::RemoteLayerTreeDrawingAreaProxy):
    (WebKit::RemoteLayerTreeDrawingAreaProxy::~RemoteLayerTreeDrawingAreaProxy):
    (WebKit::RemoteLayerTreeDrawingAreaProxy::deviceScaleFactorDidChange):
    (WebKit::RemoteLayerTreeDrawingAreaProxy::sendUpdateGeometry):
    (WebKit::RemoteLayerTreeDrawingAreaProxy::acceleratedAnimationDidStart):
    (WebKit::RemoteLayerTreeDrawingAreaProxy::acceleratedAnimationDidEnd):
    (WebKit::RemoteLayerTreeDrawingAreaProxy::didRefreshDisplay):
    (WebKit::RemoteLayerTreeDrawingAreaProxy::waitForDidUpdateActivityState):
    (WebKit::RemoteLayerTreeDrawingAreaProxy::dispatchAfterEnsuringDrawing):
    * UIProcess/ios/PageClientImplIOS.h:
    * UIProcess/ios/PageClientImplIOS.mm:
    (WebKit::PageClientImpl::createDrawingAreaProxy):
    * UIProcess/ios/WKContentView.h:
    * UIProcess/ios/WKContentView.mm:
    (-[WKContentView _createDrawingAreaProxy:]):
    * UIProcess/mac/PageClientImplMac.h:
    * UIProcess/mac/PageClientImplMac.mm:
    (WebKit::PageClientImpl::createDrawingAreaProxy):
    * UIProcess/mac/TiledCoreAnimationDrawingAreaProxy.h:
    * UIProcess/mac/TiledCoreAnimationDrawingAreaProxy.mm:
    (WebKit::TiledCoreAnimationDrawingAreaProxy::TiledCoreAnimationDrawingAreaProxy):
    (WebKit::TiledCoreAnimationDrawingAreaProxy::deviceScaleFactorDidChange):
    (WebKit::TiledCoreAnimationDrawingAreaProxy::colorSpaceDidChange):
    (WebKit::TiledCoreAnimationDrawingAreaProxy::waitForDidUpdateActivityState):
    (WebKit::TiledCoreAnimationDrawingAreaProxy::createFence):
    (WebKit::TiledCoreAnimationDrawingAreaProxy::sendUpdateGeometry):
    (WebKit::TiledCoreAnimationDrawingAreaProxy::adjustTransientZoom):
    (WebKit::TiledCoreAnimationDrawingAreaProxy::commitTransientZoom):
    (WebKit::TiledCoreAnimationDrawingAreaProxy::dispatchAfterEnsuringDrawing):
    * UIProcess/mac/WebPageProxyMac.mm:
    * UIProcess/win/PageClientImpl.cpp:
    (WebKit::PageClientImpl::createDrawingAreaProxy):
    * UIProcess/win/PageClientImpl.h:
    * UIProcess/win/PageClientImpl.cpp:
    (WebKit::PageClientImpl::createDrawingAreaProxy):
    * UIProcess/win/PageClientImpl.h:
    * WebProcess/WebPage/mac/TiledCoreAnimationDrawingArea.mm:
    (WebKit::TiledCoreAnimationDrawingArea::TiledCoreAnimationDrawingArea):
    Pass the drawing area's associated process when constructing it and store it as a member
    in addition to the page. This is necessary now that a page can be associated with 2
    WebProcesses at a time, each having its own drawing area.
    
    * UIProcess/Cocoa/WebPageProxyCocoa.mm:
    (WebKit::WebPageProxy::createSandboxExtensionsIfNeeded):
    Pass the process.
    
    * UIProcess/ProvisionalPageProxy.cpp: Added.
    (WebKit::ProvisionalPageProxy::ProvisionalPageProxy):
    (WebKit::ProvisionalPageProxy::~ProvisionalPageProxy):
    (WebKit::ProvisionalPageProxy::processDidTerminate):
    (WebKit::ProvisionalPageProxy::takeDrawingArea):
    (WebKit::ProvisionalPageProxy::cancel):
    (WebKit::ProvisionalPageProxy::processDidFinishLaunching):
    (WebKit::ProvisionalPageProxy::finishInitializingWebPageAfterProcessLaunch):
    (WebKit::ProvisionalPageProxy::initializeWebPage):
    (WebKit::ProvisionalPageProxy::loadData):
    (WebKit::ProvisionalPageProxy::loadRequest):
    (WebKit::ProvisionalPageProxy::goToBackForwardItem):
    (WebKit::ProvisionalPageProxy::didCreateMainFrame):
    (WebKit::ProvisionalPageProxy::didPerformClientRedirect):
    (WebKit::ProvisionalPageProxy::didStartProvisionalLoadForFrame):
    (WebKit::ProvisionalPageProxy::didFailProvisionalLoadForFrame):
    (WebKit::ProvisionalPageProxy::didCommitLoadForFrame):
    (WebKit::ProvisionalPageProxy::didNavigateWithNavigationData):
    (WebKit::ProvisionalPageProxy::didChangeProvisionalURLForFrame):
    (WebKit::ProvisionalPageProxy::decidePolicyForNavigationActionAsync):
    (WebKit::ProvisionalPageProxy::decidePolicyForResponse):
    (WebKit::ProvisionalPageProxy::startURLSchemeTask):
    (WebKit::ProvisionalPageProxy::backForwardGoToItem):
    (WebKit::ProvisionalPageProxy::didReceiveMessage):
    (WebKit::ProvisionalPageProxy::didReceiveSyncMessage):
    * UIProcess/ProvisionalPageProxy.h: Added.
    (WebKit::ProvisionalPageProxy::page):
    (WebKit::ProvisionalPageProxy::mainFrame const):
    (WebKit::ProvisionalPageProxy::process):
    (WebKit::ProvisionalPageProxy::processSwapRequestedByClient const):
    (WebKit::ProvisionalPageProxy::navigationID const):
    (WebKit::ProvisionalPageProxy::drawingArea const):
    New WebPageProxy-like class which is owned by the WebPageProxy and proxies IPC from
    the provisional process.
    
    * UIProcess/SuspendedPageProxy.cpp:
    (WebKit::SuspendedPageProxy::~SuspendedPageProxy):
    (WebKit::SuspendedPageProxy::unsuspend):
    (WebKit::SuspendedPageProxy::didProcessRequestToSuspend):
    Unregister the SuspendedPageProxy as an IPC message receiver a little bit earlier
    when we're going to unsuspend it. This avoids conflicting with the ProvisionalPageProxy
    which tries to register itself as an IPC message receiver for the same pageID when
    a process-swap occurs and we're switching to a suspended page.
    
    * UIProcess/WebFrameProxy.cpp:
    (WebKit::WebFrameProxy::isMainFrame const):
    WebFrameProxy::isMainFrame() relies on checking that the frame is the WebPageProxy's m_mainFrame.
    Now that the WebPageProxy can have a ProvisionalPageProxy, also check if it is the ProvisionalPageProxy's
    m_mainFrame to maintain previous behavior.
    
    * UIProcess/WebPageProxy.cpp:
    (WebKit::WebPageProxy::provisionalDrawingArea const):
    Add getter for the provisional drawing area. We normally only deal with the page's current drawing area, but
    the ViewGestureController needs access to the provisional once to display the swipe gesture snapshot.
    
    (WebKit::WebPageProxy::swapToWebProcess):
    swapToWebProcess() no longer takes care of unsuspending the SuspendedPage because we now call swapToWebProcess()
    later, when a load is actually committed in the provisional page / process. swapToWebProcess() now also needs
    to initialize some data members such as the drawing area and the main frame as it is transferring them over from
    the ProvisionalPageProxy which started the provisional load.
    
    (WebKit::WebPageProxy::finishAttachingToWebProcess):
    We no longer need IsSwapFromSuspended parameter as this is called later now, after a load has actually been
    committed in the provisional process.
    
    (WebKit::WebPageProxy::setDrawingArea):
    (WebKit::WebPageProxy::initializeWebPage):
    - We no longer need IsSwapFromSuspended parameter as this is called later now, after a load has actually been
      committed in the provisional process.
    - Factor some code out to WebPageProxy::setDrawingArea() so that it can be shared with swapToWebProcess().
    
    (WebKit::WebPageProxy::maybeInitializeSandboxExtensionHandle):
    (WebKit::WebPageProxy::loadRequest):
    (WebKit::WebPageProxy::loadRequestWithNavigationShared):
    Only call setPendingAPIRequestURL() in loadRequestWithNavigation() only if ShouldTreatAsContinuingLoad is not
    Yes. This avoids hitting some assertions as this was already called during the first API call if needed.
    
    (WebKit::WebPageProxy::loadData):
    (WebKit::WebPageProxy::loadDataWithNavigationShared):
    (WebKit::WebPageProxy::stopLoading):
    (WebKit::WebPageProxy::reload):
    (WebKit::WebPageProxy::didPerformDragControllerAction):
    (WebKit::WebPageProxy::findPlugin):
    (WebKit::WebPageProxy::receivedNavigationPolicyDecision):
    In case of process swap, tell the previous process to ignore the load instead of suspending it right away.
    Suspension now happens later, only if we end up committing the provisional load in the new process.
    Also discard the SuspendedPage if it failed to suspend (we only reuse its process in this case). This used
    to happen a bit later but it is clearer if we do this as early as possible I think.
    
    (WebKit::WebPageProxy::commitProvisionalPage):
    When the load is committed in the new process, we call WebPageProxy::commitProvisionalPage(). It takes care of:
    - Actually swapping the WebPageProxy to the new process by calling processDidTerminate() / swapToWebProcess().
    - Suspending the current page.
    - Letting the client know the load is comitted
    - Destroy the ProvisionalPageProxy.
    This work used to happen earlier in continueNavigationInNewProcess().
    
    (WebKit::WebPageProxy::continueNavigationInNewProcess):
    Moved some of the logic to commitProvisionalPage(). We now merely start the load in a new ProvisionalPageProxy,
    without actually having the WebPageProxy switch to the new process yet.
    
    (WebKit::WebPageProxy::didCreateMainFrame):
    (WebKit::WebPageProxy::didCreateSubframe):
    (WebKit::WebPageProxy::didCreateWindow):
    Drop some code that is no longer needed, now that the ProvisionalPageProxy takes care of this.
    
    (WebKit::WebPageProxy::didDestroyNavigation):
    On process-swap, when telling the previous process to ignore the load and starting the new load in a new
    ProvisionalPageProxy, the previous WebPage attempts to destroy the navigation. In this case, we ignore
    the call since the navigation is merely taken over by the ProvisionalPageProxy.
    
    (WebKit::WebPageProxy::didStartProvisionalLoadForFrame):
    (WebKit::WebPageProxy::didStartProvisionalLoadForFrameShared):
    Moved some PSON logic to the ProvisionalPageProxy instead.
    
    (WebKit::WebPageProxy::didReceiveServerRedirectForProvisionalLoadForFrame):
    (WebKit::WebPageProxy::didReceiveServerRedirectForProvisionalLoadForFrameShared):
    (WebKit::WebPageProxy::willPerformClientRedirectForFrame):
    (WebKit::WebPageProxy::didCancelClientRedirectForFrame):
    (WebKit::WebPageProxy::didChangeProvisionalURLForFrame):
    (WebKit::WebPageProxy::didChangeProvisionalURLForFrameShared):
    
    (WebKit::WebPageProxy::didFailProvisionalLoadForFrame):
    (WebKit::WebPageProxy::didFailProvisionalLoadForFrameShared):
    When didFailProvisionalLoadForFrame() is called for a ProvisionalPageProxy, destroy it.
    
    (WebKit::WebPageProxy::didCommitLoadForFrame):
    (WebKit::WebPageProxy::didFinishDocumentLoadForFrame):
    (WebKit::WebPageProxy::didFinishLoadForFrame):
    (WebKit::WebPageProxy::didFailLoadForFrame):
    (WebKit::WebPageProxy::didSameDocumentNavigationForFrame):
    (WebKit::WebPageProxy::didReceiveTitleForFrame):
    (WebKit::WebPageProxy::didFirstVisuallyNonEmptyLayoutForFrame):
    (WebKit::WebPageProxy::didDisplayInsecureContentForFrame):
    (WebKit::WebPageProxy::didRunInsecureContentForFrame):
    (WebKit::WebPageProxy::frameDidBecomeFrameSet):
    (WebKit::WebPageProxy::decidePolicyForNavigationActionAsync):
    (WebKit::WebPageProxy::decidePolicyForNavigationActionAsyncShared):
    (WebKit::WebPageProxy::decidePolicyForNavigationAction):
    (WebKit::WebPageProxy::decidePolicyForNavigationActionSync):
    (WebKit::WebPageProxy::decidePolicyForNewWindowAction):
    (WebKit::WebPageProxy::decidePolicyForResponse):
    (WebKit::WebPageProxy::decidePolicyForResponseShared):
    (WebKit::WebPageProxy::unableToImplementPolicy):
    (WebKit::WebPageProxy::willSubmitForm):
    (WebKit::WebPageProxy::didNavigateWithNavigationData):
    (WebKit::WebPageProxy::didNavigateWithNavigationDataShared):
    (WebKit::WebPageProxy::didPerformClientRedirect):
    (WebKit::WebPageProxy::didPerformClientRedirectShared):
    (WebKit::WebPageProxy::didPerformServerRedirect):
    (WebKit::WebPageProxy::didUpdateHistoryTitle):
    (WebKit::WebPageProxy::createNewPage):
    (WebKit::WebPageProxy::runJavaScriptAlert):
    (WebKit::WebPageProxy::runJavaScriptConfirm):
    (WebKit::WebPageProxy::runJavaScriptPrompt):
    (WebKit::WebPageProxy::unavailablePluginButtonClicked):
    (WebKit::WebPageProxy::runBeforeUnloadConfirmPanel):
    (WebKit::WebPageProxy::runOpenPanel):
    (WebKit::WebPageProxy::printFrame):
    (WebKit::WebPageProxy::backForwardGoToItem):
    (WebKit::WebPageProxy::backForwardGoToItemShared):
    (WebKit::WebPageProxy::learnWord):
    (WebKit::WebPageProxy::ignoreWord):
    (WebKit::WebPageProxy::didReceiveEvent):
    (WebKit::WebPageProxy::editingRangeCallback):
    (WebKit::WebPageProxy::rectForCharacterRangeCallback):
    (WebKit::WebPageProxy::focusedFrameChanged):
    (WebKit::WebPageProxy::frameSetLargestFrameChanged):
    
    (WebKit::WebPageProxy::provisionalProcessDidTerminate):
    Cancel the provisiona load and destroy the ProvisionalPageProxy if
    the provisional process crashes.
    
    (WebKit::WebPageProxy::resetState):
    Drop some code that is no longer needed.
    
    (WebKit::WebPageProxy::creationParameters):
    - Move the hasRegisteredServiceWorkers flag initialization from the call site to here now that we have
    more than one call site. This was just some bad factoring.
    - Take the process in parameter now that we page can be associated with several processes at a time.
    
    (WebKit::WebPageProxy::exceededDatabaseQuota):
    (WebKit::WebPageProxy::requestGeolocationPermissionForFrame):
    (WebKit::WebPageProxy::requestUserMediaPermissionForFrame):
    (WebKit::WebPageProxy::enumerateMediaDevicesForFrame):
    (WebKit::WebPageProxy::startURLSchemeTask):
    (WebKit::WebPageProxy::startURLSchemeTaskShared):
    (WebKit::WebPageProxy::stopURLSchemeTask):
    (WebKit::WebPageProxy::loadSynchronousURLSchemeTask):
    (WebKit::WebPageProxy::checkURLReceivedFromCurrentOrPreviousWebProcess):
    (WebKit::WebPageProxy::willAcquireUniversalFileReadSandboxExtension):
    * UIProcess/WebPageProxy.h:
    (WebKit::WebPageProxy::visitedLinkStore):
    (WebKit::WebPageProxy::provisionalPageProxy const):
    
    * UIProcess/WebProcessProxy.cpp:
    (WebKit::WebProcessProxy::hasProvisionalPageWithID const):
    (WebKit::WebProcessProxy::updateBackForwardItem):
    (WebKit::WebProcessProxy::processDidTerminateOrFailedToLaunch):
    (WebKit::WebProcessProxy::didFinishLaunching):
    (WebKit::WebProcessProxy::canTerminateChildProcess):
    * UIProcess/WebProcessProxy.h:
    (WebKit::WebProcessProxy::addProvisionalPageProxy):
    (WebKit::WebProcessProxy::removeProvisionalPageProxy):
    Before updating a BackForwardListItem, we normally make sure the process has a WebPageProxy with the
    item's pageID. We have to tweak the logic because there may now be no WebPageProxy with this pageID
    associated with this process yet, because it is still a ProvisionalPageProxy.
    
    * UIProcess/WebURLSchemeHandler.cpp:
    (WebKit::WebURLSchemeHandler::startTask):
    * UIProcess/WebURLSchemeHandler.h:
    * UIProcess/WebURLSchemeTask.cpp:
    (WebKit::WebURLSchemeTask::create):
    (WebKit::WebURLSchemeTask::WebURLSchemeTask):
    (WebKit::WebURLSchemeTask::didPerformRedirection):
    (WebKit::WebURLSchemeTask::didReceiveResponse):
    (WebKit::WebURLSchemeTask::didReceiveData):
    (WebKit::WebURLSchemeTask::didComplete):
    (WebKit::WebURLSchemeTask::pageDestroyed):
    * UIProcess/WebURLSchemeTask.h:
    Pass the process when constructing a WebURLSchemeTask and store it as a data member in addition to
    the page. This is necessary now that a WebPageProxy can be associated with several WebProcesses.
    
    * UIProcess/ios/ViewGestureControllerIOS.mm:
    (WebKit::ViewGestureController::endSwipeGesture):
    Use the provisional drawing area to display the swipe snapshot as it may differ from the one currently
    associated with the page in case of process swap.
    
    * WebKit.xcodeproj/project.pbxproj:
    Add ProvisionalPageProxy class.
    
    * WebProcess/WebPage/WebFrame.cpp:
    (WebKit::toPolicyAction):
    (WebKit::WebFrame::didReceivePolicyDecision):
    * WebProcess/WebPage/WebPage.cpp:
    (WebKit::m_shouldAttachDrawingAreaOnPageTransition):
    (WebKit::WebPage::reinitializeWebPage):
    (WebKit::WebPage::didReceivePolicyDecision):
    Stop dealing with WebPolicyAction::Suspend as it no longer exists.
    
    (WebKit::WebPage::didCompletePageTransition):
    
    (WebKit::WebPage::setIsSuspended):
    Suspend the Page when setIsSuspended(true) is called, now that there is no longer a WebPolicyAction::Suspend.
    setIsSuspended(true) IPC is sent when we actually commit the provisional page.
    
    * WebProcess/WebPage/WebPage.h:
    
    Tools:
    
    Add API test coverage.
    
    * TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
    (-[PSONNavigationDelegate webView:decidePolicyForNavigationResponse:decisionHandler:]):
    
    LayoutTests:
    
    Skip test testing the cross-process DOMWindow API as I broke it with this patch.
    The feature is far from ready and off by default anyway. I will add support back
    in a follow-up.
    
    * platform/wk2/TestExpectations:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240046 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-16  Chris Dumez  <cdumez@apple.com>

            Regression(PSON) View becomes blank after click a cross-site download link
            https://bugs.webkit.org/show_bug.cgi?id=193361
            <rdar://problem/47099573>

            Reviewed by Geoffrey Garen.

            * loader/FrameLoader.cpp:
            (WebCore::FrameLoader::commitProvisionalLoad):
            When restoring from PageCache, make sure we notify the client that the load was committed
            *before* we tell it that the navigation is complete. This would confuse the ProvisionalPageProxy
            logic in the UIProcess.

2019-01-22  Alan Coon  <alancoon@apple.com>

        Revert r240258. rdar://problem/47099573

2019-01-22  Alan Coon  <alancoon@apple.com>

        Revert r240262. rdar://problem/47099573

2019-01-22  Alan Coon  <alancoon@apple.com>

        Revert r240263. rdar://problem/47099573

2019-01-22  Alan Coon  <alancoon@apple.com>

        Cherry-pick r240046. rdar://problem/47099573

    Regression(PSON) View becomes blank after click a cross-site download link
    https://bugs.webkit.org/show_bug.cgi?id=193361
    <rdar://problem/47099573>
    
    Reviewed by Geoffrey Garen.
    
    Source/WebCore:
    
    * loader/FrameLoader.cpp:
    (WebCore::FrameLoader::commitProvisionalLoad):
    When restoring from PageCache, make sure we notify the client that the load was committed
    *before* we tell it that the navigation is complete. This would confuse the ProvisionalPageProxy
    logic in the UIProcess.
    
    Source/WebKit:
    
    The issue tracked by rdar://problem/47099573 is that a provisional load may get
    canceled (or converted into a download) *after* we've decided to process-swap.
    In such cases, the view should keep displaying the current site and it should
    still be interactive. However, with the previous PSON model, the view (pageProxy)
    would have already swapped to the new process and would end up displaying the
    initially empty document.
    
    To address the issue, this patch introduces the concept of a provisional load
    in the UIProcess, handled by a ProvisionalPageProxy which has its own privisional
    process. The WebPageProxy owns the ProvisionalPageProxy but we do not commit the
    provisional page until after the load was committed in the new process. This means
    that the view / WebPageProxy keeps using the old process and displays the current
    content until a load has committed in the provisional page. If no load commits
    in the provisional process (e.g. because the load is cancelled or converted into
    a download), then we merely destroy the ProvisionalPageProxy and terminate its
    process, without impacting the WebPageProxy.
    
    * Shared/WebPageCreationParameters.cpp:
    (WebKit::WebPageCreationParameters::encode const):
    (WebKit::WebPageCreationParameters::decode):
    * Shared/WebPageCreationParameters.h:
    Rename isSwapFromSuspended to isProcessSwap for clarity as we always want to
    delay attaching the drawing area in case of a process-swap, no matter what
    now that the previous process is kept alive until the provisional load is
    committed in the new process.
    
    * Shared/WebPolicyAction.h:
    Drop Suspend policy action. At decidePolicyForNavigationAction time, in case of
    process-swap, we now tell the previous process to simply ignore the load, while
    we create a ProvisionalPageProxy to do the new load in a new process.
    Suspension of the previous page in the old process, happens later, when a load
    is actually committed in the new process.
    
    * Sources.txt:
    Add new ProvisionalPageProxy file.
    
    * UIProcess/API/Cocoa/WKWebView.mm:
    (-[WKWebView _killWebContentProcessAndResetState]):
    When calling _killWebContentProcessAndResetState on a WKWebView, kill both the current
    process and the provisional one, to maintain previous behavior in our API tests.
    
    * UIProcess/API/gtk/PageClientImpl.cpp:
    (WebKit::PageClientImpl::createDrawingAreaProxy):
    * UIProcess/API/gtk/PageClientImpl.h:
    * UIProcess/API/wpe/PageClientImpl.cpp:
    (WebKit::PageClientImpl::createDrawingAreaProxy):
    * UIProcess/API/wpe/PageClientImpl.h:
    * UIProcess/AcceleratedDrawingAreaProxy.cpp:
    (WebKit::AcceleratedDrawingAreaProxy::AcceleratedDrawingAreaProxy):
    (WebKit::AcceleratedDrawingAreaProxy::didUpdateBackingStoreState):
    (WebKit::AcceleratedDrawingAreaProxy::sendUpdateBackingStoreState):
    (WebKit::AcceleratedDrawingAreaProxy::waitForAndDispatchDidUpdateBackingStoreState):
    (WebKit::AcceleratedDrawingAreaProxy::setNativeSurfaceHandleForCompositing):
    (WebKit::AcceleratedDrawingAreaProxy::destroyNativeSurfaceHandleForCompositing):
    * UIProcess/AcceleratedDrawingAreaProxy.h:
    * UIProcess/Cocoa/WebViewImpl.h:
    * UIProcess/Cocoa/WebViewImpl.mm:
    (WebKit::WebViewImpl::createDrawingAreaProxy):
    * UIProcess/DrawingAreaProxy.cpp:
    (WebKit::DrawingAreaProxy::DrawingAreaProxy):
    (WebKit::DrawingAreaProxy::~DrawingAreaProxy):
    (WebKit::DrawingAreaProxy::viewExposedRectChangedTimerFired):
    * UIProcess/DrawingAreaProxy.h:
    (WebKit::DrawingAreaProxy::process):
    * UIProcess/DrawingAreaProxyImpl.cpp:
    (WebKit::DrawingAreaProxyImpl::DrawingAreaProxyImpl):
    (WebKit::DrawingAreaProxyImpl::update):
    * UIProcess/DrawingAreaProxyImpl.h:
    * UIProcess/PageClient.h:
    * UIProcess/RemoteLayerTree/RemoteLayerTreeDrawingAreaProxy.h:
    * UIProcess/RemoteLayerTree/RemoteLayerTreeDrawingAreaProxy.mm:
    (WebKit::RemoteLayerTreeDrawingAreaProxy::RemoteLayerTreeDrawingAreaProxy):
    (WebKit::RemoteLayerTreeDrawingAreaProxy::~RemoteLayerTreeDrawingAreaProxy):
    (WebKit::RemoteLayerTreeDrawingAreaProxy::deviceScaleFactorDidChange):
    (WebKit::RemoteLayerTreeDrawingAreaProxy::sendUpdateGeometry):
    (WebKit::RemoteLayerTreeDrawingAreaProxy::acceleratedAnimationDidStart):
    (WebKit::RemoteLayerTreeDrawingAreaProxy::acceleratedAnimationDidEnd):
    (WebKit::RemoteLayerTreeDrawingAreaProxy::didRefreshDisplay):
    (WebKit::RemoteLayerTreeDrawingAreaProxy::waitForDidUpdateActivityState):
    (WebKit::RemoteLayerTreeDrawingAreaProxy::dispatchAfterEnsuringDrawing):
    * UIProcess/ios/PageClientImplIOS.h:
    * UIProcess/ios/PageClientImplIOS.mm:
    (WebKit::PageClientImpl::createDrawingAreaProxy):
    * UIProcess/ios/WKContentView.h:
    * UIProcess/ios/WKContentView.mm:
    (-[WKContentView _createDrawingAreaProxy:]):
    * UIProcess/mac/PageClientImplMac.h:
    * UIProcess/mac/PageClientImplMac.mm:
    (WebKit::PageClientImpl::createDrawingAreaProxy):
    * UIProcess/mac/TiledCoreAnimationDrawingAreaProxy.h:
    * UIProcess/mac/TiledCoreAnimationDrawingAreaProxy.mm:
    (WebKit::TiledCoreAnimationDrawingAreaProxy::TiledCoreAnimationDrawingAreaProxy):
    (WebKit::TiledCoreAnimationDrawingAreaProxy::deviceScaleFactorDidChange):
    (WebKit::TiledCoreAnimationDrawingAreaProxy::colorSpaceDidChange):
    (WebKit::TiledCoreAnimationDrawingAreaProxy::waitForDidUpdateActivityState):
    (WebKit::TiledCoreAnimationDrawingAreaProxy::createFence):
    (WebKit::TiledCoreAnimationDrawingAreaProxy::sendUpdateGeometry):
    (WebKit::TiledCoreAnimationDrawingAreaProxy::adjustTransientZoom):
    (WebKit::TiledCoreAnimationDrawingAreaProxy::commitTransientZoom):
    (WebKit::TiledCoreAnimationDrawingAreaProxy::dispatchAfterEnsuringDrawing):
    * UIProcess/mac/WebPageProxyMac.mm:
    * UIProcess/win/PageClientImpl.cpp:
    (WebKit::PageClientImpl::createDrawingAreaProxy):
    * UIProcess/win/PageClientImpl.h:
    * UIProcess/win/PageClientImpl.cpp:
    (WebKit::PageClientImpl::createDrawingAreaProxy):
    * UIProcess/win/PageClientImpl.h:
    * WebProcess/WebPage/mac/TiledCoreAnimationDrawingArea.mm:
    (WebKit::TiledCoreAnimationDrawingArea::TiledCoreAnimationDrawingArea):
    Pass the drawing area's associated process when constructing it and store it as a member
    in addition to the page. This is necessary now that a page can be associated with 2
    WebProcesses at a time, each having its own drawing area.
    
    * UIProcess/Cocoa/WebPageProxyCocoa.mm:
    (WebKit::WebPageProxy::createSandboxExtensionsIfNeeded):
    Pass the process.
    
    * UIProcess/ProvisionalPageProxy.cpp: Added.
    (WebKit::ProvisionalPageProxy::ProvisionalPageProxy):
    (WebKit::ProvisionalPageProxy::~ProvisionalPageProxy):
    (WebKit::ProvisionalPageProxy::processDidTerminate):
    (WebKit::ProvisionalPageProxy::takeDrawingArea):
    (WebKit::ProvisionalPageProxy::cancel):
    (WebKit::ProvisionalPageProxy::processDidFinishLaunching):
    (WebKit::ProvisionalPageProxy::finishInitializingWebPageAfterProcessLaunch):
    (WebKit::ProvisionalPageProxy::initializeWebPage):
    (WebKit::ProvisionalPageProxy::loadData):
    (WebKit::ProvisionalPageProxy::loadRequest):
    (WebKit::ProvisionalPageProxy::goToBackForwardItem):
    (WebKit::ProvisionalPageProxy::didCreateMainFrame):
    (WebKit::ProvisionalPageProxy::didPerformClientRedirect):
    (WebKit::ProvisionalPageProxy::didStartProvisionalLoadForFrame):
    (WebKit::ProvisionalPageProxy::didFailProvisionalLoadForFrame):
    (WebKit::ProvisionalPageProxy::didCommitLoadForFrame):
    (WebKit::ProvisionalPageProxy::didNavigateWithNavigationData):
    (WebKit::ProvisionalPageProxy::didChangeProvisionalURLForFrame):
    (WebKit::ProvisionalPageProxy::decidePolicyForNavigationActionAsync):
    (WebKit::ProvisionalPageProxy::decidePolicyForResponse):
    (WebKit::ProvisionalPageProxy::startURLSchemeTask):
    (WebKit::ProvisionalPageProxy::backForwardGoToItem):
    (WebKit::ProvisionalPageProxy::didReceiveMessage):
    (WebKit::ProvisionalPageProxy::didReceiveSyncMessage):
    * UIProcess/ProvisionalPageProxy.h: Added.
    (WebKit::ProvisionalPageProxy::page):
    (WebKit::ProvisionalPageProxy::mainFrame const):
    (WebKit::ProvisionalPageProxy::process):
    (WebKit::ProvisionalPageProxy::processSwapRequestedByClient const):
    (WebKit::ProvisionalPageProxy::navigationID const):
    (WebKit::ProvisionalPageProxy::drawingArea const):
    New WebPageProxy-like class which is owned by the WebPageProxy and proxies IPC from
    the provisional process.
    
    * UIProcess/SuspendedPageProxy.cpp:
    (WebKit::SuspendedPageProxy::~SuspendedPageProxy):
    (WebKit::SuspendedPageProxy::unsuspend):
    (WebKit::SuspendedPageProxy::didProcessRequestToSuspend):
    Unregister the SuspendedPageProxy as an IPC message receiver a little bit earlier
    when we're going to unsuspend it. This avoids conflicting with the ProvisionalPageProxy
    which tries to register itself as an IPC message receiver for the same pageID when
    a process-swap occurs and we're switching to a suspended page.
    
    * UIProcess/WebFrameProxy.cpp:
    (WebKit::WebFrameProxy::isMainFrame const):
    WebFrameProxy::isMainFrame() relies on checking that the frame is the WebPageProxy's m_mainFrame.
    Now that the WebPageProxy can have a ProvisionalPageProxy, also check if it is the ProvisionalPageProxy's
    m_mainFrame to maintain previous behavior.
    
    * UIProcess/WebPageProxy.cpp:
    (WebKit::WebPageProxy::provisionalDrawingArea const):
    Add getter for the provisional drawing area. We normally only deal with the page's current drawing area, but
    the ViewGestureController needs access to the provisional once to display the swipe gesture snapshot.
    
    (WebKit::WebPageProxy::swapToWebProcess):
    swapToWebProcess() no longer takes care of unsuspending the SuspendedPage because we now call swapToWebProcess()
    later, when a load is actually committed in the provisional page / process. swapToWebProcess() now also needs
    to initialize some data members such as the drawing area and the main frame as it is transferring them over from
    the ProvisionalPageProxy which started the provisional load.
    
    (WebKit::WebPageProxy::finishAttachingToWebProcess):
    We no longer need IsSwapFromSuspended parameter as this is called later now, after a load has actually been
    committed in the provisional process.
    
    (WebKit::WebPageProxy::setDrawingArea):
    (WebKit::WebPageProxy::initializeWebPage):
    - We no longer need IsSwapFromSuspended parameter as this is called later now, after a load has actually been
      committed in the provisional process.
    - Factor some code out to WebPageProxy::setDrawingArea() so that it can be shared with swapToWebProcess().
    
    (WebKit::WebPageProxy::maybeInitializeSandboxExtensionHandle):
    (WebKit::WebPageProxy::loadRequest):
    (WebKit::WebPageProxy::loadRequestWithNavigationShared):
    Only call setPendingAPIRequestURL() in loadRequestWithNavigation() only if ShouldTreatAsContinuingLoad is not
    Yes. This avoids hitting some assertions as this was already called during the first API call if needed.
    
    (WebKit::WebPageProxy::loadData):
    (WebKit::WebPageProxy::loadDataWithNavigationShared):
    (WebKit::WebPageProxy::stopLoading):
    (WebKit::WebPageProxy::reload):
    (WebKit::WebPageProxy::didPerformDragControllerAction):
    (WebKit::WebPageProxy::findPlugin):
    (WebKit::WebPageProxy::receivedNavigationPolicyDecision):
    In case of process swap, tell the previous process to ignore the load instead of suspending it right away.
    Suspension now happens later, only if we end up committing the provisional load in the new process.
    Also discard the SuspendedPage if it failed to suspend (we only reuse its process in this case). This used
    to happen a bit later but it is clearer if we do this as early as possible I think.
    
    (WebKit::WebPageProxy::commitProvisionalPage):
    When the load is committed in the new process, we call WebPageProxy::commitProvisionalPage(). It takes care of:
    - Actually swapping the WebPageProxy to the new process by calling processDidTerminate() / swapToWebProcess().
    - Suspending the current page.
    - Letting the client know the load is comitted
    - Destroy the ProvisionalPageProxy.
    This work used to happen earlier in continueNavigationInNewProcess().
    
    (WebKit::WebPageProxy::continueNavigationInNewProcess):
    Moved some of the logic to commitProvisionalPage(). We now merely start the load in a new ProvisionalPageProxy,
    without actually having the WebPageProxy switch to the new process yet.
    
    (WebKit::WebPageProxy::didCreateMainFrame):
    (WebKit::WebPageProxy::didCreateSubframe):
    (WebKit::WebPageProxy::didCreateWindow):
    Drop some code that is no longer needed, now that the ProvisionalPageProxy takes care of this.
    
    (WebKit::WebPageProxy::didDestroyNavigation):
    On process-swap, when telling the previous process to ignore the load and starting the new load in a new
    ProvisionalPageProxy, the previous WebPage attempts to destroy the navigation. In this case, we ignore
    the call since the navigation is merely taken over by the ProvisionalPageProxy.
    
    (WebKit::WebPageProxy::didStartProvisionalLoadForFrame):
    (WebKit::WebPageProxy::didStartProvisionalLoadForFrameShared):
    Moved some PSON logic to the ProvisionalPageProxy instead.
    
    (WebKit::WebPageProxy::didReceiveServerRedirectForProvisionalLoadForFrame):
    (WebKit::WebPageProxy::didReceiveServerRedirectForProvisionalLoadForFrameShared):
    (WebKit::WebPageProxy::willPerformClientRedirectForFrame):
    (WebKit::WebPageProxy::didCancelClientRedirectForFrame):
    (WebKit::WebPageProxy::didChangeProvisionalURLForFrame):
    (WebKit::WebPageProxy::didChangeProvisionalURLForFrameShared):
    
    (WebKit::WebPageProxy::didFailProvisionalLoadForFrame):
    (WebKit::WebPageProxy::didFailProvisionalLoadForFrameShared):
    When didFailProvisionalLoadForFrame() is called for a ProvisionalPageProxy, destroy it.
    
    (WebKit::WebPageProxy::didCommitLoadForFrame):
    (WebKit::WebPageProxy::didFinishDocumentLoadForFrame):
    (WebKit::WebPageProxy::didFinishLoadForFrame):
    (WebKit::WebPageProxy::didFailLoadForFrame):
    (WebKit::WebPageProxy::didSameDocumentNavigationForFrame):
    (WebKit::WebPageProxy::didReceiveTitleForFrame):
    (WebKit::WebPageProxy::didFirstVisuallyNonEmptyLayoutForFrame):
    (WebKit::WebPageProxy::didDisplayInsecureContentForFrame):
    (WebKit::WebPageProxy::didRunInsecureContentForFrame):
    (WebKit::WebPageProxy::frameDidBecomeFrameSet):
    (WebKit::WebPageProxy::decidePolicyForNavigationActionAsync):
    (WebKit::WebPageProxy::decidePolicyForNavigationActionAsyncShared):
    (WebKit::WebPageProxy::decidePolicyForNavigationAction):
    (WebKit::WebPageProxy::decidePolicyForNavigationActionSync):
    (WebKit::WebPageProxy::decidePolicyForNewWindowAction):
    (WebKit::WebPageProxy::decidePolicyForResponse):
    (WebKit::WebPageProxy::decidePolicyForResponseShared):
    (WebKit::WebPageProxy::unableToImplementPolicy):
    (WebKit::WebPageProxy::willSubmitForm):
    (WebKit::WebPageProxy::didNavigateWithNavigationData):
    (WebKit::WebPageProxy::didNavigateWithNavigationDataShared):
    (WebKit::WebPageProxy::didPerformClientRedirect):
    (WebKit::WebPageProxy::didPerformClientRedirectShared):
    (WebKit::WebPageProxy::didPerformServerRedirect):
    (WebKit::WebPageProxy::didUpdateHistoryTitle):
    (WebKit::WebPageProxy::createNewPage):
    (WebKit::WebPageProxy::runJavaScriptAlert):
    (WebKit::WebPageProxy::runJavaScriptConfirm):
    (WebKit::WebPageProxy::runJavaScriptPrompt):
    (WebKit::WebPageProxy::unavailablePluginButtonClicked):
    (WebKit::WebPageProxy::runBeforeUnloadConfirmPanel):
    (WebKit::WebPageProxy::runOpenPanel):
    (WebKit::WebPageProxy::printFrame):
    (WebKit::WebPageProxy::backForwardGoToItem):
    (WebKit::WebPageProxy::backForwardGoToItemShared):
    (WebKit::WebPageProxy::learnWord):
    (WebKit::WebPageProxy::ignoreWord):
    (WebKit::WebPageProxy::didReceiveEvent):
    (WebKit::WebPageProxy::editingRangeCallback):
    (WebKit::WebPageProxy::rectForCharacterRangeCallback):
    (WebKit::WebPageProxy::focusedFrameChanged):
    (WebKit::WebPageProxy::frameSetLargestFrameChanged):
    
    (WebKit::WebPageProxy::provisionalProcessDidTerminate):
    Cancel the provisiona load and destroy the ProvisionalPageProxy if
    the provisional process crashes.
    
    (WebKit::WebPageProxy::resetState):
    Drop some code that is no longer needed.
    
    (WebKit::WebPageProxy::creationParameters):
    - Move the hasRegisteredServiceWorkers flag initialization from the call site to here now that we have
    more than one call site. This was just some bad factoring.
    - Take the process in parameter now that we page can be associated with several processes at a time.
    
    (WebKit::WebPageProxy::exceededDatabaseQuota):
    (WebKit::WebPageProxy::requestGeolocationPermissionForFrame):
    (WebKit::WebPageProxy::requestUserMediaPermissionForFrame):
    (WebKit::WebPageProxy::enumerateMediaDevicesForFrame):
    (WebKit::WebPageProxy::startURLSchemeTask):
    (WebKit::WebPageProxy::startURLSchemeTaskShared):
    (WebKit::WebPageProxy::stopURLSchemeTask):
    (WebKit::WebPageProxy::loadSynchronousURLSchemeTask):
    (WebKit::WebPageProxy::checkURLReceivedFromCurrentOrPreviousWebProcess):
    (WebKit::WebPageProxy::willAcquireUniversalFileReadSandboxExtension):
    * UIProcess/WebPageProxy.h:
    (WebKit::WebPageProxy::visitedLinkStore):
    (WebKit::WebPageProxy::provisionalPageProxy const):
    
    * UIProcess/WebProcessProxy.cpp:
    (WebKit::WebProcessProxy::hasProvisionalPageWithID const):
    (WebKit::WebProcessProxy::updateBackForwardItem):
    (WebKit::WebProcessProxy::processDidTerminateOrFailedToLaunch):
    (WebKit::WebProcessProxy::didFinishLaunching):
    (WebKit::WebProcessProxy::canTerminateChildProcess):
    * UIProcess/WebProcessProxy.h:
    (WebKit::WebProcessProxy::addProvisionalPageProxy):
    (WebKit::WebProcessProxy::removeProvisionalPageProxy):
    Before updating a BackForwardListItem, we normally make sure the process has a WebPageProxy with the
    item's pageID. We have to tweak the logic because there may now be no WebPageProxy with this pageID
    associated with this process yet, because it is still a ProvisionalPageProxy.
    
    * UIProcess/WebURLSchemeHandler.cpp:
    (WebKit::WebURLSchemeHandler::startTask):
    * UIProcess/WebURLSchemeHandler.h:
    * UIProcess/WebURLSchemeTask.cpp:
    (WebKit::WebURLSchemeTask::create):
    (WebKit::WebURLSchemeTask::WebURLSchemeTask):
    (WebKit::WebURLSchemeTask::didPerformRedirection):
    (WebKit::WebURLSchemeTask::didReceiveResponse):
    (WebKit::WebURLSchemeTask::didReceiveData):
    (WebKit::WebURLSchemeTask::didComplete):
    (WebKit::WebURLSchemeTask::pageDestroyed):
    * UIProcess/WebURLSchemeTask.h:
    Pass the process when constructing a WebURLSchemeTask and store it as a data member in addition to
    the page. This is necessary now that a WebPageProxy can be associated with several WebProcesses.
    
    * UIProcess/ios/ViewGestureControllerIOS.mm:
    (WebKit::ViewGestureController::endSwipeGesture):
    Use the provisional drawing area to display the swipe snapshot as it may differ from the one currently
    associated with the page in case of process swap.
    
    * WebKit.xcodeproj/project.pbxproj:
    Add ProvisionalPageProxy class.
    
    * WebProcess/WebPage/WebFrame.cpp:
    (WebKit::toPolicyAction):
    (WebKit::WebFrame::didReceivePolicyDecision):
    * WebProcess/WebPage/WebPage.cpp:
    (WebKit::m_shouldAttachDrawingAreaOnPageTransition):
    (WebKit::WebPage::reinitializeWebPage):
    (WebKit::WebPage::didReceivePolicyDecision):
    Stop dealing with WebPolicyAction::Suspend as it no longer exists.
    
    (WebKit::WebPage::didCompletePageTransition):
    
    (WebKit::WebPage::setIsSuspended):
    Suspend the Page when setIsSuspended(true) is called, now that there is no longer a WebPolicyAction::Suspend.
    setIsSuspended(true) IPC is sent when we actually commit the provisional page.
    
    * WebProcess/WebPage/WebPage.h:
    
    Tools:
    
    Add API test coverage.
    
    * TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
    (-[PSONNavigationDelegate webView:decidePolicyForNavigationResponse:decisionHandler:]):
    
    LayoutTests:
    
    Skip test testing the cross-process DOMWindow API as I broke it with this patch.
    The feature is far from ready and off by default anyway. I will add support back
    in a follow-up.
    
    * platform/wk2/TestExpectations:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240046 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-16  Chris Dumez  <cdumez@apple.com>

            Regression(PSON) View becomes blank after click a cross-site download link
            https://bugs.webkit.org/show_bug.cgi?id=193361
            <rdar://problem/47099573>

            Reviewed by Geoffrey Garen.

            * loader/FrameLoader.cpp:
            (WebCore::FrameLoader::commitProvisionalLoad):
            When restoring from PageCache, make sure we notify the client that the load was committed
            *before* we tell it that the navigation is complete. This would confuse the ProvisionalPageProxy
            logic in the UIProcess.

2019-01-22  Alan Coon  <alancoon@apple.com>

        Cherry-pick r240015. rdar://problem/47099573

    Unreviewed, rolling out r239993, r239995, r239997, and
    r239999.
    
    Caused assertions under
    ViewGestureController::disconnectFromProcess()
    
    Reverted changesets:
    
    "Regression(PSON) View becomes blank after click a cross-site
    download link"
    https://bugs.webkit.org/show_bug.cgi?id=193361
    https://trac.webkit.org/changeset/239993
    
    "Unreviewed iOS build fix after r239993."
    https://trac.webkit.org/changeset/239995
    
    "Fix iOS build after r239993"
    https://bugs.webkit.org/show_bug.cgi?id=193361
    https://trac.webkit.org/changeset/239997
    
    "Unreviewed, revert part of r239997 as it is not needed to fix
    the build."
    https://trac.webkit.org/changeset/239999
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240015 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-15  Chris Dumez  <cdumez@apple.com>

            Unreviewed, rolling out r239993, r239995, r239997, and
            r239999.

            Caused assertions under
            ViewGestureController::disconnectFromProcess()

            Reverted changesets:

            "Regression(PSON) View becomes blank after click a cross-site
            download link"
            https://bugs.webkit.org/show_bug.cgi?id=193361
            https://trac.webkit.org/changeset/239993

            "Unreviewed iOS build fix after r239993."
            https://trac.webkit.org/changeset/239995

            "Fix iOS build after r239993"
            https://bugs.webkit.org/show_bug.cgi?id=193361
            https://trac.webkit.org/changeset/239997

            "Unreviewed, revert part of r239997 as it is not needed to fix
            the build."
            https://trac.webkit.org/changeset/239999

2019-01-22  Alan Coon  <alancoon@apple.com>

        Cherry-pick r239993. rdar://problem/47099573

    Regression(PSON) View becomes blank after click a cross-site download link
    https://bugs.webkit.org/show_bug.cgi?id=193361
    <rdar://problem/47099573>
    
    Reviewed by Geoff Garen.
    
    Source/WebCore:
    
    * loader/FrameLoader.cpp:
    (WebCore::FrameLoader::commitProvisionalLoad):
    When restoring from PageCache, make sure we notify the client that the load was committed
    *before* we tell it that the navigation is complete. This would confuse the ProvisionalPageProxy
    logic in the UIProcess.
    
    Source/WebKit:
    
    The issue tracked by rdar://problem/47099573 is that a provisional load may get
    canceled (or converted into a download) *after* we've decided to process-swap.
    In such cases, the view should keep displaying the current site and it should
    still be interactive. However, with the previous PSON model, the view (pageProxy)
    would have already swapped to the new process and would end up displaying the
    initially empty document.
    
    To address the issue, this patch introduces the concept of a provisional load
    in the UIProcess, handled by a ProvisionalPageProxy which has its own privisional
    process. The WebPageProxy owns the ProvisionalPageProxy but we do not commit the
    provisional page until after the load was committed in the new process. This means
    that the view / WebPageProxy keeps using the old process and displays the current
    content until a load has committed in the provisional page. If no load commits
    in the provisional process (e.g. because the load is cancelled or converted into
    a download), then we merely destroy the ProvisionalPageProxy and terminate its
    process, without impacting the WebPageProxy.
    
    * Shared/WebPageCreationParameters.cpp:
    (WebKit::WebPageCreationParameters::encode const):
    (WebKit::WebPageCreationParameters::decode):
    * Shared/WebPageCreationParameters.h:
    Rename isSwapFromSuspended to isProcessSwap for clarity as we always want to
    delay attaching the drawing area in case of a process-swap, no matter what
    now that the previous process is kept alive until the provisional load is
    committed in the new process.
    
    * Shared/WebPolicyAction.h:
    Drop Suspend policy action. At decidePolicyForNavigationAction time, in case of
    process-swap, we now tell the previous process to simply ignore the load, while
    we create a ProvisionalPageProxy to do the new load in a new process.
    Suspension of the previous page in the old process, happens later, when a load
    is actually committed in the new process.
    
    * Sources.txt:
    Add new ProvisionalPageProxy file.
    
    * UIProcess/API/Cocoa/WKWebView.mm:
    (-[WKWebView _killWebContentProcessAndResetState]):
    When calling _killWebContentProcessAndResetState on a WKWebView, kill both the current
    process and the provisional one, to maintain previous behavior in our API tests.
    
    * UIProcess/PageClient.h:
    Tiny build fix.
    
    * UIProcess/ProvisionalPageProxy.cpp: Added.
    (WebKit::ProvisionalPageProxy::ProvisionalPageProxy):
    (WebKit::ProvisionalPageProxy::~ProvisionalPageProxy):
    (WebKit::ProvisionalPageProxy::takeDrawingArea):
    (WebKit::ProvisionalPageProxy::cancel):
    (WebKit::ProvisionalPageProxy::initializeWebPage):
    (WebKit::ProvisionalPageProxy::loadDataWithNavigation):
    (WebKit::ProvisionalPageProxy::loadRequestWithNavigation):
    (WebKit::ProvisionalPageProxy::goToBackForwardItem):
    (WebKit::ProvisionalPageProxy::didCreateMainFrame):
    (WebKit::ProvisionalPageProxy::didStartProvisionalLoadForFrame):
    (WebKit::ProvisionalPageProxy::didFailProvisionalLoadForFrame):
    (WebKit::ProvisionalPageProxy::didCommitLoadForFrame):
    (WebKit::ProvisionalPageProxy::didReceiveMessage):
    (WebKit::ProvisionalPageProxy::didReceiveSyncMessage):
    * UIProcess/ProvisionalPageProxy.h: Added.
    (WebKit::ProvisionalPageProxy::page):
    (WebKit::ProvisionalPageProxy::mainFrame const):
    (WebKit::ProvisionalPageProxy::process):
    (WebKit::ProvisionalPageProxy::processSwapRequestedByClient const):
    (WebKit::ProvisionalPageProxy::navigationID const):
    Add new ProvisionalPageProxy class to wrap the provisional load in the new process
    after a swap. The provisional page is owned by the WebPageProxy and we only commit
    the provisional page when the load is committed. Until then, the WebPageProxy keeps
    using the old process and displaying the current content.
    
    * UIProcess/SuspendedPageProxy.cpp:
    (WebKit::SuspendedPageProxy::~SuspendedPageProxy):
    (WebKit::SuspendedPageProxy::unsuspend):
    (WebKit::SuspendedPageProxy::didProcessRequestToSuspend):
    Unregister the SuspendedPageProxy as an IPC message receiver a little bit earlier
    when we're going to unsuspend it. This avoids conflicting with the ProvisionalPageProxy
    which tries to register itself as an IPC message receiver for the same pageID when
    a process-swap occurs and we're switching to a suspended page.
    
    * UIProcess/WebFrameProxy.cpp:
    (WebKit::WebFrameProxy::isMainFrame const):
    WebFrameProxy::isMainFrame() relies on checking that the frame is the WebPageProxy's m_mainFrame.
    Now that the WebPageProxy can have a ProvisionalPageProxy, also check if it is the ProvisionalPageProxy's
    m_mainFrame to maintain previous behavior.
    
    * UIProcess/WebPageProxy.cpp:
    (WebKit::WebPageProxy::swapToWebProcess):
    swapToWebProcess() no longer takes care of unsuspending the SuspendedPage because we now call swapToWebProcess()
    later, when a load is actually committed in the provisional page / process. swapToWebProcess() now also needs
    to initialize some data members such as the drawing area and the main frame as it is transferring them over from
    the ProvisionalPageProxy which started the provisional load.
    
    (WebKit::WebPageProxy::finishAttachingToWebProcess):
    We no longer need IsSwapFromSuspended parameter as this is called later now, after a load has actually been
    committed in the provisional process.
    
    (WebKit::WebPageProxy::initializeWebPage):
    - We no longer need IsSwapFromSuspended parameter as this is called later now, after a load has actually been
      committed in the provisional process.
    - Factor some code out to WebPageProxy::setDrawingArea() so that it can be shared with swapToWebProcess().
    
    (WebKit::WebPageProxy::loadRequestWithNavigation):
    Only call setPendingAPIRequestURL() in loadRequestWithNavigation() only if ShouldTreatAsContinuingLoad is not
    Yes. This avoids hitting some assertions as this was already called during the first API call if needed.
    
    (WebKit::WebPageProxy::receivedNavigationPolicyDecision):
    In case of process swap, tell the previous process to ignore the load instead of suspending it right away.
    Suspension now happens later, only if we end up committing the provisional load in the new process.
    Also discard the SuspendedPage if it failed to suspend (we only reuse its process in this case). This used
    to happen a bit later but it is clearer if we do this as early as possible I think.
    
    (WebKit::WebPageProxy::commitProvisionalPage):
    When the load is committed in the new process, we call WebPageProxy::commitProvisionalPage(). It takes care of:
    - Actually swapping the WebPageProxy to the new process by calling processDidTerminate() / swapToWebProcess().
    - Suspending the current page.
    - Letting the client know the load is comitted
    - Destroy the ProvisionalPageProxy.
    This work used to happen earlier in continueNavigationInNewProcess().
    
    (WebKit::WebPageProxy::continueNavigationInNewProcess):
    Moved some of the logic to commitProvisionalPage(). We now merely start the load in a new ProvisionalPageProxy,
    without actually having the WebPageProxy switch to the new process yet.
    
    (WebKit::WebPageProxy::didCreateMainFrame):
    (WebKit::WebPageProxy::didCreateWindow):
    Drop some code that is no longer needed, now that the ProvisionalPageProxy takes care of this.
    
    (WebKit::WebPageProxy::didDestroyNavigation):
    On process-swap, when telling the previous process to ignore the load and starting the new load in a new
    ProvisionalPageProxy, the previous WebPage attempts to destroy the navigation. In this case, we ignore
    the call since the navigation is merely taken over by the ProvisionalPageProxy.
    
    (WebKit::WebPageProxy::didStartProvisionalLoadForFrame):
    Moved some PSON logic to the ProvisionalPageProxy instead.
    
    (WebKit::WebPageProxy::didFailProvisionalLoadForFrame):
    When didFailProvisionalLoadForFrame() is called for a ProvisionalPageProxy, destroy it.
    
    (WebKit::WebPageProxy::decidePolicyForNavigationActionAsync):
    (WebKit::WebPageProxy::decidePolicyForResponse):
    Capture the process in the lambda, to make sure we send the policy decision to the same process that
    asked for it, so as to not get confused by process swaps.
    
    (WebKit::WebPageProxy::resetState):
    Drop some code that is no longer needed.
    
    (WebKit::WebPageProxy::creationParameters):
    Move the hasRegisteredServiceWorkers flag initialization from the call site to here now that we have
    more than one call site. This was just some bad factoring.
    
    (WebKit::WebPageProxy::PageProcessOverride::PageProcessOverride):
    (WebKit::WebPageProxy::PageProcessOverride::~PageProcessOverride):
    * UIProcess/WebPageProxy.h:
    (WebKit::WebPageProxy::temporarilyOverrideProcess):
    Add utility class to temporarily override the WebPageProxy's m_process with the provisional one when
    the ProvisionalPageProxy interacts with the WebPageProxy.
    
    * UIProcess/WebProcessProxy.cpp:
    (WebKit::WebProcessProxy::hasProvisionalPageWithID const):
    (WebKit::WebProcessProxy::updateBackForwardItem):
    Before updating a BackForwardListItem, we normally make sure the process has a WebPageProxy with the
    item's pageID. We have to tweak the logic because there may now be no WebPageProxy with this pageID
    associated with this process yet, because it is still a ProvisionalPageProxy.
    
    (WebKit::WebProcessProxy::canTerminateChildProcess):
    Do not terminate the WebProcess if there are ProvisionalPageProxy objects using it.
    
    * UIProcess/WebProcessProxy.h:
    (WebKit::WebProcessProxy::addProvisionalPageProxy):
    (WebKit::WebProcessProxy::removeProvisionalPageProxy):
    
    * WebKit.xcodeproj/project.pbxproj:
    
    * WebProcess/WebPage/WebFrame.cpp:
    (WebKit::toPolicyAction):
    (WebKit::WebFrame::didReceivePolicyDecision):
    Stop dealing with WebPolicyAction::Suspend as it no longer exists.
    
    * WebProcess/WebPage/WebPage.cpp:
    (WebKit::WebPage::reinitializeWebPage):
    (WebKit::WebPage::didReceivePolicyDecision):
    
    (WebKit::WebPage::setIsSuspended):
    Suspend the Page when setIsSuspended(true) is called, now that there is no longer a WebPolicyAction::Suspend.
    setIsSuspended(true) IPC is sent when we actually commit the provisional page.
    
    * WebProcess/WebPage/mac/TiledCoreAnimationDrawingArea.mm:
    (WebKit::TiledCoreAnimationDrawingArea::TiledCoreAnimationDrawingArea):
    
    Tools:
    
    Add API test coverage.
    
    * TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
    (-[PSONNavigationDelegate webView:decidePolicyForNavigationResponse:decisionHandler:]):
    
    LayoutTests:
    
    Skip test testing the cross-process DOMWindow API as I broke it with this patch.
    The feature is far from ready and off by default anyway. I will add support back
    in a follow-up.
    
    * platform/wk2/TestExpectations:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239993 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-15  Chris Dumez  <cdumez@apple.com>

            Regression(PSON) View becomes blank after click a cross-site download link
            https://bugs.webkit.org/show_bug.cgi?id=193361
            <rdar://problem/47099573>

            Reviewed by Geoff Garen.

            * loader/FrameLoader.cpp:
            (WebCore::FrameLoader::commitProvisionalLoad):
            When restoring from PageCache, make sure we notify the client that the load was committed
            *before* we tell it that the navigation is complete. This would confuse the ProvisionalPageProxy
            logic in the UIProcess.

2019-01-16  Alan Coon  <alancoon@apple.com>

        Apply patch. rdar://problem/47260377

    Cherry-pick r240039. rdar://problem/47260377
    
        IndexedDB: leak WebIDBConnectionToClient for retain cycle
        https://bugs.webkit.org/show_bug.cgi?id=193097
        <rdar://problem/46899601>
    
        Reviewed by David Kilzer.
    
        Fix API test failure after r239887. After removing the retain cycle, IDBConnectionToClient will no longer live
        forever so make sure it is not destructed before UniqueIDBDatabaseConnection unregisters itself.
    
        * Modules/indexeddb/server/UniqueIDBDatabaseConnection.cpp:
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::UniqueIDBDatabaseConnection):
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::~UniqueIDBDatabaseConnection):
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::fireVersionChangeEvent):
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::didAbortTransaction):
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::didCommitTransaction):
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::didCreateObjectStore):
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::didDeleteObjectStore):
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::didRenameObjectStore):
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::didClearObjectStore):
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::didCreateIndex):
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::didDeleteIndex):
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::didRenameIndex):
        * Modules/indexeddb/server/UniqueIDBDatabaseConnection.h:
    
        git-svn-id: http://svn.webkit.org/repository/webkit/trunk@240039 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-16  David Kilzer  <ddkilzer@apple.com>

            Cherry-pick r240039. rdar://problem/47260377

        2019-01-16  Sihui Liu  <sihui_liu@apple.com>

            IndexedDB: leak WebIDBConnectionToClient for retain cycle
            https://bugs.webkit.org/show_bug.cgi?id=193097
            <rdar://problem/46899601>

            Reviewed by David Kilzer.

            Fix API test failure after r239887. After removing the retain cycle, IDBConnectionToClient will no longer live
            forever so make sure it is not destructed before UniqueIDBDatabaseConnection unregisters itself.

            * Modules/indexeddb/server/UniqueIDBDatabaseConnection.cpp:
            (WebCore::IDBServer::UniqueIDBDatabaseConnection::UniqueIDBDatabaseConnection):
            (WebCore::IDBServer::UniqueIDBDatabaseConnection::~UniqueIDBDatabaseConnection):
            (WebCore::IDBServer::UniqueIDBDatabaseConnection::fireVersionChangeEvent):
            (WebCore::IDBServer::UniqueIDBDatabaseConnection::didAbortTransaction):
            (WebCore::IDBServer::UniqueIDBDatabaseConnection::didCommitTransaction):
            (WebCore::IDBServer::UniqueIDBDatabaseConnection::didCreateObjectStore):
            (WebCore::IDBServer::UniqueIDBDatabaseConnection::didDeleteObjectStore):
            (WebCore::IDBServer::UniqueIDBDatabaseConnection::didRenameObjectStore):
            (WebCore::IDBServer::UniqueIDBDatabaseConnection::didClearObjectStore):
            (WebCore::IDBServer::UniqueIDBDatabaseConnection::didCreateIndex):
            (WebCore::IDBServer::UniqueIDBDatabaseConnection::didDeleteIndex):
            (WebCore::IDBServer::UniqueIDBDatabaseConnection::didRenameIndex):
            * Modules/indexeddb/server/UniqueIDBDatabaseConnection.h:

2019-01-16  Alan Coon  <alancoon@apple.com>

        Apply patch. rdar://problem/47260377

    Cherry-pick r239887. rdar://problem/47260377
    
        IndexedDB: leak WebIDBConnectionToClient for retain cycle
        https://bugs.webkit.org/show_bug.cgi?id=193097
        <rdar://problem/46899601>
    
        Reviewed by Brady Eidson.
    
        Source/WebCore:
    
        Let IDBConnectionToClient hold a WeakPtr of IDBConnectionToClientDelegate.
    
        * Modules/indexeddb/server/IDBConnectionToClient.cpp:
        (WebCore::IDBServer::IDBConnectionToClient::IDBConnectionToClient):
        (WebCore::IDBServer::IDBConnectionToClient::identifier const):
        (WebCore::IDBServer::IDBConnectionToClient::didDeleteDatabase):
        (WebCore::IDBServer::IDBConnectionToClient::didOpenDatabase):
        (WebCore::IDBServer::IDBConnectionToClient::didAbortTransaction):
        (WebCore::IDBServer::IDBConnectionToClient::didCreateObjectStore):
        (WebCore::IDBServer::IDBConnectionToClient::didDeleteObjectStore):
        (WebCore::IDBServer::IDBConnectionToClient::didRenameObjectStore):
        (WebCore::IDBServer::IDBConnectionToClient::didClearObjectStore):
        (WebCore::IDBServer::IDBConnectionToClient::didCreateIndex):
        (WebCore::IDBServer::IDBConnectionToClient::didDeleteIndex):
        (WebCore::IDBServer::IDBConnectionToClient::didRenameIndex):
        (WebCore::IDBServer::IDBConnectionToClient::didPutOrAdd):
        (WebCore::IDBServer::IDBConnectionToClient::didGetRecord):
        (WebCore::IDBServer::IDBConnectionToClient::didGetAllRecords):
        (WebCore::IDBServer::IDBConnectionToClient::didGetCount):
        (WebCore::IDBServer::IDBConnectionToClient::didDeleteRecord):
        (WebCore::IDBServer::IDBConnectionToClient::didOpenCursor):
        (WebCore::IDBServer::IDBConnectionToClient::didIterateCursor):
        (WebCore::IDBServer::IDBConnectionToClient::didCommitTransaction):
        (WebCore::IDBServer::IDBConnectionToClient::fireVersionChangeEvent):
        (WebCore::IDBServer::IDBConnectionToClient::didStartTransaction):
        (WebCore::IDBServer::IDBConnectionToClient::didCloseFromServer):
        (WebCore::IDBServer::IDBConnectionToClient::notifyOpenDBRequestBlocked):
        (WebCore::IDBServer::IDBConnectionToClient::didGetAllDatabaseNames):
        * Modules/indexeddb/server/IDBConnectionToClient.h:
        * Modules/indexeddb/server/IDBConnectionToClientDelegate.h:
    
        Source/WebKit:
    
        Let WebIDBConnectionToClient hold reference to IPC::Connection instead of NetworkConnectionToWebProcess to break
        the cycle.
    
        * NetworkProcess/IndexedDB/WebIDBConnectionToClient.cpp:
        (WebKit::WebIDBConnectionToClient::create):
        (WebKit::WebIDBConnectionToClient::WebIDBConnectionToClient):
        (WebKit::WebIDBConnectionToClient::messageSenderConnection):
        * NetworkProcess/IndexedDB/WebIDBConnectionToClient.h:
        * NetworkProcess/NetworkConnectionToWebProcess.cpp:
        (WebKit::NetworkConnectionToWebProcess::establishIDBConnectionToServer):
    
        git-svn-id: http://svn.webkit.org/repository/webkit/trunk@239887 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-16  David Kilzer  <ddkilzer@apple.com>

            Cherry-pick r239887. rdar://problem/47260377

        2019-01-11  Sihui Liu  <sihui_liu@apple.com>

            IndexedDB: leak WebIDBConnectionToClient for retain cycle
            https://bugs.webkit.org/show_bug.cgi?id=193097
            <rdar://problem/46899601>

            Reviewed by Brady Eidson.

            Let IDBConnectionToClient hold a WeakPtr of IDBConnectionToClientDelegate.

            * Modules/indexeddb/server/IDBConnectionToClient.cpp:
            (WebCore::IDBServer::IDBConnectionToClient::IDBConnectionToClient):
            (WebCore::IDBServer::IDBConnectionToClient::identifier const):
            (WebCore::IDBServer::IDBConnectionToClient::didDeleteDatabase):
            (WebCore::IDBServer::IDBConnectionToClient::didOpenDatabase):
            (WebCore::IDBServer::IDBConnectionToClient::didAbortTransaction):
            (WebCore::IDBServer::IDBConnectionToClient::didCreateObjectStore):
            (WebCore::IDBServer::IDBConnectionToClient::didDeleteObjectStore):
            (WebCore::IDBServer::IDBConnectionToClient::didRenameObjectStore):
            (WebCore::IDBServer::IDBConnectionToClient::didClearObjectStore):
            (WebCore::IDBServer::IDBConnectionToClient::didCreateIndex):
            (WebCore::IDBServer::IDBConnectionToClient::didDeleteIndex):
            (WebCore::IDBServer::IDBConnectionToClient::didRenameIndex):
            (WebCore::IDBServer::IDBConnectionToClient::didPutOrAdd):
            (WebCore::IDBServer::IDBConnectionToClient::didGetRecord):
            (WebCore::IDBServer::IDBConnectionToClient::didGetAllRecords):
            (WebCore::IDBServer::IDBConnectionToClient::didGetCount):
            (WebCore::IDBServer::IDBConnectionToClient::didDeleteRecord):
            (WebCore::IDBServer::IDBConnectionToClient::didOpenCursor):
            (WebCore::IDBServer::IDBConnectionToClient::didIterateCursor):
            (WebCore::IDBServer::IDBConnectionToClient::didCommitTransaction):
            (WebCore::IDBServer::IDBConnectionToClient::fireVersionChangeEvent):
            (WebCore::IDBServer::IDBConnectionToClient::didStartTransaction):
            (WebCore::IDBServer::IDBConnectionToClient::didCloseFromServer):
            (WebCore::IDBServer::IDBConnectionToClient::notifyOpenDBRequestBlocked):
            (WebCore::IDBServer::IDBConnectionToClient::didGetAllDatabaseNames):
            * Modules/indexeddb/server/IDBConnectionToClient.h:
            * Modules/indexeddb/server/IDBConnectionToClientDelegate.h:

2019-01-15  Alan Coon  <alancoon@apple.com>

        Cherry-pick r239904. rdar://problem/4726030

    Have prefers-color-scheme: light always match on macOS versions before Mojave.
    https://bugs.webkit.org/show_bug.cgi?id=191655
    rdar://problem/46074680
    
    Reviewed by Megan Gardner.
    
    Source/JavaScriptCore:
    
    * Configurations/FeatureDefines.xcconfig: ENABLE_DARK_MODE_CSS_macosx for all OS versions.
    
    Source/WebCore:
    
    Tests: css-dark-mode/older-systems/prefers-color-scheme.html
           css-dark-mode/older-systems/supported-color-schemes-css.html
           css-dark-mode/older-systems/supported-color-schemes.html
    
    Use new HAVE(OS_DARK_MODE_SUPPORT) to make it easier to find code.
    Added HAVE(OS_DARK_MODE_SUPPORT) around more bits to make it work on older systems.
    
    * Configurations/FeatureDefines.xcconfig:
    * dom/Document.cpp:
    (WebCore::Document::useDarkAppearance const):
    * inspector/agents/InspectorPageAgent.cpp:
    (WebCore::InspectorPageAgent::enable):
    * page/Page.cpp:
    (WebCore::Page::setUseDarkAppearance):
    (WebCore::Page::useDarkAppearance const):
    (WebCore::Page::setUseDarkAppearanceOverride):
    * platform/mac/LocalDefaultSystemAppearance.h:
    (WebCore::LocalDefaultSystemAppearance::usingDarkAppearance const):
    * platform/mac/LocalDefaultSystemAppearance.mm:
    (WebCore::LocalDefaultSystemAppearance::LocalDefaultSystemAppearance):
    (WebCore::LocalDefaultSystemAppearance::~LocalDefaultSystemAppearance):
    * platform/mac/ScrollAnimatorMac.mm:
    * rendering/RenderThemeMac.mm:
    (-[WebCoreTextFieldCell _adjustedCoreUIDrawOptionsForDrawingBordersOnly:]):
    (-[WebListButtonCell drawWithFrame:inView:]):
    (WebCore::RenderThemeMac::platformInactiveSelectionBackgroundColor const):
    (WebCore::RenderThemeMac::platformInactiveSelectionForegroundColor const):
    (WebCore::RenderThemeMac::platformActiveListBoxSelectionBackgroundColor const):
    (WebCore::RenderThemeMac::platformInactiveListBoxSelectionBackgroundColor const):
    (WebCore::RenderThemeMac::platformInactiveListBoxSelectionForegroundColor const):
    (WebCore::RenderThemeMac::systemColor const):
    
    Source/WebCore/PAL:
    
    * Configurations/FeatureDefines.xcconfig: ENABLE_DARK_MODE_CSS_macosx for all OS versions.
    
    Source/WebKit:
    
    * Configurations/FeatureDefines.xcconfig: ENABLE_DARK_MODE_CSS_macosx for all OS versions.
    * UIProcess/Cocoa/WebViewImpl.mm:
    (WebKit::WebViewImpl::effectiveAppearanceIsDark):
    * UIProcess/RemoteLayerTree/mac/ScrollerMac.mm:
    
    Source/WebKitLegacy/mac:
    
    * Configurations/FeatureDefines.xcconfig: ENABLE_DARK_MODE_CSS_macosx for all OS versions.
    * WebView/WebView.mm:
    (-[WebView _effectiveAppearanceIsDark]):
    
    Source/WTF:
    
    * wtf/Platform.h: Define HAVE_OS_DARK_MODE_SUPPORT on macOS 10.14.
    
    Tools:
    
    * TestWebKitAPI/Configurations/FeatureDefines.xcconfig: ENABLE_DARK_MODE_CSS_macosx for all OS versions.
    * TestWebKitAPI/Tests/WebKit/mac/ForceLightAppearanceInBundle.mm:
    
    LayoutTests:
    
    * css-dark-mode/older-systems/prefers-color-scheme-expected.txt: Added.
    * css-dark-mode/older-systems/prefers-color-scheme.html: Added.
    * css-dark-mode/older-systems/supported-color-schemes-css-expected.txt: Added.
    * css-dark-mode/older-systems/supported-color-schemes-css.html: Added.
    * css-dark-mode/older-systems/supported-color-schemes-expected.txt: Added.
    * css-dark-mode/older-systems/supported-color-schemes.html: Added.
    * platform/mac/TestExpectations:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239904 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-12  Timothy Hatcher  <timothy@apple.com>

            Have prefers-color-scheme: light always match on macOS versions before Mojave.
            https://bugs.webkit.org/show_bug.cgi?id=191655
            rdar://problem/46074680

            Reviewed by Megan Gardner.

            Tests: css-dark-mode/older-systems/prefers-color-scheme.html
                   css-dark-mode/older-systems/supported-color-schemes-css.html
                   css-dark-mode/older-systems/supported-color-schemes.html

            Use new HAVE(OS_DARK_MODE_SUPPORT) to make it easier to find code.
            Added HAVE(OS_DARK_MODE_SUPPORT) around more bits to make it work on older systems.

            * Configurations/FeatureDefines.xcconfig:
            * dom/Document.cpp:
            (WebCore::Document::useDarkAppearance const):
            * inspector/agents/InspectorPageAgent.cpp:
            (WebCore::InspectorPageAgent::enable):
            * page/Page.cpp:
            (WebCore::Page::setUseDarkAppearance):
            (WebCore::Page::useDarkAppearance const):
            (WebCore::Page::setUseDarkAppearanceOverride):
            * platform/mac/LocalDefaultSystemAppearance.h:
            (WebCore::LocalDefaultSystemAppearance::usingDarkAppearance const):
            * platform/mac/LocalDefaultSystemAppearance.mm:
            (WebCore::LocalDefaultSystemAppearance::LocalDefaultSystemAppearance):
            (WebCore::LocalDefaultSystemAppearance::~LocalDefaultSystemAppearance):
            * platform/mac/ScrollAnimatorMac.mm:
            * rendering/RenderThemeMac.mm:
            (-[WebCoreTextFieldCell _adjustedCoreUIDrawOptionsForDrawingBordersOnly:]):
            (-[WebListButtonCell drawWithFrame:inView:]):
            (WebCore::RenderThemeMac::platformInactiveSelectionBackgroundColor const):
            (WebCore::RenderThemeMac::platformInactiveSelectionForegroundColor const):
            (WebCore::RenderThemeMac::platformActiveListBoxSelectionBackgroundColor const):
            (WebCore::RenderThemeMac::platformInactiveListBoxSelectionBackgroundColor const):
            (WebCore::RenderThemeMac::platformInactiveListBoxSelectionForegroundColor const):
            (WebCore::RenderThemeMac::systemColor const):

2019-01-15  Alan Coon  <alancoon@apple.com>

        Cherry-pick r239889. rdar://problem/47260233

    REGRESSION(r239419): Crash in AudioSourceProviderAVFObjC::~AudioSourceProviderAVFObjC()
    https://bugs.webkit.org/show_bug.cgi?id=193342
    <rdar://problem/47119836>
    
    Reviewed by Eric Carlson.
    
    Make the TapStorage used by AudioSourceProviderAVFObjC thread-safe RefCounted.
    
    * platform/graphics/avfoundation/AudioSourceProviderAVFObjC.h:
    * platform/graphics/avfoundation/AudioSourceProviderAVFObjC.mm:
    (WebCore::AudioSourceProviderAVFObjC::initCallback):
    (WebCore::AudioSourceProviderAVFObjC::finalizeCallback):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239889 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-11  Jer Noble  <jer.noble@apple.com>

            REGRESSION(r239419): Crash in AudioSourceProviderAVFObjC::~AudioSourceProviderAVFObjC()
            https://bugs.webkit.org/show_bug.cgi?id=193342
            <rdar://problem/47119836>

            Reviewed by Eric Carlson.

            Make the TapStorage used by AudioSourceProviderAVFObjC thread-safe RefCounted.

            * platform/graphics/avfoundation/AudioSourceProviderAVFObjC.h:
            * platform/graphics/avfoundation/AudioSourceProviderAVFObjC.mm:
            (WebCore::AudioSourceProviderAVFObjC::initCallback):
            (WebCore::AudioSourceProviderAVFObjC::finalizeCallback):

2019-01-15  Alan Coon  <alancoon@apple.com>

        Cherry-pick r239888. rdar://problem/47260286

    Compile out Web API Statistics Collection
    https://bugs.webkit.org/show_bug.cgi?id=193370
    <rdar://problem/45388584>
    
    Reviewed by Brent Fulgham.
    
    Source/JavaScriptCore:
    
    * Configurations/FeatureDefines.xcconfig:
        Defined ENABLE_WEB_API_STATISTICS, off by default.
    
    Source/WebCore:
    
    No new tests. This patch disables functionality. The associated tests
    are skipped.
    
    These functions are now no-ops unless web API statistics is enabled.
    
    * Configurations/FeatureDefines.xcconfig:
    * loader/ResourceLoadObserver.cpp:
    (WebCore::ResourceLoadObserver::logFontLoad):
    (WebCore::ResourceLoadObserver::logCanvasRead):
    (WebCore::ResourceLoadObserver::logCanvasWriteOrMeasure):
    (WebCore::ResourceLoadObserver::logNavigatorAPIAccessed):
    (WebCore::ResourceLoadObserver::logScreenAPIAccessed):
    * loader/ResourceLoadStatistics.cpp:
    (WebCore::ResourceLoadStatistics::encode const):
    (WebCore::ResourceLoadStatistics::decode):
    (WebCore::ResourceLoadStatistics::toString const):
    (WebCore::ResourceLoadStatistics::merge):
    * loader/ResourceLoadStatistics.h:
        The associated struct members are skipped unless web API
        statistics is enabled.
    
    Source/WebCore/PAL:
    
    * Configurations/FeatureDefines.xcconfig:
        Defined ENABLE_WEB_API_STATISTICS, off by default.
    
    Source/WebKit:
    
    * Configurations/FeatureDefines.xcconfig:
        Defined ENABLE_WEB_API_STATISTICS, off by default.
    * Shared/WebCoreArgumentCoders.cpp:
    (IPC::ArgumentCoder<ResourceLoadStatistics>::encode):
        Skipped encoding of web API statistics.
    (IPC::ArgumentCoder<ResourceLoadStatistics>::decode):
        Skipped decoding of web API statistics.
    
    Source/WebKitLegacy/mac:
    
    * Configurations/FeatureDefines.xcconfig:
        Defined ENABLE_WEB_API_STATISTICS, off by default.
    
    Tools:
    
    * TestWebKitAPI/Configurations/FeatureDefines.xcconfig:
        Defined ENABLE_WEB_API_STATISTICS, off by default.
    
    LayoutTests:
    
    * platform/ios-wk2/TestExpectations:
        http/tests/webAPIStatistics skipped.
    * platform/mac-wk2/TestExpectations:
        http/tests/webAPIStatistics skipped.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239888 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-11  John Wilander  <wilander@apple.com>

            Compile out Web API Statistics Collection
            https://bugs.webkit.org/show_bug.cgi?id=193370
            <rdar://problem/45388584>

            Reviewed by Brent Fulgham.

            No new tests. This patch disables functionality. The associated tests
            are skipped.

            These functions are now no-ops unless web API statistics is enabled.

            * Configurations/FeatureDefines.xcconfig:
            * loader/ResourceLoadObserver.cpp:
            (WebCore::ResourceLoadObserver::logFontLoad):
            (WebCore::ResourceLoadObserver::logCanvasRead):
            (WebCore::ResourceLoadObserver::logCanvasWriteOrMeasure):
            (WebCore::ResourceLoadObserver::logNavigatorAPIAccessed):
            (WebCore::ResourceLoadObserver::logScreenAPIAccessed):
            * loader/ResourceLoadStatistics.cpp:
            (WebCore::ResourceLoadStatistics::encode const):
            (WebCore::ResourceLoadStatistics::decode):
            (WebCore::ResourceLoadStatistics::toString const):
            (WebCore::ResourceLoadStatistics::merge):
            * loader/ResourceLoadStatistics.h:
                The associated struct members are skipped unless web API
                statistics is enabled.

2019-01-15  Alan Coon  <alancoon@apple.com>

        Cherry-pick r239880. rdar://problem/47260310

    REGRESSION (PSON): Firefox app lacks Open in New Tab in menu
    https://bugs.webkit.org/show_bug.cgi?id=193366
    <rdar://problem/46097212>
    
    Reviewed by Simon Fraser.
    
    Source/WebCore:
    
    * platform/RuntimeApplicationChecks.h:
    * platform/cocoa/RuntimeApplicationChecksCocoa.mm:
    (WebCore::IOSApplication::isFirefox):
    Add a Firefox Mobile bundle check.
    
    Source/WebKit:
    
    A pair of unrelated changes broke Firefox's use of WKWebView internals
    to override the long-press menu. Maintain binary compatibility by
    introducing linked-on-or-after checks.
    
    * UIProcess/Cocoa/VersionChecks.h:
    * UIProcess/WebProcessPool.cpp:
    (WebKit::WebProcessPool::createWebPage):
    Disable PSON in Firefox when linked against an SDK where PSON wasn't enabled by default.
    Because gestures are very stateful, we always swap them out when swapping
    processes (changing that behavior is fairly risky). Also, we don't always
    inform the client when we swap processes (only when the process actually crashes),
    so they currently don't re-adjust the gesture recognizers when a PSON swap occurs.
    
    * UIProcess/ios/WKContentView.mm:
    (-[WKContentView _commonInitializationWithProcessPool:configuration:]):
    Synchronously install gesture recognizers under -init when linked against
    an SDK before the version that introduces lazy gesture recognizer installation.
    r237331 is an optimization that made us lazily install gestures when the
    view is parented, but Firefox (and potentially other clients) depend
    on them being installed synchronously in order to find and override them.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239880 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-11  Tim Horton  <timothy_horton@apple.com>

            REGRESSION (PSON): Firefox app lacks Open in New Tab in menu
            https://bugs.webkit.org/show_bug.cgi?id=193366
            <rdar://problem/46097212>

            Reviewed by Simon Fraser.

            * platform/RuntimeApplicationChecks.h:
            * platform/cocoa/RuntimeApplicationChecksCocoa.mm:
            (WebCore::IOSApplication::isFirefox):
            Add a Firefox Mobile bundle check.

2019-01-15  Alan Coon  <alancoon@apple.com>

        Cherry-pick r239877. rdar://problem/47260302

    Release assert when removing element with a map element in the shadow tree
    https://bugs.webkit.org/show_bug.cgi?id=193351
    <rdar://problem/47208807>
    
    Reviewed by Ryosuke Niwa.
    
    Source/WebCore:
    
    When a shadow host that has a map element in the shadow tree is removed from the document, we try
    to remove the map from the scope of the host.
    
    Test: fast/shadow-dom/image-map-tree-scope.html
    
    * html/HTMLMapElement.cpp:
    (WebCore::HTMLMapElement::insertedIntoAncestor):
    (WebCore::HTMLMapElement::removedFromAncestor):
    
    Add and remove image maps when the scope changes, not when the document changes.
    This matches how id/name/etc updates work in the HTMLElement.
    
    LayoutTests:
    
    * fast/shadow-dom/image-map-tree-scope-expected.txt: Added.
    * fast/shadow-dom/image-map-tree-scope.html: Added.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239877 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-11  Antti Koivisto  <antti@apple.com>

            Release assert when removing element with a map element in the shadow tree
            https://bugs.webkit.org/show_bug.cgi?id=193351
            <rdar://problem/47208807>

            Reviewed by Ryosuke Niwa.

            When a shadow host that has a map element in the shadow tree is removed from the document, we try
            to remove the map from the scope of the host.

            Test: fast/shadow-dom/image-map-tree-scope.html

            * html/HTMLMapElement.cpp:
            (WebCore::HTMLMapElement::insertedIntoAncestor):
            (WebCore::HTMLMapElement::removedFromAncestor):

            Add and remove image maps when the scope changes, not when the document changes.
            This matches how id/name/etc updates work in the HTMLElement.

2019-01-15  Alan Coon  <alancoon@apple.com>

        Cherry-pick r239865. rdar://problem/47260332

    IndexedDB: leak IDBTransaction, TransactionOperation and IDBRequest in layout tests
    https://bugs.webkit.org/show_bug.cgi?id=193167
    <rdar://problem/46891688>
    
    Reviewed by Geoffrey Garen.
    
    Do some cleanup to break retain cycle when context is stopped.
    
    * Modules/indexeddb/IDBOpenDBRequest.cpp:
    (WebCore::IDBOpenDBRequest::cancelForStop):
    * Modules/indexeddb/IDBTransaction.cpp:
    (WebCore::IDBTransaction::abortOnServerAndCancelRequests):
    (WebCore::IDBTransaction::stop):
    (WebCore::IDBTransaction::removeRequest):
    * Modules/indexeddb/client/TransactionOperation.h:
    (WebCore::IDBClient::TransactionOperation::doComplete):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239865 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-11  Sihui Liu  <sihui_liu@apple.com>

            IndexedDB: leak IDBTransaction, TransactionOperation and IDBRequest in layout tests
            https://bugs.webkit.org/show_bug.cgi?id=193167
            <rdar://problem/46891688>

            Reviewed by Geoffrey Garen.

            Do some cleanup to break retain cycle when context is stopped.

            * Modules/indexeddb/IDBOpenDBRequest.cpp:
            (WebCore::IDBOpenDBRequest::cancelForStop):
            * Modules/indexeddb/IDBTransaction.cpp:
            (WebCore::IDBTransaction::abortOnServerAndCancelRequests):
            (WebCore::IDBTransaction::stop):
            (WebCore::IDBTransaction::removeRequest):
            * Modules/indexeddb/client/TransactionOperation.h:
            (WebCore::IDBClient::TransactionOperation::doComplete):

2019-01-15  Alan Coon  <alancoon@apple.com>

        Cherry-pick r239857. rdar://problem/47260358

    <video> elements do not enter 'paused' state when playing to end over AirPlay
    https://bugs.webkit.org/show_bug.cgi?id=193295
    <rdar://problem/46708670>
    
    Reviewed by Eric Carlson.
    
    Adopt the -[AVPlayer timeControlStatus] API, which reports whether the AVPlayer is paused, playing, or blocked waiting
    for more data before playing. AirPlay devices report this state back from the remote device, and this allows the
    MediaPlayerPrivateAVFoundationObjC to differentiate between user-generated pauses and simple stalling.
    
    Adopting this API allows us to remove the heuristic from rateChanged() which inteprets a rate change when the
    readyState > HAVE_ENOUGH as an intentional pause.
    
    Drive-by fix: MediaPlayerPrivateAVFoundation had some code to delay calling platformPlay()
    until the first frame became available. But this code was entirely undermined by the previous
    behavior of setRate(). Fixing setRate()/setRateDouble() to only start playback if playback was
    actually requested started making this code work for the first time, and broke some API tests.
    Thus, we're removing this previously dead code.
    
    * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
    (WebCore::MediaPlayerPrivateAVFoundation::MediaPlayerPrivateAVFoundation):
    (WebCore::MediaPlayerPrivateAVFoundation::play):
    (WebCore::MediaPlayerPrivateAVFoundation::pause):
    (WebCore::MediaPlayerPrivateAVFoundation::rateChanged):
    (WebCore::MediaPlayerPrivateAVFoundation::updateStates):
    * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
    * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
    * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
    (WebCore::MediaPlayerPrivateAVFoundationObjC::cancelLoad):
    (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayer):
    (WebCore::MediaPlayerPrivateAVFoundationObjC::didEnd):
    (WebCore::MediaPlayerPrivateAVFoundationObjC::platformPlay):
    (WebCore::MediaPlayerPrivateAVFoundationObjC::platformPause):
    (WebCore::MediaPlayerPrivateAVFoundationObjC::seekToTime):
    (WebCore::MediaPlayerPrivateAVFoundationObjC::setRateDouble):
    (WebCore::MediaPlayerPrivateAVFoundationObjC::setPlayerRate):
    (WebCore::MediaPlayerPrivateAVFoundationObjC::timeControlStatusDidChange):
    (WebCore::MediaPlayerPrivateAVFoundationObjC::setShouldObserveTimeControlStatus):
    (-[WebCoreAVFMovieObserver observeValueForKeyPath:ofObject:change:context:]):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239857 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-10  Jer Noble  <jer.noble@apple.com>

            <video> elements do not enter 'paused' state when playing to end over AirPlay
            https://bugs.webkit.org/show_bug.cgi?id=193295
            <rdar://problem/46708670>

            Reviewed by Eric Carlson.

            Adopt the -[AVPlayer timeControlStatus] API, which reports whether the AVPlayer is paused, playing, or blocked waiting
            for more data before playing. AirPlay devices report this state back from the remote device, and this allows the
            MediaPlayerPrivateAVFoundationObjC to differentiate between user-generated pauses and simple stalling.

            Adopting this API allows us to remove the heuristic from rateChanged() which inteprets a rate change when the
            readyState > HAVE_ENOUGH as an intentional pause.

            Drive-by fix: MediaPlayerPrivateAVFoundation had some code to delay calling platformPlay()
            until the first frame became available. But this code was entirely undermined by the previous
            behavior of setRate(). Fixing setRate()/setRateDouble() to only start playback if playback was
            actually requested started making this code work for the first time, and broke some API tests.
            Thus, we're removing this previously dead code.

            * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
            (WebCore::MediaPlayerPrivateAVFoundation::MediaPlayerPrivateAVFoundation):
            (WebCore::MediaPlayerPrivateAVFoundation::play):
            (WebCore::MediaPlayerPrivateAVFoundation::pause):
            (WebCore::MediaPlayerPrivateAVFoundation::rateChanged):
            (WebCore::MediaPlayerPrivateAVFoundation::updateStates):
            * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
            * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
            * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
            (WebCore::MediaPlayerPrivateAVFoundationObjC::cancelLoad):
            (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayer):
            (WebCore::MediaPlayerPrivateAVFoundationObjC::didEnd):
            (WebCore::MediaPlayerPrivateAVFoundationObjC::platformPlay):
            (WebCore::MediaPlayerPrivateAVFoundationObjC::platformPause):
            (WebCore::MediaPlayerPrivateAVFoundationObjC::seekToTime):
            (WebCore::MediaPlayerPrivateAVFoundationObjC::setRateDouble):
            (WebCore::MediaPlayerPrivateAVFoundationObjC::setPlayerRate):
            (WebCore::MediaPlayerPrivateAVFoundationObjC::timeControlStatusDidChange):
            (WebCore::MediaPlayerPrivateAVFoundationObjC::setShouldObserveTimeControlStatus):
            (-[WebCoreAVFMovieObserver observeValueForKeyPath:ofObject:change:context:]):

2019-01-15  Alan Coon  <alancoon@apple.com>

        Cherry-pick r239847. rdar://problem/47260246

    Fix rare crash under ScrollbarThemeMac::paintScrollCorner()
    https://bugs.webkit.org/show_bug.cgi?id=193337
    rdar://problem/47179993
    
    Reviewed by Zalan Bujtas.
    
    Async image decoding can trigger a FrameView::traverseForPaintInvalidation() fake paint,
    which creates a GraphicsContext with no platform context. However, we could hit ScrollView::paintScrollbars()
    which tried to get at the platform context, and then crashed.
    
    So protect two functions in ScrollbarThemeMac with if (context.paintingDisabled()) checks. I verified
    that other scrollbar-related painting code paths were already protected.
    
    Hard to test because it depends on async image decoding timing.
    
    * platform/mac/ScrollbarThemeMac.mm:
    (WebCore::ScrollbarThemeMac::paint):
    (WebCore::ScrollbarThemeMac::paintScrollCorner):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239847 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-10  Simon Fraser  <simon.fraser@apple.com>

            Fix rare crash under ScrollbarThemeMac::paintScrollCorner()
            https://bugs.webkit.org/show_bug.cgi?id=193337
            rdar://problem/47179993

            Reviewed by Zalan Bujtas.

            Async image decoding can trigger a FrameView::traverseForPaintInvalidation() fake paint,
            which creates a GraphicsContext with no platform context. However, we could hit ScrollView::paintScrollbars()
            which tried to get at the platform context, and then crashed.

            So protect two functions in ScrollbarThemeMac with if (context.paintingDisabled()) checks. I verified
            that other scrollbar-related painting code paths were already protected.

            Hard to test because it depends on async image decoding timing.

            * platform/mac/ScrollbarThemeMac.mm:
            (WebCore::ScrollbarThemeMac::paint):
            (WebCore::ScrollbarThemeMac::paintScrollCorner):

2019-01-15  Alan Coon  <alancoon@apple.com>

        Cherry-pick r239833. rdar://problem/47260274

    Safari Crashing in Version 12.0.1 (14606.2.104.1.1) WebCore::GraphicsLayerCA::updateBackdropFilters
    https://bugs.webkit.org/show_bug.cgi?id=193309
    <rdar://problem/45279224>
    
    Reviewed by Antoine Quint.
    
    A speculative fix for a CheckedArithmetic crash triggered in updateBackdropFilters.
    
    The crash log indicates we crash in a Checked<> class that is not recording
    overflow i.e. it is crashing due to an overflow. The only place in this function
    where that could happen is when we convert the FloatRect for the backdrop
    region into a Checked<unsigned> for width and height. This suggests that either
    the width or height are negative, or the float values are too large for integers,
    or the product of the two overflows.
    
    Avoid this by using RecordOverflow, but also changing the code a little to
    bail if the rectangle is incorrect.
    
    * platform/graphics/ca/GraphicsLayerCA.cpp:
    (WebCore::GraphicsLayerCA::updateBackdropFilters):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239833 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-09  Dean Jackson  <dino@apple.com>

            Safari Crashing in Version 12.0.1 (14606.2.104.1.1) WebCore::GraphicsLayerCA::updateBackdropFilters
            https://bugs.webkit.org/show_bug.cgi?id=193309
            <rdar://problem/45279224>

            Reviewed by Antoine Quint.

            A speculative fix for a CheckedArithmetic crash triggered in updateBackdropFilters.

            The crash log indicates we crash in a Checked<> class that is not recording
            overflow i.e. it is crashing due to an overflow. The only place in this function
            where that could happen is when we convert the FloatRect for the backdrop
            region into a Checked<unsigned> for width and height. This suggests that either
            the width or height are negative, or the float values are too large for integers,
            or the product of the two overflows.

            Avoid this by using RecordOverflow, but also changing the code a little to
            bail if the rectangle is incorrect.

            * platform/graphics/ca/GraphicsLayerCA.cpp:
            (WebCore::GraphicsLayerCA::updateBackdropFilters):

2019-01-15  Alan Coon  <alancoon@apple.com>

        Cherry-pick r239814. rdar://problem/47260367

    ThreadTimers should not store a raw pointer in its heap
    https://bugs.webkit.org/show_bug.cgi?id=192975
    <rdar://problem/46893946>
    
    Reviewed by Geoffrey Garen.
    
    Right now, ThreadTimers's heap data structure stores a raw pointer to TimerBase. In order to harden the timer code,
    this patch replaces it with ThreadTimerHeapItem, a newly introduced struct, which effectively acks like
    WeakReference<TimerBase*> as the timer heap and TimerBase both store RefPtr to it, and TimerBase's destructor clears
    the raw pointer back to TimerBase*.
    
    This approach was taken instead of an out-right adoptation of WeakPtr since the heap data structure requires each node
    in the heap to have a fixed "priority" yet WeakPtr with no valid pointer back to TimerBase would effectively lose its
    "priority" thereby corrupting the heap data structure. That is, each item in the heap must remember its fire time and
    insertion order even when the underlying TimerBase had gone away (this should never happen but the whole point of this
    hardening is to make it work even in the precense of such a bug).
    
    This patch also moves the heap index in TimerBase to ThreadTimerHeapItem, and replaces the pointer to the heap vector
    in TimerBase by a reference to ThreadTimers in ThreadTimerHeapItem. Note that ThreadTimers is a per-thread singleton.
    
    The correctness of this hardening was tested by commenting out the call to stop() and !isInHeap() assertion in
    TimerBase::~TimerBase() as well as the !isInHeap() assertion in ThreadTimerHeapItem::clearTimer() and observing that
    layout tests run successfully without hitting any debug assertions.
    
    No new tests since there should be no observable behavior difference.
    
    * WebCore.xcodeproj/project.pbxproj: Export ThreadTimers.h as a private header since it's now included in Timer.h
    * platform/ThreadTimers.cpp:
    (WebCore::ThreadTimers::updateSharedTimer): Delete ThreadTimerHeapItem's with nullptr TimerBase* (TimerBase had
    already been deleted). This should only happen when TimerBase's destructor failed to remove itself from the timer heap,
    which should never happen.
    (WebCore::ThreadTimers::sharedTimerFiredInternal): Ditto. Also removed the redundant code which had removed the timer
    from the heap since setNextFireTime does the removal already.
    * platform/ThreadTimers.h: Outdented the whole file.
    (WebCore::ThreadTimers::timerHeap): We use Vector<RefPtr<ThreadTimerHeapItem>> instead of Vector<Ref<~>> since Ref<~>
    doesn't have a copy constructor which is used by std::push_heap.
    (WebCore::ThreadTimerHeapItem): Added.
    (WebCore::ThreadTimerHeapItem::hasTimer const): Added.
    (WebCore::ThreadTimerHeapItem::setNotInHeap): Added. ThreadTimerHeapItem uses unsigned -1 as the single value which
    signifies the item not being in the heap instead of all negative values as in the old code in TimerBase.
    (WebCore::ThreadTimerHeapItem::isInHeap const): Added.
    (WebCore::ThreadTimerHeapItem::isFirstInHeap const): Added.
    (WebCore::ThreadTimerHeapItem::timer): Added.
    (WebCore::ThreadTimerHeapItem::clearTimer): Added.
    (WebCore::ThreadTimerHeapItem::heapIndex const): Added.
    (WebCore::ThreadTimerHeapItem::setHeapIndex): Added.
    (WebCore::ThreadTimerHeapItem::timerHeap const): Added.
    * platform/Timer.cpp:
    (WebCore::threadGlobalTimerHeap): This function is now only used in assertions.
    (WebCore::ThreadTimerHeapItem::ThreadTimerHeapItem): Added.
    (WebCore::ThreadTimerHeapItem::create): Added.
    (WebCore::TimerHeapPointer::TimerHeapPointer):
    (WebCore::TimerHeapPointer::operator-> const):
    (WebCore::TimerHeapReference::TimerHeapReference): Added a copy constructor.
    (WebCore::TimerHeapReference::copyRef const): Added.
    (WebCore::TimerHeapReference::operator RefPtr<ThreadTimerHeapItem>& const):
    (WebCore::TimerHeapPointer::operator* const):
    (WebCore::TimerHeapReference::operator=): Use move assignment operator.
    (WebCore::TimerHeapReference::swapWith):
    (WebCore::TimerHeapReference::updateHeapIndex): Extracted to share code between two verions of operator=.
    (WebCore::swap):
    (WebCore::TimerHeapIterator::TimerHeapIterator):
    (WebCore::TimerHeapIterator::operator-> const):
    (WebCore::TimerHeapLessThanFunction::compare): Added variants which take RefPtr<ThreadTimerHeapItem>.
    (WebCore::TimerHeapLessThanFunction::operator() const):
    (WebCore::TimerBase::TimerBase):
    (WebCore::TimerBase::~TimerBase):Clear the raw pointer in ThreadTimerHeapItem.
    (WebCore::TimerBase::stop):
    (WebCore::TimerBase::nextFireInterval const):
    (WebCore::TimerBase::checkHeapIndex const): Added the consistency check for other items in the heap.
    (WebCore::TimerBase::checkConsistency const):
    (WebCore::TimerBase::heapDecreaseKey):
    (WebCore::TimerBase::heapDelete):
    (WebCore::TimerBase::heapDeleteMin):
    (WebCore::TimerBase::heapIncreaseKey):
    (WebCore::TimerBase::heapInsert):
    (WebCore::TimerBase::heapPop):
    (WebCore::TimerBase::heapPopMin):
    (WebCore::TimerBase::heapDeleteNullMin): Added. Used to delete ThreadTimerHeapItem which no longer has a valid TimerBase.
    (WebCore::parentHeapPropertyHolds):
    (WebCore::childHeapPropertyHolds):
    (WebCore::TimerBase::hasValidHeapPosition const):
    (WebCore::TimerBase::updateHeapIfNeeded): Tweaked the heap index assertion as heapIndex() itself would assert when called
    on an item with an invalid (-1) heap index.
    (WebCore::TimerBase::setNextFireTime): Create ThreadTimerHeapItem. Note m_heapItem is never cleared until this TimerBase
    is deleted.
    (WebCore::TimerHeapReference::operator TimerBase* const): Deleted.
    * platform/Timer.h:
    (WebCore::TimerBase): Replaced m_nextFireTime, m_heapIndex, m_heapInsertionOrder, and m_cachedThreadGlobalTimerHeap
    by m_heapItem, RefPtr to an ThreadTimerHeapItem.
    (WebCore::TimerBase::augmentFireInterval):
    (WebCore::TimerBase::inHeap const):
    (WebCore::TimerBase::nextFireTime const):
    (WebCore::TimerBase::isActive const):
    (WebCore::TimerBase:: const): Deleted.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239814 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-09  Ryosuke Niwa  <rniwa@webkit.org>

            ThreadTimers should not store a raw pointer in its heap
            https://bugs.webkit.org/show_bug.cgi?id=192975
            <rdar://problem/46893946>

            Reviewed by Geoffrey Garen.

            Right now, ThreadTimers's heap data structure stores a raw pointer to TimerBase. In order to harden the timer code,
            this patch replaces it with ThreadTimerHeapItem, a newly introduced struct, which effectively acks like
            WeakReference<TimerBase*> as the timer heap and TimerBase both store RefPtr to it, and TimerBase's destructor clears
            the raw pointer back to TimerBase*.

            This approach was taken instead of an out-right adoptation of WeakPtr since the heap data structure requires each node
            in the heap to have a fixed "priority" yet WeakPtr with no valid pointer back to TimerBase would effectively lose its
            "priority" thereby corrupting the heap data structure. That is, each item in the heap must remember its fire time and
            insertion order even when the underlying TimerBase had gone away (this should never happen but the whole point of this
            hardening is to make it work even in the precense of such a bug).

            This patch also moves the heap index in TimerBase to ThreadTimerHeapItem, and replaces the pointer to the heap vector
            in TimerBase by a reference to ThreadTimers in ThreadTimerHeapItem. Note that ThreadTimers is a per-thread singleton.

            The correctness of this hardening was tested by commenting out the call to stop() and !isInHeap() assertion in
            TimerBase::~TimerBase() as well as the !isInHeap() assertion in ThreadTimerHeapItem::clearTimer() and observing that
            layout tests run successfully without hitting any debug assertions.

            No new tests since there should be no observable behavior difference.

            * WebCore.xcodeproj/project.pbxproj: Export ThreadTimers.h as a private header since it's now included in Timer.h
            * platform/ThreadTimers.cpp:
            (WebCore::ThreadTimers::updateSharedTimer): Delete ThreadTimerHeapItem's with nullptr TimerBase* (TimerBase had
            already been deleted). This should only happen when TimerBase's destructor failed to remove itself from the timer heap,
            which should never happen.
            (WebCore::ThreadTimers::sharedTimerFiredInternal): Ditto. Also removed the redundant code which had removed the timer
            from the heap since setNextFireTime does the removal already.
            * platform/ThreadTimers.h: Outdented the whole file.
            (WebCore::ThreadTimers::timerHeap): We use Vector<RefPtr<ThreadTimerHeapItem>> instead of Vector<Ref<~>> since Ref<~>
            doesn't have a copy constructor which is used by std::push_heap.
            (WebCore::ThreadTimerHeapItem): Added.
            (WebCore::ThreadTimerHeapItem::hasTimer const): Added.
            (WebCore::ThreadTimerHeapItem::setNotInHeap): Added. ThreadTimerHeapItem uses unsigned -1 as the single value which
            signifies the item not being in the heap instead of all negative values as in the old code in TimerBase.
            (WebCore::ThreadTimerHeapItem::isInHeap const): Added.
            (WebCore::ThreadTimerHeapItem::isFirstInHeap const): Added.
            (WebCore::ThreadTimerHeapItem::timer): Added.
            (WebCore::ThreadTimerHeapItem::clearTimer): Added.
            (WebCore::ThreadTimerHeapItem::heapIndex const): Added.
            (WebCore::ThreadTimerHeapItem::setHeapIndex): Added.
            (WebCore::ThreadTimerHeapItem::timerHeap const): Added.
            * platform/Timer.cpp:
            (WebCore::threadGlobalTimerHeap): This function is now only used in assertions.
            (WebCore::ThreadTimerHeapItem::ThreadTimerHeapItem): Added.
            (WebCore::ThreadTimerHeapItem::create): Added.
            (WebCore::TimerHeapPointer::TimerHeapPointer):
            (WebCore::TimerHeapPointer::operator-> const):
            (WebCore::TimerHeapReference::TimerHeapReference): Added a copy constructor.
            (WebCore::TimerHeapReference::copyRef const): Added.
            (WebCore::TimerHeapReference::operator RefPtr<ThreadTimerHeapItem>& const):
            (WebCore::TimerHeapPointer::operator* const):
            (WebCore::TimerHeapReference::operator=): Use move assignment operator.
            (WebCore::TimerHeapReference::swapWith):
            (WebCore::TimerHeapReference::updateHeapIndex): Extracted to share code between two verions of operator=.
            (WebCore::swap):
            (WebCore::TimerHeapIterator::TimerHeapIterator):
            (WebCore::TimerHeapIterator::operator-> const):
            (WebCore::TimerHeapLessThanFunction::compare): Added variants which take RefPtr<ThreadTimerHeapItem>.
            (WebCore::TimerHeapLessThanFunction::operator() const):
            (WebCore::TimerBase::TimerBase):
            (WebCore::TimerBase::~TimerBase):Clear the raw pointer in ThreadTimerHeapItem.
            (WebCore::TimerBase::stop):
            (WebCore::TimerBase::nextFireInterval const):
            (WebCore::TimerBase::checkHeapIndex const): Added the consistency check for other items in the heap.
            (WebCore::TimerBase::checkConsistency const):
            (WebCore::TimerBase::heapDecreaseKey):
            (WebCore::TimerBase::heapDelete):
            (WebCore::TimerBase::heapDeleteMin):
            (WebCore::TimerBase::heapIncreaseKey):
            (WebCore::TimerBase::heapInsert):
            (WebCore::TimerBase::heapPop):
            (WebCore::TimerBase::heapPopMin):
            (WebCore::TimerBase::heapDeleteNullMin): Added. Used to delete ThreadTimerHeapItem which no longer has a valid TimerBase.
            (WebCore::parentHeapPropertyHolds):
            (WebCore::childHeapPropertyHolds):
            (WebCore::TimerBase::hasValidHeapPosition const):
            (WebCore::TimerBase::updateHeapIfNeeded): Tweaked the heap index assertion as heapIndex() itself would assert when called
            on an item with an invalid (-1) heap index.
            (WebCore::TimerBase::setNextFireTime): Create ThreadTimerHeapItem. Note m_heapItem is never cleared until this TimerBase
            is deleted.
            (WebCore::TimerHeapReference::operator TimerBase* const): Deleted.
            * platform/Timer.h:
            (WebCore::TimerBase): Replaced m_nextFireTime, m_heapIndex, m_heapInsertionOrder, and m_cachedThreadGlobalTimerHeap
            by m_heapItem, RefPtr to an ThreadTimerHeapItem.
            (WebCore::TimerBase::augmentFireInterval):
            (WebCore::TimerBase::inHeap const):
            (WebCore::TimerBase::nextFireTime const):
            (WebCore::TimerBase::isActive const):
            (WebCore::TimerBase:: const): Deleted.

2019-01-15  Alan Coon  <alancoon@apple.com>

        Cherry-pick r239786. rdar://problem/47260219

    [Datalist] Crash when input with datalist is dynamically added.
    https://bugs.webkit.org/show_bug.cgi?id=193012
    <rdar://problem/45923457>
    
    Reviewed by Brent Fulgham.
    
    Source/WebCore:
    
    In certain cases (cloning, setAttribute), it's too early to check for the list attribute in createShadowSubtree
    to see whether the input needs datalist related items. The list attribute is simply not set yet.
    This patch only addresses the obvious crash. m_dataListDropdownIndicator clearly lacks proper lifecycle management (see webkit.org/b/193032).
    
    Test: fast/forms/datalist/datalist-crash-when-dynamic.html
    
    * html/TextFieldInputType.cpp:
    (WebCore::TextFieldInputType::createShadowSubtree):
    (WebCore::TextFieldInputType::attributeChanged):
    (WebCore::TextFieldInputType::createDataListDropdownIndicator):
    * html/TextFieldInputType.h:
    
    LayoutTests:
    
    * fast/forms/datalist/datalist-crash-when-dynamic-expected.txt: Added.
    * fast/forms/datalist/datalist-crash-when-dynamic.html: Added.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239786 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-09  Zalan Bujtas  <zalan@apple.com>

            [Datalist] Crash when input with datalist is dynamically added.
            https://bugs.webkit.org/show_bug.cgi?id=193012
            <rdar://problem/45923457>

            Reviewed by Brent Fulgham.

            In certain cases (cloning, setAttribute), it's too early to check for the list attribute in createShadowSubtree
            to see whether the input needs datalist related items. The list attribute is simply not set yet.
            This patch only addresses the obvious crash. m_dataListDropdownIndicator clearly lacks proper lifecycle management (see webkit.org/b/193032).

            Test: fast/forms/datalist/datalist-crash-when-dynamic.html

            * html/TextFieldInputType.cpp:
            (WebCore::TextFieldInputType::createShadowSubtree):
            (WebCore::TextFieldInputType::attributeChanged):
            (WebCore::TextFieldInputType::createDataListDropdownIndicator):
            * html/TextFieldInputType.h:

2019-01-09  Kocsen Chung  <kocsen_chung@apple.com>

        Cherry-pick r239758. rdar://problem/47158613

    Blob references for System Previews don't get a correct file extension
    https://bugs.webkit.org/show_bug.cgi?id=193268
    <rdar://problem/47133037>
    
    Reviewed by Tim Horton.
    
    Source/WebCore:
    
    Apple platforms don't yet have a mapping from the USD MIME type to
    file extensions (and we support some non-standard MIME types), which
    means that downloads from Blob references don't get correctly named.
    
    Fix this by adding an explicit mapping between System Preview types
    and ".usdz".
    
    WebKit API test: _WKDownload.SystemPreviewUSDZBlobNaming
    
    * platform/MIMETypeRegistry.cpp:
    (WebCore::MIMETypeRegistry::isSystemPreviewMIMEType): Remove USE(SYSTEM_PREVIEW) since
    this applies to macOS and iOS now.
    * platform/MIMETypeRegistry.h:
    * platform/cocoa/MIMETypeRegistryCocoa.mm:
    (WebCore::MIMETypeRegistry::getPreferredExtensionForMIMEType): Add a mapping
    for USDZ.
    
    Tools:
    
    New test that a Blob download of a USDZ file gets named correctly.
    
    * TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
    * TestWebKitAPI/Tests/WebKitCocoa/Download.mm:
    (-[BlobWithUSDZExtensionDownloadDelegate _download:decideDestinationWithSuggestedFilename:completionHandler:]):
    (-[BlobWithUSDZExtensionDownloadDelegate _downloadDidFinish:]):
    (TEST):
    * TestWebKitAPI/Tests/WebKitCocoa/SystemPreviewBlobNaming.html: Added.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239758 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-08  Dean Jackson  <dino@apple.com>

            Blob references for System Previews don't get a correct file extension
            https://bugs.webkit.org/show_bug.cgi?id=193268
            <rdar://problem/47133037>

            Reviewed by Tim Horton.

            Apple platforms don't yet have a mapping from the USD MIME type to
            file extensions (and we support some non-standard MIME types), which
            means that downloads from Blob references don't get correctly named.

            Fix this by adding an explicit mapping between System Preview types
            and ".usdz".

            WebKit API test: _WKDownload.SystemPreviewUSDZBlobNaming

            * platform/MIMETypeRegistry.cpp:
            (WebCore::MIMETypeRegistry::isSystemPreviewMIMEType): Remove USE(SYSTEM_PREVIEW) since
            this applies to macOS and iOS now.
            * platform/MIMETypeRegistry.h:
            * platform/cocoa/MIMETypeRegistryCocoa.mm:
            (WebCore::MIMETypeRegistry::getPreferredExtensionForMIMEType): Add a mapping
            for USDZ.

2019-01-09  Kocsen Chung  <kocsen_chung@apple.com>

        Cherry-pick r239746. rdar://problem/47158728

    IDB storage of Crypto keys does not work in private browsing mode
    https://bugs.webkit.org/show_bug.cgi?id=193219
    
    Reviewed by Brady Eidson.
    
    Source/WebCore:
    
    https://trac.webkit.org/changeset/238677 moved from using a JSGlobalObject to a JSDOMGlobalObject for serialization/deserialization.
    This does not work for crypto keys as they require not only a JSDOMGlobalObject but either a window or worker global object.
    
    To fix the issue, revert 238677, and fix it by checking whether the dumping of an ArrayBuffer happens for a JSDOMGlobalObject or a JSGlobalObject.
    If it is the latter, use JSC routines instead of toJS() which requires a JSDOMGlobalObject.
    
    Covered by updated test.
    
    * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
    (WebCore::IDBServer::UniqueIDBDatabase::databaseThreadVM):
    (WebCore::IDBServer::UniqueIDBDatabase::databaseThreadExecState):
    * bindings/js/JSDOMGlobalObject.cpp:
    * bindings/js/JSDOMGlobalObject.h:
    * bindings/js/JSDOMWrapper.cpp:
    (WebCore::JSDOMObject::JSDOMObject):
    * bindings/js/SerializedScriptValue.cpp:
    (WebCore::CloneSerializer::dumpArrayBufferView):
    (WebCore::CloneSerializer::toJSArrayBuffer):
    
    LayoutTests:
    
    Activate private browsing mode for these two tests.
    
    * crypto/subtle/rsa-indexeddb-non-exportable-private.html:
    * crypto/subtle/rsa-indexeddb-private.html:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239746 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-08  Youenn Fablet  <youenn@apple.com>

            IDB storage of Crypto keys does not work in private browsing mode
            https://bugs.webkit.org/show_bug.cgi?id=193219

            Reviewed by Brady Eidson.

            https://trac.webkit.org/changeset/238677 moved from using a JSGlobalObject to a JSDOMGlobalObject for serialization/deserialization.
            This does not work for crypto keys as they require not only a JSDOMGlobalObject but either a window or worker global object.

            To fix the issue, revert 238677, and fix it by checking whether the dumping of an ArrayBuffer happens for a JSDOMGlobalObject or a JSGlobalObject.
            If it is the latter, use JSC routines instead of toJS() which requires a JSDOMGlobalObject.

            Covered by updated test.

            * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
            (WebCore::IDBServer::UniqueIDBDatabase::databaseThreadVM):
            (WebCore::IDBServer::UniqueIDBDatabase::databaseThreadExecState):
            * bindings/js/JSDOMGlobalObject.cpp:
            * bindings/js/JSDOMGlobalObject.h:
            * bindings/js/JSDOMWrapper.cpp:
            (WebCore::JSDOMObject::JSDOMObject):
            * bindings/js/SerializedScriptValue.cpp:
            (WebCore::CloneSerializer::dumpArrayBufferView):
            (WebCore::CloneSerializer::toJSArrayBuffer):

2019-01-09  Kocsen Chung  <kocsen_chung@apple.com>

        Cherry-pick r239715. rdar://problem/47158638

    Crash in SWServer::Connection::resolveRegistrationReadyRequests
    https://bugs.webkit.org/show_bug.cgi?id=193217
    
    Reviewed by Chris Dumez.
    
    As can be seen from the traces, SWServer might clear its connections HashMap in its destructor.
    This might then trigger calling SWServer::resolveRegistrationReadyRequests.
    This method is iterating on the connections HashMap which is being cleared.
    To remove this problem, move the HashMap in a temporary variable and clear the temporary variable.
    
    * workers/service/server/SWServer.cpp:
    (WebCore::SWServer::~SWServer):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239715 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-07  Youenn Fablet  <youenn@apple.com>

            Crash in SWServer::Connection::resolveRegistrationReadyRequests
            https://bugs.webkit.org/show_bug.cgi?id=193217

            Reviewed by Chris Dumez.

            As can be seen from the traces, SWServer might clear its connections HashMap in its destructor.
            This might then trigger calling SWServer::resolveRegistrationReadyRequests.
            This method is iterating on the connections HashMap which is being cleared.
            To remove this problem, move the HashMap in a temporary variable and clear the temporary variable.

            * workers/service/server/SWServer.cpp:
            (WebCore::SWServer::~SWServer):

2019-01-09  Kocsen Chung  <kocsen_chung@apple.com>

        Cherry-pick r239711. rdar://problem/47158701

    REGRESSION (r239519): ASSERTION FAILED: !m_adoptionIsRequired in com.apple.WebCore: void WTF::refIfNotNull<WebCore::CDMSessionMediaSourceAVFObjC> + 53
    https://bugs.webkit.org/show_bug.cgi?id=193211
    <rdar://problem/46937412>
    
    Reviewed by Eric Carlson.
    
    Make CDMSessionMediaSourceAVFObjC a CanMakeWeakPtr rather than RefCounted, as CDMSessions are stored in
    std::unique_ptrs, and not in Ref or RefPtr.
    
    * platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.h:
    * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
    * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
    (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setCDMSession):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239711 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-07  Jer Noble  <jer.noble@apple.com>

            REGRESSION (r239519): ASSERTION FAILED: !m_adoptionIsRequired in com.apple.WebCore: void WTF::refIfNotNull<WebCore::CDMSessionMediaSourceAVFObjC> + 53
            https://bugs.webkit.org/show_bug.cgi?id=193211
            <rdar://problem/46937412>

            Reviewed by Eric Carlson.

            Make CDMSessionMediaSourceAVFObjC a CanMakeWeakPtr rather than RefCounted, as CDMSessions are stored in
            std::unique_ptrs, and not in Ref or RefPtr.

            * platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.h:
            * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
            * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
            (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setCDMSession):

2019-01-09  Kocsen Chung  <kocsen_chung@apple.com>

        Cherry-pick r239702. rdar://problem/47158664

    Cleanup AudioTrackPrivateMediaStreamCocoa
    https://bugs.webkit.org/show_bug.cgi?id=193208
    <rdar://problem/42225870>
    
    Reviewed by Youenn Fablet.
    
    * platform/mediastream/mac/AudioTrackPrivateMediaStreamCocoa.cpp:
    (WebCore::AudioTrackPrivateMediaStreamCocoa::audioSamplesAvailable): Clear input and
    output format descriptions after stopping the audio unit.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239702 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-07  Eric Carlson  <eric.carlson@apple.com>

            Cleanup AudioTrackPrivateMediaStreamCocoa
            https://bugs.webkit.org/show_bug.cgi?id=193208
            <rdar://problem/42225870>

            Reviewed by Youenn Fablet.

            * platform/mediastream/mac/AudioTrackPrivateMediaStreamCocoa.cpp:
            (WebCore::AudioTrackPrivateMediaStreamCocoa::audioSamplesAvailable): Clear input and
            output format descriptions after stopping the audio unit.

2019-01-09  Kocsen Chung  <kocsen_chung@apple.com>

        Cherry-pick r239694. rdar://problem/47158722

    Deactivate audio session whenever possible
    https://bugs.webkit.org/show_bug.cgi?id=193188
    <rdar://problem/42678977>
    
    Reviewed by Jer Noble.
    
    Source/WebCore:
    
    Test: media/deactivate-audio-session.html
    
    * platform/audio/AudioSession.cpp:
    (WebCore::AudioSession::tryToSetActive):
    (WebCore::AudioSession::tryToSetActiveInternal):
    * platform/audio/AudioSession.h:
    (WebCore::AudioSession::isActive const):
    
    * platform/audio/PlatformMediaSessionManager.cpp:
    (WebCore::PlatformMediaSessionManager::removeSession):
    (WebCore::deactivateAudioSession):
    (WebCore::PlatformMediaSessionManager::shouldDeactivateAudioSession):
    (WebCore::PlatformMediaSessionManager::setShouldDeactivateAudioSession):
    * platform/audio/PlatformMediaSessionManager.h:
    
    * platform/audio/ios/AudioSessionIOS.mm:
    (WebCore::AudioSession::tryToSetActiveInternal):
    (WebCore::AudioSession::tryToSetActive): Deleted.
    
    * platform/audio/mac/AudioSessionMac.cpp:
    (WebCore::AudioSession::tryToSetActiveInternal):
    (WebCore::AudioSession::tryToSetActive): Deleted.
    
    * testing/Internals.cpp:
    (WebCore::Internals::audioSessionActive const):
    * testing/Internals.h:
    * testing/Internals.idl:
    
    Source/WebKit:
    
    * WebProcess/WebPage/WebPage.cpp:
    (WebKit::WebPage::WebPage):
    
    LayoutTests:
    
    * TestExpectations: Skip the new test.
    * media/deactivate-audio-session-expected.txt: Added.
    * media/deactivate-audio-session.html: Added.
    * platform/ios/TestExpectations: Run the new test.
    * platform/mac-wk2/TestExpectations: Ditto.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239694 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-07  Eric Carlson  <eric.carlson@apple.com>

            Deactivate audio session whenever possible
            https://bugs.webkit.org/show_bug.cgi?id=193188
            <rdar://problem/42678977>

            Reviewed by Jer Noble.

            Test: media/deactivate-audio-session.html

            * platform/audio/AudioSession.cpp:
            (WebCore::AudioSession::tryToSetActive):
            (WebCore::AudioSession::tryToSetActiveInternal):
            * platform/audio/AudioSession.h:
            (WebCore::AudioSession::isActive const):

            * platform/audio/PlatformMediaSessionManager.cpp:
            (WebCore::PlatformMediaSessionManager::removeSession):
            (WebCore::deactivateAudioSession):
            (WebCore::PlatformMediaSessionManager::shouldDeactivateAudioSession):
            (WebCore::PlatformMediaSessionManager::setShouldDeactivateAudioSession):
            * platform/audio/PlatformMediaSessionManager.h:

            * platform/audio/ios/AudioSessionIOS.mm:
            (WebCore::AudioSession::tryToSetActiveInternal):
            (WebCore::AudioSession::tryToSetActive): Deleted.

            * platform/audio/mac/AudioSessionMac.cpp:
            (WebCore::AudioSession::tryToSetActiveInternal):
            (WebCore::AudioSession::tryToSetActive): Deleted.

            * testing/Internals.cpp:
            (WebCore::Internals::audioSessionActive const):
            * testing/Internals.h:
            * testing/Internals.idl:

2019-01-08  Alan Coon  <alancoon@apple.com>

        Cherry-pick r239726. rdar://problem/47097726

    Regression(PSON-r239182): Blank view when navigating back and forth between google.com and stack overflow
    https://bugs.webkit.org/show_bug.cgi?id=193224
    <rdar://problem/47097726>
    
    Reviewed by Alex Christensen.
    
    Source/WebCore:
    
    Since r239182, pages get suspended in-place when we suspend the old process after a process-swap on navigation.
    When we return to a suspended page, we load the current history item again and it normally properly restores
    the page from PageCache, even though we load the same history item and the current one and even though the
    page is suspended in-place (i.e. we did not navigate away, which is the usual case for page cache).
    
    The issue is that if the page URL contains a fragment, FrameLoader::shouldPerformFragmentNavigation() would
    return true because both the source and destination URLs (which are the same) contains a fragment. To address
    the issue, update FrameLoader::shouldPerformFragmentNavigation() to return false if the current page is
    suspended.
    
    * loader/FrameLoader.cpp:
    (WebCore::FrameLoader::shouldPerformFragmentNavigation):
    
    Tools:
    
    Add API test coverage.
    
    * TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239726 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-01-08  Chris Dumez  <cdumez@apple.com>

            Regression(PSON-r239182): Blank view when navigating back and forth between google.com and stack overflow
            https://bugs.webkit.org/show_bug.cgi?id=193224
            <rdar://problem/47097726>

            Reviewed by Alex Christensen.

            Since r239182, pages get suspended in-place when we suspend the old process after a process-swap on navigation.
            When we return to a suspended page, we load the current history item again and it normally properly restores
            the page from PageCache, even though we load the same history item and the current one and even though the
            page is suspended in-place (i.e. we did not navigate away, which is the usual case for page cache).

            The issue is that if the page URL contains a fragment, FrameLoader::shouldPerformFragmentNavigation() would
            return true because both the source and destination URLs (which are the same) contains a fragment. To address
            the issue, update FrameLoader::shouldPerformFragmentNavigation() to return false if the current page is
            suspended.

            * loader/FrameLoader.cpp:
            (WebCore::FrameLoader::shouldPerformFragmentNavigation):

2019-01-07  Zalan Bujtas  <zalan@apple.com>

        [LFC][BFC] Margin collapsing should not be limited to in-flow non-replaced boxes.
        https://bugs.webkit.org/show_bug.cgi?id=193183

        Reviewed by Antti Koivisto.

        * layout/FormattingContext.cpp:
        (WebCore::Layout::FormattingContext::computeOutOfFlowVerticalGeometry const):
        * layout/FormattingContextGeometry.cpp:
        (WebCore::Layout::FormattingContext::Geometry::outOfFlowNonReplacedVerticalGeometry):
        (WebCore::Layout::FormattingContext::Geometry::outOfFlowReplacedVerticalGeometry):
        (WebCore::Layout::FormattingContext::Geometry::complicatedCases):
        (WebCore::Layout::FormattingContext::Geometry::floatingNonReplacedWidthAndMargin):
        (WebCore::Layout::FormattingContext::Geometry::inlineReplacedHeightAndMargin):
        * layout/LayoutUnits.h:
        * layout/blockformatting/BlockFormattingContext.cpp:
        (WebCore::Layout::BlockFormattingContext::computeHeightAndMargin const):
        * layout/blockformatting/BlockFormattingContextGeometry.cpp:
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowNonReplacedHeightAndMargin):
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowHeightAndMargin):
        * layout/blockformatting/BlockFormattingContextQuirks.cpp:
        (WebCore::Layout::BlockFormattingContext::Quirks::stretchedHeight):
        * layout/inlineformatting/InlineFormattingContext.cpp:
        (WebCore::Layout::InlineFormattingContext::computeHeightAndMargin const):

2019-01-07  Zalan Bujtas  <zalan@apple.com>

        [LFC][BFC] Move MarginCollapse from BlockFormattingContext::Geometry to BlockFormattingContext
        https://bugs.webkit.org/show_bug.cgi?id=193181

        Reviewed by Antti Koivisto.

        This is in preparation to share margin collapsing across all boxes in block formatting context.

        * layout/blockformatting/BlockFormattingContext.h:
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowNonReplacedHeightAndMargin):
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowNonReplacedWidthAndMargin):
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowReplacedWidthAndMargin):
        * layout/blockformatting/BlockMarginCollapse.cpp:
        (WebCore::Layout::BlockFormattingContext::MarginCollapse::computedNonCollapsedMarginBefore):
        (WebCore::Layout::BlockFormattingContext::MarginCollapse::computedNonCollapsedMarginAfter):
        (WebCore::Layout::BlockFormattingContext::MarginCollapse::nonCollapsedMarginBefore):
        (WebCore::Layout::BlockFormattingContext::MarginCollapse::nonCollapsedMarginAfter):
        (WebCore::Layout::BlockFormattingContext::MarginCollapse::collapsedMarginBeforeFromFirstChild):
        (WebCore::Layout::BlockFormattingContext::MarginCollapse::collapsedMarginAfterFromLastChild):
        (WebCore::Layout::BlockFormattingContext::MarginCollapse::marginBeforeCollapsesWithParentMarginAfter):
        (WebCore::Layout::BlockFormattingContext::MarginCollapse::marginBeforeCollapsesWithParentMarginBefore):
        (WebCore::Layout::BlockFormattingContext::MarginCollapse::marginAfterCollapsesWithSiblingMarginBeforeWithClearance):
        (WebCore::Layout::BlockFormattingContext::MarginCollapse::marginAfterCollapsesWithParentMarginBefore):
        (WebCore::Layout::BlockFormattingContext::MarginCollapse::marginAfterCollapsesWithParentMarginAfter):
        (WebCore::Layout::BlockFormattingContext::MarginCollapse::marginBeforeCollapsesWithPreviousSibling):
        (WebCore::Layout::BlockFormattingContext::MarginCollapse::marginAfterCollapsesWithNextSibling):
        (WebCore::Layout::BlockFormattingContext::MarginCollapse::marginsCollapseThrough):
        (WebCore::Layout::BlockFormattingContext::MarginCollapse::marginBefore):
        (WebCore::Layout::BlockFormattingContext::MarginCollapse::marginAfter):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::computedNonCollapsedMarginBefore): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::computedNonCollapsedMarginAfter): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::nonCollapsedMarginBefore): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::nonCollapsedMarginAfter): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::collapsedMarginBeforeFromFirstChild): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::collapsedMarginAfterFromLastChild): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginBeforeCollapsesWithParentMarginAfter): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginBeforeCollapsesWithParentMarginBefore): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginAfterCollapsesWithSiblingMarginBeforeWithClearance): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginAfterCollapsesWithParentMarginBefore): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginAfterCollapsesWithParentMarginAfter): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginBeforeCollapsesWithPreviousSibling): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginAfterCollapsesWithNextSibling): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginsCollapseThrough): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginBefore): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginAfter): Deleted.

2019-01-07  Zan Dobersek  <zdobersek@igalia.com>

        [WPE] Use Widget bounds for PlatformScreen rectangle information
        https://bugs.webkit.org/show_bug.cgi?id=193190

        Reviewed by Philippe Normand.

        Provide a better screen area estimate in screenRect() and
        screenAvailableRect() return values than the current 1240x640 value by
        using the Widget's bounds rectangle.

        This approach is only factually correct when the Widget-associated view
        is displayed in fullscreen, but it provides a better estimate even when
        displayed in any other case as well. WPE doesn't provide specific API
        that could enable the embedding environment to provide this information.

        * platform/wpe/PlatformScreenWPE.cpp:
        (WebCore::screenRect): Return bounds of the Widget object.
        (WebCore::screenAvailableRect): Relay the call to screenRect().

2019-01-07  Zan Dobersek  <zdobersek@igalia.com>

        Make Gradient::gradientSpaceTransform(), Pattern::patternSpaceTransform() methods const
        https://bugs.webkit.org/show_bug.cgi?id=193189

        Reviewed by Philippe Normand.

        The transform getter methods on the Gradient and Pattern classes both
        return const references to the transform objects, and don't modify any
        internal state. They should be marked const accordingly, allowing
        invocations of these two methods through const references to Gradient
        and Pattern objects.

        * platform/graphics/Gradient.h:
        (WebCore::Gradient::gradientSpaceTransform): Now const.
        * platform/graphics/Pattern.h:
        (WebCore::Pattern::patternSpaceTransform): Now const.

2019-01-07  Zan Dobersek  <zdobersek@igalia.com>

        REGRESSION(r239636): ImageDecoder::setEncodedDataStatusChangeCallback() can be called on a null decoder
        https://bugs.webkit.org/show_bug.cgi?id=193187

        Reviewed by Philippe Normand.

        * platform/graphics/ImageSource.cpp:
        (WebCore::ImageSource::ensureDecoderAvailable): Bail before calling the
        setEncodedDataStatusChangeCallback() method when the returned
        ImageDecoder object is null.

2019-01-06  Zan Dobersek  <zdobersek@igalia.com>

        [Nicosia] Take over CoordinatedGraphics-named implementation of async scrolling classes
        https://bugs.webkit.org/show_bug.cgi?id=193133

        Reviewed by Michael Catanzaro.

        Move the CoordinatedGraphics-specific files under
        page/scrolling/coordinatedgraphics/ to page/scrolling/nicosia/, along
        with renaming the files and classes accordingly. Implementation will
        only depend on the Nicosia-specific layer structure and is not specific
        to the CoordinatedGraphics system.

        * PlatformPlayStation.cmake:
        * SourcesGTK.txt:
        * SourcesWPE.txt:
        * page/scrolling/nicosia/ScrollingCoordinatorNicosia.cpp: Renamed from Source/WebCore/page/scrolling/coordinatedgraphics/ScrollingCoordinatorCoordinatedGraphics.cpp.
        * page/scrolling/nicosia/ScrollingCoordinatorNicosia.h: Renamed from Source/WebCore/page/scrolling/coordinatedgraphics/ScrollingCoordinatorCoordinatedGraphics.h.
        * page/scrolling/nicosia/ScrollingStateNodeNicosia.cpp: Renamed from Source/WebCore/page/scrolling/coordinatedgraphics/ScrollingStateNodeCoordinatedGraphics.cpp.
        * page/scrolling/nicosia/ScrollingTreeFixedNode.cpp: Renamed from Source/WebCore/page/scrolling/coordinatedgraphics/ScrollingTreeFixedNode.cpp.
        * page/scrolling/nicosia/ScrollingTreeFixedNode.h: Renamed from Source/WebCore/page/scrolling/coordinatedgraphics/ScrollingTreeFixedNode.h.
        * page/scrolling/nicosia/ScrollingTreeFrameScrollingNodeNicosia.cpp: Renamed from Source/WebCore/page/scrolling/coordinatedgraphics/ScrollingTreeFrameScrollingNodeCoordinatedGraphics.cpp.
        * page/scrolling/nicosia/ScrollingTreeFrameScrollingNodeNicosia.h: Renamed from Source/WebCore/page/scrolling/coordinatedgraphics/ScrollingTreeFrameScrollingNodeCoordinatedGraphics.h.
        * page/scrolling/nicosia/ScrollingTreeNicosia.cpp: Renamed from Source/WebCore/page/scrolling/coordinatedgraphics/ScrollingTreeCoordinatedGraphics.cpp.
        * page/scrolling/nicosia/ScrollingTreeNicosia.h: Renamed from Source/WebCore/page/scrolling/coordinatedgraphics/ScrollingTreeCoordinatedGraphics.h.
        * page/scrolling/nicosia/ScrollingTreeStickyNode.cpp: Renamed from Source/WebCore/page/scrolling/coordinatedgraphics/ScrollingTreeStickyNode.cpp.
        * page/scrolling/nicosia/ScrollingTreeStickyNode.h: Renamed from Source/WebCore/page/scrolling/coordinatedgraphics/ScrollingTreeStickyNode.h.
        * platform/TextureMapper.cmake:

2019-01-06  Jiewen Tan  <jiewen_tan@apple.com>

        [WebAuthN] Import U2F command/response converters from Chromium
        https://bugs.webkit.org/show_bug.cgi?id=193150
        <rdar://problem/47054028>

        Reviewed by Brent Fulgham.

        This patch imports Chromium's U2F command/response converters:
        https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-authenticator-protocol-v2.0-id-20180227.html#u2f-interoperability
        1. It directly imports the following files and suit them to WebKit's coding style:
        https://cs.chromium.org/chromium/src/device/fido/u2f_command_constructor.cc?l=1&rcl=db624110317d01efa78cd32e7be1524190e1beb0
        https://cs.chromium.org/chromium/src/device/fido/u2f_command_constructor.h?rcl=db624110317d01efa78cd32e7be1524190e1beb0
        https://cs.chromium.org/chromium/src/device/fido/u2f_command_constructor_unittest.cc?rcl=db624110317d01efa78cd32e7be1524190e1beb0
        2. It gathers the following methods into U2fResponseConverter:
        AuthenticatorMakeCredentialResponse::CreateFromU2fRegisterResponse()
        AuthenticatorGetAssertionResponse::CreateFromU2fSignResponse()
        3. It also updates FidoConstants.h, FidoTestData.h and CtapResponseTest.cpp accordingly.

        Besides importing stuff from Chroimum, it also gathers a bunch of constants and helper functions into WebAuthenticationConstants.h
        and WebAuthenticationUtils.h. It also fixes Bug 183534: 2) and 7).

        Covered by API tests.

        * Modules/webauthn/AuthenticatorCoordinator.cpp:
        (WebCore::AuthenticatorCoordinatorInternal::produceClientDataJsonHash):
        * Modules/webauthn/WebAuthenticationConstants.h: Copied from Source/WebCore/Modules/webauthn/COSEConstants.h.
        * Modules/webauthn/WebAuthenticationUtils.cpp: Added.
        (WebCore::convertBytesToVector):
        (WebCore::produceRpIdHash):
        (WebCore::encodeES256PublicKeyAsCBOR):
        (WebCore::buildAttestedCredentialData):
        (WebCore::buildAuthData):
        (WebCore::buildAttestationObject):
        * Modules/webauthn/WebAuthenticationUtils.h: Renamed from Source/WebCore/Modules/webauthn/COSEConstants.h.
        * Modules/webauthn/fido/DeviceResponseConverter.cpp:
        (fido::getCredentialId):
        (fido::readCTAPGetInfoResponse):
        * Modules/webauthn/fido/FidoConstants.h:
        * Modules/webauthn/fido/U2fCommandConstructor.cpp: Added.
        (fido::WebCore::constructU2fRegisterCommand):
        (fido::WebCore::constructU2fSignCommand):
        (fido::isConvertibleToU2fRegisterCommand):
        (fido::isConvertibleToU2fSignCommand):
        (fido::convertToU2fRegisterCommand):
        (fido::convertToU2fCheckOnlySignCommand):
        (fido::convertToU2fSignCommand):
        (fido::constructBogusU2fRegistrationCommand):
        * Modules/webauthn/fido/U2fCommandConstructor.h: Added.
        * Modules/webauthn/fido/U2fResponseConverter.cpp: Added.
        (fido::WebCore::extractECPublicKeyFromU2fRegistrationResponse):
        (fido::WebCore::extractCredentialIdFromU2fRegistrationResponse):
        (fido::WebCore::createAttestedCredentialDataFromU2fRegisterResponse):
        (fido::WebCore::parseX509Length):
        (fido::WebCore::createFidoAttestationStatementFromU2fRegisterResponse):
        (fido::readU2fRegisterResponse):
        (fido::readFromU2fSignResponse):
        * Modules/webauthn/fido/U2fResponseConverter.h: Added.
        * Modules/webgpu/WebGPUCommandBuffer.cpp:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:

2019-01-06  David Kilzer  <ddkilzer@apple.com>

        Leak of WTF::Function objects in WebCore::CryptoKeyRSA::generatePair() (64-80 bytes each) in com.apple.WebKit.WebContent running WebKit layout tests
        <https://webkit.org/b/193177>
        <rdar://problem/47072196>

        Reviewed by Saam Barati.

        * crypto/mac/CryptoKeyRSAMac.cpp:
        (WebCore::CryptoKeyRSA::generatePair): Fix the leak by changing
        raw pointers to heap-allocated __block variables to hold the
        WTF::Function objects until they are consumed within the block
        passed to dispatch_async().  The __block variables act like
        captured variables in a C++ lambda and have the same lifetime as
        the block that they are captured in.  Note that we would have to
        convert the source file from C++ to Objective-C++ to use a C++
        lambda functor with dispatch_async(), which creates its own
        issue because the comipiler requires a copy constructor to
        convert the C++ lambda to a block functor, but the copy
        constructor for the C++ lambda is implicitly deleted because the
        WTF::Function copy constructor is explicitly deleted.  Whew!

2019-01-06  Pablo Saavedra  <psaavedra@igalia.com>

        [WPE][GTK] Building with ENABLE_VIDEO=OFF fails trying to use Document MediaPlayback functions.
        https://bugs.webkit.org/show_bug.cgi?id=193174

        Reviewed by Michael Catanzaro.

        * page/Page.cpp:
        (WebCore::Page::stopAllMediaPlayback):
        (WebCore::Page::suspendAllMediaPlayback):
        (WebCore::Page::resumeAllMediaPlayback):

2019-01-05  David Kilzer  <ddkilzer@apple.com>

        Leak of two CCRSACryptorRef (4.0 Kbytes/1 page each) in com.apple.WebKit.WebContent running WebKit layout tests
        <https://webkit.org/b/193154>
        <rdar://problem/47052993>

        Reviewed by Brent Fulgham.

        Broadly:
        - Fix leaks by switching from using raw pointers to using
          std::unique_ptr<>.
        - Introduce PlatformRSAKeyContainer type to handle different
          std::unique_ptr<> on each platform.
        - Get rid of custom CryptoKeyRSA destructors since the
          std::unique_ptr<> handles that with a Deleter.
        - Initialize stack variables to nullptr.

        * crypto/gcrypt/CryptoKeyRSAGCrypt.cpp:
        (WebCore::CryptoKeyRSA::create):
        (WebCore::CryptoKeyRSA::CryptoKeyRSA):
        (WebCore::CryptoKeyRSA::keySizeInBits const):
        (WebCore::CryptoKeyRSA::generatePair):
        (WebCore::CryptoKeyRSA::importSpki):
        (WebCore::CryptoKeyRSA::importPkcs8):
        (WebCore::CryptoKeyRSA::exportSpki const):
        (WebCore::CryptoKeyRSA::exportPkcs8 const):
        (WebCore::CryptoKeyRSA::algorithm const):
        (WebCore::CryptoKeyRSA::exportData const):
        (WebCore::CryptoKeyRSA::~CryptoKeyRSA): Deleted.
        * crypto/keys/CryptoKeyRSA.h:
        (WebCore::CCRSACryptorRefDeleter::operator() const):
        * crypto/mac/CryptoKeyRSAMac.cpp:
        (WebCore::getPublicKeyComponents):
        (WebCore::getPrivateKeyComponents):
        (WebCore::CryptoKeyRSA::CryptoKeyRSA):
        (WebCore::CryptoKeyRSA::create):
        (WebCore::CryptoKeyRSA::exportData const):
        (WebCore::CryptoKeyRSA::generatePair):
        (WebCore::CryptoKeyRSA::importSpki):
        (WebCore::CryptoKeyRSA::importPkcs8):
        (WebCore::CryptoKeyRSA::~CryptoKeyRSA): Deleted.

2019-01-05  Zalan Bujtas  <zalan@apple.com>

        Incorrect clipping across compositing boundary.
        https://bugs.webkit.org/show_bug.cgi?id=193172
        <rdar://problem/44693008>

        Reviewed by Simon Fraser.

        Use temporary cliprect type when crossing compositing boundary to prevent cliprect caching.

        The issue here is that RenderLayer::backgroundClipRect() could cross compositing boundary by calling parentClipRects() which triggers
        clip rect update using the wrong painting root. This happens when the layer hierarchy and the compositing context do not match.
        For clip rect computation, we need to climb up on the layer hierarchy (calling parent layer's cliprect functions)
        but we also need to make sure that the computed cliprects on any given layer are cached only when the painting root is correct.
        It ensures that when we paint a layer (with the painting root as entry point), the cached cliprects are always based on its onw painting root. 

        Test: compositing/clipping/cached-cliprect-with-compositing-boundary.html

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::calculateClipRects const):

2019-01-05  Youenn Fablet  <youenn@apple.com>

        Service Worker fetch should obey its referrer policy
        https://bugs.webkit.org/show_bug.cgi?id=193152

        Reviewed by Chris Dumez.

        Pass referrer policy retrieved when fetching the service worker script to the SWServer.
        The SWServer then stores it persistently and sends it to the manager creating service workers.
        This manager will then set the referrer policy on the dummy Document of the corresponding service worker.

        Covered by rebased test.

        * workers/WorkerScriptLoader.cpp:
        (WebCore::WorkerScriptLoader::didReceiveResponse):
        * workers/WorkerScriptLoader.h:
        (WebCore::WorkerScriptLoader::referrerPolicy const):
        * workers/service/SWClientConnection.cpp:
        (WebCore::SWClientConnection::failedFetchingScript):
        * workers/service/ServiceWorkerContainer.cpp:
        (WebCore::ServiceWorkerContainer::jobFinishedLoadingScript):
        * workers/service/ServiceWorkerContainer.h:
        * workers/service/ServiceWorkerContextData.cpp:
        (WebCore::ServiceWorkerContextData::isolatedCopy const):
        * workers/service/ServiceWorkerContextData.h:
        (WebCore::ServiceWorkerContextData::encode const):
        (WebCore::ServiceWorkerContextData::decode):
        * workers/service/ServiceWorkerFetchResult.h:
        (WebCore::ServiceWorkerFetchResult::encode const):
        (WebCore::ServiceWorkerFetchResult::decode):
        * workers/service/ServiceWorkerJob.cpp:
        (WebCore::ServiceWorkerJob::notifyFinished):
        * workers/service/ServiceWorkerJobClient.h:
        * workers/service/context/ServiceWorkerThreadProxy.cpp:
        (WebCore::createPageForServiceWorker):
        * workers/service/server/RegistrationDatabase.cpp:
        (WebCore::recordsTableSchema):
        (WebCore::RegistrationDatabase::doPushChanges):
        (WebCore::RegistrationDatabase::importRecords):
        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::addRegistrationFromStore):
        (WebCore::SWServer::updateWorker):
        (WebCore::SWServer::installContextData):
        * workers/service/server/SWServer.h:
        * workers/service/server/SWServerJobQueue.cpp:
        (WebCore::SWServerJobQueue::scriptFetchFinished):
        * workers/service/server/SWServerWorker.cpp:
        (WebCore::SWServerWorker::SWServerWorker):
        (WebCore::SWServerWorker::contextData const):
        * workers/service/server/SWServerWorker.h:

2019-01-04  Simon Fraser  <simon.fraser@apple.com>

        Factor legacy WK1 code for fixed and scrolling layers into their own helper class
        https://bugs.webkit.org/show_bug.cgi?id=193165

        Reviewed by Frédéric Wang.

        RenderLayerCompositor has some code to handle registration of viewport-constrained
        and scrolling layers which is specific to iOS WK1. To reduce pollution, move this
        into its own helper class called LegacyWebKitScrollingLayerCoordinator, which is only
        allocated for iOS WK1.
        
        iOS WK1 never has a ScrollingCoordinator, so rather than the check for scrollingCoordinator(),
        we know that we only made a LegacyWebKitScrollingLayerCoordinator when there's a platform widget
        (i.e. WK1).
        
        * page/ChromeClient.h:
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::RenderLayerCompositor):
        (WebCore::RenderLayerCompositor::updateCustomLayersAfterFlush):
        (WebCore::RenderLayerCompositor::didFlushChangesForLayer):
        (WebCore::RenderLayerCompositor::setIsInWindow):
        (WebCore::RenderLayerCompositor::willRemoveScrollingLayerWithBacking): No longer check the page cache state; now we
        destroy the render tree of pages in the page cache, so we should never hit this code path.
        (WebCore::RenderLayerCompositor::didAddScrollingLayer):
        (WebCore::LegacyWebKitScrollingLayerCoordinator::registerAllViewportConstrainedLayers):
        (WebCore::LegacyWebKitScrollingLayerCoordinator::unregisterAllViewportConstrainedLayers):
        (WebCore::scrollbarHasDisplayNone):
        (WebCore::LegacyWebKitScrollingLayerCoordinator::updateScrollingLayer):
        (WebCore::LegacyWebKitScrollingLayerCoordinator::registerAllScrollingLayers):
        (WebCore::LegacyWebKitScrollingLayerCoordinator::registerScrollingLayersNeedingUpdate):
        (WebCore::LegacyWebKitScrollingLayerCoordinator::unregisterAllScrollingLayers):
        (WebCore::LegacyWebKitScrollingLayerCoordinator::addScrollingLayer):
        (WebCore::LegacyWebKitScrollingLayerCoordinator::removeScrollingLayer):
        (WebCore::LegacyWebKitScrollingLayerCoordinator::didFlushChangesForLayer):
        (WebCore::updateScrollingLayerWithClient): Deleted.
        (WebCore::RenderLayerCompositor::registerAllViewportConstrainedLayers): Deleted.
        (WebCore::RenderLayerCompositor::unregisterAllViewportConstrainedLayers): Deleted.
        (WebCore::RenderLayerCompositor::registerAllScrollingLayers): Deleted.
        (WebCore::RenderLayerCompositor::unregisterAllScrollingLayers): Deleted.
        * rendering/RenderLayerCompositor.h:
        (WebCore::LegacyWebKitScrollingLayerCoordinator::LegacyWebKitScrollingLayerCoordinator):
        * workers/service/ServiceWorkerContainer.cpp:
        (WebCore::ServiceWorkerContainer::~ServiceWorkerContainer):

2019-01-05  Zalan Bujtas  <zalan@apple.com>

        [LFC] VerticalMargin should only have the used values.
        https://bugs.webkit.org/show_bug.cgi?id=193168

        Reviewed by Antti Koivisto.

        Split VerticalMargin into ComputedVerticalMargin and UsedVerticalMargin.
        ComputedVerticalMargin holds the computed (optional) values while UsedVerticalMargin holds both the
        collapsed (optional) and the non-collapsed values.

        * layout/FormattingContext.cpp:
        (WebCore::Layout::FormattingContext::computeOutOfFlowVerticalGeometry const):
        * layout/FormattingContext.h:
        * layout/FormattingContextGeometry.cpp:
        (WebCore::Layout::FormattingContext::Geometry::outOfFlowNonReplacedVerticalGeometry):
        (WebCore::Layout::FormattingContext::Geometry::outOfFlowReplacedVerticalGeometry):
        (WebCore::Layout::FormattingContext::Geometry::complicatedCases):
        (WebCore::Layout::FormattingContext::Geometry::inlineReplacedHeightAndMargin):
        (WebCore::Layout::FormattingContext::Geometry::inlineReplacedWidthAndMargin):
        (WebCore::Layout::FormattingContext::Geometry::computedVerticalMargin):
        (WebCore::Layout::FormattingContext::Geometry::computedNonCollapsedVerticalMarginValue): Deleted.
        * layout/FormattingContextQuirks.cpp:
        (WebCore::Layout::FormattingContext::Quirks::heightValueOfNearestContainingBlockWithFixedHeight):
        * layout/LayoutUnits.h:
        * layout/MarginTypes.h:
        (WebCore::Layout::UsedVerticalMargin::before const):
        (WebCore::Layout::UsedVerticalMargin::after const):
        (WebCore::Layout::UsedVerticalMargin::nonCollapsedValues const):
        (WebCore::Layout::UsedVerticalMargin::collapsedValues const):
        (WebCore::Layout::UsedVerticalMargin::hasCollapsedValues const):
        (WebCore::Layout::UsedVerticalMargin::setCollapsedValues):
        (WebCore::Layout::UsedVerticalMargin::UsedVerticalMargin):
        (WebCore::Layout::VerticalMargin::nonCollapsedValues const): Deleted.
        (WebCore::Layout::VerticalMargin::collapsedValues const): Deleted.
        (WebCore::Layout::VerticalMargin::setCollapsedValues): Deleted.
        (WebCore::Layout::VerticalMargin::VerticalMargin): Deleted.
        (WebCore::Layout::VerticalMargin::usedValues const): Deleted.
        * layout/blockformatting/BlockFormattingContext.cpp:
        (WebCore::Layout::BlockFormattingContext::computeHeightAndMargin const):
        * layout/blockformatting/BlockFormattingContextGeometry.cpp:
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowNonReplacedHeightAndMargin):
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowHeightAndMargin):
        * layout/blockformatting/BlockFormattingContextQuirks.cpp:
        (WebCore::Layout::BlockFormattingContext::Quirks::stretchedHeight):
        * layout/blockformatting/BlockMarginCollapse.cpp:
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::computedNonCollapsedMarginBefore):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::computedNonCollapsedMarginAfter):
        * layout/displaytree/DisplayBox.h:
        (WebCore::Display::Box::setVerticalMargin):
        (WebCore::Display::Box::verticalMargin const):
        (WebCore::Display::Box::marginBefore const):
        (WebCore::Display::Box::marginAfter const):
        * layout/floats/FloatingContext.cpp:
        (WebCore::Layout::FloatingContext::verticalPositionWithClearance const):
        * layout/inlineformatting/InlineFormattingContext.cpp:
        (WebCore::Layout::InlineFormattingContext::computeHeightAndMargin const):

2019-01-04  Daniel Bates  <dabates@apple.com>

        REGRESSION (r238522): Erratic scrolling on Google flights search result page and vrbo.com
        https://bugs.webkit.org/show_bug.cgi?id=192996
        <rdar://problem/46573552>

        Reviewed by Simon Fraser.

        Only scroll a text field if its inner text size changes and it is the currently active and
        focused element on the page.

        Test: fast/scrolling/page-should-not-scroll-on-unfocused-text-field-layout.html

        * rendering/RenderTextControlSingleLine.cpp:
        (WebCore::RenderTextControlSingleLine::layout):

2019-01-04  Alex Christensen  <achristensen@webkit.org>

        Progress towards fixing Mac CMake build
        https://bugs.webkit.org/show_bug.cgi?id=193105

        Reviewed by Don Olmstead.

        * PlatformMac.cmake:
        * Sources.txt:
        * SourcesCocoa.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/graphics/gpu/GPURenderPassEncoder.h:

2019-01-04  Zalan Bujtas  <zalan@apple.com>

        [iOS] ERROR: post-layout: dirty renderer(s) in WebCore::RenderTreeNeedsLayoutChecker::~RenderTreeNeedsLayoutChecker()
        https://bugs.webkit.org/show_bug.cgi?id=189608
        <rdar://problem/44473299>

        Reviewed by Simon Fraser.

        When a frameset/iframe is hidden and we skip layout, clear the dirty flag on its subtree as well.

        Covered by fast/frames/invalid-frameset.html.

        * rendering/RenderFrameSet.cpp:
        (WebCore::clearSiblingSubtrees):
        (WebCore::RenderFrameSet::positionFrames):
        (WebCore::RenderFrameSet::positionFramesWithFlattening):

2019-01-04  Youenn Fablet  <youenn@apple.com>

        [Fetch API] Implement abortable fetch
        https://bugs.webkit.org/show_bug.cgi?id=174980
        <rdar://problem/46861402>

        Reviewed by Chris Dumez.

        Add an AbortSignal to FetchRequest.

        Add support for AbortSignal algorithm.
        The fetch request signal is added an algorithm to abort the fetch.
        Update clone algorithm to let signal of the cloned request be following the origin request.

        Update ReadableStream error handling to return an exception instead of a string.
        This allows passing an AbortError instead of a TypeError as previously done.

        Update FetchBodyOwner to store a loading error either as an exception or as a resource error.
        The latter is used for passing the error from service worker back to the page.
        The former is used to pass it to ReadableStream or body accessors.

        Covered by enabled tests.

        * Modules/cache/DOMCache.cpp:
        (WebCore::DOMCache::put):
        * Modules/fetch/FetchBody.cpp:
        (WebCore::FetchBody::consumeAsStream):
        (WebCore::FetchBody::loadingFailed):
        * Modules/fetch/FetchBody.h:
        * Modules/fetch/FetchBodyConsumer.cpp:
        (WebCore::FetchBodyConsumer::loadingFailed):
        * Modules/fetch/FetchBodyConsumer.h:
        * Modules/fetch/FetchBodyOwner.cpp:
        (WebCore::FetchBodyOwner::arrayBuffer):
        (WebCore::FetchBodyOwner::blob):
        (WebCore::FetchBodyOwner::cloneBody):
        (WebCore::FetchBodyOwner::formData):
        (WebCore::FetchBodyOwner::json):
        (WebCore::FetchBodyOwner::text):
        (WebCore::FetchBodyOwner::loadBlob):
        (WebCore::FetchBodyOwner::blobLoadingFailed):
        (WebCore::FetchBodyOwner::consumeBodyAsStream):
        (WebCore::FetchBodyOwner::setLoadingError):
        * Modules/fetch/FetchBodyOwner.h:
        (WebCore::FetchBodyOwner::loadingError const):
        (WebCore::FetchBodyOwner::loadingException const):
        * Modules/fetch/FetchBodySource.cpp:
        (WebCore::FetchBodySource::error):
        * Modules/fetch/FetchBodySource.h:
        * Modules/fetch/FetchRequest.cpp:
        (WebCore::FetchRequest::initializeWith):
        (WebCore::FetchRequest::clone):
        * Modules/fetch/FetchRequest.h:
        (WebCore::FetchRequest::FetchRequest):
        * Modules/fetch/FetchRequest.idl:
        * Modules/fetch/FetchRequestInit.h:
        (WebCore::FetchRequestInit::hasMembers const):
        * Modules/fetch/FetchRequestInit.idl:
        * Modules/fetch/FetchResponse.cpp:
        (WebCore::FetchResponse::clone):
        (WebCore::FetchResponse::fetch):
        (WebCore::FetchResponse::BodyLoader::didFail):
        * Modules/fetch/FetchResponse.h:
        * bindings/js/ReadableStreamDefaultController.h:
        (WebCore::ReadableStreamDefaultController::error):
        * dom/AbortSignal.cpp:
        (WebCore::AbortSignal::abort):
        (WebCore::AbortSignal::follow):
        * dom/AbortSignal.h:

2019-01-04  Brent Fulgham  <bfulgham@apple.com>

        Parsed protocol of javascript URLs with embedded newlines and carriage returns do not match parsed protocol in Chrome and Firefox
        https://bugs.webkit.org/show_bug.cgi?id=193155
        <rdar://problem/40230982>

        Reviewed by Chris Dumez.

        Test: fast/loader/comment-only-javascript-url.html

        Make a special case for URLs beginning with 'javascript:'. We should always
        treat these as JS URLs, even if the content contained within the URL
        string might match other parts of the URL parsing spec.

        * html/URLUtils.h:
        (WebCore::URLUtils<T>::protocol const):

2019-01-04  Jer Noble  <jer.noble@apple.com>

        [WebKitLegacy] Media playback pauses on scroll
        https://bugs.webkit.org/show_bug.cgi?id=192829

        Reviewed by Eric Carlson.

        New API tests:
            WebKitLegacy.ScrollingDoesNotPauseMedia
            WKWebView.StopAllMediaPlayback
            WKWebView.SuspendResumeAllMediaPlayback

        Do not use suspendActiveDOMObjects(ReasonForSuspension::PageWillBeSuspended) to pause
        video. Roll back the changes to HTMLMediaElement, and introduce a new set of Page calls
        suspendAllMediaPlayback() & resumeAllMediaPlayback() which replaces the removed bahavior.

        * dom/Document.cpp:
        (WebCore::Document::~Document):
        (WebCore::Document::stopAllMediaPlayback):
        (WebCore::Document::suspendAllMediaPlayback):
        (WebCore::Document::resumeAllMediaPlayback):
        * dom/Document.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::HTMLMediaElement):
        (WebCore::HTMLMediaElement::parseAttribute):
        (WebCore::HTMLMediaElement::didFinishInsertingNode):
        (WebCore::HTMLMediaElement::setSrcObject):
        (WebCore::HTMLMediaElement::updateActiveTextTrackCues):
        (WebCore::HTMLMediaElement::suspend):
        (WebCore::HTMLMediaElement::resume):
        (WebCore::HTMLMediaElement::webkitCurrentPlaybackTargetIsWireless const):
        * html/HTMLMediaElement.h:
        (WebCore::HTMLMediaElement::webkitCurrentPlaybackTargetIsWireless const): Deleted.
        * html/MediaElementSession.cpp:
        (WebCore::MediaElementSession::playbackPermitted const):
        * page/Page.cpp:
        (WebCore::Page::stopAllMediaPlayback):
        (WebCore::Page::suspendAllMediaPlayback):
        (WebCore::Page::resumeAllMediaPlayback):
        * page/Page.h:
        (WebCore::Page::mediaPlaybackIsSuspended):
        * platform/audio/PlatformMediaSession.h:
        * platform/audio/PlatformMediaSessionManager.cpp:
        (WebCore::PlatformMediaSessionManager::suspendAllMediaPlaybackForDocument):
        (WebCore::PlatformMediaSessionManager::resumeAllMediaPlaybackForDocument):
        * platform/audio/PlatformMediaSessionManager.h:

2019-01-04  Chris Dumez  <cdumez@apple.com>

        Add support for toggling device orientation API support per site
        https://bugs.webkit.org/show_bug.cgi?id=193143
        <rdar://problem/46605724>

        Reviewed by Alex Christensen.

        Add support for toggling device orientation API support per site via _WKWebsitePolicies.

        * dom/Document.cpp:
        (WebCore::Document::simulateDeviceOrientationChange):
        * dom/Document.h:
        * loader/DocumentLoader.h:
        (WebCore::DocumentLoader::deviceOrientationEventEnabled const):
        (WebCore::DocumentLoader::setDeviceOrientationEventEnabled):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::addEventListener):

2019-01-04  Jer Noble  <jer.noble@apple.com>

        Web Content process main thread blocked beneath ImageDecoderAVFObjC::readSamples for many seconds on imgur.com
        https://bugs.webkit.org/show_bug.cgi?id=191806
        <rdar://problem/46151477>

        Reviewed by Dean Jackson.

        Test: http/tests/images/mp4-partial-load.html

        Rather than use an AVAssetReaderTrackOutput, which will load both sample metadata and sample data
        synchronously when a sample is requested, use AVAssetReaderSampleReferenceOutput, which only loads
        sample metadata, including the byte offset and byte length of the sample data. By waiting until the
        AVAsset signals that it's own metadata is loaded, we can safely parse all the sample metadata without
        blocking on network loads. Once enough data is loaded, we can replace the byte reference and offset
        attachements in the sample with actual data, and mark the sample as "complete".

        Because the existing ImageSource assumes that image data parsing will occur synchronously, and that
        synchronous parsing could cause a hang if the metadata is not loaded, add a new callback method which
        allows the ImageSource to be notified when the encodedDataStatus changes. The ImageSource notifies the
        CacheImage, which notifies the RenderImage, and thus the asynchronous parsing will kick off the
        renderer's animation loop.

        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::CachedImageObserver::encodedDataStatusChanged):
        (WebCore::CachedImage::encodedDataStatusChanged):
        * loader/cache/CachedImage.h:
        * platform/graphics/ImageDecoder.h:
        (WebCore::ImageDecoder::setEncodedDataStatusChangeCallback):
        * platform/graphics/ImageObserver.h:
        (WebCore::ImageObserver::encodedDataStatusChanged):
        * platform/graphics/ImageSource.cpp:
        (WebCore::ImageSource::ensureDecoderAvailable):
        (WebCore::ImageSource::encodedDataStatusChanged):
        (WebCore::ImageSource::frameDecodingStatusAtIndex):
        * platform/graphics/ImageSource.h:
        * platform/graphics/avfoundation/objc/ImageDecoderAVFObjC.h:
        * platform/graphics/avfoundation/objc/ImageDecoderAVFObjC.mm:
        (-[WebCoreSharedBufferResourceLoaderDelegate data]):
        (WebCore::ImageDecoderAVFObjCSample::byteRange const):
        (WebCore::ImageDecoderAVFObjC::readSamples):
        (WebCore::ImageDecoderAVFObjC::setEncodedDataStatusChangeCallback):
        (WebCore::ImageDecoderAVFObjC::encodedDataStatus const):
        (WebCore::ImageDecoderAVFObjC::frameIsCompleteAtIndex const):
        (WebCore::ImageDecoderAVFObjC::createFrameImageAtIndex):
        (WebCore::ImageDecoderAVFObjC::sampleIsComplete const):

2019-01-04  Youenn Fablet  <youenn@apple.com>

        CSP violation reports should bypass CSP checks
        https://bugs.webkit.org/show_bug.cgi?id=192857
        <rdar://problem/46887236>

        Reviewed by Chris Dumez.

        For ping loads, pass the option to do CSP checks from PingLoader to LoaderStrategy.
        This new option is unused by WebKit Legacy.
        It is used by WebKit loader strategy to only send any CSP response header to network process
        in case CSP checks should be done.

        This option is used to disable CSP checks for Ping Loads that report CSP violations.

        Test: http/wpt/fetch/csp-reports-bypass-csp-checks.html

        * loader/LoaderStrategy.h:
        * loader/PingLoader.cpp:
        (WebCore::PingLoader::loadImage):
        (WebCore::PingLoader::sendPing):
        (WebCore::PingLoader::sendViolationReport):
        (WebCore::PingLoader::startPingLoad):
        * loader/PingLoader.h:
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::load):

2019-01-04  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Cocoa] Merge WebEditCommandProxy::nameForEditAction and undoNameForEditAction into a single function
        https://bugs.webkit.org/show_bug.cgi?id=193129

        Reviewed by Tim Horton.

        Adds a new helper function that returns the undo/redo name for a given EditAction. No change in behavior.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * editing/EditAction.cpp: Copied from Source/WebKit/UIProcess/WebEditCommandProxy.cpp.
        (WebCore::nameForUndoRedo):
        * editing/EditAction.h:
        * editing/Editor.cpp:

2019-01-03  Matt Rajca  <mrajca@apple.com>

        Make DidPlayMediaPreventedFromPlaying autoplay event more generic.
        https://bugs.webkit.org/show_bug.cgi?id=193128
        rdar://34554231

        Reviewed by Jer Noble.

        Today, the "DidPlayMediaPreventedFromPlaying" autoplay event is only sent for
        media prevented from autoplaying. It could be generalized to a "DidPlayMediaWithUserGesture"
        event along with a flag that indicates whether or not autoplay was actually prevented.
        Moreover, we can include a flag that indicates whether the media element in question
        is main content. Clients will then know in more cases when media was played with a user
        gesture, whether or not it has audio, as well as its main content status. While the main
        content heuristics may not be perfect, they covered the top 20 video-centric websites that
        this was tested with and are meant to be used by clients for data evaluation purposes.

        As part of this, the PlaybackWithoutUserGesture enum was renamed to AutoplayEventPlaybackState
        since it now also applies to cases where there is a user gesture. The
        `m_playbackWithoutUserGestureStartedTime` member variable was also removed in favor of
        `playbackStartedTime` which also covers all the cases we care about.

        Tests: existing API tests were updated to reflect the new names. New API tests
        were added for the new case in which the "DidPlayMediaWithUserGesture" event is sent.

        * html/HTMLMediaElement.cpp:
        (WebCore::convertEnumerationToString): Update to new enum cases.
        (WebCore::HTMLMediaElement::setReadyState): Ditto.
        (WebCore::HTMLMediaElement::play): Ditto.
        (WebCore::HTMLMediaElement::playInternal): Also cover the case where
         playback was not prevented but there was a user gesture.
        (WebCore::HTMLMediaElement::pauseInternal): Use new name.
        (WebCore::HTMLMediaElement::setVolume): Use new name.
        (WebCore::HTMLMediaElement::playbackProgressTimerFired): Dispatch the
         DidPlayMediaWithUserGesture event when playback was started with a user
         gesture as well.
        (WebCore::HTMLMediaElement::mediaPlayerDidAddAudioTrack): Use new name.
        (WebCore::HTMLMediaElement::mediaPlayerTimeChanged): Ditto.
        (WebCore::HTMLMediaElement::mediaPlayerCharacteristicChanged): Ditto.
        (WebCore::HTMLMediaElement::stopWithoutDestroyingMediaPlayer): Ditto.
        (WebCore::HTMLMediaElement::handleAutoplayEvent): Pass along new media state.
        (WebCore::HTMLMediaElement::userDidInterfereWithAutoplay): Use new name.
        (WebCore::HTMLMediaElement::setAutoplayEventPlaybackState): Stop setting
         m_playbackWithoutUserGestureStartedTime in favor of using playbackStartedTime.
        (WebCore::HTMLMediaElement::updateShouldPlay): Use new name.
        (WebCore::HTMLMediaElement::setPlaybackWithoutUserGesture): Renamed.
        * html/HTMLMediaElement.h:
        (WTF::LogArgument<WebCore::HTMLMediaElement::AutoplayEventPlaybackState>::toString): Renamed from...
        (WTF::LogArgument<WebCore::HTMLMediaElement::PlaybackWithoutUserGesture>::toString):
        * html/MediaElementSession.cpp:
        (WebCore::MediaElementSession::isMainContentForPurposesOfAutoplayEvents const): Don't
         do the hit testing check for the purposes of autoplay events. It seems to fail on the
         basic Vimeo player due to overlapping divs.
        (WebCore::isElementMainContentForPurposesOfAutoplay):
        (WebCore::MediaElementSession::updateIsMainContent const): Keep the existing behavior
         here of hit testing.
        (WebCore::isMainContentForPurposesOfAutoplay): Renamed.
        * html/MediaElementSession.h:
        * page/AutoplayEvent.h:

2019-01-04  Youenn Fablet  <youenn@apple.com>

        Crash in WebCore::ServiceWorkerGlobalScope
        https://bugs.webkit.org/show_bug.cgi?id=192513
        <rdar://problem/46563880>

        Reviewed by Alex Christensen.

        Store the identifier in its own variable to make sure we do not use workerThread after being moved.

        * workers/service/ServiceWorkerGlobalScope.cpp:
        (WebCore::ServiceWorkerGlobalScope::skipWaiting):

2019-01-04  Chris Fleizach  <cfleizach@apple.com>

        AX: String check: "Rule" does not reflect the meaning of the <hr> html tag
        https://bugs.webkit.org/show_bug.cgi?id=193041
        <rdar://problem/46954090>

        Reviewed by Zalan Bujtas.

        * en.lproj/Localizable.strings:
        * platform/cocoa/LocalizedStringsCocoa.mm:
        (WebCore::AXHorizontalRuleDescriptionText):

2019-01-04  Zalan Bujtas  <zalan@apple.com>

        [LFC] ComputedHorizontalMargin should have optional members
        https://bugs.webkit.org/show_bug.cgi?id=193131

        Reviewed by Antti Koivisto.

        Split HorizontalMargin into UsedHorizontalMargin and ComputedHorizontalMargin. ComputedHorizontalMargin's members are optional.
        (see computed vs used values)

        * layout/FormattingContext.h:
        * layout/FormattingContextGeometry.cpp:
        (WebCore::Layout::FormattingContext::Geometry::outOfFlowNonReplacedHorizontalGeometry):
        (WebCore::Layout::FormattingContext::Geometry::outOfFlowReplacedHorizontalGeometry):
        (WebCore::Layout::FormattingContext::Geometry::floatingNonReplacedWidthAndMargin):
        (WebCore::Layout::FormattingContext::Geometry::floatingReplacedWidthAndMargin):
        (WebCore::Layout::FormattingContext::Geometry::inlineReplacedWidthAndMargin):
        (WebCore::Layout::FormattingContext::Geometry::computedHorizontalMargin):
        (WebCore::Layout::FormattingContext::Geometry::computedNonCollapsedHorizontalMarginValue): Deleted.
        * layout/LayoutUnits.h:
        * layout/MarginTypes.h:
        * layout/Verification.cpp:
        (WebCore::Layout::outputMismatchingBlockBoxInformationIfNeeded):
        * layout/blockformatting/BlockFormattingContextGeometry.cpp:
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowNonReplacedWidthAndMargin):
        * layout/displaytree/DisplayBox.h:
        (WebCore::Display::Box::setHorizontalMargin):
        (WebCore::Display::Box::setHorizontalComputedMargin):
        (WebCore::Display::Box::computedMarginStart const):
        (WebCore::Display::Box::computedMarginEnd const):
        * layout/floats/FloatAvoider.h:
        (WebCore::Layout::FloatAvoider::marginStart const):
        (WebCore::Layout::FloatAvoider::marginEnd const):
        * layout/inlineformatting/InlineFormattingContext.cpp:
        (WebCore::Layout::InlineFormattingContext::collectInlineContentForSubtree const):
        * layout/inlineformatting/InlineFormattingContextGeometry.cpp:
        (WebCore::Layout::InlineFormattingContext::Geometry::inlineBlockWidthAndMargin):

2019-01-04  Zalan Bujtas  <zalan@apple.com>

        [LFC][BFC] Use computedValue and usedValue consistently
        https://bugs.webkit.org/show_bug.cgi?id=193059

        Reviewed by Antti Koivisto.

        https://www.w3.org/TR/CSS22/cascade.html#value-stages

        6.1.2 Computed values
        Specified values are resolved to computed values during the cascade; for example URIs are made absolute and 'em' and 'ex' units
        are computed to pixel or absolute lengths. Computing a value never requires the user agent to render the document...

        6.1.3 Used values
        Computed values are processed as far as possible without formatting the document. Some values, however, can only be determined when the document
        is being laid out. For example, if the width of an element is set to be a certain percentage of its containing block, the width cannot be determined
        until the width of the containing block has been determined. The used value is the result of taking the computed value and resolving any remaining
        dependencies into an absolute value.

        * layout/FormattingContext.cpp:
        (WebCore::Layout::FormattingContext::computeOutOfFlowHorizontalGeometry const):
        * layout/FormattingContextGeometry.cpp:
        (WebCore::Layout::FormattingContext::Geometry::outOfFlowNonReplacedHorizontalGeometry):
        (WebCore::Layout::FormattingContext::Geometry::outOfFlowReplacedVerticalGeometry):
        (WebCore::Layout::FormattingContext::Geometry::outOfFlowReplacedHorizontalGeometry):
        (WebCore::Layout::FormattingContext::Geometry::complicatedCases):
        (WebCore::Layout::FormattingContext::Geometry::inlineReplacedWidthAndMargin):
        * layout/LayoutState.cpp:
        (WebCore::Layout::LayoutState::LayoutState):
        * layout/LayoutUnits.h:
        * layout/Verification.cpp:
        (WebCore::Layout::outputMismatchingBlockBoxInformationIfNeeded):
        * layout/blockformatting/BlockFormattingContext.cpp:
        (WebCore::Layout::BlockFormattingContext::computeWidthAndMargin const):
        * layout/blockformatting/BlockFormattingContextGeometry.cpp:
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowNonReplacedWidthAndMargin):
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowReplacedWidthAndMargin):
        * layout/displaytree/DisplayBox.cpp:
        (WebCore::Display::Box::Box):
        * layout/displaytree/DisplayBox.h:
        (WebCore::Display::Box::setHasValidHorizontalComputedMargin):
        (WebCore::Display::Box::setHorizontalComputedMargin):
        (WebCore::Display::Box::computedMarginStart const):
        (WebCore::Display::Box::computedMarginEnd const):
        (WebCore::Display::Box::setHasValidHorizontalNonComputedMargin): Deleted.
        (WebCore::Display::Box::setHorizontalNonComputedMargin): Deleted.
        (WebCore::Display::Box::nonComputedMarginStart const): Deleted.
        (WebCore::Display::Box::nonComputedMarginEnd const): Deleted.
        * layout/floats/FloatAvoider.h:
        (WebCore::Layout::FloatAvoider::marginStart const):
        (WebCore::Layout::FloatAvoider::marginEnd const):
        * layout/inlineformatting/InlineFormattingContext.cpp:
        (WebCore::Layout::InlineFormattingContext::computeWidthAndMargin const):

2019-01-03  Zalan Bujtas  <zalan@apple.com>

        REGRESSION: -webkit-appearance test case crashes
        https://bugs.webkit.org/show_bug.cgi?id=189302
        <rdar://problem/44143049>

        Reviewed by Wenson Hsieh.

        The painting and the layout positions of the cancel button need to match in order to be able to interact with it.
        This patch removes the previous position inlining attempts.

        Test: fast/forms/webkit-appearance-searchfield-cancel-button-crash.html

        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::paintSearchFieldCancelButton):

2019-01-03  David Kilzer  <ddkilzer@apple.com>

        Leak of WebCore::LibWebRTCCertificateGenerator::RTCCertificateGeneratorCallback (48 bytes) in com.apple.WebKit.WebContent running WebKit layout tests
        <https://webkit.org/b/193122>
        <rdar://problem/47022987>

        Reviewed by Youenn Fablet.

        * Modules/mediastream/libwebrtc/LibWebRTCCertificateGenerator.cpp:
        (WebCore::LibWebRTCCertificateGenerator::RTCCertificateGeneratorCallback::AddRef const):
        (WebCore::LibWebRTCCertificateGenerator::RTCCertificateGeneratorCallback::Release const):
        - Remove `final` keyword so that
          `new rtc::RefCountedObject<RTCCertificateGeneratorCallback>()`
          can be called.
        (WebCore::LibWebRTCCertificateGenerator::generateCertificate):
        - To fix the leak call
          `new rtc::RefCountedObject<RTCCertificateGeneratorCallback>()`
          to create the object.

2019-01-03  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r238090): After showing the Find banner or tab bar, hit tests are vertically offset (or painting is not offset)
        https://bugs.webkit.org/show_bug.cgi?id=193124
        rdar://problem/46755409

        Reviewed by Tim Horton.

        Top content inset feeds into scrolling tree geometry, so when it changes we need to trigger
        an update of the root scrolling node, which happens via RenderLayerBacking::updateGeometry().
        So set a dirty bit on the root layer in frameViewDidChangeSize(), which is called from the code
        path that runs when top content inset changes.

        Find banner behavior is not easily testable. platform/mac/fast/events/content-inset-hit-testing.html did not detect the regression.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::frameViewDidChangeSize):

2019-01-03  Chris Dumez  <cdumez@apple.com>

        Potential infinite recursion in isFrameFamiliarWith(Frame&, Frame&)
        https://bugs.webkit.org/show_bug.cgi?id=192997
        <rdar://problem/46217271>

        Reviewed by Antti Koivisto.

        isFrameFamiliarWith(Frame&, Frame&) was called recursively using the passed frames' openers.
        The issue is that a Frame can be its opener. There could also be a cycle in the opener chain.

        To address the issue, simplify isFrameFamiliarWith() so that it is no longer recursive. We now
        only check if the frames belong to the same pages or if their openers do. We no longer check
        openers' opener and up.

        Note that this function is used to check if a frame is allowed to target another. In practice,
        it is unlikely to be useful to navigate an opener's opener and an openee's openee.

        Tests: fast/dom/Window/window-open-opener-cycle.html
               fast/dom/Window/window-open-self-as-opener.html

        * page/FrameTree.cpp:
        (WebCore::isFrameFamiliarWith):

2019-01-02  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r239306): Don't disable font smoothing in transparent layers on macOS Mojave and later
        https://bugs.webkit.org/show_bug.cgi?id=193095
        <rdar://problem/47014944>

        Reviewed by Zalan Bujtas.
        
        In r239306 we stopped making CALayers for font-smoothed text when not necessary on macOS Mojave
        and later. However, we still turned off smoothing for non-opaque layers (setShouldSmoothFonts(false)),
        which continues to affect the appearance of text.
        
        Fix by only calling setShouldSmoothFonts(false) when the OS supports font smoothing.

        Test: compositing/contents-format/subpixel-antialiased-text.html

        * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:
        (WebCore::PlatformCALayer::drawLayerContents):

2019-01-02  David Kilzer  <ddkilzer@apple.com>

        Leak of CMSampleBuffer (752 bytes) in com.apple.WebKit.WebContent running WebKit layout tests
        <https://webkit.org/b/193016>
        <rdar://problem/46925703>

        Reviewed by Simon Fraser.

        * platform/mediarecorder/cocoa/MediaRecorderPrivateWriterCocoa.mm:
        (WebCore::copySampleBufferWithCurrentTimeStamp):
        - Change to return RetainPtr<CMSampleBufferRef>.
        - Check return value of CMSampleBufferCreateCopyWithNewTiming().
        (WebCore::MediaRecorderPrivateWriter::appendVideoSampleBuffer):
        - Check return value of copySampleBufferWithCurrentTimeStamp().
        - Fix leak by using RetainPtr<CMSampleBufferRef> returned from
          copySampleBufferWithCurrentTimeStamp() instead of leaking
          `bufferWithCurrentTime` by using retainPtr().
        (WebCore::createAudioFormatDescription):
        - Extract method from appendAudioSampleBuffer() to return
          RetainPtr<CMFormatDescriptionRef> after calling
          CMAudioFormatDescriptionCreate().
        - Check return value of CMAudioFormatDescriptionCreate().
        (WebCore::createAudioSampleBufferWithPacketDescriptions):
        - Extract method from appendAudioSampleBuffer() to return
          RetainPtr<CMSampleBufferRef> after calling
          CMAudioSampleBufferCreateWithPacketDescriptions().
        (WebCore::MediaRecorderPrivateWriter::appendAudioSampleBuffer):
        - Check return values of createAudioFormatDescription() and
          createAudioSampleBufferWithPacketDescriptions().
        - Fix leaks by extracting code into helper methods that return
          RetainPtr<> objects instead of leaking CMFormatDescriptionRef
          directly or leaking `sampleBuffer` by using retainPtr().

2019-01-02  Wenson Hsieh  <wenson_hsieh@apple.com>

        Add support for using the current text selection as the find string on iOS
        https://bugs.webkit.org/show_bug.cgi?id=193034
        <rdar://problem/45138739>

        Reviewed by Tim Horton.

        Add support for "TakeFindStringFromSelection" on iOS. Unlike macOS, iOS does not have a notion of a "find
        pasteboard" like macOS; instead, we handle this editing command by sending the selection string to the UI
        process, where it is exposed via WebKit SPI so that clients that present find-in-page UI (i.e. MobileSafari) are
        able to trigger find-in-page with this string.

        Test: WebKit.UseSelectionAsFindString

        * editing/Editor.cpp:
        (WebCore::Editor::canCopyExcludingStandaloneImages const):

        Make this helper function cross-platform.

        * editing/Editor.h:
        * editing/EditorCommand.cpp:
        (WebCore::createCommandMap):
        * editing/cocoa/EditorCocoa.mm:
        (WebCore::Editor::takeFindStringFromSelection):

        Move this from EditorMac to EditorCocoa, and implement it on iOS by calling into the editor client to update the
        find string (see WebKit/ChangeLog for more details).

        * editing/mac/EditorMac.mm:
        (WebCore::Editor::canCopyExcludingStandaloneImages): Deleted.
        (WebCore::Editor::takeFindStringFromSelection): Deleted.
        * loader/EmptyClients.cpp:
        * page/EditorClient.h:

        Add a new editor client method to send the string for find-in-page to the UI process.

2019-01-02  Devin Rousso  <webkit@devinrousso.com>

        Web Inspector: Implement `queryObjects` Command Line API
        https://bugs.webkit.org/show_bug.cgi?id=176766
        <rdar://problem/34890689>

        Reviewed by Joseph Pecoraro.

        Test: inspector/console/queryObjects.html

        * inspector/CommandLineAPIModuleSource.js:
        (CommandLineAPI):
        (CommandLineAPIImpl.prototype.queryObjects): Added.

2019-01-02  Charles Vazac  <cvazac@gmail.com>

        Fix resourcetimingbufferfull bubbles attribute
        https://bugs.webkit.org/show_bug.cgi?id=193087

        Reviewed by Chris Dumez.

        This change is covered by web-platform-tests [1].

        [1] https://github.com/web-platform-tests/wpt/blob/master/resource-timing/buffer-full-when-populate-entries.html#L20

        * page/Performance.cpp:
        (WebCore::Performance::resourceTimingBufferFullTimerFired):

2019-01-02  Simon Fraser  <simon.fraser@apple.com>

        Rename LayerScrollCoordinationRole to ScrollCoordinationRole and make an enum class
        https://bugs.webkit.org/show_bug.cgi?id=193010

        Reviewed by Zalan Bujtas.

        Move the enum LayerScrollCoordinationRole from RenderLayer.h to RenderLayerCompositor.h,
        and make it an enum class.

        * page/FrameView.cpp:
        (WebCore::FrameView::scrollLayerID const):
        * rendering/RenderLayer.h:
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::~RenderLayerBacking):
        (WebCore::RenderLayerBacking::detachFromScrollingCoordinator):
        (WebCore::operator<<):
        * rendering/RenderLayerBacking.h:
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::updateScrollCoordinatedStatus):
        (WebCore::RenderLayerCompositor::removeFromScrollCoordinatedLayers):
        (WebCore::scrollCoordinationRoleForNodeType):
        (WebCore::RenderLayerCompositor::attachScrollingNode):
        (WebCore::RenderLayerCompositor::detachScrollCoordinatedLayer):
        (WebCore::RenderLayerCompositor::updateScrollCoordinatedLayer):
        (WebCore::RenderLayerCompositor::willRemoveScrollingLayerWithBacking):
        * rendering/RenderLayerCompositor.h:

2019-01-02  Simon Fraser  <simon.fraser@apple.com>

        Don't spin up a CalcParser if the current token is not a function token
        https://bugs.webkit.org/show_bug.cgi?id=193067

        Reviewed by Zalan Bujtas.

        Various functions in CSSPropertyParserHelpers fall back to trying to parse
        a calc expression if the normal parsing fails. Don't do this unless the
        current token is a function token, which should be slightly more efficient.

        * css/parser/CSSPropertyParserHelpers.cpp:
        (WebCore::CSSPropertyParserHelpers::consumeInteger):
        (WebCore::CSSPropertyParserHelpers::consumePositiveIntegerRaw):
        (WebCore::CSSPropertyParserHelpers::consumeNumberRaw):
        (WebCore::CSSPropertyParserHelpers::consumeNumber):
        (WebCore::CSSPropertyParserHelpers::consumeFontWeightNumber):
        (WebCore::CSSPropertyParserHelpers::consumeLength):
        (WebCore::CSSPropertyParserHelpers::consumePercent):
        (WebCore::CSSPropertyParserHelpers::consumeLengthOrPercent):
        (WebCore::CSSPropertyParserHelpers::consumeAngle):
        (WebCore::CSSPropertyParserHelpers::consumeAngleOrPercent):
        (WebCore::CSSPropertyParserHelpers::consumeTime):

2019-01-02  Simon Fraser  <simon.fraser@apple.com>

        Support css-color-4 rgb functions
        https://bugs.webkit.org/show_bug.cgi?id=192321

        Reviewed by Zalan Bujtas.
        
        Support the new rgb()/rgba() syntax described in https://drafts.csswg.org/css-color/#rgb-functions.
        The differences are:
        1. There is a new comma-free syntax, where the optional alpha is separated by a slash:
            rgb(128 34 56)
            rgb(128 34 56 / 50%)
        2. Floating point values are allowed, and rounded:
            rgb(128.5 34.2 56.5) becomes rgb(129 34 57)
        3. rgba() is a pure alias for rgb(), so these are equivalent:
            rgb(128 34 56 / 50%)
            rgba(128 34 56 / 50%)
            
        hsl()/hsla() parsing was already updated to this new syntax in r230861.

        Tested by tests in imported/w3c/web-platform-tests/css/css-color/

        * css/parser/CSSPropertyParserHelpers.cpp:
        (WebCore::CSSPropertyParserHelpers::clampRGBComponent):
        (WebCore::CSSPropertyParserHelpers::parseRGBParameters):
        (WebCore::CSSPropertyParserHelpers::parseColorFunction):

2019-01-02  Simon Fraser  <simon.fraser@apple.com>

        Handle calc() expressions in gradient color stops
        https://bugs.webkit.org/show_bug.cgi?id=193066
        rdar://problem/46961985

        Reviewed by Sam Weinig.
        
        Fix two issues that prevented calc() expressions from working in conic-gradient color stops,
        for the angle or percent value. First, consumeAngleOrPercent() needs to look for CalculationCategory::Percent
        calc values as well as angle ones.

        Second, CSSPrimitiveValue::isAngle() needs to use primitiveType() (which takes calc into account),
        just as isPx() etc do.

        Test: fast/gradients/conic-calc-stop-position.html

        * css/CSSPrimitiveValue.h:
        (WebCore::CSSPrimitiveValue::isAngle const):
        * css/parser/CSSPropertyParserHelpers.cpp:
        (WebCore::CSSPropertyParserHelpers::consumeAngleOrPercent):
        (WebCore::CSSPropertyParserHelpers::consumeGradientColorStops):

2018-12-31  Keith Miller  <keith_miller@apple.com>

        SourceProviders should use an actual URL instead of a string
        https://bugs.webkit.org/show_bug.cgi?id=192734

        Reviewed by Yusuke Suzuki.

        Remove ScriptSourceCode's URL member and make the url() method
        reference the URL on the SourceProvider. Also, avoid some
        ref count churn.

        Additionally, this patch fixes an existing bug in
        WorkletGlobalScope() that would use a ScriptSourceCode after
        WTFMoving it.

        * bindings/js/CachedScriptSourceProvider.h:
        (WebCore::CachedScriptSourceProvider::CachedScriptSourceProvider):
        * bindings/js/ScheduledAction.cpp:
        (WebCore::ScheduledAction::execute):
        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::executeScriptInWorld):
        (WebCore::ScriptController::executeScript):
        * bindings/js/ScriptSourceCode.h:
        (WebCore::ScriptSourceCode::ScriptSourceCode):
        (WebCore::ScriptSourceCode::m_code):
        (WebCore::ScriptSourceCode::url const):
        (WebCore::ScriptSourceCode::m_url): Deleted.
        * dom/ScriptElement.cpp:
        (WebCore::ScriptElement::prepareScript):
        (WebCore::ScriptElement::requestModuleScript):
        (WebCore::ScriptElement::executePendingScript):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::ensureMediaControlsInjectedScript):
        * page/Frame.cpp:
        (WebCore::Frame::injectUserScriptImmediately):
        * workers/WorkerGlobalScope.cpp:
        (WebCore::WorkerGlobalScope::importScripts):
        * workers/WorkerThread.cpp:
        (WebCore::WorkerThread::workerThread):
        * worklets/WorkletGlobalScope.cpp:
        (WebCore::WorkletGlobalScope::WorkletGlobalScope):
        * xml/parser/XMLDocumentParserLibxml2.cpp:
        (WebCore::XMLDocumentParser::endElementNs):

2019-01-01  Jeff Miller  <jeffm@apple.com>

        Update user-visible copyright strings to include 2019
        https://bugs.webkit.org/show_bug.cgi?id=192811

        Reviewed by Mark Lam.

        * Info.plist:

2018-12-30  David Kilzer  <ddkilzer@apple.com>

        clang-tidy: Save 8 padding bytes on WebCore::BorderEdge
        <https://webkit.org/b/193058>
        <rdar://problem/46979275>

        Reviewed by Yusuke Suzuki.

        * rendering/BorderEdge.cpp:
        (WebCore::BorderEdge::BorderEdge): Reorder initialization to
        match new instance variable order.
        * rendering/BorderEdge.h: Reorder instance variables to save
        8 padding bytes.

2018-12-28  Yusuke Suzuki  <yusukesuzuki@slowstart.org>

        [JSC] Remove one indirection in JSObject::toStringName
        https://bugs.webkit.org/show_bug.cgi?id=193037

        Reviewed by Keith Miller.

        Use old JSObject::toStringName function here.

        * bindings/js/JSDOMConstructorBase.cpp:
        (WebCore::JSDOMConstructorBase::className):
        (WebCore::JSDOMConstructorBase::toStringName):
        * bindings/js/JSDOMConstructorBase.h:
        (WebCore::JSDOMConstructorBase::className): Deleted.

2018-12-27  Alex Christensen  <achristensen@webkit.org>

        Resurrect Mac CMake build
        https://bugs.webkit.org/show_bug.cgi?id=192658

        Reviewed by Yusuke Suzuki.

        This makes it so JSC and most of WebCore builds.
        WebCore's use of ARC seems inconsistent, so I'll fix that later.

        * PlatformMac.cmake:
        * config.h:

2018-12-26  Jim Mason  <jmason@ibinx.com>

        [FreeType] Restore conditional compilation logic for recent HarfBuzz refactoring
        https://bugs.webkit.org/show_bug.cgi?id=193036

        Reviewed by Michael Catanzaro.

        * platform/graphics/FontPlatformData.h:
        * platform/graphics/freetype/FontPlatformDataFreeType.cpp:

2018-12-24  Fujii Hironori  <Hironori.Fujii@sony.com>

        Remove "using namespace std;"
        https://bugs.webkit.org/show_bug.cgi?id=192973
        <rdar://problem/46937309>

        Unreviewed Windows port Debug builds fix.

        No new tests since no behavior changes.

        * accessibility/win/AXObjectCacheWin.cpp:
        (WebCore::AXObjectCache::postPlatformNotification): Add "std::" prefix to numeric_limits in ASSERT macro.

2018-12-24  Fujii Hironori  <Hironori.Fujii@sony.com>

        Remove "using namespace std;"
        https://bugs.webkit.org/show_bug.cgi?id=192973

        Reviewed by Alex Christensen.

        Removed "using namespace std" statement, and use std:: prefix.

        No new tests since no behavior changes.

        * accessibility/win/AXObjectCacheWin.cpp:
        * platform/graphics/GraphicsContext3DPrivate.cpp:
        * platform/graphics/cairo/ImageBufferCairo.cpp:
        * platform/graphics/win/FontPlatformDataCairoWin.cpp:
        * platform/graphics/win/FontWin.cpp:
        (WebCore::FontCascade::floatWidthForComplexText const):
        * platform/graphics/win/GraphicsContextCGWin.cpp:
        * platform/graphics/win/GraphicsContextCairoWin.cpp:
        * platform/graphics/win/GraphicsContextDirect2D.cpp:
        * platform/graphics/win/GraphicsContextWin.cpp:
        * platform/graphics/win/SimpleFontDataCGWin.cpp:
        * platform/graphics/win/UniscribeController.cpp:
        (WebCore::UniscribeController::UniscribeController):
        (WebCore::UniscribeController::shapeAndPlaceItem):
        * platform/image-decoders/ScalableImageDecoder.cpp:
        * platform/text/LocaleICU.cpp:
        * platform/text/win/LocaleWin.cpp:
        * platform/win/ScrollbarThemeWin.cpp:
        * rendering/RenderRubyRun.cpp:
        (WebCore::RenderRubyRun::layoutBlock):
        * rendering/RenderThemeWin.cpp:
        (WebCore::RenderThemeWin::adjustMenuListButtonStyle const):
        (WebCore::RenderThemeWin::paintSearchFieldCancelButton):
        (WebCore::RenderThemeWin::adjustSearchFieldCancelButtonStyle const):
        (WebCore::RenderThemeWin::adjustSearchFieldResultsDecorationPartStyle const):
        (WebCore::RenderThemeWin::paintSearchFieldResultsDecorationPart):
        (WebCore::RenderThemeWin::adjustSearchFieldResultsButtonStyle const):
        (WebCore::RenderThemeWin::paintSearchFieldResultsButton):

2018-12-24  Simon Fraser  <simon.fraser@apple.com>

        Change ScrollingNodeType to an enum class
        https://bugs.webkit.org/show_bug.cgi?id=193009

        Reviewed by Zalan Bujtas.

        Change the ScrollingNodeType enum to an enum class.
        
        No behavior change.

        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::ensureRootStateNodeForFrameView):
        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::operator<<):
        * page/scrolling/ScrollingCoordinator.h:
        * page/scrolling/ScrollingStateFixedNode.cpp:
        (WebCore::ScrollingStateFixedNode::ScrollingStateFixedNode):
        * page/scrolling/ScrollingStateNode.h:
        (WebCore::ScrollingStateNode::isFixedNode const):
        (WebCore::ScrollingStateNode::isStickyNode const):
        (WebCore::ScrollingStateNode::isFrameScrollingNode const):
        (WebCore::ScrollingStateNode::isOverflowScrollingNode const):
        * page/scrolling/ScrollingStateOverflowScrollingNode.cpp:
        (WebCore::ScrollingStateOverflowScrollingNode::ScrollingStateOverflowScrollingNode):
        * page/scrolling/ScrollingStateStickyNode.cpp:
        (WebCore::ScrollingStateStickyNode::ScrollingStateStickyNode):
        * page/scrolling/ScrollingStateTree.cpp:
        (WebCore::ScrollingStateTree::createNode):
        (WebCore::ScrollingStateTree::attachNode):
        * page/scrolling/ScrollingTreeNode.h:
        (WebCore::ScrollingTreeNode::isFixedNode const):
        (WebCore::ScrollingTreeNode::isStickyNode const):
        (WebCore::ScrollingTreeNode::isFrameScrollingNode const):
        (WebCore::ScrollingTreeNode::isOverflowScrollingNode const):
        * page/scrolling/ScrollingTreeOverflowScrollingNode.cpp:
        (WebCore::ScrollingTreeOverflowScrollingNode::ScrollingTreeOverflowScrollingNode):
        * page/scrolling/ios/ScrollingTreeIOS.cpp:
        (WebCore::ScrollingTreeIOS::createScrollingTreeNode):
        * page/scrolling/mac/ScrollingTreeFixedNode.mm:
        (WebCore::ScrollingTreeFixedNode::ScrollingTreeFixedNode):
        * page/scrolling/mac/ScrollingTreeMac.cpp:
        (ScrollingTreeMac::createScrollingTreeNode):
        * page/scrolling/mac/ScrollingTreeStickyNode.mm:
        (WebCore::ScrollingTreeStickyNode::ScrollingTreeStickyNode):
        * platform/graphics/GraphicsLayerClient.h:
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::reattachSubframeScrollLayers):
        (WebCore::scrollCoordinationRoleForNodeType):
        (WebCore::RenderLayerCompositor::updateScrollCoordinationForThisFrame):
        (WebCore::RenderLayerCompositor::updateScrollCoordinatedLayer):

2018-12-22  Carlos Garcia Campos  <cgarcia@igalia.com>

        [HarfBuzz] Width not correctly reported as 0 for zero font size
        https://bugs.webkit.org/show_bug.cgi?id=192986

        Reviewed by Michael Catanzaro.

        Fixes test fast/text/font-size-zero.html

        * platform/graphics/harfbuzz/ComplexTextControllerHarfBuzz.cpp:
        (WebCore::ComplexTextController::ComplexTextRun::ComplexTextRun): Use empty advances for glyphs when the font
        size is zero.

2018-12-20  Yusuke Suzuki  <yusukesuzuki@slowstart.org>

        Use Ref<> as much as possible
        https://bugs.webkit.org/show_bug.cgi?id=192808

        Reviewed by Alex Christensen.

        * Modules/encryptedmedia/NavigatorEME.cpp:
        (WebCore::NavigatorEME::requestMediaKeySystemAccess):
        * Modules/fetch/FetchBody.cpp:
        (WebCore::FetchBody::bodyAsFormData const):
        * Modules/geolocation/Geolocation.cpp:
        (WebCore::Geolocation::getCurrentPosition):
        (WebCore::Geolocation::watchPosition):
        * Modules/indexeddb/IDBDatabase.cpp:
        (WebCore::IDBDatabase::objectStoreNames const):
        * Modules/indexeddb/IDBDatabase.h:
        * Modules/indexeddb/IDBObjectStore.cpp:
        (WebCore::IDBObjectStore::indexNames const):
        * Modules/indexeddb/IDBObjectStore.h:
        * Modules/indexeddb/IDBTransaction.cpp:
        (WebCore::IDBTransaction::scheduleOperation):
        * Modules/indexeddb/IDBTransaction.h:
        * Modules/indexeddb/client/TransactionOperation.h:
        (WebCore::IDBClient::createTransactionOperation):
        * Modules/mediastream/MediaDevices.cpp:
        (WebCore::MediaDevices::getUserMedia const):
        (WebCore::MediaDevices::getDisplayMedia const):
        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::UserMediaRequest::create):
        * Modules/mediastream/UserMediaRequest.h:
        * Modules/webaudio/AudioParam.cpp:
        (WebCore::AudioParam::calculateFinalValues):
        * Modules/webaudio/ScriptProcessorNode.cpp:
        (WebCore::ScriptProcessorNode::initialize):
        * Modules/webdatabase/SQLStatement.cpp:
        (WebCore::SQLStatement::execute):
        * Modules/webgpu/WebGPU.cpp:
        (WebCore::WebGPU::requestAdapter const):
        * Modules/webgpu/WebGPUAdapter.cpp:
        (WebCore::WebGPUAdapter::create):
        * Modules/webgpu/WebGPUAdapter.h:
        * Modules/webgpu/WebGPUBuffer.cpp:
        (WebCore::WebGPUBuffer::create):
        * Modules/webgpu/WebGPUBuffer.h:
        * Modules/webgpu/WebGPUCommandBuffer.cpp:
        (WebCore::WebGPUCommandBuffer::create):
        (WebCore::WebGPUCommandBuffer::beginRenderPass):
        * Modules/webgpu/WebGPUCommandBuffer.h:
        * Modules/webgpu/WebGPUDevice.cpp:
        (WebCore::WebGPUDevice::create):
        (WebCore::WebGPUDevice::createBuffer const):
        (WebCore::WebGPUDevice::createShaderModule const):
        (WebCore::WebGPUDevice::createRenderPipeline const):
        (WebCore::WebGPUDevice::createCommandBuffer const):
        * Modules/webgpu/WebGPURenderPassEncoder.cpp:
        (WebCore::WebGPURenderPassEncoder::create):
        * Modules/webgpu/WebGPURenderPassEncoder.h:
        * Modules/webgpu/WebGPURenderPipeline.cpp:
        (WebCore::WebGPURenderPipeline::create):
        * Modules/webgpu/WebGPURenderPipeline.h:
        * Modules/webgpu/WebGPUShaderModule.cpp:
        (WebCore::WebGPUShaderModule::create):
        * Modules/webgpu/WebGPUShaderModule.h:
        * Modules/webgpu/WebGPUTexture.cpp:
        (WebCore::WebGPUTexture::createDefaultTextureView):
        * Modules/webgpu/WebGPUTextureView.cpp:
        (WebCore::WebGPUTextureView::create):
        * Modules/webgpu/WebGPUTextureView.h:
        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::rangeMatchesTextNearRange):
        * accessibility/atk/AXObjectCacheAtk.cpp:
        (WebCore::AXObjectCache::nodeTextChangePlatformNotification):
        * accessibility/atk/WebKitAccessibleHyperlink.cpp:
        (webkitAccessibleHyperlinkGetStartIndex):
        (webkitAccessibleHyperlinkGetEndIndex):
        * accessibility/atk/WebKitAccessibleInterfaceText.cpp:
        (getSelectionOffsetsForObject):
        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper _convertToNSRange:]):
        * bindings/js/JSDOMGlobalObjectTask.cpp:
        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::JSDOMWindowBase::queueTaskToEventLoop):
        * bindings/js/JSWorkerGlobalScopeBase.cpp:
        (WebCore::JSWorkerGlobalScopeBase::queueTaskToEventLoop):
        * bindings/js/ScriptControllerMac.mm:
        (WebCore::ScriptController::createScriptInstanceForWidget):
        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneDeserializer::readTerminal):
        (WebCore::SerializedScriptValue::create):
        * bridge/objc/objc_instance.h:
        * bridge/objc/objc_instance.mm:
        (ObjcInstance::create):
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::currentColorOrValidColor const):
        (WebCore::ComputedStyleExtractor::getCSSPropertyValuesForShorthandProperties):
        (WebCore::ComputedStyleExtractor::getCSSPropertyValuesForGridShorthand):
        (WebCore::ComputedStyleExtractor::getBackgroundShorthandValue):
        * css/CSSComputedStyleDeclaration.h:
        * css/CSSFontFaceSource.cpp:
        (WebCore::CSSFontFaceSource::load):
        * css/CSSStyleSheet.cpp:
        (WebCore::CSSStyleSheet::rules):
        * css/FontFace.cpp:
        (WebCore::FontFace::unicodeRange const):
        (WebCore::FontFace::featureSettings const):
        * css/InspectorCSSOMWrappers.cpp:
        (WebCore::InspectorCSSOMWrappers::collectFromStyleSheetContents):
        * css/SVGCSSComputedStyleDeclaration.cpp:
        (WebCore::strokeDashArrayToCSSValueList):
        (WebCore::ComputedStyleExtractor::adjustSVGPaintForCurrentColor const):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::createFilterOperations):
        * css/StyleRule.cpp:
        (WebCore::StyleRuleBase::createCSSOMWrapper const):
        * css/StyleRule.h:
        * dom/ChildListMutationScope.cpp:
        (WebCore::ChildListMutationAccumulator::getOrCreate):
        * dom/ChildListMutationScope.h:
        * dom/DocumentMarkerController.cpp:
        (WebCore::updateRenderedRectsForMarker):
        * dom/InlineStyleSheetOwner.cpp:
        (WebCore::InlineStyleSheetOwner::createSheet):
        * dom/PointerEvent.h:
        * dom/UserGestureIndicator.h:
        (WebCore::UserGestureToken::create):
        * editing/AlternativeTextController.cpp:
        (WebCore::AlternativeTextController::applyAlternativeTextToRange):
        (WebCore::AlternativeTextController::respondToUnappliedSpellCorrection):
        (WebCore::AlternativeTextController::respondToUnappliedEditing):
        (WebCore::AlternativeTextController::markPrecedingWhitespaceForDeletedAutocorrectionAfterCommand):
        (WebCore::AlternativeTextController::respondToMarkerAtEndOfWord):
        * editing/ApplyStyleCommand.cpp:
        (WebCore::ApplyStyleCommand::applyBlockStyle):
        (WebCore::ApplyStyleCommand::pushDownInlineStyleAroundNode):
        * editing/CompositeEditCommand.cpp:
        (WebCore::CompositeEditCommand::targetRanges const):
        (WebCore::CompositeEditCommand::replaceTextInNodePreservingMarkers):
        (WebCore::CompositeEditCommand::moveParagraphs):
        * editing/DeleteSelectionCommand.cpp:
        (WebCore::DeleteSelectionCommand::mergeParagraphs):
        * editing/Editing.cpp:
        (WebCore::visiblePositionForIndexUsingCharacterIterator):
        * editing/EditingStyle.cpp:
        (WebCore::EditingStyle::removeStyleConflictingWithStyleOfNode):
        (WebCore::EditingStyle::conflictsWithInlineStyleOfElement const):
        (WebCore::EditingStyle::prepareToApplyAt):
        (WebCore::EditingStyle::mergeInlineAndImplicitStyleOfElement):
        (WebCore::EditingStyle::mergeStyleFromRulesForSerialization):
        (WebCore::EditingStyle::removeStyleFromRulesAndContext):
        (WebCore::extractPropertiesNotIn):
        * editing/Editor.cpp:
        (WebCore::Editor::setBaseWritingDirection):
        (WebCore::Editor::setComposition):
        * editing/EditorCommand.cpp:
        (WebCore::executeApplyParagraphStyle):
        (WebCore::executeMakeTextWritingDirectionLeftToRight):
        (WebCore::executeMakeTextWritingDirectionNatural):
        (WebCore::executeMakeTextWritingDirectionRightToLeft):
        * editing/FormatBlockCommand.cpp:
        (WebCore::FormatBlockCommand::formatRange):
        * editing/RemoveFormatCommand.cpp:
        (WebCore::RemoveFormatCommand::doApply):
        * editing/ReplaceRangeWithTextCommand.cpp:
        (WebCore::ReplaceRangeWithTextCommand::targetRanges const):
        * editing/ReplaceSelectionCommand.cpp:
        (WebCore::ReplaceSelectionCommand::removeRedundantStylesAndKeepStyleSpanInline):
        (WebCore::handleStyleSpansBeforeInsertion):
        (WebCore::ReplaceSelectionCommand::handleStyleSpans):
        * editing/SpellingCorrectionCommand.cpp:
        (WebCore::SpellingCorrectionCommand::targetRanges const):
        * editing/TextCheckingHelper.cpp:
        (WebCore::TextCheckingHelper::findFirstMisspellingOrBadGrammar):
        * editing/TypingCommand.cpp:
        (WebCore::TypingCommand::insertText):
        (WebCore::TypingCommand::willAddTypingToOpenCommand):
        * editing/VisibleUnits.cpp:
        (WebCore::distanceBetweenPositions):
        * editing/cocoa/EditorCocoa.mm:
        (WebCore::Editor::selectionInWebArchiveFormat):
        * editing/ios/DictationCommandIOS.cpp:
        (WebCore::DictationCommandIOS::doApply):
        * editing/ios/EditorIOS.mm:
        (WebCore::Editor::setTextAlignmentForChangedBaseWritingDirection):
        (WebCore::Editor::removeUnchangeableStyles):
        (WebCore::Editor::writeImageToPasteboard):
        * editing/mac/EditorMac.mm:
        (WebCore::Editor::replaceNodeFromPasteboard):
        (WebCore::Editor::imageInWebArchiveFormat):
        * editing/markup.cpp:
        (WebCore::styleFromMatchedRulesAndInlineDecl):
        (WebCore::createFragmentForTransformToFragment):
        * fileapi/FileReaderLoader.cpp:
        (WebCore::FileReaderLoader::didFinishLoading):
        * html/FTPDirectoryDocument.cpp:
        (WebCore::createTemplateDocumentData):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::scheduleEvent):
        (WebCore::HTMLMediaElement::createMediaControls):
        * html/HTMLTableElement.cpp:
        (WebCore::HTMLTableElement::createSharedCellStyle):
        * html/HTMLTableElement.h:
        * html/URLUtils.h:
        (WebCore::URLUtils<T>::origin const):
        * html/parser/HTMLConstructionSite.cpp:
        (WebCore::HTMLConstructionSite::createHTMLElementOrFindCustomElementInterface):
        * html/shadow/TextControlInnerElements.cpp:
        (WebCore::TextControlInnerElement::resolveCustomStyle):
        * html/track/WebVTTParser.cpp:
        (WebCore::WebVTTParser::createNewCue):
        * inspector/DOMPatchSupport.cpp:
        * inspector/InspectorCanvas.cpp:
        (WebCore::InspectorCanvas::buildInitialState):
        (WebCore::InspectorCanvas::buildAction):
        * inspector/InspectorFrontendClientLocal.cpp:
        (WebCore::InspectorFrontendClientLocal::openInNewTab):
        * inspector/InspectorStyleSheet.cpp:
        (WebCore::asCSSRuleList):
        (WebCore::InspectorStyle::styleWithProperties const):
        (WebCore::InspectorStyleSheet::ensureSourceData):
        * inspector/agents/InspectorCanvasAgent.cpp:
        (WebCore::InspectorCanvasAgent::didCreateCanvasRenderingContext):
        * inspector/agents/InspectorIndexedDBAgent.cpp:
        (WebCore::Inspector::keyPathFromIDBKeyPath):
        * inspector/agents/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::archive):
        * loader/EmptyClients.cpp:
        (WebCore::EmptyStorageNamespaceProvider::createSessionStorageNamespace):
        (WebCore::EmptyStorageNamespaceProvider::createLocalStorageNamespace):
        (WebCore::EmptyStorageNamespaceProvider::createEphemeralLocalStorageNamespace):
        (WebCore::EmptyStorageNamespaceProvider::createTransientLocalStorageNamespace):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadURL):
        (WebCore::FrameLoader::shouldInterruptLoadForXFrameOptions):
        (WebCore::FrameLoader::loadDifferentDocumentItem):
        * loader/WorkerThreadableLoader.cpp:
        (WebCore::WorkerThreadableLoader::loadResourceSynchronously):
        * loader/archive/mhtml/MHTMLParser.cpp:
        (WebCore::MHTMLParser::addResourceToArchive):
        (WebCore::MHTMLParser::parseNextPart):
        * loader/cache/MemoryCache.cpp:
        (WebCore::MemoryCache::addImageToCache):
        (WebCore::MemoryCache::removeResourcesWithOrigin):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::getMatchedCSSRules const):
        (WebCore::DOMWindow::createWindow):
        * page/EventHandler.cpp:
        (WebCore::textDistance):
        * page/Page.cpp:
        (WebCore::Page::userStyleSheet const):
        * page/animation/CSSPropertyAnimation.cpp:
        (WebCore::blendFilterOperations):
        * page/ios/FrameIOS.mm:
        (WebCore::Frame::initWithSimpleHTMLDocument):
        (WebCore::Frame::interpretationsForCurrentRoot const):
        * page/mac/ServicesOverlayController.mm:
        (WebCore::ServicesOverlayController::Highlight::fadeIn):
        (WebCore::ServicesOverlayController::Highlight::fadeOut):
        * platform/SharedBuffer.cpp:
        (WebCore::SharedBuffer::tryCreateArrayBuffer const):
        * platform/audio/HRTFElevation.cpp:
        (WebCore::HRTFElevation::calculateKernelsForAzimuthElevation):
        * platform/audio/SincResampler.cpp:
        (WebCore::SincResampler::consumeSource):
        * platform/audio/gstreamer/AudioFileReaderGStreamer.cpp:
        (WebCore::AudioFileReader::createBus):
        * platform/audio/mac/AudioFileReaderMac.cpp:
        (WebCore::AudioFileReader::createBus):
        * platform/graphics/Icon.h:
        (WebCore::Icon::create):
        * platform/graphics/InbandTextTrackPrivate.h:
        (WebCore::InbandTextTrackPrivate::create):
        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
        (WebCore::AVFWrapper::shouldWaitForLoadingOfResource):
        * platform/graphics/avfoundation/objc/AudioTrackPrivateMediaSourceAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::fulfillRequestWithKeyData):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::shouldWaitForLoadingOfResource):
        * platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.mm:
        (WebCore::MediaSourcePrivateAVFObjC::create):
        (WebCore::MediaSourcePrivateAVFObjC::addSourceBuffer):
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        (WebCore::SourceBufferPrivateAVFObjC::create):
        (WebCore::SourceBufferPrivateAVFObjC::didParseStreamDataAsAsset):
        * platform/graphics/avfoundation/objc/VideoTrackPrivateMediaSourceAVFObjC.h:
        * platform/graphics/ca/TileController.cpp:
        (WebCore::TileController::createTileLayer):
        * platform/graphics/ca/TileController.h:
        * platform/graphics/ca/win/CACFLayerTreeHost.cpp:
        (WebCore::CACFLayerTreeHost::acceleratedCompositingAvailable):
        (WebCore::CACFLayerTreeHost::create):
        * platform/graphics/gpu/cocoa/GPUBufferMetal.mm:
        (WebCore::GPUBuffer::create):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::updateTracks):
        (WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfVideo):
        (WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfAudio):
        (WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfText):
        (WebCore::MediaPlayerPrivateGStreamer::handleMessage):
        (WebCore::MediaPlayerPrivateGStreamer::processMpegTsSection):
        (WebCore::MediaPlayerPrivateGStreamer::loadNextLocation):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::paint):
        * platform/graphics/gstreamer/mse/AppendPipeline.cpp:
        (WebCore::AppendPipeline::appsinkNewSample):
        * platform/graphics/iso/ISOProtectionSystemSpecificHeaderBox.cpp:
        (WebCore::ISOProtectionSystemSpecificHeaderBox::parse):
        * platform/graphics/iso/ISOTrackEncryptionBox.cpp:
        (WebCore::ISOTrackEncryptionBox::parse):
        * platform/graphics/texmap/TextureMapperAnimation.cpp:
        (WebCore::applyFilterAnimation):
        * platform/graphics/texmap/TextureMapperPlatformLayerBuffer.cpp:
        (WebCore::TextureMapperPlatformLayerBuffer::clone):
        * platform/graphics/transforms/TransformOperations.cpp:
        (WebCore::TransformOperations::blendByMatchingOperations const):
        * platform/image-decoders/ico/ICOImageDecoder.cpp:
        (WebCore::ICOImageDecoder::setDataForPNGDecoderAtIndex):
        * platform/mock/mediasource/MockBox.cpp:
        (WebCore::MockInitializationBox::MockInitializationBox):
        * platform/mock/mediasource/MockSourceBufferPrivate.cpp:
        (WebCore::MockSourceBufferPrivate::create):
        (WebCore::MockSourceBufferPrivate::append):
        * platform/mock/mediasource/MockSourceBufferPrivate.h:
        * platform/mock/mediasource/MockTracks.h:
        (WebCore::MockTextTrackPrivate::create):
        (WebCore::MockVideoTrackPrivate::create):
        * platform/network/FormData.h:
        (WebCore::FormData::decode):
        * platform/network/cocoa/CookieStorageObserver.h:
        * platform/network/cocoa/CookieStorageObserver.mm:
        (WebCore::CookieStorageObserver::create):
        * platform/network/soup/ResourceRequestSoup.cpp:
        (WebCore::appendEncodedBlobItemToSoupMessageBody):
        (WebCore::ResourceRequest::updateSoupMessageBody const):
        * platform/text/hyphen/HyphenationLibHyphen.cpp:
        (WebCore::HyphenationDictionary::createNull):
        (WebCore::HyphenationDictionary::create):
        * platform/win/SearchPopupMenuWin.cpp:
        (WebCore::SearchPopupMenuWin::SearchPopupMenuWin):
        (WebCore::SearchPopupMenuWin::popupMenu):
        * platform/win/SearchPopupMenuWin.h:
        * rendering/RenderThemeIOS.mm:
        (WebCore::applyCommonButtonPaddingToStyle):
        (WebCore::RenderThemeIOS::paintProgressBar):
        (WebCore::RenderThemeIOS::adjustButtonStyle const):
        (WebCore::paintAttachmentIcon):
        * rendering/svg/SVGRenderTreeAsText.cpp:
        (WebCore::writeSVGResourceContainer):
        * storage/Storage.cpp:
        (WebCore::Storage::create):
        (WebCore::Storage::Storage):
        * storage/Storage.h:
        (WebCore::Storage::area const):
        * storage/StorageNamespace.h:
        * storage/StorageNamespaceProvider.cpp:
        (WebCore::StorageNamespaceProvider::localStorageArea):
        * storage/StorageNamespaceProvider.h:
        * svg/SVGElement.cpp:
        (WebCore::SVGElement::getPresentationAttribute):
        * svg/SVGFEBlendElement.cpp:
        (WebCore::SVGFEBlendElement::build):
        * svg/SVGFEColorMatrixElement.cpp:
        (WebCore::SVGFEColorMatrixElement::build):
        * svg/SVGFEComponentTransferElement.cpp:
        (WebCore::SVGFEComponentTransferElement::build):
        * svg/SVGFECompositeElement.cpp:
        (WebCore::SVGFECompositeElement::build):
        * svg/SVGFEDiffuseLightingElement.cpp:
        (WebCore::SVGFEDiffuseLightingElement::build):
        * svg/SVGFEDisplacementMapElement.cpp:
        (WebCore::SVGFEDisplacementMapElement::build):
        * svg/SVGFEDropShadowElement.cpp:
        (WebCore::SVGFEDropShadowElement::build):
        * svg/SVGFEGaussianBlurElement.cpp:
        (WebCore::SVGFEGaussianBlurElement::build):
        * svg/SVGFEMergeElement.cpp:
        (WebCore::SVGFEMergeElement::build):
        * svg/SVGFEMorphologyElement.cpp:
        (WebCore::SVGFEMorphologyElement::build):
        * svg/SVGFEOffsetElement.cpp:
        (WebCore::SVGFEOffsetElement::build):
        * svg/SVGFESpecularLightingElement.cpp:
        (WebCore::SVGFESpecularLightingElement::build):
        * svg/SVGFETileElement.cpp:
        (WebCore::SVGFETileElement::build):
        * testing/GCObservation.h:
        * xml/XSLTProcessor.cpp:
        (WebCore::XSLTProcessor::createDocumentFromSource):
        * xml/parser/XMLDocumentParser.cpp:
        (WebCore::XMLDocumentParser::parseDocumentFragment):

2018-12-21  Chris Dumez  <cdumez@apple.com>

        navigator.userAgent in service workers does not reflect customUserAgent set by client
        https://bugs.webkit.org/show_bug.cgi?id=192951

        Reviewed by Youenn Fablet.

        Whenever a service worker client registers itself, also pass its effective user agent.
        In the network process, for each origin, we store the latest client's user agent and
        use it when starting the service worker.

        * dom/Document.cpp:
        (WebCore::Document::setServiceWorkerConnection):
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::registerTemporaryServiceWorkerClient):
        * workers/service/SWClientConnection.h:
        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::serviceWorkerClientUserAgent const):
        (WebCore::SWServer::installContextData):
        (WebCore::SWServer::runServiceWorker):
        (WebCore::SWServer::registerServiceWorkerClient):
        * workers/service/server/SWServer.h:
        * workers/service/server/SWServerToContextConnection.h:
        * workers/service/server/SWServerWorker.cpp:
        (WebCore::SWServerWorker::userAgent const):
        * workers/service/server/SWServerWorker.h:

2018-12-21  Youenn Fablet  <youenn@apple.com>

        RTCRtpSender.setParameters() does set active parameter
        https://bugs.webkit.org/show_bug.cgi?id=192848

        Reviewed by Eric Carlson.

        Covered by updated test.

        * Modules/mediastream/libwebrtc/LibWebRTCUtils.cpp:
        (WebCore::updateRTCRtpSendParameters):
        The routine was updating the local value, not the out parameter.

2018-12-21  Eric Carlson  <eric.carlson@apple.com>

        'ended' Event doesn't fire on MediaStreamTrack when a USB camera is unplugged
        https://bugs.webkit.org/show_bug.cgi?id=187896
        <rdar://problem/42681445>

        Reviewed by Jer Noble.

        No new tests, tested manually.

        * platform/mediastream/mac/AVVideoCaptureSource.h:
        * platform/mediastream/mac/AVVideoCaptureSource.mm:
        (WebCore::AVVideoCaptureSource::deviceDisconnected):
        (-[WebCoreAVVideoCaptureSourceObserver addNotificationObservers]):
        (-[WebCoreAVVideoCaptureSourceObserver removeNotificationObservers]):
        (-[WebCoreAVVideoCaptureSourceObserver deviceConnectedDidChange:]):
        * platform/mediastream/mac/CoreAudioCaptureDeviceManager.cpp:
        (WebCore::deviceHasInputStreams):
        (WebCore::isValidCaptureDevice):
        (WebCore::CoreAudioCaptureDeviceManager::coreAudioCaptureDevices):
        (WebCore::CoreAudioCaptureDeviceManager::refreshAudioCaptureDevices):
        (WebCore::CoreAudioCaptureDeviceManager::devicesChanged): Deleted.
        * platform/mediastream/mac/CoreAudioCaptureDeviceManager.h:
        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioSharedUnit::setCaptureDevice):
        (WebCore::CoreAudioSharedUnit::devicesChanged):
        (WebCore::CoreAudioSharedUnit::startProducingData):
        (WebCore::CoreAudioSharedUnit::startInternal):
        (WebCore::CoreAudioSharedUnit::verifyIsCapturing):
        (WebCore::CoreAudioSharedUnit::captureFailed):
        (WebCore::CoreAudioCaptureSourceFactory::devicesChanged):
        (WebCore::CoreAudioCaptureSource::CoreAudioCaptureSource):
        (WebCore::CoreAudioSharedUnit::setCaptureDeviceID): Deleted.
        * platform/mediastream/mac/CoreAudioCaptureSource.h:

2018-12-20  Ryosuke Niwa  <rniwa@webkit.org>

        REGRESSION(r239353): iOS WK1 Assertion failure in notifyChildNodeRemoved while running
        TestWebKitAPI.QuickLook.LegacyQuickLookContent
        https://bugs.webkit.org/show_bug.cgi?id=192859
        <rdar://problem/46887237>

        Reviewed by Antti Koivisto.

        After r239353, ScriptDisallowedScope::InMainThread::isScriptAllowed() may return false when the web thread
        is inside a delegate callback even when there is a ScriptDisallowedScope defined.

        Replace the existign debug assertions which assert !ScriptDisallowedScope::InMainThread::isScriptAllowed()
        by a newly added ScriptDisallowedScope::InMainThread::hasDisallowedScope to avoid hitting this assertion.

        Tests: TestWebKitAPI.QuickLook.LegacyQuickLookContent

        * dom/ContainerNodeAlgorithms.cpp:
        (WebCore::notifyChildNodeInserted):
        (WebCore::notifyChildNodeRemoved):
        * dom/Document.cpp:
        (WebCore::Document::nodeChildrenWillBeRemoved):
        (WebCore::Document::nodeWillBeRemoved):
        * dom/ScriptDisallowedScope.h:
        (WebCore::ScriptDisallowedScope::InMainThread::hasDisallowedScope):
        * html/HTMLFormElement.cpp:
        (WebCore:: const):

2018-12-21  Joseph Pecoraro  <pecoraro@apple.com>

        Update status of some WebCore features in features.json
        https://bugs.webkit.org/show_bug.cgi?id=192998

        Reviewed by Tim Horton.

        * features.json:
        - Variation Fonts: Supported
        - Conic Gradients: Supported in Preview
        - Web Share: Supported in Preview
        - <datalist>: Supported in Preview
        - Intersection Observers: Supported in Preview

2018-12-21  Zalan Bujtas  <zalan@apple.com>

        [iOS] Using file upload can trigger a crash under RenderThemeIOS::paintFileUploadIconDecorations()
        https://bugs.webkit.org/show_bug.cgi?id=192357
        <rdar://problem/42852260>

        Reviewed by Simon Fraser.

        Do not try to paint the file picker when painting is disabled.

        * rendering/RenderFileUploadControl.cpp:
        (WebCore::RenderFileUploadControl::paintObject):

2018-12-21  Jiewen Tan  <jiewen_tan@apple.com>

        [WebAuthN] userPresence should always be true
        https://bugs.webkit.org/show_bug.cgi?id=192835
        <rdar://problem/46538788>

        Reviewed by Brent Fulgham.

        In the current spec as of 7 August 2018, userPresence is suggested to set to the inverse of userVerification.
        This doesn't comply with the CTAP spec. Details in: https://github.com/w3c/webauthn/issues/1123.
        After discussing with other members of the working group, we decided to make userPresence always default to true.

        Covered by exisiting tests.

        * Modules/webauthn/fido/DeviceRequestConverter.cpp:
        (fido::encodeGetAssertionRequestAsCBOR):

2018-12-21  Jiewen Tan  <jiewen_tan@apple.com>

        [WebAuthN] Import an APDU coder from Chromium
        https://bugs.webkit.org/show_bug.cgi?id=192949
        <rdar://problem/46879933>

        Reviewed by Brent Fulgham.

        This patch imports an APDU coder from Chromium. Here is the documentation:
        https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-raw-message-formats-v1.2-ps-20170411.html#u2f-message-framing
        APDU is a binary format to frame any U2F requests/responses into binaries. It is equivalent to CBOR in CTAP2.

        Here is a list of files that are imported from Chromium:
        https://cs.chromium.org/chromium/src/components/apdu/apdu_command.cc?rcl=a2f290c10d132f53518e7f99d5635ee814ff8090
        https://cs.chromium.org/chromium/src/components/apdu/apdu_command.h?rcl=867b103481f6f4ccc79a69bba16c11eefac3cdb6
        https://cs.chromium.org/chromium/src/components/apdu/apdu_response.cc?rcl=867b103481f6f4ccc79a69bba16c11eefac3cdb6
        https://cs.chromium.org/chromium/src/components/apdu/apdu_response.h?rcl=867b103481f6f4ccc79a69bba16c11eefac3cdb6
        https://cs.chromium.org/chromium/src/components/apdu/apdu_unittest.cc?rcl=867b103481f6f4ccc79a69bba16c11eefac3cdb6

        Covered by API tests.

        * Modules/webauthn/apdu/ApduCommand.cpp: Added.
        (apdu::ApduCommand::createFromMessage):
        (apdu::ApduCommand::ApduCommand):
        (apdu::ApduCommand::getEncodedCommand const):
        * Modules/webauthn/apdu/ApduCommand.h: Added.
        * Modules/webauthn/apdu/ApduResponse.cpp: Added.
        (apdu::ApduResponse::createFromMessage):
        (apdu::ApduResponse::ApduResponse):
        (apdu::ApduResponse::getEncodedResponse const):
        * Modules/webauthn/apdu/ApduResponse.h: Added.
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:

2018-12-21  Jer Noble  <jer.noble@apple.com>

        Convert raw CDMSessionMediaSourceAVFObjC pointer in MediaPlayerPrivateMediaSourceAVFObjC
        https://bugs.webkit.org/show_bug.cgi?id=192985
        <rdar://problem/46750743>

        Reviewed by Eric Carlson.

        Make m_session a RefPtr; drive-by fix: make m_mediaElement in WebKitMediaKeys a WeakPtr.

        * Modules/encryptedmedia/legacy/WebKitMediaKeys.cpp:
        (WebCore::WebKitMediaKeys::setMediaElement):
        * Modules/encryptedmedia/legacy/WebKitMediaKeys.h:
        * platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::MediaPlayerPrivateMediaSourceAVFObjC):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setCDMSession):

2018-12-21  Justin Michaud  <justin_michaud@apple.com>

        CSS variables don't work for colors in "border" property
        https://bugs.webkit.org/show_bug.cgi?id=192922

        Reviewed by Simon Fraser.

        ParseColorFunction no longer consumes anything if the color was not valid.

        Test: css-custom-properties-api/border-variable-parsing.html

        * css/parser/CSSPropertyParserHelpers.cpp:
        (WebCore::CSSPropertyParserHelpers::parseColorFunction):

2018-12-21  Justin Fan  <justin_fan@apple.com>

        [WebGPU] GPUBindGroupLayout refactoring: no HashMap, and failure logging
        https://bugs.webkit.org/show_bug.cgi?id=192990

        Reviewed by Myles C. Maxfield.

        Refactor away the unnecessary HashMaps when creating MTLArgumentEncoders in GPUBindGroupLayout creation.
        Also update GPUBindGroupLayout::create -> tryCreate, in order to better handle Objective-C exceptions.

        No new tests; no change in behavior.

        * Modules/webgpu/WebGPUBindGroupLayout.cpp:
        (WebCore::WebGPUBindGroupLayout::create):
        (WebCore::WebGPUBindGroupLayout::WebGPUBindGroupLayout):
        * Modules/webgpu/WebGPUBindGroupLayout.h:
        (WebCore::WebGPUBindGroupLayout::bindGroupLayout const):
        * Modules/webgpu/WebGPUDevice.cpp:
        (WebCore::WebGPUDevice::createBindGroupLayout const):
        * platform/graphics/gpu/GPUBindGroupLayout.h:
        * platform/graphics/gpu/GPUDevice.cpp:
        (WebCore::GPUDevice::tryCreateBindGroupLayout const): Renamed from ::create*. Now returning a RefPtr. 
        (WebCore::GPUDevice::createBindGroupLayout const): Deleted.
        * platform/graphics/gpu/GPUDevice.h:
        * platform/graphics/gpu/cocoa/GPUBindGroupLayoutMetal.mm:
        (WebCore::appendArgumentToArray):
        (WebCore::newEncoder):
        (WebCore::GPUBindGroupLayout::tryCreate): Renamed from ::create. Now returning a RefPtr.
        (WebCore::GPUBindGroupLayout::GPUBindGroupLayout):
        (WebCore::appendArgumentToArrayInMap): Deleted.
        (WebCore::GPUBindGroupLayout::create): Deleted.

        Deleted unneeded GPUBindGroupLayout.cpp:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/graphics/gpu/GPUBindGroupLayout.cpp: Removed.

2018-12-21  Alejandro G. Castro  <alex@igalia.com>

        [GTK][WPE] Add DeviceIdHashSaltStorage disk persistence
        https://bugs.webkit.org/show_bug.cgi?id=190466

        Reviewed by Youenn Fablet.

        Added persistency to the DeviceIdHashSaltStorage.

        * platform/glib/FileSystemGlib.cpp:
        (WebCore::FileSystem::getFileSize): Implemented this function to
        allow sharing code with the statistics storage class.
        * platform/glib/KeyedDecoderGlib.cpp:
        (WebCore::KeyedDecoderGlib::dictionaryFromGVariant): Added a
        condition to control situations where the key is empty, it can
        happen if the user modifies the file in the disk.
        * Modules/indexeddb/shared/IDBResourceIdentifier.cpp: Add include
        to make work compilation with debug, unified builds.

2018-12-21  Zalan Bujtas  <zalan@apple.com>

        Synchronous media query evaluation could destroy current Frame/FrameView.
        https://bugs.webkit.org/show_bug.cgi?id=192781
        <rdar://problem/34416793>

        Reviewed by Chris Dumez.

        Protect Frame and FrameView when coming back from printing and check if the current Frame/FrameView/FrameLoader objects are still valid.

        Test: printing/print-with-media-query-destory.html

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::finishedLoading):
        * page/Frame.cpp:
        (WebCore::Frame::setPrinting):
        * page/FrameView.cpp:
        (WebCore::FrameView::forceLayoutForPagination):
        * page/PrintContext.cpp:
        (WebCore::PrintContext::PrintContext):
        (WebCore::PrintContext::computePageRects):
        (WebCore::PrintContext::computePageRectsWithPageSizeInternal):
        (WebCore::PrintContext::begin):
        (WebCore::PrintContext::computeAutomaticScaleFactor):
        (WebCore::PrintContext::spoolPage):
        (WebCore::PrintContext::spoolRect):
        (WebCore::PrintContext::end):
        * page/PrintContext.h:
        (WebCore::PrintContext::frame const): Deleted.

2018-12-21  Wenson Hsieh  <wenson_hsieh@apple.com>

        Setting the file wrapper and content type of an attachment to a PDF should update its image
        https://bugs.webkit.org/show_bug.cgi?id=192984
        <rdar://problem/46798028>

        Reviewed by Tim Horton.

        Allow PDF data to be used to update enclosing image elements when setting the file wrapper for an attachment.
        Covered by a new API test: WKAttachmentTests.SetFileWrapperForPDFImageAttachment.

        * html/HTMLAttachmentElement.cpp:
        (WebCore::mimeTypeIsSuitableForInlineImageAttachment):
        (WebCore::HTMLAttachmentElement::updateEnclosingImageWithData):

2018-12-21  Justin Michaud  <justin_michaud@apple.com>

        Repeated background images with zero size should display the background color
        https://bugs.webkit.org/show_bug.cgi?id=192962

        Reviewed by Antti Koivisto.

        Test: fast/backgrounds/background-repeat-with-zero-size.html

        * platform/LengthSize.h:
        (WebCore::LengthSize::isEmpty const):
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::paintFillLayerExtended):
        * rendering/style/FillLayer.h:
        (WebCore::FillLayer::isEmpty const):

2018-12-21  Manuel Rego Casasnovas  <rego@igalia.com>

        [css-grid] Fix percentages in relative offsets for grid items
        https://bugs.webkit.org/show_bug.cgi?id=190492

        Reviewed by Sergio Villar Senin.

        The method RenderBoxModelObject::relativePositionOffset() was not considering the case of grid items,
        where the containing block is the grid area.
        The patch modifies the method so the new code uses overrideContainingBlockContentWidth|Height when required.

        Test: imported/w3c/web-platform-tests/css/css-grid/grid-items/grid-items-relative-offsets-002.html

        * rendering/RenderBox.cpp: Implement the physical versions of the already existent methods.
        (WebCore::RenderBox::overrideContainingBlockContentWidth const):
        (WebCore::RenderBox::overrideContainingBlockContentHeight const):
        (WebCore::RenderBox::hasOverrideContainingBlockContentWidth const):
        (WebCore::RenderBox::hasOverrideContainingBlockContentHeight const):
        * rendering/RenderBox.h:
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::relativePositionOffset const): Modified method
        to take into account overrideContainingBlockContentWidth|Height for grid items.
        * rendering/RenderBoxModelObject.h: Added new headers for physical virtual methods
        that will be overridden in RenderBox.
        (WebCore::RenderBoxModelObject::overrideContainingBlockContentWidth const):
        (WebCore::RenderBoxModelObject::overrideContainingBlockContentHeight const):
        (WebCore::RenderBoxModelObject::hasOverrideContainingBlockContentWidth const):
        (WebCore::RenderBoxModelObject::hasOverrideContainingBlockContentHeight const):

2018-12-20  Justin Fan  <justin_fan@apple.com>

        [WebGPU] Convert WebGPUBindGroups into MTLArgumentEncoders
        https://bugs.webkit.org/show_bug.cgi?id=192956

        Reviewed by Myles Maxfield.

        No testable behavior change. Existing tests cover possible crashing.

        Add GPUBindGroupLayoutMetal.mm:
        * SourcesCocoa.txt:
        * WebCore.xcodeproj/project.pbxproj:

        Flesh out GPUBindGroupLayout::create:
        * platform/graphics/gpu/GPUBindGroupLayout.cpp:
        * platform/graphics/gpu/GPUBindGroupLayout.h:
        * platform/graphics/gpu/GPUDevice.cpp:
        (WebCore::GPUDevice::createBindGroupLayout const):
        * platform/graphics/gpu/cocoa/GPUBindGroupLayoutMetal.mm: Added.
        (WebCore::appendArgumentToArrayInMap): Added.
        (WebCore::GPUBindGroupLayout::create):
        (WebCore::GPUBindGroupLayout::GPUBindGroupLayout):
        (WebCore::MTLDataTypeForBindingType): Added.

2018-12-20  Michael Catanzaro  <mcatanzaro@igalia.com>

        Unreviewed, remove stray #pragma once added to .cpp file

        * svg/properties/SVGAttributeOwnerProxy.cpp:

2018-12-20  Justin Michaud  <justin_michaud@apple.com>

        Adding runtime-enabled attribute to Element prevents inlining property access
        https://bugs.webkit.org/show_bug.cgi?id=192901

        Add a call to flattenDictionaryObject after disabling runtime-enabled attributes.

        Reviewed by Ryosuke Niwa.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation):
        * bindings/scripts/test/JS/JSTestEnabledBySetting.cpp:
        (WebCore::JSTestEnabledBySettingPrototype::finishCreation):
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
        (WebCore::JSTestGenerateIsReachablePrototype::finishCreation):
        * bindings/scripts/test/JS/JSTestNode.cpp:
        (WebCore::JSTestNodePrototype::finishCreation):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::JSTestObjPrototype::finishCreation):

2018-12-20  Chris Dumez  <cdumez@apple.com>

        Use Optional::hasValue() instead of Optional::has_value()
        https://bugs.webkit.org/show_bug.cgi?id=192948

        Reviewed by Tim Horton.

        * bindings/js/DOMPromiseProxy.h:
        (WebCore::DOMPromiseProxy<IDLType>::isFulfilled const):
        (WebCore::DOMPromiseProxy<IDLVoid>::isFulfilled const):
        (WebCore::DOMPromiseProxyWithResolveCallback<IDLType>::isFulfilled const):
        * dom/DataTransferItemList.h:
        (WebCore::DataTransferItemList::hasItems const):
        * dom/EventTarget.cpp:
        (WebCore::EventTarget::addEventListener):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::captionDisplayMode):
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::wouldTaintOrigin const):
        * platform/graphics/gstreamer/mse/AppendPipeline.cpp:
        (WebCore::AppendPipeline::parseDemuxerSrcPadCaps):
        * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
        (WebCore::MediaPlayerPrivateGStreamerMSE::trackDetected):
        * platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp:
        (webKitMediaSrcUpdatePresentationSize):
        * platform/mac/NSScrollerImpDetails.mm:
        (WebCore::ScrollerStyle::recommendedScrollerStyle):
        * rendering/RenderListItem.cpp:
        (WebCore::RenderListItem::setExplicitValue):

2018-12-20  Chris Dumez  <cdumez@apple.com>

        Move HTTPS_UPGRADE code behind a runtime flag, off by default
        https://bugs.webkit.org/show_bug.cgi?id=192937

        Reviewed by Youenn Fablet.

        Move HTTPS_UPGRADE code behind a runtime flag, off by default and drop the build time flag.

        * page/Settings.yaml:

2018-12-20  Youenn Fablet  <youenn@apple.com>

        Remove custom constructors of ReadableStreamDefaultReader and ReadableStreamBYOBReader
        https://bugs.webkit.org/show_bug.cgi?id=192838

        Reviewed by Chris Dumez.

        Generate constructor code in case of a Private but not Public constructor.
        Make sure this is correctly exposed in global objects.
        Add JS built-in constructor implementations for those two objects.

        Also add JS built-in constructors for controller and byob request.
        To keep existing behavior, JS built-ins calling these constructors need to pass
        an additional parameter that allows making the difference between a JS builtin caller or a JS caller.
        In the latter case, the constructor will throw.

        Covered by existing tests, no observable change of behavior.

        * Modules/streams/ReadableByteStreamController.idl:
        * Modules/streams/ReadableByteStreamController.js:
        (initializeReadableByteStreamController):
        (getter.byobRequest):
        * Modules/streams/ReadableByteStreamInternals.js:
        (privateInitializeReadableByteStreamController): Deleted.
        (privateInitializeReadableStreamBYOBRequest): Deleted.
        * Modules/streams/ReadableStream.js:
        (initializeReadableStream):
        * Modules/streams/ReadableStreamBYOBReader.js:
        (initializeReadableStreamBYOBReader):
        * Modules/streams/ReadableStreamBYOBRequest.idl:
        * Modules/streams/ReadableStreamBYOBRequest.js:
        (initializeReadableStreamBYOBRequest):
        * Modules/streams/ReadableStreamDefaultController.idl:
        * Modules/streams/ReadableStreamDefaultController.js:
        (initializeReadableStreamDefaultController):
        (enqueue):
        * Modules/streams/ReadableStreamDefaultReader.js:
        (initializeReadableStreamDefaultReader):
        * Modules/streams/ReadableStreamInternals.js:
        (readableStreamDefaultControllerError): Deleted.
        * Sources.txt:
        * UnifiedSources-input.xcfilelist:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSDOMBuiltinConstructor.h:
        * bindings/js/JSDOMGlobalObject.cpp:
        (WebCore::JSDOMGlobalObject::addBuiltinGlobals):
        * bindings/js/JSReadableStreamPrivateConstructors.cpp: Removed.
        * bindings/js/JSReadableStreamPrivateConstructors.h: Removed.
        * bindings/scripts/CodeGeneratorJS.pm:
        (GeneratePropertiesHashTable):
        * bindings/scripts/preprocess-idls.pl:
        (shouldExposeInterface):

2018-12-20  Jiewen Tan  <jiewen_tan@apple.com>

        [WebAuthN] Remove hash from Client Data
        https://bugs.webkit.org/show_bug.cgi?id=192727
        <rdar://problem/46746673>

        Reviewed by Brent Fulgham.

        The hash algorithm for hashing the client data is enforced to SHA_256 in the latest spec:
        https://www.w3.org/TR/webauthn/#sec-client-data. Therefore, we should remove it.

        Covered by existing tests.

        * Modules/webauthn/AuthenticatorCoordinator.cpp:
        (WebCore::AuthenticatorCoordinatorInternal::produceClientDataJson):

2018-12-20  Jiewen Tan  <jiewen_tan@apple.com>

        [WebAuthN] Add a runtime flag for local authenticator
        https://bugs.webkit.org/show_bug.cgi?id=192792
        <rdar://problem/46798738>

        Reviewed by Brent Fulgham.

        No tests.

        This patch adds a runtime flag for local authenticator and removes ways to
        set the runtime flag for web authentication in LegacyWebKit.

        * page/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::setWebAuthenticationLocalAuthenticatorEnabled):
        (WebCore::RuntimeEnabledFeatures::webAuthenticationLocalAuthenticatorEnabled const):

2018-12-20  Jeremy Jones  <jeremyj@apple.com>

        Pointer lock causes abandoned documents
        https://bugs.webkit.org/show_bug.cgi?id=188727
        rdar://problem/44248197
        
        Reviewed by Simon Fraser.

        Fixes --world-leaks in these tests:

        pointer-lock/locked-element-removed-from-dom.html
        pointer-lock/mouse-event-delivery.html
        fast/shadow-dom/pointerlockelement-in-slot.html

        PointerLockController now uses WeakPtr instead of RefPtr because it has no need to extend the lifetime of a document.

        * page/PointerLockController.cpp:
        (WebCore::PointerLockController::elementRemoved):
        (WebCore::PointerLockController::documentDetached):
        (WebCore::PointerLockController::didAcquirePointerLock):
        * page/PointerLockController.h:

2018-12-20  Chris Dumez  <cdumez@apple.com>

        Use Optional::valueOr() instead of Optional::value_or()
        https://bugs.webkit.org/show_bug.cgi?id=192933

        Reviewed by Geoffrey Garen.

        * Modules/applepay/paymentrequest/ApplePayPaymentHandler.cpp:
        (WebCore::convert):
        (WebCore::ApplePayPaymentHandler::didAuthorizePayment):
        * Modules/encryptedmedia/MediaKeySession.cpp:
        (WebCore::MediaKeySession::load):
        * Modules/indexeddb/IDBDatabaseIdentifier.h:
        (WebCore::IDBDatabaseIdentifier::hash const):
        * Modules/indexeddb/IDBFactory.cpp:
        (WebCore::IDBFactory::open):
        * Modules/mediastream/MediaStreamTrack.cpp:
        (WebCore::MediaStreamTrack::applyConstraints):
        * Modules/mediastream/RTCDTMFSender.cpp:
        (WebCore::RTCDTMFSender::insertDTMF):
        * Modules/webdatabase/SQLTransaction.cpp:
        (WebCore::SQLTransaction::executeSql):
        * Modules/webvr/VRFrameData.cpp:
        (WebCore::VRFrameData::update):
        * animation/AnimationTimeline.cpp:
        (WebCore::AnimationTimeline::updateCSSTransitionsForElement):
        * animation/DeclarativeAnimation.cpp:
        (WebCore::DeclarativeAnimation::cancel):
        (WebCore::DeclarativeAnimation::invalidateDOMEvents):
        * animation/KeyframeEffect.cpp:
        (WebCore::computeMissingKeyframeOffsets):
        (WebCore::KeyframeEffect::applyPendingAcceleratedActions):
        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::runPendingPlayTask):
        (WebCore::WebAnimation::runPendingPauseTask):
        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneSerializer::write):
        * crypto/algorithms/CryptoAlgorithmHMAC.cpp:
        (WebCore::CryptoAlgorithmHMAC::generateKey):
        (WebCore::CryptoAlgorithmHMAC::importKey):
        * crypto/gcrypt/CryptoAlgorithmAES_GCMGCrypt.cpp:
        (WebCore::CryptoAlgorithmAES_GCM::platformEncrypt):
        (WebCore::CryptoAlgorithmAES_GCM::platformDecrypt):
        * crypto/gcrypt/CryptoKeyRSAGCrypt.cpp:
        (WebCore::CryptoKeyRSA::importSpki):
        (WebCore::CryptoKeyRSA::importPkcs8):
        * crypto/keys/CryptoKeyRSA.cpp:
        (WebCore::CryptoKeyRSA::importJwk):
        * crypto/mac/CryptoAlgorithmAES_GCMMac.cpp:
        (WebCore::CryptoAlgorithmAES_GCM::platformEncrypt):
        (WebCore::CryptoAlgorithmAES_GCM::platformDecrypt):
        * crypto/mac/CryptoKeyRSAMac.cpp:
        (WebCore::CryptoKeyRSA::importSpki):
        (WebCore::CryptoKeyRSA::importPkcs8):
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::counterToCSSValue):
        * css/CSSFontFace.cpp:
        (WebCore::calculateItalicRange):
        * css/CSSPrimitiveValue.cpp:
        (WebCore::CSSPrimitiveValue::doubleValue const):
        * css/CSSStyleSheet.cpp:
        (WebCore::CSSStyleSheet::addRule):
        * css/DOMMatrix.cpp:
        (WebCore::DOMMatrix::rotateSelf):
        * css/DOMMatrixReadOnly.cpp:
        (WebCore::DOMMatrixReadOnly::validateAndFixup):
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyValueCounter):
        * css/parser/MediaQueryParser.cpp:
        (WebCore::MediaQueryParser::commitMediaQuery):
        * dom/Document.h:
        (WebCore::Document::referrerPolicy const):
        * dom/Element.cpp:
        (WebCore::toScrollAlignment):
        * dom/EventTarget.cpp:
        (WebCore::EventTarget::addEventListener):
        * dom/MutationObserver.cpp:
        (WebCore::MutationObserver::observe):
        * editing/cocoa/FontAttributeChangesCocoa.mm:
        (WebCore::FontChanges::platformFontFamilyNameForCSS const):
        * fileapi/File.cpp:
        (WebCore::File::File):
        * html/DOMTokenList.cpp:
        (WebCore::DOMTokenList::toggle):
        * html/HTMLOListElement.h:
        * html/ImageBitmap.cpp:
        (WebCore::croppedSourceRectangleWithFormatting):
        * html/canvas/CanvasPattern.cpp:
        (WebCore::CanvasPattern::setTransform):
        * html/canvas/CanvasRenderingContext2DBase.cpp:
        (WebCore::CanvasRenderingContext2DBase::setTransform):
        (WebCore::CanvasRenderingContext2DBase::isPointInPathInternal):
        (WebCore::CanvasRenderingContext2DBase::isPointInStrokeInternal):
        * html/canvas/Path2D.cpp:
        (WebCore::Path2D::addPath):
        * inspector/InspectorCanvas.cpp:
        (WebCore::InspectorCanvas::buildAction):
        * inspector/InspectorFrontendHost.cpp:
        (WebCore::populateContextMenu):
        * layout/FormattingContext.cpp:
        (WebCore::Layout::FormattingContext::validateGeometryConstraintsAfterLayout const):
        * layout/FormattingContextGeometry.cpp:
        (WebCore::Layout::FormattingContext::Geometry::outOfFlowNonReplacedVerticalGeometry):
        (WebCore::Layout::FormattingContext::Geometry::outOfFlowNonReplacedHorizontalGeometry):
        (WebCore::Layout::FormattingContext::Geometry::outOfFlowReplacedVerticalGeometry):
        (WebCore::Layout::FormattingContext::Geometry::outOfFlowReplacedHorizontalGeometry):
        (WebCore::Layout::FormattingContext::Geometry::complicatedCases):
        (WebCore::Layout::FormattingContext::Geometry::inlineReplacedWidthAndMargin):
        (WebCore::Layout::FormattingContext::Geometry::inFlowPositionedPositionOffset):
        (WebCore::Layout::FormattingContext::Geometry::computedNonCollapsedHorizontalMarginValue):
        (WebCore::Layout::FormattingContext::Geometry::computedNonCollapsedVerticalMarginValue):
        * layout/FormattingContextQuirks.cpp:
        (WebCore::Layout::FormattingContext::Quirks::heightValueOfNearestContainingBlockWithFixedHeight):
        * layout/MarginTypes.h:
        (WebCore::Layout::VerticalMargin::usedValues const):
        * layout/blockformatting/BlockFormattingContextGeometry.cpp:
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowNonReplacedHeightAndMargin):
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowNonReplacedWidthAndMargin):
        (WebCore::Layout::BlockFormattingContext::Geometry::instrinsicWidthConstraints):
        * layout/blockformatting/BlockFormattingContextQuirks.cpp:
        (WebCore::Layout::BlockFormattingContext::Quirks::stretchedHeight):
        * layout/displaytree/DisplayBox.h:
        (WebCore::Display::Box::width const):
        (WebCore::Display::Box::height const):
        (WebCore::Display::Box::contentBoxTop const):
        (WebCore::Display::Box::contentBoxLeft const):
        * layout/floats/FloatingContext.cpp:
        (WebCore::Layout::Iterator::set):
        * layout/inlineformatting/InlineFormattingContext.cpp:
        (WebCore::Layout::InlineFormattingContext::appendContentToLine const):
        (WebCore::Layout::InlineFormattingContext::placeInFlowPositionedChildren const):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::urlSelected):
        * loader/NavigationAction.cpp:
        * page/FrameView.cpp:
        (WebCore::FrameView::setLayoutViewportOverrideRect):
        (WebCore::FrameView::documentToAbsoluteScaleFactor const):
        (WebCore::FrameView::viewportSizeForCSSViewportUnits const):
        * page/Page.cpp:
        (WebCore::Page::setLowPowerModeEnabledOverrideForTesting):
        * page/SecurityOriginData.cpp:
        (WebCore::SecurityOriginData::databaseIdentifier const):
        * page/SecurityOriginData.h:
        (WebCore::SecurityOriginDataHash::hash):
        * page/SecurityOriginHash.h:
        (WebCore::SecurityOriginHash::hash):
        * page/ViewportConfiguration.cpp:
        (WebCore::ViewportConfiguration::setViewLayoutSize):
        * page/WindowFeatures.cpp:
        (WebCore::parseDialogFeatures):
        * page/animation/AnimationBase.cpp:
        (WebCore::AnimationBase::updateStateMachine):
        (WebCore::AnimationBase::fireAnimationEventsIfNeeded):
        (WebCore::AnimationBase::getTimeToNextEvent const):
        (WebCore::AnimationBase::freezeAtTime):
        (WebCore::AnimationBase::getElapsedTime const):
        * page/animation/CSSAnimationController.cpp:
        (WebCore::CSSAnimationControllerPrivate::updateAnimationTimer):
        * page/cocoa/ResourceUsageThreadCocoa.mm:
        (WebCore::ResourceUsageThread::platformThreadBody):
        * page/linux/ResourceUsageThreadLinux.cpp:
        (WebCore::ResourceUsageThread::platformThreadBody):
        * platform/graphics/ComplexTextController.cpp:
        (WebCore::ComplexTextController::offsetForPosition):
        * platform/graphics/FontCache.h:
        (WebCore::FontDescriptionKey::computeHash const):
        * platform/graphics/FontCascade.cpp:
        (WebCore::FontCascade::drawText const):
        (WebCore::FontCascade::drawEmphasisMarks const):
        (WebCore::FontCascade::displayListForTextRun const):
        (WebCore::FontCascade::adjustSelectionRectForText const):
        (WebCore::FontCascade::codePath const):
        * platform/graphics/FontSelectionAlgorithm.cpp:
        (WebCore::FontSelectionAlgorithm::styleDistance const):
        * platform/graphics/FontSelectionAlgorithm.h:
        (WebCore::operator<<):
        (WebCore::FontSelectionSpecifiedCapabilities::computeWeight const):
        (WebCore::FontSelectionSpecifiedCapabilities::computeWidth const):
        (WebCore::FontSelectionSpecifiedCapabilities::computeSlope const):
        * platform/graphics/ShadowBlur.cpp:
        (WebCore::ShadowBlur::calculateLayerBoundingRect):
        * platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp:
        (WebCore::WebCoreAVCFResourceLoader::startLoading):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::paintWithVideoOutput):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::paintCurrentFrameInContext):
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        (WebCore::SourceBufferPrivateAVFObjC::naturalSize):
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::setVisibleAndCoverageRects):
        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::preparePlatformFont):
        * platform/graphics/filters/FETurbulence.cpp:
        (WebCore::FETurbulence::fillRegion const):
        * platform/graphics/gstreamer/GStreamerCommon.cpp:
        (WebCore::initializeGStreamer):
        * platform/graphics/texmap/TextureMapperLayer.cpp:
        (WebCore::TextureMapperLayer::paintSelfAndChildrenWithReplica):
        (WebCore::TextureMapperLayer::replicaTransform):
        (WebCore::TextureMapperLayer::syncAnimations):
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::CoordinatedGraphicsLayer::transformedVisibleRect):
        (WebCore::CoordinatedGraphicsLayer::computeTransformedVisibleRect):
        * platform/graphics/transforms/TransformState.cpp:
        (WebCore::TransformState::mappedPoint const):
        (WebCore::TransformState::mapQuad const):
        (WebCore::TransformState::flattenWithTransform):
        * platform/network/CacheValidation.cpp:
        (WebCore::computeCurrentAge):
        (WebCore::computeFreshnessLifetimeForHTTPFamily):
        * platform/network/NetworkStateNotifier.cpp:
        (WebCore::NetworkStateNotifier::onLine):
        * rendering/FloatingObjects.cpp:
        (WebCore::FindNextFloatLogicalBottomAdapter::nextLogicalBottom const):
        (WebCore::FindNextFloatLogicalBottomAdapter::nextShapeLogicalBottom const):
        * rendering/GridBaselineAlignment.cpp:
        (WebCore::GridBaselineAlignment::ascentForChild const):
        * rendering/GridTrackSizingAlgorithm.cpp:
        (WebCore::GridTrack::setGrowthLimit):
        (WebCore::GridTrackSizingAlgorithm::initialBaseSize const):
        (WebCore::GridTrackSizingAlgorithm::initialGrowthLimit const):
        (WebCore::GridTrackSizingAlgorithm::sizeTrackToFitNonSpanningItem):
        (WebCore::sortByGridTrackGrowthPotential):
        (WebCore::GridTrackSizingAlgorithm::estimatedGridAreaBreadthForChild const):
        (WebCore::GridTrackSizingAlgorithmStrategy::minSizeForChild const):
        (WebCore::GridTrackSizingAlgorithm::initializeTrackSizes):
        * rendering/PaintInfo.h:
        (WebCore::PaintInfo::applyTransform):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::computeLogicalHeight const):
        * rendering/RenderCounter.cpp:
        (WebCore::planCounter):
        * rendering/RenderDeprecatedFlexibleBox.cpp:
        (WebCore::RenderDeprecatedFlexibleBox::layoutHorizontalBox):
        * rendering/RenderFlexibleBox.cpp:
        (WebCore::RenderFlexibleBox::baselinePosition const):
        (WebCore::RenderFlexibleBox::marginBoxAscentForChild):
        (WebCore::RenderFlexibleBox::adjustChildSizeForMinAndMax):
        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::gridGap const):
        (WebCore::RenderGrid::baselinePosition const):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::paintLayerByApplyingTransform):
        * rendering/RenderListBox.cpp:
        (WebCore::RenderListBox::paintItem):
        (WebCore::RenderListBox::listIndexIsVisible):
        * rendering/RenderMultiColumnSet.cpp:
        (WebCore::RenderMultiColumnSet::calculateMaxColumnHeight const):
        * rendering/RenderTable.cpp:
        (WebCore::RenderTable::convertStyleLogicalHeightToComputedHeight):
        * rendering/RenderTableCell.cpp:
        (WebCore::RenderTableCell::cellBaselinePosition const):
        * rendering/RenderTableSection.cpp:
        (WebCore::RenderTableSection::firstLineBaseline const):
        * rendering/RenderText.cpp:
        (WebCore::RenderText::computePreferredLogicalWidths):
        (WebCore::RenderText::previousOffset const):
        (WebCore::RenderText::previousOffsetForBackwardDeletion const):
        (WebCore::RenderText::nextOffset const):
        (WebCore::RenderText::stringView const):
        * rendering/RenderView.cpp:
        (WebCore::RenderView::layout):
        * rendering/mathml/RenderMathMLBlock.cpp:
        (WebCore::RenderMathMLBlock::baselinePosition const):
        * rendering/mathml/RenderMathMLBlock.h:
        (WebCore::RenderMathMLBlock::ascentForChild):
        * rendering/style/GridPosition.cpp:
        (WebCore::GridPosition::max):
        * rendering/style/TextUnderlineOffset.h:
        (WebCore::TextUnderlineOffset::lengthOr const):
        * rendering/svg/RenderSVGContainer.cpp:
        (WebCore::RenderSVGContainer::nodeAtFloatPoint):
        * rendering/svg/RenderSVGForeignObject.cpp:
        (WebCore::RenderSVGForeignObject::nodeAtFloatPoint):
        * rendering/svg/RenderSVGImage.cpp:
        (WebCore::RenderSVGImage::nodeAtFloatPoint):
        * rendering/svg/RenderSVGResourceClipper.cpp:
        (WebCore::RenderSVGResourceClipper::hitTestClipContent):
        * rendering/svg/RenderSVGResourceFilter.cpp:
        (WebCore::RenderSVGResourceFilter::postApplyResource):
        * rendering/svg/RenderSVGRoot.cpp:
        (WebCore::RenderSVGRoot::nodeAtPoint):
        * rendering/svg/RenderSVGShape.cpp:
        (WebCore::RenderSVGShape::nodeAtFloatPoint):
        * rendering/svg/RenderSVGText.cpp:
        (WebCore::RenderSVGText::nodeAtFloatPoint):
        * rendering/svg/SVGRenderingContext.cpp:
        (WebCore::SVGRenderingContext::clipToImageBuffer):
        * svg/SVGToOTFFontConversion.cpp:
        (WebCore::SVGToOTFFontConverter::processGlyphElement):
        (WebCore::SVGToOTFFontConverter::SVGToOTFFontConverter):

2018-12-20  Jer Noble  <jer.noble@apple.com>

        REGRESSION (r239419): heap-use-after-free in AudioSourceProviderAVFObjC::finalizeCallback()
        https://bugs.webkit.org/show_bug.cgi?id=192941
        <rdar://problem/46874096>

        Reviewed by Brent Fulgham.

        Don't delete the locked lock before unlocking the lock. 

        * platform/graphics/avfoundation/AudioSourceProviderAVFObjC.mm:
        (WebCore::AudioSourceProviderAVFObjC::finalizeCallback):

2018-12-20  Keith Rollin  <krollin@apple.com>

        Improve release-level page-load logging
        https://bugs.webkit.org/show_bug.cgi?id=192872
        <rdar://problem/46850309>

        Reviewed by Chris Dumez.

        There are a number of reported bugs that are difficult or impossible
        to track down with our current level of logging. Additionally, some
        software groups lower in the page-loading stack have requested logging
        sufficient for tracking a user-visible error message down to the
        requested resource that caused the message. Add more-comprehensive
        logging to address these issues/requests.

        No new tests -- no changed functionality.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::setMainDocumentError):
        (WebCore::DocumentLoader::mainReceivedError):
        (WebCore::DocumentLoader::stopLoading):
        (WebCore::DocumentLoader::notifyFinished):
        (WebCore::DocumentLoader::willSendRequest):
        (WebCore::DocumentLoader::continueAfterContentPolicy):
        (WebCore::DocumentLoader::startLoadingMainResource):
        (WebCore::DocumentLoader::loadMainResource):
        (WebCore::DocumentLoader::cancelMainResourceLoad):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::urlSelected):
        (WebCore::FrameLoader::loadURLIntoChildFrame):
        (WebCore::FrameLoader::loadArchive):
        (WebCore::FrameLoader::loadInSameDocument):
        (WebCore::FrameLoader::loadFrameRequest):
        (WebCore::FrameLoader::loadURL):
        (WebCore::FrameLoader::load):
        (WebCore::FrameLoader::loadWithNavigationAction):
        (WebCore::FrameLoader::loadWithDocumentLoader):
        (WebCore::FrameLoader::reloadWithOverrideEncoding):
        (WebCore::FrameLoader::reload):
        (WebCore::FrameLoader::setState):
        (WebCore::FrameLoader::checkLoadCompleteForThisFrame):
        (WebCore::FrameLoader::loadPostRequest):
        (WebCore::FrameLoader::continueLoadAfterNavigationPolicy):
        (WebCore::FrameLoader::loadDifferentDocumentItem):
        * loader/ProgressTracker.cpp:
        (WebCore::ProgressItem::ProgressItem):
        (WebCore::ProgressTracker::reset):
        (WebCore::ProgressTracker::progressStarted):
        (WebCore::ProgressTracker::progressCompleted):
        (WebCore::ProgressTracker::finalProgressComplete):
        (WebCore::ProgressTracker::incrementProgress):
        (WebCore::ProgressTracker::completeProgress):
        (WebCore::ProgressTracker::isAlwaysOnLoggingAllowed const):
        * loader/ProgressTracker.h:
        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::loadDataURL):
        (WebCore::ResourceLoader::willSendRequestInternal):
        (WebCore::ResourceLoader::didFinishLoading):
        (WebCore::ResourceLoader::didFail):
        (WebCore::ResourceLoader::willSendRequestAsync):
        (WebCore::ResourceLoader::wasBlocked):
        (WebCore::ResourceLoader::cannotShowURL):
        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::willSendRequestInternal):
        (WebCore::=):
        (WebCore::SubresourceLoader::didReceiveResponse):
        (WebCore::SubresourceLoader::didFinishLoading):
        (WebCore::SubresourceLoader::didFail):
        (WebCore::SubresourceLoader::willCancel):
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::load):

2018-12-20  Jeremy Jones  <jeremyj@apple.com>

        Switch tabs before retuning PiP video to inline.
        https://bugs.webkit.org/show_bug.cgi?id=192767
        rdar://problem/46006046

        Reviewed by Jer Noble.

        No new tests because this code path only happens with a user action on system UI.

        When exiting PiP, notify the fullscreen change observer so it can restore client UI state before exiting.

        * platform/mac/VideoFullscreenInterfaceMac.mm:
        (-[WebVideoFullscreenInterfaceMacObjC pipShouldClose:]):

2018-12-19  Michael Catanzaro  <mcatanzaro@igalia.com>

        Unreviewed, fix GTK build after r239410

        It added a new file to the build, breaking the unified sources magic that obscured a bug in
        URLSoup.h. It forward-declares URL, but this never worked unless the URL.h header was
        included via another source file in the unified source bundle.

        * platform/network/soup/URLSoup.h:

2018-12-19  Chris Dumez  <cdumez@apple.com>

        wtf/Optional.h: move-constructor and move-assignment operator should disengage the value being moved from
        https://bugs.webkit.org/show_bug.cgi?id=192728
        <rdar://problem/46746779>

        Reviewed by Geoff Garen.

        * Modules/*:
        * animation/*:
        * bindings/*:
        * crypto/*:
        * css/*:
        * dom/*:
        * editing/*:
        * fileapi/*:
        * html/*:
        * inspector/*:
        * layout/*:
        * loader/*:
        * mathml/*:
        * page/*:
        * platform/*:
        * plugins/*:
        * rendering/*:
        * testing/*:
        * workers/*:
        * xml/*:

2018-12-19  Jer Noble  <jer.noble@apple.com>

        Leak of MTAudioProcessingTap (304 bytes) in com.apple.WebKit.WebContent running WebKit layout tests
        https://bugs.webkit.org/show_bug.cgi?id=192896
        <rdar://46732186>

        Reviewed by Eric Carlson.

        * platform/graphics/avfoundation/AudioSourceProviderAVFObjC.mm:
        (WebCore::AudioSourceProviderAVFObjC::initCallback):

2018-12-19  Timothy Hatcher  <timothy@apple.com>

        REGRESSION (r232991): Switching to dark mode in Mail does not update the message view to be transparent
        https://bugs.webkit.org/show_bug.cgi?id=188891
        rdar://problem/42344352

        Reviewed by Simon Fraser.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::rootBackgroundColorOrTransparencyChanged):
        Don't return early when m_layerForOverhangAreas is null to avoid skipping
        setRootLayerConfigurationNeedsUpdate() and scheduleCompositingLayerUpdate().

2018-12-19  Justin Fan  <justin_fan@apple.com>

        [WebGPU] Add stubs for WebGPUPipelineLayout/Descriptor and device::createPipelineLayout
        https://bugs.webkit.org/show_bug.cgi?id=192843
        <rdar://problem/46820395>

        Reviewed by Myles Maxfield.

        Test: webgpu/pipeline-layouts.html

        Implement the emtpy WebGPUPipelineLayout interface, and enable creation via WebGPUDevice::createPipelineLayout:
        * Modules/webgpu/WebGPUBindGroupLayout.cpp:
        (WebCore::WebGPUBindGroupLayout::WebGPUBindGroupLayout):
        * Modules/webgpu/WebGPUBindGroupLayout.h:
        (WebCore::WebGPUBindGroupLayout::bindGroupLayout const): Added getter.
        * Modules/webgpu/WebGPUDevice.cpp:
        (WebCore::WebGPUDevice::createPipelineLayout const): Added.
        * Modules/webgpu/WebGPUDevice.h:
        * Modules/webgpu/WebGPUDevice.idl: Enable createPipelineLayout.
        * Modules/webgpu/WebGPUPipelineLayout.cpp: Added.
        (WebCore::WebGPUPipelineLayout::create):
        (WebCore::WebGPUPipelineLayout::WebGPUPipelineLayout):
        * Modules/webgpu/WebGPUPipelineLayout.h: Added.
        * Modules/webgpu/WebGPUPipelineLayout.idl: Added.
        * Modules/webgpu/WebGPUPipelineLayoutDescriptor.h: Added.
        * Modules/webgpu/WebGPUPipelineLayoutDescriptor.idl: Added.
        * platform/graphics/gpu/GPUDevice.cpp:
        (WebCore::GPUDevice::createPipelineLayout const): Added.
        * platform/graphics/gpu/GPUDevice.h:
        * platform/graphics/gpu/GPUPipelineLayout.cpp: Added.
        (WebCore::GPUPipelineLayout::create):
        (WebCore::GPUPipelineLayout::GPUPipelineLayout):
        * platform/graphics/gpu/GPUPipelineLayout.h: Added.
        * platform/graphics/gpu/GPUPipelineLayoutDescriptor.h: Added.

        Add files and symbols to project:
        * CMakeLists.txt:
        * DerivedSources.make:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/WebCoreBuiltinNames.h:

        Add missing include:
        * Modules/webgpu/WebGPUQueue.h:

2018-12-18  Ryosuke Niwa  <rniwa@webkit.org>

        SVGUseElement::findTarget should return nullptr when there is a cycle
        https://bugs.webkit.org/show_bug.cgi?id=192840

        Reviewed by Tim Horton.

        r233366 added an early return to updateShadowTree() when there is a cycle between an use element and its target.
        Consolidate this cycle detection code with the one in SVGUseElement::findTarget which detected cycles when
        the SVG use element itself had a corresponding element.

        No new tests since there should be no behavioral change.

        * svg/SVGUseElement.cpp:
        (WebCore::SVGUseElement::updateShadowTree):
        (WebCore::SVGUseElement::findTarget const):

2018-12-19  Myles C. Maxfield  <mmaxfield@apple.com>

        [WHLSL] Add a handwritten lexer
        https://bugs.webkit.org/show_bug.cgi?id=192294

        Reviewed by Jon Lee.

        This is infrastructure necessary for https://bugs.webkit.org/show_bug.cgi?id=192355. The
        implementation matches the lexing rules in the spec (specifically, the rules that start
        with an uppercase letter). The spec is at
        https://github.com/gpuweb/WHLSL/blob/master/Spec/WHLSL.g4.

        This patch also modifies the lexer according to https://github.com/gpuweb/WHLSL/pull/283.

        No new tests because the lexer isn't hooked up yet; there are tests in the parser,
        once that gets committed.

        * Modules/webgpu/WHLSL/WHLSLLexer.cpp: Added.
        (WebCore::WHLSL::Lexer::Token::typeName):
        (WebCore::WHLSL::Lexer::recognizeKeyword):
        (WebCore::WHLSL::Lexer::consumeTokenFromStream):
        (WebCore::WHLSL::Lexer::skipWhitespaceAndComments):
        (WebCore::WHLSL::isWhitespace):
        (WebCore::WHLSL::isNewline):
        (WebCore::WHLSL::Lexer::skipWhitespace):
        (WebCore::WHLSL::Lexer::skipLineComment):
        (WebCore::WHLSL::Lexer::skipLongComment):
        (WebCore::WHLSL::Lexer::coreDecimalIntLiteral const):
        (WebCore::WHLSL::Lexer::decimalIntLiteral const):
        (WebCore::WHLSL::Lexer::decimalUintLiteral const):
        (WebCore::WHLSL::isHexadecimalCharacter):
        (WebCore::WHLSL::Lexer::coreHexadecimalIntLiteral const):
        (WebCore::WHLSL::Lexer::hexadecimalIntLiteral const):
        (WebCore::WHLSL::Lexer::hexadecimalUintLiteral const):
        (WebCore::WHLSL::Lexer::intLiteral const):
        (WebCore::WHLSL::Lexer::uintLiteral const):
        (WebCore::WHLSL::Lexer::digit const):
        (WebCore::WHLSL::Lexer::digitStar const):
        (WebCore::WHLSL::Lexer::character const):
        (WebCore::WHLSL::Lexer::coreFloatLiteralType1 const):
        (WebCore::WHLSL::Lexer::coreFloatLiteral const):
        (WebCore::WHLSL::Lexer::floatLiteral const):
        (WebCore::WHLSL::Lexer::validIdentifier const):
        (WebCore::WHLSL::Lexer::identifier const):
        (WebCore::WHLSL::Lexer::operatorName const):
        * Modules/webgpu/WHLSL/WHLSLLexer.h: Added.
        (WebCore::WHLSL::Lexer::Lexer):
        (WebCore::WHLSL::Lexer::consumeToken):
        (WebCore::WHLSL::Lexer::unconsumeToken):
        (WebCore::WHLSL::Lexer::state const):
        (WebCore::WHLSL::Lexer::setState):
        (WebCore::WHLSL::Lexer::isFullyConsumed const):
        (WebCore::WHLSL::Lexer::errorString):
        (WebCore::WHLSL::Lexer::string const):
        (WebCore::WHLSL::Lexer::anyCharacter const):
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:

2018-12-18  Simon Fraser  <simon.fraser@apple.com>

        Web Inspector: Timelines: correctly label Intersection Observer callbacks
        https://bugs.webkit.org/show_bug.cgi?id=192669
        <rdar://problem/46702490>

        Reviewed by Joseph Pecoraro.

        Add InspectorInstrumentation::willFireObserverCallback() and use it to wrap calls
        to Intersection Observer, Performance Observer and Mutation Observer callbacks so 
        that they get correctly labeled in the Inspector timeline.

        * dom/MutationObserver.cpp:
        (WebCore::MutationObserver::deliver):
        * en.lproj/Localizable.strings:
        * inspector/InspectorInstrumentation.cpp:
        (WebCore::InspectorInstrumentation::willFireObserverCallbackImpl):
        (WebCore::InspectorInstrumentation::didFireObserverCallbackImpl):
        * inspector/InspectorInstrumentation.h:
        (WebCore::InspectorInstrumentation::willFireObserverCallback):
        (WebCore::InspectorInstrumentation::didFireObserverCallback):
        * inspector/TimelineRecordFactory.cpp:
        (WebCore::TimelineRecordFactory::createObserverCallbackData):
        * inspector/TimelineRecordFactory.h:
        * inspector/agents/InspectorTimelineAgent.cpp:
        (WebCore::InspectorTimelineAgent::willFireObserverCallback):
        (WebCore::InspectorTimelineAgent::didFireObserverCallback):
        (WebCore::toProtocol):
        * inspector/agents/InspectorTimelineAgent.h:
        * page/IntersectionObserver.cpp:
        (WebCore::IntersectionObserver::notify):
        * page/PerformanceObserver.cpp:
        (WebCore::PerformanceObserver::deliver):

2018-12-19  Claudio Saavedra  <csaavedra@igalia.com>

        ContentExtensions: DFANode.cpp:66:44: error: narrowing conversion of '-1' from 'int' to 'char' inside { }
        https://bugs.webkit.org/show_bug.cgi?id=192854

        Reviewed by Alex Christensen.

        * contentextensions/DFANode.h: Define CharRange's chars as signed

2018-12-19  Youenn Fablet  <youenn@apple.com>

        Remove RTCRtpTransceiver.setDirection
        https://bugs.webkit.org/show_bug.cgi?id=192869

        Reviewed by Alex Christensen.

        Covered by rebased test.

        * Modules/mediastream/RTCRtpTransceiver.idl:

2018-12-19  Jer Noble  <jer.noble@apple.com>

        Force synchronous decode in WebCoreDecompressionSession::decodeSampleSync()
        https://bugs.webkit.org/show_bug.cgi?id=192856
        <rdar://problem/46843245>

        Reviewed by Alex Christensen.

        Some decoders exposed through VideoToolbox will decode asynchronously even when 
        kVTDecodeInfo_Asynchronous is not set. Force synchronous behavior with a Semaphore.

        * platform/graphics/cocoa/WebCoreDecompressionSession.mm:
        (WebCore::WebCoreDecompressionSession::decodeSampleSync):

2018-12-19  Megan Gardner  <megan_gardner@apple.com>

        Allow clients to set the navigator platform
        https://bugs.webkit.org/show_bug.cgi?id=192735

        Reviewed by Tim Horton.

        Expanded TestWebKitAPI/Tests/WebKitCocoa/WebsitePolicies.mm.

        Lots of piping to allow the setting of a custom navigator platform.

        * loader/DocumentLoader.h:
        (WebCore::DocumentLoader::setCustomNavigatorPlatform):
        (WebCore::DocumentLoader::customNavigatorPlatform const):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::navigatorPlatform const):
        * loader/FrameLoader.h:
        * page/Navigator.cpp:
        (WebCore::Navigator::platform const):
        * page/Navigator.h:
        * page/NavigatorBase.cpp:
        (WebCore::NavigatorBase::platform const):
        (WebCore::NavigatorBase::platform): Deleted.
        * page/NavigatorBase.h:

2018-12-19  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r239347.

        Caused the leaks bot to hit an exception and the new test
        crashes on certain configurations.

        Reverted changeset:

        "Synchronous media query evaluation could destroy current
        Frame/FrameView."
        https://bugs.webkit.org/show_bug.cgi?id=192781
        https://trac.webkit.org/changeset/239347

2018-12-19  Truitt Savell  <tsavell@apple.com>

        Unreviewed, rolling out r239358.

        Revision caused imported/w3c/web-platform-tests/IndexedDB/ to
        crash on Debug bots

        Reverted changeset:

        "Clean up IndexedDB files between tests"
        https://bugs.webkit.org/show_bug.cgi?id=192796
        https://trac.webkit.org/changeset/239358

2018-12-19  Don Olmstead  <don.olmstead@sony.com>

        Sync some include directories in WebCore
        https://bugs.webkit.org/show_bug.cgi?id=192819

        Reviewed by Michael Catanzaro.

        Added missing include directories around features that have only been enabled on
        Apple ports. Removes obsolete directories from list and moves harfbuzz directories
        into the freetype cmake file.

        * CMakeLists.txt:
        * platform/FreeType.cmake:

2018-12-19  Alicia Boya García  <aboya@igalia.com>

        [MSE] Remove unused method: stopAskingForMoreSamples()
        https://bugs.webkit.org/show_bug.cgi?id=192754

        Reviewed by Xabier Rodriguez-Calvar.

        The stopAskingForMoreSamples() method from SourceBufferPrivate is not
        being used by anyone. SourceBuffer is not calling it and no
        SourceBufferPrivate is implementing it. Let's remove that noise.

        * platform/graphics/SourceBufferPrivate.h:
        (WebCore::SourceBufferPrivate::setActive):
        (WebCore::SourceBufferPrivate::stopAskingForMoreSamples): Deleted.
        * platform/graphics/gstreamer/mse/SourceBufferPrivateGStreamer.cpp:
        (WebCore::SourceBufferPrivateGStreamer::stopAskingForMoreSamples): Deleted.
        * platform/graphics/gstreamer/mse/SourceBufferPrivateGStreamer.h:

2018-12-19  Alicia Boya García  <aboya@igalia.com>

        [MSE] Remove dead code: sourceBufferPrivateSeekToTime()
        https://bugs.webkit.org/show_bug.cgi?id=192827

        Reviewed by Xabier Rodriguez-Calvar.

        This patch makes two dead code removal changes in
        SourceBufferPrivateClient:

        First, sourceBufferPrivateFastSeekTimeForMediaTime() is made pure
        virtual in SourceBufferPrivateClient. Since SourceBufferPrivateClient
        is only inherited by SourceBuffer, it makes no sense to have default
        implementations there (they will never be used), moreso it being a
        client interface.

        Second, sourceBufferPrivateSeekToTime() is removed entirely. It used
        to had an empty implementation, which SourceBuffer did not overwrite,
        therefore making any calls to it useless.

        All calls to sourceBufferPrivateSeekToTime() have been removed:

        SourceBufferPrivateAVFObjC::seekToTime(), which was also dead code
        itself, used to call this method. This patch deletes it completely.

        MockSourceBufferPrivate::seekToTime(), which only called this empty
        method, has also been removed along with its only usage in
        MockMediaSourcePrivate::seekToTime().

        * platform/graphics/SourceBufferPrivateClient.h:
        (WebCore::SourceBufferPrivateClient::sourceBufferPrivateFastSeekTimeForMediaTime): Deleted.
        (WebCore::SourceBufferPrivateClient::sourceBufferPrivateSeekToTime): Deleted.
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        (WebCore::SourceBufferPrivateAVFObjC::seekToTime): Deleted.
        * platform/mock/mediasource/MockMediaSourcePrivate.cpp:
        (WebCore::MockMediaSourcePrivate::seekToTime):
        * platform/mock/mediasource/MockSourceBufferPrivate.cpp:
        (WebCore::MockSourceBufferPrivate::seekToTime): Deleted.
        * platform/mock/mediasource/MockSourceBufferPrivate.h:

2018-12-19  Xabier Rodriguez Calvar  <calvaris@igalia.com>

        [EME] MediaKeySystemConfiguration distinctiveIdentifier and persistentState should default to optional
        https://bugs.webkit.org/show_bug.cgi?id=192815

        Reviewed by Jer Noble.

        https://www.w3.org/TR/encrypted-media/#dom-mediakeysystemconfiguration
        says that distinctiveIdentifier and persistentState default to
        optional. Our implementation does not define a default leaving it
        to the first option of the enum, which currently is Required.

        * platform/encryptedmedia/CDMKeySystemConfiguration.h:

2018-12-19  Rob Buis  <rbuis@igalia.com>

        Merge parseAccessControlExposeHeadersAllowList into parseAccessControlAllowList
        https://bugs.webkit.org/show_bug.cgi?id=192288

        Reviewed by Frédéric Wang.

        Prefer return value to out parameter for parseAccessControlAllowList.

        * loader/CrossOriginPreflightResultCache.cpp:
        (WebCore::CrossOriginPreflightResultCacheItem::parse):
        * platform/network/HTTPParsers.h:
        (WebCore::parseAccessControlAllowList):
        * platform/network/ResourceResponseBase.cpp:
        (WebCore::ResourceResponseBase::filter):
        (WebCore::ResourceResponseBase::sanitizeHTTPHeaderFieldsAccordingToTainting):

2018-12-18  Zan Dobersek  <zdobersek@igalia.com>

        REGRESSION(r235165): [GTK][WPE] Garbled rendering on GitLab
        https://bugs.webkit.org/show_bug.cgi?id=192230

        Reviewed by Carlos Garcia Campos.

        Single tile can after r235165 be assigned multiple content updates
        without a commit occurring between each update, whereas before these
        commits were done for each update.

        To avoid repeating updates for a single tile purging information about
        the previous update, these updates are now accumulated inside a Vector
        and then iterated over during the commit phase.

        * platform/graphics/texmap/coordinated/CoordinatedBackingStore.cpp:
        (WebCore::CoordinatedBackingStoreTile::addUpdate):
        (WebCore::CoordinatedBackingStoreTile::swapBuffers):
        (WebCore::CoordinatedBackingStore::updateTile):
        (WebCore::CoordinatedBackingStoreTile::setBackBuffer): Deleted.
        * platform/graphics/texmap/coordinated/CoordinatedBackingStore.h:
        (WebCore::CoordinatedBackingStoreTile::scale const):

2018-12-18  Wenson Hsieh  <wenson_hsieh@apple.com>

        [iOS] A copied text selection is pasted as a web archive attachment in the entry view in Messages
        https://bugs.webkit.org/show_bug.cgi?id=192842
        <rdar://problem/46823586>

        Reviewed by Tim Horton.

        Temporarily revert a behavior change introduced by r238661, where we now add "com.apple.webarchive" as a
        registered UTI when dragging or copying a text selection. This broke the Messages app on iOS, which currently
        inserts a copied or dragged text selection from WebKit-based views as a web archive file attachment. A fix for
        this is internally tracked in <rdar://problem/46830277>.

        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::write):

2018-12-18  Michael Catanzaro  <mcatanzaro@igalia.com>

        Unreviewed, add a missing UNUSED_PARAM()

        * Modules/mediarecorder/MediaRecorder.cpp:
        (WebCore::MediaRecorder::getPrivateImpl):

2018-12-18  Justin Michaud  <justin_michaud@apple.com>

        Update CSS Properties and Values API to use new cycle fallback behaviour
        https://bugs.webkit.org/show_bug.cgi?id=192800

        Reviewed by Antti Koivisto.

        Make CSS variables that are registered and involved in a cycle be treated as invalid. This also fixes a crash in the
        wpt tests where relative units and calc() in a registered property's initial value would break things instead of failing. 

        * css/CSSCustomPropertyValue.h:
        * css/CSSVariableReferenceValue.cpp:
        (WebCore::resolveVariableReference):
        * css/DOMCSSRegisterCustomProperty.cpp:
        (WebCore::DOMCSSRegisterCustomProperty::registerProperty):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::applyCascadedCustomProperty):
        * css/parser/CSSPropertyParser.cpp:
        (WebCore::CSSPropertyParser::parseTypedCustomPropertyValue):

2018-12-18  Daniel Bates  <dabates@apple.com>

        Wrong value for key property in keydown and keyup events generated holding Control key
        https://bugs.webkit.org/show_bug.cgi?id=192788
        <rdar://problem/46795214>

        Reviewed by Wenson Hsieh.

        Similar to what we do on Mac, compute the DOM key property from the characters ignoring
        modifier keys input string when the Control key is held down.

        * platform/ios/PlatformEventFactoryIOS.mm:
        (WebCore::keyForKeyEvent):
        * platform/mac/PlatformEventFactoryMac.mm:
        (WebCore::keyForKeyEvent):

2018-12-18  Sihui Liu  <sihui_liu@apple.com>

        Clean up IndexedDB files between tests
        https://bugs.webkit.org/show_bug.cgi?id=192796

        Reviewed by Geoffrey Garen.

        We should clean up the IndexedDB files between tests to make sure each test is independent of others.

        This patch also fixes some issues in IDB.

        Covered by existing tests.

        * Modules/indexeddb/server/IDBServer.cpp:
        (WebCore::IDBServer::IDBServer::closeAndDeleteDatabasesModifiedSince):
        We should shut down all open databases instead of databases from open database connections before deleting 
        files, because database starts accessing files before connection to database is established.

        * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
        (WebCore::IDBServer::UniqueIDBDatabase::shutdownForClose):
        We should shutdown database after tasks in queue are completed, because tasks have pointer of UniqueIDBDatabase 
        and UniqueIDBDatabase can be destructed after shutdown.

        (WebCore::IDBServer::UniqueIDBDatabase::didDeleteBackingStore):
        didDeleteBackingStore can be posted to main thread after immediateCloseForUserDelete, and timer should not be 
        invoked during the hard close.

        (WebCore::IDBServer::UniqueIDBDatabase::handleDatabaseOperations):
        Tasks like didOpenBackingStore could be posted from database thread to main thread after 
        immediateCloseForUserDelete, but we know the backing store will be deleted soon, so no need to handle any 
        database operation. 

        (WebCore::IDBServer::UniqueIDBDatabase::performPrefetchCursor):
        performPrefetchCursor needs to be aware of whether UniqueIDBDatabase is being closed, so that it will not access 
        m_backingStore when m_backingStore may already be deleted. 

        (WebCore::IDBServer::UniqueIDBDatabase::immediateCloseForUserDelete):
        immediateCloseForUserDelete does not handle transactions that are in the process of commit or abort. 
        m_objectStoreTransactionCounts and m_objectStoreWriteTransactions may be used by those transactions in 
        transactionCompleted, so they do not need to be cleared here.

2018-12-18  Myles C. Maxfield  <mmaxfield@apple.com>

        Thick overlines and line-throughs grow in the wrong direction
        https://bugs.webkit.org/show_bug.cgi?id=192264

        Reviewed by Dean Jackson.

        Overlines should grow upward, and line-throughs should stay centered.

        Test: fast/css3-text/css3-text-decoration/text-decoration-thicknes-overline-grow-direction.html

        * rendering/TextDecorationPainter.cpp:
        (WebCore::TextDecorationPainter::paintTextDecoration):
        * style/InlineTextBoxStyle.cpp:
        (WebCore::visualOverflowForDecorations):

2018-12-18  Ryosuke Niwa  <rniwa@webkit.org>

        Some iOS app crash in FrameLoader::checkCompleted
        https://bugs.webkit.org/show_bug.cgi?id=192804
        <rdar://problem/44240573>

        Reviewed by Tim Horton.

        It's possible for the main thread to call into WebCore / UIWebView selectors while Web thread
        is trying to send a delegate message. Disable the release assertion while this is happening
        so that iOS app would not crash.

        Unfortunately no new test as there is no way to easily test UIWebView in iOS,
        and this requires a race between the web thread & the main thread.

        * dom/ScriptDisallowedScope.h:
        (WebCore::ScriptDisallowedScope::InMainThread::isScriptAllowed):
        * platform/ios/wak/WebCoreThread.h:
        * platform/ios/wak/WebCoreThread.mm:
        (WebThreadDelegateMessageScope::WebThreadDelegateMessageScope):
        (WebThreadDelegateMessageScope::~WebThreadDelegateMessageScope):
        (SendDelegateMessage):

2018-12-18  David Kilzer  <ddkilzer@apple.com>

        clang-tidy: Use const reference for MediaTime parameter to prevent object copy
        <https://webkit.org/b/192814>

        Reviewed by Mark Lam.

        * bindings/js/JSDOMConvertNumbers.h:
        (WebCore::JSConverter<IDLUnrestrictedDouble>::convert):

2018-12-18  Justin Fan  <justin_fan@apple.com>

        [WebGPU] BindGroupLayout and Device::createBindGroupLayout
        https://bugs.webkit.org/show_bug.cgi?id=192817

        Reviewed by Dean Jackson.

        Update bind-group-layouts to test new functionality.

        Implement the emtpy WebGPUBindGroupLayout interface, and enable creation via WebGPUDevice::createBindGroupLayout:
        * Modules/webgpu/WebGPUBindGroupLayout.cpp: Added.
        (WebCore::WebGPUBindGroupLayout::create):
        (WebCore::WebGPUBindGroupLayout::WebGPUBindGroupLayout):
        * Modules/webgpu/WebGPUBindGroupLayout.h: Added.
        * Modules/webgpu/WebGPUBindGroupLayout.idl: Added. Empty interface for now.
        * Modules/webgpu/WebGPUDevice.cpp:
        (WebCore::WebGPUDevice::createBindGroupLayout const): Added.
        * Modules/webgpu/WebGPUDevice.h:
        * Modules/webgpu/WebGPUDevice.idl:
        * platform/graphics/gpu/GPUBindGroupLayout.cpp: Added.
        (WebCore::GPUBindGroupLayout::tryCreate):
        (WebCore::GPUBindGroupLayout::GPUBindGroupLayout):
        * platform/graphics/gpu/GPUBindGroupLayout.h: Added.
        * platform/graphics/gpu/GPUDevice.cpp:
        (WebCore::GPUDevice::tryCreateBindGroupLayout const): Added.
        * platform/graphics/gpu/GPUDevice.h:

        Add files and symbols to project:
        * CMakeLists.txt:
        * DerivedSources.make:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/WebCoreBuiltinNames.h:

        Missing includes that were previously provided via UnifiedSources:
        * platform/mediarecorder/cocoa/MediaRecorderPrivateWriterCocoa.h:
        * platform/sql/SQLiteFileSystem.h:

2018-12-18  Youenn Fablet  <youenn@apple.com>

        Make ReadableStreamXX constructs use PrivateIdentifier
        https://bugs.webkit.org/show_bug.cgi?id=192771

        Reviewed by Chris Dumez.

        PrivateIdentifier is a better name for making sure a given construct does not show up in the global scope.
        Covered by existing binding tests.

        * Modules/streams/ReadableByteStreamController.idl:
        * Modules/streams/ReadableStreamBYOBReader.idl:
        * Modules/streams/ReadableStreamBYOBRequest.idl:
        * Modules/streams/ReadableStreamDefaultController.idl:
        * Modules/streams/ReadableStreamDefaultReader.idl:
        * bindings/scripts/CodeGeneratorJS.pm:
        (NeedsConstructorProperty):
        * bindings/scripts/preprocess-idls.pl:
        (shouldExposeInterface):
        * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp: Removed.
        * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.h: Removed.
        * bindings/scripts/test/TestCustomConstructor.idl: Removed.

2018-12-18  Zalan Bujtas  <zalan@apple.com>

        Synchronous media query evaluation could destroy current Frame/FrameView.
        https://bugs.webkit.org/show_bug.cgi?id=192781
        <rdar://problem/34416793>

        Reviewed by Chris Dumez.

        Protect Frame and FrameView when coming back from printing and check if the current Frame/FrameView/FrameLoader objects are still valid.

        Test: printing/print-with-media-query-destory.html

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::finishedLoading):
        * page/Frame.cpp:
        (WebCore::Frame::setPrinting):
        * page/FrameView.cpp:
        (WebCore::FrameView::forceLayoutForPagination):

2018-12-18  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: m3u8 content not shown, it should be text
        https://bugs.webkit.org/show_bug.cgi?id=192731
        <rdar://problem/46747728>

        Reviewed by Devin Rousso.

        * inspector/NetworkResourcesData.cpp:
        (WebCore::NetworkResourcesData::setResourceContent):
        Don't clobber data if setting empty content on a resource that has content.

        * inspector/agents/InspectorNetworkAgent.cpp:
        (WebCore::InspectorNetworkAgent::shouldTreatAsText):
        Additional non-"text/" mime types that can be treated as text.

        * platform/MIMETypeRegistry.cpp:
        (WebCore::MIMETypeRegistry::isTextMediaPlaylistMIMEType):
        * platform/MIMETypeRegistry.h:
        Detect media playlist mime types that are text (m3u8/m3u).

2018-12-18  Daniel Bates  <dabates@apple.com>

        Remove <meta http-equiv=set-cookie> support
        https://bugs.webkit.org/show_bug.cgi?id=185077
        <rdar://problem/41791397>

        Reviewed by Brent Fulgham.

        Remove support for the HTTP-equiv. pragma Set-Cookie to set a cookie. In <https://github.com/whatwg/html/pull/3649>
        the HTML living standard was ammended to define this pragma as no-op. Chrome and Edge have also
        removed support for this pragma and Firefox has an open bug to remove it.

        * dom/Document.cpp:
        (WebCore::Document::processHttpEquiv): Emit a message that the Set-Cookie pragma is obsolete and
        was ignored instead of setting the cookie.
        * html/parser/XSSAuditor.cpp:
        (WebCore::isDangerousHTTPEquiv): We no longer need to consider the Set-Cookie pragma
        as dangerous and erase attribute http-equiv when we find it because we no longer honor
        this pragma.

2018-12-18  Justin Michaud  <justin_michaud@apple.com>

        CSS Typed OM should expose attributeStyleMap
        https://bugs.webkit.org/show_bug.cgi?id=192671

        Reviewed by Ryosuke Niwa.

        Exposes element.attributeStyleMap, adds a stub for the StylePropertyMap class, and updates the existing
        TypedOMCSSImageValue to not require a RenderObject so that it can still work inside attributeStyleMap.

        Test: css-typedom/attributeStyleMap.html

        * CMakeLists.txt:
        * DerivedSources.make:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/WebCoreBuiltinNames.h:
        * css/ElementCSSInlineStyle.idl:
        * css/typedom/StylePropertyMap.h: Copied from Source/WebCore/css/typedom/StylePropertyMapReadOnly.h.
        * css/typedom/StylePropertyMap.idl: Copied from Source/WebCore/css/typedom/StylePropertyMapReadOnly.idl.
        * css/typedom/StylePropertyMapReadOnly.cpp: Added.
        (WebCore::StylePropertyMapReadOnly::reifyValue):
        (WebCore::StylePropertyMapReadOnly::customPropertyValueOrDefault):
        * css/typedom/StylePropertyMapReadOnly.h:
        (WebCore::StylePropertyMapReadOnly::create): Deleted.
        (WebCore::StylePropertyMapReadOnly::get const): Deleted.
        (WebCore::StylePropertyMapReadOnly::StylePropertyMapReadOnly): Deleted.
        * css/typedom/StylePropertyMapReadOnly.idl:
        * css/typedom/TypedOMCSSImageValue.h:
        * dom/Element.cpp:
        (WebCore::Element::attributeStyleMap):
        (WebCore::Element::setAttributeStyleMap):
        * dom/Element.h:
        * dom/ElementRareData.cpp:
        * dom/ElementRareData.h:
        (WebCore::ElementRareData::attributeStyleMap):
        (WebCore::ElementRareData::setAttributeStyleMap):
        * dom/StyledElement.cpp:
        (WebCore::StyledElement::ensureAttributeStyleMap):
        * dom/StyledElement.h:
        * html/canvas/CanvasRenderingContext2DBase.cpp:
        (WebCore::size):
        (WebCore::CanvasRenderingContext2DBase::drawImage):
        * platform/graphics/CustomPaintImage.cpp:
        (WebCore::extractComputedProperty):
        (WebCore::CustomPaintImage::doCustomPaint):

2018-12-18  Wenson Hsieh  <wenson_hsieh@apple.com>

        Calling setValue() while typing should invoke -textDidChangeInTextField in the injected bundle
        https://bugs.webkit.org/show_bug.cgi?id=192785
        <rdar://problem/45321184>

        Reviewed by Tim Horton.

        Makes a minor adjustment in `TextFieldInputType::setValue` to consider value changes as "user editing", if we're
        currently processing a keystroke from the user. This is useful for certain private clients, such as Safari, that
        need to know when the user is typing in a text form control, but the page is preventing default text insertion
        behavior and instead updating values programmatically.

        Test: fast/forms/call-text-did-change-in-text-field-when-typing.html

        * html/TextFieldInputType.cpp:
        (WebCore::TextFieldInputType::setValue):

2018-12-18  Zalan Bujtas  <zalan@apple.com>

        [LFC][BFC][MarginCollapsing] Implement marginBeforeCollapsesWithParentMarginAfter
        https://bugs.webkit.org/show_bug.cgi?id=192801

        Reviewed by Antti Koivisto.

        * layout/blockformatting/BlockFormattingContext.h:
        * layout/blockformatting/BlockFormattingContextGeometry.cpp:
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowNonReplacedHeightAndMargin):
        * layout/blockformatting/BlockMarginCollapse.cpp:
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginBeforeCollapsesWithParentMarginAfter):

2018-12-18  Zalan Bujtas  <zalan@apple.com>

        [LFC][BFC][MarginCollapsing] Implement marginAfterCollapsesWithSiblingMarginBeforeWithClearance
        https://bugs.webkit.org/show_bug.cgi?id=192799

        Reviewed by Antti Koivisto.

        * layout/blockformatting/BlockFormattingContext.h:
        * layout/blockformatting/BlockMarginCollapse.cpp:
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginAfterCollapsesWithSiblingMarginBeforeWithClearance):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginAfterCollapsesWithParentMarginAfter):

2018-12-18  Zalan Bujtas  <zalan@apple.com>

        [LFC][BFC][MarginCollapsing] Implement marginAfterCollapsesWithParentMarginBefore
        https://bugs.webkit.org/show_bug.cgi?id=192798

        Reviewed by Antti Koivisto.

        * layout/blockformatting/BlockFormattingContext.h:
        * layout/blockformatting/BlockFormattingContextGeometry.cpp:
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowNonReplacedHeightAndMargin):
        * layout/blockformatting/BlockMarginCollapse.cpp:
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::collapsedMarginAfterFromLastChild):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginAfterCollapsesWithParentMarginBefore):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginAfterCollapsesWithParentMarginAfter):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginAfter):

2018-12-18  Zalan Bujtas  <zalan@apple.com>

        [LFC][BFC][MarginCollapsing] Expand marginsCollapseThrough collapsing logic
        https://bugs.webkit.org/show_bug.cgi?id=192794

        Reviewed by Antti Koivisto.

        * layout/blockformatting/BlockFormattingContext.h:
        * layout/blockformatting/BlockMarginCollapse.cpp:
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginsCollapseThrough):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginBefore):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginAfter):

2018-12-18  Zalan Bujtas  <zalan@apple.com>

        [LFC][BFC][MarginCollapsing] Expand marginAfterCollapsesWithNextSibling and marginBeforeCollapsesWithPreviousSibling collapsing logic
        https://bugs.webkit.org/show_bug.cgi?id=192791

        Reviewed by Antti Koivisto.

        * layout/blockformatting/BlockMarginCollapse.cpp:
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginBeforeCollapsesWithPreviousSibling):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginAfterCollapsesWithNextSibling):

2018-12-18  Zalan Bujtas  <zalan@apple.com>

        [LFC][BFC][MarginCollapsing] Expand marginAfterCollapsesWithParentMarginAfter and marginBeforeCollapsesWithParentMarginBefore collapsing logic
        https://bugs.webkit.org/show_bug.cgi?id=192787

        Reviewed by Antti Koivisto.

        * layout/blockformatting/BlockFormattingContext.h:
        * layout/blockformatting/BlockMarginCollapse.cpp:
        (WebCore::Layout::hasClearance):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginBeforeCollapsesWithParentMarginBefore):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginAfterCollapsesWithSiblingMarginBeforeWithClearance):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginAfterCollapsesWithParentMarginBefore):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginAfterCollapsesWithParentMarginAfter):

2018-12-17  Fujii Hironori  <Hironori.Fujii@sony.com>

        [Win][Clang] Fix compilation warnings WebCore/platform/graphics directory
        https://bugs.webkit.org/show_bug.cgi?id=192752

        Reviewed by Don Olmstead.

        No new tests, no behavior changes.

        * platform/graphics/win/DIBPixelData.cpp:
        Enclosed bitmapType and bitmapPixelsPerMeter with #ifndef NDEBUG.
        * platform/graphics/win/FontPlatformDataWin.cpp:
        (WebCore::FontPlatformData::openTypeTable const): Use ASSERT_UNUSED instead of ASSERT.
        * platform/graphics/win/GraphicsContextWin.cpp: Removed unused variable 'deg2rad'.
        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:
        Removed unused soft links MFCreateSampleGrabberSinkActivate, MFCreateMemoryBuffer and MFCreateSample.
        (WebCore::MediaPlayerPrivateMediaFoundation::MediaPlayerPrivateMediaFoundation):
        Reorder the initializer list.
        (WebCore::MediaPlayerPrivateMediaFoundation::seek): Use ASSERT_UNUSED instead of ASSERT.
        (WebCore::MediaPlayerPrivateMediaFoundation::setAllChannelVolumes): Ditto.
        (WebCore::MediaPlayerPrivateMediaFoundation::createSession): Ditto.
        (WebCore::MediaPlayerPrivateMediaFoundation::endSession): Ditto.
        (WebCore::MediaPlayerPrivateMediaFoundation::onCreatedMediaSource): Ditto.
        (WebCore::MediaPlayerPrivateMediaFoundation::Direct3DPresenter::paintCurrentFrame): Added default case.
        * platform/graphics/win/SimpleFontDataCairoWin.cpp:
        (WebCore::Font::platformBoundsForGlyph const): Use inner braces to initialize subobjects of MAT2.
        * platform/graphics/win/SimpleFontDataWin.cpp: Removed unused 'cSmallCapsFontSizeMultiplier'.
        (WebCore::Font::initGDIFont): Use inner braces to initialize subobjects of MAT2.
        (WebCore::Font::boundsForGDIGlyph const): Ditto.
        (WebCore::Font::widthForGDIGlyph const): Ditto.
        * platform/graphics/win/UniscribeController.cpp:
        (WebCore::UniscribeController::UniscribeController):
        Reorder the initializer list.
        (WebCore::UniscribeController::offsetForPosition): Use parentheses to combine && and ||.
        (WebCore::UniscribeController::shapeAndPlaceItem): Removed unused 'glyphCount'.

2018-12-17  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] A stream's first video frame should be rendered
        https://bugs.webkit.org/show_bug.cgi?id=192629
        <rdar://problem/46664353>

        Reviewed by Youenn Fablet.

        Test: fast/mediastream/media-stream-renders-first-frame.html

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueVideoSample):
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayers):
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::currentDisplayMode const):
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateDisplayMode):
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::play):
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::currentReadyState):
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::characteristicsChanged):
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::checkSelectedVideoTrack):
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::paintCurrentFrameInContext):
        * platform/mediastream/RealtimeMediaSource.cpp:
        (WebCore::RealtimeMediaSource::size const):
        * platform/mediastream/mac/AVVideoCaptureSource.mm:
        (WebCore::AVVideoCaptureSource::processNewFrame):
        * platform/mediastream/mac/RealtimeIncomingVideoSourceCocoa.mm:
        (WebCore::RealtimeIncomingVideoSourceCocoa::processNewSample):

2018-12-17  Justin Michaud  <justin_michaud@apple.com>

        Bindings generator should support Conditional= along with CachedAttribute
        https://bugs.webkit.org/show_bug.cgi?id=192721

        Reviewed by Ryosuke Niwa.

        Fix a bug where specifying both attributes causes compilation errors because the compile-time
        condition is not included in the derived code.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::jsTestObjCachedAttribute3Getter):
        (WebCore::jsTestObjCachedAttribute3):
        (WebCore::JSTestObj::visitChildren):
        * bindings/scripts/test/JS/JSTestObj.h:
        * bindings/scripts/test/TestObj.idl:

2018-12-17  David Kilzer  <ddkilzer@apple.com>

        clang-tidy: Fix unnecessary object copy in CPUMonitor::setCPULimit()
        <https://webkit.org/b/192707>
        <rdar://problem/46734926>

        Reviewed by Daniel Bates.

        * platform/CPUMonitor.cpp:
        (WebCore::CPUMonitor::setCPULimit):
        * platform/CPUMonitor.h:
        (WebCore::CPUMonitor::setCPULimit):
        - Change parameter to const reference to fix unnecessary copies.

2018-12-17  Ryosuke Niwa  <rniwa@webkit.org>

        offsetLeft and offsetParent should adjust across shadow boundaries
        https://bugs.webkit.org/show_bug.cgi?id=157437
        <rdar://problem/26154021>

        Reviewed by Simon Fraser.

        Update the WebKit's treatment of shadow boundaries in offsetLeft, offsetTop, and offsetParent to match
        the latest discussion in CSS WG. See https://github.com/w3c/webcomponents/issues/497
        and https://github.com/w3c/webcomponents/issues/763

        The latest consensus is to use the retargeting algorithm (https://dom.spec.whatwg.org/#retarget).
        In practice, this would mean that we need to keep walking up the offset parent ancestors until we find
        the one which is in the same tree as a shadow-inclusive ancestor of the context object.

        For example, if a node (the context object of offsetTop, offsetLeft, offsetParent) was assigned to a slot
        inside a shadow tree and its offset parent was in the shadow tree, we need to walk up to its offset parent,
        then its offset parent, etc... until we find the offset parent in the same tree as the context object.

        Note it's possible that the context object is inside a shadow tree which does not have its own offset parent.
        (e.g. all elements have position: static) For this reason, we need to consider not just offset parent in
        the same tree as the context object but as well as any offset parent which is in its ancestor trees.

        Test: fast/shadow-dom/offsetParent-across-shadow-boundaries.html

        * dom/Element.cpp:
        (WebCore::adjustOffsetForZoomAndSubpixelLayout): Extracted to share code between offsetLeft and offsetTop.
        (WebCore::collectAncestorTreeScopeAsHashSet): Added.
        (WebCore::Element::offsetLeftForBindings): Added. Sums up offsetLeft's until it finds the first offset parent
        which is a shadow-including ancestor (https://dom.spec.whatwg.org/#concept-shadow-including-ancestor).
        (WebCore::Element::offsetLeft): Now uses adjustOffsetForZoomAndSubpixelLayout.
        (WebCore::Element::offsetTopForBindings): Added. Like offsetLeftForBindings, this function sums up offsetTop's
        until it finds the first offset parent which is a shadow-including ancestor.
        (WebCore::Element::offsetTop): Now uses adjustOffsetForZoomAndSubpixelLayout.
        (WebCore::Element::offsetParentForBindings): Renamed from bindingsOffsetParent to be consistent with other
        functions meant to be used for bindings code.
        * dom/Element.h:
        * html/HTMLElement.idl:

2018-12-17  Simon Fraser  <simon.fraser@apple.com>

        Don't use more expensive layer backing store formats when subpixel text antialiasing is not enabled
        https://bugs.webkit.org/show_bug.cgi?id=192780
        rdar://problem/43394387

        Reviewed by Tim Horton.
        
        macOS Mojave disabled text subpixel antialiasing by default, so we no longer need to use the
        memory-hungry "linear glyph mask" CALayer backing store formats for non-opaque with text in them.
        
        Add FontCascade::isSubpixelAntialiasingAvailable() which reports whether subpixel antialiasing is available,
        and consult it when making decisions that affect layer backing store format.

        Tested by new results for existing tests.

        * platform/graphics/FontCascade.cpp:
        (WebCore::FontCascade::isSubpixelAntialiasingAvailable):
        * platform/graphics/FontCascade.h:
        * platform/graphics/cocoa/FontCascadeCocoa.mm:
        (WebCore::FontCascade::isSubpixelAntialiasingAvailable): CGFontRenderingGetFontSmoothingDisabled() isn't super cheap, so fetch
        it once.
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateAfterDescendants):
        * testing/Internals.cpp:
        (WebCore::Internals::setFontSmoothingEnabled): Remove a WebCore::

2018-12-17  Daniel Bates  <dabates@apple.com>

        Make DocumentMarker::allMarkers() constexpr
        https://bugs.webkit.org/show_bug.cgi?id=192634

        Reviewed by Simon Fraser.

        The result of DocumentMarker::allMarkers() can be computed at compile time. We should annotate
        it constexpr to do just that.

        * dom/DocumentMarker.h:
        (WebCore::DocumentMarker::allMarkers):

2018-12-17  Justin Fan  <justin_fan@apple.com>

        [WebGPU] Implement WebGPUBindGroupLayoutDescriptor and its supporting dictionaries
        https://bugs.webkit.org/show_bug.cgi?id=192726

        Reviewed by Myles C. Maxfield.

        Test: webgpu/bind-group-layouts.html
        Implement the WebGPUBindGroupLayoutDescriptor struct and its sub-structs:
        * Modules/streams/WebGPUBindGroupLayoutDescriptor.h: Added.
        * Modules/streams/WebGPUBindGroupLayoutDescriptor.idl: Added.
        * Modules/webgpu/WebGPUBindGroupLayoutBinding.h: Added.
        * Modules/webgpu/WebGPUBindGroupLayoutBinding.idl: Added.
        * Modules/webgpu/WebGPUShaderStageBit.h: Added.
        * Modules/webgpu/WebGPUShaderStageBit.idl: Added.
        * platform/graphics/gpu/GPUBindGroupLayoutBinding.h: Added.
        * platform/graphics/gpu/GPUBindGroupLayoutDescriptor.h: Added.

        Add the new symbols and files to the project:
        * CMakeLists.txt:
        * DerivedSources.make:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/WebCoreBuiltinNames.h:

        Small FIXME update for later:
        * platform/graphics/gpu/cocoa/GPURenderPassEncoderMetal.mm:
        (WebCore::GPURenderPassEncoder::setVertexBuffers):

2018-12-17  Zalan Bujtas  <zalan@apple.com>

        Unreviewed build fix.

        * page/ios/FrameIOS.mm:
        (WebCore::Frame::interpretationsForCurrentRoot const):

2018-12-17  Zalan Bujtas  <zalan@apple.com>

        Reproducible ASSERTion failure when toggling layer borders with find-in-page up
        https://bugs.webkit.org/show_bug.cgi?id=192762
        <rdar://problem/46676873>

        Reviewed by Simon Fraser.

        DocumentMarkerController::markersFor() should take a reference instead of a Node*.

        Test: editing/document-marker-null-check.html

        * dom/DocumentMarkerController.cpp:
        (DocumentMarkerController::hasMarkers):
        * dom/DocumentMarkerController.h:
        * editing/AlternativeTextController.cpp:
        (WebCore::AlternativeTextController::respondToChangedSelection):
        * editing/Editor.cpp:
        (WebCore::Editor::selectionStartHasMarkerFor const):
        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::collectMarkedTextsForDocumentMarkers const):
        * rendering/RenderReplaced.cpp:
        (WebCore::RenderReplaced::paint):
        * rendering/RenderText.cpp:
        (WebCore::RenderText::draggedContentRangesBetweenOffsets const):
        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::canUseForWithReason):
        * testing/Internals.cpp:
        (WebCore::Internals::markerCountForNode):

2018-12-17  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r239265 and r239274.
        https://bugs.webkit.org/show_bug.cgi?id=192765

        unorm_normalize is deprecated, and broke an internal build
        (Requested by Truitt on #webkit).

        Reverted changesets:

        "[GTK][WPE] Need a function to convert internal URI to display
        ("pretty") URI"
        https://bugs.webkit.org/show_bug.cgi?id=174816
        https://trac.webkit.org/changeset/239265

        "Fix the Apple Internal Mac build with a newer SDK"
        https://trac.webkit.org/changeset/239274

2018-12-17  Daniel Bates  <dabates@apple.com>

        [iOS] Remove -[WebEvent initWithKeyEventType:...:characterSet:]
        https://bugs.webkit.org/show_bug.cgi?id=192633

        Reviewed by Wenson Hsieh.

        UIKit has long adopted the newer -[WebEvent initWithKeyEventType:] initializer that takes an
        input manager hint. We no longer need to keep the variant -[WebEvent initWithKeyEventType:...:characterSet:]
        for binary compatibility.

        * platform/ios/WebEvent.h:
        * platform/ios/WebEvent.mm:
        (-[WebEvent initWithKeyEventType:timeStamp:characters:charactersIgnoringModifiers:modifiers:isRepeating:withFlags:keyCode:isTabKey:characterSet:]): Deleted.

2018-12-17  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r239254.

        This broke the Windows 10 Debug build

        Reverted changeset:

        "Replace many uses of String::format with more type-safe
        alternatives"
        https://bugs.webkit.org/show_bug.cgi?id=192742
        https://trac.webkit.org/changeset/239254

2018-12-17  Antoine Quint  <graouts@apple.com>

        [Web Animations] Remove the redundant m_scheduledMicrotask from WebAnimation
        https://bugs.webkit.org/show_bug.cgi?id=192758

        Reviewed by Dean Jackson.

        We tracked whether we had a pending microtask twice so we remove the m_scheduledMicrotask flag as m_finishNotificationStepsMicrotaskPending
        gives us enough information as it is. Additionally, we remove the scheduleMicrotaskIfNeeded() and performMicrotask() functions since there is
        less bookkeeping to perform.

        No new test since there is no user-observable change.

        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::updateFinishedState):
        (WebCore::WebAnimation::scheduleMicrotaskIfNeeded): Deleted.
        (WebCore::WebAnimation::performMicrotask): Deleted.
        * animation/WebAnimation.h:

2018-12-17  Antoine Quint  <graouts@apple.com>

        [Web Animations] Ensure we don't update an animation's finished state twice when updating animations
        https://bugs.webkit.org/show_bug.cgi?id=192757

        Reviewed by Dean Jackson.

        When animations are udpated and DocumentTimeline::updateAnimationsAndSendEvents() is called, we used to update an animation's finished state
        twice since we'd do it once when calling tick() and once again when calling resolve() in the ensuing style invalidation. We now keep track of
        whether we've already updated an animation's finished state during animation update in the call to tick() and avoid updating in the immediate
        next call to resolve(), unless any of the timing properties have changed in the meantime.

        No new test since there is no user-observable change.

        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::timingDidChange):
        (WebCore::WebAnimation::tick):
        (WebCore::WebAnimation::resolve):
        * animation/WebAnimation.h:

2018-12-17  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r233268): Elements animated in from offscreen sometimes don't display
        https://bugs.webkit.org/show_bug.cgi?id=192725
        rdar://problem/46011418

        Reviewed by Antoine Quint.

        There were two problems with backing store attachment and animation.
        
        First, animations are an input into the "backing store attached" logic, so when they change
        we should set the CoverageRectChanged bit on GraphicsLayerCA.
        
        Secondly, when an ancestor has unknown animation extent, all its descendants need to
        get backing store, so we need to set childCommitState.ancestorWithTransformAnimationIntersectsCoverageRect when
        the current layer has no animation extent.

        Tests: compositing/backing/animate-into-view-with-descendant.html
               compositing/backing/animate-into-view.html

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::addAnimation):
        (WebCore::GraphicsLayerCA::removeAnimation):
        (WebCore::GraphicsLayerCA::recursiveCommitChanges):

2018-12-17  Zalan Bujtas  <zalan@apple.com>

        [LFC][BFC][MarginCollapsing] Unify margin collapse function naming
        https://bugs.webkit.org/show_bug.cgi?id=192747

        Reviewed by Antti Koivisto.

        Rename some margin collapse getters.

        * layout/blockformatting/BlockFormattingContext.h:
        * layout/blockformatting/BlockFormattingContextGeometry.cpp:
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowNonReplacedHeightAndMargin):
        * layout/blockformatting/BlockMarginCollapse.cpp:
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::computedNonCollapsedMarginBefore):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::computedNonCollapsedMarginAfter):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::nonCollapsedMarginBefore):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::nonCollapsedMarginAfter):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::collapsedMarginBeforeFromFirstChild):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::collapsedMarginAfterFromLastChild):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginBeforeCollapsesWithParentMarginAfter):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginBeforeCollapsesWithParentMarginBefore):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginAfterCollapsesWithParentMarginAfter):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginBeforeCollapsesWithPreviousSibling):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginAfterCollapsesWithNextSibling):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginsCollapseThrough):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginBefore):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginAfter):
        (WebCore::Layout::isMarginBeforeCollapsedWithSibling): Deleted.
        (WebCore::Layout::isMarginAfterCollapsedWithSibling): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::isMarginBeforeCollapsedWithParent): Deleted.
        (WebCore::Layout::isMarginAfterCollapsedThrough): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::isMarginAfterCollapsedWithParent): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::isMarginBeforeCollapsedWithParentMarginAfter): Deleted.

2018-12-17  David Kilzer  <ddkilzer@apple.com>

        clang-tidy: loop variable is copied but only used as const reference in WebCore, WebKit, Tools
        <https://webkit.org/b/192751>
        <rdar://problem/46771623>

        Reviewed by Daniel Bates.

        Change loop variables to const references to avoid unnecessary
        copies.

        * Modules/indexeddb/server/MemoryBackingStoreTransaction.cpp:
        (WebCore::IDBServer::MemoryBackingStoreTransaction::abort):
        * Modules/indexeddb/server/MemoryObjectStore.cpp:
        (WebCore::IDBServer::MemoryObjectStore::populateIndexWithExistingRecords):
        * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
        (WebCore::IDBServer::UniqueIDBDatabase::maybeNotifyConnectionsOfVersionChange):
        * Modules/indexeddb/server/UniqueIDBDatabaseTransaction.cpp:
        (WebCore::IDBServer::UniqueIDBDatabaseTransaction::objectStoreIdentifiers):
        * Modules/indexeddb/shared/IDBDatabaseInfo.cpp:
        (WebCore::IDBDatabaseInfo::IDBDatabaseInfo):
        (WebCore::IDBDatabaseInfo::loggingString const):
        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::removeSamplesFromTrackBuffer):
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::targetElementForActiveDescendant const):
        * accessibility/AccessibilityTableRow.cpp:
        (WebCore::AccessibilityTableRow::headerObject):
        * animation/KeyframeEffect.cpp:
        (WebCore::KeyframeEffect::computedNeedsForcedLayout):
        * crypto/keys/CryptoKeyRSA.cpp:
        (WebCore::CryptoKeyRSA::importJwk):
        (WebCore::CryptoKeyRSA::exportJwk const):
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::OrderedNamedLinesCollector::appendLines const):
        * dom/DataTransfer.cpp:
        (WebCore::readURLsFromPasteboardAsString):
        * dom/TreeScope.cpp:
        (WebCore::TreeScope::elementsFromPoint):
        * html/track/WebVTTParser.cpp:
        (WebCore::WebVTTParser::checkAndStoreRegion):
        * inspector/agents/InspectorTimelineAgent.cpp:
        (WebCore::InspectorTimelineAgent::setInstruments):
        * page/Page.cpp:
        (WebCore::Page::updateIntersectionObservations):
        * page/TextIndicator.cpp:
        (WebCore::estimatedBackgroundColorForRange):
        * page/animation/KeyframeAnimation.cpp:
        (WebCore::KeyframeAnimation::computeLayoutDependency):
        * platform/graphics/DisplayRefreshMonitorManager.cpp:
        (WebCore::DisplayRefreshMonitorManager::displayWasUpdated):
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::moveOrCopyAnimations):
        (WebCore::GraphicsLayerCA::updateAnimations):
        (WebCore::GraphicsLayerCA::isRunningTransformAnimation const):
        * platform/graphics/mac/ImageMac.mm:
        (WebCore::BitmapImage::tiffRepresentation):
        * rendering/HitTestResult.cpp:
        (WebCore::HitTestResult::append):
        * testing/Internals.cpp:
        (WebCore::Internals::acceleratedAnimationsForElement):

2018-12-17  Ms2ger  <Ms2ger@igalia.com>

        [GTK][WPE] Need a function to convert internal URI to display ("pretty") URI
        https://bugs.webkit.org/show_bug.cgi?id=174816

        Reviewed by Michael Catanzaro.

        Tests: enabled fast/url/user-visible/.

        * testing/Internals.cpp:
        (WebCore::Internals::userVisibleString): Enable method on all platforms.

2018-12-15  Yusuke Suzuki  <yusukesuzuki@slowstart.org>

        Null pointer dereference in JSC::WriteBarrierBase()
        https://bugs.webkit.org/show_bug.cgi?id=191252

        Reviewed by Keith Miller.

        * bindings/js/JSCustomElementRegistryCustom.cpp:
        (WebCore::JSCustomElementRegistry::whenDefined):
        * bindings/js/JSDOMPromiseDeferred.cpp:
        (WebCore::createDeferredPromise):
        * bindings/js/JSDOMPromiseDeferred.h:
        (WebCore::DeferredPromise::create):
        (WebCore::callPromiseFunction):
        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::JSDOMWindowBase::moduleLoaderFetch):
        (WebCore::JSDOMWindowBase::moduleLoaderImportModule):
        * bindings/js/ScriptModuleLoader.cpp:
        (WebCore::ScriptModuleLoader::fetch):
        (WebCore::rejectPromise):

2018-12-15  Darin Adler  <darin@apple.com>

        Use warning-ignoring macros more consistently and simply
        https://bugs.webkit.org/show_bug.cgi?id=192743

        Reviewed by Mark Lam.

        * bridge/objc/WebScriptObject.mm: Use IGNORE_WARNINGS_BEGIN rather than
        IGNORE_CLANG_WARNINGS_BEGIN here. There is no need to compile Objective-C++
        files like this one with non-clang compilers, and no need to worry about
        them when choosing the macro.

        * crypto/mac/CryptoKeyRSAMac.cpp:
        (WebCore::getPublicKeyComponents): Use ALLOW_DEPRECATED_DECLARATIONS_BEGIN/END.

        * css/makeprop.pl: Use IGNORE_WARNINGS_BEGIN/END, obviating the need for
        the "unknown-pragmas" trick, which the macro should take care of.
        * css/makevalues.pl: Ditto.
        * platform/ColorData.gperf: Ditto.

        * platform/graphics/avfoundation/objc/CDMSessionAVStreamSession.mm:
        (WebCore::CDMSessionAVStreamSession::update): Use IGNORE_WARNINGS_BEGIN/END
        (see rationale above for Objective-C++).

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::videoPlaybackQualityMetrics): Use
        ALLOW_NEW_API_WITHOUT_GUARDS_BEGIN/END.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::videoPlaybackQualityMetrics): Ditto.

        * platform/ios/DragImageIOS.mm: Use IGNORE_WARNINGS_BEGIN/END
        (see rationale above for Objective-C++).

        * platform/ios/VideoFullscreenInterfaceAVKit.mm:
        (-[WebAVPlayerViewController setWebKitOverrideRouteSharingPolicy:routingContextUID:]):
        Use ALLOW_NEW_API_WITHOUT_GUARDS_BEGIN/END.

        * platform/mac/WebPlaybackControlsManager.mm: Use IGNORE_WARNINGS_BEGIN/END
        (see rationale above for Objective-C++).

        * platform/network/cocoa/ResourceResponseCocoa.mm:
        (WebCore::ResourceResponse::platformCertificateInfo const): Use
        ALLOW_DEPRECATED_DECLARATIONS_BEGIN/END.

2018-12-15  Darin Adler  <darin@apple.com>

        Replace many uses of String::format with more type-safe alternatives
        https://bugs.webkit.org/show_bug.cgi?id=192742

        Reviewed by Mark Lam.

        A while back, String::format was more efficient than string concatenation,
        but that is no longer true, and we should prefer String::number, makeString,
        or concatenation with the "+" operator to String::format for new code.

        This is not as good for programmers who are fond of printf formatting
        style, and in some cases it's a little harder to read the strings
        interspersed with variables rather than a format string, but it's better
        in a few ways:

        - more efficient (I didn't measure the difference, but it's definitely
          slower to use String::Format which calls vsnprintf twice than to use
          the WTF code)
        - works in a type-safe way without a need to use a format specifier such
          as "%" PRIu64 or "%tu" making it much easier to avoid problems due to
          subtle differences between platforms
        - allows us to use StringView in some cases to sidestep the need to
          allocate temporary WTF::String objects
        - does not require converting each WTF::String to a C string, allowing
          us to remove many cases of ".utf8().data()" and similar expressions,
          eliminating the allocation of temporary WTF::CString objects

        This patch covers a batch of easiest-to-convert call sites.
        Later patches will allow us to deprecate or remove String::format.

        * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
        (WebCore::IDBServer::SQLiteIDBBackingStore::addRecord): Use makeString.
        * Modules/indexeddb/shared/IDBCursorInfo.cpp:
        (WebCore::IDBCursorInfo::loggingString const): Ditto.
        * Modules/indexeddb/shared/IDBGetAllRecordsData.cpp:
        (WebCore::IDBGetAllRecordsData::loggingString const): Ditto.
        * Modules/indexeddb/shared/IDBGetRecordData.cpp:
        (WebCore::IDBGetRecordData::loggingString const): Ditto.
        * Modules/indexeddb/shared/IDBIndexInfo.cpp:
        (WebCore::IDBIndexInfo::loggingString const): Ditto.
        (WebCore::IDBIndexInfo::condensedLoggingString const): Ditto.
        * Modules/indexeddb/shared/IDBIterateCursorData.cpp:
        (WebCore::IDBIterateCursorData::loggingString const): Ditto.
        * Modules/indexeddb/shared/IDBObjectStoreInfo.cpp:
        (WebCore::IDBObjectStoreInfo::condensedLoggingString const): Ditto.
        * Modules/indexeddb/shared/IDBResourceIdentifier.cpp:
        (WebCore::IDBResourceIdentifier::loggingString const): Ditto.
        * Modules/webdatabase/Database.cpp:
        (WebCore::formatErrorMessage): Ditto.
        * Modules/webdatabase/SQLError.h:
        (WebCore::SQLError::create): Ditto.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation): Use makeString.

        * bindings/scripts/test/JS/JSInterfaceName.cpp:
        * bindings/scripts/test/JS/JSMapLike.cpp:
        * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        * bindings/scripts/test/JS/JSTestCEReactions.cpp:
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
        * bindings/scripts/test/JS/JSTestCallTracer.cpp:
        * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
        * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
        * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
        * bindings/scripts/test/JS/JSTestEnabledBySetting.cpp:
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        * bindings/scripts/test/JS/JSTestException.cpp:
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
        * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
        * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp:
        * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp:
        * bindings/scripts/test/JS/JSTestIterable.cpp:
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp:
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp:
        * bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp:
        * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp:
        * bindings/scripts/test/JS/JSTestNode.cpp:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
        * bindings/scripts/test/JS/JSTestPluginInterface.cpp:
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:
        * bindings/scripts/test/JS/JSTestSerialization.cpp:
        * bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.cpp:
        * bindings/scripts/test/JS/JSTestSerializationInherit.cpp:
        * bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp:
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
        * bindings/scripts/test/JS/JSTestStringifier.cpp:
        * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp:
        * bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp:
        * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp:
        * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp:
        * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp:
        * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp:
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        Updated expected results.
:
        * css/parser/CSSPropertyParserHelpers.cpp:
        (WebCore::CSSPropertyParserHelpers::parseHexColor): Use String::number
        and makeString.

        * html/HTMLSelectElement.cpp:
        (WebCore::HTMLSelectElement::setLength): Use makeString.
        * html/ImageDocument.cpp:
        (WebCore::ImageDocument::imageUpdated): Ditto.
        * html/parser/XSSAuditor.cpp:
        (WebCore::XSSAuditor::init): Ditto.
        * inspector/InspectorFrontendClientLocal.cpp:
        (WebCore::InspectorFrontendClientLocal::setDockingUnavailable): Ditto.
        (WebCore::InspectorFrontendClientLocal::setAttachedWindow): Ditto.
        (WebCore::InspectorFrontendClientLocal::setDebuggingEnabled): Ditto.
        (WebCore::InspectorFrontendClientLocal::setTimelineProfilingEnabled): Ditto.
        (WebCore::InspectorFrontendClientLocal::showMainResourceForFrame): Ditto.
        * inspector/agents/InspectorCSSAgent.cpp: Ditto.
        * inspector/agents/InspectorIndexedDBAgent.cpp: Ditto.
        * page/MemoryRelease.cpp:
        (WebCore::logMemoryStatisticsAtTimeOfDeath): Ditto.

        * page/cocoa/ResourceUsageOverlayCocoa.mm:
        (WebCore::formatByteNumber): Use String::number.
        (WebCore::ResourceUsageOverlay::platformDraw): Use string concatenation.

        * page/cocoa/ResourceUsageThreadCocoa.mm:
        (WebCore::logFootprintComparison): Use makeString.
        * platform/animation/TimingFunction.cpp:
        (WebCore::TimingFunction::cssText const): Ditto.

        * platform/graphics/avfoundation/AVTrackPrivateAVFObjCImpl.mm:
        (WebCore::AVTrackPrivateAVFObjCImpl::id const): Use AtomicString::number.
        * platform/graphics/avfoundation/objc/MediaSampleAVFObjC.h:
        (WebCore::MediaSampleAVFObjC::MediaSampleAVFObjC): Ditto.

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::setContentsToSolidColor): Use makeString.
        (WebCore::GraphicsLayerCA::updateContentsImage): Ditto.
        (WebCore::GraphicsLayerCA::updateContentsRects): Ditto.
        (WebCore::GraphicsLayerCA::createTransformAnimationsFromKeyframes): Ditto.
        * platform/mock/MockRealtimeVideoSource.cpp:
        (WebCore::MockRealtimeVideoSource::drawText): Ditto.

        * platform/mock/mediasource/MockSourceBufferPrivate.cpp: Use String::number.

        * platform/network/ParsedContentRange.cpp:
        (WebCore::ParsedContentRange::headerValue const): Use makeString.

        * platform/network/cf/NetworkStorageSessionCFNet.cpp: Removed some unnecessary
        compiler conditionals and reorganized the start/stop of namespaces.
        (WebCore::NetworkStorageSession::switchToNewTestingSession): Use makeString.

        * platform/sql/SQLiteDatabase.cpp:
        (WebCore::unauthorizedSQLFunction): Use makeString.
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::logLayerInfo): Ditto.
        * workers/service/server/RegistrationDatabase.cpp:
        (WebCore::RegistrationDatabase::ensureValidRecordsTable): Ditto.
        (WebCore::RegistrationDatabase::importRecords): Ditto.

2018-12-15  Youenn Fablet  <youenn@apple.com>

        Make RTCRtpSender.setParameters to activate specific encodings
        https://bugs.webkit.org/show_bug.cgi?id=192732

        Reviewed by Eric Carlson.

        The conversion between libwebrtc and WebCore is lossy for send parameters.
        Libwebrtc checking the differences of values, call to setParameters will often fail.

        Given some parameters cannot be exposed, the sender backend keeps the
        current set of parameters when gathered and reuses them when parameters are set.

        For encodings, we only change activate/maxBitRate/maxFrameRate as
        these are the most important parameters to be able to modify.

        Covered by added tests in webrtc/video.html.

        * Modules/mediastream/libwebrtc/LibWebRTCRtpSenderBackend.cpp:
        (WebCore::LibWebRTCRtpSenderBackend::getParameters const):
        (WebCore::LibWebRTCRtpSenderBackend::setParameters):
        * Modules/mediastream/libwebrtc/LibWebRTCRtpSenderBackend.h:
        * Modules/mediastream/libwebrtc/LibWebRTCUtils.cpp:
        (WebCore::fromRTCRtpSendParameters):
        (WebCore::fromRTCEncodingParameters): Deleted.
        * Modules/mediastream/libwebrtc/LibWebRTCUtils.h:

2018-12-14  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Avoid creating and evaluating in the InspectorOverlay page on iOS as it is unused
        https://bugs.webkit.org/show_bug.cgi?id=192724
        <rdar://problem/46745911>

        Reviewed by Devin Rousso.

        iOS never installs the InspectorOverlay page as a page overlay.
        It also uses its own node highlighting painting. Avoid any work
        and resources associated with the overlay page for iOS.

        * inspector/InspectorOverlay.cpp:
        (WebCore::InspectorOverlay::paint):
        (WebCore::InspectorOverlay::update):
        (WebCore::InspectorOverlay::overlayPage):
        (WebCore::evaluateCommandInOverlay):

2018-12-14  Youenn Fablet  <youenn@apple.com>

        MediaRecorderPrivateAVFImpl should have a Ref<MediaRecorderPrivateWriter> as member
        https://bugs.webkit.org/show_bug.cgi?id=192720

        Reviewed by Eric Carlson.

        Make sure that MediaRecorderPrivateAVFImpl takes a Ref<MediaRecorderPrivateWriter> as member,
        as the latter is a ref counted object.
        Made some refactoring to return early in case of error.

        Also made sure that in the case of a MediaRecorder stopped by a track removal in the recorded stream
        the MediaRecorder will stop listening for its tracks.
        Otherwise, the tracks will continue calling the MediaRecorder even after it is dead.

        Test: http/wpt/mediarecorder/MediaRecorder-onremovetrack.html

        * Modules/mediarecorder/MediaRecorder.cpp:
        (WebCore::MediaRecorder::didAddOrRemoveTrack):
        (WebCore::MediaRecorder::setNewRecordingState): Deleted.
        * Modules/mediarecorder/MediaRecorder.h:
        * platform/mediarecorder/MediaRecorderPrivateAVFImpl.cpp:
        (WebCore::MediaRecorderPrivateAVFImpl::create):
        (WebCore::MediaRecorderPrivateAVFImpl::MediaRecorderPrivateAVFImpl):
        (WebCore::MediaRecorderPrivateAVFImpl::sampleBufferUpdated):
        (WebCore::MediaRecorderPrivateAVFImpl::audioSamplesAvailable):
        (WebCore::MediaRecorderPrivateAVFImpl::stopRecording):
        (WebCore::MediaRecorderPrivateAVFImpl::fetchData):
        * platform/mediarecorder/MediaRecorderPrivateAVFImpl.h:
        * platform/mediarecorder/cocoa/MediaRecorderPrivateWriterCocoa.h:
        * platform/mediarecorder/cocoa/MediaRecorderPrivateWriterCocoa.mm:
        (WebCore::MediaRecorderPrivateWriter::create):
        (WebCore::MediaRecorderPrivateWriter::MediaRecorderPrivateWriter):
        (WebCore::MediaRecorderPrivateWriter::appendAudioSampleBuffer):
        (WebCore::MediaRecorderPrivateWriter::setupWriter): Deleted.

2018-12-14  Youenn Fablet  <youenn@apple.com>

        getSenders/getReceivers() should not return closed transceiver senders/receivers
        https://bugs.webkit.org/show_bug.cgi?id=192706

        Reviewed by Eric Carlson.

        Updated as per https://github.com/w3c/webrtc-pc/commit/85284b76baebf9e149d194e692be16a21768a91a
        This forces us to compute the sender/receiver list at getter call time.
        Updated the internal call sites of senders to use the list of transceivers instead.

        Covered by updated WPT tests.

        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::RTCPeerConnection::addTrack):
        (WebCore::RTCPeerConnection::getSenders const):
        (WebCore::RTCPeerConnection::getReceivers const):
        * Modules/mediastream/RTCPeerConnection.h:
        * Modules/mediastream/RTCRtpTransceiver.cpp:
        (WebCore::RTCRtpTransceiver::stopped const):
        (WebCore::RtpTransceiverSet::append):
        (WebCore::RtpTransceiverSet::senders const):
        (WebCore::RtpTransceiverSet::receivers const):
        * Modules/mediastream/RTCRtpTransceiver.h:
        (WebCore::RtpTransceiverSet::senders const): Deleted.
        (WebCore::RtpTransceiverSet::receivers const): Deleted.
        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
        (WebCore::findExistingSender):
        (WebCore::LibWebRTCPeerConnectionBackend::addTrack):

2018-12-14  David Kilzer  <ddkilzer@apple.com>

        clang-tidy: Fix unnecessary copy of objects for operator==() methods
        <https://webkit.org/b/192712>
        <rdar://problem/46739332>

        Reviewed by Andy Estes.

        * contentextensions/HashableActionList.h:
        (WebCore::ContentExtensions::HashableActionList::operator== const):
        (WebCore::ContentExtensions::HashableActionList::operator!= const):
        * platform/network/FormData.h:
        (WebCore::FormDataElement::EncodedFileData::operator== const):
        (WebCore::FormDataElement::EncodedBlobData::operator== const):
        - Change arguments from const to const reference to avoid
          copies.

2018-12-14  Jer Noble  <jer.noble@apple.com>

        CRASH in CDMInstanceSessionFairPlayStreamingAVFObjC::closeSession(WTF::String const&, WTF::Function<void ()>&&)
        https://bugs.webkit.org/show_bug.cgi?id=192713
        <rdar://problem/46739706>

        Reviewed by Eric Carlson.

        A callback is being called twice, and the second time has a null Promise. Instead of these
        callbacks being WTF::Function, make them WTF::CompletionHandlers, which self-nullify and
        have ASSERTS() that they are called once-and-only-once.

        * platform/encryptedmedia/CDMInstanceSession.h:
        * platform/encryptedmedia/clearkey/CDMClearKey.cpp:
        (WebCore::CDMInstanceSessionClearKey::closeSession):
        * platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.mm:
        (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::closeSession):
        (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::didProvideRequest):
        (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::didProvideRenewingRequest):
        (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::didFailToProvideRequest):
        (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::requestDidSucceed):

2018-12-14  David Kilzer  <ddkilzer@apple.com>

        clang-tidy: Fix unnecessary object copies in WebCore/platform/graphics/avfoundation/objc/
        <https://webkit.org/b/192708>
        <rdar://problem/46735907>

        Reviewed by Jer Noble.

        * platform/graphics/avfoundation/objc/ImageDecoderAVFObjC.mm:
        (WebCore::toSample):
        - Make argument a const reference.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        - Update method signatures for implementation changes.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setAsset):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::seekableTimeRangesDidChange):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::loadedTimeRangesDidChange):
        - Make RetainPtr<> argument an rvalue reference and use WTFMove().
        (WebCore::MediaPlayerPrivateAVFoundationObjC::metadataDidArrive):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::tracksDidChange):
        - Make RetainPtr<> argument a const reference.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setVolume):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setMuted):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setPreservesPitch):
        - Change for loop keys to be const references.

        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
        - Update method signatures for implementation changes.
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        (WebCore::SourceBufferPrivateAVFObjC::fastSeekTimeForMediaTime):
        (WebCore::SourceBufferPrivateAVFObjC::seekToTime):
        - Make Mediatime arguments a const reference.

2018-12-14  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r233268): contents of an animated element inside overflow:hidden disappear
        https://bugs.webkit.org/show_bug.cgi?id=188655
        rdar://problem/43382687

        Reviewed by Antoine Quint.

        The logic that computes animation extent, used by backing store attachment code, failed
        to account for the behavior where a keyframe animation with a missing 0% keyframe uses
        the transform from the unanimated style. This resulted in the computed extent being wrong,
        which caused us to remove the layer's backing store in some scenarios.

        Fix both animation code paths to use the renderer style if the first keyframe doesn't
        contain a transform.

        Tests: compositing/backing/backing-store-attachment-empty-keyframe.html
               legacy-animation-engine/compositing/backing/backing-store-attachment-empty-keyframe.html

        * animation/KeyframeEffect.cpp:
        (WebCore::KeyframeEffect::computeExtentOfTransformAnimation const):
        * page/animation/KeyframeAnimation.cpp:
        (WebCore::KeyframeAnimation::computeExtentOfTransformAnimation const):

2018-12-14  Chris Dumez  <cdumez@apple.com>

        [PSON] Stop exposing PolicyAction::Suspend to WebCore
        https://bugs.webkit.org/show_bug.cgi?id=192701

        Reviewed by Brady Eidson.

        Drop PolicyAction::Suspend enum value and stop dealing with it in WebCore.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::continueAfterContentPolicy):
        * loader/FrameLoaderTypes.h:
        * loader/PolicyChecker.cpp:
        (WebCore::PolicyChecker::checkNavigationPolicy):
        (WebCore::PolicyChecker::checkNewWindowPolicy):

2018-12-14  Youenn Fablet  <youenn@apple.com>

        IDB should store RTCCertificate
        https://bugs.webkit.org/show_bug.cgi?id=192599

        Reviewed by Brady Eidson.

        In case there is no script execution context, do not create a JS DOM wrapper for RTCCertificate.
        Instead, create an empty object so that the deserialization can still succeed.
        This should only impact IDB deserialization in the Network Process which does not need the actual JS DOM wrapper.

        Test: webrtc/certificates-indexeddb.html

        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneDeserializer::readTerminal):

2018-12-14  Zalan Bujtas  <zalan@apple.com>

        [LFC][BFC] Transition to logical margin types.
        https://bugs.webkit.org/show_bug.cgi?id=192699

        Reviewed by Antti Koivisto.

        This is in preparation for moving over to logical types.
        (This patch also transitions to singlular margin naming (verticalMargins -> VerticalMargin))

        * layout/FormattingContext.cpp:
        (WebCore::Layout::FormattingContext::computeOutOfFlowHorizontalGeometry const):
        (WebCore::Layout::FormattingContext::computeOutOfFlowVerticalGeometry const):
        (WebCore::Layout::FormattingContext::validateGeometryConstraintsAfterLayout const):
        * layout/FormattingContext.h:
        * layout/FormattingContextGeometry.cpp:
        (WebCore::Layout::staticVerticalPositionForOutOfFlowPositioned):
        (WebCore::Layout::FormattingContext::Geometry::outOfFlowNonReplacedVerticalGeometry):
        (WebCore::Layout::FormattingContext::Geometry::outOfFlowNonReplacedHorizontalGeometry):
        (WebCore::Layout::FormattingContext::Geometry::outOfFlowReplacedVerticalGeometry):
        (WebCore::Layout::FormattingContext::Geometry::outOfFlowReplacedHorizontalGeometry):
        (WebCore::Layout::FormattingContext::Geometry::complicatedCases):
        (WebCore::Layout::FormattingContext::Geometry::floatingNonReplacedWidthAndMargin):
        (WebCore::Layout::FormattingContext::Geometry::floatingReplacedWidthAndMargin):
        (WebCore::Layout::FormattingContext::Geometry::inlineReplacedHeightAndMargin):
        (WebCore::Layout::FormattingContext::Geometry::inlineReplacedWidthAndMargin):
        (WebCore::Layout::FormattingContext::Geometry::computedNonCollapsedHorizontalMarginValue):
        (WebCore::Layout::FormattingContext::Geometry::computedNonCollapsedVerticalMarginValue):
        * layout/FormattingContextQuirks.cpp:
        (WebCore::Layout::FormattingContext::Quirks::heightValueOfNearestContainingBlockWithFixedHeight):
        * layout/MarginTypes.h:
        (WebCore::Layout::VerticalMargin::usedValues const):
        * layout/Verification.cpp:
        (WebCore::Layout::outputMismatchingBlockBoxInformationIfNeeded):
        * layout/blockformatting/BlockFormattingContext.cpp:
        (WebCore::Layout::BlockFormattingContext::computeEstimatedMarginBefore const):
        (WebCore::Layout::BlockFormattingContext::computeEstimatedMarginBeforeForAncestors const):
        (WebCore::Layout::BlockFormattingContext::precomputeVerticalPositionForFormattingRootIfNeeded const):
        (WebCore::Layout::hasPrecomputedMarginBefore):
        (WebCore::Layout::BlockFormattingContext::computeFloatingPosition const):
        (WebCore::Layout::BlockFormattingContext::computePositionToAvoidFloats const):
        (WebCore::Layout::BlockFormattingContext::computeVerticalPositionForFloatClear const):
        (WebCore::Layout::BlockFormattingContext::computeWidthAndMargin const):
        (WebCore::Layout::BlockFormattingContext::computeHeightAndMargin const):
        (WebCore::Layout::BlockFormattingContext::computeEstimatedMarginTop const): Deleted.
        (WebCore::Layout::BlockFormattingContext::computeEstimatedMarginTopForAncestors const): Deleted.
        (WebCore::Layout::hasPrecomputedMarginTop): Deleted.
        * layout/blockformatting/BlockFormattingContext.h:
        * layout/blockformatting/BlockFormattingContextGeometry.cpp:
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowNonReplacedHeightAndMargin):
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowNonReplacedWidthAndMargin):
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowReplacedWidthAndMargin):
        (WebCore::Layout::BlockFormattingContext::Geometry::staticPosition):
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowHeightAndMargin):
        (WebCore::Layout::BlockFormattingContext::Geometry::instrinsicWidthConstraints):
        (WebCore::Layout::BlockFormattingContext::Geometry::estimatedMarginBefore):
        (WebCore::Layout::BlockFormattingContext::Geometry::estimatedMarginAfter):
        (WebCore::Layout::BlockFormattingContext::Geometry::estimatedMarginTop): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::estimatedMarginBottom): Deleted.
        * layout/blockformatting/BlockFormattingContextQuirks.cpp:
        (WebCore::Layout::hasMarginBeforeQuirkValue):
        (WebCore::Layout::BlockFormattingContext::Quirks::stretchedHeight):
        (WebCore::Layout::BlockFormattingContext::Quirks::shouldIgnoreMarginBefore):
        (WebCore::Layout::hasMarginTopQuirkValue): Deleted.
        (WebCore::Layout::BlockFormattingContext::Quirks::shouldIgnoreMarginTop): Deleted.
        * layout/blockformatting/BlockMarginCollapse.cpp:
        (WebCore::Layout::isMarginBeforeCollapsedWithSibling):
        (WebCore::Layout::isMarginAfterCollapsedWithSibling):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::isMarginBeforeCollapsedWithParent):
        (WebCore::Layout::isMarginAfterCollapsedThrough):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::collapsedMarginBeforeFromFirstChild):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::nonCollapsedMarginBefore):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::computedNonCollapsedMarginBefore):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::computedNonCollapsedMarginAfter):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginBefore):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginAfter):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::isMarginAfterCollapsedWithParent):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::isMarginBeforeCollapsedWithParentMarginAfter):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::collapsedMarginAfterFromLastChild):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::nonCollapsedMarginAfter):
        (WebCore::Layout::isMarginTopCollapsedWithSibling): Deleted.
        (WebCore::Layout::isMarginBottomCollapsedWithSibling): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::isMarginTopCollapsedWithParent): Deleted.
        (WebCore::Layout::isMarginBottomCollapsedThrough): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::collapsedMarginTopFromFirstChild): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::nonCollapsedMarginTop): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::computedNonCollapsedMarginTop): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::computedNonCollapsedMarginBottom): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginTop): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginBottom): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::isMarginBottomCollapsedWithParent): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::isMarginTopCollapsedWithParentMarginBottom): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::collapsedMarginBottomFromLastChild): Deleted.
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::nonCollapsedMarginBottom): Deleted.
        * layout/displaytree/DisplayBox.cpp:
        (WebCore::Display::Box::Box):
        (WebCore::Display::Box::marginBox const):
        (WebCore::Display::Box::nonCollapsedMarginBox const):
        * layout/displaytree/DisplayBox.h:
        (WebCore::Display::Box::rectWithMargin const):
        (WebCore::Display::Box::estimatedMarginBefore const):
        (WebCore::Display::Box::setEstimatedMarginBefore):
        (WebCore::Display::Box::top const):
        (WebCore::Display::Box::topLeft const):
        (WebCore::Display::Box::setVerticalMargin):
        (WebCore::Display::Box::marginBefore const):
        (WebCore::Display::Box::marginStart const):
        (WebCore::Display::Box::marginAfter const):
        (WebCore::Display::Box::marginEnd const):
        (WebCore::Display::Box::nonCollapsedMarginBefore const):
        (WebCore::Display::Box::nonCollapsedMarginAfter const):
        (WebCore::Display::Box::nonComputedMarginStart const):
        (WebCore::Display::Box::nonComputedMarginEnd const):
        (WebCore::Display::Box::estimatedMarginTop const): Deleted.
        (WebCore::Display::Box::setEstimatedMarginTop): Deleted.
        (WebCore::Display::Box::marginTop const): Deleted.
        (WebCore::Display::Box::marginLeft const): Deleted.
        (WebCore::Display::Box::marginBottom const): Deleted.
        (WebCore::Display::Box::marginRight const): Deleted.
        (WebCore::Display::Box::nonCollapsedMarginTop const): Deleted.
        (WebCore::Display::Box::nonCollapsedMarginBottom const): Deleted.
        (WebCore::Display::Box::nonComputedMarginLeft const): Deleted.
        (WebCore::Display::Box::nonComputedMarginRight const): Deleted.
        * layout/floats/FloatAvoider.cpp:
        (WebCore::Layout::FloatAvoider::setHorizontalConstraints):
        (WebCore::Layout::FloatAvoider::initialHorizontalPosition const):
        (WebCore::Layout::FloatAvoider::overflowsContainingBlock const):
        * layout/floats/FloatAvoider.h:
        (WebCore::Layout::FloatAvoider::marginBefore const):
        (WebCore::Layout::FloatAvoider::marginAfter const):
        (WebCore::Layout::FloatAvoider::marginStart const):
        (WebCore::Layout::FloatAvoider::marginEnd const):
        (WebCore::Layout::FloatAvoider::marginBoxWidth const):
        (WebCore::Layout::FloatAvoider::marginTop const): Deleted.
        (WebCore::Layout::FloatAvoider::marginBottom const): Deleted.
        (WebCore::Layout::FloatAvoider::marginLeft const): Deleted.
        (WebCore::Layout::FloatAvoider::marginRight const): Deleted.
        * layout/floats/FloatBox.cpp:
        (WebCore::Layout::FloatBox::rect const):
        (WebCore::Layout::FloatBox::horizontalPositionCandidate):
        (WebCore::Layout::FloatBox::verticalPositionCandidate):
        (WebCore::Layout::FloatBox::initialVerticalPosition const):
        * layout/floats/FloatingContext.cpp:
        (WebCore::Layout::FloatingContext::positionForFloat const):
        (WebCore::Layout::FloatingContext::verticalPositionWithClearance const):
        * layout/inlineformatting/InlineFormattingContext.cpp:
        (WebCore::Layout::InlineFormattingContext::collectInlineContentForSubtree const):

2018-12-14  Zalan Bujtas  <zalan@apple.com>

        [LFC][BFC] Introduce VerticalMargin and HorizontalMargin types.
        https://bugs.webkit.org/show_bug.cgi?id=192692

        Reviewed by Antti Koivisto.

        This is in preparation for completing block margin collapsing.

        * WebCore.xcodeproj/project.pbxproj:
        * layout/FormattingContext.cpp:
        (WebCore::Layout::FormattingContext::computeOutOfFlowVerticalGeometry const):
        * layout/FormattingContext.h:
        * layout/FormattingContextGeometry.cpp:
        (WebCore::Layout::FormattingContext::Geometry::outOfFlowNonReplacedVerticalGeometry):
        (WebCore::Layout::FormattingContext::Geometry::outOfFlowReplacedVerticalGeometry):
        (WebCore::Layout::FormattingContext::Geometry::complicatedCases):
        (WebCore::Layout::FormattingContext::Geometry::inlineReplacedHeightAndMargin):
        (WebCore::Layout::FormattingContext::Geometry::computedNonCollapsedHorizontalMarginValue):
        (WebCore::Layout::FormattingContext::Geometry::computedNonCollapsedVerticalMarginValue):
        * layout/LayoutState.cpp:
        (WebCore::Layout::LayoutState::LayoutState):
        * layout/LayoutUnits.h:
        (WebCore::Layout::HeightAndMargin::usedMarginValues const): Deleted.
        * layout/MarginTypes.h: Added.
        (WebCore::Layout::VerticalMargin::nonCollapsedValues const):
        (WebCore::Layout::VerticalMargin::collapsedValues const):
        (WebCore::Layout::VerticalMargin::setCollapsedValues):
        (WebCore::Layout::VerticalMargin::VerticalMargin):
        (WebCore::Layout::VerticalMargin::usedValues const):
        * layout/blockformatting/BlockFormattingContext.cpp:
        (WebCore::Layout::BlockFormattingContext::computeHeightAndMargin const):
        * layout/blockformatting/BlockFormattingContextGeometry.cpp:
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowNonReplacedHeightAndMargin):
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowHeightAndMargin):
        * layout/blockformatting/BlockFormattingContextQuirks.cpp:
        (WebCore::Layout::BlockFormattingContext::Quirks::stretchedHeight):
        * layout/displaytree/DisplayBox.cpp:
        (WebCore::Display::Box::Box):
        * layout/displaytree/DisplayBox.h:
        (WebCore::Display::Box::setHorizontalMargin):
        (WebCore::Display::Box::setVerticalMargin):
        (WebCore::Display::Box::setHorizontalNonComputedMargin):
        (WebCore::Display::Box::verticalMargin const):
        (WebCore::Display::Box::marginTop const):
        (WebCore::Display::Box::marginLeft const):
        (WebCore::Display::Box::marginBottom const):
        (WebCore::Display::Box::marginRight const):
        (WebCore::Display::Box::nonCollapsedMarginTop const):
        (WebCore::Display::Box::nonCollapsedMarginBottom const):
        (WebCore::Display::Box::setVerticalNonCollapsedMargin): Deleted.
        * layout/floats/FloatingContext.cpp:
        (WebCore::Layout::FloatingContext::verticalPositionWithClearance const):
        * layout/inlineformatting/InlineFormattingContext.cpp:
        (WebCore::Layout::InlineFormattingContext::computeHeightAndMargin const):

2018-12-14  Fujii Hironori  <Hironori.Fujii@sony.com>

        [Win][Clang] Fix compilation warnings under Source/WebCore/platform/win
        https://bugs.webkit.org/show_bug.cgi?id=192693

        Reviewed by Ross Kirsling.

        No new tests, no behavior changes.

        * platform/win/ClipboardUtilitiesWin.cpp: Reordered ClipboardDataItem members to match with the initializer list.
        * platform/win/CursorWin.cpp:
        (WebCore::loadCursorByName): Changed the argument type of 'name' to const char*.
        * platform/win/DefWndProcWindowClass.cpp:
        (WebCore::defWndProcWindowClassName): Removed an unused variable 'atom'.
        * platform/win/DragImageWin.cpp: Removed an unused variable 'MinDragLabelWidthBeforeClip'.
        * platform/win/PasteboardWin.cpp:
        (WebCore::createGlobalImageFileDescriptor): Removed an unused variable 'hr'.
        (WebCore::createGlobalHDropContent): Use reinterpret_cast to suppress warning.
        * platform/win/PlatformMouseEventWin.cpp:
        (WebCore::PlatformMouseEvent::PlatformMouseEvent): Reordered the initializer list.
        * platform/win/PopupMenuWin.cpp:
        (WebCore::PopupMenuWin::paint): Removed an unused variable 'itemCount'.
        * platform/win/PopupMenuWin.h: Marked override methods with 'override'.
        * platform/win/SSLKeyGeneratorWin.cpp:
        (WebCore::getSupportedKeySizes): Removed WebCore namespace prefix in WebCore namespace.
        (WebCore::signedPublicKeyAndChallengeString): Ditto.
        * platform/win/SearchPopupMenuDB.cpp:
        (WebCore::SearchPopupMenuDB::createPreparedStatement): Use ASSERT_UNUSED instead of ASSERT.
        * platform/win/StructuredExceptionHandlerSuppressor.h: Enclosed m_savedExceptionRegistration with #if defined(_M_IX86).
        * platform/win/SystemInfo.cpp:
        (WebCore::osVersionForUAString): Added default case.

2018-12-13  Youenn Fablet  <youenn@apple.com>

        RTCRtpTransceiver.stopped should be true when applying a remote description with the corresponding m section rejected
        https://bugs.webkit.org/show_bug.cgi?id=192685

        Reviewed by Eric Carlson.

        In case the remote description contains a rejected m section,
        the corresponding transceiver should be marked as stopped.
        Libwebrtc backend has that information so pipe it up to JS.

        Covered by updated WPT test.

        * Modules/mediastream/RTCRtpTransceiver.cpp:
        (WebCore::RTCRtpTransceiver::stopped const):
        * Modules/mediastream/RTCRtpTransceiver.h:
        (WebCore::RTCRtpTransceiver::stopped const): Deleted.
        * Modules/mediastream/RTCRtpTransceiverBackend.h:
        * Modules/mediastream/libwebrtc/LibWebRTCRtpTransceiverBackend.cpp:
        (WebCore::LibWebRTCRtpTransceiverBackend::stopped const):
        * Modules/mediastream/libwebrtc/LibWebRTCRtpTransceiverBackend.h:

2018-12-13  Mark Lam  <mark.lam@apple.com>

        Ensure that StructureFlags initialization always starts with Base::StructureFlags.
        https://bugs.webkit.org/show_bug.cgi?id=192686

        Reviewed by Keith Miller.

        No new tests needed because there's no new functionality.  Just refactoring.

        * bindings/js/JSDOMWindowProperties.h:
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader):
        (GeneratePrototypeDeclaration):
        * bindings/scripts/test/JS/JSTestActiveDOMObject.h:
        * bindings/scripts/test/JS/JSTestEnabledBySetting.h:
        * bindings/scripts/test/JS/JSTestEventTarget.h:
        * bindings/scripts/test/JS/JSTestGlobalObject.h:
        * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.h:
        * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.h:
        * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.h:
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.h:
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.h:
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.h:
        * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.h:
        * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.h:
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.h:
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.h:
        * bindings/scripts/test/JS/JSTestNamedGetterCallWith.h:
        * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.h:
        * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.h:
        * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.h:
        * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.h:
        * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.h:
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.h:
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.h:
        * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.h:
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.h:
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.h:
        * bindings/scripts/test/JS/JSTestObj.h:
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.h:
        * bindings/scripts/test/JS/JSTestPluginInterface.h:
        * bindings/scripts/test/JS/JSTestTypedefs.h:

2018-12-13  Ryosuke Niwa  <rniwa@webkit.org>

        Make HTMLConverter work across shadow boundaries
        https://bugs.webkit.org/show_bug.cgi?id=192640

        Reviewed by Wenson Hsieh.

        Made HTMLConverter work with shadow boundaries by replacing the various tree traversal functions.

        Tests: editing/mac/attributed-string/attributed-string-across-shadow-boundaries-1.html
               editing/mac/attributed-string/attributed-string-across-shadow-boundaries-2.html
               editing/mac/attributed-string/attributed-string-across-shadow-boundaries-3.html
               editing/mac/attributed-string/attributed-string-across-shadow-boundaries-4.html
               editing/mac/attributed-string/attributed-string-across-shadow-boundaries-5.html
               editing/mac/attributed-string/attributed-string-across-shadow-boundaries-with-style-1.html
               editing/mac/attributed-string/attributed-string-across-shadow-boundaries-with-style-2.html
               editing/mac/attributed-string/attributed-string-across-shadow-boundaries-with-style-3.html

        * dom/Position.cpp:
        (WebCore::commonShadowIncludingAncestor): Moved from markup.cpp to be shared between HTMLConverter
        and serializePreservingVisualAppearanceInternal.
        * dom/Position.h:
        * editing/cocoa/HTMLConverter.mm:
        (HTMLConverter::convert):
        (HTMLConverterCaches::propertyValueForNode):
        (HTMLConverterCaches::floatPropertyValueForNode):
        (HTMLConverter::_blockLevelElementForNode):
        (HTMLConverterCaches::colorPropertyValueForNode):
        (HTMLConverter::aggregatedAttributesForAncestors):
        (HTMLConverter::aggregatedAttributesForElementAndItsAncestors):
        (HTMLConverter::_processElement):
        (HTMLConverter::_traverseNode):
        (HTMLConverter::_traverseFooterNode):
        (HTMLConverterCaches::cacheAncestorsOfStartToBeConverted):
        (WebCore::attributedStringFromSelection):
        * editing/markup.cpp:
        (WebCore::commonShadowIncludingAncestor): Moved to Position.cpp.

2018-12-13  Youenn Fablet  <youenn@apple.com>

        Trying to play a media element synchronously after setting srcObject should succeed without user gesture
        https://bugs.webkit.org/show_bug.cgi?id=192679

        Reviewed by Eric Carlson.

        Check the srcObject mediaProvider value which is set synchronously.
        Covered by updated fast/mediastream/local-audio-playing-event.html.

        * html/HTMLMediaElement.h:
        (WebCore::HTMLMediaElement::hasMediaStreamSrcObject const):

2018-12-13  Wenson Hsieh  <wenson_hsieh@apple.com>

        [iOS] Support dropping contact card data (public.vcard) in editable content
        https://bugs.webkit.org/show_bug.cgi?id=192570
        <rdar://problem/35626913>

        Reviewed by Tim Horton.

        Adds support for accepting vCard (.vcf) data via drop on iOS. See below for more details.

        Tests:  DragAndDropTests.ExternalSourceContactIntoEditableAreas
                DragAndDropTests.ExternalSourceMapItemAndContactToUploadArea
                DragAndDropTests.ExternalSourceMapItemIntoEditableAreas
                WKAttachmentTestsIOS.InsertDroppedContactAsAttachment
                WKAttachmentTestsIOS.InsertDroppedMapItemAsAttachment

        * editing/WebContentReader.h:
        * editing/cocoa/WebContentReaderCocoa.mm:
        (WebCore::attachmentForFilePath):

        Pull out logic to create an attachment from a file path out into a static helper. Use this in `readFilePaths`
        as well as `readVirtualContactFile`.

        (WebCore::WebContentReader::readFilePaths):
        (WebCore::WebContentReader::readVirtualContactFile):

        Add a pasteboard reading method that reads a vCard file (with an optional URL) as web content. The resulting
        fragment consists of either an anchor and an attachment element, or just an attachment element if the URL is
        empty. In the case of an `MKMapItem`, the URL is populated, so we generate both elements; when dragging a
        contact, there is no associated URL, so we only have an attachment.

        * platform/Pasteboard.h:
        * platform/ios/PasteboardIOS.mm:
        (WebCore::Pasteboard::readPasteboardWebContentDataForType):

        Augment this to take the current `PasteboardItemInfo` as well; use this item information to get a file path for
        "public.vcard" data, which is then passed on to the web content reader. Additionally, by returning
        `ReaderResult::DidNotReadType` here, we prevent the web content reader from extracting the plain text contents
        of the vCard and dumping it as plain text in the editable element (this would otherwise happen, since
        "public.vcard" conforms to "public.text").

        (WebCore::Pasteboard::read):
        (WebCore::Pasteboard::readRespectingUTIFidelities):
        * platform/ios/WebItemProviderPasteboard.mm:
        (-[NSItemProvider web_fileUploadContentTypes]):

        Prevent the "com.apple.mapkit.map-item" UTI from being considered as file upload content. This special case is
        tricky, since "com.apple.mapkit.map-item" conforms to "public.content", yet its corresponding data is only
        suitable for deserialization into an `MKMapItem`.

2018-12-13  Devin Rousso  <drousso@apple.com>

        Web Inspector: remove DOM.BackendNodeId and associated commands/events
        https://bugs.webkit.org/show_bug.cgi?id=192478

        Reviewed by Matt Baker.

        Removing unused code, so no change in functionality.

        * inspector/agents/InspectorDOMAgent.h:
        * inspector/agents/InspectorDOMAgent.cpp:
        (WebCore::InspectorDOMAgent::discardBindings):
        (WebCore::InspectorDOMAgent::backendNodeIdForNode): Deleted.
        (WebCore::InspectorDOMAgent::releaseBackendNodeIds): Deleted.
        (WebCore::InspectorDOMAgent::pushNodeByBackendIdToFrontend): Deleted.

2018-12-13  Chris Dumez  <cdumez@apple.com>

        [PSON] We should not need to navigate to 'about:blank' to suspend pages
        https://bugs.webkit.org/show_bug.cgi?id=192668
        <rdar://problem/46701466>

        Reviewed by Alex Christensen.

        * history/PageCache.cpp:
        (WebCore::PageCache::addIfCacheable):
        * history/PageCache.h:
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::redirectReceived):
        (WebCore::DocumentLoader::willSendRequest):
        (WebCore::DocumentLoader::startLoadingMainResource):
        * loader/DocumentLoader.h:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::init):
        (WebCore::FrameLoader::stopAllLoaders):
        (WebCore::FrameLoader::setDocumentLoader):
        (WebCore::FrameLoader::commitProvisionalLoad):
        (WebCore::FrameLoader::continueLoadAfterNavigationPolicy):
        (WebCore::FrameLoader::continueLoadAfterNewWindowPolicy):
        * loader/FrameLoaderTypes.h:
        * loader/PolicyChecker.cpp:
        (WebCore::PolicyChecker::checkNavigationPolicy):
        * loader/PolicyChecker.h:

2018-12-13  Per Arne Vollan  <pvollan@apple.com>

        [macOS] Inline WebVTT styles should override styles from Captions settings in System Preferences
        https://bugs.webkit.org/show_bug.cgi?id=192638

        Reviewed by Eric Carlson.

        It is currently not possible to override caption styles generated from System Preferences with inline
        WebVTT styles without adding !important. The reason for this is that the generated styles from
        System preferences are author styles which have higher priority than the inline WebVTT styles, which
        are user agent styles in the video user agent shadow tree. This can be fixed by moving the generated
        styles to the video user agent shadow tree. Inline WebVTT styles will then have higher priority since
        they are added after the generated styles. This patch also fixes a problem where inline styles could be
        added twice to the video user agent shadow root.

        Test: media/track/track-cue-css.html

        * dom/ExtensionStyleSheets.cpp:
        (WebCore::ExtensionStyleSheets::updateInjectedStyleSheetCache const):
        * html/track/VTTCue.cpp:
        (WebCore::VTTCue::getDisplayTree):
        * page/CaptionUserPreferences.cpp:
        (WebCore::CaptionUserPreferences::setCaptionsStyleSheetOverride):
        * page/Page.cpp:
        (WebCore::Page::setCaptionUserPreferencesStyleSheet):

2018-12-13  Jer Noble  <jer.noble@apple.com>

        Fix leak of AVPlayer boundaryTimeObserver object.
        https://bugs.webkit.org/show_bug.cgi?id=192674

        Reviewed by Eric Carlson.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::performTaskAtMediaTime):

2018-12-13  Brent Fulgham  <bfulgham@apple.com>

        Don't attempt to animate invalid CSS properties
        https://bugs.webkit.org/show_bug.cgi?id=192630
        <rdar://problem/46664433>

        Reviewed by Antoine Quint.

        Inherited animation properties can cause child elements to think they need to animate CSS properties
        that they do not support, leading to nullptr crashes.

        Recognize that CSSPropertyInvalid is a potential requested animation property, and handle it
        cleanly.

        Tests: animations/invalid-property-animation.html

        * page/animation/CompositeAnimation.cpp:
        (WebCore::CompositeAnimation::updateTransitions):
        * svg/SVGAnimateElementBase.cpp:
        (WebCore::SVGAnimateElementBase::calculateAnimatedValue):

2018-12-13  Timothy Hatcher  <timothy@apple.com>

        REGRESSION (r230064): Focus rings on webpages are fainter than in native UI.
        https://bugs.webkit.org/show_bug.cgi?id=192639
        rdar://problem/42669297

        Reviewed by Tim Horton.

        The focus ring color passed to CoreGraphics is expected to be opaque, since they
        will apply opacity when drawing (because opacity is normally animated).
        We were getting this by accident before when the old `RenderThemeMac::systemColor()`
        used the old `convertNSColorToColor()`, which ignored alpha on NSColor.
        Existing tests use fixed test focus ring color.

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::colorFromPrimitiveValue const): Use RenderTheme singleton for `focusRingColor()`.
        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::drawFocusIfNeededInternal): Ditto.
        * platform/graphics/cocoa/GraphicsContextCocoa.mm:
        (WebCore::drawFocusRingAtTime): Use `CGContextStateSaver`.
        * platform/mac/ThemeMac.mm:
        (WebCore::drawCellFocusRingWithFrameAtTime): Force alpha to 1 on the focus ring color. Use `CGContextStateSaver`.
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::paintFocusRing): Use RenderTheme singleton for `focusRingColor()`.
        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::paintAreaElementFocusRing): Ditto.
        * rendering/RenderTheme.cpp:
        (WebCore::RenderTheme::focusRingColor const): Made const. Cache the result of `platformFocusRingColor()`.
        * rendering/RenderTheme.h: Made `focusRingColor()` a member function instead of static.
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::platformFocusRingColor const): Force alpha to 1 on the focus ring color.
        (WebCore::RenderThemeMac::systemColor const): Use `focusRingColor()`, instead of caching color here.

2018-12-13  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] Calculate width or height when constraints contain only the other
        https://bugs.webkit.org/show_bug.cgi?id=192632
        <rdar://problem/46665734>

        Unreviewed, remove an unneeded assert.

        * platform/mediastream/RealtimeVideoSource.cpp:
        (WebCore::RealtimeVideoSource::dispatchMediaSampleToObservers):

2018-12-13  Zach Li  <zachli@apple.com>

        Update Credit Card AutoFill button icon
        https://bugs.webkit.org/show_bug.cgi?id=192637
        rdar://problem/46545006

        Reviewed by Chris Dumez.

        * css/html.css:
        (input::-webkit-credit-card-auto-fill-button):

2018-12-13  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] Calculate width or height when constraints contain only the other
        https://bugs.webkit.org/show_bug.cgi?id=192632
        <rdar://problem/46665734>

        Reviewed by Youenn Fablet.

        Test: fast/mediastream/constraint-intrinsic-size.html

        * platform/graphics/RemoteVideoSample.cpp:
        (WebCore::RemoteVideoSample::create): Log errors with RELEASE_LOG_ERROR.

        * platform/graphics/cv/ImageTransferSessionVT.h:
        (WebCore::ImageTransferSessionVT::pixelFormat const): New.

        * platform/mediastream/RealtimeMediaSource.cpp:
        (WebCore::RealtimeMediaSource::setSizeAndFrameRate): Replace current size with new size.
        (WebCore::RealtimeMediaSource::setSize): Don't notify about width and height.
        (WebCore::RealtimeMediaSource::size const): Use intrinsic size when necessary.
        (WebCore::RealtimeMediaSource::setIntrinsicSize): New.
        (WebCore::RealtimeMediaSource::remoteVideoSampleAvailable): Deleted.
        * platform/mediastream/RealtimeMediaSource.h:

        * platform/mediastream/RealtimeVideoSource.cpp:
        (WebCore::RealtimeVideoSource::dispatchMediaSampleToObservers): No more remoteVideoSampleAvailable.

        * platform/mediastream/mac/DisplayCaptureSourceCocoa.cpp:
        (WebCore::DisplayCaptureSourceCocoa::settings): Report size correctly.
        (WebCore::DisplayCaptureSourceCocoa::frameSize const): Use intrinsicSize().
        (WebCore::DisplayCaptureSourceCocoa::emitFrame): No more remoteVideoSampleAvailable.
        (WebCore::DisplayCaptureSourceCocoa::setIntrinsicSize): Deleted.
        * platform/mediastream/mac/DisplayCaptureSourceCocoa.h:
        (WebCore::DisplayCaptureSourceCocoa::intrinsicSize const): Deleted.

        * platform/mock/MockRealtimeVideoSource.cpp:
        (WebCore::MockRealtimeVideoSource::MockRealtimeVideoSource): Report intrinsic size.
        (WebCore::MockRealtimeVideoSource::setSizeAndFrameRate): Minor cleanup.
        (WebCore::MockRealtimeVideoSource::setSizeAndFrameRateWithPreset):  Report intrinsic size.
        (WebCore::MockRealtimeVideoSource::drawText): Don't render preset info for display source.
        * platform/mock/MockRealtimeVideoSource.h:

2018-12-13  David Kilzer  <ddkilzer@apple.com>

        clang-tidy: loop variable is copied but only used as const reference in Document.cpp, Element.cpp
        <https://webkit.org/b/192661>
        <rdar://problem/46694035>

        Reviewed by Daniel Bates.

        * dom/Document.cpp:
        (WebCore::Document::updateIntersectionObservations):
        (WebCore::Document::notifyIntersectionObserversTimerFired):
        * dom/Element.cpp:
        (WebCore::Element::didMoveToNewDocument):
        (WebCore::Element::disconnectFromIntersectionObservers):
        - Change loop variables from `auto` to `const auto&` to prevent
          unnecessary copies of WeakPtr<IntersectionObserver> or
          struct IntersectionObserverRegistration objects.

2018-12-13  Carlos Garcia Campos  <cgarcia@igalia.com>

        [FreeType] Remove HarfBuzzFace
        https://bugs.webkit.org/show_bug.cgi?id=192589

        Reviewed by Michael Catanzaro.

        This was used to share the common implementation with the chromium port, but now that only freetype based ports
        use it, it can be removed and use hb_ft_face_create_cached() instead. We don't need the glyph cache either,
        since we are already caching glyphs in Font.

        * platform/FreeType.cmake: Remove HarfBuzzFaceCairo.cpp and HarfBuzzFace.cpp.
        * platform/graphics/FontPlatformData.h: Remove HarfBuzzFace member.
        * platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp: Add missing include.
        * platform/graphics/freetype/FontPlatformDataFreeType.cpp:
        (WebCore::FontPlatformData::operator=): Remove m_harfBuzzFace handling.
        (WebCore::FontPlatformData::createOpenTypeMathHarfBuzzFont const): New funtction to create a hb_font_t for
        OpenType math.
        * platform/graphics/harfbuzz/ComplexTextControllerHarfBuzz.cpp:
        (WebCore::floatToHarfBuzzPosition): Moved from HarfBuzzFaceCairo.cpp.
        (WebCore::doubleToHarfBuzzPosition): Ditto.
        (WebCore::harfBuzzFontFunctions): Also moved from HarfBuzzFaceCairo.cpp, but implement get_nominal/variation
        functions when using HarfBuzz >= 1.2.3 and use Font::glyphForCharacter() to make it simpler.
        (WebCore::fontFeatures): Moved from HarfBuzzFaceCairo.cpp.
        (WebCore::findScriptForVerticalGlyphSubstitution): Moved from HarfBuzzFace.cpp.
        (WebCore::ComplexTextController::collectComplexTextRunsForCharacters): Create the HarfBuzz face and font here.
        * platform/graphics/harfbuzz/HarfBuzzFace.cpp: Removed.
        * platform/graphics/harfbuzz/HarfBuzzFace.h: Removed.
        * platform/graphics/harfbuzz/HarfBuzzFaceCairo.cpp: Removed.
        * platform/graphics/harfbuzz/HbUniquePtr.h:
        (WebCore::HbPtrDeleter<hb_face_t>::operator() const): Add deleter for hb_face_t.
        * platform/graphics/opentype/OpenTypeMathData.cpp:
        (WebCore::OpenTypeMathData::OpenTypeMathData): Use FontPlatformData::createOpenTypeMathHarfBuzzFont().

2018-12-12  Carlos Garcia Campos  <cgarcia@igalia.com>

        [FreeType] Add initial implementation of variation fonts
        https://bugs.webkit.org/show_bug.cgi?id=192151

        Reviewed by Michael Catanzaro.

        * css/CSSFontFaceSource.cpp:
        (WebCore::CSSFontFaceSource::font): Remove platform ifdefs.
        * loader/cache/CachedFont.cpp:
        (WebCore::CachedFont::platformDataFromCustomData): Ditto.
        * platform/graphics/FontPlatformData.h:
        (WebCore::FontPlatformData::isFixedWidth const):
        * platform/graphics/cairo/FontCustomPlatformData.h: Use RefPtr for cairo_font_face_t.
        * platform/graphics/freetype/FontCacheFreeType.cpp:
        (WebCore::getFontPropertiesFromPattern): Helper function to get several font properties from the fontconfig
        pattern.
        (WebCore::FontCache::systemFallbackForCharacters): Use getFontPropertiesFromPattern().
        (WebCore::FontCache::createFontPlatformData): Pass FC_VARIABLE to the pattern and call buildVariationSettings()
        before creating the FontPlatformData to set FC_FONT_VARIATIONS on the pattern.
        (WebCore::defaultVariationValues): Parse font variations table.
        (WebCore::buildVariationSettings): Build a font variations string from the settings that can be passed to cairo.
        * platform/graphics/freetype/FontCacheFreeType.h: Added.
        * platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp:
        (WebCore::FontCustomPlatformData::FontCustomPlatformData): Use RefPtr and make freeTypeFaceKey global.
        (WebCore::FontCustomPlatformData::~FontCustomPlatformData): Remove explicit destroy.
        (WebCore::defaultFontconfigOptions): Moved here from FontCacheFreeType.
        (WebCore::FontCustomPlatformData::fontPlatformData): Call buildVariationSettings() before creating the
        FontPlatformData to set FC_FONT_VARIATIONS on the pattern.
        (WebCore::FontCustomPlatformData::supportsFormat): Add variation formats.
        * platform/graphics/freetype/FontPlatformDataFreeType.cpp:
        (WebCore::setCairoFontOptionsFromFontConfigPattern): Call cairo_font_options_set_variations() with the
        FC_FONT_VARIATIONS value from the pattern.
        (WebCore::FontPlatformData::FontPlatformData): Use a single constructor that always receives a valid fontconfig
        pattern.
        (WebCore::FontPlatformData::fcPattern const): Return the fontconfig pattern.
        (WebCore::FontPlatformData::platformIsEqual const): Update the condition now that m_pattern can't be nullptr.
        (WebCore::FontPlatformData::buildScaledFont): Use m_pattern unconditionally.
        * platform/graphics/freetype/SimpleFontDataFreeType.cpp:
        (WebCore::Font::platformCreateScaledFont const): Update it to use the new FontPlatformData constructor.
        * platform/graphics/harfbuzz/HarfBuzzFaceCairo.cpp:
        (WebCore::HarfBuzzFace::createFont): Pass variations to HarfBuzz.
        * platform/graphics/win/FontCustomPlatformData.cpp:
        (WebCore::FontCustomPlatformData::fontPlatformData):
        * platform/graphics/win/FontCustomPlatformData.h:

2018-12-12  Fujii Hironori  <Hironori.Fujii@sony.com>

        [Win][Clang][WebKitLegacy] WebFrame.cpp: warning: delete called on non-final 'WebFrame' that has virtual functions but non-virtual destructor [-Wdelete-non-virtual-dtor]
        https://bugs.webkit.org/show_bug.cgi?id=192618

        Reviewed by Alex Christensen.

        No new tests, no behavior changes.

        * platform/win/PopupMenuWin.h:
        * platform/win/WCDataObject.cpp:
        * platform/win/WCDataObject.h:

2018-12-12  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r238090): CAPCHA UI jumps to the wrong location
        https://bugs.webkit.org/show_bug.cgi?id=192651
        rdar://problem/46531919

        Reviewed by Zalan Bujtas.
        
        When a RenderLayer becomes non-composited because of a style change, we need to set a dirty
        bit to say that descendants need their geometry updated (because they now have to
        compute their positions relative to a different ancestor). This wasn't happening
        in the layerStyleChanged() code path.
        
        In the code path that did do this correctly (in the computeCompositingRequirements() tree walk),
        we can address a FIXME and only dirty direct children, not all descendants (that code was
        written before the child-only dirty bit existed).

        Test: compositing/geometry/update-child-geometry-on-compositing-change.html

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::computeCompositingRequirements):
        (WebCore::RenderLayerCompositor::layerStyleChanged):

2018-12-13  Ryosuke Niwa  <rniwa@webkit.org>

        Make TextInputController.legacyAttributedString take DOM nodes and offsets
        https://bugs.webkit.org/show_bug.cgi?id=192653

        Reviewed by Wenson Hsieh.

        No new tests since there should be no observable behavioral change other than
        TextInputController API in DumpRenderTree.

        * editing/cocoa/HTMLConverter.h:
        * editing/cocoa/HTMLConverter.mm:
        (WebCore::attributedStringFromSelection):
        (WebCore::attributedStringBetweenStartAndEnd): Added.

2018-12-12  Ryosuke Niwa  <rniwa@webkit.org>

        Fix macOS builds after r239145.

        * platform/mediastream/mac/MockRealtimeVideoSourceMac.mm:

2018-12-12  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r238357): Pins on Yelp map disappear
        https://bugs.webkit.org/show_bug.cgi?id=192597
        rdar://problem/46578285

        Reviewed by Zalan Bujtas.

        RenderLayerCompositor::updateBackingAndHierarchy() had a bug where if a RenderLayer gained
        a negative z-order child (triggering creation of a foreground layer), we'd fail to 
        call the "setChildren()" with the vector containing that foreground layer.
        
        When updateBackingAndHierarchy() stops visiting descendants because none are composited,
        it may still have to update the child list with the foreground layer, so make sure
        the code handles this case.

        Tests: compositing/z-order/add-negative-z-child.html
               compositing/z-order/rebuild-sibling-of-layer-with-foreground-layer.html

        * rendering/RenderLayer.cpp:
        (WebCore::outputPaintOrderTreeRecursive):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::updateBackingAndHierarchy):

2018-12-12  YUHAN WU  <yuhan_wu@apple.com>

        Implement non-timeslice mode encoding for MediaRecorder
        https://bugs.webkit.org/show_bug.cgi?id=192069
        <rdar://problem/46443290>

        Reviewed by Eric Carlson.

        Implement the encoding for non-timeslice mode of MediaRecorder.
        It only supports to record MP4 file through H264 and AAC encoding, we will need to support more MIME types and encoding methods.
        Add a API in internals to allow testings to turn on the mock source.

        Test: http/wpt/mediarecorder/MediaRecorder-AV-audio-video-dataavailable.html

        * Modules/mediarecorder/MediaRecorder.cpp:
        (WebCore::MediaRecorder::create):
        (WebCore::MediaRecorder::setCustomPrivateRecorderCreator):
        (WebCore::MediaRecorder::getPrivateImpl):
        (WebCore::MediaRecorder::MediaRecorder):
        (WebCore::MediaRecorder::stopRecording):
        (WebCore::MediaRecorder::stopRecordingInternal):
        (WebCore::MediaRecorder::createRecordingDataBlob):
        (WebCore::MediaRecorder::scheduleDeferredTask):
        * Modules/mediarecorder/MediaRecorder.h:
        * Modules/mediarecorder/MediaRecorder.idl:
        * SourcesCocoa.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/mediarecorder/MediaRecorderPrivate.h:
        (WebCore::MediaRecorderPrivate::stopRecording):
        * platform/mediarecorder/MediaRecorderPrivateAVFImpl.cpp: Added.
        (WebCore::MediaRecorderPrivateAVFImpl::create):
        (WebCore::MediaRecorderPrivateAVFImpl::MediaRecorderPrivateAVFImpl):
        (WebCore::MediaRecorderPrivateAVFImpl::sampleBufferUpdated):
        (WebCore::MediaRecorderPrivateAVFImpl::audioSamplesAvailable):
        (WebCore::MediaRecorderPrivateAVFImpl::stopRecording):
        (WebCore::MediaRecorderPrivateAVFImpl::fetchData):
        (WebCore::MediaRecorderPrivateAVFImpl::mimeType):
        * platform/mediarecorder/MediaRecorderPrivateAVFImpl.h: Added.
        * platform/mediarecorder/MediaRecorderPrivateMock.cpp:
        (WebCore::MediaRecorderPrivateMock::fetchData):
        (WebCore::MediaRecorderPrivateMock::mimeType):
        * platform/mediarecorder/MediaRecorderPrivateMock.h:
        * platform/mediarecorder/cocoa/MediaRecorderPrivateWriterCocoa.h: added.
        * platform/mediarecorder/cocoa/MediaRecorderPrivateWriterCocoa.mm: Added.
        (WebCore::MediaRecorderPrivateWriter::clear):
        (WebCore::MediaRecorderPrivateWriter::setupWriter):
        (WebCore::MediaRecorderPrivateWriter::setVideoInput):
        (WebCore::MediaRecorderPrivateWriter::setAudioInput):
        (WebCore::copySampleBufferWithCurrentTimeStamp):
        (WebCore::MediaRecorderPrivateWriter::appendVideoSampleBuffer):
        (WebCore::MediaRecorderPrivateWriter::appendAudioSampleBuffer):
        (WebCore::MediaRecorderPrivateWriter::stopRecording):
        * testing/Internals.cpp:
        (WebCore::createRecorderMockSource):
        (WebCore::Internals::setCustomPrivateRecorderCreator):
        * testing/Internals.h:
        * testing/Internals.idl:

2018-12-12  Justin Fan  <justin_fan@apple.com>

        [WebGPU] Vertex buffers and WebGPUInputState
        https://bugs.webkit.org/show_bug.cgi?id=192611

        Reviewed by Dean Jackson.

        Test: webgpu/vertex-buffer-triangle-strip.html

        Basic implementation of vertex buffers with Metal shading language in WebGPU. In 
        WebGPURenderPipelineDescriptor, refactor to match updated shader stage structure and add 
        WebGPUInputStateDescriptor. Also implement WebGPURenderPassEncoder::setVertexBuffers.

        Add symbols and files for WebGPUIndexFormat, WebGPUInputStateDescriptor, WebGPUInputStepMode, 
        WebGPUVertexAttributeDescriptor, WebGPUVertexFormat, WebGPUVertexInputDescriptor:
        * CMakeLists.txt:
        * DerivedSources.make:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/WebCoreBuiltinNames.h:

        Add and implement interfaces and dictionaries for WebGPUInputState:
        * Modules/webgpu/WebGPUBuffer.cpp:
        (WebCore::WebGPUBuffer::WebGPUBuffer):
        * Modules/webgpu/WebGPUBuffer.h:
        (WebCore::WebGPUBuffer::buffer const): Added getter for backing GPUBuffer.
        * Modules/webgpu/WebGPUBufferDescriptor.h:
        * Modules/webgpu/WebGPUBufferDescriptor.idl: Moving WebGPUBufferUsage out into its own IDL.
        * Modules/webgpu/WebGPUDevice.h:
        * Modules/webgpu/WebGPUIndexFormat.h: Added.
        * Modules/webgpu/WebGPUIndexFormat.idl: Added. 
        * Modules/webgpu/WebGPUInputStateDescriptor.h: Added.
        * Modules/webgpu/WebGPUInputStateDescriptor.idl: Added.
        * Modules/webgpu/WebGPUInputStepMode.h: Added.
        * Modules/webgpu/WebGPUInputStepMode.idl: Added.
        * Modules/webgpu/WebGPUVertexAttributeDescriptor.h: Added.
        * Modules/webgpu/WebGPUVertexAttributeDescriptor.idl: Added.
        * Modules/webgpu/WebGPUVertexFormat.h: Added.
        * Modules/webgpu/WebGPUVertexFormat.idl: Added.
        * Modules/webgpu/WebGPUVertexInputDescriptor.h: Added.
        * Modules/webgpu/WebGPUVertexInputDescriptor.idl: Added.
        * platform/graphics/gpu/GPUInputStateDescriptor.h: Added.
        * platform/graphics/gpu/GPURenderPassEncoder.h: Added.
        * platform/graphics/gpu/GPURenderPipelineDescriptor.h: Added.
        * platform/graphics/gpu/GPUVertexAttributeDescriptor.h: Added.
        * platform/graphics/gpu/GPUVertexInputDescriptor.h: Added.

        Refactor to support updated structure of pipeline descriptor in sketch IDL:
        * Modules/webgpu/WebGPUDevice.cpp:
        (WebCore::validateAndConvertPipelineStage):
        (WebCore::WebGPUDevice::createRenderPipeline const):
        * Modules/webgpu/WebGPUPipelineDescriptorBase.h:
        * Modules/webgpu/WebGPUPipelineDescriptorBase.idl:
        * Modules/webgpu/WebGPUPipelineStageDescriptor.h:
        * Modules/webgpu/WebGPUPipelineStageDescriptor.idl:
        * Modules/webgpu/WebGPURenderPipelineDescriptor.h:
        * Modules/webgpu/WebGPURenderPipelineDescriptor.idl:
        * Modules/webgpu/WebGPUShaderStage.*: Removed.

        Add and implement setVertexBuffers:
        * Modules/webgpu/WebGPURenderPassEncoder.cpp:
        (WebCore::WebGPURenderPassEncoder::setVertexBuffers): Added. 
        * Modules/webgpu/WebGPURenderPassEncoder.h:
        * Modules/webgpu/WebGPURenderPassEncoder.idl: 
        * platform/graphics/gpu/cocoa/GPURenderPassEncoderMetal.mm:
        (WebCore::GPURenderPassEncoder::setVertexBuffers):
        * platform/graphics/gpu/cocoa/GPURenderPipelineMetal.mm:
        (WebCore::setInputStateForPipelineDescriptor):
        (WebCore::GPURenderPipeline::create):

2018-12-12  Tim Horton  <timothy_horton@apple.com>

        REGRESSION (r237565): >20 Find in Page highlights in one tile results in a single giant highlight
        https://bugs.webkit.org/show_bug.cgi?id=192642
        <rdar://problem/46498246>

        Reviewed by Geoffrey Garen.

        No new tests; adjusted an existing test instead.

        * platform/graphics/PathUtilities.cpp:
        (WebCore::PathUtilities::pathsWithShrinkWrappedRects):
        Instead of uniting when we fail to shrink-wrap, just return the original rects.
        This seems like a more reasonable default in most cases.

2018-12-12  Vivek Seth  <v_seth@apple.com>

        HTTPS Upgrade: Figure out if/how to tell clients that the HTTPS upgrade happened
        https://bugs.webkit.org/show_bug.cgi?id=192375
        <rdar://problem/45851159>

        Reviewed by Chris Dumez.

        Use simulated redirect to tell clients that HTTPS Upgrade happened.

        * platform/network/ResourceResponseBase.cpp:
        (WebCore::ResourceResponseBase::syntheticRedirectResponse):
        * platform/network/ResourceResponseBase.h:
        * platform/network/mac/WebCoreURLResponse.mm:
        (WebCore::synthesizeRedirectResponseIfNecessary):

2018-12-12  Chris Dumez  <cdumez@apple.com>

        Add a preference to enable / disable devicemotion and deviceorientation events
        https://bugs.webkit.org/show_bug.cgi?id=192631
        <rdar://problem/46646244>

        Reviewed by Geoffrey Garen.

        Add setting to toggle support for the deviceorientation / devicemotion events:
        - https://w3c.github.io/deviceorientation/

        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::addEventListener):
        * page/Settings.yaml:

2018-12-11  Ryosuke Niwa  <rniwa@webkit.org>

        Make HTMLConverter take two Positions in preparation to make it work with shadow DOM
        https://bugs.webkit.org/show_bug.cgi?id=192613

        Reviewed by Darin Adler.

        This patch makes HTMLConverter store two Position's instead of a Range so that HTMLConverter can work with
        a selection which spans across shadow boundaries in the future.

        No new tests since there should be no observable behavioral change.

        * editing/cocoa/EditorCocoa.mm:
        (WebCore::Editor::writeSelectionToPasteboard): Uses the newly introduced writeSelectionToPasteboard.
        (WebCore::Editor::writeSelection): Ditto.
        * editing/cocoa/HTMLConverter.h:
        * editing/cocoa/HTMLConverter.mm:
        (HTMLConverter::HTMLConverter): Now takes two Position's.
        (HTMLConverter::convert): Updated to work with Position's.
        (HTMLConverter::_processText): Ditto.
        (HTMLConverter::_traverseNode): Ditto.
        (HTMLConverter::_traverseFooterNode): Ditto.
        (HTMLConverterCaches::cacheAncestorsOfStartToBeConverted): Ditto.
        (WebCore::attributedStringFromRange): Ditto.
        (WebCore::attributedStringFromSelection): Added. For now, we first create a Range via toNormalizedRange
        in order to preserve the exact behavior.

2018-12-12  Michael Catanzaro  <mcatanzaro@igalia.com>

        Unreviewed manual rollout of r239100-r239102 and r239116
        https://bugs.webkit.org/show_bug.cgi?id=192151
        <rdar://problem/46655586>

        * css/CSSFontFaceSource.cpp:
        (WebCore::CSSFontFaceSource::font):
        * loader/cache/CachedFont.cpp:
        (WebCore::CachedFont::platformDataFromCustomData):
        * platform/FreeType.cmake:
        * platform/graphics/FontPlatformData.h:
        (WebCore::FontPlatformData::isFixedWidth const): Deleted.
        * platform/graphics/cairo/FontCustomPlatformData.h:
        * platform/graphics/freetype/FontCacheFreeType.cpp:
        (WebCore::FontCache::systemFallbackForCharacters):
        (WebCore::FontCache::createFontPlatformData):
        (WebCore::getFontPropertiesFromPattern): Deleted.
        (WebCore::defaultVariationValues): Deleted.
        (WebCore::buildVariationSettings): Deleted.
        * platform/graphics/freetype/FontCacheFreeType.h: Removed.
        * platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp:
        (WebCore::FontCustomPlatformData::FontCustomPlatformData):
        (WebCore::FontCustomPlatformData::~FontCustomPlatformData):
        (WebCore::FontCustomPlatformData::fontPlatformData):
        (WebCore::FontCustomPlatformData::supportsFormat):
        (WebCore::defaultFontconfigOptions): Deleted.
        * platform/graphics/freetype/FontPlatformDataFreeType.cpp:
        (WebCore::setCairoFontOptionsFromFontConfigPattern):
        (WebCore::getDefaultFontconfigOptions):
        (WebCore::FontPlatformData::FontPlatformData):
        (WebCore::FontPlatformData::operator=):
        (WebCore::FontPlatformData::harfBuzzFace const):
        (WebCore::FontPlatformData::platformIsEqual const):
        (WebCore::FontPlatformData::buildScaledFont):
        (WebCore::FontPlatformData::fcPattern const): Deleted.
        (WebCore::FontPlatformData::createOpenTypeMathHarfBuzzFont const): Deleted.
        * platform/graphics/freetype/SimpleFontDataFreeType.cpp:
        (WebCore::Font::platformCreateScaledFont const):
        * platform/graphics/harfbuzz/ComplexTextControllerHarfBuzz.cpp:
        (WebCore::fontFeatures):
        (WebCore::ComplexTextController::collectComplexTextRunsForCharacters):
        (WebCore::floatToHarfBuzzPosition): Deleted.
        (WebCore::doubleToHarfBuzzPosition): Deleted.
        (WebCore::harfBuzzFontFunctions): Deleted.
        (WebCore::findScriptForVerticalGlyphSubstitution): Deleted.
        * platform/graphics/harfbuzz/HarfBuzzFace.cpp: Added.
        (WebCore::HarfBuzzFace::CacheEntry::CacheEntry):
        (WebCore::HarfBuzzFace::CacheEntry::~CacheEntry):
        (WebCore::HarfBuzzFace::cache):
        (WebCore::HarfBuzzFace::HarfBuzzFace):
        (WebCore::HarfBuzzFace::~HarfBuzzFace):
        (WebCore::findScriptForVerticalGlyphSubstitution):
        (WebCore::HarfBuzzFace::setScriptForVerticalGlyphSubstitution):
        * platform/graphics/harfbuzz/HarfBuzzFace.h: Added.
        (WebCore::HarfBuzzFace::CacheEntry::create):
        (WebCore::HarfBuzzFace::CacheEntry::face):
        (WebCore::HarfBuzzFace::CacheEntry::glyphCache):
        * platform/graphics/harfbuzz/HarfBuzzFaceCairo.cpp: Added.
        (WebCore::floatToHarfBuzzPosition):
        (WebCore::doubleToHarfBuzzPosition):
        (WebCore::CairoGetGlyphWidthAndExtents):
        (WebCore::harfBuzzGetGlyph):
        (WebCore::harfBuzzGetGlyphHorizontalAdvance):
        (WebCore::harfBuzzGetGlyphHorizontalOrigin):
        (WebCore::harfBuzzGetGlyphExtents):
        (WebCore::harfBuzzCairoTextGetFontFuncs):
        (WebCore::harfBuzzCairoGetTable):
        (WebCore::HarfBuzzFace::createFace):
        (WebCore::HarfBuzzFace::createFont):
        * platform/graphics/harfbuzz/HbUniquePtr.h:
        (WebCore::HbPtrDeleter<hb_face_t>::operator() const): Deleted.
        * platform/graphics/opentype/OpenTypeMathData.cpp:
        (WebCore::OpenTypeMathData::OpenTypeMathData):
        * platform/graphics/win/FontCustomPlatformData.cpp:
        (WebCore::FontCustomPlatformData::fontPlatformData):
        * platform/graphics/win/FontCustomPlatformData.h:
        * platform/graphics/win/FontCustomPlatformDataCairo.cpp:
        (WebCore::FontCustomPlatformData::fontPlatformData):

2018-12-12  Chris Dumez  <cdumez@apple.com>

        Unreviewed attempt to fix Windows Cairo build after r239100.

        * platform/graphics/win/FontCustomPlatformDataCairo.cpp:
        (WebCore::FontCustomPlatformData::fontPlatformData):

2018-12-12  Wenson Hsieh  <wenson_hsieh@apple.com>

        [iOS] A few API tests are failing after r239086
        https://bugs.webkit.org/show_bug.cgi?id=192608

        Reviewed by Zalan Bujtas.

        These test failures were caused by a missing Vector size check in `Pasteboard::readFilePaths` before accessing
        the first item. Fix this by adding a helper method on PasteboardItemInfo to grab the file path for the highest
        fidelity pasteboard item (returning the null string if there are none), and use this in a few places that grab
        the highest fidelity path using Vector::first().

        While `Pasteboard::readRespectingUTIFidelities` does have a bounds check before accessing the list of paths,
        this patch still replaces it with a call to `pathForHighestFidelityItem()`, so that the intent is more clear.

        * platform/PasteboardItemInfo.h:
        (WebCore::PasteboardItemInfo::pathForHighestFidelityItem const):
        * platform/ios/PasteboardIOS.mm:
        (WebCore::Pasteboard::readRespectingUTIFidelities):
        (WebCore::Pasteboard::readFilePaths):

2018-12-12  Carlos Garcia Campos  <cgarcia@igalia.com>

        Unreviewed. Fix WPE build after r239101.

        * platform/graphics/harfbuzz/ComplexTextControllerHarfBuzz.cpp: Include <hb-ot.h>

2018-12-12  Carlos Garcia Campos  <cgarcia@igalia.com>

        [FreeType] Remove HarfBuzzFace
        https://bugs.webkit.org/show_bug.cgi?id=192589

        Reviewed by Michael Catanzaro.

        This was used to share the common implementation with the chromium port, but now that only freetype based ports
        use it, it can be removed and use hb_ft_face_create_cached() instead. We don't need the glyph cache either,
        since we are already caching glyphs in Font.

        * platform/FreeType.cmake: Remove HarfBuzzFaceCairo.cpp and HarfBuzzFace.cpp.
        * platform/graphics/FontPlatformData.h: Remove HarfBuzzFace member.
        * platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp: Add missing include.
        * platform/graphics/freetype/FontPlatformDataFreeType.cpp:
        (WebCore::FontPlatformData::operator=): Remove m_harfBuzzFace handling.
        (WebCore::FontPlatformData::createOpenTypeMathHarfBuzzFont const): New funtction to create a hb_font_t for
        OpenType math.
        * platform/graphics/harfbuzz/ComplexTextControllerHarfBuzz.cpp:
        (WebCore::floatToHarfBuzzPosition): Moved from HarfBuzzFaceCairo.cpp.
        (WebCore::doubleToHarfBuzzPosition): Ditto.
        (WebCore::harfBuzzFontFunctions): Also moved from HarfBuzzFaceCairo.cpp, but implement get_nominal/variation
        functions when using HarfBuzz >= 1.2.3 and use Font::glyphForCharacter() to make it simpler.
        (WebCore::fontFeatures): Moved from HarfBuzzFaceCairo.cpp.
        (WebCore::findScriptForVerticalGlyphSubstitution): Moved from HarfBuzzFace.cpp.
        (WebCore::ComplexTextController::collectComplexTextRunsForCharacters): Create the HarfBuzz face and font here.
        * platform/graphics/harfbuzz/HarfBuzzFace.cpp: Removed.
        * platform/graphics/harfbuzz/HarfBuzzFace.h: Removed.
        * platform/graphics/harfbuzz/HarfBuzzFaceCairo.cpp: Removed.
        * platform/graphics/harfbuzz/HbUniquePtr.h:
        (WebCore::HbPtrDeleter<hb_face_t>::operator() const): Add deleter for hb_face_t.
        * platform/graphics/opentype/OpenTypeMathData.cpp:
        (WebCore::OpenTypeMathData::OpenTypeMathData): Use FontPlatformData::createOpenTypeMathHarfBuzzFont().

2018-12-12  Carlos Garcia Campos  <cgarcia@igalia.com>

        [FreeType] Add initial implementation of variation fonts
        https://bugs.webkit.org/show_bug.cgi?id=192151

        Reviewed by Michael Catanzaro.

        * css/CSSFontFaceSource.cpp:
        (WebCore::CSSFontFaceSource::font): Remove platform ifdefs.
        * loader/cache/CachedFont.cpp:
        (WebCore::CachedFont::platformDataFromCustomData): Ditto.
        * platform/graphics/FontPlatformData.h:
        (WebCore::FontPlatformData::isFixedWidth const):
        * platform/graphics/cairo/FontCustomPlatformData.h: Use RefPtr for cairo_font_face_t.
        * platform/graphics/freetype/FontCacheFreeType.cpp:
        (WebCore::getFontPropertiesFromPattern): Helper function to get several font properties from the fontconfig
        pattern.
        (WebCore::FontCache::systemFallbackForCharacters): Use getFontPropertiesFromPattern().
        (WebCore::FontCache::createFontPlatformData): Pass FC_VARIABLE to the pattern and call buildVariationSettings()
        before creating the FontPlatformData to set FC_FONT_VARIATIONS on the pattern.
        (WebCore::defaultVariationValues): Parse font variations table.
        (WebCore::buildVariationSettings): Build a font variations string from the settings that can be passed to cairo.
        * platform/graphics/freetype/FontCacheFreeType.h: Added.
        * platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp:
        (WebCore::FontCustomPlatformData::FontCustomPlatformData): Use RefPtr and make freeTypeFaceKey global.
        (WebCore::FontCustomPlatformData::~FontCustomPlatformData): Remove explicit destroy.
        (WebCore::defaultFontconfigOptions): Moved here from FontCacheFreeType.
        (WebCore::FontCustomPlatformData::fontPlatformData): Call buildVariationSettings() before creating the
        FontPlatformData to set FC_FONT_VARIATIONS on the pattern.
        (WebCore::FontCustomPlatformData::supportsFormat): Add variation formats.
        * platform/graphics/freetype/FontPlatformDataFreeType.cpp:
        (WebCore::setCairoFontOptionsFromFontConfigPattern): Call cairo_font_options_set_variations() with the
        FC_FONT_VARIATIONS value from the pattern.
        (WebCore::FontPlatformData::FontPlatformData): Use a single constructor that always receives a valid fontconfig
        pattern.
        (WebCore::FontPlatformData::fcPattern const): Return the fontconfig pattern.
        (WebCore::FontPlatformData::platformIsEqual const): Update the condition now that m_pattern can't be nullptr.
        (WebCore::FontPlatformData::buildScaledFont): Use m_pattern unconditionally.
        * platform/graphics/freetype/SimpleFontDataFreeType.cpp:
        (WebCore::Font::platformCreateScaledFont const): Update it to use the new FontPlatformData constructor.
        * platform/graphics/harfbuzz/HarfBuzzFaceCairo.cpp:
        (WebCore::HarfBuzzFace::createFont): Pass variations to HarfBuzz.
        * platform/graphics/win/FontCustomPlatformData.cpp:
        (WebCore::FontCustomPlatformData::fontPlatformData):
        * platform/graphics/win/FontCustomPlatformData.h:

2018-12-11  Justin Michaud  <justin_michaud@apple.com>

        Implement feature flag for CSS Typed OM
        https://bugs.webkit.org/show_bug.cgi?id=192610

        Reviewed by Ryosuke Niwa.

        * Configurations/FeatureDefines.xcconfig:
        * bindings/js/JSTypedOMCSSStyleValueCustom.cpp:
        * css/typedom/StylePropertyMapReadOnly.h:
        * css/typedom/StylePropertyMapReadOnly.idl:
        * css/typedom/TypedOMCSSImageValue.h:
        * css/typedom/TypedOMCSSImageValue.idl:
        * css/typedom/TypedOMCSSNumericValue.h:
        * css/typedom/TypedOMCSSNumericValue.idl:
        * css/typedom/TypedOMCSSStyleValue.h:
        * css/typedom/TypedOMCSSStyleValue.idl:
        * css/typedom/TypedOMCSSUnitValue.h:
        * css/typedom/TypedOMCSSUnitValue.idl:
        * css/typedom/TypedOMCSSUnparsedValue.h:
        * css/typedom/TypedOMCSSUnparsedValue.idl:
        * features.json:
        * html/ImageBitmap.cpp:
        * html/ImageBitmap.h:
        * html/canvas/CanvasDrawImage.idl:
        * html/canvas/CanvasFillStrokeStyles.idl:
        * html/canvas/CanvasRenderingContext2DBase.cpp:
        * html/canvas/CanvasRenderingContext2DBase.h:
        * inspector/InspectorCanvas.cpp:
        (WebCore::InspectorCanvas::buildAction):
        * page/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::setCSSTypedOMEnabled):
        (WebCore::RuntimeEnabledFeatures::cssTypedOMEnabled const):
        * page/WindowOrWorkerGlobalScope.idl:

2018-12-10  Ryosuke Niwa  <rniwa@webkit.org>

        connectedCallback is invoked during the removal of the element inside another element's connectedCallback
        https://bugs.webkit.org/show_bug.cgi?id=183586
        <rdar://problem/38403504>

        Reviewed by Frédéric Wang.

        Align WebKit's behavior with Chrome/Firefox with regards to https://github.com/w3c/webcomponents/issues/760

        After much discussion, it's unclear that there is a clear path forward to fixing the oddness that
        the presence of a custom element reaction changes the timing at which another reaction callback gets invoked.
        So matching Chrome/Firefox behaviors in this case seems the path of the least resistance to interoperability.

        Namely, this patch makes WebKit not insert a custom element to the appropriate element queue when the element
        does not have a matching reaction callback. Put it another way, steps 3-5 in would be done before step 6 in:
        https://html.spec.whatwg.org/multipage/custom-elements.html#enqueue-a-custom-element-callback-reaction
            1. Let definition be element's custom element definition.
            2. Let callback be the value of the entry in definition's lifecycle callbacks with key callbackName.
            3. If callback is null, then return
            4. If callbackName is "attributeChangedCallback", then:
                1. Let attributeName be the first element of args.
                2. If definition's observed attributes does not contain attributeName, then return.
            5. Add a new callback reaction to element's custom element reaction queue, with callback function callback
               and arguments args.
            6. Enqueue an element on the appropriate element queue given element.

        Test: fast/custom-elements/enqueue-custom-element-callback-reactions-inside-another-callback.html

        * dom/CustomElementReactionQueue.cpp:
        (WebCore::CustomElementReactionQueue::enqueueElementUpgrade):
        (WebCore::CustomElementReactionQueue::enqueueConnectedCallbackIfNeeded):
        (WebCore::CustomElementReactionQueue::enqueueDisconnectedCallbackIfNeeded):
        (WebCore::CustomElementReactionQueue::enqueueAdoptedCallbackIfNeeded):
        (WebCore::CustomElementReactionQueue::enqueueAttributeChangedCallbackIfNeeded):
        (WebCore::CustomElementReactionQueue::enqueuePostUpgradeReactions):
        (WebCore::CustomElementReactionQueue::enqueueElementOnAppropriateElementQueue): Renamed from ensureCurrentQueue.
        * dom/CustomElementReactionQueue.h:

2018-12-11  Justin Fan  <justin_fan@apple.com>

        [WebGPU] Implement WebGPUBuffer, and some nullibility consistency in WebGPU
        https://bugs.webkit.org/show_bug.cgi?id=192516

        Reviewed by Dean Jackson.

        Test: webgpu/buffers.html

        Enable basic creation of WebGPUBuffers, and fix nullability inconsitencies in WebGPU implementation.

        Add necessary symbols and files for Web/GPUBuffer, Web/GPUBufferUsage, and Web/GPUBufferDescriptor:
        * CMakeLists.txt:
        * DerivedSources.make:
        * Sources.txt:
        * SourcesCocoa.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/WebCoreBuiltinNames.h:

        * Modules/webgpu/WebGPUBuffer.cpp: Added.
        (WebCore::WebGPUBuffer::create):
        (WebCore::WebGPUBuffer::WebGPUBuffer):
        * Modules/webgpu/WebGPUBuffer.h: Added.
        (WebCore::WebGPUBuffer::mapping const):
        (WebCore::WebGPUBuffer::unmap): Unimplemented stub, for now, as Metal equivalent is unclear.
        (WebCore::WebGPUBuffer::destroy): Unimplemented stub.
        * Modules/webgpu/WebGPUBuffer.idl: Added.
        * Modules/webgpu/WebGPUBufferDescriptor.h: Added.
        * Modules/webgpu/WebGPUBufferDescriptor.idl: Added.
        * Modules/webgpu/WebGPUDevice.cpp:
        (WebCore::WebGPUDevice::createBuffer const): Added.
        * platform/graphics/gpu/GPUBuffer.h:
        (WebCore::GPUBuffer::platformBuffer const):
        (WebCore::GPUBuffer::mapping const):
        * platform/graphics/gpu/GPUBufferDescriptor.h: Added.
        * platform/graphics/gpu/GPUDevice.cpp:
        (WebCore::GPUDevice::createBuffer const): Added.
        * platform/graphics/gpu/GPUDevice.h:
        * platform/graphics/gpu/cocoa/GPUBufferMetal.mm: Added.
        (WebCore::GPUBuffer::create): Attempt to create a page-aligned Gigacage to back the GPUBuffer's ArrayBuffer. 
        (WebCore::GPUBuffer::GPUBuffer):
        (WebCore::GPUBuffer::~GPUBuffer): Dereference mapped ArrayBuffer first.

        Small benign edits, most to make nullability more consistent in WebGPU classes:
        * Modules/webgpu/WebGPUCommandBuffer.cpp:
        (WebCore::WebGPUCommandBuffer::create):
        (WebCore::WebGPUCommandBuffer::beginRenderPass):
        * Modules/webgpu/WebGPUCommandBuffer.h:
        * Modules/webgpu/WebGPUDevice.cpp:
        (WebCore::WebGPUDevice::create):
        (WebCore::WebGPUDevice::WebGPUDevice):
        (WebCore::WebGPUDevice::createShaderModule const):
        (WebCore::WebGPUDevice::createRenderPipeline const):
        (WebCore::WebGPUDevice::createCommandBuffer const):
        * Modules/webgpu/WebGPUDevice.h:
        (WebCore::WebGPUDevice::device const):
        * Modules/webgpu/WebGPUDevice.idl:
        * Modules/webgpu/WebGPUQueue.cpp:
        (WebCore::WebGPUQueue::create):
        * Modules/webgpu/WebGPURenderPassEncoder.cpp:
        (WebCore::WebGPURenderPassEncoder::create):
        * Modules/webgpu/WebGPURenderPassEncoder.h:
        * Modules/webgpu/WebGPUShaderModule.cpp:
        (WebCore::WebGPUShaderModule::create):
        (WebCore::WebGPUShaderModule::WebGPUShaderModule):
        * Modules/webgpu/WebGPUShaderModule.h:
        (WebCore::WebGPUShaderModule::module const):
        * Modules/webgpu/WebGPUSwapChain.idl: Sync with IDL changes.
        * Modules/webgpu/WebGPUTexture.cpp:
        (WebCore::WebGPUTexture::create):
        (WebCore::WebGPUTexture::createDefaultTextureView):
        * Modules/webgpu/WebGPUTextureView.cpp:
        (WebCore::WebGPUTextureView::create):
        * Modules/webgpu/WebGPUTextureView.h:
        * platform/graphics/gpu/cocoa/GPUQueueMetal.mm:
        (WebCore::GPUQueue::create):
        * platform/graphics/gpu/cocoa/GPURenderPipelineMetal.mm:
        (WebCore::GPURenderPipeline::create):
        * platform/graphics/gpu/cocoa/GPUShaderModuleMetal.mm:
        (WebCore::GPUShaderModule::create):
        * platform/graphics/gpu/cocoa/GPUSwapChainMetal.mm:
        (WebCore::GPUSwapChain::setDevice):
        * platform/graphics/gpu/cocoa/GPUTextureMetal.mm:
        (WebCore::GPUTexture::GPUTexture):

2018-12-11  Fujii Hironori  <Hironori.Fujii@sony.com>

        [Win][Clang] Fix warning -Wmissing-field-initializers
        https://bugs.webkit.org/show_bug.cgi?id=192584

        Reviewed by Yusuke Suzuki.

        Initialize a struct with '{ }' instead of '= {0}'.

        No new tests, no behavior changes.

        * platform/graphics/win/FontCacheWin.cpp:
        (WebCore::FontCache::lastResortFallbackFont):
        * platform/graphics/win/MediaPlayerPrivateFullscreenWindow.cpp:
        (WebCore::MediaPlayerPrivateFullscreenWindow::createWindow):
        * platform/win/ClipboardUtilitiesWin.cpp:
        (WebCore::setFileDescriptorData):
        (WebCore::setFileContentData):
        (WebCore::setUCharData):
        (WebCore::setUtf8Data):
        (WebCore::setCFData):
        * platform/win/CursorWin.cpp:
        (WebCore::createSharedCursor):
        * platform/win/DefWndProcWindowClass.cpp:
        (WebCore::registerClass):
        * platform/win/DragImageWin.cpp:
        (WebCore::createDragImageIconForCachedImageFilename):
        * platform/win/PasteboardWin.cpp:
        (WebCore::writeURL):
        (WebCore::Pasteboard::writeString):
        (WebCore::Pasteboard::writeRangeToDataObject):
        (WebCore::Pasteboard::writePlainTextToDataObject):
        (WebCore::writeFileToDataObject):
        (WebCore::Pasteboard::writeMarkup):
        * platform/win/PopupMenuWin.cpp:
        (WebCore::PopupMenuWin::show):
        * platform/win/SSLKeyGeneratorWin.cpp:
        (WebCore::WebCore::signedPublicKeyAndChallengeString):

2018-12-11  Jer Noble  <jer.noble@apple.com>

        Globally namespaced objects shouldn't use framework-prefixed names
        https://bugs.webkit.org/show_bug.cgi?id=192600

        Reviewed by Eric Carlson.

        Rename CMSampleBufferIs... -> isCMSampleBuffer...

        * platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm:
        (WebCore::isCMSampleBufferRandomAccess):
        (WebCore::isCMSampleBufferNonDisplaying):
        (WebCore::MediaSampleAVFObjC::flags const):
        (WebCore::CMSampleBufferIsRandomAccess): Deleted.
        (WebCore::CMSampleBufferIsNonDisplaying): Deleted.

2018-12-11  Brent Fulgham  <bfulgham@apple.com>

        Don't attempt to compute animated values when there is no relevant animation
        https://bugs.webkit.org/show_bug.cgi?id=192591
        <rdar://problem/34336946>

        Reviewed by Dean Jackson.

        Check if the property is supposed to be animated, or has animatable features, before
        attempting to calculate the current animated value.

        Test: svg/animations/avoid-calculating-for-non-animating-elements.html

        * svg/SVGAnimateElementBase.cpp:
        (WebCore::SVGAnimateElementBase::calculateAnimatedValue):

2018-12-11  Chris Dumez  <cdumez@apple.com>

        Unreviewed, fix typos in console log from r239087.

        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::addEventListener):

2018-12-11  Tim Horton  <timothy_horton@apple.com>

        WebCore shouldn't have a Objective-C class named NSCursor
        https://bugs.webkit.org/show_bug.cgi?id=192602
        <rdar://problem/46615532>

        Reviewed by Wenson Hsieh.

        * platform/ios/wak/WAKAppKitStubs.h:
        * platform/ios/wak/WAKAppKitStubs.m:
        (+[NSCursor setHiddenUntilMouseMoves:]): Deleted.
        Get rid of the class.
        Also remove a comment that seems to have detached from wherever it's supposed to be.

2018-12-11  Chris Dumez  <cdumez@apple.com>

        Restrict DeviceMotion / DeviceOrientation APIs to secure contexts
        https://bugs.webkit.org/show_bug.cgi?id=192595
        <rdar://problem/46382603>

        Reviewed by Dean Jackson.

        Tests: http/tests/events/device-orientation-motion-non-secure-context.html
               http/tests/events/device-orientation-motion-secure-context.html

        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::addEventListener):
        * page/SecurityOrigin.h:
        (WebCore::SecurityOrigin::setIsPotentiallyTrustworthy):
        * testing/Internals.cpp:
        (WebCore::Internals::markContextAsInsecure):
        (WebCore::Internals::postTask):
        * testing/Internals.h:
        * testing/Internals.idl:

2018-12-11  Wenson Hsieh  <wenson_hsieh@apple.com>

        [iOS] Send the full list of file upload URLs and types in PasteboardItemInfo
        https://bugs.webkit.org/show_bug.cgi?id=192598
        Work towards <rdar://problem/35626913>

        Reviewed by Tim Horton.

        Refactors PasteboardItemInfo to contain lists of file URLs and corresponding pasteboard types, instead of just
        a "preferred" file upload URL and type. See below for more details.

        * platform/PasteboardItemInfo.h:
        (WebCore::PasteboardItemInfo::pathForContentType const):

        Add a helper method to find a file upload URL corresponding to a given type.

        (WebCore::PasteboardItemInfo::encode const):
        (WebCore::PasteboardItemInfo::decode):

        Change `pathForFileUpload` to `pathsForFileUpload`, and `contentTypeForFileUpload` to `contentTypesForFileUpload`.

        * platform/ios/AbstractPasteboard.h:
        * platform/ios/PasteboardIOS.mm:
        (WebCore::Pasteboard::readRespectingUTIFidelities):

        Adjust this to take the file path for the highest fidelity representation in `pathsForContentType`.

        (WebCore::Pasteboard::readFilePaths):
        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::informationForItemAtIndex):
        * platform/ios/WebItemProviderPasteboard.h:
        * platform/ios/WebItemProviderPasteboard.mm:
        (-[NSItemProvider web_containsFileURLAndFileUploadContent]):
        (-[NSItemProvider web_fileUploadContentTypes]):

        Replace `web_containsFileUploadContent` with `web_fileUploadContentTypes`, which returns the full list of file
        upload content types (rather than just a `BOOL` indicating whether one or more of these types exist).

        (-[WebItemProviderPasteboard fileUploadURLsAtIndex:fileTypes:]):
        (-[WebItemProviderPasteboard numberOfFiles]):
        (-[NSItemProvider web_containsFileUploadContent]): Deleted.
        (-[WebItemProviderPasteboard preferredFileUploadURLAtIndex:fileType:]): Deleted.

        Replaced with `-fileUploadURLsAtIndex:fileTypes:`. This implementation currently just returns the highest
        fidelity loaded type identifier, but this is wrong because it doesn't take into account inline data types that
        shouldn't be represented as data for file uploads (for instance, it never makes sense to upload the internal
        data serialization for an `NSURL` as a file on the web).

        Instead, use existing logic in `web_fileUploadContentTypes` to determine which file types can be treated as file
        uploads, and return all of these file types that we've loaded.

2018-12-11  Don Olmstead  <don.olmstead@sony.com>

        Resource Load Statistics: Use common implementation within NetworkStorageSession
        https://bugs.webkit.org/show_bug.cgi?id=192592

        Reviewed by Alex Christensen.

        There's nothing within the resource load statistics implementation contained
        in NetworkStorageSessionCFNet that was CF specific. All of the resource load
        statistics methods are moved from that file to the root NetworkStorageSession
        implementation.

        * platform/network/NetworkStorageSession.cpp:
        (WebCore::getPartitioningDomain):
        (WebCore::NetworkStorageSession::shouldBlockThirdPartyCookies const):
        (WebCore::NetworkStorageSession::shouldBlockCookies const):
        (WebCore::NetworkStorageSession::maxAgeCacheCap):
        (WebCore::NetworkStorageSession::setAgeCapForClientSideCookies):
        (WebCore::NetworkStorageSession::setPrevalentDomainsToBlockCookiesFor):
        (WebCore::NetworkStorageSession::removePrevalentDomains):
        (WebCore::NetworkStorageSession::hasStorageAccess const):
        (WebCore::NetworkStorageSession::getAllStorageAccessEntries const):
        (WebCore::NetworkStorageSession::grantStorageAccess):
        (WebCore::NetworkStorageSession::removeStorageAccessForFrame):
        (WebCore::NetworkStorageSession::removeStorageAccessForAllFramesOnPage):
        (WebCore::NetworkStorageSession::removeAllStorageAccess):
        (WebCore::NetworkStorageSession::setCacheMaxAgeCapForPrevalentResources):
        (WebCore::NetworkStorageSession::resetCacheMaxAgeCapForPrevalentResources):
        * platform/network/NetworkStorageSession.h:
        * platform/network/cf/NetworkStorageSessionCFNet.cpp:
        (WebCore::getPartitioningDomain): Deleted.
        (WebCore::NetworkStorageSession::shouldBlockThirdPartyCookies const): Deleted.
        (WebCore::NetworkStorageSession::shouldBlockCookies const): Deleted.
        (WebCore::NetworkStorageSession::maxAgeCacheCap): Deleted.
        (WebCore::NetworkStorageSession::setAgeCapForClientSideCookies): Deleted.
        (WebCore::NetworkStorageSession::setPrevalentDomainsToBlockCookiesFor): Deleted.
        (WebCore::NetworkStorageSession::removePrevalentDomains): Deleted.
        (WebCore::NetworkStorageSession::hasStorageAccess const): Deleted.
        (WebCore::NetworkStorageSession::getAllStorageAccessEntries const): Deleted.
        (WebCore::NetworkStorageSession::grantStorageAccess): Deleted.
        (WebCore::NetworkStorageSession::removeStorageAccessForFrame): Deleted.
        (WebCore::NetworkStorageSession::removeStorageAccessForAllFramesOnPage): Deleted.
        (WebCore::NetworkStorageSession::removeAllStorageAccess): Deleted.
        (WebCore::NetworkStorageSession::setCacheMaxAgeCapForPrevalentResources): Deleted.
        (WebCore::NetworkStorageSession::resetCacheMaxAgeCapForPrevalentResources): Deleted.

2018-12-11  Devin Rousso  <drousso@apple.com>

        Web Inspector: overlay bounds rulers don't match element when page is scrolled
        https://bugs.webkit.org/show_bug.cgi?id=192577

        Reviewed by Joseph Pecoraro.

        When drawing the highlight for a node, the canvas is translated based on the scroll position
        of the node. This translation was not applied to the bounds calculations, which meant that
        the bounds always drew where the node would have been if it wasn't scrolled.

        * inspector/InspectorOverlayPage.js:
        (Bounds.prototype.get minX):
        (Bounds.prototype.get minY):
        (Bounds.prototype.get maxX):
        (Bounds.prototype.get maxY):
        (Bounds.prototype.offset): Added.
        (drawNodeHighlight):
        Drive-by: draw bounds for every node being highlighted instead of just the first one.
        Drive-by: switch the bounds color to be a semi-transparent red for more visibility/contrast.

2018-12-11  Andy Estes  <aestes@apple.com>

        Introduce makeBlockPtr for lambdas
        https://bugs.webkit.org/show_bug.cgi?id=192594

        Reviewed by Alex Christensen.

        Adopted makeBlockPtr.

        * platform/cocoa/FileMonitorCocoa.mm:
        (WebCore::FileMonitor::FileMonitor):
        * platform/graphics/avfoundation/objc/VideoFullscreenLayerManagerObjC.mm:
        (WebCore::VideoFullscreenLayerManagerObjC::setVideoFullscreenLayer):
        * platform/graphics/gpu/legacy/cocoa/GPULegacyCommandBufferMetal.mm:
        (WebCore::GPULegacyCommandBuffer::GPULegacyCommandBuffer):
        * platform/network/cocoa/WebCoreNSURLSession.mm:
        (-[WebCoreNSURLSession addDelegateOperation:]):
        (-[WebCoreNSURLSessionDataTask resource:receivedRedirect:request:completionHandler:]):
        * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
        (-[WebCoreResourceHandleAsOperationQueueDelegate callFunctionOnMainThread:]):

2018-12-10  Brent Fulgham  <bfulgham@apple.com>

        SVGViewSpec objects should mark relevant SVG elements
        https://bugs.webkit.org/show_bug.cgi?id=192567
        <rdar://problem/46491325>

        Reviewed by Ryosuke Niwa.

        SVGViewSpec elements reflect the state of an underlying SVGElement. Teach the mark algorithm to
        recognize the relevant SVGElement as active as long as the SVGViewSpec is active.

        Update SVGElement so that it can vend WeakPtrs. I also noticed that SVGAttributeOwner used a bare
        pointer to the SVGElement, so switched to a WeakPtr.

        Test: svg/animations/view-dependency-crash.html

        * Sources.txt: Add new files.
        * WebCore.xcodeproj/project.pbxproj: Ditto.
        * bindings/js/JSSVGViewSpecCustom.cpp: Added.
        (WebCore::JSSVGViewSpec::visitAdditionalChildren):
        * svg/SVGElement.h:
        * svg/SVGPathElement.h:
        * svg/SVGViewSpec.cpp:
        (WebCore::SVGViewSpec::SVGViewSpec): Hold a weak pointer (rather than a bare pointer) to the underlying element.
        * svg/SVGViewSpec.h:
        * svg/SVGViewSpec.idl:
        * svg/properties/SVGAttributeOwnerProxy.cpp: Added.
        (WebCore::SVGAttributeOwnerProxy::SVGAttributeOwnerProxy): Hold a weak pointer (rather than a bare pointer) to
        the underling SVGElement.
        (WebCore::SVGAttributeOwnerProxy::element const): Ditto.
        * svg/properties/SVGAttributeOwnerProxy.h:
        (WebCore::SVGAttributeOwnerProxy::SVGAttributeOwnerProxy): Move implementation to cpp file.
        (WebCore::SVGAttributeOwnerProxy::element const): Ditto.
        * svg/properties/SVGAttributeOwnerProxyImpl.h: Update for WeakPtr use.

2018-12-10  Benjamin Poulain  <benjamin@webkit.org>

        <rdar://problem/45296285> Content blocker rule "raw" blocks media elements from loading
        https://bugs.webkit.org/show_bug.cgi?id=192439

        Reviewed by Dean Jackson.

        This broken when WebKit switched to NSURLSession.
        In CachedResourceLoader::requestResource(), toResourceType() was turning media load into RAW.

        Test: http/tests/contentextensions/video-element-resource-type.html

        * loader/ResourceLoadInfo.cpp:
        (WebCore::toResourceType):

2018-12-10  Don Olmstead  <don.olmstead@sony.com>

        Move ENABLE_RESOURCE_LOAD_STATISTICS to FeatureDefines.xcconfig
        https://bugs.webkit.org/show_bug.cgi?id=192573

        Reviewed by Simon Fraser.

        * Configurations/FeatureDefines.xcconfig:

2018-12-10  Justin Michaud  <justin_michaud@apple.com>

        CS Painting API should support multiple worklets.
        https://bugs.webkit.org/show_bug.cgi?id=192335

        Reviewed by Dean Jackson.

        Adds a new map to support separate paint worklet global scopes (one for each worklet). Also
        adds some tests and a fix for a repaint bug that this oncovered, where changing a custom property required
        for paint would not trigger a repaint if there had not been a valid value set before.

        Test: fast/css-custom-paint/multiple-worklets.html

        * css/CSSPaintImageValue.cpp:
        (WebCore::CSSPaintImageValue::image):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::applyProperty):
        * dom/Document.cpp:
        (WebCore::Document::prepareForDestruction):
        (WebCore::Document::paintWorkletGlobalScope):
        (WebCore::Document::setPaintWorkletGlobalScope):
        * dom/Document.h:
        (WebCore::Document::paintWorkletGlobalScope): Deleted.
        * rendering/style/RenderStyle.cpp:
        (WebCore::changedCustomPaintWatchedProperty):
        * worklets/Worklet.cpp:
        (WebCore::Worklet::addModule):
        * worklets/WorkletGlobalScope.cpp:
        (WebCore::WorkletGlobalScope::prepareForDestruction):

2018-12-10  Youenn Fablet  <youenn@apple.com>

        Remove derived classes of RealtimeMediaSourceCenter
        https://bugs.webkit.org/show_bug.cgi?id=192546

        Reviewed by Eric Carlson.

        Remove virtual methods of RealtimeMediaSourceCenter and remove derived classes of it.
        Instead port specific implementation directly implement the needed default factory methods.

        Renamed some methods for improved consistency.
        Moved some static variables as RealtimeMediaSourceCenter members.

        No change of behavior.

        * WebCore.xcodeproj/project.pbxproj:
        * page/DeprecatedGlobalSettings.cpp:
        * platform/mediastream/RealtimeMediaSourceCenter.cpp:
        (WebCore::RealtimeMediaSourceCenter::createMediaStream):
        (WebCore::RealtimeMediaSourceCenter::getMediaStreamDevices):
        (WebCore::RealtimeMediaSourceCenter::getUserMediaDevices):
        (WebCore::RealtimeMediaSourceCenter::setVideoCapturePageState):
        (WebCore::RealtimeMediaSourceCenter::setAudioFactory):
        (WebCore::RealtimeMediaSourceCenter::unsetAudioFactory):
        (WebCore::RealtimeMediaSourceCenter::audioCaptureFactory):
        (WebCore::RealtimeMediaSourceCenter::setVideoFactory):
        (WebCore::RealtimeMediaSourceCenter::unsetVideoFactory):
        (WebCore::RealtimeMediaSourceCenter::videoCaptureFactory):
        (WebCore::RealtimeMediaSourceCenter::setDisplayCaptureFactory):
        (WebCore::RealtimeMediaSourceCenter::unsetDisplayCaptureFactory):
        (WebCore::RealtimeMediaSourceCenter::displayCaptureFactory):
        * platform/mediastream/RealtimeMediaSourceCenter.h:
        * platform/mediastream/RealtimeVideoSource.cpp:
        (WebCore::RealtimeVideoSource::~RealtimeVideoSource):
        (WebCore::RealtimeVideoSource::prepareToProduceData):
        * platform/mediastream/gstreamer/RealtimeMediaSourceCenterLibWebRTC.cpp:
        (WebCore::RealtimeMediaSourceCenter::singleton):
        (WebCore::RealtimeMediaSourceCenter::defaultAudioCaptureFactory):
        (WebCore::RealtimeMediaSourceCenter::defaultVideoCaptureFactory):
        (WebCore::RealtimeMediaSourceCenter::defaultDisplayCaptureFactory):
        * platform/mediastream/gstreamer/RealtimeMediaSourceCenterLibWebRTC.h: Removed.
        * platform/mediastream/mac/AVVideoCaptureSource.mm:
        (WebCore::AVVideoCaptureSource::~AVVideoCaptureSource):
        (WebCore::AVVideoCaptureSource::setupCaptureSession):
        * platform/mediastream/mac/DisplayCaptureSourceCocoa.cpp:
        (WebCore::DisplayCaptureSourceCocoa::~DisplayCaptureSourceCocoa):
        (WebCore::DisplayCaptureSourceCocoa::startProducingData):
        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
        (WebCore::RealtimeMediaSourceCenter::singleton):
        (WebCore::RealtimeMediaSourceCenter::defaultAudioCaptureFactory):
        (WebCore::RealtimeMediaSourceCenter::defaultVideoCaptureFactory):
        (WebCore::RealtimeMediaSourceCenter::defaultDisplayCaptureFactory):
        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.h: Removed.
        * platform/mock/MockRealtimeAudioSource.cpp:
        (WebCore::MockRealtimeAudioSource::~MockRealtimeAudioSource):
        (WebCore::MockRealtimeAudioSource::startProducingData):
        * platform/mock/MockRealtimeMediaSourceCenter.cpp:
        (WebCore::MockRealtimeMediaSourceCenter::setMockRealtimeMediaSourceCenterEnabled):
        (WebCore::MockRealtimeMediaSourceCenter::audioCaptureFactory):
        (WebCore::MockRealtimeMediaSourceCenter::videoCaptureFactory):
        * platform/mock/MockRealtimeMediaSourceCenter.h:

2018-12-10  Youenn Fablet  <youenn@apple.com>

        DataChannels created asynchronously never open and are unusable
        https://bugs.webkit.org/show_bug.cgi?id=192566

        Reviewed by Eric Carlson.

        For every new data channel (remote or local), we should check the underlying backend state.
        This allows firing events if needed.
        We were not always doing that which was prohibiting sending some open
        events for data channels created after the SCTP connection is set up.

        Covered by updated test.

        * Modules/mediastream/libwebrtc/LibWebRTCDataChannelHandler.cpp:
        (WebCore::LibWebRTCDataChannelHandler::channelEvent):
        (WebCore::LibWebRTCDataChannelHandler::setClient):
        (WebCore::LibWebRTCDataChannelHandler::OnStateChange):
        (WebCore::LibWebRTCDataChannelHandler::checkState):
        * Modules/mediastream/libwebrtc/LibWebRTCDataChannelHandler.h:

2018-12-10  Ryosuke Niwa  <rniwa@webkit.org>

        Use WeakPtr to refer to VTTCue in VTTCueBox
        https://bugs.webkit.org/show_bug.cgi?id=192575

        Reviewed by Eric Carlson.

        Address the FIXME in VTTCue::~VTTCue by clearing VTTCueBox::m_cue when VTTCue goes away.
        This is implemented by simply using WeakPtr.

        No new tests since there shoul be no behaivoral change.

        * html/track/TextTrackCueGeneric.cpp:
        (WebCore::TextTrackCueGenericBoxElement::applyCSSProperties):
        * html/track/VTTCue.cpp:
        (WebCore::VTTCueBox::VTTCueBox):
        (WebCore::VTTCueBox::getCue const):
        (WebCore::VTTCueBox::applyCSSProperties):
        (WebCore::VTTCue::~VTTCue):
        * html/track/VTTCue.h:
        (WebCore::VTTCueBox::fontSizeFromCaptionUserPrefs const):

2018-12-10  Mark Lam  <mark.lam@apple.com>

        PropertyAttribute needs a CustomValue bit.
        https://bugs.webkit.org/show_bug.cgi?id=191993
        <rdar://problem/46264467>

        Reviewed by Saam Barati.

        This patch revealed a bug in the CodeGenerator where a constructor property is
        set with a ReadOnly attribute.  This conflicts with the WebIDL link (see clause
        12 in https://heycam.github.io/webidl/#interface-prototype-object) which states
        that it should be [Writable].  The ReadOnly attribute is now removed.

        On the WebCore side, this change is covered by existing tests.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation):
        * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
        (WebCore::jsTestCustomConstructorWithNoInterfaceObjectConstructor):

2018-12-10  Antti Koivisto  <antti@apple.com>

        Rename "forced style recalc" to "full style rebuild"
        https://bugs.webkit.org/show_bug.cgi?id=192572

        Reviewed by Zalan Bujtas.

        The old name is confusing.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::hasValidStyleForProperty):
        * dom/Document.cpp:
        (WebCore::Document::scheduleStyleRebuild):
        (WebCore::Document::scheduleStyleRecalc):
        (WebCore::Document::unscheduleStyleRecalc):
        (WebCore::Document::hasPendingStyleRebuild const):
        (WebCore::Document::resolveStyle):
        (WebCore::Document::needsStyleRecalc const):
        (WebCore::Document::updateLayoutIgnorePendingStylesheets):
        (WebCore::Document::invalidateMatchedPropertiesCacheAndForceStyleRecalc):
        (WebCore::Document::setDesignMode):
        (WebCore::Document::webkitDidExitFullScreenForElement):
        (WebCore::Document::setAnimatingFullScreen):
        (WebCore::Document::setFullscreenControlsHidden):
        (WebCore::Document::scheduleForcedStyleRecalc): Deleted.
        (WebCore::Document::hasPendingForcedStyleRecalc const): Deleted.
        * dom/Document.h:
        * dom/Element.cpp:
        (WebCore::Element::needsStyleInvalidation const):
        * page/Page.cpp:
        (WebCore::Page::updateStyleAfterChangeInEnvironment):
        * style/StyleScope.cpp:
        (WebCore::Style::Scope::updateActiveStyleSheets):

2018-12-10  Alexey Proskuryakov  <ap@apple.com>

        Include CoreGraphics.h from WebCorePrefix.h
        https://bugs.webkit.org/show_bug.cgi?id=192557

        Reviewed by Tim Horton.

        The theory is that this will improve build time. Let's try and see what bots say.

        * WebCorePrefix.h:

2018-12-10  Wenson Hsieh  <wenson_hsieh@apple.com>

        [iOS] Unable to upload data that conforms to "public.item" but not "public.content"
        https://bugs.webkit.org/show_bug.cgi?id=192555
        <rdar://problem/35204990>

        Reviewed by Tim Horton.

        Add support for uploading content that conforms to "public.item" via drag and drop. Currently, iOS WebKit only
        supports data that conforms to "public.content", but there exist several types of files that conform to
        "public.item" but not "public.content". See below for more detail.

        Test: DragAndDropTests.ExternalSourcePKCS12ToSingleFileInput

        * platform/ios/PasteboardIOS.mm:
        (WebCore::Pasteboard::supportedFileUploadPasteboardTypes):

        Update this to include "public.item", and remove "public.folder", which is now redundant because "public.folder"
        conforms to "public.item".

        * platform/ios/WebItemProviderPasteboard.mm:
        (-[NSItemProvider web_containsFileURLAndFileUploadContent]):

        Pull out the "contains content that is supported for file uploads" part of this helper method into a separate
        method, and use it within `-web_containsFileURLAndFileUploadContent`. Note that this prevents "public.url"-
        conformant data from being uploaded as files (i.e., we never want to upload a URL string *itself* as a file).
        Drawing this distinction ensures that we don't confuse item providers that contain just a URL as files when
        dropping into a file upload area or file input (see API test: ExternalSourceZIPArchiveAndURLToSingleFileInput
        for an example of this corner case).

        (-[NSItemProvider web_containsFileUploadContent]):
        (-[WebItemProviderPasteboard numberOfFiles]):

        Refactor this to use `-web_containsFileUploadContent`.

2018-12-10  Chris Dumez  <cdumez@apple.com>

        Add SPI to allow the client to set the user-agent at main frame level, from the UIProcess
        https://bugs.webkit.org/show_bug.cgi?id=192509
        <rdar://problem/46500832>

        Reviewed by Alex Christensen.

        * loader/DocumentLoader.h:
        (WebCore::DocumentLoader::setCustomUserAgent):
        (WebCore::DocumentLoader::customUserAgent const):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::userAgent const):

2018-12-10  Adrian Perez de Castro  <aperez@igalia.com>

        [GLib] FileSystem::moveFile() should fall back to copying
        https://bugs.webkit.org/show_bug.cgi?id=192562

        Reviewed by Michael Catanzaro.

        No new tests needed.

        * platform/glib/FileSystemGlib.cpp:
        (WebCore::FileSystem::moveFile): Use g_file_move() instead of a plain g_rename(), which
        provides a fall-back which does copy+delete when a direct move or rename cannot be done.

2018-12-10  Simon Fraser  <simon.fraser@apple.com>

        Allow control over child order when adding nodes to the scrolling tree
        https://bugs.webkit.org/show_bug.cgi?id=176914
        <rdar://problem/46542237>
        
        Re-land r239010 after over-zealous rollout.

        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::attachToStateTree):
        (WebCore::AsyncScrollingCoordinator::ensureRootStateNodeForFrameView):
        * page/scrolling/AsyncScrollingCoordinator.h:
        * page/scrolling/ScrollingCoordinator.h:
        (WebCore::ScrollingCoordinator::attachToStateTree):
        * page/scrolling/ScrollingStateNode.cpp:
        (WebCore::ScrollingStateNode::insertChild):
        (WebCore::ScrollingStateNode::indexOfChild const):
        * page/scrolling/ScrollingStateNode.h:
        * page/scrolling/ScrollingStateTree.cpp:
        (WebCore::ScrollingStateTree::nodeTypeAndParentMatch const):
        (WebCore::ScrollingStateTree::attachNode):
        * page/scrolling/ScrollingStateTree.h:

2018-12-10  Antti Koivisto  <antti@apple.com>

        Document should throttle style recalc even when m_pendingStyleRecalcShouldForce is true.
        https://bugs.webkit.org/show_bug.cgi?id=191695

        Reviewed by Zalan Bujtas.

        * dom/Document.cpp:
        (WebCore::Document::scheduleStyleRecalc):

        Don't test for m_pendingStyleRecalcShouldForce.

        (WebCore::Document::hasPendingStyleRecalc const):
        (WebCore::Document::hasPendingForcedStyleRecalc const):

        Don't base the pending status of these function on whether the timer is running.
        Instead check if the style is invalid.

2018-12-10  Rob Buis  <rbuis@igalia.com>

        XMLHttpRequest removes spaces from content-types before processing
        https://bugs.webkit.org/show_bug.cgi?id=8644

        Reviewed by Chris Dumez.

        Stop trimming white space characters from the middle of
        type/subtype value. Also make sure whitespace being parsed
        adheres to OWS definition from RFC 7230 Section 3.2.3
        (referenced by RFC 7231), i.e. space or HT.

        Based on http://crrev.com/416586.

        Behavior matches Firefox and Chrome.

        Tests: http/tests/xmlhttprequest/supported-xml-content-types.html
               web-platform-tests/mimesniff/mime-types/parsing.any.html
               web-platform-tests/mimesniff/mime-types/parsing.any.worker.html

        * platform/network/HTTPParsers.cpp:
        (WebCore::extractMIMETypeFromMediaType):

2018-12-10  Wenson Hsieh  <wenson_hsieh@apple.com>

        [iOS] Caret is obscured by finger when dragging over an editable element
        https://bugs.webkit.org/show_bug.cgi?id=192499
        <rdar://problem/46570101>

        Reviewed by Tim Horton.

        * page/DragActions.h:

        Move DragHandlingMethod to DragActions.h, and drive-by fix some minor issues (i.e. make a couple of enum classes
        use 8 bits, fix the indentation levels, and update the copyright year). Also add `EnumTraits` for
        DragHandlingMethod so that it may be encoded over IPC.

        * page/DragController.cpp:
        (WebCore::dragIsHandledByDocument):

        Simplify this helper function.

        (WebCore::DragController::tryDocumentDrag):
        * page/DragController.h:

        Expose the current DragHandlingMethod via a const getter method.

        (WebCore::DragController::dragHandlingMethod const):

2018-12-10  Youenn Fablet  <youenn@apple.com>

        Make mock capture happen in the process used for real capture
        https://bugs.webkit.org/show_bug.cgi?id=192544

        Reviewed by Eric Carlson.

        MockRealtimeMediaSourceCenter previously was setting its factories whenever mock capture is on.
        Add booleans to choose which source (audio, video, display) will actually be toggled on.

        Covered by existing tests.

        * platform/mock/MockRealtimeMediaSourceCenter.cpp:
        (WebCore::MockRealtimeMediaSourceCenter::setMockRealtimeMediaSourceCenterEnabled):
        * platform/mock/MockRealtimeMediaSourceCenter.h:
        (WebCore::MockRealtimeMediaSourceCenter::setMockAudioCaptureEnabled):
        (WebCore::MockRealtimeMediaSourceCenter::setMockVideoCaptureEnabled):
        (WebCore::MockRealtimeMediaSourceCenter::setMockDisplayCaptureEnabled):

2018-12-10  Dean Jackson  <dino@apple.com>

        Use text/javascript as recommended by the HTML specification
        https://bugs.webkit.org/show_bug.cgi?id=192525
        <rdar://problem/46569636>

        Reviewed by Jon Lee.

        The HTML specification says we should use text/javascript for
        JavaScript files:
        https://html.spec.whatwg.org/multipage/scripting.html#scriptingLanguages:javascript-mime-type

        * loader/cache/CachedScript.cpp: Replace application/javascript with text/javascript.
        (WebCore::CachedScript::CachedScript):
        * platform/network/ios/WebCoreURLResponseIOS.mm: Ditto.
        (WebCore::createExtensionToMIMETypeMap):
        * platform/network/mac/WebCoreURLResponse.mm: Ditto.
        (WebCore::createExtensionToMIMETypeMap):

2018-12-10  Dean Jackson  <dino@apple.com>

        [iOS] Make WebGPU work with remote layer hosting
        https://bugs.webkit.org/show_bug.cgi?id=192508
        <rdar://problem/46560649>

        Reviewed by Tim Horton.

        WebGPU wasn't working on iOS because we were not correctly
        identifying the CALayers for remote hosting. Fix this by
        adding a new CALayer type, WebGPULayer. This will also
        eventually hold the code to render WebGPU into a canvas.

        Covered by the existing reference tests (on device).

        * SourcesCocoa.txt: Add new files.
        * WebCore.xcodeproj/project.pbxproj: Ditto.

        * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm: Recognise the WebGPULayer
        class for remote hosting.
        (WebCore::PlatformCALayerCocoa::layerTypeForPlatformLayer):
        (WebCore::PlatformCALayerCocoa::PlatformCALayerCocoa):

        * platform/graphics/cocoa/WebGPULayer.h: Added. Very simple inheritance
        from CAMetalLayer.
        * platform/graphics/cocoa/WebGPULayer.mm: Added.
        (-[WebGPULayer init]):
        (-[WebGPULayer copyImageSnapshotWithColorSpace:]):

        * platform/graphics/gpu/GPUSwapChain.h: Reference WebGPULayer rather
        than CALayer.

        * platform/graphics/gpu/cocoa/GPUSwapChainMetal.mm: Ensure that
        the WebGPULayer has a reference back to this object, which it
        will use in the future.
        (WebCore::GPUSwapChain::create):
        (WebCore::GPUSwapChain::GPUSwapChain):

2018-12-10  Truitt Savell  <tsavell@apple.com>

        Unreviewed, rolling out r238965.

        Caused internal iOS build failures

        Reverted changeset:

        "[iOS] Make WebGPU work with remote layer hosting"
        https://bugs.webkit.org/show_bug.cgi?id=192508
        https://trac.webkit.org/changeset/238965

2018-12-10  Youenn Fablet  <youenn@apple.com>

        MockLibWebRTCPeerConnectionFactory should isolate copy its test case
        https://bugs.webkit.org/show_bug.cgi?id=192545

        Reviewed by Eric Carlson.

        Isolate copy the test case member so that it can be destroyed on another thread.
        Covered by existing test that should no longer crash.

        * testing/MockLibWebRTCPeerConnection.cpp:
        (WebCore::useMockRTCPeerConnectionFactory):
        (WebCore::MockLibWebRTCPeerConnectionFactory::MockLibWebRTCPeerConnectionFactory):
        * testing/MockLibWebRTCPeerConnection.h:
        (WebCore::MockLibWebRTCPeerConnectionFactory::create):

2018-12-09  Youenn Fablet  <youenn@apple.com>

        Move capture manager from RealtimeMediaSourceCenter to capture factory
        https://bugs.webkit.org/show_bug.cgi?id=192542

        Reviewed by Eric Carlson.

        We should be able to run mock captures in wither UIProcess or WebProcess.
        Currently, mock capture is only done in WebProcess.
        This patch is a first step towards that goal.

        It also simplifies RealtimeMediaSourceCenter implementation by starting to remove virtual methods.
        Further refactoring will remove the need to subclass RealtimeMediaSourceCenter.
        Instead, remaining virtual methods will become non virtual and their
        implementation will become port specific.

        Removed a JS internal method that is not longer used to further simplify RealtimeMediaSourceCenter.

        No visible change of behavior.
        Covered by existing tests.

        * platform/mediastream/CaptureDeviceManager.h:
        * platform/mediastream/RealtimeMediaSourceCenter.cpp:
        (WebCore::RealtimeMediaSourceCenter::singleton):
        (WebCore::RealtimeMediaSourceCenter::getMediaStreamDevices):
        (WebCore::RealtimeMediaSourceCenter::getDisplayMediaDevices):
        (WebCore::RealtimeMediaSourceCenter::getUserMediaDevices):
        (WebCore::RealtimeMediaSourceCenter::captureDeviceWithPersistentID):
        (WebCore::RealtimeMediaSourceCenter::unsetAudioFactory):
        (WebCore::RealtimeMediaSourceCenter::unsetVideoFactory):
        (WebCore::RealtimeMediaSourceCenter::unsetDisplayCaptureFactory):
        * platform/mediastream/RealtimeMediaSourceCenter.h:
        * platform/mediastream/RealtimeMediaSourceFactory.h:
        * platform/mediastream/gstreamer/GStreamerAudioCaptureSource.cpp:
        * platform/mediastream/gstreamer/GStreamerVideoCaptureSource.cpp:
        * platform/mediastream/gstreamer/RealtimeMediaSourceCenterLibWebRTC.cpp:
        * platform/mediastream/gstreamer/RealtimeMediaSourceCenterLibWebRTC.h:
        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioCaptureSourceFactory::audioCaptureDeviceManager):
        * platform/mediastream/mac/CoreAudioCaptureSource.h:
        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.h:
        * platform/mock/MockRealtimeMediaSourceCenter.cpp:
        (WebCore::MockRealtimeMediaSourceCenter::setMockRealtimeMediaSourceCenterEnabled):
        (WebCore::MockRealtimeMediaSourceCenter::audioFactory):
        (WebCore::MockRealtimeMediaSourceCenter::videoFactory):
        (WebCore::MockRealtimeMediaSourceCenter::displayCaptureFactory):
        * platform/mock/MockRealtimeMediaSourceCenter.h:
        (WebCore::MockRealtimeMediaSourceCenter::audioCaptureDeviceManager):
        (WebCore::MockRealtimeMediaSourceCenter::videoCaptureDeviceManager):
        (WebCore::MockRealtimeMediaSourceCenter::displayCaptureDeviceManager):
        * testing/Internals.cpp:
        * testing/Internals.h:
        * testing/Internals.idl:

2018-12-09  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r239010.
        https://bugs.webkit.org/show_bug.cgi?id=192537

        Breaks fast/visual-viewport/tiled-drawing/zoomed-fixed-
        scrolling-layers-state.html again (Requested by ap on
        #webkit).

        Reverted changeset:

        "Allow control over child order when adding nodes to the
        scrolling tree"
        https://bugs.webkit.org/show_bug.cgi?id=176914
        https://trac.webkit.org/changeset/239010

2018-12-08  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] Scaled video frames should be resized in letterbox mode
        https://bugs.webkit.org/show_bug.cgi?id=192528
        <rdar://problem/46576638>

        Reviewed by Darin Adler.

        Test: fast/mediastream/resize-letterbox.html

        * platform/graphics/cv/ImageTransferSessionVT.mm:
        (WebCore::ImageTransferSessionVT::ImageTransferSessionVT): Use letterbox resize mode, not trim.

        * platform/mock/MockRealtimeVideoSource.cpp:
        (WebCore::MockRealtimeVideoSource::captureSize const): "Capture" at the preset size, not 
        necessarily at the requested size to be more like a physical camera.
        (WebCore::MockRealtimeVideoSource::settingsDidChange):
        (WebCore::MockRealtimeVideoSource::drawAnimation):
        (WebCore::MockRealtimeVideoSource::drawBoxes):
        (WebCore::MockRealtimeVideoSource::drawText):
        (WebCore::MockRealtimeVideoSource::generateFrame):
        (WebCore::MockRealtimeVideoSource::imageBuffer const):
        * platform/mock/MockRealtimeVideoSource.h:

2018-12-08  Alex Christensen  <achristensen@webkit.org>

        Don't programmatically capitalize safe browsing warning buttons
        https://bugs.webkit.org/show_bug.cgi?id=192531
        <rdar://problem/46417791>

        Reviewed by Darin Adler.

        This doesn't work so well in other languages.
        Capitalize the source strings in English instead.

        * en.lproj/Localizable.strings:

2018-12-08  Frederic Wang  <fwang@igalia.com>

        Allow control over child order when adding nodes to the scrolling tree
        https://bugs.webkit.org/show_bug.cgi?id=176914
        <rdar://problem/46542237>

        Reviewed by Simon Fraser.

        Based on an earlier patch by Simon Fraser.

        Previously ScrollingCoordinator just allowed nodes to be "attached" with a given parent,
        but with no control over sibling order. To allow for correct hit-testing overflow and
        frame scrolling nodes, we have to build the scrolling tree in z-order.

        This patch adds a 'childIndex' parameter to attachNode() which gives control over
        sibling order. For now, RenderLayerCompositor always uses the default 'notFound' value
        for childIndex so the current behavior (appending new nodes at the end of child list) is
        preserved.

        One test marked as flakey, since scrolling tree order is currently dependent on HashSet
        traversal order.

        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::attachToStateTree):
        (WebCore::AsyncScrollingCoordinator::ensureRootStateNodeForFrameView):
        * page/scrolling/AsyncScrollingCoordinator.h:
        * page/scrolling/ScrollingCoordinator.h:
        (WebCore::ScrollingCoordinator::attachToStateTree):
        * page/scrolling/ScrollingStateNode.cpp:
        (WebCore::ScrollingStateNode::insertChild):
        (WebCore::ScrollingStateNode::indexOfChild const):
        * page/scrolling/ScrollingStateNode.h:
        * page/scrolling/ScrollingStateTree.cpp:
        (WebCore::ScrollingStateTree::nodeTypeAndParentMatch const):
        (WebCore::ScrollingStateTree::attachNode):
        * page/scrolling/ScrollingStateTree.h:

2018-12-07  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] 'devicechange' event should not fire in frames that can't access capture devices
        https://bugs.webkit.org/show_bug.cgi?id=192511
        <rdar://problem/46562063>

        Reviewed by Youenn Fablet.

        Test: http/tests/media/media-stream/device-change-event-in-iframe.html

        * Modules/mediastream/MediaDevices.cpp:
        (WebCore::MediaDevices::addEventListener): Don't fire the event unless the document can
        access a camera or microphone.

2018-12-07  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] Address post-review comments after r238904
        https://bugs.webkit.org/show_bug.cgi?id=192514
        <rdar://problem/46564302>

        Reviewed by Youenn Fablet.

        No new tests, no functional change.

        * platform/graphics/cv/ImageTransferSessionVT.mm:
        (WebCore::ImageTransferSessionVT::setSize):
        * platform/mediastream/mac/ScreenDisplayCaptureSourceMac.mm:
        (WebCore::ScreenDisplayCaptureSourceMac::createDisplayStream):

2018-12-07  Antti Koivisto  <antti@apple.com>

        [LFC] Rename LayoutFormattingState files to LayoutState
        https://bugs.webkit.org/show_bug.cgi?id=192520

        Reviewed by Zalan Bujtas.

        Match the class name.

        * layout/FormattingContext.cpp:
        * layout/FormattingContextQuirks.cpp:
        * layout/FormattingState.h:
        * layout/LayoutFormattingState.cpp: Removed.
        * layout/LayoutFormattingState.h: Removed.
        * layout/LayoutState.cpp: Copied from Source/WebCore/layout/LayoutFormattingState.cpp.
        * layout/LayoutState.h: Copied from Source/WebCore/layout/LayoutFormattingState.h.
        * layout/Verification.cpp:
        * layout/blockformatting/BlockFormattingContext.cpp:
        * layout/blockformatting/BlockFormattingContextQuirks.cpp:
        * layout/blockformatting/BlockInvalidation.cpp:
        * layout/floats/FloatAvoider.cpp:
        * layout/floats/FloatingContext.cpp:
        * layout/floats/FloatingState.cpp:
        * layout/inlineformatting/InlineFormattingContext.cpp:
        * layout/inlineformatting/InlineFormattingContextGeometry.cpp:
        * layout/inlineformatting/InlineInvalidation.cpp:
        * layout/layouttree/LayoutTreeBuilder.cpp:
        * page/FrameViewLayoutContext.cpp:

2018-12-07  Justin Michaud  <justin_michaud@apple.com>

        CSS Painting API code cleanup
        https://bugs.webkit.org/show_bug.cgi?id=192480

        Reviewed by Dean Jackson.

        No new tests, since the existing tests should cover it.

        * bindings/js/JSDOMWrapper.cpp:
        (WebCore::outputConstraintSubspaceFor):
        (WebCore::globalObjectOutputConstraintSubspaceFor):
        * bindings/js/JSWorkletGlobalScopeBase.cpp:
        (WebCore::toJS):
        * css/CSSPaintCallback.h:
        * platform/graphics/CustomPaintImage.cpp:
        (WebCore::CustomPaintImage::doCustomPaint):
        * platform/graphics/CustomPaintImage.h:
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::addCustomPaintWatchProperty):
        (WebCore::changedCustomPaintWatchedProperty):
        (WebCore::RenderStyle::changeRequiresRepaint const):
        * worklets/PaintWorkletGlobalScope.cpp:
        (WebCore::PaintWorkletGlobalScope::registerPaint):
        * worklets/PaintWorkletGlobalScope.h:

2018-12-07  Youenn Fablet  <youenn@apple.com>

        Update libwebrtc up to 0d007d7c4f
        https://bugs.webkit.org/show_bug.cgi?id=192316

        Reviewed by Eric Carlson.

        Update include according new libwebrtc.

        * platform/mediastream/libwebrtc/LibWebRTCProvider.cpp:

2018-12-07  Dean Jackson  <dino@apple.com>

        [iOS] Make WebGPU work with remote layer hosting
        https://bugs.webkit.org/show_bug.cgi?id=192508
        <rdar://problem/46560649>

        Reviewed by Tim Horton.

        WebGPU wasn't working on iOS because we were not correctly
        identifying the CALayers for remote hosting. Fix this by
        adding a new CALayer type, WebGPULayer. This will also
        eventually hold the code to render WebGPU into a canvas.

        Covered by the existing reference tests (on device).

        * SourcesCocoa.txt: Add new files.
        * WebCore.xcodeproj/project.pbxproj: Ditto.

        * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm: Recognise the WebGPULayer
        class for remote hosting.
        (WebCore::PlatformCALayerCocoa::layerTypeForPlatformLayer):
        (WebCore::PlatformCALayerCocoa::PlatformCALayerCocoa):

        * platform/graphics/cocoa/WebGPULayer.h: Added. Very simple inheritance
        from CAMetalLayer.
        * platform/graphics/cocoa/WebGPULayer.mm: Added.
        (-[WebGPULayer init]):
        (-[WebGPULayer copyImageSnapshotWithColorSpace:]):

        * platform/graphics/gpu/GPUSwapChain.h: Reference WebGPULayer rather
        than CALayer.

        * platform/graphics/gpu/cocoa/GPUSwapChainMetal.mm: Ensure that
        the WebGPULayer has a reference back to this object, which it
        will use in the future.
        (WebCore::GPUSwapChain::create):
        (WebCore::GPUSwapChain::GPUSwapChain):

2018-12-07  Antti Koivisto  <antti@apple.com>

        Rename LayoutState to RenderLayoutState
        https://bugs.webkit.org/show_bug.cgi?id=192504

        Reviewed by Zalan Bujtas.

        The name is better used in LFC.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * page/FrameViewLayoutContext.cpp:
        (WebCore::FrameViewLayoutContext::layoutState const):
        (WebCore::FrameViewLayoutContext::pushLayoutState):
        (WebCore::FrameViewLayoutContext::pushLayoutStateForPaginationIfNeeded):
        * page/FrameViewLayoutContext.h:
        * rendering/LayoutState.cpp: Removed.
        * rendering/LayoutState.h: Removed.
        * rendering/RenderBlock.cpp:
        * rendering/RenderBlock.h:
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::checkForPaginationLogicalHeightChange):
        * rendering/RenderBlockLineLayout.cpp:
        * rendering/RenderBox.cpp:
        * rendering/RenderEmbeddedObject.cpp:
        * rendering/RenderFragmentedFlow.cpp:
        * rendering/RenderGrid.cpp:
        * rendering/RenderImage.cpp:
        * rendering/RenderInline.cpp:
        * rendering/RenderLayoutState.cpp: Copied from Source/WebCore/rendering/LayoutState.cpp.
        (WebCore::RenderLayoutState::RenderLayoutState):
        (WebCore::RenderLayoutState::computeOffsets):
        (WebCore::RenderLayoutState::computeClipRect):
        (WebCore::RenderLayoutState::computePaginationInformation):
        (WebCore::RenderLayoutState::pageLogicalOffset const):
        (WebCore::RenderLayoutState::computeLineGridPaginationOrigin):
        (WebCore::RenderLayoutState::propagateLineGridInfo):
        (WebCore::RenderLayoutState::establishLineGrid):
        (WebCore::RenderLayoutState::addLayoutDelta):
        (WebCore::RenderLayoutState::layoutDeltaMatches const):
        (WebCore::LayoutState::LayoutState): Deleted.
        (WebCore::LayoutState::computeOffsets): Deleted.
        (WebCore::LayoutState::computeClipRect): Deleted.
        (WebCore::LayoutState::computePaginationInformation): Deleted.
        (WebCore::LayoutState::pageLogicalOffset const): Deleted.
        (WebCore::LayoutState::computeLineGridPaginationOrigin): Deleted.
        (WebCore::LayoutState::propagateLineGridInfo): Deleted.
        (WebCore::LayoutState::establishLineGrid): Deleted.
        (WebCore::LayoutState::addLayoutDelta): Deleted.
        (WebCore::LayoutState::layoutDeltaMatches const): Deleted.
        * rendering/RenderLayoutState.h: Copied from Source/WebCore/rendering/LayoutState.h.
        (WebCore::RenderLayoutState::RenderLayoutState):
        (WebCore::LayoutState::LayoutState): Deleted.
        (WebCore::LayoutState::isPaginated const): Deleted.
        (WebCore::LayoutState::pageLogicalHeight const): Deleted.
        (WebCore::LayoutState::pageLogicalHeightChanged const): Deleted.
        (WebCore::LayoutState::lineGrid const): Deleted.
        (WebCore::LayoutState::lineGridOffset const): Deleted.
        (WebCore::LayoutState::lineGridPaginationOrigin const): Deleted.
        (WebCore::LayoutState::paintOffset const): Deleted.
        (WebCore::LayoutState::layoutOffset const): Deleted.
        (WebCore::LayoutState::pageOffset const): Deleted.
        (WebCore::LayoutState::needsBlockDirectionLocationSetBeforeLayout const): Deleted.
        (WebCore::LayoutState::renderer const): Deleted.
        (WebCore::LayoutState::clipRect const): Deleted.
        (WebCore::LayoutState::isClipped const): Deleted.
        (WebCore::LayoutState::layoutDelta const): Deleted.
        * rendering/RenderListBox.cpp:
        * rendering/RenderMediaControlElements.cpp:
        * rendering/RenderMultiColumnFlow.cpp:
        * rendering/RenderTable.cpp:
        * rendering/RenderTableRow.cpp:
        * rendering/RenderTableSection.cpp:
        * rendering/RenderVTTCue.cpp:
        * rendering/RenderView.cpp:
        * rendering/RenderView.h:
        * rendering/RootInlineBox.cpp:
        * rendering/svg/RenderSVGRoot.cpp:
        (WebCore::RenderSVGRoot::layout):

2018-12-07  Antti Koivisto  <antti@apple.com>

        [LFC] Rename formattingContext() to createFormattingContext()
        https://bugs.webkit.org/show_bug.cgi?id=192500

        Reviewed by Zalan Bujtas.

        * layout/FormattingContext.cpp:
        (WebCore::Layout::FormattingContext::layoutOutOfFlowDescendants const):
        * layout/FormattingState.h:
        * layout/LayoutFormattingState.cpp:
        (WebCore::Layout::LayoutState::layoutFormattingContextSubtree):
        * layout/blockformatting/BlockFormattingState.cpp:
        (WebCore::Layout::BlockFormattingState::createFormattingContext):
        (WebCore::Layout::BlockFormattingState::formattingContext): Deleted.
        * layout/blockformatting/BlockFormattingState.h:
        * layout/inlineformatting/InlineFormattingContext.cpp:
        (WebCore::Layout::InlineFormattingContext::layoutFormattingContextRoot const):
        * layout/inlineformatting/InlineFormattingState.h:

2018-12-07  Truitt Savell  <tsavell@apple.com>

        Unreviewed, rolling out r238947.

        Revision caused fast/visual-viewport/tiled-drawing/zoomed-
        fixed-scrolling-layers-state.html to constantly fail

        Reverted changeset:

        "Allow control over child order when adding nodes to the
        scrolling tree"
        https://bugs.webkit.org/show_bug.cgi?id=176914
        https://trac.webkit.org/changeset/238947

2018-12-07  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Attachment Support] Cloned attachment elements lose their unique identifiers
        https://bugs.webkit.org/show_bug.cgi?id=192483

        Reviewed by Tim Horton.

        This patch adds logic to ensure that the unique identifier of a cloned attachment element is the same as the
        unique identifier of the original attachment element. If the cloned attachment is inserted into the same
        document as the original attachment, then we will exercise the same codepath for copied-and-pasted attachments,
        and assign a new unique identifier to the attachment element, while creating a new `_WKAttachment` in the client
        that's backed by the same `NSFileWrapper`.

        Test: WKAttachmentTests.AttachmentIdentifierOfClonedAttachment

        * html/HTMLAttachmentElement.cpp:
        (WebCore::HTMLAttachmentElement::copyNonAttributePropertiesFromElement):
        * html/HTMLAttachmentElement.h:

2018-12-07  Rob Buis  <rbuis@igalia.com>

        Merge parseAccessControlExposeHeadersAllowList into parseAccessControlAllowList
        https://bugs.webkit.org/show_bug.cgi?id=192288

        Reviewed by Frédéric Wang.

        Merge parseAccessControlExposeHeadersAllowList into parseAccessControlAllowList
        as they do the same thing. Also remove std::optional from parseAccessControlAllowList
        since the function can't fail.

        * WebCore.order:
        * loader/CrossOriginAccessControl.cpp:
        (WebCore::validatePreflightResponse):
        * loader/CrossOriginPreflightResultCache.cpp:
        (WebCore::CrossOriginPreflightResultCacheItem::parse):
        * loader/CrossOriginPreflightResultCache.h:
        * platform/network/HTTPParsers.cpp:
        (WebCore::parseAccessControlExposeHeadersAllowList): Deleted.
        * platform/network/HTTPParsers.h:
        (WebCore::parseAccessControlAllowList):
        * platform/network/ResourceResponseBase.cpp:
        (WebCore::ResourceResponseBase::filter):
        (WebCore::ResourceResponseBase::sanitizeHTTPHeaderFieldsAccordingToTainting):

2018-12-07  Eric Carlson  <eric.carlson@apple.com>

        [iOS] Don't update AVPlayerViewController currentTime while scrubbing
        https://bugs.webkit.org/show_bug.cgi?id=192438
        <rdar://problem/42977046>

        Reviewed by Jer Noble.

        No new tests, tested manually.

        * platform/ios/PlaybackSessionInterfaceAVKit.mm:
        (WebCore::PlaybackSessionInterfaceAVKit::currentTimeChanged): Don't report change during scrubbing.

        * platform/ios/WebAVPlayerController.h:
        * platform/ios/WebAVPlayerController.mm:
        (-[WebAVPlayerController beginScrubbing:]): Set _isScrubbing.
        (-[WebAVPlayerController endScrubbing:]): Ditto.
        (-[WebAVPlayerController isScrubbing]): Return _isScrubbing.

2018-12-07  Thibault Saunier  <tsaunier@igalia.com>

        [WPE][GTK] Implement WebAudioSourceProviderGStreamer to allow bridging MediaStream and the WebAudio APIs
        https://bugs.webkit.org/show_bug.cgi?id=186933

        Reusing the AudioSourceProviderGStreamer itself as it was doing almost everything we needed,
        just added a constructor to be able to create it from a MediaStreamTrackPrivate and made it a
        WebAudioSourceProvider which only means it is now a ThreadSafeRefCounted.

        Sensibily refactored GStreamerMediaStreamSource so that we could reuse it to track a single
        MediaStreamTrack.

        Reviewed by Philippe Normand.

        Enabled all tests depending on that feature.

        * platform/audio/gstreamer/AudioSourceProviderGStreamer.cpp:
        (WebCore::AudioSourceProviderGStreamer::AudioSourceProviderGStreamer):
        (WebCore::AudioSourceProviderGStreamer::~AudioSourceProviderGStreamer):
        (WebCore::AudioSourceProviderGStreamer::setClient):
        * platform/audio/gstreamer/AudioSourceProviderGStreamer.h:
        * platform/mediastream/MediaStreamTrackPrivate.cpp:
        (WebCore::MediaStreamTrackPrivate::audioSourceProvider):
        * platform/mediastream/gstreamer/GStreamerAudioCapturer.cpp:
        (WebCore::GStreamerAudioCapturer::GStreamerAudioCapturer):
        * platform/mediastream/gstreamer/GStreamerAudioStreamDescription.h:
        * platform/mediastream/gstreamer/GStreamerMediaStreamSource.cpp:
        (WebCore::webkitMediaStreamSrcSetupSrc):
        (WebCore::webkitMediaStreamSrcSetupAppSrc):
        (WebCore::webkitMediaStreamSrcAddTrack):
        (WebCore::webkitMediaStreamSrcSetStream):
        (WebCore::webkitMediaStreamSrcNew):
        * platform/mediastream/gstreamer/GStreamerMediaStreamSource.h:
        * platform/mediastream/gstreamer/MockGStreamerAudioCaptureSource.cpp:
        (WebCore::WrappedMockRealtimeAudioSource::WrappedMockRealtimeAudioSource):
        (WebCore::WrappedMockRealtimeAudioSource::start):
        (WebCore::WrappedMockRealtimeAudioSource::addHum):
        (WebCore::WrappedMockRealtimeAudioSource::render):
        (WebCore::WrappedMockRealtimeAudioSource::settingsDidChange):
        (WebCore::MockGStreamerAudioCaptureSource::startProducingData):
        * platform/mediastream/gstreamer/RealtimeOutgoingAudioSourceLibWebRTC.cpp:
        (WebCore::RealtimeOutgoingAudioSourceLibWebRTC::pullAudioData): Handle the case where input buffers
          are "big" and process all the data we can for each runs of the method.

2018-12-06  Alexey Proskuryakov  <ap@apple.com>

        Move USE_NEW_THEME out of WebCore's config.h
        https://bugs.webkit.org/show_bug.cgi?id=192426

        Reviewed by Tim Horton.

        * config.h:

2018-12-06  Frederic Wang  <fwang@igalia.com>

        Allow control over child order when adding nodes to the scrolling tree
        https://bugs.webkit.org/show_bug.cgi?id=176914

        Reviewed by Simon Fraser.

        Based on an earlier patch by Simon Fraser.

        Previously ScrollingCoordinator just allowed nodes to be "attached" with a given parent,
        but with no control over sibling order. To allow for correct hit-testing overflow and
        frame scrolling nodes, we have to build the scrolling tree in z-order.

        This patch adds a 'childIndex' parameter to attachNode() which gives control over
        sibling order. For now, RenderLayerCompositor always uses the default 'notFound' value
        for childIndex so the current behavior (appending new nodes at the end of child list) is
        preserved.

        No new tests, behavior unchanged and already covered by existing tests.

        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::attachToStateTree):
        (WebCore::AsyncScrollingCoordinator::ensureRootStateNodeForFrameView):
        * page/scrolling/AsyncScrollingCoordinator.h:
        * page/scrolling/ScrollingCoordinator.h:
        (WebCore::ScrollingCoordinator::attachToStateTree):
        * page/scrolling/ScrollingStateNode.cpp:
        (WebCore::ScrollingStateNode::insertChild):
        (WebCore::ScrollingStateNode::indexOfChild const):
        * page/scrolling/ScrollingStateNode.h:
        * page/scrolling/ScrollingStateTree.cpp:
        (WebCore::ScrollingStateTree::nodeTypeAndParentMatch const):
        (WebCore::ScrollingStateTree::attachNode):
        * page/scrolling/ScrollingStateTree.h:

2018-12-06  Yongjun Zhang  <yongjun_zhang@apple.com>

        We should ignore minimumEffectiveDeviceWidth if the page specifies device-width in viewport meta-tag.
        https://bugs.webkit.org/show_bug.cgi?id=192377
        <rdar://problem/46364206>

        Reviewed by Tim Horton.

        If the page specifies width=device-width or initial-scale=1 in the viewport meta tag, we should use the
        native device width and ignore the minimum effective device width in ViewportConfiguration. The patch
        also introduces scalableNativeWebpageParameters() which uses the device width as default and also allows the page
        to shrink-to-fit. If a page doesn't have viewport meta tag, or if the width argument isn't device-width
        and the initial scale isn't 1, we will use scalableNativeWebpageParameters() as the default configuration.

        Tests: fast/viewport/ios/ignore-minimum-device-width-for-page-with-viewport-device-width.html
               fast/viewport/ios/use-minimum-device-width-for-page-without-viewport-meta.html

        * page/ViewportConfiguration.cpp:
        (WebCore::ViewportConfiguration::updateDefaultConfiguration): pick the default configuration based on
            the page's viewport arguments. Also, we will always fall back to scalableNativeWebpageParameters() if we
            can ignore scaling constraints.
        (WebCore::ViewportConfiguration::setViewportArguments): When page sends us new ViewportArguments, pick
            up the correponsding default configuration before updating the configuration.
        (WebCore::ViewportConfiguration::setCanIgnoreScalingConstraints): When m_canIgnoreScalingConstraints is
            changed, try to pick up the correponsding default configuration.
        (WebCore::ViewportConfiguration::scalableNativeWebpageParameters): Add a new default set of viewport Parameters
            this is very close to nativeWebpageParameters() excpet that it allows shrink to fit and its minimum scale
            is 0.25. We will use this Parameters for pages that doesn't have viewport meta tag; or the width is
            not device-width and initial scale is not 1.
        (WebCore::ViewportConfiguration::updateConfiguration): If the page's viewport argument doesn't override
            the default width, use the m_minimumLayoutSize.width().
        * page/ViewportConfiguration.h:
        (WebCore::ViewportConfiguration::shouldIgnoreMinimumEffectiveDeviceWidth const): A helper method to tell
            if we should avoid using minimum effective device width.
        (WebCore::ViewportConfiguration::canOverrideConfigurationParameters const): If we are using a default
            configuration that is neither nativeWebpageParameters() nor scalableNativeWebpageParameters(), don't override
            it.
        (WebCore::ViewportConfiguration::minimumEffectiveDeviceWidth const): Add a helper method to return minimum
            effective device width based on shouldIgnoreMinimumEffectiveDeviceWidth().
        (WebCore::ViewportConfiguration::effectiveLayoutSizeScaleFactor const): Use minimumEffectiveDeviceWidth().

2018-12-06  Adrian Perez de Castro  <aperez@igalia.com>

        Content Extensions: Misc fixes to debugging / perf testing code
        https://bugs.webkit.org/show_bug.cgi?id=192474

        Reviewed by Mark Lam.

        This make it possible to build the content extensions support with the
        debugging features enabled. In particular, building with
        CONTENT_EXTENSIONS_PERFORMANCE_REPORTING enabled was broken.

        No new tests needed.

        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList): Remove usage of removed
        variables machinesWihthoutConditionsCount,
        totalBytecodeSizeForMachinesWithoutConditions,
        machinesWithConditionsCount, and
        totalBytecodeSizeForMachinesWithConditions.
        * contentextensions/DFA.cpp:
        (WebCore::ContentExtensions::DFA::debugPrintDot const):
        Use "%" PRIu64 instead of "%llu" to format uint64_t values.
        * contentextensions/NFA.cpp:
        (WebCore::ContentExtensions::NFA::debugPrintDot const):
        Use "%" PRIu64 instead of "%llu" to format uint64_t values.

2018-12-06  Alex Christensen  <achristensen@webkit.org>

        Remove unused LoaderStrategy::storeDerivedDataToCache and associated dead code
        https://bugs.webkit.org/show_bug.cgi?id=192452

        Reviewed by Anders Carlsson.

        * loader/LoaderStrategy.h:
        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::didRetrieveDerivedDataFromCache): Deleted.
        * loader/ResourceLoader.h:
        * loader/ResourceLoaderOptions.h:
        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::didRetrieveDerivedDataFromCache): Deleted.
        * loader/SubresourceLoader.h:
        * loader/ThreadableLoader.cpp:
        (WebCore::ThreadableLoaderOptions::isolatedCopy const):
        * loader/cache/CachedResource.h:
        (WebCore::CachedResource::didRetrieveDerivedDataFromCache): Deleted.

2018-12-06  Zalan Bujtas  <zalan@apple.com>

        [LFC][BFC][MarginCollapsing] HeightAndMargin::margin is always the non-collapsed margin value.
        https://bugs.webkit.org/show_bug.cgi?id=192345

        Reviewed by Antti Koivisto.

        Rename HeightAndMargin::margin to HeightAndMargin::nonCollapsedMargin.

        * layout/FormattingContext.cpp:
        (WebCore::Layout::FormattingContext::computeOutOfFlowVerticalGeometry const):
        * layout/LayoutUnits.h:
        (WebCore::Layout::HeightAndMargin::usedMarginValues const):
        * layout/blockformatting/BlockFormattingContext.cpp:
        (WebCore::Layout::BlockFormattingContext::computeHeightAndMargin const):
        * layout/blockformatting/BlockFormattingContextGeometry.cpp:
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowNonReplacedHeightAndMargin):
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowHeightAndMargin):
        * layout/blockformatting/BlockFormattingContextQuirks.cpp:
        (WebCore::Layout::BlockFormattingContext::Quirks::stretchedHeight):
        * layout/inlineformatting/InlineFormattingContext.cpp:
        (WebCore::Layout::InlineFormattingContext::computeHeightAndMargin const):

2018-12-06  Zalan Bujtas  <zalan@apple.com>

        [LFC][BFC][MarginCollapsing] Add MarginCollapse::establishesBlockFormattingContext
        https://bugs.webkit.org/show_bug.cgi?id=192297

        Reviewed by Antti Koivisto.

        WebKit treats the document element renderer as a block formatting context root.

        * layout/blockformatting/BlockMarginCollapse.cpp:
        (WebCore::Layout::establishesBlockFormattingContext):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::isMarginTopCollapsedWithParent):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::isMarginBottomCollapsedWithParent):

2018-12-06  Carlos Eduardo Ramalho  <cadubentzen@gmail.com>

        [GStreamer] -DENABLE_VIDEO=ON -DENABLE_OPENGL=OFF still tries to build GstreamerGL
        https://bugs.webkit.org/show_bug.cgi?id=191998

        Reviewed by Philippe Normand.

        Fix compilation with -DENABLE_VIDEO=ON and -DENABLE_OPENGL=OFF due to GStreamerGL.

        No new tests required. Only fixing the build with certain flags.

        * Modules/mediastream/CanvasCaptureMediaStreamTrack.cpp:
        (WebCore::CanvasCaptureMediaStreamTrack::Source::canvasChanged): add required #if ENABLE(WEBGL).

2018-12-06  Carlos Eduardo Ramalho  <cadubentzen@gmail.com>

        REGRESSION(r231043): [GTK] Undefined references to WebCore::LayerRepresentation::* with -DENABLE_OPENGL=OFF builds
        https://bugs.webkit.org/show_bug.cgi?id=191997

        Reviewed by Philippe Normand.

        Fix build with -DENABLE_OPENGL=OFF and -DENABLE_VIDEO=OFF.

        No new tests required. Only fixing build.

        * platform/gtk/PlatformWheelEventGtk.cpp:
        (WebCore::PlatformWheelEvent::PlatformWheelEvent): add required #if ENABLE(ASYNC_SCROLLING)

2018-12-05  Don Olmstead  <don.olmstead@sony.com>

        [PlayStation] Enable WebCore
        https://bugs.webkit.org/show_bug.cgi?id=192384

        Reviewed by Brent Fulgham.

        Implements WebCore for the PlayStation platform.

        * PlatformPlayStation.cmake: Added.
        * loader/cache/CachedResourceLoader.cpp:
        * platform/generic/KeyedDecoderGeneric.cpp: Added.
        (WebCore::KeyedDecoder::decoder):
        (WebCore::KeyedDecoderGeneric::KeyedDecoderGeneric):
        (WebCore::KeyedDecoderGeneric::~KeyedDecoderGeneric):
        (WebCore::KeyedDecoderGeneric::decodeBytes):
        (WebCore::KeyedDecoderGeneric::decodeBool):
        (WebCore::KeyedDecoderGeneric::decodeUInt32):
        (WebCore::KeyedDecoderGeneric::decodeUInt64):
        (WebCore::KeyedDecoderGeneric::decodeInt32):
        (WebCore::KeyedDecoderGeneric::decodeInt64):
        (WebCore::KeyedDecoderGeneric::decodeFloat):
        (WebCore::KeyedDecoderGeneric::decodeDouble):
        (WebCore::KeyedDecoderGeneric::decodeString):
        (WebCore::KeyedDecoderGeneric::beginObject):
        (WebCore::KeyedDecoderGeneric::endObject):
        (WebCore::KeyedDecoderGeneric::beginArray):
        (WebCore::KeyedDecoderGeneric::beginArrayElement):
        (WebCore::KeyedDecoderGeneric::endArrayElement):
        (WebCore::KeyedDecoderGeneric::endArray):
        * platform/generic/KeyedDecoderGeneric.h: Added.
        * platform/generic/KeyedEncoderGeneric.cpp: Added.
        (WebCore::KeyedEncoder::encoder):
        (WebCore::KeyedEncoderGeneric::KeyedEncoderGeneric):
        (WebCore::KeyedEncoderGeneric::~KeyedEncoderGeneric):
        (WebCore::KeyedEncoderGeneric::encodeBytes):
        (WebCore::KeyedEncoderGeneric::encodeBool):
        (WebCore::KeyedEncoderGeneric::encodeUInt32):
        (WebCore::KeyedEncoderGeneric::encodeUInt64):
        (WebCore::KeyedEncoderGeneric::encodeInt32):
        (WebCore::KeyedEncoderGeneric::encodeInt64):
        (WebCore::KeyedEncoderGeneric::encodeFloat):
        (WebCore::KeyedEncoderGeneric::encodeDouble):
        (WebCore::KeyedEncoderGeneric::encodeString):
        (WebCore::KeyedEncoderGeneric::beginObject):
        (WebCore::KeyedEncoderGeneric::endObject):
        (WebCore::KeyedEncoderGeneric::beginArray):
        (WebCore::KeyedEncoderGeneric::beginArrayElement):
        (WebCore::KeyedEncoderGeneric::endArrayElement):
        (WebCore::KeyedEncoderGeneric::endArray):
        (WebCore::KeyedEncoderGeneric::finishEncoding):
        * platform/generic/KeyedEncoderGeneric.h: Added.
        * platform/network/curl/NetworkStorageSessionCurl.cpp:
        (WebCore::defaultCookieJarPath):
        * platform/network/playstation/CurlSSLHandlePlayStation.cpp: Added.
        (WebCore::getCACertPathEnv):
        (WebCore::CurlSSLHandle::platformInitialize):
        * platform/network/playstation/NetworkStateNotifierPlayStation.cpp: Added.
        (WebCore::NetworkStateNotifier::updateStateWithoutNotifying):
        (WebCore::NetworkStateNotifier::startObserving):
        * platform/playstation/EventLoopPlayStation.cpp: Added.
        (WebCore::EventLoop::cycle):
        * platform/playstation/MIMETypeRegistryPlayStation.cpp: Added.
        (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
        (WebCore::MIMETypeRegistry::isApplicationPluginMIMEType):
        (WebCore::MIMETypeRegistry::getPreferredExtensionForMIMEType):
        * platform/playstation/PlatformScreenPlayStation.cpp: Added.
        (WebCore::screenDepth):
        (WebCore::screenDepthPerComponent):
        (WebCore::screenIsMonochrome):
        (WebCore::screenHasInvertedColors):
        (WebCore::screenRect):
        (WebCore::screenAvailableRect):
        (WebCore::screenSupportsExtendedColor):
        * platform/playstation/ScrollbarThemePlayStation.cpp: Added.
        (WebCore::ScrollbarTheme::nativeTheme):
        (WebCore::ScrollbarThemePlayStation::scrollbarThickness):
        (WebCore::ScrollbarThemePlayStation::hasButtons):
        (WebCore::ScrollbarThemePlayStation::hasThumb):
        (WebCore::ScrollbarThemePlayStation::backButtonRect):
        (WebCore::ScrollbarThemePlayStation::forwardButtonRect):
        (WebCore::ScrollbarThemePlayStation::trackRect):
        (WebCore::ScrollbarThemePlayStation::paintTrackBackground):
        (WebCore::ScrollbarThemePlayStation::paintThumb):
        * platform/playstation/ScrollbarThemePlayStation.h: Added.
        * platform/playstation/UserAgentPlayStation.cpp: Added.
        (WebCore::standardUserAgent):
        (WebCore::standardUserAgentForURL):
        * rendering/RenderThemePlayStation.cpp: Added.
        (WebCore::RenderTheme::singleton):
        (WebCore::RenderThemePlayStation::updateCachedSystemFontDescription const):
        * rendering/RenderThemePlayStation.h: Added.

2018-12-05  Ryosuke Niwa  <rniwa@webkit.org>

        Null pointer crash in DocumentOrderedMap::getElementById via FormAssociatedElement::findAssociatedForm
        https://bugs.webkit.org/show_bug.cgi?id=192392

        Reviewed by Dean Jackson.

        The crash was caused by FormAssociatedElement::findAssociatedForm invoking DocumentOrderedMap::getElementById
        and de-referencing nullptr Attribute* via IdTargetObserver before Element::attributeChanged had updated
        ElementData::m_idForStyleResolution.

        Fixed it by updating m_idForStyleResolution before invoking IdTargetObservers.

        Test: fast/dom/remove-id-form-associated-elemet-id-observer-crash.html

        * dom/Element.cpp:
        (WebCore::Element::attributeChanged): Fixed the bug.

2018-12-05  Youenn Fablet  <youenn@apple.com>

        Enable the possibility to do video capture in UIProcess
        https://bugs.webkit.org/show_bug.cgi?id=192394

        Reviewed by Eric Carlson.

        Create IOSurface-backed sample buffers so that we can easily send them through IPC.
        Manually tested.

        * platform/mediastream/mac/AVVideoCaptureSource.mm:
        (WebCore::AVVideoCaptureSource::setSizeAndFrameRateWithPreset):

2018-12-05  Youenn Fablet  <youenn@apple.com>

        Update ServiceWorkerContainer::getRegistration lambdas
        https://bugs.webkit.org/show_bug.cgi?id=192376

        Reviewed by Chris Dumez.

        There is no need to pass 'this' in lambdas as the last lambda
        takes a ScriptExecutionContext&.
        No change of behavior.

        * workers/service/ServiceWorkerContainer.cpp:
        (WebCore::ServiceWorkerContainer::getRegistration):
        (WebCore::ServiceWorkerContainer::getRegistrations):

2018-12-05  Chris Dumez  <cdumez@apple.com>

        Crash under WebCore::cachedDocumentWrapper()
        https://bugs.webkit.org/show_bug.cgi?id=192421
        <rdar://problem/37114163>

        Reviewed by Alex Christensen.

        Fix potential null defererence of the value returned by toJSDOMWindow(). For example,
        if the window is frameless, it would return null.

        * bindings/js/JSDocumentCustom.cpp:
        (WebCore::cachedDocumentWrapper):

2018-12-05  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] Cleanup up Mac screen capture class
        https://bugs.webkit.org/show_bug.cgi?id=192379
        <rdar://problem/46465458>

        Reviewed by Youenn Fablet.

        No new tests, tested manually.

        * platform/mediastream/mac/DisplayCaptureManagerCocoa.cpp:
        (WebCore::DisplayCaptureManagerCocoa::captureDevices): Initialize Screen devices first so
        they are first in the list of devices.

        * platform/mediastream/mac/ScreenDisplayCaptureSourceMac.h:
        * platform/mediastream/mac/ScreenDisplayCaptureSourceMac.mm:
        (WebCore::ScreenDisplayCaptureSourceMac::createDisplayStream): Cleanup. Always capture at the
        native screen size to work around a bug.
        (WebCore::ScreenDisplayCaptureSourceMac::settingsDidChange): Deleted.

2018-12-05  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r238844, r238846, and r238874.
        https://bugs.webkit.org/show_bug.cgi?id=192414

        The layout tests added with this change are flaky. (Requested
        by ryanhaddad on #webkit).

        Reverted changesets:

        "Implement non-timeslice mode encoding for MediaRecorder"
        https://bugs.webkit.org/show_bug.cgi?id=192069
        https://trac.webkit.org/changeset/238844

        "Fix the build"
        https://trac.webkit.org/changeset/238846

        "Fix MediaRecorder flaky tests"
        https://bugs.webkit.org/show_bug.cgi?id=192371
        https://trac.webkit.org/changeset/238874

2018-12-05  Frederic Wang  <fwang@igalia.com>

        Minor refactoring of the scrolling code
        https://bugs.webkit.org/show_bug.cgi?id=192398

        Reviewed by Simon Fraser.

        Based on an earlier patch by Simon Fraser.

        This patch performs some minor refactoring of the scrolling code:
        - Rename ScrollingCoordinator::uniqueScrollLayerID() to uniqueScrollingNodeID() since it
          is really a node id.
        - Inline ScrollingStateTree::setRootStateNode() so we only need to forward declare
          ScrollingStateFrameScrollingNode in headers.
        - Pass argument to ScrollingStateTree::addNode() as a reference rather than a pointer.
        - Initialize ScrollingStateTree::m_changedProperties and ScrollingStateTree::m_parent in
          the header file.
        - Remove obsolete comment about ScrollingCoordinatorMac.

        No new tests, behavior unchanged.

        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::uniqueScrollingNodeID):
        (WebCore::ScrollingCoordinator::uniqueScrollLayerID): Deleted.
        * page/scrolling/ScrollingCoordinator.h:
        * page/scrolling/ScrollingStateNode.cpp:
        (WebCore::ScrollingStateNode::ScrollingStateNode):
        * page/scrolling/ScrollingStateNode.h:
        * page/scrolling/ScrollingStateTree.cpp:
        (WebCore::ScrollingStateTree::attachNode):
        (WebCore::ScrollingStateTree::setRootStateNode):
        (WebCore::ScrollingStateTree::addNode):
        * page/scrolling/ScrollingStateTree.h:
        (WebCore::ScrollingStateTree::setRootStateNode): Deleted.
        * page/scrolling/ScrollingTree.cpp:
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h:
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::attachScrollingNode):

2018-12-05  Wenson Hsieh  <wenson_hsieh@apple.com>

        Turn WritingDirection into an enum class
        https://bugs.webkit.org/show_bug.cgi?id=192401
        Work towards <rdar://problem/42075638>

        Reviewed by Dan Bernstein.

        Change WritingDirection from an enum to an enum class. No change in behavior.

        * editing/ApplyStyleCommand.cpp:
        (WebCore::ApplyStyleCommand::splitAncestorsWithUnicodeBidi):
        (WebCore::ApplyStyleCommand::applyInlineStyle):
        * editing/EditingStyle.cpp:
        (WebCore::EditingStyle::textDirection const):
        (WebCore::EditingStyle::textDirectionForSelection):
        * editing/Editor.cpp:
        (WebCore::Editor::setBaseWritingDirection):
        (WebCore::Editor::baseWritingDirectionForSelectionStart const):
        * editing/EditorCommand.cpp:
        (WebCore::stateTextWritingDirectionLeftToRight):
        (WebCore::stateTextWritingDirectionNatural):
        (WebCore::stateTextWritingDirectionRightToLeft):
        * editing/WritingDirection.h:

        Additionally wrap this enum in `namespace WebCore`, and update the copyright year.

        * editing/ios/EditorIOS.mm:
        (WebCore::Editor::setTextAlignmentForChangedBaseWritingDirection):
        * page/ContextMenuController.cpp:
        (WebCore::ContextMenuController::contextMenuItemSelected):
        * testing/Internals.cpp:
        (WebCore::Internals::setBaseWritingDirection):

2018-12-05  Alicia Boya García  <aboya@igalia.com>

        [MSE][GStreamer] Remove the AppendPipeline state machine
        https://bugs.webkit.org/show_bug.cgi?id=192204

        Reviewed by Xabier Rodriguez-Calvar.

        This patch tries to reduce the complexity of the AppendPipeline by
        removing the appendState state machine and cleaning all the
        conditional code around it that is not necessary anymore.

        For the most part the behavior is the same, but some edge cases have
        been improved in the process:

        Demuxing errors now result in the append being flagged as
        ParsingFailed and the error being propagated to the application. This
        fixes media/media-source/media-source-error-crash.html (or at least
        gets it up to date with cross platform expectations).

        AbortableTaskQueue now allows the task handler to perform an abort
        safely. This is used in the GstBus error message sync handler, since
        it needs to ask the MainThread to raise a parse error, which will in
        turn abort. An API test has been added for this new functionality.
        Also, code has been added to the API tests to ensure the correct
        destruction of the response object, especially in this case.

        The code handling invalid track codecs has been made clearer by also
        explicitly raising a parse error, but it should not expose behavior
        differences for the application. A test has been added for this
        behavior: web-platform-tests/media-source/mediasource-invalid-codec.html

        The reporting of EOS events have been made more rigorous. EOS is only
        expected after a demuxing error, otherwise it's a g_critical.

        AppendPipeline::abort() has been renamed to
        AppendPipeline::resetParserState() to honor the fact that it's not
        only called when the user calls abort() and match better the names
        used in the spec.

        Test: imported/w3c/web-platform-tests/media-source/mediasource-invalid-codec.html

        * platform/AbortableTaskQueue.h:
        * platform/graphics/gstreamer/mse/AppendPipeline.cpp:
        (WebCore::assertedElementSetState):
        (WebCore::AppendPipeline::AppendPipeline):
        (WebCore::AppendPipeline::~AppendPipeline):
        (WebCore::AppendPipeline::handleErrorSyncMessage):
        (WebCore::AppendPipeline::appsrcEndOfAppendCheckerProbe):
        (WebCore::AppendPipeline::handleNeedContextSyncMessage):
        (WebCore::AppendPipeline::appsinkCapsChanged):
        (WebCore::AppendPipeline::handleEndOfAppend):
        (WebCore::AppendPipeline::appsinkNewSample):
        (WebCore::AppendPipeline::didReceiveInitializationSegment):
        (WebCore::AppendPipeline::resetParserState):
        (WebCore::AppendPipeline::pushNewBuffer):
        (WebCore::AppendPipeline::handleAppsinkNewSampleFromStreamingThread):
        (WebCore::AppendPipeline::connectDemuxerSrcPadToAppsinkFromStreamingThread):
        (WebCore::AppendPipeline::connectDemuxerSrcPadToAppsink):
        (WebCore::AppendPipeline::disconnectDemuxerSrcPadFromAppsinkFromAnyThread):
        (WebCore::AppendPipeline::dumpAppendState): Deleted.
        (WebCore::AppendPipeline::demuxerNoMorePads): Deleted.
        (WebCore::AppendPipeline::setAppendState): Deleted.
        (WebCore::AppendPipeline::appsinkEOS): Deleted.
        (WebCore::AppendPipeline::resetPipeline): Deleted.
        (WebCore::AppendPipeline::abort): Deleted.
        * platform/graphics/gstreamer/mse/AppendPipeline.h:
        (WebCore::AppendPipeline::appendState): Deleted.
        * platform/graphics/gstreamer/mse/MediaSourceClientGStreamerMSE.cpp:
        (WebCore::MediaSourceClientGStreamerMSE::abort):
        (WebCore::MediaSourceClientGStreamerMSE::resetParserState):
        * platform/graphics/gstreamer/mse/SourceBufferPrivateGStreamer.cpp:
        (WebCore::SourceBufferPrivateGStreamer::appendParsingFailed):
        * platform/graphics/gstreamer/mse/SourceBufferPrivateGStreamer.h:

2018-12-05  Rob Buis  <rbuis@igalia.com>

        [Mac] HEAD requests changed to GET after 301, 302, and 303 redirections (http/tests/xmlhttprequest/head-redirection.html)
        https://bugs.webkit.org/show_bug.cgi?id=114965

        Reviewed by Frédéric Wang.

        HEAD requests should not be changed to GET after 303 redirects, see [1].
        This was fixed earlier for GTK [2].

        Behavior matches Firefox and Chrome.

        [1] http://tools.ietf.org/html/draft-ietf-httpbis-p2-semantics-21#section-7.4
        [2] https://bugs.webkit.org/show_bug.cgi?id=110127

        Tests: web-platform-tests/fetch/api/redirect/redirect-method.html
               web-platform-tests/fetch/api/redirect/redirect-method-worker.html
               http/tests/xmlhttprequest/head-redirection.html

        * platform/network/mac/ResourceHandleMac.mm:
        (WebCore::ResourceHandle::willSendRequest):

2018-12-05  Rob Buis  <rbuis@igalia.com>

        Align with Fetch on data: URLs
        https://bugs.webkit.org/show_bug.cgi?id=182325

        Reviewed by Alex Christensen.

        Do not accept data URLs that do not contain a comma
        character, as specified in the relevant specs [1, 2].

        Behavior matches Firefox and Chrome.

        Test: web-platform-tests/fetch/api/basic/scheme-data.any.html

        [1] https://tools.ietf.org/html/rfc2397
        [2] https://fetch.spec.whatwg.org/#data-url-processor

        * platform/network/DataURLDecoder.cpp:
        (WebCore::DataURLDecoder::parseMediaType):
        (WebCore::DataURLDecoder::DecodeTask::DecodeTask):
        (WebCore::DataURLDecoder::DecodeTask::process):
        (WebCore::DataURLDecoder::createDecodeTask):
        (WebCore::DataURLDecoder::decode):

2018-12-05  Frederic Wang  <fwang@igalia.com>

        Unreviewed build fix.

        * page/scrolling/ios/ScrollingTreeFrameScrollingNodeIOS.mm: Add missing header.

2018-12-05  Javier Fernandez  <jfernandez@igalia.com>

        [css-grid] Crash on debug changing the style of a positioned element
        https://bugs.webkit.org/show_bug.cgi?id=191473

        Reviewed by Dean Jackson and Zalan Bujtas.

        When an box becomes {out-of,in}-flow, it may be re-parented and it may become a grid
        item. In that case, we must mark the RenderGrid as dirty, so that the grid items
        placement logic is executed again.

        Test: fast/css-grid-layout/grid-crash-out-of-flow-positioned-element.html

        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::childFlowStateChangesAndAffectsParentBlock): Consider the case of a box's new parent being a grid container.

2018-12-04  Frederic Wang  <fwang@igalia.com>

        Always pass scrollingGeometry to update*ScrollingNode functions
        https://bugs.webkit.org/show_bug.cgi?id=192358

        Reviewed by Simon Fraser.

        Currently, the scrollingGeometry parameter of updateOverflowScrollingNode is always used
        while the one of updateFrameScrollingNode is never used. Both of them are passed as possibly
        null pointers. This commit makes things more consistent by making the parameter a reference
        and explicitly setting the scrollingGeometry of updateFrameScrollingNode. This will help
        other efforts (such as support for macOS/iOS asynchronous scrolling of overflow nodes /
        subframes or for CSS overscroll-behavior) for which new data members have to be passed to the
        scrolling nodes.

        No new tests, no behavior changes.

        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::updateFrameScrollingNode):
        (WebCore::AsyncScrollingCoordinator::updateOverflowScrollingNode):
        * page/scrolling/AsyncScrollingCoordinator.h:
        * page/scrolling/ScrollingCoordinator.h:
        (WebCore::ScrollingCoordinator::updateFrameScrollingNode):
        (WebCore::ScrollingCoordinator::updateOverflowScrollingNode):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::updateScrollCoordinationForThisFrame):
        (WebCore::RenderLayerCompositor::updateScrollCoordinatedLayer):

2018-12-04  Ryosuke Niwa  <rniwa@webkit.org>

        Crash in HTMLCollection::updateNamedElementCache
        https://bugs.webkit.org/show_bug.cgi?id=192347

        Reviewed by Darin Adler.

        The bug was caused by CollectionIndexCache's nodeAt caching the length of 1
        when there are no matching elements in the subtree when the index is non-zero.

        A related bug was fixed in r182125 but we were not considering the possibility
        that the index given to this function might be non-zero even when there were
        no matching elements.

        Test: fast/dom/options-collection-zero-length-crash.html

        * dom/CollectionIndexCache.h:
        (WebCore::CollectionIndexCache<Collection, Iterator>::nodeAt):

2018-11-30  Jiewen Tan  <jiewen_tan@apple.com>

        Don't report resource timing to parent frame for history items
        https://bugs.webkit.org/show_bug.cgi?id=192273
        <rdar://problem/45163764>

        Reviewed by Youenn Fablet.

        We should not report history items to its parent frame as those are less
        interested to its parent and might not be the first navigation in the iframes.

        This change aligns the behavior when a cached document is not available for the
        history item with the available case as we don't report resource timing for any
        cached main document.

        Test: http/tests/misc/resource-timing-navigation-in-restored-iframe-2.html

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadDifferentDocumentItem):

2018-12-04  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r238090): position:fixed sidebar on https://www.w3.org/TR/SVG2/coords.html does not stay fixed
        https://bugs.webkit.org/show_bug.cgi?id=192320
        <rdar://problem/46429833>

        Reviewed by Zalan Bujtas.
        
        Re-land r238840 with a more reliable test.
        
        When we fall into slow scrolling mode (for example, because of background-attachment: fixed),
        RenderLayerCompositor::updateCompositingLayers() needs to set the geometry dirty bit on layers
        for viewport-constrained objects so we update them.
        
        This is only necessary for page scrolling; for overflow scrolls, updateLayerPositions() already
        does enough dirtying that fixed layers nested inside scrollers get updated.

        Test: compositing/fixed-with-main-thread-scrolling.html

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::updateCompositingLayers):

2018-12-04  Youenn Fablet  <youenn@apple.com>

        Fix MediaRecorder flaky tests
        https://bugs.webkit.org/show_bug.cgi?id=192371

        Reviewed by Eric Carlson.

        No change of behavior.

        * testing/Internals.cpp:
        (WebCore::Internals::resetToConsistentState):
        Reset to use real MediaRecorder by default.

2018-12-04  Justin Michaud  <justin_michaud@apple.com>

        CSS Painting API should allow image values in inputProperties
        https://bugs.webkit.org/show_bug.cgi?id=192200

        Reviewed by Dean Jackson.

        Adds new TypedOMCSSImageValue wrapper. We rename all the existing ones so that the naming is consistent (CSSImageValue is already a thing).
        Finally, we let CanvasRenderingContext2DBase render these.

        Tests: fast/css-custom-paint/arguments.html
               fast/css-custom-paint/image.html

        * CMakeLists.txt:
        * DerivedSources.make:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/CallTracerTypes.h:
        * bindings/js/JSTypedOMCSSStyleValueCustom.cpp: Renamed from Source/WebCore/bindings/js/JSCSSStyleValueCustom.cpp.
        (WebCore::toJSNewlyCreated):
        (WebCore::toJS):
        * bindings/js/WebCoreBuiltinNames.h:
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::customPropertyValue):
        * css/CSSCustomPropertyValue.cpp:
        (WebCore::CSSCustomPropertyValue::equals const):
        (WebCore::CSSCustomPropertyValue::customCSSText const):
        (WebCore::CSSCustomPropertyValue::tokens const):
        * css/CSSCustomPropertyValue.h:
        * css/CSSPaintImageValue.cpp:
        (WebCore::CSSPaintImageValue::image):
        * css/typedom/StylePropertyMapReadOnly.h:
        (WebCore::StylePropertyMapReadOnly::create):
        (WebCore::StylePropertyMapReadOnly::get const):
        (WebCore::StylePropertyMapReadOnly::StylePropertyMapReadOnly):
        * css/typedom/StylePropertyMapReadOnly.idl:
        * css/typedom/TypedOMCSSImageValue.h: Copied from Source/WebCore/css/typedom/CSSUnitValue.h.
        * css/typedom/TypedOMCSSImageValue.idl: Copied from Source/WebCore/css/typedom/CSSStyleValue.idl.
        * css/typedom/TypedOMCSSNumericValue.h: Renamed from Source/WebCore/css/typedom/CSSNumericValue.h.
        * css/typedom/TypedOMCSSNumericValue.idl: Renamed from Source/WebCore/css/typedom/CSSNumericValue.idl.
        * css/typedom/TypedOMCSSStyleValue.h: Renamed from Source/WebCore/css/typedom/CSSStyleValue.h.
        (WebCore::TypedOMCSSStyleValue::isImageValue):
        * css/typedom/TypedOMCSSStyleValue.idl: Renamed from Source/WebCore/css/typedom/CSSStyleValue.idl.
        * css/typedom/TypedOMCSSUnitValue.h: Renamed from Source/WebCore/css/typedom/CSSUnitValue.h.
        * css/typedom/TypedOMCSSUnitValue.idl: Renamed from Source/WebCore/css/typedom/CSSUnitValue.idl.
        * css/typedom/TypedOMCSSUnparsedValue.h: Renamed from Source/WebCore/css/typedom/CSSUnparsedValue.h.
        * css/typedom/TypedOMCSSUnparsedValue.idl: Renamed from Source/WebCore/css/typedom/CSSUnparsedValue.idl.
        * html/ImageBitmap.cpp:
        (WebCore::ImageBitmap::createPromise):
        * html/ImageBitmap.h:
        * html/canvas/CanvasDrawImage.idl:
        * html/canvas/CanvasFillStrokeStyles.idl:
        * html/canvas/CanvasRenderingContext.cpp:
        (WebCore::CanvasRenderingContext::checkOrigin):
        * html/canvas/CanvasRenderingContext.h:
        * html/canvas/CanvasRenderingContext2DBase.cpp:
        (WebCore::size):
        (WebCore::CanvasRenderingContext2DBase::drawImage):
        (WebCore::CanvasRenderingContext2DBase::createPattern):
        * html/canvas/CanvasRenderingContext2DBase.h:
        * inspector/InspectorCanvas.cpp:
        (WebCore::InspectorCanvas::buildAction):
        * page/WindowOrWorkerGlobalScope.idl:
        * platform/graphics/CustomPaintImage.cpp:
        (WebCore::CustomPaintImage::doCustomPaint):

2018-12-04  Chris Dumez  <cdumez@apple.com>

        Regression(r238817) PSON Page Cache API tests are failing
        https://bugs.webkit.org/show_bug.cgi?id=192348

        Reviewed by Alex Christensen.

        * page/MemoryRelease.cpp:
        (WebCore::releaseCriticalMemory):
        (WebCore::releaseMemory):
        * page/MemoryRelease.h:

2018-12-04  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r238838.

        The layout test added with this change is failing on iOS.

        Reverted changeset:

        "Thick overlines and line-throughs grow in the wrong
        direction"
        https://bugs.webkit.org/show_bug.cgi?id=192264
        https://trac.webkit.org/changeset/238838

2018-12-04  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r238840.

        The layout test added with this change is frequently failing.

        Reverted changeset:

        "REGRESSION (r238090): position:fixed sidebar on
        https://www.w3.org/TR/SVG2/coords.html does not stay fixed"
        https://bugs.webkit.org/show_bug.cgi?id=192320
        https://trac.webkit.org/changeset/238840

2018-12-04  Carlos Garcia Campos  <cgarcia@igalia.com>

        [SOUP] Move URLSoup back to WebCore after r238771
        https://bugs.webkit.org/show_bug.cgi?id=192306

        Reviewed by Michael Catanzaro.

        Add soupURIToURL() and urlToSoupURI() to replace the URL contructor taking a Soup URI and
        URL::createSoupURI(). Fix several build failures that showed up after removing the soup includes from URL
        header.

        * platform/Cookie.h:
        * platform/SharedBuffer.h:
        * platform/SourcesSoup.txt:
        * platform/network/soup/CookieSoup.cpp:
        * platform/network/soup/GUniquePtrSoup.h: Renamed from Source/WTF/wtf/glib/GUniquePtrSoup.h.
        * platform/network/soup/NetworkStorageSessionSoup.cpp:
        (WebCore::NetworkStorageSession::setCookiesFromDOM const):
        (WebCore::NetworkStorageSession::deleteCookie const):
        (WebCore::NetworkStorageSession::getCookies):
        (WebCore::NetworkStorageSession::getRawCookies const):
        (WebCore::cookiesForSession):
        * platform/network/soup/ResourceErrorSoup.cpp:
        (WebCore::failingURI):
        * platform/network/soup/ResourceHandleSoup.cpp:
        * platform/network/soup/ResourceRequest.h:
        (WebCore::ResourceRequest::ResourceRequest):
        * platform/network/soup/ResourceRequestSoup.cpp:
        (WebCore::ResourceRequest::updateSoupMessageMembers const):
        (WebCore::ResourceRequest::updateFromSoupMessage):
        (WebCore::ResourceRequest::createSoupURI const):
        * platform/network/soup/ResourceResponseSoup.cpp:
        (WebCore::ResourceResponse::updateFromSoupMessage):
        * platform/network/soup/SocketStreamHandleImpl.h:
        * platform/network/soup/SocketStreamHandleImplSoup.cpp:
        (WebCore::SocketStreamHandleImpl::create):
        * platform/network/soup/SoupNetworkSession.cpp:
        * platform/network/soup/URLSoup.cpp: Copied from Source/WTF/wtf/glib/URLSoup.cpp.
        (WebCore::soupURIToURL):
        (WebCore::urlToSoupURI):
        * platform/network/soup/URLSoup.h: Renamed from Source/WTF/wtf/glib/URLSoup.cpp.

2018-12-04  Devin Rousso  <drousso@apple.com>

        Web Inspector: Audit: tests should support async operations
        https://bugs.webkit.org/show_bug.cgi?id=192171
        <rdar://problem/46423562>

        Reviewed by Joseph Pecoraro.

        * page/Settings.yaml:
        * dom/ScriptExecutionContext.cpp:
        (ScriptExecutionContext::reportUnhandledPromiseRejection):
        Add setting for muting the "Unhandled Promise Rejection" console message.

2018-12-03  Tim Horton  <timothy_horton@apple.com>

        Fix the build

        * platform/mediarecorder/cocoa/MediaRecorderPrivateWriterCocoa.mm:
        Unified sources, of course.

2018-12-03  Youenn Fablet  <youenn@apple.com>

        A sender created through addTransceiver and populated using addTrack should have its source set
        https://bugs.webkit.org/show_bug.cgi?id=192136

        Reviewed by Eric Carlson.

        In case libwebrtc backend is already created, we need to make sure to
        set the track source to the libwebrtc sender backend that is actually
        tied to the sender.

        Covered by updated test.

        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCPeerConnectionBackend::removeTrack):
        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
        (WebCore::LibWebRTCPeerConnectionBackend::addTrack):
        * Modules/mediastream/libwebrtc/LibWebRTCRtpSenderBackend.h:

2018-12-03  YUHAN WU  <yuhan_wu@apple.com>

        Implement non-timeslice mode encoding for MediaRecorder
        https://bugs.webkit.org/show_bug.cgi?id=192069

        Reviewed by Youenn Fablet.

        Implement the encoding for non-timeslice mode of MediaRecorder.
        It only supports to record MP4 file through H264 and AAC encoding, we will need to support more MIME types and encoding methods.
        Add a API in internals to allow testings to turn on the mock source.

        Tests: http/wpt/mediarecorder/MediaRecorder-AV-audio-only-dataavailable.html
               http/wpt/mediarecorder/MediaRecorder-AV-audio-video-dataavailable.html
               http/wpt/mediarecorder/MediaRecorder-AV-video-only-dataavailable.html

        * Modules/mediarecorder/MediaRecorder.cpp:
        (WebCore::MediaRecorder::create):
        (WebCore::MediaRecorder::setCustomPrivateRecorderCreator):
        (WebCore::MediaRecorder::getPrivateImpl):
        (WebCore::MediaRecorder::MediaRecorder):
        (WebCore::MediaRecorder::stopRecording):
        (WebCore::MediaRecorder::stopRecordingInternal):
        (WebCore::MediaRecorder::createRecordingDataBlob):
        (WebCore::MediaRecorder::scheduleDeferredTask):
        * Modules/mediarecorder/MediaRecorder.h:
        * Modules/mediarecorder/MediaRecorder.idl:
        * SourcesCocoa.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/mediarecorder/MediaRecorderPrivate.h:
        (WebCore::MediaRecorderPrivate::stopRecording):
        * platform/mediarecorder/MediaRecorderPrivateAVFImpl.cpp: Added.
        (WebCore::MediaRecorderPrivateAVFImpl::create):
        (WebCore::MediaRecorderPrivateAVFImpl::MediaRecorderPrivateAVImpl):
        (WebCore::MediaRecorderPrivateAVFImpl::sampleBufferUpdated):
        (WebCore::MediaRecorderPrivateAVFImpl::audioSamplesAvailable):
        (WebCore::MediaRecorderPrivateAVFImpl::stopRecording):
        (WebCore::MediaRecorderPrivateAVFImpl::fetchData):
        (WebCore::MediaRecorderPrivateAVFImpl::mimeType):
        * platform/mediarecorder/MediaRecorderPrivateAVFImpl.h: Added.
        * platform/mediarecorder/MediaRecorderPrivateMock.cpp:
        (WebCore::MediaRecorderPrivateMock::fetchData):
        (WebCore::MediaRecorderPrivateMock::mimeType):
        * platform/mediarecorder/MediaRecorderPrivateMock.h:
        * platform/mediarecorder/cocoa/MediaRecorderPrivateWriterCocoa.h: Added.
        * platform/mediarecorder/cocoa/MediaRecorderPrivateWriterCocoa.mm: Added.
        (WebCore::MediaRecorderPrivateWriter::setupWriter):
        (WebCore::MediaRecorderPrivateWriter::setVideoInput):
        (WebCore::MediaRecorderPrivateWriter::setAudioInput):
        (WebCore::copySampleBufferWithCurrentTimeStamp):
        (WebCore::MediaRecorderPrivateWriter::appendVideoSampleBuffer):
        (WebCore::MediaRecorderPrivateWriter::appendAudioSampleBuffer):
        (WebCore::MediaRecorderPrivateWriter::stopRecording):
        (WebCore::MediaRecorderPrivateWriter::fetchData):
        * testing/Internals.cpp:
        (WebCore::createRecorderMockSource):
        (WebCore::Internals::setCustomPrivateRecorderCreator):
        * testing/Internals.h:
        * testing/Internals.idl:

2018-12-03  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r238090): position:fixed sidebar on https://www.w3.org/TR/SVG2/coords.html does not stay fixed
        https://bugs.webkit.org/show_bug.cgi?id=192320
        <rdar://problem/46429833>

        Reviewed by Zalan Bujtas.
        
        When we fall into slow scrolling mode (for example, because of background-attachment: fixed),
        RenderLayerCompositor::updateCompositingLayers() needs to set the geometry dirty bit on layers
        for viewport-constrained objects so we update them.
        
        This is only necessary for page scrolling; for overflow scrolls, updateLayerPositions() already
        does enough dirtying that fixed layers nested inside scrollers get updated.

        Test: compositing/fixed-with-main-thread-scrolling.html

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::updateCompositingLayers):

2018-12-03  Justin Michaud  <justin_michaud@apple.com>

        CSS Painting API should scale display list when drawing
        https://bugs.webkit.org/show_bug.cgi?id=192217

        Reviewed by Simon Fraser.

        When we replay the display list, fix the scaling. The separate buffer is needed to make sure that globalCompositeOperation functions correctly.

        * html/CustomPaintCanvas.cpp:
        (WebCore::CustomPaintCanvas::replayDisplayList const):
        * html/CustomPaintCanvas.h:
        * platform/graphics/CustomPaintImage.cpp:
        (WebCore::CustomPaintImage::doCustomPaint):

2018-12-03  Myles C. Maxfield  <mmaxfield@apple.com>

        Thick overlines and line-throughs grow in the wrong direction
        https://bugs.webkit.org/show_bug.cgi?id=192264

        Reviewed by Dean Jackson.

        Overlines should grow upward, and line-throughs should stay centered.

        Test: fast/css3-text/css3-text-decoration/text-decoration-thicknes-overline-grow-direction.html

        * rendering/TextDecorationPainter.cpp:
        (WebCore::TextDecorationPainter::paintTextDecoration):
        * style/InlineTextBoxStyle.cpp:
        (WebCore::visualOverflowForDecorations):

2018-12-03  Simon Fraser  <simon.fraser@apple.com>

        Viewport-constrained renderers are always RenderLayerModelObjects
        https://bugs.webkit.org/show_bug.cgi?id=192342

        Reviewed by Myles C. Maxfield.

        addViewportConstrainedObject/removeViewportConstrainedObject can take RenderLayerModelObjects,
        since all viewport-constrained renderers have layers.

        * page/FrameView.cpp:
        (WebCore::FrameView::addViewportConstrainedObject):
        (WebCore::FrameView::removeViewportConstrainedObject):
        * page/FrameView.h:
        * rendering/RenderLayerModelObject.cpp:
        (WebCore::RenderLayerModelObject::styleDidChange): The 0 argument is actually a nullptr RenderGeometryMap,
        which has a default value, and the comment was obsolete.

2018-12-03  Don Olmstead  <don.olmstead@sony.com>

        Fix some unused parameter warnings
        https://bugs.webkit.org/show_bug.cgi?id=192336

        Reviewed by Fujii Hironori.

        * Modules/indexeddb/server/IDBSerialization.cpp:
        (WebCore::isLegacySerializedIDBKeyData):
        * platform/FileSystem.cpp:
        (WebCore::FileSystem::openAndLockFile):
        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
        (WebCore::GraphicsContext3D::bindVertexArray):
        * platform/network/curl/CertificateInfo.h:
        (WTF::Persistence::Coder<WebCore::CertificateInfo>::encode):
        (WTF::Persistence::Coder<WebCore::CertificateInfo>::decode):

2018-12-03  Keith Rollin  <krollin@apple.com>

        Add .xcfilelist files
        https://bugs.webkit.org/show_bug.cgi?id=192082
        <rdar://problem/46312533>

        Reviewed by Brent Fulgham.

        Add .xcfilelist files for Generate Derived Sources and Generate
        Unified Sources build phases in Xcode. These are just being staged for
        now; they'll be added to the Xcode projects later.

        No new tests -- no changed functionality.

        * DerivedSources-input.xcfilelist: Added.
        * DerivedSources-output.xcfilelist: Added.
        * UnifiedSources-input.xcfilelist: Added.
        * UnifiedSources-output.xcfilelist: Added.

2018-12-03  Alex Christensen  <achristensen@webkit.org>

        Add WKWebProcessPlugInLoadDelegate SPI willStartProvisionalLoadForFrame with a completion handler
        https://bugs.webkit.org/show_bug.cgi?id=192272

        Reviewed by Brady Eidson.

        This is needed for rdar://problem/45910057
        Covered by an API test.

        * loader/EmptyFrameLoaderClient.h:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::prepareForLoadStart):
        (WebCore::FrameLoader::continueLoadAfterNavigationPolicy):
        (WebCore::FrameLoader::loadProvisionalItemFromCachedPage):
        * loader/FrameLoader.h:
        * loader/FrameLoaderClient.h:

2018-12-03  Zalan Bujtas  <zalan@apple.com>

        [iOS] Unreviewed build fix.

        * page/DOMTimer.cpp:
        (WebCore::DOMTimer::fired):

2018-12-03  Jer Noble  <jer.noble@apple.com>

        Get rid of old, dead Mac video fullscreen code.
        https://bugs.webkit.org/show_bug.cgi?id=192315

        Reviewed by Eric Carlson.

        * PlatformMac.cmake:
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
        (WebCore::MediaPlayerPrivateAVFoundation::supportsFullscreen const):

2018-12-03  Ryosuke Niwa  <rniwa@webkit.org>

        title attribute on style & link elements should be ignored inside a shadow tree
        https://bugs.webkit.org/show_bug.cgi?id=191297

        Reviewed by Antti Koivisto.

        Fixed the by not setting the stylesheet's title even when the title content attribute is present
        or set on SVG/HTML style and link elements inside a shadow tree.

        Test: fast/shadow-dom/stylesheet-title-in-shadow-tree.html

        * dom/InlineStyleSheetOwner.cpp:
        (WebCore::InlineStyleSheetOwner::createSheet):
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::parseAttribute):
        (WebCore::HTMLLinkElement::initializeStyleSheet):
        * html/HTMLStyleElement.cpp:
        (WebCore::HTMLStyleElement::parseAttribute):
        * style/StyleScope.cpp:
        (WebCore::Style::Scope::collectActiveStyleSheets):
        * svg/SVGStyleElement.cpp:
        (WebCore::SVGStyleElement::parseAttribute):

2018-12-03  Zalan Bujtas  <zalan@apple.com>

        [iOS] Add logging channel for hover related content observation
        https://bugs.webkit.org/show_bug.cgi?id=192312

        Reviewed by Simon Fraser.

        * dom/Document.cpp:
        (WebCore::Document::scheduleStyleRecalc):
        (WebCore::Document::updateStyleIfNeeded):
        (WebCore::Document::platformSuspendOrStopActiveDOMObjects):
        * page/DOMTimer.cpp:
        (WebCore::DOMTimer::install):
        (WebCore::DOMTimer::fired):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::clearTimeout):
        * page/Frame.cpp:
        (WebCore::Frame::willDetachPage):
        * platform/Logging.h:

2018-12-03  Michael Catanzaro  <mcatanzaro@igalia.com>

        [SOUP] Use SoupSession instead of SoupSessionAsync
        https://bugs.webkit.org/show_bug.cgi?id=107451

        Reviewed by Carlos Garcia Campos.

        With glib-networking 2.57.1, WebKit is no longer able to load TLS error pages. The problem
        is a network process deadlock caused by a change in how glib-networking performs certificate
        verification. Previously it verified certificates *after* the TLS handshake had completed,
        which was weirdly late, but previously not problematic. But now that TLS 1.3 exists,
        application data can be sent before certificate verification occurs, which is no good. So I
        moved verification to occur during the handshake. I needed to do this regardless because I
        need to add a new callback in GnuTLS for another feature. This introduced a deadlock in
        WebKit:

         - glib-networking detects an unacceptable certificate, emits accept-certificate signal
         - NetworkDataTaskSoup::tlsConnectionAcceptCertificate calls
           NetworkDataTaskSoup::invalidateAndCancel calls NetworkDataTaskSoup::clearRequest
         - NetworkDataTaskSoup::clearRequest calls soup_session_cancel_message

        The problem is that, in the deprecated SoupSessionAsync used by WebKit, cancellation is
        always *synchronous* despite the name of the class. So soup_session_cancel_message winds up
        doing its thing to close everything out, and that eventually ends up in a synchronous call
        to g_tls_connection_gnutls_close. The close operation can't proceed until the TLS handshake
        is finished, and the handshake is blocked waiting for WebKit to return from its
        accept-certificate handler. So the close operation winds up polling forever waiting for the
        handshake to finish. Deadlock.

        The only changes required in WebKit to use the modern SoupSession are adjustments for the
        new default property values. Most of the properties we used to set explicitly are now
        defaults and should be removed. Additionally, SoupSession has default timeouts, which we
        want to override to allow NetworkDataTaskSoup to implement its own timeouts.

        No new tests because this is covered by TestSSL (which would be failing if run with the
        newer glib-networking).

        * platform/network/soup/SoupNetworkSession.cpp:
        (WebCore::SoupNetworkSession::SoupNetworkSession):

2018-12-03  Yusuke Suzuki  <yusukesuzuki@slowstart.org>

        Use WallTime for file time
        https://bugs.webkit.org/show_bug.cgi?id=192287

        Reviewed by Darin Adler.

        This patch changes a type of file time from double to WallTime to use strongly typed file time.

        No behavior change.

        * Modules/webdatabase/Database.cpp:
        (WebCore::Database::details const):
        * Modules/webdatabase/DatabaseDetails.h:
        (WebCore::DatabaseDetails::DatabaseDetails):
        (WebCore::DatabaseDetails::creationTime const):
        (WebCore::DatabaseDetails::modificationTime const):
        * Modules/webdatabase/DatabaseManager.cpp:
        (WebCore::DatabaseManager::ProposedDatabase::ProposedDatabase):
        * Modules/webdatabase/DatabaseTracker.cpp:
        (WebCore::DatabaseTracker::detailsForNameAndOrigin):
        * fileapi/AsyncFileStream.cpp:
        (WebCore::AsyncFileStream::getSize):
        * fileapi/AsyncFileStream.h:
        * fileapi/File.cpp:
        (WebCore::File::lastModified const):
        * page/Page.cpp:
        (WebCore::Page::userStyleSheetLocationChanged):
        (WebCore::Page::userStyleSheet const):
        * page/Page.h:
        * platform/FileMetadata.h:
        * platform/FileStream.cpp:
        (WebCore::FileStream::getSize):
        * platform/FileStream.h:
        * platform/FileSystem.cpp:
        (WebCore::FileSystem::getFileModificationTime): Deleted.
        * platform/FileSystem.h:
        (WebCore::FileSystem::invalidFileTime): Deleted.
        (WebCore::FileSystem::isValidFileTime): Deleted.
        * platform/glib/FileSystemGlib.cpp:
        (WebCore::FileSystem::getFileCreationTime):
        (WebCore::FileSystem::getFileModificationTime):
        (WebCore::FileSystem::fileMetadataUsingFunction):
        * platform/network/BlobDataFileReference.cpp:
        (WebCore::BlobDataFileReference::BlobDataFileReference):
        (WebCore::BlobDataFileReference::expectedModificationTime):
        * platform/network/BlobDataFileReference.h:
        * platform/network/FormData.cpp:
        (WebCore::FormData::appendFile):
        (WebCore::FormData::appendFileRange):
        * platform/network/FormData.h:
        (WebCore::FormDataElement::FormDataElement):
        (WebCore::FormDataElement::EncodedFileData::decode):
        * platform/network/cf/FormDataStreamCFNet.cpp:
        (WebCore::advanceCurrentStream):
        * platform/network/soup/ResourceRequestSoup.cpp:
        (WebCore::appendEncodedBlobItemToSoupMessageBody):
        * platform/posix/FileSystemPOSIX.cpp:
        (WebCore::FileSystem::getFileCreationTime):
        (WebCore::FileSystem::getFileModificationTime):
        * platform/sql/SQLiteFileSystem.cpp:
        (WebCore::SQLiteFileSystem::databaseCreationTime):
        (WebCore::SQLiteFileSystem::databaseModificationTime):
        * platform/sql/SQLiteFileSystem.h:
        * platform/win/FileSystemWin.cpp:
        (WebCore::FileSystem::getFileModificationTime):
        (WebCore::FileSystem::getFileCreationTime):
        (WebCore::FileSystem::findDataToFileMetadata):

2018-12-03  Dean Jackson  <dino@apple.com>

        Fix iOS Simulator Release test crashes.

        * platform/network/ios/WebCoreURLResponseIOS.mm:
        (WebCore::adjustMIMETypeIfNecessary): Check for null before using the
        new MIME type.

2018-12-03  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] 'devicechange' event when more capture device information are revealed.
        https://bugs.webkit.org/show_bug.cgi?id=192268

        Reviewed by Youenn Fablet.

        Test: fast/mediastream/enumerate-devices-change-event.html

        * Modules/mediastream/MediaDevicesRequest.cpp:
        (WebCore::MediaDevicesRequest::start): Remove code to modify device based on access, that is
        now done in the UI process.
        (WebCore::MediaDevicesRequest::filterDeviceList): Deleted.
        * Modules/mediastream/MediaDevicesRequest.h:
        * platform/mediastream/RealtimeMediaSourceCenter.h:

2018-12-03  Wenson Hsieh  <wenson_hsieh@apple.com>

        [iOSMac] Unable to upload non-image files using drag and drop in WKWebView
        https://bugs.webkit.org/show_bug.cgi?id=192283
        <rdar://problem/46399461>

        Reviewed by Ryosuke Niwa.

        Currently on iOS, file URLs aren't generally written to the pasteboard during drag and drop unless the
        application providing the data explicitly registers "public.file-url" to item providers. As such, our current
        logic on iOS for handling drops does not attempt to prevent "public.file-url" from being advertised as the
        "text/uri-list" MIME type in DataTransfer, though we do currently succeed in suppressing access to the file URL.

        However, on iOSMac, the scenario in which file URLs are registered to item providers becomes pertinent when
        uploading files from other macOS apps (e.g. Finder) into a WKWebView running in iOSMac. Furthermore, the
        `preferredPresentationStyle` flag on `NSItemProvider` is unavailable in iOSMac; currently, this flag is our
        primary cue on iOS that an item should be treated as an attachment rather than inline data. In order to support
        file uploads in iOSMac, we make several adjustments to drop handling logic in iOS to handle the case where the
        "public.file-url" type is registered. See below for more details.

        Tests:  DragAndDropTests.DataTransferExposePlainTextWithFileURLAsFile
                DragAndDropTests.DataTransferGetDataWhenDroppingImageWithFileURL

        * platform/PasteboardItemInfo.h:
        (WebCore::PasteboardItemInfo::encode const):
        (WebCore::PasteboardItemInfo::decode):

        Add a new flag that is set if and only if the item provider contains the "public.file-url" type, and also
        contains some non-URL data type that conforms to one of the file types supported for file uploads (i.e.
        "public.content", zip archives, and folders).

        * platform/cocoa/PasteboardCocoa.mm:
        (WebCore::Pasteboard::fileContentState):

        Consider the pasteboard to contain files in the case where one or more of the items contains a file URL, along
        with some other pasteboard data that can be represented as a file upload.

        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::informationForItemAtIndex):
        (WebCore::PlatformPasteboard::typesSafeForDOMToReadAndWrite const):

        If the pasteboard contains "public.file-url", don't consider "text/uri-list" to be one of the data types that's
        safe to expose to the page. Our current behavior in this case is that we will advertise "text/uri-list" as a
        pasteboard type in the DataTransfer, but if the page attempts to request this information, we simply return the
        empty string. Instead, we shouldn't expose "text/uri-list" as a type in the first place.

        * platform/ios/WebItemProviderPasteboard.h:
        * platform/ios/WebItemProviderPasteboard.mm:

        Add a few more `__bridge`-ing casts where appropriate.

        (typeConformsToTypes):

        Move this further up the file so that it can be used in `NSItemProvider (WebCoreExtras)`.

        (-[NSItemProvider web_containsFileURLAndFileUploadContent]):

        Add a helper method on NSItemProvider to determine whether an item provider has a file URL, as well as a content
        type suitable for file uploads.

        (-[WebItemProviderLoadResult canBeRepresentedAsFileUpload]):

        This currently always returns `NO` in iOSMac; instead, return `YES` on both iOS and iOSMac in the case where the
        item provider contains a file URL and content which may be uploaded.

        (-[WebItemProviderPasteboard preferredFileUploadURLAtIndex:fileType:]):
        (-[WebItemProviderPasteboard typeIdentifiersToLoad:]):

        Refactor this to take an `NSItemProvider` instead of a list of type identifiers, and bail out of loading data
        for "public.url" if the item provider contains a file URL.

        (-[WebItemProviderPasteboard doAfterLoadingProvidedContentIntoFileURLs:synchronousTimeout:]):
        (-[WebItemProviderPasteboard typeIdentifiersToLoadForRegisteredTypeIdentifiers:]): Deleted.

2018-12-02  Zalan Bujtas  <zalan@apple.com>

        Add a runtime feature flag for LayoutFormattingContext.
        https://bugs.webkit.org/show_bug.cgi?id=192280

        Reviewed by Simon Fraser.

        * Configurations/FeatureDefines.xcconfig:
        * page/FrameViewLayoutContext.cpp:
        (WebCore::layoutUsingFormattingContext):
        * page/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::setLayoutFormattingContextEnabled):
        (WebCore::RuntimeEnabledFeatures::layoutFormattingContextEnabled const):

2018-12-01  Brent Fulgham  <bfulgham@apple.com>

        Lifetime of HTMLMediaElement is not properly handled in asynchronous actions
        https://bugs.webkit.org/show_bug.cgi?id=192087
        <rdar://problem/45975230>

        Reviewed by Dean Jackson.

        The HTMLMediaElement performs operations that allow arbitrary JavaScript to run. We need to make
        sure the active media element is protected until those calls complete.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::didFinishInsertingNode):
        (WebCore::HTMLMediaElement::exitFullscreen):
        (WebCore::HTMLMediaElement::markCaptionAndSubtitleTracksAsUnconfigured):
        (WebCore::HTMLMediaElement::scheduleConfigureTextTracks):
        (WebCore::HTMLMediaElement::scheduleMediaEngineWasUpdated):
        (WebCore::HTMLMediaElement::scheduleUpdatePlayState):
        (WebCore::HTMLMediaElement::scheduleUpdateMediaState):

2018-12-01  Chris Dumez  <cdumez@apple.com>

        [PSON] process-swapping may occur even though opener has handle to openee
        https://bugs.webkit.org/show_bug.cgi?id=192277

        Reviewed by Antti Koivisto.

        Process-swapping may occur even though opener has handle to openee, which is not Web-compatible. The reason
        is that we rely on the window not having an opener to process-swap. However, the opener can be disowned,
        which does not mean that the opener doesn't still have a handle to its openee.

        To address the issue:
        - Renamed openedViaWindowOpenWithOpener flag to openedByDOMWithOpener
        - Make sure this flag gets set if an opener have ever been set for the browsing context
        - Do not process-swap if this flag is set
        - Drop opener from NavigationAction since it does not provide meaningful information to decide whether
          to process-swap or not.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::setOpener):
        * loader/NavigationAction.h:
        (WebCore::NavigationAction::openedByDOMWithOpener const):
        (WebCore::NavigationAction::setOpenedByDOMWithOpener):
        (WebCore::NavigationAction::setOpener): Deleted.
        (WebCore::NavigationAction::opener const): Deleted.
        (WebCore::NavigationAction::openedViaWindowOpenWithOpener const): Deleted.
        (WebCore::NavigationAction::setOpenedViaWindowOpenWithOpener): Deleted.
        * loader/PolicyChecker.cpp:
        (WebCore::PolicyChecker::checkNavigationPolicy):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::createWindow):
        * page/Page.h:
        (WebCore::Page::openedByDOMWithOpener const):
        (WebCore::Page::setOpenedByDOMWithOpener):
        (WebCore::Page::openedViaWindowOpenWithOpener const): Deleted.
        (WebCore::Page::setOpenedViaWindowOpenWithOpener): Deleted.

2018-12-01  Christopher Reid  <chris.reid@sony.com>

        Add generic implementations to FileSystemPOSIX.cpp
        https://bugs.webkit.org/show_bug.cgi?id=192263

        Reviewed by Yusuke Suzuki.

        No new tests, no change in behavior.

        Add generic FileSystemPOSIX implementations for:
            - stringFromFileSystemRepresentation
            - fileSystemRepresentation
            - moveFile
            - getVolumeFreeSpace

        Also removing an unneeded PLATFORM(GTK) check since GTK is only using FileSystemGlib

        * platform/posix/FileSystemPOSIX.cpp:

2018-12-01  Zalan Bujtas  <zalan@apple.com>

        [LFC][BFC] Call instrinsicWidthConstraints on the correct formatting state.
        https://bugs.webkit.org/show_bug.cgi?id=192274

        Reviewed by Antti Koivisto.

        When we call intrinsic width on a formatting context root, we need to use the formatting state
        that this root constructs and not the one it lives in.

        * layout/blockformatting/BlockFormattingContext.cpp:
        (WebCore::Layout::BlockFormattingContext::instrinsicWidthConstraints const):
        * layout/inlineformatting/InlineFormattingContext.cpp:
        (WebCore::Layout::InlineFormattingContext::instrinsicWidthConstraints const): it's the caller's responsiblitiy to store the intrinsic values.

2018-11-30  Alex Christensen  <achristensen@webkit.org>

        Fix Windows build.

        * platform/network/curl/CookieJarCurl.cpp:
        * platform/network/curl/PublicSuffixCurl.cpp:

2018-11-30  Alex Christensen  <achristensen@webkit.org>

        Fix Windows build.

        * platform/network/curl/CookieJarCurl.h:

2018-11-30  Alex Christensen  <achristensen@webkit.org>

        Move URL from WebCore to WTF
        https://bugs.webkit.org/show_bug.cgi?id=190234

        Reviewed by Keith Miller.

        A URL is a low-level concept that does not depend on other classes in WebCore.
        We are starting to use URLs in JavaScriptCore for modules.
        I need URL and URLParser in a place with fewer dependencies for rdar://problem/44119696

        * Modules/applepay/ApplePaySession.h:
        * Modules/applepay/ApplePayValidateMerchantEvent.h:
        * Modules/applepay/PaymentCoordinator.cpp:
        * Modules/applepay/PaymentCoordinator.h:
        * Modules/applepay/PaymentCoordinatorClient.h:
        * Modules/applepay/PaymentSession.h:
        * Modules/applicationmanifest/ApplicationManifest.h:
        * Modules/beacon/NavigatorBeacon.cpp:
        * Modules/cache/DOMCache.cpp:
        * Modules/fetch/FetchLoader.h:
        * Modules/mediasession/MediaSessionMetadata.h:
        * Modules/mediasource/MediaSourceRegistry.cpp:
        * Modules/mediasource/MediaSourceRegistry.h:
        * Modules/mediastream/MediaStream.cpp:
        * Modules/mediastream/MediaStreamRegistry.cpp:
        * Modules/mediastream/MediaStreamRegistry.h:
        * Modules/navigatorcontentutils/NavigatorContentUtilsClient.h:
        * Modules/notifications/Notification.h:
        * Modules/paymentrequest/MerchantValidationEvent.h:
        * Modules/paymentrequest/PaymentRequest.h:
        * Modules/plugins/PluginReplacement.h:
        * Modules/webaudio/AudioContext.h:
        * Modules/websockets/ThreadableWebSocketChannel.h:
        * Modules/websockets/WebSocket.h:
        * Modules/websockets/WebSocketHandshake.cpp:
        * Modules/websockets/WebSocketHandshake.h:
        * Modules/websockets/WorkerThreadableWebSocketChannel.h:
        * PlatformMac.cmake:
        * PlatformWin.cmake:
        * Sources.txt:
        * SourcesCocoa.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/CachedModuleScriptLoader.h:
        * bindings/js/CachedScriptFetcher.h:
        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::executeIfJavaScriptURL):
        * bindings/js/ScriptController.h:
        * bindings/js/ScriptModuleLoader.h:
        * bindings/js/ScriptSourceCode.h:
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation):
        * bindings/scripts/test/JS/JSInterfaceName.cpp:
        * bindings/scripts/test/JS/JSMapLike.cpp:
        * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        * bindings/scripts/test/JS/JSTestCEReactions.cpp:
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
        * bindings/scripts/test/JS/JSTestCallTracer.cpp:
        * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
        * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
        * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
        * bindings/scripts/test/JS/JSTestEnabledBySetting.cpp:
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        * bindings/scripts/test/JS/JSTestException.cpp:
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
        * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
        * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp:
        * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp:
        * bindings/scripts/test/JS/JSTestIterable.cpp:
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp:
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp:
        * bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp:
        * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp:
        * bindings/scripts/test/JS/JSTestNode.cpp:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
        * bindings/scripts/test/JS/JSTestPluginInterface.cpp:
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:
        * bindings/scripts/test/JS/JSTestSerialization.cpp:
        * bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.cpp:
        * bindings/scripts/test/JS/JSTestSerializationInherit.cpp:
        * bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp:
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
        * bindings/scripts/test/JS/JSTestStringifier.cpp:
        * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp:
        * bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp:
        * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp:
        * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp:
        * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp:
        * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp:
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::processContentExtensionRulesForLoad):
        (WebCore::ContentExtensions::ContentExtensionsBackend::processContentExtensionRulesForPingLoad):
        (WebCore::ContentExtensions::applyBlockedStatusToRequest):
        * contentextensions/ContentExtensionsBackend.h:
        * css/CSSValue.h:
        * css/StyleProperties.h:
        * css/StyleResolver.h:
        * css/StyleSheet.h:
        * css/StyleSheetContents.h:
        * css/parser/CSSParserContext.h:
        (WebCore::CSSParserContextHash::hash):
        (WTF::HashTraits<WebCore::CSSParserContext>::constructDeletedValue):
        * css/parser/CSSParserIdioms.h:
        * dom/DataTransfer.cpp:
        (WebCore::DataTransfer::setDataFromItemList):
        * dom/Document.cpp:
        (WebCore::Document::setURL):
        (WebCore::Document::processHttpEquiv):
        (WebCore::Document::completeURL const):
        (WebCore::Document::ensureTemplateDocument):
        * dom/Document.h:
        (WebCore::Document::urlForBindings const):
        * dom/Element.cpp:
        (WebCore::Element::isJavaScriptURLAttribute const):
        * dom/InlineStyleSheetOwner.cpp:
        (WebCore::parserContextForElement):
        * dom/Node.cpp:
        (WebCore::Node::baseURI const):
        * dom/Node.h:
        * dom/ScriptElement.h:
        * dom/ScriptExecutionContext.h:
        * dom/SecurityContext.h:
        * editing/Editor.cpp:
        (WebCore::Editor::pasteboardWriterURL):
        * editing/Editor.h:
        * editing/MarkupAccumulator.cpp:
        (WebCore::MarkupAccumulator::appendQuotedURLAttributeValue):
        * editing/cocoa/DataDetection.h:
        * editing/cocoa/EditorCocoa.mm:
        (WebCore::Editor::userVisibleString):
        * editing/cocoa/WebContentReaderCocoa.mm:
        (WebCore::replaceRichContentWithAttachments):
        (WebCore::WebContentReader::readWebArchive):
        * editing/mac/EditorMac.mm:
        (WebCore::Editor::plainTextFromPasteboard):
        (WebCore::Editor::writeImageToPasteboard):
        * editing/markup.cpp:
        (WebCore::removeSubresourceURLAttributes):
        (WebCore::createFragmentFromMarkup):
        * editing/markup.h:
        * fileapi/AsyncFileStream.cpp:
        * fileapi/AsyncFileStream.h:
        * fileapi/Blob.h:
        * fileapi/BlobURL.cpp:
        * fileapi/BlobURL.h:
        * fileapi/File.h:
        * fileapi/FileReaderLoader.h:
        * fileapi/ThreadableBlobRegistry.h:
        * history/CachedFrame.h:
        * history/HistoryItem.h:
        * html/DOMURL.cpp:
        (WebCore::DOMURL::create):
        * html/DOMURL.h:
        * html/HTMLAttachmentElement.cpp:
        (WebCore::HTMLAttachmentElement::archiveResourceURL):
        * html/HTMLFrameElementBase.cpp:
        (WebCore::HTMLFrameElementBase::isURLAllowed const):
        (WebCore::HTMLFrameElementBase::openURL):
        (WebCore::HTMLFrameElementBase::setLocation):
        * html/HTMLInputElement.h:
        * html/HTMLLinkElement.h:
        * html/HTMLMediaElement.cpp:
        (WTF::LogArgument<URL>::toString):
        (WTF::LogArgument<WebCore::URL>::toString): Deleted.
        * html/HTMLPlugInImageElement.cpp:
        (WebCore::HTMLPlugInImageElement::allowedToLoadFrameURL):
        * html/ImageBitmap.h:
        * html/MediaFragmentURIParser.h:
        * html/PublicURLManager.cpp:
        * html/PublicURLManager.h:
        * html/URLInputType.cpp:
        * html/URLRegistry.h:
        * html/URLSearchParams.cpp:
        (WebCore::URLSearchParams::URLSearchParams):
        (WebCore::URLSearchParams::toString const):
        (WebCore::URLSearchParams::updateURL):
        (WebCore::URLSearchParams::updateFromAssociatedURL):
        * html/URLUtils.h:
        (WebCore::URLUtils<T>::setHost):
        (WebCore::URLUtils<T>::setPort):
        * html/canvas/CanvasRenderingContext.cpp:
        * html/canvas/CanvasRenderingContext.h:
        * html/parser/HTMLParserIdioms.cpp:
        * html/parser/XSSAuditor.cpp:
        (WebCore::semicolonSeparatedValueContainsJavaScriptURL):
        (WebCore::XSSAuditor::filterScriptToken):
        (WebCore::XSSAuditor::filterObjectToken):
        (WebCore::XSSAuditor::filterParamToken):
        (WebCore::XSSAuditor::filterEmbedToken):
        (WebCore::XSSAuditor::filterFormToken):
        (WebCore::XSSAuditor::filterInputToken):
        (WebCore::XSSAuditor::filterButtonToken):
        (WebCore::XSSAuditor::eraseDangerousAttributesIfInjected):
        (WebCore::XSSAuditor::isLikelySafeResource):
        * html/parser/XSSAuditor.h:
        * html/parser/XSSAuditorDelegate.h:
        * inspector/InspectorFrontendHost.cpp:
        (WebCore::InspectorFrontendHost::openInNewTab):
        * inspector/InspectorInstrumentation.h:
        * inspector/agents/InspectorNetworkAgent.cpp:
        * inspector/agents/InspectorNetworkAgent.h:
        * inspector/agents/InspectorPageAgent.h:
        * inspector/agents/InspectorWorkerAgent.h:
        * loader/ApplicationManifestLoader.h:
        * loader/CookieJar.h:
        * loader/CrossOriginAccessControl.h:
        * loader/CrossOriginPreflightResultCache.h:
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::willSendRequest):
        (WebCore::DocumentLoader::maybeLoadEmpty):
        * loader/DocumentLoader.h:
        (WebCore::DocumentLoader::serverRedirectSourceForHistory const):
        * loader/DocumentWriter.h:
        * loader/FormSubmission.h:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::submitForm):
        (WebCore::FrameLoader::receivedFirstData):
        (WebCore::FrameLoader::loadWithDocumentLoader):
        (WebCore::FrameLoader::continueLoadAfterNavigationPolicy):
        (WebCore::createWindow):
        * loader/FrameLoaderClient.h:
        * loader/HistoryController.cpp:
        (WebCore::HistoryController::currentItemShouldBeReplaced const):
        (WebCore::HistoryController::initializeItem):
        * loader/LinkLoader.h:
        * loader/LoadTiming.h:
        * loader/LoaderStrategy.h:
        * loader/MixedContentChecker.cpp:
        (WebCore::MixedContentChecker::checkFormForMixedContent const):
        * loader/MixedContentChecker.h:
        * loader/NavigationScheduler.cpp:
        (WebCore::NavigationScheduler::shouldScheduleNavigation const):
        * loader/NavigationScheduler.h:
        * loader/PingLoader.h:
        * loader/PolicyChecker.cpp:
        (WebCore::PolicyChecker::checkNavigationPolicy):
        * loader/ResourceLoadInfo.h:
        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::requestStorageAccessUnderOpener):
        * loader/ResourceLoadObserver.h:
        * loader/ResourceLoadStatistics.h:
        * loader/ResourceLoader.h:
        * loader/ResourceTiming.h:
        * loader/SubframeLoader.cpp:
        (WebCore::SubframeLoader::requestFrame):
        * loader/SubframeLoader.h:
        * loader/SubstituteData.h:
        * loader/appcache/ApplicationCache.h:
        * loader/appcache/ApplicationCacheGroup.h:
        * loader/appcache/ApplicationCacheHost.h:
        * loader/appcache/ApplicationCacheStorage.cpp:
        * loader/appcache/ApplicationCacheStorage.h:
        * loader/appcache/ManifestParser.cpp:
        * loader/appcache/ManifestParser.h:
        * loader/archive/ArchiveResourceCollection.h:
        * loader/archive/cf/LegacyWebArchive.cpp:
        (WebCore::LegacyWebArchive::createFromSelection):
        * loader/cache/CachedResource.cpp:
        * loader/cache/CachedResourceLoader.h:
        * loader/cache/CachedStyleSheetClient.h:
        * loader/cache/MemoryCache.h:
        * loader/icon/IconLoader.h:
        * loader/mac/LoaderNSURLExtras.mm:
        * page/CaptionUserPreferencesMediaAF.cpp:
        * page/ChromeClient.h:
        * page/ClientOrigin.h:
        * page/ContextMenuClient.h:
        * page/ContextMenuController.cpp:
        (WebCore::ContextMenuController::checkOrEnableIfNeeded const):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::isInsecureScriptAccess):
        * page/DragController.cpp:
        (WebCore::DragController::startDrag):
        * page/DragController.h:
        * page/EventSource.h:
        * page/Frame.h:
        * page/FrameView.h:
        * page/History.h:
        * page/Location.cpp:
        (WebCore::Location::url const):
        (WebCore::Location::reload):
        * page/Location.h:
        * page/Page.h:
        * page/PageSerializer.h:
        * page/Performance.h:
        * page/PerformanceResourceTiming.cpp:
        * page/SecurityOrigin.cpp:
        (WebCore::SecurityOrigin::SecurityOrigin):
        (WebCore::SecurityOrigin::create):
        * page/SecurityOrigin.h:
        * page/SecurityOriginData.h:
        * page/SecurityOriginHash.h:
        * page/SecurityPolicy.cpp:
        (WebCore::SecurityPolicy::shouldInheritSecurityOriginFromOwner):
        * page/SecurityPolicy.h:
        * page/SettingsBase.h:
        * page/ShareData.h:
        * page/SocketProvider.h:
        * page/UserContentProvider.h:
        * page/UserContentURLPattern.cpp:
        * page/UserContentURLPattern.h:
        * page/UserScript.h:
        * page/UserStyleSheet.h:
        * page/VisitedLinkStore.h:
        * page/csp/ContentSecurityPolicy.h:
        * page/csp/ContentSecurityPolicyClient.h:
        * page/csp/ContentSecurityPolicyDirectiveList.h:
        * page/csp/ContentSecurityPolicySource.cpp:
        (WebCore::ContentSecurityPolicySource::portMatches const):
        * page/csp/ContentSecurityPolicySource.h:
        * page/csp/ContentSecurityPolicySourceList.cpp:
        * page/csp/ContentSecurityPolicySourceList.h:
        * page/csp/ContentSecurityPolicySourceListDirective.cpp:
        * platform/ContentFilterUnblockHandler.h:
        * platform/ContextMenuItem.h:
        * platform/Cookie.h:
        * platform/CookiesStrategy.h:
        * platform/DragData.h:
        * platform/DragImage.h:
        * platform/FileStream.h:
        * platform/LinkIcon.h:
        * platform/Pasteboard.cpp:
        (WebCore::Pasteboard::canExposeURLToDOMWhenPasteboardContainsFiles):
        * platform/Pasteboard.h:
        * platform/PasteboardStrategy.h:
        * platform/PasteboardWriterData.cpp:
        (WebCore::PasteboardWriterData::setURLData):
        (WebCore::PasteboardWriterData::setURL): Deleted.
        * platform/PasteboardWriterData.h:
        * platform/PlatformPasteboard.h:
        * platform/PromisedAttachmentInfo.h:
        * platform/SSLKeyGenerator.h:
        * platform/SchemeRegistry.cpp:
        (WebCore::SchemeRegistry::isBuiltinScheme):
        * platform/SharedBuffer.h:
        * platform/SharedStringHash.cpp:
        * platform/SharedStringHash.h:
        * platform/SourcesSoup.txt:
        * platform/UserAgent.h:
        * platform/UserAgentQuirks.cpp:
        * platform/UserAgentQuirks.h:
        * platform/cocoa/NetworkExtensionContentFilter.h:
        * platform/cocoa/NetworkExtensionContentFilter.mm:
        (WebCore::NetworkExtensionContentFilter::willSendRequest):
        * platform/glib/SSLKeyGeneratorGLib.cpp: Copied from Source/WebCore/page/ShareData.h.
        (WebCore::getSupportedKeySizes):
        (WebCore::signedPublicKeyAndChallengeString):
        * platform/glib/UserAgentGLib.cpp:
        * platform/graphics/GraphicsContext.h:
        * platform/graphics/Image.cpp:
        * platform/graphics/Image.h:
        * platform/graphics/ImageObserver.h:
        * platform/graphics/ImageSource.cpp:
        * platform/graphics/ImageSource.h:
        * platform/graphics/MediaPlayer.h:
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        * platform/graphics/cg/GraphicsContextCG.cpp:
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
        * platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp:
        (webKitMediaSrcSetUri):
        * platform/graphics/iso/ISOVTTCue.cpp:
        * platform/graphics/win/GraphicsContextDirect2D.cpp:
        * platform/gtk/DragImageGtk.cpp:
        * platform/gtk/PasteboardGtk.cpp:
        * platform/gtk/PlatformPasteboardGtk.cpp:
        * platform/gtk/SelectionData.h:
        * platform/ios/PasteboardIOS.mm:
        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::write):
        * platform/ios/QuickLook.h:
        * platform/mac/DragDataMac.mm:
        (WebCore::DragData::asPlainText const):
        * platform/mac/DragImageMac.mm:
        * platform/mac/FileSystemMac.mm:
        (WebCore::FileSystem::setMetadataURL):
        * platform/mac/PasteboardMac.mm:
        * platform/mac/PasteboardWriter.mm:
        (WebCore::createPasteboardWriter):
        * platform/mac/PlatformPasteboardMac.mm:
        * platform/mac/PublicSuffixMac.mm:
        (WebCore::decodeHostName):
        * platform/mac/SSLKeyGeneratorMac.mm:
        * platform/mac/WebCoreNSURLExtras.h:
        * platform/mac/WebCoreNSURLExtras.mm:
        (WebCore::isArmenianLookalikeCharacter): Deleted.
        (WebCore::isArmenianScriptCharacter): Deleted.
        (WebCore::isASCIIDigitOrValidHostCharacter): Deleted.
        (WebCore::isLookalikeCharacter): Deleted.
        (WebCore::whiteListIDNScript): Deleted.
        (WebCore::readIDNScriptWhiteListFile): Deleted.
        (WebCore::allCharactersInIDNScriptWhiteList): Deleted.
        (WebCore::isSecondLevelDomainNameAllowedByTLDRules): Deleted.
        (WebCore::isRussianDomainNameCharacter): Deleted.
        (WebCore::allCharactersAllowedByTLDRules): Deleted.
        (WebCore::mapHostNameWithRange): Deleted.
        (WebCore::hostNameNeedsDecodingWithRange): Deleted.
        (WebCore::hostNameNeedsEncodingWithRange): Deleted.
        (WebCore::decodeHostNameWithRange): Deleted.
        (WebCore::encodeHostNameWithRange): Deleted.
        (WebCore::decodeHostName): Deleted.
        (WebCore::encodeHostName): Deleted.
        (WebCore::collectRangesThatNeedMapping): Deleted.
        (WebCore::collectRangesThatNeedEncoding): Deleted.
        (WebCore::collectRangesThatNeedDecoding): Deleted.
        (WebCore::applyHostNameFunctionToMailToURLString): Deleted.
        (WebCore::applyHostNameFunctionToURLString): Deleted.
        (WebCore::mapHostNames): Deleted.
        (WebCore::stringByTrimmingWhitespace): Deleted.
        (WebCore::URLByTruncatingOneCharacterBeforeComponent): Deleted.
        (WebCore::URLByRemovingResourceSpecifier): Deleted.
        (WebCore::URLWithData): Deleted.
        (WebCore::dataWithUserTypedString): Deleted.
        (WebCore::URLWithUserTypedString): Deleted.
        (WebCore::URLWithUserTypedStringDeprecated): Deleted.
        (WebCore::hasQuestionMarkOnlyQueryString): Deleted.
        (WebCore::dataForURLComponentType): Deleted.
        (WebCore::URLByRemovingComponentAndSubsequentCharacter): Deleted.
        (WebCore::URLByRemovingUserInfo): Deleted.
        (WebCore::originalURLData): Deleted.
        (WebCore::createStringWithEscapedUnsafeCharacters): Deleted.
        (WebCore::userVisibleString): Deleted.
        (WebCore::isUserVisibleURL): Deleted.
        (WebCore::rangeOfURLScheme): Deleted.
        (WebCore::looksLikeAbsoluteURL): Deleted.
        * platform/mediastream/MediaEndpointConfiguration.h:
        * platform/network/BlobPart.h:
        * platform/network/BlobRegistry.h:
        * platform/network/BlobRegistryImpl.h:
        * platform/network/BlobResourceHandle.cpp:
        * platform/network/CookieRequestHeaderFieldProxy.h:
        * platform/network/CredentialStorage.cpp:
        * platform/network/CredentialStorage.h:
        * platform/network/DataURLDecoder.cpp:
        * platform/network/DataURLDecoder.h:
        * platform/network/FormData.h:
        * platform/network/ProxyServer.h:
        * platform/network/ResourceErrorBase.h:
        * platform/network/ResourceHandle.cpp:
        (WebCore::ResourceHandle::didReceiveResponse):
        * platform/network/ResourceHandle.h:
        * platform/network/ResourceHandleClient.h:
        * platform/network/ResourceRequestBase.cpp:
        (WebCore::ResourceRequestBase::redirectedRequest const):
        * platform/network/ResourceRequestBase.h:
        * platform/network/ResourceResponseBase.h:
        * platform/network/SocketStreamHandle.h:
        * platform/network/cf/DNSResolveQueueCFNet.cpp:
        * platform/network/cf/NetworkStorageSessionCFNet.cpp:
        * platform/network/cf/ProxyServerCFNet.cpp:
        * platform/network/cf/ResourceErrorCF.cpp:
        * platform/network/cocoa/NetworkStorageSessionCocoa.mm:
        * platform/network/curl/CookieJarCurlDatabase.cpp: Added.
        (WebCore::cookiesForSession):
        (WebCore::CookieJarCurlDatabase::setCookiesFromDOM const):
        (WebCore::CookieJarCurlDatabase::setCookiesFromHTTPResponse const):
        (WebCore::CookieJarCurlDatabase::cookiesForDOM const):
        (WebCore::CookieJarCurlDatabase::cookieRequestHeaderFieldValue const):
        (WebCore::CookieJarCurlDatabase::cookiesEnabled const):
        (WebCore::CookieJarCurlDatabase::getRawCookies const):
        (WebCore::CookieJarCurlDatabase::deleteCookie const):
        (WebCore::CookieJarCurlDatabase::getHostnamesWithCookies const):
        (WebCore::CookieJarCurlDatabase::deleteCookiesForHostnames const):
        (WebCore::CookieJarCurlDatabase::deleteAllCookies const):
        (WebCore::CookieJarCurlDatabase::deleteAllCookiesModifiedSince const):
        * platform/network/curl/CookieJarDB.cpp:
        * platform/network/curl/CookieUtil.h:
        * platform/network/curl/CurlContext.h:
        * platform/network/curl/CurlProxySettings.h:
        * platform/network/curl/CurlResponse.h:
        * platform/network/curl/NetworkStorageSessionCurl.cpp:
        * platform/network/curl/ProxyServerCurl.cpp:
        * platform/network/curl/SocketStreamHandleImplCurl.cpp:
        * platform/network/mac/ResourceErrorMac.mm:
        * platform/network/soup/NetworkStorageSessionSoup.cpp:
        * platform/network/soup/ProxyServerSoup.cpp:
        * platform/network/soup/ResourceHandleSoup.cpp:
        * platform/network/soup/ResourceRequest.h:
        * platform/network/soup/ResourceRequestSoup.cpp:
        * platform/network/soup/SocketStreamHandleImplSoup.cpp:
        * platform/network/soup/SoupNetworkSession.cpp:
        * platform/network/soup/SoupNetworkSession.h:
        * platform/text/TextEncoding.h:
        * platform/win/BString.cpp:
        * platform/win/BString.h:
        * platform/win/ClipboardUtilitiesWin.cpp:
        (WebCore::markupToCFHTML):
        * platform/win/ClipboardUtilitiesWin.h:
        * platform/win/DragImageWin.cpp:
        * platform/win/PasteboardWin.cpp:
        * plugins/PluginData.h:
        * rendering/HitTestResult.h:
        * rendering/RenderAttachment.cpp:
        * svg/SVGImageLoader.cpp:
        (WebCore::SVGImageLoader::sourceURI const):
        * svg/SVGURIReference.cpp:
        * svg/graphics/SVGImage.h:
        * svg/graphics/SVGImageCache.h:
        * svg/graphics/SVGImageForContainer.h:
        * testing/Internals.cpp:
        (WebCore::Internals::resetToConsistentState):
        * testing/Internals.mm:
        (WebCore::Internals::userVisibleString):
        * testing/MockContentFilter.cpp:
        (WebCore::MockContentFilter::willSendRequest):
        * testing/MockPaymentCoordinator.cpp:
        * testing/js/WebCoreTestSupport.cpp:
        * workers/AbstractWorker.h:
        * workers/WorkerGlobalScope.h:
        * workers/WorkerGlobalScopeProxy.h:
        * workers/WorkerInspectorProxy.h:
        * workers/WorkerLocation.h:
        * workers/WorkerScriptLoader.h:
        * workers/WorkerThread.cpp:
        * workers/WorkerThread.h:
        * workers/service/ServiceWorker.h:
        * workers/service/ServiceWorkerClientData.h:
        * workers/service/ServiceWorkerContainer.cpp:
        * workers/service/ServiceWorkerContextData.h:
        * workers/service/ServiceWorkerData.h:
        * workers/service/ServiceWorkerJobData.h:
        * workers/service/ServiceWorkerRegistrationKey.cpp:
        * workers/service/ServiceWorkerRegistrationKey.h:
        (WTF::HashTraits<WebCore::ServiceWorkerRegistrationKey>::constructDeletedValue):
        * worklets/WorkletGlobalScope.h:
        * xml/XMLHttpRequest.h:

2018-11-30  Chris Dumez  <cdumez@apple.com>

        Drop unused Cross-Origin-Window-Policy from HTTPHeaderNames.in
        https://bugs.webkit.org/show_bug.cgi?id=192253

        Reviewed by Geoffrey Garen.

        * platform/network/HTTPHeaderNames.in:

2018-11-30  Justin Fan  <justin_fan@apple.com>

        [WebGPU] WebGPUQueue::submit and WebGPURenderingContext::present() implementation
        https://bugs.webkit.org/show_bug.cgi?id=192254

        Reviewed by Dean Jackson.

        Final plumbing to render onto an HTMLCanvasElement with WebGPU. Also added ref-test that draws 
        a green square onto a canvas using WebGPU; reference uses 2D canvas.

        Test: webgpu/simple-triangle-strip.html

        * Modules/webgpu/WebGPUCommandBuffer.h:
        * Modules/webgpu/WebGPUSwapChain.h: Needs to override platformLayer() for CanvasBasedRenderingContext.
        * platform/graphics/gpu/GPUQueue.h:
        * platform/graphics/gpu/GPUSwapChain.h:
        (WebCore::GPUSwapChain::metalLayer const): Renamed from platformLayer. 
        (WebCore::GPUSwapChain::platformLayer const): Deleted.
        * platform/graphics/gpu/cocoa/GPUQueueMetal.mm:
        (WebCore::GPUQueue::submit):
        * platform/graphics/gpu/cocoa/GPUSwapChainMetal.mm:
        (WebCore::GPUSwapChain::getNextTexture): Returns the texture of the swap layer's next drawable. 
        (WebCore::GPUSwapChain::present): Presents the last-returned drawable from getNextTexture, and frees it.
        (WebCore::GPUSwapChain::platformLayer const):

2018-11-30  Zalan Bujtas  <zalan@apple.com>

        Can’t use RalphLauren.com on iPad because hover menus don’t stay up
        https://bugs.webkit.org/show_bug.cgi?id=192236
        <rdar://problem/45792118>

        Reviewed by Geoffrey Garen.

        This patch introduces asynchronous content change observation.
        1. Start observing synchronous content change and timer install as the result of dispatching mouseMoved event.
        2. Start observing synchronous content change and style recalc schedule as the result of a timer callback (installed at #1).
        3. Start observing synchronous content change as the result of a style recalc (scheduled at #2).

        This patch also extends the timeout value from 100ms to 250ms. Certain content prefer longer timeouts (see http://briancherne.github.io/jquery-hoverIntent/ for details).  

        Test: fast/events/touch/ios/hover-when-style-change-is-async.html

        * dom/Document.cpp:
        (WebCore::Document::scheduleStyleRecalc):
        (WebCore::Document::updateStyleIfNeeded):
        * page/DOMTimer.cpp:
        (WebCore::DOMTimer::install):
        (WebCore::DOMTimer::fired):
        * platform/ios/wak/WKContentObservation.cpp:
        (WKStartObservingStyleRecalcScheduling):
        (WKStopObservingStyleRecalcScheduling):
        (WKIsObservingStyleRecalcScheduling):
        (WKSetShouldObserveNextStyleRecalc):
        (WKShouldObserveNextStyleRecalc):
        (WKSetObservedContentChange):
        * platform/ios/wak/WKContentObservation.h:

2018-11-30  Ryosuke Niwa  <rniwa@webkit.org>

        ShadowRoot should have styleSheets property
        https://bugs.webkit.org/show_bug.cgi?id=191311

        Reviewed by Antti Koivisto.

        Added the support for ShadowRoot.prototype.styleSheets by making StyleSheetList refer to either
        a document or a shadow root. We don't support the named getter in shadow root since that's not
        a standard feature: https://drafts.csswg.org/cssom/#the-stylesheetlist-interface

        Tests: fast/shadow-dom/shadowroot-stylesheets-wrapper-gc.html
               imported/w3c/web-platform-tests/shadow-dom/ShadowRoot-interface.html

        * css/StyleSheetList.cpp:
        (WebCore::StyleSheetList::StyleSheetList): Added a variant which takes ShadowRoot.
        (WebCore::StyleSheetList::styleSheets const):
        (WebCore::StyleSheetList::ownerNode): Added. The replacement for document() since now the opaque
        root could be either a Document or a ShadowRoot.
        (WebCore::StyleSheetList::detach): Renamed from detachFromDocument.
        (WebCore::StyleSheetList::namedItem const): Added a comment that the named getter is only supported
        for Document since it's not in the standard.
        * css/StyleSheetList.h:
        (WebCore::StyleSheetList::create): Added a variant which takes ShadowRoot.
        (WebCore::StyleSheetList::document): Deleted. Replaced by StyleSheetList::ownerNode in .cpp file.
        * css/StyleSheetList.idl:
        * dom/Document.cpp:
        (WebCore::Document::~Document):
        (WebCore::Document::styleSheets):
        * dom/Document.idl:
        * dom/DocumentOrShadowRoot.idl: Moved the declaration of styleSheets here from Document.idl.
        * dom/ShadowRoot.cpp:
        (WebCore::ShadowRoot::~ShadowRoot): Call detach.
        (WebCore::ShadowRoot::styleSheets):
        * dom/ShadowRoot.h:

2018-11-30  Chris Dumez  <cdumez@apple.com>

        [PSON] We are sometimes swapping processes even though there is an opened window with an opener link to us
        https://bugs.webkit.org/show_bug.cgi?id=192242

        Reviewed by Geoffrey Garen.

        Move the setting of the openedViaWindowOpenWithOpener & hasOpenedFrames flags on the
        NavigationAction from FrameLoader::loadURL(), to PolicyChecker::checkNavigationPolicy()
        to make sure those are always accurate and so that the UIProcess can make correct process
        swapping decisions.

        NavigationAction objects are created in other places than FrameLoader::loadURL() as well.
        Even PolicyChecker::checkNavigationPolicy() will create a NavigationAction object if
        there is not already one.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadURL):
        * loader/FrameLoader.h:
        (WebCore::FrameLoader::hasOpenedFrames const):
        * loader/PolicyChecker.cpp:
        (WebCore::PolicyChecker::checkNavigationPolicy):

2018-11-30  Don Olmstead  <don.olmstead@sony.com>

        Rename ENABLE_SUBTLE_CRYPTO to ENABLE_WEB_CRYPTO
        https://bugs.webkit.org/show_bug.cgi?id=192197

        Reviewed by Jiewen Tan.

        No new tests. No change in behavior.

        * Configurations/FeatureDefines.xcconfig:
        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneSerializer::dumpIfTerminal):
        (WebCore::CloneDeserializer::readTerminal):
        * crypto/CommonCryptoUtilities.cpp:
        * crypto/CommonCryptoUtilities.h:
        * crypto/CryptoAlgorithm.cpp:
        * crypto/CryptoAlgorithm.h:
        * crypto/CryptoAlgorithmIdentifier.h:
        * crypto/CryptoAlgorithmParameters.h:
        * crypto/CryptoAlgorithmParameters.idl:
        * crypto/CryptoAlgorithmRegistry.cpp:
        * crypto/CryptoAlgorithmRegistry.h:
        * crypto/CryptoKey.cpp:
        * crypto/CryptoKey.h:
        * crypto/CryptoKey.idl:
        * crypto/CryptoKeyFormat.h:
        * crypto/CryptoKeyPair.h:
        * crypto/CryptoKeyPair.idl:
        * crypto/CryptoKeyType.h:
        * crypto/CryptoKeyUsage.h:
        * crypto/CryptoKeyUsage.idl:
        * crypto/JsonWebKey.h:
        * crypto/JsonWebKey.idl:
        * crypto/RsaOtherPrimesInfo.h:
        * crypto/RsaOtherPrimesInfo.idl:
        * crypto/SerializedCryptoKeyWrap.h:
        * crypto/SubtleCrypto.cpp:
        * crypto/SubtleCrypto.h:
        * crypto/SubtleCrypto.idl:
        * crypto/algorithms/CryptoAlgorithmAES_CBC.cpp:
        * crypto/algorithms/CryptoAlgorithmAES_CBC.h:
        * crypto/algorithms/CryptoAlgorithmAES_CFB.cpp:
        * crypto/algorithms/CryptoAlgorithmAES_CFB.h:
        * crypto/algorithms/CryptoAlgorithmAES_CTR.cpp:
        * crypto/algorithms/CryptoAlgorithmAES_CTR.h:
        * crypto/algorithms/CryptoAlgorithmAES_GCM.cpp:
        * crypto/algorithms/CryptoAlgorithmAES_GCM.h:
        * crypto/algorithms/CryptoAlgorithmAES_KW.cpp:
        * crypto/algorithms/CryptoAlgorithmAES_KW.h:
        * crypto/algorithms/CryptoAlgorithmECDH.cpp:
        * crypto/algorithms/CryptoAlgorithmECDH.h:
        * crypto/algorithms/CryptoAlgorithmECDSA.cpp:
        * crypto/algorithms/CryptoAlgorithmECDSA.h:
        * crypto/algorithms/CryptoAlgorithmHKDF.cpp:
        * crypto/algorithms/CryptoAlgorithmHKDF.h:
        * crypto/algorithms/CryptoAlgorithmHMAC.cpp:
        * crypto/algorithms/CryptoAlgorithmHMAC.h:
        * crypto/algorithms/CryptoAlgorithmPBKDF2.cpp:
        * crypto/algorithms/CryptoAlgorithmPBKDF2.h:
        * crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.cpp:
        * crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.h:
        * crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp:
        * crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.h:
        * crypto/algorithms/CryptoAlgorithmRSA_OAEP.cpp:
        * crypto/algorithms/CryptoAlgorithmRSA_OAEP.h:
        * crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp:
        * crypto/algorithms/CryptoAlgorithmRSA_PSS.h:
        * crypto/algorithms/CryptoAlgorithmSHA1.cpp:
        * crypto/algorithms/CryptoAlgorithmSHA1.h:
        * crypto/algorithms/CryptoAlgorithmSHA224.cpp:
        * crypto/algorithms/CryptoAlgorithmSHA224.h:
        * crypto/algorithms/CryptoAlgorithmSHA256.cpp:
        * crypto/algorithms/CryptoAlgorithmSHA256.h:
        * crypto/algorithms/CryptoAlgorithmSHA384.cpp:
        * crypto/algorithms/CryptoAlgorithmSHA384.h:
        * crypto/algorithms/CryptoAlgorithmSHA512.cpp:
        * crypto/algorithms/CryptoAlgorithmSHA512.h:
        * crypto/gcrypt/CryptoAlgorithmAES_CBCGCrypt.cpp:
        * crypto/gcrypt/CryptoAlgorithmAES_CFBGCrypt.cpp:
        * crypto/gcrypt/CryptoAlgorithmAES_CTRGCrypt.cpp:
        * crypto/gcrypt/CryptoAlgorithmAES_GCMGCrypt.cpp:
        * crypto/gcrypt/CryptoAlgorithmAES_KWGCrypt.cpp:
        * crypto/gcrypt/CryptoAlgorithmECDHGCrypt.cpp:
        * crypto/gcrypt/CryptoAlgorithmECDSAGCrypt.cpp:
        * crypto/gcrypt/CryptoAlgorithmHKDFGCrypt.cpp:
        * crypto/gcrypt/CryptoAlgorithmHMACGCrypt.cpp:
        * crypto/gcrypt/CryptoAlgorithmPBKDF2GCrypt.cpp:
        * crypto/gcrypt/CryptoAlgorithmRSAES_PKCS1_v1_5GCrypt.cpp:
        * crypto/gcrypt/CryptoAlgorithmRSASSA_PKCS1_v1_5GCrypt.cpp:
        * crypto/gcrypt/CryptoAlgorithmRSA_OAEPGCrypt.cpp:
        * crypto/gcrypt/CryptoAlgorithmRSA_PSSGCrypt.cpp:
        * crypto/gcrypt/CryptoAlgorithmRegistryGCrypt.cpp:
        * crypto/gcrypt/CryptoKeyECGCrypt.cpp:
        * crypto/gcrypt/CryptoKeyRSAGCrypt.cpp:
        * crypto/gcrypt/SerializedCryptoKeyWrapGCrypt.cpp:
        * crypto/keys/CryptoAesKeyAlgorithm.idl:
        * crypto/keys/CryptoEcKeyAlgorithm.idl:
        * crypto/keys/CryptoHmacKeyAlgorithm.idl:
        * crypto/keys/CryptoKeyAES.cpp:
        * crypto/keys/CryptoKeyAES.h:
        * crypto/keys/CryptoKeyAlgorithm.idl:
        * crypto/keys/CryptoKeyEC.cpp:
        * crypto/keys/CryptoKeyEC.h:
        * crypto/keys/CryptoKeyHMAC.cpp:
        * crypto/keys/CryptoKeyHMAC.h:
        * crypto/keys/CryptoKeyRSA.cpp:
        * crypto/keys/CryptoKeyRSA.h:
        * crypto/keys/CryptoKeyRSAComponents.cpp:
        * crypto/keys/CryptoKeyRSAComponents.h:
        * crypto/keys/CryptoKeyRaw.cpp:
        * crypto/keys/CryptoKeyRaw.h:
        * crypto/keys/CryptoRsaHashedKeyAlgorithm.idl:
        * crypto/keys/CryptoRsaKeyAlgorithm.idl:
        * crypto/mac/CommonCryptoDERUtilities.cpp:
        * crypto/mac/CommonCryptoDERUtilities.h:
        * crypto/mac/CryptoAlgorithmAES_CBCMac.cpp:
        * crypto/mac/CryptoAlgorithmAES_CFBMac.cpp:
        * crypto/mac/CryptoAlgorithmAES_CTRMac.cpp:
        * crypto/mac/CryptoAlgorithmAES_GCMMac.cpp:
        * crypto/mac/CryptoAlgorithmAES_KWMac.cpp:
        * crypto/mac/CryptoAlgorithmECDHMac.cpp:
        * crypto/mac/CryptoAlgorithmECDSAMac.cpp:
        * crypto/mac/CryptoAlgorithmHKDFMac.cpp:
        * crypto/mac/CryptoAlgorithmHMACMac.cpp:
        * crypto/mac/CryptoAlgorithmPBKDF2Mac.cpp:
        * crypto/mac/CryptoAlgorithmRSAES_PKCS1_v1_5Mac.cpp:
        * crypto/mac/CryptoAlgorithmRSASSA_PKCS1_v1_5Mac.cpp:
        * crypto/mac/CryptoAlgorithmRSA_OAEPMac.cpp:
        * crypto/mac/CryptoAlgorithmRSA_PSSMac.cpp:
        * crypto/mac/CryptoAlgorithmRegistryMac.cpp:
        * crypto/mac/CryptoDigestAlgorithm.h:
        * crypto/mac/CryptoKeyECMac.cpp:
        * crypto/mac/CryptoKeyMac.cpp:
        * crypto/mac/CryptoKeyRSAMac.cpp:
        * crypto/mac/SerializedCryptoKeyWrapMac.mm:
        * crypto/parameters/AesCbcCfbParams.idl:
        * crypto/parameters/AesCtrParams.idl:
        * crypto/parameters/AesGcmParams.idl:
        * crypto/parameters/AesKeyParams.idl:
        * crypto/parameters/CryptoAlgorithmAesCbcCfbParams.h:
        * crypto/parameters/CryptoAlgorithmAesCtrParams.h:
        * crypto/parameters/CryptoAlgorithmAesGcmParams.h:
        * crypto/parameters/CryptoAlgorithmAesKeyParams.h:
        * crypto/parameters/CryptoAlgorithmEcKeyParams.h:
        * crypto/parameters/CryptoAlgorithmEcdhKeyDeriveParams.h:
        * crypto/parameters/CryptoAlgorithmEcdsaParams.h:
        * crypto/parameters/CryptoAlgorithmHkdfParams.h:
        * crypto/parameters/CryptoAlgorithmHmacKeyParams.h:
        * crypto/parameters/CryptoAlgorithmPbkdf2Params.h:
        * crypto/parameters/CryptoAlgorithmRsaHashedImportParams.h:
        * crypto/parameters/CryptoAlgorithmRsaHashedKeyGenParams.h:
        * crypto/parameters/CryptoAlgorithmRsaKeyGenParams.h:
        * crypto/parameters/CryptoAlgorithmRsaOaepParams.h:
        * crypto/parameters/CryptoAlgorithmRsaPssParams.h:
        * crypto/parameters/EcKeyParams.idl:
        * crypto/parameters/EcdhKeyDeriveParams.idl:
        * crypto/parameters/EcdsaParams.idl:
        * crypto/parameters/HkdfParams.idl:
        * crypto/parameters/HmacKeyParams.idl:
        * crypto/parameters/Pbkdf2Params.idl:
        * crypto/parameters/RsaHashedImportParams.idl:
        * crypto/parameters/RsaHashedKeyGenParams.idl:
        * crypto/parameters/RsaKeyGenParams.idl:
        * crypto/parameters/RsaOaepParams.idl:
        * crypto/parameters/RsaPssParams.idl:
        * dom/Document.cpp:
        * dom/Document.h:
        * dom/ScriptExecutionContext.h:
        * page/ChromeClient.h:
        * page/Crypto.cpp:
        (WebCore::Crypto::Crypto):
        * page/Crypto.h:
        * page/Crypto.idl:
        * platform/GCrypt.cmake:
        * platform/LocalizedStrings.cpp:
        * platform/LocalizedStrings.h:
        * workers/WorkerGlobalScope.cpp:
        * workers/WorkerGlobalScope.h:
        * worklets/WorkletGlobalScope.h:

2018-11-30  Wenson Hsieh  <wenson_hsieh@apple.com>

        Replace "auto fill" with "AutoFill" in some localizable strings
        https://bugs.webkit.org/show_bug.cgi?id=192233
        <rdar://problem/46311614>

        Reviewed by Chris Fleizach.

        Replace "autofill" with "AutoFill".

        * en.lproj/Localizable.strings:
        * platform/LocalizedStrings.cpp:
        (WebCore::AXAutoFillCredentialsLabel):
        (WebCore::AXAutoFillContactsLabel):
        (WebCore::AXAutoFillStrongPasswordLabel):
        (WebCore::AXAutoFillCreditCardLabel):

2018-11-29  Ryosuke Niwa  <rniwa@webkit.org>

        Add CEReactions=NotNeeded on all the relevant IDL files
        https://bugs.webkit.org/show_bug.cgi?id=188368
        <rdar://problem/42987753>

        Rubber-stamped by Antti Koivisto.

        Based on a patch written by Frederic Wang. Added CEReactions=NotNeeded to all the places
        we don't need CEReactions because we don't implement customized builtins but are marked with
        CEReactions in the HTML specification.

        * html/HTMLAnchorElement.idl:
        * html/HTMLAreaElement.idl:
        * html/HTMLBRElement.idl:
        * html/HTMLBaseElement.idl:
        * html/HTMLBodyElement.idl:
        * html/HTMLButtonElement.idl:
        * html/HTMLCanvasElement.idl:
        * html/HTMLDListElement.idl:
        * html/HTMLDataElement.idl:
        * html/HTMLDetailsElement.idl:
        * html/HTMLDirectoryElement.idl:
        * html/HTMLDivElement.idl:
        * html/HTMLEmbedElement.idl:
        * html/HTMLFieldSetElement.idl:
        * html/HTMLFontElement.idl:
        * html/HTMLFormElement.idl:
        * html/HTMLFrameElement.idl:
        * html/HTMLFrameSetElement.idl:
        * html/HTMLHRElement.idl:
        * html/HTMLHeadingElement.idl:
        * html/HTMLHtmlElement.idl:
        * html/HTMLHyperlinkElementUtils.idl:
        * html/HTMLImageElement.idl:
        * html/HTMLInputElement.idl:
        * html/HTMLLIElement.idl:
        * html/HTMLLabelElement.idl:
        * html/HTMLLegendElement.idl:
        * html/HTMLLinkElement.idl:
        * html/HTMLMapElement.idl:
        * html/HTMLMarqueeElement.idl:
        * html/HTMLMediaElement.idl:
        * html/HTMLMenuElement.idl:
        * html/HTMLMetaElement.idl:
        * html/HTMLMeterElement.idl:
        * html/HTMLModElement.idl:
        * html/HTMLOListElement.idl:
        * html/HTMLObjectElement.idl:
        * html/HTMLOptGroupElement.idl:
        * html/HTMLOptionElement.idl:
        * html/HTMLOutputElement.idl:
        * html/HTMLParagraphElement.idl:
        * html/HTMLParamElement.idl:
        * html/HTMLPreElement.idl:
        * html/HTMLProgressElement.idl:
        * html/HTMLQuoteElement.idl:
        * html/HTMLScriptElement.idl:
        * html/HTMLSlotElement.idl:
        * html/HTMLSourceElement.idl:
        * html/HTMLStyleElement.idl:
        * html/HTMLTableCaptionElement.idl:
        * html/HTMLTableCellElement.idl:
        * html/HTMLTableColElement.idl:
        * html/HTMLTableElement.idl:
        * html/HTMLTableRowElement.idl:
        * html/HTMLTableSectionElement.idl:
        * html/HTMLTextAreaElement.idl:
        * html/HTMLTimeElement.idl:
        * html/HTMLTrackElement.idl:
        * html/HTMLUListElement.idl:
        * html/HTMLVideoElement.idl:

2018-11-30  Alexey Proskuryakov  <ap@apple.com>

        Move USE_CFNETWORK_IGNORE_HSTS to its proper place
        https://bugs.webkit.org/show_bug.cgi?id=192173

        Reviewed by Tim Horton.

        * platform/network/mac/WebCoreURLResponse.mm:
        (WebCore::schemeWasUpgradedDueToDynamicHSTS):

2018-11-30  Basuke Suzuki  <basuke.suzuki@sony.com>

        [Curl] Add API for ProtectionSpace.
        https://bugs.webkit.org/show_bug.cgi?id=191648

        Reviewed by Alex Christensen.

        Create a platform dependent header and implementation files for ProtectionSpace.

        No new tests because there's no behavior change.

        * platform/Curl.cmake:
        * platform/network/ProtectionSpace.h:
        * platform/network/curl/ProtectionSpaceCurl.cpp: Added.
        (WebCore::ProtectionSpace::certificateInfo const):
        * platform/network/curl/ProtectionSpaceCurl.h: Added.
        (WebCore::ProtectionSpace::ProtectionSpace):
        (WebCore::ProtectionSpace::encodingRequiresPlatformData const):
        (WebCore::ProtectionSpace::platformCompare):

2018-11-30  Justin Fan  <justin_fan@apple.com>

        [WebGPU] Flesh out WebGPURenderPassDescriptor to match the WebGPU IDL
        https://bugs.webkit.org/show_bug.cgi?id=192213

        Reviewed by Dean Jackson.

        WebGPU prototype now uses WebGPURenderPassColorAttachmentDescriptor in WebGPURenderPassDescriptor to match the WebGPU Sketch.
        WebGPU developer can now also set the clearColor in WebGPURenderPassDescriptor.

        No new tests. Older WebGPURenderPass* tests updated. 

        * CMakeLists.txt:
        * DerivedSources.make:
        * Modules/webgpu/WebGPUColor.h: Added. Typedef'd to GPUColor.h.
        * Modules/webgpu/WebGPUColor.idl: Added.
        * Modules/webgpu/WebGPUCommandBuffer.cpp:
        (WebCore::WebGPUCommandBuffer::beginRenderPass): Updated to error check and support the new structure of WebGPURenderPassDescriptor.
        * Modules/webgpu/WebGPURenderPassColorAttachmentDescriptor.h: Added.
        * Modules/webgpu/WebGPURenderPassColorAttachmentDescriptor.idl: Added.
        * Modules/webgpu/WebGPURenderPassDescriptor.h: 
        * Modules/webgpu/WebGPURenderPassDescriptor.idl: Updated to match the sketch IDL.
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/graphics/gpu/GPUColor.h: Added.
        * platform/graphics/gpu/GPURenderPassColorAttachmentDescriptor.h: Added. Backing struct for WebGPU__.
        * platform/graphics/gpu/GPURenderPassDescriptor.h: Updated to match new WebGPURenderPassDescriptor.
        * platform/graphics/gpu/cocoa/GPURenderPassEncoderMetal.mm:
        (WebCore::GPURenderPassEncoder::create): Now also uses clearColor set by developer.

2018-11-30  Andy Estes  <aestes@apple.com>

        [Cocoa] Add some WKA extension points
        https://bugs.webkit.org/show_bug.cgi?id=192131
        <rdar://problem/46330293>

        Reviewed by Tim Horton.

        * DerivedSources.make: Added an extension point for derived sources.
        * Modules/applepay/PaymentCoordinatorClient.h: Added an extension point for
        PaymentCoordinatorClient.
        * SourcesCocoa.txt: Added WebCoreAdditions.mm as a non-unified source.
        * WebCore.xcodeproj/project.pbxproj: Added WebCoreAdditions.mm.
        * bindings/js/WebCoreBuiltinNames.h: Added an extension point for built-in names.
        * page/SettingsBase.h: Added an extension point for settings.
        * platform/cocoa/WebCoreAdditions.mm: Added.

2018-11-30  Xabier Rodriguez Calvar  <calvaris@igalia.com>

        [GStreamer][EME] CDMInstance should be shipped as a GstContext to the decryptors
        https://bugs.webkit.org/show_bug.cgi?id=192075

        Reviewed by Philippe Normand.

        So far, we were shipping the CDMInstance in an event to the
        decryptors and they were requesting it with bus messages when it
        was not found. Now we ship it with a GstContext that is set to the
        pipeline and read from the decryptors, which is now always
        available.

        As a consequence of changing this flow, the attemptToDecrypt one
        was affected as well because it was tied to CDMInstance
        shipment. A workaround was added: when the decryptors send the
        waitingForKey, an attemptToDecrypt will be performed. A FIXME was
        added for this. A subconsequence is that
        attemptToDecryptWithInstance is reworked to rely always in
        attemptToDecryptWithLocal instance, the former becomes final and
        the latter virtual.

        This is a rework, no new tests needed.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::handleMessage):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::cdmInstanceAttached):
        (WebCore::MediaPlayerPrivateGStreamerBase::cdmInstanceDetached):
        (WebCore::MediaPlayerPrivateGStreamerBase::attemptToDecryptWithLocalInstance):
        (WebCore::MediaPlayerPrivateGStreamerBase::dispatchCDMInstance): Deleted.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
        * platform/graphics/gstreamer/eme/WebKitCommonEncryptionDecryptorGStreamer.cpp:
        (webkit_media_common_encryption_decrypt_class_init):
        (webkitMediaCommonEncryptionDecryptTransformInPlace):
        (webkitMediaCommonEncryptionDecryptIsCDMInstanceAvailable):
        (webkitMediaCommonEncryptionDecryptSinkEventHandler):
        (webKitMediaCommonEncryptionDecryptorSetContext):
        * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
        (WebCore::MediaPlayerPrivateGStreamerMSE::attemptToDecryptWithLocalInstance):
        (WebCore::MediaPlayerPrivateGStreamerMSE::attemptToDecryptWithInstance): Deleted.
        * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.h:

2018-11-30  Zalan Bujtas  <zalan@apple.com>

        [LFC][BFC] Compute min/maxHeight margins only when they are needed.
        https://bugs.webkit.org/show_bug.cgi?id=192223

        Reviewed by Antti Koivisto.

        Test: fast/block/block-only/collapsed-margin-with-min-height.html

        * layout/blockformatting/BlockFormattingContext.cpp:
        (WebCore::Layout::BlockFormattingContext::computeHeightAndMargin const):

2018-11-30  Zalan Bujtas  <zalan@apple.com>

        [LFC][BFC] Geometry::inFlowNonReplacedHeightAndMargin should check for empty inline formatting context.
        https://bugs.webkit.org/show_bug.cgi?id=192215

        Reviewed by Antti Koivisto.

        Check if the inline formatting context actually has any lines.

        * layout/blockformatting/BlockFormattingContextGeometry.cpp:
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowNonReplacedHeightAndMargin):

2018-11-30  Zalan Bujtas  <zalan@apple.com>

        [LFC][BFC][MarginCollapsing] Do not use computed display box values for border and padding
        https://bugs.webkit.org/show_bug.cgi?id=192214

        Reviewed by Antti Koivisto.

        Border and padding values are not necessarily computed yet when we try to estimate the margin top value. Estimating margin top is required
        to be able to place floats (vertically) sooner than we would compute the final vertical position for a regular block box.

        <body><div style="float: left"></div><div><div style="margin: 10px;"></div></div>

        In the above example, to estimate a final vertical position of the floating box, we need to know whether the nested div's margin is collapsed
        all the way up to the body. However in order to find it out we need to check for borders and paddings (they stop margin collapsing).
        At the time when the floating box is being laied out, those <div> block boxes are still far down in the layout queue.

        * layout/blockformatting/BlockFormattingContext.h:
        * layout/blockformatting/BlockFormattingContextGeometry.cpp:
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowNonReplacedHeightAndMargin):
        * layout/blockformatting/BlockMarginCollapse.cpp:
        (WebCore::Layout::hasBorder):
        (WebCore::Layout::hasPadding):
        (WebCore::Layout::hasBorderBefore):
        (WebCore::Layout::hasBorderAfter):
        (WebCore::Layout::hasPaddingBefore):
        (WebCore::Layout::hasPaddingAfter):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::isMarginTopCollapsedWithParent):
        (WebCore::Layout::isMarginBottomCollapsedThrough):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginTop):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginBottom):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::isMarginBottomCollapsedWithParent):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::collapsedMarginBottomFromLastChild):

2018-11-29  Frederic Wang  <fwang@igalia.com>

        Separate paint and scroll offsets for RenderLayerBacking::m_scrollingContentsLayer
        https://bugs.webkit.org/show_bug.cgi?id=183040

        Currently, scroll offset of RenderLayerBacking::m_scrollingContentsLayer is stored in the
        GraphicsLayer::m_offsetFromRenderer member used for paint offset. This patch separates these
        two concept by introducing a new GraphicsLayer::m_scrollOffset for the scroll offset. This
        makes the API a little bit cleaner, the code easier to understand and might avoid unnecessary
        repaints in composited scroll.

        Reviewed by Simon Fraser.

        No new tests, already covered by existing tests.

        * platform/graphics/GraphicsLayer.cpp:
        (WebCore::GraphicsLayer::setScrollOffset): Setter function to update the scroll offset
        of the content layer inside its scrolling parent layer. Ask a repaint if it has changed and
        is requested by the caller.
        (WebCore::GraphicsLayer::paintGraphicsLayerContents): Take into account the scroll offset
        when painting.
        (WebCore::GraphicsLayer::dumpProperties const): Dump the scroll offset property.
        * platform/graphics/GraphicsLayer.h: Include ScrollableArea for the ScrollOffset typedef.
        Add member for the scroll offset of the content layer inside its scrolling parent layer.
        (WebCore::GraphicsLayer::scrollOffset const): Getter function.
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateGeometry): Do not include the scroll offset in the
        paint offset of m_scrollingContentsLayer since it is now taken into account in
        paintGraphicsLayerContents. Update the scroll offset of m_scrollingContentsLayer separately.
        Leave the paint offset of m_foregroundLayer unchanged.
        (WebCore::RenderLayerBacking::setContentsNeedDisplayInRect): Take into account the scroll
        offset of m_scrollingContentsLayer when calculating the dirty rect.

2018-11-29  Simon Fraser  <simon.fraser@apple.com>

        Overflow scrolling layers need to be self-painting
        https://bugs.webkit.org/show_bug.cgi?id=192201

        Reviewed by Dean Jackson.
        
        Overflow scrolling layers paint their contents, so need to be self-painting in the RenderLayer sense.
        
        Without this change, the overflow in the testcase doesn't get any compositing layers.

        Test: compositing/scrolling/overflow-scrolling-layers-are-self-painting.html

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::calculateClipRects const):

2018-11-29  Christopher Reid  <chris.reid@sony.com>

        [Win] listDirectory in FileSystemWin.cpp should not skip all directories
        https://bugs.webkit.org/show_bug.cgi?id=192042

        Reviewed by Fujii Hironori.

        Covered by existing tests.

        listDirectory is not returning any child directories which is causing
        ASSERT(diskUsage >= databaseFileSize) in SQLiteIDBBackingStore.cpp to fail.

        Change listDirectory in FileSystemWin to match FileSystemPOSIX's behavior.
        listDirectory should only skip the current and previous directories.

        * platform/win/FileSystemWin.cpp:

2018-11-29  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r238713.

        Breaks internal builds.

        Reverted changeset:

        "[Cocoa] Add some WKA extension points"
        https://bugs.webkit.org/show_bug.cgi?id=192131
        https://trac.webkit.org/changeset/238713

2018-11-29  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r238680.

        Caused existing webrtc layout tests to fail an assertion.

        Reverted changeset:

        "A sender created through addTransceiver and populated using
        addTrack should have its source set"
        https://bugs.webkit.org/show_bug.cgi?id=192136
        https://trac.webkit.org/changeset/238680

2018-11-29  Justin Fan  <justin_fan@apple.com>

        Remove dangling WebGPU file references from WebCore project
        https://bugs.webkit.org/show_bug.cgi?id=192185

        Unreviewed project file gardening.

        No new tests.

        * WebCore.xcodeproj/project.pbxproj:

2018-11-29  Keith Rollin  <krollin@apple.com>

        Unreviewed build fix.

        r238637 introduced some DerivedSources.make changes that could produce
        some invalid .idl files, leading to IDLParser.pm error messages.

        * DerivedSources.make:

2018-11-29  Simon Fraser  <simon.fraser@apple.com>

        Add an internal feature flag to enable async overflow scrolling
        https://bugs.webkit.org/show_bug.cgi?id=192184

        Reviewed by Tim Horton.

        Add a new internal feature flag that will enable async overflow-scrolling for
        most overflow:scroll elements. Defaults to off.
        
        Make the "UseAcceleratedTouchScrolling" terminology in RenderLayer etc be more generic,
        and refer to async overflow scrolling.

        * page/Settings.yaml:
        * rendering/RenderLayer.cpp:
        (WebCore::canCreateStackingContext): Remove a line which is not necessary, since -webkit-overflow-scrolling: touch
        already triggers non-auto z-index via code in StyleResolver::adjustRenderStyle().
        (WebCore::RenderLayer::canUseCompositedScrolling const):
        (WebCore::RenderLayer::hasCompositedScrollableOverflow const):
        (WebCore::RenderLayer::handleTouchEvent):
        (WebCore::RenderLayer::usesAsyncScrolling const):
        (WebCore::RenderLayer::updateScrollInfoAfterLayout):
        (WebCore::RenderLayer::showsOverflowControls const):
        (WebCore::RenderLayer::calculateClipRects const):
        (WebCore::RenderLayer::canUseAcceleratedTouchScrolling const): Deleted.
        (WebCore::RenderLayer::hasTouchScrollableOverflow const): Deleted.
        * rendering/RenderLayer.h:
        * rendering/RenderLayerBacking.cpp:
        (WebCore::layerOrAncestorIsTransformedOrUsingCompositedScrolling):
        (WebCore::RenderLayerBacking::updateConfiguration):
        (WebCore::RenderLayerBacking::computeParentGraphicsLayerRect const):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::requiresCompositingForOverflowScrolling const):
        (WebCore::RenderLayerCompositor::isAsyncScrollableStickyLayer const):
        (WebCore::RenderLayerCompositor::useCoordinatedScrollingForLayer const):

2018-11-29  Andy Estes  <aestes@apple.com>

        [Cocoa] Add some WKA extension points
        https://bugs.webkit.org/show_bug.cgi?id=192131
        <rdar://problem/46330293>

        Reviewed by Tim Horton.

        * DerivedSources.make: Added an extension point for derived sources.
        * Modules/applepay/PaymentCoordinatorClient.h: Added an extension point for
        PaymentCoordinatorClient.
        * SourcesCocoa.txt: Added WebCoreAdditions.mm as a non-unified source.
        * WebCore.xcodeproj/project.pbxproj: Added WebCoreAdditions.mm.
        * bindings/js/WebCoreBuiltinNames.h: Added an extension point for built-in names.
        * page/SettingsBase.h: Added an extension point for settings.
        * platform/cocoa/WebCoreAdditions.mm: Added.

2018-11-29  Tim Horton  <timothy_horton@apple.com>

        Make drawing tools available when an editable image is focused
        https://bugs.webkit.org/show_bug.cgi?id=192172
        <rdar://problem/30337960>

        Reviewed by Dean Jackson.

        * editing/Editor.cpp:
        (WebCore::Editor::insertEditableImage):
        * editing/Editor.h:
        * editing/InsertEditableImageCommand.cpp:
        (WebCore::InsertEditableImageCommand::insertEditableImage):
        (WebCore::InsertEditableImageCommand::doApply):
        * editing/InsertEditableImageCommand.h:
        Add InsertEditableImageCommand::insertEditableImage, which returns the
        inserted image element.

        * html/HTMLImageElement.h:
        Make HTMLImageElement focusable if it is editable.

2018-11-29  Zalan Bujtas  <zalan@apple.com>

        [LFC][BFC][Quirk] Body and html height stretching.
        https://bugs.webkit.org/show_bug.cgi?id=192154

        Reviewed by Antti Koivisto.

        This patch takes the document box's margin/border/padding into account when stretching html/body to the height of the initial containing block.

        Tests: fast/block/block-only/body-height-with-auto-html-height-quirk.html
               fast/block/block-only/body-height-with-auto-html-height-quirk2.html
               fast/block/block-only/body-height-with-non-auto-html-height-quirk.html
               fast/block/block-only/body-height-with-non-auto-html-height-quirk2.html

        * layout/blockformatting/BlockFormattingContext.h:
        * layout/blockformatting/BlockFormattingContextGeometry.cpp:
        (WebCore::Layout::BlockFormattingContext::Geometry::estimatedMarginBottom):
        * layout/blockformatting/BlockFormattingContextQuirks.cpp:
        (WebCore::Layout::BlockFormattingContext::Quirks::stretchedHeight):

2018-11-29  Justin Fan  <justin_fan@apple.com>

        [WebGPU] Replace forward declare of WebGPUCommandBuffer with include
        https://bugs.webkit.org/show_bug.cgi?id=192179

        Unreviewed build fix.

        No new tests. No behavior change.

        * Modules/webgpu/WebGPUProgrammablePassEncoder.cpp:
        * Modules/webgpu/WebGPUProgrammablePassEncoder.h:

2018-11-29  Zalan Bujtas  <zalan@apple.com>

        [ContentObservation] Make WKSetObservedContentChange logic more explicit.
        https://bugs.webkit.org/show_bug.cgi?id=192183

        Reviewed by Simon Fraser.

        * platform/ios/wak/WKContentObservation.cpp:
        (WKSetObservedContentChange):
        (WebThreadRemoveObservedDOMTimer):

2018-11-29  Youenn Fablet  <youenn@apple.com>

        CSS subresource loads should not be observable from resource timing if the stylesheet is opaque
        https://bugs.webkit.org/show_bug.cgi?id=192132

        Reviewed by Ryosuke Niwa.

        Introduce a new ResourceLoaderOptions to determine whether a load is made from a resource that is opaque.
        Make use of that option to disable exposing such loads to the web page through resource timing.
        The same option might later be used to bypass service workers.

        Make use of this option for CSS subresource loads.
        When the CSS stylesheet is opaque for the page, set this option.

        Test: http/tests/security/clean-origin-exposed-resource-timing.html
              http/tests/security/cross-origin-resource-timing.html

        * css/CSSCursorImageValue.cpp:
        (WebCore::CSSCursorImageValue::CSSCursorImageValue):
        (WebCore::CSSCursorImageValue::loadImage):
        * css/CSSCursorImageValue.h:
        * css/CSSFontFaceSrcValue.cpp:
        (WebCore::CSSFontFaceSrcValue::cachedFont):
        * css/CSSFontFaceSrcValue.h:
        * css/CSSImageSetValue.cpp:
        (WebCore::CSSImageSetValue::CSSImageSetValue):
        (WebCore::CSSImageSetValue::loadBestFitImage):
        * css/CSSImageSetValue.h:
        * css/CSSImageValue.cpp:
        (WebCore::CSSImageValue::CSSImageValue):
        (WebCore::CSSImageValue::loadImage):
        * css/CSSImageValue.h:
        * css/CSSStyleSheet.h:
        * css/StyleRuleImport.cpp:
        (WebCore::StyleRuleImport::setCSSStyleSheet):
        (WebCore::StyleRuleImport::requestStyleSheet):
        * css/StyleSheetContents.h:
        * css/parser/CSSParserContext.h:
        * css/parser/CSSPropertyParser.cpp:
        (WebCore::consumeCursor):
        (WebCore::consumeFontFaceSrcURI):
        * css/parser/CSSPropertyParserHelpers.cpp:
        (WebCore::CSSPropertyParserHelpers::consumeImageSet):
        (WebCore::CSSPropertyParserHelpers::consumeImage):
        * html/HTMLBodyElement.cpp:
        (WebCore::HTMLBodyElement::collectStyleForPresentationAttribute):
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::initializeStyleSheet):
        (WebCore::HTMLLinkElement::setCSSStyleSheet):
        * html/HTMLTableElement.cpp:
        (WebCore::HTMLTableElement::collectStyleForPresentationAttribute):
        * html/HTMLTablePartElement.cpp:
        (WebCore::HTMLTablePartElement::collectStyleForPresentationAttribute):
        * loader/ResourceLoaderOptions.h:
        * loader/ResourceTimingInformation.cpp:
        (WebCore::ResourceTimingInformation::shouldAddResourceTiming):
        * svg/SVGFontFaceUriElement.cpp:
        (WebCore::SVGFontFaceUriElement::srcValue const):

2018-11-29  Megan Gardner  <megan_gardner@apple.com>

        Move Lookup Code for better cross platform usage
        https://bugs.webkit.org/show_bug.cgi?id=191732

        Reviewed by Alex Christensen.

        Not currenlty testable

        DictionaryLookup uses Reveal now, which is slated to be cross-platform.
        That patch gates the parts of DictionaryLookup that currently do not have
        an available implementation on iOS. Once Reveal is ready, this code will be
        replaced or expanded upon, as appropriate.

        * editing/mac/DictionaryLookup.h:
        * editing/mac/DictionaryLookup.mm:
        (WebCore::showPopupOrCreateAnimationController):
        (WebCore::DictionaryLookup::showPopup):
        (WebCore::DictionaryLookup::hidePopup):
        (WebCore::DictionaryLookup::animationControllerForPopup):

2018-11-29  Joseph Pecoraro  <pecoraro@apple.com>

        [Cocoa] Move ServerTimingParser.* into a better group in the Xcode project
        https://bugs.webkit.org/show_bug.cgi?id=192180

        Reviewed by Simon Fraser.

        * WebCore.xcodeproj/project.pbxproj:

2018-11-29  Zalan Bujtas  <zalan@apple.com>

        [ContentObservation] DOMTimer::install should explicitly check if timer observation is on
        https://bugs.webkit.org/show_bug.cgi?id=192181

        Reviewed by Simon Fraser.

        * page/DOMTimer.cpp:
        (WebCore::DOMTimer::install):
        * platform/ios/wak/WKContentObservation.cpp:
        (WKIsObservingDOMTimerScheduling):
        * platform/ios/wak/WKContentObservation.h:

2018-11-29  Ryosuke Niwa  <rniwa@webkit.org>

        Executing "insertunorderedlist" while selecting a contenteditable element inside a shadow dom hangs the browser
        https://bugs.webkit.org/show_bug.cgi?id=184049
        <rdar://problem/38931033>

        Reviewed by Antti Koivisto.

        The primary hung was caused by TextIterator::advance traversing the next node in the tree order using
        NodeTraversal::next which doesn't take the composed tree into account. Fixed the bug by traversing
        the composed tree while sharing code with StylizedMarkupAccumulator.

        This revealed a second hang in InsertListCommand::doApply() caused by endingSelection() being null,
        which was caused by CompositeEditCommand::moveParagraphs failing to restore the ending selection properly
        because it was computing the text indices difference from the beginning of the document until the destination.

        Fixed this second bug by computing the indices against the beginning of the root editable element.
        Note that editability never crosses a shadow boundary.

        Test: editing/execCommand/insert-unordered-list-in-shadow-tree.html

        * dom/ComposedTreeIterator.h:
        (WebCore::nextSkippingChildrenInComposedTreeIgnoringUserAgentShadow): Extracted out of nextSkippingChildren
        in markup.cpp.
        (WebCore::nextInComposedTreeIgnoringUserAgentShadow): Added.
        * editing/CompositeEditCommand.cpp:
        (WebCore::CompositeEditCommand::moveParagraphs): Compute the index from the beginning of the root editable
        element as opposed to the beginning of the document.
        * editing/TextIterator.cpp:
        (WebCore::nextNode): Added.
        (WebCore::isDescendantOf): Added.
        (WebCore::TextIterator::advance): Use the newly added functions to traverse the composed tree when the options
        contains TextIteratorTraversesFlatTree.
        * editing/markup.cpp:

2018-11-29  Zalan Bujtas  <zalan@apple.com>

        [ContentObservation] Decouple content change and DOM timer scheduling observation
        https://bugs.webkit.org/show_bug.cgi?id=192170

        Reviewed by Simon Fraser.

        This is in preparation for adding style recalc scheduling observation (the main goal here is to simplify the indeterminate change logic).

        * page/DOMTimer.cpp:
        (WebCore::DOMTimer::fired):
        * page/ios/EventHandlerIOS.mm:
        (WebCore::EventHandler::mouseMoved):
        * platform/ios/wak/WKContentObservation.cpp:
        (WKStartObservingContentChanges):
        (WKStopObservingContentChanges):
        (WKStartObservingDOMTimerSchedules):
        (WKStopObservingDOMTimerSchedules):
        (WKSetObservedContentChange):
        (WebThreadAddObservedDOMTimer):
        (WKBeginObservingContentChanges): Deleted.
        * platform/ios/wak/WKContentObservation.h:

2018-11-29  Frederic Wang  <fwang@igalia.com>

        Make reconcileViewportConstrainedLayerPositions start from a specified scrolling node
        https://bugs.webkit.org/show_bug.cgi?id=180002

        Reviewed by Simon Fraser.

        For non-programmatic scrolling of frames, AsyncScrollingCoordinator::reconcileScrollingState
        currently always call reconcileViewportConstrainedLayerPositions for the main frame
        since async subframe scrolling is not supported yet (bug 171667 and bug 149264). This
        function in turn calls reconcileLayerPositionForViewportRect on the whole scrolling tree to
        readjust position of fixed/sticky descendants. This patch refactors a bit the code so that
        the operation is actually only applied to the descendants of the frame's scrolling node,
        which would mean a small optimization when subframe are asynchronously scrollable. The code
        is already covered by reconcile-layer-position-recursive.html.

        No new tests, behavior unchanged and already covered by existing tests.

        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::reconcileScrollingState): Pass the frame's scrolling
        node id.
        (WebCore::AsyncScrollingCoordinator::reconcileViewportConstrainedLayerPositions): Start
        reconciliation from the specified scrolling node and log its ID.
        * page/scrolling/AsyncScrollingCoordinator.h: Add ScrollingNodeID parameter.
        * page/scrolling/ScrollingCoordinator.h:
        (WebCore::ScrollingCoordinator::reconcileViewportConstrainedLayerPositions): Ditto.

2018-11-29  Zalan Bujtas  <zalan@apple.com>

        Rename *ObservedContentModifier(s) to *ObservedDOMTimer(s)
        https://bugs.webkit.org/show_bug.cgi?id=192168

        Reviewed by Simon Fraser.

        * dom/Document.cpp:
        (WebCore::Document::platformSuspendOrStopActiveDOMObjects):
        * page/DOMTimer.cpp:
        (WebCore::DOMTimer::install):
        (WebCore::DOMTimer::fired):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::clearTimeout):
        * page/Frame.cpp:
        (WebCore::Frame::willDetachPage):
        * platform/ios/wak/WKContentObservation.cpp:
        (WKBeginObservingContentChanges):
        (WKSetObservedContentChange):
        (WebThreadGetObservedDOMTimers):
        (WebThreadCountOfObservedDOMTimers):
        (WebThreadClearObservedDOMTimers):
        (WebThreadContainsObservedDOMTimer):
        (WebThreadAddObservedDOMTimer):
        (WebThreadRemoveObservedDOMTimer):
        (WebThreadCountOfObservedContentModifiers): Deleted.
        (WebThreadClearObservedContentModifiers): Deleted.
        (WebThreadContainsObservedContentModifier): Deleted.
        (WebThreadAddObservedContentModifier): Deleted.
        (WebThreadRemoveObservedContentModifier): Deleted.
        * platform/ios/wak/WKContentObservation.h:
        * platform/ios/wak/WKContentObservationInternal.h:

2018-11-29  Justin Fan  <justin_fan@apple.com>

        [WebGPU] WebGPURenderPassEncoder::setPipeline, draw, and endPass prototypes
        https://bugs.webkit.org/show_bug.cgi?id=192134

        Reviewed by Dean Jackson.

        Wrap up prototype features for WebGPURenderPassEncoder. 

        Test: webgpu/render-command-encoding.html

        * Modules/webgpu/WebGPUCommandBuffer.cpp: 
        (WebCore::WebGPUCommandBuffer::beginRenderPass):
        * Modules/webgpu/WebGPUDevice.cpp:
        (WebCore::WebGPUDevice::createRenderPipeline const):
        * Modules/webgpu/WebGPUProgrammablePassEncoder.cpp:
        (WebCore::WebGPUProgrammablePassEncoder::WebGPUProgrammablePassEncoder):
        (WebCore::WebGPUProgrammablePassEncoder::endPass): Returns a reference to the WebGPUCommandBuffer that created this encoder.
        (WebCore::WebGPUProgrammablePassEncoder::setPipeline):
        * Modules/webgpu/WebGPUProgrammablePassEncoder.h: Updated to support endPass and setPipeline.
        * Modules/webgpu/WebGPUProgrammablePassEncoder.idl:
        * Modules/webgpu/WebGPURenderPassEncoder.cpp:
        (WebCore::WebGPURenderPassEncoder::create): Must be provided with the WebGPUCommandBuffer.
        (WebCore::WebGPURenderPassEncoder::WebGPURenderPassEncoder):
        (WebCore::WebGPURenderPassEncoder::draw):
        * Modules/webgpu/WebGPURenderPassEncoder.h: Updated to cache a reference to the WebGPUCommandBuffer, and for draw.
        * Modules/webgpu/WebGPURenderPassEncoder.idl:
        * Modules/webgpu/WebGPURenderPipeline.cpp:
        (WebCore::WebGPURenderPipeline::create):
        (WebCore::WebGPURenderPipeline::WebGPURenderPipeline):
        * Modules/webgpu/WebGPURenderPipeline.h:
        (WebCore::WebGPURenderPipeline::renderPipeline):
        * Modules/webgpu/WebGPUTexture.cpp:
        * Modules/webgpu/WebGPUTexture.h: Replaced include with forward declaration.
        * platform/graphics/gpu/GPUProgrammablePassEncoder.h: Updated to support new WebGPU_PassEncoder functionality.
        * platform/graphics/gpu/GPURenderPassEncoder.h:
        (WebCore::GPURenderPassEncoder::~GPURenderPassEncoder): Now ends encoding on the MTLCommandEncoder, if not already ended, before freeing it.
        * platform/graphics/gpu/GPURenderPipeline.h: Now remembers the GPUPrimitiveTopology that it was created with.
        (WebCore::GPURenderPipeline::primitiveTopology const): 
        * platform/graphics/gpu/cocoa/GPUProgrammablePassEncoderMetal.mm:
        (WebCore::GPUProgrammablePassEncoder::endPass): Calls endEncoding on the backing MTLCommandEncoder, if not already ended.
        * platform/graphics/gpu/cocoa/GPURenderPassEncoderMetal.mm:
        (WebCore::GPURenderPassEncoder::platformPassEncoder const):
        (WebCore::GPURenderPassEncoder::setPipeline): Added.
        (WebCore::primitiveTypeForGPUPrimitiveTopology): Added. Helper function to convert GPUPrimitiveTopology to MTLPrimitiveType.
        (WebCore::GPURenderPassEncoder::draw): Added. Draws using primitive topology specified during pipeline creation. 
        * platform/graphics/gpu/cocoa/GPURenderPipelineMetal.mm:
        (WebCore::setFunctionsForPipelineDescriptor):
        (WebCore::GPURenderPipeline::create):
        (WebCore::GPURenderPipeline::GPURenderPipeline): Now must store the GPURenderPipelineDescriptor for later reference. 

2018-11-29  Justin Michaud  <justin_michaud@apple.com>

        CSS Painting API should pass 'this' correctly to paint callback, and repaint when properties change.
        https://bugs.webkit.org/show_bug.cgi?id=191443

        Reviewed by Dean Jackson.

        Instantiate a new instance of the paint class, and pass it as 'this' object when the paint callback is called. 
        Also, this patch makes sure that custom paint elements get repainted when properties that they care about get changed.
        Finally, we fix two reference cycles that caused WorkletGlobalScope to never be destroyed.

        Tests: fast/css-custom-paint/animate-repaint.html
               fast/css-custom-paint/animate.html

        * bindings/js/JSDOMWrapper.cpp:
        * bindings/js/JSPaintWorkletGlobalScopeCustom.cpp:
        (WebCore::JSPaintWorkletGlobalScope::visitAdditionalChildren):
        * bindings/js/JSWorkletGlobalScopeBase.cpp:
        (WebCore::toJS):
        * bindings/js/ScriptState.cpp:
        (WebCore::execStateFromWorkletGlobalScope):
        * css/CSSPaintCallback.h:
        * css/CSSPaintCallback.idl:
        * css/CSSPaintImageValue.h:
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::applyProperty):
        * dom/Document.cpp:
        (WebCore::Document::prepareForDestruction):
        * dom/ScriptExecutionContext.cpp:
        (WebCore::ScriptExecutionContext::vm):
        * platform/graphics/CustomPaintImage.cpp:
        (WebCore::CustomPaintImage::CustomPaintImage):
        (WebCore::CustomPaintImage::doCustomPaint):
        * platform/graphics/CustomPaintImage.h:
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::addCustomPaintWatchProperty):
        (WebCore::RenderStyle::changeRequiresRepaint const):
        * rendering/style/RenderStyle.h:
        * rendering/style/StyleRareNonInheritedData.cpp:
        (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):
        (WebCore::StyleRareNonInheritedData::operator== const):
        * rendering/style/StyleRareNonInheritedData.h:
        * testing/Internals.cpp:
        (WebCore::Internals::isAnyWorkletGlobalScopeAlive const):
        * testing/Internals.h:
        * testing/Internals.idl:
        * worklets/PaintWorkletGlobalScope.cpp:
        (WebCore::PaintWorkletGlobalScope::devicePixelRatio const):
        (WebCore::PaintWorkletGlobalScope::PaintDefinition::PaintDefinition):
        (WebCore::PaintWorkletGlobalScope::registerPaint):
        * worklets/PaintWorkletGlobalScope.h:
        (WebCore::PaintWorkletGlobalScope::~PaintWorkletGlobalScope):
        * worklets/WorkletGlobalScope.cpp:
        (WebCore::WorkletGlobalScope::WorkletGlobalScope):
        (WebCore::WorkletGlobalScope::~WorkletGlobalScope):
        (WebCore::WorkletGlobalScope::prepareForDestruction):
        (WebCore::WorkletGlobalScope::allWorkletGlobalScopesSet):
        (WebCore::WorkletGlobalScope::isJSExecutionForbidden const):
        (WebCore::WorkletGlobalScope::logExceptionToConsole):
        (WebCore::WorkletGlobalScope::addConsoleMessage):
        (WebCore::WorkletGlobalScope::addMessage):
        * worklets/WorkletGlobalScope.h:
        (WebCore::WorkletGlobalScope::script):
        (WebCore::WorkletGlobalScope::responsibleDocument):
        (WebCore::WorkletGlobalScope::responsibleDocument const):
        (WebCore::WorkletGlobalScope::identifier const): Deleted.
        (WebCore::WorkletGlobalScope::responsableDocument): Deleted.
        (WebCore::WorkletGlobalScope::responsableDocument const): Deleted.
        * worklets/WorkletScriptController.cpp:
        (WebCore::WorkletScriptController::~WorkletScriptController):
        (WebCore::WorkletScriptController::disableEval):
        (WebCore::WorkletScriptController::disableWebAssembly):
        (WebCore::WorkletScriptController::initScript):

2018-11-29  Alexey Proskuryakov  <ap@apple.com>

        Modernize the check for kCFURLRequestContentDecoderSkipURLCheck existence
        https://bugs.webkit.org/show_bug.cgi?id=192041

        Reviewed by Tim Horton.

        * loader/ResourceLoaderOptions.h: Added a FIXME for poor naming of loader options.
        There is a lot of code that needs to be cleaned up here.

        * platform/network/mac/ResourceHandleMac.mm:
        (WebCore::ResourceHandle::applySniffingPoliciesIfNeeded):

2018-11-29  Youenn Fablet  <youenn@apple.com>

        Updating a service worker during a navigation load sometimes makes the load fail
        https://bugs.webkit.org/show_bug.cgi?id=191986
        <rdar://problem/46259790>

        Reviewed by Chris Dumez.

        Previously, we were registering a document as service worker client at creation of the document.
        According the service worker spec, this should be done when handling the fetch event of the corresponding navigation load.
        This ensures that the service worker will have a client and will not get updated in the middle of the navigation load.

        At navigation load start, we do not have a document yet since it is created when receiving the first bytes.
        Instead, we register a temporary document when starting the navigation load and unregister it when the real document is registered.

        Test: imported/w3c/web-platform-tests/service-workers/service-worker/update-on-navigation.https.html

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::commitData):
        (WebCore::DocumentLoader::registerTemporaryServiceWorkerClient):
        (WebCore::DocumentLoader::unregisterTemporaryServiceWorkerClient):
        (WebCore::DocumentLoader::loadMainResource):
        (WebCore::DocumentLoader::clearMainResource):
        * loader/DocumentLoader.h:

2018-11-29  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r238678.

        Breaks internal builds.

        Reverted changeset:

        "Move Lookup Code for better cross platform usage"
        https://bugs.webkit.org/show_bug.cgi?id=191732
        https://trac.webkit.org/changeset/238678

2018-11-29  Youenn Fablet  <youenn@apple.com>

        A sender created through addTransceiver and populated using addTrack should have its source set
        https://bugs.webkit.org/show_bug.cgi?id=192136

        Reviewed by Eric Carlson.

        In case libwebrtc backend is already created, we need to make sure to
        set the track source to the libwebrtc sender backend that is actually
        tied to the sender.

        Covered by updated test.

        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
        (WebCore::LibWebRTCPeerConnectionBackend::addTrack):
        * Modules/mediastream/libwebrtc/LibWebRTCRtpSenderBackend.h:

2018-11-29  Megan Gardner  <megan_gardner@apple.com>

        Move Lookup Code for better cross platform usage
        https://bugs.webkit.org/show_bug.cgi?id=191732

        Reviewed by Alex Christensen.

        Not currenlty testable

        DictionaryLookup uses Reveal now, which is slated to be cross-platform.
        That patch gates the parts of DictionaryLookup that currently do not have
        an available implementation on iOS. Once Reveal is ready, this code will be
        replaced or expanded upon, as appropriate.

        * editing/mac/DictionaryLookup.h:
        * editing/mac/DictionaryLookup.mm:
        (WebCore::showPopupOrCreateAnimationController):
        (WebCore::DictionaryLookup::showPopup):
        (WebCore::DictionaryLookup::hidePopup):
        (WebCore::DictionaryLookup::animationControllerForPopup):

2018-11-29  Sihui Liu  <sihui_liu@apple.com>

        IndexedDB: breaks if binary data (Uint8Array) and autoIncrement key in store
        https://bugs.webkit.org/show_bug.cgi?id=185869
        <rdar://problem/40453623>

        Reviewed by Geoffrey Garen.

        lexicalGlobalObject is casted to JSDOMGlobalObject in CloneSerializer::dumpArrayBufferView, 
        so we should use JSDOMGlobalObject instead of JSGlobalObject in IDB database thread.

        Covered by modified test: storage/indexeddb/objectstore-autoincrement.html

        * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
        (WebCore::IDBServer::UniqueIDBDatabase::databaseThreadVM):
        (WebCore::IDBServer::UniqueIDBDatabase::databaseThreadExecState):
        * bindings/js/JSDOMGlobalObject.cpp:
        (WebCore::JSDOMGlobalObject::create):
        * bindings/js/JSDOMGlobalObject.h:
        * bindings/js/JSDOMWrapper.cpp:
        (WebCore::JSDOMObject::JSDOMObject):

2018-11-29  Sihui Liu  <sihui_liu@apple.com>

        Unexpected constructor / instanceof  behavior when retrieving indexedDB data in an iframe
        https://bugs.webkit.org/show_bug.cgi?id=185906
        <rdar://problem/40583100>

        Reviewed by Geoffrey Garen.

        ScriptExecutionContext::execState() returned state of main frame, so deserialization of 
        IDBValue in iframe used constructors of main frame, which is wrong.

        Test: storage/indexeddb/instanceof-iframe.html

        * dom/ScriptExecutionContext.cpp:
        (WebCore::ScriptExecutionContext::execState):

2018-11-29  Don Olmstead  <don.olmstead@sony.com>

        Make generic ScrollAnimator
        https://bugs.webkit.org/show_bug.cgi?id=192128

        Reviewed by Michael Catanzaro.

        No new tests. No change in behavior.

        Moves ScrollAnimatorGtk into ScrollAnimatorGeneric where it can be used
        by other implementations. Fixed some compilation issues around using
        this as a default implementation.

        Removing ScrollAnimatorSmooth since it is dead code and doesn't even
        compile at this time.

        Fixing a compilation issue within LowPowerModeNotifierGLib
        implementation that appeared due to unified sources changes.

        * PlatformGTK.cmake:
        * SourcesGTK.txt:
        * platform/LowPowerModeNotifier.h:
        * platform/PlatformWheelEvent.h:
        (WebCore::PlatformWheelEvent::swipeVelocity const):
        * platform/ScrollAnimatorSmooth.cpp: Removed.
        * platform/ScrollAnimatorSmooth.h: Removed.
        * platform/generic/ScrollAnimatorGeneric.cpp: Renamed from Source/WebCore/platform/gtk/ScrollAnimatorGtk.cpp.
        (WebCore::ScrollAnimator::create):
        (WebCore::ScrollAnimatorGeneric::ScrollAnimatorGeneric):
        (WebCore::ScrollAnimatorGeneric::ensureSmoothScrollingAnimation):
        (WebCore::ScrollAnimatorGeneric::scroll):
        (WebCore::ScrollAnimatorGeneric::scrollToOffsetWithoutAnimation):
        (WebCore::ScrollAnimatorGeneric::computeVelocity):
        (WebCore::ScrollAnimatorGeneric::handleWheelEvent):
        (WebCore::ScrollAnimatorGeneric::willEndLiveResize):
        (WebCore::ScrollAnimatorGeneric::updatePosition):
        (WebCore::ScrollAnimatorGeneric::didAddVerticalScrollbar):
        (WebCore::ScrollAnimatorGeneric::didAddHorizontalScrollbar):
        (WebCore::ScrollAnimatorGeneric::willRemoveVerticalScrollbar):
        (WebCore::ScrollAnimatorGeneric::willRemoveHorizontalScrollbar):
        (WebCore::ScrollAnimatorGeneric::updateOverlayScrollbarsOpacity):
        (WebCore::ScrollAnimatorGeneric::overlayScrollbarAnimationTimerFired):
        (WebCore::ScrollAnimatorGeneric::showOverlayScrollbars):
        (WebCore::ScrollAnimatorGeneric::hideOverlayScrollbars):
        (WebCore::ScrollAnimatorGeneric::mouseEnteredContentArea):
        (WebCore::ScrollAnimatorGeneric::mouseExitedContentArea):
        (WebCore::ScrollAnimatorGeneric::mouseMovedInContentArea):
        (WebCore::ScrollAnimatorGeneric::contentAreaDidShow):
        (WebCore::ScrollAnimatorGeneric::contentAreaDidHide):
        (WebCore::ScrollAnimatorGeneric::notifyContentAreaScrolled):
        (WebCore::ScrollAnimatorGeneric::lockOverlayScrollbarStateToHidden):
        * platform/generic/ScrollAnimatorGeneric.h: Renamed from Source/WebCore/platform/gtk/ScrollAnimatorGtk.h.
        * platform/glib/LowPowerModeNotifierGLib.cpp:
        * platform/gtk/PlatformWheelEventGtk.cpp:
        (WebCore::PlatformWheelEvent::swipeVelocity const): Deleted.

2018-11-28  Dean Jackson  <dino@apple.com>

        [ES Modules] Allow .mjs content when loaded from file://
        https://bugs.webkit.org/show_bug.cgi?id=192100
        <rdar://problem/46320065>

        Reviewed by Sam Weinig.

        Node JS requires ES Module files to be identified by the file
        extension of ".mjs" (no relation to Maciej Stachowiak). This new
        extension causes issues because it isn't recognised as a JavaScript
        file. When using the script tag, the author is able to force the type
        of the referenced file using an attribute, but this isn't possible
        for the import() function or import statement.

        Add a new entry into our table that maps file extensions to MIME types
        so that when a .mjs file is loaded from a file:// reference it is
        identified as JavaScript.

        Test: js/dom/modules/import-mjs-module.html

        * platform/network/mac/WebCoreURLResponse.mm: Add .mjs to the existing dictionary.
        (WebCore::createExtensionToMIMETypeMap):
        * platform/network/ios/WebCoreURLResponseIOS.mm: Add code just for .mjs.
        (WebCore::createExtensionToMIMETypeMap):

2018-11-29  Zalan Bujtas  <zalan@apple.com>

        [LFC][BFC][Quirk] Width does not need stretching quirk.
        https://bugs.webkit.org/show_bug.cgi?id=192135

        Reviewed by Antti Koivisto.

        In BFC the block box's width (auto) always streches to the content width of the containing block.

        * layout/blockformatting/BlockFormattingContext.h:
        * layout/blockformatting/BlockFormattingContextGeometry.cpp:
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowNonReplacedWidthAndMargin):
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowHeightAndMargin):
        * layout/blockformatting/BlockFormattingContextQuirks.cpp:
        (WebCore::Layout::BlockFormattingContext::Quirks::needsStretching):
        (WebCore::Layout::BlockFormattingContext::Quirks::isStretchedToInitialContainingBlock): Deleted.
        (WebCore::Layout::BlockFormattingContext::Quirks::stretchedWidth): Deleted.

2018-11-29  Zalan Bujtas  <zalan@apple.com>

        [LFC][Quirk] Move quirk functions to dedicated classes.
        https://bugs.webkit.org/show_bug.cgi?id=192133

        Reviewed by Antti Koivisto.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * layout/FormattingContext.h:
        * layout/FormattingContextGeometry.cpp:
        (WebCore::Layout::FormattingContext::Geometry::computedHeightValue):
        * layout/blockformatting/BlockFormattingContext.h:
        * layout/blockformatting/BlockFormattingContextGeometry.cpp:
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowNonReplacedWidthAndMargin):
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowHeightAndMargin):
        (WebCore::Layout::initialContainingBlock): Deleted.
        (WebCore::Layout::isStretchedToInitialContainingBlock): Deleted.
        (WebCore::Layout::stretchHeightToInitialContainingBlockQuirk): Deleted.
        (WebCore::Layout::stretchWidthToInitialContainingBlock): Deleted.
        * layout/blockformatting/BlockFormattingState.cpp:
        * layout/blockformatting/BlockMarginCollapse.cpp:
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::isMarginTopCollapsedWithParent):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginTop):
        (WebCore::Layout::isQuirkContainer): Deleted.
        (WebCore::Layout::hasMarginTopQuirkValue): Deleted.
        (WebCore::Layout::shouldIgnoreMarginTopInQuirkContext): Deleted.
        (WebCore::Layout::isMarginTopCollapsedWithParent): Deleted.
        * layout/inlineformatting/InlineFormattingContext.cpp:
        * layout/inlineformatting/text/TextUtil.h:

2018-11-29  Rob Buis  <rbuis@igalia.com>

        Remove some superfluous code in ContentSecurityPolicy::upgradeInsecureRequestIfNeeded
        https://bugs.webkit.org/show_bug.cgi?id=192076

        Reviewed by Frédéric Wang.

        Since we do an early return if the protocol is not http or ws, the if check
        for ws protocol and else statement are not needed, so use an ASSERT instead.

        * page/csp/ContentSecurityPolicy.cpp:
        (WebCore::ContentSecurityPolicy::upgradeInsecureRequestIfNeeded const):

2018-11-29  Frederic Wang  <fwang@igalia.com>

        Add ParentRelativeScrollableRect to ScrollingCoordinator::ScrollingGeometry
        https://bugs.webkit.org/show_bug.cgi?id=172914

        Reviewed by Simon Fraser.

        This patch adds a ParentRelativeScrollableRect ScrollingCoordinator::ScrollingGeometry and
        the corresponding set/get/dump APIs. Currently, the setter is never used so the behavior is
        unchanged. In the future, this rect will be used for hit testing of subframes during
        asynchronous macOS scrolling (but 172917).

        No new tests, behavior unchanged.

        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::updateFrameScrollingNode):
        (WebCore::AsyncScrollingCoordinator::updateOverflowScrollingNode):
        * page/scrolling/ScrollingCoordinator.h:
        * page/scrolling/ScrollingStateScrollingNode.cpp:
        (WebCore::ScrollingStateScrollingNode::ScrollingStateScrollingNode):
        (WebCore::ScrollingStateScrollingNode::setParentRelativeScrollableRect):
        (WebCore::ScrollingStateScrollingNode::dumpProperties const):
        * page/scrolling/ScrollingStateScrollingNode.h:
        (WebCore::ScrollingStateScrollingNode::parentRelativeScrollableRect const):
        * page/scrolling/ScrollingTreeScrollingNode.cpp:
        (WebCore::ScrollingTreeScrollingNode::commitStateBeforeChildren):
        (WebCore::ScrollingTreeScrollingNode::dumpProperties const):
        * page/scrolling/ScrollingTreeScrollingNode.h:
        (WebCore::ScrollingTreeScrollingNode::parentRelativeScrollableRect const):

2018-11-28  Wenson Hsieh  <wenson_hsieh@apple.com>

        [iOSMac] Dropping text selections from web content into editable elements crashes the web process
        https://bugs.webkit.org/show_bug.cgi?id=192113
        <rdar://problem/46323701>

        Reviewed by Ryosuke Niwa.

        In iOSMac, registering invalid UTIs on NSItemProvider when starting a drag or handling a drop does not work.
        Since iOS writes and reads only "Apple Web Archive pasteboard type" (a.k.a. `WebArchivePboardType`) during drag
        and drop as well as copy and paste, we fail to read or write any web archive data, and subsequently fall back to
        reading RTF or flat RTFD, both of which are not supported in iOSMac, since UIFoundation links against the
        system's macOS WebKit stack.

        To fix this, we add support for reading and writing com.apple.webarchive (`kUTTypeWebArchive`) on iOS, so that
        WebKit-based iOSMac applications can understand web archive data from the host running macOS, and the host can
        also understand web archive data written by the iOSMac app. Additionally, don't allow reading RTF and flat RTFD
        as web content in iOSMac. (Note that writing RTF and flat RTFD is still safe, since it does not depend on
        UIFoundation.framework but rather `WebCore::HTMLConverter`).

        Test: DragAndDropTests.ModernWebArchiveType

        * editing/cocoa/WebContentReaderCocoa.mm:
        (WebCore::createFragment):

        Additionally make sure that we never call into UIFoundation's NSAttributedString to markup conversion codepath
        by making `createFragment` an empty stub on iOSMac.

        * platform/ios/PasteboardIOS.mm:
        (WebCore::supportedImageTypes):
        (WebCore::isTypeAllowedByReadingPolicy):
        (WebCore::Pasteboard::readPasteboardWebContentDataForType):
        (WebCore::Pasteboard::supportedWebContentPasteboardTypes):
        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::write):

2018-11-28  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r238653 and r238656.
        https://bugs.webkit.org/show_bug.cgi?id=192130

        Breaks iOS build (Requested by smfr on #webkit).

        Reverted changesets:

        "Move Lookup Code for better cross platform usage"
        https://bugs.webkit.org/show_bug.cgi?id=191732
        https://trac.webkit.org/changeset/238653

        "Attempt to fix the iOS build by only including RevealSPI.h
        when it's needed."
        https://trac.webkit.org/changeset/238656

2018-11-28  Simon Fraser  <simon.fraser@apple.com>

        Attempt to fix the iOS build by only including RevealSPI.h when it's needed.

        * editing/cocoa/DictionaryLookup.mm:

2018-11-28  Alex Christensen  <achristensen@webkit.org>

        Modernize BlobRegistry::writeBlobsToTemporaryFiles
        https://bugs.webkit.org/show_bug.cgi?id=192117

        Reviewed by Dean Jackson.

        No change in behavior.  Just use CompletionHandlers and the new sendWithAsyncReply instead of two way messaging
        and manual completion handler management.

        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::SerializedScriptValue::writeBlobsToDiskForIndexedDB):
        * platform/network/BlobRegistry.h:
        * platform/network/BlobRegistryImpl.cpp:
        (WebCore::BlobRegistryImpl::writeBlobsToTemporaryFiles):
        * platform/network/BlobRegistryImpl.h:

2018-11-15  Megan Gardner  <megan_gardner@apple.com>

        Move Lookup Code for better cross platform usage
        https://bugs.webkit.org/show_bug.cgi?id=191732

        Reviewed by Alex Christensen.

        Not currenlty testable

        DictionaryLookup uses Reveal now, which is slated to be cross-platform.
        That patch gates the parts of DictionaryLookup that currently do not have
        an available implementation on iOS. Once Reveal is ready, this code will be
        replaced or expanded upon, as appropriate.

        * editing/mac/DictionaryLookup.h:
        * editing/mac/DictionaryLookup.mm:
        (WebCore::showPopupOrCreateAnimationController):
        (WebCore::DictionaryLookup::showPopup):
        (WebCore::DictionaryLookup::hidePopup):
        (WebCore::DictionaryLookup::animationControllerForPopup):

2018-11-28  Christopher Reid  <chris.reid@sony.com>

        SQLiteDatabase::open is constantly printing "SQLite database failed to checkpoint: database table is locked" errors
        https://bugs.webkit.org/show_bug.cgi?id=192111

        Reviewed by Alex Christensen.

        Ensure the journal_mode=WAL statement is finalized before wal_checkpoint is executed.

        * platform/sql/SQLiteDatabase.cpp:
        (WebCore::SQLiteDatabase::open):

2018-11-28  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Updating href on linearGradient and radialGradient doesn't update its rendering
        https://bugs.webkit.org/show_bug.cgi?id=191934

        Reviewed by Ryosuke Niwa.

        Mark the gradient renderer for repaint when the value of the 'href'
        attribute changes.

        Tests: fast/shadow-dom/svg-linear-gradient-dynamic-update-href-in-shadow-tree.html
               fast/shadow-dom/svg-radial-gradient-dynamic-update-href-in-shadow-tree.html
               svg/dynamic-updates/SVGLinearGradientElement-svgdom-href-prop.html
               svg/dynamic-updates/SVGRadialGradientElement-svgdom-href-prop.html

        * svg/SVGGradientElement.cpp:
        (WebCore::SVGGradientElement::svgAttributeChanged):


2018-11-28  Youenn Fablet  <youenn@apple.com>

        imported/w3c/web-platform-tests/webrtc/RTCPeerConnection-transceivers.https.html is flaky on iOS simulator
        https://bugs.webkit.org/show_bug.cgi?id=192037

        Reviewed by Eric Carlson.

        The stats report JS map should be created when resolving the stats promise with WebCore RTCStatsReport.
        But resolving the promise might fail in case of a page being suspended.
        In that case, no JSRTCStatsReport is created and there is no backing map.
        Update the code to reflect that.
        Covered by existing test.

        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCMediaEndpoint::getStats):
        * Modules/mediastream/libwebrtc/LibWebRTCStatsCollector.cpp:
        (WebCore::LibWebRTCStatsCollector::~LibWebRTCStatsCollector):
        (WebCore::LibWebRTCStatsCollector::OnStatsDelivered):
        * Modules/mediastream/libwebrtc/LibWebRTCStatsCollector.h:

2018-11-28  Keith Rollin  <krollin@apple.com>

        Update generate-{derived,unified}-sources scripts to support generating .xcfilelist files
        https://bugs.webkit.org/show_bug.cgi?id=192031
        <rdar://problem/46286816>

        Reviewed by Alex Christensen.

        The Generate Derived Sources and Generate Unified Sources build phases
        in Xcode need to have their inputs and outputs specified. This
        specification will come in the form of .xcfilelist files that will be
        attached to these build phases. There is one .xcfilelist file that
        lists the input file and one that lists the output files. As part of
        this work, the various generate-{derived,unified}-sources scripts that
        are executed in these Generate build phases are modified to help in
        the creation of these .xcfilelist files. In particular, they can now
        be invoked with command-line parameters. These parameters are then
        used to alter the normal execution of these scripts, causing them to
        produce the .xcfilelist files as opposed to actually generating the
        files that are listed in those files.

        No new tests -- no changed functionality.

        * Scripts/generate-derived-sources.sh:
        * Scripts/generate-unified-sources.sh:

2018-11-28  Keith Rollin  <krollin@apple.com>

        Revert print_all_generated_files work in r238008; tighten up target specifications
        https://bugs.webkit.org/show_bug.cgi?id=192025
        <rdar://problem/46284301>

        Reviewed by Alex Christensen.

        In r238008, I added a facility for DerivedSources.make makefiles to
        print out the list of files that they generate. This output was used
        in the generation of .xcfilelist files used to specify the output of
        the associated Generate Derived Sources build phases in Xcode. This
        approach worked, but it meant that people would need to follow a
        specific convention to keep this mechanism working.

        Instead of continuing this approach, I'm going to implement a new
        facility based on the output of `make` when passed the -d flag (which
        prints dependency information). This new mechanism is completely
        automatic and doesn't need maintainers to follow a convention. To that
        end, remove most of the work performed in r238008 that supports the
        print_all_generated_files target.

        At the same time, it's important for the sets of targets and their
        dependencies to be complete and correct. Therefore, also include
        changes to bring those up-to-date. As part of that, you'll see
        prevalent use of a particular technique. Here's an example:

            BYTECODE_FILES = \
                Bytecodes.h \
                BytecodeIndices.h \
                BytecodeStructs.h \
                InitBytecodes.asm \
            #
            BYTECODE_FILES_PATTERNS = $(subst .,%,$(BYTECODE_FILES))

            all : $(BYTECODE_FILES)

            $(BYTECODE_FILES_PATTERNS): $(wildcard $(JavaScriptCore)/generator/*.rb) $(JavaScriptCore)/bytecode/BytecodeList.rb
                ...

        These lines indicate a set of generated files (those specified in
        BYTECODE_FILES). These files are generated by the BytecodeList.rb
        tool. But, as opposed to the normal rule where a single foo.output is
        generated by foo.input plus some additional dependencies, this rule
        produces multiple output files from a tool whose connection to the
        output files is not immediately clear. A special approach is needed
        where a single rule produces multiple output files. The normal way to
        implement this is to use an .INTERMEDIATE target. However, we used
        this approach in the past and ran into a problem with it, addressing
        it with an alternate approach in r210507. The above example shows this
        approach. The .'s in the list of target files are replaced with %'s,
        and the result is used as the left side of the dependency rule.

        No new tests -- no changed functionality.

        * DerivedSources.make:

2018-11-28  Alex Christensen  <achristensen@webkit.org>

        Remove dead code from an earlier attempt at implementing safe browsing
        https://bugs.webkit.org/show_bug.cgi?id=192067

        Reviewed by Chris Dumez.

        * WebCore.xcodeproj/project.pbxproj:
        * loader/EmptyClients.cpp:
        (WebCore::EmptyFrameLoaderClient::dispatchDecidePolicyForNavigationAction):
        * loader/EmptyFrameLoaderClient.h:
        * loader/FrameLoadRequest.h:
        (WebCore::FrameLoadRequest::setShouldSkipSafeBrowsingCheck): Deleted.
        (WebCore::FrameLoadRequest::shouldSkipSafeBrowsingCheck): Deleted.
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadArchive):
        (WebCore::FrameLoader::loadURL):
        (WebCore::FrameLoader::load):
        (WebCore::FrameLoader::loadWithNavigationAction):
        (WebCore::FrameLoader::loadWithDocumentLoader):
        (WebCore::FrameLoader::loadPostRequest):
        * loader/FrameLoader.h:
        (WebCore::FrameLoader::loadWithDocumentLoader):
        (WebCore::FrameLoader::loadWithNavigationAction):
        * loader/FrameLoaderClient.h:
        * loader/PolicyChecker.cpp:
        (WebCore::PolicyChecker::checkNavigationPolicy):
        * loader/PolicyChecker.h:
        * loader/ShouldSkipSafeBrowsingCheck.h: Removed.

2018-11-28  Alex Christensen  <achristensen@webkit.org>

        Add SessionIDs wherever BlobURLs are used in SerializedScriptValue
        https://bugs.webkit.org/show_bug.cgi?id=192062

        Reviewed by Dean Jackson.

        Just adding infrastructure for fixing "the blob bug"

        * Modules/indexeddb/IDBDatabaseIdentifier.cpp:
        (WebCore::IDBDatabaseIdentifier::IDBDatabaseIdentifier):
        (WebCore::IDBDatabaseIdentifier::isolatedCopy const):
        * Modules/indexeddb/IDBDatabaseIdentifier.h:
        (WebCore::IDBDatabaseIdentifier::hash const):
        (WebCore::IDBDatabaseIdentifier::sessionID const):
        (WebCore::IDBDatabaseIdentifier::encode const):
        (WebCore::IDBDatabaseIdentifier::decode):
        * Modules/indexeddb/IDBFactory.cpp:
        (WebCore::IDBFactory::openInternal):
        (WebCore::IDBFactory::deleteDatabase):
        * Modules/indexeddb/IDBTransaction.cpp:
        (WebCore::IDBTransaction::putOrAddOnServer):
        * Modules/indexeddb/IDBValue.cpp:
        (WebCore::IDBValue::IDBValue):
        (WebCore::IDBValue::setAsIsolatedCopy):
        * Modules/indexeddb/IDBValue.h:
        (WebCore::IDBValue::sessionID const):
        (WebCore::IDBValue::encode const):
        (WebCore::IDBValue::decode):
        * Modules/indexeddb/server/MemoryIndexCursor.cpp:
        (WebCore::IDBServer::MemoryIndexCursor::currentData):
        * Modules/indexeddb/server/MemoryObjectStoreCursor.cpp:
        (WebCore::IDBServer::MemoryObjectStoreCursor::currentData):
        * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
        (WebCore::IDBServer::SQLiteIDBBackingStore::getBlobRecordsForObjectStoreRecord):
        (WebCore::IDBServer::SQLiteIDBBackingStore::getRecord):
        (WebCore::IDBServer::SQLiteIDBBackingStore::getAllObjectStoreRecords):
        (WebCore::IDBServer::SQLiteIDBBackingStore::uncheckedGetIndexRecordForOneKey):
        * Modules/indexeddb/server/SQLiteIDBBackingStore.h:
        * Modules/indexeddb/server/SQLiteIDBCursor.cpp:
        (WebCore::IDBServer::SQLiteIDBCursor::internalFetchNextRecord):
        * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
        (WebCore::IDBServer::UniqueIDBDatabase::performPutOrAdd):
        * bindings/js/IDBBindingUtilities.cpp:
        (WebCore::deserializeIDBValueToJSValue):
        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneSerializer::serialize):
        (WebCore::CloneSerializer::CloneSerializer):
        (WebCore::CloneSerializer::dumpIfTerminal):
        (WebCore::CloneDeserializer::deserialize):
        (WebCore::CloneDeserializer::CloneDeserializer):
        (WebCore::SerializedScriptValue::SerializedScriptValue):
        (WebCore::SerializedScriptValue::create):
        (WebCore::SerializedScriptValue::deserialize):
        (WebCore::SerializedScriptValue::writeBlobsToDiskForIndexedDB):
        (WebCore::SerializedScriptValue::writeBlobsToDiskForIndexedDBSynchronously):
        * bindings/js/SerializedScriptValue.h:
        (WebCore::SerializedScriptValue::sessionID const):

2018-11-28  Justin Fan  <justin_fan@apple.com>

        [WebGPU] Begin implementation of WebGPURenderPassEncoder and barebones WebGPURenderPassDescriptor
        https://bugs.webkit.org/show_bug.cgi?id=191990

        Reviewed by Dean Jackson.

        Begin implementation of WebGPURenderPassEncoder and its parent interface, WebGPUProgrammablePassEncoder.
        Also add code to allow creation of a primitive WebGPURenderPassDescriptor with the sole purpose of providing 
        a WebGPUTextureView reference to the render pass creation function, WebGPUCommandBuffer::beginRenderPass().

        Test: webgpu/render-passes.html

        * CMakeLists.txt:
        * DerivedSources.make:
        * Modules/webgpu/WebGPUCommandBuffer.cpp:
        (WebCore::WebGPUCommandBuffer::WebGPUCommandBuffer):
        (WebCore::WebGPUCommandBuffer::beginRenderPass): Added. Returns a WebGPURenderPassEncoder upon success.
        * Modules/webgpu/WebGPUCommandBuffer.h:
        * Modules/webgpu/WebGPUCommandBuffer.idl:
        * Modules/webgpu/WebGPUProgrammablePassEncoder.cpp: Added.
        * Modules/webgpu/WebGPUProgrammablePassEncoder.h: Added.
        * Modules/webgpu/WebGPUProgrammablePassEncoder.idl: Added. Empty (for now) interface parenting WebGPURenderPassEncoder.
        * Modules/webgpu/WebGPURenderPassDescriptor.h:
        * Modules/webgpu/WebGPURenderPassDescriptor.idl: Added. Directly handles a WebGPUTextureView attachment; all other color attachment properties set by implementation for now.
        * Modules/webgpu/WebGPURenderPassEncoder.cpp: Added.
        (WebCore::WebGPURenderPassEncoder::create):
        (WebCore::WebGPURenderPassEncoder::WebGPURenderPassEncoder):
        (WebCore::WebGPURenderPassEncoder::passEncoder const):
        * Modules/webgpu/WebGPURenderPassEncoder.h: Added. Interface to GPURenderPassEncoder.
        * Modules/webgpu/WebGPURenderPassEncoder.idl: Added. Allows WebGPU developer to encode commands for the WebGPUCommandBuffer.
        * Modules/webgpu/WebGPUTextureView.cpp:
        (WebCore::WebGPUTextureView::WebGPUTextureView):
        * Modules/webgpu/WebGPUTextureView.h:
        (WebCore::WebGPUTextureView::texture):
        * Sources.txt:
        * SourcesCocoa.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/WebCoreBuiltinNames.h:
        * platform/graphics/gpu/GPUCommandBuffer.h:
        (WebCore::GPUCommandBuffer::platformCommandBuffer const):
        * platform/graphics/gpu/GPUProgrammablePassEncoder.h: Added. Base class for GPURenderPassEncoder.
        * platform/graphics/gpu/GPURenderPassDescriptor.h: Added.
        * platform/graphics/gpu/GPURenderPassEncoder.h: Added. Wrapper class for MTLRenderCommandEncoder.
        * platform/graphics/gpu/GPUTexture.h:
        (WebCore::GPUTexture::platformTexture const):
        * platform/graphics/gpu/cocoa/GPUProgrammablePassEncoderMetal.mm: Added.
        * platform/graphics/gpu/cocoa/GPURenderPassEncoderMetal.mm: Added.
        (WebCore::GPURenderPassEncoder::create): Creates the backing MTLRenderCommandEncoder; returns null if this fails. 
        (WebCore::GPURenderPassEncoder::GPURenderPassEncoder):
        (WebCore::GPURenderPassEncoder::~GPURenderPassEncoder): End encoding before destroying the MTLCommandEncoder to prevent an exception.
        (WebCore::GPURenderPassEncoder::platformPassEncoder const):

2018-11-28  Rob Buis  <rbuis@igalia.com>

        [XHR] Document.lastModified doesn't work for non-rendered documents
        https://bugs.webkit.org/show_bug.cgi?id=179375

        Reviewed by Alexey Proskuryakov.

        Add setOverrideLastModified to override last modified date for
        standalone Documents.

        Behavior matches Firefox and Chrome.

        Test: web-platform-tests/xhr/responsexml-document-properties.htm

        * dom/Document.cpp:
        (WebCore::Document::overrideLastModified):
        (WebCore::Document::lastModified const): no need to test m_frame since that's already done in loader().
        (WebCore::Document::lastModified): Deleted.
        * dom/Document.h:
        * xml/XMLHttpRequest.cpp:

2018-11-28  Yongjun Zhang  <yongjun_zhang@apple.com>

        Allow WebKit clients to specify a minimum effective width for layout.
        https://bugs.webkit.org/show_bug.cgi?id=191499
        <rdar://problem/45362678>

        Reviewed by Wenson Hsieh.

        If we ignore the meta viewport (_shouldIgnoreMetaViewport is true), the default layout width will be device
        width. For clients that wish to lay out the content with a different width value, we would need to add a way
        to specify the effective width for layout.

        Tests: fast/viewport/ios/ipad/viewport-overriden-by-minimum-effective-width-if-ignore-meta-viewport.html
               fast/viewport/ios/ipad/viewport-unchanged-by-minimum-effective-width-if-not-ignore-meta-viewport.html

        * page/ViewportConfiguration.cpp:
        (WebCore::ViewportConfiguration::setViewLayoutSize): Add a new argument effectiveWidth.
        (WebCore::ViewportConfiguration::nativeWebpageParameters): Make sure minimumScale for nativeWebpageParameters
            is small enough so that it won't clamp out the initial scale. If content is wider than the viewport, this
            ensures we can still zoom out the page.
        (WebCore::ViewportConfiguration::updateConfiguration): update _minimumEffectiveDeviceWidth and apply that to
            the layout size scale computation.
        (WebCore::ViewportConfiguration::effectiveLayoutSizeScaleFactor): A helper method to return the effective
            layout scale factor which is also effected by _minimumEffectiveDeviceWidth.
        (WebCore::ViewportConfiguration::updateMinimumLayoutSize): Update m_minimumLayoutSize based on effectiveLayoutSizeScaleFactor().
        (WebCore::ViewportConfiguration::description const): Also dump m_minimumEffectiveDeviceWidth.
        * page/ViewportConfiguration.h: Add a member variable m_minimumEffectiveDeviceWidth.

2018-11-28  Stephan Szabo  <stephan.szabo@sony.com>

        Make generic EventHandler methods
        https://bugs.webkit.org/show_bug.cgi?id=192032

        Reviewed by Michael Catanzaro.

        No new tests. No new behavior.

        Move mostly generic for non-Apple platform implementations
        of methods from EventHandlerGlib into EventHandler. Two
        of these also had different Windows implementations, so
        to limit behavior change from this, those are currently
        overridden for Windows as well as Mac and IOS.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::passMousePressEventToSubframe):
        (WebCore::EventHandler::passMouseReleaseEventToSubframe):
        (WebCore::EventHandler::widgetDidHandleWheelEvent):
        (WebCore::EventHandler::tabsToAllFormControls const):
        (WebCore::EventHandler::passWidgetMouseDownEventToWidget):
        (WebCore::EventHandler::passMouseDownEventToWidget):
        (WebCore::EventHandler::focusDocumentView):
        (WebCore::EventHandler::eventActivatedView const):
        (WebCore::EventHandler::passMouseMoveEventToSubframe):
        * page/win/EventHandlerWin.cpp:
        (WebCore::EventHandler::passMouseMoveEventToSubframe):
        (WebCore::EventHandler::passMousePressEventToSubframe): Deleted.
        (WebCore::EventHandler::passMouseReleaseEventToSubframe): Deleted.
        (WebCore::EventHandler::widgetDidHandleWheelEvent): Deleted.
        (WebCore::EventHandler::tabsToAllFormControls const): Deleted.
        (WebCore::EventHandler::focusDocumentView): Deleted.
        (WebCore::EventHandler::passWidgetMouseDownEventToWidget): Deleted.
        (WebCore::EventHandler::accessKeyModifiers): Deleted.
        * platform/glib/EventHandlerGLib.cpp:
        (WebCore::EventHandler::tabsToAllFormControls const): Deleted.
        (WebCore::EventHandler::focusDocumentView): Deleted.
        (WebCore::EventHandler::passWidgetMouseDownEventToWidget): Deleted.
        (WebCore::EventHandler::passMouseDownEventToWidget): Deleted.
        (WebCore::EventHandler::eventActivatedView const): Deleted.
        (WebCore::EventHandler::widgetDidHandleWheelEvent): Deleted.
        (WebCore::EventHandler::passMousePressEventToSubframe): Deleted.
        (WebCore::EventHandler::passMouseMoveEventToSubframe): Deleted.
        (WebCore::EventHandler::passMouseReleaseEventToSubframe): Deleted.
        (WebCore::EventHandler::accessKeyModifiers): Deleted.

2018-11-28  Zalan Bujtas  <zalan@apple.com>

        [LFC][Quirk] Use non-collapsed vertical margin values when the container is stretched to the size of the ICB.
        https://bugs.webkit.org/show_bug.cgi?id=192078

        Reviewed by Antti Koivisto.

        This quirk happens when the body height is 0 which means its vertical margins collapse through (top and bottom margins are adjoining).
        However now that we stretch the body they don't collapse through anymore, so we need to use the non-collapsed values instead.

        * layout/LayoutUnits.h:
        (WebCore::Layout::HeightAndMargin::usedMarginValues const):
        * layout/blockformatting/BlockFormattingContextGeometry.cpp:
        (WebCore::Layout::stretchHeightToInitialContainingBlock):

2018-11-28  Zalan Bujtas  <zalan@apple.com>

        [LFC] Add support for quirk container's collapsing top margin in quirks mode.
        https://bugs.webkit.org/show_bug.cgi?id=192070

        Reviewed by Antti Koivisto.

        In quirk mode when the top margin collapsing is computed for a quirk container (body, table cell) and the canditate margin value is
        also a quirk value, we just ignore it.

        * layout/blockformatting/BlockMarginCollapse.cpp:
        (WebCore::Layout::isQuirkContainer):
        (WebCore::Layout::hasMarginTopQuirkValue):
        (WebCore::Layout::shouldIgnoreMarginTopInQuirkContext):
        (WebCore::Layout::isMarginTopCollapsedWithParent):
        (WebCore::Layout::BlockFormattingContext::Geometry::MarginCollapse::marginTop):
        * layout/layouttree/LayoutBox.h:
        (WebCore::Layout::Box::isTableCell const):

2018-11-28  Ali Juma  <ajuma@chromium.org>

        Intersection Observer: rootMargin: '' gives weird results
        https://bugs.webkit.org/show_bug.cgi?id=191975

        Reviewed by Simon Fraser.

        When converting the rootMargin string into a LengthBox, explicitly construct a Length
        of size 0px for each dimension, instead of using Length's default constructor. The
        default constructor creates a Length with value Auto, which causes us to incorrectly
        apply a non-zero rootMargin.

        Test: imported/w3c/web-platform-tests/intersection-observer/empty-root-margin.html

        * page/IntersectionObserver.cpp:
        (WebCore::parseRootMargin):

2018-11-28  Thibault Saunier  <tsaunier@igalia.com>

        [WebRTC][GStreamer] Make sure to have the default microphone on the top of the list
        https://bugs.webkit.org/show_bug.cgi?id=192026

        Reviewed by Philippe Normand.

        Otherwise we might end up picking a useless one in some applications
        (not sure what those application do though).

        GStreamer patch proposed as https://gitlab.freedesktop.org/gstreamer/gst-plugins-good/merge_requests/34/diffs

        * platform/mediastream/gstreamer/GStreamerCaptureDeviceManager.cpp:
        (WebCore::sortDevices):
        (WebCore::GStreamerCaptureDeviceManager::addDevice):
        (WebCore::GStreamerCaptureDeviceManager::refreshCaptureDevices):
        * platform/mediastream/gstreamer/GStreamerCaptureDeviceManager.h:

2018-11-28  Thibault Saunier  <tsaunier@igalia.com>

        [WebRTC][GStreamer] Tag all cameras with as 'Unknown' facing mode
        https://bugs.webkit.org/show_bug.cgi?id=192028

        Reviewed by Philippe Normand.

        * platform/mediastream/gstreamer/GStreamerVideoCaptureSource.cpp:
        (WebCore::GStreamerVideoCaptureSource::capabilities):

2018-11-28  Thibault Saunier  <tsaunier@igalia.com>

        [WebRTC][GStreamer] Use a GUniquePtr to hold the GstAudioConverter in our OutgoingAudioSource
        https://bugs.webkit.org/show_bug.cgi?id=192027

        Reviewed by Xabier Rodriguez-Calvar.

        Cleaning up a bit the code.

        It is a minor refactoring, no new test required.

        * platform/graphics/gstreamer/GUniquePtrGStreamer.h:
        * platform/mediastream/gstreamer/RealtimeOutgoingAudioSourceLibWebRTC.cpp:
        (WebCore::RealtimeOutgoingAudioSourceLibWebRTC::~RealtimeOutgoingAudioSourceLibWebRTC):
        (WebCore::RealtimeOutgoingAudioSourceLibWebRTC::audioSamplesAvailable):
        (WebCore::RealtimeOutgoingAudioSourceLibWebRTC::pullAudioData):
        * platform/mediastream/gstreamer/RealtimeOutgoingAudioSourceLibWebRTC.h:

2018-11-28  Thibault Saunier  <tsaunier@igalia.com>

        [GStreamer][WebRTC] Do not run device monitor for device type we do not handle
        https://bugs.webkit.org/show_bug.cgi?id=191904

        This is useless work and it throws warning about use GstDeviceMonitor without filters.

        Reviewed by Philippe Normand.

        * platform/mediastream/gstreamer/GStreamerCaptureDeviceManager.cpp:
        (WebCore::GStreamerCaptureDeviceManager::refreshCaptureDevices):

2018-11-27  Rob Buis  <rbuis@igalia.com>

        Block more ports (427, 548, 6697)
        https://bugs.webkit.org/show_bug.cgi?id=186092

        Reviewed by Frédéric Wang.

        Block port 427, ports 548 and 6697 are aleady blocked and
        are tested by the updated request-bad-port.html wpt test.

        Behavior matches Firefox and Chrome.

        Test: web-platform-tests/fetch/api/request/request-bad-port.html

        * platform/URL.cpp:
        (WebCore::portAllowed):

2018-11-27  Youenn Fablet  <youenn@apple.com>

        Log WebRTC stats in inspector console only when setting is verbose
        https://bugs.webkit.org/show_bug.cgi?id=192014

        Reviewed by Eric Carlson.

        Add a WebRTCStats channel that is used by default to output WebRTC stats in console.
        When WebRTC Debug logging is enabled, log WebRTC stats in WebRTC channel,
        so that they appear as debug information in Web Inspector.

        No change of JS behavior.
        Covered by manually testing what is logged in inspector and console.

        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCMediaEndpoint::OnStatsDelivered):
        * platform/Logging.h:

2018-11-27  Simon Fraser  <simon.fraser@apple.com>

        Fix the mis-spelled "m_clienstWaitingForAsyncDecoding"
        https://bugs.webkit.org/show_bug.cgi?id=192060

        Reviewed by Wenson Hsieh.

        Fix the mis-spelling of "m_clienstWaitingForAsyncDecoding".

        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::didRemoveClient):
        (WebCore::CachedImage::isClientWaitingForAsyncDecoding const):
        (WebCore::CachedImage::addClientWaitingForAsyncDecoding):
        (WebCore::CachedImage::removeAllClientsWaitingForAsyncDecoding):
        (WebCore::CachedImage::allClientsRemoved):
        (WebCore::CachedImage::clear):
        (WebCore::CachedImage::createImage):
        (WebCore::CachedImage::imageFrameAvailable):
        * loader/cache/CachedImage.h:

2018-11-27  Mark Lam  <mark.lam@apple.com>

        ENABLE_FAST_JIT_PERMISSIONS should be false for iosmac.
        https://bugs.webkit.org/show_bug.cgi?id=192055
        <rdar://problem/46288783>

        Reviewed by Saam Barati.

        No new tests needed.  Removing an invalid configuration that is not used in WebCore.

        * Configurations/FeatureDefines.xcconfig:

2018-11-27  Jiewen Tan  <jiewen_tan@apple.com>

        Remove kCCNotVerified
        https://bugs.webkit.org/show_bug.cgi?id=192034
        <rdar://problem/46235863>

        Reviewed by Alexey Proskuryakov.

        No change of behaviours.

        * crypto/CommonCryptoUtilities.h:
        * crypto/mac/CryptoAlgorithmRSASSA_PKCS1_v1_5Mac.cpp:
        (WebCore::verifyRSASSA_PKCS1_v1_5):

2018-11-27  Simon Fraser  <simon.fraser@apple.com>

        Avoid triggering compositing updates when only the root layer is composited
        https://bugs.webkit.org/show_bug.cgi?id=191813

        Reviewed by Zalan Bujtas.

        If we know that the only composited layer is the root, we can avoid triggering deep
        compositing updates sometimes, for example when layout changes size or position,
        or when z-order lists change.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::addChild):
        (WebCore::RenderLayer::removeChild):
        (WebCore::RenderLayer::updateLayerPosition):
        (WebCore::RenderLayer::scrollTo):
        (WebCore::RenderLayer::updateCompositingLayersAfterScroll):
        (WebCore::outputPaintOrderTreeRecursive):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::updateBackingAndHierarchy): Consult the layer.hasCompositingDescendant()
        flag to cut off descendants traversal when possible.
        (WebCore::RenderLayerCompositor::layerStyleChanged):

2018-11-27  Eric Carlson  <eric.carlson@apple.com>

        Refactor duplicate code for calling into media controls
        https://bugs.webkit.org/show_bug.cgi?id=192040
        <rdar://problem/46278931>

        Reviewed by Youenn Fablet.

        No new tests, no functional change.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::setupAndCallJS):
        (WebCore::HTMLMediaElement::updateCaptionContainer):
        (WebCore::HTMLMediaElement::configureTextTrackDisplay):
        (WebCore::HTMLMediaElement::ensureMediaControlsInjectedScript):
        (WebCore::HTMLMediaElement::setControllerJSProperty):
        (WebCore::HTMLMediaElement::didAddUserAgentShadowRoot):
        (WebCore::HTMLMediaElement::updateMediaControlsAfterPresentationModeChange):
        (WebCore::HTMLMediaElement::getCurrentMediaControlsStatus):
        * html/HTMLMediaElement.h:

2018-11-27  Simon Fraser  <simon.fraser@apple.com>

        Momentum scrolling ends at the wrong place when a scrolling overflow element has a non-zero border
        https://bugs.webkit.org/show_bug.cgi?id=191322

        Reviewed by Dean Jackson.
        
        The scrolling momentum logic in ScrollController::handleWheelEvent() which computes whether the scroll is pinned
        to the end makes use of ScrollableArea::visibleContentRect(). RenderLayer's implementation of this was incorrect when
        the layer's element had borders, causing the momentum scroll to stop early.
        
        Fix by using the correct size (visible size, not layer size).

        Test: fast/scrolling/momentum-scroll-with-borders.html

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::visibleContentRectInternal const):

2018-11-27  Simon Fraser  <simon.fraser@apple.com>

        Composited and tiled layers fail to update on scrolling in WebView
        https://bugs.webkit.org/show_bug.cgi?id=191821
        rdar://problem/46009272

        Reviewed by Zalan Bujtas.
        
        We relied on AppKit calling -[NSView viewWillDraw] on scrolling to trigger compositing
        layer flushes which are necessary to update backing store attachment, and tile coverage
        for tiled layers. However, we no longer get these reliably in WebView, so explicitly trigger
        flushes if necessary from FrameView::scrollOffsetChangedViaPlatformWidgetImpl().
        didChangeVisibleRect() is the same code path used by iOS UIWebView for the same purpose.

        Tests: compositing/backing/backing-store-attachment-scroll.html
               compositing/tiling/tile-coverage-on-scroll.html

        * page/FrameView.cpp:
        (WebCore::FrameView::scrollOffsetChangedViaPlatformWidgetImpl):
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::updateCoverage):

2018-11-27  Timothy Hatcher  <timothy@apple.com>

        Web Inspector: Add support for forcing color scheme appearance in DOM tree.
        https://bugs.webkit.org/show_bug.cgi?id=191820
        rdar://problem/46153172

        Reviewed by Devin Rousso.

        Test: inspector/css/force-page-appearance.html

        * inspector/InspectorInstrumentation.cpp:
        (WebCore::InspectorInstrumentation::defaultAppearanceDidChangeImpl):
        * inspector/InspectorInstrumentation.h:
        (WebCore::InspectorInstrumentation::defaultAppearanceDidChange):
        * inspector/agents/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::enable): Fire defaultAppearanceDidChange() on macOS Majave.
        (WebCore::InspectorPageAgent::disable): Call setForcedAppearance() with empty string.
        (WebCore::InspectorPageAgent::defaultAppearanceDidChange): Added.
        (WebCore::InspectorPageAgent::setForcedAppearance): Added.
        * inspector/agents/InspectorPageAgent.h:
        * page/Page.cpp:
        (WebCore::Page::setUseDarkAppearance): Call InspectorInstrumentation::defaultAppearanceDidChange().
        (WebCore::Page::useDarkAppearance const): Return override value if not nullopt.
        (WebCore::Page::setUseDarkAppearanceOverride): Added.
        * page/Page.h:
        (WebCore::Page::defaultUseDarkAppearance const): Added.

2018-11-27  Tim Horton  <timothy_horton@apple.com>

        Serialize and deserialize editable image strokes
        https://bugs.webkit.org/show_bug.cgi?id=192002
        <rdar://problem/30900149>

        Reviewed by Dean Jackson.

        Test: editing/images/paste-editable-image.html

        * html/HTMLImageElement.cpp:
        (WebCore::HTMLImageElement::parseAttribute):
        (WebCore::HTMLImageElement::insertedIntoAncestor):
        (WebCore::HTMLImageElement::didFinishInsertingNode):
        (WebCore::HTMLImageElement::removedFromAncestor):
        (WebCore::HTMLImageElement::hasEditableImageAttribute const):
        (WebCore::HTMLImageElement::updateEditableImage):
        Call updateEditableImage() from didFinishInsertingNode instead of insertedIntoAncestor.
        This is helpful because it means we get the final, deduplicated attachment identifier
        instead of the original one when cloning or pasting.

        This also means that isConnected() is now always accurate when updateEditableImage()
        is called, so we can remove the argument that allowed us to lie from inside insertedIntoAncestor.

        * html/HTMLImageElement.h:
        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::isEditableImage const):
        Make use of hasEditableImage instead of separately checking for the attribute.

2018-11-16  Jiewen Tan  <jiewen_tan@apple.com>

        Disallow loading webarchives as iframes
        https://bugs.webkit.org/show_bug.cgi?id=191728
        <rdar://problem/45524528>

        Reviewed by Youenn Fablet.

        Disallow loading webarchives as iframes. We don't allow loading remote webarchives.
        Now, this policy is hardened to disallow loading webarchives as iframes for local
        documents as well.

        To allow old tests still be able to run, a flag is added to always allow loading local
        webarchives in document. The flag can be set via window.internals.

        Tests: webarchive/loading/test-loading-archive-subresource.html
               webarchive/loading/test-loading-top-archive.html

        * dom/Document.h:
        (WebCore::Document::setAlwaysAllowLocalWebarchive):
        (WebCore::Document::alwaysAllowLocalWebarchive):
        * loader/DocumentLoader.cpp:
        (WebCore::disallowWebArchive):
        (WebCore::DocumentLoader::continueAfterContentPolicy):
        (WebCore::isRemoteWebArchive): Deleted.
        * testing/Internals.cpp:
        (WebCore::Internals::setAlwaysAllowLocalWebarchive const):
        * testing/Internals.h:
        * testing/Internals.idl:

2018-11-27  Jer Noble  <jer.noble@apple.com>

        Unregister CDMSessionMediaSourceAVFObjC for error notifications during destruction.
        https://bugs.webkit.org/show_bug.cgi?id=191985
        <rdar://problem/45972018>

        Reviewed by Eric Carlson.

        * platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.mm:
        (WebCore::CDMSessionMediaSourceAVFObjC::~CDMSessionMediaSourceAVFObjC):

2018-11-27  Thibault Saunier  <tsaunier@igalia.com>

        [GStreamer][WebRTC] Use LibWebRTC provided vp8 decoders and encoders
        https://bugs.webkit.org/show_bug.cgi?id=191861

        The GStreamer implementations are less feature full and less tested, now that Apple
        also use the LibWebRTC provided implementations it makes a lot of sense for us to
        do the same.

        Basically everything related to temporal scalability is not implemented in GStreamer.

        We should make sure to use GStreamer elements on low powered platforms and for
        accelerated encoders and decoders.

        Reviewed by Philippe Normand.

        This is mostly refactoring, no new test required.

        * platform/graphics/gstreamer/GStreamerCommon.h: Added GstMappedFrame similar to GstMappedBuffer but for video frames.
        (WebCore::GstMappedFrame::GstMappedFrame):
        (WebCore::GstMappedFrame::get):
        (WebCore::GstMappedFrame::ComponentData):
        (WebCore::GstMappedFrame::ComponentStride):
        (WebCore::GstMappedFrame::info):
        (WebCore::GstMappedFrame::width):
        (WebCore::GstMappedFrame::height):
        (WebCore::GstMappedFrame::format):
        (WebCore::GstMappedFrame::~GstMappedFrame):
        (WebCore::GstMappedFrame::operator bool const):
        * platform/graphics/gstreamer/GUniquePtrGStreamer.h:
        * platform/mediastream/gstreamer/GStreamerVideoFrameLibWebRTC.cpp:
        (WebCore::GStreamerVideoFrameLibWebRTC::ToI420): Implemented support for converting frame formats with the GstVideoConverter API
        * platform/mediastream/libwebrtc/GStreamerVideoDecoderFactory.cpp:
        (WebCore::GStreamerVideoDecoder::GstDecoderFactory):
        (WebCore::GStreamerVideoDecoder::HasGstDecoder):
        (WebCore::VP8Decoder::Create): Creates a `webrtc::LibvpxVp8Decoder()` if GStreamer decoder would be the LibVPX based one.
        (WebCore::GStreamerVideoDecoderFactory::CreateVideoDecoder):
        * platform/mediastream/libwebrtc/GStreamerVideoEncoder.cpp:
        (gst_webrtc_video_encoder_class_init):
        * platform/mediastream/libwebrtc/GStreamerVideoEncoderFactory.cpp: Stop using vp8enc and use LibWebRTC based implementation
        (WebCore::GStreamerH264Encoder::GStreamerH264Encoder): Renamed H264Encoder to GStreamerH264Encoder to be more coherent with what is done in LibVPX
        (WebCore::GStreamerVP8Encoder::GStreamerVP8Encoder): Renamed VP8Encoder to GStreamerVP8Encoder to be more coherent with what is done in LibVPX
        (WebCore::GStreamerVideoEncoderFactory::CreateVideoEncoder):
        (WebCore::GStreamerVideoEncoderFactory::GetSupportedFormats const):

2018-11-27  Javier Fernandez  <jfernandez@igalia.com>

        [css-grid] align-self center and position sticky don't work together
        https://bugs.webkit.org/show_bug.cgi?id=191963

        Reviewed by Manuel Rego Casasnovas.

        This is a fix for a regression introduced in r515391, where w