ChangeLog   [plain text]


2020-06-18  Alan Coon  <alancoon@apple.com>

        Apply patch. rdar://problem/64178850

    2020-06-18  Eric Carlson  <eric.carlson@apple.com>

            [Cocoa] Don't clear NowPlaying state unless it was set
            https://bugs.webkit.org/show_bug.cgi?id=211899
            <rdar://problem/62249870>

            Test: media/now-playing-status-without-media.html

            * platform/audio/PlatformMediaSessionManager.h:
            (WebCore::PlatformMediaSessionManager::haveEverRegisteredAsNowPlayingApplication const): Method
            added for testing.

            * platform/audio/cocoa/MediaSessionManagerCocoa.h:
            * platform/audio/cocoa/MediaSessionManagerCocoa.mm:
            (WebCore::MediaSessionManagerCocoa::updateNowPlayingInfo): Don't clear NowPlaying state unless
            it was setup in the first place.

            * testing/Internals.cpp:
            (WebCore::Internals::nowPlayingState const): Add new property.
            * testing/Internals.h:
            * testing/Internals.idl:

2020-06-16  Russell Epstein  <repstein@apple.com>

        Cherry-pick r263129. rdar://problem/64428805

    FileListCreator should only be used for resolving directories
    https://bugs.webkit.org/show_bug.cgi?id=213259
    <rdar://problem/64375709>
    
    Reviewed by David Kilzer.
    
    Depending on whether directories should be resolved, FileListCreator::create would either
    synchronously execute its completion handler then return nullptr or asynchronously dispatch
    its completion handler then return a non-null RefPtr. Interfaces with sometimes-synchronous
    callbacks can be hard to use correctly; e.g., r262962 fixes a problem where
    FileInputType::m_fileListCreator was being modified in an unexpected order.
    
    This patch makes the interface between FileInputType and FileListCreator less error-prone
    and more explicit by renaming FileListCreator to DirectoryFileListCreator, making its job
    solely to create directory FileLists on a background queue, and giving it an explicit start
    member function. For non-directories, FileInputType::filesChosen now bypasses
    DirectoryFileListCreator and directly converts from Vector<FileChooserFileInfo> to FileList.
    
    Covered by existing tests.
    
    * Sources.txt:
    * WebCore.xcodeproj/project.pbxproj:
    
    * html/DirectoryFileListCreator.cpp: Renamed from html/FileListCreator.cpp.
    (WebCore::createFileList): Removed the template and ShouldResolveDirectories parameter.
    (WebCore::DirectoryFileListCreator::DirectoryFileListCreator): Moved the work queue
    dispatching to DirectoryFileListCreator::start.
    (WebCore::DirectoryFileListCreator::start): Added; moved the work queue dispatching here
    from the ctor.
    
    * html/DirectoryFileListCreator.h: Renamed from html/FileListCreator.h.
    (WebCore::DirectoryFileListCreator::create): Stopped performing non-directory creation and
    changed the return value back to Ref<>.
    
    * html/FileInputType.cpp:
    (WebCore::FileInputType::filesChosen): Moved most of the work done in the FileListCreator
    completion handler to didCreateFileList. When !FileInputType::allowsDirectories, used
    Vector::map to convert paths to a Vector<Ref<File>>, used that to create a FileList, then
    called didCreateFileList. Otherwise, created and started a DirectoryFileListCreator that
    calls didCreateFileList in its completion handler.
    (WebCore::FileInputType::didCreateFileList): Added; sets the new file list and icon and
    clears m_directoryFileListCreator.
    
    * html/FileInputType.h:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@263129 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-06-16  Andy Estes  <aestes@apple.com>

            FileListCreator should only be used for resolving directories
            https://bugs.webkit.org/show_bug.cgi?id=213259
            <rdar://problem/64375709>

            Reviewed by David Kilzer.

            Depending on whether directories should be resolved, FileListCreator::create would either
            synchronously execute its completion handler then return nullptr or asynchronously dispatch
            its completion handler then return a non-null RefPtr. Interfaces with sometimes-synchronous
            callbacks can be hard to use correctly; e.g., r262962 fixes a problem where
            FileInputType::m_fileListCreator was being modified in an unexpected order.

            This patch makes the interface between FileInputType and FileListCreator less error-prone
            and more explicit by renaming FileListCreator to DirectoryFileListCreator, making its job
            solely to create directory FileLists on a background queue, and giving it an explicit start
            member function. For non-directories, FileInputType::filesChosen now bypasses
            DirectoryFileListCreator and directly converts from Vector<FileChooserFileInfo> to FileList.

            Covered by existing tests.

            * Sources.txt:
            * WebCore.xcodeproj/project.pbxproj:

            * html/DirectoryFileListCreator.cpp: Renamed from html/FileListCreator.cpp.
            (WebCore::createFileList): Removed the template and ShouldResolveDirectories parameter.
            (WebCore::DirectoryFileListCreator::DirectoryFileListCreator): Moved the work queue
            dispatching to DirectoryFileListCreator::start.
            (WebCore::DirectoryFileListCreator::start): Added; moved the work queue dispatching here
            from the ctor.

            * html/DirectoryFileListCreator.h: Renamed from html/FileListCreator.h.
            (WebCore::DirectoryFileListCreator::create): Stopped performing non-directory creation and
            changed the return value back to Ref<>.

            * html/FileInputType.cpp:
            (WebCore::FileInputType::filesChosen): Moved most of the work done in the FileListCreator
            completion handler to didCreateFileList. When !FileInputType::allowsDirectories, used
            Vector::map to convert paths to a Vector<Ref<File>>, used that to create a FileList, then
            called didCreateFileList. Otherwise, created and started a DirectoryFileListCreator that
            calls didCreateFileList in its completion handler.
            (WebCore::FileInputType::didCreateFileList): Added; sets the new file list and icon and
            clears m_directoryFileListCreator.

            * html/FileInputType.h:

2020-06-16  Russell Epstein  <repstein@apple.com>

        Cherry-pick r262739. rdar://problem/64413138

    Use usual promise in readableStreamTee
    https://bugs.webkit.org/show_bug.cgi?id=212715
    
    Reviewed by Mark Lam.
    
    The spec[1] is organized to be OK to use usual promises here. This patch uses usual promises instead of internal ones.
    
    [1]: https://streams.spec.whatwg.org/#readable-stream-tee
    
    * Modules/streams/ReadableStreamInternals.js:
    (readableStreamTee):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262739 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-06-08  Yusuke Suzuki  <ysuzuki@apple.com>

            Use usual promise in readableStreamTee
            https://bugs.webkit.org/show_bug.cgi?id=212715

            Reviewed by Mark Lam.

            The spec[1] is organized to be OK to use usual promises here. This patch uses usual promises instead of internal ones.

            [1]: https://streams.spec.whatwg.org/#readable-stream-tee

            * Modules/streams/ReadableStreamInternals.js:
            (readableStreamTee):

2020-06-16  Russell Epstein  <repstein@apple.com>

        Cherry-pick r263092. rdar://problem/64412673

    O(n^2) behavior in media query resolution
    https://bugs.webkit.org/show_bug.cgi?id=213243
    
    Reviewed by Anders Carlsson.
    
    We were traversing all rules in a RuleSet inside a loop over all media queries that change value.
    This becomes problematic when you have thousands of media queries.
    
    * style/RuleSet.cpp:
    (WebCore::Style::RuleSet::evaluteDynamicMediaQueryRules):
    
    Instead collect the rule positions that need flipping into a map and then traverse only once
    to do the actual flipping.
    
    Longer term we should maintain a data stucture that can map directly from a position to RuleDatas.
    This will require some data structure rethink so this patch takes a simpler approach.
    
    (WebCore::Style::RuleSet::MediaQueryCollector::pop):
    * style/RuleSet.h:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@263092 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-06-16  Antti Koivisto  <antti@apple.com>

            O(n^2) behavior in media query resolution
            https://bugs.webkit.org/show_bug.cgi?id=213243

            Reviewed by Anders Carlsson.

            We were traversing all rules in a RuleSet inside a loop over all media queries that change value.
            This becomes problematic when you have thousands of media queries.

            * style/RuleSet.cpp:
            (WebCore::Style::RuleSet::evaluteDynamicMediaQueryRules):

            Instead collect the rule positions that need flipping into a map and then traverse only once
            to do the actual flipping.

            Longer term we should maintain a data stucture that can map directly from a position to RuleDatas.
            This will require some data structure rethink so this patch takes a simpler approach.

            (WebCore::Style::RuleSet::MediaQueryCollector::pop):
            * style/RuleSet.h:

2020-06-16  Russell Epstein  <repstein@apple.com>

        Cherry-pick r262594. rdar://problem/64413274

    HTMLAppletElement::updateWidget should check for renderer after the overlapping test.
    https://bugs.webkit.org/show_bug.cgi?id=212789
    <rdar://problem/61854614>
    
    Reviewed by Simon Fraser.
    
    createJavaAppletWidget needs to check if the plugin(replacement) is obscured.
    Since the overlapping test requires up-to-date geometry, it initiates a top level style recalc/layout.
    We need to check if the apple element still has a renderer after the style recalc.
    
    * html/HTMLAppletElement.cpp:
    (WebCore::HTMLAppletElement::updateWidget):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262594 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-06-04  Zalan Bujtas  <zalan@apple.com>

            HTMLAppletElement::updateWidget should check for renderer after the overlapping test.
            https://bugs.webkit.org/show_bug.cgi?id=212789
            <rdar://problem/61854614>

            Reviewed by Simon Fraser.

            createJavaAppletWidget needs to check if the plugin(replacement) is obscured.
            Since the overlapping test requires up-to-date geometry, it initiates a top level style recalc/layout.
            We need to check if the apple element still has a renderer after the style recalc.

            * html/HTMLAppletElement.cpp:
            (WebCore::HTMLAppletElement::updateWidget):

2020-06-16  Russell Epstein  <repstein@apple.com>

        Cherry-pick r262540. rdar://problem/64413268

    Reset fragment line info when the relatively positioned inline box becomes static with block child.
    https://bugs.webkit.org/show_bug.cgi?id=212724
    <rdar://problem/62847534>
    
    Reviewed by Simon Fraser.
    
    adjustFragmentedFlowStateOnContainingBlockChangeIfNeeded was missing the case when the
    block container was inside an inline box. It happens when the inline box is relatively positioned while the
    child block box is absolutely positioned.
    RenderFragmentedFlow keeps track of the associated root lineboxes in m_lineToFragmentMap.
    In adjustFragmentedFlowStateOnContainingBlockChangeIfNeeded, when the block is no longer part of the fragment
    we remove these cached lineboxes from the m_lineToFragmentMap.
    This patch fixes the case when the cached lineboxes are generated by a child block box.
    
    * rendering/RenderElement.cpp:
    (WebCore::RenderElement::adjustFragmentedFlowStateOnContainingBlockChangeIfNeeded):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262540 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-06-04  Zalan Bujtas  <zalan@apple.com>

            Reset fragment line info when the relatively positioned inline box becomes static with block child.
            https://bugs.webkit.org/show_bug.cgi?id=212724
            <rdar://problem/62847534>

            Reviewed by Simon Fraser.

            adjustFragmentedFlowStateOnContainingBlockChangeIfNeeded was missing the case when the
            block container was inside an inline box. It happens when the inline box is relatively positioned while the
            child block box is absolutely positioned.
            RenderFragmentedFlow keeps track of the associated root lineboxes in m_lineToFragmentMap.
            In adjustFragmentedFlowStateOnContainingBlockChangeIfNeeded, when the block is no longer part of the fragment
            we remove these cached lineboxes from the m_lineToFragmentMap.
            This patch fixes the case when the cached lineboxes are generated by a child block box.

            * rendering/RenderElement.cpp:
            (WebCore::RenderElement::adjustFragmentedFlowStateOnContainingBlockChangeIfNeeded):

2020-06-15  Russell Epstein  <repstein@apple.com>

        Cherry-pick r262962. rdar://problem/64316002

    FileInputType should use WeakPtr for FileListCreator lambdas
    https://bugs.webkit.org/show_bug.cgi?id=213130
    <rdar://problem/64276591>
    
    Reviewed by David Kilzer.
    
    FileInputType::filesChosen was passing a completion handler to FileListCreator::create that
    captured |this|. If the FileListCreator instance still existed when |this| was destroyed,
    FileInputType::~FileInputType would clear the captured |this| by calling
    FileListCreator::clear. This can be simplified by having the FileListCreator completion
    handler capture a WeakPtr to |this|.
    
    Also, when FileInputType::allowsDirectories is false, m_fileListCreator would not be
    properly cleared after creating the file list. The FileListCreator completion handler would
    set m_fileListCreator to nullptr, but would be executed *before* FileListCreator::create
    returned and set m_fileListCreator to the newly-created FileListCreator object. Fixed this
    by having FileListCreator::create execute the completion handler immediately and return
    nullptr in cases where a FileListCreator does not need to be created for directory
    resolution.
    
    Covered by existing tests.
    
    * html/FileInputType.cpp:
    (WebCore::FileInputType::~FileInputType):
    (WebCore::FileInputType::filesChosen):
    * html/FileInputType.h:
    * html/FileListCreator.cpp:
    (WebCore::createFileList):
    (WebCore::FileListCreator::create):
    (WebCore::FileListCreator::FileListCreator):
    (WebCore::FileListCreator::createFileList):
    * html/FileListCreator.h:
    (WebCore::FileListCreator::create): Deleted.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262962 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-06-12  Andy Estes  <aestes@apple.com>

            FileInputType should use WeakPtr for FileListCreator lambdas
            https://bugs.webkit.org/show_bug.cgi?id=213130
            <rdar://problem/64276591>

            Reviewed by David Kilzer.

            FileInputType::filesChosen was passing a completion handler to FileListCreator::create that
            captured |this|. If the FileListCreator instance still existed when |this| was destroyed,
            FileInputType::~FileInputType would clear the captured |this| by calling
            FileListCreator::clear. This can be simplified by having the FileListCreator completion
            handler capture a WeakPtr to |this|.

            Also, when FileInputType::allowsDirectories is false, m_fileListCreator would not be
            properly cleared after creating the file list. The FileListCreator completion handler would
            set m_fileListCreator to nullptr, but would be executed *before* FileListCreator::create
            returned and set m_fileListCreator to the newly-created FileListCreator object. Fixed this
            by having FileListCreator::create execute the completion handler immediately and return
            nullptr in cases where a FileListCreator does not need to be created for directory
            resolution.

            Covered by existing tests.

            * html/FileInputType.cpp:
            (WebCore::FileInputType::~FileInputType):
            (WebCore::FileInputType::filesChosen):
            * html/FileInputType.h:
            * html/FileListCreator.cpp:
            (WebCore::createFileList):
            (WebCore::FileListCreator::create):
            (WebCore::FileListCreator::FileListCreator):
            (WebCore::FileListCreator::createFileList):
            * html/FileListCreator.h:
            (WebCore::FileListCreator::create): Deleted.

2020-06-15  Russell Epstein  <repstein@apple.com>

        Cherry-pick r262918. rdar://problem/64315999

    [iOS] nullptr deref in FileInputType::iconLoaded when the input's type attribute is modified by a change event listener
    https://bugs.webkit.org/show_bug.cgi?id=208244
    <rdar://problem/41855350>
    
    Reviewed by Wenson Hsieh.
    
    Source/WebCore:
    
    When an <input> element's type attribute changes, its existing InputType is detached from
    the HTMLInputElement by nulling InputType::m_element. When FileInputType::filesChosen is
    called, it dispatches the input and change events, which can run arbitrary JavaScript that
    might modify the element's type attribute. If this happens, FileInputType::m_element will be
    null after returning from FileInputType::setFiles and if there is an icon will be
    dereferenced by FileInputType::iconLoaded.
    
    Fixed this by checking for a non-null m_element before calling iconLoaded. While here, also
    fixed a bug where we sometimes checked the length of m_fileList before FileListCreator had
    finished setting m_fileList. This bug resulted in missing file icons whenever an
    <input type=file> had the webkitdirectory attribute.
    
    Tests: fast/forms/file/file-input-type-detached-on-change.html
           fast/forms/file/file-input-webkitdirectory-icon.html
    
    * html/FileInputType.cpp:
    (WebCore::FileInputType::filesChosen):
    
    Tools:
    
    * DumpRenderTree/TestRunner.cpp:
    (SetOpenPanelFilesMediaIconCallback):
    (TestRunner::staticFunctions):
    * WebKitTestRunner/InjectedBundle/TestRunner.cpp:
    (WTR::TestRunner::setOpenPanelFilesMediaIcon):
    
    LayoutTests:
    
    * fast/forms/file/file-input-type-detached-on-change-expected.txt: Added.
    * fast/forms/file/file-input-type-detached-on-change.html: Added.
    * fast/forms/file/file-input-webkitdirectory-icon-expected.html: Added.
    * fast/forms/file/file-input-webkitdirectory-icon.html: Added.
    * fast/forms/file/file-reset-in-change-using-open-panel-with-icon.html:
    * fast/forms/file/open-file-panel-crash.html:
    * fast/forms/file/resources/file-icon-bytes.js: Added.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262918 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-06-11  Andy Estes  <aestes@apple.com>

            [iOS] nullptr deref in FileInputType::iconLoaded when the input's type attribute is modified by a change event listener
            https://bugs.webkit.org/show_bug.cgi?id=208244
            <rdar://problem/41855350>

            Reviewed by Wenson Hsieh.

            When an <input> element's type attribute changes, its existing InputType is detached from
            the HTMLInputElement by nulling InputType::m_element. When FileInputType::filesChosen is
            called, it dispatches the input and change events, which can run arbitrary JavaScript that
            might modify the element's type attribute. If this happens, FileInputType::m_element will be
            null after returning from FileInputType::setFiles and if there is an icon will be
            dereferenced by FileInputType::iconLoaded.

            Fixed this by checking for a non-null m_element before calling iconLoaded. While here, also
            fixed a bug where we sometimes checked the length of m_fileList before FileListCreator had
            finished setting m_fileList. This bug resulted in missing file icons whenever an
            <input type=file> had the webkitdirectory attribute.

            Tests: fast/forms/file/file-input-type-detached-on-change.html
                   fast/forms/file/file-input-webkitdirectory-icon.html

            * html/FileInputType.cpp:
            (WebCore::FileInputType::filesChosen):

2020-06-12  Alan Coon  <alancoon@apple.com>

        Cherry-pick r262978. rdar://problem/64315997

    Stop allowing pages served over HTTPS with "Cache-Control: no-store" into the back/forward cache
    https://bugs.webkit.org/show_bug.cgi?id=213147
    <rdar://problem/64249683>
    
    Reviewed by Geoffrey Garen.
    
    Source/WebCore:
    
    Stop allowing pages served over HTTPS with "Cache-Control: no-store" into the back/forward cache.
    This is a revert of r250437 due to push back from Web developers.
    
    No new tests, updated existing tests.
    
    * history/BackForwardCache.cpp:
    (WebCore::canCacheFrame):
    
    LayoutTests:
    
    Update layout test coverage.
    
    * http/tests/navigation/https-in-page-cache-expected.txt:
    * http/tests/navigation/resources/https-in-page-cache-1.php:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262978 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-06-12  Chris Dumez  <cdumez@apple.com>

            Stop allowing pages served over HTTPS with "Cache-Control: no-store" into the back/forward cache
            https://bugs.webkit.org/show_bug.cgi?id=213147
            <rdar://problem/64249683>

            Reviewed by Geoffrey Garen.

            Stop allowing pages served over HTTPS with "Cache-Control: no-store" into the back/forward cache.
            This is a revert of r250437 due to push back from Web developers.

            No new tests, updated existing tests.

            * history/BackForwardCache.cpp:
            (WebCore::canCacheFrame):

2020-06-12  Alan Coon  <alancoon@apple.com>

        Cherry-pick r262707. rdar://problem/64226888

    File URLs with hostnames are misleading
    https://bugs.webkit.org/show_bug.cgi?id=212739
    <rdar://problem/63754917>
    
    Reviewed by Alex Christensen.
    
    Source/WebCore:
    
    Showing a file URL like file://example.org/test is misleading to users.
    To prevent this, we just do a redirection to the same file URL with an empty host.
    Remove the port at the same time.
    Covered by added API test.
    
    * loader/DocumentLoader.cpp:
    (WebCore::DocumentLoader::willSendRequest):
    
    Tools:
    
    * TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
    * TestWebKitAPI/Tests/WebKit/open-window-with-file-url-with-host.html: Added.
    * TestWebKitAPI/Tests/WebKitCocoa/OpenAndCloseWindow.mm:
    (TEST):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262707 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-06-08  Youenn Fablet  <youenn@apple.com>

            File URLs with hostnames are misleading
            https://bugs.webkit.org/show_bug.cgi?id=212739
            <rdar://problem/63754917>

            Reviewed by Alex Christensen.

            Showing a file URL like file://example.org/test is misleading to users.
            To prevent this, we just do a redirection to the same file URL with an empty host.
            Remove the port at the same time.
            Covered by added API test.

            * loader/DocumentLoader.cpp:
            (WebCore::DocumentLoader::willSendRequest):

2020-06-11  Alan Coon  <alancoon@apple.com>

        Cherry-pick r261217. rdar://problem/62978240

    Fix animation ordering to make imported/w3c/web-platform-tests/css/css-animations/Element-getAnimations.tentative.html pass
    https://bugs.webkit.org/show_bug.cgi?id=211468
    <rdar://problem/62732578>
    
    Reviewed by David Kilzer.
    
    LayoutTests/imported/w3c:
    
    Mark the final two failures in imported/w3c/web-platform-tests/css/css-animations/Element-getAnimations.tentative.html as PASS.
    
    * web-platform-tests/css/css-animations/Element-getAnimations.tentative-expected.txt:
    
    Source/WebCore:
    
    The "Animation composite order" section of the CSS Animations Level 2 specification (https://drafts.csswg.org/css-animations-2/#animation-composite-order)
    defines the relative composite order of animations. We bake this into compareAnimationsByCompositeOrder(), but this function would not yield consistent
    results if it is called in a non-stable sort, because if both CSSAnimation objects passed to this function have the same backing Animation object, they
    would not return the same value if passed in a different order. The Web Animations spec always ensures that procedures that sort using the composite
    order are called as part of a stable sort. So we change all call sites to use std::stable_sort and add an assertion in case we have two CSSAnimation
    objects with the same backing Animation objects to catch cases like this in the future.
    
    Finally, since we already know only relevant animations can find their way into the output of Document::getAnimations(), we also ensure we iterate over
    m_animations (which holds only relevant animations) rather than m_allAnimations (which may not).
    
    * animation/DocumentTimeline.cpp:
    (WebCore::DocumentTimeline::getAnimations const):
    * animation/KeyframeEffectStack.cpp:
    (WebCore::KeyframeEffectStack::ensureEffectsAreSorted):
    * animation/WebAnimationUtilities.cpp:
    (WebCore::compareAnimationsByCompositeOrder):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@261217 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-05-05  Antoine Quint  <graouts@apple.com>

            Fix animation ordering to make imported/w3c/web-platform-tests/css/css-animations/Element-getAnimations.tentative.html pass
            https://bugs.webkit.org/show_bug.cgi?id=211468
            <rdar://problem/62732578>

            Reviewed by David Kilzer.

            The "Animation composite order" section of the CSS Animations Level 2 specification (https://drafts.csswg.org/css-animations-2/#animation-composite-order)
            defines the relative composite order of animations. We bake this into compareAnimationsByCompositeOrder(), but this function would not yield consistent
            results if it is called in a non-stable sort, because if both CSSAnimation objects passed to this function have the same backing Animation object, they
            would not return the same value if passed in a different order. The Web Animations spec always ensures that procedures that sort using the composite
            order are called as part of a stable sort. So we change all call sites to use std::stable_sort and add an assertion in case we have two CSSAnimation
            objects with the same backing Animation objects to catch cases like this in the future.

            Finally, since we already know only relevant animations can find their way into the output of Document::getAnimations(), we also ensure we iterate over
            m_animations (which holds only relevant animations) rather than m_allAnimations (which may not).

            * animation/DocumentTimeline.cpp:
            (WebCore::DocumentTimeline::getAnimations const):
            * animation/KeyframeEffectStack.cpp:
            (WebCore::KeyframeEffectStack::ensureEffectsAreSorted):
            * animation/WebAnimationUtilities.cpp:
            (WebCore::compareAnimationsByCompositeOrder):

2020-06-10  Alan Coon  <alancoon@apple.com>

        Cherry-pick r262870. rdar://problem/64232759

    Improve CSP compliance under PSON
    https://bugs.webkit.org/show_bug.cgi?id=212995
    <rdar://problem/62996186>
    
    Reviewed by Chris Dumez.
    
    LayoutTests/imported/w3c:
    
    Rebaseline an existing test, since CSP is now checked before any navigations performed by a form action.
    
    * web-platform-tests/content-security-policy/form-action/form-action-src-blocked.sub-expected.txt:
    
    Source/WebCore:
    
    Tests: http/tests/security/contentSecurityPolicy/1.1/form-action-src-self-blocked.html
    
    The form submission logic was only considering CSP if the form
    action was a JavaScript URL. This is incorrect, as CSP might
    apply to any URL.
    
    This is also covered by the existing form-action CSP tests.
    
    * loader/FrameLoader.cpp:
    (WebCore::FrameLoader::submitForm): All URLs should be evaluted for
    compliance with CSP.
    
    LayoutTests:
    
    Add a new test to confirm that CSP rules are honored for form-action operations during process swap.
    This also rebaselines an existing test, since CSP is now checked before any navigations performed by
    a form action.
    
    * http/tests/security/contentSecurityPolicy/1.1/form-action-src-get-blocked-expected.txt: Rebaselined.
    * http/tests/security/contentSecurityPolicy/1.1/form-action-src-self-blocked-expected.txt: Copied from LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-get-blocked-expected.txt.
    * http/tests/security/contentSecurityPolicy/1.1/form-action-src-self-blocked.html: Added.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262870 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-06-10  Brent Fulgham  <bfulgham@apple.com>

            Improve CSP compliance under PSON
            https://bugs.webkit.org/show_bug.cgi?id=212995
            <rdar://problem/62996186>

            Reviewed by Chris Dumez.

            Tests: http/tests/security/contentSecurityPolicy/1.1/form-action-src-self-blocked.html

            The form submission logic was only considering CSP if the form
            action was a JavaScript URL. This is incorrect, as CSP might
            apply to any URL.

            This is also covered by the existing form-action CSP tests.

            * loader/FrameLoader.cpp:
            (WebCore::FrameLoader::submitForm): All URLs should be evaluted for
            compliance with CSP.

2020-06-10  Alan Coon  <alancoon@apple.com>

        Cherry-pick r262841. rdar://problem/64226920

    REGRESSION(r262798): fast/mediastream/media-stream-track-interrupted.html is failing
    https://bugs.webkit.org/show_bug.cgi?id=213011
    
    Reviewed by Eric Carlson.
    
    Source/WebCore:
    
    Before the patch, a source that is muted and for which its observers get ended will not be ended.
    This is a potential issue as the source can get unmuted, in which case, the audio shared unit might be asked to restart.
    This is crashing in debug as we would not have the AudioSession correct category for audio capture.
    
    Test: fast/mediastream/track-ended-while-muted.html
    Also covered by fast/mediastream/media-stream-track-interrupted.html no longer flakily crashing in debug.
    
    * platform/mediastream/RealtimeMediaSource.cpp:
    (WebCore::RealtimeMediaSource::requestToEnd):
    End the source even if muted.
    * platform/mediastream/RealtimeMediaSource.h:
    * testing/Internals.cpp:
    (WebCore::Internals::isMediaStreamSourceEnded const):
    * testing/Internals.h:
    * testing/Internals.idl:
    Add necessary test infrastructure.
    
    LayoutTests:
    
    * fast/mediastream/track-ended-while-muted-expected.txt: Added.
    * fast/mediastream/track-ended-while-muted.html: Added.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262841 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-06-10  Youenn Fablet  <youenn@apple.com>

            REGRESSION(r262798): fast/mediastream/media-stream-track-interrupted.html is failing
            https://bugs.webkit.org/show_bug.cgi?id=213011

            Reviewed by Eric Carlson.

            Before the patch, a source that is muted and for which its observers get ended will not be ended.
            This is a potential issue as the source can get unmuted, in which case, the audio shared unit might be asked to restart.
            This is crashing in debug as we would not have the AudioSession correct category for audio capture.

            Test: fast/mediastream/track-ended-while-muted.html
            Also covered by fast/mediastream/media-stream-track-interrupted.html no longer flakily crashing in debug.

            * platform/mediastream/RealtimeMediaSource.cpp:
            (WebCore::RealtimeMediaSource::requestToEnd):
            End the source even if muted.
            * platform/mediastream/RealtimeMediaSource.h:
            * testing/Internals.cpp:
            (WebCore::Internals::isMediaStreamSourceEnded const):
            * testing/Internals.h:
            * testing/Internals.idl:
            Add necessary test infrastructure.

2020-06-10  Alan Coon  <alancoon@apple.com>

        Apply patch. rdar://problem/64226920

    2020-06-10  Youenn Fablet  <youenn@apple.com>

            BaseAudioSharedUnit should unmute its clients in case of suspension even if not having any audio unit
            https://bugs.webkit.org/show_bug.cgi?id=212970

            CoreAudioCaptureSource(s), when muted, are now calling stopProducingData.
            This will, in turn, make the BaseAudioSharedUnit stop and no longer have any audio unit.
            In that case, when resume is called on the BaseAudioSharedUnit, it will exit early as the audio unit is null.
            This will prevent to unmute the CoreAudioCaptureSource(s).

            Fix this by removing the audio unit check in BaseAudioSharedUnit::resume.
            Add infrastructure testing to be able to write a test.

            Covered by added test.

            * platform/mediastream/RealtimeMediaSource.h:
            * platform/mediastream/mac/BaseAudioSharedUnit.cpp:
            (WebCore::BaseAudioSharedUnit::resume):
            * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
            (WebCore::CoreAudioCaptureSource::setInterruptedForTesting):
            * platform/mediastream/mac/CoreAudioCaptureSource.h:
            * testing/Internals.cpp:
            (WebCore::Internals::isMediaStreamSourceInterrupted const):
            * testing/Internals.h:
            * testing/Internals.idl:

2020-06-09  Dean Jackson  <dino@apple.com>

        REGRESSION: [Safari Mojave for High Sierra] Accessing some of the featured pages on apple.com causes the webpage to crash
        https://bugs.webkit.org/show_bug.cgi?id=212940

        Reviewed by Tim Horton.

        The code to use the singleton for a SwitchingGPUClient was assuming it
        has always been set, which was not the case when
        ENABLE(WEBPROCESS_WINDOWSERVER_BLOCKING) was not true.

        * platform/graphics/GraphicsContext3DManager.cpp: Check the state of the
        singleton before calling it.
        (WebCore::GraphicsContext3DManager::updateHighPerformanceState):
        (WebCore::GraphicsContext3DManager::disableHighPerformanceGPUTimerFired):
        * platform/graphics/mac/SwitchingGPUClient.h: Add a method to check if the
        singleton has been set.
        (WebCore::SwitchingGPUClient::hasSingleton):

2020-06-06  Andy Estes  <aestes@apple.com>

        Unreviewed build fix for platforms where APPLE_PAY_INSTALLMENTS is disabled.

        * testing/MockPaymentCoordinator.idl: Moved installmentConfiguration to a partial interface.

2020-06-04  Alan Coon  <alancoon@apple.com>

        Cherry-pick r260142. rdar://problem/63993130

    REGRESSION (r258977): Crash under Document::visibilityStateChanged
    https://bugs.webkit.org/show_bug.cgi?id=210555
    
    Reviewed by Youenn Fablet.
    
    Re-introduce null check of page in Document::visibilityStateChanged() which got inadvertently
    dropped in r258977.
    
    * dom/Document.cpp:
    (WebCore::Document::visibilityStateChanged):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@260142 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-04-15  Chris Dumez  <cdumez@apple.com>

            REGRESSION (r258977): Crash under Document::visibilityStateChanged
            https://bugs.webkit.org/show_bug.cgi?id=210555

            Reviewed by Youenn Fablet.

            Re-introduce null check of page in Document::visibilityStateChanged() which got inadvertently
            dropped in r258977.

            * dom/Document.cpp:
            (WebCore::Document::visibilityStateChanged):

2020-06-02  Andy Estes  <aestes@apple.com>

        Apply patch. rdar://problem/63626670

    2020-05-22  Andy Estes  <aestes@apple.com>

            [Apple Pay] Add new ApplePayInstallmentConfiguration members
            https://bugs.webkit.org/show_bug.cgi?id=212160
            <rdar://problem/60703650>

            Reviewed by Alex Christensen.

            Test: http/tests/ssl/applepay/ApplePayInstallmentItems.https.html

            * DerivedSources-input.xcfilelist:
            * DerivedSources-output.xcfilelist:
            * DerivedSources.make:
            * SourcesCocoa.txt:
            * WebCore.xcodeproj/project.pbxproj: Added IDLs, headers, and derived sources for
            ApplePayInstallment{Item,ItemType,RetailChannel}.

            * Modules/applepay/ApplePayInstallmentConfiguration.idl:
            * Modules/applepay/ApplePayInstallmentConfigurationWebCore.h: Added items,
            applicationMetadata, and retailChannel members. Added missing conditionals to
            merchantIdentifier and referrerIdentifier.

            * Modules/applepay/ApplePayInstallmentItem.h:
            * Modules/applepay/ApplePayInstallmentItem.idl:
            * Modules/applepay/ApplePayInstallmentItemType.h:
            * Modules/applepay/ApplePayInstallmentItemType.idl:
            * Modules/applepay/ApplePayInstallmentRetailChannel.h:
            * Modules/applepay/ApplePayInstallmentRetailChannel.idl: Added.

            * Modules/applepay/ApplePayRequestBase.cpp:
            (WebCore::convertAndValidate): Changed to call PaymentInstallmentConfiguration::create,
            returning an exception if present.

            * Modules/applepay/PaymentInstallmentConfiguration.mm:
            (WebCore::fromDecimalNumber): Allowed for a large maximum number of fractional digits to
            support formatting high-precision currency and APRs (note that this formatter is only used
            for test support).

            (WebCore::applePayItemType):
            (WebCore::platformItemType): Added to convert between PKInstallmentItemType and
            ApplePayInstallmentItemType.

            (WebCore::applePayRetailChannel):
            (WebCore::platformRetailChannel): Added to convert between PKInstallmentRetailChannel and
            ApplePayInstallmentRetailChannel.

            (WebCore::makeNSArrayElement):
            (WebCore::makeVectorElement): Added to convert between NSArray<PKPaymentInstallmentItem *>
            and Vector<ApplePayInstallmentItem>.

            (WebCore::createPlatformConfiguration): Added a parameter for passing in applicationMetadata
            as an NSDictionary. Set properties on PKPaymentInstallmentConfiguration for new
            ApplePayInstallmentConfiguration members.
            (WebCore::PaymentInstallmentConfiguration::create): Added; converts the applicationMetadata
            JSON string (if present) to an NSDictionary, returning a TypeError if the JSON string does
            not deserialize to an NSDictionary (as PassKit requires).
            (WebCore::PaymentInstallmentConfiguration::PaymentInstallmentConfiguration): Added a
            parameter for passing in applicationMetadata as an NSDictionary. Made private.
            (WebCore::PaymentInstallmentConfiguration::applePayInstallmentConfiguration const): Set
            members on ApplePayInstallmentConfiguration for new PKPaymentInstallmentConfiguration
            properties.

            * Modules/applepay/PaymentInstallmentConfigurationWebCore.h:

2020-05-20  Russell Epstein  <repstein@apple.com>

        Apply patch. rdar://problem/63343507

    2020-05-20  Youenn Fablet  <youenn@apple.com>

            Video capture does not get unmuted in case of tab switch on iOS
            https://bugs.webkit.org/show_bug.cgi?id=211509

            Reviewed by Eric Carlson.

            Document is muting the capture video source in case of page being hidden.
            When unhiding, only the RealtimeVideoSource is unmuted, not the capture video source (AVVideoCaptureSource).
            Fort that reason, make sure to unmute the capture video source as well as the RealtimeVideoSource.
            To ensure we validate that the active source is tied to a track of the document,
            we add RealtimeSource::isSameAs which handles the case of a RealtimeVideoSource wrapping an AVVideoCaptureSource.
            Covered by updated test and manual testing.

            * Modules/mediastream/MediaStreamTrack.cpp:
            (WebCore::MediaStreamTrack::MediaStreamTrack):
            (WebCore::isSourceCapturingForDocument):
            (WebCore::MediaStreamTrack::updateCaptureAccordingToMutedState):
            * Modules/mediastream/MediaStreamTrack.h:
            * dom/Document.cpp:
            (WebCore::Document::visibilityStateChanged):
            * platform/mediastream/RealtimeMediaSource.cpp:
            * platform/mediastream/RealtimeMediaSource.h:
            * platform/mediastream/RealtimeMediaSourceCenter.cpp:
            * platform/mediastream/RealtimeMediaSourceCenter.h:
            * platform/mediastream/RealtimeMediaSourceFactory.h:
            * platform/mediastream/RealtimeVideoSource.h:
            * platform/mediastream/ios/CoreAudioCaptureSourceIOS.mm:
            * platform/mediastream/mac/CoreAudioCaptureSource.h:
            * platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
            * platform/mock/MockRealtimeMediaSourceCenter.cpp:

2020-05-20  Russell Epstein  <repstein@apple.com>

        Apply patch. rdar://problem/63393729

    2020-05-20  Youenn Fablet  <youennf@gmail.com>

            Follow-up fix to https://trac.webkit.org/changeset/261583/webkit
            rdar://problem/63393729

            Add a test to ensure we unregister from the source even if not playing.

            Test: webrtc/remoteAudio-never-played.html

            * platform/mediastream/mac/AudioTrackPrivateMediaStreamCocoa.cpp:
            (WebCore::AudioTrackPrivateMediaStreamCocoa::clear):
            Make sure to unregister unconditionally to cover the case of a renderer that never plays.

2020-05-19  Russell Epstein  <repstein@apple.com>

        Apply patch. rdar://problem/63156096

    2020-05-19  Youenn Fablet  <youenn@apple.com>

            Sending WebRTC network packets should not go through the main thread
            https://bugs.webkit.org/show_bug.cgi?id=211291

            Reviewed by Eric Carlson.

            Covered by existing tests.

            * platform/mediastream/libwebrtc/LibWebRTCProvider.cpp:
            (WebCore::LibWebRTCProvider::getStaticFactoryAndThreads):
            * platform/mediastream/libwebrtc/LibWebRTCProvider.h:
            Add the ability for WebKit LibWebRTCProvider to do some processing on creation of the RTC threads.

2020-05-12  Alan Coon  <alancoon@apple.com>

        Cherry-pick r259853. rdar://problem/63156090

    Bump priority of LibWebRTCAudioModule thread
    https://bugs.webkit.org/show_bug.cgi?id=210107
    
    Reviewed by Eric Carlson.
    
    LibWebRTCAudioModule operates on its own thread and is responsible to generate and push remote audio track data to audio renderers.
    It does this every 50 milliseconds and any delay in this task will trigger audio crackling.
    
    Migrate LibWebRTCAudioModule from a thread based approach to a WorkQueue.
    This gives cleaner code and allows to set the WorkQueue QOS to QOS::UserInteractive
    so that it does not get imnterrupted too often.
    
    We expect the audio task to be done every 50 ms.
    If it takes less than 50 ms to dispatch the task and execute, we dispatch a new task with some delay
    to keep the exact 50ms delay.
    Otherwise, we dispatch a task without any delay to try recovering as much as we can.
    
    Manullay tested on iOS using mock sources on pages rendering multiple audio tracks.
    This reduces audio crackling a lot but not completely.
    
    * platform/mediastream/libwebrtc/LibWebRTCAudioModule.cpp:
    (WebCore::LibWebRTCAudioModule::LibWebRTCAudioModule):
    (WebCore::LibWebRTCAudioModule::StartPlayout):
    (WebCore::LibWebRTCAudioModule::StartPlayoutOnAudioThread):
    * platform/mediastream/libwebrtc/LibWebRTCAudioModule.h:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259853 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-04-10  Youenn Fablet  <youenn@apple.com>

            Bump priority of LibWebRTCAudioModule thread
            https://bugs.webkit.org/show_bug.cgi?id=210107

            Reviewed by Eric Carlson.

            LibWebRTCAudioModule operates on its own thread and is responsible to generate and push remote audio track data to audio renderers.
            It does this every 50 milliseconds and any delay in this task will trigger audio crackling.

            Migrate LibWebRTCAudioModule from a thread based approach to a WorkQueue.
            This gives cleaner code and allows to set the WorkQueue QOS to QOS::UserInteractive
            so that it does not get imnterrupted too often.

            We expect the audio task to be done every 50 ms.
            If it takes less than 50 ms to dispatch the task and execute, we dispatch a new task with some delay
            to keep the exact 50ms delay.
            Otherwise, we dispatch a task without any delay to try recovering as much as we can.

            Manullay tested on iOS using mock sources on pages rendering multiple audio tracks.
            This reduces audio crackling a lot but not completely.

            * platform/mediastream/libwebrtc/LibWebRTCAudioModule.cpp:
            (WebCore::LibWebRTCAudioModule::LibWebRTCAudioModule):
            (WebCore::LibWebRTCAudioModule::StartPlayout):
            (WebCore::LibWebRTCAudioModule::StartPlayoutOnAudioThread):
            * platform/mediastream/libwebrtc/LibWebRTCAudioModule.h:

2020-05-12  Alan Coon  <alancoon@apple.com>

        Revert r261514. rdar://problem/62978925

2020-05-11  Russell Epstein  <repstein@apple.com>

        Apply patch. rdar://problem/62978903

    2020-05-11  Youenn Fablet  <youenn@apple.com>

            MediaPlayerPrivateMediaStreamAVFObjC should unobserve the tracks from its audio and video track sets
            https://bugs.webkit.org/show_bug.cgi?id=211444
            <rdar://problem/62886221>

            Test: fast/mediastream/MediaStream-removeTrack-while-playing.html

            * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
            (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::~MediaPlayerPrivateMediaStreamAVFObjC):
            We keep maps of audio and video tracks we are observing.
            Use these two maps to properly unobserve all tracks at destruction time.
            While this is not strictly needed since we are using weak pointers, this helps keeping the code healthy.
            * platform/mediastream/MediaStreamTrackPrivate.cpp:
            (WebCore::MediaStreamTrackPrivate::forEachObserver):
            Add a debug ASSERT so that we ensure add/remove observers is done properly.

2020-05-11  Alan Coon  <alancoon@apple.com>

        Cherry-pick r258991. rdar://problem/62978907

    Fix build after https://trac.webkit.org/changeset/258977/webkit
    https://bugs.webkit.org/show_bug.cgi?id=209545
    
    Unreviewed.
    
    
    * dom/Document.cpp:
    (WebCore::Document::visibilityStateChanged):
    Add ENABLE(MEDIA_STREAM) compilation flag.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258991 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-03-25  youenn fablet  <youenn@apple.com>

            Fix build after https://trac.webkit.org/changeset/258977/webkit
            https://bugs.webkit.org/show_bug.cgi?id=209545

            Unreviewed.

            * dom/Document.cpp:
            (WebCore::Document::visibilityStateChanged):
            Add ENABLE(MEDIA_STREAM) compilation flag.

2020-05-11  Alan Coon  <alancoon@apple.com>

        Cherry-pick r258977. rdar://problem/62978907

    Audio fails to capture stream in WebRTC if AudioSession gets interrupted
    https://bugs.webkit.org/show_bug.cgi?id=208516
    <rdar://problem/60020467>
    
    Reviewed by Eric Carlson.
    
    In case of page going to hidden, continue calling each capture factory to mute the corresponding sources if needed.
    In case of page being visible again, reset all tracks according page muted state. This allows restarting tracks that have been
    muted while page was hidden (video tracks or suspended audio tracks).
    
    Since tracks can go to muted when visibility changes, we no longer return early when setting the muted state of a page to the same value.
    Instead we apply it which ensures we comply with what UIProcess wants.
    
    We start removing the concept of a RealtimeMediaSource be interrupted. Instead we use muting of sources.
    This allows UIProcess or the page to override any muted state, for instance if page goes in foreground again.
    
    We update the AudioSharedUnit to allow restarting capture even if suspended.
    This ensures that we are able to restart capturing even if we do not receive the audio session end of interruption.
    Also, this notification sometimes takes a long time to happen and we do not want to wait for it when user is interacting with the page.
    A future refactoring will further remove RealtimeMediaSource interrupted-related code.
    
    Manually tested.
    
    * dom/Document.cpp:
    (WebCore::Document::visibilityStateChanged):
    * page/Page.cpp:
    (WebCore::Page::setMuted):
    * platform/audio/PlatformMediaSessionManager.h:
    (WebCore::PlatformMediaSessionManager::isInterrupted const):
    * platform/mediastream/RealtimeMediaSource.cpp:
    (WebCore::RealtimeMediaSource::setInterrupted):
    (WebCore::RealtimeMediaSource::setMuted):
    * platform/mediastream/mac/BaseAudioSharedUnit.cpp:
    (WebCore::BaseAudioSharedUnit::startProducingData):
    (WebCore::BaseAudioSharedUnit::resume):
    (WebCore::BaseAudioSharedUnit::suspend):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258977 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-03-25  Youenn Fablet  <youenn@apple.com>

            Audio fails to capture stream in WebRTC if AudioSession gets interrupted
            https://bugs.webkit.org/show_bug.cgi?id=208516
            <rdar://problem/60020467>

            Reviewed by Eric Carlson.

            In case of page going to hidden, continue calling each capture factory to mute the corresponding sources if needed.
            In case of page being visible again, reset all tracks according page muted state. This allows restarting tracks that have been
            muted while page was hidden (video tracks or suspended audio tracks).

            Since tracks can go to muted when visibility changes, we no longer return early when setting the muted state of a page to the same value.
            Instead we apply it which ensures we comply with what UIProcess wants.

            We start removing the concept of a RealtimeMediaSource be interrupted. Instead we use muting of sources.
            This allows UIProcess or the page to override any muted state, for instance if page goes in foreground again.

            We update the AudioSharedUnit to allow restarting capture even if suspended.
            This ensures that we are able to restart capturing even if we do not receive the audio session end of interruption.
            Also, this notification sometimes takes a long time to happen and we do not want to wait for it when user is interacting with the page.
            A future refactoring will further remove RealtimeMediaSource interrupted-related code.

            Manually tested.

            * dom/Document.cpp:
            (WebCore::Document::visibilityStateChanged):
            * page/Page.cpp:
            (WebCore::Page::setMuted):
            * platform/audio/PlatformMediaSessionManager.h:
            (WebCore::PlatformMediaSessionManager::isInterrupted const):
            * platform/mediastream/RealtimeMediaSource.cpp:
            (WebCore::RealtimeMediaSource::setInterrupted):
            (WebCore::RealtimeMediaSource::setMuted):
            * platform/mediastream/mac/BaseAudioSharedUnit.cpp:
            (WebCore::BaseAudioSharedUnit::startProducingData):
            (WebCore::BaseAudioSharedUnit::resume):
            (WebCore::BaseAudioSharedUnit::suspend):

2020-05-07  Russell Epstein  <repstein@apple.com>

        Cherry-pick r261208. rdar://problem/62978272

    Crash in match_constness<WebCore::CSSValue, WebCore::CSSPrimitiveValue>::type& WTF::downcast<WebCore::CSSPrimitiveValue, WebCore::CSSValue> -- ASAN
    https://bugs.webkit.org/show_bug.cgi?id=211479
    
    Patch by Pinki Gyanchandani <pgyanchandani@apple.com> on 2020-05-05
    Reviewed by Geoffrey Garen.
    
    Added check to downcast CSSValue to CSSPrimitiveValue, only if valid CSSPrimitveValue is associated with the property.
    
    New test would be added to Internal repository.
    
    * css/StyleProperties.cpp:
    (WebCore::StyleProperties::pageBreakPropertyValue const):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@261208 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-05-05  Pinki Gyanchandani  <pgyanchandani@apple.com>

            Crash in match_constness<WebCore::CSSValue, WebCore::CSSPrimitiveValue>::type& WTF::downcast<WebCore::CSSPrimitiveValue, WebCore::CSSValue> -- ASAN
            https://bugs.webkit.org/show_bug.cgi?id=211479

            Reviewed by Geoffrey Garen.

            Added check to downcast CSSValue to CSSPrimitiveValue, only if valid CSSPrimitveValue is associated with the property.

            New test would be added to Internal repository.

            * css/StyleProperties.cpp:
            (WebCore::StyleProperties::pageBreakPropertyValue const):

2020-05-07  Russell Epstein  <repstein@apple.com>

        Cherry-pick r260682. rdar://problem/62978266

    [WTF] allThreads registration is racy with allThreads unregistration
    https://bugs.webkit.org/show_bug.cgi?id=210995
    <rdar://problem/61609690>
    
    Reviewed by Keith Miller.
    
    Source/WebCore:
    
    * page/cocoa/ResourceUsageThreadCocoa.mm:
    (WebCore::ResourceUsageThread::platformCollectCPUData):
    
    Source/WTF:
    
    There is a race between registering a thread to allThreads and unregistering a thread from allThreads.
    
        1. Caller: A new thread is created, but not registering it to allThreads yet.
        2. Thread: The thread is running.
        3. Thread: The thread finishes its execution before the thread is registered into allThreads.
        4. Thread: The thread unregisters itself from allThreads.
        5. Caller: Registers the new thread to allThreads after it already finished its execution.
        6. The thread is never removed from allThreads.
    
    This patch adds m_didUnregisterFromAllThreads flag to Thread, and add the thread to allThreads only when this flag is false.
    
    Covered by LayoutTests/inspector/cpu-profiler/threads.html.
    
    * wtf/Threading.cpp:
    (WTF::Thread::create):
    (WTF::Thread::didExit):
    * wtf/Threading.h:
    (WTF::Thread::Thread):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@260682 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-04-24  Yusuke Suzuki  <ysuzuki@apple.com>

            [WTF] allThreads registration is racy with allThreads unregistration
            https://bugs.webkit.org/show_bug.cgi?id=210995
            <rdar://problem/61609690>

            Reviewed by Keith Miller.

            * page/cocoa/ResourceUsageThreadCocoa.mm:
            (WebCore::ResourceUsageThread::platformCollectCPUData):

2020-05-07  Russell Epstein  <repstein@apple.com>

        Cherry-pick r260598. rdar://problem/62978929

    Allow credentials for same-origin css mask images
    https://bugs.webkit.org/show_bug.cgi?id=210895
    <rdar://problem/60093888>
    
    Patch by Alex Christensen <achristensen@webkit.org> on 2020-04-23
    Reviewed by Brent Fulgham.
    
    Source/WebCore:
    
    Test: http/tests/security/css-mask-image-credentials.html
    
    r230006 went a step too far in restricting what is allowed with css mask images.
    Basic authentication credentials should be allowed with such requests as they are in Chrome and Firefox.
    This can be seen by doing run-webkit-httpd then opening http://127.0.0.1:8000/security/css-mask-image-credentials.html
    In Chrome and Firefox you'll see it forward to a page that has a blue square.
    In Safari before this change you'll see a yellow square and a basic authentication prompt.
    In Safari after this change you'll see the same blue square you see in Chrome and Firefox.
    
    * style/StylePendingResources.cpp:
    (WebCore::Style::loadPendingImage):
    
    LayoutTests:
    
    * http/tests/security/css-mask-image-credentials-expected.html: Added.
    * http/tests/security/css-mask-image-credentials.html: Added.
    * http/tests/security/resources/css-mask-image-credentials-2.html: Added.
    * http/tests/security/resources/image-credential-check.php: Added.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@260598 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-04-23  Alex Christensen  <achristensen@webkit.org>

            Allow credentials for same-origin css mask images
            https://bugs.webkit.org/show_bug.cgi?id=210895
            <rdar://problem/60093888>

            Reviewed by Brent Fulgham.

            Test: http/tests/security/css-mask-image-credentials.html

            r230006 went a step too far in restricting what is allowed with css mask images.
            Basic authentication credentials should be allowed with such requests as they are in Chrome and Firefox.
            This can be seen by doing run-webkit-httpd then opening http://127.0.0.1:8000/security/css-mask-image-credentials.html
            In Chrome and Firefox you'll see it forward to a page that has a blue square.
            In Safari before this change you'll see a yellow square and a basic authentication prompt.
            In Safari after this change you'll see the same blue square you see in Chrome and Firefox.

            * style/StylePendingResources.cpp:
            (WebCore::Style::loadPendingImage):

2020-05-07  Russell Epstein  <repstein@apple.com>

        Cherry-pick r260528. rdar://problem/62978914

    REGRESSION (r249160): Deleting newline after pasting text ending in a newline results in a discontinuity
    https://bugs.webkit.org/show_bug.cgi?id=210677
    <rdar://problem/61954169>
    
    Reviewed by Zalan Bujtas.
    
    Source/WebCore:
    
    Test: fast/text/delete-line-break-in-pre.html
    
    * rendering/RenderTextLineBoxes.cpp:
    (WebCore::RenderTextLineBoxes::dirtyRange):
    
    r249160 changed InlineTextBox end offset to be consistently first-past-end.
    The code here that updates lineBreakPos needs to take this into account too.
    
    LayoutTests:
    
    * fast/text/delete-line-break-in-pre-expected.html: Added.
    * fast/text/delete-line-break-in-pre.html: Added.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@260528 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-04-22  Antti Koivisto  <antti@apple.com>

            REGRESSION (r249160): Deleting newline after pasting text ending in a newline results in a discontinuity
            https://bugs.webkit.org/show_bug.cgi?id=210677
            <rdar://problem/61954169>

            Reviewed by Zalan Bujtas.

            Test: fast/text/delete-line-break-in-pre.html

            * rendering/RenderTextLineBoxes.cpp:
            (WebCore::RenderTextLineBoxes::dirtyRange):

            r249160 changed InlineTextBox end offset to be consistently first-past-end.
            The code here that updates lineBreakPos needs to take this into account too.

2020-05-07  Russell Epstein  <repstein@apple.com>

        Cherry-pick r260201. rdar://problem/62978925

    [macOS] Update ScreenTime as playback state changes
    https://bugs.webkit.org/show_bug.cgi?id=210518
    <rdar://problem/61181092>
    
    Reviewed by Eric Carlson.
    
    Follow up to r260182; Pass a WeakPtr into our task queue in sessionWillEndPlayback rather than a bare pointer.
    
    * platform/audio/cocoa/MediaSessionManagerCocoa.mm:
    (WebCore::MediaSessionManagerCocoa::sessionWillEndPlayback):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@260201 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-04-16  Jer Noble  <jer.noble@apple.com>

            [macOS] Update ScreenTime as playback state changes
            https://bugs.webkit.org/show_bug.cgi?id=210518
            <rdar://problem/61181092>

            Reviewed by Eric Carlson.

            Follow up to r260182; Pass a WeakPtr into our task queue in sessionWillEndPlayback rather than a bare pointer.

            * platform/audio/cocoa/MediaSessionManagerCocoa.mm:
            (WebCore::MediaSessionManagerCocoa::sessionWillEndPlayback):

2020-05-07  Russell Epstein  <repstein@apple.com>

        Cherry-pick r259877. rdar://problem/62978910

    [CSS Shadow Parts] Bad style sharing between sibling elements with different part attributes
    https://bugs.webkit.org/show_bug.cgi?id=210249
    <rdar://problem/61547528>
    
    Reviewed by Daniel Bates.
    
    Source/WebCore:
    
    Style sharing optimization was unconditionally allowed for elements that were styled with part pseudo element.
    This could lead to miscomputed style.
    
    Test case by Justin Fagnani.
    
    Test: fast/css/shadow-parts/shadow-part-style-sharing.html
    
    * style/StyleSharingResolver.cpp:
    (WebCore::Style::SharingResolver::canShareStyleWithElement):
    
    Only allow style sharing if parts match.
    
    LayoutTests:
    
    * fast/css/shadow-parts/shadow-part-style-sharing-expected.html: Added.
    * fast/css/shadow-parts/shadow-part-style-sharing.html: Added.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259877 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-04-10  Antti Koivisto  <antti@apple.com>

            [CSS Shadow Parts] Bad style sharing between sibling elements with different part attributes
            https://bugs.webkit.org/show_bug.cgi?id=210249
            <rdar://problem/61547528>

            Reviewed by Daniel Bates.

            Style sharing optimization was unconditionally allowed for elements that were styled with part pseudo element.
            This could lead to miscomputed style.

            Test case by Justin Fagnani.

            Test: fast/css/shadow-parts/shadow-part-style-sharing.html

            * style/StyleSharingResolver.cpp:
            (WebCore::Style::SharingResolver::canShareStyleWithElement):

            Only allow style sharing if parts match.

2020-05-07  Russell Epstein  <repstein@apple.com>

        Cherry-pick r259611. rdar://problem/62978871

    Delete line boxes when moving text renderers between block flows
    https://bugs.webkit.org/show_bug.cgi?id=210000
    
    Reviewed by Antti Koivisto.
    
    After style and/or tree mutation the existing line boxes are destroyed during the subsequent layout.
    When the text renderer moves between block flows and the destination block flow initiates a different
    type of line layout, we need to make sure the previous line content is cleaned up properly.
    
    * rendering/RenderBlockFlow.cpp:
    (WebCore::RenderBlockFlow::layoutSimpleLines):
    (WebCore::RenderBlockFlow::layoutLFCLines):
    * rendering/RenderText.cpp:
    (WebCore::RenderText::removeAndDestroyTextBoxes):
    (WebCore::RenderText::dirtyLineBoxes):
    (WebCore::RenderText::deleteLineBoxes):
    * rendering/RenderText.h:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259611 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-04-06  Zalan Bujtas  <zalan@apple.com>

            Delete line boxes when moving text renderers between block flows
            https://bugs.webkit.org/show_bug.cgi?id=210000

            Reviewed by Antti Koivisto.

            After style and/or tree mutation the existing line boxes are destroyed during the subsequent layout.
            When the text renderer moves between block flows and the destination block flow initiates a different
            type of line layout, we need to make sure the previous line content is cleaned up properly.

            * rendering/RenderBlockFlow.cpp:
            (WebCore::RenderBlockFlow::layoutSimpleLines):
            (WebCore::RenderBlockFlow::layoutLFCLines):
            * rendering/RenderText.cpp:
            (WebCore::RenderText::removeAndDestroyTextBoxes):
            (WebCore::RenderText::dirtyLineBoxes):
            (WebCore::RenderText::deleteLineBoxes):
            * rendering/RenderText.h:

2020-05-07  Russell Epstein  <repstein@apple.com>

        Cherry-pick r259525. rdar://problem/62978878

    Protect contentFrame in SubframeLoader::loadOrRedirectSubframe with RefPtr.
    https://bugs.webkit.org/show_bug.cgi?id=127096
    <rdar://problem/61221941>
    
    Reviewed by Alex Christensen.
    
    ContentFrame is used throughout loadOrRedirectSubframe so it needs to be protected with RefPtr.
    And if loader changes frame in SubframeLoader::loadSubframe, return nullptr to notify the caller.
    
    No new tests, covered by existing test.
    
    * loader/SubframeLoader.cpp:
    (WebCore::SubframeLoader::loadOrRedirectSubframe):
    (WebCore::SubframeLoader::loadSubframe):
    * loader/SubframeLoader.h:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259525 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-04-03  Jack Lee  <shihchieh_lee@apple.com>

            Protect contentFrame in SubframeLoader::loadOrRedirectSubframe with RefPtr.
            https://bugs.webkit.org/show_bug.cgi?id=127096
            <rdar://problem/61221941>

            Reviewed by Alex Christensen.

            ContentFrame is used throughout loadOrRedirectSubframe so it needs to be protected with RefPtr.
            And if loader changes frame in SubframeLoader::loadSubframe, return nullptr to notify the caller.

            No new tests, covered by existing test.

            * loader/SubframeLoader.cpp:
            (WebCore::SubframeLoader::loadOrRedirectSubframe):
            (WebCore::SubframeLoader::loadSubframe):
            * loader/SubframeLoader.h:

2020-05-07  Russell Epstein  <repstein@apple.com>

        Cherry-pick r259353. rdar://problem/62978934

    Don't use raw pointers in ShadowRoot.
    https://bugs.webkit.org/show_bug.cgi?id=209843
    <rdar://problem/61069603>
    
    Reviewed by Brent Fulgham.
    
    * dom/Element.cpp:
    (WebCore::Element::addShadowRoot):
    * dom/ShadowRoot.h:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259353 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-04-01  Jer Noble  <jer.noble@apple.com>

            Don't use raw pointers in ShadowRoot.
            https://bugs.webkit.org/show_bug.cgi?id=209843
            <rdar://problem/61069603>

            Reviewed by Brent Fulgham.

            * dom/Element.cpp:
            (WebCore::Element::addShadowRoot):
            * dom/ShadowRoot.h:

2020-05-07  Russell Epstein  <repstein@apple.com>

        Cherry-pick r259348. rdar://problem/62978878

    Notify accessibility when a node is removed from its ancestor.
    https://bugs.webkit.org/show_bug.cgi?id=209819
    
    Reviewed by Chris Fleizach.
    
    Covered by existing tests in LayoutTests/accessibility.
    
    * dom/Node.cpp:
    (WebCore::Node::removedFromAncestor):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259348 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-04-01  Jack Lee  <shihchieh_lee@apple.com>

            Notify accessibility when a node is removed from its ancestor.
            https://bugs.webkit.org/show_bug.cgi?id=209819

            Reviewed by Chris Fleizach.

            Covered by existing tests in LayoutTests/accessibility.

            * dom/Node.cpp:
            (WebCore::Node::removedFromAncestor):

2020-05-07  Russell Epstein  <repstein@apple.com>

        Cherry-pick r257929. rdar://problem/62978899

    In case an activating service worker is terminated, it should go to activated state
    https://bugs.webkit.org/show_bug.cgi?id=208440
    <rdar://problem/59742332>
    
    Reviewed by Chris Dumez.
    
    Source/WebCore:
    
    Covered by updated test.
    
    * workers/service/server/SWServerWorker.cpp:
    (WebCore::SWServerWorker::setState):
    As per spec, if an activated service worker is terminated or its activate event is timing out,
    we should move it to activate state.
    
    LayoutTests:
    
    * http/wpt/service-workers/service-worker-spinning-activate.https.html:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@257929 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-03-05  youenn fablet  <youenn@apple.com>

            In case an activating service worker is terminated, it should go to activated state
            https://bugs.webkit.org/show_bug.cgi?id=208440
            <rdar://problem/59742332>

            Reviewed by Chris Dumez.

            Covered by updated test.

            * workers/service/server/SWServerWorker.cpp:
            (WebCore::SWServerWorker::setState):
            As per spec, if an activated service worker is terminated or its activate event is timing out,
            we should move it to activate state.

2020-05-07  Alan Coon  <alancoon@apple.com>

        Cherry-pick r260480. rdar://problem/62977665

    Cherry-pick r260301. rdar://problem/62083309
    
        [WebGL] Confirm there are no errors when setting up framebuffers
        https://bugs.webkit.org/show_bug.cgi?id=210632
        <rdar://problem/61916680>
    
        Reviewed by Simon Fraser.
    
        We're seeing crashes on macOS inside GraphicsContextGL::reshape().
        Specifically when we submit work at the end of the function via
        glFlush.
    
        At the moment the cause is a mystery, because we should bail out
        before then if the multisample renderbuffer was not complete. In
        the hope that it helps somewhat, add a call to glGetError to double
        check that there isn't anything horribly wrong before we talk to
        the GPU.
    
        * html/canvas/WebGL2RenderingContext.cpp:
        (WebCore::WebGL2RenderingContext::WebGL2RenderingContext): If the underlying
        GCGL context was marked as "LOST" during initialization, skip the rest of our
        initialization.
        * html/canvas/WebGLRenderingContext.cpp: Ditto.
        (WebCore::WebGLRenderingContext::WebGLRenderingContext):
        * html/canvas/WebGLRenderingContextBase.cpp: Ditto.
        (WebCore::WebGLRenderingContextBase::WebGLRenderingContextBase):
    
        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp: Check for a GL error during
        setup and, if there is one, skip directly into a LOST state.
        (WebCore::GraphicsContext3D::reshape):
    
        git-svn-id: https://svn.webkit.org/repository/webkit/trunk@260301 268f45cc-cd09-0410-ab3c-d52691b4dbfc
    
    git-svn-id: https://svn.webkit.org/repository/webkit/branches/safari-609.2.9.1-branch@260480 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-04-21  Alan Coon  <alancoon@apple.com>

            Cherry-pick r260301. rdar://problem/62083309

        [WebGL] Confirm there are no errors when setting up framebuffers
        https://bugs.webkit.org/show_bug.cgi?id=210632
        <rdar://problem/61916680>

        Reviewed by Simon Fraser.

        We're seeing crashes on macOS inside GraphicsContextGL::reshape().
        Specifically when we submit work at the end of the function via
        glFlush.

        At the moment the cause is a mystery, because we should bail out
        before then if the multisample renderbuffer was not complete. In
        the hope that it helps somewhat, add a call to glGetError to double
        check that there isn't anything horribly wrong before we talk to
        the GPU.

        * html/canvas/WebGL2RenderingContext.cpp:
        (WebCore::WebGL2RenderingContext::WebGL2RenderingContext): If the underlying
        GCGL context was marked as "LOST" during initialization, skip the rest of our
        initialization.
        * html/canvas/WebGLRenderingContext.cpp: Ditto.
        (WebCore::WebGLRenderingContext::WebGLRenderingContext):
        * html/canvas/WebGLRenderingContextBase.cpp: Ditto.
        (WebCore::WebGLRenderingContextBase::WebGLRenderingContextBase):

        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp: Check for a GL error during
        setup and, if there is one, skip directly into a LOST state.
        (WebCore::GraphicsContext3D::reshape):

        git-svn-id: https://svn.webkit.org/repository/webkit/trunk@260301 268f45cc-cd09-0410-ab3c-d52691b4dbfc

        2020-04-17  Dean Jackson  <dino@apple.com>

                [WebGL] Confirm there are no errors when setting up framebuffers
                https://bugs.webkit.org/show_bug.cgi?id=210632
                <rdar://problem/61916680>

                Reviewed by Simon Fraser.

                We're seeing crashes on macOS inside GraphicsContextGL::reshape().
                Specifically when we submit work at the end of the function via
                glFlush.

                At the moment the cause is a mystery, because we should bail out
                before then if the multisample renderbuffer was not complete. In
                the hope that it helps somewhat, add a call to glGetError to double
                check that there isn't anything horribly wrong before we talk to
                the GPU.

                * html/canvas/WebGL2RenderingContext.cpp:
                (WebCore::WebGL2RenderingContext::WebGL2RenderingContext): If the underlying
                GCGL context was marked as "LOST" during initialization, skip the rest of our
                initialization.
                * html/canvas/WebGLRenderingContext.cpp: Ditto.
                (WebCore::WebGLRenderingContext::WebGLRenderingContext):
                * html/canvas/WebGLRenderingContextBase.cpp: Ditto.
                (WebCore::WebGLRenderingContextBase::WebGLRenderingContextBase):

                * platform/graphics/angle/GraphicsContextGLANGLE.cpp: Check for a GL error during
                setup and, if there is one, skip directly into a LOST state.
                (WebCore::GraphicsContextGLOpenGL::reshape):
                * platform/graphics/opengl/GraphicsContextGLOpenGLCommon.cpp:
                (WebCore::GraphicsContextGLOpenGL::reshape):

2020-04-12  Alan Coon  <alancoon@apple.com>

        Cherry-pick r259316. rdar://problem/61269751

    IndexedDB: destroy WebIDBServer when session is removed in network process
    https://bugs.webkit.org/show_bug.cgi?id=209606
    <rdar://problem/59310081>
    
    Reviewed by Geoffrey Garen.
    
    Source/WebCore:
    
    Rename immediateCloseForUserDelete to immediateClose as we now use it in destructor of IDBServer to make sure
    everything in database finishes correctly.
    
    * Modules/indexeddb/server/IDBServer.cpp:
    (WebCore::IDBServer::IDBServer::~IDBServer):
    (WebCore::IDBServer::IDBServer::closeAndDeleteDatabasesModifiedSince):
    (WebCore::IDBServer::IDBServer::closeAndDeleteDatabasesForOrigins):
    * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
    (WebCore::IDBServer::UniqueIDBDatabase::immediateClose):
    (WebCore::IDBServer::UniqueIDBDatabase::immediateCloseForUserDelete): Deleted.
    * Modules/indexeddb/server/UniqueIDBDatabase.h:
    
    Source/WebKit:
    
    Tested manually to verify WebIDBServer is removed and its thread ends when session is removed.
    
    * NetworkProcess/IndexedDB/WebIDBServer.cpp:
    (WebKit::WebIDBServer::~WebIDBServer):
    (WebKit::WebIDBServer::addConnection):
    (WebKit::WebIDBServer::removeConnection):
    (WebKit::WebIDBServer::close):
    * NetworkProcess/IndexedDB/WebIDBServer.h:
    * NetworkProcess/NetworkProcess.cpp:
    (WebKit::NetworkProcess::destroySession):
    (WebKit::NetworkProcess::connectionToWebProcessClosed):
    
    Source/WTF:
    
    Add function to kill CrossThreadTaskHandler and make thread finish. Also add a callback to be called before
    thread finishes.
    
    * wtf/CrossThreadTaskHandler.cpp:
    (WTF::CrossThreadTaskHandler::CrossThreadTaskHandler):
    (WTF::CrossThreadTaskHandler::setCompletionCallback):
    (WTF::CrossThreadTaskHandler::kill):
    * wtf/CrossThreadTaskHandler.h:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259316 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-03-31  Sihui Liu  <sihui_liu@apple.com>

            IndexedDB: destroy WebIDBServer when session is removed in network process
            https://bugs.webkit.org/show_bug.cgi?id=209606
            <rdar://problem/59310081>

            Reviewed by Geoffrey Garen.

            Rename immediateCloseForUserDelete to immediateClose as we now use it in destructor of IDBServer to make sure
            everything in database finishes correctly.

            * Modules/indexeddb/server/IDBServer.cpp:
            (WebCore::IDBServer::IDBServer::~IDBServer):
            (WebCore::IDBServer::IDBServer::closeAndDeleteDatabasesModifiedSince):
            (WebCore::IDBServer::IDBServer::closeAndDeleteDatabasesForOrigins):
            * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
            (WebCore::IDBServer::UniqueIDBDatabase::immediateClose):
            (WebCore::IDBServer::UniqueIDBDatabase::immediateCloseForUserDelete): Deleted.
            * Modules/indexeddb/server/UniqueIDBDatabase.h:

2020-04-12  Alan Coon  <alancoon@apple.com>

        Cherry-pick r257901. rdar://problem/61269751

    Remove unused variable m_allUniqueIDBDatabases in IDBServer
    https://bugs.webkit.org/show_bug.cgi?id=208613
    
    Reviewed by Chris Dumez.
    
    * Modules/indexeddb/server/IDBServer.h:
    (WebCore::IDBServer::IDBServer::addDatabase): Deleted.
    (WebCore::IDBServer::IDBServer::removeDatabase): Deleted.
    * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
    (WebCore::IDBServer::UniqueIDBDatabase::UniqueIDBDatabase):
    (WebCore::IDBServer::UniqueIDBDatabase::~UniqueIDBDatabase):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@257901 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-03-04  Sihui Liu  <sihui_liu@apple.com>

            Remove unused variable m_allUniqueIDBDatabases in IDBServer
            https://bugs.webkit.org/show_bug.cgi?id=208613

            Reviewed by Chris Dumez.

            * Modules/indexeddb/server/IDBServer.h:
            (WebCore::IDBServer::IDBServer::addDatabase): Deleted.
            (WebCore::IDBServer::IDBServer::removeDatabase): Deleted.
            * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
            (WebCore::IDBServer::UniqueIDBDatabase::UniqueIDBDatabase):
            (WebCore::IDBServer::UniqueIDBDatabase::~UniqueIDBDatabase):

2020-04-10  Alan Coon  <alancoon@apple.com>

        Cherry-pick r259830. rdar://problem/61596886

    REGRESSION: CSS animations inside an embedded SVG image do not animate
    https://bugs.webkit.org/show_bug.cgi?id=209370
    
    Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2020-04-09
    Reviewed by Simon Fraser.
    
    Source/WebCore:
    
    If WebAnimation is enabled and the SVGImage includes CSS animations, the
    DocumentTimeline is added to the SVGDocument of the embedded SVGImage.
    Because the SVGImage has its own Page the RenderingUpdate is scheduled
    and the updateRendering steps run in this Page.
    
    The Page of the SVGImage is inactive such that scheduling RenderingUpdate
    fails; therefore the updateRendering steps never run and the CSS animation
    never advances.
    
    The fix is:
    
    1) Scheduling the RenderingUpdate: This has to happen in the Page which
       contains the renderer of the SVGImage. Because DocumentTimeline is
       added to SVGDocument, this scheduling will go through these hubs:
            - DocumentTimeline
            - Page
            - ChromeClient -> SVGImageChromeClient
            - SVGImage
            - ImageObserver -> CachedImageObserver
            - CachedImage
            - CachedImageClient -> RenderElement
            - Page
    
    2) Running the updateRendering steps: Each document in the Page will
       enumerate its cached SVGImages. The updateRendering of the Page of
       each SVGImage will be called.
    
    To make enumerating the cached SVGImages of a Document faster, the URL
    of the cached SVGImage will be added to the cachedSVGImagesURLs of
    CachedResourceLoader when notifyFinished() is called for associated
    CachedImage.
    
    Tests: svg/animations/css-animation-background-svg.html
           svg/animations/css-animation-embedded-svg.html
           svg/animations/css-animation-hover-svg.html
    
    * animation/DocumentTimeline.cpp:
    (WebCore::DocumentTimeline::scheduleAnimationResolution):
    (WebCore::DocumentTimeline::updateAnimationsAndSendEvents):
    * html/ImageBitmap.cpp:
    * loader/cache/CachedImage.cpp:
    (WebCore::CachedImage::hasSVGImage const):
    (WebCore::CachedImage::CachedImageObserver::scheduleTimedRenderingUpdate):
    (WebCore::CachedImage::scheduleTimedRenderingUpdate):
    * loader/cache/CachedImage.h:
    * loader/cache/CachedImageClient.h:
    (WebCore::CachedImageClient::scheduleTimedRenderingUpdate):
    * loader/cache/CachedResourceLoader.cpp:
    (WebCore::isSVGImageCachedResource):
    (WebCore::cachedResourceSVGImage):
    (WebCore::CachedResourceLoader::notifyFinished):
    (WebCore:: const):
    * loader/cache/CachedResourceLoader.h:
    * page/ChromeClient.h:
    (WebCore::ChromeClient::scheduleTimedRenderingUpdate):
    * page/Page.cpp:
    (WebCore::Page::scheduleTimedRenderingUpdate):
    (WebCore::Page::updateRendering):
    * page/Page.h:
    * platform/graphics/ImageObserver.h:
    * rendering/RenderElement.cpp:
    (WebCore::RenderElement::notifyFinished):
    (WebCore::RenderElement::scheduleTimedRenderingUpdate):
    * rendering/RenderElement.h:
    * rendering/RenderImage.cpp:
    (WebCore::RenderImage::notifyFinished):
    * svg/graphics/SVGImage.h:
    * svg/graphics/SVGImageClients.h:
    
    LayoutTests:
    
    * svg/animations/css-animation-background-svg-expected.html: Added.
    * svg/animations/css-animation-background-svg.html: Added.
    * svg/animations/css-animation-embedded-svg-expected.html: Added.
    * svg/animations/css-animation-embedded-svg.html: Added.
    * svg/animations/css-animation-hover-svg-expected.html: Added.
    * svg/animations/css-animation-hover-svg.html: Added.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259830 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-04-09  Said Abou-Hallawa  <sabouhallawa@apple.com>

            REGRESSION: CSS animations inside an embedded SVG image do not animate
            https://bugs.webkit.org/show_bug.cgi?id=209370

            Reviewed by Simon Fraser.

            If WebAnimation is enabled and the SVGImage includes CSS animations, the
            DocumentTimeline is added to the SVGDocument of the embedded SVGImage.
            Because the SVGImage has its own Page the RenderingUpdate is scheduled
            and the updateRendering steps run in this Page.

            The Page of the SVGImage is inactive such that scheduling RenderingUpdate
            fails; therefore the updateRendering steps never run and the CSS animation
            never advances.

            The fix is:

            1) Scheduling the RenderingUpdate: This has to happen in the Page which
               contains the renderer of the SVGImage. Because DocumentTimeline is
               added to SVGDocument, this scheduling will go through these hubs:
                    - DocumentTimeline
                    - Page
                    - ChromeClient -> SVGImageChromeClient
                    - SVGImage
                    - ImageObserver -> CachedImageObserver
                    - CachedImage
                    - CachedImageClient -> RenderElement
                    - Page

            2) Running the updateRendering steps: Each document in the Page will
               enumerate its cached SVGImages. The updateRendering of the Page of
               each SVGImage will be called.

            To make enumerating the cached SVGImages of a Document faster, the URL
            of the cached SVGImage will be added to the cachedSVGImagesURLs of
            CachedResourceLoader when notifyFinished() is called for associated
            CachedImage.

            Tests: svg/animations/css-animation-background-svg.html
                   svg/animations/css-animation-embedded-svg.html
                   svg/animations/css-animation-hover-svg.html

            * animation/DocumentTimeline.cpp:
            (WebCore::DocumentTimeline::scheduleAnimationResolution):
            (WebCore::DocumentTimeline::updateAnimationsAndSendEvents):
            * html/ImageBitmap.cpp:
            * loader/cache/CachedImage.cpp:
            (WebCore::CachedImage::hasSVGImage const):
            (WebCore::CachedImage::CachedImageObserver::scheduleTimedRenderingUpdate):
            (WebCore::CachedImage::scheduleTimedRenderingUpdate):
            * loader/cache/CachedImage.h:
            * loader/cache/CachedImageClient.h:
            (WebCore::CachedImageClient::scheduleTimedRenderingUpdate):
            * loader/cache/CachedResourceLoader.cpp:
            (WebCore::isSVGImageCachedResource):
            (WebCore::cachedResourceSVGImage):
            (WebCore::CachedResourceLoader::notifyFinished):
            (WebCore:: const):
            * loader/cache/CachedResourceLoader.h:
            * page/ChromeClient.h:
            (WebCore::ChromeClient::scheduleTimedRenderingUpdate):
            * page/Page.cpp:
            (WebCore::Page::scheduleTimedRenderingUpdate):
            (WebCore::Page::updateRendering):
            * page/Page.h:
            * platform/graphics/ImageObserver.h:
            * rendering/RenderElement.cpp:
            (WebCore::RenderElement::notifyFinished):
            (WebCore::RenderElement::scheduleTimedRenderingUpdate):
            * rendering/RenderElement.h:
            * rendering/RenderImage.cpp:
            (WebCore::RenderImage::notifyFinished):
            * svg/graphics/SVGImage.h:
            * svg/graphics/SVGImageClients.h:

2020-04-10  Alan Coon  <alancoon@apple.com>

        Cherry-pick r259829. rdar://problem/61596883

    Remove legacy X-WebKit-CSP header support
    https://bugs.webkit.org/show_bug.cgi?id=210256
    Source/WebCore:
    
    <rdar://problem/60634363>
    
    Reviewed by Geoffrey Garen.
    
    Supporting this header is causes compatibly issues for some sites
    and they appear to be misconfigured. Additionally, no other
    browser has supported these headers in many years. This patch
    removes all support for the legacy X-WebKit-CSP header.
    
    * dom/Document.cpp:
    (WebCore::Document::processHttpEquiv):
    * page/csp/ContentSecurityPolicyDirectiveList.cpp:
    (WebCore::ContentSecurityPolicyDirectiveList::ContentSecurityPolicyDirectiveList):
    * page/csp/ContentSecurityPolicyResponseHeaders.cpp:
    (WebCore::ContentSecurityPolicyResponseHeaders::ContentSecurityPolicyResponseHeaders):
    * page/csp/ContentSecurityPolicyResponseHeaders.h:
    * platform/network/HTTPHeaderNames.in:
    * platform/network/ResourceResponseBase.cpp:
    (WebCore::isSafeCrossOriginResponseHeader):
    
    LayoutTests:
    
    Reviewed by Geoffrey Garen.
    
    Fix tests so they ensure we don't respect legacy CSP headers anymore.
    
    * http/tests/security/contentSecurityPolicy/1.1/form-action-src-blocked-expected.txt:
    * http/tests/security/contentSecurityPolicy/1.1/form-action-src-blocked.html:
    * http/tests/security/contentSecurityPolicy/1.1/form-action-src-get-blocked-expected.txt:
    * http/tests/security/contentSecurityPolicy/1.1/form-action-src-get-blocked.html:
    * http/tests/security/contentSecurityPolicy/1.1/form-action-src-javascript-blocked-expected.txt:
    * http/tests/security/contentSecurityPolicy/1.1/form-action-src-javascript-blocked.html:
    * http/tests/security/contentSecurityPolicy/1.1/form-action-src-redirect-blocked-expected.txt:
    * http/tests/security/contentSecurityPolicy/1.1/form-action-src-redirect-blocked.html:
    * http/tests/security/contentSecurityPolicy/1.1/module-scriptnonce-blocked-expected.txt:
    * http/tests/security/contentSecurityPolicy/1.1/module-scriptnonce-blocked.html:
    * http/tests/security/contentSecurityPolicy/1.1/module-scriptnonce-invalidnonce-expected.txt:
    * http/tests/security/contentSecurityPolicy/1.1/module-scriptnonce-invalidnonce.html:
    * http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy-expected.txt:
    * http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy.php:
    * http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy-expected.txt:
    * http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php:
    * http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2-expected.txt:
    * http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php:
    * http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy-expected.txt:
    * http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php:
    * http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2-expected.txt:
    * http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php:
    * http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy-expected.txt:
    * http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php:
    * http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2-expected.txt:
    * http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php:
    * http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy-expected.txt:
    * http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php:
    * http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2-expected.txt:
    * http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php:
    * http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-expected.txt:
    * http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked.html:
    * http/tests/security/contentSecurityPolicy/1.1/scriptnonce-invalidnonce-expected.txt:
    * http/tests/security/contentSecurityPolicy/1.1/scriptnonce-invalidnonce.html:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259829 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-04-09  Keith Miller  <keith_miller@apple.com>

            Remove legacy X-WebKit-CSP header support
            https://bugs.webkit.org/show_bug.cgi?id=210256
            <rdar://problem/60634363>

            Reviewed by Geoffrey Garen.

            Supporting this header is causes compatibly issues for some sites
            and they appear to be misconfigured. Additionally, no other
            browser has supported these headers in many years. This patch
            removes all support for the legacy X-WebKit-CSP header.

            * dom/Document.cpp:
            (WebCore::Document::processHttpEquiv):
            * page/csp/ContentSecurityPolicyDirectiveList.cpp:
            (WebCore::ContentSecurityPolicyDirectiveList::ContentSecurityPolicyDirectiveList):
            * page/csp/ContentSecurityPolicyResponseHeaders.cpp:
            (WebCore::ContentSecurityPolicyResponseHeaders::ContentSecurityPolicyResponseHeaders):
            * page/csp/ContentSecurityPolicyResponseHeaders.h:
            * platform/network/HTTPHeaderNames.in:
            * platform/network/ResourceResponseBase.cpp:
            (WebCore::isSafeCrossOriginResponseHeader):

2020-04-10  Alan Coon  <alancoon@apple.com>

        Cherry-pick r259798. rdar://problem/61596876

    Use more WeakPtr in RenderTreeBuilder::FirstLetter
    https://bugs.webkit.org/show_bug.cgi?id=210251
    <rdar://problem/61180381>
    
    Reviewed by Zalan Bujtas.
    
    For safety.
    
    * rendering/updating/RenderTreeBuilderFirstLetter.cpp:
    (WebCore::RenderTreeBuilder::FirstLetter::createRenderers):
    
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259798 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-04-09  Antti Koivisto  <antti@apple.com>

            Use more WeakPtr in RenderTreeBuilder::FirstLetter
            https://bugs.webkit.org/show_bug.cgi?id=210251
            <rdar://problem/61180381>

            Reviewed by Zalan Bujtas.

            For safety.

            * rendering/updating/RenderTreeBuilderFirstLetter.cpp:
            (WebCore::RenderTreeBuilder::FirstLetter::createRenderers):

2020-04-09  Alan Coon  <alancoon@apple.com>

        Revert r259689. rdar://problem/61269751

2020-04-07  Russell Epstein  <repstein@apple.com>

        Cherry-pick r259388. rdar://problem/61269730

    [iOS] Allow WebKit to use camera in multi-tasking mode
    https://bugs.webkit.org/show_bug.cgi?id=209904
    
    Reviewed by Youenn Fablet.
    
    Source/WebCore:
    
    * platform/mediastream/mac/AVVideoCaptureSource.mm:
    (WebCore::AVVideoCaptureSource::setupSession):
    
    Source/WebCore/PAL:
    
    * pal/cocoa/AVFoundationSoftLink.h:
    * pal/cocoa/AVFoundationSoftLink.mm:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259388 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-04-02  Eric Carlson  <eric.carlson@apple.com>

            [iOS] Allow WebKit to use camera in multi-tasking mode
            https://bugs.webkit.org/show_bug.cgi?id=209904

            Reviewed by Youenn Fablet.

            * platform/mediastream/mac/AVVideoCaptureSource.mm:
            (WebCore::AVVideoCaptureSource::setupSession):

2020-04-07  Russell Epstein  <repstein@apple.com>

        Cherry-pick r259363. rdar://problem/61269736

    CRASH in MediaPlayerPrivateMediaSourceAVFObjC::addAudioRenderer(), uncaught ObjC exception
    https://bugs.webkit.org/show_bug.cgi?id=209827
    <rdar://problem/61113080>
    
    Reviewed by Eric Carlson.
    
    -[AVSampleBufferAudioRenderer init] can, in exceptional conditions, return nil. Passing a
    nil object, or another object that AVSampleBufferRenderSynchronizer considers "invalid", into
    -[AVSampleBufferRenderSynchronizer addRenderer:] will throw an exception. Protect against this
    scenario in two ways:
    
    - Check the return value of -[AVSampleBufferAudioRenderer init], and if nil, log an error,
      log to console, and set the network state to "DecodeError".
    - Wrap calls to -addRenderer: in @try/@catch blocks, which if caught, log an error, assert,
      and set the network state to "DecodeError".
    
    * Modules/mediasource/MediaSource.cpp:
    (WebCore::MediaSource::failedToCreateRenderer):
    * Modules/mediasource/MediaSource.h:
    * platform/graphics/MediaSourcePrivateClient.h:
    * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
    (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::ensureLayer):
    * platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.h:
    * platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.mm:
    (WebCore::MediaSourcePrivateAVFObjC::failedToCreateAudioRenderer):
    (WebCore::MediaSourcePrivateAVFObjC::failedToCreateVideoRenderer):
    * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
    (WebCore::SourceBufferPrivateAVFObjC::trackDidChangeEnabled):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259363 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-04-01  Jer Noble  <jer.noble@apple.com>

            CRASH in MediaPlayerPrivateMediaSourceAVFObjC::addAudioRenderer(), uncaught ObjC exception
            https://bugs.webkit.org/show_bug.cgi?id=209827
            <rdar://problem/61113080>

            Reviewed by Eric Carlson.

            -[AVSampleBufferAudioRenderer init] can, in exceptional conditions, return nil. Passing a
            nil object, or another object that AVSampleBufferRenderSynchronizer considers "invalid", into
            -[AVSampleBufferRenderSynchronizer addRenderer:] will throw an exception. Protect against this
            scenario in two ways:

            - Check the return value of -[AVSampleBufferAudioRenderer init], and if nil, log an error,
              log to console, and set the network state to "DecodeError".
            - Wrap calls to -addRenderer: in @try/@catch blocks, which if caught, log an error, assert,
              and set the network state to "DecodeError".

            * Modules/mediasource/MediaSource.cpp:
            (WebCore::MediaSource::failedToCreateRenderer):
            * Modules/mediasource/MediaSource.h:
            * platform/graphics/MediaSourcePrivateClient.h:
            * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
            (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::ensureLayer):
            * platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.h:
            * platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.mm:
            (WebCore::MediaSourcePrivateAVFObjC::failedToCreateAudioRenderer):
            (WebCore::MediaSourcePrivateAVFObjC::failedToCreateVideoRenderer):
            * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
            (WebCore::SourceBufferPrivateAVFObjC::trackDidChangeEnabled):

2020-04-07  Russell Epstein  <repstein@apple.com>

        Cherry-pick r259338. rdar://problem/61269727

    Support resolution of IPv6 STUN/TURN addresses
    https://bugs.webkit.org/show_bug.cgi?id=209808
    
    Reviewed by Eric Carlson.
    
    Source/WebCore:
    
    Add family access to IPAddress to support both IPv4 and IPv6.
    Store IPAddress internal value as IPv6 and cast them to IPv4 on demand.
    
    * platform/network/DNS.h:
    * platform/network/soup/DNSResolveQueueSoup.cpp:
    (WebCore::resolvedWithObserverCallback):
    
    Source/WebKit:
    
    Update code to support IPv6 addresses when doing DNS resolution of TURN/STUN servers.
    Refactor code to share more code between Cocoa ports and non Cocoa ports.
    Manually tested with external IPv6 TURN servers.
    
    * NetworkProcess/webrtc/NetworkRTCProvider.cpp:
    (WebKit::NetworkRTCProvider::createResolver):
    * NetworkProcess/webrtc/NetworkRTCResolverCocoa.cpp:
    (WebKit::resolvedName):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259338 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-04-01  youenn fablet  <youenn@apple.com>

            Support resolution of IPv6 STUN/TURN addresses
            https://bugs.webkit.org/show_bug.cgi?id=209808

            Reviewed by Eric Carlson.

            Add family access to IPAddress to support both IPv4 and IPv6.
            Store IPAddress internal value as IPv6 and cast them to IPv4 on demand.

            * platform/network/DNS.h:
            * platform/network/soup/DNSResolveQueueSoup.cpp:
            (WebCore::resolvedWithObserverCallback):

2020-04-07  Russell Epstein  <repstein@apple.com>

        Cherry-pick r259316. rdar://problem/61269751

    IndexedDB: destroy WebIDBServer when session is removed in network process
    https://bugs.webkit.org/show_bug.cgi?id=209606
    <rdar://problem/59310081>
    
    Reviewed by Geoffrey Garen.
    
    Source/WebCore:
    
    Rename immediateCloseForUserDelete to immediateClose as we now use it in destructor of IDBServer to make sure
    everything in database finishes correctly.
    
    * Modules/indexeddb/server/IDBServer.cpp:
    (WebCore::IDBServer::IDBServer::~IDBServer):
    (WebCore::IDBServer::IDBServer::closeAndDeleteDatabasesModifiedSince):
    (WebCore::IDBServer::IDBServer::closeAndDeleteDatabasesForOrigins):
    * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
    (WebCore::IDBServer::UniqueIDBDatabase::immediateClose):
    (WebCore::IDBServer::UniqueIDBDatabase::immediateCloseForUserDelete): Deleted.
    * Modules/indexeddb/server/UniqueIDBDatabase.h:
    
    Source/WebKit:
    
    Tested manually to verify WebIDBServer is removed and its thread ends when session is removed.
    
    * NetworkProcess/IndexedDB/WebIDBServer.cpp:
    (WebKit::WebIDBServer::~WebIDBServer):
    (WebKit::WebIDBServer::addConnection):
    (WebKit::WebIDBServer::removeConnection):
    (WebKit::WebIDBServer::close):
    * NetworkProcess/IndexedDB/WebIDBServer.h:
    * NetworkProcess/NetworkProcess.cpp:
    (WebKit::NetworkProcess::destroySession):
    (WebKit::NetworkProcess::connectionToWebProcessClosed):
    
    Source/WTF:
    
    Add function to kill CrossThreadTaskHandler and make thread finish. Also add a callback to be called before
    thread finishes.
    
    * wtf/CrossThreadTaskHandler.cpp:
    (WTF::CrossThreadTaskHandler::CrossThreadTaskHandler):
    (WTF::CrossThreadTaskHandler::setCompletionCallback):
    (WTF::CrossThreadTaskHandler::kill):
    * wtf/CrossThreadTaskHandler.h:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259316 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-03-31  Sihui Liu  <sihui_liu@apple.com>

            IndexedDB: destroy WebIDBServer when session is removed in network process
            https://bugs.webkit.org/show_bug.cgi?id=209606
            <rdar://problem/59310081>

            Reviewed by Geoffrey Garen.

            Rename immediateCloseForUserDelete to immediateClose as we now use it in destructor of IDBServer to make sure
            everything in database finishes correctly.

            * Modules/indexeddb/server/IDBServer.cpp:
            (WebCore::IDBServer::IDBServer::~IDBServer):
            (WebCore::IDBServer::IDBServer::closeAndDeleteDatabasesModifiedSince):
            (WebCore::IDBServer::IDBServer::closeAndDeleteDatabasesForOrigins):
            * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
            (WebCore::IDBServer::UniqueIDBDatabase::immediateClose):
            (WebCore::IDBServer::UniqueIDBDatabase::immediateCloseForUserDelete): Deleted.
            * Modules/indexeddb/server/UniqueIDBDatabase.h:

2020-04-06  Alan Coon  <alancoon@apple.com>

        Cherry-pick r259538. rdar://problem/61352452

    Additional sanity checks in compareAnimationsByCompositeOrder()
    https://bugs.webkit.org/show_bug.cgi?id=209996
    
    Reviewed by Geoffrey Garen.
    
    compareAnimationsByCompositeOrder() is used by std::sort() which requires strict weak ordering.
    This adds additional checks to ensure strict weak ordering is maintained, first by ensuring
    the transitionProperty string is different before returning that comparison, then by only using
    if the animation is a CSSTransition or CSSAnimation if the left hand and right hand sides differ.
    This should leave all remaining cases to sort by the global animation list.
    
    No new tests; this should be covered by existing tests and should not change functionality
    otherwise.
    
    * animation/WebAnimationUtilities.cpp:
    (WebCore::compareAnimationsByCompositeOrder):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259538 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-04-04  Doug Kelly  <dougk@apple.com>

            Additional sanity checks in compareAnimationsByCompositeOrder()
            https://bugs.webkit.org/show_bug.cgi?id=209996

            Reviewed by Geoffrey Garen.

            compareAnimationsByCompositeOrder() is used by std::sort() which requires strict weak ordering.
            This adds additional checks to ensure strict weak ordering is maintained, first by ensuring
            the transitionProperty string is different before returning that comparison, then by only using
            if the animation is a CSSTransition or CSSAnimation if the left hand and right hand sides differ.
            This should leave all remaining cases to sort by the global animation list.

            No new tests; this should be covered by existing tests and should not change functionality
            otherwise.

            * animation/WebAnimationUtilities.cpp:
            (WebCore::compareAnimationsByCompositeOrder):

2020-04-06  Alan Coon  <alancoon@apple.com>

        Cherry-pick r259519. rdar://problem/61352446

    ASSERTION FAILED: objectStoreInfo in SQLiteIDBBackingStore::getRecord
    https://bugs.webkit.org/show_bug.cgi?id=209976
    <rdar://problem/55005363>
    
    Reviewed by Geoffrey Garen.
    
    Return error if objectStoreInfo is null in SQLiteIDBBackingStore::getRecord, because there is a possibility
    SQLiteIDBBackingStore does not have requested objectStoreInfo.
    
    * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
    (WebCore::IDBServer::SQLiteIDBBackingStore::getRecord):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259519 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-04-03  Sihui Liu  <sihui_liu@apple.com>

            ASSERTION FAILED: objectStoreInfo in SQLiteIDBBackingStore::getRecord
            https://bugs.webkit.org/show_bug.cgi?id=209976
            <rdar://problem/55005363>

            Reviewed by Geoffrey Garen.

            Return error if objectStoreInfo is null in SQLiteIDBBackingStore::getRecord, because there is a possibility
            SQLiteIDBBackingStore does not have requested objectStoreInfo.

            * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
            (WebCore::IDBServer::SQLiteIDBBackingStore::getRecord):

2020-04-06  Alan Coon  <alancoon@apple.com>

        Cherry-pick r259315. rdar://problem/61352448

    Regression(r253357) DeviceMotionEvent acceleration and rotationRate are null
    https://bugs.webkit.org/show_bug.cgi?id=209831
    <rdar://problem/60720953>
    
    Reviewed by Darin Adler.
    
    Source/WebCore:
    
    The issue was that DeviceMotionClientIOS::motionChanged() would only initialize the
    acceleration and rotationRate if [m_motionManager gyroAvailable] returned YES. After
    r253357, m_motionManager is nil because we get motion data from the UIProcess so
    [m_motionManager gyroAvailable] would always resolve to NO.
    
    To address the issue, I made the rotationRate parameters to motionChanged() optional
    and we rely on them being set to know if gyro data is available. Note that I did not
    make the acceleration optional because according to [1], all devices have an
    accelerometer.
    
    [1] https://developer.apple.com/documentation/coremotion/cmmotionmanager/1616094-devicemotionavailable?language=objc
    
    * platform/ios/DeviceMotionClientIOS.h:
    * platform/ios/DeviceMotionClientIOS.mm:
    (WebCore::DeviceMotionClientIOS::motionChanged):
    * platform/ios/DeviceOrientationUpdateProvider.h:
    * platform/ios/MotionManagerClient.h:
    (WebCore::MotionManagerClient::motionChanged):
    * platform/ios/WebCoreMotionManager.mm:
    (-[WebCoreMotionManager sendAccelerometerData:]):
    
    Source/WebKit:
    
    * UIProcess/ios/WebDeviceOrientationUpdateProviderProxy.h:
    * UIProcess/ios/WebDeviceOrientationUpdateProviderProxy.mm:
    (WebKit::WebDeviceOrientationUpdateProviderProxy::motionChanged):
    * WebProcess/WebCoreSupport/WebDeviceOrientationUpdateProvider.cpp:
    (WebKit::WebDeviceOrientationUpdateProvider::deviceMotionChanged):
    * WebProcess/WebCoreSupport/WebDeviceOrientationUpdateProvider.h:
    * WebProcess/WebCoreSupport/WebDeviceOrientationUpdateProvider.messages.in:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259315 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-03-31  Chris Dumez  <cdumez@apple.com>

            Regression(r253357) DeviceMotionEvent acceleration and rotationRate are null
            https://bugs.webkit.org/show_bug.cgi?id=209831
            <rdar://problem/60720953>

            Reviewed by Darin Adler.

            The issue was that DeviceMotionClientIOS::motionChanged() would only initialize the
            acceleration and rotationRate if [m_motionManager gyroAvailable] returned YES. After
            r253357, m_motionManager is nil because we get motion data from the UIProcess so
            [m_motionManager gyroAvailable] would always resolve to NO.

            To address the issue, I made the rotationRate parameters to motionChanged() optional
            and we rely on them being set to know if gyro data is available. Note that I did not
            make the acceleration optional because according to [1], all devices have an
            accelerometer.

            [1] https://developer.apple.com/documentation/coremotion/cmmotionmanager/1616094-devicemotionavailable?language=objc

            * platform/ios/DeviceMotionClientIOS.h:
            * platform/ios/DeviceMotionClientIOS.mm:
            (WebCore::DeviceMotionClientIOS::motionChanged):
            * platform/ios/DeviceOrientationUpdateProvider.h:
            * platform/ios/MotionManagerClient.h:
            (WebCore::MotionManagerClient::motionChanged):
            * platform/ios/WebCoreMotionManager.mm:
            (-[WebCoreMotionManager sendAccelerometerData:]):

2020-04-06  Alan Coon  <alancoon@apple.com>

        Cherry-pick r258434. rdar://problem/61352465

    Safari sometimes crashes when switch video into PiP mode
    https://bugs.webkit.org/show_bug.cgi?id=208904
    
    Reviewed by Simon Fraser.
    
    With this patch, MediaControlTextTrackContainerElement won't paint its subtree
    to an image buffer (for the captions in video fullscreen or picture-in-picture mode)
    when the cues are updated. Instead, it only sets the flag m_needsGenerateTextTrackRepresentation
    to true after running layout based on the new cues. After that, it paints its subtree
    to an image buffer if needed at the end of Page::updateRendering() when the layout is clean.
    TextTrackRepresentationCocoa will use the image buffer to set the content of the layer
    for captions in video fullscreen or picture-in-picture mode.
    
    MediaControlTextTrackContainerElement class is responsible for rendering the captions in both:
    1) a video player in the inline mode.
    2) a video player in "video fullscreen" or picture-in-picture mode.
    This patch refactors some functions to make their responsibilities clear.
    
    * Modules/mediacontrols/MediaControlsHost.cpp:
    (WebCore::MediaControlsHost::updateTextTrackRepresentationImageIfNeeded):
    * Modules/mediacontrols/MediaControlsHost.h:
    * dom/Document.cpp:
    (WebCore::Document::setMediaElementShowingTextTrack):
    (WebCore::Document::clearMediaElementShowingTextTrack):
    (WebCore::Document::updateTextTrackRepresentationImageIfNeeded):
    * dom/Document.h:
    
    Functions textTracksAreReady(), textTrackReadyStateChanged() and configureTextTrackDisplay()
    should be wrapped with "#if ENABLE(VIDEO_TRACK)".
    * html/HTMLMediaElement.cpp:
    (WebCore::HTMLMediaElement::setTextTrackRepresentation):
    (WebCore::HTMLMediaElement::textTracksAreReady const):
    (WebCore::HTMLMediaElement::textTrackReadyStateChanged):
    (WebCore::HTMLMediaElement::configureTextTrackDisplay):
    (WebCore::HTMLMediaElement::updateTextTrackRepresentationImageIfNeeded):
    * html/HTMLMediaElement.h:
    
    * html/shadow/MediaControlElements.cpp:
    (WebCore::MediaControlTextTrackContainerElement::createElementRenderer):
    (WebCore::MediaControlTextTrackContainerElement::updateDisplay):
    (WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentationImageIfNeeded):
    (WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentationIfNeeded):
    (WebCore::MediaControlTextTrackContainerElement::clearTextTrackRepresentation):
    (WebCore::MediaControlTextTrackContainerElement::updateTextTrackStyle):
    (WebCore::MediaControlTextTrackContainerElement::enteredFullscreen):
    (WebCore::MediaControlTextTrackContainerElement::updateVideoDisplaySize):
    (WebCore::MediaControlTextTrackContainerElement::updateSizes):
    (WebCore::MediaControlTextTrackContainerElement::createTextTrackRepresentationImage):
    (WebCore::MediaControlTextTrackContainerElement::textTrackRepresentationBoundsChanged):
    (WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentation): Deleted.
    (WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentationStyle): Deleted.
    (WebCore::MediaControlTextTrackContainerElement::layoutIfNecessary): Deleted.
    (WebCore::MediaControlTextTrackContainerElement::updateCueStyles): Deleted.
    * html/shadow/MediaControlElements.h:
    * html/shadow/MediaControls.cpp:
    (WebCore::MediaControls::updateTextTrackRepresentationImageIfNeeded):
    * html/shadow/MediaControls.h:
    * page/Page.cpp:
    (WebCore::Page::updateRendering):
    * rendering/RenderMediaControlElements.cpp:
    (WebCore::RenderMediaControlTextTrackContainer::RenderMediaControlTextTrackContainer):
    (WebCore::RenderMediaControlTextTrackContainer::layout):
    (WebCore::RenderTextTrackContainerElement::RenderTextTrackContainerElement): Deleted.
    (WebCore::RenderTextTrackContainerElement::layout): Deleted.
    * rendering/RenderMediaControlElements.h:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258434 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-03-13  Peng Liu  <peng.liu6@apple.com>

            Safari sometimes crashes when switch video into PiP mode
            https://bugs.webkit.org/show_bug.cgi?id=208904

            Reviewed by Simon Fraser.

            With this patch, MediaControlTextTrackContainerElement won't paint its subtree
            to an image buffer (for the captions in video fullscreen or picture-in-picture mode)
            when the cues are updated. Instead, it only sets the flag m_needsGenerateTextTrackRepresentation
            to true after running layout based on the new cues. After that, it paints its subtree
            to an image buffer if needed at the end of Page::updateRendering() when the layout is clean.
            TextTrackRepresentationCocoa will use the image buffer to set the content of the layer
            for captions in video fullscreen or picture-in-picture mode.

            MediaControlTextTrackContainerElement class is responsible for rendering the captions in both:
            1) a video player in the inline mode.
            2) a video player in "video fullscreen" or picture-in-picture mode.
            This patch refactors some functions to make their responsibilities clear.

            * Modules/mediacontrols/MediaControlsHost.cpp:
            (WebCore::MediaControlsHost::updateTextTrackRepresentationImageIfNeeded):
            * Modules/mediacontrols/MediaControlsHost.h:
            * dom/Document.cpp:
            (WebCore::Document::setMediaElementShowingTextTrack):
            (WebCore::Document::clearMediaElementShowingTextTrack):
            (WebCore::Document::updateTextTrackRepresentationImageIfNeeded):
            * dom/Document.h:

            Functions textTracksAreReady(), textTrackReadyStateChanged() and configureTextTrackDisplay()
            should be wrapped with "#if ENABLE(VIDEO_TRACK)".
            * html/HTMLMediaElement.cpp:
            (WebCore::HTMLMediaElement::setTextTrackRepresentation):
            (WebCore::HTMLMediaElement::textTracksAreReady const):
            (WebCore::HTMLMediaElement::textTrackReadyStateChanged):
            (WebCore::HTMLMediaElement::configureTextTrackDisplay):
            (WebCore::HTMLMediaElement::updateTextTrackRepresentationImageIfNeeded):
            * html/HTMLMediaElement.h:

            * html/shadow/MediaControlElements.cpp:
            (WebCore::MediaControlTextTrackContainerElement::createElementRenderer):
            (WebCore::MediaControlTextTrackContainerElement::updateDisplay):
            (WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentationImageIfNeeded):
            (WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentationIfNeeded):
            (WebCore::MediaControlTextTrackContainerElement::clearTextTrackRepresentation):
            (WebCore::MediaControlTextTrackContainerElement::updateTextTrackStyle):
            (WebCore::MediaControlTextTrackContainerElement::enteredFullscreen):
            (WebCore::MediaControlTextTrackContainerElement::updateVideoDisplaySize):
            (WebCore::MediaControlTextTrackContainerElement::updateSizes):
            (WebCore::MediaControlTextTrackContainerElement::createTextTrackRepresentationImage):
            (WebCore::MediaControlTextTrackContainerElement::textTrackRepresentationBoundsChanged):
            (WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentation): Deleted.
            (WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentationStyle): Deleted.
            (WebCore::MediaControlTextTrackContainerElement::layoutIfNecessary): Deleted.
            (WebCore::MediaControlTextTrackContainerElement::updateCueStyles): Deleted.
            * html/shadow/MediaControlElements.h:
            * html/shadow/MediaControls.cpp:
            (WebCore::MediaControls::updateTextTrackRepresentationImageIfNeeded):
            * html/shadow/MediaControls.h:
            * page/Page.cpp:
            (WebCore::Page::updateRendering):
            * rendering/RenderMediaControlElements.cpp:
            (WebCore::RenderMediaControlTextTrackContainer::RenderMediaControlTextTrackContainer):
            (WebCore::RenderMediaControlTextTrackContainer::layout):
            (WebCore::RenderTextTrackContainerElement::RenderTextTrackContainerElement): Deleted.
            (WebCore::RenderTextTrackContainerElement::layout): Deleted.
            * rendering/RenderMediaControlElements.h:

2020-04-03  Alan Coon  <alancoon@apple.com>

        Cherry-pick r259378. rdar://problem/61269720

    Crash in WebCore::HTMLDocumentParser::insert
    https://bugs.webkit.org/show_bug.cgi?id=209892
    
    Reviewed by Darin Adler.
    
    Speculative fix to check that the parser hasn't been detached before running preload scanner.
    
    No new tests since there is no reproduction and I couldn't come up with one.
    
    * html/parser/HTMLDocumentParser.cpp:
    (WebCore::HTMLDocumentParser::pumpTokenizer):
    (WebCore::HTMLDocumentParser::insert):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259378 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-04-01  Ryosuke Niwa  <rniwa@webkit.org>

            Crash in WebCore::HTMLDocumentParser::insert
            https://bugs.webkit.org/show_bug.cgi?id=209892

            Reviewed by Darin Adler.

            Speculative fix to check that the parser hasn't been detached before running preload scanner.

            No new tests since there is no reproduction and I couldn't come up with one.

            * html/parser/HTMLDocumentParser.cpp:
            (WebCore::HTMLDocumentParser::pumpTokenizer):
            (WebCore::HTMLDocumentParser::insert):

2020-04-03  Alan Coon  <alancoon@apple.com>

        Cherry-pick r259355. rdar://problem/61269744

    Bindings that override getOwnPropertySlotByIndex need to say they MayHaveIndexedAccessors
    https://bugs.webkit.org/show_bug.cgi?id=209762
    
    Reviewed by Darin Adler.
    
    Source/JavaScriptCore:
    
    Change indexingType to indexingModeIncludingHistory to more
    clearly indicate the expected range of possible valid values.
    
    * runtime/StructureInlines.h:
    (JSC::Structure::create):
    
    Source/WebCore:
    
    There may be places where we rely on this for semantic
    correctness. I couldn't find any right now but we might as
    well be conservative since this isn't a performance regression.
    
    * bindings/js/JSDOMWindowProperties.h:
    * bindings/scripts/CodeGeneratorJS.pm:
    (GenerateHeader):
    * bindings/scripts/test/JS/JSInterfaceName.h:
    (WebCore::JSInterfaceName::createStructure):
    * bindings/scripts/test/JS/JSMapLike.h:
    (WebCore::JSMapLike::createStructure):
    * bindings/scripts/test/JS/JSReadOnlyMapLike.h:
    (WebCore::JSReadOnlyMapLike::createStructure):
    * bindings/scripts/test/JS/JSReadOnlySetLike.h:
    (WebCore::JSReadOnlySetLike::createStructure):
    * bindings/scripts/test/JS/JSSetLike.h:
    (WebCore::JSSetLike::createStructure):
    * bindings/scripts/test/JS/JSTestActiveDOMObject.h:
    (WebCore::JSTestActiveDOMObject::createStructure):
    * bindings/scripts/test/JS/JSTestCEReactions.h:
    (WebCore::JSTestCEReactions::createStructure):
    * bindings/scripts/test/JS/JSTestCEReactionsStringifier.h:
    (WebCore::JSTestCEReactionsStringifier::createStructure):
    * bindings/scripts/test/JS/JSTestCallTracer.h:
    (WebCore::JSTestCallTracer::createStructure):
    * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.h:
    (WebCore::JSTestClassWithJSBuiltinConstructor::createStructure):
    * bindings/scripts/test/JS/JSTestDOMJIT.h:
    (WebCore::JSTestDOMJIT::createStructure):
    * bindings/scripts/test/JS/JSTestEnabledBySetting.h:
    (WebCore::JSTestEnabledBySetting::createStructure):
    * bindings/scripts/test/JS/JSTestEnabledForContext.h:
    (WebCore::JSTestEnabledForContext::createStructure):
    * bindings/scripts/test/JS/JSTestEventConstructor.h:
    (WebCore::JSTestEventConstructor::createStructure):
    * bindings/scripts/test/JS/JSTestEventTarget.h:
    (WebCore::JSTestEventTarget::createStructure):
    * bindings/scripts/test/JS/JSTestException.h:
    (WebCore::JSTestException::createStructure):
    * bindings/scripts/test/JS/JSTestGenerateIsReachable.h:
    (WebCore::JSTestGenerateIsReachable::createStructure):
    * bindings/scripts/test/JS/JSTestGlobalObject.h:
    (WebCore::JSTestGlobalObject::createStructure):
    * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.h:
    (WebCore::JSTestIndexedSetterNoIdentifier::createStructure):
    * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.h:
    (WebCore::JSTestIndexedSetterThrowingException::createStructure):
    * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.h:
    (WebCore::JSTestIndexedSetterWithIdentifier::createStructure):
    * bindings/scripts/test/JS/JSTestInterface.h:
    * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.h:
    (WebCore::JSTestInterfaceLeadingUnderscore::createStructure):
    * bindings/scripts/test/JS/JSTestIterable.h:
    (WebCore::JSTestIterable::createStructure):
    * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.h:
    (WebCore::JSTestJSBuiltinConstructor::createStructure):
    * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
    (WebCore::JSTestMediaQueryListListener::createStructure):
    * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.h:
    (WebCore::JSTestNamedAndIndexedSetterNoIdentifier::createStructure):
    * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.h:
    (WebCore::JSTestNamedAndIndexedSetterThrowingException::createStructure):
    * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.h:
    (WebCore::JSTestNamedAndIndexedSetterWithIdentifier::createStructure):
    * bindings/scripts/test/JS/JSTestNamedConstructor.h:
    (WebCore::JSTestNamedConstructor::createStructure):
    * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.h:
    (WebCore::JSTestNamedDeleterNoIdentifier::createStructure):
    * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.h:
    (WebCore::JSTestNamedDeleterThrowingException::createStructure):
    * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.h:
    (WebCore::JSTestNamedDeleterWithIdentifier::createStructure):
    * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.h:
    (WebCore::JSTestNamedDeleterWithIndexedGetter::createStructure):
    * bindings/scripts/test/JS/JSTestNamedGetterCallWith.h:
    (WebCore::JSTestNamedGetterCallWith::createStructure):
    * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.h:
    (WebCore::JSTestNamedGetterNoIdentifier::createStructure):
    * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.h:
    (WebCore::JSTestNamedGetterWithIdentifier::createStructure):
    * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.h:
    (WebCore::JSTestNamedSetterNoIdentifier::createStructure):
    * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.h:
    (WebCore::JSTestNamedSetterThrowingException::createStructure):
    * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.h:
    (WebCore::JSTestNamedSetterWithIdentifier::createStructure):
    * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.h:
    (WebCore::JSTestNamedSetterWithIndexedGetter::createStructure):
    * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.h:
    (WebCore::JSTestNamedSetterWithIndexedGetterAndSetter::createStructure):
    * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.h:
    (WebCore::JSTestNamedSetterWithOverrideBuiltins::createStructure):
    * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.h:
    (WebCore::JSTestNamedSetterWithUnforgableProperties::createStructure):
    * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.h:
    (WebCore::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins::createStructure):
    * bindings/scripts/test/JS/JSTestNode.h:
    * bindings/scripts/test/JS/JSTestObj.h:
    (WebCore::JSTestObj::createStructure):
    * bindings/scripts/test/JS/JSTestOverloadedConstructors.h:
    (WebCore::JSTestOverloadedConstructors::createStructure):
    * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.h:
    (WebCore::JSTestOverloadedConstructorsWithSequence::createStructure):
    * bindings/scripts/test/JS/JSTestOverrideBuiltins.h:
    (WebCore::JSTestOverrideBuiltins::createStructure):
    * bindings/scripts/test/JS/JSTestPluginInterface.h:
    (WebCore::JSTestPluginInterface::createStructure):
    * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.h:
    (WebCore::JSTestPromiseRejectionEvent::createStructure):
    * bindings/scripts/test/JS/JSTestSerialization.h:
    (WebCore::JSTestSerialization::createStructure):
    * bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.h:
    (WebCore::JSTestSerializationIndirectInheritance::createStructure):
    * bindings/scripts/test/JS/JSTestSerializationInherit.h:
    (WebCore::JSTestSerializationInherit::createStructure):
    * bindings/scripts/test/JS/JSTestSerializationInheritFinal.h:
    (WebCore::JSTestSerializationInheritFinal::createStructure):
    * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
    (WebCore::JSTestSerializedScriptValueInterface::createStructure):
    * bindings/scripts/test/JS/JSTestStringifier.h:
    (WebCore::JSTestStringifier::createStructure):
    * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.h:
    (WebCore::JSTestStringifierAnonymousOperation::createStructure):
    * bindings/scripts/test/JS/JSTestStringifierNamedOperation.h:
    (WebCore::JSTestStringifierNamedOperation::createStructure):
    * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.h:
    (WebCore::JSTestStringifierOperationImplementedAs::createStructure):
    * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.h:
    (WebCore::JSTestStringifierOperationNamedToString::createStructure):
    * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.h:
    (WebCore::JSTestStringifierReadOnlyAttribute::createStructure):
    * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.h:
    (WebCore::JSTestStringifierReadWriteAttribute::createStructure):
    * bindings/scripts/test/JS/JSTestTypedefs.h:
    (WebCore::JSTestTypedefs::createStructure):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259355 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-04-01  Keith Miller  <keith_miller@apple.com>

            Bindings that override getOwnPropertySlotByIndex need to say they MayHaveIndexedAccessors
            https://bugs.webkit.org/show_bug.cgi?id=209762

            Reviewed by Darin Adler.

            There may be places where we rely on this for semantic
            correctness. I couldn't find any right now but we might as
            well be conservative since this isn't a performance regression.

            * bindings/js/JSDOMWindowProperties.h:
            * bindings/scripts/CodeGeneratorJS.pm:
            (GenerateHeader):
            * bindings/scripts/test/JS/JSInterfaceName.h:
            (WebCore::JSInterfaceName::createStructure):
            * bindings/scripts/test/JS/JSMapLike.h:
            (WebCore::JSMapLike::createStructure):
            * bindings/scripts/test/JS/JSReadOnlyMapLike.h:
            (WebCore::JSReadOnlyMapLike::createStructure):
            * bindings/scripts/test/JS/JSReadOnlySetLike.h:
            (WebCore::JSReadOnlySetLike::createStructure):
            * bindings/scripts/test/JS/JSSetLike.h:
            (WebCore::JSSetLike::createStructure):
            * bindings/scripts/test/JS/JSTestActiveDOMObject.h:
            (WebCore::JSTestActiveDOMObject::createStructure):
            * bindings/scripts/test/JS/JSTestCEReactions.h:
            (WebCore::JSTestCEReactions::createStructure):
            * bindings/scripts/test/JS/JSTestCEReactionsStringifier.h:
            (WebCore::JSTestCEReactionsStringifier::createStructure):
            * bindings/scripts/test/JS/JSTestCallTracer.h:
            (WebCore::JSTestCallTracer::createStructure):
            * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.h:
            (WebCore::JSTestClassWithJSBuiltinConstructor::createStructure):
            * bindings/scripts/test/JS/JSTestDOMJIT.h:
            (WebCore::JSTestDOMJIT::createStructure):
            * bindings/scripts/test/JS/JSTestEnabledBySetting.h:
            (WebCore::JSTestEnabledBySetting::createStructure):
            * bindings/scripts/test/JS/JSTestEnabledForContext.h:
            (WebCore::JSTestEnabledForContext::createStructure):
            * bindings/scripts/test/JS/JSTestEventConstructor.h:
            (WebCore::JSTestEventConstructor::createStructure):
            * bindings/scripts/test/JS/JSTestEventTarget.h:
            (WebCore::JSTestEventTarget::createStructure):
            * bindings/scripts/test/JS/JSTestException.h:
            (WebCore::JSTestException::createStructure):
            * bindings/scripts/test/JS/JSTestGenerateIsReachable.h:
            (WebCore::JSTestGenerateIsReachable::createStructure):
            * bindings/scripts/test/JS/JSTestGlobalObject.h:
            (WebCore::JSTestGlobalObject::createStructure):
            * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.h:
            (WebCore::JSTestIndexedSetterNoIdentifier::createStructure):
            * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.h:
            (WebCore::JSTestIndexedSetterThrowingException::createStructure):
            * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.h:
            (WebCore::JSTestIndexedSetterWithIdentifier::createStructure):
            * bindings/scripts/test/JS/JSTestInterface.h:
            * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.h:
            (WebCore::JSTestInterfaceLeadingUnderscore::createStructure):
            * bindings/scripts/test/JS/JSTestIterable.h:
            (WebCore::JSTestIterable::createStructure):
            * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.h:
            (WebCore::JSTestJSBuiltinConstructor::createStructure):
            * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
            (WebCore::JSTestMediaQueryListListener::createStructure):
            * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.h:
            (WebCore::JSTestNamedAndIndexedSetterNoIdentifier::createStructure):
            * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.h:
            (WebCore::JSTestNamedAndIndexedSetterThrowingException::createStructure):
            * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.h:
            (WebCore::JSTestNamedAndIndexedSetterWithIdentifier::createStructure):
            * bindings/scripts/test/JS/JSTestNamedConstructor.h:
            (WebCore::JSTestNamedConstructor::createStructure):
            * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.h:
            (WebCore::JSTestNamedDeleterNoIdentifier::createStructure):
            * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.h:
            (WebCore::JSTestNamedDeleterThrowingException::createStructure):
            * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.h:
            (WebCore::JSTestNamedDeleterWithIdentifier::createStructure):
            * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.h:
            (WebCore::JSTestNamedDeleterWithIndexedGetter::createStructure):
            * bindings/scripts/test/JS/JSTestNamedGetterCallWith.h:
            (WebCore::JSTestNamedGetterCallWith::createStructure):
            * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.h:
            (WebCore::JSTestNamedGetterNoIdentifier::createStructure):
            * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.h:
            (WebCore::JSTestNamedGetterWithIdentifier::createStructure):
            * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.h:
            (WebCore::JSTestNamedSetterNoIdentifier::createStructure):
            * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.h:
            (WebCore::JSTestNamedSetterThrowingException::createStructure):
            * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.h:
            (WebCore::JSTestNamedSetterWithIdentifier::createStructure):
            * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.h:
            (WebCore::JSTestNamedSetterWithIndexedGetter::createStructure):
            * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.h:
            (WebCore::JSTestNamedSetterWithIndexedGetterAndSetter::createStructure):
            * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.h:
            (WebCore::JSTestNamedSetterWithOverrideBuiltins::createStructure):
            * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.h:
            (WebCore::JSTestNamedSetterWithUnforgableProperties::createStructure):
            * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.h:
            (WebCore::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins::createStructure):
            * bindings/scripts/test/JS/JSTestNode.h:
            * bindings/scripts/test/JS/JSTestObj.h:
            (WebCore::JSTestObj::createStructure):
            * bindings/scripts/test/JS/JSTestOverloadedConstructors.h:
            (WebCore::JSTestOverloadedConstructors::createStructure):
            * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.h:
            (WebCore::JSTestOverloadedConstructorsWithSequence::createStructure):
            * bindings/scripts/test/JS/JSTestOverrideBuiltins.h:
            (WebCore::JSTestOverrideBuiltins::createStructure):
            * bindings/scripts/test/JS/JSTestPluginInterface.h:
            (WebCore::JSTestPluginInterface::createStructure):
            * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.h:
            (WebCore::JSTestPromiseRejectionEvent::createStructure):
            * bindings/scripts/test/JS/JSTestSerialization.h:
            (WebCore::JSTestSerialization::createStructure):
            * bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.h:
            (WebCore::JSTestSerializationIndirectInheritance::createStructure):
            * bindings/scripts/test/JS/JSTestSerializationInherit.h:
            (WebCore::JSTestSerializationInherit::createStructure):
            * bindings/scripts/test/JS/JSTestSerializationInheritFinal.h:
            (WebCore::JSTestSerializationInheritFinal::createStructure):
            * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
            (WebCore::JSTestSerializedScriptValueInterface::createStructure):
            * bindings/scripts/test/JS/JSTestStringifier.h:
            (WebCore::JSTestStringifier::createStructure):
            * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.h:
            (WebCore::JSTestStringifierAnonymousOperation::createStructure):
            * bindings/scripts/test/JS/JSTestStringifierNamedOperation.h:
            (WebCore::JSTestStringifierNamedOperation::createStructure):
            * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.h:
            (WebCore::JSTestStringifierOperationImplementedAs::createStructure):
            * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.h:
            (WebCore::JSTestStringifierOperationNamedToString::createStructure):
            * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.h:
            (WebCore::JSTestStringifierReadOnlyAttribute::createStructure):
            * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.h:
            (WebCore::JSTestStringifierReadWriteAttribute::createStructure):
            * bindings/scripts/test/JS/JSTestTypedefs.h:
            (WebCore::JSTestTypedefs::createStructure):

2020-04-03  Alan Coon  <alancoon@apple.com>

        Cherry-pick r256900. rdar://problem/61269733

    SWServer::claim should check for the service worker to be active
    https://bugs.webkit.org/show_bug.cgi?id=207739
    <rdar://problem/45441129>
    
    Reviewed by Alex Christensen.
    
    Source/WebCore:
    
    claim is only working for service workers that are active.
    But there might be a time when a service worker is active in its web process but redundant in networking process.
    Thus, we need to move the check from WebProcess to NetworkProcess.
    
    * workers/service/ServiceWorkerClients.cpp:
    (WebCore::ServiceWorkerClients::claim):
    * workers/service/context/SWContextManager.h:
    * workers/service/server/SWServer.cpp:
    (WebCore::SWServer::claim):
    * workers/service/server/SWServer.h:
    * workers/service/server/SWServerToContextConnection.cpp:
    (WebCore::SWServerToContextConnection::claim):
    * workers/service/server/SWServerToContextConnection.h:
    * workers/service/server/SWServerWorker.cpp:
    (WebCore::SWServerWorker::claim): Deleted.
    * workers/service/server/SWServerWorker.h:
    (WebCore::SWServerWorker::isActive const):
    
    Source/WebKit:
    
    Use Async Reply to remove the need for a map and passing integers around.
    
    * NetworkProcess/ServiceWorker/WebSWServerToContextConnection.cpp:
    (WebKit::WebSWServerToContextConnection::claimCompleted): Deleted.
    * NetworkProcess/ServiceWorker/WebSWServerToContextConnection.h:
    * NetworkProcess/ServiceWorker/WebSWServerToContextConnection.messages.in:
    * WebProcess/Storage/WebSWContextManagerConnection.cpp:
    (WebKit::WebSWContextManagerConnection::claim):
    (WebKit::WebSWContextManagerConnection::claimCompleted): Deleted.
    * WebProcess/Storage/WebSWContextManagerConnection.h:
    * WebProcess/Storage/WebSWContextManagerConnection.messages.in:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256900 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-18  Youenn Fablet  <youenn@apple.com>

            SWServer::claim should check for the service worker to be active
            https://bugs.webkit.org/show_bug.cgi?id=207739
            <rdar://problem/45441129>

            Reviewed by Alex Christensen.

            claim is only working for service workers that are active.
            But there might be a time when a service worker is active in its web process but redundant in networking process.
            Thus, we need to move the check from WebProcess to NetworkProcess.

            * workers/service/ServiceWorkerClients.cpp:
            (WebCore::ServiceWorkerClients::claim):
            * workers/service/context/SWContextManager.h:
            * workers/service/server/SWServer.cpp:
            (WebCore::SWServer::claim):
            * workers/service/server/SWServer.h:
            * workers/service/server/SWServerToContextConnection.cpp:
            (WebCore::SWServerToContextConnection::claim):
            * workers/service/server/SWServerToContextConnection.h:
            * workers/service/server/SWServerWorker.cpp:
            (WebCore::SWServerWorker::claim): Deleted.
            * workers/service/server/SWServerWorker.h:
            (WebCore::SWServerWorker::isActive const):

2020-03-31  Russell Epstein  <repstein@apple.com>

        Cherry-pick r259305. rdar://problem/61131083

    Invalid memory access @ WebCore::FrameLoader::dispatchDidCommitLoad
    https://bugs.webkit.org/show_bug.cgi?id=209786
    
    Patch by Pinki Gyanchandani <pgyanchandani@apple.com> on 2020-03-31
    Reviewed by Ryosuke Niwa.
    
    No new tests. Reduced test would be added later. Currently issue is verified with the original testcase in associated radar-58416328.
    
    Webkit1 only issue, where m_client.dispatchDidCommitLoad in FrameLoader::dispatchDidCommitLoad could cause the frame
    to be destroyed, and m_frame still being accessed outside. Changes made to protect the DocumentLoader and Frame.
    
    * loader/DocumentLoader.cpp:
    (WebCore::DocumentLoader::finishedLoading):
    (WebCore::DocumentLoader::handleSubstituteDataLoadNow):
    * loader/FrameLoader.cpp:
    (WebCore::FrameLoader::receivedFirstData):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259305 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-03-31  Pinki Gyanchandani  <pgyanchandani@apple.com>

            Invalid memory access @ WebCore::FrameLoader::dispatchDidCommitLoad
            https://bugs.webkit.org/show_bug.cgi?id=209786

            Reviewed by Ryosuke Niwa.

            No new tests. Reduced test would be added later. Currently issue is verified with the original testcase in associated radar-58416328.

            Webkit1 only issue, where m_client.dispatchDidCommitLoad in FrameLoader::dispatchDidCommitLoad could cause the frame
            to be destroyed, and m_frame still being accessed outside. Changes made to protect the DocumentLoader and Frame.

            * loader/DocumentLoader.cpp:
            (WebCore::DocumentLoader::finishedLoading):
            (WebCore::DocumentLoader::handleSubstituteDataLoadNow):
            * loader/FrameLoader.cpp:
            (WebCore::FrameLoader::receivedFirstData):

2020-03-31  Russell Epstein  <repstein@apple.com>

        Cherry-pick r259244. rdar://problem/61131078

    Assertion failure in HTMLFormElement::formElementIndex
    https://bugs.webkit.org/show_bug.cgi?id=209643
    
    Reviewed by Darin Adler.
    
    The bug was caused by FormAssociatedElement::findAssociatedForm finding a wrong form element
    when it's called on an element which appears later in the removed subtree.
    
    When we find the new form element to associate this element with, check to make sure its root
    element is that of the tree scope. This condition will be false if this element is in in the midst
    of being removed.
    
    * html/FormAssociatedElement.cpp:
    (WebCore::FormAssociatedElement::findAssociatedForm):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259244 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-03-27  Ryosuke Niwa  <rniwa@webkit.org>

            Assertion failure in HTMLFormElement::formElementIndex
            https://bugs.webkit.org/show_bug.cgi?id=209643

            Reviewed by Darin Adler.

            The bug was caused by FormAssociatedElement::findAssociatedForm finding a wrong form element
            when it's called on an element which appears later in the removed subtree.

            When we find the new form element to associate this element with, check to make sure its root
            element is that of the tree scope. This condition will be false if this element is in in the midst
            of being removed.

            * html/FormAssociatedElement.cpp:
            (WebCore::FormAssociatedElement::findAssociatedForm):

2020-03-31  Russell Epstein  <repstein@apple.com>

        Cherry-pick r258326. rdar://problem/61113047

    Remove no longer used code in LibWebRTCMediaEndpoint to handle remote streams
    https://bugs.webkit.org/show_bug.cgi?id=208919
    
    Reviewed by Eric Carlson.
    
    These stream APIs are legacy now and not useful anymore.
    Stop implementing the corresponding callbacks and remove related code.
    Coverd by existing tests.
    
    * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
    (WebCore::LibWebRTCMediaEndpoint::addRemoteStream): Deleted.
    (WebCore::LibWebRTCMediaEndpoint::addRemoteTrack): Deleted.
    (WebCore::LibWebRTCMediaEndpoint::OnAddStream): Deleted.
    * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.h:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258326 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-03-12  youenn fablet  <youenn@apple.com>

            Remove no longer used code in LibWebRTCMediaEndpoint to handle remote streams
            https://bugs.webkit.org/show_bug.cgi?id=208919

            Reviewed by Eric Carlson.

            These stream APIs are legacy now and not useful anymore.
            Stop implementing the corresponding callbacks and remove related code.
            Coverd by existing tests.

            * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
            (WebCore::LibWebRTCMediaEndpoint::addRemoteStream): Deleted.
            (WebCore::LibWebRTCMediaEndpoint::addRemoteTrack): Deleted.
            (WebCore::LibWebRTCMediaEndpoint::OnAddStream): Deleted.
            * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.h:

2020-03-30  Alan Coon  <alancoon@apple.com>

        Cherry-pick r258837. rdar://problem/61064858

    MediaDevices::refreshDevices should take device type into account
    https://bugs.webkit.org/show_bug.cgi?id=209417
    <rdar://problem/60521332>
    
    Reviewed by Eric Carlson.
    
    Source/WebCore:
    
    Now that we set deviceId to the empty string when media capture is not granted,
    we can have two devices with the same ID. We also need to handle the device type.
    
    * Modules/mediastream/MediaDevices.cpp:
    (WebCore::MediaDevices::refreshDevices):
    
    LayoutTests:
    
    * fast/mediastream/media-device-info-expected.txt:
    * fast/mediastream/media-device-info.html:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258837 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-03-23  youenn fablet  <youenn@apple.com>

            MediaDevices::refreshDevices should take device type into account
            https://bugs.webkit.org/show_bug.cgi?id=209417
            <rdar://problem/60521332>

            Reviewed by Eric Carlson.

            Now that we set deviceId to the empty string when media capture is not granted,
            we can have two devices with the same ID. We also need to handle the device type.

            * Modules/mediastream/MediaDevices.cpp:
            (WebCore::MediaDevices::refreshDevices):

2020-03-30  Alan Coon  <alancoon@apple.com>

        Cherry-pick r258493. rdar://problem/61064864

    Remove the use of empty WebRTC sources for receiver tracks
    https://bugs.webkit.org/show_bug.cgi?id=209061
    
    Reviewed by Eric Carlson.
    
    LayoutTests/imported/w3c:
    
    * web-platform-tests/webrtc/RTCPeerConnection-track-stats.https-expected.txt:
    
    Source/WebCore:
    
    We no longer need to create receivers with empty sources since we now always have a libwebrtc receiver from which we can get the track.
    We remove that code path.
    This sldo allows using the right track parameters from the start, like track id.
    
    Covered by existing and rebased tests.
    
    * Modules/mediastream/RTCPeerConnection.h:
    * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
    (WebCore::LibWebRTCMediaEndpoint::addPendingTrackEvent):
    (WebCore::LibWebRTCMediaEndpoint::collectTransceivers):
    (WebCore::LibWebRTCMediaEndpoint::newTransceiver):
    * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
    (WebCore::LibWebRTCPeerConnectionBackend::createReceiver):
    (WebCore::LibWebRTCPeerConnectionBackend::addTrack):
    (WebCore::LibWebRTCPeerConnectionBackend::addTransceiverFromTrackOrKind):
    (WebCore::LibWebRTCPeerConnectionBackend::newRemoteTransceiver):
    * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.h:
    * Modules/mediastream/libwebrtc/LibWebRTCRtpReceiverBackend.cpp:
    (WebCore::LibWebRTCRtpReceiverBackend::createSource):
    * Modules/mediastream/libwebrtc/LibWebRTCRtpReceiverBackend.h:
    * platform/mediastream/RealtimeIncomingAudioSource.cpp:
    (WebCore::RealtimeIncomingAudioSource::RealtimeIncomingAudioSource):
    * platform/mediastream/RealtimeIncomingAudioSource.h:
    * platform/mediastream/RealtimeIncomingVideoSource.cpp:
    (WebCore::RealtimeIncomingVideoSource::RealtimeIncomingVideoSource):
    * platform/mediastream/RealtimeIncomingVideoSource.h:
    * testing/MockLibWebRTCPeerConnection.h:
    (WebCore::MockMediaStreamTrack::state const):
    (WebCore::MockRtpReceiver::SetObserver):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258493 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-03-16  youenn fablet  <youenn@apple.com>

            Remove the use of empty WebRTC sources for receiver tracks
            https://bugs.webkit.org/show_bug.cgi?id=209061

            Reviewed by Eric Carlson.

            We no longer need to create receivers with empty sources since we now always have a libwebrtc receiver from which we can get the track.
            We remove that code path.
            This sldo allows using the right track parameters from the start, like track id.

            Covered by existing and rebased tests.

            * Modules/mediastream/RTCPeerConnection.h:
            * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
            (WebCore::LibWebRTCMediaEndpoint::addPendingTrackEvent):
            (WebCore::LibWebRTCMediaEndpoint::collectTransceivers):
            (WebCore::LibWebRTCMediaEndpoint::newTransceiver):
            * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
            (WebCore::LibWebRTCPeerConnectionBackend::createReceiver):
            (WebCore::LibWebRTCPeerConnectionBackend::addTrack):
            (WebCore::LibWebRTCPeerConnectionBackend::addTransceiverFromTrackOrKind):
            (WebCore::LibWebRTCPeerConnectionBackend::newRemoteTransceiver):
            * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.h:
            * Modules/mediastream/libwebrtc/LibWebRTCRtpReceiverBackend.cpp:
            (WebCore::LibWebRTCRtpReceiverBackend::createSource):
            * Modules/mediastream/libwebrtc/LibWebRTCRtpReceiverBackend.h:
            * platform/mediastream/RealtimeIncomingAudioSource.cpp:
            (WebCore::RealtimeIncomingAudioSource::RealtimeIncomingAudioSource):
            * platform/mediastream/RealtimeIncomingAudioSource.h:
            * platform/mediastream/RealtimeIncomingVideoSource.cpp:
            (WebCore::RealtimeIncomingVideoSource::RealtimeIncomingVideoSource):
            * platform/mediastream/RealtimeIncomingVideoSource.h:
            * testing/MockLibWebRTCPeerConnection.h:
            (WebCore::MockMediaStreamTrack::state const):
            (WebCore::MockRtpReceiver::SetObserver):

2020-03-30  Alan Coon  <alancoon@apple.com>

        Cherry-pick r258464. rdar://problem/61064870

    Call SVGTRefElement::buildPendingResource in SVGElement::didFinishInsertingNode
    https://bugs.webkit.org/show_bug.cgi?id=208981
    
    Reviewed by Antti Koivisto.
    
    This patch moves the call to SVGTRefElement::buildPendingResource from SVGElement::insertedIntoAncestor
    to SVGElement::didFinishInsertingNode.
    
    * svg/SVGElement.cpp:
    (WebCore::SVGElement::insertedIntoAncestor): Return true when the element has a pending resource ID.
    (WebCore::SVGElement::didFinishInsertingNode): Added. Calls buildPendingResourcesIfNeeded.
    * svg/SVGElement.h:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258464 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-03-14  Ryosuke Niwa  <rniwa@webkit.org>

            Call SVGTRefElement::buildPendingResource in SVGElement::didFinishInsertingNode
            https://bugs.webkit.org/show_bug.cgi?id=208981

            Reviewed by Antti Koivisto.

            This patch moves the call to SVGTRefElement::buildPendingResource from SVGElement::insertedIntoAncestor
            to SVGElement::didFinishInsertingNode.

            * svg/SVGElement.cpp:
            (WebCore::SVGElement::insertedIntoAncestor): Return true when the element has a pending resource ID.
            (WebCore::SVGElement::didFinishInsertingNode): Added. Calls buildPendingResourcesIfNeeded.
            * svg/SVGElement.h:

    b'2020-03-23  Russell Epstein  <repstein@apple.com>\n\n        Cherry-pick r258799. rdar://problem/60756681\n\n    Content-Type & Nosniff Ignored on XML External Entity Resources\n    <https://webkit.org/b/191171>\n    <rdar://problem/45763222>\n    \n    Reviewed by Darin Adler.\n    \n    Source/WebCore:\n    \n    Test: http/tests/security/contentTypeOptions/nosniff-xml-external-entity.xhtml\n    \n    * platform/MIMETypeRegistry.cpp:\n    (WebCore::MIMETypeRegistry::isXMLEntityMIMEType): Add.\n    * platform/MIMETypeRegistry.h:\n    (WebCore::MIMETypeRegistry::isXMLEntityMIMEType): Add.\n    - Checks for XML external entity MIME types.\n    \n    * xml/parser/XMLDocumentParserLibxml2.cpp:\n    (WebCore::externalEntityMimeTypeAllowedByNosniff): Add.\n    - Checks whether the MIME type is valid based on the presence of\n      the "X-Content-Type-Options: nosniff" header.\n    (WebCore::openFunc):\n    - Drop the contents of the resource that was returned and print\n      an error message to the Web Inspector console if\n      externalEntityMimeTypeAllowedByNosniff() says the MIME type is\n      not allowed.\n    \n    LayoutTests:\n    \n    * http/tests/security/contentTypeOptions/nosniff-xml-external-entity-expected.txt: Add.\n    * http/tests/security/contentTypeOptions/nosniff-xml-external-entity.xhtml: Add.\n    \n    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258799 268f45cc-cd09-0410-ab3c-d52691b4dbfc\n\n    2020-03-20  David Kilzer  <ddkilzer@apple.com>\n\n            Content-Type & Nosniff Ignored on XML External Entity Resources\n            <https://webkit.org/b/191171>\n            <rdar://problem/45763222>\n\n            Reviewed by Darin Adler.\n\n            Test: http/tests/security/contentTypeOptions/nosniff-xml-external-entity.xhtml\n\n            * platform/MIMETypeRegistry.cpp:\n            (WebCore::MIMETypeRegistry::isXMLEntityMIMEType): Add.\n            * platform/MIMETypeRegistry.h:\n            (WebCore::MIMETypeRegistry::isXMLEntityMIMEType): Add.\n            - Checks for XML external entity MIME types.\n\n            * xml/parser/XMLDocumentParserLibxml2.cpp:\n            (WebCore::externalEntityMimeTypeAllowedByNosniff): Add.\n            - Checks whether the MIME type is valid based on the presence of\n              the "X-Content-Type-Options: nosniff" header.\n            (WebCore::openFunc):\n            - Drop the contents of the resource that was returned and print\n              an error message to the Web Inspector console if\n              externalEntityMimeTypeAllowedByNosniff() says the MIME type is\n              not allowed.\n\n    b"2020-03-23  Russell Epstein  <repstein@apple.com>\\n\\n        Cherry-pick r258711. rdar://problem/60756645\\n\\n    Source/WebCore:\\n    AX: VO and safari: can\'t press the play button\\n    https://bugs.webkit.org/show_bug.cgi?id=209249\\n    \\n    Reviewed by Darin Adler.\\n    \\n    Test: accessibility/ios-simulator/has-touch-event-listener-with-shadow.html\\n    \\n    If a node is in a shadowRoot, going up the node parent tree will stop and not check the entire tree for touch event listeners\\n    and a touch event won\'t be dispatched. We need to change to use the parentInComposedTree instead to go up the chain.\\n    \\n    * accessibility/ios/AccessibilityObjectIOS.mm:\\n    (WebCore::AccessibilityObject::hasTouchEventListener const):\\n    \\n    LayoutTests:\\n    AX: VO and safari: caan\'t press the play button\\n    https://bugs.webkit.org/show_bug.cgi?id=209249\\n    \\n    Reviewed by Darin Adler.\\n    \\n    * accessibility/ios-simulator/has-touch-event-listener-with-shadow-expected.txt: Added.\\n    * accessibility/ios-simulator/has-touch-event-listener-with-shadow.html: Added.\\n    \\n    \\n    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258711 268f45cc-cd09-0410-ab3c-d52691b4dbfc\\n\\n    2020-03-19  Chris Fleizach  <cfleizach@apple.com>\\n\\n            AX: VO and safari: can\'t press the play button\\n            https://bugs.webkit.org/show_bug.cgi?id=209249\\n\\n            Reviewed by Darin Adler.\\n\\n            Test: accessibility/ios-simulator/has-touch-event-listener-with-shadow.html\\n\\n            If a node is in a shadowRoot, going up the node parent tree will stop and not check the entire tree for touch event listeners\\n            and a touch event won\'t be dispatched. We need to change to use the parentInComposedTree instead to go up the chain.\\n\\n            * accessibility/ios/AccessibilityObjectIOS.mm:\\n            (WebCore::AccessibilityObject::hasTouchEventListener const):\\n\\n"2020-03-17  Alan Coon  <alancoon@apple.com>\n\n            Apply patch. rdar://problem/60396271\n\n        2020-03-17  Zalan Bujtas  <zalan@apple.com>\n\n                SVG filter triggers unstable layout.\n                https://bugs.webkit.org/show_bug.cgi?id=207444\n                rdar://problem/59297004\n\n                Reviewed by Simon Fraser.\n\n                SVG filter code marks DOM nodes dirty and schedules style recalc outside of the SVG root\n                while in layout. This could lead to unstable layout and cause battery drain.\n                (See webkit.org/b/208903)\n\n                * rendering/RenderLayer.cpp: Remove filterNeedsRepaint(). It\'s a dangerously misleading name and should\n                not be part of RenderLayer.\n                (WebCore::RenderLayer::calculateClipRects const):\n                * rendering/RenderLayer.h:\n                * rendering/RenderLayerFilters.cpp:\n                (WebCore::RenderLayerFilters::notifyFinished):\n                * rendering/svg/RenderSVGResourceContainer.cpp:\n                (WebCore::RenderSVGResourceContainer::markAllClientsForInvalidation):\n                (WebCore::RenderSVGResourceContainer::markAllClientLayersForInvalidation):\n\n'2020-03-17  Alan Coon  <alancoon@apple.com>

            Cherry-pick r258459. rdar://problem/60539192

        SVGMatrix should have the access right of its owner SVGTransform always
        https://bugs.webkit.org/show_bug.cgi?id=207462

        Reviewed by Simon Fraser.

        Source/WebCore:

        The SVGMatrix needs to be reattached to its owner SVGTransform when the
        access right of this owner changes. The access right of the owner changes
        when it gets attached to or detached from a higher level owner.

        Test: svg/dom/SVGTransformList-anim-read-only.html

        * svg/SVGTransform.h:
        * svg/properties/SVGProperty.h:
        (WebCore::SVGProperty::attach):
        (WebCore::SVGProperty::detach):
        (WebCore::SVGProperty::reattach):

        LayoutTests:

        * svg/dom/SVGTransformList-anim-read-only-expected.txt: Added.
        * svg/dom/SVGTransformList-anim-read-only.html: Added.


        git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258459 268f45cc-cd09-0410-ab3c-d52691b4dbfc

        2020-03-13  Said Abou-Hallawa  <said@apple.com>

                SVGMatrix should have the access right of its owner SVGTransform always
                https://bugs.webkit.org/show_bug.cgi?id=207462

                Reviewed by Simon Fraser.

                The SVGMatrix needs to be reattached to its owner SVGTransform when the
                access right of this owner changes. The access right of the owner changes
                when it gets attached to or detached from a higher level owner.

                Test: svg/dom/SVGTransformList-anim-read-only.html

                * svg/SVGTransform.h:
                * svg/properties/SVGProperty.h:
                (WebCore::SVGProperty::attach):
                (WebCore::SVGProperty::detach):
                (WebCore::SVGProperty::reattach):

2020-03-17  Alan Coon  <alancoon@apple.com>

        Cherry-pick r258455. rdar://problem/60539179

    [Tree building] Block::attachIgnoringContinuation should allow inline tables as before child container
    https://bugs.webkit.org/show_bug.cgi?id=209095
    <rdar://problem/59837588>
    
    Reviewed by Simon Fraser.
    
    Source/WebCore:
    
    It's perfectly valid to have an inline table as the anonymous container for the before child.
    It'll get wrapped inside an anonymous block right before we insert the block box candidate, so
    the final result will be something like:
    
    new block level child (this is the child we are inserting)
    anonymous block wrapper
      inline table (this is the before child's inline container)
        before child
    
    Test: fast/table/before-child-is-inline-table.html
    
    * rendering/updating/RenderTreeBuilderBlock.cpp:
    (WebCore::RenderTreeBuilder::Block::attachIgnoringContinuation):
    
    LayoutTests:
    
    * fast/table/before-child-is-inline-table-expected.txt: Added.
    * fast/table/before-child-is-inline-table.html: Added.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258455 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-03-13  Zalan Bujtas  <zalan@apple.com>

            [Tree building] Block::attachIgnoringContinuation should allow inline tables as before child container
            https://bugs.webkit.org/show_bug.cgi?id=209095
            <rdar://problem/59837588>

            Reviewed by Simon Fraser.

            It's perfectly valid to have an inline table as the anonymous container for the before child.
            It'll get wrapped inside an anonymous block right before we insert the block box candidate, so
            the final result will be something like:

            new block level child (this is the child we are inserting)
            anonymous block wrapper
              inline table (this is the before child's inline container)
                before child

            Test: fast/table/before-child-is-inline-table.html

            * rendering/updating/RenderTreeBuilderBlock.cpp:
            (WebCore::RenderTreeBuilder::Block::attachIgnoringContinuation):

2020-03-17  Alan Coon  <alancoon@apple.com>

        Cherry-pick r258267. rdar://problem/60539190

    Consolidate detachment of document timeline into Document::commonTeardown.
    https://bugs.webkit.org/show_bug.cgi?id=208786
    <rdar://problem/59936716>
    
    Patch by Jack Lee <shihchieh_lee@apple.com> on 2020-03-11
    Reviewed by Ryosuke Niwa.
    
    Move detachment of DocumentTimeline to Document::commonTeardown().
    
    No new tests. Covered by existing document tests.
    
    * dom/Document.cpp:
    (WebCore::Document::removedLastRef):
    (WebCore::Document::commonTeardown):
    (WebCore::Document::prepareForDestruction):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258267 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-03-11  Jack Lee  <shihchieh_lee@apple.com>

            Consolidate detachment of document timeline into Document::commonTeardown.
            https://bugs.webkit.org/show_bug.cgi?id=208786
            <rdar://problem/59936716>

            Reviewed by Ryosuke Niwa.

            Move detachment of DocumentTimeline to Document::commonTeardown().

            No new tests. Covered by existing document tests.

            * dom/Document.cpp:
            (WebCore::Document::removedLastRef):
            (WebCore::Document::commonTeardown):
            (WebCore::Document::prepareForDestruction):

2020-03-17  Alan Coon  <alancoon@apple.com>

        Cherry-pick r255997. rdar://problem/60495055

    Incorrect TextTrack sorting with invalid BCP47 language
    https://bugs.webkit.org/show_bug.cgi?id=207315
    
    Patch by Doug Kelly <dougk@apple.com> on 2020-02-06
    Reviewed by Jer Noble.
    
    When comparing TextTracks, this ensures all tracks are compared based on consistent parameters, including tracks with an invalid BCP47
    language attribute.
    
    * page/CaptionUserPreferencesMediaAF.cpp:
    (WebCore::textTrackCompare):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255997 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-06  Doug Kelly  <dougk@apple.com>

            Incorrect TextTrack sorting with invalid BCP47 language
            https://bugs.webkit.org/show_bug.cgi?id=207315

            Reviewed by Jer Noble.

            When comparing TextTracks, this ensures all tracks are compared based on consistent parameters, including tracks with an invalid BCP47
            language attribute.

            * page/CaptionUserPreferencesMediaAF.cpp:
            (WebCore::textTrackCompare):

2020-03-09  Alan Coon  <alancoon@apple.com>

        Cherry-pick r257640. rdar://problem/60183771

    updateCSSTransitionsForElementAndProperty should clone RenderStyles
    https://bugs.webkit.org/show_bug.cgi?id=208356
    rdar://59869560
    
    Reviewed by Antti Koivisto.
    
    Make ownership of the local variable clear by cloning the RenderStyles
    used in updateCSSTransitionsForElementAndProperty rather than referencing
    different versions.
    
    * animation/AnimationTimeline.cpp:
    (WebCore::AnimationTimeline::updateCSSTransitionsForElementAndProperty):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@257640 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-28  Dean Jackson  <dino@apple.com>

            updateCSSTransitionsForElementAndProperty should clone RenderStyles
            https://bugs.webkit.org/show_bug.cgi?id=208356
            rdar://59869560

            Reviewed by Antti Koivisto.

            Make ownership of the local variable clear by cloning the RenderStyles
            used in updateCSSTransitionsForElementAndProperty rather than referencing
            different versions.

            * animation/AnimationTimeline.cpp:
            (WebCore::AnimationTimeline::updateCSSTransitionsForElementAndProperty):

2020-03-09  Alan Coon  <alancoon@apple.com>

        Cherry-pick r257746. rdar://problem/60183767

    ScriptController::executeIfJavaScriptURL() uses wrong JSGlobalObject.
    https://bugs.webkit.org/show_bug.cgi?id=208290
    <rdar://problem/59839476>
    
    Reviewed by Chris Dumez.
    
    The call to executeScriptIgnoringException() may have changed the current global
    object of the window.  We should be using the original global object that produced
    the result string.
    
    Also added a missing exception check needed after a potential rope resolution.
    
    * bindings/js/ScriptController.cpp:
    (WebCore::ScriptController::executeIfJavaScriptURL):
    
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@257746 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-03-02  Mark Lam  <mark.lam@apple.com>

            ScriptController::executeIfJavaScriptURL() uses wrong JSGlobalObject.
            https://bugs.webkit.org/show_bug.cgi?id=208290
            <rdar://problem/59839476>

            Reviewed by Chris Dumez.

            The call to executeScriptIgnoringException() may have changed the current global
            object of the window.  We should be using the original global object that produced
            the result string.

            Also added a missing exception check needed after a potential rope resolution.

            * bindings/js/ScriptController.cpp:
            (WebCore::ScriptController::executeIfJavaScriptURL):

2020-02-21  Russell Epstein  <repstein@apple.com>

        Cherry-pick r256856. rdar://problem/59654783

    MediaSource.isTypeSupported() says "video/mp4;codecs=\"avc3.42C015\"" is not supported, but it is
    https://bugs.webkit.org/show_bug.cgi?id=207622
    
    Reviewed by Eric Carlson.
    
    Revert the behavior change of MediaPlayerPrivateMediaSourceAVFObjC::supportsType() in r253952.
    
    * platform/graphics/avfoundation/objc/AVAssetMIMETypeCache.mm:
    (WebCore::AVAssetMIMETypeCache::canDecodeExtendedType):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256856 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-18  Peng Liu  <peng.liu6@apple.com>

            MediaSource.isTypeSupported() says "video/mp4;codecs=\"avc3.42C015\"" is not supported, but it is
            https://bugs.webkit.org/show_bug.cgi?id=207622

            Reviewed by Eric Carlson.

            Revert the behavior change of MediaPlayerPrivateMediaSourceAVFObjC::supportsType() in r253952.

            * platform/graphics/avfoundation/objc/AVAssetMIMETypeCache.mm:
            (WebCore::AVAssetMIMETypeCache::canDecodeExtendedType):

2020-02-20  Eric Carlson  <eric.carlson@apple.com>

        Captions sometimes render at the wrong size when in fullscreen and PiP
        https://bugs.webkit.org/show_bug.cgi?id=207389
        <rdar://problem/58677864>

        The TextTrackRepresentation, used to render captions when in fullscreen and PiP on
        iOS and and in PiP on macOS, frequently rendered captions before layout completed
        immediately after it was created. Fix this by having it not render until a layout
        happens. Additionally, make the code more efficient by hiding the TextTrackRepresentation's
        backing layer when cues are not visible instead of destroying the whole object.
        Drive by: RELEASE_LOG_DISABLED is always defined for PLATFORM(COCOA), so remove it
        from the macOS/iOS media players to make it easier to add logging to VideoFullscreenLayerManagerObjC.
        

        * html/HTMLMediaElement.cpp:
        (WebCore::convertEnumerationToString):
        (WebCore::HTMLMediaElement::configureTextTrackDisplay):
        * html/HTMLMediaElementEnums.h:
        (WTF::LogArgument<WebCore::HTMLMediaElementEnums::TextTrackVisibilityCheckType>::toString):
        * html/shadow/MediaControlElements.cpp:
        (WebCore::MediaControlTextTrackContainerElement::MediaControlTextTrackContainerElement):
        (WebCore::MediaControlTextTrackContainerElement::updateDisplay):
        (WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentation):
        (WebCore::MediaControlTextTrackContainerElement::clearTextTrackRepresentation):
        (WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentationStyle):
        (WebCore::MediaControlTextTrackContainerElement::layoutIfNecessary):
        (WebCore::MediaControlTextTrackContainerElement::updateVideoDisplaySize):
        (WebCore::MediaControlTextTrackContainerElement::updateSizes):
        (WebCore::MediaControlTextTrackContainerElement::updateCueStyles):
        (WebCore::MediaControlTextTrackContainerElement::logger const):
        (WebCore::MediaControlTextTrackContainerElement::logIdentifier const):
        (WebCore::MediaControlTextTrackContainerElement::updateTimerFired): Deleted.
        (WebCore::MediaControlTextTrackContainerElement::updateStyleForTextTrackRepresentation): Deleted.
        * platform/graphics/TextTrackRepresentation.h:
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
        (WebCore::MediaPlayerPrivateAVFoundation::MediaPlayerPrivateAVFoundation):
        (WebCore::MediaPlayerPrivateAVFoundation::logChannel const):
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::MediaPlayerPrivateAVFoundationObjC):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenFrame):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createImageForTimeInRect):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::updateAudioTracks):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::updateVideoTracks):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::updateLastImage):
        (-[WebCoreAVFMovieObserver observeValueForKeyPath:ofObject:change:context:]):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::mediaPlayerLogger):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::MediaPlayerPrivateMediaSourceAVFObjC):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::logChannel const):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::MediaPlayerPrivateMediaStreamAVFObjC):
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::logChannel const):
        * platform/graphics/avfoundation/objc/VideoFullscreenLayerManagerObjC.h:
        * platform/graphics/avfoundation/objc/VideoFullscreenLayerManagerObjC.mm:
        (WebCore::VideoFullscreenLayerManagerObjC::VideoFullscreenLayerManagerObjC):
        (WebCore::VideoFullscreenLayerManagerObjC::setVideoLayer):
        (WebCore::VideoFullscreenLayerManagerObjC::setVideoFullscreenLayer):
        (WebCore::VideoFullscreenLayerManagerObjC::setVideoFullscreenFrame):
        (WebCore::VideoFullscreenLayerManagerObjC::didDestroyVideoLayer):
        (WebCore::VideoFullscreenLayerManagerObjC::syncTextTrackBounds):
        (WebCore::VideoFullscreenLayerManagerObjC::setTextTrackRepresentation):
        (WebCore::VideoFullscreenLayerManagerObjC::logChannel const):
        * platform/graphics/cocoa/TextTrackRepresentationCocoa.h:
        * platform/graphics/cocoa/TextTrackRepresentationCocoa.mm:
        (-[WebCoreTextTrackRepresentationCocoaHelper observeValueForKeyPath:ofObject:change:context:]):
        (TextTrackRepresentationCocoa::setHidden const):
        (TextTrackRepresentationCocoa::boundsChanged):
        * rendering/RenderMediaControlElements.cpp:
        (WebCore::RenderTextTrackContainerElement::layout):

2020-02-19  Alan Coon  <alancoon@apple.com>

        Apply patch. rdar://problem/59611912

    2020-02-19  Antoine Quint  <graouts@webkit.org>

            [Web Animations] Style changes due to Web Animations should not trigger CSS Transitions
            https://bugs.webkit.org/show_bug.cgi?id=207760
            <rdar://problem/59458111>

            Reviewed by Simon Fraser.

            While we would consider the unanimated style of CSS Animations specifically when considering what the "start" style values (before-change style in spec terminology)
            should be when considering whether to start a CSS Transition during style resolution, we would not consider other types of animations, specifically JS-created Web
            Animations. However, Web Platform Tests specifically test whether changes made using the Web Animations API may trigger transitions, and until now they would because
            the RenderStyle used to determine the before-change style was the style from the previous resolution, which would include animated values.

            To fix this, we make it so that KeyframeEffect objects now keep a copy of the unanimated style used when blending animated values for the very first time. That style
            is cleared each time keyframes change, which is rare, but may happen through the Web Animations API. Then in AnimationTimeline::updateCSSTransitionsForElementAndProperty(),
            we look for a KeyframeEffect currently affecting the property for which we're considering starting a CSS Transition, and use its unanimated style.

            If that unanimated style has not been set yet, this is because the KeyframeEffect has not had a chance to apply itself with a non-null progress. In this case, the before-change
            and after-change styles should be the same in order to prevent a transition from being triggered as the unanimated style for this keyframe effect will most likely be this
            after-change style, or any future style change that may happen before the keyframe effect starts blending animated values.

            Finally, tracking the unanimated style at the KeyframeEffect level means we no longer to track it specifically for CSSAnimation.

            * animation/AnimationTimeline.cpp:
            (WebCore::keyframeEffectForElementAndProperty):
            (WebCore::AnimationTimeline::updateCSSTransitionsForElementAndProperty):
            * animation/AnimationTimeline.h:
            * animation/CSSAnimation.cpp:
            (WebCore::CSSAnimation::create):
            (WebCore::CSSAnimation::CSSAnimation):
            * animation/CSSAnimation.h:
            * animation/KeyframeEffect.cpp:
            (WebCore::KeyframeEffect::animatesProperty const): Because the backing KeyframeList object may not have been created by the first time we query a KeyframeEffect during
            CSS Transitions resolution, we provide a method that will check the values provided by the Web Animations API to determine whether it targets a given CSS property.
            (WebCore::KeyframeEffect::clearBlendingKeyframes):
            (WebCore::KeyframeEffect::computeDeclarativeAnimationBlendingKeyframes):
            (WebCore::KeyframeEffect::computeCSSAnimationBlendingKeyframes):
            (WebCore::KeyframeEffect::apply):
            * animation/KeyframeEffect.h:
            (WebCore::KeyframeEffect::unanimatedStyle const):
            * style/StyleTreeResolver.cpp:
            (WebCore::Style::TreeResolver::createAnimatedElementUpdate):

2020-02-19  Russell Epstein  <repstein@apple.com>

        Cherry-pick r256859. rdar://problem/59576018

    [macOS] Web process may crash under ServicesOverlayController::buildPotentialHighlightsIfNeeded
    https://bugs.webkit.org/show_bug.cgi?id=207899
    <rdar://problem/55658207>
    
    Reviewed by Tim Horton and Simon Fraser.
    
    Source/WebCore:
    
    Mitigates a null pointer crash in ServicesOverlayController::buildPotentialHighlightsIfNeeded(), wherein the
    focused frame may not have a FrameView when the ServicesOverlayController's selection invalidation timer fires.
    This is possible if, while being focused, the newly focused subframe is unparented and reparented, which causes
    it to momentarily have a null view. During this time, if a selection change had occurred earlier in the runloop,
    it will schedule the page overlay controller invalidation timer, which will fire and discover that the currently
    focused frame no longer has a FrameView.
    
    Test: editing/selection/selection-change-in-disconnected-frame-crash.html
    
    * page/mac/ServicesOverlayController.mm:
    (WebCore::ServicesOverlayController::buildSelectionHighlight):
    
    Source/WebKit:
    
    Add another missing null check on iOS, for the case where FrameView is null.
    
    * WebProcess/WebPage/ios/WebPageIOS.mm:
    (WebKit::WebPage::platformEditorState const):
    
    Tools:
    
    Make it possible to run tests on macOS with services controls enabled, via a new TestOptions flag.
    
    * WebKitTestRunner/TestController.cpp:
    (WTR::updateTestOptionsFromTestHeader):
    * WebKitTestRunner/TestOptions.h:
    (WTR::TestOptions::hasSameInitializationOptions const):
    * WebKitTestRunner/cocoa/TestControllerCocoa.mm:
    (WTR::TestController::platformCreateWebView):
    
    LayoutTests:
    
    Add a new layout test to verify that we don't crash under this circumstance.
    
    * editing/selection/selection-change-in-disconnected-frame-crash-expected.txt: Added.
    * editing/selection/selection-change-in-disconnected-frame-crash.html: Added.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256859 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-18  Wenson Hsieh  <wenson_hsieh@apple.com>

            [macOS] Web process may crash under ServicesOverlayController::buildPotentialHighlightsIfNeeded
            https://bugs.webkit.org/show_bug.cgi?id=207899
            <rdar://problem/55658207>

            Reviewed by Tim Horton and Simon Fraser.

            Mitigates a null pointer crash in ServicesOverlayController::buildPotentialHighlightsIfNeeded(), wherein the
            focused frame may not have a FrameView when the ServicesOverlayController's selection invalidation timer fires.
            This is possible if, while being focused, the newly focused subframe is unparented and reparented, which causes
            it to momentarily have a null view. During this time, if a selection change had occurred earlier in the runloop,
            it will schedule the page overlay controller invalidation timer, which will fire and discover that the currently
            focused frame no longer has a FrameView.

            Test: editing/selection/selection-change-in-disconnected-frame-crash.html

            * page/mac/ServicesOverlayController.mm:
            (WebCore::ServicesOverlayController::buildSelectionHighlight):

2020-02-18  Alan Coon  <alancoon@apple.com>

        Apply patch. rdar://problem/59465474

    2020-02-18  Antoine Quint  <graouts@webkit.org>

            [Web Animations] Ensure CSS Transition and CSS Animation events are queued, sorted and dispatched by their timeline
            https://bugs.webkit.org/show_bug.cgi?id=207364
            <rdar://problem/59370413>

            Reviewed by Simon Fraser.

            Until now, AnimationPlaybackEvent events, which are new events introduced by the Web Animations spec, were enqueued in a shared queue on the DocumentTimeline
            and dispatched during the "update animations and send events" procedure. However, AnimationEvent and TransitionEvent events, dispatched by CSS Animations
            and CSS Transitions, were dispatched via a dedicated per-animation queue, which meant typically that those events were dispathed one runloop after the
            AnimationPlaybackEvent events.

            We now remove the dedicated per-animation queue and enqueue all events in the shared DocumentTimeline queue for dispatch during the "update animations and send
            events" procedure. To do this correctly, we need to do a couple of other things that ensure we don't regress tests.

            First, we update the DocumentTimeline::shouldRunUpdateAnimationsAndSendEventsIgnoringSuspensionState() to account for whether there are pending animation events,
            guaranteeing that an animation update is scheduled should there be any.

            Second, when animation events are enqueued in DocumentTimeline::enqueueAnimationEvent() we schedule an animation update if needed, since we know we now
            have pending events that will need to be delivered in an upcoming update. We also maintain a flag between the start of the "update animations and send events"
            procedure and the moment when the pending animation events queue is cleared prior to dispatching events so that events enqueued in the meantime do not
            prematurely schedule animation resolution. The need for a new animation resolution will be checked at the end of the procedure.

            Finally, declarative animations used to have a special suclass of WebAnimation::needsTick() that would check whether they had any pending events, ensuring
            they would not be removed prematurely. We now reset a flag to false as WebAnimation::tick() is called (as part of the "update animations and send events"
            procedure) and set it to true in case an animation is enqueued. This flag is then used in needsTick() to guarantee the animation is not removed before
            the DocumentTimeline has had a chance to dispatch the enqueued event.

            Note also that, for clarity, the DocumentTimeline::unscheduleAnimationResolution() was renamed to DocumentTimeline::clearTickScheduleTimer() since it wouldn't
            actually cancel a previous animation resolution schedule.

            * animation/CSSTransition.h: Fix a newly found build error due to the missing wtf/MonotonicTime.h header.
            * animation/DeclarativeAnimation.cpp: Remove all code related to the dedicated per-animation queue and instead call the new WebAnimation::enqueueAnimationEvent()
            method to enqueue events on the DocumentTimeline.
            (WebCore::DeclarativeAnimation::DeclarativeAnimation):
            (WebCore::DeclarativeAnimation::tick):
            (WebCore::DeclarativeAnimation::enqueueDOMEvent):
            * animation/DeclarativeAnimation.h:
            * animation/DocumentTimeline.cpp:
            (WebCore::DocumentTimeline::detachFromDocument): Ensure the pending events queue is cleared when the timeline is detached from a document, ensuring that there no
            longer events that would cause a ref-cycle (DocumentTimeline -> AnimationPlaybackEvent -> WebAnimation -> DocumentTimeline).
            (WebCore::DocumentTimeline::suspendAnimations):
            (WebCore::DocumentTimeline::removeAnimation):
            (WebCore::DocumentTimeline::scheduleAnimationResolution):
            (WebCore::DocumentTimeline::clearTickScheduleTimer):
            (WebCore::DocumentTimeline::shouldRunUpdateAnimationsAndSendEventsIgnoringSuspensionState const):
            (WebCore::DocumentTimeline::updateCurrentTime):
            (WebCore::DocumentTimeline::updateAnimationsAndSendEvents):
            (WebCore::DocumentTimeline::internalUpdateAnimationsAndSendEvents):
            (WebCore::DocumentTimeline::scheduleNextTick):
            (WebCore::DocumentTimeline::animationAcceleratedRunningStateDidChange):
            (WebCore::DocumentTimeline::enqueueAnimationEvent):
            * animation/DocumentTimeline.h:
            * animation/WebAnimation.cpp:
            (WebCore::WebAnimation::enqueueAnimationPlaybackEvent):
            (WebCore::WebAnimation::enqueueAnimationEvent):
            (WebCore::WebAnimation::needsTick const):
            (WebCore::WebAnimation::tick):
            * animation/WebAnimation.h:

2020-02-14  Antoine Quint  <graouts@webkit.org>

        [Web Animations] Make all animation event types inherit from the same base class
        https://bugs.webkit.org/show_bug.cgi?id=207629

        Reviewed by Simon Fraser.

        Currently we dispatch events CSS Transitions and CSS Animations events using a dedicated event queue on DeclarativeAnimation, while the events
        added by the Web Animations specification (of type AnimationPlaybackEvent) are dispatched using a shared queue on the DocumentTimeline that is
        processed during the "update animations and send events procedure". The Web Animations specification dictates that all events should be dispatched
        during that procedure, which includes sorting of such events based on their timeline time and associated animation relative composite order.

        In this patch, we prepare the work towards spec compliance for animation events dispatch by making all event types (AnimationPlaybackEvent,
        TransitionEvent and AnimationEvent) inherit from a single AnimationEventBase interface. This will allow DocumentTimeline to enqueue, sort and
        dispatch all such events with a single queue in a future patch.

        Due to CSSAnimationController, we must make the "timeline time" and "animation" parameters optional. When we drop support for CSSAnimationController
        we'll be able to enforce stronger requirements for these.

        No new test since this should not introduce any behavior change.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * animation/AnimationEventBase.cpp: Added.
        (WebCore::AnimationEventBase::AnimationEventBase):
        * animation/AnimationEventBase.h: Added.
        (WebCore::AnimationEventBase::create):
        (WebCore::AnimationEventBase::isAnimationPlaybackEvent const):
        (WebCore::AnimationEventBase::isAnimationEvent const):
        (WebCore::AnimationEventBase::isTransitionEvent const):
        (WebCore::AnimationEventBase::timelineTime const):
        (WebCore::AnimationEventBase::animation const):
        * animation/AnimationPlaybackEvent.cpp:
        (WebCore::AnimationPlaybackEvent::AnimationPlaybackEvent):
        (WebCore::AnimationPlaybackEvent::bindingsTimelineTime const):
        * animation/AnimationPlaybackEvent.h:
        * animation/CSSAnimation.cpp:
        (WebCore::CSSAnimation::createEvent):
        * animation/CSSAnimation.h:
        * animation/CSSTransition.cpp:
        (WebCore::CSSTransition::createEvent):
        * animation/CSSTransition.h:
        * animation/DeclarativeAnimation.cpp:
        (WebCore::DeclarativeAnimation::enqueueDOMEvent):
        * animation/DeclarativeAnimation.h:
        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::enqueueAnimationPlaybackEvent):
        * dom/AnimationEvent.cpp:
        (WebCore::AnimationEvent::AnimationEvent):
        * dom/AnimationEvent.h:
        * dom/TransitionEvent.cpp:
        (WebCore::TransitionEvent::TransitionEvent):
        * dom/TransitionEvent.h:
        * page/animation/CSSAnimationController.cpp:
        (WebCore::CSSAnimationControllerPrivate::fireEventsAndUpdateStyle):

2020-02-18  Alan Coon  <alancoon@apple.com>

        Cherry-pick r256191. rdar://problem/59447003

    Disallow setting base URL to a data or JavaScript URL
    https://bugs.webkit.org/show_bug.cgi?id=207136
    
    Source/WebCore:
    
    Reviewed by Brent Fulgham.
    
    Inspired by <https://bugs.chromium.org/p/chromium/issues/detail?id=679318>.
    
    Block setting the base URL to a data URL or JavaScript URL as such usage is questionable.
    This makes WebKit match the behavior of Chrome and Firefox and is in the spirit of the
    discussion in <https://github.com/whatwg/html/issues/2249>.
    
    On Mac and iOS, this restriction is applied only to apps linked against a future SDK to
    avoid breaking shipped apps.
    
    For all other ports, this restriction is enabled by default.
    
    Tests: fast/url/relative2.html
           fast/url/segments-from-data-url2.html
           http/tests/security/allowed-base-url-data-url-via-setting.html
           http/tests/security/denied-base-url-data-url.html
           http/tests/security/denied-base-url-javascript-url.html
    
    * dom/Document.cpp:
    (WebCore::Document::processBaseElement): Condition updating the parsed
    base URL on whether is has an allowed scheme, if restrictions are enabled. Otherwise,
    do what we do now. If the scheme is disallowed then log a message to the console to
    explain this to web developers.
    * html/parser/HTMLPreloadScanner.cpp:
    (WebCore::TokenPreloadScanner::scan): Pass whether to apply restrictons to the base URL
    to updatePredictedBaseURL(). This depends on whether the setting is enabled or not.
    (WebCore::TokenPreloadScanner::updatePredictedBaseURL): Modifed to take a boolean as to
    whether to apply restrictions. If restrictions are not to be applied do what we do now.
    Otherwise, only do what we do now if the scheme for the predicated base URL is allowed.
    * html/parser/HTMLPreloadScanner.h:
    * page/SecurityPolicy.cpp:
    (WebCore::SecurityPolicy::isBaseURLSchemeAllowed): Added.
    * page/SecurityPolicy.h:
    * page/Settings.yaml: Add a setting to toggle restrictions on the base URL scheme.
    
    Source/WebKit:
    
    Reviewed by Brent Fulgham.
    
    Apply base URL restrictions to apps linked to a future WebKit to avoid breaking existing apps.
    
    * Shared/WebPreferences.yaml:
    * UIProcess/API/Cocoa/WKWebView.mm:
    (shouldRestrictBaseURLSchemes): Added.
    (-[WKWebView _setupPageConfiguration:]): Update settings.
    * UIProcess/Cocoa/VersionChecks.h:
    
    Source/WebKitLegacy/mac:
    
    Reviewed by Brent Fulgham.
    
    Apply base URL restrictions to apps linked to a future WebKit to avoid breaking existing apps.
    
    * Misc/WebKitVersionChecks.h:
    * WebView/WebView.mm:
    (shouldRestrictBaseURLSchemes): Added.
    (-[WebView _commonInitializationWithFrameName:groupName:]): Update settings.
    
    Source/WTF:
    
    Reviewed by Brent Fulgham.
    
    Add some more macro definitions.
    
    * wtf/spi/darwin/dyldSPI.h:
    
    LayoutTests:
    
    RReviewed by Brent Fulgham.
    
    Add some tests. Update others to toggle the setting to apply or unapply the new behavior.
    
    The test denied-base-url-javascript-url.html is derived from the test base-url-javascript.html,
    included in <https://chromium.googlesource.com/chromium/src.git/+/c133efa0b915430701930b76a7cfe35608b9a403>.
    
    * fast/url/relative-expected.txt:
    * fast/url/relative.html:
    * fast/url/relative2-expected.txt: Copied from LayoutTests/fast/url/relative-expected.txt.
    * fast/url/relative2.html: Copied from LayoutTests/fast/url/relative.html.
    * fast/url/resources/utilities.js:
    (setShouldEllipsizeFileURLPaths): Added. Toggles ellipsizing the path portion of a file URL to simplify matching.
    Otherwise, file URLs could be machine-specific.
    (canonicalizedPathname): Added.
    (segments): Modified to optionally call canonicalizedPathname.
    (canonicalize): Ditto.
    * fast/url/segments-from-data-url-expected.txt:
    * fast/url/segments-from-data-url.html:
    * fast/url/segments-from-data-url2-expected.txt: Copied from LayoutTests/fast/url/segments-from-data-url-expected.txt.
    * fast/url/segments-from-data-url2.html: Copied from LayoutTests/fast/url/segments-from-data-url.html.
    * fetch/fetch-url-serialization-expected.txt:
    * http/tests/plugins/navigation-during-load-embed.html:
    * http/tests/plugins/navigation-during-load.html:
    * http/tests/security/allowed-base-url-data-url-via-setting-expected.txt: Added.
    * http/tests/security/allowed-base-url-data-url-via-setting.html: Added.
    * http/tests/security/denied-base-url-data-url-expected.txt: Added.
    * http/tests/security/denied-base-url-data-url.html: Added.
    * http/tests/security/denied-base-url-javascript-url-expected.txt: Added.
    * http/tests/security/denied-base-url-javascript-url.html: Added.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256191 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-10  Daniel Bates  <dabates@apple.com>

            Disallow setting base URL to a data or JavaScript URL
            https://bugs.webkit.org/show_bug.cgi?id=207136

            Reviewed by Brent Fulgham.

            Inspired by <https://bugs.chromium.org/p/chromium/issues/detail?id=679318>.

            Block setting the base URL to a data URL or JavaScript URL as such usage is questionable.
            This makes WebKit match the behavior of Chrome and Firefox and is in the spirit of the
            discussion in <https://github.com/whatwg/html/issues/2249>.

            On Mac and iOS, this restriction is applied only to apps linked against a future SDK to
            avoid breaking shipped apps.

            For all other ports, this restriction is enabled by default.

            Tests: fast/url/relative2.html
                   fast/url/segments-from-data-url2.html
                   http/tests/security/allowed-base-url-data-url-via-setting.html
                   http/tests/security/denied-base-url-data-url.html
                   http/tests/security/denied-base-url-javascript-url.html

            * dom/Document.cpp:
            (WebCore::Document::processBaseElement): Condition updating the parsed
            base URL on whether is has an allowed scheme, if restrictions are enabled. Otherwise,
            do what we do now. If the scheme is disallowed then log a message to the console to
            explain this to web developers.
            * html/parser/HTMLPreloadScanner.cpp:
            (WebCore::TokenPreloadScanner::scan): Pass whether to apply restrictons to the base URL
            to updatePredictedBaseURL(). This depends on whether the setting is enabled or not.
            (WebCore::TokenPreloadScanner::updatePredictedBaseURL): Modifed to take a boolean as to
            whether to apply restrictions. If restrictions are not to be applied do what we do now.
            Otherwise, only do what we do now if the scheme for the predicated base URL is allowed.
            * html/parser/HTMLPreloadScanner.h:
            * page/SecurityPolicy.cpp:
            (WebCore::SecurityPolicy::isBaseURLSchemeAllowed): Added.
            * page/SecurityPolicy.h:
            * page/Settings.yaml: Add a setting to toggle restrictions on the base URL scheme.

2020-02-17  Alan Coon  <alancoon@apple.com>

        Cherry-pick r256584. rdar://problem/59449390

    MediaToolbox may not be available; check before calling MTOverrideShouldPlayHDRVideo()
    https://bugs.webkit.org/show_bug.cgi?id=207733
    <rdar://problem/59441647>
    
    Reviewed by Maciej Stachowiak.
    
    * platform/mac/PlatformScreenMac.mm:
    (WebCore::setShouldOverrideScreenSupportsHighDynamicRange):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256584 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-13  Jer Noble  <jer.noble@apple.com>

            MediaToolbox may not be available; check before calling MTOverrideShouldPlayHDRVideo()
            https://bugs.webkit.org/show_bug.cgi?id=207733
            <rdar://problem/59441647>

            Reviewed by Maciej Stachowiak.

            * platform/mac/PlatformScreenMac.mm:
            (WebCore::setShouldOverrideScreenSupportsHighDynamicRange):

2020-02-17  Alan Coon  <alancoon@apple.com>

        Cherry-pick r255881. rdar://problem/59447271

    Adopt MTOverrideShouldPlayHDRVideo()
    https://bugs.webkit.org/show_bug.cgi?id=207275
    <rdar://problem/58837093>
    
    Reviewed by Eric Carlson.
    
    Source/WebCore:
    
    * platform/PlatformScreen.h:
    * platform/mac/PlatformScreenMac.mm:
    (WebCore::setShouldOverrideScreenSupportsHighDynamicRange):
    
    Source/WebCore/PAL:
    
    * pal/cocoa/MediaToolboxSoftLink.cpp:
    * pal/cocoa/MediaToolboxSoftLink.h:
    
    Source/WebKit:
    
    The WebProcess sandbox can block access to the services necessary for MediaToolbox to determine whether
    the current display is capable of displaying HDR. Rather than opening up the sandbox, provide the information
    gathered by the UIProcess by way of MTOverrideShouldPlayHDRVideo().
    
    * WebProcess/WebPage/WebPage.cpp:
    (WebKit::WebPage::windowScreenDidChange):
    (WebKit::WebPage::displayID const):
    * WebProcess/WebPage/WebPage.h:
    * WebProcess/WebProcess.cpp:
    (WebKit::WebProcess::setScreenProperties): Deleted.
    * WebProcess/WebProcess.h:
    * WebProcess/cocoa/WebProcessCocoa.mm:
    (WebKit::WebProcess::setScreenProperties):
    (WebKit::WebProcess::updatePageScreenProperties):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255881 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-05  Jer Noble  <jer.noble@apple.com>

            Adopt MTOverrideShouldPlayHDRVideo()
            https://bugs.webkit.org/show_bug.cgi?id=207275
            <rdar://problem/58837093>

            Reviewed by Eric Carlson.

            * platform/PlatformScreen.h:
            * platform/mac/PlatformScreenMac.mm:
            (WebCore::setShouldOverrideScreenSupportsHighDynamicRange):

2020-02-17  Alan Coon  <alancoon@apple.com>

        Cherry-pick r256632. rdar://problem/59478906

    NetworkLoadMetrics should be shared by multiple ResourceResponse instances
    https://bugs.webkit.org/show_bug.cgi?id=207747
    
    Reviewed by Keith Miller.
    
    Source/WebCore:
    
    ResourceResponse is value data, and it is copied multiple times in various places, (1) to create a new ResourceResponse
    which has slightly different fields, or (1) to hold ResourceResponse even after loading finishes. For example, DocumentLoader
    has Vector<ResourceResponse> to replay response dispatching in the case of loading from BackForwardCache. The problem is
    that ResourceResponse is very large: 440 bytes.
    
    While we sometimes copy ResourceResponse to modify some part of it, NetworkLoadMetrics is immutable. It is set when response is created,
    and is never changed. And NetworkLoadMetrics is large: sizeof(NetworkLoadMetrics) is 184 bytes. Given that we have multiple
    copies of ResourceResponse in WebCore, we should share NetworkLoadMetrics by them.
    
    This patch puts Box<NetworkLoadMetrics> in ResourceResponse to share it with all copied ResourceResponses. We do not make NetworkLoadMetrics
    RefCounted<> for now since some legit data structures embed NetworkLoadMetrics. This patch adds ArgumentCoder for Box so that we
    can encode / decode Box<NetworkLoadMetrics> in ResourceResponse in IPC. To ensure NetworkLoadMetrics in ResourceResponse immutable,
    we add ResourceResponse::setDeprecatedNetworkLoadMetrics instead of modifying NetworkLoadMetrics already created in ResourceResponse.
    
    We also attempt to compact ResourceResponse more by using bit-fields. And removing m_isValid field in ParsedContentRange since
    this can be represented by the different field. These changes make sizeof(ResourceResponse) from 440 to 248.
    
    No behavior change.
    
    * inspector/agents/InspectorNetworkAgent.cpp:
    (WebCore::InspectorNetworkAgent::buildObjectForTiming):
    (WebCore::InspectorNetworkAgent::buildObjectForResourceResponse):
    * inspector/agents/InspectorNetworkAgent.h:
    * loader/DocumentThreadableLoader.cpp:
    (WebCore::DocumentThreadableLoader::loadRequest):
    * loader/SubresourceLoader.cpp:
    (WebCore::SubresourceLoader::didFinishLoading):
    * page/PerformanceTiming.cpp:
    (WebCore::PerformanceTiming::domainLookupStart const):
    (WebCore::PerformanceTiming::domainLookupEnd const):
    (WebCore::PerformanceTiming::connectStart const):
    (WebCore::PerformanceTiming::connectEnd const):
    (WebCore::PerformanceTiming::secureConnectionStart const):
    (WebCore::PerformanceTiming::requestStart const):
    (WebCore::PerformanceTiming::responseStart const):
    * platform/network/NetworkLoadMetrics.h:
    * platform/network/ParsedContentRange.cpp:
    (WebCore::areContentRangeValuesValid):
    (WebCore::parseContentRange):
    (WebCore::ParsedContentRange::ParsedContentRange):
    (WebCore::ParsedContentRange::headerValue const):
    * platform/network/ParsedContentRange.h:
    (WebCore::ParsedContentRange::isValid const):
    (WebCore::ParsedContentRange::invalidValue):
    (WebCore::ParsedContentRange::MarkableTraits::isEmptyValue):
    (WebCore::ParsedContentRange::MarkableTraits::emptyValue):
    (WebCore::ParsedContentRange::ParsedContentRange): Deleted.
    * platform/network/ResourceHandle.h:
    * platform/network/ResourceResponseBase.cpp:
    (WebCore::ResourceResponseBase::ResourceResponseBase):
    (WebCore::ResourceResponseBase::crossThreadData const):
    (WebCore::ResourceResponseBase::fromCrossThreadData):
    (WebCore::ResourceResponseBase::compare):
    * platform/network/ResourceResponseBase.h:
    (WebCore::ResourceResponseBase::deprecatedNetworkLoadMetricsOrNull const):
    (WebCore::ResourceResponseBase::setDeprecatedNetworkLoadMetrics):
    (WebCore::ResourceResponseBase::encode const):
    (WebCore::ResourceResponseBase::decode):
    (WebCore::ResourceResponseBase::deprecatedNetworkLoadMetrics const): Deleted.
    * platform/network/cf/ResourceResponse.h:
    (WebCore::ResourceResponse::ResourceResponse):
    * platform/network/cocoa/NetworkLoadMetrics.mm:
    (WebCore::copyTimingData):
    * platform/network/curl/CurlResourceHandleDelegate.cpp:
    (WebCore::CurlResourceHandleDelegate::curlDidReceiveResponse):
    * platform/network/curl/ResourceResponse.h:
    * platform/network/curl/ResourceResponseCurl.cpp:
    (WebCore::ResourceResponse::setDeprecatedNetworkLoadMetrics): Deleted.
    * platform/network/mac/ResourceHandleMac.mm:
    (WebCore::ResourceHandle::getConnectionTimingData):
    * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
    (-[WebCoreResourceHandleAsOperationQueueDelegate connection:didReceiveResponse:]):
    
    Source/WebKit:
    
    Add ArgumentCoder support for Box<T>.
    
    * NetworkProcess/cocoa/NetworkSessionCocoa.mm:
    (-[WKNetworkSessionDelegate URLSession:dataTask:didReceiveResponse:completionHandler:]):
    * NetworkProcess/soup/NetworkDataTaskSoup.cpp:
    (WebKit::NetworkDataTaskSoup::dispatchDidReceiveResponse):
    * Platform/IPC/ArgumentCoders.h:
    (IPC::ArgumentCoder<Box<T>>::encode):
    (IPC::ArgumentCoder<Box<T>>::decode):
    
    Tools:
    
    * TestWebKitAPI/Tests/WebCore/ParsedContentRange.cpp:
    (TestWebKitAPI::TEST):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256632 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-14  Yusuke Suzuki  <ysuzuki@apple.com>

            NetworkLoadMetrics should be shared by multiple ResourceResponse instances
            https://bugs.webkit.org/show_bug.cgi?id=207747

            Reviewed by Keith Miller.

            ResourceResponse is value data, and it is copied multiple times in various places, (1) to create a new ResourceResponse
            which has slightly different fields, or (1) to hold ResourceResponse even after loading finishes. For example, DocumentLoader
            has Vector<ResourceResponse> to replay response dispatching in the case of loading from BackForwardCache. The problem is
            that ResourceResponse is very large: 440 bytes.

            While we sometimes copy ResourceResponse to modify some part of it, NetworkLoadMetrics is immutable. It is set when response is created,
            and is never changed. And NetworkLoadMetrics is large: sizeof(NetworkLoadMetrics) is 184 bytes. Given that we have multiple
            copies of ResourceResponse in WebCore, we should share NetworkLoadMetrics by them.

            This patch puts Box<NetworkLoadMetrics> in ResourceResponse to share it with all copied ResourceResponses. We do not make NetworkLoadMetrics
            RefCounted<> for now since some legit data structures embed NetworkLoadMetrics. This patch adds ArgumentCoder for Box so that we
            can encode / decode Box<NetworkLoadMetrics> in ResourceResponse in IPC. To ensure NetworkLoadMetrics in ResourceResponse immutable,
            we add ResourceResponse::setDeprecatedNetworkLoadMetrics instead of modifying NetworkLoadMetrics already created in ResourceResponse.

            We also attempt to compact ResourceResponse more by using bit-fields. And removing m_isValid field in ParsedContentRange since
            this can be represented by the different field. These changes make sizeof(ResourceResponse) from 440 to 248.

            No behavior change.

            * inspector/agents/InspectorNetworkAgent.cpp:
            (WebCore::InspectorNetworkAgent::buildObjectForTiming):
            (WebCore::InspectorNetworkAgent::buildObjectForResourceResponse):
            * inspector/agents/InspectorNetworkAgent.h:
            * loader/DocumentThreadableLoader.cpp:
            (WebCore::DocumentThreadableLoader::loadRequest):
            * loader/SubresourceLoader.cpp:
            (WebCore::SubresourceLoader::didFinishLoading):
            * page/PerformanceTiming.cpp:
            (WebCore::PerformanceTiming::domainLookupStart const):
            (WebCore::PerformanceTiming::domainLookupEnd const):
            (WebCore::PerformanceTiming::connectStart const):
            (WebCore::PerformanceTiming::connectEnd const):
            (WebCore::PerformanceTiming::secureConnectionStart const):
            (WebCore::PerformanceTiming::requestStart const):
            (WebCore::PerformanceTiming::responseStart const):
            * platform/network/NetworkLoadMetrics.h:
            * platform/network/ParsedContentRange.cpp:
            (WebCore::areContentRangeValuesValid):
            (WebCore::parseContentRange):
            (WebCore::ParsedContentRange::ParsedContentRange):
            (WebCore::ParsedContentRange::headerValue const):
            * platform/network/ParsedContentRange.h:
            (WebCore::ParsedContentRange::isValid const):
            (WebCore::ParsedContentRange::invalidValue):
            (WebCore::ParsedContentRange::MarkableTraits::isEmptyValue):
            (WebCore::ParsedContentRange::MarkableTraits::emptyValue):
            (WebCore::ParsedContentRange::ParsedContentRange): Deleted.
            * platform/network/ResourceHandle.h:
            * platform/network/ResourceResponseBase.cpp:
            (WebCore::ResourceResponseBase::ResourceResponseBase):
            (WebCore::ResourceResponseBase::crossThreadData const):
            (WebCore::ResourceResponseBase::fromCrossThreadData):
            (WebCore::ResourceResponseBase::compare):
            * platform/network/ResourceResponseBase.h:
            (WebCore::ResourceResponseBase::deprecatedNetworkLoadMetricsOrNull const):
            (WebCore::ResourceResponseBase::setDeprecatedNetworkLoadMetrics):
            (WebCore::ResourceResponseBase::encode const):
            (WebCore::ResourceResponseBase::decode):
            (WebCore::ResourceResponseBase::deprecatedNetworkLoadMetrics const): Deleted.
            * platform/network/cf/ResourceResponse.h:
            (WebCore::ResourceResponse::ResourceResponse):
            * platform/network/cocoa/NetworkLoadMetrics.mm:
            (WebCore::copyTimingData):
            * platform/network/curl/CurlResourceHandleDelegate.cpp:
            (WebCore::CurlResourceHandleDelegate::curlDidReceiveResponse):
            * platform/network/curl/ResourceResponse.h:
            * platform/network/curl/ResourceResponseCurl.cpp:
            (WebCore::ResourceResponse::setDeprecatedNetworkLoadMetrics): Deleted.
            * platform/network/mac/ResourceHandleMac.mm:
            (WebCore::ResourceHandle::getConnectionTimingData):
            * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
            (-[WebCoreResourceHandleAsOperationQueueDelegate connection:didReceiveResponse:]):

2020-02-17  Alan Coon  <alancoon@apple.com>

        Cherry-pick r256610. rdar://problem/59478918

    [Web Animations] Make all animation event types inherit from the same base class
    https://bugs.webkit.org/show_bug.cgi?id=207629
    
    Reviewed by Simon Fraser.
    
    Currently we dispatch events CSS Transitions and CSS Animations events using a dedicated event queue on DeclarativeAnimation, while the events
    added by the Web Animations specification (of type AnimationPlaybackEvent) are dispatched using a shared queue on the DocumentTimeline that is
    processed during the "update animations and send events procedure". The Web Animations specification dictates that all events should be dispatched
    during that procedure, which includes sorting of such events based on their timeline time and associated animation relative composite order.
    
    In this patch, we prepare the work towards spec compliance for animation events dispatch by making all event types (AnimationPlaybackEvent,
    TransitionEvent and AnimationEvent) inherit from a single AnimationEventBase interface. This will allow DocumentTimeline to enqueue, sort and
    dispatch all such events with a single queue in a future patch.
    
    Due to CSSAnimationController, we must make the "timeline time" and "animation" parameters optional. When we drop support for CSSAnimationController
    we'll be able to enforce stronger requirements for these.
    
    No new test since this should not introduce any behavior change.
    
    * Sources.txt:
    * WebCore.xcodeproj/project.pbxproj:
    * animation/AnimationEventBase.cpp: Added.
    (WebCore::AnimationEventBase::AnimationEventBase):
    * animation/AnimationEventBase.h: Added.
    (WebCore::AnimationEventBase::create):
    (WebCore::AnimationEventBase::isAnimationPlaybackEvent const):
    (WebCore::AnimationEventBase::isAnimationEvent const):
    (WebCore::AnimationEventBase::isTransitionEvent const):
    (WebCore::AnimationEventBase::timelineTime const):
    (WebCore::AnimationEventBase::animation const):
    * animation/AnimationPlaybackEvent.cpp:
    (WebCore::AnimationPlaybackEvent::AnimationPlaybackEvent):
    (WebCore::AnimationPlaybackEvent::bindingsTimelineTime const):
    * animation/AnimationPlaybackEvent.h:
    * animation/CSSAnimation.cpp:
    (WebCore::CSSAnimation::createEvent):
    * animation/CSSAnimation.h:
    * animation/CSSTransition.cpp:
    (WebCore::CSSTransition::createEvent):
    * animation/CSSTransition.h:
    * animation/DeclarativeAnimation.cpp:
    (WebCore::DeclarativeAnimation::enqueueDOMEvent):
    * animation/DeclarativeAnimation.h:
    * animation/WebAnimation.cpp:
    (WebCore::WebAnimation::enqueueAnimationPlaybackEvent):
    * dom/AnimationEvent.cpp:
    (WebCore::AnimationEvent::AnimationEvent):
    * dom/AnimationEvent.h:
    * dom/TransitionEvent.cpp:
    (WebCore::TransitionEvent::TransitionEvent):
    * dom/TransitionEvent.h:
    * page/animation/CSSAnimationController.cpp:
    (WebCore::CSSAnimationControllerPrivate::fireEventsAndUpdateStyle):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256610 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-14  Antoine Quint  <graouts@webkit.org>

            [Web Animations] Make all animation event types inherit from the same base class
            https://bugs.webkit.org/show_bug.cgi?id=207629

            Reviewed by Simon Fraser.

            Currently we dispatch events CSS Transitions and CSS Animations events using a dedicated event queue on DeclarativeAnimation, while the events
            added by the Web Animations specification (of type AnimationPlaybackEvent) are dispatched using a shared queue on the DocumentTimeline that is
            processed during the "update animations and send events procedure". The Web Animations specification dictates that all events should be dispatched
            during that procedure, which includes sorting of such events based on their timeline time and associated animation relative composite order.

            In this patch, we prepare the work towards spec compliance for animation events dispatch by making all event types (AnimationPlaybackEvent,
            TransitionEvent and AnimationEvent) inherit from a single AnimationEventBase interface. This will allow DocumentTimeline to enqueue, sort and
            dispatch all such events with a single queue in a future patch.

            Due to CSSAnimationController, we must make the "timeline time" and "animation" parameters optional. When we drop support for CSSAnimationController
            we'll be able to enforce stronger requirements for these.

            No new test since this should not introduce any behavior change.

            * Sources.txt:
            * WebCore.xcodeproj/project.pbxproj:
            * animation/AnimationEventBase.cpp: Added.
            (WebCore::AnimationEventBase::AnimationEventBase):
            * animation/AnimationEventBase.h: Added.
            (WebCore::AnimationEventBase::create):
            (WebCore::AnimationEventBase::isAnimationPlaybackEvent const):
            (WebCore::AnimationEventBase::isAnimationEvent const):
            (WebCore::AnimationEventBase::isTransitionEvent const):
            (WebCore::AnimationEventBase::timelineTime const):
            (WebCore::AnimationEventBase::animation const):
            * animation/AnimationPlaybackEvent.cpp:
            (WebCore::AnimationPlaybackEvent::AnimationPlaybackEvent):
            (WebCore::AnimationPlaybackEvent::bindingsTimelineTime const):
            * animation/AnimationPlaybackEvent.h:
            * animation/CSSAnimation.cpp:
            (WebCore::CSSAnimation::createEvent):
            * animation/CSSAnimation.h:
            * animation/CSSTransition.cpp:
            (WebCore::CSSTransition::createEvent):
            * animation/CSSTransition.h:
            * animation/DeclarativeAnimation.cpp:
            (WebCore::DeclarativeAnimation::enqueueDOMEvent):
            * animation/DeclarativeAnimation.h:
            * animation/WebAnimation.cpp:
            (WebCore::WebAnimation::enqueueAnimationPlaybackEvent):
            * dom/AnimationEvent.cpp:
            (WebCore::AnimationEvent::AnimationEvent):
            * dom/AnimationEvent.h:
            * dom/TransitionEvent.cpp:
            (WebCore::TransitionEvent::TransitionEvent):
            * dom/TransitionEvent.h:
            * page/animation/CSSAnimationController.cpp:
            (WebCore::CSSAnimationControllerPrivate::fireEventsAndUpdateStyle):

2020-02-17  Alan Coon  <alancoon@apple.com>

        Cherry-pick r256513. rdar://problem/59446986

    REGRESSION (r255037): Zooming in and out on Quip in macOS Safari can cause the content to be offset to the side
    https://bugs.webkit.org/show_bug.cgi?id=207674
    rdar://problem/59404866
    
    Reviewed by Antti Koivisto.
    
    Source/WebCore:
    
    Remove the early return in ScrollingStateScrollingNode::setRequestedScrollData(); comparing
    with the last m_requestedScrollData is wrong, because requested scroll positions are not "state"
    in the scrolling tree, they are requests to scroll. Ideally, they would be represented in some
    different way in the scrolling tree.
    
    Test: fast/scrolling/programmatic-scroll-to-zero-zero.html
    
    * page/scrolling/ScrollingStateScrollingNode.cpp:
    (WebCore::ScrollingStateScrollingNode::setRequestedScrollData):
    
    LayoutTests:
    
    Test that does a programmatic scroll to 0,0, does a user scroll, then a second programmatic scroll to 0,0,
    which is expected to work.
    
    * fast/scrolling/programmatic-scroll-to-zero-zero-expected.html: Added.
    * fast/scrolling/programmatic-scroll-to-zero-zero.html: Added.
    * platform/ios/TestExpectations: Skip the new test on iOS (it relies on eventSender) and sort the grouping.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256513 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-13  Simon Fraser  <simon.fraser@apple.com>

            REGRESSION (r255037): Zooming in and out on Quip in macOS Safari can cause the content to be offset to the side
            https://bugs.webkit.org/show_bug.cgi?id=207674
            rdar://problem/59404866

            Reviewed by Antti Koivisto.

            Remove the early return in ScrollingStateScrollingNode::setRequestedScrollData(); comparing
            with the last m_requestedScrollData is wrong, because requested scroll positions are not "state"
            in the scrolling tree, they are requests to scroll. Ideally, they would be represented in some
            different way in the scrolling tree.

            Test: fast/scrolling/programmatic-scroll-to-zero-zero.html

            * page/scrolling/ScrollingStateScrollingNode.cpp:
            (WebCore::ScrollingStateScrollingNode::setRequestedScrollData):

2020-02-17  Alan Coon  <alancoon@apple.com>

        Cherry-pick r256400. rdar://problem/59446986

    Unreviewed, partial rollout of r255037.
    <rdar://problem/59240559>
    
    * page/scrolling/cocoa/ScrollingTreeFixedNode.mm:
    (WebCore::ScrollingTreeFixedNode::applyLayerPositions):
    * page/scrolling/cocoa/ScrollingTreeStickyNode.mm:
    (WebCore::ScrollingTreeStickyNode::computeLayerPosition const):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256400 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-11  Ryan Haddad  <ryanhaddad@apple.com>

            Unreviewed, partial rollout of r255037.
            <rdar://problem/59240559>

            * page/scrolling/cocoa/ScrollingTreeFixedNode.mm:
            (WebCore::ScrollingTreeFixedNode::applyLayerPositions):
            * page/scrolling/cocoa/ScrollingTreeStickyNode.mm:
            (WebCore::ScrollingTreeStickyNode::computeLayerPosition const):

2020-02-17  Alan Coon  <alancoon@apple.com>

        Cherry-pick r255037. rdar://problem/59446986

    Fixed elements no longer stay fixed with elastic overscroll
    https://bugs.webkit.org/show_bug.cgi?id=206227
    rdar://problem/58707084
    
    Reviewed by Antti Koivisto.
    Source/WebCore:
    
    Intended behavior on iOS and macOS is for position:fixed and sticky elements to maintain
    their position relative to the view bounds when rubber-banding ("overscrolling"). This broke
    some time back. This change restores the correct behavior with the call to layoutViewportRespectingRubberBanding()
    in ScrollingTreeFixedNode::applyLayerPositions() and ScrollingTreeStickyNode::computeLayerPosition().
    layoutViewportRespectingRubberBanding() computes a layout viewport without clamping.
    
    The rest of the changes are to support testing. internals.unconstrainedScrollTo()
    didn't work for main frame scrolling because of scroll position clamping in various places,
    so propagate ScrollClamping in more places (and replace the redundant ScrollPositionClamp with ScrollClamping).
    
    "requested scroll position" updates now carry along both clamping and "is programmatic" data, wrapped in a struct
    which is passed around the scrolling tree. This allows us to not clamp the scroll position (for testing) in more places.
    
    Internals::unconstrainedScrollTo() needs one weird hack to trigger a layout (and thus a scrolling tree commit),
    because the layout is normally triggered by a layout viewport change, but when rubber-banding we clamp the layoutViewport
    used for layout, so those layouts are never triggered.
    
    Tests: tiled-drawing/scrolling/fixed/fixed-during-rubberband.html
           tiled-drawing/scrolling/sticky/sticky-during-rubberband.html
    
    * Sources.txt:
    * WebCore.xcodeproj/project.pbxproj:
    * dom/Element.cpp:
    (WebCore::Element::scrollTo):
    * page/DOMWindow.cpp:
    (WebCore::DOMWindow::scrollTo const):
    * page/FrameView.cpp:
    (WebCore::FrameView::setScrollPosition):
    (WebCore::FrameView::requestScrollPositionUpdate):
    * page/FrameView.h:
    * page/scrolling/AsyncScrollingCoordinator.cpp:
    (WebCore::AsyncScrollingCoordinator::requestScrollPositionUpdate):
    * page/scrolling/AsyncScrollingCoordinator.h:
    * page/scrolling/ScrollingCoordinator.cpp:
    * page/scrolling/ScrollingCoordinator.h:
    (WebCore::ScrollingCoordinator::requestScrollPositionUpdate):
    * page/scrolling/ScrollingStateScrollingNode.cpp:
    (WebCore::ScrollingStateScrollingNode::ScrollingStateScrollingNode):
    (WebCore::ScrollingStateScrollingNode::setRequestedScrollData):
    (WebCore::ScrollingStateScrollingNode::dumpProperties const):
    (WebCore::ScrollingStateScrollingNode::setRequestedScrollPosition): Deleted.
    * page/scrolling/ScrollingStateScrollingNode.h:
    (WebCore::RequestedScrollData::operator== const):
    (WebCore::ScrollingStateScrollingNode::requestedScrollData const):
    (WebCore::ScrollingStateScrollingNode::requestedScrollPosition const): Deleted.
    (WebCore::ScrollingStateScrollingNode::requestedScrollPositionRepresentsProgrammaticScroll const): Deleted.
    * page/scrolling/ScrollingTree.h:
    (WebCore::ScrollingTree::scrollingTreeNodeRequestsScroll):
    * page/scrolling/ScrollingTreeFrameScrollingNode.cpp:
    (WebCore::ScrollingTreeFrameScrollingNode::layoutViewportForScrollPosition const):
    (WebCore::ScrollingTreeFrameScrollingNode::layoutViewportRespectingRubberBanding const):
    * page/scrolling/ScrollingTreeFrameScrollingNode.h:
    * page/scrolling/ScrollingTreeScrollingNode.cpp:
    (WebCore::ScrollingTreeScrollingNode::commitStateAfterChildren):
    (WebCore::ScrollingTreeScrollingNode::adjustedScrollPosition const):
    (WebCore::ScrollingTreeScrollingNode::scrollBy):
    (WebCore::ScrollingTreeScrollingNode::scrollTo):
    (WebCore::ScrollingTreeScrollingNode::wasScrolledByDelegatedScrolling):
    * page/scrolling/ScrollingTreeScrollingNode.h:
    * page/scrolling/cocoa/ScrollingTreeFixedNode.mm:
    (WebCore::ScrollingTreeFixedNode::applyLayerPositions):
    * page/scrolling/cocoa/ScrollingTreeStickyNode.mm:
    (WebCore::ScrollingTreeStickyNode::computeLayerPosition const):
    * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h:
    * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
    (WebCore::ScrollingTreeFrameScrollingNodeMac::commitStateAfterChildren):
    (WebCore::ScrollingTreeFrameScrollingNodeMac::adjustedScrollPosition const):
    * page/scrolling/mac/ScrollingTreeOverflowScrollingNodeMac.h:
    * page/scrolling/mac/ScrollingTreeOverflowScrollingNodeMac.mm:
    (WebCore::ScrollingTreeOverflowScrollingNodeMac::commitStateAfterChildren):
    (WebCore::ScrollingTreeOverflowScrollingNodeMac::adjustedScrollPosition const):
    * page/scrolling/mac/ScrollingTreeScrollingNodeDelegateMac.mm:
    (WebCore::ScrollingTreeScrollingNodeDelegateMac::immediateScrollByWithoutContentEdgeConstraints):
    * platform/ScrollTypes.cpp: Added.
    (WebCore::operator<<):
    * platform/ScrollTypes.h:
    * platform/ScrollView.cpp:
    (WebCore::ScrollView::setContentsScrollPosition):
    (WebCore::ScrollView::setScrollPosition):
    * platform/ScrollView.h:
    * platform/ScrollableArea.cpp:
    (WebCore::ScrollableArea::setScrollOffsetFromAnimation):
    * platform/ScrollableArea.h:
    (WebCore::ScrollableArea::requestScrollPositionUpdate):
    * rendering/RenderLayer.cpp:
    (WebCore::RenderLayer::scrollToOffset):
    * testing/Internals.cpp:
    (WebCore::Internals::unconstrainedScrollTo):
    
    Source/WebKit:
    
    Intended behavior on iOS and macOS is for position:fixed and sticky elements to maintain
    their position relative to the view bounds when rubber-banding ("overscrolling"). This broke
    some time back. This change restores the correct behavior with the call to layoutViewportRespectingRubberBanding()
    in ScrollingTreeFixedNode::applyLayerPositions() and ScrollingTreeStickyNode::computeLayerPosition().
    layoutViewportRespectingRubberBanding() computes a layout viewport without clamping.
    
    The rest of the changes are to support testing. internals.unconstrainedScrollTo()
    didn't work for main frame scrolling because of scroll position clamping in various places,
    so propagate ScrollClamping in more places (and replace the redundant ScrollPositionClamp with ScrollClamping).
    
    "requested scroll position" updates now carry along both clamping and "is programmatic" data, wrapped in a struct
    which is passed around the scrolling tree. This allows us to not clamp the scroll position (for testing) in more places.
    
    * Shared/RemoteLayerTree/RemoteScrollingCoordinatorTransaction.cpp:
    (ArgumentCoder<ScrollingStateScrollingNode>::encode):
    (ArgumentCoder<ScrollingStateScrollingNode>::decode):
    (ArgumentCoder<RequestedScrollData>::encode):
    (ArgumentCoder<RequestedScrollData>::decode):
    (WebKit::dump):
    * UIProcess/RemoteLayerTree/RemoteScrollingCoordinatorProxy.cpp:
    (WebKit::RemoteScrollingCoordinatorProxy::scrollingTreeNodeRequestsScroll):
    * UIProcess/RemoteLayerTree/RemoteScrollingCoordinatorProxy.h:
    * UIProcess/RemoteLayerTree/RemoteScrollingTree.cpp:
    (WebKit::RemoteScrollingTree::scrollingTreeNodeRequestsScroll):
    * UIProcess/RemoteLayerTree/RemoteScrollingTree.h:
    * UIProcess/RemoteLayerTree/ios/ScrollingTreeFrameScrollingNodeRemoteIOS.mm:
    (WebKit::ScrollingTreeFrameScrollingNodeRemoteIOS::commitStateAfterChildren):
    * UIProcess/RemoteLayerTree/ios/ScrollingTreeScrollingNodeDelegateIOS.mm:
    (WebKit::ScrollingTreeScrollingNodeDelegateIOS::commitStateAfterChildren):
    
    LayoutTests:
    
    * tiled-drawing/scrolling/fixed/fixed-during-rubberband-expected.html: Added.
    * tiled-drawing/scrolling/fixed/fixed-during-rubberband.html: Added.
    * tiled-drawing/scrolling/sticky/sticky-during-rubberband-expected.html: Added.
    * tiled-drawing/scrolling/sticky/sticky-during-rubberband.html: Added.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255037 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-17  Alan Coon  <alancoon@apple.com>

            Cherry-pick r256191. rdar://problem/59447003

        Disallow setting base URL to a data or JavaScript URL
        https://bugs.webkit.org/show_bug.cgi?id=207136

        Source/WebCore:

        Reviewed by Brent Fulgham.

        Inspired by <https://bugs.chromium.org/p/chromium/issues/detail?id=679318>.

        Block setting the base URL to a data URL or JavaScript URL as such usage is questionable.
        This makes WebKit match the behavior of Chrome and Firefox and is in the spirit of the
        discussion in <https://github.com/whatwg/html/issues/2249>.

        On Mac and iOS, this restriction is applied only to apps linked against a future SDK to
        avoid breaking shipped apps.

        For all other ports, this restriction is enabled by default.

        Tests: fast/url/relative2.html
               fast/url/segments-from-data-url2.html
               http/tests/security/allowed-base-url-data-url-via-setting.html
               http/tests/security/denied-base-url-data-url.html
               http/tests/security/denied-base-url-javascript-url.html

        * dom/Document.cpp:
        (WebCore::Document::processBaseElement): Condition updating the parsed
        base URL on whether is has an allowed scheme, if restrictions are enabled. Otherwise,
        do what we do now. If the scheme is disallowed then log a message to the console to
        explain this to web developers.
        * html/parser/HTMLPreloadScanner.cpp:
        (WebCore::TokenPreloadScanner::scan): Pass whether to apply restrictons to the base URL
        to updatePredictedBaseURL(). This depends on whether the setting is enabled or not.
        (WebCore::TokenPreloadScanner::updatePredictedBaseURL): Modifed to take a boolean as to
        whether to apply restrictions. If restrictions are not to be applied do what we do now.
        Otherwise, only do what we do now if the scheme for the predicated base URL is allowed.
        * html/parser/HTMLPreloadScanner.h:
        * page/SecurityPolicy.cpp:
        (WebCore::SecurityPolicy::isBaseURLSchemeAllowed): Added.
        * page/SecurityPolicy.h:
        * page/Settings.yaml: Add a setting to toggle restrictions on the base URL scheme.

        Source/WebKit:

        Reviewed by Brent Fulgham.

        Apply base URL restrictions to apps linked to a future WebKit to avoid breaking existing apps.

        * Shared/WebPreferences.yaml:
        * UIProcess/API/Cocoa/WKWebView.mm:
        (shouldRestrictBaseURLSchemes): Added.
        (-[WKWebView _setupPageConfiguration:]): Update settings.
        * UIProcess/Cocoa/VersionChecks.h:

        Source/WebKitLegacy/mac:

        Reviewed by Brent Fulgham.

        Apply base URL restrictions to apps linked to a future WebKit to avoid breaking existing apps.

        * Misc/WebKitVersionChecks.h:
        * WebView/WebView.mm:
        (shouldRestrictBaseURLSchemes): Added.
        (-[WebView _commonInitializationWithFrameName:groupName:]): Update settings.

        Source/WTF:

        Reviewed by Brent Fulgham.

        Add some more macro definitions.

        * wtf/spi/darwin/dyldSPI.h:

        LayoutTests:

        RReviewed by Brent Fulgham.

        Add some tests. Update others to toggle the setting to apply or unapply the new behavior.

        The test denied-base-url-javascript-url.html is derived from the test base-url-javascript.html,
        included in <https://chromium.googlesource.com/chromium/src.git/+/c133efa0b915430701930b76a7cfe35608b9a403>.

        * fast/url/relative-expected.txt:
        * fast/url/relative.html:
        * fast/url/relative2-expected.txt: Copied from LayoutTests/fast/url/relative-expected.txt.
        * fast/url/relative2.html: Copied from LayoutTests/fast/url/relative.html.
        * fast/url/resources/utilities.js:
        (setShouldEllipsizeFileURLPaths): Added. Toggles ellipsizing the path portion of a file URL to simplify matching.
        Otherwise, file URLs could be machine-specific.
        (canonicalizedPathname): Added.
        (segments): Modified to optionally call canonicalizedPathname.
        (canonicalize): Ditto.
        * fast/url/segments-from-data-url-expected.txt:
        * fast/url/segments-from-data-url.html:
        * fast/url/segments-from-data-url2-expected.txt: Copied from LayoutTests/fast/url/segments-from-data-url-expected.txt.
        * fast/url/segments-from-data-url2.html: Copied from LayoutTests/fast/url/segments-from-data-url.html.
        * fetch/fetch-url-serialization-expected.txt:
        * http/tests/plugins/navigation-during-load-embed.html:
        * http/tests/plugins/navigation-during-load.html:
        * http/tests/security/allowed-base-url-data-url-via-setting-expected.txt: Added.
        * http/tests/security/allowed-base-url-data-url-via-setting.html: Added.
        * http/tests/security/denied-base-url-data-url-expected.txt: Added.
        * http/tests/security/denied-base-url-data-url.html: Added.
        * http/tests/security/denied-base-url-javascript-url-expected.txt: Added.
        * http/tests/security/denied-base-url-javascript-url.html: Added.

        git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256191 268f45cc-cd09-0410-ab3c-d52691b4dbfc

        2020-02-10  Daniel Bates  <dabates@apple.com>

                Disallow setting base URL to a data or JavaScript URL
                https://bugs.webkit.org/show_bug.cgi?id=207136

                Reviewed by Brent Fulgham.

                Inspired by <https://bugs.chromium.org/p/chromium/issues/detail?id=679318>.

                Block setting the base URL to a data URL or JavaScript URL as such usage is questionable.
                This makes WebKit match the behavior of Chrome and Firefox and is in the spirit of the
                discussion in <https://github.com/whatwg/html/issues/2249>.

                On Mac and iOS, this restriction is applied only to apps linked against a future SDK to
                avoid breaking shipped apps.

                For all other ports, this restriction is enabled by default.

                Tests: fast/url/relative2.html
                       fast/url/segments-from-data-url2.html
                       http/tests/security/allowed-base-url-data-url-via-setting.html
                       http/tests/security/denied-base-url-data-url.html
                       http/tests/security/denied-base-url-javascript-url.html

                * dom/Document.cpp:
                (WebCore::Document::processBaseElement): Condition updating the parsed
                base URL on whether is has an allowed scheme, if restrictions are enabled. Otherwise,
                do what we do now. If the scheme is disallowed then log a message to the console to
                explain this to web developers.
                * html/parser/HTMLPreloadScanner.cpp:
                (WebCore::TokenPreloadScanner::scan): Pass whether to apply restrictons to the base URL
                to updatePredictedBaseURL(). This depends on whether the setting is enabled or not.
                (WebCore::TokenPreloadScanner::updatePredictedBaseURL): Modifed to take a boolean as to
                whether to apply restrictions. If restrictions are not to be applied do what we do now.
                Otherwise, only do what we do now if the scheme for the predicated base URL is allowed.
                * html/parser/HTMLPreloadScanner.h:
                * page/SecurityPolicy.cpp:
                (WebCore::SecurityPolicy::isBaseURLSchemeAllowed): Added.
                * page/SecurityPolicy.h:
                * page/Settings.yaml: Add a setting to toggle restrictions on the base URL scheme.

2020-02-17  Alan Coon  <alancoon@apple.com>

        Revert r256693. rdar://problem/59478981

2020-02-17  Alex Christensen  <achristensen@webkit.org>

        Fix build after r256689

        * css/StyleProperties.h:
        Add missing include that wasn't on the branch.

2020-02-14  Russell Epstein  <repstein@apple.com>

        Cherry-pick r256636. rdar://problem/59478734

    [Web Animations] Missing call to DocumentTimeline::resumeAnimations() in Frame::resumeActiveDOMObjectsAndAnimations()
    https://bugs.webkit.org/show_bug.cgi?id=207784
    <rdar://problem/59251858>
    
    Patch by Antoine Quint <graouts@webkit.org> on 2020-02-14
    Reviewed by Dean Jackson.
    
    After auditing the code, there was one call to CSSAnimationController::resumeAnimationsForDocument() that missed a matching DocumentTimeline::resumeAnimations()
    call should the Web Animations flag be on.
    
    * page/Frame.cpp:
    (WebCore::Frame::resumeActiveDOMObjectsAndAnimations):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256636 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-14  Antoine Quint  <graouts@webkit.org>

            [Web Animations] Missing call to DocumentTimeline::resumeAnimations() in Frame::resumeActiveDOMObjectsAndAnimations()
            https://bugs.webkit.org/show_bug.cgi?id=207784
            <rdar://problem/59251858>

            Reviewed by Dean Jackson.

            After auditing the code, there was one call to CSSAnimationController::resumeAnimationsForDocument() that missed a matching DocumentTimeline::resumeAnimations()
            call should the Web Animations flag be on.

            * page/Frame.cpp:
            (WebCore::Frame::resumeActiveDOMObjectsAndAnimations):

2020-02-14  Russell Epstein  <repstein@apple.com>

        Cherry-pick r256623. rdar://problem/59478938

    Ensure animations that lose their effect don't schedule an animation update
    https://bugs.webkit.org/show_bug.cgi?id=207713
    rdar://59174840
    
    Patch by Sunny He <sunny_he@apple.com> on 2020-02-14
    Reviewed by Antoine Quint.
    
    Source/WebCore:
    An active animation for which the effect is removed may be considered for
    an upcoming animation resolution. However, WebAnimation::timeToNextTick()
    expects a valid effect to be available to be able to determine timing.
    We now check an animation is relevant before calling timeToNextTick() and
    add an ASSERT() in that function to catch cases where an animation effect
    might not be available.
    
    Source/WebCore:
    
    Test: webanimations/animation-null-effect.html
    
    * animation/DocumentTimeline.cpp:
    (WebCore::DocumentTimeline::scheduleNextTick):
    * animation/WebAnimation.cpp:
    (WebCore::WebAnimation::timeToNextTick const):
    
    LayoutTests:
    
    * webanimations/animation-null-effect-expected.txt: Added.
    * webanimations/animation-null-effect.html: Added.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256623 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-14  Sunny He  <sunny_he@apple.com>

            Ensure animations that lose their effect don't schedule an animation update
            https://bugs.webkit.org/show_bug.cgi?id=207713
            rdar://59174840

            Reviewed by Antoine Quint.

            Source/WebCore:
            An active animation for which the effect is removed may be considered for
            an upcoming animation resolution. However, WebAnimation::timeToNextTick()
            expects a valid effect to be available to be able to determine timing.
            We now check an animation is relevant before calling timeToNextTick() and
            add an ASSERT() in that function to catch cases where an animation effect
            might not be available.

            Test: webanimations/animation-null-effect.html

            * animation/DocumentTimeline.cpp:
            (WebCore::DocumentTimeline::scheduleNextTick):
            * animation/WebAnimation.cpp:
            (WebCore::WebAnimation::timeToNextTick const):

2020-02-14  Russell Epstein  <repstein@apple.com>

        Cherry-pick r256580. rdar://problem/59478981

    Dark Mode: In Notes, list item becomes invisible in dark mode after outdenting
    https://bugs.webkit.org/show_bug.cgi?id=207676
    
    Reviewed by Wenson Hsieh and Timothy Hatcher.
    
    Source/WebCore:
    
    The bug was caused by EditingStyle::inverseTransformColorIfNeeded converting -apple-system-label to
    transparent color in ReplaceSelectionCommand when InsertListCommand invokes moveParagraphs.
    
    This patch fixes the bug in EditingStyle::inverseTransformColorIfNeeded by treating any semantic color
    name or semantic RGB color value as if the color was not specified.
    
    It also fixes the bug that removeStyleFromRulesAndContext was incapable of removing superflous semantic
    color names that appear in the inline since the context's computed style only contain RGB values by
    replacing the inline style's color values with that of the computed style. This fix is necessary to
    eliminate -apple-system-label in the pasted content, which can cause issues when such a content is
    sync'ed to other devices via iCloud, etc...
    
    Tests: PasteHTML.TransformColorsOfDarkContentButNotSemanticColor
           PasteHTML.DoesNotTransformColorsOfLightContentDuringOutdent
    
    * editing/EditingStyle.cpp:
    (WebCore::EditingStyle::removeStyleFromRulesAndContext):
    (WebCore::EditingStyle::inverseTransformColorIfNeeded):
    
    Tools:
    
    Added regression tests for pasting content with -apple-system-label and outdenting content.
    
    * TestWebKitAPI/Tests/WebKitCocoa/PasteHTML.mm:
    (PasteHTML.TransformColorsOfDarkContentButNotSemanticColor):
    (PasteHTML.DoesNotTransformColorsOfLightContentDuringOutdent):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256580 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-13  Ryosuke Niwa  <rniwa@webkit.org>

            Dark Mode: In Notes, list item becomes invisible in dark mode after outdenting
            https://bugs.webkit.org/show_bug.cgi?id=207676

            Reviewed by Wenson Hsieh and Timothy Hatcher.

            The bug was caused by EditingStyle::inverseTransformColorIfNeeded converting -apple-system-label to
            transparent color in ReplaceSelectionCommand when InsertListCommand invokes moveParagraphs.

            This patch fixes the bug in EditingStyle::inverseTransformColorIfNeeded by treating any semantic color
            name or semantic RGB color value as if the color was not specified.

            It also fixes the bug that removeStyleFromRulesAndContext was incapable of removing superflous semantic
            color names that appear in the inline since the context's computed style only contain RGB values by
            replacing the inline style's color values with that of the computed style. This fix is necessary to
            eliminate -apple-system-label in the pasted content, which can cause issues when such a content is
            sync'ed to other devices via iCloud, etc...

            Tests: PasteHTML.TransformColorsOfDarkContentButNotSemanticColor
                   PasteHTML.DoesNotTransformColorsOfLightContentDuringOutdent

            * editing/EditingStyle.cpp:
            (WebCore::EditingStyle::removeStyleFromRulesAndContext):
            (WebCore::EditingStyle::inverseTransformColorIfNeeded):

2020-02-14  Russell Epstein  <repstein@apple.com>

        Cherry-pick r256482. rdar://problem/59478881

    Shrink CachedResource
    https://bugs.webkit.org/show_bug.cgi?id=207618
    
    Reviewed by Mark Lam.
    
    Source/WebCore:
    
    This patch shrinks sizeof(CachedResource) by 80 bytes by aggressively using bit-fields and Markable<>.
    For each enum class, we define `bitsOfXXX` value, which indicates # of bits to represent it. And using
    this value for bit-field's width.
    
    No behavior change.
    
    * loader/FetchOptions.h:
    (WebCore::FetchOptions::encode const):
    * loader/ResourceLoaderOptions.h:
    (WebCore::ResourceLoaderOptions::ResourceLoaderOptions):
    (WebCore::ResourceLoaderOptions::loadedFromOpaqueSource):
    * loader/cache/CachedImage.cpp:
    (WebCore::CachedImage::CachedImage):
    (WebCore::CachedImage::shouldDeferUpdateImageData const):
    (WebCore::CachedImage::didUpdateImageData):
    * loader/cache/CachedImage.h:
    * loader/cache/CachedResource.cpp:
    (WebCore::CachedResource::CachedResource):
    (WebCore::CachedResource::load):
    (WebCore::CachedResource::finish):
    * loader/cache/CachedResource.h:
    (WebCore::CachedResource::setStatus):
    * page/csp/ContentSecurityPolicyResponseHeaders.h:
    (WebCore::ContentSecurityPolicyResponseHeaders::MarkableTraits::isEmptyValue):
    (WebCore::ContentSecurityPolicyResponseHeaders::MarkableTraits::emptyValue):
    (WebCore::ContentSecurityPolicyResponseHeaders::ContentSecurityPolicyResponseHeaders):
    * platform/network/NetworkLoadMetrics.h:
    (WebCore::NetworkLoadMetrics::isolatedCopy const):
    (WebCore::NetworkLoadMetrics::clearNonTimingData):
    (WebCore::NetworkLoadMetrics::operator== const):
    (WebCore::NetworkLoadMetrics::encode const):
    (WebCore::NetworkLoadMetrics::decode):
    * platform/network/ResourceLoadPriority.h:
    * platform/network/ResourceRequestBase.h:
    (WebCore::ResourceRequestBase::ResourceRequestBase):
    * platform/network/ResourceResponseBase.h:
    * platform/network/StoredCredentialsPolicy.h:
    
    Source/WTF:
    
    * wtf/Markable.h:
    (WTF::Markable::asOptional const): Add helper method to get Optional easily from Markable.
    * wtf/ObjectIdentifier.h:
    (WTF::ObjectIdentifier::MarkableTraits::isEmptyValue):
    (WTF::ObjectIdentifier::MarkableTraits::emptyValue):
    (WTF::ObjectIdentifier::ObjectIdentifier): Add MarkableTraits for ObjectIdentifier.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256482 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-12  Yusuke Suzuki  <ysuzuki@apple.com>

            Shrink CachedResource
            https://bugs.webkit.org/show_bug.cgi?id=207618

            Reviewed by Mark Lam.

            This patch shrinks sizeof(CachedResource) by 80 bytes by aggressively using bit-fields and Markable<>.
            For each enum class, we define `bitsOfXXX` value, which indicates # of bits to represent it. And using
            this value for bit-field's width.

            No behavior change.

            * loader/FetchOptions.h:
            (WebCore::FetchOptions::encode const):
            * loader/ResourceLoaderOptions.h:
            (WebCore::ResourceLoaderOptions::ResourceLoaderOptions):
            (WebCore::ResourceLoaderOptions::loadedFromOpaqueSource):
            * loader/cache/CachedImage.cpp:
            (WebCore::CachedImage::CachedImage):
            (WebCore::CachedImage::shouldDeferUpdateImageData const):
            (WebCore::CachedImage::didUpdateImageData):
            * loader/cache/CachedImage.h:
            * loader/cache/CachedResource.cpp:
            (WebCore::CachedResource::CachedResource):
            (WebCore::CachedResource::load):
            (WebCore::CachedResource::finish):
            * loader/cache/CachedResource.h:
            (WebCore::CachedResource::setStatus):
            * page/csp/ContentSecurityPolicyResponseHeaders.h:
            (WebCore::ContentSecurityPolicyResponseHeaders::MarkableTraits::isEmptyValue):
            (WebCore::ContentSecurityPolicyResponseHeaders::MarkableTraits::emptyValue):
            (WebCore::ContentSecurityPolicyResponseHeaders::ContentSecurityPolicyResponseHeaders):
            * platform/network/NetworkLoadMetrics.h:
            (WebCore::NetworkLoadMetrics::isolatedCopy const):
            (WebCore::NetworkLoadMetrics::clearNonTimingData):
            (WebCore::NetworkLoadMetrics::operator== const):
            (WebCore::NetworkLoadMetrics::encode const):
            (WebCore::NetworkLoadMetrics::decode):
            * platform/network/ResourceLoadPriority.h:
            * platform/network/ResourceRequestBase.h:
            (WebCore::ResourceRequestBase::ResourceRequestBase):
            * platform/network/ResourceResponseBase.h:
            * platform/network/StoredCredentialsPolicy.h:

2020-02-14  Russell Epstein  <repstein@apple.com>

        Cherry-pick r256423. rdar://problem/59478731

    Compress ImmutableStyleProperties by using PackedPtr
    https://bugs.webkit.org/show_bug.cgi?id=207604
    
    Reviewed by Mark Lam.
    
    ImmutableStyleProperties is kept so long and consumes enough memory.
    We already attempted to compact it by storing CSSProperty's members separately.
    But we can compact further by using PackedPtr. This patch makes,
    
        1. Use PackedPtr for CSSValue* in ImmutableStyleProperties so that we can cut some bytes
        2. Reorder CSSValue* and StylePropertyMetadata arrays since StylePropertyMetadata requires alignment while PackedPtr<CSSValue> is not.
    
    No behavior change.
    
    * css/StyleProperties.cpp:
    (WebCore::sizeForImmutableStylePropertiesWithPropertyCount):
    (WebCore::ImmutableStyleProperties::ImmutableStyleProperties):
    (WebCore::ImmutableStyleProperties::~ImmutableStyleProperties):
    (WebCore::ImmutableStyleProperties::findCustomPropertyIndex const):
    * css/StyleProperties.h:
    (WebCore::ImmutableStyleProperties::valueArray const):
    (WebCore::ImmutableStyleProperties::metadataArray const):
    (WebCore::ImmutableStyleProperties::propertyAt const):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256423 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-11  Yusuke Suzuki  <ysuzuki@apple.com>

            Compress ImmutableStyleProperties by using PackedPtr
            https://bugs.webkit.org/show_bug.cgi?id=207604

            Reviewed by Mark Lam.

            ImmutableStyleProperties is kept so long and consumes enough memory.
            We already attempted to compact it by storing CSSProperty's members separately.
            But we can compact further by using PackedPtr. This patch makes,

                1. Use PackedPtr for CSSValue* in ImmutableStyleProperties so that we can cut some bytes
                2. Reorder CSSValue* and StylePropertyMetadata arrays since StylePropertyMetadata requires alignment while PackedPtr<CSSValue> is not.

            No behavior change.

            * css/StyleProperties.cpp:
            (WebCore::sizeForImmutableStylePropertiesWithPropertyCount):
            (WebCore::ImmutableStyleProperties::ImmutableStyleProperties):
            (WebCore::ImmutableStyleProperties::~ImmutableStyleProperties):
            (WebCore::ImmutableStyleProperties::findCustomPropertyIndex const):
            * css/StyleProperties.h:
            (WebCore::ImmutableStyleProperties::valueArray const):
            (WebCore::ImmutableStyleProperties::metadataArray const):
            (WebCore::ImmutableStyleProperties::propertyAt const):

2020-02-14  Russell Epstein  <repstein@apple.com>

        Cherry-pick r254681. rdar://problem/59474790

    [Win] Fix AppleWin build
    https://bugs.webkit.org/show_bug.cgi?id=206299
    
    Reviewed by Brent Fulgham.
    
    .:
    
    This patch has been created by don.olmstead@sony.com and pvollan@apple.com. Add target files for WTF and
    JavaScriptCore. Also, to make sure headers are copied to the forwarding headers directory, add the CMake
    keywork ALL when adding custom target for copying files.
    
    * Source/cmake/TargetJavaScriptCore.cmake: Added.
    * Source/cmake/TargetWTF.cmake: Added.
    * Source/cmake/WebKitMacros.cmake:
    
    Source/JavaScriptCore:
    
    Include required target. Build internal builds with VS2019.
    
    * CMakeLists.txt:
    * JavaScriptCore.vcxproj/JavaScriptCore.proj:
    
    Source/WebCore:
    
    Include required targets. Build internal builds with VS2019.
    
    * CMakeLists.txt:
    * WebCore.vcxproj/WebCore.proj:
    
    Source/WebKitLegacy:
    
    Include required targets. Build internal builds with VS2019.
    
    * CMakeLists.txt:
    * WebKitLegacy.vcxproj/WebKitLegacy.proj:
    
    Source/WTF:
    
    Build internal builds with VS2019.
    
    * WTF.vcxproj/WTF.proj:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254681 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-16  Per Arne Vollan  <pvollan@apple.com>

            [Win] Fix AppleWin build
            https://bugs.webkit.org/show_bug.cgi?id=206299

            Reviewed by Brent Fulgham.

            Include required targets. Build internal builds with VS2019.

            * CMakeLists.txt:
            * WebCore.vcxproj/WebCore.proj:

2020-02-14  Russell Epstein  <repstein@apple.com>

        Cherry-pick r252849. rdar://problem/59446998

    Crash in WebCore::ServiceWorkerRegistrationKey::hash() const
    https://bugs.webkit.org/show_bug.cgi?id=204497
    <rdar://problem/57348603>
    
    Reviewed by Alex Christensen.
    
    Source/WebCore:
    
    Update ServiceWorkerContainer::jobResolvedWithRegistration to handle the case of a
    ServiceWorkerContainer that might have a job whose promise is not related to the same context.
    In that case, the ServiceWorkerContainer might get stopped, thus its m_ongoingSettledRegistrations be cleared.
    But the promise may get settled shortly after since its context is not stopped and will then retrieve an empty registration data key.
    This is difficult to test given we do not control when the resolvedWithRegistration task is posted to the client.
    
    * workers/service/ServiceWorkerContainer.cpp:
    (WebCore::ServiceWorkerContainer::jobResolvedWithRegistration):
    * workers/service/ServiceWorkerRegistrationKey.h:
    (WebCore::ServiceWorkerRegistrationKey::encode const):
    Add release asserts to make sure we do not store/transfer empty registration keys.
    
    Source/WebKit:
    
    * WebProcess/Storage/WebSWClientConnection.cpp:
    (WebKit::WebSWClientConnection::scheduleJobInServer):
    Add a release assert to be able to further debug the crash.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@252849 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-11-25  Youenn Fablet  <youenn@apple.com>

            Crash in WebCore::ServiceWorkerRegistrationKey::hash() const
            https://bugs.webkit.org/show_bug.cgi?id=204497
            <rdar://problem/57348603>

            Reviewed by Alex Christensen.

            Update ServiceWorkerContainer::jobResolvedWithRegistration to handle the case of a
            ServiceWorkerContainer that might have a job whose promise is not related to the same context.
            In that case, the ServiceWorkerContainer might get stopped, thus its m_ongoingSettledRegistrations be cleared.
            But the promise may get settled shortly after since its context is not stopped and will then retrieve an empty registration data key.
            This is difficult to test given we do not control when the resolvedWithRegistration task is posted to the client.

            * workers/service/ServiceWorkerContainer.cpp:
            (WebCore::ServiceWorkerContainer::jobResolvedWithRegistration):
            * workers/service/ServiceWorkerRegistrationKey.h:
            (WebCore::ServiceWorkerRegistrationKey::encode const):
            Add release asserts to make sure we do not store/transfer empty registration keys.

2020-02-14  Russell Epstein  <repstein@apple.com>

        Cherry-pick r256494. rdar://problem/59446989

    CSSValuePool's constant CSS values should not be allocated dynamically (and same for Vectors)
    https://bugs.webkit.org/show_bug.cgi?id=207666
    
    Reviewed by Mark Lam.
    
    r252785 changes contents (CSSValues and Vectors) of CSSValuePool from static ones to
    dynamically allocated ones. This was done since we would like to use static CSSValues
    even in the other threads (workers etc.) for OffscreenCanvas feature.
    
    But this causes memory regression in Membuster since we allocates many CSSValues and
    large Vectors, and they are kept persistently.
    
    This patch removes dynamic allocation part of r252785 to recover memory regression.
    The key of this patch is introducing Static CSSValue feature. When incrementing / decrementing
    m_refCount of CSSValue, we add / subtract by 0x2. And we put 0x1 as a static-flag. So, even if
    this CSSValue is used by multiple threads, we never see that CSSValue gets 0 m_refCount if
    it is marked as static (having 0x1). This is the same design to our static StringImpl.
    
    No behavior change.
    
    * css/CSSInheritedValue.h:
    * css/CSSInitialValue.h:
    * css/CSSPrimitiveValue.cpp:
    (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
    * css/CSSPrimitiveValue.h:
    * css/CSSRevertValue.h:
    * css/CSSUnsetValue.h:
    * css/CSSValue.cpp:
    * css/CSSValue.h:
    (WebCore::CSSValue::ref const):
    (WebCore::CSSValue::hasOneRef const):
    (WebCore::CSSValue::refCount const):
    (WebCore::CSSValue::hasAtLeastOneRef const):
    (WebCore::CSSValue::deref):
    (WebCore::CSSValue::makeStatic):
    * css/CSSValuePool.cpp:
    (WebCore::StaticCSSValuePool::StaticCSSValuePool):
    (WebCore::StaticCSSValuePool::init):
    (WebCore::CSSValuePool::CSSValuePool):
    (WebCore::CSSValuePool::singleton):
    (WebCore::CSSValuePool::createIdentifierValue):
    (WebCore::CSSValuePool::createColorValue):
    (WebCore::CSSValuePool::createValue):
    * css/CSSValuePool.h:
    (WebCore::CSSValuePool::createInheritedValue):
    (WebCore::CSSValuePool::createImplicitInitialValue):
    (WebCore::CSSValuePool::createExplicitInitialValue):
    (WebCore::CSSValuePool::createUnsetValue):
    (WebCore::CSSValuePool::createRevertValue):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256494 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-12  Yusuke Suzuki  <ysuzuki@apple.com>

            CSSValuePool's constant CSS values should not be allocated dynamically (and same for Vectors)
            https://bugs.webkit.org/show_bug.cgi?id=207666

            Reviewed by Mark Lam.

            r252785 changes contents (CSSValues and Vectors) of CSSValuePool from static ones to
            dynamically allocated ones. This was done since we would like to use static CSSValues
            even in the other threads (workers etc.) for OffscreenCanvas feature.

            But this causes memory regression in Membuster since we allocates many CSSValues and
            large Vectors, and they are kept persistently.

            This patch removes dynamic allocation part of r252785 to recover memory regression.
            The key of this patch is introducing Static CSSValue feature. When incrementing / decrementing
            m_refCount of CSSValue, we add / subtract by 0x2. And we put 0x1 as a static-flag. So, even if
            this CSSValue is used by multiple threads, we never see that CSSValue gets 0 m_refCount if
            it is marked as static (having 0x1). This is the same design to our static StringImpl.

            No behavior change.

            * css/CSSInheritedValue.h:
            * css/CSSInitialValue.h:
            * css/CSSPrimitiveValue.cpp:
            (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
            * css/CSSPrimitiveValue.h:
            * css/CSSRevertValue.h:
            * css/CSSUnsetValue.h:
            * css/CSSValue.cpp:
            * css/CSSValue.h:
            (WebCore::CSSValue::ref const):
            (WebCore::CSSValue::hasOneRef const):
            (WebCore::CSSValue::refCount const):
            (WebCore::CSSValue::hasAtLeastOneRef const):
            (WebCore::CSSValue::deref):
            (WebCore::CSSValue::makeStatic):
            * css/CSSValuePool.cpp:
            (WebCore::StaticCSSValuePool::StaticCSSValuePool):
            (WebCore::StaticCSSValuePool::init):
            (WebCore::CSSValuePool::CSSValuePool):
            (WebCore::CSSValuePool::singleton):
            (WebCore::CSSValuePool::createIdentifierValue):
            (WebCore::CSSValuePool::createColorValue):
            (WebCore::CSSValuePool::createValue):
            * css/CSSValuePool.h:
            (WebCore::CSSValuePool::createInheritedValue):
            (WebCore::CSSValuePool::createImplicitInitialValue):
            (WebCore::CSSValuePool::createExplicitInitialValue):
            (WebCore::CSSValuePool::createUnsetValue):
            (WebCore::CSSValuePool::createRevertValue):

2020-02-14  Russell Epstein  <repstein@apple.com>

        Cherry-pick r256474. rdar://problem/59446973

    Web Inspector: inspector/cpu-profiler/threads.html is flaky crashing
    https://bugs.webkit.org/show_bug.cgi?id=207588
    <rdar://problem/57458123>
    
    Reviewed by Yusuke Suzuki.
    
    * page/cocoa/ResourceUsageThreadCocoa.mm:
    (WebCore::ResourceUsageThread::platformCollectCPUData):
    Use a fence to force Thread to be completely ready for use by other threads
    prior to storing it. Otherwise, ResourceUsageThread may see it too early.
    
    * workers/WorkerThread.cpp:
    (WebCore::WorkerThread::start): Ignore worker threads that are
    not fully initialized.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256474 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-12  Brian Burg  <bburg@apple.com>

            Web Inspector: inspector/cpu-profiler/threads.html is flaky crashing
            https://bugs.webkit.org/show_bug.cgi?id=207588
            <rdar://problem/57458123>

            Reviewed by Yusuke Suzuki.

            * page/cocoa/ResourceUsageThreadCocoa.mm:
            (WebCore::ResourceUsageThread::platformCollectCPUData):
            Use a fence to force Thread to be completely ready for use by other threads
            prior to storing it. Otherwise, ResourceUsageThread may see it too early.

            * workers/WorkerThread.cpp:
            (WebCore::WorkerThread::start): Ignore worker threads that are
            not fully initialized.

2020-02-14  Russell Epstein  <repstein@apple.com>

        Cherry-pick r256470. rdar://problem/59446998

    ServiceWorkerContainer::jobResolvedWithRegistration scopeExit should capture all lambda parameters by value
    https://bugs.webkit.org/show_bug.cgi?id=207657
    
    Reviewed by Chris Dumez.
    
    shouldNotifyWhenResolved is captured by reference in the notifyIfExitEarly ScopeExit lambda.
    The ScopeExit is not always called synchronously so it is unsafe to capture values by reference here.
    
    * workers/service/ServiceWorkerContainer.cpp:
    (WebCore::ServiceWorkerContainer::jobResolvedWithRegistration):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256470 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-12  Youenn Fablet  <youenn@apple.com>

            ServiceWorkerContainer::jobResolvedWithRegistration scopeExit should capture all lambda parameters by value
            https://bugs.webkit.org/show_bug.cgi?id=207657

            Reviewed by Chris Dumez.

            shouldNotifyWhenResolved is captured by reference in the notifyIfExitEarly ScopeExit lambda.
            The ScopeExit is not always called synchronously so it is unsafe to capture values by reference here.

            * workers/service/ServiceWorkerContainer.cpp:
            (WebCore::ServiceWorkerContainer::jobResolvedWithRegistration):

2020-02-14  Russell Epstein  <repstein@apple.com>

        Cherry-pick r256447. rdar://problem/59446998

    RELEASE_ASSERT() under WebSWClientConnection::didResolveRegistrationPromise()
    https://bugs.webkit.org/show_bug.cgi?id=207637
    <rdar://problem/59093490>
    
    Reviewed by Youenn Fablet.
    
    We were capturing data by reference in the notifyIfExitEarly ScopeExit lambda and then capturing it
    in the task posted to the event loop, which was unsafe.
    
    * workers/service/ServiceWorkerContainer.cpp:
    (WebCore::ServiceWorkerContainer::jobResolvedWithRegistration):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256447 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-12  Chris Dumez  <cdumez@apple.com>

            RELEASE_ASSERT() under WebSWClientConnection::didResolveRegistrationPromise()
            https://bugs.webkit.org/show_bug.cgi?id=207637
            <rdar://problem/59093490>

            Reviewed by Youenn Fablet.

            We were capturing data by reference in the notifyIfExitEarly ScopeExit lambda and then capturing it
            in the task posted to the event loop, which was unsafe.

            * workers/service/ServiceWorkerContainer.cpp:
            (WebCore::ServiceWorkerContainer::jobResolvedWithRegistration):

2020-02-14  Russell Epstein  <repstein@apple.com>

        Cherry-pick r256427. rdar://problem/59447029

    Fix crash due to uninitialized currentStyle in CSSTransition
    https://bugs.webkit.org/show_bug.cgi?id=205959
    <rdar://57073673>
    
    Patch by Sunny He <sunny_he@apple.com> on 2020-02-12
    Reviewed by Antoine Quint.
    
    Source/WebCore:
    
    Test: legacy-animation-engine/transitions/svg-bad-scale-crash.html
    
    * animation/CSSTransition.cpp:
    (WebCore::CSSTransition::create):
    (WebCore::CSSTransition::CSSTransition):
    * animation/CSSTransition.h:
    
    LayoutTests:
    
    Fix crash due to uninitialized currentStyle in CSSTransition
    
    * legacy-animation-engine/transitions/svg-bad-scale-crash-expected.txt: Added.
    * legacy-animation-engine/transitions/svg-bad-scale-crash.html: Added.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256427 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-12  Sunny He  <sunny_he@apple.com>

            Fix crash due to uninitialized currentStyle in CSSTransition
            https://bugs.webkit.org/show_bug.cgi?id=205959
            <rdar://57073673>

            Reviewed by Antoine Quint.

            Test: legacy-animation-engine/transitions/svg-bad-scale-crash.html

            * animation/CSSTransition.cpp:
            (WebCore::CSSTransition::create):
            (WebCore::CSSTransition::CSSTransition):
            * animation/CSSTransition.h:

2020-02-14  Russell Epstein  <repstein@apple.com>

        Cherry-pick r256395. rdar://problem/59447024

    Bug 207424: Crash in WebCore::ParsedContentType::parseContentType when parsing invalid MIME type
    <https://webkit.org/b/207424>
    <rdar://problem/59250384>
    
    Patch by Rob Buis <rbuis@igalia.com> and David Kilzer <ddkilzer@apple.com> on 2020-02-11
    Reviewed by Rob Buis.
    
    Source/WebCore:
    
    Return StringView directly rather than wrapping
    it in Optional, since StringView's can be null tested.
    
    Tests: TestWebKitAPI.ParsedContentType
    
    * platform/network/ParsedContentType.cpp:
    (WebCore::parseToken):
    (WebCore::parseQuotedString):
    (WebCore::ParsedContentType::parseContentType): Don't set type
    parameter if parameterName is null string.  Remove unneeded
    `parameterName` variable; use keyRange.toString() instead.
    
    Tools:
    
    * TestWebKitAPI/Tests/WebCore/ParsedContentType.cpp:
    (TestWebKitAPI::TEST): Add more tests.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256395 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-11  Rob Buis  <rbuis@igalia.com>

            Bug 207424: Crash in WebCore::ParsedContentType::parseContentType when parsing invalid MIME type
            <https://webkit.org/b/207424>
            <rdar://problem/59250384>

            Reviewed by Rob Buis.

            Return StringView directly rather than wrapping
            it in Optional, since StringView's can be null tested.

            Tests: TestWebKitAPI.ParsedContentType

            * platform/network/ParsedContentType.cpp:
            (WebCore::parseToken):
            (WebCore::parseQuotedString):
            (WebCore::ParsedContentType::parseContentType): Don't set type
            parameter if parameterName is null string.  Remove unneeded
            `parameterName` variable; use keyRange.toString() instead.

2020-02-14  Russell Epstein  <repstein@apple.com>

        Cherry-pick r256377. rdar://problem/59446971

    Regression: RTCRtpSender.getCapabilities("video") returns null on iOS 13.4 (17E5223h)
    https://bugs.webkit.org/show_bug.cgi?id=207325
    <rdar://problem/59224810>
    
    Reviewed by Eric Carlson.
    
    Source/WebCore:
    
    Manually tested and covered by API test.
    
    * platform/mediastream/libwebrtc/LibWebRTCProviderCocoa.cpp:
    (WebCore::LibWebRTCProvider::webRTCAvailable):
    Return true unconditionally on iOS since libwebrtc.dylib is always available.
    
    Tools:
    
    * TestWebKitAPI/Tests/WebKit/GetUserMedia.mm:
    (TestWebKitAPI::TEST):
    Add a test validating that RTCRtpSender.getCapabilities does not return null.
    * TestWebKitAPI/Tests/WebKit/getUserMedia.html:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256377 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-11  Youenn Fablet  <youenn@apple.com>

            Regression: RTCRtpSender.getCapabilities("video") returns null on iOS 13.4 (17E5223h)
            https://bugs.webkit.org/show_bug.cgi?id=207325
            <rdar://problem/59224810>

            Reviewed by Eric Carlson.

            Manually tested and covered by API test.

            * platform/mediastream/libwebrtc/LibWebRTCProviderCocoa.cpp:
            (WebCore::LibWebRTCProvider::webRTCAvailable):
            Return true unconditionally on iOS since libwebrtc.dylib is always available.

2020-02-14  Russell Epstein  <repstein@apple.com>

        Cherry-pick r256207. rdar://problem/59447263

    Don't update selection when calling setSelectionRange on a disconnected input element
    https://bugs.webkit.org/show_bug.cgi?id=207357
    
    Reviewed by Antti Koivisto.
    
    LayoutTests/imported/w3c:
    
    Rebaselined the test that progressed a little. The test now passes offset checks but still fails direction check.
    
    * web-platform-tests/html/semantics/forms/textfieldselection/selection-not-application-textarea-expected.txt:
    
    Source/WebCore:
    
    Don't update FrameSelection when the text form control element is disconnected from document.
    
    * html/HTMLTextFormControlElement.cpp:
    (WebCore::HTMLTextFormControlElement::setSelectionRange):
    
    LayoutTests:
    
    Rebaselined the test that has progressed with this change.
    
    * platform/ios-wk2/imported/w3c/web-platform-tests/html/semantics/forms/the-input-element/type-change-state-expected.txt:
    * platform/mac-wk2/imported/w3c/web-platform-tests/html/semantics/forms/the-input-element/type-change-state-expected.txt:
    * platform/mac/imported/w3c/web-platform-tests/html/semantics/forms/the-input-element/type-change-state-expected.txt:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256207 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-07  Ryosuke Niwa  <rniwa@webkit.org>

            Don't update selection when calling setSelectionRange on a disconnected input element
            https://bugs.webkit.org/show_bug.cgi?id=207357

            Reviewed by Antti Koivisto.

            Don't update FrameSelection when the text form control element is disconnected from document.

            * html/HTMLTextFormControlElement.cpp:
            (WebCore::HTMLTextFormControlElement::setSelectionRange):

2020-02-13  Russell Epstein  <repstein@apple.com>

        Revert r256407. rdar://problem/59299143

2020-02-13  Alan Coon  <alancoon@apple.com>

        Cherry-pick r256564. rdar://problem/59440718

    iOS: Autoscrolling is too fast and way too aggressive
    https://bugs.webkit.org/show_bug.cgi?id=207717
    <rdar://problem/59208122>
    
    Reviewed by Simon Fraser.
    
    * page/EventHandler.h:
    * page/ios/EventHandlerIOS.mm:
    (WebCore::EventHandler::startSelectionAutoscroll):
    (WebCore::EventHandler::cancelSelectionAutoscroll):
    (WebCore::adjustAutoscrollDestinationForInsetEdges):
    (WebCore::EventHandler::targetPositionInWindowForSelectionAutoscroll const):
    (WebCore::autoscrollAdjustmentFactorForScreenBoundaries): Deleted.
    Make a few small changes to autoscrolling on iOS to make it feel better:
    
    - Store the autoscrolling position in "unscrolled" coordinates, and do
    all work in this space, converting back when it's time to actually scroll.
    This fixes the problem where you have to wiggle your finger to autoscroll,
    because now when the timer fires, the point actually moves (before, it was
    all stored in "content" coordinates, so wouldn't actually change until
    the client pushed a new point).
    
    - Reintroduce the macOS-style linear scaling of scrolling velocity
    in (and beyond) the inset region. We scale the fractional distance into
    the inset region to a 20pt/50ms scroll velocity; when you exit the inset
    it continues scaling up linearly from there.
    
    - Only apply insets in the direction that the autoscroll drag is occurring
    in. This avoids a problem where e.g. horizontally selecting text on the
    first visible line of a page would cause us to scroll up, as it sat
    within the top inset. Instead, we only apply an inset in the direction of
    the drag, and do not allow its magnitude to exceed the currently dragged
    distance.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256564 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-13  Tim Horton  <timothy_horton@apple.com>

            iOS: Autoscrolling is too fast and way too aggressive
            https://bugs.webkit.org/show_bug.cgi?id=207717
            <rdar://problem/59208122>

            Reviewed by Simon Fraser.

            * page/EventHandler.h:
            * page/ios/EventHandlerIOS.mm:
            (WebCore::EventHandler::startSelectionAutoscroll):
            (WebCore::EventHandler::cancelSelectionAutoscroll):
            (WebCore::adjustAutoscrollDestinationForInsetEdges):
            (WebCore::EventHandler::targetPositionInWindowForSelectionAutoscroll const):
            (WebCore::autoscrollAdjustmentFactorForScreenBoundaries): Deleted.
            Make a few small changes to autoscrolling on iOS to make it feel better:

            - Store the autoscrolling position in "unscrolled" coordinates, and do
            all work in this space, converting back when it's time to actually scroll.
            This fixes the problem where you have to wiggle your finger to autoscroll,
            because now when the timer fires, the point actually moves (before, it was
            all stored in "content" coordinates, so wouldn't actually change until
            the client pushed a new point).

            - Reintroduce the macOS-style linear scaling of scrolling velocity
            in (and beyond) the inset region. We scale the fractional distance into
            the inset region to a 20pt/50ms scroll velocity; when you exit the inset
            it continues scaling up linearly from there.

            - Only apply insets in the direction that the autoscroll drag is occurring
            in. This avoids a problem where e.g. horizontally selecting text on the
            first visible line of a page would cause us to scroll up, as it sat
            within the top inset. Instead, we only apply an inset in the direction of
            the drag, and do not allow its magnitude to exceed the currently dragged
            distance.

2020-02-13  Russell Epstein  <repstein@apple.com>

        Cherry-pick r256485. rdar://problem/59430261

    Composition highlight rects should be rounded and inset
    https://bugs.webkit.org/show_bug.cgi?id=207655
    <rdar://problem/59362474>
    
    Reviewed by Tim Horton.
    
    Source/WebCore:
    
    Apply a couple of minor adjustments to the appearance of composition highlight rects that appear behind marked
    text, in the case where the client specifies attributed marked text with background colors.
    
    Test: editing/input/composition-highlights.html
    
    * rendering/InlineTextBox.cpp:
    (WebCore::InlineTextBox::paintMarkedTextBackground):
    (WebCore::InlineTextBox::paintCompositionBackground):
    
    In the case where custom composition rects are specified, add a half-pixel inset to all sides of the background
    rect, and add a slight corner radius around each background rect.
    
    * rendering/InlineTextBox.h:
    
    Source/WebKit:
    
    Stitch adjacent highlight rects together if they have the same highlight color; this minimizes the number of
    composition highlight rects we hand to the web process when changing the marked text.
    
    * UIProcess/ios/WKContentViewInteraction.mm:
    (compositionHighlights):
    
    LayoutTests:
    
    Make this existing layout test work with the new composition highlight appearance by covering up the edges of
    the composition highlight rect with a black border. Due to subpixel insets around the composition highlight
    rect, the reference image would be offset by a half pixel without this change (even when changing the spans to
    have a `border-radius`).
    
    * editing/input/composition-highlights-expected.html:
    * editing/input/composition-highlights.html:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256485 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-12  Wenson Hsieh  <wenson_hsieh@apple.com>

            Composition highlight rects should be rounded and inset
            https://bugs.webkit.org/show_bug.cgi?id=207655
            <rdar://problem/59362474>

            Reviewed by Tim Horton.

            Apply a couple of minor adjustments to the appearance of composition highlight rects that appear behind marked
            text, in the case where the client specifies attributed marked text with background colors.

            Test: editing/input/composition-highlights.html

            * rendering/InlineTextBox.cpp:
            (WebCore::InlineTextBox::paintMarkedTextBackground):
            (WebCore::InlineTextBox::paintCompositionBackground):

            In the case where custom composition rects are specified, add a half-pixel inset to all sides of the background
            rect, and add a slight corner radius around each background rect.

            * rendering/InlineTextBox.h:

2020-02-13  Russell Epstein  <repstein@apple.com>

        Cherry-pick r256230. rdar://problem/59332513

    Adjust the minor version number for the desktop user agent string.
    https://bugs.webkit.org/show_bug.cgi?id=207498
    <rdar://problem/59274765>
    
    Patch by Keith Rollin <krollin@apple.com> on 2020-02-10
    Reviewed by Wenson Hsieh.
    
    This helps with Netflix compatibility on the iPad.
    
    No new tests -- no new or changed functionality.
    
    * platform/ios/UserAgentIOS.mm:
    (WebCore::standardUserAgentWithApplicationName):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256230 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-10  Keith Rollin  <krollin@apple.com>

            Adjust the minor version number for the desktop user agent string.
            https://bugs.webkit.org/show_bug.cgi?id=207498
            <rdar://problem/59274765>

            Reviewed by Wenson Hsieh.

            This helps with Netflix compatibility on the iPad.

            No new tests -- no new or changed functionality.

            * platform/ios/UserAgentIOS.mm:
            (WebCore::standardUserAgentWithApplicationName):

2020-02-12  Alan Coon  <alancoon@apple.com>

        Cherry-pick r254859. rdar://problem/59298172

    Minor improvements to StorageAreaMap
    https://bugs.webkit.org/show_bug.cgi?id=206433
    
    Reviewed by Darin Adler.
    
    Source/WebCore:
    
    Use inline initialization for some of StorageMap's data member.
    Also specify uint8_t as underlying type of StorageType enum class for better packing.
    
    * inspector/InspectorInstrumentation.h:
    * storage/StorageArea.h:
    * storage/StorageMap.cpp:
    (WebCore::StorageMap::StorageMap):
    * storage/StorageType.h:
    
    Source/WebKit:
    
    Minor improvements to StorageAreaMap:
    1. The class does not need to be RefCounted, as it is solely owned by StorageNamespaceImpl. Having it
       RefCounted was actually dangerous because StorageAreaMap had a raw pointer data member to its owner:
       m_storageNamespace. This raw pointer could become stale if you extend the lifetime of the StorageAreaMap
       object to outlive its StorageNamespaceImpl.
    2. Make StorageAreaMap::connect() private as it is never called from outside the class
    3. Reorder data members for better packing
    4. Use modern loops in the implementation
    5. Rename loadValuesIfNeeded() to ensureStorageMap() and have it return the StorageMap object. This makes
       calls site more concise and it makes it clearer when this method needs to be called.
    6. Mark class as final
    7. Replace LOG_ERROR() with RELEASE_LOG_ERROR() so that we can see error logging in sysdiagnoses
    8. Use more references instead of raw pointers to make it clear when null checks are not needed
    
    * WebProcess/WebStorage/StorageAreaImpl.cpp:
    (WebKit::StorageAreaImpl::create):
    (WebKit::StorageAreaImpl::StorageAreaImpl):
    * WebProcess/WebStorage/StorageAreaImpl.h:
    * WebProcess/WebStorage/StorageAreaMap.cpp:
    (WebKit::StorageAreaMap::StorageAreaMap):
    (WebKit::StorageAreaMap::length):
    (WebKit::StorageAreaMap::key):
    (WebKit::StorageAreaMap::item):
    (WebKit::StorageAreaMap::setItem):
    (WebKit::StorageAreaMap::removeItem):
    (WebKit::StorageAreaMap::clear):
    (WebKit::StorageAreaMap::contains):
    (WebKit::StorageAreaMap::resetValues):
    (WebKit::StorageAreaMap::ensureStorageMap):
    (WebKit::StorageAreaMap::applyChange):
    (WebKit::StorageAreaMap::dispatchSessionStorageEvent):
    (WebKit::StorageAreaMap::dispatchLocalStorageEvent):
    (WebKit::StorageAreaMap::connect):
    (WebKit::StorageAreaMap::disconnect):
    * WebProcess/WebStorage/StorageAreaMap.h:
    * WebProcess/WebStorage/StorageAreaMap.messages.in:
    * WebProcess/WebStorage/StorageNamespaceImpl.cpp:
    (WebKit::StorageNamespaceImpl::storageArea):
    * WebProcess/WebStorage/StorageNamespaceImpl.h:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254859 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-21  Chris Dumez  <cdumez@apple.com>

            Minor improvements to StorageAreaMap
            https://bugs.webkit.org/show_bug.cgi?id=206433

            Reviewed by Darin Adler.

            Use inline initialization for some of StorageMap's data member.
            Also specify uint8_t as underlying type of StorageType enum class for better packing.

            * inspector/InspectorInstrumentation.h:
            * storage/StorageArea.h:
            * storage/StorageMap.cpp:
            (WebCore::StorageMap::StorageMap):
            * storage/StorageMap.h:
            * storage/StorageType.h:

2020-02-12  Alan Coon  <alancoon@apple.com>

        Revert r256409. rdar://problem/59298138

2020-02-12  Alan Coon  <alancoon@apple.com>

        Revert r256457. rdar://problem/59298138

2020-02-12  Russell Epstein  <repstein@apple.com>

        Cherry-pick r256060. rdar://problem/59298138

    Captions sometimes render at the wrong size when in fullscreen and PiP
    https://bugs.webkit.org/show_bug.cgi?id=207389
    <rdar://problem/58677864>
    
    Reviewed by Jer Noble.
    
    The TextTrackRepresentation, used to render captions when in fullscreen and PiP on
    iOS and and in PiP on macOS, frequently rendered captions before layout completed
    immediately after it was created. Fix this by having it not render until a layout
    happens. Additionally, make the code more efficient by hiding the TextTrackRepresentation's
    backing layer when cues are not visible instead of destroying the whole object.
    Drive by: RELEASE_LOG_DISABLED is always defined for PLATFORM(COCOA), so remove it
    from the macOS/iOS media players to make it easier to add logging to VideoFullscreenLayerManagerObjC.
    
    * html/HTMLMediaElement.cpp:
    (WebCore::convertEnumerationToString):
    (WebCore::HTMLMediaElement::configureTextTrackDisplay):
    * html/HTMLMediaElementEnums.h:
    (WTF::LogArgument<WebCore::HTMLMediaElementEnums::TextTrackVisibilityCheckType>::toString):
    * html/shadow/MediaControlElements.cpp:
    (WebCore::MediaControlTextTrackContainerElement::MediaControlTextTrackContainerElement):
    (WebCore::MediaControlTextTrackContainerElement::updateDisplay):
    (WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentation):
    (WebCore::MediaControlTextTrackContainerElement::clearTextTrackRepresentation):
    (WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentationStyle):
    (WebCore::MediaControlTextTrackContainerElement::layoutIfNecessary):
    (WebCore::MediaControlTextTrackContainerElement::updateVideoDisplaySize):
    (WebCore::MediaControlTextTrackContainerElement::updateSizes):
    (WebCore::MediaControlTextTrackContainerElement::updateCueStyles):
    (WebCore::MediaControlTextTrackContainerElement::logger const):
    (WebCore::MediaControlTextTrackContainerElement::logIdentifier const):
    (WebCore::MediaControlTextTrackContainerElement::updateTimerFired): Deleted.
    (WebCore::MediaControlTextTrackContainerElement::updateStyleForTextTrackRepresentation): Deleted.
    * platform/graphics/TextTrackRepresentation.h:
    * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
    (WebCore::MediaPlayerPrivateAVFoundation::MediaPlayerPrivateAVFoundation):
    (WebCore::MediaPlayerPrivateAVFoundation::logChannel const):
    * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
    * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
    (WebCore::MediaPlayerPrivateAVFoundationObjC::MediaPlayerPrivateAVFoundationObjC):
    (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenFrame):
    (WebCore::MediaPlayerPrivateAVFoundationObjC::createImageForTimeInRect):
    (WebCore::MediaPlayerPrivateAVFoundationObjC::updateAudioTracks):
    (WebCore::MediaPlayerPrivateAVFoundationObjC::updateVideoTracks):
    (WebCore::MediaPlayerPrivateAVFoundationObjC::updateLastImage):
    (-[WebCoreAVFMovieObserver observeValueForKeyPath:ofObject:change:context:]):
    * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
    (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::mediaPlayerLogger):
    * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
    (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::MediaPlayerPrivateMediaSourceAVFObjC):
    (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::logChannel const):
    * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
    * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
    (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::MediaPlayerPrivateMediaStreamAVFObjC):
    (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::logChannel const):
    * platform/graphics/avfoundation/objc/VideoFullscreenLayerManagerObjC.h:
    * platform/graphics/avfoundation/objc/VideoFullscreenLayerManagerObjC.mm:
    (WebCore::VideoFullscreenLayerManagerObjC::VideoFullscreenLayerManagerObjC):
    (WebCore::VideoFullscreenLayerManagerObjC::setVideoLayer):
    (WebCore::VideoFullscreenLayerManagerObjC::setVideoFullscreenLayer):
    (WebCore::VideoFullscreenLayerManagerObjC::setVideoFullscreenFrame):
    (WebCore::VideoFullscreenLayerManagerObjC::didDestroyVideoLayer):
    (WebCore::VideoFullscreenLayerManagerObjC::syncTextTrackBounds):
    (WebCore::VideoFullscreenLayerManagerObjC::setTextTrackRepresentation):
    (WebCore::VideoFullscreenLayerManagerObjC::logChannel const):
    * platform/graphics/cocoa/TextTrackRepresentationCocoa.h:
    * platform/graphics/cocoa/TextTrackRepresentationCocoa.mm:
    (-[WebCoreTextTrackRepresentationCocoaHelper observeValueForKeyPath:ofObject:change:context:]):
    (TextTrackRepresentationCocoa::setHidden const):
    (TextTrackRepresentationCocoa::boundsChanged):
    * rendering/RenderMediaControlElements.cpp:
    (WebCore::RenderTextTrackContainerElement::layout):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256060 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-07  Eric Carlson  <eric.carlson@apple.com>

            Captions sometimes render at the wrong size when in fullscreen and PiP
            https://bugs.webkit.org/show_bug.cgi?id=207389
            <rdar://problem/58677864>

            Reviewed by Jer Noble.

            The TextTrackRepresentation, used to render captions when in fullscreen and PiP on
            iOS and and in PiP on macOS, frequently rendered captions before layout completed
            immediately after it was created. Fix this by having it not render until a layout
            happens. Additionally, make the code more efficient by hiding the TextTrackRepresentation's
            backing layer when cues are not visible instead of destroying the whole object.
            Drive by: RELEASE_LOG_DISABLED is always defined for PLATFORM(COCOA), so remove it
            from the macOS/iOS media players to make it easier to add logging to VideoFullscreenLayerManagerObjC.


            * html/HTMLMediaElement.cpp:
            (WebCore::convertEnumerationToString):
            (WebCore::HTMLMediaElement::configureTextTrackDisplay):
            * html/HTMLMediaElementEnums.h:
            (WTF::LogArgument<WebCore::HTMLMediaElementEnums::TextTrackVisibilityCheckType>::toString):
            * html/shadow/MediaControlElements.cpp:
            (WebCore::MediaControlTextTrackContainerElement::MediaControlTextTrackContainerElement):
            (WebCore::MediaControlTextTrackContainerElement::updateDisplay):
            (WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentation):
            (WebCore::MediaControlTextTrackContainerElement::clearTextTrackRepresentation):
            (WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentationStyle):
            (WebCore::MediaControlTextTrackContainerElement::layoutIfNecessary):
            (WebCore::MediaControlTextTrackContainerElement::updateVideoDisplaySize):
            (WebCore::MediaControlTextTrackContainerElement::updateSizes):
            (WebCore::MediaControlTextTrackContainerElement::updateCueStyles):
            (WebCore::MediaControlTextTrackContainerElement::logger const):
            (WebCore::MediaControlTextTrackContainerElement::logIdentifier const):
            (WebCore::MediaControlTextTrackContainerElement::updateTimerFired): Deleted.
            (WebCore::MediaControlTextTrackContainerElement::updateStyleForTextTrackRepresentation): Deleted.
            * platform/graphics/TextTrackRepresentation.h:
            * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
            (WebCore::MediaPlayerPrivateAVFoundation::MediaPlayerPrivateAVFoundation):
            (WebCore::MediaPlayerPrivateAVFoundation::logChannel const):
            * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
            * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
            (WebCore::MediaPlayerPrivateAVFoundationObjC::MediaPlayerPrivateAVFoundationObjC):
            (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenFrame):
            (WebCore::MediaPlayerPrivateAVFoundationObjC::createImageForTimeInRect):
            (WebCore::MediaPlayerPrivateAVFoundationObjC::updateAudioTracks):
            (WebCore::MediaPlayerPrivateAVFoundationObjC::updateVideoTracks):
            (WebCore::MediaPlayerPrivateAVFoundationObjC::updateLastImage):
            (-[WebCoreAVFMovieObserver observeValueForKeyPath:ofObject:change:context:]):
            * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
            (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::mediaPlayerLogger):
            * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
            (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::MediaPlayerPrivateMediaSourceAVFObjC):
            (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::logChannel const):
            * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
            * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
            (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::MediaPlayerPrivateMediaStreamAVFObjC):
            (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::logChannel const):
            * platform/graphics/avfoundation/objc/VideoFullscreenLayerManagerObjC.h:
            * platform/graphics/avfoundation/objc/VideoFullscreenLayerManagerObjC.mm:
            (WebCore::VideoFullscreenLayerManagerObjC::VideoFullscreenLayerManagerObjC):
            (WebCore::VideoFullscreenLayerManagerObjC::setVideoLayer):
            (WebCore::VideoFullscreenLayerManagerObjC::setVideoFullscreenLayer):
            (WebCore::VideoFullscreenLayerManagerObjC::setVideoFullscreenFrame):
            (WebCore::VideoFullscreenLayerManagerObjC::didDestroyVideoLayer):
            (WebCore::VideoFullscreenLayerManagerObjC::syncTextTrackBounds):
            (WebCore::VideoFullscreenLayerManagerObjC::setTextTrackRepresentation):
            (WebCore::VideoFullscreenLayerManagerObjC::logChannel const):
            * platform/graphics/cocoa/TextTrackRepresentationCocoa.h:
            * platform/graphics/cocoa/TextTrackRepresentationCocoa.mm:
            (-[WebCoreTextTrackRepresentationCocoaHelper observeValueForKeyPath:ofObject:change:context:]):
            (TextTrackRepresentationCocoa::setHidden const):
            (TextTrackRepresentationCocoa::boundsChanged):
            * rendering/RenderMediaControlElements.cpp:
            (WebCore::RenderTextTrackContainerElement::layout):

2020-02-11  Alan Coon  <alancoon@apple.com>

        Cherry-pick r255668. rdar://problem/59299120

    MediaDevices should handle changes of iframe allow attribute value
    https://bugs.webkit.org/show_bug.cgi?id=207112
    
    Reviewed by Eric Carlson.
    
    LayoutTests/imported/w3c:
    
    * web-platform-tests/mediacapture-streams/MediaStream-default-feature-policy.https-expected.txt:
    * web-platform-tests/mediacapture-streams/MediaStream-feature-policy-none.https-expected.txt:
    
    Source/WebCore:
    
    MediaDevices was computing whether it could access camera or microphone at creation time.
    Since the iframe allow attribute can be modified, we cannot do that.
    Instead, we get the feature policy everytime this is needed.
    
    Refactor code to use the newly added routine to check for feature policy.
    Update logging to give origin and allow attribute value of the frame that fail the feature policy check.
    
    Test: http/tests/webrtc/enumerateDevicesInFrames.html
    
    * Modules/mediastream/MediaDevices.cpp:
    (WebCore::MediaDevices::MediaDevices):
    (WebCore::MediaDevices::refreshDevices):
    (WebCore::MediaDevices::enumerateDevices):
    (WebCore::MediaDevices::listenForDeviceChanges):
    * Modules/mediastream/MediaDevices.h:
    * Modules/mediastream/UserMediaController.cpp:
    (WebCore::UserMediaController::logGetUserMediaDenial):
    (WebCore::UserMediaController::logGetDisplayMediaDenial):
    (WebCore::UserMediaController::logEnumerateDevicesDenial):
    * Modules/mediastream/UserMediaController.h:
    * Modules/mediastream/UserMediaRequest.cpp:
    (WebCore::UserMediaRequest::start):
    * html/FeaturePolicy.cpp:
    (WebCore::policyTypeName):
    (WebCore::isFeaturePolicyAllowedByDocumentAndAllOwners):
    * html/FeaturePolicy.h:
    * page/DOMWindow.cpp:
    (WebCore::DOMWindow::printErrorMessage const):
    * page/DOMWindow.h:
    
    LayoutTests:
    
    * TestExpectations:
    * fullscreen/full-screen-enabled-expected.txt:
    * fullscreen/full-screen-enabled-prefixed-expected.txt:
    * fullscreen/full-screen-iframe-not-allowed-expected.txt:
    * fullscreen/full-screen-iframe-without-allow-attribute-allowed-from-parent-expected.txt:
    * fullscreen/full-screen-restrictions-expected.txt:
    * http/tests/fullscreen/fullscreen-feature-policy-expected.txt:
    * http/tests/media/media-stream/enumerate-devices-iframe-allow-attribute-expected.txt:
    * http/tests/media/media-stream/get-display-media-iframe-allow-attribute-expected.txt:
    * http/tests/ssl/media-stream/get-user-media-different-host-expected.txt:
    * http/tests/ssl/media-stream/get-user-media-nested-expected.txt:
    * http/tests/webrtc/enumerateDevicesInFrames-expected.txt: Added.
    * http/tests/webrtc/enumerateDevicesInFrames.html: Added.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255668 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-04  youenn fablet  <youenn@apple.com>

            MediaDevices should handle changes of iframe allow attribute value
            https://bugs.webkit.org/show_bug.cgi?id=207112

            Reviewed by Eric Carlson.

            MediaDevices was computing whether it could access camera or microphone at creation time.
            Since the iframe allow attribute can be modified, we cannot do that.
            Instead, we get the feature policy everytime this is needed.

            Refactor code to use the newly added routine to check for feature policy.
            Update logging to give origin and allow attribute value of the frame that fail the feature policy check.

            Test: http/tests/webrtc/enumerateDevicesInFrames.html

            * Modules/mediastream/MediaDevices.cpp:
            (WebCore::MediaDevices::MediaDevices):
            (WebCore::MediaDevices::refreshDevices):
            (WebCore::MediaDevices::enumerateDevices):
            (WebCore::MediaDevices::listenForDeviceChanges):
            * Modules/mediastream/MediaDevices.h:
            * Modules/mediastream/UserMediaController.cpp:
            (WebCore::UserMediaController::logGetUserMediaDenial):
            (WebCore::UserMediaController::logGetDisplayMediaDenial):
            (WebCore::UserMediaController::logEnumerateDevicesDenial):
            * Modules/mediastream/UserMediaController.h:
            * Modules/mediastream/UserMediaRequest.cpp:
            (WebCore::UserMediaRequest::start):
            * html/FeaturePolicy.cpp:
            (WebCore::policyTypeName):
            (WebCore::isFeaturePolicyAllowedByDocumentAndAllOwners):
            * html/FeaturePolicy.h:
            * page/DOMWindow.cpp:
            (WebCore::DOMWindow::printErrorMessage const):
            * page/DOMWindow.h:

2020-02-11  Alan Coon  <alancoon@apple.com>

        Cherry-pick r255562. rdar://problem/59299120

    Do not copy feature policy in isFeaturePolicyAllowedByDocumentAndAllOwners
    https://bugs.webkit.org/show_bug.cgi?id=207110
    
    Reviewed by Eric Carlson.
    
    Use auto& instead of auto to not copy the feature policy object.
    Add some auto* to improve code readability.
    No change of behavior.
    
    * html/FeaturePolicy.cpp:
    (WebCore::isFeaturePolicyAllowedByDocumentAndAllOwners):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255562 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-03  youenn fablet  <youenn@apple.com>

            Do not copy feature policy in isFeaturePolicyAllowedByDocumentAndAllOwners
            https://bugs.webkit.org/show_bug.cgi?id=207110

            Reviewed by Eric Carlson.

            Use auto& instead of auto to not copy the feature policy object.
            Add some auto* to improve code readability.
            No change of behavior.

            * html/FeaturePolicy.cpp:
            (WebCore::isFeaturePolicyAllowedByDocumentAndAllOwners):

2020-02-11  Alan Coon  <alancoon@apple.com>

        Cherry-pick r256073. rdar://problem/59299148

    Remember if we used legacy TLS in the back/forward cache like we remember if we have only secure content
    https://bugs.webkit.org/show_bug.cgi?id=207409
    rdar://problem/59275641
    
    Patch by Alex Christensen <achristensen@apple.com> on 2020-02-07
    Reviewed by Chris Dumez.
    
    Source/WebCore:
    
    Covered by an API test.
    
    * history/CachedFrame.cpp:
    (WebCore::CachedFrame::setHasInsecureContent):
    * history/CachedFrame.h:
    (WebCore::CachedFrame::usedLegacyTLS const):
    * loader/EmptyFrameLoaderClient.h:
    * loader/FrameLoader.cpp:
    (WebCore::FrameLoader::receivedFirstData):
    (WebCore::FrameLoader::commitProvisionalLoad):
    (WebCore::FrameLoader::dispatchDidCommitLoad):
    * loader/FrameLoader.h:
    * loader/FrameLoaderClient.h:
    
    Source/WebKit:
    
    * Scripts/webkit/messages.py:
    * UIProcess/WebPageProxy.cpp:
    (WebKit::WebPageProxy::hasInsecureContent):
    * UIProcess/WebPageProxy.h:
    * UIProcess/WebPageProxy.messages.in:
    * WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
    (WebKit::WebFrameLoaderClient::dispatchDidCommitLoad):
    (WebKit::WebFrameLoaderClient::savePlatformDataToCachedFrame):
    * WebProcess/WebCoreSupport/WebFrameLoaderClient.h:
    
    Source/WebKitLegacy/mac:
    
    * WebCoreSupport/WebFrameLoaderClient.h:
    * WebCoreSupport/WebFrameLoaderClient.mm:
    (WebFrameLoaderClient::dispatchDidCommitLoad):
    
    Source/WebKitLegacy/win:
    
    * WebCoreSupport/WebFrameLoaderClient.cpp:
    (WebFrameLoaderClient::dispatchDidCommitLoad):
    * WebCoreSupport/WebFrameLoaderClient.h:
    
    Tools:
    
    * TestWebKitAPI/Tests/WebKitCocoa/TLSDeprecation.mm:
    (TestWebKitAPI::TEST):
    
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256073 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-07  Alex Christensen  <achristensen@apple.com>

            Remember if we used legacy TLS in the back/forward cache like we remember if we have only secure content
            https://bugs.webkit.org/show_bug.cgi?id=207409
            rdar://problem/59275641

            Reviewed by Chris Dumez.

            Covered by an API test.

            * history/CachedFrame.cpp:
            (WebCore::CachedFrame::setHasInsecureContent):
            * history/CachedFrame.h:
            (WebCore::CachedFrame::usedLegacyTLS const):
            * loader/EmptyFrameLoaderClient.h:
            * loader/FrameLoader.cpp:
            (WebCore::FrameLoader::receivedFirstData):
            (WebCore::FrameLoader::commitProvisionalLoad):
            (WebCore::FrameLoader::dispatchDidCommitLoad):
            * loader/FrameLoader.h:
            * loader/FrameLoaderClient.h:

2020-02-11  Alan Coon  <alancoon@apple.com>

        Cherry-pick r255881. rdar://problem/59299143

    Adopt MTOverrideShouldPlayHDRVideo()
    https://bugs.webkit.org/show_bug.cgi?id=207275
    <rdar://problem/58837093>
    
    Reviewed by Eric Carlson.
    
    Source/WebCore:
    
    * platform/PlatformScreen.h:
    * platform/mac/PlatformScreenMac.mm:
    (WebCore::setShouldOverrideScreenSupportsHighDynamicRange):
    
    Source/WebCore/PAL:
    
    * pal/cocoa/MediaToolboxSoftLink.cpp:
    * pal/cocoa/MediaToolboxSoftLink.h:
    
    Source/WebKit:
    
    The WebProcess sandbox can block access to the services necessary for MediaToolbox to determine whether
    the current display is capable of displaying HDR. Rather than opening up the sandbox, provide the information
    gathered by the UIProcess by way of MTOverrideShouldPlayHDRVideo().
    
    * WebProcess/WebPage/WebPage.cpp:
    (WebKit::WebPage::windowScreenDidChange):
    (WebKit::WebPage::displayID const):
    * WebProcess/WebPage/WebPage.h:
    * WebProcess/WebProcess.cpp:
    (WebKit::WebProcess::setScreenProperties): Deleted.
    * WebProcess/WebProcess.h:
    * WebProcess/cocoa/WebProcessCocoa.mm:
    (WebKit::WebProcess::setScreenProperties):
    (WebKit::WebProcess::updatePageScreenProperties):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255881 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-05  Jer Noble  <jer.noble@apple.com>

            Adopt MTOverrideShouldPlayHDRVideo()
            https://bugs.webkit.org/show_bug.cgi?id=207275
            <rdar://problem/58837093>

            Reviewed by Eric Carlson.

            * platform/PlatformScreen.h:
            * platform/mac/PlatformScreenMac.mm:
            (WebCore::setShouldOverrideScreenSupportsHighDynamicRange):

2020-02-11  Alan Coon  <alancoon@apple.com>

        Cherry-pick r255846. rdar://problem/59299151

    Make WKWebView._negotiatedLegacyTLS accurate when loading main resouorce from network or cache
    https://bugs.webkit.org/show_bug.cgi?id=207207
    
    Reviewed by Chris Dumez.
    
    Source/WebCore:
    
    * platform/network/ResourceResponseBase.cpp:
    (WebCore::ResourceResponseBase::includeCertificateInfo const):
    * platform/network/ResourceResponseBase.h:
    (WebCore::ResourceResponseBase::usedLegacyTLS const):
    (WebCore::ResourceResponseBase::encode const):
    (WebCore::ResourceResponseBase::decode):
    
    Source/WebKit:
    
    In PageLoadState::didCommitLoad, I was resetting the value of _negotiatedLegacyTLS to false.
    That created a race condition when loading the main resource because the NetworkProcess would
    message the UIProcess setting _negotiatedLegacyTLS to false, while the NetworkProcess would
    message the WebProcess which would message the UIProcess to call PageLoadState::didCommitLoad
    which would reset it to false.  Now it resets it to the correct value, whatever it is.
    
    Updating the ResourceResponseBase serialization code has the desirable side effect that the disk
    cache will remember whether legacy TLS was used to fetch each resource.  This will make it so
    _negotiatedLegacyTLS is true if we read content from the disk cache that was originally fetched
    using legacy TLS.
    
    In order to not increase the memory footprint of ResourceResponse, I changed m_httpStatusCode from
    an int to a short.  It just needs to be able to cover the values 0-600 or so, which really only needs 10 bits.
    
    Covered by new API tests.
    
    * NetworkProcess/NetworkCORSPreflightChecker.cpp:
    (WebKit::NetworkCORSPreflightChecker::didReceiveResponse):
    * NetworkProcess/NetworkCORSPreflightChecker.h:
    * NetworkProcess/NetworkDataTask.cpp:
    (WebKit::NetworkDataTask::didReceiveResponse):
    (WebKit::NetworkDataTask::negotiatedLegacyTLS const): Deleted.
    * NetworkProcess/NetworkDataTask.h:
    (WebKit::NetworkDataTaskClient::negotiatedLegacyTLS const): Deleted.
    * NetworkProcess/NetworkDataTaskBlob.cpp:
    (WebKit::NetworkDataTaskBlob::dispatchDidReceiveResponse):
    * NetworkProcess/NetworkLoad.cpp:
    (WebKit::NetworkLoad::didReceiveResponse):
    (WebKit::NetworkLoad::notifyDidReceiveResponse):
    (WebKit::NetworkLoad::throttleDelayCompleted):
    (WebKit::NetworkLoad::negotiatedLegacyTLS const): Deleted.
    * NetworkProcess/NetworkLoad.h:
    * NetworkProcess/NetworkResourceLoader.h:
    * NetworkProcess/PingLoad.cpp:
    (WebKit::PingLoad::didReceiveResponse):
    * NetworkProcess/PingLoad.h:
    * NetworkProcess/cocoa/NetworkDataTaskCocoa.h:
    * NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:
    (WebKit::NetworkDataTaskCocoa::didReceiveResponse):
    * NetworkProcess/cocoa/NetworkSessionCocoa.mm:
    (-[WKNetworkSessionDelegate URLSession:dataTask:didReceiveResponse:completionHandler:]):
    * NetworkProcess/curl/NetworkDataTaskCurl.cpp:
    (WebKit::NetworkDataTaskCurl::invokeDidReceiveResponse):
    * NetworkProcess/soup/NetworkDataTaskSoup.cpp:
    (WebKit::NetworkDataTaskSoup::dispatchDidReceiveResponse):
    * UIProcess/PageLoadState.cpp:
    (WebKit::PageLoadState::didCommitLoad):
    * UIProcess/PageLoadState.h:
    * UIProcess/ProvisionalPageProxy.cpp:
    (WebKit::ProvisionalPageProxy::didCommitLoadForFrame):
    * UIProcess/ProvisionalPageProxy.h:
    * UIProcess/WebPageProxy.cpp:
    (WebKit::WebPageProxy::commitProvisionalPage):
    (WebKit::WebPageProxy::didCommitLoadForFrame):
    * UIProcess/WebPageProxy.h:
    * UIProcess/WebPageProxy.messages.in:
    * WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
    (WebKit::WebFrameLoaderClient::dispatchDidCommitLoad):
    
    Source/WTF:
    
    * wtf/persistence/PersistentDecoder.cpp:
    (WTF::Persistence::Decoder::decode):
    * wtf/persistence/PersistentDecoder.h:
    * wtf/persistence/PersistentEncoder.cpp:
    (WTF::Persistence::Encoder::encode):
    * wtf/persistence/PersistentEncoder.h:
    
    Tools:
    
    HTTPServer now supports HTTPS. Tell your friends!
    
    * TestWebKitAPI/Tests/WebKitCocoa/Challenge.mm:
    (testCertificate):
    (testIdentity):
    (credentialWithIdentity):
    * TestWebKitAPI/Tests/WebKitCocoa/TLSDeprecation.mm:
    (TestWebKitAPI::webViewWithNavigationDelegate):
    (TestWebKitAPI::TEST):
    * TestWebKitAPI/cocoa/HTTPServer.h:
    * TestWebKitAPI/cocoa/HTTPServer.mm:
    (TestWebKitAPI::HTTPServer::HTTPServer):
    (TestWebKitAPI::HTTPServer::request const):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255846 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-05  Alex Christensen  <achristensen@webkit.org>

            Make WKWebView._negotiatedLegacyTLS accurate when loading main resouorce from network or cache
            https://bugs.webkit.org/show_bug.cgi?id=207207

            Reviewed by Chris Dumez.

            * platform/network/ResourceResponseBase.cpp:
            (WebCore::ResourceResponseBase::includeCertificateInfo const):
            * platform/network/ResourceResponseBase.h:
            (WebCore::ResourceResponseBase::usedLegacyTLS const):
            (WebCore::ResourceResponseBase::encode const):
            (WebCore::ResourceResponseBase::decode):

2020-02-11  Alan Coon  <alancoon@apple.com>

        Cherry-pick r255162. rdar://problem/59299120

    Support 'allow="fullscreen"' feature policy
    https://bugs.webkit.org/show_bug.cgi?id=206806
    <rdar://problem/55640448>
    
    Patch by Jer Noble <jer.noble@apple.com> on 2020-01-27
    Reviewed by Youenn Fablet.
    
    Source/WebCore:
    
    Test: http/tests/fullscreen/fullscreen-feature-policy.html
    
    The unprefixed version of the Fullscreen API has deprecated the 'allowfullscreen' iframe
    attribute in favor of the 'allow="fullscreen"' style attribute used by Feature Policy.
    Add support for such, including the specified handling for the legacy 'allowfullscreen'
    attribute.
    
    Note: this patch will (intentionally) change the default behavior of <iframe>s. Previously
    any <iframe> without the "allowfullscreen" attribute would not be allowed to enter fullscreen
    mode. After this patch, <iframes> without the legacy attribute or an explicit fullscreen
    Feature Policy will be allowed to enter fullscreen so long as their origin is the same as
    the top document (and that all parent iframes are also allowed to enter fullscreen).
    
    * dom/FullscreenManager.cpp:
    (WebCore::FullscreenManager::requestFullscreenForElement):
    (WebCore::FullscreenManager::isFullscreenEnabled const):
    (WebCore::isAttributeOnAllOwners): Deleted.
    (WebCore::FullscreenManager::fullscreenIsAllowedForElement const): Deleted.
    * dom/FullscreenManager.h:
    * html/FeaturePolicy.cpp:
    (WebCore::isFeaturePolicyAllowedByDocumentAndAllOwners):
    (WebCore::FeaturePolicy::parse):
    (WebCore::FeaturePolicy::allows const):
    * html/FeaturePolicy.h:
    * html/HTMLIFrameElement.cpp:
    (WebCore::HTMLIFrameElement::parseAttribute):
    (WebCore::HTMLIFrameElement::featurePolicy const):
    * xml/XMLHttpRequest.cpp:
    (WebCore::XMLHttpRequest::createRequest):
    (WebCore::isSyncXHRAllowedByFeaturePolicy): Deleted.
    
    LayoutTests:
    
    * fullscreen/full-screen-enabled-prefixed.html:
    * fullscreen/full-screen-enabled.html:
    * fullscreen/full-screen-frameset-expected.txt: Removed.
    * fullscreen/full-screen-frameset.html: Removed.
    * fullscreen/full-screen-iframe-not-allowed.html:
    * fullscreen/full-screen-restrictions.html:
    * http/tests/fullscreen/fullscreen-feature-policy-expected.txt: Added.
    * http/tests/fullscreen/fullscreen-feature-policy.html: Added.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255162 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-27  Jer Noble  <jer.noble@apple.com>

            Support 'allow="fullscreen"' feature policy
            https://bugs.webkit.org/show_bug.cgi?id=206806
            <rdar://problem/55640448>

            Reviewed by Youenn Fablet.

            Test: http/tests/fullscreen/fullscreen-feature-policy.html

            The unprefixed version of the Fullscreen API has deprecated the 'allowfullscreen' iframe
            attribute in favor of the 'allow="fullscreen"' style attribute used by Feature Policy.
            Add support for such, including the specified handling for the legacy 'allowfullscreen'
            attribute.

            Note: this patch will (intentionally) change the default behavior of <iframe>s. Previously
            any <iframe> without the "allowfullscreen" attribute would not be allowed to enter fullscreen
            mode. After this patch, <iframes> without the legacy attribute or an explicit fullscreen
            Feature Policy will be allowed to enter fullscreen so long as their origin is the same as
            the top document (and that all parent iframes are also allowed to enter fullscreen).

            * dom/FullscreenManager.cpp:
            (WebCore::FullscreenManager::requestFullscreenForElement):
            (WebCore::FullscreenManager::isFullscreenEnabled const):
            (WebCore::isAttributeOnAllOwners): Deleted.
            (WebCore::FullscreenManager::fullscreenIsAllowedForElement const): Deleted.
            * dom/FullscreenManager.h:
            * html/FeaturePolicy.cpp:
            (WebCore::isFeaturePolicyAllowedByDocumentAndAllOwners):
            (WebCore::FeaturePolicy::parse):
            (WebCore::FeaturePolicy::allows const):
            * html/FeaturePolicy.h:
            * html/HTMLIFrameElement.cpp:
            (WebCore::HTMLIFrameElement::parseAttribute):
            (WebCore::HTMLIFrameElement::featurePolicy const):
            * xml/XMLHttpRequest.cpp:
            (WebCore::XMLHttpRequest::createRequest):
            (WebCore::isSyncXHRAllowedByFeaturePolicy): Deleted.

2020-02-11  Alan Coon  <alancoon@apple.com>

        Cherry-pick r255158. rdar://problem/59298137

    Throttling requestAnimationFrame should be controlled by RenderingUpdateScheduler
    https://bugs.webkit.org/show_bug.cgi?id=204713
    
    Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2020-01-27
    Reviewed by Simon Fraser.
    
    Source/WebCore:
    
    Test: fast/animation/request-animation-frame-throttling-outside-viewport.html
    
    requestAnimationFrame is throttled by a timer although its callback are
    serviced by the page RenderingUpdate. This led to excessive rAF firing
    which makes it more than the preferred frame per seconds.
    
    The solution is to have two throttling types:
    
    1) Page throttling (or full throttling) which slows down all the steps of
       RenderingUpdate for the main document and all the sub-documents.
    2) Document throttling (or partial throttling) which only slows down the
       rAF of a certain document.
    
    * Headers.cmake:
    * WebCore.xcodeproj/project.pbxproj:
    
    * animation/DocumentTimeline.cpp:
    (WebCore::DocumentTimeline::animationInterval const):
    (WebCore::DocumentTimeline::updateThrottlingState): Deleted.
    * animation/DocumentTimeline.h:
    There is no need to have DocumentTimeline throttling. It is already
    throttled when the page RenderingUpdate is throttled.
    
    * dom/Document.cpp:
    (WebCore::Document::requestAnimationFrame):
    (WebCore::Document::updateLastHandledUserGestureTimestamp):
    LowPowerMode throttling is now handled by the page. So remove its handling
    in the Document side.
    
    * dom/ScriptedAnimationController.cpp:
    (WebCore::ScriptedAnimationController::ScriptedAnimationController):
    (WebCore::ScriptedAnimationController::page const):
    (WebCore::ScriptedAnimationController::preferredScriptedAnimationInterval const):
    (WebCore::ScriptedAnimationController::interval const):
    (WebCore::ScriptedAnimationController::isThrottled const):
    (WebCore::ScriptedAnimationController::isThrottledRelativeToPage const):
    (WebCore::ScriptedAnimationController::shouldRescheduleRequestAnimationFrame const):
    (WebCore::ScriptedAnimationController::registerCallback):
    (WebCore::ScriptedAnimationController::cancelCallback):
    (WebCore::ScriptedAnimationController::serviceRequestAnimationFrameCallbacks):
    (WebCore::ScriptedAnimationController::scheduleAnimation):
    (WebCore::throttlingReasonToString): Deleted.
    (WebCore::throttlingReasonsToString): Deleted.
    (WebCore::ScriptedAnimationController::addThrottlingReason): Deleted.
    (WebCore::ScriptedAnimationController::removeThrottlingReason): Deleted.
    (WebCore::ScriptedAnimationController::animationTimerFired): Deleted.
    * dom/ScriptedAnimationController.h:
    (WebCore::ScriptedAnimationController::addThrottlingReason):
    (WebCore::ScriptedAnimationController::removeThrottlingReason):
    Get rid of the rAF throttling timer. Service the rAF callback only when
    the period from the current time stamp till the last service time stamp
    is greater than the preferred rAF interval .
    
    * page/FrameView.cpp:
    (WebCore::FrameView::updateScriptedAnimationsAndTimersThrottlingState):
    ThrottlingReason is now defined outside ScriptedAnimationController.
    
    * page/Page.cpp:
    (WebCore::Page::renderingUpdateThrottlingEnabled const):
    (WebCore::Page::renderingUpdateThrottlingEnabledChanged):
    (WebCore::Page::isRenderingUpdateThrottled const):
    
    (WebCore::Page::preferredRenderingUpdateInterval const):
    Calculate the preferred RenderingUpdate interval from the throttling
    reasons.
    
    (WebCore::Page::setIsVisuallyIdleInternal):
    (WebCore::Page::handleLowModePowerChange):
    Call adjustRenderingUpdateFrequency() when isLowPowerModeEnabled or
    IsVisuallyIdle is toggled.
    
    (WebCore::updateScriptedAnimationsThrottlingReason): Deleted.
    * page/Page.h:
    
    * page/RenderingUpdateScheduler.cpp:
    (WebCore::RenderingUpdateScheduler::adjustFramesPerSecond):
    (WebCore::RenderingUpdateScheduler::adjustRenderingUpdateFrequency):
    Change the preferredFramesPerSecond of the DisplayRefreshMonitor if the
    throttling is not aggressive e.g. 10_s. Otherwise use the timer.
    
    (WebCore::RenderingUpdateScheduler::scheduleTimedRenderingUpdate):
    Call adjustFramesPerSecond() when DisplayRefreshMonitor is created.
    
    (WebCore::RenderingUpdateScheduler::startTimer):
    * page/RenderingUpdateScheduler.h:
    
    * page/Settings.yaml:
    * page/SettingsBase.cpp:
    (WebCore::SettingsBase::renderingUpdateThrottlingEnabledChanged):
    * page/SettingsBase.h:
    Add a setting to enable/disable RenderingUpdateThrottling.
    
    * platform/graphics/AnimationFrameRate.h: Added.
    (WebCore::preferredFrameInterval):
    (WebCore::preferredFramesPerSecond):
    
    * platform/graphics/DisplayRefreshMonitor.h:
    (WebCore::DisplayRefreshMonitor::setPreferredFramesPerSecond):
    * platform/graphics/DisplayRefreshMonitorManager.cpp:
    (WebCore::DisplayRefreshMonitorManager::monitorForClient):
    Rename createMonitorForClient() to monitorForClient() since it may return
    a cached DisplayRefreshMonitor.
    
    (WebCore::DisplayRefreshMonitorManager::setPreferredFramesPerSecond):
    (WebCore::DisplayRefreshMonitorManager::scheduleAnimation):
    (WebCore::DisplayRefreshMonitorManager::windowScreenDidChange):
    No need to call registerClient(). This function was just ensuring the
    DisplayRefreshMonitor is created. scheduleAnimation() does the same thing.
    
    (WebCore::DisplayRefreshMonitorManager::createMonitorForClient): Deleted.
    (WebCore::DisplayRefreshMonitorManager::registerClient): Deleted.
    * platform/graphics/DisplayRefreshMonitorManager.h:
    (WebCore::DisplayRefreshMonitorManager::DisplayRefreshMonitorManager): Deleted.
    
    * platform/graphics/GraphicsLayerUpdater.cpp:
    (WebCore::GraphicsLayerUpdater::GraphicsLayerUpdater):
    * platform/graphics/ios/DisplayRefreshMonitorIOS.mm:
    (-[WebDisplayLinkHandler setPreferredFramesPerSecond:]):
    Set the preferredFramesPerSecond of the CADisplayLink.
    
    Source/WebKit:
    
    Create an IPC message on the DrawingArea to send a message from the
    WebProcess to the UIProcess to setPreferredFramesPerSecond of the
    DisplayRefreshMonitor.
    
    * Shared/WebPreferences.yaml:
    * UIProcess/API/C/WKPreferences.cpp:
    (WKPreferencesSetRenderingUpdateThrottlingEnabled):
    (WKPreferencesGetRenderingUpdateThrottlingEnabled):
    * UIProcess/API/C/WKPreferencesRefPrivate.h:
    Add a WKPreference key for RenderingUpdateThrottlingEnabled.
    
    * UIProcess/RemoteLayerTree/RemoteLayerTreeDrawingAreaProxy.h:
    * UIProcess/RemoteLayerTree/RemoteLayerTreeDrawingAreaProxy.messages.in:
    
    * UIProcess/RemoteLayerTree/RemoteLayerTreeDrawingAreaProxy.mm:
    (-[WKOneShotDisplayLinkHandler setPreferredFramesPerSecond:]):
    (WebKit::RemoteLayerTreeDrawingAreaProxy::setPreferredFramesPerSecond):
    Set the preferredFramesPerSecond of the CADisplayLink.
    
    * WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeDisplayRefreshMonitor.h:
    * WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeDisplayRefreshMonitor.mm:
    (WebKit::RemoteLayerTreeDisplayRefreshMonitor::setPreferredFramesPerSecond):
    Delegate the call to RemoteLayerTreeDrawingArea.
    
    * WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeDrawingArea.h:
    * WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeDrawingArea.mm:
    (WebKit::RemoteLayerTreeDrawingArea::setPreferredFramesPerSecond):
    Send the IPC message from the WebProcess to the UIProcess.
    
    Source/WebKitLegacy/mac:
    
    Add a WKPreference key for RenderingUpdateThrottling.
    
    * WebView/WebPreferenceKeysPrivate.h:
    * WebView/WebPreferences.mm:
    (+[WebPreferences initialize]):
    (-[WebPreferences renderingUpdateThrottlingEnabled]):
    (-[WebPreferences setRenderingUpdateThrottlingEnabled:]):
    * WebView/WebPreferencesPrivate.h:
    * WebView/WebView.mm:
    (-[WebView _preferencesChanged:]):
    
    Source/WebKitLegacy/win:
    
    Add a WKPreference key for RenderingUpdateThrottling.
    
    * Interfaces/IWebPreferencesPrivate.idl:
    * WebPreferenceKeysPrivate.h:
    * WebPreferences.cpp:
    (WebPreferences::initializeDefaultSettings):
    (WebPreferences::renderingUpdateThrottlingEnabled):
    (WebPreferences::setRenderingUpdateThrottlingEnabled):
    * WebPreferences.h:
    * WebView.cpp:
    (WebView::notifyPreferencesChanged):
    
    Tools:
    
    RenderingUpdateThrottling is enabled by default. Turn it off for DRT and
    WTR. In some cases, the page may not get visually active while it's
    waiting for rAF. Throttling tests will have to explicitly turn it on.
    
    * DumpRenderTree/mac/DumpRenderTree.mm:
    (resetWebPreferencesToConsistentValues):
    * DumpRenderTree/win/DumpRenderTree.cpp:
    (resetWebPreferencesToConsistentValues):
    * WebKitTestRunner/TestController.cpp:
    (WTR::TestController::resetPreferencesToConsistentValues):
    
    LayoutTests:
    
    * fast/animation/css-animation-throttling-lowPowerMode.html:
    * fast/animation/request-animation-frame-throttle-subframe.html:
    * fast/animation/request-animation-frame-throttling-detached-iframe.html:
    Enable RenderingUpdateThrottling for these tests.
    
    * fast/animation/request-animation-frame-throttling-lowPowerMode-expected.txt:
    * fast/animation/request-animation-frame-throttling-lowPowerMode.html:
    Ensure the actual rAF interval is > 30ms for lowPowerMode.
    
    * fast/animation/request-animation-frame-throttling-outside-viewport-expected.txt: Added.
    * fast/animation/request-animation-frame-throttling-outside-viewport.html: Added.
    * fast/animation/resources/frame-with-animation-2.html: Added.
    Test the OutsideViewport throttling case.
    
    * http/tests/frame-throttling/raf-throttle-in-cross-origin-subframe.html:
    Enable RenderingUpdateThrottling for this test.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255158 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-27  Said Abou-Hallawa  <sabouhallawa@apple.com>

            Throttling requestAnimationFrame should be controlled by RenderingUpdateScheduler
            https://bugs.webkit.org/show_bug.cgi?id=204713

            Reviewed by Simon Fraser.

            Test: fast/animation/request-animation-frame-throttling-outside-viewport.html

            requestAnimationFrame is throttled by a timer although its callback are
            serviced by the page RenderingUpdate. This led to excessive rAF firing
            which makes it more than the preferred frame per seconds.

            The solution is to have two throttling types:

            1) Page throttling (or full throttling) which slows down all the steps of
               RenderingUpdate for the main document and all the sub-documents.
            2) Document throttling (or partial throttling) which only slows down the
               rAF of a certain document.

            * Headers.cmake:
            * WebCore.xcodeproj/project.pbxproj:

            * animation/DocumentTimeline.cpp:
            (WebCore::DocumentTimeline::animationInterval const):
            (WebCore::DocumentTimeline::updateThrottlingState): Deleted.
            * animation/DocumentTimeline.h:
            There is no need to have DocumentTimeline throttling. It is already
            throttled when the page RenderingUpdate is throttled.

            * dom/Document.cpp:
            (WebCore::Document::requestAnimationFrame):
            (WebCore::Document::updateLastHandledUserGestureTimestamp):
            LowPowerMode throttling is now handled by the page. So remove its handling
            in the Document side.

            * dom/ScriptedAnimationController.cpp:
            (WebCore::ScriptedAnimationController::ScriptedAnimationController):
            (WebCore::ScriptedAnimationController::page const):
            (WebCore::ScriptedAnimationController::preferredScriptedAnimationInterval const):
            (WebCore::ScriptedAnimationController::interval const):
            (WebCore::ScriptedAnimationController::isThrottled const):
            (WebCore::ScriptedAnimationController::isThrottledRelativeToPage const):
            (WebCore::ScriptedAnimationController::shouldRescheduleRequestAnimationFrame const):
            (WebCore::ScriptedAnimationController::registerCallback):
            (WebCore::ScriptedAnimationController::cancelCallback):
            (WebCore::ScriptedAnimationController::serviceRequestAnimationFrameCallbacks):
            (WebCore::ScriptedAnimationController::scheduleAnimation):
            (WebCore::throttlingReasonToString): Deleted.
            (WebCore::throttlingReasonsToString): Deleted.
            (WebCore::ScriptedAnimationController::addThrottlingReason): Deleted.
            (WebCore::ScriptedAnimationController::removeThrottlingReason): Deleted.
            (WebCore::ScriptedAnimationController::animationTimerFired): Deleted.
            * dom/ScriptedAnimationController.h:
            (WebCore::ScriptedAnimationController::addThrottlingReason):
            (WebCore::ScriptedAnimationController::removeThrottlingReason):
            Get rid of the rAF throttling timer. Service the rAF callback only when
            the period from the current time stamp till the last service time stamp
            is greater than the preferred rAF interval .

            * page/FrameView.cpp:
            (WebCore::FrameView::updateScriptedAnimationsAndTimersThrottlingState):
            ThrottlingReason is now defined outside ScriptedAnimationController.

            * page/Page.cpp:
            (WebCore::Page::renderingUpdateThrottlingEnabled const):
            (WebCore::Page::renderingUpdateThrottlingEnabledChanged):
            (WebCore::Page::isRenderingUpdateThrottled const):

            (WebCore::Page::preferredRenderingUpdateInterval const):
            Calculate the preferred RenderingUpdate interval from the throttling
            reasons.

            (WebCore::Page::setIsVisuallyIdleInternal):
            (WebCore::Page::handleLowModePowerChange):
            Call adjustRenderingUpdateFrequency() when isLowPowerModeEnabled or
            IsVisuallyIdle is toggled.

            (WebCore::updateScriptedAnimationsThrottlingReason): Deleted.
            * page/Page.h:

            * page/RenderingUpdateScheduler.cpp:
            (WebCore::RenderingUpdateScheduler::adjustFramesPerSecond):
            (WebCore::RenderingUpdateScheduler::adjustRenderingUpdateFrequency):
            Change the preferredFramesPerSecond of the DisplayRefreshMonitor if the
            throttling is not aggressive e.g. 10_s. Otherwise use the timer.

            (WebCore::RenderingUpdateScheduler::scheduleTimedRenderingUpdate):
            Call adjustFramesPerSecond() when DisplayRefreshMonitor is created.

            (WebCore::RenderingUpdateScheduler::startTimer):
            * page/RenderingUpdateScheduler.h:

            * page/Settings.yaml:
            * page/SettingsBase.cpp:
            (WebCore::SettingsBase::renderingUpdateThrottlingEnabledChanged):
            * page/SettingsBase.h:
            Add a setting to enable/disable RenderingUpdateThrottling.

            * platform/graphics/AnimationFrameRate.h: Added.
            (WebCore::preferredFrameInterval):
            (WebCore::preferredFramesPerSecond):

            * platform/graphics/DisplayRefreshMonitor.h:
            (WebCore::DisplayRefreshMonitor::setPreferredFramesPerSecond):
            * platform/graphics/DisplayRefreshMonitorManager.cpp:
            (WebCore::DisplayRefreshMonitorManager::monitorForClient):
            Rename createMonitorForClient() to monitorForClient() since it may return
            a cached DisplayRefreshMonitor.

            (WebCore::DisplayRefreshMonitorManager::setPreferredFramesPerSecond):
            (WebCore::DisplayRefreshMonitorManager::scheduleAnimation):
            (WebCore::DisplayRefreshMonitorManager::windowScreenDidChange):
            No need to call registerClient(). This function was just ensuring the
            DisplayRefreshMonitor is created. scheduleAnimation() does the same thing.

            (WebCore::DisplayRefreshMonitorManager::createMonitorForClient): Deleted.
            (WebCore::DisplayRefreshMonitorManager::registerClient): Deleted.
            * platform/graphics/DisplayRefreshMonitorManager.h:
            (WebCore::DisplayRefreshMonitorManager::DisplayRefreshMonitorManager): Deleted.

            * platform/graphics/GraphicsLayerUpdater.cpp:
            (WebCore::GraphicsLayerUpdater::GraphicsLayerUpdater):
            * platform/graphics/ios/DisplayRefreshMonitorIOS.mm:
            (-[WebDisplayLinkHandler setPreferredFramesPerSecond:]):
            Set the preferredFramesPerSecond of the CADisplayLink.

2020-02-10  Kocsen Chung  <kocsen_chung@apple.com>

        Cherry-pick r256214. rdar://problem/59329555

    WebContent jetsams on Sony lens webpage due to spike of IOSurfaces
    https://bugs.webkit.org/show_bug.cgi?id=207493
    rdar://problem/59020443
    
    Reviewed by Zalan Bujtas.
    Source/WebCore:
    
    There were three issues that contributed to massive backing store allocation on
    <https://www.sony.com/electronics/lenses/t/camera-lenses>.
    
    The first, fixed in r256095, was that the Web Animations code unioned the untransitioning
    bounds with the transitioning bounds, causing the computation of large extent rects.
    
    The second, fixed in r256181, was that GraphicsLayerCA would keep hold of a transform
    animation for an extra frame, causing a rendering update where
    RenderLayerBacking::updateGeometry() would have cleared the extent, but GraphicsLayerCA
    still thought transform was animating, causing GraphicsLayerCA::updateCoverage() to keep
    backing store attached.
    
    This patch is the final fix; when animations start and end, we need to ensure that
    RenderLayerBacking::updateGeometry() is called so that we compute the animation extent in
    the same frame that adds the animation.
    
    Test: compositing/backing/transition-extent.html
    
    * rendering/RenderLayerBacking.cpp:
    (WebCore::RenderLayerBacking::startAnimation):
    (WebCore::RenderLayerBacking::animationFinished):
    
    LayoutTests:
    
    Test with an out-of-view transitioning element which should not get backing store.
    
    * compositing/backing/transition-extent-expected.txt: Added.
    * compositing/backing/transition-extent.html: Added.
    * platform/ios-wk2/compositing/backing/transition-extent-expected.txt: Added.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256214 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-10  Kocsen Chung  <kocsen_chung@apple.com>

            Cherry-pick r256181. rdar://problem/59329544

        There's an event loop cycle between an animation finishing, and it being removed from GraphicsLayerCA
        https://bugs.webkit.org/show_bug.cgi?id=207361
        <rdar://problem/59280370>

        Reviewed by Simon Fraser.

        Source/WebCore:

        Animations should be removed from GraphicsLayersCAs in the same rendering update that changes the playState of the
        animation to "finished", to avoid layer flush where a GraphicsLayersCAs has no extent set, but thinks there is
        an active transform animation.

        To do this, instead of enqueuing accelerated actions when resolving animations during style resolution, in
        KeyframeAnimation::apply(), we enqueue them as soon as an animation's current time may have changed: in
        WebAnimation::tick() and WebAnimation::play() with supporting functions newly exposed on AnimationEffect.

        Now, accelerated animations are enqueued and applied during the "update animations and send events" procedure.

        * animation/AnimationEffect.h:
        * animation/KeyframeEffect.cpp:
        (WebCore::KeyframeEffect::apply):
        (WebCore::KeyframeEffect::updateAcceleratedActions):
        (WebCore::KeyframeEffect::animationDidTick):
        (WebCore::KeyframeEffect::animationDidPlay):
        * animation/KeyframeEffect.h:
        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::play):
        (WebCore::WebAnimation::tick):

        LayoutTests:

        Lower the number of frames to wait after an animation completes by one to check that the accelerated animation has been removed
        to show that we enqueue accelerated actions as part of the "update animations and send events" procedure.

        * webanimations/accelerated-animation-removal-upon-transition-completion.html: Added.


        git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256181 268f45cc-cd09-0410-ab3c-d52691b4dbfc

        2020-02-10  Antoine Quint  <graouts@webkit.org>

                There's an event loop cycle between an animation finishing, and it being removed from GraphicsLayerCA
                https://bugs.webkit.org/show_bug.cgi?id=207361
                <rdar://problem/59280370>

                Reviewed by Simon Fraser.

                Animations should be removed from GraphicsLayersCAs in the same rendering update that changes the playState of the
                animation to "finished", to avoid layer flush where a GraphicsLayersCAs has no extent set, but thinks there is
                an active transform animation.

                To do this, instead of enqueuing accelerated actions when resolving animations during style resolution, in
                KeyframeAnimation::apply(), we enqueue them as soon as an animation's current time may have changed: in
                WebAnimation::tick() and WebAnimation::play() with supporting functions newly exposed on AnimationEffect.

                Now, accelerated animations are enqueued and applied during the "update animations and send events" procedure.

                * animation/AnimationEffect.h:
                * animation/KeyframeEffect.cpp:
                (WebCore::KeyframeEffect::apply):
                (WebCore::KeyframeEffect::updateAcceleratedActions):
                (WebCore::KeyframeEffect::animationDidTick):
                (WebCore::KeyframeEffect::animationDidPlay):
                * animation/KeyframeEffect.h:
                * animation/WebAnimation.cpp:
                (WebCore::WebAnimation::play):
                (WebCore::WebAnimation::tick):

2020-02-10  Kocsen Chung  <kocsen_chung@apple.com>

        Cherry-pick r256173. rdar://problem/59329542

    Make FormDataElement::lengthInBytes() safe to call on a non-main thread
    https://bugs.webkit.org/show_bug.cgi?id=207419
    <rdar://problem/54386521>
    
    Reviewed by Youenn Fablet.
    
    Make FormDataElement::lengthInBytes() safe to call on a non-main thread by using the
    ThreadableBlobRegistry. DOMCache code in workers may call this on worker threads for
    example.
    
    * platform/network/FormData.cpp:
    (WebCore::FormDataElement::lengthInBytes const):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256173 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-10  Chris Dumez  <cdumez@apple.com>

            Make FormDataElement::lengthInBytes() safe to call on a non-main thread
            https://bugs.webkit.org/show_bug.cgi?id=207419
            <rdar://problem/54386521>

            Reviewed by Youenn Fablet.

            Make FormDataElement::lengthInBytes() safe to call on a non-main thread by using the
            ThreadableBlobRegistry. DOMCache code in workers may call this on worker threads for
            example.

            * platform/network/FormData.cpp:
            (WebCore::FormDataElement::lengthInBytes const):

2020-02-10  Kocsen Chung  <kocsen_chung@apple.com>

        Cherry-pick r256095. rdar://problem/59329549

    Extent of a composited animation should not include the untransformed position
    https://bugs.webkit.org/show_bug.cgi?id=207434
    
    Reviewed by Sam Weinig.
    Source/WebCore:
    
    To determine whether to create ("attach") backing store for layers with transform animations,
    we compute the union of all the states of the animation as an "extent", and ask whether it intersects
    the coverage rect in GraphicsLayerCA.
    
    The non-Web Animations transition code did this correctly, just unioning the bounds transformed by
    the start and end state.
    
    The non-Web Animations keyframe code, and the Web Animations KeyframeEffect code (used for both CSS transitions
    and animations) also unioned with the unanimated bounds, which could create overly large extents in some
    cases, contributing to jetsams on iOS (rdar://problem/59020443).
    
    Fix KeyframeAnimation and KeyframeEffect to not union with the untransformed bounds.
    
    Tests: compositing/backing/backing-store-attachment-animating-outside-viewport.html
           legacy-animation-engine/compositing/backing/backing-store-attachment-animating-outside-viewport.html
    
    * animation/KeyframeEffect.cpp:
    (WebCore::KeyframeEffect::computeExtentOfTransformAnimation const):
    * page/animation/KeyframeAnimation.cpp:
    (WebCore::KeyframeAnimation::computeExtentOfTransformAnimation const):
    
    LayoutTests:
    
    New test that checks backing store attachment and overlap for an element which is positioned in-view,
    but is move offscreen by the animation.
    
    New baselines for overlap tests, since overlap no longer considers the unanimated position.
    
    * compositing/backing/backing-store-attachment-animating-outside-viewport-expected.txt: Added.
    * compositing/backing/backing-store-attachment-animating-outside-viewport.html: Added.
    * compositing/layer-creation/translate-animation-overlap-expected.txt:
    * compositing/layer-creation/translate-scale-animation-overlap-expected.txt:
    * legacy-animation-engine/compositing/backing/backing-store-attachment-animating-outside-viewport-expected.txt: Added.
    * legacy-animation-engine/compositing/backing/backing-store-attachment-animating-outside-viewport.html: Added.
    * legacy-animation-engine/compositing/layer-creation/translate-animation-overlap-expected.txt:
    * legacy-animation-engine/compositing/layer-creation/translate-scale-animation-overlap-expected.txt:
    * platform/ios-wk2/compositing/backing/backing-store-attachment-animating-outside-viewport-expected.txt: Added.
    * platform/ios-wk2/legacy-animation-engine/compositing/backing/backing-store-attachment-animating-outside-viewport-expected.txt: Added.
    
    
2020-02-10  Simon Fraser  <simon.fraser@apple.com>

        WebContent jetsams on Sony lens webpage due to spike of IOSurfaces
        https://bugs.webkit.org/show_bug.cgi?id=207493
        rdar://problem/59020443

        Reviewed by Zalan Bujtas.

        There were three issues that contributed to massive backing store allocation on
        <https://www.sony.com/electronics/lenses/t/camera-lenses>.

        The first, fixed in r256095, was that the Web Animations code unioned the untransitioning
        bounds with the transitioning bounds, causing the computation of large extent rects.

        The second, fixed in r256181, was that GraphicsLayerCA would keep hold of a transform
        animation for an extra frame, causing a rendering update where
        RenderLayerBacking::updateGeometry() would have cleared the extent, but GraphicsLayerCA
        still thought transform was animating, causing GraphicsLayerCA::updateCoverage() to keep
        backing store attached.

        This patch is the final fix; when animations start and end, we need to ensure that
        RenderLayerBacking::updateGeometry() is called so that we compute the animation extent in
        the same frame that adds the animation.

        Test: compositing/backing/transition-extent.html

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::startAnimation):
        (WebCore::RenderLayerBacking::animationFinished):

    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256095 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-08  Simon Fraser  <simon.fraser@apple.com>

            Extent of a composited animation should not include the untransformed position
            https://bugs.webkit.org/show_bug.cgi?id=207434

            Reviewed by Sam Weinig.

            To determine whether to create ("attach") backing store for layers with transform animations,
            we compute the union of all the states of the animation as an "extent", and ask whether it intersects
            the coverage rect in GraphicsLayerCA.

            The non-Web Animations transition code did this correctly, just unioning the bounds transformed by
            the start and end state.

            The non-Web Animations keyframe code, and the Web Animations KeyframeEffect code (used for both CSS transitions
            and animations) also unioned with the unanimated bounds, which could create overly large extents in some
            cases, contributing to jetsams on iOS (rdar://problem/59020443).

            Fix KeyframeAnimation and KeyframeEffect to not union with the untransformed bounds.

            Tests: compositing/backing/backing-store-attachment-animating-outside-viewport.html
                   legacy-animation-engine/compositing/backing/backing-store-attachment-animating-outside-viewport.html

            * animation/KeyframeEffect.cpp:
            (WebCore::KeyframeEffect::computeExtentOfTransformAnimation const):
            * page/animation/KeyframeAnimation.cpp:
            (WebCore::KeyframeAnimation::computeExtentOfTransformAnimation const):

2020-02-10  Kocsen Chung  <kocsen_chung@apple.com>

        Cherry-pick r256075. rdar://problem/59298173

    [Hardening] Validate Geolocation access permission on UIProcess side
    https://bugs.webkit.org/show_bug.cgi?id=207393
    <rdar://problem/56816051>
    
    Reviewed by Brent Fulgham.
    
    Source/WebCore:
    
    Validate Geolocation access permission on UIProcess side, instead of only relying solely on the WebProcess for this.
    
    The workflow is as follows:
    - The Geolocation objects request for permission to access location data
    - The UIProcess shows a prompt
    - If the user accepts, the UIProcess sends an authorization token (a UUID
      string) to the Geolocation object.
    - When the Geolocation object later asks for location updates from the UIProcess, the UIProcess validates
      that this is a valid authorization token (one that it previously issued for this page)
    - When the Geolocation objects gets destroyed (or resets its permission), the authorization token gets
      revoked so that it is no longer valid.
    
    No new tests, no Web-facing behavior change, merely hardening.
    
    * Modules/geolocation/Geolocation.cpp:
    (WebCore::Geolocation::~Geolocation):
    (WebCore::Geolocation::resumeTimerFired):
    (WebCore::Geolocation::resetAllGeolocationPermission):
    (WebCore::Geolocation::stop):
    (WebCore::Geolocation::setIsAllowed):
    (WebCore::Geolocation::revokeAuthorizationTokenIfNecessary):
    (WebCore::Geolocation::resetIsAllowed):
    * Modules/geolocation/Geolocation.h:
    * Modules/geolocation/GeolocationClient.h:
    (WebCore::GeolocationClient::revokeAuthorizationToken):
    * Modules/geolocation/GeolocationController.cpp:
    (WebCore::GeolocationController::addObserver):
    (WebCore::GeolocationController::revokeAuthorizationToken):
    (WebCore::GeolocationController::activityStateDidChange):
    * Modules/geolocation/GeolocationController.h:
    * platform/mock/GeolocationClientMock.cpp:
    (WebCore::GeolocationClientMock::permissionTimerFired):
    (WebCore::GeolocationClientMock::startUpdating):
    * platform/mock/GeolocationClientMock.h:
    
    Source/WebKit:
    
    * UIProcess/GeolocationPermissionRequestManagerProxy.cpp:
    (WebKit::GeolocationPermissionRequestManagerProxy::didReceiveGeolocationPermissionDecision):
    (WebKit::GeolocationPermissionRequestManagerProxy::isValidAuthorizationToken const):
    (WebKit::GeolocationPermissionRequestManagerProxy::revokeAuthorizationToken):
    * UIProcess/GeolocationPermissionRequestManagerProxy.h:
    * UIProcess/WebGeolocationManagerProxy.cpp:
    (WebKit::WebGeolocationManagerProxy::startUpdating):
    * UIProcess/WebGeolocationManagerProxy.h:
    * UIProcess/WebGeolocationManagerProxy.messages.in:
    * UIProcess/WebPageProxy.cpp:
    * UIProcess/WebPageProxy.h:
    (WebKit::WebPageProxy::geolocationPermissionRequestManager):
    * UIProcess/WebPageProxy.messages.in:
    * WebProcess/Geolocation/GeolocationPermissionRequestManager.cpp:
    (WebKit::GeolocationPermissionRequestManager::startRequestForGeolocation):
    (WebKit::GeolocationPermissionRequestManager::revokeAuthorizationToken):
    (WebKit::GeolocationPermissionRequestManager::didReceiveGeolocationPermissionDecision):
    * WebProcess/Geolocation/GeolocationPermissionRequestManager.h:
    * WebProcess/Geolocation/WebGeolocationManager.cpp:
    (WebKit::WebGeolocationManager::registerWebPage):
    * WebProcess/Geolocation/WebGeolocationManager.h:
    * WebProcess/WebCoreSupport/WebGeolocationClient.cpp:
    (WebKit::WebGeolocationClient::startUpdating):
    (WebKit::WebGeolocationClient::revokeAuthorizationToken):
    * WebProcess/WebCoreSupport/WebGeolocationClient.h:
    * WebProcess/WebPage/WebPage.cpp:
    (WebKit::WebPage::didReceiveGeolocationPermissionDecision):
    * WebProcess/WebPage/WebPage.h:
    * WebProcess/WebPage/WebPage.messages.in:
    
    Source/WebKitLegacy/mac:
    
    * WebCoreSupport/WebGeolocationClient.h:
    * WebCoreSupport/WebGeolocationClient.mm:
    (WebGeolocationClient::startUpdating):
    (WebGeolocationClient::requestPermission):
    (-[WebGeolocationPolicyListener allow]):
    (-[WebGeolocationPolicyListener deny]):
    
    Source/WebKitLegacy/win:
    
    * WebCoreSupport/WebGeolocationClient.cpp:
    (WebGeolocationClient::startUpdating):
    * WebCoreSupport/WebGeolocationClient.h:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256075 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-07  Chris Dumez  <cdumez@apple.com>

            [Hardening] Validate Geolocation access permission on UIProcess side
            https://bugs.webkit.org/show_bug.cgi?id=207393
            <rdar://problem/56816051>

            Reviewed by Brent Fulgham.

            Validate Geolocation access permission on UIProcess side, instead of only relying solely on the WebProcess for this.

            The workflow is as follows:
            - The Geolocation objects request for permission to access location data
            - The UIProcess shows a prompt
            - If the user accepts, the UIProcess sends an authorization token (a UUID
              string) to the Geolocation object.
            - When the Geolocation object later asks for location updates from the UIProcess, the UIProcess validates
              that this is a valid authorization token (one that it previously issued for this page)
            - When the Geolocation objects gets destroyed (or resets its permission), the authorization token gets
              revoked so that it is no longer valid.

            No new tests, no Web-facing behavior change, merely hardening.

            * Modules/geolocation/Geolocation.cpp:
            (WebCore::Geolocation::~Geolocation):
            (WebCore::Geolocation::resumeTimerFired):
            (WebCore::Geolocation::resetAllGeolocationPermission):
            (WebCore::Geolocation::stop):
            (WebCore::Geolocation::setIsAllowed):
            (WebCore::Geolocation::revokeAuthorizationTokenIfNecessary):
            (WebCore::Geolocation::resetIsAllowed):
            * Modules/geolocation/Geolocation.h:
            * Modules/geolocation/GeolocationClient.h:
            (WebCore::GeolocationClient::revokeAuthorizationToken):
            * Modules/geolocation/GeolocationController.cpp:
            (WebCore::GeolocationController::addObserver):
            (WebCore::GeolocationController::revokeAuthorizationToken):
            (WebCore::GeolocationController::activityStateDidChange):
            * Modules/geolocation/GeolocationController.h:
            * platform/mock/GeolocationClientMock.cpp:
            (WebCore::GeolocationClientMock::permissionTimerFired):
            (WebCore::GeolocationClientMock::startUpdating):
            * platform/mock/GeolocationClientMock.h:

2020-02-10  Kocsen Chung  <kocsen_chung@apple.com>

        Cherry-pick r256016. rdar://problem/59298146

    Mandate UUID version 4 for mDNS ICE candidates
    https://bugs.webkit.org/show_bug.cgi?id=207329
    
    Reviewed by Alex Christensen.
    
    Source/WebCore:
    
    Ignore ICE candidates if they are mDNS but not UUID version 4.
    Covered by existing tests relying on mDNS to do the connection.
    
    * Modules/mediastream/PeerConnectionBackend.cpp:
    (WebCore::shouldIgnoreCandidate):
    (WebCore::PeerConnectionBackend::addIceCandidate):
    
    Source/WebKit:
    
    * NetworkProcess/webrtc/NetworkMDNSRegister.cpp:
    (WebKit::NetworkMDNSRegister::registerMDNSName):
    Remove the count at the end of the mDNS name to make it a fully version 4 UUID.
    
    Source/WTF:
    
    Add a routine to validate version 4 UUID.
    
    * wtf/UUID.cpp:
    (WTF::isHexadecimalCharacter):
    (WTF::isVersion4UUID):
    * wtf/UUID.h:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256016 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-07  youenn fablet  <youenn@apple.com>

            Mandate UUID version 4 for mDNS ICE candidates
            https://bugs.webkit.org/show_bug.cgi?id=207329

            Reviewed by Alex Christensen.

            Ignore ICE candidates if they are mDNS but not UUID version 4.
            Covered by existing tests relying on mDNS to do the connection.

            * Modules/mediastream/PeerConnectionBackend.cpp:
            (WebCore::shouldIgnoreCandidate):
            (WebCore::PeerConnectionBackend::addIceCandidate):

2020-02-10  Kocsen Chung  <kocsen_chung@apple.com>

        Cherry-pick r256009. rdar://problem/59298150

    Do not process newly gathered ICE candidates if document is suspended
    https://bugs.webkit.org/show_bug.cgi?id=207326
    <rdar://problem/57336453>
    
    Reviewed by Alex Christensen.
    
    Source/WebCore:
    
    We should not register MDNS candidates for suspended documents.
    For that reason, enqueue a task when receiving a new candidate.
    If document is not suspended, it will be executed immediately.
    Otherwise, we will wait until document gets unsuspended.
    
    Add a mock endpoint that delays gathering of candidates until document is suspended.
    
    Test: webrtc/peerconnection-new-candidate-page-cache.html
    
    * Modules/mediastream/PeerConnectionBackend.cpp:
    (WebCore::PeerConnectionBackend::newICECandidate):
    * testing/MockLibWebRTCPeerConnection.cpp:
    (WebCore::MockLibWebRTCPeerConnection::GetTransceivers const):
    (WebCore::MockLibWebRTCPeerConnectionForIceCandidates::MockLibWebRTCPeerConnectionForIceCandidates):
    (WebCore::MockLibWebRTCPeerConnectionForIceCandidates::gotLocalDescription):
    (WebCore::MockLibWebRTCPeerConnectionForIceCandidates::sendCandidates):
    (WebCore::MockLibWebRTCPeerConnectionFactory::CreatePeerConnection):
    
    LayoutTests:
    
    * fast/history/resources/page-cache-helper-100ms.html: Added.
    * webrtc/peerconnection-new-candidate-page-cache-expected.txt: Added.
    * webrtc/peerconnection-new-candidate-page-cache.html: Added.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256009 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-07  youenn fablet  <youenn@apple.com>

            Do not process newly gathered ICE candidates if document is suspended
            https://bugs.webkit.org/show_bug.cgi?id=207326
            <rdar://problem/57336453>

            Reviewed by Alex Christensen.

            We should not register MDNS candidates for suspended documents.
            For that reason, enqueue a task when receiving a new candidate.
            If document is not suspended, it will be executed immediately.
            Otherwise, we will wait until document gets unsuspended.

            Add a mock endpoint that delays gathering of candidates until document is suspended.

            Test: webrtc/peerconnection-new-candidate-page-cache.html

            * Modules/mediastream/PeerConnectionBackend.cpp:
            (WebCore::PeerConnectionBackend::newICECandidate):
            * testing/MockLibWebRTCPeerConnection.cpp:
            (WebCore::MockLibWebRTCPeerConnection::GetTransceivers const):
            (WebCore::MockLibWebRTCPeerConnectionForIceCandidates::MockLibWebRTCPeerConnectionForIceCandidates):
            (WebCore::MockLibWebRTCPeerConnectionForIceCandidates::gotLocalDescription):
            (WebCore::MockLibWebRTCPeerConnectionForIceCandidates::sendCandidates):
            (WebCore::MockLibWebRTCPeerConnectionFactory::CreatePeerConnection):

2020-02-10  Kocsen Chung  <kocsen_chung@apple.com>

        Cherry-pick r256005. rdar://problem/59299335

    macCatalyst: Unnecessary I-beam over images in editable areas
    https://bugs.webkit.org/show_bug.cgi?id=207370
    <rdar://problem/59235429>
    
    Reviewed by Wenson Hsieh.
    
    Source/WebCore:
    
    * dom/Position.h:
    
    Source/WebKit:
    
    * Shared/ios/InteractionInformationAtPosition.h:
    * Shared/ios/InteractionInformationAtPosition.mm:
    (WebKit::InteractionInformationAtPosition::encode const):
    (WebKit::InteractionInformationAtPosition::decode):
    * WebProcess/WebPage/ios/WebPageIOS.mm:
    (WebKit::populateCaretContext):
    Add a bit indicating whether the forced I-beam for editable contexts
    should be used or not, based on whether it is adjacent to (or immediately
    over) a replaced element.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256005 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-06  Tim Horton  <timothy_horton@apple.com>

            macCatalyst: Unnecessary I-beam over images in editable areas
            https://bugs.webkit.org/show_bug.cgi?id=207370
            <rdar://problem/59235429>

            Reviewed by Wenson Hsieh.

            * dom/Position.h:

2020-02-10  Kocsen Chung  <kocsen_chung@apple.com>

        Cherry-pick r255908. rdar://problem/59298159

    Crash when printing at WebCore: WebCore::FrameView::paintContents
    <https://webkit.org/b/207313>
    <rdar://problem/56675778>
    
    Reviewed by Brent Fulgham.
    
    * page/PrintContext.cpp:
    (WebCore::PrintContext::spoolPage):
    (WebCore::PrintContext::spoolRect):
    - Add nullptr check for frame.view().  This matches similar
      checks in other methods.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255908 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-05  David Kilzer  <ddkilzer@apple.com>

            Crash when printing at WebCore: WebCore::FrameView::paintContents
            <https://webkit.org/b/207313>
            <rdar://problem/56675778>

            Reviewed by Brent Fulgham.

            * page/PrintContext.cpp:
            (WebCore::PrintContext::spoolPage):
            (WebCore::PrintContext::spoolRect):
            - Add nullptr check for frame.view().  This matches similar
              checks in other methods.

2020-02-10  Kocsen Chung  <kocsen_chung@apple.com>

        Cherry-pick r255810. rdar://problem/59298154

    [Web Animations] Canceling an accelerated animation before it was committed does not prevent it from playing
    https://bugs.webkit.org/show_bug.cgi?id=207253
    <rdar://problem/59143624>
    
    Reviewed by Antti Koivisto.
    
    Source/WebCore:
    
    Test: webanimations/accelerated-animation-canceled-before-commit.html
    
    Merely checking whether an accelerated animation is running prior to enqueuing an action to cancel it is not sufficient
    since there could be an uncommitted change to start it upon the next animation frame. The same logic would need to apply
    in other situations where the playback state changes for a potentially in-flight animation.
    
    * animation/KeyframeEffect.cpp:
    (WebCore::KeyframeEffect::animationDidSeek):
    (WebCore::KeyframeEffect::animationWasCanceled):
    (WebCore::KeyframeEffect::willChangeRenderer):
    (WebCore::KeyframeEffect::animationSuspensionStateDidChange):
    
    LayoutTests:
    
    Add a new test that checks that an accelerated animation that has been enqueued to start but has
    not yet been committed is correctly canceled when the cancel() method is called. This test fails
    prior to this source change.
    
    * webanimations/accelerated-animation-canceled-before-commit-expected.html: Added.
    * webanimations/accelerated-animation-canceled-before-commit.html: Added.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255810 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-05  Antoine Quint  <graouts@apple.com>

            [Web Animations] Canceling an accelerated animation before it was committed does not prevent it from playing
            https://bugs.webkit.org/show_bug.cgi?id=207253
            <rdar://problem/59143624>

            Reviewed by Antti Koivisto.

            Test: webanimations/accelerated-animation-canceled-before-commit.html

            Merely checking whether an accelerated animation is running prior to enqueuing an action to cancel it is not sufficient
            since there could be an uncommitted change to start it upon the next animation frame. The same logic would need to apply
            in other situations where the playback state changes for a potentially in-flight animation.

            * animation/KeyframeEffect.cpp:
            (WebCore::KeyframeEffect::animationDidSeek):
            (WebCore::KeyframeEffect::animationWasCanceled):
            (WebCore::KeyframeEffect::willChangeRenderer):
            (WebCore::KeyframeEffect::animationSuspensionStateDidChange):

2020-02-10  Kocsen Chung  <kocsen_chung@apple.com>

        Cherry-pick r255681. rdar://problem/59298166

    NetworkProcess should be notified by UIProcess when its service worker process connection should be on
    https://bugs.webkit.org/show_bug.cgi?id=207122
    <rdar://problem/59089780>
    
    Reviewed by Chris Dumez.
    
    Source/WebCore:
    
    Add a completion handler to the create context connection callback.
    This is called when the context connection should have been created.
    In case there is a context connection, completion handler does nothing.
    Otherwise, SWServer will retry creating a context connection if needed.
    
    The pending connection map entry is now removed in the completion handler instead of addContextConnection.
    This ensures that only one connection request is sent by network process at a time.
    
    Add extra logging to monitor creation of a context connection.
    
    * workers/service/context/SWContextManager.h:
    * workers/service/server/SWServer.cpp:
    (WebCore::SWServer::addContextConnection):
    (WebCore::SWServer::removeContextConnection):
    (WebCore::SWServer::createContextConnectionFinished):
    * workers/service/server/SWServer.h:
    
    Source/WebKit:
    
    Add completion handlers to the messaging from NetworkProcess -> UIProcess -> WebProcess -> NetworkProcess
    used to create a service worker context connection.
    
    This allows NetworkProcess to ask again for a connection if the connection is still needed but NetworkProcess did not find the context connection.
    
    This is difficult to test since we would need for the process selected to host service workers to exit between the
    time it is selected and the time it sends the message to Networking process.
    
    To ensure that the context connection is created by WebProcess, WebProcessProxy takes a background assertion until WebProcess finishes
    creating the context connection to Network process.
    
    * NetworkProcess/NetworkConnectionToWebProcess.cpp:
    (WebKit::NetworkConnectionToWebProcess::establishSWContextConnection):
    * NetworkProcess/NetworkConnectionToWebProcess.h:
    * NetworkProcess/NetworkConnectionToWebProcess.messages.in:
    * NetworkProcess/NetworkProcess.cpp:
    (WebKit::NetworkProcess::swServerForSession):
    * NetworkProcess/NetworkProcess.h:
    * UIProcess/Network/NetworkProcessProxy.cpp:
    (WebKit::NetworkProcessProxy::establishWorkerContextConnectionToNetworkProcess):
    * UIProcess/Network/NetworkProcessProxy.h:
    * UIProcess/Network/NetworkProcessProxy.messages.in:
    * UIProcess/WebProcessPool.cpp:
    (WebKit::WebProcessPool::establishWorkerContextConnectionToNetworkProcess):
    * UIProcess/WebProcessPool.h:
    * UIProcess/WebProcessProxy.cpp:
    (WebKit::WebProcessProxy::establishServiceWorkerContext):
    * UIProcess/WebProcessProxy.h:
    * WebProcess/Storage/WebSWContextManagerConnection.cpp:
    (WebKit::m_userAgent):
    (WebKit::WebSWContextManagerConnection::establishConnection):
    * WebProcess/Storage/WebSWContextManagerConnection.h:
    * WebProcess/WebProcess.cpp:
    (WebKit::WebProcess::establishWorkerContextConnectionToNetworkProcess):
    * WebProcess/WebProcess.h:
    * WebProcess/WebProcess.messages.in:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255681 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-04  youenn fablet  <youenn@apple.com>

            NetworkProcess should be notified by UIProcess when its service worker process connection should be on
            https://bugs.webkit.org/show_bug.cgi?id=207122
            <rdar://problem/59089780>

            Reviewed by Chris Dumez.

            Add a completion handler to the create context connection callback.
            This is called when the context connection should have been created.
            In case there is a context connection, completion handler does nothing.
            Otherwise, SWServer will retry creating a context connection if needed.

            The pending connection map entry is now removed in the completion handler instead of addContextConnection.
            This ensures that only one connection request is sent by network process at a time.

            Add extra logging to monitor creation of a context connection.

            * workers/service/context/SWContextManager.h:
            * workers/service/server/SWServer.cpp:
            (WebCore::SWServer::addContextConnection):
            (WebCore::SWServer::removeContextConnection):
            (WebCore::SWServer::createContextConnectionFinished):
            * workers/service/server/SWServer.h:

2020-02-10  Kocsen Chung  <kocsen_chung@apple.com>

        Cherry-pick r255680. rdar://problem/59298160

    Check for callback being null in Notification.requestPermission
    https://bugs.webkit.org/show_bug.cgi?id=207192
    <rdar://problem/59130804>
    
    Reviewed by Chris Dumez.
    
    Source/WebCore:
    
    Covered by updated test.
    
    * Modules/notifications/Notification.cpp:
    (WebCore::Notification::requestPermission):
    Callback can be null if no function is given to requestPermission.
    Check this before calling the callback.
    
    LayoutTests:
    
    * http/tests/notifications/notification-in-non-secure-context.html:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255680 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-04  youenn fablet  <youenn@apple.com>

            Check for callback being null in Notification.requestPermission
            https://bugs.webkit.org/show_bug.cgi?id=207192
            <rdar://problem/59130804>

            Reviewed by Chris Dumez.

            Covered by updated test.

            * Modules/notifications/Notification.cpp:
            (WebCore::Notification::requestPermission):
            Callback can be null if no function is given to requestPermission.
            Check this before calling the callback.

2020-02-10  Kocsen Chung  <kocsen_chung@apple.com>

        Cherry-pick r255663. rdar://problem/59299135

    Accelerated animations freeze on render tree rebuild
    https://bugs.webkit.org/show_bug.cgi?id=201048
    <rdar://problem/54612621>
    
    Reviewed by Antoine Quint.
    
    Source/WebCore:
    
    If there is an accelerated animation in progress for a renderer and the render tree is rebuild the animation
    does not continue with the new renderer.
    
    To fix, make sure that the animation leaves the accelerated state when the renderer is removed. The new renderer
    will then become accelerated automatically.
    
    Original test case by Tim Guan-tin Chien.
    
    Test: webanimations/accelerated-animation-renderer-change.html
    
    * animation/AnimationTimeline.cpp:
    (WebCore::AnimationTimeline::willChangeRendererForElement):
    * animation/AnimationTimeline.h:
    * animation/KeyframeEffect.cpp:
    (WebCore::KeyframeEffect::willChangeRenderer):
    * animation/KeyframeEffect.h:
    * animation/WebAnimation.cpp:
    (WebCore::WebAnimation::willChangeRenderer):
    * animation/WebAnimation.h:
    * rendering/updating/RenderTreeUpdater.cpp:
    (WebCore::RenderTreeUpdater::tearDownRenderers):
    
    LayoutTests:
    
    * webanimations/accelerated-animation-renderer-change-expected.html: Added.
    * webanimations/accelerated-animation-renderer-change.html: Added.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255663 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-03  Antti Koivisto  <antti@apple.com>

            Accelerated animations freeze on render tree rebuild
            https://bugs.webkit.org/show_bug.cgi?id=201048
            <rdar://problem/54612621>

            Reviewed by Antoine Quint.

            If there is an accelerated animation in progress for a renderer and the render tree is rebuild the animation
            does not continue with the new renderer.

            To fix, make sure that the animation leaves the accelerated state when the renderer is removed. The new renderer
            will then become accelerated automatically.

            Original test case by Tim Guan-tin Chien.

            Test: webanimations/accelerated-animation-renderer-change.html

            * animation/AnimationTimeline.cpp:
            (WebCore::AnimationTimeline::willChangeRendererForElement):
            * animation/AnimationTimeline.h:
            * animation/KeyframeEffect.cpp:
            (WebCore::KeyframeEffect::willChangeRenderer):
            * animation/KeyframeEffect.h:
            * animation/WebAnimation.cpp:
            (WebCore::WebAnimation::willChangeRenderer):
            * animation/WebAnimation.h:
            * rendering/updating/RenderTreeUpdater.cpp:
            (WebCore::RenderTreeUpdater::tearDownRenderers):

2020-02-10  Kocsen Chung  <kocsen_chung@apple.com>

        Cherry-pick r255615. rdar://problem/59298181

    Crash in WebCore::IDBServer::IDBServer::createIndex
    https://bugs.webkit.org/show_bug.cgi?id=207137
    <rdar://problem/59096231>
    
    Reviewed by Darin Adler.
    
    Source/WebCore:
    
    Export IDBIndexInfo::isolatedCopy so it can be used in WebKitLegacy framework code.
    
    * Modules/indexeddb/shared/IDBIndexInfo.h:
    
    Source/WebKitLegacy:
    
    * Storage/InProcessIDBServer.cpp:
    (InProcessIDBServer::createIndex): Create an isolated copy of IDBIndexInfo before passing it to IDB thread.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255615 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-03  Sihui Liu  <sihui_liu@apple.com>

            Crash in WebCore::IDBServer::IDBServer::createIndex
            https://bugs.webkit.org/show_bug.cgi?id=207137
            <rdar://problem/59096231>

            Reviewed by Darin Adler.

            Export IDBIndexInfo::isolatedCopy so it can be used in WebKitLegacy framework code.

            * Modules/indexeddb/shared/IDBIndexInfo.h:

2020-02-10  Kocsen Chung  <kocsen_chung@apple.com>

        Cherry-pick r255593. rdar://problem/59298189

    [Web Animations] Accelerated animations don't run until their natural completion
    https://bugs.webkit.org/show_bug.cgi?id=207130
    <rdar://problem/59106047>
    
    Reviewed by Dean Jackson.
    
    Source/WebCore:
    
    Tests: webanimations/transform-accelerated-animation-finishes-before-removal.html
           webanimations/transform-accelerated-animation-removed-one-frame-after-finished-promise.html
    
    Ensure we don't tear down a composited renderer until all of its runnning accelerated animations are completed.
    The accelerated animations will be queued for removal in the next animation frame.
    
    * animation/KeyframeEffect.cpp:
    (WebCore::KeyframeEffect::isRunningAcceleratedAnimationForProperty const):
    * animation/KeyframeEffect.h:
    * animation/KeyframeEffectStack.cpp:
    (WebCore::KeyframeEffectStack::isCurrentlyAffectingProperty const):
    
    LayoutTests:
    
    Add two new tests that ensures that an accelerated animation still yields compositing on an element when
    its finished promise is resolved, but that it's no longer the case on the next frame.
    
    This required an existing test to be updated to wait until the next frame before checking the composited
    status of an element on which an animation had just completed.
    
    * compositing/geometry/limit-layer-bounds-opacity-transition.html:
    * webanimations/transform-accelerated-animation-finishes-before-removal-expected.txt: Added.
    * webanimations/transform-accelerated-animation-finishes-before-removal.html: Added.
    * webanimations/transform-accelerated-animation-removed-one-frame-after-finished-promise-expected.txt: Added.
    * webanimations/transform-accelerated-animation-removed-one-frame-after-finished-promise.html: Added.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255593 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-03  Antoine Quint  <graouts@apple.com>

            [Web Animations] Accelerated animations don't run until their natural completion
            https://bugs.webkit.org/show_bug.cgi?id=207130
            <rdar://problem/59106047>

            Reviewed by Dean Jackson.

            Tests: webanimations/transform-accelerated-animation-finishes-before-removal.html
                   webanimations/transform-accelerated-animation-removed-one-frame-after-finished-promise.html

            Ensure we don't tear down a composited renderer until all of its runnning accelerated animations are completed.
            The accelerated animations will be queued for removal in the next animation frame.

            * animation/KeyframeEffect.cpp:
            (WebCore::KeyframeEffect::isRunningAcceleratedAnimationForProperty const):
            * animation/KeyframeEffect.h:
            * animation/KeyframeEffectStack.cpp:
            (WebCore::KeyframeEffectStack::isCurrentlyAffectingProperty const):

2020-02-10  Kocsen Chung  <kocsen_chung@apple.com>

        Cherry-pick r255586. rdar://problem/59298164

    Replace the custom allocator in AudioArray::allocate() with fastAlignedMalloc().
    https://bugs.webkit.org/show_bug.cgi?id=206504
    
    Reviewed by Filip Pizlo.
    
    AudioArray wants to have its data aligned at 16-byte boundaries, as that's a requirement for
    some of the accelerated math frameworks used by Web Audio. Now that we have fastAlignedMalloc(),
    there's no need to use a custom aligned allocator.
    
    Drive-by fixes: clean up the constructors a bit to use the modern initialization syntax.
    
    * platform/audio/AudioArray.h:
    (WebCore::AudioArray::AudioArray):
    (WebCore::AudioArray::~AudioArray):
    (WebCore::AudioArray::allocate):
    (WebCore::AudioArray::data):
    (WebCore::AudioArray::data const):
    (WebCore::AudioArray::alignedAddress): Deleted.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255586 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-03  Jer Noble  <jer.noble@apple.com>

            Replace the custom allocator in AudioArray::allocate() with fastAlignedMalloc().
            https://bugs.webkit.org/show_bug.cgi?id=206504

            Reviewed by Filip Pizlo.

            AudioArray wants to have its data aligned at 16-byte boundaries, as that's a requirement for
            some of the accelerated math frameworks used by Web Audio. Now that we have fastAlignedMalloc(),
            there's no need to use a custom aligned allocator.

            Drive-by fixes: clean up the constructors a bit to use the modern initialization syntax.

            * platform/audio/AudioArray.h:
            (WebCore::AudioArray::AudioArray):
            (WebCore::AudioArray::~AudioArray):
            (WebCore::AudioArray::allocate):
            (WebCore::AudioArray::data):
            (WebCore::AudioArray::data const):
            (WebCore::AudioArray::alignedAddress): Deleted.

2020-02-10  Kocsen Chung  <kocsen_chung@apple.com>

        Cherry-pick r255582. rdar://problem/59298188

    [ macOS wk2 ] http/tests/media/media-stream/get-display-media-prompt.html is flaky failure
    https://bugs.webkit.org/show_bug.cgi?id=206958
    <rdar://problem/59003765>
    
    Reviewed by Eric Carlson.
    
    We added a rule to only allow one getDisplayMedia call per gesture.
    For that reason, we were storing a pointer to the gesture event and
    resetting in case the current gesture event was equal to the stored pointer.
    Instead, store a WeakPtr which ensures that if the previous event is destroyed,
    the weak pointer will be null and so will not have the same value as the new gesture event.
    Covered by existing tests no longer being flaky.
    
    * Modules/mediastream/MediaDevices.cpp:
    (WebCore::MediaDevices::computeUserGesturePriviledge):
    * Modules/mediastream/MediaDevices.h:
    * dom/UserGestureIndicator.h:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255582 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-03  youenn fablet  <youenn@apple.com>

            [ macOS wk2 ] http/tests/media/media-stream/get-display-media-prompt.html is flaky failure
            https://bugs.webkit.org/show_bug.cgi?id=206958
            <rdar://problem/59003765>

            Reviewed by Eric Carlson.

            We added a rule to only allow one getDisplayMedia call per gesture.
            For that reason, we were storing a pointer to the gesture event and
            resetting in case the current gesture event was equal to the stored pointer.
            Instead, store a WeakPtr which ensures that if the previous event is destroyed,
            the weak pointer will be null and so will not have the same value as the new gesture event.
            Covered by existing tests no longer being flaky.

            * Modules/mediastream/MediaDevices.cpp:
            (WebCore::MediaDevices::computeUserGesturePriviledge):
            * Modules/mediastream/MediaDevices.h:
            * dom/UserGestureIndicator.h:

2020-02-10  Kocsen Chung  <kocsen_chung@apple.com>

        Cherry-pick r255581. rdar://problem/59298169

    [macOS] AirPlay sometimes stops after 60 minutes of playback
    https://bugs.webkit.org/show_bug.cgi?id=207056
    Source/WebCore:
    
    <rdar://problem/53649508>
    
    Reviewed by Jer Noble.
    
    No new tests, this only reproduces when playing to an AirPlay device.
    
    AVPlayerItem.tracks is empty during AirPlay. If AirPlay is activated immediately
    after the item is created, as is typically the case when switching from an MSE to
    a url based player, MediaPlayerPrivateAVFoundationObjC doesn't know if the AVPlayerItem
    has audio or video so the state reported to the WebMediaSessionManager is incorrect.
    AirPlay can't actually be active if an item doesn't have audio or video, so always claim
    to have both during AirPlay.
    
    Converted WebMediaSessionManager logging from debug-only to runtime to make it easier
    to diagnose problems in the future.
    
    * Modules/mediasession/WebMediaSessionManager.cpp:
    (WebCore::mediaProducerStateString):
    (WebCore::WebMediaSessionLogger::create):
    (WebCore::WebMediaSessionLogger::WebMediaSessionLogger):
    (WebCore::WebMediaSessionLogger::log const):
    (WebCore::WebMediaSessionManager::logger):
    (WebCore::WebMediaSessionManager::alwaysOnLoggingAllowed const):
    (WebCore::WebMediaSessionManager::setMockMediaPlaybackTargetPickerEnabled):
    (WebCore::WebMediaSessionManager::setMockMediaPlaybackTargetPickerState):
    (WebCore::WebMediaSessionManager::mockMediaPlaybackTargetPickerDismissPopup):
    (WebCore::WebMediaSessionManager::addPlaybackTargetPickerClient):
    (WebCore::WebMediaSessionManager::removePlaybackTargetPickerClient):
    (WebCore::WebMediaSessionManager::removeAllPlaybackTargetPickerClients):
    (WebCore::WebMediaSessionManager::showPlaybackTargetPicker):
    (WebCore::WebMediaSessionManager::clientStateDidChange):
    (WebCore::WebMediaSessionManager::setPlaybackTarget):
    (WebCore::WebMediaSessionManager::externalOutputDeviceAvailableDidChange):
    (WebCore::WebMediaSessionManager::playbackTargetPickerWasDismissed):
    (WebCore::WebMediaSessionManager::configurePlaybackTargetClients):
    (WebCore::WebMediaSessionManager::configurePlaybackTargetMonitoring):
    (WebCore::WebMediaSessionManager::configureWatchdogTimer):
    (WebCore::WebMediaSessionManager::watchdogTimerFired):
    (WebCore::ClientState::logAlways const): Deleted.
    * Modules/mediasession/WebMediaSessionManager.h:
    * Modules/mediasession/WebMediaSessionManagerClient.h:
    (WebCore::WebMediaSessionManagerClient::alwaysOnLoggingAllowed):
    * html/HTMLMediaElement.cpp:
    (WebCore::HTMLMediaElement::mediaState const):
    * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
    * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
    (WebCore::MediaPlayerPrivateAVFoundationObjC::hasVideo const):
    (WebCore::MediaPlayerPrivateAVFoundationObjC::hasAudio const):
    
    Source/WebKit:
    
    Reviewed by Jer Noble.
    
    * UIProcess/WebPageProxy.cpp:
    * UIProcess/WebPageProxy.h:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255581 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-03  Eric Carlson  <eric.carlson@apple.com>

            [macOS] AirPlay sometimes stops after 60 minutes of playback
            https://bugs.webkit.org/show_bug.cgi?id=207056
            <rdar://problem/53649508>

            Reviewed by Jer Noble.

            No new tests, this only reproduces when playing to an AirPlay device.

            AVPlayerItem.tracks is empty during AirPlay. If AirPlay is activated immediately
            after the item is created, as is typically the case when switching from an MSE to
            a url based player, MediaPlayerPrivateAVFoundationObjC doesn't know if the AVPlayerItem
            has audio or video so the state reported to the WebMediaSessionManager is incorrect.
            AirPlay can't actually be active if an item doesn't have audio or video, so always claim
            to have both during AirPlay.

            Converted WebMediaSessionManager logging from debug-only to runtime to make it easier
            to diagnose problems in the future.

            * Modules/mediasession/WebMediaSessionManager.cpp:
            (WebCore::mediaProducerStateString):
            (WebCore::WebMediaSessionLogger::create):
            (WebCore::WebMediaSessionLogger::WebMediaSessionLogger):
            (WebCore::WebMediaSessionLogger::log const):
            (WebCore::WebMediaSessionManager::logger):
            (WebCore::WebMediaSessionManager::alwaysOnLoggingAllowed const):
            (WebCore::WebMediaSessionManager::setMockMediaPlaybackTargetPickerEnabled):
            (WebCore::WebMediaSessionManager::setMockMediaPlaybackTargetPickerState):
            (WebCore::WebMediaSessionManager::mockMediaPlaybackTargetPickerDismissPopup):
            (WebCore::WebMediaSessionManager::addPlaybackTargetPickerClient):
            (WebCore::WebMediaSessionManager::removePlaybackTargetPickerClient):
            (WebCore::WebMediaSessionManager::removeAllPlaybackTargetPickerClients):
            (WebCore::WebMediaSessionManager::showPlaybackTargetPicker):
            (WebCore::WebMediaSessionManager::clientStateDidChange):
            (WebCore::WebMediaSessionManager::setPlaybackTarget):
            (WebCore::WebMediaSessionManager::externalOutputDeviceAvailableDidChange):
            (WebCore::WebMediaSessionManager::playbackTargetPickerWasDismissed):
            (WebCore::WebMediaSessionManager::configurePlaybackTargetClients):
            (WebCore::WebMediaSessionManager::configurePlaybackTargetMonitoring):
            (WebCore::WebMediaSessionManager::configureWatchdogTimer):
            (WebCore::WebMediaSessionManager::watchdogTimerFired):
            (WebCore::ClientState::logAlways const): Deleted.
            * Modules/mediasession/WebMediaSessionManager.h:
            * Modules/mediasession/WebMediaSessionManagerClient.h:
            (WebCore::WebMediaSessionManagerClient::alwaysOnLoggingAllowed):
            * html/HTMLMediaElement.cpp:
            (WebCore::HTMLMediaElement::mediaState const):
            * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
            * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
            (WebCore::MediaPlayerPrivateAVFoundationObjC::hasVideo const):
            (WebCore::MediaPlayerPrivateAVFoundationObjC::hasAudio const):

2020-02-10  Kocsen Chung  <kocsen_chung@apple.com>

        Cherry-pick r255552. rdar://problem/59298191

    ASSERTION FAILED: !HashTranslator::equal(KeyTraits::emptyValue(), key) on animations/keyframe-autoclose-brace.html
    https://bugs.webkit.org/show_bug.cgi?id=207071
    <rdar://problem/59076249>
    
    Patch by Antoine Quint <graouts@apple.com> on 2020-02-02
    Reviewed by Dean Jackson.
    
    Source/WebCore:
    
    We cannot add CSSPropertyInvalid to a HashSet<CSSPropertyID>, because it triggers an ASSERT, and also we shouldn't
    because we wouldn't know how to animate that CSS property.
    
    * animation/AnimationTimeline.cpp:
    (WebCore::compileTransitionPropertiesInStyle):
    
    LayoutTests:
    
    The crash is fixed, we can start running the test as expected again.
    
    * platform/ipad/TestExpectations:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255552 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-02  Antoine Quint  <graouts@apple.com>

            ASSERTION FAILED: !HashTranslator::equal(KeyTraits::emptyValue(), key) on animations/keyframe-autoclose-brace.html
            https://bugs.webkit.org/show_bug.cgi?id=207071
            <rdar://problem/59076249>

            Reviewed by Dean Jackson.

            We cannot add CSSPropertyInvalid to a HashSet<CSSPropertyID>, because it triggers an ASSERT, and also we shouldn't
            because we wouldn't know how to animate that CSS property.

            * animation/AnimationTimeline.cpp:
            (WebCore::compileTransitionPropertiesInStyle):

2020-02-10  Kocsen Chung  <kocsen_chung@apple.com>

        Cherry-pick r255898. rdar://problem/59298172

    Unreviewed build fix for Windows ports since r255875
    https://bugs.webkit.org/show_bug.cgi?id=207073
    <rdar://problem/59168065>
    
    WEBCORE_TESTSUPPORT_EXPORT should be used only for WebCoreTestSupport, not for WebCore
    See also Bug 203876.
    
    * storage/StorageNamespaceProvider.h: Replaced WEBCORE_TESTSUPPORT_EXPORT with WEBCORE_EXPORT.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255898 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-05  Fujii Hironori  <Hironori.Fujii@sony.com>

            Unreviewed build fix for Windows ports since r255875
            https://bugs.webkit.org/show_bug.cgi?id=207073
            <rdar://problem/59168065>

            WEBCORE_TESTSUPPORT_EXPORT should be used only for WebCoreTestSupport, not for WebCore
            See also Bug 203876.

            * storage/StorageNamespaceProvider.h: Replaced WEBCORE_TESTSUPPORT_EXPORT with WEBCORE_EXPORT.

2020-02-10  Kocsen Chung  <kocsen_chung@apple.com>

        Cherry-pick r255875. rdar://problem/59298172

    Regression(r248734) StorageAreaMap objects are getting leaked
    https://bugs.webkit.org/show_bug.cgi?id=207073
    <rdar://problem/59168065>
    
    Reviewed by Darin Adler.
    
    Source/WebCore:
    
    Add test infrastructure for testing this change.
    
    Test: http/tests/storage/storage-map-leaking.html
    
    * storage/StorageNamespace.h:
    (WebCore::StorageNamespace::storageAreaMapCountForTesting const):
    * storage/StorageNamespaceProvider.h:
    * testing/Internals.cpp:
    (WebCore::Internals::storageAreaMapCount const):
    * testing/Internals.h:
    * testing/Internals.idl:
    
    Source/WebKit:
    
    Make sure that StorageAreaMap objects are getting removed from the HashMap
    in StorageNamespaceImpl, once they no longer have any users.
    
    * WebProcess/WebStorage/StorageAreaImpl.cpp:
    (WebKit::StorageAreaImpl::StorageAreaImpl):
    (WebKit::StorageAreaImpl::~StorageAreaImpl):
    * WebProcess/WebStorage/StorageAreaMap.cpp:
    (WebKit::StorageAreaMap::incrementUseCount):
    (WebKit::StorageAreaMap::decrementUseCount):
    * WebProcess/WebStorage/StorageAreaMap.h:
    * WebProcess/WebStorage/StorageNamespaceImpl.cpp:
    (WebKit::StorageNamespaceImpl::destroyStorageAreaMap):
    (WebKit::StorageNamespaceImpl::didDestroyStorageAreaMap): Deleted.
    * WebProcess/WebStorage/StorageNamespaceImpl.h:
    (WebKit::StorageNamespaceImpl::storageType const): Deleted.
    (WebKit::StorageNamespaceImpl::storageNamespaceID const): Deleted.
    (WebKit::StorageNamespaceImpl::topLevelOrigin const): Deleted.
    (WebKit::StorageNamespaceImpl::quotaInBytes const): Deleted.
    
    LayoutTests:
    
    Add layout test coverage.
    
    * TestExpectations:
    * http/tests/storage/resources/storage-map-leaking-iframe.html: Added.
    * http/tests/storage/storage-map-leaking-expected.txt: Added.
    * http/tests/storage/storage-map-leaking.html: Added.
    * platform/wk2/TestExpectations:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255875 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-05  Chris Dumez  <cdumez@apple.com>

            Regression(r248734) StorageAreaMap objects are getting leaked
            https://bugs.webkit.org/show_bug.cgi?id=207073
            <rdar://problem/59168065>

            Reviewed by Darin Adler.

            Add test infrastructure for testing this change.

            Test: http/tests/storage/storage-map-leaking.html

            * storage/StorageNamespace.h:
            (WebCore::StorageNamespace::storageAreaMapCountForTesting const):
            * storage/StorageNamespaceProvider.h:
            * testing/Internals.cpp:
            (WebCore::Internals::storageAreaMapCount const):
            * testing/Internals.h:
            * testing/Internals.idl:

2020-02-07  Russell Epstein  <repstein@apple.com>

        Cherry-pick r256017. rdar://problem/59261560

    REGRESSION (r255953): [ iOS Mac ] imported/w3c/web-platform-tests/web-animations/timing-model/timelines/update-and-send-events.html is crashing
    https://bugs.webkit.org/show_bug.cgi?id=207342
    <rdar://problem/59227960>
    
    Reviewed by Youenn Fablet.
    
    DocumentTimeline::detachFromDocument() may remove the last reference to WebAnimation objects that may, in return, remove the last reference of this
    DocumentTimeline. As such, this method should make a strong reference to itself for the span of this method. However, we should not be calling it
    from the destructor where the only thing matters is removing the weak reference from the Document to the DocumentTimeline.
    
    * animation/DocumentTimeline.cpp:
    (WebCore::DocumentTimeline::~DocumentTimeline):
    (WebCore::DocumentTimeline::detachFromDocument):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256017 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-07  Antoine Quint  <graouts@webkit.org>

            REGRESSION (r255953): [ iOS Mac ] imported/w3c/web-platform-tests/web-animations/timing-model/timelines/update-and-send-events.html is crashing
            https://bugs.webkit.org/show_bug.cgi?id=207342
            <rdar://problem/59227960>

            Reviewed by Youenn Fablet.

            DocumentTimeline::detachFromDocument() may remove the last reference to WebAnimation objects that may, in return, remove the last reference of this
            DocumentTimeline. As such, this method should make a strong reference to itself for the span of this method. However, we should not be calling it
            from the destructor where the only thing matters is removing the weak reference from the Document to the DocumentTimeline.

            * animation/DocumentTimeline.cpp:
            (WebCore::DocumentTimeline::~DocumentTimeline):
            (WebCore::DocumentTimeline::detachFromDocument):

2020-02-06  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255953. rdar://problem/59228071

    [Web Animations] Ensure all timelines are detached from their document
    https://bugs.webkit.org/show_bug.cgi?id=207331
    <rdar://problem/59210306>
    
    Patch by Antoine Quint <graouts@apple.com> on 2020-02-06
    Reviewed by Dean Jackson.
    
    We recently added a WeakHashSet<DocumentTimeline> m_timelines member to Document and added code to ~DocumentTimeline
    to remove themselves from their Document's m_timelines. However, Document::prepareForDestruction() would call
    DocumentTimeline::detachFromDocument() only for the main timeline and neglect to do the same for any additional
    timelines that may have been created with the DocumentTimeline constructor.
    
    We now cleanly call DocumentTimeline::detachFromDocument() for all items in a Document's m_timelines, which has the
    effect of clearing the Document <> DocumentTimeline relationship since DocumentTimeline::detachFromDocument() now
    calls Document::removeTimeline().
    
    Finally, we now call DocumentTimeline::detachFromDocument() from the DocumentTimeline destructor to ensure that timelines
    that were created purely in JS but got garbage-collected are no longer referenced from the Document still.
    
    * animation/DocumentTimeline.cpp:
    (WebCore::DocumentTimeline::~DocumentTimeline):
    (WebCore::DocumentTimeline::detachFromDocument):
    (WebCore::DocumentTimeline::cacheCurrentTime):
    * dom/Document.cpp:
    (WebCore::Document::prepareForDestruction):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255953 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-02-06  Antoine Quint  <graouts@apple.com>

            [Web Animations] Ensure all timelines are detached from their document
            https://bugs.webkit.org/show_bug.cgi?id=207331
            <rdar://problem/59210306>

            Reviewed by Dean Jackson.

            We recently added a WeakHashSet<DocumentTimeline> m_timelines member to Document and added code to ~DocumentTimeline
            to remove themselves from their Document's m_timelines. However, Document::prepareForDestruction() would call
            DocumentTimeline::detachFromDocument() only for the main timeline and neglect to do the same for any additional
            timelines that may have been created with the DocumentTimeline constructor.

            We now cleanly call DocumentTimeline::detachFromDocument() for all items in a Document's m_timelines, which has the
            effect of clearing the Document <> DocumentTimeline relationship since DocumentTimeline::detachFromDocument() now
            calls Document::removeTimeline().

            Finally, we now call DocumentTimeline::detachFromDocument() from the DocumentTimeline destructor to ensure that timelines
            that were created purely in JS but got garbage-collected are no longer referenced from the Document still.

            * animation/DocumentTimeline.cpp:
            (WebCore::DocumentTimeline::~DocumentTimeline):
            (WebCore::DocumentTimeline::detachFromDocument):
            (WebCore::DocumentTimeline::cacheCurrentTime):
            * dom/Document.cpp:
            (WebCore::Document::prepareForDestruction):

2020-02-05  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255489. rdar://problem/59097788

    [Web Animations] DocumentTimeline shouldn't suspend itself if hiddenPageCSSAnimationSuspensionEnabled is disabled
    https://bugs.webkit.org/show_bug.cgi?id=207014
    <rdar://problem/58815952>
    
    Reviewed by Antti Koivisto.
    
    We suspend a timeline upon consutrction if we know that the page is not visible because, unlike CSSAnimationController, the DocumentTimeline is not guaranteed
    to be created by the time the Page sets the initial visibility state. This is because DocumentTimeline is created as needed when there are CSS Animations or CSS
    Transitions created for the page, or if the content uses any of the Web Animations APIs.
    
    However, the Page::setIsVisibleInternal() function that would call DocumentTimeline::resumeAnimations() at a later time checks whether the hiddenPageCSSAnimationSuspensionEnabled
    setting is enabled. So we must respect that setting also when suspending animations in the first place or we risk ending up in a state where we suspend animations
    because the page is not visible upon timeline creation, but never resuming animations later due to the hiddenPageCSSAnimationSuspensionEnabled setting being false.
    
    * animation/DocumentTimeline.cpp:
    (WebCore::DocumentTimeline::DocumentTimeline):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255489 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-30  Antoine Quint  <graouts@apple.com>

            [Web Animations] DocumentTimeline shouldn't suspend itself if hiddenPageCSSAnimationSuspensionEnabled is disabled
            https://bugs.webkit.org/show_bug.cgi?id=207014
            <rdar://problem/58815952>

            Reviewed by Antti Koivisto.

            We suspend a timeline upon consutrction if we know that the page is not visible because, unlike CSSAnimationController, the DocumentTimeline is not guaranteed
            to be created by the time the Page sets the initial visibility state. This is because DocumentTimeline is created as needed when there are CSS Animations or CSS
            Transitions created for the page, or if the content uses any of the Web Animations APIs.

            However, the Page::setIsVisibleInternal() function that would call DocumentTimeline::resumeAnimations() at a later time checks whether the hiddenPageCSSAnimationSuspensionEnabled
            setting is enabled. So we must respect that setting also when suspending animations in the first place or we risk ending up in a state where we suspend animations
            because the page is not visible upon timeline creation, but never resuming animations later due to the hiddenPageCSSAnimationSuspensionEnabled setting being false.

            * animation/DocumentTimeline.cpp:
            (WebCore::DocumentTimeline::DocumentTimeline):

2020-02-05  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255260. rdar://problem/59098323

    [Web Animations] Separate setting a timeline's current time from updating its animations
    https://bugs.webkit.org/show_bug.cgi?id=206880
    
    Reviewed by Dean Jackson.
    
    While we must always update the current time of all timelines if a new animation frame has been requested,
    regardless of the reason (rAF callback, animation servicing, etc.), we should only update timelines' animations
    if at least one timeline has requested an update. We used to decide this at the DocumentTimeline level, but
    this needs to be coordinated at the Document level to consider all timelines at once.
    
    This is required for an upcoming patch where we make changes to the way we schedule animations to correctly
    support mixed accelerated and non-accelerated properties.
    
    No new tests since this shouldn't yield any visible behavior change.
    
    * animation/DocumentTimeline.cpp:
    (WebCore::DocumentTimeline::updateCurrentTime):
    (WebCore::DocumentTimeline::updateAnimationsAndSendEvents):
    * animation/DocumentTimeline.h:
    * dom/Document.cpp:
    (WebCore::Document::updateAnimationsAndSendEvents):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255260 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-28  Antoine Quint  <graouts@apple.com>

            [Web Animations] Separate setting a timeline's current time from updating its animations
            https://bugs.webkit.org/show_bug.cgi?id=206880

            Reviewed by Dean Jackson.

            While we must always update the current time of all timelines if a new animation frame has been requested,
            regardless of the reason (rAF callback, animation servicing, etc.), we should only update timelines' animations
            if at least one timeline has requested an update. We used to decide this at the DocumentTimeline level, but
            this needs to be coordinated at the Document level to consider all timelines at once.

            This is required for an upcoming patch where we make changes to the way we schedule animations to correctly
            support mixed accelerated and non-accelerated properties.

            No new tests since this shouldn't yield any visible behavior change.

            * animation/DocumentTimeline.cpp:
            (WebCore::DocumentTimeline::updateCurrentTime):
            (WebCore::DocumentTimeline::updateAnimationsAndSendEvents):
            * animation/DocumentTimeline.h:
            * dom/Document.cpp:
            (WebCore::Document::updateAnimationsAndSendEvents):

2020-02-05  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255141. rdar://problem/59097788

    [Web Animations] Update all DocumentTimeline objects when updating animations
    https://bugs.webkit.org/show_bug.cgi?id=206819
    
    Reviewed by Antti Koivisto.
    
    LayoutTests/imported/w3c:
    
    Mark a single new WPT progression.
    
    * web-platform-tests/web-animations/timing-model/timelines/update-and-send-events-replacement-expected.txt:
    
    Source/WebCore:
    
    Developers can create additional DocumentTimeline objects in JavaScript using that class's constructor, and an animation can be
    assigned to that timeline after its creation. Until now we would only update an timeline created by a Document when that document's
    animations were updated. Now we keep track of all DocumentTimeline objects that are created for a given Document as a vector of weak
    references, and we update all of them when updating a document's animations.
    
    * animation/DocumentTimeline.cpp:
    (WebCore::DocumentTimeline::DocumentTimeline):
    (WebCore::DocumentTimeline::~DocumentTimeline):
    * animation/DocumentTimeline.h:
    * dom/Document.cpp:
    (WebCore::Document::updateAnimationsAndSendEvents):
    (WebCore::Document::addTimeline):
    (WebCore::Document::removeTimeline):
    * dom/Document.h:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255141 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-26  Antoine Quint  <graouts@apple.com>

            [Web Animations] Update all DocumentTimeline objects when updating animations
            https://bugs.webkit.org/show_bug.cgi?id=206819

            Reviewed by Antti Koivisto.

            Developers can create additional DocumentTimeline objects in JavaScript using that class's constructor, and an animation can be
            assigned to that timeline after its creation. Until now we would only update an timeline created by a Document when that document's
            animations were updated. Now we keep track of all DocumentTimeline objects that are created for a given Document as a vector of weak
            references, and we update all of them when updating a document's animations.

            * animation/DocumentTimeline.cpp:
            (WebCore::DocumentTimeline::DocumentTimeline):
            (WebCore::DocumentTimeline::~DocumentTimeline):
            * animation/DocumentTimeline.h:
            * dom/Document.cpp:
            (WebCore::Document::updateAnimationsAndSendEvents):
            (WebCore::Document::addTimeline):
            (WebCore::Document::removeTimeline):
            * dom/Document.h:

2020-02-05  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255396. rdar://problem/59097789

    Web Inspector: add instrumentation for showing existing Web Animations
    https://bugs.webkit.org/show_bug.cgi?id=205434
    <rdar://problem/28328087>
    
    Reviewed by Brian Burg.
    
    Source/JavaScriptCore:
    
    * inspector/protocol/Animation.json:
    Add types/commands/events for instrumenting the lifecycle of `Animation` objects, as well as
    commands for getting the JavaScript wrapper object and the target DOM node.
    
    Source/WebCore:
    
    Add types/commands/events for instrumenting the lifecycle of `Animation` objects, as well as
    commands for getting the JavaScript wrapper object and the target DOM node.
    
    Tests: inspector/animation/effectChanged.html
           inspector/animation/lifecycle-css-animation.html
           inspector/animation/lifecycle-css-transition.html
           inspector/animation/lifecycle-web-animation.html
           inspector/animation/requestEffectTarget.html
           inspector/animation/resolveAnimation.html
           inspector/animation/targetChanged.html
    
    * animation/WebAnimation.h:
    * animation/WebAnimation.cpp:
    (WebCore::WebAnimation::instances): Added.
    (WebCore::WebAnimation::instancesMutex): Added.
    (WebCore::WebAnimation::create):
    (WebCore::WebAnimation::WebAnimation):
    (WebCore::WebAnimation::~WebAnimation):
    (WebCore::WebAnimation::effectTimingDidChange):
    (WebCore::WebAnimation::setEffectInternal):
    (WebCore::WebAnimation::effectTargetDidChange):
    * animation/CSSAnimation.cpp:
    (WebCore::CSSAnimation::create):
    * animation/CSSTransition.cpp:
    (WebCore::CSSTransition::create):
    
    * animation/KeyframeEffect.h:
    (WebCore::KeyframeEffect::parsedKeyframes const): Added.
    (WebCore::KeyframeEffect::blendingKeyframes const): Added.
    (WebCore::KeyframeEffect::hasBlendingKeyframes const): Deleted.
    Provide a way to access the list of keyframes.
    
    * inspector/InspectorInstrumentation.h:
    (WebCore::InspectorInstrumentation::didSetWebAnimationEffect): Added.
    (WebCore::InspectorInstrumentation::didChangeWebAnimationEffectTiming): Added.
    (WebCore::InspectorInstrumentation::didChangeWebAnimationEffectTarget): Added.
    (WebCore::InspectorInstrumentation::didCreateWebAnimation): Added.
    (WebCore::InspectorInstrumentation::didChangeWebAnimationEffect): Deleted.
    * inspector/InspectorInstrumentation.cpp:
    (WebCore::InspectorInstrumentation::didCommitLoadImpl):
    (WebCore::InspectorInstrumentation::didSetWebAnimationEffectImpl): Added.
    (WebCore::InspectorInstrumentation::didChangeWebAnimationEffectTimingImpl): Added.
    (WebCore::InspectorInstrumentation::didChangeWebAnimationEffectTargetImpl): Added.
    (WebCore::InspectorInstrumentation::didCreateWebAnimationImpl): Added.
    (WebCore::InspectorInstrumentation::willDestroyWebAnimationImpl):
    (WebCore::InspectorInstrumentation::didChangeWebAnimationEffectImpl): Deleted.
    
    * inspector/InstrumentingAgents.h:
    (WebCore::InstrumentingAgents::enabledInspectorAnimationAgent const): Added.
    (WebCore::InstrumentingAgents::setEnabledInspectorAnimationAgent): Added.
    * inspector/InstrumentingAgents.cpp:
    (WebCore::InstrumentingAgents::reset):
    
    * inspector/agents/InspectorAnimationAgent.h:
    * inspector/agents/InspectorAnimationAgent.cpp:
    (WebCore::protocolValueForSeconds): Added.
    (WebCore::protocolValueForPlaybackDirection): Added.
    (WebCore::protocolValueForFillMode): Added.
    (WebCore::buildObjectForKeyframes): Added.
    (WebCore::buildObjectForEffect): Added.
    (WebCore::InspectorAnimationAgent::InspectorAnimationAgent):
    (WebCore::InspectorAnimationAgent::willDestroyFrontendAndBackend):
    (WebCore::InspectorAnimationAgent::enable): Added.
    (WebCore::InspectorAnimationAgent::disable): Added.
    (WebCore::InspectorAnimationAgent::requestEffectTarget): Added.
    (WebCore::InspectorAnimationAgent::resolveAnimation): Added.
    (WebCore::InspectorAnimationAgent::didSetWebAnimationEffect): Added.
    (WebCore::InspectorAnimationAgent::didChangeWebAnimationEffectTiming): Added.
    (WebCore::InspectorAnimationAgent::didChangeWebAnimationEffectTarget): Added.
    (WebCore::InspectorAnimationAgent::didCreateWebAnimation): Added.
    (WebCore::InspectorAnimationAgent::willDestroyWebAnimation):
    (WebCore::InspectorAnimationAgent::frameNavigated):
    (WebCore::InspectorAnimationAgent::findAnimationId): Added.
    (WebCore::InspectorAnimationAgent::assertAnimation): Added.
    (WebCore::InspectorAnimationAgent::bindAnimation): Added.
    (WebCore::InspectorAnimationAgent::unbindAnimation): Added.
    (WebCore::InspectorAnimationAgent::animationDestroyedTimerFired): Added.
    (WebCore::InspectorAnimationAgent::reset): Added.
    (WebCore::InspectorAnimationAgent::didChangeWebAnimationEffect): Deleted.
    
    * inspector/agents/InspectorDOMAgent.h:
    * inspector/agents/InspectorDOMAgent.cpp:
    (WebCore::InspectorDOMAgent::pushNodeToFrontend):
    (WebCore::InspectorDOMAgent::querySelector):
    (WebCore::InspectorDOMAgent::pushNodePathToFrontend):
    (WebCore::InspectorDOMAgent::setNodeName):
    (WebCore::InspectorDOMAgent::setOuterHTML):
    (WebCore::InspectorDOMAgent::moveTo):
    (WebCore::InspectorDOMAgent::requestNode):
    (WebCore::InspectorDOMAgent::pushNodeByPathToFrontend):
    Add an overload for `pushNodePathToFrontend` that exposes an `ErrorString`.
    
    Source/WebInspectorUI:
    
    * UserInterface/Controllers/AnimationManager.js: Added.
    (WI.AnimationManager):
    (WI.AnimationManager.prototype.get domains):
    (WI.AnimationManager.prototype.activateExtraDomain):
    (WI.AnimationManager.prototype.initializeTarget):
    (WI.AnimationManager.prototype.get animationCollection):
    (WI.AnimationManager.prototype.get supported):
    (WI.AnimationManager.prototype.enable):
    (WI.AnimationManager.prototype.disable):
    (WI.AnimationManager.prototype.animationCreated):
    (WI.AnimationManager.prototype.effectChanged):
    (WI.AnimationManager.prototype.targetChanged):
    (WI.AnimationManager.prototype.animationDestroyed):
    (WI.AnimationManager.prototype._handleMainResourceDidChange):
    * UserInterface/Protocol/AnimationObserver.js:
    (WI.AnimationObserver.prototype.animationCreated): Added.
    (WI.AnimationObserver.prototype.effectChanged): Added.
    (WI.AnimationObserver.prototype.targetChanged): Added.
    (WI.AnimationObserver.prototype.animationDestroyed): Added.
    
    * UserInterface/Models/AnimationCollection.js: Added.
    (WI.AnimationCollection):
    (WI.AnimationCollection.prototype.get animationType):
    (WI.AnimationCollection.prototype.get displayName):
    (WI.AnimationCollection.prototype.objectIsRequiredType):
    (WI.AnimationCollection.prototype.animationCollectionForType):
    (WI.AnimationCollection.prototype.itemAdded):
    (WI.AnimationCollection.prototype.itemRemoved):
    (WI.AnimationCollection.prototype.itemsCleared):
    Similar to `WI.ResourceCollection`, create a subclass of `WI.Collection` that maintains it's
    own sub-`WI.AnimationCollection`s for each type of `WI.Animation.Type`.
    
    * UserInterface/Models/Animation.js: Added.
    (WI.Animation):
    (WI.Animation.fromPayload):
    (WI.Animation.displayNameForAnimationType):
    (WI.Animation.displayNameForPlaybackDirection):
    (WI.Animation.displayNameForFillMode):
    (WI.Animation.resetUniqueDisplayNameNumbers):
    (WI.Animation.prototype.get animationId):
    (WI.Animation.prototype.get backtrace):
    (WI.Animation.prototype.get animationType):
    (WI.Animation.prototype.get startDelay):
    (WI.Animation.prototype.get endDelay):
    (WI.Animation.prototype.get iterationCount):
    (WI.Animation.prototype.get iterationStart):
    (WI.Animation.prototype.get iterationDuration):
    (WI.Animation.prototype.get timingFunction):
    (WI.Animation.prototype.get playbackDirection):
    (WI.Animation.prototype.get fillMode):
    (WI.Animation.prototype.get keyframes):
    (WI.Animation.prototype.get displayName):
    (WI.Animation.prototype.requestEffectTarget):
    (WI.Animation.prototype.effectChanged):
    (WI.Animation.prototype.targetChanged):
    (WI.Animation.prototype._updateEffect):
    * UserInterface/Protocol/RemoteObject.js:
    (WI.RemoteObject.resolveAnimation): Added.
    
    * UserInterface/Views/GraphicsTabContentView.js: Renamed from Source/WebInspectorUI/UserInterface/Views/CanvasTabContentView.js.
    (WI.GraphicsTabContentView):
    (WI.GraphicsTabContentView.tabInfo):
    (WI.GraphicsTabContentView.isTabAllowed):
    (WI.GraphicsTabContentView.prototype.get type):
    (WI.GraphicsTabContentView.prototype.showRepresentedObject): Added.
    (WI.GraphicsTabContentView.prototype.canShowRepresentedObject):
    (WI.GraphicsTabContentView.prototype.closed):
    (WI.GraphicsTabContentView.prototype.attached):
    (WI.GraphicsTabContentView.prototype.detached):
    (WI.GraphicsTabContentView.prototype.initialLayout): Added.
    (WI.GraphicsTabContentView.prototype._handleOverviewTreeOutlineSelectionDidChange): Added.
    * UserInterface/Views/GraphicsTabContentView.css: Renamed from Source/WebInspectorUI/UserInterface/Views/CanvasTabContentView.css.
    Rename the Canvas Tab to Graphics Tab and display four sections:
     - Canvases
     - Web Animations
     - CSS Animations
     - CSS Transitions
    
    * UserInterface/Views/CanvasSidebarPanel.js:
    (WI.CanvasSidebarPanel.prototype.canShowRepresentedObject):
    Only appear if a `WI.Canvas` or `WI.Recording` is selected.
    
    * UserInterface/Views/GraphicsOverviewContentView.js: Added.
    (WI.GraphicsOverviewContentView):
    (WI.GraphicsOverviewContentView.prototype.get supplementalRepresentedObjects):
    (WI.GraphicsOverviewContentView.prototype.get navigationItems):
    (WI.GraphicsOverviewContentView.prototype.attached):
    (WI.GraphicsOverviewContentView.prototype.detached):
    (WI.GraphicsOverviewContentView.prototype.initialLayout):
    (WI.GraphicsOverviewContentView.prototype.dropZoneShouldAppearForDragEvent):
    (WI.GraphicsOverviewContentView.prototype.dropZoneHandleDrop):
    (WI.GraphicsOverviewContentView.prototype._handleRefreshButtonClicked):
    (WI.GraphicsOverviewContentView.prototype._handleShowGridButtonClicked):
    (WI.GraphicsOverviewContentView.prototype._handleShowImageGridSettingChanged):
    (WI.GraphicsOverviewContentView.prototype._handleImportButtonNavigationItemClicked):
    (WI.GraphicsOverviewContentView.prototype._handleOverviewViewSelectedItemChanged):
    (WI.GraphicsOverviewContentView.prototype._handleOverviewViewSupplementalRepresentedObjectsDidChange):
    (WI.GraphicsOverviewContentView.prototype._handleClick):
    * UserInterface/Views/GraphicsOverviewContentView.css: Added.
    (.content-view.graphics-overview):
    (.content-view.graphics-overview > section):
    (.content-view.graphics-overview > section:not(:first-child)):
    (.content-view.graphics-overview > section > .header):
    (.content-view.graphics-overview > section:not(:first-of-type) > .header):
    (.content-view.graphics-overview > section > .header > h1):
    (.content-view.graphics-overview > section > .header > .navigation-bar):
    (.content-view.graphics-overview > .content-view.canvas-overview):
    (@media (prefers-color-scheme: light) .content-view.graphics-overview):
    (@media (prefers-color-scheme: light) .content-view.graphics-overview > section > .header):
    Add sticky headers for each of the sections described above.
    
    * UserInterface/Views/AnimationCollectionContentView.js: Added.
    (WI.AnimationCollectionContentView):
    (WI.AnimationCollectionContentView.prototype.handleRefreshButtonClicked):
    (WI.AnimationCollectionContentView.prototype.contentViewAdded):
    (WI.AnimationCollectionContentView.prototype.contentViewRemoved):
    (WI.AnimationCollectionContentView.prototype.detached):
    (WI.AnimationCollectionContentView.prototype._handleContentViewMouseEnter):
    (WI.AnimationCollectionContentView.prototype._handleContentViewMouseLeave):
    * UserInterface/Views/AnimationCollectionContentView.css: Added.
    (.content-view.animation-collection):
    
    * UserInterface/Views/AnimationContentView.js: Added.
    (WI.AnimationContentView):
    (WI.AnimationContentView.get previewHeight):
    (WI.AnimationContentView.prototype.handleRefreshButtonClicked):
    (WI.AnimationContentView.prototype.initialLayout):
    (WI.AnimationContentView.prototype.layout):
    (WI.AnimationContentView.prototype.sizeDidChange):
    (WI.AnimationContentView.prototype.attached):
    (WI.AnimationContentView.prototype.detached):
    (WI.AnimationContentView.prototype._refreshSubtitle):
    (WI.AnimationContentView.prototype._refreshPreview.addTitle):
    (WI.AnimationContentView.prototype._refreshPreview):
    (WI.AnimationContentView.prototype._handleEffectChanged):
    (WI.AnimationContentView.prototype._handleTargetChanged):
    (WI.AnimationContentView.prototype._populateAnimationTargetButtonContextMenu):
    * UserInterface/Views/AnimationContentView.css: Added.
    (.content-view.animation):
    (.content-view.animation.selected):
    (.content-view.animation > header):
    (.content-view.animation > header > .titles):
    (.content-view.animation > header > .titles > .title):
    (.content-view.animation > header > .titles > .subtitle):
    (.content-view.animation > header > .titles > .subtitle:not(:empty)::before):
    (.content-view.animation > header > .navigation-bar):
    (.content-view.animation:hover > header > .navigation-bar):
    (.content-view.animation > .preview):
    (.content-view.animation > .preview > svg):
    (body[dir=rtl] .content-view.animation > .preview > svg):
    (.content-view.animation > .preview > svg rect):
    (.content-view.animation > .preview > svg > .delay line):
    (.content-view.animation > .preview > svg > .active path):
    (.content-view.animation > .preview > svg > .active circle):
    (.content-view.animation > .preview > svg > .active line):
    (.content-view.animation > .preview > span):
    (@media (prefers-color-scheme: dark) .content-view.animation > header > .titles > .title):
    (@media (prefers-color-scheme: dark) .content-view.animation > header > .titles > .subtitle):
    (@media (prefers-color-scheme: dark) .content-view.animation > .preview):
    Visualize the start/end delay and keyframes of the given animation as a series of bezier
    curves separated by markers.
    
    * UserInterface/Views/AnimationDetailsSidebarPanel.js: Added.
    (WI.AnimationDetailsSidebarPanel):
    (WI.AnimationDetailsSidebarPanel.prototype.inspect):
    (WI.AnimationDetailsSidebarPanel.prototype.get animation):
    (WI.AnimationDetailsSidebarPanel.prototype.set animation):
    (WI.AnimationDetailsSidebarPanel.prototype.initialLayout):
    (WI.AnimationDetailsSidebarPanel.prototype.layout):
    (WI.AnimationDetailsSidebarPanel.prototype._refreshIdentitySection):
    (WI.AnimationDetailsSidebarPanel.prototype._refreshEffectSection):
    (WI.AnimationDetailsSidebarPanel.prototype._refreshBacktraceSection):
    (WI.AnimationDetailsSidebarPanel.prototype._handleAnimationEffectChanged):
    (WI.AnimationDetailsSidebarPanel.prototype._handleAnimationTargetChanged):
    (WI.AnimationDetailsSidebarPanel.prototype._handleDetailsSectionCollapsedStateChanged):
    * UserInterface/Views/AnimationDetailsSidebarPanel.css: Added.
    (.sidebar > .panel.details.animation > .content > .details-section.animation-keyframes .header > .subtitle):
    (.sidebar > .panel.details.animation > .content > .details-section.animation-keyframes .details-section):
    (.sidebar > .panel.details.animation > .content > .details-section.animation-keyframes .details-section .row.styles):
    (.sidebar > .panel.details.animation > .content > .details-section.animation-keyframes .details-section .row.styles .CodeMirror):
    (.sidebar > .panel.details.animation > .content > .details-section.animation-keyframes .details-section):
    Show collected information about the selected animation, its effect, and its target.
    
    * UserInterface/Controllers/CanvasManager.js:
    (WI.CanvasManager):
    (WI.CanvasManager.prototype.get canvasCollection): Added.
    (WI.CanvasManager.prototype.disable):
    (WI.CanvasManager.prototype.canvasAdded):
    (WI.CanvasManager.prototype.canvasRemoved):
    (WI.CanvasManager.prototype._saveRecordings): Added.
    (WI.CanvasManager.prototype._mainResourceDidChange):
    (WI.CanvasManager.prototype.get canvases): Deleted.
    (WI.CanvasManager.prototype._removeCanvas): Deleted.
    Rather than have the `WI.CanvasTabContentView` mainain the `WI.CanvasCollection` and have to
    listen for events from the `WI.CanvasManager`, just have the `WI.CanvasManager` hold on to
    it instead and provide a getter for it.
    
    * UserInterface/Views/CanvasOverviewContentView.js:
    (WI.CanvasOverviewContentView):
    (WI.CanvasOverviewContentView.prototype.get navigationItems):
    (WI.CanvasOverviewContentView.prototype.handleRefreshButtonClicked):
    (WI.CanvasOverviewContentView.prototype.contentViewAdded):
    (WI.CanvasOverviewContentView.prototype.contentViewRemoved):
    (WI.CanvasOverviewContentView.prototype.attached):
    (WI.CanvasOverviewContentView.prototype.detached):
    (WI.CanvasOverviewContentView.prototype._addSavedRecording):
    (WI.CanvasOverviewContentView.prototype.hidden): Deleted.
    (WI.CanvasOverviewContentView.prototype.get _itemMargin): Deleted.
    (WI.CanvasOverviewContentView.prototype._refreshPreviews): Deleted.
    (WI.CanvasOverviewContentView.prototype._updateNavigationItems): Deleted.
    (WI.CanvasOverviewContentView.prototype._showGridButtonClicked): Deleted.
    (WI.CanvasOverviewContentView.prototype._updateShowImageGrid): Deleted.
    * UserInterface/Views/CanvasOverviewContentView.css:
    (.content-view.canvas-overview):
    (.content-view.canvas-overview > .content-view.canvas):
    (@media (prefers-color-scheme: dark) .content-view.canvas-overview): Deleted.
    
    * UserInterface/Views/CanvasContentView.js:
    (WI.CanvasContentView):
    (WI.CanvasContentView.prototype.handleRefreshButtonClicked): Added.
    (WI.CanvasContentView.prototype.dropZoneShouldAppearForDragEvent): Added.
    (WI.CanvasContentView.prototype.dropZoneHandleDrop): Added.
    (WI.CanvasContentView.prototype.initialLayout):
    (WI.CanvasContentView.prototype.attached):
    (WI.CanvasContentView.prototype._populateCanvasElementButtonContextMenu):
    (WI.CanvasContentView.prototype.shown): Deleted.
    Move the "Log Canvas Context" to be the first item in the canvas element button context menu.
    Drive-by: add a `WI.DropZoneView` for when recording JSON files are dragged on top.
    
    * UserInterface/Views/CanvasContentView.css:
    Drive-by: drop `:not(.tab)` from all selectors since the Canvas Tab doesn't exist anymore.
    
    * UserInterface/Views/CollectionContentView.js:
    (WI.CollectionContentView):
    (WI.CollectionContentView.prototype.get selectedItem): Added.
    (WI.CollectionContentView.prototype.set selectedItem): Added.
    (WI.CollectionContentView.prototype.addContentViewForItem):
    (WI.CollectionContentView.prototype.removeContentViewForItem):
    (WI.CollectionContentView.prototype.showContentPlaceholder):
    (WI.CollectionContentView.prototype.initialLayout):
    (WI.CollectionContentView.prototype._selectItem):
    (WI.CollectionContentView.prototype._handleClick): Added.
    (WI.CollectionContentView.prototype.setSelectedItem): Deleted.
    * UserInterface/Views/CollectionContentView.css:
    (.content-view.collection > .placeholder:not(.message-text-view)): Added.
    (.content-view.collection .resource.image img): Deleted.
    (.content-view.collection .resource.image img:hover): Deleted.
    When selection is enabled, clicking outside of any of the content views should dismiss the
    current selection. Clients should also be able to get the currently selected item.
    
    * UserInterface/Views/DetailsSectionSimpleRow.js:
    (WI.DetailsSectionSimpleRow.prototype.set value):
    Ensure that `0` is considered as a valid value.
    
    * UserInterface/Base/Main.js:
    (WI.loaded):
    (WI.contentLoaded):
    (WI.tabContentViewClassForRepresentedObject):
    * UserInterface/Views/ContentView.js:
    (WI.ContentView.createFromRepresentedObject):
    (WI.ContentView.isViewable):
    Allow `WI.Animation` to be viewable.
    
    * UserInterface/Views/Main.css:
    (.navigation-item-help): Added.
    (.navigation-item-help > .navigation-bar): Added.
    (.navigation-item-help > .navigation-bar > .item): Added.
    (.message-text-view .navigation-item-help): Deleted.
    (.message-text-view .navigation-item-help .navigation-bar): Deleted.
    (.message-text-view .navigation-item-help .navigation-bar > .item): Deleted.
    Allow `WI.createNavigationItemHelp` to be used independently of `WI.createMessageTextView`.
    
    * UserInterface/Controllers/DOMManager.js:
    (WI.DOMManager.prototype.nodeForId):
    * UserInterface/Controllers/TimelineManager.js:
    (WI.TimelineManager.prototype.animationTrackingUpdated):
    * UserInterface/Models/AuditTestCaseResult.js:
    (WI.AuditTestCaseResult.async fromPayload):
    Add a fallback so callers don't need to.
    
    * UserInterface/Views/ResourceCollectionContentView.js:
    (WI.ResourceCollectionContentView):
    * UserInterface/Views/ResourceCollectionContentView.css:
    (.content-view.resource-collection > .resource.image img): Added.
    (.content-view.resource-collection > .resource.image img:hover): Added.
    Drive-by: move these styles to the right file and make them more specific.
    
    * UserInterface/Models/Canvas.js:
    (WI.Canvas.displayNameForContextType):
    * UserInterface/Models/Recording.js:
    (WI.Recording.displayNameForRecordingType): Added.
    Drive-by: fix localized strings.
    
    * UserInterface/Views/RecordingContentView.css:
    Drive-by: drop `:not(.tab)` from all selectors since the Recording Tab doesn't exist anymore.
    
    * UserInterface/Main.html:
    * UserInterface/Images/Graphics.svg: Renamed from Source/WebInspectorUI/UserInterface/Images/Canvas.svg.
    * Localizations/en.lproj/localizedStrings.js:
    
    * UserInterface/Test.html:
    * UserInterface/Test/Test.js:
    (WI.loaded):
    
    * UserInterface/Test/TestHarness.js:
    (TestHarness.prototype.expectEmpty): Added.
    (TestHarness.prototype.expectNotEmpty): Added.
    (TestHarness.prototype._expectationMessageFormat):
    (TestHarness.prototype._expectedValueFormat):
    Add utility function for checking whether the given value is empty:
     - Array `length === 0`
     - String `length === 0`
     - Set `size === 0`
     - Map `size === 0`
     - Object `isEmptyObject`
    Any other type will automatically fail, as non-objects can't be "empty" (e.g. `42`).
    
    LayoutTests:
    
    * inspector/animation/effectChanged.html: Added.
    * inspector/animation/effectChanged-expected.txt: Added.
    * inspector/animation/lifecycle-css-animation.html: Added.
    * inspector/animation/lifecycle-css-animation-expected.txt: Added.
    * inspector/animation/lifecycle-css-transition.html: Added.
    * inspector/animation/lifecycle-css-transition-expected.txt: Added.
    * inspector/animation/lifecycle-web-animation.html: Added.
    * inspector/animation/lifecycle-web-animation-expected.txt: Added.
    * inspector/animation/requestEffectTarget.html: Added.
    * inspector/animation/requestEffectTarget-expected.txt: Added.
    * inspector/animation/resolveAnimation.html: Added.
    * inspector/animation/resolveAnimation-expected.txt: Added.
    * inspector/animation/targetChanged.html: Added.
    * inspector/animation/targetChanged-expected.txt: Added.
    * inspector/animation/resources/lifecycle-utilities.js: Added.
    (createAnimation):
    (destroyAnimations):
    (InspectorTest.AnimationLifecycleUtilities.async awaitAnimationCreated):
    (InspectorTest.AnimationLifecycleUtilities.async awaitAnimationDestroyed):
    (InspectorTest.AnimationLifecycleUtilities.async createAnimation):
    (InspectorTest.AnimationLifecycleUtilities.async destroyAnimations):
    
    * inspector/canvas/create-context-webgpu.html:
    * inspector/canvas/resources/create-context-utilities.js:
    (destroyCanvases):
    (awaitCanvasAdded):
    (InspectorTest.CreateContextUtilities.initializeTestSuite):
    
    * inspector/canvas/context-attributes.html:
    * inspector/canvas/extensions.html:
    * inspector/canvas/memory.html:
    * inspector/canvas/requestClientNodes.html:
    * inspector/canvas/requestContent-2d.html:
    * inspector/canvas/requestContent-bitmaprenderer.html:
    * inspector/canvas/requestContent-webgl.html:
    * inspector/canvas/requestContent-webgl2.html:
    * inspector/canvas/requestNode.html:
    * inspector/canvas/resolveContext-2d.html:
    * inspector/canvas/resolveContext-bitmaprenderer.html:
    * inspector/canvas/resolveContext-webgl.html:
    * inspector/canvas/resolveContext-webgl2.html:
    * inspector/canvas/resolveContext-webgpu.html:
    
    * inspector/canvas/recording.html:
    * inspector/canvas/setRecordingAutoCaptureFrameCount.html:
    * inspector/canvas/resources/recording-utilities.js:
    (window.getCanvas):
    
    * inspector/canvas/shaderProgram-add-remove-webgpu.html:
    * inspector/canvas/updateShader-webgpu-sharedVertexFragment.html:
    * inspector/canvas/resources/shaderProgram-utilities-webgpu.js:
    * inspector/canvas/resources/shaderProgram-utilities-webgl.js:
    (deleteContext):
    (whenProgramAdded):
    (window.initializeTestSuite):
    (window.addParentCanvasRemovedTestCase):
    
    * inspector/unit-tests/test-harness-expect-functions.html:
    * inspector/unit-tests/test-harness-expect-functions-expected.txt:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255396 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-29  Devin Rousso  <drousso@apple.com>

            Web Inspector: add instrumentation for showing existing Web Animations
            https://bugs.webkit.org/show_bug.cgi?id=205434
            <rdar://problem/28328087>

            Reviewed by Brian Burg.

            Add types/commands/events for instrumenting the lifecycle of `Animation` objects, as well as
            commands for getting the JavaScript wrapper object and the target DOM node.

            Tests: inspector/animation/effectChanged.html
                   inspector/animation/lifecycle-css-animation.html
                   inspector/animation/lifecycle-css-transition.html
                   inspector/animation/lifecycle-web-animation.html
                   inspector/animation/requestEffectTarget.html
                   inspector/animation/resolveAnimation.html
                   inspector/animation/targetChanged.html

            * animation/WebAnimation.h:
            * animation/WebAnimation.cpp:
            (WebCore::WebAnimation::instances): Added.
            (WebCore::WebAnimation::instancesMutex): Added.
            (WebCore::WebAnimation::create):
            (WebCore::WebAnimation::WebAnimation):
            (WebCore::WebAnimation::~WebAnimation):
            (WebCore::WebAnimation::effectTimingDidChange):
            (WebCore::WebAnimation::setEffectInternal):
            (WebCore::WebAnimation::effectTargetDidChange):
            * animation/CSSAnimation.cpp:
            (WebCore::CSSAnimation::create):
            * animation/CSSTransition.cpp:
            (WebCore::CSSTransition::create):

            * animation/KeyframeEffect.h:
            (WebCore::KeyframeEffect::parsedKeyframes const): Added.
            (WebCore::KeyframeEffect::blendingKeyframes const): Added.
            (WebCore::KeyframeEffect::hasBlendingKeyframes const): Deleted.
            Provide a way to access the list of keyframes.

            * inspector/InspectorInstrumentation.h:
            (WebCore::InspectorInstrumentation::didSetWebAnimationEffect): Added.
            (WebCore::InspectorInstrumentation::didChangeWebAnimationEffectTiming): Added.
            (WebCore::InspectorInstrumentation::didChangeWebAnimationEffectTarget): Added.
            (WebCore::InspectorInstrumentation::didCreateWebAnimation): Added.
            (WebCore::InspectorInstrumentation::didChangeWebAnimationEffect): Deleted.
            * inspector/InspectorInstrumentation.cpp:
            (WebCore::InspectorInstrumentation::didCommitLoadImpl):
            (WebCore::InspectorInstrumentation::didSetWebAnimationEffectImpl): Added.
            (WebCore::InspectorInstrumentation::didChangeWebAnimationEffectTimingImpl): Added.
            (WebCore::InspectorInstrumentation::didChangeWebAnimationEffectTargetImpl): Added.
            (WebCore::InspectorInstrumentation::didCreateWebAnimationImpl): Added.
            (WebCore::InspectorInstrumentation::willDestroyWebAnimationImpl):
            (WebCore::InspectorInstrumentation::didChangeWebAnimationEffectImpl): Deleted.

            * inspector/InstrumentingAgents.h:
            (WebCore::InstrumentingAgents::enabledInspectorAnimationAgent const): Added.
            (WebCore::InstrumentingAgents::setEnabledInspectorAnimationAgent): Added.
            * inspector/InstrumentingAgents.cpp:
            (WebCore::InstrumentingAgents::reset):

            * inspector/agents/InspectorAnimationAgent.h:
            * inspector/agents/InspectorAnimationAgent.cpp:
            (WebCore::protocolValueForSeconds): Added.
            (WebCore::protocolValueForPlaybackDirection): Added.
            (WebCore::protocolValueForFillMode): Added.
            (WebCore::buildObjectForKeyframes): Added.
            (WebCore::buildObjectForEffect): Added.
            (WebCore::InspectorAnimationAgent::InspectorAnimationAgent):
            (WebCore::InspectorAnimationAgent::willDestroyFrontendAndBackend):
            (WebCore::InspectorAnimationAgent::enable): Added.
            (WebCore::InspectorAnimationAgent::disable): Added.
            (WebCore::InspectorAnimationAgent::requestEffectTarget): Added.
            (WebCore::InspectorAnimationAgent::resolveAnimation): Added.
            (WebCore::InspectorAnimationAgent::didSetWebAnimationEffect): Added.
            (WebCore::InspectorAnimationAgent::didChangeWebAnimationEffectTiming): Added.
            (WebCore::InspectorAnimationAgent::didChangeWebAnimationEffectTarget): Added.
            (WebCore::InspectorAnimationAgent::didCreateWebAnimation): Added.
            (WebCore::InspectorAnimationAgent::willDestroyWebAnimation):
            (WebCore::InspectorAnimationAgent::frameNavigated):
            (WebCore::InspectorAnimationAgent::findAnimationId): Added.
            (WebCore::InspectorAnimationAgent::assertAnimation): Added.
            (WebCore::InspectorAnimationAgent::bindAnimation): Added.
            (WebCore::InspectorAnimationAgent::unbindAnimation): Added.
            (WebCore::InspectorAnimationAgent::animationDestroyedTimerFired): Added.
            (WebCore::InspectorAnimationAgent::reset): Added.
            (WebCore::InspectorAnimationAgent::didChangeWebAnimationEffect): Deleted.

            * inspector/agents/InspectorDOMAgent.h:
            * inspector/agents/InspectorDOMAgent.cpp:
            (WebCore::InspectorDOMAgent::pushNodeToFrontend):
            (WebCore::InspectorDOMAgent::querySelector):
            (WebCore::InspectorDOMAgent::pushNodePathToFrontend):
            (WebCore::InspectorDOMAgent::setNodeName):
            (WebCore::InspectorDOMAgent::setOuterHTML):
            (WebCore::InspectorDOMAgent::moveTo):
            (WebCore::InspectorDOMAgent::requestNode):
            (WebCore::InspectorDOMAgent::pushNodeByPathToFrontend):
            Add an overload for `pushNodePathToFrontend` that exposes an `ErrorString`.

2020-02-05  Russell Epstein  <repstein@apple.com>

        Revert r255770. rdar://problem/58942734

2020-02-04  Russell Epstein  <repstein@apple.com>

        Cherry-pick r248517. rdar://problem/58942734

    Factor complex line layout path out from RenderBlockFlow
    https://bugs.webkit.org/show_bug.cgi?id=200612
    
    Reviewed by Zalan Bujtas.
    
    This patch factors the line layout code that is currently part of the RenderBlockFlow and lives in RenderBlockLineLayout.cpp
    into a new ComplexLineLayout class. ComplexLineLayout is a member of RenderBlockFlow.
    
    In the future we can stop constructing ComplexLineLayout at all when using other line layout paths.
    
    * Sources.txt:
    * WebCore.xcodeproj/project.pbxproj:
    * rendering/ComplexLineLayout.cpp: Copied from Source/WebCore/rendering/RenderBlockLineLayout.cpp.
    (WebCore::ComplexLineLayout::ComplexLineLayout):
    (WebCore::ComplexLineLayout::appendRunsForObject):
    (WebCore::ComplexLineLayout::createRootInlineBox):
    (WebCore::ComplexLineLayout::createAndAppendRootInlineBox):
    (WebCore::ComplexLineLayout::createInlineBoxForRenderer):
    (WebCore::ComplexLineLayout::createLineBoxes):
    (WebCore::ComplexLineLayout::constructLine):
    (WebCore::ComplexLineLayout::textAlignmentForLine const):
    (WebCore::ComplexLineLayout::setMarginsForRubyRun):
    (WebCore::ComplexLineLayout::updateRubyForJustifiedText):
    (WebCore::ComplexLineLayout::computeExpansionForJustifiedText):
    (WebCore::ComplexLineLayout::updateLogicalWidthForAlignment):
    (WebCore::ComplexLineLayout::computeInlineDirectionPositionsForLine):
    (WebCore::ComplexLineLayout::computeInlineDirectionPositionsForSegment):
    (WebCore::ComplexLineLayout::removeInlineBox const):
    (WebCore::ComplexLineLayout::computeBlockDirectionPositionsForLine):
    (WebCore::ComplexLineLayout::handleTrailingSpaces):
    (WebCore::ComplexLineLayout::appendFloatingObjectToLastLine):
    (WebCore::ComplexLineLayout::createLineBoxesFromBidiRuns):
    (WebCore::ComplexLineLayout::layoutRunsAndFloats):
    (WebCore::ComplexLineLayout::restartLayoutRunsAndFloatsInRange):
    (WebCore::ComplexLineLayout::layoutRunsAndFloatsInRange):
    (WebCore::ComplexLineLayout::reattachCleanLineFloats):
    (WebCore::ComplexLineLayout::linkToEndLineIfNeeded):
    (WebCore::ComplexLineLayout::layoutLineBoxes):
    (WebCore::ComplexLineLayout::checkFloatInCleanLine):
    (WebCore::ComplexLineLayout::determineStartPosition):
    (WebCore::ComplexLineLayout::determineEndPosition):
    (WebCore::ComplexLineLayout::checkPaginationAndFloatsAtEndLine):
    (WebCore::ComplexLineLayout::lineWidthForPaginatedLineChanged const):
    (WebCore::ComplexLineLayout::matchedEndLine):
    (WebCore::ComplexLineLayout::addOverflowFromInlineChildren):
    (WebCore::ComplexLineLayout::deleteEllipsisLineBoxes):
    (WebCore::ComplexLineLayout::checkLinesForTextOverflow):
    (WebCore::ComplexLineLayout::positionNewFloatOnLine):
    (WebCore::ComplexLineLayout::startAlignedOffsetForLine):
    (WebCore::ComplexLineLayout::updateFragmentForLine const):
    (WebCore::ComplexLineLayout::style const):
    (WebCore::ComplexLineLayout::layoutContext const):
    (WebCore::RenderBlockFlow::appendRunsForObject): Deleted.
    (WebCore::RenderBlockFlow::createRootInlineBox): Deleted.
    (WebCore::RenderBlockFlow::createAndAppendRootInlineBox): Deleted.
    (WebCore::createInlineBoxForRenderer): Deleted.
    (WebCore::RenderBlockFlow::createLineBoxes): Deleted.
    (WebCore::RenderBlockFlow::constructLine): Deleted.
    (WebCore::RenderBlockFlow::textAlignmentForLine const): Deleted.
    (WebCore::RenderBlockFlow::setMarginsForRubyRun): Deleted.
    (WebCore::RenderBlockFlow::updateRubyForJustifiedText): Deleted.
    (WebCore::RenderBlockFlow::computeExpansionForJustifiedText): Deleted.
    (WebCore::RenderBlockFlow::updateLogicalWidthForAlignment): Deleted.
    (WebCore::RenderBlockFlow::computeInlineDirectionPositionsForLine): Deleted.
    (WebCore::RenderBlockFlow::computeInlineDirectionPositionsForSegment): Deleted.
    (WebCore::RenderBlockFlow::removeInlineBox const): Deleted.
    (WebCore::RenderBlockFlow::computeBlockDirectionPositionsForLine): Deleted.
    (WebCore::RenderBlockFlow::handleTrailingSpaces): Deleted.
    (WebCore::RenderBlockFlow::appendFloatingObjectToLastLine): Deleted.
    (WebCore::RenderBlockFlow::createLineBoxesFromBidiRuns): Deleted.
    (WebCore::RenderBlockFlow::layoutRunsAndFloats): Deleted.
    (WebCore::RenderBlockFlow::restartLayoutRunsAndFloatsInRange): Deleted.
    (WebCore::RenderBlockFlow::layoutRunsAndFloatsInRange): Deleted.
    (WebCore::RenderBlockFlow::reattachCleanLineFloats): Deleted.
    (WebCore::RenderBlockFlow::linkToEndLineIfNeeded): Deleted.
    (WebCore::RenderBlockFlow::layoutLineBoxes): Deleted.
    (WebCore::RenderBlockFlow::checkFloatInCleanLine): Deleted.
    (WebCore::RenderBlockFlow::determineStartPosition): Deleted.
    (WebCore::RenderBlockFlow::determineEndPosition): Deleted.
    (WebCore::RenderBlockFlow::checkPaginationAndFloatsAtEndLine): Deleted.
    (WebCore::RenderBlockFlow::lineWidthForPaginatedLineChanged const): Deleted.
    (WebCore::RenderBlockFlow::matchedEndLine): Deleted.
    (WebCore::RenderBlock::generatesLineBoxesForInlineChild): Deleted.
    (WebCore::RenderBlockFlow::addOverflowFromInlineChildren): Deleted.
    (WebCore::RenderBlockFlow::deleteEllipsisLineBoxes): Deleted.
    (WebCore::RenderBlockFlow::checkLinesForTextOverflow): Deleted.
    (WebCore::RenderBlockFlow::positionNewFloatOnLine): Deleted.
    (WebCore::RenderBlockFlow::startAlignedOffsetForLine): Deleted.
    (WebCore::RenderBlockFlow::updateFragmentForLine const): Deleted.
    * rendering/ComplexLineLayout.h: Added.
    (WebCore::ComplexLineLayout::lineBoxes):
    (WebCore::ComplexLineLayout::lineBoxes const):
    (WebCore::ComplexLineLayout::firstRootBox const):
    (WebCore::ComplexLineLayout::lastRootBox const):
    * rendering/InlineIterator.h:
    (WebCore::IsolateTracker::addFakeRunIfNecessary):
    (WebCore::InlineBidiResolver::appendRunInternal):
    * rendering/RenderBlock.h:
    * rendering/RenderBlockFlow.cpp:
    (WebCore::RenderBlockFlow::RenderBlockFlow):
    (WebCore::RenderBlockFlow::willBeDestroyed):
    (WebCore::RenderBlockFlow::layoutInlineChildren):
    (WebCore::RenderBlockFlow::updateStaticInlinePositionForChild):
    (WebCore::RenderBlockFlow::deleteLines):
    (WebCore::RenderBlockFlow::hitTestInlineChildren):
    (WebCore::RenderBlockFlow::addOverflowFromInlineChildren):
    (WebCore::RenderBlockFlow::paintInlineChildren):
    (WebCore::RenderBlockFlow::layoutSimpleLines):
    (WebCore::RenderBlockFlow::ensureLineBoxes):
    * rendering/RenderBlockFlow.h:
    (WebCore::RenderBlockFlow::lineBoxes):
    (WebCore::RenderBlockFlow::lineBoxes const):
    (WebCore::RenderBlockFlow::firstRootBox const):
    (WebCore::RenderBlockFlow::lastRootBox const):
    (WebCore::RenderBlockFlow::floatingObjects):
    (WebCore::RenderBlockFlow::complexLineLayout):
    (WebCore::RenderBlockFlow::overrideTextAlignmentForLine const):
    (WebCore::RenderBlockFlow::adjustInlineDirectionLineBounds const):
    * rendering/RenderBlockLineLayout.cpp: Removed.
    * rendering/RenderRubyBase.cpp:
    (WebCore::RenderRubyBase::overrideTextAlignmentForLine const):
    (WebCore::RenderRubyBase::textAlignmentForLine const): Deleted.
    * rendering/RenderRubyBase.h:
    * rendering/RenderRubyText.cpp:
    (WebCore::RenderRubyText::overrideTextAlignmentForLine const):
    (WebCore::RenderRubyText::textAlignmentForLine const): Deleted.
    * rendering/RenderRubyText.h:
    * rendering/SimpleLineLayoutFunctions.cpp:
    (WebCore::SimpleLineLayout::generateLineBoxTree):
    * rendering/line/LineBreaker.cpp:
    (WebCore::LineBreaker::skipLeadingWhitespace):
    * rendering/line/LineBreaker.h:
    (WebCore::LineBreaker::positionNewFloatOnLine):
    * rendering/line/LineInlineHeaders.h:
    (WebCore::setStaticPositions):
    * rendering/svg/RenderSVGText.cpp:
    (WebCore::RenderSVGText::createRootInlineBox): Deleted.
    * rendering/svg/RenderSVGText.h:
    * rendering/updating/RenderTreeBuilderList.cpp:
    (WebCore::generatesLineBoxesForInlineChild):
    (WebCore::getParentOfFirstLineBox):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@248517 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2019-08-11  Antti Koivisto  <antti@apple.com>

            Factor complex line layout path out from RenderBlockFlow
            https://bugs.webkit.org/show_bug.cgi?id=200612

            Reviewed by Zalan Bujtas.

            This patch factors the line layout code that is currently part of the RenderBlockFlow and lives in RenderBlockLineLayout.cpp
            into a new ComplexLineLayout class. ComplexLineLayout is a member of RenderBlockFlow.

            In the future we can stop constructing ComplexLineLayout at all when using other line layout paths.

            * Sources.txt:
            * WebCore.xcodeproj/project.pbxproj:
            * rendering/ComplexLineLayout.cpp: Copied from Source/WebCore/rendering/RenderBlockLineLayout.cpp.
            (WebCore::ComplexLineLayout::ComplexLineLayout):
            (WebCore::ComplexLineLayout::appendRunsForObject):
            (WebCore::ComplexLineLayout::createRootInlineBox):
            (WebCore::ComplexLineLayout::createAndAppendRootInlineBox):
            (WebCore::ComplexLineLayout::createInlineBoxForRenderer):
            (WebCore::ComplexLineLayout::createLineBoxes):
            (WebCore::ComplexLineLayout::constructLine):
            (WebCore::ComplexLineLayout::textAlignmentForLine const):
            (WebCore::ComplexLineLayout::setMarginsForRubyRun):
            (WebCore::ComplexLineLayout::updateRubyForJustifiedText):
            (WebCore::ComplexLineLayout::computeExpansionForJustifiedText):
            (WebCore::ComplexLineLayout::updateLogicalWidthForAlignment):
            (WebCore::ComplexLineLayout::computeInlineDirectionPositionsForLine):
            (WebCore::ComplexLineLayout::computeInlineDirectionPositionsForSegment):
            (WebCore::ComplexLineLayout::removeInlineBox const):
            (WebCore::ComplexLineLayout::computeBlockDirectionPositionsForLine):
            (WebCore::ComplexLineLayout::handleTrailingSpaces):
            (WebCore::ComplexLineLayout::appendFloatingObjectToLastLine):
            (WebCore::ComplexLineLayout::createLineBoxesFromBidiRuns):
            (WebCore::ComplexLineLayout::layoutRunsAndFloats):
            (WebCore::ComplexLineLayout::restartLayoutRunsAndFloatsInRange):
            (WebCore::ComplexLineLayout::layoutRunsAndFloatsInRange):
            (WebCore::ComplexLineLayout::reattachCleanLineFloats):
            (WebCore::ComplexLineLayout::linkToEndLineIfNeeded):
            (WebCore::ComplexLineLayout::layoutLineBoxes):
            (WebCore::ComplexLineLayout::checkFloatInCleanLine):
            (WebCore::ComplexLineLayout::determineStartPosition):
            (WebCore::ComplexLineLayout::determineEndPosition):
            (WebCore::ComplexLineLayout::checkPaginationAndFloatsAtEndLine):
            (WebCore::ComplexLineLayout::lineWidthForPaginatedLineChanged const):
            (WebCore::ComplexLineLayout::matchedEndLine):
            (WebCore::ComplexLineLayout::addOverflowFromInlineChildren):
            (WebCore::ComplexLineLayout::deleteEllipsisLineBoxes):
            (WebCore::ComplexLineLayout::checkLinesForTextOverflow):
            (WebCore::ComplexLineLayout::positionNewFloatOnLine):
            (WebCore::ComplexLineLayout::startAlignedOffsetForLine):
            (WebCore::ComplexLineLayout::updateFragmentForLine const):
            (WebCore::ComplexLineLayout::style const):
            (WebCore::ComplexLineLayout::layoutContext const):
            (WebCore::RenderBlockFlow::appendRunsForObject): Deleted.
            (WebCore::RenderBlockFlow::createRootInlineBox): Deleted.
            (WebCore::RenderBlockFlow::createAndAppendRootInlineBox): Deleted.
            (WebCore::createInlineBoxForRenderer): Deleted.
            (WebCore::RenderBlockFlow::createLineBoxes): Deleted.
            (WebCore::RenderBlockFlow::constructLine): Deleted.
            (WebCore::RenderBlockFlow::textAlignmentForLine const): Deleted.
            (WebCore::RenderBlockFlow::setMarginsForRubyRun): Deleted.
            (WebCore::RenderBlockFlow::updateRubyForJustifiedText): Deleted.
            (WebCore::RenderBlockFlow::computeExpansionForJustifiedText): Deleted.
            (WebCore::RenderBlockFlow::updateLogicalWidthForAlignment): Deleted.
            (WebCore::RenderBlockFlow::computeInlineDirectionPositionsForLine): Deleted.
            (WebCore::RenderBlockFlow::computeInlineDirectionPositionsForSegment): Deleted.
            (WebCore::RenderBlockFlow::removeInlineBox const): Deleted.
            (WebCore::RenderBlockFlow::computeBlockDirectionPositionsForLine): Deleted.
            (WebCore::RenderBlockFlow::handleTrailingSpaces): Deleted.
            (WebCore::RenderBlockFlow::appendFloatingObjectToLastLine): Deleted.
            (WebCore::RenderBlockFlow::createLineBoxesFromBidiRuns): Deleted.
            (WebCore::RenderBlockFlow::layoutRunsAndFloats): Deleted.
            (WebCore::RenderBlockFlow::restartLayoutRunsAndFloatsInRange): Deleted.
            (WebCore::RenderBlockFlow::layoutRunsAndFloatsInRange): Deleted.
            (WebCore::RenderBlockFlow::reattachCleanLineFloats): Deleted.
            (WebCore::RenderBlockFlow::linkToEndLineIfNeeded): Deleted.
            (WebCore::RenderBlockFlow::layoutLineBoxes): Deleted.
            (WebCore::RenderBlockFlow::checkFloatInCleanLine): Deleted.
            (WebCore::RenderBlockFlow::determineStartPosition): Deleted.
            (WebCore::RenderBlockFlow::determineEndPosition): Deleted.
            (WebCore::RenderBlockFlow::checkPaginationAndFloatsAtEndLine): Deleted.
            (WebCore::RenderBlockFlow::lineWidthForPaginatedLineChanged const): Deleted.
            (WebCore::RenderBlockFlow::matchedEndLine): Deleted.
            (WebCore::RenderBlock::generatesLineBoxesForInlineChild): Deleted.
            (WebCore::RenderBlockFlow::addOverflowFromInlineChildren): Deleted.
            (WebCore::RenderBlockFlow::deleteEllipsisLineBoxes): Deleted.
            (WebCore::RenderBlockFlow::checkLinesForTextOverflow): Deleted.
            (WebCore::RenderBlockFlow::positionNewFloatOnLine): Deleted.
            (WebCore::RenderBlockFlow::startAlignedOffsetForLine): Deleted.
            (WebCore::RenderBlockFlow::updateFragmentForLine const): Deleted.
            * rendering/ComplexLineLayout.h: Added.
            (WebCore::ComplexLineLayout::lineBoxes):
            (WebCore::ComplexLineLayout::lineBoxes const):
            (WebCore::ComplexLineLayout::firstRootBox const):
            (WebCore::ComplexLineLayout::lastRootBox const):
            * rendering/InlineIterator.h:
            (WebCore::IsolateTracker::addFakeRunIfNecessary):
            (WebCore::InlineBidiResolver::appendRunInternal):
            * rendering/RenderBlock.h:
            * rendering/RenderBlockFlow.cpp:
            (WebCore::RenderBlockFlow::RenderBlockFlow):
            (WebCore::RenderBlockFlow::willBeDestroyed):
            (WebCore::RenderBlockFlow::layoutInlineChildren):
            (WebCore::RenderBlockFlow::updateStaticInlinePositionForChild):
            (WebCore::RenderBlockFlow::deleteLines):
            (WebCore::RenderBlockFlow::hitTestInlineChildren):
            (WebCore::RenderBlockFlow::addOverflowFromInlineChildren):
            (WebCore::RenderBlockFlow::paintInlineChildren):
            (WebCore::RenderBlockFlow::layoutSimpleLines):
            (WebCore::RenderBlockFlow::ensureLineBoxes):
            * rendering/RenderBlockFlow.h:
            (WebCore::RenderBlockFlow::lineBoxes):
            (WebCore::RenderBlockFlow::lineBoxes const):
            (WebCore::RenderBlockFlow::firstRootBox const):
            (WebCore::RenderBlockFlow::lastRootBox const):
            (WebCore::RenderBlockFlow::floatingObjects):
            (WebCore::RenderBlockFlow::complexLineLayout):
            (WebCore::RenderBlockFlow::overrideTextAlignmentForLine const):
            (WebCore::RenderBlockFlow::adjustInlineDirectionLineBounds const):
            * rendering/RenderBlockLineLayout.cpp: Removed.
            * rendering/RenderRubyBase.cpp:
            (WebCore::RenderRubyBase::overrideTextAlignmentForLine const):
            (WebCore::RenderRubyBase::textAlignmentForLine const): Deleted.
            * rendering/RenderRubyBase.h:
            * rendering/RenderRubyText.cpp:
            (WebCore::RenderRubyText::overrideTextAlignmentForLine const):
            (WebCore::RenderRubyText::textAlignmentForLine const): Deleted.
            * rendering/RenderRubyText.h:
            * rendering/SimpleLineLayoutFunctions.cpp:
            (WebCore::SimpleLineLayout::generateLineBoxTree):
            * rendering/line/LineBreaker.cpp:
            (WebCore::LineBreaker::skipLeadingWhitespace):
            * rendering/line/LineBreaker.h:
            (WebCore::LineBreaker::positionNewFloatOnLine):
            * rendering/line/LineInlineHeaders.h:
            (WebCore::setStaticPositions):
            * rendering/svg/RenderSVGText.cpp:
            (WebCore::RenderSVGText::createRootInlineBox): Deleted.
            * rendering/svg/RenderSVGText.h:
            * rendering/updating/RenderTreeBuilderList.cpp:
            (WebCore::generatesLineBoxesForInlineChild):
            (WebCore::getParentOfFirstLineBox):

2020-02-04  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255490. rdar://problem/59097775

    Regression(r255359): imported/mozilla/svg/svg-integration/clipPath-html-06.xhtml is failing consistently on windows
    https://bugs.webkit.org/show_bug.cgi?id=206991
    <rdar://problem/59030252>
    
    Reviewed by Antoine Quint.
    
    The previous approach may have still allowed RenderStyles computed with non-current FontCascade in
    matched properties caches (because some non-font properties were resolved based on obsolete font information).
    
    This patch takes a more robust approach by simply preventing caching of styles with non-current font.
    
    * dom/Document.h:
    (WebCore::Document::fontSelector const):
    * platform/graphics/FontCascade.cpp:
    (WebCore::FontCascade::isCurrent const):
    * platform/graphics/FontCascade.h:
    * style/MatchedDeclarationsCache.cpp:
    (WebCore::Style::MatchedDeclarationsCache::isCacheable):
    * style/StyleBuilderState.cpp:
    (WebCore::Style::BuilderState::updateFont):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255490 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-31  Antti Koivisto  <antti@apple.com>

            Regression(r255359): imported/mozilla/svg/svg-integration/clipPath-html-06.xhtml is failing consistently on windows
            https://bugs.webkit.org/show_bug.cgi?id=206991
            <rdar://problem/59030252>

            Reviewed by Antoine Quint.

            The previous approach may have still allowed RenderStyles computed with non-current FontCascade in
            matched properties caches (because some non-font properties were resolved based on obsolete font information).

            This patch takes a more robust approach by simply preventing caching of styles with non-current font.

            * dom/Document.h:
            (WebCore::Document::fontSelector const):
            * platform/graphics/FontCascade.cpp:
            (WebCore::FontCascade::isCurrent const):
            * platform/graphics/FontCascade.h:
            * style/MatchedDeclarationsCache.cpp:
            (WebCore::Style::MatchedDeclarationsCache::isCacheable):
            * style/StyleBuilderState.cpp:
            (WebCore::Style::BuilderState::updateFont):

2020-02-04  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255422. rdar://problem/59097789

    [Web Animations] Changing the delay of an accelerated animation doesn't seek the animation
    https://bugs.webkit.org/show_bug.cgi?id=206990
    <rdar://problem/58675608>
    
    Reviewed by Antti Koivisto.
    
    Source/WebCore:
    
    Test: webanimations/seeking-by-changing-delay-accelerated.html
    
    In order to seek an accelerated animation, we need to update the animation on the target element's backing GraphicsLayer. We do this by enqueuing an
    AcceleratedAction:Seek command which is done by calling KeyframeEffect::animationDidSeek(), which we would only call from WebAnimation::setCurrentTime().
    However, seeking can be performed by modifying the animation's effect's timing.
    
    We now call WebAnimation::effectTimingDidChange() with an optional ComputedEffectTiming for call sites that want to provide timing data prior to
    modifying timing properties. This allows WebAnimation::effectTimingDidChange() to compare the previous progress with the new progress to determine if the
    animation was seeked, so KeyframeEffect::animationDidSeek() may be called.
    
    There are two places where we now call WebAnimation::effectTimingDidChange() with the previous timing data. First, when updateTiming() is called
    through the JavaScript API (AnimationEffect::updateTiming) and when a CSS Animation's timing has been modified by changing some of the animation CSS
    properties (CSSAnimation::syncPropertiesWithBackingAnimation).
    
    * animation/AnimationEffect.cpp:
    (WebCore::AnimationEffect::updateTiming): Compute the previous timing data and provide it to WebAnimation::effectTimingDidChange().
    * animation/CSSAnimation.cpp:
    (WebCore::CSSAnimation::syncPropertiesWithBackingAnimation): Compute the previous timing data and provide it to WebAnimation::effectTimingDidChange().
    * animation/KeyframeEffect.cpp:
    (WebCore::KeyframeEffect::computeAcceleratedPropertiesState): Drive-by fix for faulty logic introduced in a recent patch (r255383).
    (WebCore::KeyframeEffect::applyPendingAcceleratedActions): We need to reset the m_isRunningAccelerated flag when an animation was supposed to be stopped but
    couldn't be because the target's layer backing was removed prior to the accelerated action being committed.
    * animation/WebAnimation.cpp:
    (WebCore::WebAnimation::effectTimingDidChange): If previous timing data was provided, check whether its progress differs from the current timing data and
    call KeyframeEffect::animationDidSeek().
    * animation/WebAnimation.h:
    
    LayoutTests:
    
    Add a new test which would fail prior to this patch where we pause an animation after it has started playing accelerated and
    change its delay to check that it correctly seeks the animation.
    
    * webanimations/seeking-by-changing-delay-accelerated-expected.html: Added.
    * webanimations/seeking-by-changing-delay-accelerated.html: Added.
    * platform/win/TestExpectations: Mark the new test as failing.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255422 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-30  Antoine Quint  <graouts@apple.com>

            [Web Animations] Changing the delay of an accelerated animation doesn't seek the animation
            https://bugs.webkit.org/show_bug.cgi?id=206990
            <rdar://problem/58675608>

            Reviewed by Antti Koivisto.

            Test: webanimations/seeking-by-changing-delay-accelerated.html

            In order to seek an accelerated animation, we need to update the animation on the target element's backing GraphicsLayer. We do this by enqueuing an
            AcceleratedAction:Seek command which is done by calling KeyframeEffect::animationDidSeek(), which we would only call from WebAnimation::setCurrentTime().
            However, seeking can be performed by modifying the animation's effect's timing.

            We now call WebAnimation::effectTimingDidChange() with an optional ComputedEffectTiming for call sites that want to provide timing data prior to
            modifying timing properties. This allows WebAnimation::effectTimingDidChange() to compare the previous progress with the new progress to determine if the
            animation was seeked, so KeyframeEffect::animationDidSeek() may be called.

            There are two places where we now call WebAnimation::effectTimingDidChange() with the previous timing data. First, when updateTiming() is called
            through the JavaScript API (AnimationEffect::updateTiming) and when a CSS Animation's timing has been modified by changing some of the animation CSS
            properties (CSSAnimation::syncPropertiesWithBackingAnimation).

            * animation/AnimationEffect.cpp:
            (WebCore::AnimationEffect::updateTiming): Compute the previous timing data and provide it to WebAnimation::effectTimingDidChange().
            * animation/CSSAnimation.cpp:
            (WebCore::CSSAnimation::syncPropertiesWithBackingAnimation): Compute the previous timing data and provide it to WebAnimation::effectTimingDidChange().
            * animation/KeyframeEffect.cpp:
            (WebCore::KeyframeEffect::computeAcceleratedPropertiesState): Drive-by fix for faulty logic introduced in a recent patch (r255383).
            (WebCore::KeyframeEffect::applyPendingAcceleratedActions): We need to reset the m_isRunningAccelerated flag when an animation was supposed to be stopped but
            couldn't be because the target's layer backing was removed prior to the accelerated action being committed.
            * animation/WebAnimation.cpp:
            (WebCore::WebAnimation::effectTimingDidChange): If previous timing data was provided, check whether its progress differs from the current timing data and
            call KeyframeEffect::animationDidSeek().
            * animation/WebAnimation.h:

2020-02-04  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255415. rdar://problem/59098091

    REGRESSION (r255322): macCatalyst: Tapping in an input field doesn't change the selection location
    https://bugs.webkit.org/show_bug.cgi?id=206978
    
    Reviewed by Wenson Hsieh.
    
    Source/WebCore:
    
    * page/ChromeClient.h:
    (WebCore::ChromeClient::shouldUseMouseEventForSelection):
    (WebCore::ChromeClient::shouldUseMouseEventsForSelection): Deleted.
    * page/EventHandler.cpp:
    (WebCore::EventHandler::canMouseDownStartSelect):
    (WebCore::EventHandler::handleMousePressEvent):
    * page/EventHandler.h:
    Plumb the event through to the ChromeClient so it can use it to make decisions.
    
    Source/WebKit:
    
    * WebProcess/WebCoreSupport/WebChromeClient.h:
    * WebProcess/WebCoreSupport/ios/WebChromeClientIOS.mm:
    (WebKit::WebChromeClient::shouldUseMouseEventForSelection):
    (WebKit::WebChromeClient::shouldUseMouseEventsForSelection): Deleted.
    Allow single-click events to change the selection; this is required
    in order to allow WebCore to set the selection in the case that
    the UITextInteraction gestures haven't yet been installed. Continue
    to not allow multi-click events to change the selection, because
    these are the ones that conflict with UIKit's behaviors.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255415 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-29  Tim Horton  <timothy_horton@apple.com>

            REGRESSION (r255322): macCatalyst: Tapping in an input field doesn't change the selection location
            https://bugs.webkit.org/show_bug.cgi?id=206978

            Reviewed by Wenson Hsieh.

            * page/ChromeClient.h:
            (WebCore::ChromeClient::shouldUseMouseEventForSelection):
            (WebCore::ChromeClient::shouldUseMouseEventsForSelection): Deleted.
            * page/EventHandler.cpp:
            (WebCore::EventHandler::canMouseDownStartSelect):
            (WebCore::EventHandler::handleMousePressEvent):
            * page/EventHandler.h:
            Plumb the event through to the ChromeClient so it can use it to make decisions.

2020-02-04  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255322. rdar://problem/59097817

    macCatalyst: Triple clicking to select a sentence results in an empty selection
    https://bugs.webkit.org/show_bug.cgi?id=206863
    <rdar://problem/58776993>
    
    Reviewed by Wenson Hsieh.
    
    Source/WebCore:
    
    * editing/EditingBehavior.h:
    (WebCore::EditingBehavior::shouldSelectOnContextualMenuClick const):
    * page/ChromeClient.h:
    (WebCore::ChromeClient::shouldUseMouseEventsForSelection):
    * page/EventHandler.cpp:
    (WebCore::EventHandler::canMouseDownStartSelect):
    (WebCore::canMouseDownStartSelect): Deleted.
    * page/EventHandler.h:
    Disable WebCore's mouse-event-driven selection mechanisms on macCatalyst,
    where we use a UITextInteraction-driven selection instead. Otherwise,
    they conflict with each other in a chaotic fashion.
    
    Source/WebKit:
    
    * UIProcess/API/Cocoa/WKWebViewPrivateForTesting.h:
    * UIProcess/API/Cocoa/WKWebViewTesting.mm:
    (-[WKWebView _doAfterProcessingAllPendingMouseEvents:]):
    * UIProcess/API/mac/WKWebViewPrivateForTestingMac.h:
    * UIProcess/API/mac/WKWebViewTestingMac.mm:
    (-[WKWebView _doAfterProcessingAllPendingMouseEvents:]): Deleted.
    * UIProcess/Cocoa/WebViewImpl.h:
    * UIProcess/Cocoa/WebViewImpl.mm:
    (WebKit::WebViewImpl::handleProcessSwapOrExit):
    (WebKit::WebViewImpl::doAfterProcessingAllPendingMouseEvents): Deleted.
    (WebKit::WebViewImpl::didFinishProcessingAllPendingMouseEvents): Deleted.
    (WebKit::WebViewImpl::flushPendingMouseEventCallbacks): Deleted.
    * UIProcess/PageClient.h:
    * UIProcess/WebPageProxy.cpp:
    (WebKit::WebPageProxy::doAfterProcessingAllPendingMouseEvents):
    (WebKit::WebPageProxy::didFinishProcessingAllPendingMouseEvents):
    (WebKit::WebPageProxy::flushPendingMouseEventCallbacks):
    * UIProcess/WebPageProxy.h:
    * UIProcess/ios/PageClientImplIOS.h:
    * UIProcess/mac/PageClientImplMac.h:
    * UIProcess/mac/PageClientImplMac.mm:
    (WebKit::PageClientImpl::didFinishProcessingAllPendingMouseEvents): Deleted.
    Move "doAfterProcessingAllPendingMouseEvents" to WebPage instead of WebViewImpl,
    so it can be used on all platforms. Expose it via WKWebView.
    
    * WebProcess/WebCoreSupport/WebChromeClient.h:
    * WebProcess/WebCoreSupport/ios/WebChromeClientIOS.mm:
    (WebKit::WebChromeClient::shouldUseMouseEventsForSelection):
    
    Tools:
    
    * TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
    * TestWebKitAPI/Tests/WebKitCocoa/MacCatalystMouseSupport.mm: Added.
    (-[WKTestingEvent locationInView:]):
    (-[WKTestingEvent _setButtonMask:]):
    (-[WKTestingEvent _buttonMask]):
    (-[WKTestingTouch locationInView:]):
    (-[WKTestingTouch setTapCount:]):
    (-[WKTestingTouch tapCount]):
    (mouseGesture):
    (TEST):
    Add a test ensuring that simply plumbing mouse events to WebCore
    does not result in a selection change in macCatalyst (because UIKit
    will handle the selection change itself, instead).
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255322 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-28  Tim Horton  <timothy_horton@apple.com>

            macCatalyst: Triple clicking to select a sentence results in an empty selection
            https://bugs.webkit.org/show_bug.cgi?id=206863
            <rdar://problem/58776993>

            Reviewed by Wenson Hsieh.

            * editing/EditingBehavior.h:
            (WebCore::EditingBehavior::shouldSelectOnContextualMenuClick const):
            * page/ChromeClient.h:
            (WebCore::ChromeClient::shouldUseMouseEventsForSelection):
            * page/EventHandler.cpp:
            (WebCore::EventHandler::canMouseDownStartSelect):
            (WebCore::canMouseDownStartSelect): Deleted.
            * page/EventHandler.h:
            Disable WebCore's mouse-event-driven selection mechanisms on macCatalyst,
            where we use a UITextInteraction-driven selection instead. Otherwise,
            they conflict with each other in a chaotic fashion.

2020-02-04  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255234. rdar://problem/59098321

    [Web Animations] Make Animation.timeline read-write only if a runtime flag is enabled
    https://bugs.webkit.org/show_bug.cgi?id=206173
    <rdar://problem/58527432>
    
    Reviewed by Dean Jackson.
    
    Source/WebCore:
    
    Make the timeline property of Animation read-write only if the new WebAnimationsMutableTimelines runtime flag is enabled.
    
    * animation/WebAnimation.idl: Make the "timeline" property conditionally read-write if WebAnimationsMutableTimelines is enabled.
    * bindings/js/WebCoreBuiltinNames.h: With the new RuntimeConditionallyReadWrite property used in WebAnimation.idl, it is necessary
    to declare the name of the affected property, in this case "timeline", in WebCoreBuiltinNames.
    * page/RuntimeEnabledFeatures.h:
    (WebCore::RuntimeEnabledFeatures::setWebAnimationsMutableTimelinesEnabled):
    (WebCore::RuntimeEnabledFeatures::webAnimationsMutableTimelinesEnabled const):
    
    Source/WebKit:
    
    Add a new WebAnimationsMutableTimelines runtime flag.
    
    * Shared/WebPreferences.yaml:
    
    Source/WebKitLegacy/mac:
    
    Add a new WebAnimationsMutableTimelines runtime flag.
    
    * WebView/WebPreferenceKeysPrivate.h:
    * WebView/WebPreferences.mm:
    (-[WebPreferences webAnimationsMutableTimelinesEnabled]):
    (-[WebPreferences setWebAnimationsMutableTimelinesEnabled:]):
    * WebView/WebPreferencesPrivate.h:
    * WebView/WebView.mm:
    (-[WebView _preferencesChanged:]):
    
    Source/WebKitLegacy/win:
    
    Add a new WebAnimationsMutableTimelines runtime flag.
    
    * Interfaces/IWebPreferencesPrivate.idl:
    * WebPreferenceKeysPrivate.h:
    * WebPreferences.cpp:
    (WebPreferences::initializeDefaultSettings):
    (WebPreferences::setWebAnimationsMutableTimelinesEnabled):
    (WebPreferences::webAnimationsMutableTimelinesEnabled):
    * WebPreferences.h:
    * WebView.cpp:
    (WebView::notifyPreferencesChanged):
    
    Tools:
    
    Manually enable the new WebAnimationsMutableTimelines runtime flag in DumpRenderTree.
    
    * DumpRenderTree/mac/DumpRenderTree.mm:
    (enableExperimentalFeatures):
    * DumpRenderTree/win/DumpRenderTree.cpp:
    (enableExperimentalFeatures):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255234 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-27  Antoine Quint  <graouts@apple.com>

            [Web Animations] Make Animation.timeline read-write only if a runtime flag is enabled
            https://bugs.webkit.org/show_bug.cgi?id=206173
            <rdar://problem/58527432>

            Reviewed by Dean Jackson.

            Make the timeline property of Animation read-write only if the new WebAnimationsMutableTimelines runtime flag is enabled.

            * animation/WebAnimation.idl: Make the "timeline" property conditionally read-write if WebAnimationsMutableTimelines is enabled.
            * bindings/js/WebCoreBuiltinNames.h: With the new RuntimeConditionallyReadWrite property used in WebAnimation.idl, it is necessary
            to declare the name of the affected property, in this case "timeline", in WebCoreBuiltinNames.
            * page/RuntimeEnabledFeatures.h:
            (WebCore::RuntimeEnabledFeatures::setWebAnimationsMutableTimelinesEnabled):
            (WebCore::RuntimeEnabledFeatures::webAnimationsMutableTimelinesEnabled const):

2020-02-03  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255431. rdar://problem/59097765

    REGRESSION (r252064): [ Mac iOS ] storage/websql/statement-error-callback.html is timing out flakily
    https://bugs.webkit.org/show_bug.cgi?id=206291
    <rdar://problem/58606666>
    
    Unreviewed, partial rollout of r252064 which seems to have introduced the regression.
    
    No new tests, covered by existing test
    
    * Modules/webdatabase/SQLTransaction.cpp:
    (WebCore::SQLTransaction::notifyDatabaseThreadIsShuttingDown):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255431 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-30  Chris Dumez  <cdumez@apple.com>

            REGRESSION (r252064): [ Mac iOS ] storage/websql/statement-error-callback.html is timing out flakily
            https://bugs.webkit.org/show_bug.cgi?id=206291
            <rdar://problem/58606666>

            Unreviewed, partial rollout of r252064 which seems to have introduced the regression.

            No new tests, covered by existing test

            * Modules/webdatabase/SQLTransaction.cpp:
            (WebCore::SQLTransaction::notifyDatabaseThreadIsShuttingDown):

2020-02-03  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255329. rdar://problem/59097765

    REGRESSION (r252064): [ Mac iOS ] storage/websql/statement-error-callback.html is timing out flakily
    https://bugs.webkit.org/show_bug.cgi?id=206291
    <rdar://problem/58606666>
    
    Reviewed by Maciej Stachowiak.
    
    Source/WebCore:
    
    I found that extending the lifetime of the SQLTransaction by capturing protectedThis in the event loop
    task was the source of the flaky timeouts & crashes. Queueing this event loop task in
    notifyDatabaseThreadIsShuttingDown() is actually not necessary because calling callErrorCallbackDueToInterruption()
    directly would schedule the event loop task for us. Also, in callErrorCallbackDueToInterruption(),
    the event loop task only keeps the error callback alive, not just the SQLTransaction object.
    
    No new tests, unskipped existing test.
    
    * Modules/webdatabase/SQLTransaction.cpp:
    (WebCore::SQLTransaction::notifyDatabaseThreadIsShuttingDown):
    
    LayoutTests:
    
    Unskip test that is no longer flaky.
    
    * platform/ios/TestExpectations:
    * platform/mac/TestExpectations:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255329 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-28  Chris Dumez  <cdumez@apple.com>

            REGRESSION (r252064): [ Mac iOS ] storage/websql/statement-error-callback.html is timing out flakily
            https://bugs.webkit.org/show_bug.cgi?id=206291
            <rdar://problem/58606666>

            Reviewed by Maciej Stachowiak.

            I found that extending the lifetime of the SQLTransaction by capturing protectedThis in the event loop
            task was the source of the flaky timeouts & crashes. Queueing this event loop task in
            notifyDatabaseThreadIsShuttingDown() is actually not necessary because calling callErrorCallbackDueToInterruption()
            directly would schedule the event loop task for us. Also, in callErrorCallbackDueToInterruption(),
            the event loop task only keeps the error callback alive, not just the SQLTransaction object.

            No new tests, unskipped existing test.

            * Modules/webdatabase/SQLTransaction.cpp:
            (WebCore::SQLTransaction::notifyDatabaseThreadIsShuttingDown):

2020-02-03  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255532. rdar://problem/59098561

    Add support for specifying background colors when setting marked text
    https://bugs.webkit.org/show_bug.cgi?id=207065
    <rdar://problem/57876140>
    
    Reviewed by Tim Horton.
    
    Source/WebCore:
    
    Add support for rendering custom highlights (background colors) behind marked text in WebCore. To do this, we
    plumb a Vector of CompositionHighlights alongside the Vector of CompositionUnderlines to Editor. At paint time,
    we then consult this highlight data to determine which ranges of text in the composition should paint using
    custom background colors.
    
    Note that in the future, we should consider refactoring both composition underlines and highlights to use the
    MarkedText mechanism for decorating ranges of text instead.
    
    Test: editing/input/composition-highlights.html
    
    * Headers.cmake:
    * WebCore.xcodeproj/project.pbxproj:
    * editing/CompositionHighlight.h: Added.
    (WebCore::CompositionHighlight::CompositionHighlight):
    (WebCore::CompositionHighlight::encode const):
    (WebCore::CompositionHighlight::decode):
    
    Add CompositionHighlight, which represents a range in the composition that should be highlighted with a given
    background color.
    
    * editing/Editor.cpp:
    (WebCore::Editor::clear):
    (WebCore::Editor::setComposition):
    
    Add logic for clearing and updating m_customCompositionHighlights.
    
    * editing/Editor.h:
    (WebCore::Editor::compositionUsesCustomHighlights const):
    (WebCore::Editor::customCompositionHighlights const):
    * rendering/InlineTextBox.cpp:
    (WebCore::InlineTextBox::paintCompositionBackground):
    
    If custom composition highlights are given, use those when painting the composition background; otherwise,
    default to painting the entire composition range using `Color::compositionFill`.
    
    Source/WebCore/PAL:
    
    Add an SPI soft-linking declaration for NSMarkedClauseSegmentAttributeName.
    
    * pal/spi/cocoa/NSAttributedStringSPI.h:
    
    Source/WebKit:
    
    Implement -setAttributedMarkedText:selectedRange: on WKContentView, and have it extract highlight color
    information from the given attributed string. Plumb this through to the web process by serializing and
    deserializing `WebCore::CompositionHighlight`s.
    
    * UIProcess/Cocoa/WebViewImpl.mm:
    (WebKit::WebViewImpl::setMarkedText):
    * UIProcess/WebPageProxy.cpp:
    * UIProcess/WebPageProxy.h:
    * UIProcess/ios/WKContentViewInteraction.mm:
    (compositionHighlights):
    
    For each marked text clause, grab the specified background color (defaulting to Color::compositionFill) and use
    it to create a list of CompositionHighlights.
    
    (-[WKContentView setAttributedMarkedText:selectedRange:]):
    (-[WKContentView setMarkedText:selectedRange:]):
    (-[WKContentView _setMarkedText:highlights:selectedRange:]):
    * WebProcess/InjectedBundle/API/c/WKBundlePage.cpp:
    (WKBundlePageSetComposition):
    
    Add testing support for specifying highlight ranges when setting marked text.
    
    * WebProcess/InjectedBundle/API/c/WKBundlePagePrivate.h:
    * WebProcess/WebCoreSupport/glib/WebEditorClientGLib.cpp:
    (WebKit::WebEditorClient::didDispatchInputMethodKeydown):
    * WebProcess/WebPage/WebPage.cpp:
    (WebKit::WebPage::setCompositionForTesting):
    (WebKit::WebPage::setCompositionAsync):
    * WebProcess/WebPage/WebPage.h:
    * WebProcess/WebPage/WebPage.messages.in:
    
    Source/WebKitLegacy/mac:
    
    Adjust some call sites of Editor::setComposition().
    
    * WebView/WebFrame.mm:
    (-[WebFrame setMarkedText:selectedRange:]):
    (-[WebFrame setMarkedText:forCandidates:]):
    * WebView/WebHTMLView.mm:
    (-[WebHTMLView setMarkedText:selectedRange:]):
    
    Source/WebKitLegacy/win:
    
    Adjust some call sites of Editor::setComposition().
    
    * WebView.cpp:
    (WebView::onIMEComposition):
    (WebView::setCompositionForTesting):
    
    Tools:
    
    Add support in WebKitTestRunner for specifying a list of highlight ranges when setting marked text. This comes
    in the form of an additional argument to TextInputController::setMarkedText, which contains an array of objects,
    each describing one range (in the composition) to highlight.
    
    * DumpRenderTree/ios/TextInputControllerIOS.m:
    (+[TextInputController isSelectorExcludedFromWebScript:]):
    (+[TextInputController webScriptNameForSelector:]):
    (-[TextInputController setMarkedText:selectedFrom:length:suppressUnderline:highlights:]):
    (-[TextInputController setMarkedText:selectedFrom:length:suppressUnderline:]): Deleted.
    * DumpRenderTree/mac/TextInputControllerMac.m:
    (+[TextInputController isSelectorExcludedFromWebScript:]):
    (+[TextInputController webScriptNameForSelector:]):
    (-[TextInputController setMarkedText:selectedFrom:length:suppressUnderline:highlights:]):
    (-[TextInputController setMarkedText:selectedFrom:length:suppressUnderline:]): Deleted.
    * WebKitTestRunner/InjectedBundle/Bindings/TextInputController.idl:
    * WebKitTestRunner/InjectedBundle/TextInputController.cpp:
    (WTR::arrayLength):
    (WTR::createCompositionHighlightData):
    
    Add logic to convert a given JSObject containing the composition highlight information into a WKArrayRef, which
    is then passed into WebKit via WKBundlePageSetComposition.
    
    (WTR::TextInputController::setMarkedText):
    * WebKitTestRunner/InjectedBundle/TextInputController.h:
    
    LayoutTests:
    
    Add a test to check that highlighting different parts of a composition range results in the same behavior as
    applying background colors using CSS. This test is currently only supported in WebKit2.
    
    * TestExpectations:
    * editing/input/composition-highlights-expected.html: Added.
    * editing/input/composition-highlights.html: Added.
    * platform/wk2/TestExpectations:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255532 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-31  Wenson Hsieh  <wenson_hsieh@apple.com>

            Add support for specifying background colors when setting marked text
            https://bugs.webkit.org/show_bug.cgi?id=207065
            <rdar://problem/57876140>

            Reviewed by Tim Horton.

            Add support for rendering custom highlights (background colors) behind marked text in WebCore. To do this, we
            plumb a Vector of CompositionHighlights alongside the Vector of CompositionUnderlines to Editor. At paint time,
            we then consult this highlight data to determine which ranges of text in the composition should paint using
            custom background colors.

            Note that in the future, we should consider refactoring both composition underlines and highlights to use the
            MarkedText mechanism for decorating ranges of text instead.

            Test: editing/input/composition-highlights.html

            * Headers.cmake:
            * WebCore.xcodeproj/project.pbxproj:
            * editing/CompositionHighlight.h: Added.
            (WebCore::CompositionHighlight::CompositionHighlight):
            (WebCore::CompositionHighlight::encode const):
            (WebCore::CompositionHighlight::decode):

            Add CompositionHighlight, which represents a range in the composition that should be highlighted with a given
            background color.

            * editing/Editor.cpp:
            (WebCore::Editor::clear):
            (WebCore::Editor::setComposition):

            Add logic for clearing and updating m_customCompositionHighlights.

            * editing/Editor.h:
            (WebCore::Editor::compositionUsesCustomHighlights const):
            (WebCore::Editor::customCompositionHighlights const):
            * rendering/InlineTextBox.cpp:
            (WebCore::InlineTextBox::paintCompositionBackground):

            If custom composition highlights are given, use those when painting the composition background; otherwise,
            default to painting the entire composition range using `Color::compositionFill`.

2020-02-03  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255504. rdar://problem/59097771

    [Web Animations] [WK1] REGRESSION: opacity doesn't animate
    https://bugs.webkit.org/show_bug.cgi?id=207044
    <rdar://problem/59061225>
    
    Reviewed by Simon Fraser.
    
    Source/WebCore:
    
    Test: webanimations/opacity-animation.html
    
    We failed to animate opacity in WK1 because we made the assumption that just because an animation targets only accelerated properties it would be accelerated
    and wouldn't need to be updated as it runs in WebAnimation::timeToNextTick(). This is incorrect, an animation may fail to start or may fail to get a composited
    layer, the latter being the case on WK1 because usesCompositing() is false in RenderLayerCompositor::requiresCompositingForAnimation().
    
    We now check that an animation is both only animating accelerated properties and running accelerated to determine that an animation won't need to be updated
    until it completes.
    
    * animation/WebAnimation.cpp:
    (WebCore::WebAnimation::timeToNextTick const):
    
    LayoutTests:
    
    * webanimations/opacity-animation-expected.html: Added.
    * webanimations/opacity-animation.html: Added.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255504 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-31  Antoine Quint  <graouts@apple.com>

            [Web Animations] [WK1] REGRESSION: opacity doesn't animate
            https://bugs.webkit.org/show_bug.cgi?id=207044
            <rdar://problem/59061225>

            Reviewed by Simon Fraser.

            Test: webanimations/opacity-animation.html

            We failed to animate opacity in WK1 because we made the assumption that just because an animation targets only accelerated properties it would be accelerated
            and wouldn't need to be updated as it runs in WebAnimation::timeToNextTick(). This is incorrect, an animation may fail to start or may fail to get a composited
            layer, the latter being the case on WK1 because usesCompositing() is false in RenderLayerCompositor::requiresCompositingForAnimation().

            We now check that an animation is both only animating accelerated properties and running accelerated to determine that an animation won't need to be updated
            until it completes.

            * animation/WebAnimation.cpp:
            (WebCore::WebAnimation::timeToNextTick const):

2020-02-03  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255487. rdar://problem/59097796

    REGRESSION: [iOS release] http/tests/security/window-named-proto.html is a flaky timing out
    https://bugs.webkit.org/show_bug.cgi?id=206672
    <rdar://problem/58838583>
    
    Reviewed by Chris Dumez.
    
    This is a speculative fix to increase the priority of the DataURLDecoder's WorkQueue such that
    it is less likely to be preempted.
    
    Covered by existing tests.
    
    * platform/network/DataURLDecoder.cpp:
    (WebCore::DataURLDecoder::decodeQueue):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255487 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-31  Jiewen Tan  <jiewen_tan@apple.com>

            REGRESSION: [iOS release] http/tests/security/window-named-proto.html is a flaky timing out
            https://bugs.webkit.org/show_bug.cgi?id=206672
            <rdar://problem/58838583>

            Reviewed by Chris Dumez.

            This is a speculative fix to increase the priority of the DataURLDecoder's WorkQueue such that
            it is less likely to be preempted.

            Covered by existing tests.

            * platform/network/DataURLDecoder.cpp:
            (WebCore::DataURLDecoder::decodeQueue):

2020-02-03  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255417. rdar://problem/59097780

    Do not notify other applications when deactivating the audio session
    https://bugs.webkit.org/show_bug.cgi?id=206963
    
    Reviewed by Jer Noble.
    
    Tested manually because this change is iOS-only and only reproduces on hardware.
    
    * platform/audio/ios/AudioSessionIOS.mm:
    (WebCore::AudioSession::tryToSetActiveInternal): Don't pass the AVAudioSessionSetActiveOptionNotifyOthersOnDeactivation
    flag to -[AVAudioSession setActive:error].
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255417 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-29  Eric Carlson  <eric.carlson@apple.com>

            Do not notify other applications when deactivating the audio session
            https://bugs.webkit.org/show_bug.cgi?id=206963

            Reviewed by Jer Noble.

            Tested manually because this change is iOS-only and only reproduces on hardware.

            * platform/audio/ios/AudioSessionIOS.mm:
            (WebCore::AudioSession::tryToSetActiveInternal): Don't pass the AVAudioSessionSetActiveOptionNotifyOthersOnDeactivation
            flag to -[AVAudioSession setActive:error].

2020-02-03  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255383. rdar://problem/59098319

    [Web Animations] Animations should run accelerated even if other animations targeting the same element are not accelerated
    https://bugs.webkit.org/show_bug.cgi?id=206890
    <rdar://problem/58961750>
    
    Reviewed by Simon Fraser.
    
    Source/WebCore:
    
    Test: webanimations/width-and-opacity-separate-animation-yields-compositing.html
    
    In the Web Animations implementation, when an element has some animated properties that can be accelerated and some that cannot be, we would never
    run accelerated animations at all. However, in the "legacy" animation engine, we would animate properties that can be acclerated if possible.
    We now attempt to run accelerated animations provided at least one animation is accelerated.
    
    To do that, we now keep track of whether none, some or all of the animated properties of a given KeyframeEffect are accelerated using the new
    m_acceleratedPropertiesState instance variable. We compute this property when creating the blending keyframes for the effect.
    
    Then, as time progresses and the effect is resolved, updateAcceleratedActions() is called and we simply use the effect's phase to determine
    whether we need to enqueue actions to start, pause, seek or end accelerated animations. This is an improvement over how this method used to work
    since we would run accelerated animations while in their delay phase, which did not match the "legacy" animation engine's behavior.
    
    We've also removed the single method that provided the accelerated characteristics of a KeyframeEffect, isAccelerated(), with a few more methods:
    
        - isRunningAccelerated(): the effect is currently running accelerated animations.
        - isAboutToRunAccelerated(): the effect has pending accelerated actions that should make it run accelerated animations when accelerated actions
        are updated next.
        - isCompletelyAccelerated(): the effect animates only accelerated properties.
        - isCurrentlyAffectingProperty(property, accelerated): the effect is currently animating the given property, with the option to specify whether
        that animation is accelerated.
    
    We use this information in a few new places. If an effect returns true for either isRunningAccelerated() or isAboutToRunAccelerated() when
    Element::applyKeyframeEffects() is called, we set the AnimationImpact::RequiresRecomposite flag. In RenderLayerCompositor::requiresCompositingForAnimation(),
    if an effect returns true for isCurrentlyAffectingProperty() with the accelerated flag set to true, the method returns true, matching the logic
    used by the "legacy" animation engine.
    
    All in all, this better aligns the behavior of the "legacy" and Web Animations engines to run accelerated animations in the same circumstances.
    
    * animation/AnimationTimeline.cpp:
    (WebCore::AnimationTimeline::updateCSSTransitionsForElementAndProperty): Use KeyframeEfffect::isRunningAccelerated() instead of KeyframeEffect::isAccelerated().
    * animation/DocumentTimeline.cpp:
    (WebCore::DocumentTimeline::isRunningAcceleratedAnimationOnRenderer const): Use KeyframeEffect::isCurrentlyAffectingProperty() instead of checking both
    isRunningAccelerated() and manually looking at the effect's animated properties.
    * animation/KeyframeEffect.cpp:
    (WebCore::KeyframeEffect::setBlendingKeyframes): Call computeAcceleratedPropertiesState() instead of the now-defunct computeShouldRunAccelerated().
    (WebCore::KeyframeEffect::apply): Keep track of the newly computed phase so that we may use it in the new isCurrentlyAffectingProperty() without having
    to recompute it on each call.
    (WebCore::KeyframeEffect::isCurrentlyAffectingProperty const): Indicates whether a given property is currently animated (active phase) with the option
    to specify whether that animation is accelerated.
    (WebCore::KeyframeEffect::computeAcceleratedPropertiesState): Compute whether none, some or all of the animated properties of the given effect can be accelerated.
    (WebCore::KeyframeEffect::updateAcceleratedActions): Use the phase to determine which accelerated actions to enqueue.
    (WebCore::KeyframeEffect::animationDidSeek): Use the new m_isRunningAccelerated state to determine whether the animation is presently running accelerated.
    (WebCore::KeyframeEffect::animationWasCanceled): Use the new m_isRunningAccelerated state to determine whether the animation is presently running accelerated.
    (WebCore::KeyframeEffect::animationSuspensionStateDidChange): Use the new m_isRunningAccelerated state to determine whether the animation is presently running accelerated.
    (WebCore::KeyframeEffect::applyPendingAcceleratedActions):
    * animation/KeyframeEffect.h:
    (WebCore::KeyframeEffect::isRunningAccelerated const):
    (WebCore::KeyframeEffect::isAboutToRunAccelerated const):
    (WebCore::KeyframeEffect::isCompletelyAccelerated const):
    * animation/KeyframeEffectStack.cpp:
    (WebCore::KeyframeEffectStack::isCurrentlyAffectingProperty const): Indicates whether any of the effects in the stack animates a given property, with the option
    to specify whether the animation should be accelerated.
    * animation/KeyframeEffectStack.h:
    * animation/WebAnimation.cpp:
    (WebCore::WebAnimation::effectTargetDidChange): Ensure we schedule an animation update if an effect is no longer animating a given element or newly animating an element,
    to ensure that replaced animations may be removed.
    (WebCore::WebAnimation::isCompletelyAccelerated const): Convenience function to call isCompletelyAccelerated() on the animation's effect.
    (WebCore::WebAnimation::computeRelevance): Check the replaced state when computing relevance.
    (WebCore::WebAnimation::timeToNextTick const): Schedule an immediate update if a given animation is not _completely_ accelerated.
    * animation/WebAnimation.h:
    * dom/Element.cpp:
    (WebCore::Element::keyframeEffectStack const):
    (WebCore::Element::applyKeyframeEffects): Set the AnimationImpact::RequiresRecomposite flag when the animation is either currently running accelerated or expected
    to be in the next accelerated animation update.
    * dom/Element.h:
    * rendering/RenderLayerCompositor.cpp:
    (WebCore::RenderLayerCompositor::requiresCompositingForAnimation const): Use the same logic as for the "legacy" animation engine to determine whether an animation
    requires compositing using the new KeyframeEffect::isCurrentlyAffectingProperty() method.
    (WebCore::RenderLayerCompositor::isRunningTransformAnimation const): Refactor some code to use the new KeyframeEffect::isCurrentlyAffectingProperty() method.
    
    LayoutTests:
    
    Update some tests that assumed a mix of accelerated and non-accelerated properties would not yield accelerated animations.
    We also make some WK1-specific expectation due to compositing being disabled when opacity is the only potentially-accelerated
    property to be animated.
    
    * platform/mac-wk1/imported/w3c/web-platform-tests/css/css-color/animation/opacity-interpolation-expected.txt: Added.
    * platform/mac-wk1/webanimations/opacity-animation-yields-compositing-expected.txt: Added.
    * platform/mac-wk1/webanimations/opacity-animation-yields-compositing-span-expected.txt: Added.
    * platform/mac-wk1/webanimations/partly-accelerated-transition-by-removing-property-expected.txt: Added.
    * platform/mac-wk1/webanimations/width-and-opacity-separate-animation-yields-compositing-expected.txt: Added.
    * webanimations/left-and-opacity-animation-yields-no-compositing-expected.txt: Removed.
    * webanimations/partly-accelerated-transition-by-removing-property-expected.txt:
    * webanimations/width-and-opacity-separate-animation-yields-compositing-expected.txt: Added.
    * webanimations/width-and-opacity-separate-animation-yields-compositing.html: Renamed from LayoutTests/webanimations/left-and-opacity-animation-yields-no-compositing.html.
    * webanimations/width-and-opacity-separate-animation-yields-no-compositing-expected.txt: Removed.
    * webanimations/width-and-opacity-separate-animation-yields-no-compositing.html: Removed.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255383 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-28  Antoine Quint  <graouts@apple.com>

            [Web Animations] Animations should run accelerated even if other animations targeting the same element are not accelerated
            https://bugs.webkit.org/show_bug.cgi?id=206890
            <rdar://problem/58961750>

            Reviewed by Simon Fraser.

            Test: webanimations/width-and-opacity-separate-animation-yields-compositing.html

            In the Web Animations implementation, when an element has some animated properties that can be accelerated and some that cannot be, we would never
            run accelerated animations at all. However, in the "legacy" animation engine, we would animate properties that can be acclerated if possible.
            We now attempt to run accelerated animations provided at least one animation is accelerated.

            To do that, we now keep track of whether none, some or all of the animated properties of a given KeyframeEffect are accelerated using the new
            m_acceleratedPropertiesState instance variable. We compute this property when creating the blending keyframes for the effect.

            Then, as time progresses and the effect is resolved, updateAcceleratedActions() is called and we simply use the effect's phase to determine
            whether we need to enqueue actions to start, pause, seek or end accelerated animations. This is an improvement over how this method used to work
            since we would run accelerated animations while in their delay phase, which did not match the "legacy" animation engine's behavior.

            We've also removed the single method that provided the accelerated characteristics of a KeyframeEffect, isAccelerated(), with a few more methods:

                - isRunningAccelerated(): the effect is currently running accelerated animations.
                - isAboutToRunAccelerated(): the effect has pending accelerated actions that should make it run accelerated animations when accelerated actions
                are updated next.
                - isCompletelyAccelerated(): the effect animates only accelerated properties.
                - isCurrentlyAffectingProperty(property, accelerated): the effect is currently animating the given property, with the option to specify whether
                that animation is accelerated.

            We use this information in a few new places. If an effect returns true for either isRunningAccelerated() or isAboutToRunAccelerated() when
            Element::applyKeyframeEffects() is called, we set the AnimationImpact::RequiresRecomposite flag. In RenderLayerCompositor::requiresCompositingForAnimation(),
            if an effect returns true for isCurrentlyAffectingProperty() with the accelerated flag set to true, the method returns true, matching the logic
            used by the "legacy" animation engine.

            All in all, this better aligns the behavior of the "legacy" and Web Animations engines to run accelerated animations in the same circumstances.

            * animation/AnimationTimeline.cpp:
            (WebCore::AnimationTimeline::updateCSSTransitionsForElementAndProperty): Use KeyframeEfffect::isRunningAccelerated() instead of KeyframeEffect::isAccelerated().
            * animation/DocumentTimeline.cpp:
            (WebCore::DocumentTimeline::isRunningAcceleratedAnimationOnRenderer const): Use KeyframeEffect::isCurrentlyAffectingProperty() instead of checking both
            isRunningAccelerated() and manually looking at the effect's animated properties.
            * animation/KeyframeEffect.cpp:
            (WebCore::KeyframeEffect::setBlendingKeyframes): Call computeAcceleratedPropertiesState() instead of the now-defunct computeShouldRunAccelerated().
            (WebCore::KeyframeEffect::apply): Keep track of the newly computed phase so that we may use it in the new isCurrentlyAffectingProperty() without having
            to recompute it on each call.
            (WebCore::KeyframeEffect::isCurrentlyAffectingProperty const): Indicates whether a given property is currently animated (active phase) with the option
            to specify whether that animation is accelerated.
            (WebCore::KeyframeEffect::computeAcceleratedPropertiesState): Compute whether none, some or all of the animated properties of the given effect can be accelerated.
            (WebCore::KeyframeEffect::updateAcceleratedActions): Use the phase to determine which accelerated actions to enqueue.
            (WebCore::KeyframeEffect::animationDidSeek): Use the new m_isRunningAccelerated state to determine whether the animation is presently running accelerated.
            (WebCore::KeyframeEffect::animationWasCanceled): Use the new m_isRunningAccelerated state to determine whether the animation is presently running accelerated.
            (WebCore::KeyframeEffect::animationSuspensionStateDidChange): Use the new m_isRunningAccelerated state to determine whether the animation is presently running accelerated.
            (WebCore::KeyframeEffect::applyPendingAcceleratedActions):
            * animation/KeyframeEffect.h:
            (WebCore::KeyframeEffect::isRunningAccelerated const):
            (WebCore::KeyframeEffect::isAboutToRunAccelerated const):
            (WebCore::KeyframeEffect::isCompletelyAccelerated const):
            * animation/KeyframeEffectStack.cpp:
            (WebCore::KeyframeEffectStack::isCurrentlyAffectingProperty const): Indicates whether any of the effects in the stack animates a given property, with the option
            to specify whether the animation should be accelerated.
            * animation/KeyframeEffectStack.h:
            * animation/WebAnimation.cpp:
            (WebCore::WebAnimation::effectTargetDidChange): Ensure we schedule an animation update if an effect is no longer animating a given element or newly animating an element,
            to ensure that replaced animations may be removed.
            (WebCore::WebAnimation::isCompletelyAccelerated const): Convenience function to call isCompletelyAccelerated() on the animation's effect.
            (WebCore::WebAnimation::computeRelevance): Check the replaced state when computing relevance.
            (WebCore::WebAnimation::timeToNextTick const): Schedule an immediate update if a given animation is not _completely_ accelerated.
            * animation/WebAnimation.h:
            * dom/Element.cpp:
            (WebCore::Element::keyframeEffectStack const):
            (WebCore::Element::applyKeyframeEffects): Set the AnimationImpact::RequiresRecomposite flag when the animation is either currently running accelerated or expected
            to be in the next accelerated animation update.
            * dom/Element.h:
            * rendering/RenderLayerCompositor.cpp:
            (WebCore::RenderLayerCompositor::requiresCompositingForAnimation const): Use the same logic as for the "legacy" animation engine to determine whether an animation
            requires compositing using the new KeyframeEffect::isCurrentlyAffectingProperty() method.
            (WebCore::RenderLayerCompositor::isRunningTransformAnimation const): Refactor some code to use the new KeyframeEffect::isCurrentlyAffectingProperty() method.

2020-02-03  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255378. rdar://problem/59097763

    [iOS] Make sure unused service worker processes exit promptly on low memory warning
    https://bugs.webkit.org/show_bug.cgi?id=206939
    <rdar://problem/58972717>
    
    Reviewed by Alex Christensen.
    
    Make sure unused service worker processes exit promptly on low memory warning. They normally take 10 seconds to exit
    for performance reasons. However, in case of memory pressure, keeping those processes around that long is not the
    right thing to do.
    
    Source/WebCore:
    
    * workers/service/server/SWServer.cpp:
    (WebCore::SWServer::handleLowMemoryWarning):
    * workers/service/server/SWServer.h:
    
    Source/WebKit:
    
    * NetworkProcess/NetworkProcess.cpp:
    (WebKit::NetworkProcess::lowMemoryHandler):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255378 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-29  Chris Dumez  <cdumez@apple.com>

            [iOS] Make sure unused service worker processes exit promptly on low memory warning
            https://bugs.webkit.org/show_bug.cgi?id=206939
            <rdar://problem/58972717>

            Reviewed by Alex Christensen.

            Make sure unused service worker processes exit promptly on low memory warning. They normally take 10 seconds to exit
            for performance reasons. However, in case of memory pressure, keeping those processes around that long is not the
            right thing to do.

            * workers/service/server/SWServer.cpp:
            (WebCore::SWServer::handleLowMemoryWarning):
            * workers/service/server/SWServer.h:

2020-02-03  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255371. rdar://problem/59098314

    [Web Animations] `DeclarativeAnimation` for CSS Animation is not always destroyed when class that applies `animation-name` is removed
    https://bugs.webkit.org/show_bug.cgi?id=206899
    
    Patch by Antoine Quint <graouts@apple.com> on 2020-01-29
    Reviewed by Devin Rousso.
    
    In case after processing the new animation styles we don't have any CSSAnimation objects anymore, we should make sure we remove the entry
    for this element from m_elementToCSSAnimationsCreatedByMarkupMap so as to release ownership of any prior animation.
    
    * animation/AnimationTimeline.cpp:
    (WebCore::AnimationTimeline::updateCSSAnimationsForElement):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255371 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-29  Antoine Quint  <graouts@apple.com>

            [Web Animations] `DeclarativeAnimation` for CSS Animation is not always destroyed when class that applies `animation-name` is removed
            https://bugs.webkit.org/show_bug.cgi?id=206899

            Reviewed by Devin Rousso.

            In case after processing the new animation styles we don't have any CSSAnimation objects anymore, we should make sure we remove the entry
            for this element from m_elementToCSSAnimationsCreatedByMarkupMap so as to release ownership of any prior animation.

            * animation/AnimationTimeline.cpp:
            (WebCore::AnimationTimeline::updateCSSAnimationsForElement):

2020-02-03  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255365. rdar://problem/59097795

    [JSC] Give up IC when unknown structure transition happens
    https://bugs.webkit.org/show_bug.cgi?id=206846
    
    Reviewed by Mark Lam.
    
    JSTests:
    
    * stress/ensure-crash.js: Added.
    * stress/incorrect-put-could-generate-invalid-ic-but-still-not-causing-bad-behavior-bad-transition-debug.js: Added.
    (shouldBe):
    (putter):
    (not_string.toString):
    * stress/incorrect-put-could-generate-invalid-ic-but-still-not-causing-bad-behavior-bad-transition.js: Added.
    (shouldBe):
    (putter):
    (not_string.toString):
    * stress/incorrect-put-could-generate-invalid-ic-but-still-not-causing-bad-behavior.js: Added.
    (shouldBe):
    (putter):
    (not_string.toString):
    * stress/incorrect-put-could-generate-invalid-ic-involving-dictionary-flatten.js: Added.
    (shouldBe):
    (dictionary):
    (putter):
    (not_string.toString):
    
    Source/JavaScriptCore:
    
    When we are creating Put IC for a new property, we grab the old Structure before performing
    the put. For a custom ::put, our convention is that the implemented ::put should mark the PutPropertySlot
    as non-cachable. The IC code relies on this in order to work correctly. If we didn't mark it as non-cacheable,
    a semantic failure can happen. This patch hardens the code against this semantic failure case by giving up trying
    to cache the IC when the newStructure calculated from oldStructure does not match against
    the actual structure after the put operation.
    
    * jit/Repatch.cpp:
    (JSC::tryCachePutByID):
    (JSC::repatchPutByID):
    * llint/LLIntSlowPaths.cpp:
    (JSC::LLInt::LLINT_SLOW_PATH_DECL):
    * runtime/Structure.cpp:
    (JSC::Structure::flattenDictionaryStructure):
    * tools/JSDollarVM.cpp:
    (JSC::functionCreateObjectDoingSideEffectPutWithoutCorrectSlotStatus):
    (JSC::JSDollarVM::finishCreation):
    (JSC::JSDollarVM::visitChildren):
    * tools/JSDollarVM.h:
    
    Source/WebCore:
    
    IDL Code Generator should taint PutPropertySlot or taint implemented object to avoid Put IC caching
    when it implements custom ::put operation which has side-effect regardless of Structure. Otherwise, IC can be setup
    and IC can do fast path without consulting the custom ::put operation.
    
    Test: js/dom/put-override-should-not-use-ic.html
    
    * bindings/scripts/CodeGeneratorJS.pm:
    (GenerateHeader):
    * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.h:
    * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.h:
    * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.h:
    * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.h:
    * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.h:
    * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.h:
    * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.h:
    * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.h:
    * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.h:
    * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.h:
    * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.h:
    * bindings/scripts/test/JS/JSTestPluginInterface.h:
    
    Tools:
    
    Add `crash!` annotation, which allows us to write a crashing JS test.
    
    * Scripts/run-jsc-stress-tests:
    * Scripts/webkitruby/jsc-stress-test-writer-default.rb:
    * Scripts/webkitruby/jsc-stress-test-writer-playstation.rb:
    * Scripts/webkitruby/jsc-stress-test-writer-ruby.rb:
    
    LayoutTests:
    
    * js/dom/put-override-should-not-use-ic-expected.txt: Added.
    * js/dom/put-override-should-not-use-ic.html: Added.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255365 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-28  Yusuke Suzuki  <ysuzuki@apple.com>

            [JSC] Give up IC when unknown structure transition happens
            https://bugs.webkit.org/show_bug.cgi?id=206846

            Reviewed by Mark Lam.

            IDL Code Generator should taint PutPropertySlot or taint implemented object to avoid Put IC caching
            when it implements custom ::put operation which has side-effect regardless of Structure. Otherwise, IC can be setup
            and IC can do fast path without consulting the custom ::put operation.

            Test: js/dom/put-override-should-not-use-ic.html

            * bindings/scripts/CodeGeneratorJS.pm:
            (GenerateHeader):
            * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.h:
            * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.h:
            * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.h:
            * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.h:
            * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.h:
            * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.h:
            * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.h:
            * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.h:
            * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.h:
            * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.h:
            * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.h:
            * bindings/scripts/test/JS/JSTestPluginInterface.h:

2020-02-03  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255335. rdar://problem/59097776

    Add logging to detect cause of rare crash at RenderLayer::calculateLayerBounds const
    https://bugs.webkit.org/show_bug.cgi?id=206915
    rdar://problem/55699292
    
    Reviewed by Tim Horton.
    
    We have reports of a rare crash under RenderLayer::calculateLayerBounds() under RenderLayer::updateLayerPositions(),
    where a RenderLayerBacking's m_owningLayer is null (which should never happen). This appears to reproduce
    by clicking links to CNN or FoxNews articles from Google News on macOS.
    
    Add a bear trap in that offset in the class, and also null-check the m_owningLayer reference
    in release assertions to better understand what's happening.
    
    * rendering/RenderLayerBacking.cpp:
    (WebCore::RenderLayerBacking::~RenderLayerBacking):
    (WebCore::RenderLayerBacking::willBeDestroyed):
    (WebCore::RenderLayerBacking::updateCompositedBounds):
    (WebCore::RenderLayerBacking::updateAfterLayout):
    (WebCore::RenderLayerBacking::updateConfiguration):
    (WebCore::RenderLayerBacking::updateAfterDescendants):
    (WebCore::RenderLayerBacking::paintIntoLayer):
    * rendering/RenderLayerBacking.h:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255335 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-28  Simon Fraser  <simon.fraser@apple.com>

            Add logging to detect cause of rare crash at RenderLayer::calculateLayerBounds const
            https://bugs.webkit.org/show_bug.cgi?id=206915
            rdar://problem/55699292

            Reviewed by Tim Horton.

            We have reports of a rare crash under RenderLayer::calculateLayerBounds() under RenderLayer::updateLayerPositions(),
            where a RenderLayerBacking's m_owningLayer is null (which should never happen). This appears to reproduce
            by clicking links to CNN or FoxNews articles from Google News on macOS.

            Add a bear trap in that offset in the class, and also null-check the m_owningLayer reference
            in release assertions to better understand what's happening.

            * rendering/RenderLayerBacking.cpp:
            (WebCore::RenderLayerBacking::~RenderLayerBacking):
            (WebCore::RenderLayerBacking::willBeDestroyed):
            (WebCore::RenderLayerBacking::updateCompositedBounds):
            (WebCore::RenderLayerBacking::updateAfterLayout):
            (WebCore::RenderLayerBacking::updateConfiguration):
            (WebCore::RenderLayerBacking::updateAfterDescendants):
            (WebCore::RenderLayerBacking::paintIntoLayer):
            * rendering/RenderLayerBacking.h:

2020-02-03  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255227. rdar://problem/58942731

    Correct VTT Cue Style handling to match the specification
    https://bugs.webkit.org/show_bug.cgi?id=201086
    
    Unreviewed followup based on a review comment.
    
    * html/track/WebVTTParser.cpp:
    (WebCore::WebVTTParser::checkAndStoreStyleSheet):
    
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255227 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-27  Antti Koivisto  <antti@apple.com>

            Correct VTT Cue Style handling to match the specification
            https://bugs.webkit.org/show_bug.cgi?id=201086

            Unreviewed followup based on a review comment.

            * html/track/WebVTTParser.cpp:
            (WebCore::WebVTTParser::checkAndStoreStyleSheet):

2020-02-03  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255224. rdar://problem/59098322

    Need a way to mark a DOM attribute as runtime conditionally read-write
    https://bugs.webkit.org/show_bug.cgi?id=206836
    
    Patch by Sam Weinig <weinig@apple.com> on 2020-01-27
    Reviewed by Chris Dumez.
    
    Adds a new IDL extended attribute, RuntimeConditionallyReadWrite, that works
    like EnableAtRuntime, but instead allows the associated attribute to be
    converted from read-only to read-write based on the value of a RuntimeEnabledFeature.
    
    * bindings/scripts/CodeGeneratorJS.pm:
    (GeneratePropertiesHashTable):
    Add check that both runtime enabling and runtime conditional read-write aren't
    both specified. For now, that is not supported.
    
    (GenerateRuntimeEnableConditionalString):
    Add support for generating the conditional string for RuntimeConditionallyReadWrite.
    
    (GenerateImplementation):
    Implement the feature by piggy-backing off the existing runtime enabling, which
    deletes the property if the feature is not enabled. For this, if the feature isn't
    enabled, we delete the property, and then add it back readonly. In the future, we
    should move off of this add-then-delete model, but that is tracked via http://webkit.org/b/206837.
    
    * bindings/scripts/IDLAttributes.json:
    Add new extended attribute.
    
    * bindings/scripts/test/JS/JSTestObj.cpp:
    (WebCore::JSTestObjPrototype::finishCreation):
    (WebCore::jsTestObjRuntimeConditionallyReadWriteAttributeGetter):
    (WebCore::jsTestObjRuntimeConditionallyReadWriteAttribute):
    (WebCore::setJSTestObjRuntimeConditionallyReadWriteAttributeSetter):
    (WebCore::setJSTestObjRuntimeConditionallyReadWriteAttribute):
    * bindings/scripts/test/TestObj.idl:
    Add new test with result.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255224 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-27  Sam Weinig  <weinig@apple.com>

            Need a way to mark a DOM attribute as runtime conditionally read-write
            https://bugs.webkit.org/show_bug.cgi?id=206836

            Reviewed by Chris Dumez.

            Adds a new IDL extended attribute, RuntimeConditionallyReadWrite, that works
            like EnableAtRuntime, but instead allows the associated attribute to be
            converted from read-only to read-write based on the value of a RuntimeEnabledFeature.

            * bindings/scripts/CodeGeneratorJS.pm:
            (GeneratePropertiesHashTable):
            Add check that both runtime enabling and runtime conditional read-write aren't
            both specified. For now, that is not supported.

            (GenerateRuntimeEnableConditionalString):
            Add support for generating the conditional string for RuntimeConditionallyReadWrite.

            (GenerateImplementation):
            Implement the feature by piggy-backing off the existing runtime enabling, which
            deletes the property if the feature is not enabled. For this, if the feature isn't
            enabled, we delete the property, and then add it back readonly. In the future, we
            should move off of this add-then-delete model, but that is tracked via http://webkit.org/b/206837.

            * bindings/scripts/IDLAttributes.json:
            Add new extended attribute.

            * bindings/scripts/test/JS/JSTestObj.cpp:
            (WebCore::JSTestObjPrototype::finishCreation):
            (WebCore::jsTestObjRuntimeConditionallyReadWriteAttributeGetter):
            (WebCore::jsTestObjRuntimeConditionallyReadWriteAttribute):
            (WebCore::setJSTestObjRuntimeConditionallyReadWriteAttributeSetter):
            (WebCore::setJSTestObjRuntimeConditionallyReadWriteAttribute):
            * bindings/scripts/test/TestObj.idl:
            Add new test with result.

2020-02-03  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255161. rdar://problem/58942716

    Crash in WebCore::HTMLMediaElement::detachMediaSource()
    https://bugs.webkit.org/show_bug.cgi?id=206766
    
    Reviewed by Jer Noble.
    
    Use WeakPtr<HTMLMediaElement> in MediaSource instead of a raw pointer.
    In addition, we need to detach a MediaSource from an HTMLMediaElement before the HTMLMediaElement forgets the reference to the MediaSource.
    
    * Modules/mediasource/MediaSource.cpp:
    (WebCore::MediaSource::attachToElement):
    * Modules/mediasource/MediaSource.h:
    * html/HTMLMediaElement.cpp:
    (WebCore::HTMLMediaElement::loadResource):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255161 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-27  Peng Liu  <peng.liu6@apple.com>

            Crash in WebCore::HTMLMediaElement::detachMediaSource()
            https://bugs.webkit.org/show_bug.cgi?id=206766

            Reviewed by Jer Noble.

            Use WeakPtr<HTMLMediaElement> in MediaSource instead of a raw pointer.
            In addition, we need to detach a MediaSource from an HTMLMediaElement before the HTMLMediaElement forgets the reference to the MediaSource.

            * Modules/mediasource/MediaSource.cpp:
            (WebCore::MediaSource::attachToElement):
            * Modules/mediasource/MediaSource.h:
            * html/HTMLMediaElement.cpp:
            (WebCore::HTMLMediaElement::loadResource):

2020-02-03  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255151. rdar://problem/58942731

    Correct VTT Cue Style handling to match the specification
    https://bugs.webkit.org/show_bug.cgi?id=201086
    <rdar://problem/54658121>
    
    Reviewed by Brent Fulgham.
    
    The VTT specification requires that only data-URLs are permitted in STYLE blocks.
    
    * css/CSSSelector.cpp:
    (WebCore::CSSSelector::selectorText const):
    
    Fix selectorText for function version of ::cue().
    
    * css/parser/CSSParserContext.cpp:
    (WebCore::CSSParserContext::completeURL const):
    
    Don't allow non-data URLs in WebVTT parser mode.
    
    * css/parser/CSSParserContext.h:
    (WebCore::CSSParserContext::completeURL const): Deleted.
    * css/parser/CSSParserMode.h:
    (WebCore::isStrictParserMode):
    * html/track/WebVTTParser.cpp:
    (WebCore::WebVTTParser::collectStyleSheet):
    (WebCore::WebVTTParser::checkAndStoreStyleSheet):
    
    Instead of simply validating the original stylesheet, build a new sanitized stylesheet text
    from the stylesheet parsed in WebVTT mode. This sanitized stylesheet is then used as the
    input for the style system.
    
    * html/track/WebVTTParser.h:
    
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255151 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-27  Antti Koivisto  <antti@apple.com>

            Correct VTT Cue Style handling to match the specification
            https://bugs.webkit.org/show_bug.cgi?id=201086
            <rdar://problem/54658121>

            Reviewed by Brent Fulgham.

            The VTT specification requires that only data-URLs are permitted in STYLE blocks.

            * css/CSSSelector.cpp:
            (WebCore::CSSSelector::selectorText const):

            Fix selectorText for function version of ::cue().

            * css/parser/CSSParserContext.cpp:
            (WebCore::CSSParserContext::completeURL const):

            Don't allow non-data URLs in WebVTT parser mode.

            * css/parser/CSSParserContext.h:
            (WebCore::CSSParserContext::completeURL const): Deleted.
            * css/parser/CSSParserMode.h:
            (WebCore::isStrictParserMode):
            * html/track/WebVTTParser.cpp:
            (WebCore::WebVTTParser::collectStyleSheet):
            (WebCore::WebVTTParser::checkAndStoreStyleSheet):

            Instead of simply validating the original stylesheet, build a new sanitized stylesheet text
            from the stylesheet parsed in WebVTT mode. This sanitized stylesheet is then used as the
            input for the style system.

            * html/track/WebVTTParser.h:

2020-02-03  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255149. rdar://problem/58942712

    [Web Animations] Add support for the options parameter to getAnimations()
    https://bugs.webkit.org/show_bug.cgi?id=202191
    <rdar://problem/55697751>
    
    Reviewed by Antti Koivisto.
    
    LayoutTests/imported/w3c:
    
    Mark some WPT progressions. In the CSS Animations case, we are returning the expected animations but not quite sorted as expected.
    
    * web-platform-tests/css/css-animations/Element-getAnimations.tentative-expected.txt:
    * web-platform-tests/web-animations/interfaces/Animatable/getAnimations-expected.txt:
    
    Source/WebCore:
    
    Add support for the GetAnimationsOptions dictionary as a parameter to Animatable.getAnimations(). When it is provided
    and has its sole "subtree" property set to "true", we call Document.getAnimations() and filter out animations that are
    not targeting elements that are either this element, one of its descendants, one of its pseudo-elements or one of its
    descendants' pseudo-elements.
    
    * CMakeLists.txt:
    * DerivedSources-input.xcfilelist:
    * DerivedSources-output.xcfilelist:
    * DerivedSources.make:
    * Headers.cmake:
    * Sources.txt:
    * WebCore.xcodeproj/project.pbxproj:
    * animation/Animatable.idl:
    * animation/GetAnimationsOptions.h: Added.
    * animation/GetAnimationsOptions.idl: Added.
    * dom/Element.cpp:
    (WebCore::Element::getAnimations):
    * dom/Element.h:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255149 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-27  Antoine Quint  <graouts@apple.com>

            [Web Animations] Add support for the options parameter to getAnimations()
            https://bugs.webkit.org/show_bug.cgi?id=202191
            <rdar://problem/55697751>

            Reviewed by Antti Koivisto.

            Add support for the GetAnimationsOptions dictionary as a parameter to Animatable.getAnimations(). When it is provided
            and has its sole "subtree" property set to "true", we call Document.getAnimations() and filter out animations that are
            not targeting elements that are either this element, one of its descendants, one of its pseudo-elements or one of its
            descendants' pseudo-elements.

            * CMakeLists.txt:
            * DerivedSources-input.xcfilelist:
            * DerivedSources-output.xcfilelist:
            * DerivedSources.make:
            * Headers.cmake:
            * Sources.txt:
            * WebCore.xcodeproj/project.pbxproj:
            * animation/Animatable.idl:
            * animation/GetAnimationsOptions.h: Added.
            * animation/GetAnimationsOptions.idl: Added.
            * dom/Element.cpp:
            (WebCore::Element::getAnimations):
            * dom/Element.h:

2020-02-03  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255116. rdar://problem/58942720

    HTMLMediaElement should not remove the media session at DOM suspension time
    https://bugs.webkit.org/show_bug.cgi?id=206661
    <rdar://problem/58800787>
    
    Source/WebCore:
    
    Reviewed by Eric Carlson.
    
    https://trac.webkit.org/changeset/233560 made it so that, on HTMLMediaElement suspension,
    its media session is stopped.
    This was done to ensure updateNowPlayingInfo is not called synchronously but asynchronously.
    The issue is that, once the media session is stopped, it is removed from the media session vector.
    On updating the ready state after suspension, and playing, we try to look into the media session vector and do not find the session.
    This triggers the ASSERT.
    
    Partially revert the behavior by calling the same code as clientWillPausePlayback
    but make sure updateNowPlayingInfo is calling asynchronously when suspending the media element.
    Introduce clientWillBeDOMSuspended for that purpose.
    
    Update mediaPlayerReadyStateChanged to enqueue a task to do the update if the media element is suspended.
    
    Covered by test no longer crashing in debug.
    
    * html/HTMLMediaElement.cpp:
    (WebCore::HTMLMediaElement::mediaPlayerReadyStateChanged):
    (WebCore::HTMLMediaElement::stopWithoutDestroyingMediaPlayer):
    * platform/audio/PlatformMediaSession.cpp:
    (WebCore::PlatformMediaSession::processClientWillPausePlayback):
    (WebCore::PlatformMediaSession::clientWillPausePlayback):
    (WebCore::PlatformMediaSession::clientWillBeDOMSuspended):
    * platform/audio/PlatformMediaSession.h:
    * platform/audio/PlatformMediaSessionManager.cpp:
    (WebCore::PlatformMediaSessionManager::sessionWillEndPlayback):
    * platform/audio/PlatformMediaSessionManager.h:
    * platform/audio/cocoa/MediaSessionManagerCocoa.h:
    * platform/audio/cocoa/MediaSessionManagerCocoa.mm:
    (MediaSessionManagerCocoa::sessionWillEndPlayback):
    * platform/audio/ios/MediaSessionManagerIOS.h:
    * platform/audio/ios/MediaSessionManagerIOS.mm:
    (WebCore::MediaSessionManageriOS::sessionWillEndPlayback):
    
    Tools:
    
    Reviewed by Eric Carlson.
    
    * TestWebKitAPI/Tests/WebKitLegacy/ios/ScrollingDoesNotPauseMedia.mm:
    (TestWebKitAPI::TEST):
    Suspend/resume Active DOM Objects from time to time as would do scrolling.
    This allows pending tasks to be executed asynchronously when not scrolling.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255116 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-25  youenn fablet  <youenn@apple.com>

            HTMLMediaElement should not remove the media session at DOM suspension time
            https://bugs.webkit.org/show_bug.cgi?id=206661
            <rdar://problem/58800787>

            Reviewed by Eric Carlson.

            https://trac.webkit.org/changeset/233560 made it so that, on HTMLMediaElement suspension,
            its media session is stopped.
            This was done to ensure updateNowPlayingInfo is not called synchronously but asynchronously.
            The issue is that, once the media session is stopped, it is removed from the media session vector.
            On updating the ready state after suspension, and playing, we try to look into the media session vector and do not find the session.
            This triggers the ASSERT.

            Partially revert the behavior by calling the same code as clientWillPausePlayback
            but make sure updateNowPlayingInfo is calling asynchronously when suspending the media element.
            Introduce clientWillBeDOMSuspended for that purpose.

            Update mediaPlayerReadyStateChanged to enqueue a task to do the update if the media element is suspended.

            Covered by test no longer crashing in debug.

            * html/HTMLMediaElement.cpp:
            (WebCore::HTMLMediaElement::mediaPlayerReadyStateChanged):
            (WebCore::HTMLMediaElement::stopWithoutDestroyingMediaPlayer):
            * platform/audio/PlatformMediaSession.cpp:
            (WebCore::PlatformMediaSession::processClientWillPausePlayback):
            (WebCore::PlatformMediaSession::clientWillPausePlayback):
            (WebCore::PlatformMediaSession::clientWillBeDOMSuspended):
            * platform/audio/PlatformMediaSession.h:
            * platform/audio/PlatformMediaSessionManager.cpp:
            (WebCore::PlatformMediaSessionManager::sessionWillEndPlayback):
            * platform/audio/PlatformMediaSessionManager.h:
            * platform/audio/cocoa/MediaSessionManagerCocoa.h:
            * platform/audio/cocoa/MediaSessionManagerCocoa.mm:
            (MediaSessionManagerCocoa::sessionWillEndPlayback):
            * platform/audio/ios/MediaSessionManagerIOS.h:
            * platform/audio/ios/MediaSessionManagerIOS.mm:
            (WebCore::MediaSessionManageriOS::sessionWillEndPlayback):

2020-02-03  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255058. rdar://problem/59097764

    Make sure fetch tasks go to network if service worker never gets to activated
    https://bugs.webkit.org/show_bug.cgi?id=206648
    
    Reviewed by Chris Dumez.
    
    Source/WebCore:
    
    In case worker context process crashes, the SWServerWorker gets set to NotRunning.
    If the SWServerWorker has pending activating completion handlers, they will never be called until the worker is destroyed.
    But the worker may never be destroyed until its registration is destroyed.
    This may trigger service worker fetch task hangs.
    
    To fix this, make sure to call activating completion handlers whenever the SWServerWorker state is changed to either Terminating or NotRunning.
    
    Covered by updated test.
    
    * workers/service/server/SWServerWorker.cpp:
    (WebCore::SWServerWorker::~SWServerWorker):
    (WebCore::SWServerWorker::whenActivated):
    (WebCore::SWServerWorker::setState):
    * workers/service/server/SWServerWorker.h:
    
    Source/WebKit:
    
    In case activating completion handlers are not called, the fetch task timeout should kick in and make the load go to network process.
    The issue is that our code was using the context connection to do so.
    If the fetch task is waiting for the worker activation, the context connection might not be set and the timeout will be a no-op.
    
    To fix this, the fetch task will do as if its context is closed when the timeout fires.
    The fetck task now has a weak pointer to the WebSWServerConnection and will use to terminate the service worker as done previously.
    
    We no longer handle all ongoing fetch tasks of the ongoing service worker.
    Each individual fetch task timeout provides the same level of protection.
    The service worker will anyway get terminated which will race to finalize the service worker fetch tasks with each of their timeout.
    
    * NetworkProcess/ServiceWorker/ServiceWorkerFetchTask.cpp:
    (WebKit::ServiceWorkerFetchTask::ServiceWorkerFetchTask):
    (WebKit::ServiceWorkerFetchTask::timeoutTimerFired):
    * NetworkProcess/ServiceWorker/ServiceWorkerFetchTask.h:
    * NetworkProcess/ServiceWorker/WebSWServerConnection.cpp:
    (WebKit::WebSWServerConnection::createFetchTask):
    (WebKit::WebSWServerConnection::fetchTaskTimedOut):
    * NetworkProcess/ServiceWorker/WebSWServerConnection.h:
    * NetworkProcess/ServiceWorker/WebSWServerToContextConnection.cpp:
    (WebKit::WebSWServerToContextConnection::fetchTaskTimedOut):
    
    LayoutTests:
    
    * http/wpt/service-workers/service-worker-spinning-activate.https-expected.txt:
    * http/wpt/service-workers/service-worker-spinning-activate.https.html:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255058 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-24  youenn fablet  <youenn@apple.com>

            Make sure fetch tasks go to network if service worker never gets to activated
            https://bugs.webkit.org/show_bug.cgi?id=206648

            Reviewed by Chris Dumez.

            In case worker context process crashes, the SWServerWorker gets set to NotRunning.
            If the SWServerWorker has pending activating completion handlers, they will never be called until the worker is destroyed.
            But the worker may never be destroyed until its registration is destroyed.
            This may trigger service worker fetch task hangs.

            To fix this, make sure to call activating completion handlers whenever the SWServerWorker state is changed to either Terminating or NotRunning.

            Covered by updated test.

            * workers/service/server/SWServerWorker.cpp:
            (WebCore::SWServerWorker::~SWServerWorker):
            (WebCore::SWServerWorker::whenActivated):
            (WebCore::SWServerWorker::setState):
            * workers/service/server/SWServerWorker.h:

2020-02-03  Russell Epstein  <repstein@apple.com>

        Cherry-pick r254976. rdar://problem/58942734

    fast/css/first-letter-and-float-crash.html asserts under ComplexLineLayout::createLineBoxes
    https://bugs.webkit.org/show_bug.cgi?id=206651
    <rdar://problem/54889982>
    
    Reviewed by Anders Carlsson.
    
    Source/WebCore:
    
    Take care that the first-letter style has the correct styleType set even when getCachedPseudoStyle failed.
    This is used for checking if there is an existing first letter renderer.
    
    * rendering/updating/RenderTreeBuilderFirstLetter.cpp:
    (WebCore::styleForFirstLetter):
    
    LayoutTests:
    
    * fast/css/first-letter-and-float-crash.html:
    
    Force an additional layout in the test to make the issue easily reproducible.
    
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254976 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-23  Antti Koivisto  <antti@apple.com>

            fast/css/first-letter-and-float-crash.html asserts under ComplexLineLayout::createLineBoxes
            https://bugs.webkit.org/show_bug.cgi?id=206651
            <rdar://problem/54889982>

            Reviewed by Anders Carlsson.

            Take care that the first-letter style has the correct styleType set even when getCachedPseudoStyle failed.
            This is used for checking if there is an existing first letter renderer.

            * rendering/updating/RenderTreeBuilderFirstLetter.cpp:
            (WebCore::styleForFirstLetter):

2020-01-23  Russell Epstein  <repstein@apple.com>

        Cherry-pick r254408. rdar://problem/58606270

    [WebCore] Fix crash in module loader due to change in fragment reservation
    https://bugs.webkit.org/show_bug.cgi?id=206125
    
    Reviewed by Dean Jackson.
    
    LayoutTests/imported/w3c:
    
    * web-platform-tests/html/semantics/scripting-1/the-script-element/module/import-meta/import-meta-url-expected.txt:
    
    Source/WebCore:
    
    At some point, CachedResource::url() starts returning URL without fragment.
    However, this was invariant in ScriptModuleLoader, so one of WPT test is crashing.
    
    We save source URL so that we preserve fragment information.
    Still we need to have fragment information after the redirect to fix a bug filed in [1].
    
    [1]: https://bugs.webkit.org/show_bug.cgi?id=205294
    
    * bindings/js/CachedModuleScriptLoader.cpp:
    (WebCore::CachedModuleScriptLoader::load):
    * bindings/js/CachedModuleScriptLoader.h:
    * bindings/js/ScriptModuleLoader.cpp:
    (WebCore::ScriptModuleLoader::notifyFinished):
    
    LayoutTests:
    
    * TestExpectations:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254408 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-10  Yusuke Suzuki  <ysuzuki@apple.com>

            [WebCore] Fix crash in module loader due to change in fragment reservation
            https://bugs.webkit.org/show_bug.cgi?id=206125

            Reviewed by Dean Jackson.

            At some point, CachedResource::url() starts returning URL without fragment.
            However, this was invariant in ScriptModuleLoader, so one of WPT test is crashing.

            We save source URL so that we preserve fragment information.
            Still we need to have fragment information after the redirect to fix a bug filed in [1].

            [1]: https://bugs.webkit.org/show_bug.cgi?id=205294

            * bindings/js/CachedModuleScriptLoader.cpp:
            (WebCore::CachedModuleScriptLoader::load):
            * bindings/js/CachedModuleScriptLoader.h:
            * bindings/js/ScriptModuleLoader.cpp:
            (WebCore::ScriptModuleLoader::notifyFinished):

2020-01-27  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255128. rdar://problem/58921492

    Tighten up some of the drag state machine logic
    https://bugs.webkit.org/show_bug.cgi?id=206798
    
    Reviewed by Wenson Hsieh.
    
    * page/EventHandler.h: Added shouldDispatchEventsToDragSourceElement function and renamed
    the existing dispatchDragSrcEvent function to dispatchEventToDragSourceElement.
    
    * page/EventHandler.cpp:
    (WebCore::EventHandler::updateDragAndDrop): Call the renamed dispatchEventToDragSourceElement
    unconditionally, since it now has the smarts to only dispatch an event when we are supposed to.
    (WebCore::EventHandler::cancelDragAndDrop): Ditto.
    (WebCore::EventHandler::dragSourceEndedAt): Call the new shouldDispatchEventsToDragSourceElement
    function because of the null check it does for dataTransfer, before calling setDestinationOperation
    on the dataTransfer, since there isn't an obvious ironclad guarantee we might be here without an
    actual drag fully in process and a dataTransfer object allocated. Also call the renamed
    dispatchEventToDragSourceElement by its new name.
    (WebCore::EventHandler::shouldDispatchDragSourceEvents): Added. Checks thre three conditions that
    affect whether we should dispatch events to the drag source. First that there is a drag source.
    Second that there is a dataTransfer object, indicating that we got far enough in the logic to
    actually start a drag. Third that shouldDispatchEvents is true, indicating this is the type of
    drag that should be visible to the website content and so events should be dispatched.
    (WebCore::EventHandler::dispatchEventToDragSourceElement): Call shouldDispatchDragSourceEvents
    before dispatching the event, so that callers don't all have to do that check.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255128 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-25  Darin Adler  <darin@apple.com>

            Tighten up some of the drag state machine logic
            https://bugs.webkit.org/show_bug.cgi?id=206798

            Reviewed by Wenson Hsieh.

            * page/EventHandler.h: Added shouldDispatchEventsToDragSourceElement function and renamed
            the existing dispatchDragSrcEvent function to dispatchEventToDragSourceElement.

            * page/EventHandler.cpp:
            (WebCore::EventHandler::updateDragAndDrop): Call the renamed dispatchEventToDragSourceElement
            unconditionally, since it now has the smarts to only dispatch an event when we are supposed to.
            (WebCore::EventHandler::cancelDragAndDrop): Ditto.
            (WebCore::EventHandler::dragSourceEndedAt): Call the new shouldDispatchEventsToDragSourceElement
            function because of the null check it does for dataTransfer, before calling setDestinationOperation
            on the dataTransfer, since there isn't an obvious ironclad guarantee we might be here without an
            actual drag fully in process and a dataTransfer object allocated. Also call the renamed
            dispatchEventToDragSourceElement by its new name.
            (WebCore::EventHandler::shouldDispatchDragSourceEvents): Added. Checks thre three conditions that
            affect whether we should dispatch events to the drag source. First that there is a drag source.
            Second that there is a dataTransfer object, indicating that we got far enough in the logic to
            actually start a drag. Third that shouldDispatchEvents is true, indicating this is the type of
            drag that should be visible to the website content and so events should be dispatched.
            (WebCore::EventHandler::dispatchEventToDragSourceElement): Call shouldDispatchDragSourceEvents
            before dispatching the event, so that callers don't all have to do that check.

2020-01-27  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255108. rdar://problem/58920185

    [iOS] Long pressing text inside a selection should update the selection
    https://bugs.webkit.org/show_bug.cgi?id=206769
    <rdar://problem/58704316>
    
    Reviewed by Tim Horton.
    
    Source/WebCore:
    
    Remove `hasSelectionAtPosition`, which is no longer needed.
    
    * page/Page.cpp:
    (WebCore::Page::hasSelectionAtPosition const): Deleted.
    * page/Page.h:
    
    Source/WebKit:
    
    Makes it possible to update the selection using text interaction gestures inside an existing text selection. To
    do this, we remove code that was previously required in order to disambiguate text selection and drag gestures.
    However, since adopting asynchronous drag interaction SPI, this check has not been necessary.
    
    The only other purpose of this check was to avoid triggering text selection gestures after canceling a drag
    that did not begin (i.e. the touch location did not move). Instead of bailing in -textInteractionGestures:
    shouldBeginAtPoint: and -hasSelectablePositionAtPoint:, we can achieve the same effect by simply resetting the
    text interaction gestures when the drag lift begins (at which point we know the drag interaction is starting).
    This also ensures that on iPad, in the case where the drag was cancelled by the page, long pressing may still
    trigger text selection.
    
    Test: editing/selection/ios/select-text-in-existing-selection.html
    
    * Shared/ios/InteractionInformationAtPosition.h:
    * Shared/ios/InteractionInformationAtPosition.mm:
    (WebKit::InteractionInformationAtPosition::encode const):
    (WebKit::InteractionInformationAtPosition::decode):
    
    Remove the hasSelectionAtPosition flag from position information, since we no longer need it.
    
    * UIProcess/ios/WKContentViewInteraction.mm:
    (-[UIGestureRecognizer _wk_cancel]):
    
    Drive-by fix: just ignore the gesture if it is already disabled. This prevents us from causing a gesture
    recognizer that was previously disabled to become enabled as a result of calling -_wk_cancel.
    
    (-[WKContentView hasSelectablePositionAtPoint:]):
    (-[WKContentView textInteractionGesture:shouldBeginAtPoint:]):
    (-[WKContentView cancelActiveTextInteractionGestures]):
    
    Instead of making the text interaction gestures return NO from -gestureRecognizerShouldBegin:, explicitly cancel
    the text interaction gestures that may select text.
    
    (-[WKContentView dragInteraction:willAnimateLiftWithAnimator:session:]):
    * WebProcess/WebPage/ios/WebPageIOS.mm:
    (WebKit::WebPage::positionInformation):
    
    Remove the hasSelectionAtPosition flag from position information, since we no longer need it.
    
    LayoutTests:
    
    Add a layout test to verify that it's possible to select text by long pressing inside an existing text
    selection. The test is runnable on both iPad and iPhone, since it programmatically prevents `dragstart`.
    
    * editing/selection/ios/select-text-in-existing-selection-expected.txt: Added.
    * editing/selection/ios/select-text-in-existing-selection.html: Added.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255108 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-24  Wenson Hsieh  <wenson_hsieh@apple.com>

            [iOS] Long pressing text inside a selection should update the selection
            https://bugs.webkit.org/show_bug.cgi?id=206769
            <rdar://problem/58704316>

            Reviewed by Tim Horton.

            Remove `hasSelectionAtPosition`, which is no longer needed.

            * page/Page.cpp:
            (WebCore::Page::hasSelectionAtPosition const): Deleted.
            * page/Page.h:

2020-01-27  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255076. rdar://problem/58920206

    [Web Animations] Support multiple CSS Animations with the same name in animation-name
    https://bugs.webkit.org/show_bug.cgi?id=206688
    
    Reviewed by Dean Jackson.
    
    LayoutTests/imported/w3c:
    
    Mark some new WPT progressions.
    
    * web-platform-tests/css/css-animations/Element-getAnimations-dynamic-changes.tentative-expected.txt:
    * web-platform-tests/css/css-animations/Element-getAnimations.tentative-expected.txt:
    * web-platform-tests/web-animations/timing-model/timelines/update-and-send-events-replacement-expected.txt:
    
    Source/WebCore:
    
    AnimationTimeline would keep track of registered CSS Animations by name for a given element in m_elementToCSSAnimationByName which would map one CSSAnimation
    per String (the animation-name) for a given Element. However, within the same animation-name property, the name of a given @keyframes rules may appear more
    than once, and the CSS Animations specification explains how to handle this scenario.
    
    We now correctly handle this by replacing m_elementToCSSAnimationByName with the new m_elementToCSSAnimationsCreatedByMarkupMap which simply maps an Element
    to a ListHashSet of CSSAnimation objects. Removing the string that appeared in animation-name to create this animation requires us to keep the AnimationList
    used for the last style update for sorting purposes, since having multiple instances of the same string would not allow disambiguation when sorting the
    KeyframeEffectStack.
    
    So we also replace m_cssAnimationNames, a Vector<String>, with m_cssAnimationList, a RefPtr<const AnimationList>, and use this to compare Animation objects
    stored in the AnimationList against the backing animation of each CSSAnimation.
    
    Storing the AnimationList on the KeyframeEffectStack also has the benefit of allowing us to use this as the previous state when updating CSS Animations in
    AnimationTimeline::updateCSSAnimationsForElement(). We used to rely on the previous RenderStyle provided to that function, but it's possible that this style
    is null and we would unnecessarily create additional CSSAnimation objects for animations that actually were retained since the last time CSS Animations were
    invalidated. We now use the stored AnimationList on the invalidated element's KeyframeEffectStack and create a new animation list that will replace the old
    list stored in the m_elementToCSSAnimationsCreatedByMarkupMap map for that element. We can also compare the old list with the new list to find out which
    animations are no longer current.
    
    Finally, we refactor things a bit to have some new aliases AnimationCollection and CSSAnimationCollection instead of using ListHashSet<> in our types.
    
    * animation/AnimationTimeline.cpp:
    (WebCore::AnimationTimeline::animationWasAddedToElement): Use the new AnimationCollection alias.
    (WebCore::AnimationTimeline::removeDeclarativeAnimationFromListsForOwningElement): We no longer need to do any work for CSSAnimation here since the
    m_elementToCSSAnimationByName map is no more and the m_elementToCSSAnimationsCreatedByMarkupMap that replaces it is updated in updateCSSAnimationsForElement()
    and elementWasRemoved().
    (WebCore::AnimationTimeline::animationsForElement const): Since animations are correctly sorted accounting for their composite order in KeyframeEffectStack,
    call KeyframeEffectStack::sortedEffects() when we're called with Ordering::Sorted.
    (WebCore::AnimationTimeline::removeCSSAnimationCreatedByMarkup): New method called by elementWasRemoved() to ensure that when an element is removed, we remove
    its CSSAnimation objects from the new m_elementToCSSAnimationsCreatedByMarkupMap and also update the AnimationList on the relevant KeyframeEffectStack.
    (WebCore::AnimationTimeline::elementWasRemoved): Call the new removeCSSAnimationCreatedByMarkup() method before canceling a CSSAnimation.
    (WebCore::AnimationTimeline::cancelDeclarativeAnimationsForElement): Call the new removeCSSAnimationCreatedByMarkup() method before canceling a CSSAnimation.
    (WebCore::AnimationTimeline::updateCSSAnimationsForElement): Use the AnimationList recoreded on the relevant KeyframeEffectStack to determine which CSSAnimation
    objects to create, cancel or merely update depending on the AnimationList in the current style.
    * animation/AnimationTimeline.h:
    * animation/DocumentTimeline.cpp:
    (WebCore::DocumentTimeline::getAnimations const): Use compareAnimationsByCompositeOrder() to correctly sort CSS Animations since they are no longer guaranteed
    to be stored in the relevant map in the expected order.
    * animation/KeyframeEffectStack.cpp:
    (WebCore::KeyframeEffectStack::ensureEffectsAreSorted): Use the new m_cssAnimationList instead of the old m_cssAnimationNames when sorting effects.
    (WebCore::KeyframeEffectStack::setCSSAnimationList):
    (WebCore::KeyframeEffectStack::setCSSAnimationNames): Deleted.
    * animation/KeyframeEffectStack.h:
    (WebCore::KeyframeEffectStack::cssAnimationList const):
    (WebCore::KeyframeEffectStack::cssAnimationNames const): Deleted.
    * animation/WebAnimation.cpp:
    (WebCore::WebAnimation::commitStyles): Use the new KeyframeEffectStack::cssAnimationList() instead of the old KeyframeEffectStack::cssAnimationNames().
    * animation/WebAnimationUtilities.cpp:
    (WebCore::compareAnimationsByCompositeOrder): Update the composite order comparison utility to use an AnimationList rather than a list of animation names.
    * animation/WebAnimationUtilities.h:
    * platform/animation/AnimationList.h:
    (WebCore::AnimationList::copy const):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255076 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-23  Antoine Quint  <graouts@apple.com>

            [Web Animations] Support multiple CSS Animations with the same name in animation-name
            https://bugs.webkit.org/show_bug.cgi?id=206688

            Reviewed by Dean Jackson.

            AnimationTimeline would keep track of registered CSS Animations by name for a given element in m_elementToCSSAnimationByName which would map one CSSAnimation
            per String (the animation-name) for a given Element. However, within the same animation-name property, the name of a given @keyframes rules may appear more
            than once, and the CSS Animations specification explains how to handle this scenario.

            We now correctly handle this by replacing m_elementToCSSAnimationByName with the new m_elementToCSSAnimationsCreatedByMarkupMap which simply maps an Element
            to a ListHashSet of CSSAnimation objects. Removing the string that appeared in animation-name to create this animation requires us to keep the AnimationList
            used for the last style update for sorting purposes, since having multiple instances of the same string would not allow disambiguation when sorting the
            KeyframeEffectStack.

            So we also replace m_cssAnimationNames, a Vector<String>, with m_cssAnimationList, a RefPtr<const AnimationList>, and use this to compare Animation objects
            stored in the AnimationList against the backing animation of each CSSAnimation.

            Storing the AnimationList on the KeyframeEffectStack also has the benefit of allowing us to use this as the previous state when updating CSS Animations in
            AnimationTimeline::updateCSSAnimationsForElement(). We used to rely on the previous RenderStyle provided to that function, but it's possible that this style
            is null and we would unnecessarily create additional CSSAnimation objects for animations that actually were retained since the last time CSS Animations were
            invalidated. We now use the stored AnimationList on the invalidated element's KeyframeEffectStack and create a new animation list that will replace the old
            list stored in the m_elementToCSSAnimationsCreatedByMarkupMap map for that element. We can also compare the old list with the new list to find out which
            animations are no longer current.

            Finally, we refactor things a bit to have some new aliases AnimationCollection and CSSAnimationCollection instead of using ListHashSet<> in our types.

            * animation/AnimationTimeline.cpp:
            (WebCore::AnimationTimeline::animationWasAddedToElement): Use the new AnimationCollection alias.
            (WebCore::AnimationTimeline::removeDeclarativeAnimationFromListsForOwningElement): We no longer need to do any work for CSSAnimation here since the
            m_elementToCSSAnimationByName map is no more and the m_elementToCSSAnimationsCreatedByMarkupMap that replaces it is updated in updateCSSAnimationsForElement()
            and elementWasRemoved().
            (WebCore::AnimationTimeline::animationsForElement const): Since animations are correctly sorted accounting for their composite order in KeyframeEffectStack,
            call KeyframeEffectStack::sortedEffects() when we're called with Ordering::Sorted.
            (WebCore::AnimationTimeline::removeCSSAnimationCreatedByMarkup): New method called by elementWasRemoved() to ensure that when an element is removed, we remove
            its CSSAnimation objects from the new m_elementToCSSAnimationsCreatedByMarkupMap and also update the AnimationList on the relevant KeyframeEffectStack.
            (WebCore::AnimationTimeline::elementWasRemoved): Call the new removeCSSAnimationCreatedByMarkup() method before canceling a CSSAnimation.
            (WebCore::AnimationTimeline::cancelDeclarativeAnimationsForElement): Call the new removeCSSAnimationCreatedByMarkup() method before canceling a CSSAnimation.
            (WebCore::AnimationTimeline::updateCSSAnimationsForElement): Use the AnimationList recoreded on the relevant KeyframeEffectStack to determine which CSSAnimation
            objects to create, cancel or merely update depending on the AnimationList in the current style.
            * animation/AnimationTimeline.h:
            * animation/DocumentTimeline.cpp:
            (WebCore::DocumentTimeline::getAnimations const): Use compareAnimationsByCompositeOrder() to correctly sort CSS Animations since they are no longer guaranteed
            to be stored in the relevant map in the expected order.
            * animation/KeyframeEffectStack.cpp:
            (WebCore::KeyframeEffectStack::ensureEffectsAreSorted): Use the new m_cssAnimationList instead of the old m_cssAnimationNames when sorting effects.
            (WebCore::KeyframeEffectStack::setCSSAnimationList):
            (WebCore::KeyframeEffectStack::setCSSAnimationNames): Deleted.
            * animation/KeyframeEffectStack.h:
            (WebCore::KeyframeEffectStack::cssAnimationList const):
            (WebCore::KeyframeEffectStack::cssAnimationNames const): Deleted.
            * animation/WebAnimation.cpp:
            (WebCore::WebAnimation::commitStyles): Use the new KeyframeEffectStack::cssAnimationList() instead of the old KeyframeEffectStack::cssAnimationNames().
            * animation/WebAnimationUtilities.cpp:
            (WebCore::compareAnimationsByCompositeOrder): Update the composite order comparison utility to use an AnimationList rather than a list of animation names.
            * animation/WebAnimationUtilities.h:
            * platform/animation/AnimationList.h:
            (WebCore::AnimationList::copy const):

2020-01-27  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255046. rdar://problem/58920204

    macCatalyst: I-Beam is too conservative, doesn't show up in editable areas with no text
    https://bugs.webkit.org/show_bug.cgi?id=206716
    <rdar://problem/58359523>
    
    Reviewed by Simon Fraser.
    
    * WebProcess/WebPage/ios/WebPageIOS.mm:
    (WebKit::lineCaretExtent):
    (WebKit::populateCaretContext):
    (WebKit::WebPage::positionInformation):
    Instead of uniting the caret position for the first and last position
    on the line to find the I-Beam region, use the bounds of the selection
    rect for the line, which extends beyond existing text, matching our
    traditional behavior of showing the I-Beam over blank regions.
    
    * editing/VisiblePosition.cpp:
    (WebCore::VisiblePosition::absoluteSelectionBoundsForLine const):
    * editing/VisiblePosition.h:
    Expose the bounds of the possible selection for the line that the given position belongs to.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255046 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-23  Tim Horton  <timothy_horton@apple.com>

            macCatalyst: I-Beam is too conservative, doesn't show up in editable areas with no text
            https://bugs.webkit.org/show_bug.cgi?id=206716
            <rdar://problem/58359523>

            Reviewed by Simon Fraser.

            * editing/VisiblePosition.cpp:
            (WebCore::VisiblePosition::absoluteSelectionBoundsForLine const):
            * editing/VisiblePosition.h:
            Expose the bounds of the possible selection for the line that the given position belongs to.

2020-01-27  Russell Epstein  <repstein@apple.com>

        Cherry-pick r255043. rdar://problem/58920158

    [EME] Key renewal fails when using AVContentKeyReportGroup
    https://bugs.webkit.org/show_bug.cgi?id=206694
    <rdar://problem/58628345>
    
    Patch by Jer Noble <jer.noble@apple.com> on 2020-01-23
    Reviewed by Eric Carlson.
    
    When a CDMInstanceSession has a AVContentKeyReportGroup, it doesn't have an AVContentKeySession; it has
    to get the session from it's parent CDMInstance to request key renewal.
    
    * platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.mm:
    (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::updateLicense):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255043 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-23  Jer Noble  <jer.noble@apple.com>

            [EME] Key renewal fails when using AVContentKeyReportGroup
            https://bugs.webkit.org/show_bug.cgi?id=206694
            <rdar://problem/58628345>

            Reviewed by Eric Carlson.

            When a CDMInstanceSession has a AVContentKeyReportGroup, it doesn't have an AVContentKeySession; it has
            to get the session from it's parent CDMInstance to request key renewal.

            * platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.mm:
            (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::updateLicense):

2020-01-27  Russell Epstein  <repstein@apple.com>

        Cherry-pick r254950. rdar://problem/58856023

    REGRESSION (r253519): [WKWebView evaluateJavaScript:completionHandler:] gives a non-nil, non-Error result even when JavaScript cannot be evaluated
    <rdar://problem/58544942> and https://bugs.webkit.org/show_bug.cgi?id=206608
    
    Reviewed by Alex Christensen.
    
    Source/WebCore:
    
    Covered by new API test.
    
    * bindings/js/ScriptController.cpp:
    (WebCore::ScriptController::executeScriptInWorld): Address a FIXME added in 253519 which had predicted this problem.
    
    Tools:
    
    * TestWebKitAPI/Tests/WebKitCocoa/WKWebViewEvaluateJavaScript.mm:
    (TEST):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254950 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-22  Brady Eidson  <beidson@apple.com>

            REGRESSION (r253519): [WKWebView evaluateJavaScript:completionHandler:] gives a non-nil, non-Error result even when JavaScript cannot be evaluated
            <rdar://problem/58544942> and https://bugs.webkit.org/show_bug.cgi?id=206608

            Reviewed by Alex Christensen.

            Covered by new API test.

            * bindings/js/ScriptController.cpp:
            (WebCore::ScriptController::executeScriptInWorld): Address a FIXME added in 253519 which had predicted this problem.

2020-01-27  Russell Epstein  <repstein@apple.com>

        Cherry-pick r254896. rdar://problem/58920174

    [EME] Only emit an array of persistent-usage-records when we discover > 1
    https://bugs.webkit.org/show_bug.cgi?id=206205
    <rdar://problem/58691769>
    
    Patch by Jer Noble <jer.noble@apple.com> on 2020-01-21
    Reviewed by Eric Carlson.
    
    The persistent-usage-record cache should never have more than one record per sessionId, but
    that assumption is not enforced in the file format. To not break clients that aren't
    expecting a serialized plist array, only emit an array when more than one matching data item
    is found.
    
    * platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.mm:
    (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::removeSessionData):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254896 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-21  Jer Noble  <jer.noble@apple.com>

            [EME] Only emit an array of persistent-usage-records when we discover > 1
            https://bugs.webkit.org/show_bug.cgi?id=206205
            <rdar://problem/58691769>

            Reviewed by Eric Carlson.

            The persistent-usage-record cache should never have more than one record per sessionId, but
            that assumption is not enforced in the file format. To not break clients that aren't
            expecting a serialized plist array, only emit an array when more than one matching data item
            is found.

            * platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.mm:
            (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::removeSessionData):

2020-01-27  Russell Epstein  <repstein@apple.com>

        Cherry-pick r254692. rdar://problem/58811413

    REGRESSION (r254291): [ Catalina wk2 Debug ] Flaky ASSERT on fast/images/animated-image-loop-count.html
    https://bugs.webkit.org/show_bug.cgi?id=206068
    <rdar://problem/58480028>
    
    Patch by Chris Lord <clord@igalia.com> on 2020-01-16
    Reviewed by Chris Dumez.
    
    No new tests, covered by existing tests.
    
    * platform/graphics/ImageSource.cpp:
    (WebCore::ImageSource::startAsyncDecodingQueue):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254692 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-16  Chris Lord  <clord@igalia.com>

            REGRESSION (r254291): [ Catalina wk2 Debug ] Flaky ASSERT on fast/images/animated-image-loop-count.html
            https://bugs.webkit.org/show_bug.cgi?id=206068
            <rdar://problem/58480028>

            Reviewed by Chris Dumez.

            No new tests, covered by existing tests.

            * platform/graphics/ImageSource.cpp:
            (WebCore::ImageSource::startAsyncDecodingQueue):

2020-01-27  Russell Epstein  <repstein@apple.com>

        Cherry-pick r254559. rdar://problem/58920170

    Long continuation chain could lead to stack exhaustion
    https://bugs.webkit.org/show_bug.cgi?id=206271
    <rdar://problem/41189798>
    
    Reviewed by Simon Fraser.
    
    Source/WebCore:
    
    This patch replaces the recursive approach with an iterative one
    to collect absolute quads across continuation.
    
    Test: fast/inline/long-continuation-crash.html
    
    * rendering/RenderBlock.cpp:
    (WebCore::RenderBlock::absoluteQuads const):
    (WebCore::RenderBlock::absoluteQuadsIgnoringContinuation const):
    * rendering/RenderBlock.h:
    * rendering/RenderBoxModelObject.cpp:
    (WebCore::RenderBoxModelObject::collectAbsoluteQuadsForContinuation const):
    * rendering/RenderBoxModelObject.h:
    (WebCore::RenderBoxModelObject::absoluteQuadsIgnoringContinuation const):
    * rendering/RenderInline.cpp:
    (WebCore::RenderInline::absoluteQuads const):
    (WebCore::RenderInline::absoluteQuadsIgnoringContinuation const):
    * rendering/RenderInline.h:
    
    LayoutTests:
    
    * fast/inline/long-continuation-crash.html: Added.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254559 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-14  Zalan Bujtas  <zalan@apple.com>

            Long continuation chain could lead to stack exhaustion
            https://bugs.webkit.org/show_bug.cgi?id=206271
            <rdar://problem/41189798>

            Reviewed by Simon Fraser.

            This patch replaces the recursive approach with an iterative one
            to collect absolute quads across continuation.

            Test: fast/inline/long-continuation-crash.html

            * rendering/RenderBlock.cpp:
            (WebCore::RenderBlock::absoluteQuads const):
            (WebCore::RenderBlock::absoluteQuadsIgnoringContinuation const):
            * rendering/RenderBlock.h:
            * rendering/RenderBoxModelObject.cpp:
            (WebCore::RenderBoxModelObject::collectAbsoluteQuadsForContinuation const):
            * rendering/RenderBoxModelObject.h:
            (WebCore::RenderBoxModelObject::absoluteQuadsIgnoringContinuation const):
            * rendering/RenderInline.cpp:
            (WebCore::RenderInline::absoluteQuads const):
            (WebCore::RenderInline::absoluteQuadsIgnoringContinuation const):
            * rendering/RenderInline.h:

2020-01-24  Russell Epstein  <repstein@apple.com>

        Cherry-pick r254991. rdar://problem/58856021

    [Web Animations] Make AnimationList ref-counted
    https://bugs.webkit.org/show_bug.cgi?id=206664
    
    Reviewed by Antti Koivisto.
    
    * platform/animation/AnimationList.cpp:
    * platform/animation/AnimationList.h:
    (WebCore::AnimationList::create):
    (WebCore::AnimationList::copy):
    (WebCore::AnimationList::AnimationList): Deleted.
    * rendering/style/RenderStyle.cpp:
    (WebCore::RenderStyle::ensureAnimations):
    (WebCore::RenderStyle::ensureTransitions):
    * rendering/style/StyleRareNonInheritedData.cpp:
    (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):
    * rendering/style/StyleRareNonInheritedData.h:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254991 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-23  Antoine Quint  <graouts@apple.com>

            [Web Animations] Make AnimationList ref-counted
            https://bugs.webkit.org/show_bug.cgi?id=206664

            Reviewed by Antti Koivisto.

            * platform/animation/AnimationList.cpp:
            * platform/animation/AnimationList.h:
            (WebCore::AnimationList::create):
            (WebCore::AnimationList::copy):
            (WebCore::AnimationList::AnimationList): Deleted.
            * rendering/style/RenderStyle.cpp:
            (WebCore::RenderStyle::ensureAnimations):
            (WebCore::RenderStyle::ensureTransitions):
            * rendering/style/StyleRareNonInheritedData.cpp:
            (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):
            * rendering/style/StyleRareNonInheritedData.h:

2020-01-24  Russell Epstein  <repstein@apple.com>

        Cherry-pick r254951. rdar://problem/58856000

    Make a Ref to WindowEventLoop when the timer to run tasks fires
    https://bugs.webkit.org/show_bug.cgi?id=206568
    
    Reviewed by Antti Koivisto.
    
    Keep WindowEventLoop alive explicitly while invoking EventLoop::run.
    
    * dom/WindowEventLoop.cpp:
    (WebCore::WindowEventLoop::WindowEventLoop):
    (WebCore::WindowEventLoop::didReachTimeToRun):
    * dom/WindowEventLoop.h:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254951 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-21  Ryosuke Niwa  <rniwa@webkit.org>

            Make a Ref to WindowEventLoop when the timer to run tasks fires
            https://bugs.webkit.org/show_bug.cgi?id=206568

            Reviewed by Antti Koivisto.

            Keep WindowEventLoop alive explicitly while invoking EventLoop::run.

            * dom/WindowEventLoop.cpp:
            (WebCore::WindowEventLoop::WindowEventLoop):
            (WebCore::WindowEventLoop::didReachTimeToRun):
            * dom/WindowEventLoop.h:

2020-01-23  Russell Epstein  <repstein@apple.com>

        Cherry-pick r254841. rdar://problem/58807959

    EXIF orientation is ignored for some CSS images
    https://bugs.webkit.org/show_bug.cgi?id=203355
    
    Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2020-01-20
    Reviewed by Simon Fraser.
    
    Source/WebCore:
    
    Unlike GraphicsContext::drawNativeImage(), GraphicsContext::drawPattern()
    can't change the coordinates system before drawing the image to respect
    the EXIF orientation. Drawing a pattern tries to fill the destination
    rectangle with the image according to the GraphicsContext origin and the
    direction of its axes. So we need to create temporary NativeImage with
    respecting the EXIF orientation and then use it to draw the pattern.
    
    Tests: fast/images/exif-orientation-background-image-no-repeat.html
           fast/images/exif-orientation-background-image-repeat.html
           fast/images/exif-orientation-border-image.html
    
    * platform/graphics/BitmapImage.cpp:
    (WebCore::BitmapImage::nativeImageForCurrentFrameRespectingOrientation):
    (WebCore::BitmapImage::drawPattern):
    * platform/graphics/BitmapImage.h:
    * platform/graphics/Image.h:
    (WebCore::Image::nativeImage):
    (WebCore::Image::nativeImageForCurrentFrameRespectingOrientation):
    (WebCore::Image::nativeImageOfSize):
    * platform/graphics/ImageBuffer.h:
    * platform/graphics/cg/GraphicsContextCG.cpp:
    (WebCore::GraphicsContext::drawPattern):
    * platform/graphics/cg/NativeImageCG.cpp:
    (WebCore::drawNativeImage):
    * rendering/style/NinePieceImage.cpp:
    (WebCore::NinePieceImage::paint const):
    
    LayoutTests:
    
    * fast/images/exif-orientation-background-image-no-repeat-expected.html: Added.
    * fast/images/exif-orientation-background-image-no-repeat.html: Added.
    * fast/images/exif-orientation-background-image-repeat-expected.html: Added.
    * fast/images/exif-orientation-background-image-repeat.html: Added.
    * fast/images/exif-orientation-border-image-expected.html: Added.
    * fast/images/exif-orientation-border-image.html: Added.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254841 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-20  Said Abou-Hallawa  <sabouhallawa@apple.com>

            EXIF orientation is ignored for some CSS images
            https://bugs.webkit.org/show_bug.cgi?id=203355

            Reviewed by Simon Fraser.

            Unlike GraphicsContext::drawNativeImage(), GraphicsContext::drawPattern()
            can't change the coordinates system before drawing the image to respect
            the EXIF orientation. Drawing a pattern tries to fill the destination
            rectangle with the image according to the GraphicsContext origin and the
            direction of its axes. So we need to create temporary NativeImage with
            respecting the EXIF orientation and then use it to draw the pattern.

            Tests: fast/images/exif-orientation-background-image-no-repeat.html
                   fast/images/exif-orientation-background-image-repeat.html
                   fast/images/exif-orientation-border-image.html

            * platform/graphics/BitmapImage.cpp:
            (WebCore::BitmapImage::nativeImageForCurrentFrameRespectingOrientation):
            (WebCore::BitmapImage::drawPattern):
            * platform/graphics/BitmapImage.h:
            * platform/graphics/Image.h:
            (WebCore::Image::nativeImage):
            (WebCore::Image::nativeImageForCurrentFrameRespectingOrientation):
            (WebCore::Image::nativeImageOfSize):
            * platform/graphics/ImageBuffer.h:
            * platform/graphics/cg/GraphicsContextCG.cpp:
            (WebCore::GraphicsContext::drawPattern):
            * platform/graphics/cg/NativeImageCG.cpp:
            (WebCore::drawNativeImage):
            * rendering/style/NinePieceImage.cpp:
            (WebCore::NinePieceImage::paint const):

2020-01-23  Russell Epstein  <repstein@apple.com>

        Cherry-pick r254814. rdar://problem/58816321

    Video sound sometimes keeps playing in page cache
    https://bugs.webkit.org/show_bug.cgi?id=206408
    <rdar://problem/58654047>
    
    Reviewed by Eric Carlson.
    
    Source/WebCore:
    
    In r253375, we made sure to enqueue calls that would trigger state changes, to ensure we would not start playing while in page cache.
    But this delayed the order to pause the video when entering page cache.
    Fix this by synchronously updating playing state when being suspended for page cache.
    
    Test: http/tests/navigation/page-cache-video.html
    
    * html/HTMLMediaElement.cpp:
    (WebCore::HTMLMediaElement::pauseAndUpdatePlayStateImmediately):
    (WebCore::HTMLMediaElement::stopWithoutDestroyingMediaPlayer):
    * html/HTMLMediaElement.h:
    
    LayoutTests:
    
    * http/tests/media/resources/sound_5.mp3: Added.
    File comes from WPT and is 5 seconds long.
    * http/tests/navigation/page-cache-video-expected.txt: Added.
    * http/tests/navigation/page-cache-video.html: Added.
    * http/tests/navigation/resources/page-cache-video-helper.html: Added.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254814 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-20  youenn fablet  <youenn@apple.com>

            Video sound sometimes keeps playing in page cache
            https://bugs.webkit.org/show_bug.cgi?id=206408
            <rdar://problem/58654047>

            Reviewed by Eric Carlson.

            In r253375, we made sure to enqueue calls that would trigger state changes, to ensure we would not start playing while in page cache.
            But this delayed the order to pause the video when entering page cache.
            Fix this by synchronously updating playing state when being suspended for page cache.

            Test: http/tests/navigation/page-cache-video.html

            * html/HTMLMediaElement.cpp:
            (WebCore::HTMLMediaElement::pauseAndUpdatePlayStateImmediately):
            (WebCore::HTMLMediaElement::stopWithoutDestroyingMediaPlayer):
            * html/HTMLMediaElement.h:

2020-01-23  Russell Epstein  <repstein@apple.com>

        Cherry-pick r254800. rdar://problem/58816340

    Make pasteboard markup sanitization more robust
    https://bugs.webkit.org/show_bug.cgi?id=206379
    <rdar://problem/58660859>
    
    Reviewed by Ryosuke Niwa.
    
    Makes markup sanitization when copying and pasting more robust in some circumstances (see the bug for additional
    details).
    
    * editing/markup.cpp:
    (WebCore::createPageForSanitizingWebContent):
    
    Adopt the new setting when creating the temporary web page used to sanitize markup coming from the pasteboard.
    
    * html/parser/HTMLParserOptions.cpp:
    (WebCore::HTMLParserOptions::HTMLParserOptions):
    * html/parser/HTMLParserOptions.h:
    
    Rename `scriptEnabled` to `scriptingFlag`, since parsing script elements may now be allowed even when JavaScript
    execution is disabled. The term "scripting flag" also closely matches the wording of the HTML parsing
    specification.
    
    * html/parser/HTMLTokenizer.cpp:
    (WebCore::HTMLTokenizer::updateStateFor):
    * html/parser/HTMLTreeBuilder.cpp:
    (WebCore::HTMLTreeBuilder::processStartTagForInBody):
    (WebCore::HTMLTreeBuilder::processStartTagForInHead):
    * page/Settings.yaml:
    
    Add a new setting to determine whether to consider the scripting flag on when parsing HTML. By default, we will
    only turn the scripting flag on if script execution is enabled; however, this may be set such that we may
    consider the scripting flag set, even though script execution is disabled.
    
    * page/SettingsBase.h:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254800 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-17  Wenson Hsieh  <wenson_hsieh@apple.com>

            Make pasteboard markup sanitization more robust
            https://bugs.webkit.org/show_bug.cgi?id=206379
            <rdar://problem/58660859>

            Reviewed by Ryosuke Niwa.

            Makes markup sanitization when copying and pasting more robust in some circumstances (see the bug for additional
            details).

            * editing/markup.cpp:
            (WebCore::createPageForSanitizingWebContent):

            Adopt the new setting when creating the temporary web page used to sanitize markup coming from the pasteboard.

            * html/parser/HTMLParserOptions.cpp:
            (WebCore::HTMLParserOptions::HTMLParserOptions):
            * html/parser/HTMLParserOptions.h:

            Rename `scriptEnabled` to `scriptingFlag`, since parsing script elements may now be allowed even when JavaScript
            execution is disabled. The term "scripting flag" also closely matches the wording of the HTML parsing
            specification.

            * html/parser/HTMLTokenizer.cpp:
            (WebCore::HTMLTokenizer::updateStateFor):
            * html/parser/HTMLTreeBuilder.cpp:
            (WebCore::HTMLTreeBuilder::processStartTagForInBody):
            (WebCore::HTMLTreeBuilder::processStartTagForInHead):
            * page/Settings.yaml:

            Add a new setting to determine whether to consider the scripting flag on when parsing HTML. By default, we will
            only turn the scripting flag on if script execution is enabled; however, this may be set such that we may
            consider the scripting flag set, even though script execution is disabled.

            * page/SettingsBase.h:

2020-01-23  Russell Epstein  <repstein@apple.com>

        Cherry-pick r254789. rdar://problem/58807968

    iOS: Prepare deploying Ref/RefPtr in touch event code
    https://bugs.webkit.org/show_bug.cgi?id=206466
    
    Reviewed by Wenson Hsieh.
    
    Introduce a new variant of dispatchTouchEvent, which takes EventTargetTouchArrayMap that uses
    Ref<EventTarget> as keys instead of raw pointers to EventTarget as is the case in EventTargetTouchMap.
    
    * page/EventHandler.h:
    (WebCore::EventHandler::EventTargetTouchArrayMap): Added.
    (WebCore::EventHandler::dispatchTouchEvent): Added the declaration for new variant.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254789 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-17  Ryosuke Niwa  <rniwa@webkit.org>

            iOS: Prepare deploying Ref/RefPtr in touch event code
            https://bugs.webkit.org/show_bug.cgi?id=206466

            Reviewed by Wenson Hsieh.

            Introduce a new variant of dispatchTouchEvent, which takes EventTargetTouchArrayMap that uses
            Ref<EventTarget> as keys instead of raw pointers to EventTarget as is the case in EventTargetTouchMap.

            * page/EventHandler.h:
            (WebCore::EventHandler::EventTargetTouchArrayMap): Added.
            (WebCore::EventHandler::dispatchTouchEvent): Added the declaration for new variant.

2020-01-23  Russell Epstein  <repstein@apple.com>

        Cherry-pick r254761. rdar://problem/58807932

    [MSE] Decode glitches when watching videos on CNN.com
    https://bugs.webkit.org/show_bug.cgi?id=206412
    <rdar://problem/55685630>
    
    Reviewed by Xabier Rodriguez-Calvar.
    
    Source/WebCore:
    
    Test: media/media-source/media-source-samples-out-of-order.html
    
    The "Coded frame processing" algorithm has a known shortcoming <https://github.com/w3c/media-source/issues/187>
    when dealing appends of with "SAP Type 2" content, or in general terms, appending data where the resulting samples
    have presentation times that do not increase monotonically. When this occurs, the ordering of samples in presentation
    time will be different from the ordering of samples in decode time. The decoder requires samples to be enqueued in
    decode time order, but the MSE specification only checks for overlapping samples in presentation time order. During
    appends of out-of-order samples, this can lead to new samples being inserted between a previously appended sample and
    the sample on which that sample depends.
    
    To resolve this, add a new step in the implementation of the "coded frame processing" algorithm in
    SourceBuffer::sourceBufferPrivateDidReceiveSample(). When the incoming frame is a sync sample, search forward
    in the TrackBuffer for all previous samples in between the new sync sample, and the next sync sample. All the
    samples found in this step would fail to decode correctly if enqueued after the new (possibly different resolution)
    sync sample, so they are removed in this step.
    
    * Modules/mediasource/SampleMap.cpp:
    (WebCore::DecodeOrderSampleMap::findSampleAfterDecodeKey):
    * Modules/mediasource/SampleMap.h:
    * Modules/mediasource/SourceBuffer.cpp:
    (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample):
    
    LayoutTests:
    
    * media/media-source/media-source-samples-out-of-order-expected.txt: Added.
    * media/media-source/media-source-samples-out-of-order.html: Added.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254761 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-17  Jer Noble  <jer.noble@apple.com>

            [MSE] Decode glitches when watching videos on CNN.com
            https://bugs.webkit.org/show_bug.cgi?id=206412
            <rdar://problem/55685630>

            Reviewed by Xabier Rodriguez-Calvar.

            Test: media/media-source/media-source-samples-out-of-order.html

            The "Coded frame processing" algorithm has a known shortcoming <https://github.com/w3c/media-source/issues/187>
            when dealing appends of with "SAP Type 2" content, or in general terms, appending data where the resulting samples
            have presentation times that do not increase monotonically. When this occurs, the ordering of samples in presentation
            time will be different from the ordering of samples in decode time. The decoder requires samples to be enqueued in
            decode time order, but the MSE specification only checks for overlapping samples in presentation time order. During
            appends of out-of-order samples, this can lead to new samples being inserted between a previously appended sample and
            the sample on which that sample depends.

            To resolve this, add a new step in the implementation of the "coded frame processing" algorithm in
            SourceBuffer::sourceBufferPrivateDidReceiveSample(). When the incoming frame is a sync sample, search forward
            in the TrackBuffer for all previous samples in between the new sync sample, and the next sync sample. All the
            samples found in this step would fail to decode correctly if enqueued after the new (possibly different resolution)
            sync sample, so they are removed in this step.

            * Modules/mediasource/SampleMap.cpp:
            (WebCore::DecodeOrderSampleMap::findSampleAfterDecodeKey):
            * Modules/mediasource/SampleMap.h:
            * Modules/mediasource/SourceBuffer.cpp:
            (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample):

2020-01-23  Russell Epstein  <repstein@apple.com>

        Cherry-pick r254722. rdar://problem/58811423

    REGRESSION (r251110): Crash on https://developer.apple.com/tutorials/swiftui/creating-and-combining-views
    https://bugs.webkit.org/show_bug.cgi?id=206337
    
    Reviewed by Geoffrey Garen.
    
    Source/WebCore:
    
    The crash was caused by RadioButtonGroups::hasCheckedButton getting called by RadioInputType's
    matchesIndeterminatePseudoClass during a style update which happens before the input element had a chance
    to register itself with RadioButtonGroups in HTMLInputElement::didFinishInsertingNode.
    
    This happens, in particular, when didFinishInsertingNode of other nodes that appear before the input element
    executes arbitrary author scripts or otherwise update the style.
    
    Test: fast/forms/match-pseudo-on-radio-before-finalizing-tree-insertion-crash.html
    
    * dom/RadioButtonGroups.cpp:
    (WebCore::RadioButtonGroups::hasCheckedButton const):
    
    LayoutTests:
    
    Added a regression test. The test crashes on trunk and causes an infinite loop before r251110.
    
    * fast/forms/match-pseudo-on-radio-before-finalizing-tree-insertion-crash-expected.txt: Added.
    * fast/forms/match-pseudo-on-radio-before-finalizing-tree-insertion-crash.html: Added.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254722 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-16  Ryosuke Niwa  <rniwa@webkit.org>

            REGRESSION (r251110): Crash on https://developer.apple.com/tutorials/swiftui/creating-and-combining-views
            https://bugs.webkit.org/show_bug.cgi?id=206337

            Reviewed by Geoffrey Garen.

            The crash was caused by RadioButtonGroups::hasCheckedButton getting called by RadioInputType's
            matchesIndeterminatePseudoClass during a style update which happens before the input element had a chance
            to register itself with RadioButtonGroups in HTMLInputElement::didFinishInsertingNode.

            This happens, in particular, when didFinishInsertingNode of other nodes that appear before the input element
            executes arbitrary author scripts or otherwise update the style.

            Test: fast/forms/match-pseudo-on-radio-before-finalizing-tree-insertion-crash.html

            * dom/RadioButtonGroups.cpp:
            (WebCore::RadioButtonGroups::hasCheckedButton const):

2020-01-23  Russell Epstein  <repstein@apple.com>

        Cherry-pick r254710. rdar://problem/58807942

    [WebAuthn] User Verification (UV) option present on a CTAP2 authenticatorMakeCredential while the authenticator has not advertised support for it
    https://bugs.webkit.org/show_bug.cgi?id=204111
    <rdar://problem/57019604>
    
    Reviewed by Brent Fulgham.
    
    Source/WebCore:
    
    Covered by API tests.
    
    * Modules/webauthn/fido/DeviceRequestConverter.cpp:
    (fido::encodeMakeCredenitalRequestAsCBOR):
    (fido::encodeGetAssertionRequestAsCBOR):
    Only set UV if RP requires it.
    
    Tools:
    
    * TestWebKitAPI/Tests/WebCore/CtapRequestTest.cpp:
    (TestWebKitAPI::TEST):
    * TestWebKitAPI/Tests/WebCore/FidoTestData.h:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254710 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-16  Jiewen Tan  <jiewen_tan@apple.com>

            [WebAuthn] User Verification (UV) option present on a CTAP2 authenticatorMakeCredential while the authenticator has not advertised support for it
            https://bugs.webkit.org/show_bug.cgi?id=204111
            <rdar://problem/57019604>

            Reviewed by Brent Fulgham.

            Covered by API tests.

            * Modules/webauthn/fido/DeviceRequestConverter.cpp:
            (fido::encodeMakeCredenitalRequestAsCBOR):
            (fido::encodeGetAssertionRequestAsCBOR):
            Only set UV if RP requires it.

2020-01-23  Russell Epstein  <repstein@apple.com>

        Cherry-pick r254700. rdar://problem/58811338

    WK1: arbitrary JS execution while tearing down renderers in Element::addShadowRoot
    https://bugs.webkit.org/show_bug.cgi?id=206335
    
    Reviewed by Antti Koivisto.
    
    Delay the widget hierarchy updates until we're done attaching a shadow root.
    Otherwise, WK1 would retry to update the focus synchronously.
    
    * dom/Element.cpp:
    (WebCore::Element::addShadowRoot):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254700 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-16  Ryosuke Niwa  <rniwa@webkit.org>

            WK1: arbitrary JS execution while tearing down renderers in Element::addShadowRoot
            https://bugs.webkit.org/show_bug.cgi?id=206335

            Reviewed by Antti Koivisto.

            Delay the widget hierarchy updates until we're done attaching a shadow root.
            Otherwise, WK1 would retry to update the focus synchronously.

            * dom/Element.cpp:
            (WebCore::Element::addShadowRoot):

2020-01-23  Russell Epstein  <repstein@apple.com>

        Cherry-pick r254659. rdar://problem/58811354

    Keep RefPtr instead of raw pointer to message queue on WebCoreResourceHandleAsOperationQueueDelegate
    https://bugs.webkit.org/show_bug.cgi?id=206261
    <rdar://problem/57562592>
    
    Patch by Alex Christensen <achristensen@webkit.org> on 2020-01-15
    Reviewed by David Kilzer.
    
    There's no reason to keep a raw pointer when we can keep a smart pointer.
    This will make this more robust against someone forgetting to clear this pointer value.
    
    * platform/network/ResourceHandle.h:
    * platform/network/SynchronousLoaderClient.cpp:
    (WebCore::SynchronousLoaderClient::SynchronousLoaderClient):
    (WebCore::SynchronousLoaderClient::didFinishLoading):
    (WebCore::SynchronousLoaderClient::didFail):
    * platform/network/SynchronousLoaderClient.h:
    (WebCore::SynchronousLoaderMessageQueue::create):
    (WebCore::SynchronousLoaderMessageQueue::append):
    (WebCore::SynchronousLoaderMessageQueue::kill):
    (WebCore::SynchronousLoaderMessageQueue::killed const):
    (WebCore::SynchronousLoaderMessageQueue::waitForMessage):
    * platform/network/mac/ResourceHandleMac.mm:
    (WebCore::ResourceHandle::makeDelegate):
    * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.h:
    * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
    (-[WebCoreResourceHandleAsOperationQueueDelegate callFunctionOnMainThread:]):
    (-[WebCoreResourceHandleAsOperationQueueDelegate initWithHandle:messageQueue:]):
    (-[WebCoreResourceHandleAsOperationQueueDelegate connection:willSendRequest:redirectResponse:]):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254659 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-15  Alex Christensen  <achristensen@webkit.org>

            Keep RefPtr instead of raw pointer to message queue on WebCoreResourceHandleAsOperationQueueDelegate
            https://bugs.webkit.org/show_bug.cgi?id=206261
            <rdar://problem/57562592>

            Reviewed by David Kilzer.

            There's no reason to keep a raw pointer when we can keep a smart pointer.
            This will make this more robust against someone forgetting to clear this pointer value.

            * platform/network/ResourceHandle.h:
            * platform/network/SynchronousLoaderClient.cpp:
            (WebCore::SynchronousLoaderClient::SynchronousLoaderClient):
            (WebCore::SynchronousLoaderClient::didFinishLoading):
            (WebCore::SynchronousLoaderClient::didFail):
            * platform/network/SynchronousLoaderClient.h:
            (WebCore::SynchronousLoaderMessageQueue::create):
            (WebCore::SynchronousLoaderMessageQueue::append):
            (WebCore::SynchronousLoaderMessageQueue::kill):
            (WebCore::SynchronousLoaderMessageQueue::killed const):
            (WebCore::SynchronousLoaderMessageQueue::waitForMessage):
            * platform/network/mac/ResourceHandleMac.mm:
            (WebCore::ResourceHandle::makeDelegate):
            * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.h:
            * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
            (-[WebCoreResourceHandleAsOperationQueueDelegate callFunctionOnMainThread:]):
            (-[WebCoreResourceHandleAsOperationQueueDelegate initWithHandle:messageQueue:]):
            (-[WebCoreResourceHandleAsOperationQueueDelegate connection:willSendRequest:redirectResponse:]):

2020-01-23  Russell Epstein  <repstein@apple.com>

        Cherry-pick r254652. rdar://problem/58811422

    Regression(r253213) Load hang and high CPU usage when trying to load myuhc.com
    https://bugs.webkit.org/show_bug.cgi?id=206315
    <rdar://problem/58139842>
    
    Reviewed by Geoffrey Garen.
    
    Source/WebCore:
    
    Starting in r253213, we now throw when trying to do a sync XHR during unload. Unfortunately, this is confusing the script
    on myuhc.com and it ends up retrying the sync XHR in a tight loop. To address the issue, I am putting in a safety net which
    ignores calls to XMLHttpRequest.send() instead of throwing, once we've reached 5 sync XHR failures during unload.
    
    Throwing is useful because this gives a change for Web authors to fall back to using Beacon API or Fetch KeepAlive if the
    sync XHR fails. There is already code out there doing just that. You could imagine content doing more than one sync XHR
    during unload, each one with a good beacon API fallback. For this reason, I put in a limit of 5 sync failures before
    we stop throwing. Having a limit is important to break bad loops when the content simply retries the same sync XHR load
    when the sync XHR send() call throws.
    
    Tests: fast/xmlhttprequest/xmlhttprequest-multiple-sync-xhr-during-unload.html
           fast/xmlhttprequest/xmlhttprequest-sync-xhr-failure-loop-during-unload.html
    
    * dom/Document.cpp:
    (WebCore::Document::didRejectSyncXHRDuringPageDismissal):
    (WebCore::Document::shouldIgnoreSyncXHRs const):
    * dom/Document.h:
    * loader/DocumentThreadableLoader.cpp:
    (WebCore::DocumentThreadableLoader::DocumentThreadableLoader):
    * xml/XMLHttpRequest.cpp:
    (WebCore::XMLHttpRequest::prepareToSend):
    
    LayoutTests:
    
    Add layout test coverage.
    
    * fast/xmlhttprequest/resources/xmlhttprequest-multiple-sync-xhr-during-unload-iframe.html: Added.
    * fast/xmlhttprequest/resources/xmlhttprequest-sync-xhr-failure-loop-during-unload-iframe.html: Added.
    * fast/xmlhttprequest/xmlhttprequest-multiple-sync-xhr-during-unload-expected.txt: Added.
    * fast/xmlhttprequest/xmlhttprequest-multiple-sync-xhr-during-unload.html: Added.
    * fast/xmlhttprequest/xmlhttprequest-sync-xhr-failure-loop-during-unload-expected.txt: Added.
    * fast/xmlhttprequest/xmlhttprequest-sync-xhr-failure-loop-during-unload.html: Added.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254652 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-15  Chris Dumez  <cdumez@apple.com>

            Regression(r253213) Load hang and high CPU usage when trying to load myuhc.com
            https://bugs.webkit.org/show_bug.cgi?id=206315
            <rdar://problem/58139842>

            Reviewed by Geoffrey Garen.

            Starting in r253213, we now throw when trying to do a sync XHR during unload. Unfortunately, this is confusing the script
            on myuhc.com and it ends up retrying the sync XHR in a tight loop. To address the issue, I am putting in a safety net which
            ignores calls to XMLHttpRequest.send() instead of throwing, once we've reached 5 sync XHR failures during unload.

            Throwing is useful because this gives a change for Web authors to fall back to using Beacon API or Fetch KeepAlive if the
            sync XHR fails. There is already code out there doing just that. You could imagine content doing more than one sync XHR
            during unload, each one with a good beacon API fallback. For this reason, I put in a limit of 5 sync failures before
            we stop throwing. Having a limit is important to break bad loops when the content simply retries the same sync XHR load
            when the sync XHR send() call throws.

            Tests: fast/xmlhttprequest/xmlhttprequest-multiple-sync-xhr-during-unload.html
                   fast/xmlhttprequest/xmlhttprequest-sync-xhr-failure-loop-during-unload.html

            * dom/Document.cpp:
            (WebCore::Document::didRejectSyncXHRDuringPageDismissal):
            (WebCore::Document::shouldIgnoreSyncXHRs const):
            * dom/Document.h:
            * loader/DocumentThreadableLoader.cpp:
            (WebCore::DocumentThreadableLoader::DocumentThreadableLoader):
            * xml/XMLHttpRequest.cpp:
            (WebCore::XMLHttpRequest::prepareToSend):

2020-01-23  Russell Epstein  <repstein@apple.com>

        Cherry-pick r254541. rdar://problem/58605951

    Supported mime types for encoding should be supported mime types for loading
    https://bugs.webkit.org/show_bug.cgi?id=206239
    
    Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2020-01-14
    Reviewed by Simon Fraser.
    
    Source/WebCore:
    
    Consult isSupportedImageType() for the system supported UTI before
    considering its mime type is allowed for the image DataURL encoding.
    
    Test: fast/canvas/toDataURL-unsupportedTypes.html
    
    * platform/MIMETypeRegistry.cpp:
    (WebCore::MIMETypeRegistry::createMIMETypeRegistryThreadGlobalData):
    
    LayoutTests:
    
    * fast/canvas/toDataURL-unsupportedTypes-expected.txt: Added.
    * fast/canvas/toDataURL-unsupportedTypes.html: Added.
    Unsupported mime-types for encoding should fall back to 'image/png'.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254541 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-14  Said Abou-Hallawa  <sabouhallawa@apple.com>

            Supported mime types for encoding should be supported mime types for loading
            https://bugs.webkit.org/show_bug.cgi?id=206239

            Reviewed by Simon Fraser.

            Consult isSupportedImageType() for the system supported UTI before
            considering its mime type is allowed for the image DataURL encoding.

            Test: fast/canvas/toDataURL-unsupportedTypes.html

            * platform/MIMETypeRegistry.cpp:
            (WebCore::MIMETypeRegistry::createMIMETypeRegistryThreadGlobalData):

2020-01-23  Russell Epstein  <repstein@apple.com>

        Cherry-pick r254512. rdar://problem/58606195

    A video element cannot enter fullscreen from PiP mode
    https://bugs.webkit.org/show_bug.cgi?id=204468
    
    Reviewed by Eric Carlson.
    
    This patch fixes two issues:
    - Make sure the message exchanges between WebContent and UI process can complete in the scenario that switching to fullscreen from PiP.
    - Do not send fullscreenModeChanged event with mode = 3 (both fullscreen and Picture-in-Picture) to WebContent process.
    
    We need to use API tests to verify the fix.
    No new tests are added because of webkit.org/b/203724.
    
    * platform/ios/VideoFullscreenInterfaceAVKit.mm:
    (VideoFullscreenInterfaceAVKit::didStopPictureInPicture):
    (VideoFullscreenInterfaceAVKit::doEnterFullscreen):
    (VideoFullscreenInterfaceAVKit::setMode):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254512 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-14  Peng Liu  <peng.liu6@apple.com>

            A video element cannot enter fullscreen from PiP mode
            https://bugs.webkit.org/show_bug.cgi?id=204468

            Reviewed by Eric Carlson.

            This patch fixes two issues:
            - Make sure the message exchanges between WebContent and UI process can complete in the scenario that switching to fullscreen from PiP.
            - Do not send fullscreenModeChanged event with mode = 3 (both fullscreen and Picture-in-Picture) to WebContent process.

            We need to use API tests to verify the fix.
            No new tests are added because of webkit.org/b/203724.

            * platform/ios/VideoFullscreenInterfaceAVKit.mm:
            (VideoFullscreenInterfaceAVKit::didStopPictureInPicture):
            (VideoFullscreenInterfaceAVKit::doEnterFullscreen):
            (VideoFullscreenInterfaceAVKit::setMode):

2020-01-23  Russell Epstein  <repstein@apple.com>

        Cherry-pick r254497. rdar://problem/58606212

    REGRESSION (Catalina) non-scrolling iframe prevents document scrolling
    https://bugs.webkit.org/show_bug.cgi?id=202687
    
    Reviewed by Tim Horton.
    
    Source/WebCore:
    
    Latching code in EventHandlerMac would consider <iframe scrolling=no> to be a latching
    candidate, which would cause mousewheel scrolling in a <iframe scrolling=no> nested inside
    a scrollable frame to not scroll. This affected ads and twitch.tv.
    
    Fix by having scrolledToEdgeInDominantDirection() return true for non-scrollable iframes.
    
    Test: tiled-drawing/scrolling/scrolling-no-iframe-latching.html
    
    * page/mac/EventHandlerMac.mm:
    (WebCore::scrolledToEdgeInDominantDirection):
    * platform/ScrollView.h:
    (WebCore::ScrollView::canHaveScrollbars const): Deleted.
    * platform/ScrollableArea.h:
    (WebCore::ScrollableArea::canHaveScrollbars const):
    
    LayoutTests:
    
    * tiled-drawing/scrolling/scrolling-no-iframe-latching-expected.txt: Added.
    * tiled-drawing/scrolling/scrolling-no-iframe-latching.html: Added.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254497 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-13  Simon Fraser  <simon.fraser@apple.com>

            REGRESSION (Catalina) non-scrolling iframe prevents document scrolling
            https://bugs.webkit.org/show_bug.cgi?id=202687

            Reviewed by Tim Horton.

            Latching code in EventHandlerMac would consider <iframe scrolling=no> to be a latching
            candidate, which would cause mousewheel scrolling in a <iframe scrolling=no> nested inside
            a scrollable frame to not scroll. This affected ads and twitch.tv.

            Fix by having scrolledToEdgeInDominantDirection() return true for non-scrollable iframes.

            Test: tiled-drawing/scrolling/scrolling-no-iframe-latching.html

            * page/mac/EventHandlerMac.mm:
            (WebCore::scrolledToEdgeInDominantDirection):
            * platform/ScrollView.h:
            (WebCore::ScrollView::canHaveScrollbars const): Deleted.
            * platform/ScrollableArea.h:
            (WebCore::ScrollableArea::canHaveScrollbars const):

2020-01-23  Russell Epstein  <repstein@apple.com>

        Cherry-pick r254492. rdar://problem/58606251

    Scrollbar hiding on iOS via ::-webkit-scrollbar { display: none } doesn't work
    https://bugs.webkit.org/show_bug.cgi?id=206197
    
    Reviewed by Tim Horton.
    Source/WebCore:
    
    The logic added in r251369 was reversed, causing scrollbar hiding to not work correctly.
    
    Tested by fast/scrolling/ios/scrollbar-hiding.html
    
    * rendering/RenderScrollbar.cpp:
    (WebCore::RenderScrollbar::isHiddenByStyle const):
    
    LayoutTests:
    
    The logic added in r251369 was reversed, causing scrollbar hiding to not work correctly.
    
    * fast/scrolling/ios/scrollbar-hiding-expected.txt:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254492 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-13  Simon Fraser  <simon.fraser@apple.com>

            Scrollbar hiding on iOS via ::-webkit-scrollbar { display: none } doesn't work
            https://bugs.webkit.org/show_bug.cgi?id=206197

            Reviewed by Tim Horton.

            The logic added in r251369 was reversed, causing scrollbar hiding to not work correctly.

            Tested by fast/scrolling/ios/scrollbar-hiding.html

            * rendering/RenderScrollbar.cpp:
            (WebCore::RenderScrollbar::isHiddenByStyle const):

2020-01-23  Russell Epstein  <repstein@apple.com>

        Cherry-pick r254490. rdar://problem/58605943

    [WK1][iOS] VideoFullscreenControllerContext uses UIKit on the WebThread
    https://bugs.webkit.org/show_bug.cgi?id=206203
    <rdar://problem/48742782>
    
    Reviewed by Simon Fraser.
    
    * platform/ios/WebVideoFullscreenControllerAVKit.mm:
    (VideoFullscreenControllerContext::setVideoLayerFrame):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254490 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-13  Jer Noble  <jer.noble@apple.com>

            [WK1][iOS] VideoFullscreenControllerContext uses UIKit on the WebThread
            https://bugs.webkit.org/show_bug.cgi?id=206203
            <rdar://problem/48742782>

            Reviewed by Simon Fraser.

            * platform/ios/WebVideoFullscreenControllerAVKit.mm:
            (VideoFullscreenControllerContext::setVideoLayerFrame):

2020-01-23  Russell Epstein  <repstein@apple.com>

        Cherry-pick r254484. rdar://problem/58606285

    RenderTreeBuilder::Block::attachIgnoringContinuation should handle inline-block anonymous containers.
    https://bugs.webkit.org/show_bug.cgi?id=202913
    <rdar://problem/56233694>
    
    Reviewed by Simon Fraser.
    
    Source/WebCore:
    
    When the before child happens to be a block level box wrapped in an anonymous inline-block (e.g. ruby),
    let's attach this new child before the anonymous inline-block wrapper instead.
    
    Test: fast/ruby/before-child-is-block-after.html
    
    * rendering/updating/RenderTreeBuilderBlock.cpp:
    (WebCore::RenderTreeBuilder::Block::attachIgnoringContinuation):
    
    LayoutTests:
    
    * fast/ruby/before-child-is-block-after-expected.txt: Added.
    * fast/ruby/before-child-is-block-after.html: Added.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254484 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-13  Zalan Bujtas  <zalan@apple.com>

            RenderTreeBuilder::Block::attachIgnoringContinuation should handle inline-block anonymous containers.
            https://bugs.webkit.org/show_bug.cgi?id=202913
            <rdar://problem/56233694>

            Reviewed by Simon Fraser.

            When the before child happens to be a block level box wrapped in an anonymous inline-block (e.g. ruby),
            let's attach this new child before the anonymous inline-block wrapper instead.

            Test: fast/ruby/before-child-is-block-after.html

            * rendering/updating/RenderTreeBuilderBlock.cpp:
            (WebCore::RenderTreeBuilder::Block::attachIgnoringContinuation):

2020-01-23  Russell Epstein  <repstein@apple.com>

        Cherry-pick r254408. rdar://problem/58606270

    [WebCore] Fix crash in module loader due to change in fragment reservation
    https://bugs.webkit.org/show_bug.cgi?id=206125
    
    Reviewed by Dean Jackson.
    
    LayoutTests/imported/w3c:
    
    * web-platform-tests/html/semantics/scripting-1/the-script-element/module/import-meta/import-meta-url-expected.txt:
    
    Source/WebCore:
    
    At some point, CachedResource::url() starts returning URL without fragment.
    However, this was invariant in ScriptModuleLoader, so one of WPT test is crashing.
    
    We save source URL so that we preserve fragment information.
    Still we need to have fragment information after the redirect to fix a bug filed in [1].
    
    [1]: https://bugs.webkit.org/show_bug.cgi?id=205294
    
    * bindings/js/CachedModuleScriptLoader.cpp:
    (WebCore::CachedModuleScriptLoader::load):
    * bindings/js/CachedModuleScriptLoader.h:
    * bindings/js/ScriptModuleLoader.cpp:
    (WebCore::ScriptModuleLoader::notifyFinished):
    
    LayoutTests:
    
    * TestExpectations:
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254408 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-10  Yusuke Suzuki  <ysuzuki@apple.com>

            [WebCore] Fix crash in module loader due to change in fragment reservation
            https://bugs.webkit.org/show_bug.cgi?id=206125

            Reviewed by Dean Jackson.

            At some point, CachedResource::url() starts returning URL without fragment.
            However, this was invariant in ScriptModuleLoader, so one of WPT test is crashing.

            We save source URL so that we preserve fragment information.
            Still we need to have fragment information after the redirect to fix a bug filed in [1].

            [1]: https://bugs.webkit.org/show_bug.cgi?id=205294

            * bindings/js/CachedModuleScriptLoader.cpp:
            (WebCore::CachedModuleScriptLoader::load):
            * bindings/js/CachedModuleScriptLoader.h:
            * bindings/js/ScriptModuleLoader.cpp:
            (WebCore::ScriptModuleLoader::notifyFinished):

2020-01-15  Alan Coon  <alancoon@apple.com>

        Cherry-pick r254267. rdar://problem/58606290

    Reformat FrameView logging
    https://bugs.webkit.org/show_bug.cgi?id=205984
    <rdar://problem/58431722>
    
    Reviewed by Brent Fulgham.
    
    Update the format used by FrameView in its RELEASE_LOG logging. Use
    the format used by WebPageProxy and NetworkResourceLoader, which is
    generally of the form:
    
        <object-address> - [<values that help thread together operations>] <class>::<method>: <message and other useful values>
    
    So, for example:
    
        0x4a1cf8010 - FrameView::fireLayoutRelatedMilestonesIfNeeded() - firing first visually non-empty layout milestone on the main frame
    
    becomes:
    
        0x561be8010 - [frame=0x55d47e000, main=1] FrameView::fireLayoutRelatedMilestonesIfNeeded: Firing first visually non-empty layout milestone on the main frame
    
    No new tests -- no new or changed functionality.
    
    * page/FrameView.cpp:
    (WebCore::FrameView::paintContents):
    (WebCore::FrameView::fireLayoutRelatedMilestonesIfNeeded):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254267 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-09  Keith Rollin  <krollin@apple.com>

            Reformat FrameView logging
            https://bugs.webkit.org/show_bug.cgi?id=205984
            <rdar://problem/58431722>

            Reviewed by Brent Fulgham.

            Update the format used by FrameView in its RELEASE_LOG logging. Use
            the format used by WebPageProxy and NetworkResourceLoader, which is
            generally of the form:

                <object-address> - [<values that help thread together operations>] <class>::<method>: <message and other useful values>

            So, for example:

                0x4a1cf8010 - FrameView::fireLayoutRelatedMilestonesIfNeeded() - firing first visually non-empty layout milestone on the main frame

            becomes:

                0x561be8010 - [frame=0x55d47e000, main=1] FrameView::fireLayoutRelatedMilestonesIfNeeded: Firing first visually non-empty layout milestone on the main frame

            No new tests -- no new or changed functionality.

            * page/FrameView.cpp:
            (WebCore::FrameView::paintContents):
            (WebCore::FrameView::fireLayoutRelatedMilestonesIfNeeded):

2020-01-15  Alan Coon  <alancoon@apple.com>

        Cherry-pick r254229. rdar://problem/58605950

    <img>.naturalWidth should return the density-corrected intrinsic width
    https://bugs.webkit.org/show_bug.cgi?id=150443
    
    Patch by Noam Rosenthal <noam@webkit.org> on 2020-01-08
    Reviewed by Simon Fraser.
    
    LayoutTests/imported/w3c:
    
    Updated expected results.
    
    * web-platform-tests/html/semantics/embedded-content/the-img-element/current-pixel-density/basic-expected.txt:
            All tests now pass.
    
    * web-platform-tests/html/semantics/embedded-content/the-img-element/intrinsicsize/intrinsicsize-with-responsive-images.tentative-expected.txt:
            Still fails but failure values are different.
    
    Source/WebCore:
    
    Take image's density into account when requesting naturalWidth/naturalHeight, not in SVG.
    
    This now complies with the standard (https://html.spec.whatwg.org/multipage/embedded-content.html#dom-img-naturalwidth)
    It also matches the behavior on Chrome and on Firefox.
    
    Test: imported/w3c/web-platform-tests/html/semantics/embedded-content/the-img-element/current-pixel-density/basic.html
            Updaded expected results
    
    * html/HTMLImageElement.cpp:
    (WebCore::HTMLImageElement::effectiveImageDevicePixelRatio const):
    (WebCore::HTMLImageElement::naturalWidth const):
    (WebCore::HTMLImageElement::naturalHeight const):
    * html/HTMLImageElement.h:
            Use effective image devicePixelRatio for naturalWidth/height calculation
    
    * loader/cache/CachedImage.cpp:
    (WebCore::CachedImage::unclampedImageSizeForRenderer const):
    (WebCore::CachedImage::imageSizeForRenderer const):
    * loader/cache/CachedImage.h:
            Don't clamp to 1 when calculating naturalWidth/naturalHeight, as this has
            nothing to do with zoomed images. Zoomed images behavior remains the same.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254229 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-08  Noam Rosenthal  <noam@webkit.org>

            <img>.naturalWidth should return the density-corrected intrinsic width
            https://bugs.webkit.org/show_bug.cgi?id=150443

            Reviewed by Simon Fraser.

            Take image's density into account when requesting naturalWidth/naturalHeight, not in SVG.

            This now complies with the standard (https://html.spec.whatwg.org/multipage/embedded-content.html#dom-img-naturalwidth)
            It also matches the behavior on Chrome and on Firefox.

            Test: imported/w3c/web-platform-tests/html/semantics/embedded-content/the-img-element/current-pixel-density/basic.html
                    Updaded expected results

            * html/HTMLImageElement.cpp:
            (WebCore::HTMLImageElement::effectiveImageDevicePixelRatio const):
            (WebCore::HTMLImageElement::naturalWidth const):
            (WebCore::HTMLImageElement::naturalHeight const):
            * html/HTMLImageElement.h:
                    Use effective image devicePixelRatio for naturalWidth/height calculation

            * loader/cache/CachedImage.cpp:
            (WebCore::CachedImage::unclampedImageSizeForRenderer const):
            (WebCore::CachedImage::imageSizeForRenderer const):
            * loader/cache/CachedImage.h:
                    Don't clamp to 1 when calculating naturalWidth/naturalHeight, as this has
                    nothing to do with zoomed images. Zoomed images behavior remains the same.

2020-01-15  Alan Coon  <alancoon@apple.com>

        Cherry-pick r254187. rdar://problem/58605950

    Implement css3-images image-orientation
    https://bugs.webkit.org/show_bug.cgi?id=89052
    
    Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2020-01-07
    Reviewed by Simon Fraser.
    
    LayoutTests/imported/w3c:
    
    * web-platform-tests/css/css-images/inheritance-expected.txt:
    * web-platform-tests/css/css-images/inheritance.html:
    This test is re-synced from upstream
    
    * web-platform-tests/css/css-images/parsing/image-orientation-computed-expected.txt:
    * web-platform-tests/css/css-images/parsing/image-orientation-valid-expected.txt:
    
    Source/JavaScriptCore:
    
    Remove the ENABLE_CSS_IMAGE_ORIENTATION feature flag.
    
    * Configurations/FeatureDefines.xcconfig:
    
    Source/WebCore:
    
    Implement the CSS image-orientation property for content images. The valid
    values are "from-image" or "none". The default value is "from-image".
    
    Specification: https://drafts.csswg.org/css-images-3/#the-image-orientation
    GitHub issue: https://github.com/w3c/csswg-drafts/issues/4164
    
    Tests: fast/images/image-orientation-dynamic-from-image.html
           fast/images/image-orientation-dynamic-none.html
           fast/images/image-orientation-none.html
    
    * Configurations/FeatureDefines.xcconfig:
    * css/CSSComputedStyleDeclaration.cpp:
    (WebCore::ComputedStyleExtractor::valueForPropertyInStyle):
    * css/CSSPrimitiveValueMappings.h:
    (WebCore::CSSPrimitiveValue::operator ImageOrientation const): Deleted.
    * css/CSSProperties.json:
    * css/CSSValueKeywords.in:
    * css/parser/CSSPropertyParser.cpp:
    (WebCore::consumeImageOrientation):
    (WebCore::CSSPropertyParser::parseSingleValue):
    * rendering/RenderElement.cpp:
    (WebCore::RenderElement::imageOrientation const):
    * rendering/RenderImage.cpp:
    (WebCore::RenderImage::styleDidChange):
    * rendering/style/RenderStyle.cpp:
    (WebCore::rareInheritedDataChangeRequiresLayout):
    * rendering/style/RenderStyle.h:
    (WebCore::RenderStyle::setImageOrientation):
    (WebCore::RenderStyle::initialImageOrientation):
    (WebCore::RenderStyle::imageOrientation const):
    * rendering/style/StyleRareInheritedData.cpp:
    (WebCore::StyleRareInheritedData::StyleRareInheritedData):
    (WebCore::StyleRareInheritedData::operator== const):
    * rendering/style/StyleRareInheritedData.h:
    * style/StyleBuilderConverter.h:
    (WebCore::Style::BuilderConverter::convertImageOrientation):
    
    Source/WebCore/PAL:
    
    Remove the ENABLE_CSS_IMAGE_ORIENTATION feature flag.
    
    * Configurations/FeatureDefines.xcconfig:
    
    Source/WebKit:
    
    Remove the ENABLE_CSS_IMAGE_ORIENTATION feature flag.
    
    * Configurations/FeatureDefines.xcconfig:
    
    Source/WebKitLegacy/mac:
    
    Remove the ENABLE_CSS_IMAGE_ORIENTATION feature flag.
    
    * Configurations/FeatureDefines.xcconfig:
    
    Source/WTF:
    
    Remove the ENABLE_CSS_IMAGE_ORIENTATION feature flag.
    
    * wtf/FeatureDefines.h:
    
    Tools:
    
    Remove the ENABLE_CSS_IMAGE_ORIENTATION feature flag.
    
    * TestWebKitAPI/Configurations/FeatureDefines.xcconfig:
    
    LayoutTests:
    
    Test the css image-orientation property.
    
    * fast/images/image-orientation-dynamic-from-image-expected.html: Added.
    * fast/images/image-orientation-dynamic-from-image.html: Added.
    * fast/images/image-orientation-dynamic-none-expected.html: Added.
    * fast/images/image-orientation-dynamic-none.html: Added.
    * fast/images/image-orientation-none-expected.html: Added.
    * fast/images/image-orientation-none.html: Added.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254187 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-07  Said Abou-Hallawa  <sabouhallawa@apple.com>

            Implement css3-images image-orientation
            https://bugs.webkit.org/show_bug.cgi?id=89052

            Reviewed by Simon Fraser.

            Implement the CSS image-orientation property for content images. The valid
            values are "from-image" or "none". The default value is "from-image".

            Specification: https://drafts.csswg.org/css-images-3/#the-image-orientation
            GitHub issue: https://github.com/w3c/csswg-drafts/issues/4164

            Tests: fast/images/image-orientation-dynamic-from-image.html
                   fast/images/image-orientation-dynamic-none.html
                   fast/images/image-orientation-none.html

            * Configurations/FeatureDefines.xcconfig:
            * css/CSSComputedStyleDeclaration.cpp:
            (WebCore::ComputedStyleExtractor::valueForPropertyInStyle):
            * css/CSSPrimitiveValueMappings.h:
            (WebCore::CSSPrimitiveValue::operator ImageOrientation const): Deleted.
            * css/CSSProperties.json:
            * css/CSSValueKeywords.in:
            * css/parser/CSSPropertyParser.cpp:
            (WebCore::consumeImageOrientation):
            (WebCore::CSSPropertyParser::parseSingleValue):
            * rendering/RenderElement.cpp:
            (WebCore::RenderElement::imageOrientation const):
            * rendering/RenderImage.cpp:
            (WebCore::RenderImage::styleDidChange):
            * rendering/style/RenderStyle.cpp:
            (WebCore::rareInheritedDataChangeRequiresLayout):
            * rendering/style/RenderStyle.h:
            (WebCore::RenderStyle::setImageOrientation):
            (WebCore::RenderStyle::initialImageOrientation):
            (WebCore::RenderStyle::imageOrientation const):
            * rendering/style/StyleRareInheritedData.cpp:
            (WebCore::StyleRareInheritedData::StyleRareInheritedData):
            (WebCore::StyleRareInheritedData::operator== const):
            * rendering/style/StyleRareInheritedData.h:
            * style/StyleBuilderConverter.h:
            (WebCore::Style::BuilderConverter::convertImageOrientation):

2020-01-15  Alan Coon  <alancoon@apple.com>

        Cherry-pick r254179. rdar://problem/58606203

    Reformat FrameLoader logging
    https://bugs.webkit.org/show_bug.cgi?id=205884
    <rdar://problem/58387123>
    
    Reviewed by Brent Fulgham.
    
    Update the format used by FrameLoader in its RELEASE_LOG logging. Use
    the format used by WebPageProxy and NetworkResourceLoader, which is
    generally of the form:
    
        <object-address> - [<values that help thread together operations>] <class>::<method>: <message and other useful values>
    
    So, for example:
    
        0x4aa2df000 - FrameLoader::allAllLoaders: Clearing provisional document loader (frame = 0x4a8ad3550, main = 0 m_provisionalDocumentLoader=0x0)
    
    becomes:
    
        0x465fb61a0 - [frame=0x465c98a20, main=0] FrameLoader::stopAllLoaders: Clearing provisional document loader (m_provisionalDocumentLoader=0x0)
    
    No new tests -- no new or changed functionality.
    
    * loader/FrameLoader.cpp:
    (WebCore::FrameLoader::urlSelected):
    (WebCore::FrameLoader::finishedParsing):
    (WebCore::FrameLoader::loadURLIntoChildFrame):
    (WebCore::FrameLoader::loadArchive):
    (WebCore::FrameLoader::loadInSameDocument):
    (WebCore::FrameLoader::prepareForLoadStart):
    (WebCore::FrameLoader::setupForReplace):
    (WebCore::FrameLoader::loadFrameRequest):
    (WebCore::FrameLoader::loadURL):
    (WebCore::FrameLoader::load):
    (WebCore::FrameLoader::loadWithNavigationAction):
    (WebCore::FrameLoader::loadWithDocumentLoader):
    (WebCore::FrameLoader::clearProvisionalLoadForPolicyCheck):
    (WebCore::FrameLoader::reloadWithOverrideEncoding):
    (WebCore::FrameLoader::reload):
    (WebCore::FrameLoader::stopAllLoaders):
    (WebCore::FrameLoader::stopForBackForwardCache):
    (WebCore::FrameLoader::setProvisionalDocumentLoader):
    (WebCore::FrameLoader::setState):
    (WebCore::FrameLoader::clearProvisionalLoad):
    (WebCore::FrameLoader::commitProvisionalLoad):
    (WebCore::FrameLoader::transitionToCommitted):
    (WebCore::FrameLoader::checkLoadCompleteForThisFrame):
    (WebCore::FrameLoader::loadPostRequest):
    (WebCore::FrameLoader::continueFragmentScrollAfterNavigationPolicy):
    (WebCore::FrameLoader::continueLoadAfterNavigationPolicy):
    (WebCore::FrameLoader::loadDifferentDocumentItem):
    (WebCore::FrameLoader::retryAfterFailedCacheOnlyMainResourceLoad):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254179 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-07  Keith Rollin  <krollin@apple.com>

            Reformat FrameLoader logging
            https://bugs.webkit.org/show_bug.cgi?id=205884
            <rdar://problem/58387123>

            Reviewed by Brent Fulgham.

            Update the format used by FrameLoader in its RELEASE_LOG logging. Use
            the format used by WebPageProxy and NetworkResourceLoader, which is
            generally of the form:

                <object-address> - [<values that help thread together operations>] <class>::<method>: <message and other useful values>

            So, for example:

                0x4aa2df000 - FrameLoader::allAllLoaders: Clearing provisional document loader (frame = 0x4a8ad3550, main = 0 m_provisionalDocumentLoader=0x0)

            becomes:

                0x465fb61a0 - [frame=0x465c98a20, main=0] FrameLoader::stopAllLoaders: Clearing provisional document loader (m_provisionalDocumentLoader=0x0)

            No new tests -- no new or changed functionality.

            * loader/FrameLoader.cpp:
            (WebCore::FrameLoader::urlSelected):
            (WebCore::FrameLoader::finishedParsing):
            (WebCore::FrameLoader::loadURLIntoChildFrame):
            (WebCore::FrameLoader::loadArchive):
            (WebCore::FrameLoader::loadInSameDocument):
            (WebCore::FrameLoader::prepareForLoadStart):
            (WebCore::FrameLoader::setupForReplace):
            (WebCore::FrameLoader::loadFrameRequest):
            (WebCore::FrameLoader::loadURL):
            (WebCore::FrameLoader::load):
            (WebCore::FrameLoader::loadWithNavigationAction):
            (WebCore::FrameLoader::loadWithDocumentLoader):
            (WebCore::FrameLoader::clearProvisionalLoadForPolicyCheck):
            (WebCore::FrameLoader::reloadWithOverrideEncoding):
            (WebCore::FrameLoader::reload):
            (WebCore::FrameLoader::stopAllLoaders):
            (WebCore::FrameLoader::stopForBackForwardCache):
            (WebCore::FrameLoader::setProvisionalDocumentLoader):
            (WebCore::FrameLoader::setState):
            (WebCore::FrameLoader::clearProvisionalLoad):
            (WebCore::FrameLoader::commitProvisionalLoad):
            (WebCore::FrameLoader::transitionToCommitted):
            (WebCore::FrameLoader::checkLoadCompleteForThisFrame):
            (WebCore::FrameLoader::loadPostRequest):
            (WebCore::FrameLoader::continueFragmentScrollAfterNavigationPolicy):
            (WebCore::FrameLoader::continueLoadAfterNavigationPolicy):
            (WebCore::FrameLoader::loadDifferentDocumentItem):
            (WebCore::FrameLoader::retryAfterFailedCacheOnlyMainResourceLoad):

2020-01-15  Alan Coon  <alancoon@apple.com>

        Cherry-pick r254089. rdar://problem/58606252

    XMLHTTPRequest POSTs blob data to a custom WKURLSchemeHandler protocol crash
    https://bugs.webkit.org/show_bug.cgi?id=205685
    
    Reviewed by Alex Christensen.
    
    Source/WebCore:
    
    There is no blob registry in the UIProcess.
    This should not matter since we do not yet support blobs in custom scheme handlers.
    But we are calling the blob registry when creating a request body, which does not work in UIProcess.
    Instead, pass a lambda that will be called in case of blobs.
    Covered by API test.
    
    * platform/network/FormData.cpp:
    (WebCore::FormDataElement::lengthInBytes const):
    (WebCore::FormData::resolveBlobReferences):
    * platform/network/FormData.h:
    * platform/network/cf/FormDataStreamCFNet.cpp:
    (WebCore::createHTTPBodyCFReadStream):
    
    Tools:
    
    * TestWebKitAPI/Tests/WebKitCocoa/WKURLSchemeHandler-1.mm:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254089 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-06  youenn fablet  <youenn@apple.com>

            XMLHTTPRequest POSTs blob data to a custom WKURLSchemeHandler protocol crash
            https://bugs.webkit.org/show_bug.cgi?id=205685

            Reviewed by Alex Christensen.

            There is no blob registry in the UIProcess.
            This should not matter since we do not yet support blobs in custom scheme handlers.
            But we are calling the blob registry when creating a request body, which does not work in UIProcess.
            Instead, pass a lambda that will be called in case of blobs.
            Covered by API test.

            * platform/network/FormData.cpp:
            (WebCore::FormDataElement::lengthInBytes const):
            (WebCore::FormData::resolveBlobReferences):
            * platform/network/FormData.h:
            * platform/network/cf/FormDataStreamCFNet.cpp:
            (WebCore::createHTTPBodyCFReadStream):

2020-01-15  Alan Coon  <alancoon@apple.com>

        Cherry-pick r254007. rdar://problem/58605939

    REGRESSION: [iOS 13] webrtc/datachannel/mdns-ice-candidates.html is failing
    https://bugs.webkit.org/show_bug.cgi?id=201900
    <rdar://problem/55466061>
    
    Reviewed by Eric Carlson.
    
    Source/WebCore:
    
    No change of behavior.
    
    * Modules/mediastream/PeerConnectionBackend.cpp:
    (WebCore::PeerConnectionBackend::registerMDNSName):
    Fix message typo (missing space).
    
    LayoutTests:
    
    * platform/ios/TestExpectations:
    Reenable test.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254007 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-03  youenn fablet  <youenn@apple.com>

            REGRESSION: [iOS 13] webrtc/datachannel/mdns-ice-candidates.html is failing
            https://bugs.webkit.org/show_bug.cgi?id=201900
            <rdar://problem/55466061>

            Reviewed by Eric Carlson.

            No change of behavior.

            * Modules/mediastream/PeerConnectionBackend.cpp:
            (WebCore::PeerConnectionBackend::registerMDNSName):
            Fix message typo (missing space).

2020-01-15  Alan Coon  <alancoon@apple.com>

        Cherry-pick r254551. rdar://problem/58508705

    Build ANGLE as a dynamic library
    https://bugs.webkit.org/show_bug.cgi?id=204708
    rdar://57349384
    
    Rolling this out for the 2nd time.
    
    Source/ThirdParty/ANGLE:
    
    - it caused issues with the shared dyld cache, because the
    cache doesn't know to include the libary until it already
    exists in the build
    - probably related to the above, we saw some performance
    regressions directly related to this change
    
    * ANGLE.xcodeproj/project.pbxproj:
    * Configurations/ANGLE.xcconfig:
    * Configurations/Base.xcconfig:
    * Configurations/DebugRelease.xcconfig:
    * include/CMakeLists.txt:
    * include/GLSLANG/ShaderLang.h:
    * include/GLSLANG/ShaderVars.h:
    * src/libANGLE/renderer/gl/cgl/DisplayCGL.mm:
    (rx::DisplayCGL::isValidNativeWindow const):
    * src/libANGLE/renderer/gl/cgl/WindowSurfaceCGL.mm:
    (rx::WindowSurfaceCGL::WindowSurfaceCGL):
    (rx::WindowSurfaceCGL::~WindowSurfaceCGL):
    * src/libANGLE/renderer/gl/eagl/DisplayEAGL.mm:
    (rx::DisplayEAGL::terminate):
    (rx::DisplayEAGL::isValidNativeWindow const):
    (rx::WorkerContextEAGL::~WorkerContextEAGL):
    * src/libANGLE/renderer/gl/eagl/WindowSurfaceEAGL.mm:
    (rx::WindowSurfaceEAGL::WindowSurfaceEAGL):
    (rx::WindowSurfaceEAGL::~WindowSurfaceEAGL):
    
    Source/WebCore:
    
    * Configurations/WebCore.xcconfig:
    * Configurations/WebCoreTestSupport.xcconfig:
    * WebCore.xcodeproj/project.pbxproj:
    * platform/graphics/ANGLEWebKitBridge.cpp:
    (WebCore::ANGLEWebKitBridge::ANGLEWebKitBridge):
    (WebCore::ANGLEWebKitBridge::cleanupCompilers):
    (WebCore::ANGLEWebKitBridge::compileShaderSource):
    (WebCore::ANGLEWebKitBridge::angleAvailable): Deleted.
    * platform/graphics/ANGLEWebKitBridge.h:
    * platform/graphics/cocoa/GraphicsContextGLOpenGLCocoa.mm:
    (WebCore::GraphicsContextGLOpenGL::GraphicsContextGLOpenGL):
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254551 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-14  Dean Jackson  <dino@apple.com>

            Build ANGLE as a dynamic library
            https://bugs.webkit.org/show_bug.cgi?id=204708
            rdar://57349384

            Rolling this out for the 2nd time.

            * Configurations/WebCore.xcconfig:
            * Configurations/WebCoreTestSupport.xcconfig:
            * WebCore.xcodeproj/project.pbxproj:
            * platform/graphics/ANGLEWebKitBridge.cpp:
            (WebCore::ANGLEWebKitBridge::ANGLEWebKitBridge):
            (WebCore::ANGLEWebKitBridge::cleanupCompilers):
            (WebCore::ANGLEWebKitBridge::compileShaderSource):
            (WebCore::ANGLEWebKitBridge::angleAvailable): Deleted.
            * platform/graphics/ANGLEWebKitBridge.h:
            * platform/graphics/cocoa/GraphicsContextGLOpenGLCocoa.mm:
            (WebCore::GraphicsContextGLOpenGL::GraphicsContextGLOpenGL):

2020-01-15  Alan Coon  <alancoon@apple.com>

        Cherry-pick r254464. rdar://problem/58553161

    Replace uses of Box<Identifier> with a new CacheableIdentifier class.
    https://bugs.webkit.org/show_bug.cgi?id=205544
    <rdar://problem/58041800>
    
    Reviewed by Saam Barati.
    
    JSTests:
    
    * stress/racy-gc-cleanup-of-identifier-after-mutator-stops-running.js: Added.
    
    Source/JavaScriptCore:
    
    The introduction of the use of Box<Identifier> was to get around having to
    ref/deref the underlying UniqedStringImpl in Identifiers from the compiler
    and GC threads.  However, it proves to be difficult to control when these
    Box<Identifier>s get destructed, and requires that we find all the places in
    the compier and GC threads where this can happen, and apply keep alive tactics
    there to defer destruction of the Box<Identifier> to the mutator thread.
    
    This patch fixes this by replacing uses of Box<Identifier> with
    CacheableIdentifier, which is effectively a tagged union of a JSCell* or a
    UniquedStringImpl*.  The JSCell*, in this case, can be either a Symbol* or a
    JSString* that is backed by an atom string.  The VM runtime ensures that we'll
    never try to cache an identifier from a JSCell that is not one of these.  This
    CacheableIdentifier can be destructed from the compiler or GC thread.  Since it
    doesn't hold a ref of the underlying UniquedStringImpl, it won't try to deref
    it on destruction.
    
    Instead, we'll need to visit CacheableIdentifiers during GC scans to keep the
    JSCell in it alive, and that JSCell will, in turn, keep the underlying
    UniquedStringImpl alive.
    
    This patch also does the following:
    
    1. Add a visitAggregate() method to StructureStubInfo, PolymorphicAccess, and
       AccessCase to visit the CacheableIdentifier's JSCell identifier.  This
       visitAggregate() is called from CodeBlock::stronglyVisitStrongReferences().
    
       When we write barrier a CodeBlock, it guarantees that its visitAggregate()
       methods is called.  However, it does not guarantee that its propagateTransitions()
       method will be called.  Since the CacheableIdentifier's reference to a cell
       should be a strong reference, visiting it via a StructureStubInfo::visitAggregate()
       method is the right thing to do.
       See https://bugs.webkit.org/show_bug.cgi?id=205544#c7 for an example of why
       propagateTransitions() doesn't always do the job.
    
       StructureStubInfo::visitWeakReferences() is also inappropriate for this
       because it is only called after all marking is done.  It is also not meant
       to keep cells alive but merely for clearing weak references to dead cells.
    
    2. Also add to visitAggregate() for ModuleNamespaceData's m_identifier in
       GetByStatus::markIfCheap().
    
    3. Remove previously applied keep alive tactics to work around Box<Identifier>
       destruction.  This also retores the allowance to destruct DFG::Plans on a
       compiler thread.
    
    4. Added a JSString:getValueImpl() helper.
    
    5. Added a write barrier in DFG and FTL JITFinalizer's finalizeCommon() to ensure
       that frozen values are scanned by the GC.
    
       During compilation, the frozen values were previously protected by the Plan.
       After finalization, they should be protected by the CodeBlock.  Hence, we
       should barrier the CodeBlock since the last GC scan of the CodeBlock may have
       happened before the frozen values were registered with the CodeBlock.
    
    GC considerations:
    ==================
    The following also addresses Yusuke's concerns in https://bugs.webkit.org/show_bug.cgi?id=205544#c10.
    
    CacheableIdentifier is only stored as fields in 4 classes/structs:
    
    1. AccessCase::m_identifier
    2. GetByIdVariant::m_identifier
    3. ModuleNamespaceData::m_identifier
    4. StructureStubInfo::m_getByIdSelfIdentifier
    
    AccessCase::m_identifier
    ========================
    While the access case is being created and added in tryCacheGetBy(), the
    CacheableIdentifier is still on the stack and protected from the GC.  At the
    bottom of tryCacheGetBy(), StructureStubInfo::addAccessCase() is called to add
    the access case.
    
    StructureStubInfo::addAccessCase() will barrier the owner CodeBlock at its end,
    and CodeBlock::stronglyVisitStrongReferences() will visit the StructureStubInfo,
    which in turn visits the AccessCase.  StructureStubInfo::visitAggregate() has
    been added for this purpose.
    
    GetByIdVariant::m_identifier
    ============================
    GetByIdVariant is only stored in GetByStatus.  Both GetByIdVariant and GetByStatus
    are only created and handled in the DFG/FTL compiler threads.  While the compiler
    thread is working with them, they are safe from the GC because the GC won't collect
    objects until the compiler thread is at a SafePoint.
    
    At compiler SafePoints, any GetByStatus that needs to be persisted is stored in
    DFG::Plan::m_recordedStatuses.  The Plan will visit the m_recordedStatuses in
    Plan::checkLivenessAndVisitChildren().
    
    At the end of compilation, Plan::m_recordedStatuses is transferred over to the owner
    CodeBlock's DFG::CommonData in Plan::finalizeWithoutNotifyingCallback().
    Plan::finalizeWithoutNotifyingCallback() will also barrier the owner CodeBlock at
    its end.
    
    Thereafter, CodeBlock::stronglyVisitStrongReferences() will visit the recordedStatuses.
    
    ModuleNamespaceData::m_identifier
    =================================
    ModuleNamespaceData is only stored in a GetByStatus, and is therefore protected
    similarly as the GetByIdVariant::m_identifier case above.
    
    StructureStubInfo::m_getByIdSelfIdentifier
    ==========================================
    StructureStubInfo::initGetByIdSelf() is called from inside tryCacheGetBy().
    StructureStubInfo::initGetByIdSelf() will barrier the owner CodeBlock.  The
    CacheableIdentifier here is protected in the same way as the AccessCase::m_identifier
    case above.
    
    DesiredIdentifiers
    ==================
    The compiler thread may also stash a CacheableIdentifier's uid in its
    DesiredIdentifiers.  Normally, the identifiers stashed in DesiredIdentifiers are
    from identifiers that the CodeBlock already knows abut and manages (e.g. from
    GetByIds).  For uids from a cell-based CacheableIdentifier variable is passed to
    a GetByVal, we need kep the cell alive in order to keep the uid alive.  This is
    achieved by freezing the cell with freezeStrong() in the op_get_by_val case in
    the DFG BytecodeParser.
    
    Reseting a StructureStubInfo while its IC code is still executing on the stack
    ==============================================================================
    The concern is that IC code may call slow path / getter functions that may in turn:
    
    1. reset the IC, and
    2. run the GC.
    
    This can be a problem if:
    
    1. there is a scenario where we return from the slow path / getter function
       and run IC code that uses the cell / uid from the CacheableIdentifier.
    
       This is because the StructureStubInfo is what visits the that cell, which
       in turn its uid alive.  Once the StructureStubInfo is reset, it will no
       longer be associated with any AccessCase or the m_getByIdSelfIdentifier.
       As such they will not be visited, and the CacheableIdentifier may be collected
       by the GC.
    
       In practice, the generated IC code never uses the cell / uid after it calls
       any slow path / getter function.  I've verified this by auditing the code
       generation in InlineAccess::generateSelfInAccess() and PolymorphicAccess::regenerate().
       Hence, there's no issue with using a collected cell / uid.
    
    2. there is a scenario where a slow path / getter function makes use of the cell / uid
       from the CacheableIdentifier but does not protect it.
    
       The only 2 slow path functions:
           operationGetByValGeneric()
           operationGetByValOptimize()
    
       operationGetByValGeneric() does not use any CacheableIdentifier from the StructureStubInfo.
    
       operationGetByValOptimize() modifies the StructureStubInfo in tryCacheGetBy()
       under the protection of a GCSafeConcurrentJSLocker, and can reset the
       StructureStubInfo.  However, it does not use any CacheableIdentifier after
       that.
    
       Hence, there's also no GC issue here.
    
    * CMakeLists.txt:
    * JavaScriptCore.xcodeproj/project.pbxproj:
    * Sources.txt:
    * bytecode/AccessCase.cpp:
    (JSC::AccessCase::AccessCase):
    (JSC::AccessCase::create):
    (JSC::AccessCase::fromStructureStubInfo):
    (JSC::AccessCase::commit):
    (JSC::AccessCase::canReplace const):
    (JSC::AccessCase::dump const):
    (JSC::AccessCase::visitAggregate const):
    (JSC::AccessCase::generateWithGuard):
    (JSC::AccessCase::generateImpl):
    * bytecode/AccessCase.h:
    (JSC::AccessCase::uid const):
    (JSC::AccessCase::identifier const):
    * bytecode/CodeBlock.cpp:
    (JSC::CodeBlock::propagateTransitions):
    (JSC::CodeBlock::stronglyVisitStrongReferences):
    * bytecode/GetByIdVariant.cpp:
    (JSC::GetByIdVariant::GetByIdVariant):
    (JSC::GetByIdVariant::attemptToMerge):
    (JSC::GetByIdVariant::visitAggregate):
    (JSC::GetByIdVariant::dumpInContext const):
    * bytecode/GetByIdVariant.h:
    (JSC::GetByIdVariant::identifier const):
    (JSC::GetByIdVariant::overlaps):
    * bytecode/GetByStatus.cpp:
    (JSC::GetByStatus::computeFromLLInt):
    (JSC::GetByStatus::computeFor):
    (JSC::GetByStatus::computeForStubInfoWithoutExitSiteFeedback):
    (JSC::GetByStatus::visitAggregate):
    (JSC::GetByStatus::singleIdentifier const):
    * bytecode/GetByStatus.h:
    * bytecode/GetterSetterAccessCase.cpp:
    (JSC::GetterSetterAccessCase::GetterSetterAccessCase):
    (JSC::GetterSetterAccessCase::create):
    * bytecode/GetterSetterAccessCase.h:
    * bytecode/InstanceOfAccessCase.cpp:
    (JSC::InstanceOfAccessCase::InstanceOfAccessCase):
    * bytecode/IntrinsicGetterAccessCase.cpp:
    (JSC::IntrinsicGetterAccessCase::IntrinsicGetterAccessCase):
    (JSC::IntrinsicGetterAccessCase::create):
    * bytecode/IntrinsicGetterAccessCase.h:
    * bytecode/ModuleNamespaceAccessCase.cpp:
    (JSC::ModuleNamespaceAccessCase::ModuleNamespaceAccessCase):
    (JSC::ModuleNamespaceAccessCase::create):
    * bytecode/ModuleNamespaceAccessCase.h:
    * bytecode/PolymorphicAccess.cpp:
    (JSC::PolymorphicAccess::visitAggregate):
    (JSC::PolymorphicAccess::regenerate):
    * bytecode/PolymorphicAccess.h:
    * bytecode/ProxyableAccessCase.cpp:
    (JSC::ProxyableAccessCase::ProxyableAccessCase):
    (JSC::ProxyableAccessCase::create):
    * bytecode/ProxyableAccessCase.h:
    * bytecode/RecordedStatuses.cpp:
    (JSC::RecordedStatuses::visitAggregate):
    * bytecode/RecordedStatuses.h:
    * bytecode/StructureStubInfo.cpp:
    (JSC::StructureStubInfo::initGetByIdSelf):
    (JSC::StructureStubInfo::addAccessCase):
    (JSC::StructureStubInfo::visitAggregate):
    * bytecode/StructureStubInfo.h:
    (JSC::StructureStubInfo::getByIdSelfIdentifier):
    * dfg/DFGByteCodeParser.cpp:
    (JSC::DFG::ByteCodeParser::parseGetById):
    (JSC::DFG::ByteCodeParser::parseBlock):
    * dfg/DFGDesiredIdentifiers.cpp:
    (JSC::DFG::DesiredIdentifiers::ensure):
    (JSC::DFG::DesiredIdentifiers::at const):
    (JSC::DFG::DesiredIdentifiers::reallyAdd):
    (JSC::DFG::DesiredIdentifiers::processCodeBlockIdentifiersIfNeeded): Deleted.
    * dfg/DFGDesiredIdentifiers.h:
    * dfg/DFGJITFinalizer.cpp:
    (JSC::DFG::JITFinalizer::finalizeCommon):
    * dfg/DFGPlan.cpp:
    (JSC::DFG::Plan::~Plan):
    (JSC::DFG::Plan::checkLivenessAndVisitChildren):
    (JSC::DFG::Plan::cancel):
    * dfg/DFGPlan.h:
    (JSC::DFG::Plan::keepAliveIdentifier): Deleted.
    * dfg/DFGWorklist.cpp:
    (JSC::DFG::Worklist::removeAllReadyPlansForVM):
    (JSC::DFG::Worklist::removeDeadPlans):
    (JSC::DFG::Worklist::removeNonCompilingPlansForVM):
    (JSC::DFG::Worklist::deleteCancelledPlansForVM): Deleted.
    * dfg/DFGWorklist.h:
    * ftl/FTLJITFinalizer.cpp:
    (JSC::FTL::JITFinalizer::finalizeCommon):
    * jit/JITOperations.cpp:
    * jit/Repatch.cpp:
    (JSC::tryCacheGetBy):
    (JSC::repatchGetBy):
    (JSC::tryCacheArrayGetByVal):
    (JSC::tryCacheInstanceOf):
    * jit/Repatch.h:
    * runtime/CacheableIdentifier.cpp: Added.
    (JSC::CacheableIdentifier::dump const):
    * runtime/CacheableIdentifier.h: Added.
    (JSC::CacheableIdentifier::CacheableIdentifier):
    (JSC::CacheableIdentifier::isUid const):
    (JSC::CacheableIdentifier::isCell const):
    (JSC::CacheableIdentifier::isSymbol const):
    (JSC::CacheableIdentifier::operator bool const):
    * runtime/CacheableIdentifierInlines.h: Added.
    (JSC::CacheableIdentifier::CacheableIdentifier):
    (JSC::CacheableIdentifier::cell const):
    (JSC::CacheableIdentifier::uid const):
    (JSC::CacheableIdentifier::isCacheableIdentifierCell):
    (JSC::CacheableIdentifier::isSymbolCell const):
    (JSC::CacheableIdentifier::isStringCell const):
    (JSC::CacheableIdentifier::setCellBits):
    (JSC::CacheableIdentifier::setUidBits):
    (JSC::CacheableIdentifier::visitAggregate const):
    (JSC::CacheableIdentifier::operator== const):
    (JSC::CacheableIdentifier::operator!= const):
    * runtime/ExceptionHelpers.cpp:
    (JSC::functionCallBase):
    * runtime/JSString.h:
    (JSC::JSString::getValueImpl const):
    * runtime/VM.cpp:
    (JSC::VM::ensureWatchpointSetForImpureProperty):
    (JSC::VM::addImpureProperty):
    (JSC::VM::registerWatchpointForImpureProperty): Deleted.
    * runtime/VM.h:
    
    Source/WebCore:
    
    * bindings/js/CommonVM.cpp:
    (WebCore::addImpureProperty):
    
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254464 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-13  Mark Lam  <mark.lam@apple.com>

            Replace uses of Box<Identifier> with a new CacheableIdentifier class.
            https://bugs.webkit.org/show_bug.cgi?id=205544
            <rdar://problem/58041800>

            Reviewed by Saam Barati.

            * bindings/js/CommonVM.cpp:
            (WebCore::addImpureProperty):

2020-01-14  Alan Coon  <alancoon@apple.com>

        Cherry-pick r254374. rdar://problem/58549092

    Resource Load Statistics: Align WebCore::NetworkStorageSession's m_thirdPartyCookieBlockingMode init value with r254239
    https://bugs.webkit.org/show_bug.cgi?id=206082
    <rdar://problem/58487498>
    
    Unreviewed minor, follow-up fix.
    
    
    * platform/network/NetworkStorageSession.h:
        The init value of m_thirdPartyCookieBlockingMode was changed to
        ThirdPartyCookieBlockingMode::All to align it with r254239.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254374 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-10  John Wilander  <wilander@apple.com>

            Resource Load Statistics: Align WebCore::NetworkStorageSession's m_thirdPartyCookieBlockingMode init value with r254239
            https://bugs.webkit.org/show_bug.cgi?id=206082
            <rdar://problem/58487498>

            Unreviewed minor, follow-up fix.

            * platform/network/NetworkStorageSession.h:
                The init value of m_thirdPartyCookieBlockingMode was changed to
                ThirdPartyCookieBlockingMode::All to align it with r254239.

2020-01-14  Alan Coon  <alancoon@apple.com>

        Cherry-pick r254322. rdar://problem/58549088

    Block cross-site top-frame navigations from untrusted iframes
    https://bugs.webkit.org/show_bug.cgi?id=206027
    <rdar://problem/58320516>
    
    Reviewed by Geoffrey Garen.
    
    Source/WebCore:
    
    Block cross-site top-frame navigations from untrusted iframes, unless they have a user gesture.
    We already consider third-party iframes as untrusted, we now also treat first-party iframes
    as untrusted if they are loaded both third-party scripts & iframes.
    
    Test: http/tests/security/block-top-level-navigations-by-untrusted-first-party-iframes.html
    
    * dom/Document.cpp:
    (WebCore::Document::canNavigate):
    (WebCore::Document::willLoadScriptElement):
    (WebCore::Document::willLoadFrameElement):
    (WebCore::Document::isNavigationBlockedByThirdPartyIFrameRedirectBlocking):
    * dom/Document.h:
    * dom/ScriptElement.cpp:
    (WebCore::ScriptElement::requestClassicScript):
    * html/HTMLFrameElementBase.cpp:
    (WebCore::HTMLFrameElementBase::openURL):
    
    LayoutTests:
    
    Add layout test coverage.
    
    * http/tests/security/block-top-level-navigations-by-third-party-iframes-expected.txt:
    * http/tests/security/block-top-level-navigations-by-untrusted-first-party-iframes-expected.txt: Added.
    * http/tests/security/block-top-level-navigations-by-untrusted-first-party-iframes.html: Added.
    * http/tests/security/resources/navigate-top-level-frame-to-failure-page-untrusted-iframe.html: Added.
    * http/tests/security/resources/navigate-top-to-error-page.js: Added.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254322 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-09  Chris Dumez  <cdumez@apple.com>

            Block cross-site top-frame navigations from untrusted iframes
            https://bugs.webkit.org/show_bug.cgi?id=206027
            <rdar://problem/58320516>

            Reviewed by Geoffrey Garen.

            Block cross-site top-frame navigations from untrusted iframes, unless they have a user gesture.
            We already consider third-party iframes as untrusted, we now also treat first-party iframes
            as untrusted if they are loaded both third-party scripts & iframes.

            Test: http/tests/security/block-top-level-navigations-by-untrusted-first-party-iframes.html

            * dom/Document.cpp:
            (WebCore::Document::canNavigate):
            (WebCore::Document::willLoadScriptElement):
            (WebCore::Document::willLoadFrameElement):
            (WebCore::Document::isNavigationBlockedByThirdPartyIFrameRedirectBlocking):
            * dom/Document.h:
            * dom/ScriptElement.cpp:
            (WebCore::ScriptElement::requestClassicScript):
            * html/HTMLFrameElementBase.cpp:
            (WebCore::HTMLFrameElementBase::openURL):

2020-01-14  Alan Coon  <alancoon@apple.com>

        Cherry-pick r254293. rdar://problem/58549084

    Resource Load Statistics: Flip experimental website data removal setting from an enable to a disable
    https://bugs.webkit.org/show_bug.cgi?id=205966
    <rdar://problem/58425000>
    
    Reviewed by Brent Fulgham.
    
    To get default on behavior, experimental features in the network process need to be
    turned from enable flags to disable flags. This patch does that for the experimental
    website data removal flag.
    
    Source/WebCore:
    
    No new tests. This change just reverses the interpretation of a flag.
    
    * page/Settings.yaml:
    
    Source/WebKit:
    
    This change also aligns the init values of the setting to match the default.
    
    * NetworkProcess/Classifier/ResourceLoadStatisticsStore.h:
    * NetworkProcess/NetworkSession.h:
    * NetworkProcess/NetworkSessionCreationParameters.h:
    * Shared/WebPreferences.yaml:
    * UIProcess/WebProcessPool.cpp:
    (WebKit::WebProcessPool::ensureNetworkProcess):
    * UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm:
    (WebKit::WebsiteDataStore::parameters):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254293 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-09  John Wilander  <wilander@apple.com>

            Resource Load Statistics: Flip experimental website data removal setting from an enable to a disable
            https://bugs.webkit.org/show_bug.cgi?id=205966
            <rdar://problem/58425000>

            Reviewed by Brent Fulgham.

            To get default on behavior, experimental features in the network process need to be
            turned from enable flags to disable flags. This patch does that for the experimental
            website data removal flag.

            No new tests. This change just reverses the interpretation of a flag.

            * page/Settings.yaml:

2020-01-14  Alan Coon  <alancoon@apple.com>

        Cherry-pick r254288. rdar://problem/58548984

    [Cocoa] persistent-usage-record message fails first time; succeeds subsequent times
    https://bugs.webkit.org/show_bug.cgi?id=205970
    <rdar://problem/57785647>
    
    Reviewed by Eric Carlson.
    
    The AVContentKeySession is created too early; before the CDM has a chance to provide the storage path
    for persistent usage records. Delay creation of the AVCKS until it's actually needed during the first
    license request.
    
    Drive-by fix: fix the exceptional case where a PUR session is closed but PUR data isn't available; send
    a null message rather than an empty array.
    
    * platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.h:
    * platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.mm:
    (WebCore::CDMInstanceFairPlayStreamingAVFObjC::contentKeySession):
    (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::removeSessionData):
    (WebCore::CDMInstanceFairPlayStreamingAVFObjC::CDMInstanceFairPlayStreamingAVFObjC): Deleted.
    (WebCore::CDMInstanceFairPlayStreamingAVFObjC::ensureSession): Deleted.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254288 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-09  Jer Noble  <jer.noble@apple.com>

            [Cocoa] persistent-usage-record message fails first time; succeeds subsequent times
            https://bugs.webkit.org/show_bug.cgi?id=205970
            <rdar://problem/57785647>

            Reviewed by Eric Carlson.

            The AVContentKeySession is created too early; before the CDM has a chance to provide the storage path
            for persistent usage records. Delay creation of the AVCKS until it's actually needed during the first
            license request.

            Drive-by fix: fix the exceptional case where a PUR session is closed but PUR data isn't available; send
            a null message rather than an empty array.

            * platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.h:
            * platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.mm:
            (WebCore::CDMInstanceFairPlayStreamingAVFObjC::contentKeySession):
            (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::removeSessionData):
            (WebCore::CDMInstanceFairPlayStreamingAVFObjC::CDMInstanceFairPlayStreamingAVFObjC): Deleted.
            (WebCore::CDMInstanceFairPlayStreamingAVFObjC::ensureSession): Deleted.

2020-01-14  Alan Coon  <alancoon@apple.com>

        Cherry-pick r254239. rdar://problem/58549100

    Resource Load Statistics: Flip experimental cookie blocking setting from an enable to a disable
    https://bugs.webkit.org/show_bug.cgi?id=205963
    <rdar://problem/58424136>
    
    Reviewed by Brent Fulgham.
    
    To get default on behavior, experimental features in the network process need to be
    turned from enable flags to disable flags. This patch does that for the experimental
    cookie blocking flag.
    
    Source/WebCore:
    
    No new tests. This change just reverses the interpretation of a flag.
    
    * page/Settings.yaml:
    
    Source/WebKit:
    
    This change also aligns the init values of the setting to match the default.
    
    * NetworkProcess/Classifier/ResourceLoadStatisticsStore.h:
    * NetworkProcess/NetworkSession.h:
    * NetworkProcess/NetworkSessionCreationParameters.h:
    * Shared/WebPreferences.yaml:
    * UIProcess/WebProcessPool.cpp:
    (WebKit::WebProcessPool::ensureNetworkProcess):
    * UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm:
    (WebKit::WebsiteDataStore::parameters):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254239 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-08  John Wilander  <wilander@apple.com>

            Resource Load Statistics: Flip experimental cookie blocking setting from an enable to a disable
            https://bugs.webkit.org/show_bug.cgi?id=205963
            <rdar://problem/58424136>

            Reviewed by Brent Fulgham.

            To get default on behavior, experimental features in the network process need to be
            turned from enable flags to disable flags. This patch does that for the experimental
            cookie blocking flag.

            No new tests. This change just reverses the interpretation of a flag.

            * page/Settings.yaml:

2020-01-14  Alan Coon  <alancoon@apple.com>

        Cherry-pick r254201. rdar://problem/58552859

    [Web Animations] Stop creating CSS Animations for <noscript> elements
    https://bugs.webkit.org/show_bug.cgi?id=205925
    <rdar://problem/58158479>
    
    Reviewed by Antti Koivisto.
    
    Source/WebCore:
    
    Test: webanimations/no-css-animation-on-noscript.html
    
    It makes no sense to create CSS Animations for a <noscript> element and it has the side effect of potential crashes.
    Indeed, AnimationTimeline::updateCSSAnimationsForElement() may be called without a currentStyle and so we never have
    a list of previously-applied animations to compare to the list of animations in afterChangeStyle. So on each call we
    end up creating a new CSSAnimation and the previous animation for the same name is never explicitly removed from the
    effect stack and is eventually destroyed and the WeakPtr for it in the stack ends up being null, which would cause a
    crash under KeyframeEffectStack::ensureEffectsAreSorted().
    
    We now prevent elements such as <noscript> from being considered for CSS Animations in TreeResolver::resolveElement().
    
    * dom/Element.cpp:
    (WebCore::Element::rendererIsNeeded):
    * dom/Element.h:
    (WebCore::Element::rendererIsEverNeeded):
    * html/HTMLElement.cpp:
    (WebCore::HTMLElement::rendererIsEverNeeded):
    (WebCore::HTMLElement::rendererIsNeeded): Deleted.
    * html/HTMLElement.h:
    * style/StyleTreeResolver.cpp:
    (WebCore::Style::TreeResolver::resolveElement):
    
    LayoutTests:
    
    Add a new test that checks that setting the `animation` property on a <noscript> element does not yield the creation of a CSSAnimation object.
    
    * webanimations/no-css-animation-on-noscript-expected.txt: Added.
    * webanimations/no-css-animation-on-noscript.html: Added.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254201 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-08  Antoine Quint  <graouts@apple.com>

            [Web Animations] Stop creating CSS Animations for <noscript> elements
            https://bugs.webkit.org/show_bug.cgi?id=205925
            <rdar://problem/58158479>

            Reviewed by Antti Koivisto.

            Test: webanimations/no-css-animation-on-noscript.html

            It makes no sense to create CSS Animations for a <noscript> element and it has the side effect of potential crashes.
            Indeed, AnimationTimeline::updateCSSAnimationsForElement() may be called without a currentStyle and so we never have
            a list of previously-applied animations to compare to the list of animations in afterChangeStyle. So on each call we
            end up creating a new CSSAnimation and the previous animation for the same name is never explicitly removed from the
            effect stack and is eventually destroyed and the WeakPtr for it in the stack ends up being null, which would cause a
            crash under KeyframeEffectStack::ensureEffectsAreSorted().

            We now prevent elements such as <noscript> from being considered for CSS Animations in TreeResolver::resolveElement().

            * dom/Element.cpp:
            (WebCore::Element::rendererIsNeeded):
            * dom/Element.h:
            (WebCore::Element::rendererIsEverNeeded):
            * html/HTMLElement.cpp:
            (WebCore::HTMLElement::rendererIsEverNeeded):
            (WebCore::HTMLElement::rendererIsNeeded): Deleted.
            * html/HTMLElement.h:
            * style/StyleTreeResolver.cpp:
            (WebCore::Style::TreeResolver::resolveElement):

2020-01-14  Alan Coon  <alancoon@apple.com>

        Cherry-pick r254155. rdar://problem/58552864

    Add a move constructor to IDBResultData
    https://bugs.webkit.org/show_bug.cgi?id=205833
    <rdar://problem/58146233>
    
    Reviewed by Youenn Fablet.
    
    * Modules/indexeddb/shared/IDBResultData.h:
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254155 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-07  Sihui Liu  <sihui_liu@apple.com>

            Add a move constructor to IDBResultData
            https://bugs.webkit.org/show_bug.cgi?id=205833
            <rdar://problem/58146233>

            Reviewed by Youenn Fablet.

            * Modules/indexeddb/shared/IDBResultData.h:

2020-01-14  Alan Coon  <alancoon@apple.com>

        Cherry-pick r254099. rdar://problem/58552889

    [iOS] Only prewarm fonts with valid font names
    https://bugs.webkit.org/show_bug.cgi?id=205822
    
    Reviewed by Brent Fulgham.
    
    The font names ".SF NS Text" and ".SF NS Display" are not valid on iOS, and should not be prewarmed.
    
    No new tests, no behavior change.
    
    * platform/graphics/cocoa/FontCacheCoreText.cpp:
    (WebCore::FontCache::prewarmGlobally):
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254099 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-06  Per Arne Vollan  <pvollan@apple.com>

            [iOS] Only prewarm fonts with valid font names
            https://bugs.webkit.org/show_bug.cgi?id=205822

            Reviewed by Brent Fulgham.

            The font names ".SF NS Text" and ".SF NS Display" are not valid on iOS, and should not be prewarmed.

            No new tests, no behavior change.

            * platform/graphics/cocoa/FontCacheCoreText.cpp:
            (WebCore::FontCache::prewarmGlobally):

2020-01-14  Alan Coon  <alancoon@apple.com>

        Cherry-pick r254067. rdar://problem/58552878

    REGRESSION(r247626): Introduced memory regression
    https://bugs.webkit.org/show_bug.cgi?id=205815
    
    Unreviewed rollout of https://trac.webkit.org/changeset/247626/webkit.
    
    * platform/graphics/cocoa/FontCacheCoreText.cpp:
    (WebCore::FontCache::prewarmGlobally):
    (WebCore::fontFamiliesForPrewarming): Deleted.
    
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254067 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-06  Per Arne Vollan  <pvollan@apple.com>

            REGRESSION(r247626): Introduced memory regression
            https://bugs.webkit.org/show_bug.cgi?id=205815

            Unreviewed rollout of https://trac.webkit.org/changeset/247626/webkit.

            * platform/graphics/cocoa/FontCacheCoreText.cpp:
            (WebCore::FontCache::prewarmGlobally):
            (WebCore::fontFamiliesForPrewarming): Deleted.

2020-01-14  Alan Coon  <alancoon@apple.com>

        Cherry-pick r254054. rdar://problem/58549108

    REGRESSION (r252724): Unable to tap on play button on google video 'See the top search trends of 2019'
    https://bugs.webkit.org/show_bug.cgi?id=205694
    <rdar://problem/58062987>
    
    Reviewed by Zalan Bujtas.
    
    Source/WebCore:
    
    After r252724, which separated 'used' from 'specified' z-index in style, we need to copy
    the specified to the used z-index in animated styles, while preserving the existing 'forceStackingContext'
    behavior which set the used z-index to 0.
    
    Do so by creating Adjuster::adjustAnimatedStyle(), which is called from TreeResolver::createAnimatedElementUpdate()
    if any animations could have affected the style. We need to pass back information about whether the animation should
    force stacking context.
    
    Test: animations/z-index-in-keyframe.html
    
    * animation/KeyframeEffect.cpp:
    (WebCore::KeyframeEffect::apply):
    * animation/KeyframeEffect.h:
    (WebCore::KeyframeEffect::triggersStackingContext const):
    * dom/Element.cpp:
    (WebCore::Element::applyKeyframeEffects):
    * dom/Element.h:
    * page/animation/CSSAnimationController.h:
    (): Deleted.
    * page/animation/CompositeAnimation.cpp:
    (WebCore::CompositeAnimation::animate):
    * style/StyleAdjuster.cpp:
    (WebCore::Style::Adjuster::adjustAnimatedStyle):
    * style/StyleAdjuster.h:
    * style/StyleTreeResolver.cpp:
    (WebCore::Style::TreeResolver::createAnimatedElementUpdate):
    
    LayoutTests:
    
    * animations/z-index-in-keyframe-expected.html: Added.
    * animations/z-index-in-keyframe.html: Added.
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254054 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-05  Simon Fraser  <simon.fraser@apple.com>

            REGRESSION (r252724): Unable to tap on play button on google video 'See the top search trends of 2019'
            https://bugs.webkit.org/show_bug.cgi?id=205694
            <rdar://problem/58062987>

            Reviewed by Zalan Bujtas.

            After r252724, which separated 'used' from 'specified' z-index in style, we need to copy
            the specified to the used z-index in animated styles, while preserving the existing 'forceStackingContext'
            behavior which set the used z-index to 0.

            Do so by creating Adjuster::adjustAnimatedStyle(), which is called from TreeResolver::createAnimatedElementUpdate()
            if any animations could have affected the style. We need to pass back information about whether the animation should
            force stacking context.

            Test: animations/z-index-in-keyframe.html

            * animation/KeyframeEffect.cpp:
            (WebCore::KeyframeEffect::apply):
            * animation/KeyframeEffect.h:
            (WebCore::KeyframeEffect::triggersStackingContext const):
            * dom/Element.cpp:
            (WebCore::Element::applyKeyframeEffects):
            * dom/Element.h:
            * page/animation/CSSAnimationController.h:
            (): Deleted.
            * page/animation/CompositeAnimation.cpp:
            (WebCore::CompositeAnimation::animate):
            * style/StyleAdjuster.cpp:
            (WebCore::Style::Adjuster::adjustAnimatedStyle):
            * style/StyleAdjuster.h:
            * style/StyleTreeResolver.cpp:
            (WebCore::Style::TreeResolver::createAnimatedElementUpdate):

2020-01-13  Alan Coon  <alancoon@apple.com>

        Cherry-pick r254220. rdar://problem/58429234

    Fix specification violation in Font Loading API
    https://bugs.webkit.org/show_bug.cgi?id=205901
    <rdar://problem/58083743>
    
    Reviewed by Brent Fulgham.
    
    Source/WebCore:
    
    Our Font Loading API does not comply with the spec:
    
    > If the parsed value is a CSS-wide keyword, return a syntax error.
    
    Rather than crashing, we should return a syntax error.
    
    Test: fast/text/font-loading-global-keyword.html
    
    * css/CSSFontFaceSet.cpp:
    (WebCore::computeFontSelectionRequest):
    (WebCore::CSSFontFaceSet::matchingFacesExcludingPreinstalledFonts):
    
    LayoutTests:
    
    Test all the entry points to the CSS Font Loading API that accept CSS keywords.
    
    * fast/text/font-loading-global-keyword-expected.txt: Added.
    * fast/text/font-loading-global-keyword.html: Added.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254220 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-08  Myles C. Maxfield  <mmaxfield@apple.com>

            Fix specification violation in Font Loading API
            https://bugs.webkit.org/show_bug.cgi?id=205901
            <rdar://problem/58083743>

            Reviewed by Brent Fulgham.

            Our Font Loading API does not comply with the spec:

            > If the parsed value is a CSS-wide keyword, return a syntax error.

            Rather than crashing, we should return a syntax error.

            Test: fast/text/font-loading-global-keyword.html

            * css/CSSFontFaceSet.cpp:
            (WebCore::computeFontSelectionRequest):
            (WebCore::CSSFontFaceSet::matchingFacesExcludingPreinstalledFonts):

2020-01-09  Alan Coon  <alancoon@apple.com>

        Cherry-pick r254301. rdar://problem/58346124

    REGRESSION (r253662): Large Data URLs are not being handled properly
    https://bugs.webkit.org/show_bug.cgi?id=205979
    <rdar://problem/58346124>
    
    Reviewed by Youenn Fablet.
    
    Source/WebCore:
    
    The URL size limitation added in r253662 was too low. We should bump it to handle
    reasonable data URI sizes.
    
    Test: fast/url/data-url-large.html.
    
    * page/SecurityOrigin.cpp:
    
    LayoutTests:
    
    * fast/url/data-url-large-expected.txt: Added.
    * fast/url/data-url-large.html: Added.
    
    
    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254301 268f45cc-cd09-0410-ab3c-d52691b4dbfc

    2020-01-09  Brent Fulgham  <bfulgham@apple.com>

            REGRESSION (r253662): Large Data URLs are not being handled properly
            https://bugs.webkit.org/show_bug.cgi?id=205979
            <rdar://problem/58346124>

            Reviewed by Youenn Fablet.

            The URL size limitation added in r253662 was too low. We should bump it to handle
            reasonable data URI sizes.

            Test: fast/url/data-url-large.html.

            * page/SecurityOrigin.cpp:

2020-01-03  Sihui Liu  <sihui_liu@apple.com>

        Crash in com.apple.WebKit.Networking at UniqueIDBDatabase::performCurrentOpenOperation
        https://bugs.webkit.org/show_bug.cgi?id=205742

        Reviewed by Maciej Stachowiak.

        m_databaseInfo may not be set in performCurrentOpenOperation if there is an error in opening backing store, so 
        we should make an early return to avoid access to m_databaseInfo in this case.

        * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
        (WebCore::IDBServer::UniqueIDBDatabase::performCurrentOpenOperation):

2020-01-03  Stephan Szabo  <stephan.szabo@sony.com>

        [WinCairo] Fixing build after "Add a pure virtual base class for GraphicsContext3D"
        https://bugs.webkit.org/show_bug.cgi?id=205743

        Reviewed by Don Olmstead.

        No new tests, build fix.

        * platform/graphics/GraphicsContext3DBase.h: Undefine NO_ERROR on win
        * platform/graphics/texmap/GraphicsContext3DTextureMapper.cpp:
        Move functions showing up as undefined out of #ifdef block
        * platform/graphics/texmap/TextureMapperGC3DPlatformLayer.cpp:
        Fix some accesses to m_attrs to use contextAttributes()

2020-01-03  Chris Dumez  <cdumez@apple.com>

        dom/nodes/Document-createElement-namespace.html WPT test is failing
        https://bugs.webkit.org/show_bug.cgi?id=205748

        Reviewed by Sam Weinig.

        dom/nodes/Document-createElement-namespace.html WPT test was failing in WebKit but passing in Blink
        and Gecko. The issue was that the MIME type passed to DOMParser.parseFromString() would always be
        resolved to "application/xml", no matter which XML MIME type was provided as input (e.g. "text/xml").

        No new tests, rebaselined existing test.

        * dom/DOMImplementation.cpp:
        (WebCore::DOMImplementation::createDocument):

2020-01-03  Chris Dumez  <cdumez@apple.com>

        Document.createAttribute() should take in a localName, not a qualifiedName
        https://bugs.webkit.org/show_bug.cgi?id=205752

        Reviewed by Sam Weinig.

        Document.createAttribute() should take in a localName, not a qualifiedName:
        - https://dom.spec.whatwg.org/#dom-document-createattribute

        Our behavior does not match the DOM specification or other browser engines.

        No new tests, rebaselined existing test.

        * dom/Document.cpp:
        (WebCore::Document::createAttribute):

2020-01-03  Peng Liu  <peng.liu6@apple.com>

        Update the RemoteMediaPlayerManagerProxy::Load XPC message to provide the updated RemoteMediaPlayerConfiguration to the web process
        https://bugs.webkit.org/show_bug.cgi?id=205740

        Reviewed by Eric Carlson.

        Covered by existing tests.

        * platform/graphics/MediaPlayer.cpp:

2020-01-03  Chris Dumez  <cdumez@apple.com>

        Align Range.intersectsNode() with the DOM specification
        https://bugs.webkit.org/show_bug.cgi?id=205745

        Reviewed by Darin Adler.

        Align Range.intersectsNode() with the DOM specification:
        - https://dom.spec.whatwg.org/#dom-range-intersectsnode

        This also aligns our behavior with Chrome 79 and Firefox 71.

        No new tests, rebaselined existing test.

        * dom/Range.cpp:
        (WebCore::Range::intersectsNode const):

2020-01-03  Chris Dumez  <cdumez@apple.com>

        dispatchEvent() should not clear the event's isTrusted flag when it returns early
        https://bugs.webkit.org/show_bug.cgi?id=205731

        Reviewed by Sam Weinig.

        dispatchEvent() should not clear the event's isTrusted flag when it returns early:
        - https://dom.spec.whatwg.org/#dom-eventtarget-dispatchevent

        No new tests, rebaselined existing test.

        * dom/EventTarget.cpp:
        (WebCore::EventTarget::dispatchEventForBindings):

2020-01-03  Andy Estes  <aestes@apple.com>

        [Apple Pay] Provide a better error message when Apple Pay blocks user agent script evaluation
        https://bugs.webkit.org/show_bug.cgi?id=205730
        <rdar://problem/55573484>

        Reviewed by Brady Eidson.

        Covered by existing API tests.

        * Modules/applepay/PaymentCoordinator.cpp:
        (WebCore::PaymentCoordinator::shouldAllowUserAgentScripts const):
        * Modules/applepay/PaymentCoordinator.h:
        * Modules/applepay/PaymentCoordinatorClient.h:
        (WebCore::PaymentCoordinatorClient::userAgentScriptsBlockedErrorMessage const):
        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::executeUserAgentScriptInWorldInternal):
        (WebCore::ScriptController::shouldAllowUserAgentScripts const):
        * bindings/js/ScriptController.h:

2020-01-03  Yusuke Suzuki  <ysuzuki@apple.com>

        Put more WebCore/WebKit JS objects into IsoSubspace
        https://bugs.webkit.org/show_bug.cgi?id=205711

        Reviewed by Keith Miller.

        This patch puts more JS objects into IsoSubspace, mainly focusing on JS objects defined manually (not using CodeGeneratorJS.pm).

        No behavior change.

        * bindings/js/JSDOMBuiltinConstructor.h:
        (WebCore::JSDOMBuiltinConstructor::JSDOMBuiltinConstructor): Deleted.
        (WebCore::JSDOMBuiltinConstructor::initializeProperties): Deleted.
        * bindings/js/JSDOMBuiltinConstructorBase.cpp:
        (WebCore::JSDOMBuiltinConstructorBase::subspaceForImpl):
        * bindings/js/JSDOMBuiltinConstructorBase.h:
        (WebCore::JSDOMBuiltinConstructorBase::subspaceFor):
        * bindings/js/JSDOMConstructor.h:
        (WebCore::JSDOMConstructor::JSDOMConstructor): Deleted.
        (WebCore::JSDOMConstructor::initializeProperties): Deleted.
        * bindings/js/JSDOMConstructorBase.cpp:
        (WebCore::JSDOMConstructorBase::subspaceForImpl):
        * bindings/js/JSDOMConstructorBase.h:
        (WebCore::JSDOMConstructorBase::subspaceFor):
        * bindings/js/JSDOMConstructorNotConstructable.h:
        (WebCore::JSDOMConstructorNotConstructable::JSDOMConstructorNotConstructable): Deleted.
        (WebCore::JSDOMConstructorNotConstructable::initializeProperties): Deleted.
        (WebCore::JSDOMConstructorNotConstructable::callThrowTypeError): Deleted.
        (WebCore::JSDOMConstructorNotConstructable::getCallData): Deleted.
        * bindings/js/JSDOMIterator.h:
        (WebCore::JSDOMIteratorPrototype::create): Deleted.
        (WebCore::JSDOMIteratorPrototype::createStructure): Deleted.
        (WebCore::JSDOMIteratorPrototype::JSDOMIteratorPrototype): Deleted.
        * bindings/js/JSDOMNamedConstructor.h:
        (WebCore::JSDOMNamedConstructor::JSDOMNamedConstructor): Deleted.
        (WebCore::JSDOMNamedConstructor::initializeProperties): Deleted.
        * bindings/js/JSDOMWindowProperties.cpp:
        (WebCore::JSDOMWindowProperties::subspaceForImpl):
        * bindings/js/JSDOMWindowProperties.h:
        (WebCore::JSDOMWindowProperties::create): Deleted.
        (WebCore::JSDOMWindowProperties::createStructure): Deleted.
        (WebCore::JSDOMWindowProperties::JSDOMWindowProperties): Deleted.
        * bindings/js/JSWindowProxy.cpp:
        (WebCore::JSWindowProxy::subspaceForImpl):
        * bindings/js/JSWindowProxy.h:
        * bindings/js/WebCoreJSClientData.cpp:
        (WebCore::JSVMClientData::JSVMClientData):
        * bindings/js/WebCoreJSClientData.h:
        (WebCore::JSVMClientData::domBuiltinConstructorSpace):
        (WebCore::JSVMClientData::domConstructorSpace):
        (WebCore::JSVMClientData::domWindowPropertiesSpace):
        (WebCore::JSVMClientData::runtimeArraySpace):
        (WebCore::JSVMClientData::runtimeObjectSpace):
        (WebCore::JSVMClientData::windowProxySpace):
        * bridge/c/CRuntimeObject.h:
        (JSC::Bindings::CRuntimeObject::create): Deleted.
        (JSC::Bindings::CRuntimeObject::createStructure): Deleted.
        * bridge/c/c_instance.cpp:
        (JSC::Bindings::CInstance::getMethod):
        (JSC::Bindings::CRuntimeMethod::create): Deleted.
        (JSC::Bindings::CRuntimeMethod::createStructure): Deleted.
        (JSC::Bindings::CRuntimeMethod::CRuntimeMethod): Deleted.
        (JSC::Bindings::CRuntimeMethod::finishCreation): Deleted.
        * bridge/objc/ObjCRuntimeObject.h:
        (JSC::Bindings::ObjCRuntimeObject::create): Deleted.
        (JSC::Bindings::ObjCRuntimeObject::createStructure): Deleted.
        * bridge/objc/objc_instance.mm:
        (ObjCRuntimeMethod::create): Deleted.
        (ObjCRuntimeMethod::createStructure): Deleted.
        (ObjCRuntimeMethod::ObjCRuntimeMethod): Deleted.
        (ObjCRuntimeMethod::finishCreation): Deleted.
        * bridge/objc/objc_runtime.h:
        (JSC::Bindings::ObjcFallbackObjectImp::create): Deleted.
        (JSC::Bindings::ObjcFallbackObjectImp::propertyName const): Deleted.
        (JSC::Bindings::ObjcFallbackObjectImp::createPrototype): Deleted.
        (JSC::Bindings::ObjcFallbackObjectImp::createStructure): Deleted.
        * bridge/objc/objc_runtime.mm:
        (JSC::Bindings::ObjcFallbackObjectImp::subspaceForImpl):
        * bridge/runtime_array.cpp:
        (JSC::RuntimeArray::RuntimeArray):
        (JSC::RuntimeArray::subspaceForImpl):
        * bridge/runtime_array.h:
        (JSC::RuntimeArray::create): Deleted.
        (JSC::RuntimeArray::getLength const): Deleted.
        (JSC::RuntimeArray::getConcreteArray const): Deleted.
        (JSC::RuntimeArray::createPrototype): Deleted.
        (JSC::RuntimeArray::createStructure): Deleted.
        * bridge/runtime_method.cpp:
        (JSC::RuntimeMethod::RuntimeMethod):
        * bridge/runtime_method.h:
        * bridge/runtime_object.cpp:
        (JSC::Bindings::RuntimeObject::RuntimeObject):
        (JSC::Bindings::RuntimeObject::subspaceForImpl):
        * bridge/runtime_object.h:

2020-01-03  Simon Fraser  <simon.fraser@apple.com>

        Add some shared schemes to the WebKit.xcworkspace
        https://bugs.webkit.org/show_bug.cgi?id=205698

        Reviewed by Tim Horton.

        Make WebKit.xcworkspace show the following schemes by default:
            All Source
            All Tools
            WTF
            JavaScriptCore
            WebCore
            WebKit
            WebKitLegacy
            DumpRenderTree
            WebKitTestRunner
            TestWebKitAPI
            MiniBrowser
            MobileMiniBrowser.
            
        Also remove the MobileMiniBrowserUITests scheme.

        * WebCore.xcodeproj/xcshareddata/xcschemes/WebCore.xcscheme: Copied from Tools/MobileMiniBrowser/MobileMiniBrowser.xcodeproj/xcshareddata/xcschemes/MobileMiniBrowserUITests.xcscheme.

2020-01-03  youenn fablet  <youenn@apple.com>

        REGRESSION: [iOS 13] webrtc/datachannel/mdns-ice-candidates.html is failing
        https://bugs.webkit.org/show_bug.cgi?id=201900
        <rdar://problem/55466061>

        Reviewed by Eric Carlson.

        No change of behavior.

        * Modules/mediastream/PeerConnectionBackend.cpp:
        (WebCore::PeerConnectionBackend::registerMDNSName):
        Fix message typo (missing space).

2020-01-03  Chris Dumez  <cdumez@apple.com>

        Align XPathEvaluator.createNSResolver() / XPathResult.snapshotItem() with the specification
        https://bugs.webkit.org/show_bug.cgi?id=205699

        Reviewed by Alex Christensen.

        Align XPathEvaluator.createNSResolver() / XPathResult.snapshotItem() with the specification and
        other browsers (tested Chrome 79 and Firefox 71). In particular, their parameter should not be
        optional (or nullable).

        No new tests, rebaselined existing test.

        * dom/Document.cpp:
        (WebCore::Document::createNSResolver):
        * dom/Document.h:
        * dom/Document.idl:
        * xml/NativeXPathNSResolver.cpp:
        (WebCore::NativeXPathNSResolver::NativeXPathNSResolver):
        (WebCore::NativeXPathNSResolver::lookupNamespaceURI):
        * xml/NativeXPathNSResolver.h:
        (WebCore::NativeXPathNSResolver::create):
        * xml/XPathEvaluator.cpp:
        (WebCore::XPathEvaluator::createNSResolver):
        * xml/XPathEvaluator.h:
        * xml/XPathEvaluator.idl:
        * xml/XPathResult.idl:

2020-01-03  Rob Buis  <rbuis@igalia.com>

        Implement "create a potential-CORS request"
        https://bugs.webkit.org/show_bug.cgi?id=205326

        Reviewed by Youenn Fablet.

        Implement "create a potential-CORS request" [1] and
        remove deprecatedSetAsPotentiallyCrossOrigin. Add a
        same-origin fallback flag that can be used by clients
        of createPotentialAccessControlRequest in the future.

        No new tests, no functional change.

        * bindings/js/CachedScriptFetcher.cpp:
        (WebCore::CachedScriptFetcher::requestScriptWithCache const):
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::process):
        * html/parser/HTMLResourcePreloader.cpp:
        (WebCore::PreloadRequest::resourceRequest):
        * loader/CrossOriginAccessControl.cpp:
        (WebCore::createPotentialAccessControlRequest):
        * loader/CrossOriginAccessControl.h:
        * loader/ImageLoader.cpp:
        (WebCore::ImageLoader::updateFromElement):
        * loader/LinkLoader.cpp:
        (WebCore::LinkLoader::preloadIfNeeded):
        * loader/MediaResourceLoader.cpp:
        (WebCore::MediaResourceLoader::requestResource):
        * loader/TextTrackLoader.cpp:
        (WebCore::TextTrackLoader::load):
        * loader/cache/CachedResourceRequest.cpp:
        (WebCore::CachedResourceRequest::deprecatedSetAsPotentiallyCrossOrigin): Deleted.
        * loader/cache/CachedResourceRequest.h:

2020-01-03  Antti Koivisto  <antti@apple.com>

        [LFC][Integration] Enable text-transform:capitalize
        https://bugs.webkit.org/show_bug.cgi?id=205721

        Reviewed by Zalan Bujtas.

        * layout/integration/LayoutIntegrationLineLayout.cpp:
        (WebCore::LayoutIntegration::LineLayout::canUseFor):

        Enable.

        * layout/layouttree/LayoutTreeBuilder.cpp:
        (WebCore::Layout::TreeBuilder::createLayoutBox):
        (WebCore::Layout::applyTextTransform): Deleted.

        No need to do anything, RenderText::text() has already applied text transform.

2020-01-03  Zalan Bujtas  <zalan@apple.com>

        [LFC][IFC] Fix fast/ruby/ruby-justification.html
        https://bugs.webkit.org/show_bug.cgi?id=205708
        <rdar://problem/58290264>

        Reviewed by Antti Koivisto.

        1. Fix last (content) run's trailing expansion behavior.
        2. Pass in float to TextRun instead of LayoutUnit to avoid losing precision.

        * layout/inlineformatting/InlineLineBuilder.cpp:
        (WebCore::Layout::LineBuilder::justifyRuns const):
        * layout/integration/LayoutIntegrationLineLayout.cpp:
        (WebCore::LayoutIntegration::LineLayout::paint):

2020-01-03  Zalan Bujtas  <zalan@apple.com>

        [LFC][IFC] Fix fast/parser/entities-in-html.html
        https://bugs.webkit.org/show_bug.cgi?id=205710
        <rdar://problem/58290731>

        Reviewed by Antti Koivisto.

        * layout/inlineformatting/InlineTextItem.cpp:
        (WebCore::Layout::isWhitespaceCharacter):

2020-01-03  Rob Buis  <rbuis@igalia.com>

        <link> with non-CSS type should not be retrieved
        https://bugs.webkit.org/show_bug.cgi?id=88157

        Reviewed by Youenn Fablet.

        If the UA does not support the given MIME type for the given link
        relationship, then the UA should not fetch and process the linked
        resource [1].

        The behavior matches Chrome and Firefox.

        [1] https://html.spec.whatwg.org/multipage/semantics.html#processing-the-type-attribute

        Test: imported/w3c/web-platform-tests/html/semantics/document-metadata/the-link-element/link-type-attribute.html

        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::process):

2020-01-02  Chris Dumez  <cdumez@apple.com>

        XMLSerializer doesn't correctly encode entities in <style> element
        https://bugs.webkit.org/show_bug.cgi?id=205635

        Reviewed by Alex Christensen.

        As per [1], when doing an XML serialization of text, we should escape '<', '>' and '&', even
        if the text is inside a <style> element. The <style> element exception is for HTML serialization [2].

        [1] https://w3c.github.io/DOM-Parsing/#xml-serializing-a-text-node
        [2] https://html.spec.whatwg.org/#serialising-html-fragments

        Test: fast/dom/xmlserializer-ampersand-in-style.html

        * editing/MarkupAccumulator.cpp:
        (WebCore::MarkupAccumulator::entityMaskForText const):

2020-01-02  Yusuke Suzuki  <ysuzuki@apple.com> and Simon Fraser  <simon.fraser@apple.com>

        Experiment: create lots of different malloc zones for easier accounting of memory use
        https://bugs.webkit.org/show_bug.cgi?id=186422

        Reviewed by Saam Barati.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/SerializedScriptValue.cpp:
        * bindings/js/SerializedScriptValue.h:
        * css/CSSFontFace.cpp:
        * css/CSSFontFace.h:
        * css/CSSSelector.cpp:
        * css/CSSSelector.h:
        * css/CSSValue.cpp:
        * css/CSSValue.h:
        * css/StyleProperties.cpp:
        (WebCore::ImmutableStyleProperties::create):
        * css/StyleProperties.h:
        * css/StyleRule.cpp:
        * css/StyleRule.h:
        * dom/ElementData.cpp:
        (WebCore::ShareableElementData::createWithAttributes):
        (WebCore::UniqueElementData::makeShareableCopy const):
        * dom/ElementData.h:
        * dom/NodeRareData.cpp:
        * dom/NodeRareData.h:
        * dom/QualifiedName.cpp:
        * dom/QualifiedName.h:
        * html/parser/HTMLDocumentParser.cpp:
        * html/parser/HTMLDocumentParser.h:
        * loader/DocumentLoader.cpp:
        * loader/DocumentLoader.h:
        * loader/ResourceLoader.cpp:
        * loader/ResourceLoader.h:
        * loader/cache/CachedResource.cpp:
        * loader/cache/CachedResource.h:
        * page/PerformanceEntry.cpp:
        * page/PerformanceEntry.h:
        * platform/graphics/Font.cpp:
        * platform/graphics/Font.h:
        * platform/graphics/FontCascadeFonts.cpp:
        * platform/graphics/FontCascadeFonts.h:
        * platform/graphics/Region.cpp:
        * platform/graphics/Region.h:
        * platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm:
        (WebCore::releaseUint8Vector):
        * platform/graphics/cg/ImageBufferCG.cpp:
        (WebCore::ImageBuffer::ImageBuffer):
        * platform/graphics/nicosia/NicosiaBuffer.cpp:
        (Nicosia::Buffer::Buffer):
        * platform/network/ResourceHandle.cpp:
        * platform/network/ResourceHandleInternal.h:
        * platform/network/cf/FormDataStreamCFNet.cpp:
        (WebCore::closeCurrentStream):
        (WebCore::advanceCurrentStream):
        * rendering/RenderLayer.cpp:
        * rendering/RenderLayer.h:
        * rendering/TableLayout.cpp: Copied from Source/JavaScriptCore/parser/SourceProviderCache.cpp.
        * rendering/TableLayout.h:
        * rendering/style/RenderStyle.cpp:
        * rendering/style/RenderStyle.h:
        * rendering/style/SVGRenderStyle.cpp:
        * rendering/style/SVGRenderStyle.h:
        * rendering/style/SVGRenderStyleDefs.cpp:
        * rendering/style/SVGRenderStyleDefs.h:
        * rendering/style/StyleBoxData.cpp:
        * rendering/style/StyleBoxData.h:
        * rendering/style/StyleInheritedData.cpp:
        * rendering/style/StyleInheritedData.h:
        * rendering/style/StyleRareInheritedData.cpp:
        * rendering/style/StyleRareInheritedData.h:
        * rendering/style/StyleRareNonInheritedData.cpp:
        * rendering/style/StyleRareNonInheritedData.h:
        * rendering/style/StyleSurroundData.cpp:
        * rendering/style/StyleSurroundData.h:
        * rendering/style/StyleTransformData.cpp:
        * rendering/style/StyleTransformData.h:
        * style/StyleTreeResolver.cpp:
        * style/StyleTreeResolver.h:
        * svg/animation/SMILTimeContainer.cpp:
        * svg/animation/SMILTimeContainer.h:

2020-01-02  Andy Estes  <aestes@apple.com>

        [Payment Request] Perform payment method data IDL conversion in the PaymentRequest constructor
        https://bugs.webkit.org/show_bug.cgi?id=199225
        <rdar://problem/52217847>

        Reviewed by Darin Adler.

        Implemented support for validating payment method data during Payment Request construction.
        IDL conversion errors for payment method data will now trigger an exception in the
        PaymentRequest constructor rather than being deferred to the show() method.

        Payment Request specified this change in <https://github.com/w3c/payment-request/pull/829>.

        Test: imported/w3c/web-platform-tests/payment-request/constructor_convert_method_data.https.html

        * Modules/applepay/paymentrequest/ApplePayPaymentHandler.cpp:
        (WebCore::convertAndValidate): Moved the logic for converting a JSValue to an
        ApplePayRequest IDL type from ApplePayPaymentHandler::convertData to here.
        (WebCore::ApplePayPaymentHandler::validateData): Added. Checks that the specified JSValue is
        a valid ApplePayRequest, throwing an exception if not.
        (WebCore::ApplePayPaymentHandler::convertData): Changed to use convertAndValidate to convert
        from a JSValue to an ApplePayRequest.
        * Modules/applepay/paymentrequest/ApplePayPaymentHandler.h:
        * Modules/paymentrequest/PaymentHandler.cpp:
        (WebCore::PaymentHandler::validateData): Added. Calls ApplePayPaymentHandler::validateData
        if Apple Pay handles the specified identifier.
        * Modules/paymentrequest/PaymentHandler.h:
        * Modules/paymentrequest/PaymentRequest.cpp:
        (WebCore::parse): Moved up to be callable by PaymentRequest::create.
        (WebCore::PaymentRequest::create): Validated that serializedData can be converted to a valid
        ApplePayRequest, throwing an exception if not.

2020-01-02  Zalan Bujtas  <zalan@apple.com>

        [LFC][Integration] Fix failing text-indent cases when the IFC root is an anonymous box
        https://bugs.webkit.org/show_bug.cgi?id=205693
        <rdar://problem/58284277>

        Reviewed by Antti Koivisto.

        During text-indent computation we would normally check if the IFC root is anonymous and if so,
        whether it's the first child of its parent element.
        e.g. <div><div>text</div>this text is wrapped inside an anonymous renderer</div>
        The IFC root of the "this text.." content is an anonymous container and it is not
        the first child of its parent renderer.
        However in the LFC integration case, we can't go beyond the IFC root and check for parent-child status. 

        * layout/LayoutState.h:
        (WebCore::Layout::LayoutState::isIntegratedRootBoxFirstChild const):
        * layout/inlineformatting/InlineFormattingContext.cpp:
        (WebCore::Layout::InlineFormattingContext::constraintsForLine):
        * layout/layouttree/LayoutBox.h:
        (WebCore::Layout::Box::isAnonymous const):
        * layout/layouttree/LayoutTreeBuilder.cpp:
        (WebCore::Layout::TreeBuilder::buildLayoutTreeForIntegration):
        (WebCore::Layout::LayoutTreeContent::setRootIsFirstChild):
        (WebCore::Layout::LayoutTreeContent::isRootFirstChild const):
        (WebCore::Layout::TreeBuilder::createLayoutBox):
        * layout/layouttree/LayoutTreeBuilder.h:

2020-01-02  Alex Christensen  <achristensen@webkit.org>

        Add SPI to disable CORS on requests to URLs matching a pattern
        https://bugs.webkit.org/show_bug.cgi?id=205534
        <rdar://problem/58011337>

        Reviewed by Chris Dumez.

        This should allow us to remove the layering violation in LegacySchemeRegistry::isUserExtensionScheme
        and fix the bug in the radar.  The SPI is exercised by a new API test.

        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::DocumentThreadableLoader):
        * page/Page.cpp:
        (WebCore::m_deviceOrientationUpdateProvider):
        (WebCore::Page::shouldDisableCorsForRequestTo const):
        * page/Page.h:
        * page/PageConfiguration.h:
        * platform/LegacySchemeRegistry.cpp:
        (WebCore::LegacySchemeRegistry::isUserExtensionScheme):

2020-01-02  Zalan Bujtas  <zalan@apple.com>

        [LFC][IFC] Text-indent shrinks the available horizontal space
        https://bugs.webkit.org/show_bug.cgi?id=205688
        <rdar://problem/58279938>

        Reviewed by Antti Koivisto.

        * layout/inlineformatting/InlineFormattingContext.cpp:
        (WebCore::Layout::InlineFormattingContext::constraintsForLine):

2020-01-02  Sam Weinig  <weinig@apple.com>

        Simplify StringBuilder API/align with makeString by removing appendFixed* functions and using FormatNumber struct instead
        https://bugs.webkit.org/show_bug.cgi?id=205671

        Reviewed by Alex Christensen.

        * css/CSSFontVariationValue.cpp:
        * css/CSSKeyframeRule.cpp:
        * css/CSSTimingFunctionValue.cpp:
        * css/parser/CSSParserToken.cpp:
        * html/HTMLImageElement.cpp:
        * page/scrolling/AxisScrollSnapOffsets.cpp:
        * platform/graphics/Color.cpp:
        * platform/graphics/ExtendedColor.cpp:
        * platform/graphics/ca/win/PlatformCALayerWin.cpp:
        * platform/graphics/freetype/FontCacheFreeType.cpp:
        * svg/SVGNumberList.h:
        * svg/SVGPathStringBuilder.cpp:
        * svg/SVGPointList.h:
        * svg/SVGTransformValue.h:
        * svg/properties/SVGPropertyTraits.h:
        * testing/Internals.cpp:
        Replace all uses of builder.appendFixedPrecisionNumber(...) with builder.append(FormattedNumber::fixedPrecision(...))
        and builder.appendFixedWidthNumber(...) with with builder.append(FormattedNumber::fixedWidth(...))

2020-01-01  Joonghun Park  <jh718.park@samsung.com>

        Unreviewed. Remove the build warning below since r253939.
        warning: no return statement in function returning non-void [-Wreturn-type]

        No new tests, no behavioral changes.

        * platform/graphics/texmap/GraphicsContext3DTextureMapper.cpp:
        (WebCore::GraphicsContext3D::mapBufferRange):

2020-01-01  Zalan Bujtas  <zalan@apple.com>

        [LFC][Integration] Provide the viewport size when faking ICB
        https://bugs.webkit.org/show_bug.cgi?id=205676
        <rdar://problem/58263799>

        Reviewed by Antti Koivisto.

        Normally we would get the viewport size by checking the ICB, but in integration mode
        the ICB is not sized to the size of the RenderView.

        * layout/LayoutState.cpp:
        (WebCore::Layout::LayoutState::setViewportSize):
        (WebCore::Layout::LayoutState::viewportSize const):
        * layout/LayoutState.h:
        * layout/inlineformatting/InlineFormattingContext.cpp:
        (WebCore::Layout::InlineFormattingContext::setDisplayBoxesForLine):
        * layout/integration/LayoutIntegrationLineLayout.cpp:
        (WebCore::LayoutIntegration::LineLayout::prepareRootGeometryForLayout):

2020-01-01  Antti Koivisto  <antti@apple.com>

        Make SelectorCompiler interface use CompiledSelector type
        https://bugs.webkit.org/show_bug.cgi?id=205673

        Reviewed by Sam Weinig.

        SelectorCompiler interface is currently rather low-level, taking void* code references.
        Expand use of CompiledSelector type to simplify clients.

        * cssjit/CompiledSelector.h:
        (WebCore::CompiledSelector::wasUsed):
        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::compileSelector):

        Generate code directory to a CompiledSelector.

        * cssjit/SelectorCompiler.h:
        (WebCore::SelectorCompiler::ruleCollectorSimpleSelectorCheckerFunction):
        (WebCore::SelectorCompiler::querySelectorSimpleSelectorCheckerFunction):
        (WebCore::SelectorCompiler::ruleCollectorSelectorCheckerFunctionWithCheckingContext):
        (WebCore::SelectorCompiler::querySelectorSelectorCheckerFunctionWithCheckingContext):

        Take CompiledSelector.

        * dom/SelectorQuery.cpp:
        (WebCore::SelectorDataList::SelectorDataList):
        (WebCore::SelectorDataList::executeCompiledSimpleSelectorChecker const):
        (WebCore::SelectorDataList::executeCompiledSelectorCheckerWithCheckingContext const):
        (WebCore::SelectorDataList::executeCompiledSingleMultiSelectorData const):
        (WebCore::SelectorDataList::compileSelector):
        (WebCore::SelectorDataList::execute const):
        (WebCore::isCompiledSelector): Deleted.
        * dom/SelectorQuery.h:
        (WebCore::SelectorDataList::SelectorData::SelectorData): Deleted.
        (WebCore::SelectorDataList::SelectorData::~SelectorData): Deleted.
        (WebCore::SelectorDataList::SelectorData::compiledSelectorUsed const): Deleted.

        Replace SelectorData fields with a CompiledSelector member.

        * style/ElementRuleCollector.cpp:
        (WebCore::Style::ElementRuleCollector::ruleMatches):

2020-01-01  Zalan Bujtas  <zalan@apple.com>

        [LFC][IFC] Add support for ink overflow
        https://bugs.webkit.org/show_bug.cgi?id=205674
        <rdar://problem/58262376>

        Reviewed by Antti Koivisto.

        Add ink overflow information to Display::Run and to each Display::LineBox while
        the display boxes are being created.
        (Eventually we should add both scrollable and ink overflow to Display::Box)

        * layout/displaytree/DisplayInlineRect.h:
        (WebCore::Display::InlineRect::expandToContain):
        (WebCore::Display::InlineRect::inflate):
        * layout/displaytree/DisplayLineBox.h:
        (WebCore::Display::LineBox::scrollableOverflow const):
        (WebCore::Display::LineBox::inkOverflow const):
        (WebCore::Display::LineBox::setScrollableOverflow):
        (WebCore::Display::LineBox::setInkOverflow):
        (WebCore::Display::LineBox::scrollableOverflowRect const): Deleted.
        (WebCore::Display::LineBox::setScrollableOverflowRect): Deleted.
        * layout/displaytree/DisplayRun.h:
        (WebCore::Display::Run::inkOverflow const):
        (WebCore::Display::Run::Run):
        * layout/inlineformatting/InlineFormattingContext.cpp:
        (WebCore::Layout::InlineFormattingContext::setDisplayBoxesForLine):
        * layout/inlineformatting/InlineLineBuilder.cpp:
        (WebCore::Layout::LineBuilder::alignContentVertically):
        * layout/integration/LayoutIntegrationLineLayout.cpp:
        (WebCore::LayoutIntegration::LineLayout::collectOverflow):
        (WebCore::LayoutIntegration::LineLayout::paint):
        (WebCore::LayoutIntegration::computeVisualOverflow): Deleted.
        * platform/graphics/LayoutSize.h:
        (WebCore::ceiledIntSize):

2019-12-22  Jeff Miller  <jeffm@apple.com>

        Update user-visible copyright strings to include 2020
        https://bugs.webkit.org/show_bug.cgi?id=205552

        Reviewed by Darin Adler.

        * Info.plist:

2020-01-01  youenn fablet  <youenn@apple.com>

        ServiceWorkerJobData should have a move constructor
        https://bugs.webkit.org/show_bug.cgi?id=205555
        <rdar://problem/57853373>

        Reviewed by Darin Adler.

        Previously, ServiceWorkerJobData did not have a move constructor.
        Refactor code to enable it.
        This improves efficiency and ensures that strings and other ref counted fields are
        properly moved and isolated.
        Covered by existing tests.

        * workers/service/ServiceWorkerJobData.cpp:
        (WebCore::ServiceWorkerJobData::isolatedCopy const):
        * workers/service/ServiceWorkerJobData.h:
        (WebCore::ServiceWorkerJobData::decode):

2020-01-01  youenn fablet  <youenn@apple.com>

        Implement transceiver setCodecPreferences
        https://bugs.webkit.org/show_bug.cgi?id=190840
        <rdar://problem/45496326>

        Reviewed by Eric Carlson.

        Add binding code to pipe setCodecPreferences up to webrtc backend,
        Covered by updated and rebased tests.

        * CMakeLists.txt:
        * DerivedSources-input.xcfilelist:
        * DerivedSources-output.xcfilelist:
        * DerivedSources.make:
        * Modules/mediastream/RTCRtpCapabilities.idl:
        * Modules/mediastream/RTCRtpCodecCapability.idl: Added.
        * Modules/mediastream/RTCRtpTransceiver.cpp:
        (WebCore::RTCRtpTransceiver::setCodecPreferences):
        * Modules/mediastream/RTCRtpTransceiver.h:
        * Modules/mediastream/RTCRtpTransceiver.idl:
        * Modules/mediastream/RTCRtpTransceiverBackend.h:
        * Modules/mediastream/libwebrtc/LibWebRTCObservers.h:
        (WebCore::toExceptionCode): Deleted.
        * Modules/mediastream/libwebrtc/LibWebRTCRtpTransceiverBackend.cpp:
        (WebCore::toRtpCodecCapability):
        (WebCore::LibWebRTCRtpTransceiverBackend::setCodecPreferences):
        * Modules/mediastream/libwebrtc/LibWebRTCRtpTransceiverBackend.h:
        * Modules/mediastream/libwebrtc/LibWebRTCUtils.cpp:
        (WebCore::toExceptionCode):
        (WebCore::toException):
        * Modules/mediastream/libwebrtc/LibWebRTCUtils.h:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/mediastream/RTCRtpCapabilities.h:
        (): Deleted.
        * platform/mediastream/RTCRtpCodecCapability.h: Added.
        * platform/mediastream/libwebrtc/LibWebRTCProvider.cpp:
        (WebCore::toRTCRtpCapabilities):

2020-01-01  Rob Buis  <rbuis@igalia.com>

        Make better use of HTTPHeaderValues constants
        https://bugs.webkit.org/show_bug.cgi?id=205672

        Reviewed by Youenn Fablet.

        Use HTTPHeaderValues constants instead of allocating
        temporary strings.

        * Modules/websockets/ThreadableWebSocketChannel.cpp:
        (WebCore::ThreadableWebSocketChannel::webSocketConnectRequest):
        * Modules/websockets/WebSocketHandshake.cpp:
        (WebCore::WebSocketHandshake::clientHandshakeRequest const):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::addExtraFieldsToRequest):
        * loader/PingLoader.cpp:
        (WebCore::PingLoader::loadImage):
        (WebCore::PingLoader::sendPing):
        * loader/appcache/ApplicationCacheGroup.cpp:
        (WebCore::ApplicationCacheGroup::createRequest):
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::load):

2019-12-31  Peng Liu  <peng.liu6@apple.com>

        Add remote media resource loader for the GPU process
        https://bugs.webkit.org/show_bug.cgi?id=205379

        Reviewed by Youenn Fablet.

        There are two definitions of ShouldContinue: WebCore::ScriptExecutionContext::ShouldContinue
        and WebCore::ShouldContinue. This patch moves WebCore::ShouldContinue to
        WebCore::PolicyChecker::ShouldContinue in order to support transmitting it in XPC messages.

        Tests: media/audio-play-with-video-element.html
               media/audio-play.html

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadURL):
        (WebCore::FrameLoader::load):
        (WebCore::FrameLoader::loadPostRequest):
        (WebCore::FrameLoader::continueLoadAfterNewWindowPolicy):
        * loader/FrameLoader.h:
        * loader/MediaResourceLoader.cpp:
        (WebCore::MediaResource::responseReceived):
        * loader/PolicyChecker.h:
        * platform/graphics/PlatformMediaResourceLoader.h:
        (WebCore::PlatformMediaResourceClient::responseReceived):
        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (CachedResourceStreamingClient::responseReceived):
        * platform/network/cocoa/WebCoreNSURLSession.mm:
        (WebCore::WebCoreNSURLSessionDataTaskClient::responseReceived):
        (-[WebCoreNSURLSessionDataTask resource:receivedResponse:completionHandler:]):

2019-12-20  Darin Adler  <darin@apple.com>

        Tidy a bit of StringBuilder usage
        https://bugs.webkit.org/show_bug.cgi?id=205509

        Reviewed by Sam Weinig.

        * dom/Range.cpp:
        (WebCore::Range::toString const): Remove redundant range checking and let the
        StringBuilder::appendSubstring take care of it.

        * editing/MarkupAccumulator.cpp:
        (WebCore::appendCharactersReplacingEntitiesInternal): Use appendSubstring.
        (WebCore::MarkupAccumulator::appendNamespace): Use single calls to
        StringBuilder::append with multiple arguments rather than multiple calls.

2019-12-31  Zalan Bujtas  <zalan@apple.com>

        [LFC][IFC] Add scrollable overflow rect to Display::LineBox
        https://bugs.webkit.org/show_bug.cgi?id=205661
        <rdar://problem/58256282>

        Reviewed by Antti Koivisto.

        Compute layout overflow rect while closing the line and adjusting the rust vertically.

        * layout/displaytree/DisplayInlineRect.h:
        (WebCore::Display::InlineRect::setBottom):
        (WebCore::Display::InlineRect::expandVerticallyToContain):
        * layout/displaytree/DisplayLineBox.h:
        (WebCore::Display::LineBox::scrollableOverflowRect const):
        (WebCore::Display::LineBox::logicalTopLeft const):
        (WebCore::Display::LineBox::setScrollableOverflowRect):
        * layout/inlineformatting/InlineLineBuilder.cpp:
        (WebCore::Layout::LineBuilder::alignContentVertically):
        * layout/integration/LayoutIntegrationLineLayout.cpp:
        (WebCore::LayoutIntegration::LineLayout::collectOverflow):

2019-12-31  Zalan Bujtas  <zalan@apple.com>

        [LFC][IFC] Fix imported/w3c/web-platform-tests/css/css-text/white-space/pre-wrap-014.html
        https://bugs.webkit.org/show_bug.cgi?id=205657
        <rdar://problem/58254951>

        Reviewed by Antti Koivisto.

        Use the adjusted available width when justifying the runs during line close.

        * layout/inlineformatting/InlineLineBuilder.cpp:
        (WebCore::Layout::LineBuilder::justifyRuns const):
        (WebCore::Layout::LineBuilder::alignHorizontally):
        * layout/inlineformatting/InlineLineBuilder.h:

2019-12-31  Antti Koivisto  <antti@apple.com>

        StyleRule accessor in RuleData should return a const reference
        https://bugs.webkit.org/show_bug.cgi?id=205655

        Reviewed by Zalan Bujtas.

        It is currently a non-const pointer.

        This leads to StyleRule being const in many other places too.

        * css/StyleRule.h:
        (WebCore::StyleRuleBase::deref const):
        (WebCore::StyleRuleBase::deref): Deleted.

        Make deref const, matching RefCounted and allowing RefPtr<const StyleRule>
        
        * editing/EditingStyle.cpp:
        (WebCore::styleFromMatchedRulesForElement):
        * inspector/agents/InspectorCSSAgent.cpp:
        (WebCore::InspectorCSSAgent::buildObjectForRule):
        (WebCore::InspectorCSSAgent::buildArrayForMatchedRuleList):
        * inspector/agents/InspectorCSSAgent.h:
        * style/ElementRuleCollector.cpp:
        (WebCore::Style::ElementRuleCollector::matchedRuleList const):
        (WebCore::Style::ElementRuleCollector::transferMatchedRules):
        (WebCore::Style::ElementRuleCollector::ruleMatches):
        (WebCore::Style::ElementRuleCollector::collectMatchingRulesForList):
        * style/ElementRuleCollector.h:
        * style/InspectorCSSOMWrappers.cpp:
        (WebCore::Style::InspectorCSSOMWrappers::getWrapperForRuleInSheets):
        * style/InspectorCSSOMWrappers.h:
        * style/RuleData.cpp:
        (WebCore::Style::RuleData::RuleData):
        * style/RuleData.h:
        (WebCore::Style::RuleData::styleRule const):
        (WebCore::Style::RuleData::compiledSelector const):
        (WebCore::Style::RuleData::rule const): Deleted.
        * style/RuleFeature.cpp:
        (WebCore::Style::RuleFeature::RuleFeature):
        (WebCore::Style::RuleFeatureSet::collectFeatures):
        * style/RuleFeature.h:
        (WebCore::Style::RuleFeature::RuleFeature): Deleted.
        * style/RuleSet.cpp:
        (WebCore::Style::RuleSet::addRule):
        (WebCore::Style::RuleSet::addStyleRule):
        (WebCore::Style::RuleSet::evaluteDynamicMediaQueryRules):
        (WebCore::Style::RuleSet::MediaQueryCollector::addRuleIfNeeded):
        * style/RuleSet.h:
        * style/StyleResolver.cpp:
        (WebCore::Style::Resolver::styleRulesForElement):
        (WebCore::Style::Resolver::pseudoStyleRulesForElement):
        * style/StyleResolver.h:
        * style/StyleScopeRuleSets.cpp:
        (WebCore::Style::makeRuleSet):
        (WebCore::Style::ensureInvalidationRuleSets):

2019-12-31  Zalan Bujtas  <zalan@apple.com>

        [LFC][IFC](Regression r253909) Fix fast/text/simple-line-with-br.html
        https://bugs.webkit.org/show_bug.cgi?id=205653
        <rdar://problem/58248900>

        Reviewed by Antti Koivisto.

        When the inline content is followed by a line break (e.g. text content<br>), the line
        break should not initiate a new line unless the line is empty (e.g text content<br><br>).
        Let's include the line break in the LineCandidateContent so that we can close the line by
        adding the trailing line break (This is a partial revert of r253909). 

        * layout/inlineformatting/LineLayoutContext.cpp:
        (WebCore::Layout::nextWrapOpportunity):
        (WebCore::Layout::LineCandidateContent::inlineRuns const):
        (WebCore::Layout::LineCandidateContent::trailingLineBreak const):
        (WebCore::Layout::LineCandidateContent::setTrailingLineBreak):
        (WebCore::Layout::LineCandidateContent::append):
        (WebCore::Layout::LineLayoutContext::layoutLine):
        (WebCore::Layout::LineLayoutContext::nextContentForLine):
        (WebCore::Layout::LineLayoutContext::tryAddingInlineItems):
        (WebCore::Layout::LineCandidateContent::runs const): Deleted.
        (WebCore::Layout::LineCandidateContent::isLineBreak const): Deleted.
        (WebCore::Layout::LineCandidateContent::setIsLineBreak): Deleted.
        * layout/inlineformatting/LineLayoutContext.h:

2019-12-31  youenn fablet  <youenn@apple.com>

        Implement RTC VTB decoders in GPUProcess
        https://bugs.webkit.org/show_bug.cgi?id=205607

        Reviewed by Eric Carlson.

        Add routine to create a RemoveVideoSample from a pixel buffer.
        Update LibWebRTCProvider to enable/disable decoding in GPU Process and add internals API.

        Test: webrtc/video-gpuProcess.html

        * platform/graphics/RemoteVideoSample.cpp:
        (WebCore::RemoteVideoSample::create):
        * platform/graphics/RemoteVideoSample.h:
        * platform/graphics/cv/ImageTransferSessionVT.h:
        * platform/mediastream/libwebrtc/LibWebRTCProvider.cpp:
        (WebCore::LibWebRTCProvider::setUseGPUProcess):
        * platform/mediastream/libwebrtc/LibWebRTCProvider.h:
        * platform/mediastream/libwebrtc/LibWebRTCProviderCocoa.h:
        * testing/Internals.cpp:
        (WebCore::Internals::resetToConsistentState):
        (WebCore::Internals::setUseGPUProcessForWebRTC):
        * testing/Internals.h:
        * testing/Internals.idl:

2019-12-30  Eric Carlson  <eric.carlson@apple.com>

        Create media mime type cache base class to reduce duplicate code
        https://bugs.webkit.org/show_bug.cgi?id=205632
        <rdar://problem/58233565>

        Reviewed by Jer Noble.

        No new tests, no functional change.
        
        AVStreamDataParserMIMETypeCache and AVAssetMIMETypeCache have a lot of very similar code,
        so create MIMETypeCache as a base class. Also move most of the logic from 
        MediaPlayerPrivateMediaSourceAVFObjC::supportsType and MediaPlayerPrivateAVFoundationObjC::supportsType
        in the caches.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:

        * platform/MIMETypeRegistry.cpp:
        (WebCore::MIMETypeRegistry::isSupportedImageVideoOrSVGMIMEType): Call supportsContainerType.

        * platform/graphics/MIMETypeCache.cpp: Added.
        (WebCore::MIMETypeCache::supportedTypes):
        (WebCore::MIMETypeCache::supportsContainerType):
        (WebCore::MIMETypeCache::canDecodeType):
        (WebCore::MIMETypeCache::canDecodeTypePrivate):
        (WebCore::MIMETypeCache::setSupportedTypes):
        (WebCore::MIMETypeCache::addSupportedType):
        (WebCore::MIMETypeCache::staticContainerTypeList):
        * platform/graphics/MIMETypeCache.h: Added.
        (WebCore::MIMETypeCache::isUnsupportedType):
        (WebCore::MIMETypeCache::isAvailable const):
        (WebCore::MIMETypeCache::canDecodeTypeInternal):
        (WebCore::MIMETypeCache::initializeCache):

        * platform/graphics/MediaPlayer.h:
        (WebCore::MediaEngineSupportParameters::encode const): Drive-by fix - add missing variable.

        * platform/graphics/avfoundation/objc/AVAssetMIMETypeCache.h:
        * platform/graphics/avfoundation/objc/AVAssetMIMETypeCache.mm:
        (WebCore::AVAssetMIMETypeCache::isAvailable const):
        (WebCore::AVAssetMIMETypeCache::canDecodeTypeInternal):
        (WebCore::AVAssetMIMETypeCache::isUnsupportedType):
        (WebCore::AVAssetMIMETypeCache::staticContainerTypeList):
        (WebCore::AVAssetMIMETypeCache::initializeCache):
        (WebCore::AVAssetMIMETypeCache::setSupportedTypes): Moved to base class.
        (WebCore::AVAssetMIMETypeCache::types): Moved to base class as supportedTypes.
        (WebCore::AVAssetMIMETypeCache::supportsContentType): Renamed supportsContainerType.
        (WebCore::AVAssetMIMETypeCache::canDecodeType): Moved to base class.
        (WebCore::AVAssetMIMETypeCache::loadMIMETypes): Deleted.

        * platform/graphics/avfoundation/objc/AVStreamDataParserMIMETypeCache.h:
        * platform/graphics/avfoundation/objc/AVStreamDataParserMIMETypeCache.mm:
        (WebCore::AVStreamDataParserMIMETypeCache::canDecodeTypeInternal):
        (WebCore::AVStreamDataParserMIMETypeCache::initializeCache):
        (WebCore::AVStreamDataParserMIMETypeCache::types): Moved to base class as supportedTypes.
        (WebCore::AVStreamDataParserMIMETypeCache::supportsContentType): Renamed supportsContainerType.
        (WebCore::AVStreamDataParserMIMETypeCache::canDecodeType): Moved to base class.
        (WebCore::AVStreamDataParserMIMETypeCache::loadMIMETypes): Deleted.

        * platform/graphics/avfoundation/objc/ImageDecoderAVFObjC.h:
        * platform/graphics/avfoundation/objc/ImageDecoderAVFObjC.mm:
        (WebCore::ImageDecoderAVFObjC::supportsContainerType): Renamed from supportsContentType.
        (WebCore::ImageDecoderAVFObjC::canDecodeType):
        (WebCore::ImageDecoderAVFObjC::supportsContentType): Deleted.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::getSupportedTypes):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::supportsType):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::supportsKeySystem):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::getSupportedTypes):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::supportsType):

2019-12-30  Zalan Bujtas  <zalan@apple.com>

        [LFC][Integration] Do not apply trailing whitespace quirk when content is right aligned.
        https://bugs.webkit.org/show_bug.cgi?id=205634
        <rdar://problem/58234523>

        Reviewed by Antti Koivisto.

        Apparently we don't always need this quirk. See SimpleLineLayout::createLineRuns.

        * layout/inlineformatting/InlineLineBuilder.cpp:
        (WebCore::Layout::LineBuilder::removeTrailingCollapsibleContent):
        * layout/inlineformatting/InlineLineBuilder.h:
        (WebCore::Layout::LineBuilder::isTextAlignRight const):

2019-12-30  Brady Eidson  <beidson@apple.com>

        Add WKWebView SPI to evaluate a function with arguments
        https://bugs.webkit.org/show_bug.cgi?id=205239

        Reviewed by Alex Christensen.

        Covered by new API tests.

        * Headers.cmake:
        * WebCore.xcodeproj/project.pbxproj:
        
        * bindings/js/ExceptionDetails.h:
        
        * bindings/js/RunJavaScriptParameters.h: Added.
        (WebCore::RunJavaScriptParameters::RunJavaScriptParameters):
        (WebCore::RunJavaScriptParameters::encode const):
        (WebCore::RunJavaScriptParameters::decode):
        
        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::executeScriptInWorldIgnoringException):
        (WebCore::ScriptController::executeScriptInWorld):
        (WebCore::ScriptController::callInWorld):
        (WebCore::ScriptController::executeUserAgentScriptInWorld):
        (WebCore::ScriptController::executeUserAgentScriptInWorldInternal):
        (WebCore::ScriptController::executeAsynchronousUserAgentScriptInWorld):
        * bindings/js/ScriptController.h:
        
        XPathGrammar changes completely unrelated to the functionality of this patch,
        but because of our poor #include hygiene these were necessary to keep linuxes building.
        * xml/XPathGrammar.cpp:
        * xml/XPathGrammar.y:

2019-12-30  Antti Koivisto  <antti@apple.com>

        Style invalidation cleanups
        https://bugs.webkit.org/show_bug.cgi?id=205644

        Reviewed by Zalan Bujtas.

        Move more of the invalidation code from Style::Scope to Style::Invalidator.

        * style/StyleInvalidator.cpp:
        (WebCore::Style::Invalidator::invalidateStyle):
        (WebCore::Style::Invalidator::invalidateAllStyle):
        (WebCore::Style::Invalidator::invalidateHostAndSlottedStyleIfNeeded):
        * style/StyleInvalidator.h:
        * style/StyleScope.cpp:
        (WebCore::Style::Scope::analyzeStyleSheetChange):

        Return StyleSheetChange struct.

        (WebCore::Style::Scope::updateActiveStyleSheets):
        (WebCore::Style::Scope::invalidateStyleAfterStyleSheetChange):

        Use StyleSheetChange to invalidate the style.

        (WebCore::Style::Scope::updateResolver):
        (WebCore::Style::Scope::scheduleUpdate):
        (WebCore::Style::Scope::evaluateMediaQueries):
        (WebCore::Style::invalidateHostAndSlottedStyleIfNeeded): Deleted.
        * style/StyleScope.h:
        (WebCore::Style::Scope::document):
        (WebCore::Style::Scope::shadowRoot const):
        (WebCore::Style::Scope::shadowRoot):

2019-12-30  Zalan Bujtas  <zalan@apple.com>

        [LFC][IFC] Fix imported/w3c/web-platform-tests/css/css-text/white-space/white-space-wrap-after-nowrap-001.html
        https://bugs.webkit.org/show_bug.cgi?id=205633
        <rdar://problem/58234239>

        Reviewed by Antti Koivisto.

        When the LineBreaker comes back with Action::Revert (meaning that the line
        needs to be reverted back to an earlier line wrap opportunity), call LineBuilder::revert and
        close the line.

        * layout/inlineformatting/InlineLineBreaker.cpp:
        (WebCore::Layout::LineBreaker::tryWrappingInlineContent const): Return push when the current content can be wrapped.
        (WebCore::Layout::ContinousContent::ContinousContent):
        (WebCore::Layout::ContinousContent::lastWrapOpportunityIndex const): Fix the last position logic.
        * layout/inlineformatting/InlineLineBuilder.cpp:
        (WebCore::Layout::LineBuilder::revert):
        (WebCore::Layout::LineBuilder::collectHangingContent):
        * layout/inlineformatting/InlineLineBuilder.h:
        * layout/inlineformatting/LineLayoutContext.cpp:
        (WebCore::Layout::endsWithSoftWrapOpportunity):
        (WebCore::Layout::LineLayoutContext::layoutLine):
        (WebCore::Layout::LineLayoutContext::tryAddingFloatItems):
        (WebCore::Layout::LineLayoutContext::tryAddingInlineItems):
        (WebCore::Layout::LineLayoutContext::addFloatItems): Deleted.
        (WebCore::Layout::LineLayoutContext::checkForLineWrapAndCommit): Deleted.
        * layout/inlineformatting/LineLayoutContext.h:

2019-12-30  youenn fablet  <youenn@apple.com>

        Ignore URL host for schemes that are not using host information
        https://bugs.webkit.org/show_bug.cgi?id=205157
        rdar://problem/57825963

        Reviewed by Darin Adler.

        Tests: http/tests/local/file-url-host.html
               http/tests/security/about-url-host.html
               http/tests/security/data-url-host.html
               http/tests/security/javascript-url-host.html

        Whenever setting the document URL, remove the host information if its scheme is not supposed to have a host.
        This is done for file, data and about schemes.

        Add internals APIs to test this.

        * dom/Document.cpp:
        (WebCore::Document::setURL):
        * page/DOMWindow.h:
        * page/Location.h:
        * page/Location.idl:
        * page/SecurityOrigin.cpp:
        (WebCore::SecurityOrigin::shouldIgnoreHost):
        * page/SecurityOrigin.h:
        * testing/Internals.cpp:
        (WebCore::Internals::windowLocationHost):
        * testing/Internals.h:
        * testing/Internals.idl:

2019-12-29  Yusuke Suzuki  <ysuzuki@apple.com>

        Unreviewed, build fix after r253938
        https://bugs.webkit.org/show_bug.cgi?id=205629

        * layout/inlineformatting/InlineLineBuilder.cpp:
        (WebCore::Layout::LineBuilder::revert):

2019-12-29  Peng Liu  <peng.liu6@apple.com>

        Tweak the format and comment in the code to support media in GPU process
        https://bugs.webkit.org/show_bug.cgi?id=205631

        Reviewed by Eric Carlson.

        No new tests, no functional change.

        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::platformLayer const):
        (WebCore::MediaPlayerPrivateInterface::timedMetadata const):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::beginLoadingMetadata):

2019-12-29  Eric Carlson  <eric.carlson@apple.com>

        Cleanup media IPC encoders
        https://bugs.webkit.org/show_bug.cgi?id=205630
        <rdar://problem/58232173>

        Reviewed by Anders Carlsson.

        No new tests, no functional change.

        * platform/graphics/MediaPlayer.h:
        (WebCore::MediaEngineSupportParameters::decode):

2019-12-27  Dean Jackson  <dino@apple.com>

        [WebGL] Add a pure virtual base class for GraphicsContext3D
        https://bugs.webkit.org/show_bug.cgi?id=205604

        Reviewed by Sam Weinig.

        This is the first step in a series of patches to allow multiple versions
        of GraphicsContext3D to exist, each using a different backend rendering
        system. I've added a GraphicsContext3DBase class (that will eventually
        be named GraphicsContext3D) holding all the WebGL entry points as well
        as some common helper functions.

        I also took the chance to move some enums into enum classes, which
        makes it more obvious where things come from. I also removed some
        unused interfaces: WebGLRenderingContextErrorMessageCallback and
        WebGLRenderingContextLostMessageCallback.

        The existing GraphicsContext3D now inherits from the base class,
        but is otherwise nearly identical. The next step will be to make
        different instances rather than the mix of #if macros we have now.
        The virtual functions are marked "override" for now, but will become
        "final" in the instances.

        There should be no change in functionality.

        * Headers.cmake:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * html/canvas/WebGLProgram.cpp:
        (WebCore::WebGLProgram::cacheActiveAttribLocations):
        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::initializeNewContext):
        (WebCore::WebGLRenderingContextBase::destroyGraphicsContext3D):
        (WebCore::WebGLRenderingContextBase::getActiveAttrib):
        (WebCore::WebGLRenderingContextBase::getActiveUniform):
        (WebCore::WebGLRenderingContextBase::getContextAttributes):
        (WebCore::WebGLRenderingContextBase::getUniformLocation):
        (WebCore::WebGLRenderingContextBase::texImage2DImpl):
        (WebCore::WebGLRenderingContextBase::texSubImage2DImpl):
        (WebCore::WebGLRenderingContextBase::texSubImage2D):
        (WebCore::WebGLRenderingContextBase::texImage2D):
        (WebCore::WebGLRenderingContextBase::isTexInternalFormatColorBufferCombinationValid):
        (WebCore::WebGLRenderingContextLostCallback::WebGLRenderingContextLostCallback): Deleted.
        (WebCore::WebGLRenderingContextErrorMessageCallback::WebGLRenderingContextErrorMessageCallback): Deleted.
        * html/canvas/WebGLRenderingContextBase.h:
        * platform/graphics/FormatConverter.cpp:
        (WebCore::uint8_t>):
        (WebCore::float>):
        (WebCore::uint16_t>):
        (WebCore::FormatConverter::convert):
        * platform/graphics/GraphicsContext3D.cpp:
        (WebCore::GraphicsContext3D::ImageExtractor::ImageExtractor):
        (WebCore::GraphicsContext3D::extractImageData):
        (WebCore::GraphicsContext3D::extractTextureData):
        (WebCore::TexelBytesForFormat):
        (WebCore::GraphicsContext3D::packPixels):
        (WebCore::GraphicsContext3D::getClearBitsByAttachmentType): Deleted.
        (WebCore::GraphicsContext3D::getClearBitsByFormat): Deleted.
        (WebCore::GraphicsContext3D::getChannelBitsByFormat): Deleted.
        * platform/graphics/GraphicsContext3D.h:
        (WebCore::GraphicsContext3D::ImageExtractor::imageHtmlDomSource):
        (WebCore::GraphicsContext3D::platformGraphicsContext3D const): Deleted.
        (WebCore::GraphicsContext3D::platformTexture const): Deleted.
        (WebCore::GraphicsContext3D::platformLayer const): Deleted.
        (WebCore::GraphicsContext3D::hasAlpha): Deleted.
        (WebCore::GraphicsContext3D::hasColor): Deleted.
        (WebCore::GraphicsContext3D::srcFormatComesFromDOMElementOrImageData): Deleted.
        * platform/graphics/GraphicsTypes3D.h:
        * platform/graphics/angle/GraphicsContext3DANGLE.cpp:
        (WebCore::GraphicsContext3D::readPixelsAndConvertToBGRAIfNecessary):
        (WebCore::GraphicsContext3D::reshapeFBOs):
        (WebCore::GraphicsContext3D::attachDepthAndStencilBufferIfNeeded):
        (WebCore::GraphicsContext3D::readPixels):
        (WebCore::GraphicsContext3D::validateDepthStencil):
        (WebCore::GraphicsContext3D::paintRenderingResultsToCanvas):
        (WebCore::GraphicsContext3D::paintRenderingResultsToImageData):
        (WebCore::GraphicsContext3D::prepareTexture):
        (WebCore::GraphicsContext3D::readRenderingResults):
        (WebCore::GraphicsContext3D::reshape):
        (WebCore::GraphicsContext3D::bindFramebuffer):
        (WebCore::GraphicsContext3D::copyTexImage2D):
        (WebCore::GraphicsContext3D::copyTexSubImage2D):
        (WebCore::GraphicsContext3D::getContextAttributes): Deleted.
        * platform/graphics/cg/GraphicsContext3DCG.cpp:
        (WebCore::getSourceDataFormat):
        (WebCore::GraphicsContext3D::ImageExtractor::extractImage):
        * platform/graphics/cocoa/GraphicsContext3DCocoa.mm:
        (WebCore::GraphicsContext3D::create):
        (WebCore::GraphicsContext3D::createShared):
        (WebCore::GraphicsContext3D::GraphicsContext3D):
        (WebCore::GraphicsContext3D::~GraphicsContext3D):
        (WebCore::GraphicsContext3D::setRenderbufferStorageFromDrawable):
        (WebCore::GraphicsContext3D::makeContextCurrent):
        (WebCore::GraphicsContext3D::checkGPUStatus):
        (WebCore::GraphicsContext3D::presentRenderbuffer):
        (WebCore::GraphicsContext3D::texImageIOSurface2D):
        (WebCore::GraphicsContext3D::allocateIOSurfaceBackingStore):
        (WebCore::GraphicsContext3D::updateCGLContext):
        (WebCore::GraphicsContext3D::screenDidChange):
        (WebCore::GraphicsContext3D::setContextLostCallback): Deleted.
        (WebCore::GraphicsContext3D::setErrorMessageCallback): Deleted.
        * platform/graphics/cocoa/WebGLLayer.mm:
        (-[WebGLLayer initWithGraphicsContext3D:]):
        (-[WebGLLayer copyImageSnapshotWithColorSpace:]):
        (-[WebGLLayer bindFramebufferToNextAvailableSurface]):
        * platform/graphics/cv/TextureCacheCV.mm:
        (WebCore::TextureCacheCV::create):
        * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
        (WebCore::GraphicsContext3D::readPixelsAndConvertToBGRAIfNecessary):
        (WebCore::GraphicsContext3D::reshapeFBOs):
        (WebCore::GraphicsContext3D::attachDepthAndStencilBufferIfNeeded):
        (WebCore::GraphicsContext3D::readPixels):
        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
        (WebCore::GraphicsContext3D::validateDepthStencil):
        (WebCore::GraphicsContext3D::paintRenderingResultsToCanvas):
        (WebCore::GraphicsContext3D::paintRenderingResultsToImageData):
        (WebCore::GraphicsContext3D::prepareTexture):
        (WebCore::GraphicsContext3D::readRenderingResults):
        (WebCore::GraphicsContext3D::reshape):
        (WebCore::GraphicsContext3D::bindFramebuffer):
        (WebCore::GraphicsContext3D::copyTexImage2D):
        (WebCore::GraphicsContext3D::copyTexSubImage2D):
        (WebCore::GraphicsContext3D::getContextAttributes): Deleted.

2019-12-29  Zalan Bujtas  <zalan@apple.com>

        [LFC][IFC] Implement LineBuilder::revert
        https://bugs.webkit.org/show_bug.cgi?id=205629
        <rdar://problem/58231425>

        Reviewed by Antti Koivisto.

        LineBuilder::revert simply removes trailing runs, shrinks the line and rebuilds the collapsible content.

        * layout/inlineformatting/InlineLineBuilder.cpp:
        (WebCore::Layout::HangingContent::width const):
        (WebCore::Layout::HangingContent::isConditional const):
        (WebCore::Layout::HangingContent::setIsConditional):
        (WebCore::Layout::HangingContent::expand):
        (WebCore::Layout::HangingContent::reset):
        (WebCore::Layout::LineBuilder::initialize):
        (WebCore::Layout::LineBuilder::close):
        (WebCore::Layout::LineBuilder::revert):
        (WebCore::Layout::LineBuilder::alignHorizontally):
        (WebCore::Layout::LineBuilder::collectHangingContent):
        * layout/inlineformatting/InlineLineBuilder.h:
        (WebCore::Layout::LineBuilder::InlineItemRun::operator== const):
        (WebCore::Layout::LineBuilder::InlineItemRun::operator!= const):
        (WebCore::Layout::LineBuilder::HangingContent::width const): Deleted. Remove m_hangingContent so that revert does not need to deal with it.
        (WebCore::Layout::LineBuilder::HangingContent::isConditional const): Deleted.
        (WebCore::Layout::LineBuilder::HangingContent::setIsConditional): Deleted.
        (WebCore::Layout::LineBuilder::HangingContent::expand): Deleted.
        (WebCore::Layout::LineBuilder::HangingContent::reset): Deleted.

2019-12-29  Zalan Bujtas  <zalan@apple.com>

        [LFC][IFC] Add LineBreaker::Result::Revert to indicate an earlier line wrap opportunity
        https://bugs.webkit.org/show_bug.cgi?id=205623
        <rdar://problem/58228339>

        Reviewed by Antti Koivisto.

        See webkit.org/b/205613 for more info.

        * layout/inlineformatting/InlineLineBreaker.cpp:
        (WebCore::Layout::LineBreaker::Result::Result):
        (WebCore::Layout::LineBreaker::tryWrappingInlineContent const):
        * layout/inlineformatting/InlineLineBreaker.h:
        * layout/inlineformatting/LineLayoutContext.cpp:
        (WebCore::Layout::LineLayoutContext::checkForLineWrapAndCommit):

2019-12-29  Antti Koivisto  <antti@apple.com>

        Make RuleSet refcounted
        https://bugs.webkit.org/show_bug.cgi?id=205628
        <rdar://problem/58231798>

        Unreviewed folloup.

        * style/UserAgentStyle.cpp:
        (WebCore::Style::UserAgentStyle::loadFullDefaultStyle):

        Use deref instead of delete.

2019-12-29  Antti Koivisto  <antti@apple.com>

        Make RuleSet refcounted
        https://bugs.webkit.org/show_bug.cgi?id=205628

        Reviewed by Zalan Bujtas.

        For safety, and to support shared ownership.

        Also convert a bunch of places that use raw RuleSet pointers to use Ref/RefPtr instead.

        * style/ElementRuleCollector.cpp:
        (WebCore::Style::ElementRuleCollector::collectMatchingAuthorRules):
        (WebCore::Style::ElementRuleCollector::collectSlottedPseudoElementRulesForSlot):
        (WebCore::Style::ElementRuleCollector::matchUserRules):
        * style/ElementRuleCollector.h:
        * style/RuleSet.cpp:
        (WebCore::Style::RuleSet::evaluteDynamicMediaQueryRules):
        * style/RuleSet.h:
        (WebCore::Style::RuleSet::create):
        (WebCore::Style::RuleSet::RuleSetSelectorPair::RuleSetSelectorPair): Deleted.
        * style/StyleInvalidator.cpp:
        (WebCore::Style::Invalidator::Invalidator):
        (WebCore::Style::Invalidator::collectRuleInformation):
        (WebCore::Style::Invalidator::invalidateIfNeeded):
        (WebCore::Style::Invalidator::addToMatchElementRuleSets):
        * style/StyleInvalidator.h:
        * style/StyleScopeRuleSets.cpp:
        (WebCore::Style::ScopeRuleSets::ScopeRuleSets):
        (WebCore::Style::ScopeRuleSets::updateUserAgentMediaQueryStyleIfNeeded const):
        (WebCore::Style::ScopeRuleSets::initializeUserStyle):
        (WebCore::Style::makeRuleSet):
        (WebCore::Style::ScopeRuleSets::resetAuthorStyle):
        (WebCore::Style::ensureInvalidationRuleSets):
        * style/StyleScopeRuleSets.h:
        (WebCore::Style::ScopeRuleSets::authorStyle const):
        * style/UserAgentStyle.cpp:
        (WebCore::Style::UserAgentStyle::loadFullDefaultStyle):
        (WebCore::Style::UserAgentStyle::loadSimpleDefaultStyle):

2019-12-29  Zalan Bujtas  <zalan@apple.com>

        [LFC][IFC] Move soft wrap opportunity code out of LineBreaker
        https://bugs.webkit.org/show_bug.cgi?id=205621
        <rdar://problem/58227670>

        Reviewed by Antti Koivisto.

        Let's not mix soft and line wrap opportunity logic.

        * layout/inlineformatting/InlineLineBreaker.cpp:
        (WebCore::Layout::ContinousContent::runs const):
        (WebCore::Layout::ContinousContent::isEmpty const):
        (WebCore::Layout::ContinousContent::size const):
        (WebCore::Layout::ContinousContent::width const):
        (WebCore::Layout::ContinousContent::nonCollapsibleWidth const):
        (WebCore::Layout::ContinousContent::hasTrailingCollapsibleContent const):
        (WebCore::Layout::ContinousContent::isTrailingContentFullyCollapsible const):
        (WebCore::Layout::LineBreaker::wrapTextContent const):
        (WebCore::Layout::ContinousContent::ContinousContent):
        (WebCore::Layout::ContinousContent::hasTextContentOnly const):
        (WebCore::Layout::ContinousContent::isVisuallyEmptyWhitespaceContentOnly const):
        (WebCore::Layout::ContinousContent::firstTextRunIndex const):
        (WebCore::Layout::ContinousContent::lastContentRunIndex const):
        (WebCore::Layout::ContinousContent::hasNonContentRunsOnly const):
        (WebCore::Layout::ContinousContent::lastWrapOpportunityIndex const):
        (WebCore::Layout::ContinousContent::TrailingCollapsibleContent::reset):
        (WebCore::Layout::endsWithSoftWrapOpportunity): Deleted.
        (WebCore::Layout::isAtSoftWrapOpportunity): Deleted.
        (WebCore::Layout::LineBreaker::nextWrapOpportunity): Deleted.
        (WebCore::Layout::LineBreaker::ContinousContent::ContinousContent): Deleted.
        (WebCore::Layout::LineBreaker::ContinousContent::hasTextContentOnly const): Deleted.
        (WebCore::Layout::LineBreaker::ContinousContent::isVisuallyEmptyWhitespaceContentOnly const): Deleted.
        (WebCore::Layout::LineBreaker::ContinousContent::firstTextRunIndex const): Deleted.
        (WebCore::Layout::LineBreaker::ContinousContent::lastContentRunIndex const): Deleted.
        (WebCore::Layout::LineBreaker::ContinousContent::hasNonContentRunsOnly const): Deleted.
        (WebCore::Layout::LineBreaker::ContinousContent::lastWrapOpportunityIndex const): Deleted.
        (WebCore::Layout::LineBreaker::ContinousContent::TrailingCollapsibleContent::reset): Deleted.
        * layout/inlineformatting/InlineLineBreaker.h:
        (WebCore::Layout::LineBreaker::ContinousContent::runs const): Deleted.
        (WebCore::Layout::LineBreaker::ContinousContent::isEmpty const): Deleted.
        (WebCore::Layout::LineBreaker::ContinousContent::size const): Deleted.
        (WebCore::Layout::LineBreaker::ContinousContent::width const): Deleted.
        (WebCore::Layout::LineBreaker::ContinousContent::nonCollapsibleWidth const): Deleted.
        (WebCore::Layout::LineBreaker::ContinousContent::hasTrailingCollapsibleContent const): Deleted.
        (WebCore::Layout::LineBreaker::ContinousContent::isTrailingContentFullyCollapsible const): Deleted.
        * layout/inlineformatting/LineLayoutContext.cpp:
        (WebCore::Layout::endsWithSoftWrapOpportunity):
        (WebCore::Layout::isAtSoftWrapOpportunity):
        (WebCore::Layout::nextWrapOpportunity):
        (WebCore::Layout::LineLayoutContext::nextContentForLine):

2019-12-28  Zalan Bujtas  <zalan@apple.com>

        [LFC][IFC] Keep track of last line wrap opportunity
        https://bugs.webkit.org/show_bug.cgi?id=205619
        <rdar://problem/58227112>

        Reviewed by Antti Koivisto.

        This is in preparation for being able to revert back to an earlier position
        of the current line as the line wrapping opportunity.
        (actually the m_lastWrapOpportunity is already taken into use at LineBreaker::wordBreakBehavior)

        * layout/inlineformatting/InlineLineBreaker.cpp:
        (WebCore::Layout::shouldKeepBeginningOfLineWhitespace):
        (WebCore::Layout::LineBreaker::shouldWrapInlineContent):
        (WebCore::Layout::LineBreaker::shouldWrapFloatBox):
        (WebCore::Layout::LineBreaker::tryWrappingInlineContent const):
        (WebCore::Layout::LineBreaker::wrapTextContent const):
        (WebCore::Layout::LineBreaker::wordBreakBehavior const):
        (WebCore::Layout::LineBreaker::tryBreakingTextRun const):
        (WebCore::Layout::LineBreaker::ContinousContent::lastWrapOpportunityIndex const):
        * layout/inlineformatting/InlineLineBreaker.h:

2019-12-25  Dean Jackson  <dino@apple.com>

        [WebGL] Enable ANGLE by default for Cocoa platforms (except simulator)
        https://bugs.webkit.org/show_bug.cgi?id=205483
        rdar://56925821

        Reviewed by Simon Fraser.

        Log an error rather than asserting.

        * html/canvas/WebGL2RenderingContext.cpp:
        (WebCore::WebGL2RenderingContext::getBufferSubData):

2019-12-28  Zalan Bujtas  <zalan@apple.com>

        [LFC][IFC] Keep the LineBreaker object around until after the line is closed.
        https://bugs.webkit.org/show_bug.cgi?id=205613
        <rdar://problem/58222870>

        Reviewed by Antti Koivisto.

        In order to be able to point back to an earlier line wrap opportunity on the line e.g.
        <div style="white-space: pre"><span style="white-space: normal">earlier_wrap opportunities</span> <span>can't_wrap_this content</span></div>
        the LineBreaker class needs more context.
        Currently (taking the example above), if the available space runs out somewhere around the second <span> we would just simply
        overflow the line since the overflowing content has a style saying "do not wrap".
        However the line has multiple earlier wrap opportunities inside the first <span>.
        Since we construct a LineBreaker object for each continuous run 

        1. [container start][earlier_wrap]
        2. [ ]
        3. [opportunities][container end]
        4. [ ]
        5. [container start][can't_wrap_this]
        6. [ ]
        7. [content][container end]

        the LineBreaker does not have enough context to point back to the last line wrap opportunity (after run #3).

        This patch is in preparation for supporting such content. 
        1. Rename couple of functions and structs
        2. Move the LineBreaker construction to LineLayoutContext::layoutLine so that we can keep it around for multiple set of runs.

        * layout/inlineformatting/InlineLineBreaker.cpp:
        (WebCore::Layout::isContentWrappingAllowed):
        (WebCore::Layout::isContentSplitAllowed):
        (WebCore::Layout::LineBreaker::isTextContentWrappingAllowed const):
        (WebCore::Layout::LineBreaker::shouldKeepEndOfLineWhitespace const):
        (WebCore::Layout::LineBreaker::shouldWrapInlineContent):
        (WebCore::Layout::isTextContentWrappingAllowed): Deleted.
        (WebCore::Layout::shouldKeepEndOfLineWhitespace): Deleted.
        (WebCore::Layout::LineBreaker::breakingContextForInlineContent): Deleted.
        * layout/inlineformatting/InlineLineBreaker.h:
        (WebCore::Layout::LineBreaker::setHyphenationDisabled):
        * layout/inlineformatting/LineLayoutContext.cpp:
        (WebCore::Layout::isLineConsideredEmpty):
        (WebCore::Layout::LineLayoutContext::layoutLine):
        (WebCore::Layout::LineLayoutContext::checkForLineWrapAndCommit):
        (WebCore::Layout::LineLayoutContext::commitContent):
        (WebCore::Layout::LineLayoutContext::placeInlineContentOnCurrentLine): Deleted.
        * layout/inlineformatting/LineLayoutContext.h:

2019-12-23  Darin Adler  <darin@apple.com>

        Refactor to simplify broadcasting to all media elements
        https://bugs.webkit.org/show_bug.cgi?id=205567

        Reviewed by Eric Carlson.

        Over time, we have accumulated many different sets of all the media elements.
        With the goal of being a bit abstract and not building too much behavior into
        the Document object, we ended up with unnecessary complexity, and many sets
        of all the HTMLMediaElement objects. This is a first cut at reducing that complexity.
        At the same time, the refactoring makes all the iteration use a safe algorithm that
        builds a vector of Ref<HTMLMediaElement>, safe even if the work done for each
        media element calls out to arbitrary DOM operations.

        Separately, this patch also includes some name changes that still say "atomic"
        instead of "atom" left over from our renaming of AtomicString to AtomString.

        * Headers.cmake: Removed ApplicationStateChangeListener.h.
        * WebCore.xcodeproj/project.pbxproj: Ditto.

        * css/StyleSheetContents.cpp:
        (WebCore::StyleSheetContents::estimatedSizeInBytes const): Reworded comment to
        say "atom".

        * dom/ContainerNode.cpp:
        (WebCore::ContainerNode::getElementsByName): Updated for "atomic" -> "atom".
        (WebCore::ContainerNode::radioNodeList): Ditto.

        * dom/Document.cpp:
        (WebCore::Document::visibilityStateChanged): Moved the code from
        the notifyMediaCaptureOfVisibilityChanged in here. No need for a separate
        function for the two lines of code.
        (WebCore::Document::registerMediaElement): Added. Replaces the multiple registrations
        that each media element would do.
        (WebCore::Document::unregisterMediaElement): Ditto.
        (WebCore::Document::forEachMediaElement): Added. Safely iterates the media elements
        and calls a function on each of them.
        (WebCore::Document::registerForAllowsMediaDocumentInlinePlaybackChangedCallbacks): Deleted.
        (WebCore::Document::unregisterForAllowsMediaDocumentInlinePlaybackChangedCallbacks): Deleted.
        (WebCore::Document::allowsMediaDocumentInlinePlaybackChanged): Deleted.
        (WebCore::Document::mediaVolumeDidChange): Deleted.
        (WebCore::Document::registerForMediaVolumeCallbacks): Deleted.
        (WebCore::Document::unregisterForMediaVolumeCallbacks): Deleted.
        (WebCore::Document::privateBrowsingStateDidChange): Use forEachMediaElement to call
        privateBrowsingStateDidChange on each media element rather than keeping a separate registry.
        (WebCore::Document::registerForPrivateBrowsingStateChangedCallbacks): Deleted.
        (WebCore::Document::unregisterForPrivateBrowsingStateChangedCallbacks): Deleted.
        (WebCore::Document::registerForCaptionPreferencesChangedCallbacks): Updated the type
        to be HTMLMediaElement rather than just Element.
        (WebCore::Document::unregisterForCaptionPreferencesChangedCallbacks): Ditto.
        (WebCore::Document::registerForPageScaleFactorChangedCallbacks): Deleted.
        (WebCore::Document::unregisterForPageScaleFactorChangedCallbacks): Deleted.
        (WebCore::Document::pageScaleFactorChangedAndStable): Deleted.
        (WebCore::Document::registerForUserInterfaceLayoutDirectionChangedCallbacks): Deleted.
        (WebCore::Document::unregisterForUserInterfaceLayoutDirectionChangedCallbacks): Deleted.
        (WebCore::Document::userInterfaceLayoutDirectionChanged): Deleted.
        (WebCore::Document::notifyMediaCaptureOfVisibilityChanged): Deleted.
        (WebCore::Document::registerForMediaStreamStateChangeCallbacks): Deleted.
        (WebCore::Document::unregisterForMediaStreamStateChangeCallbacks): Deleted.
        (WebCore::Document::mediaStreamCaptureStateChanged): Use forEachMediaElement to call
        mediaStreamCaptureStarted on each media element rather than keeping a separate registry.
        (WebCore::Document::addApplicationStateChangeListener): Deleted.
        (WebCore::Document::removeApplicationStateChangeListener): Deleted.
        (WebCore::Document::forEachApplicationStateChangeListener): Deleted.

        * dom/Document.h: Clean up forward declarations a bit. Updated for above changes,
        removing many function and data members.

        * dom/Element.cpp:
        (WebCore::Element::spellcheckAttributeState const): Deleted.
        (WebCore::Element::isSpellCheckingEnabled const): Refactored to merge in the logic
        from the spellcheckAttributeState function. The combined function is both a bit easier
        to understand and smaller than the two functions were.

        * dom/Element.h: Removed some unneeded includes. Removed SpellcheckAttributeState.
        Made fastAttributeLookupAllowed private. Removed mediaVolumeDidChange,
        privateBrowsingStateDidChange, captionPreferencesChanged, and spellcheckAttributeState.

        * dom/FullscreenManager.cpp: Removed unneeded includes.
        (WebCore::FullscreenManager::willEnterFullscreen): Use is<HTMLMediaElement> instead of
        calling isMediaElement directly.

        * dom/NameNodeList.cpp:
        (WebCore::NameNodeList::~NameNodeList): Updated for "atomic" -> "atom".
        * dom/Node.cpp:
        (WebCore::NodeListsNodeData::invalidateCaches): Ditto.
        (WebCore::NodeListsNodeData::invalidateCachesForAttribute): Ditto.

        * dom/NodeRareData.h: Removed unneeded includes. Updated for "atomic" -> "atom".
        Made a few coding style tweaks.

        * dom/TreeScope.cpp:
        (WebCore::TreeScope::getElementById const): Updated for "atomic" -> "atom".

        * html/HTMLMediaElement.cpp:
        (WebCore::documentToElementSetMap): Deleted.
        (WebCore::addElementToDocumentMap): Deleted.
        (WebCore::removeElementFromDocumentMap): Deleted.
        (WebCore::HTMLMediaElement::registerWithDocument): Added call to registerMediaElement,
        removed eight now-obsolete registrations.
        (WebCore::HTMLMediaElement::unregisterWithDocument): Ditto.
        (WebCore::HTMLMediaElement::mediaVolumeDidChange): Added an #if !PLATFORM(IOS_FAMILY)
        to preserve the current behavior, since this was not registered for PLATFORM(IOS_FAMILY)
        before. This should be revisited because it's not clear this platform difference is needed.
        (WebCore::HTMLMediaElement::privateBrowsingStateDidChange): Ditto.
        (WebCore::HTMLMediaElement::setMediaGroup): Change to use Document::forEachMediaElement
        so we don't need to keep our own global set of media elements for each document. Required
        a little bit of code structure change. Added a FIXME because the decision about which
        media element is selected depends on hash table order as it always has; seems inappropriate.
        (WebCore::HTMLMediaElement::setMediaControlsDependOnPageScaleFactor): Removed the code
        to register/unregister.
        (WebCore::HTMLMediaElement::pageScaleFactorChanged): Only do the work if it's needed;
        this replicates the old behavior which was accomplished by registering/unregistering.

        * html/HTMLMediaElement.h: Removed the overrides for various virtual member functions.
        Instead these are now public functions. Also removed ApplicationStateChangeListener.

        * html/LabelableElement.cpp:
        (WebCore::LabelableElement::labels): Updated for "atomic" -> "atom".
        * html/LabelsNodeList.cpp:
        (WebCore::LabelsNodeList::~LabelsNodeList): Ditto.
        * html/RadioNodeList.cpp:
        (WebCore::RadioNodeList::~RadioNodeList): Ditto.
        * html/parser/HTMLDocumentParser.cpp:
        (WebCore::HTMLDocumentParser::constructTreeFromHTMLToken): Ditto.
        * loader/appcache/ApplicationCacheStorage.cpp:
        (WebCore::parseHeader): Ditto.

        * page/ApplicationStateChangeListener.h: Removed.

        * page/Page.cpp:
        (WebCore::Page::renderTreeSize const): Use forEachDocument.
        (WebCore::Page::setNeedsRecalcStyleInAllFrames): Ditto.
        (WebCore::Page::unmarkAllTextMatches): Ditto.
        (WebCore::Page::editableElementsInRect const): Ditto.
        (WebCore::Page::setMediaVolume): Tweaked range check so it will reject
        NaN values. Use forEachMediaElement to call mediaVolumeDidChange,
        eliminating the need for Document::mediaVolumeDidChange.
        (WebCore::Page::setPageScaleFactor): Refactored to eliminate large blocks
        of repeated code. Use forEachMediaElement to call pageScaleFactorChanged,
        eliminating the need for Document::pageScaleFactorChangedAndStable.
        (WebCore::Page::setUserInterfaceLayoutDirection): Use forEachMediaElement
        to call userInterfaceLayoutDirectionChanged, eliminating the need for
        Document::userInterfaceLayoutDirectionChanged.
        (WebCore::Page::updateMediaElementRateChangeRestrictions): Use
        forEachMediaElement to call updateRateChangeRestrictionas. The old code
        would call this on all media elements in the current web process, which
        means the functions would be called many times for the same media element.
        (WebCore::Page::updateRendering): Use forEachDocument consistently for
        all the document iteration. Before it was used for half the function and not
        used for the other half; no obvious reason for the differece.
        (WebCore::Page::suspendScriptedAnimations): Use forEachDocument.
        (WebCore::Page::resumeScriptedAnimations): Ditto.
        (WebCore::updateScriptedAnimationsThrottlingReason): Ditto.
        (WebCore::Page::userStyleSheetLocationChanged): Ditto.
        (WebCore::Page::invalidateStylesForAllLinks): Ditto.
        (WebCore::Page::invalidateStylesForLink): Ditto.
        (WebCore::Page::invalidateInjectedStyleSheetCacheInAllFrames): Ditto.
        (WebCore::Page::setTimerThrottlingState): Ditto.
        (WebCore::Page::dnsPrefetchingStateChanged): Ditto.
        (WebCore::Page::storageBlockingStateChanged): Ditto.
        (WebCore::Page::updateIsPlayingMedia): Ditto.
        (WebCore::Page::setMuted): Ditto.
        (WebCore::Page::stopMediaCapture): Ditto.
        (WebCore::Page::stopAllMediaPlayback): Ditto.
        (WebCore::Page::suspendAllMediaPlayback): Ditto.
        (WebCore::Page::resumeAllMediaPlayback): Ditto.
        (WebCore::Page::suspendAllMediaBuffering): Ditto.
        (WebCore::Page::resumeAllMediaBuffering): Ditto.
        (WebCore::setSVGAnimationsState): Deleted.
        (WebCore::Page::setIsVisibleInternal): Use forEachDocument to call
        suspend/resumeDeviceMotionAndOrientationUpdates, obviating the need for
        Page::suspend/resumeDeviceMotionAndOrientationUpdates. Use
        forEachDocument to call pause/unpauseAnimations, obviating the need for
        WebCore::setSVGAnimationsState. Use forEachDocument to call
        visibilityStateChanged, removing the need to write out a loop that
        gathers the documents into a vector.
        (WebCore::Page::suspendDeviceMotionAndOrientationUpdates): Deleted.
        (WebCore::Page::resumeDeviceMotionAndOrientationUpdates): Deleted.
        (WebCore::Page::captionPreferencesChanged): Use forEachDocument.
        (WebCore::Page::setSessionID): Ditto.
        (WebCore::Page::setPlaybackTarget): Ditto.
        (WebCore::Page::playbackTargetAvailabilityDidChange): Ditto.
        (WebCore::Page::setShouldPlayToPlaybackTarget): Ditto.
        (WebCore::Page::playbackTargetPickerWasDismissed): Ditto.
        (WebCore::Page::setAllowsMediaDocumentInlinePlayback): Use
        forEachMediaElement to call allowsMediaDocumentInlinePlaybackChanged,
        obviating the need for Document::allowsMediaDocumentInlinePlaybackChanged.
        (WebCore::Page::setUnobscuredSafeAreaInsets): Use forEachDocument.
        (WebCore::Page::setUseSystemAppearance): Ditto.
        (WebCore::Page::setFullscreenInsets): Ditto.
        (WebCore::Page::setFullscreenAutoHideDuration): Ditto.
        (WebCore::Page::setFullscreenControlsHidden): Ditto.
        (WebCore::Page::forEachDocument): Merged the collectDocuments function
        in since it's only used here.
        (WebCore::Page::collectDocuments): Deleted.
        (WebCore::Page::forEachMediaElement): Added.
        (WebCore::Page::applicationWillResignActive): Use forEachMediaElement,
        eliminating the need for forEachApplicationStateChangeListener.
        (WebCore::Page::applicationDidBecomeActive): Ditto.
        (WebCore::Page::recomputeTextAutoSizingInAllFrames): Use forEachDocument.

        * page/Page.h: Removed unneeded forward declarations. Removed unused
        FindDirection enum. Tweaked formatting. Use bool instead of uint8_t as
        underlying type for enum class with only two values. Updated for changes above.

        * platform/text/TextEncoding.cpp:
        (WebCore::TextEncoding::TextEncoding): Updated for "atomic" -> "atom".
        (WebCore::TextEncoding::domName const): Ditto.
        (WebCore::TextEncoding::usesVisualOrdering const): Ditto.
        * platform/text/TextEncodingRegistry.cpp:
        (WebCore::addToTextEncodingNameMap): Ditto.
        (WebCore::addToTextCodecMap): Ditto.
        (WebCore::pruneBlacklistedCodecs): Ditto.
        (WebCore::addEncodingName): Ditto.
        (WebCore::atomCanonicalTextEncodingName): Ditto.
        * platform/text/TextEncodingRegistry.h: Ditto.

        * xml/XPathFunctions.cpp:
        (WebCore::XPath::atomicSubstring): Deleted.
        (WebCore::XPath::toStringView): Added. Later could make a StringBuilder member
        function instead.
        (WebCore::XPath::FunId::evaluate const): Use toStringView and StringView::substring
        instead of "atomicSubstring", since getElementById can be called on a StringView
        and there's no need to allocate/deallocate an AtomString just to check if it exists.

2019-12-27  Antti Koivisto  <antti@apple.com>

        [LFC][Integration] Ensure layout boxes have expected display types
        https://bugs.webkit.org/show_bug.cgi?id=205606

        Reviewed by Zalan Bujtas.

        In some cases render tree may have display property values that don't match the renderer type. This is fine since the behavior is driven by the renderer.

        LFC layout is driven by display property so the effective value needs to make sense. This patch fixes assertions seen in

        fast/css/fieldset-display-row.html
        fast/css-grid-layout/grid-strict-ordering-crash-2.html
        imported/w3c/web-platform-tests/css/css-display/display-flow-root-001.html
        imported/w3c/web-platform-tests/html/rendering/non-replaced-elements/the-fieldset-and-legend-elements/fieldset-display.html
        tables/mozilla/bugs/bug275625.html

        * layout/integration/LayoutIntegrationLineLayout.cpp:
        (WebCore::LayoutIntegration::LineLayout::LineLayout):
        * layout/layouttree/LayoutTreeBuilder.cpp:
        (WebCore::Layout::TreeBuilder::buildLayoutTreeForIntegration):

        Always set display to 'block' for the root RenderBlockFlow.
        Renamed for clarity.

        (WebCore::Layout::TreeBuilder::createLayoutBox):

        Always set <br> display to inline.

        (WebCore::Layout::TreeBuilder::buildTableStructure):
        (WebCore::Layout::TreeBuilder::buildSubTree):

        Pass the parent container instead of parent renderer so we can read effective style.

        * layout/layouttree/LayoutTreeBuilder.h:

2019-12-27  Zalan Bujtas  <zalan@apple.com>

        [LFC][IFC] Fix LayoutTests/fast/backgrounds/size/backgroundSize15.html
        https://bugs.webkit.org/show_bug.cgi?id=205602
        <rdar://problem/58212499>

        Reviewed by Antti Koivisto.

        softWrapOpportunityIndex could point after the last inline item in the list (when there's no more wrap opportunity)
        e.g text<br> : the softWrapOpportunityIndex is 2.

        * layout/inlineformatting/LineLayoutContext.cpp:
        (WebCore::Layout::LineLayoutContext::nextContentForLine):

2019-12-27  James Darpinian  <jdarpinian@chromium.org>

        ANGLE: Fix WebGL conformance tests for EXT_texture_filter_anisotropic
        https://bugs.webkit.org/show_bug.cgi?id=205520

        Fixes get-extension.html and ext-texture-filter-anisotropic.html.

        Reviewed by Dean Jackson.

        * html/canvas/WebGL2RenderingContext.cpp:
        (WebCore::WebGL2RenderingContext::getExtension):
        (WebCore::WebGL2RenderingContext::getSupportedExtensions):
        (WebCore::WebGL2RenderingContext::getParameter):
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::getExtension):
        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::getTexParameter):

2019-12-27  James Darpinian  <jdarpinian@chromium.org>

        ANGLE: Fix WebGL conformance test framebuffer-object-attachment.html
        https://bugs.webkit.org/show_bug.cgi?id=205514

        Rely on ANGLE to implement DEPTH_STENCIL_ATTACHMENT instead of emulating it.

        Reviewed by Dean Jackson.

        * html/canvas/WebGLFramebuffer.cpp:
        (WebCore::WebGLFramebuffer::removeAttachmentFromBoundFramebuffer):
        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::setupFlags):
        (WebCore::WebGLRenderingContextBase::framebufferRenderbuffer):
        (WebCore::WebGLRenderingContextBase::readPixels):

2019-12-26  Antti Koivisto  <antti@apple.com>

        Remove display:compact
        https://bugs.webkit.org/show_bug.cgi?id=205597

        Reviewed by Anders Carlsson.

        It is rendered as 'block' but the value is still parsed. Remove it completely, matching other engines.

        Test: fast/css/display-compact-ignored.html

        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
        * css/CSSValueKeywords.in:
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::createFor):
        * rendering/RenderTheme.cpp:
        (WebCore::RenderTheme::adjustStyle):
        * rendering/style/RenderStyleConstants.cpp:
        (WebCore::operator<<):
        * rendering/style/RenderStyleConstants.h:
        * style/StyleAdjuster.cpp:
        (WebCore::Style::equivalentBlockDisplay):

2019-12-26  Wenson Hsieh  <wenson_hsieh@apple.com>

        Minor code cleanup around WebCore::Path
        https://bugs.webkit.org/show_bug.cgi?id=205574

        Reviewed by Anders Carlsson.

        Carry out some minor refactoring in WebCore::Path:
        - Change PathElementType into an 8-bit-wide enum class, and move it under PathElement's namespace as simply Type.
        - Change PathElement's `FloatPoint*` that points to an array of 3 FloatPoints into a `FloatPoint[3]`.
        - Change Path::strokeContains() to take a `StrokeStyleApplier&` instead of a `StrokeStyleApplier*`, since it
          assumes that the given `StrokeStyleApplier` is nonnull anyways.
        - Change Path::RoundedRectStrategy into an 8-bit enum class.
        - Other miscellaneous style fixes.

        No change in behavior.

        * accessibility/mac/WebAccessibilityObjectWrapperBase.mm:
        (convertPathToScreenSpaceFunction):
        * html/canvas/CanvasRenderingContext2DBase.cpp:
        (WebCore::CanvasRenderingContext2DBase::isPointInStrokeInternal):
        * inspector/InspectorOverlay.cpp:
        (WebCore::drawShapeHighlight):
        * platform/graphics/FontCascade.cpp:
        (WebCore::findPathIntersections):
        * platform/graphics/Path.cpp:
        (WebCore::Path::addRoundedRect):
        (WebCore::operator<<):
        * platform/graphics/Path.h:
        (WebCore::Path::encode const):
        (WebCore::Path::decode):
        * platform/graphics/PathTraversalState.cpp:
        (WebCore::PathTraversalState::appendPathElement):
        (WebCore::PathTraversalState::processPathElement):
        * platform/graphics/PathTraversalState.h:
        * platform/graphics/cairo/PathCairo.cpp:
        (WebCore::Path::strokeContains const):
        (WebCore::Path::apply const):
        * platform/graphics/cg/PathCG.cpp:
        (WebCore::Path::strokeContains const):
        (WebCore::CGPathApplierToPathApplier):
        * platform/graphics/win/PathDirect2D.cpp:
        (WebCore::Path::strokeContains const):
        * rendering/shapes/BoxShape.cpp:
        (WebCore::BoxShape::buildDisplayPaths const):
        * rendering/shapes/RectangleShape.cpp:
        (WebCore::RectangleShape::buildDisplayPaths const):
        * rendering/svg/RenderSVGShape.cpp:
        (WebCore::RenderSVGShape::shapeDependentStrokeContains):
        * rendering/svg/SVGMarkerData.h:
        (WebCore::SVGMarkerData::updateMarkerDataForPathElement):
        * rendering/svg/SVGPathData.cpp:
        (WebCore::pathFromRectElement):
        * rendering/svg/SVGSubpathData.h:
        (WebCore::SVGSubpathData::updateFromPathElement):
        * svg/SVGPathTraversalStateBuilder.cpp:
        (WebCore::SVGPathTraversalStateBuilder::moveTo):
        (WebCore::SVGPathTraversalStateBuilder::lineTo):
        (WebCore::SVGPathTraversalStateBuilder::curveToCubic):
        (WebCore::SVGPathTraversalStateBuilder::closePath):
        * svg/SVGPathUtilities.cpp:
        (WebCore::buildStringFromPath):
        * testing/Internals.cpp:
        (WebCore::Internals::pathStringWithShrinkWrappedRects):

2019-12-26  Zalan Bujtas  <zalan@apple.com>

        [LFC][IFC] When align the inline content we need to align the line as well
        https://bugs.webkit.org/show_bug.cgi?id=205596
        <rdar://problem/58197300>

        Reviewed by Antti Koivisto.

        Horizontal alignment means that we not only adjust the runs but also make sure the line box is aligned as well.

        <div style="text-align: center; width: 100px;">centered text</div>
        The line box will also be centered as opposed to start at 0px all the way to [centered text] run's right edge.

        * layout/inlineformatting/InlineLineBuilder.cpp:
        (WebCore::Layout::LineBuilder::close):
        (WebCore::Layout::LineBuilder::alignHorizontally):
        (WebCore::Layout::LineBuilder::alignContentHorizontally const): Deleted.
        * layout/inlineformatting/InlineLineBuilder.h:

2019-12-25  Zalan Bujtas  <zalan@apple.com>

        Run with offset from the content box's logical left paint its tab stop at wrong position.
        https://bugs.webkit.org/show_bug.cgi?id=205595
        <rdar://problem/58194698>

        Reviewed by Antti Koivisto.

        Test: fast/text/tab-stops-with-offset-from-parent.html

        Use the run's left offset from the line as the xPos for the TextRun. Most cases the line has only one run
        with 0 offset. This patch fixes the case when the additional runs (with offset != 0) paint their tab positions at the wrong place.

        * layout/integration/LayoutIntegrationLineLayout.cpp:
        (WebCore::LayoutIntegration::LineLayout::paint):
        * rendering/SimpleLineLayoutFunctions.cpp:
        (WebCore::SimpleLineLayout::paintFlow):

2019-12-25  Zalan Bujtas  <zalan@apple.com>

        [LFC][Painting] Fix LayoutTests/imported/w3c/web-platform-tests/css/css-text/white-space/tab-stop-threshold-001.html
        https://bugs.webkit.org/show_bug.cgi?id=205594
        <rdar://problem/58194138>

        Reviewed by Antti Koivisto.

        Construct the TextRun with relative coordinates to get tab stops right.

        * layout/displaytree/DisplayPainter.cpp:
        (WebCore::Display::paintInlineContent):

2019-12-25  Zalan Bujtas  <zalan@apple.com>

        [LFC][IFC] Forward scan for soft wrap opportunities
        https://bugs.webkit.org/show_bug.cgi?id=205584
        <rdar://problem/58188386>

        Reviewed by Antti Koivisto.

        This patch implements forward scanning to find wrap opportunities in inline content.
        e.g <span></span>example<span><span></span> content</span>
        When we reach "ex-" content, in order to figure out if it is at a wrap opportunity, we scan the content
        forward until after we reach another inline content, in this case " " right before the "content" and
        check if we can break the content between these 2 inline items.

        isAtSoftWrapOpportunity: takes 2 (adjacent by skipping non-content inline items) and return true if there's
        a soft wrap opportunity in between them.
        LineBreaker::nextWrapOpportunity: returns the next wrap opportunity (either a soft wrap opportunity or a line break or the end of the content)

        * layout/inlineformatting/InlineLineBreaker.cpp:
        (WebCore::Layout::endsWithSoftWrapOpportunity):
        (WebCore::Layout::isAtSoftWrapOpportunity):
        (WebCore::Layout::LineBreaker::nextWrapOpportunity):
        (WebCore::Layout::LineBreaker::ContinousContent::ContinousContent):
        (WebCore::Layout::LineBreaker::lastSoftWrapOpportunity): Deleted.
        * layout/inlineformatting/InlineLineBreaker.h:
        * layout/inlineformatting/LineLayoutContext.cpp:
        (WebCore::Layout::LineCandidateContent::isLineBreak const):
        (WebCore::Layout::LineCandidateContent::append):
        (WebCore::Layout::LineCandidateContent::setIsLineBreak):
        (WebCore::Layout::LineLayoutContext::layoutLine):
        (WebCore::Layout::LineLayoutContext::nextContentForLine):
        (WebCore::Layout::ContinousContent::hasIntrusiveFloats const): Deleted.
        (WebCore::Layout::ContinousContent::runs const): Deleted.
        (WebCore::Layout::ContinousContent::floats const): Deleted.
        (WebCore::Layout::ContinousContent::endsWithLineBreak const): Deleted.
        (WebCore::Layout::ContinousContent::setEndsWithLineBreak): Deleted.
        (WebCore::Layout::ContinousContent::append): Deleted.
        (WebCore::Layout::LineLayoutContext::nextContinousContentForLine): Deleted.
        * layout/inlineformatting/LineLayoutContext.h:

2019-12-25  Zalan Bujtas  <zalan@apple.com>

        [LFC][IFC] LineBreaker should tell whether the line should receive no more content
        https://bugs.webkit.org/show_bug.cgi?id=205587
        <rdar://problem/58188635>

        Reviewed by Antti Koivisto.

        LineBreaker returns IsEndOfLine::No when the current line should still be able to receive additional content.
        This way we can start closing the line sooner (as opposed to start probing the subsequent content).
        (Note that just because the current content overflows the line, it does not necessarily mean that the subsequent content
        wraps to the next line.)   

        * layout/inlineformatting/InlineLineBreaker.cpp:
        (WebCore::Layout::LineBreaker::breakingContextForInlineContent):
        (WebCore::Layout::LineBreaker::ContinousContent::lastContentRunIndex const):
        * layout/inlineformatting/InlineLineBreaker.h:
        * layout/inlineformatting/LineLayoutContext.cpp:
        (WebCore::Layout::LineLayoutContext::layoutLine):
        (WebCore::Layout::LineLayoutContext::addFloatItems):
        (WebCore::Layout::LineLayoutContext::placeInlineContentOnCurrentLine):
        * layout/inlineformatting/LineLayoutContext.h:

2019-12-25  Zalan Bujtas  <zalan@apple.com>

        [LFC][IFC] Add support for zero-width-space character (U+200B)
        https://bugs.webkit.org/show_bug.cgi?id=205586
        <rdar://problem/58188505>

        Reviewed by Antti Koivisto.

        If a line has only U+200B characters, it is still considered empty from line breaking point of view. 
        (Note that U+200B is not considered a whitespace character so a run with U+200B does not collapse.)

        * layout/inlineformatting/InlineLineBuilder.cpp:
        (WebCore::Layout::LineBuilder::appendTextContent): empty runs don't collapse.
        (WebCore::Layout::LineBuilder::isVisuallyNonEmpty const):
        (WebCore::Layout::LineBuilder::InlineItemRun::hasEmptyTextContent const):
        * layout/inlineformatting/InlineLineBuilder.h:
        * layout/inlineformatting/InlineTextItem.cpp:
        (WebCore::Layout::InlineTextItem::isEmptyContent const):
        * layout/inlineformatting/InlineTextItem.h:

2019-12-25  Zalan Bujtas  <zalan@apple.com>

        [LFC][IFC] Fix LayoutTests/imported/w3c/web-platform-tests/css/css-text/letter-spacing/letter-spacing-control-chars-001.html
        https://bugs.webkit.org/show_bug.cgi?id=205585
        <rdar://problem/58188420>

        Reviewed by Antti Koivisto.

        TextUtil::fixedPitchWidth works on simple content only (letter-spacing forces slow font measuring path).

        * layout/inlineformatting/text/TextUtil.cpp:
        (WebCore::Layout::TextUtil::width):

2019-12-24  Antoine Quint  <graouts@apple.com>

        [Web Animations] REGRESSION: Changing the animation-duration of a CSS Animation may not resume it
        https://bugs.webkit.org/show_bug.cgi?id=205580
        <rdar://problem/58127956>

        Reviewed by Dean Jackson.

        Test: webanimations/css-animation-dynamic-duration-change.html

        Setting the animation-duration of an animation will transition the animation back into its idle state
        and the "update animations and send events" procedure would remove that animation from the timeline.
        It would also remove it from the map that would associate an animation with a given CSS Animation name
        so that we would know whether an animation exists for a given animation name when one of the animation's
        properties changed. Since that animation was (mistakenly) removed, we would fail to update its timing
        and it would never be resumed. We now only update the CSS Animation name to animation map when styles
        change.

        * animation/AnimationTimeline.cpp:
        (WebCore::AnimationTimeline::animationWasRemovedFromElement):

2019-12-24  Youenn Fablet  <youenn@apple.com>

        Deny Notification API access for non secure contexts
        https://bugs.webkit.org/show_bug.cgi?id=205496
        <rdar://problem/58074660>

        Reviewed by Chris Dumez.

        If document is not SecureContext, deny permission automatically.
        This behavior is matching a planned update to the spec, as discussed in
        https://github.com/whatwg/notifications/issues/93.
        Chrome landed this restriction in M62. Mozilla is also on board with this restriction.

        Test: http/tests/notifications/notification-in-non-secure-context.html

        * Modules/notifications/Notification.cpp:
        (WebCore::Notification::requestPermission):

2019-12-24  youenn fablet  <youenn@apple.com>

        Service Worker doesn't terminate after a period of time when thread blocking
        https://bugs.webkit.org/show_bug.cgi?id=202992
        <rdar://problem/56298596>

        Reviewed by Chris Dumez.

        Whenever running a service worker task, running script or posting events (install, activate, message and fetch),
        start a timer to check that the service worker is not spinning.
        This is done by posting a task to service worker thread and hopping back to the main thread.
        If this post/hop is done before the heartbeat timer is fired, the service worker is considered live.
        Otherwise, the check is failed and the task is considered as failing.
        The service worker will be terminated.
        Timeout is 60 seconds by default and 1 second for test purposes.

        Add settings to have short heartbeat timeout for testing purposes.
        Add internals API to check whether a service worker is running.

        Tests: http/wpt/service-workers/service-worker-spinning-activate.https.html
               http/wpt/service-workers/service-worker-spinning-fetch.https.html
               http/wpt/service-workers/service-worker-spinning-install.https.html
               http/wpt/service-workers/service-worker-spinning-message.https.html

        * page/Settings.yaml:
        * testing/Internals.cpp:
        (WebCore::Internals::isServiceWorkerRunning):
        * testing/Internals.h:
        * testing/Internals.idl:
        * workers/service/SWClientConnection.h:
        (WebCore::SWClientConnection::isServiceWorkerRunning):
        * workers/service/context/SWContextManager.h:
        (WebCore::SWContextManager::Connection::isTestMode const):
        (WebCore::SWContextManager::Connection::setIsTestMode):
        * workers/service/context/ServiceWorkerThread.cpp:
        (WebCore::ServiceWorkerThread::ServiceWorkerThread):
        (WebCore::ServiceWorkerThread::postFetchTask):
        (WebCore::ServiceWorkerThread::postMessageToServiceWorker):
        (WebCore::ServiceWorkerThread::fireInstallEvent):
        (WebCore::ServiceWorkerThread::finishedFiringInstallEvent):
        (WebCore::ServiceWorkerThread::fireActivateEvent):
        (WebCore::ServiceWorkerThread::finishedFiringActivateEvent):
        (WebCore::ServiceWorkerThread::finishedEvaluatingScript):
        (WebCore::ServiceWorkerThread::start):
        (WebCore::ServiceWorkerThread::finishedStarting):
        (WebCore::ServiceWorkerThread::startFetchEventMonitoring):
        (WebCore::ServiceWorkerThread::startHeartBeatTimer):
        (WebCore::ServiceWorkerThread::heartBeatTimerFired):
        * workers/service/context/ServiceWorkerThread.h:
        (WebCore::ServiceWorkerThread::stopFetchEventMonitoring):
        * workers/service/context/ServiceWorkerThreadProxy.cpp:
        (WebCore::ServiceWorkerThreadProxy::startFetch):
        (WebCore::ServiceWorkerThreadProxy::cancelFetch):
        (WebCore::ServiceWorkerThreadProxy::removeFetch):
        * workers/service/server/SWServerToContextConnection.cpp:
        (WebCore::SWServerToContextConnection::didFailHeartBeatCheck):
        * workers/service/server/SWServerToContextConnection.h:
        * workers/service/server/SWServerWorker.cpp:
        (WebCore::SWServerWorker::didFailHeartBeatCheck):
        * workers/service/server/SWServerWorker.h:

2019-12-23  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r253634): Reproducible crash going back and forward on goodreads.com in Page::setPageScaleFactor
        https://bugs.webkit.org/show_bug.cgi?id=205569

        Reviewed by Wenson Hsieh.

        When going quickly back and forward, WebPage::didCommitLoad/WebPage::viewportConfigurationChanged/WebPage::scalePage
        can be called for a page in the page cache, so the FrameView can be null.

        Null-check the view here like the surrounding code does.

        * page/Page.cpp:
        (WebCore::Page::setPageScaleFactor):

2019-12-23  Andres Gonzalez  <andresg_22@apple.com>

        IsolatedObject implementation of property setters.
        https://bugs.webkit.org/show_bug.cgi?id=205566

        Reviewed by Chris Fleizach.

        - Implementation of setters that need to be executed in the main
        thread.
        - Sanity check of the associatedAXObject() before calling corresponding
        method on main thread.

        * accessibility/isolatedtree/AXIsolatedTreeNode.cpp:
        (WebCore::AXIsolatedObject::initializeAttributeData):
        (WebCore::AXIsolatedObject::performFunctionOnMainThread):
        (WebCore::AXIsolatedObject::setARIAGrabbed):
        (WebCore::AXIsolatedObject::setIsExpanded):
        (WebCore::AXIsolatedObject::setValue):
        (WebCore::AXIsolatedObject::setSelected):
        (WebCore::AXIsolatedObject::setSelectedRows):
        (WebCore::AXIsolatedObject::setFocused):
        (WebCore::AXIsolatedObject::setSelectedText):
        (WebCore::AXIsolatedObject::setSelectedTextRange):
        (WebCore::AXIsolatedObject::setCaretBrowsingEnabled):
        (WebCore::AXIsolatedObject::setPreventKeyboardDOMEventDispatch):
        (WebCore::AXIsolatedObject::findTextRanges const):
        (WebCore::AXIsolatedObject::performTextOperation):
        (WebCore::AXIsolatedObject::widget const):
        (WebCore::AXIsolatedObject::document const):
        (WebCore::AXIsolatedObject::documentFrameView const):
        * accessibility/isolatedtree/AXIsolatedTreeNode.h:

2019-12-23  Daniel Bates  <dabates@apple.com>

        REGRESSION (r212693): getClientRects(), getBoundingClientRect() for range that spans multi-lines differs depending on whether text is selected
        https://bugs.webkit.org/show_bug.cgi?id=205527
        <rdar://problem/58128278>

        Reviewed by Zalan Bujtas.

        Include empty rect when range start position coincides with the end of a simple line layout run.
        This makes it match the behavior of line box layout, Firefox's behavior, as well as my understanding
        of Extensions to the Range Interface: <https://drafts.csswg.org/cssom-view/#extensions-to-the-range-interface>
        (Editor's Draft, 10 October 2019).

        At the time of writing, there are two code paths for laying out lines: simple line layout and
        line box layout. Simple line layout is not enabled when there is a selection at the time of
        writing. As a result, we use line box layout to answer getClientRects(), getBoundingClientRect()
        queries.

        Test: fast/dom/Range/mac/getClientRects-and-getBoundingClientRect-before-and-after-selection.html

        * rendering/SimpleLineLayoutResolver.cpp:
        (WebCore::SimpleLineLayout::RunResolver::rangeForRendererWithOffsets const): Do not skip over a run
        if its end position coincides with the range's start offset. This ensures that we emit an empty rect
        for this part of the box selection, which matches what we do using the analagous line box layout
        code path.

2019-12-23  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK][WPE] Special combination characters doesn't respect the keystroke order when high CPU load
        https://bugs.webkit.org/show_bug.cgi?id=185248

        Reviewed by Žan Doberšek.

        Notify the editor when a key event handled by input method has been dispatched. This way we can handle the
        composition results right after the event is dispatched.

        * editing/Editor.cpp:
        (WebCore::Editor::didDispatchInputMethodKeydown): Notify the client.
        * editing/Editor.h:
        * page/EditorClient.h:
        (WebCore::EditorClient::didDispatchInputMethodKeydown): Added.
        * page/EventHandler.cpp:
        (WebCore::EventHandler::internalKeyEvent): Call Editor::didDispatchInputMethodKeydown() for events handled by
        input method right after the event is dispatched.
        * platform/PlatformKeyboardEvent.h:
        (WebCore::PlatformKeyboardEvent::preeditUnderlines const):
        (WebCore::PlatformKeyboardEvent::preeditSelectionRangeStart const):
        (WebCore::PlatformKeyboardEvent::preeditSelectionRangeLength const):
        * platform/gtk/PlatformKeyboardEventGtk.cpp:
        (WebCore::PlatformKeyboardEvent::disambiguateKeyDownEvent): Return early if the event was handled by input
        method and remove the special case for Char events handled by input method because this is never called with
        Char type for events handled by input method.
        * platform/libwpe/PlatformKeyboardEventLibWPE.cpp:
        (WebCore::PlatformKeyboardEvent::disambiguateKeyDownEvent): Return early if the event was handled by input
        method.

2019-12-22  Simon Fraser  <simon.fraser@apple.com>

        Very basic <dialog> show/close support
        https://bugs.webkit.org/show_bug.cgi?id=205543

        Reviewed by Antti Koivisto.
        
        Fix HTMLDialogElement.idl for attribute reflection, and showModal() possibly throwing.
        
        Have show/showModal() and close() toggle the "open" attribute. Implement parseAttribute()
        to initialize m_isOpen from the attribute value.
        
        Add dialog.css, which is appended to the UA stylesheets if the feature is enabled. Have
        it set the display value.

        Tested by web-platform-tests.

        * CMakeLists.txt:
        * DerivedSources-input.xcfilelist:
        * DerivedSources.make:
        * WebCore.xcodeproj/project.pbxproj:
        * css/dialog.css: Added.
        (dialog):
        (dialog[open]):
        * html/HTMLDialogElement.cpp:
        (WebCore::HTMLDialogElement::isOpen const):
        (WebCore::HTMLDialogElement::show):
        (WebCore::HTMLDialogElement::showModal):
        (WebCore::HTMLDialogElement::close):
        (WebCore::HTMLDialogElement::parseAttribute):
        (WebCore::HTMLDialogElement::toggleOpen):
        (WebCore::HTMLDialogElement::open): Deleted.
        (WebCore::HTMLDialogElement::setOpen): Deleted.
        * html/HTMLDialogElement.h:
        * html/HTMLDialogElement.idl:
        * style/InspectorCSSOMWrappers.cpp:
        (WebCore::Style::InspectorCSSOMWrappers::collectDocumentWrappers):
        * style/UserAgentStyle.cpp:
        (WebCore::Style::UserAgentStyle::ensureDefaultStyleSheetsForElement):
        * style/UserAgentStyle.h:

2019-12-22  Wenson Hsieh  <wenson_hsieh@apple.com>

        [macCatalyst] Mouse clicks dispatch duplicate pointerup and pointerdown events
        https://bugs.webkit.org/show_bug.cgi?id=205551
        <rdar://problem/58058268>

        Reviewed by Tim Horton.

        This began occuring after r251320, wherein some mouse event handling codepaths were enabled in macCatalyst.
        For compatibility, gesture recognizers still fire in the macCatalyst platform. This includes the synthetic click
        gesture, which will still synthesize and send mouseup and mousedown events to the page. After the change, this
        results in pointer events being dispatched under the call to `shouldIgnoreMouseEvent()`. However, at the same
        time, touch event handling codepaths have already dispatched "pointerup" and "pointerdown", so we end up with
        redundant events.

        To fix this macCatalyst-specific bug, simply avoid dispatching pointer events in the case where the synthetic
        click type is some kind of tap gesture; in this case, pointer events have already been dispatched, so we don't
        need to dispatch them again via mouse event handling code.

        Test: pointerevents/ios/pointer-events-with-click-handler.html

        * dom/Element.cpp:
        (WebCore::dispatchPointerEventIfNeeded):

        Also rename shouldIgnoreMouseEvent to dispatchPointerEventIfNeeded to better reflect that this function's
        primary purposee is to dispatch pointer events in response to platform mouse events; then, change the return
        value to an explicit enum class indicating whether the mouse event should be subsequently ignored (as a result
        of the page preventing the dispatched pointer event).

        (WebCore::Element::dispatchMouseEvent):
        (WebCore::shouldIgnoreMouseEvent): Deleted.

2019-12-22  Antti Koivisto  <antti@apple.com>

        Invalidate only affected elements after media query evaluation changes
        https://bugs.webkit.org/show_bug.cgi?id=205392

        Reviewed by Zalan Bujtas.

        We currently invalidate style of the whole tree when a media query evaluation changes.
        We can do better by constructing an invalidation RuleSet and invalidating only those
        elements that are potentially affected.

        * style/RuleSet.cpp:
        (WebCore::Style::RuleSet::addRule):
        (WebCore::Style::RuleSet::evaluteDynamicMediaQueryRules):

        Construct and cache an invalidation RuleSet and associate with a set of media query changes.

        (WebCore::Style::RuleSet::MediaQueryCollector::pushAndEvaluate):
        (WebCore::Style::RuleSet::MediaQueryCollector::pop):
        (WebCore::Style::RuleSet::MediaQueryCollector::addRuleIfNeeded):

        Collect RuleFeatures which we later use to build invalidation RuleSet.

        (WebCore::Style::RuleSet::MediaQueryCollector::addRulePositionIfNeeded): Deleted.
        * style/RuleSet.h:
        (WebCore::Style::DynamicMediaQueryEvaluationChanges::append):
        * style/StyleResolver.cpp:
        (WebCore::Style::Resolver::evaluateDynamicMediaQueries):
        * style/StyleResolver.h:
        * style/StyleScope.cpp:
        (WebCore::Style::Scope::evaluateMediaQueries):

        Use the invalidation RuleSet for accurate style invalidation.

        * style/StyleScopeRuleSets.cpp:
        (WebCore::Style::ScopeRuleSets::evaluteDynamicMediaQueryRules):

        Collect invalidation RuleSets for author/user/user agent style.

        * style/StyleScopeRuleSets.h:

2019-12-22  Zalan Bujtas  <zalan@apple.com>

        [LFC][Integration] Do not remove trailing whitespace when it is followed by a line break
        https://bugs.webkit.org/show_bug.cgi?id=205549
        <rdar://problem/58139893>

        Reviewed by Antti Koivisto.

        Complex line layout quirk: keep the trailing whitespace aroun
        when it is followed by a line break, unless the content overflows the line.

        * layout/inlineformatting/InlineLineBuilder.cpp:
        (WebCore::Layout::LineBuilder::removeTrailingCollapsibleContent):

2019-12-22  Zalan Bujtas  <zalan@apple.com>

        [LFC][Integration] Do not collapse trailing letter spacing
        https://bugs.webkit.org/show_bug.cgi?id=205548
        <rdar://problem/58139872>

        Reviewed by Antti Koivisto.

        Turn off trailing letter-spacing trimming for now.

        * layout/inlineformatting/InlineLineBuilder.cpp:
        (WebCore::Layout::LineBuilder::InlineItemRun::hasTrailingLetterSpacing const):

2019-12-21  Brian Burg  <bburg@apple.com>

        Web Inspector: add InspectedTargetTypes diagnostic event and related hooks
        https://bugs.webkit.org/show_bug.cgi?id=205174
        <rdar://problem/57887953>

        Reviewed by Devin Rousso.

        Expose debuggable information via InspectorFrontendHost.

        * WebCore.xcodeproj/project.pbxproj: Add new files.

        * inspector/InspectorFrontendClient.h: Add new methods.
        * testing/Internals.cpp: Implement new methods.

        * inspector/InspectorFrontendHost.idl:
        * inspector/InspectorFrontendHost.h:
        * inspector/InspectorFrontendHost.cpp:
        (WebCore::debuggableTypeToString):
        (WebCore::InspectorFrontendHost::debuggableInfo const):
        (WebCore::InspectorFrontendHost::debuggableType): Deleted.
        Expose a `DebuggableInfo` dictionary via the .debuggableInfo getter.


2019-12-21  Antti Koivisto  <antti@apple.com>

        Move Vector HashTraits to HashTraits.h to fix GCC build
        https://bugs.webkit.org/show_bug.cgi?id=205540

        Reviewed by Zalan Bujtas.

        * contentextensions/DFAMinimizer.cpp:

        ActionKey HashTrait claims that emptyValueIsZero. Now with Vector HashTrait having emptyValueIsZero too
        HashMap<ActionKey, Vector<>> started taking the optimized path.

        However ActionKey empty value wasn't actually zero because Empty enum value wasn't 0.

2019-12-21  Kate Cheney  <katherine_cheney@apple.com>

        Add timeStamp to ITP database
        https://bugs.webkit.org/show_bug.cgi?id=205121
        <rdar://problem/57633021>

        Reviewed by John Wilander.

        * loader/ResourceLoadStatistics.h:

2019-12-20  Eric Carlson  <eric.carlson@apple.com>

        [Media in GPU process] Get audio playing
        https://bugs.webkit.org/show_bug.cgi?id=205511
        <rdar://problem/58120354>

        Reviewed by Jer Noble.

        Tested manually with a modified sandbox because it isn't possible to load media
        in the GPU process yet.

        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::bufferedTimeRangesChanged):
        (WebCore::MediaPlayer::seekableTimeRangesChanged):
        * platform/graphics/MediaPlayer.h:
        * platform/graphics/PlatformTimeRanges.cpp:
        (WebCore::PlatformTimeRanges::PlatformTimeRanges):
        (WebCore::PlatformTimeRanges::clear):
        * platform/graphics/PlatformTimeRanges.h:

2019-12-20  Ryosuke Niwa  <rniwa@webkit.org>

        TextManipulationController should respect new token orders
        https://bugs.webkit.org/show_bug.cgi?id=205378

        Reviewed by Wenson Hsieh.

        Updated TextManipulationController::replace to remove all existing content and insert new tokens in the order they appear.

        To do this, we first find the common ancestor of all nodes in the paragraph and then remove all nodes in between.

        Then we'd insert the node identified by the token identifier and all its ancestors at where they appear. In the case
        the same token is used for the second time, we clone its node. For each leaf node, we find the closest ancestor which
        had already been inserted by the previous token, and append the leaf node along with its ancestors to it.

        I'm expecting to make a lot of refinements & followups to this algorithm in the future but this seems to get basics done.

        Tests: TextManipulation.CompleteTextManipulationReplaceSimpleSingleParagraph
               TextManipulation.CompleteTextManipulationDisgardsTokens
               TextManipulation.CompleteTextManipulationReordersContent
               TextManipulation.CompleteTextManipulationCanSplitContent
               TextManipulation.CompleteTextManipulationCanMergeContent
               TextManipulation.CompleteTextManipulationFailWhenContentIsRemoved
               TextManipulation.CompleteTextManipulationFailWhenExcludedContentAppearsMoreThanOnce
               TextManipulation.CompleteTextManipulationPreservesExcludedContent

        * editing/TextManipulationController.cpp:
        (WebCore::TextManipulationController::didCreateRendererForElement):
        (WebCore::TextManipulationController::completeManipulation):
        (WebCore::TextManipulationController::replace):

2019-12-20  Sihui Liu  <sihui_liu@apple.com>

        REGRESSION (r253807): crash in storage/indexeddb/modern/opendatabase-request-private.html
        https://bugs.webkit.org/show_bug.cgi?id=205515

        Reviewed by Alex Christensen.

        When m_openRequests of IDBTransaction is empty, we expect all requests associated with the transactions should 
        be completed, but in IDBOpenDBRequest, we removed the request from m_openRequests before 
        m_currentlyCompletingRequest finished. This is because the order of calling ActiveDOMObject::stop() is random.

        * Modules/indexeddb/IDBOpenDBRequest.cpp:
        (WebCore::IDBOpenDBRequest::cancelForStop):
        * Modules/indexeddb/IDBTransaction.cpp:
        (WebCore::IDBTransaction::abortOnServerAndCancelRequests):
        (WebCore::IDBTransaction::connectionClosedFromServer):

2019-12-20  Megan Gardner  <megan_gardner@apple.com>

        Paint highlights specified in CSS Highlight API
        https://bugs.webkit.org/show_bug.cgi?id=205318

        Reviewed by Ryosuke Niwa.

        Render highlights when present, similar to the way we render selection.

        Tests: imported/w3c/web-platform-tests/css/css-highlight-api/highlight-text-across-elements.html
               imported/w3c/web-platform-tests/css/css-highlight-api/highlight-text.html

        * Modules/highlight/HighlightMap.h:
        (WebCore::HighlightMap::map const):

        Add a getter for the internal HashMap.

        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::selectionState):
        (WebCore::InlineTextBox::verifySelectionState const):
        (WebCore::InlineTextBox::paint):
        (WebCore::InlineTextBox::clampedStartEndForState const):
        (WebCore::InlineTextBox::selectionStartEnd const):
        (WebCore::InlineTextBox::highlightStartEnd const):
        (WebCore::InlineTextBox::resolveStyleForMarkedText):

        Use the highlight name from the HighlightRangeGroup to obtain the style from the renderer.

        (WebCore::InlineTextBox::collectMarkedTextsForHighlights const):

        Render the highlights when painting text. Determine if a highlight is present in the current RenderObject, and
        add additional MarkedText to be rendered when painting

        * rendering/InlineTextBox.h:
        * rendering/MarkedText.cpp:
        (WebCore::subdivide):
        * rendering/MarkedText.h:
        (WebCore::MarkedText::operator== const):

        Expand MarkedText to take a style name.

        * rendering/SelectionRangeData.cpp:
        (WebCore::SelectionRangeData::setContext):
        (WebCore::SelectionRangeData::selectionStateForRenderer):
        (WebCore::SelectionRangeData::set):
        * rendering/SelectionRangeData.h:

        Leverage SelectionRangeData for highlights.

2019-12-20  Chris Dumez  <cdumez@apple.com>

        [iOS Debug] imported/w3c/web-platform-tests/html/dom/usvstring-reflection.https.html is crashing
        https://bugs.webkit.org/show_bug.cgi?id=205506
        <rdar://problem/58118091>

        Reviewed by Darin Adler.

        Drop iOS specific hack in FrameLoader::checkCompleted() that was causing this crash in iOS Debug.
        This hack was added a long time ago to fix back/forward navigation after clicking an intra PDF
        document hyperlink. I have verified on iOS 13 that the behavior is unchanged without this code:
        - Back/forward navigation within a PDF work in UIWebView and do not work in WKWebView

        No new tests, unskipped existing test.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::checkCompleted):

2019-12-20  Chris Dumez  <cdumez@apple.com>

        [Bindings] Add @@toStringTag to our iterator prototype object
        https://bugs.webkit.org/show_bug.cgi?id=205516

        Reviewed by Darin Adler.

        Add @@ toStringTag to our iterator prototype object, as per:
        - https://heycam.github.io/webidl/#es-iterator-prototype-object

        No new tests, rebaselined existing tests.

        * bindings/js/JSDOMIterator.h:
        (WebCore::IteratorTraits>::finishCreation):

2019-12-20  Jer Noble  <jer.noble@apple.com>

        MediaKeySession.load() fails
        https://bugs.webkit.org/show_bug.cgi?id=205467

        Reviewed by Eric Carlson.

        Invert the storageURL condition in load().

        Drive-by fix: ask the group for it's sessionID, not the session, if it exists.

        * platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.mm:
        (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::loadSession):
        (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::didProvideRequest):

2019-12-20  Chris Dumez  <cdumez@apple.com>

        sendBeacon on Safari 13 seeing high failure rates
        https://bugs.webkit.org/show_bug.cgi?id=204665
        <rdar://problem/57522622>

        Reviewed by Darin Adler.

        Revert r245344 to try and reduce our failure rate for Beacon. This is the only change
        to our Beacon implementation that I am aware we made in Safari 13. Using a lower priority
        for Beacon makes it more likely that the Beacon load is still pending when the network
        process exits, which would interrupt the Beacon.

        Since we're trying to convince developers to move away from synchronous XHR and to using
        the Beacon API intead, it is important that our Beacon API be as reliable as possible.

        * Modules/beacon/NavigatorBeacon.cpp:
        (WebCore::NavigatorBeacon::sendBeacon):
        * loader/PingLoader.cpp:
        (WebCore::PingLoader::sendPing):

2019-12-20  Truitt Savell  <tsavell@apple.com>

        Unreviewed, rolling out r253820.

        Broke Mac testing

        Reverted changeset:

        "Invalidate only affected elements after media query
        evaluation changes"
        https://bugs.webkit.org/show_bug.cgi?id=205392
        https://trac.webkit.org/changeset/253820

2019-12-20  youenn fablet  <youenn@apple.com>

        SWServer can be created without any path to store registrations in non ephemeral sessions
        https://bugs.webkit.org/show_bug.cgi?id=205500

        Reviewed by Simon Fraser.

        No change of behavior in release.
        Remove debug assert and log the case of a non ephemeral session without a path.

        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::SWServer):

2019-12-20  Brian Burg  <bburg@apple.com>

        Web Inspector: convert some InspectorFrontendHost methods to getters
        https://bugs.webkit.org/show_bug.cgi?id=205475

        Reviewed by Devin Rousso.

        No reason for these to be method calls, so expose as getters / attributes instead.

        * inspector/InspectorFrontendClient.h:
        * inspector/InspectorFrontendHost.cpp:
        (WebCore::InspectorFrontendHost::isRemote const):
        (WebCore::debuggableTypeToString):
        (WebCore::InspectorFrontendHost::localizedStringsURL): Deleted.
        (WebCore::InspectorFrontendHost::backendCommandsURL): Deleted.
        (WebCore::InspectorFrontendHost::debuggableType): Deleted.
        (WebCore::InspectorFrontendHost::inspectionLevel): Deleted.
        (WebCore::InspectorFrontendHost::platform): Deleted.
        (WebCore::InspectorFrontendHost::port): Deleted.
        * inspector/InspectorFrontendHost.h:
        * inspector/InspectorFrontendHost.idl:
        * testing/Internals.cpp:

2019-12-20  Andres Gonzalez  <andresg_22@apple.com>

        IsolatedObject support for multiple parameterized attributes.
        https://bugs.webkit.org/show_bug.cgi?id=205508

        Reviewed by Chris Fleizach.

        - AXObjectCache now keeps the PageIdentifier so that it is possible to
        retrieve it on the secondary thread without querying the Document.
        - isIncrementor is exposed on AXCoreObject for spin button support.
        - Several parameterized attributes implementation related to
        TextMarkers are now dispatch to the main thread.

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::AXObjectCache):
        (WebCore::AXObjectCache::setIsolatedTreeFocusedObject):
        (WebCore::AXObjectCache::isolatedTreeRootObject):
        (WebCore::AXObjectCache::remove):
        * accessibility/AXObjectCache.h:
        * accessibility/AccessibilityObject.h:
        * accessibility/AccessibilityObjectInterface.h:
        * accessibility/AccessibilitySpinButton.h:
        * accessibility/isolatedtree/AXIsolatedTreeNode.cpp:
        (WebCore::AXIsolatedObject::AXIsolatedObject):
        (WebCore::AXIsolatedObject::initializeAttributeData):
        (WebCore::AXIsolatedObject::updateBackingStore):
        (WebCore::AXIsolatedObject::findTextRanges const):
        (WebCore::AXIsolatedObject::performTextOperation):
        (WebCore::AXIsolatedObject::axObjectCache const):
        (WebCore::AXIsolatedObject::widget const):
        (WebCore::AXIsolatedObject::document const):
        (WebCore::AXIsolatedObject::documentFrameView const):
        (WebCore::AXIsolatedObject::isLoaded const): Implemented in header.
        (WebCore::AXIsolatedObject::supportsPath const): Implemented in header.
        * accessibility/isolatedtree/AXIsolatedTreeNode.h:
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper subrole]):
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):

2019-12-20  Daniel Bates  <dabates@apple.com>

        Share code for computing the absolute positioned line boxes for a range
        https://bugs.webkit.org/show_bug.cgi?id=205510

        Reviewed by Wenson Hsieh.

        Implement RenderTextLineBoxes::absoluteRectsForRange() in terms of absoluteQuadsForRange()
        to remove almost identical code. This makes absoluteRectsForRange() a tiny bit slower. If
        it turns out this slowness isn't so tiny then we should use revert this change and implement
        again using templates to avoid duplication.

        Also moved absoluteQuadsForRange() to be above absoluteRectsForRange() to group these
        related functions closer together.

        * rendering/RenderTextLineBoxes.cpp:
        (WebCore::RenderTextLineBoxes::absoluteQuadsForRange const): No change, though I moved it
        to be above absoluteRectsForRange().
        (WebCore::RenderTextLineBoxes::absoluteRectsForRange const): Implement in terms of absoluteQuadsForRange().
        * rendering/RenderTextLineBoxes.h: Group absolute*ForRange() declarations.

2019-12-20  youenn fablet  <youenn@apple.com>

        Remove the certificate info checks related to getUserMedia
        https://bugs.webkit.org/show_bug.cgi?id=205493

        Reviewed by Eric Carlson.

        Now that navigator.mediaDevices is SecureContext, we do not need to do the same checks in UserMediaController.
        UserMediaController was also checking the certificate info which is not necessary for MediaDevices.
        Covered by manual tests.

        * Modules/mediastream/UserMediaController.cpp:
        (WebCore::isSecure):
        (WebCore::isAllowedByFeaturePolicy): Deleted.
        (WebCore::isAllowedToUse): Deleted.
        (WebCore::UserMediaController::canCallGetUserMedia const): Deleted.
        (WebCore::UserMediaController::logGetUserMediaDenial): Deleted.

2019-12-19  Dean Jackson  <dino@apple.com>

        Build ANGLE as a dynamic library
        https://bugs.webkit.org/show_bug.cgi?id=204708
        rdar://57349384

        Reviewed by Tim Horton.

        Weak link against libANGLE-shared.dylib rather than strong link to libANGLE.a.

        * Configurations/WebCore.xcconfig:
        * Configurations/WebCoreTestSupport.xcconfig:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/graphics/ANGLEWebKitBridge.cpp:
        (WebCore::ANGLEWebKitBridge::ANGLEWebKitBridge):
        (WebCore::ANGLEWebKitBridge::cleanupCompilers):
        (WebCore::ANGLEWebKitBridge::compileShaderSource):
        (WebCore::ANGLEWebKitBridge::angleAvailable):
        * platform/graphics/ANGLEWebKitBridge.h:
        * platform/graphics/cocoa/GraphicsContext3DCocoa.mm:
        (WebCore::GraphicsContext3D::GraphicsContext3D):

2019-12-20  Antti Koivisto  <antti@apple.com>

        Invalidate only affected elements after media query evaluation changes
        https://bugs.webkit.org/show_bug.cgi?id=205392

        Reviewed by Zalan Bujtas.

        We currently invalidate style of the whole tree when a media query evaluation changes.
        We can do better by constructing an invalidation RuleSet and invalidating only those
        elements that are potentially affected.

        * style/RuleSet.cpp:
        (WebCore::Style::RuleSet::addRule):
        (WebCore::Style::RuleSet::evaluteDynamicMediaQueryRules):

        Construct and cache an invalidation RuleSet and associate with a set of media query changes.

        (WebCore::Style::RuleSet::MediaQueryCollector::pushAndEvaluate):
        (WebCore::Style::RuleSet::MediaQueryCollector::pop):
        (WebCore::Style::RuleSet::MediaQueryCollector::addRuleIfNeeded):

        Collect RuleFeatures which we later use to build invalidation RuleSet.

        (WebCore::Style::RuleSet::MediaQueryCollector::addRulePositionIfNeeded): Deleted.
        * style/RuleSet.h:
        (WebCore::Style::DynamicMediaQueryEvaluationChanges::append):
        * style/StyleResolver.cpp:
        (WebCore::Style::Resolver::evaluateDynamicMediaQueries):
        * style/StyleResolver.h:
        * style/StyleScope.cpp:
        (WebCore::Style::Scope::evaluateMediaQueries):

        Use the invalidation RuleSet for accurate style invalidation.

        * style/StyleScopeRuleSets.cpp:
        (WebCore::Style::ScopeRuleSets::evaluteDynamicMediaQueryRules):

        Collect invalidation RuleSets for author/user/user agent style.

        * style/StyleScopeRuleSets.h:

2019-12-20  Diego Pino Garcia  <dpino@igalia.com>

        [GTK][WPE] Wrong visualization of Conic gradients in high resolution displays
        https://bugs.webkit.org/show_bug.cgi?id=205444

        Reviewed by Carlos Alberto Lopez Perez.

        Reduce the size of the separation between sections since a separation of
        1 pixel is too wide in high resolution displays.

        * platform/graphics/cairo/GradientCairo.cpp:
        (WebCore::addConicSector):

2019-12-20  Zalan Bujtas  <zalan@apple.com>

        Unreviewed, address review comment missed in the initial commit.

        * layout/inlineformatting/InlineLineBreaker.h:
        * layout/inlineformatting/LineLayoutContext.cpp:
        (WebCore::Layout::LineLayoutContext::placeInlineContentOnCurrentLine):
        (WebCore::Layout::LineLayoutContext::commitContent):

2019-12-20  Zalan Bujtas  <zalan@apple.com>

        [LFC][IFC] Refactor LineLayoutContext class
        https://bugs.webkit.org/show_bug.cgi?id=205494
        <rdar://problem/58109493>

        Reviewed by Antti Koivisto.

        This patch is in preparation for being able to pre-scan the inline content for soft wrap opportunities.

        Currently processing the inline content means pushing the inline items to an uncommitted queue until after
        we find a soft wrap opportunity and then we ask the LineBreaker whether this uncommitted, "continuous content" can be placed
        on the current line.
        while (has unprocessed inline item) {
            get next inline item
            if (inline item is at a soft wrap opportunity)
                sumbit uncommitted queue to line breaking
            else
                add to uncommitted queue
        }
        This patch omits the uncommitted queue by collecting the inline items first. This removes some code complexity and it also
        helps to be able to pre-scan the content for soft wrap opportunities.
        while (has unprocessed inline item) {
            get next continuous content
            submit content to line breaking
        }

        * layout/inlineformatting/InlineLineBreaker.cpp:
        (WebCore::Layout::endsWithSoftWrapOpportunity):
        (WebCore::Layout::LineBreaker::ContinousContent::ContinousContent):
        * layout/inlineformatting/InlineLineBreaker.h:
        (WebCore::Layout::LineBreaker::Run::Run):
        * layout/inlineformatting/LineLayoutContext.cpp:
        (WebCore::Layout::ContinousContent::hasIntrusiveFloats const):
        (WebCore::Layout::ContinousContent::runs const):
        (WebCore::Layout::ContinousContent::floats const):
        (WebCore::Layout::ContinousContent::endsWithLineBreak const):
        (WebCore::Layout::ContinousContent::setEndsWithLineBreak):
        (WebCore::Layout::ContinousContent::append):
        (WebCore::Layout::LineLayoutContext::layoutLine):
        (WebCore::Layout::LineLayoutContext::close):
        (WebCore::Layout::LineLayoutContext::nextContinousContentForLine):
        (WebCore::Layout::LineLayoutContext::addFloatItems):
        (WebCore::Layout::LineLayoutContext::placeInlineContentOnCurrentLine):
        (WebCore::Layout::LineLayoutContext::commitContent):
        (WebCore::Layout::LineLayoutContext::commitPendingContent): Deleted.
        (WebCore::Layout::LineLayoutContext::placeInlineItem): Deleted.
        (WebCore::Layout::LineLayoutContext::processUncommittedContent): Deleted.
        (WebCore::Layout::LineLayoutContext::UncommittedContent::append): Deleted.
        (WebCore::Layout::LineLayoutContext::UncommittedContent::reset): Deleted.
        (WebCore::Layout::LineLayoutContext::UncommittedContent::shrink): Deleted.
        * layout/inlineformatting/LineLayoutContext.h:
        (WebCore::Layout::LineLayoutContext::formattingContext const):
        (WebCore::Layout::LineLayoutContext::root const):
        (WebCore::Layout::LineLayoutContext::UncommittedContent::width const): Deleted.
        (WebCore::Layout::LineLayoutContext::UncommittedContent::size): Deleted.
        (WebCore::Layout::LineLayoutContext::UncommittedContent::isEmpty): Deleted.
        (WebCore::Layout::LineLayoutContext::UncommittedContent::runs const): Deleted.

2019-12-20  Rob Buis  <rbuis@igalia.com>

        Fetch: handle emtpy Location value
        https://bugs.webkit.org/show_bug.cgi?id=205462

        Reviewed by Youenn Fablet.

        Handle empty Location value on redirect as specified here:
        https://fetch.spec.whatwg.org/#concept-http-redirect-fetch step 3

        Tests: web-platform-tests/fetch/api/redirect/redirect-empty-location.any.html
               web-platform-tests/fetch/api/redirect/redirect-empty-location.any.worker.html

        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::didReceiveResponse):

2019-12-20  youenn fablet  <youenn@apple.com>

        DOMPromise::whenPromiseIsSettled is asserting in service worker
        https://bugs.webkit.org/show_bug.cgi?id=205440

        Reviewed by Chris Dumez.

        The promise.get(@then) is sometimes throwing an exception probably due to service worker being stopped.
        We need to catch the JS exception and exit early if the getter fails.
        Covered by existing service worker tests in debug mode.

        * bindings/js/JSDOMPromise.cpp:
        (WebCore::DOMPromise::whenPromiseIsSettled):

2019-12-20  youenn fablet  <youenn@apple.com>

        Make ServiceWorker::postMessage use the exec state from the JS binding layer
        https://bugs.webkit.org/show_bug.cgi?id=205395

        Reviewed by Chris Dumez.

        Instead of using ScriptExecutionContext::execState, we can ask the JS binding layer to pass the exec state and use it.
        Since ServiceWorker is an ActiveDOMObject, we use its scriptExecutionContext() to compute the ServiceWorker source identifier.
        We do the same for ServiceWorkerClient which is a context destruction observer and which only lives in Service Worker scope so calling ScriptExecutionContext::execState is suboptimal.

        No change of behavior.

        * workers/service/ServiceWorker.cpp:
        (WebCore::ServiceWorker::postMessage):
        * workers/service/ServiceWorker.h:
        * workers/service/ServiceWorker.idl:
        * workers/service/ServiceWorkerClient.cpp:
        (WebCore::ServiceWorkerClient::postMessage):
        * workers/service/ServiceWorkerClient.h:
        * workers/service/ServiceWorkerClient.idl:

2019-12-20  Jiewen Tan  <jiewen_tan@apple.com>

        [WebAuthn] Implement coders for CTAP ClientPIN requests and responses
        https://bugs.webkit.org/show_bug.cgi?id=205376
        <rdar://problem/58034395>

        Reviewed by Brent Fulgham.

        This patch implements coders for authenticatorClientPIN requests and responses
        following the spec:
        https://fidoalliance.org/specs/fido-v2.0-ps-20190130/fido-client-to-authenticator-protocol-v2.0-ps-20190130.html#authenticatorClientPIN

        Specifically, it
        i) implements authenticatorClientPIN subCommand: getRetries, getKeyAgreement and getPINToken;
        ii) adds pinAuth/pinProtocol to authenticatorMakeCredential/authenticatorGetAssertion.

        The authenticatorClientPIN subCommands are based on a Chromium patch:
        https://chromium-review.googlesource.com/c/chromium/src/+/1457004 Specifically, it adopts the
        interfaces from that patch, but rewrites the BoringSSL-based crypto features using WebCore's
        WebCrypto implementation. This allows us to focus on high level crypto interfaces, and lets
        WebCrypto handle the underlying crypto library. Also, the original Chromium patch lacks tests.
        We introduce a large set of API tests to confirm proper function.

        This patch also makes the AES CBC, EDCH, and HMAC platform* implementations public, so that
        these implementations can be shared by WebAuthentication and test infrastructure.

        Covered by API tests.

        * Modules/webauthn/WebAuthenticationConstants.h:
        * Modules/webauthn/cbor/CBORReader.cpp:
        (cbor::CBORReader::readCBORMap):
        Let CBORReader recognize negative map keys.
        * Modules/webauthn/fido/DeviceRequestConverter.cpp:
        (fido::encodeMakeCredenitalRequestAsCBOR):
        (fido::encodeGetAssertionRequestAsCBOR):
        * Modules/webauthn/fido/DeviceRequestConverter.h:
        * Modules/webauthn/fido/Pin.cpp: Added.
        (fido::pin::hasAtLeastFourCodepoints):
        (fido::pin::makePinAuth):
        (fido::pin::encodeRawPublicKey):
        (fido::pin::validateAndConvertToUTF8):
        (fido::pin::encodePinCommand):
        (fido::pin::RetriesResponse::parse):
        (fido::pin::KeyAgreementResponse::KeyAgreementResponse):
        (fido::pin::KeyAgreementResponse::parse):
        (fido::pin::KeyAgreementResponse::parseFromCOSE):
        (fido::pin::encodeCOSEPublicKey):
        (fido::pin::TokenResponse::TokenResponse):
        (fido::pin::TokenResponse::parse):
        (fido::pin::TokenResponse::pinAuth const):
        (fido::pin::TokenResponse::token const):
        (fido::pin::encodeAsCBOR):
        (fido::pin::TokenRequest::tryCreate):
        (fido::pin::TokenRequest::TokenRequest):
        (fido::pin::TokenRequest::sharedKey const):
        * Modules/webauthn/fido/Pin.h: Added.
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * crypto/CryptoAlgorithm.h:
        * crypto/algorithms/CryptoAlgorithmAES_CBC.h:
        * crypto/algorithms/CryptoAlgorithmECDH.h:
        * crypto/algorithms/CryptoAlgorithmHMAC.h:
        * crypto/keys/CryptoKeyAES.cpp:
        * crypto/keys/CryptoKeyAES.h:
        * crypto/keys/CryptoKeyEC.h:
        * crypto/mac/CryptoAlgorithmAES_CBCMac.cpp:
        (WebCore::CryptoAlgorithmAES_CBC::platformEncrypt):
        (WebCore::CryptoAlgorithmAES_CBC::platformDecrypt):
        * crypto/mac/CryptoKeyRSAMac.cpp:
        (WebCore::CryptoKeyRSA::algorithm const):

2019-12-19  Doug Kelly  <dougk@apple.com>

        Update TrackBase to store m_mediaElement as a WeakPtr
        https://bugs.webkit.org/show_bug.cgi?id=205460

        Reviewed by Eric Carlson.

        Store the HTMLMediaElement in TrackBase and related classes as a WeakPtr to give some proper idea of pointer lifetime, since while the
        HTMLMediaElement is optional, if set, it should be a valid HTMLMediaElement.

        No new tests since no functionality changed.

        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::videoTracks):
        (WebCore::SourceBuffer::audioTracks):
        (WebCore::SourceBuffer::textTracks):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::textTrackModeChanged):
        (WebCore::HTMLMediaElement::mediaPlayerDidAddTextTrack):
        (WebCore::HTMLMediaElement::ensureAudioTracks):
        (WebCore::HTMLMediaElement::ensureTextTracks):
        (WebCore::HTMLMediaElement::ensureVideoTracks):
        * html/track/AudioTrack.cpp:
        (WebCore::AudioTrack::willRemove):
        (WebCore::AudioTrack::setMediaElement):
        * html/track/AudioTrack.h:
        * html/track/AudioTrackList.cpp:
        (WebCore::AudioTrackList::AudioTrackList):
        * html/track/AudioTrackList.h:
        * html/track/InbandTextTrack.cpp:
        (WebCore::InbandTextTrack::willRemove):
        (WebCore::InbandTextTrack::setMediaElement):
        * html/track/InbandTextTrack.h:
        * html/track/TextTrackList.cpp:
        (WebCore::TextTrackList::TextTrackList):
        * html/track/TextTrackList.h:
        * html/track/TrackBase.cpp:
        (WebCore::TrackBase::element):
        (WebCore::TrackBase::setMediaElement):
        * html/track/TrackBase.h:
        (WebCore::TrackBase::mediaElement):
        * html/track/TrackListBase.cpp:
        (WebCore::TrackListBase::TrackListBase):
        (WebCore::TrackListBase::element const):
        * html/track/TrackListBase.h:
        (WebCore::TrackListBase::mediaElement const):
        * html/track/VideoTrack.cpp:
        (WebCore::VideoTrack::willRemove):
        (WebCore::VideoTrack::setMediaElement):
        * html/track/VideoTrack.h:
        * html/track/VideoTrackList.cpp:
        (WebCore::VideoTrackList::VideoTrackList):
        * html/track/VideoTrackList.h:

2019-12-19  Doug Kelly  <dougk@apple.com>

        Invalid assert with tracks not associated to media element
        https://bugs.webkit.org/show_bug.cgi?id=205360

        Reviewed by Eric Carlson.

        Remove asserts around TextTrack when not attached to a media element and instead return a zero index.

        * html/track/TextTrack.cpp:
        (WebCore::TextTrack::trackIndex):
        (WebCore::TextTrack::trackIndexRelativeToRenderedTracks):

2019-12-19  Sihui Liu  <sihui_liu@apple.com>

        IndexedDB: remove timer for pending operations in IDBTransaction
        https://bugs.webkit.org/show_bug.cgi?id=205312

        Reviewed by Brady Eidson.

        When pendingOperationTimer fired, IDBTransasction would try processing pending operations or commiting 
        automatically.
        pendingOperationTimer was scheduled when some conditions changed and IDBTransaction could start processing 
        pending operations or start commiting, for example, when new pending operations was created.

        For better performance, we may start processing right away after the condition change, without using a Timer.
        This patch gives us about 10% speed up on test: PerformanceTests/IndexedDB/basic/objectstore-cursor.html.

        * Modules/indexeddb/IDBRequest.cpp:
        (WebCore::IDBRequest::dispatchEvent):
        * Modules/indexeddb/IDBTransaction.cpp:
        (WebCore::IDBTransaction::IDBTransaction):
        (WebCore::IDBTransaction::abortInProgressOperations):
        (WebCore::IDBTransaction::removeRequest):
        (WebCore::IDBTransaction::scheduleOperation):
        (WebCore::IDBTransaction::finishedDispatchEventForRequest):
        (WebCore::IDBTransaction::didStart):
        (WebCore::IDBTransaction::operationCompletedOnClient):
        (WebCore::IDBTransaction::deactivate):
        (WebCore::IDBTransaction::connectionClosedFromServer):
        (WebCore::IDBTransaction::handlePendingOperations):
        (WebCore::IDBTransaction::autoCommit):
        (WebCore::IDBTransaction::trySchedulePendingOperationTimer): Deleted.
        (WebCore::IDBTransaction::pendingOperationTimerFired): Deleted.
        * Modules/indexeddb/IDBTransaction.h:

2019-12-19  Jack Lee  <shihchieh_lee@apple.com>

        Nullptr crash in WebCore::RenderTreeBuilder::attach
        https://bugs.webkit.org/show_bug.cgi?id=205476

        Reviewed by Ryosuke Niwa.

        Test: fast/ruby/crash-insert-duplicate-rt-element.html

        * rendering/updating/RenderTreeBuilderRuby.cpp:
        (WebCore::RenderTreeBuilder::Ruby::attach):

2019-12-19  Jack Lee  <shihchieh_lee@apple.com>

        Nullptr crash in WebCore::findPlaceForCounter with display: contents parent
        https://bugs.webkit.org/show_bug.cgi?id=205290

        Reviewed by Ryosuke Niwa.

        Test: fast/css/counters/findPlaceForCounter-crash.html

        * rendering/RenderCounter.cpp:
        (WebCore::parentOrPseudoHostElement):

2019-12-19  Chris Dumez  <cdumez@apple.com>

        REGRESSION: (r251677) imported/w3c/web-platform-tests/html/semantics/forms/form-submission-0/form-double-submit-3.html is a flaky failure
        https://bugs.webkit.org/show_bug.cgi?id=205164
        <rdar://problem/57879042>

        Reviewed by Ryosuke Niwa.

        Submitting a form should cancel any pending navigation scheduled by a previous submission of this form:
        - https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#form-submission-algorithm (step 22.3)

        No new tests, rebaselined existing tests.

        Test: fast/forms/form-double-submission.html

        * html/HTMLFormElement.cpp:
        (WebCore::HTMLFormElement::submit):
        * html/HTMLFormElement.h:
        * loader/FormSubmission.h:
        (WebCore::FormSubmission::cancel):
        (WebCore::FormSubmission::wasCancelled const):

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::submitForm):
        Drop previous non-standard compliant logic to avoid double-form submission.

        * loader/NavigationScheduler.cpp:

2019-12-19  Ryosuke Niwa  <rniwa@webkit.org>

        Make ShadowRoot.delegateFocus work in iOS
        https://bugs.webkit.org/show_bug.cgi?id=202875

        Reviewed by Wenson Hsieh.

        This patch fixes the bug that a shadow tree doesn't recieve focus delegation even if the shadow host
        had delegateFocus flag set unless the shadow host itself is focusable beacuse Frame's
        nodeRespondingToClickEvents and friends would return false on the shadow host.

        Test: fast/shadow-dom/delegates-focus-by-activation.html

        * page/ios/FrameIOS.mm:
        (WebCore::nodeIsMouseFocusable): Added the logic to handle shadow hosts whose shadow root has
        delegates focus flag set.
        (WebCore::nodeWillRespondToMouseEvents): Extracted out of approximateNodeAtViewportLocationLegacy.
        (WebCore::Frame::approximateNodeAtViewportLocationLegacy):
        (WebCore::ancestorRespondingToClickEventsNodeQualifier):

2019-12-19  Kate Cheney  <katherine_cheney@apple.com>

        Activate the SQLite database as an on-by-default feature
        https://bugs.webkit.org/show_bug.cgi?id=204774
        <rdar://problem/57592141>

        Reviewed by Brent Fulgham.

        The ITP SQLite database should be on by default.

        * page/RuntimeEnabledFeatures.h:

2019-12-19  Per Arne Vollan  <pvollan@apple.com>

        REGRESSION (r253530): Incorrect colors in Dark Mode
        https://bugs.webkit.org/show_bug.cgi?id=205457

        Unreviewed rollout of r253530.

        * WebCore.xcodeproj/project.pbxproj:
        * rendering/CSSValueKey.h: Removed.
        * rendering/RenderThemeIOS.h:
        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::systemColor const):
        (WebCore::cssValueIDSelectorList): Deleted.
        (WebCore::systemColorFromCSSValueID): Deleted.
        (WebCore::globalCSSValueToSystemColorMap): Deleted.
        (WebCore::RenderThemeIOS::getOrCreateCSSValueToSystemColorMap): Deleted.
        (WebCore::RenderThemeIOS::setCSSValueToSystemColorMap): Deleted.

2019-12-19  James Darpinian  <jdarpinian@chromium.org>

        ANGLE: Fix last WebGL conformance regressions
        https://bugs.webkit.org/show_bug.cgi?id=205306

        Fixes the last few WebGL conformance regressions when enabling ANGLE on AMD GPUs on Mac.
        The combination of alpha:false and antialias:true was broken, and validation of
        non-ascii characters in comments was broken by a recent change to the test.

        Reviewed by Dean Jackson.

        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::shaderSource):
        * platform/graphics/angle/GraphicsContext3DANGLE.cpp:
        (WebCore::GraphicsContext3D::reshapeFBOs):

2019-12-19  Alan Bujtas  <zalan@apple.com>

        Unreviewed, rolling out r253711.

        Broke two tests on Mac and iOS

        Reverted changeset:

        "[LFC][IFC] LineLayoutContext::m_uncommittedList is not always
        a continuous list of runs"
        https://bugs.webkit.org/show_bug.cgi?id=205404
        https://trac.webkit.org/changeset/253711

2019-12-19  Andres Gonzalez  <andresg_22@apple.com>

        AXIsolatedObject::findMatchingObjects implementation.
        https://bugs.webkit.org/show_bug.cgi?id=205428

        Reviewed by Chris Fleizach.

        This method is exercised by several layout tests such as
        accessibility/mac/search-predicate.html.

        - Moved the search algorithm in the implementation of
        AccessibilityObject::findMatchingObjects to the Accessibility namespace,
        so that it can be used in AXIsolatedObject as well.
        - Static helper functions are also moved into the Accessibility
        namespace.
        - Changed the signature of containsText to be more appropriate and in
        line with other methods.

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::containsText const):
        (WebCore::AccessibilityObject::findMatchingObjects):
        (WebCore::Accessibility::isAccessibilityObjectSearchMatchAtIndex): Moved from AccessibilityObject.
        (WebCore::Accessibility::isAccessibilityObjectSearchMatch): Moved from AccessibilityObject.
        (WebCore::Accessibility::isAccessibilityTextSearchMatch): Moved from AccessibilityObject.
        (WebCore::Accessibility::objectMatchesSearchCriteriaWithResultLimit): Moved from AccessibilityObject.
        (WebCore::Accessibility::findMatchingObjects): Search algorithm to be reused by AccessibilityObject and AXIsolatedObject.
        (WebCore::AccessibilityObject::isAccessibilityObjectSearchMatchAtIndex): Moved.
        (WebCore::AccessibilityObject::isAccessibilityObjectSearchMatch): Moved.
        (WebCore::AccessibilityObject::isAccessibilityTextSearchMatch): Moved.
        (WebCore::AccessibilityObject::objectMatchesSearchCriteriaWithResultLimit): Moved.
        * accessibility/AccessibilityObject.h:
        * accessibility/AccessibilityObjectInterface.h:
        * accessibility/isolatedtree/AXIsolatedTreeNode.cpp:
        (WebCore::AXIsolatedObject::findMatchingObjects):
        (WebCore::AXIsolatedObject::containsText const):
        * accessibility/isolatedtree/AXIsolatedTreeNode.h:

2019-12-19  Wenson Hsieh  <wenson_hsieh@apple.com>

        pal/FileSizeFormatter.h declares fileSizeDescription in the top-level namespace
        https://bugs.webkit.org/show_bug.cgi?id=205453

        Reviewed by Tim Horton.

        Change fileSizeDescription to PAL::fileSizeDescription. No change in behavior.

        * html/HTMLAttachmentElement.cpp:
        (WebCore::HTMLAttachmentElement::setFile):
        (WebCore::HTMLAttachmentElement::updateAttributes):

2019-12-19  Chris Dumez  <cdumez@apple.com>

        imported/w3c/web-platform-tests/service-workers/service-worker/skip-waiting-installed.https.html is flaky
        https://bugs.webkit.org/show_bug.cgi?id=205408

        Reviewed by Youenn Fablet.

        imported/w3c/web-platform-tests/service-workers/service-worker/skip-waiting-installed.https.html has been
        flaky since it was imported. We now queue a task on the HTML event loop to resolve the skipWaiting promise
        so that its ordering is correct, between the active event being fired and the service worker state becoming
        "activated".

        No new tests, upskipped existing test.

        * workers/service/ServiceWorkerGlobalScope.cpp:
        (WebCore::ServiceWorkerGlobalScope::skipWaiting):
        * workers/service/context/SWContextManager.h:
        * workers/service/server/SWServerToContextConnection.cpp:
        (WebCore::SWServerToContextConnection::skipWaiting):
        * workers/service/server/SWServerToContextConnection.h:

2019-12-19  Chris Dumez  <cdumez@apple.com>

        Stop blocking the worker thread in WorkerMessagePortChannelProvider::postMessageToRemote()
        https://bugs.webkit.org/show_bug.cgi?id=205414

        Reviewed by Youenn Fablet.

        Stop blocking the worker thread in WorkerMessagePortChannelProvider::postMessageToRemote() as it does not appear
        to be needed and it badly impacts performance. This basically replaces a callOnMainThreadAndWait
        call (which was added in r249378 as part of a refactoring) with a callOnMainThread call.

        This makes fast/workers/worker-cloneport.html runs twice as fast on my machine, which is important
        because this test is so slow it is timing out in some configurations.

        * dom/MessagePort.cpp:
        (WebCore::MessagePort::postMessage):
        * dom/messageports/MessagePortChannelProvider.h:
        * dom/messageports/MessagePortChannelProviderImpl.cpp:
        (WebCore::MessagePortChannelProviderImpl::postMessageToRemote):
        * dom/messageports/MessagePortChannelProviderImpl.h:
        * dom/messageports/WorkerMessagePortChannelProvider.cpp:
        (WebCore::WorkerMessagePortChannelProvider::postMessageToRemote):
        * dom/messageports/WorkerMessagePortChannelProvider.h:

2019-12-19  Wenson Hsieh  <wenson_hsieh@apple.com>

        REGRESSION (r251015): Hitting return before a space deletes text after the insertion position
        https://bugs.webkit.org/show_bug.cgi?id=205425
        <rdar://problem/57575960>

        Reviewed by Tim Horton.

        After r251015, we (rightfully) no longer call ensureLineBoxes() when computing upstream or downstream positions.
        However, logic in deleteInsignificantTextDownstream (which is invoked after hitting return before a space in a
        text node) assumes that line boxes must be generated for the RenderText of the text node containing the
        downstream position. The lack of inline text boxes then causes deleteInsignificantText to always remove the
        entire text node.

        To fix this, have deleteInsignificantText ensure that line boxes exist for the text node's renderer, right
        before asking for the renderer's line boxes.

        Test: editing/inserting/insert-paragraph-before-space.html

        * editing/CompositeEditCommand.cpp:
        (WebCore::CompositeEditCommand::deleteInsignificantText):

2019-12-19  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK][WPE] Add initial API for input method
        https://bugs.webkit.org/show_bug.cgi?id=204679

        Reviewed by Žan Doberšek.

        * platform/PlatformKeyboardEvent.h: Also define handledByInputMethod() for WPE port.

2019-12-19  Charlie Turner  <cturner@igalia.com>

        [GStreamer][EME] Notify all elements waiting for CDM attachment
        https://bugs.webkit.org/show_bug.cgi?id=205382

        Reviewed by Xabier Rodriguez-Calvar.

        When multiple demuxers are in flight asking for a CDM instance,
        only one of them was getting woken up when a CDM was attached,
        leaving the other(s) blocking their respective streaming threads
        and locking the pipeline. Switch back to a condition variable from
        a semaphore to fix this issue.

        Covered by existing tests.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::MediaPlayerPrivateGStreamer):
        Initialize the new isPlayerShuttingDown predicate to false.
        (WebCore::MediaPlayerPrivateGStreamer::~MediaPlayerPrivateGStreamer):
        Set the new predicate for player shutdown at the start of
        destruction, so that background threads can known when the should
        abort their operations as a result of being unblocked by the
        destructor.
        (WebCore::MediaPlayerPrivateGStreamer::handleSyncMessage): Go back
        to using condition variables, so we can unblock more than one
        waiter.
        (WebCore::MediaPlayerPrivateGStreamer::cdmInstanceAttached):
        Helper predicate to make clear that the presence of a valid
        CDMInstance pointer is a sign that it has been attached.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h: Add
        an isPlayerShuttingDown method using an Atomic<bool>. We need this
        to avoid racing set_context() on a decryptor element with the
        pipeline being set to NULL. Before we were using the notifier as a
        proxy for player shutdown, since it is invalidated during player
        destruction. This is not a maintainable solution, since other
        programmers would feel free to reorder the position at which the
        notifier is invalidated, and then introduce a very hard to find
        bug. By introducing this flag at the start of destruction, we will
        always have a known way to check, after a streaming thread has
        woken up again, whether we should call any player methods, or
        return early due to shutdown in progress.
        (WebCore::MediaPlayerPrivateGStreamer::isPlayerShuttingDown
        const): Predicate for player in the process of shutdown. This
        should be used by background threads, which upon wakeup, may need
        to be aware of whether they will be in a race with the pipeline
        going to NULL.
        (WebCore::MediaPlayerPrivateGStreamer::isCDMAttached const):

2019-12-19  Carlos Garcia Campos  <cgarcia@igalia.com>

        [CoordinatedGraphics] ThreadedDisplayRefreshMonitor is never released
        https://bugs.webkit.org/show_bug.cgi?id=205387

        Reviewed by Žan Doberšek.

        The problem is that DisplayRefreshMonitorManager::createMonitorForClient() always creates a new one for
        RenderingUpdateScheduler because it's not notified of the window screen change. So,
        createDisplayRefreshMonitor() is called every time, which returns a reference of the same object, but it's added
        to the monitors vector of DisplayRefreshMonitorManager and never removed from there.

        * page/Chrome.cpp:
        (WebCore::Chrome::windowScreenDidChange): Notify the RenderingUpdateScheduler about the screen change.
        * page/RenderingUpdateScheduler.h: Make windowScreenDidChange public.

2019-12-19  youenn fablet  <youenn@apple.com>

        Safari resumes autoplay audio elements after getUserMedia
        https://bugs.webkit.org/show_bug.cgi?id=197688
        <rdar://problem/57674395>

        Reviewed by Eric Carlson.

        Covered by updated test.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaStreamCaptureStarted):
        Previously, we were piggybacking on resuming autoplay, which happens after interuption.
        This is incorrect as it tries to play paused elements.
        Instead we just try to play a media element if it can autoplay without changing the m_autoplaying value.
        * html/HTMLMediaElement.h:
        (WebCore::HTMLMediaElement::mediaStreamCaptureStarted): Deleted.

2019-12-18  Sihui Liu  <sihui_liu@apple.com>

        IndexedDB: perform IDBServer work only on background thread
        https://bugs.webkit.org/show_bug.cgi?id=203690
        <rdar://problem/56908496>

        Reviewed by Alex Christensen.

        The basic workflow of IDB server side was:
        1. IPC thread dispatches IDB messages to main thread
        2. main thread handles messages and dispatches database tasks to IDB thread
        3. IDB thread finishes work and dispatches task result to main thread
        4. main thread sends IPC messages with task results

        For better performance, this patch changes the workflow to:
        1. IPC thread dispatches IDB messages to IDB thread
        2. IDB thread handles messages, perform tasks and sends IPC messages with task results
        In this way, we can avoid the cost of thread hopping to main thread.

        Previously IDBServer and UniqueIDBDatabase were created on the main thread and may be accessed from IDB 
        thread, and now they are created on the IDB thread only. Therefore, we don't need all those variables
        used to sync the database status between main thread and background thread, and the logic becomes simpler.

        This patch also removes timer in UniqueIDBDatabase for better performance.

        Covered by existing tests.

        * Modules/indexeddb/IDBDatabase.cpp:
        (WebCore::IDBDatabase::didCloseFromServer): IDBClient no longer needs to confirm connection close initiated by
        IDBServer. When IDBServer closes the connection, it would remove the connection from the open connection set 
        right away.
        * Modules/indexeddb/client/IDBConnectionProxy.cpp:
        (WebCore::IDBClient::IDBConnectionProxy::didCloseFromServer): 
        (WebCore::IDBClient::IDBConnectionProxy::confirmDidCloseFromServer): Deleted.
        * Modules/indexeddb/client/IDBConnectionProxy.h:
        * Modules/indexeddb/client/IDBConnectionToServer.cpp:
        (WebCore::IDBClient::IDBConnectionToServer::confirmDidCloseFromServer): Deleted.
        * Modules/indexeddb/client/IDBConnectionToServer.h:
        * Modules/indexeddb/client/IDBConnectionToServerDelegate.h:
        * Modules/indexeddb/server/IDBConnectionToClient.cpp:
        (WebCore::IDBServer::IDBConnectionToClient::IDBConnectionToClient):
        * Modules/indexeddb/server/IDBConnectionToClient.h:
        (WebCore::IDBServer::IDBConnectionToClient::clearDelegate):
        * Modules/indexeddb/server/IDBConnectionToClientDelegate.h:

        * Modules/indexeddb/server/IDBServer.cpp: Add threading assertions everywhere for safety. Also, as IDBServer
        may be accessed on main thread for process suspension, we need to assert lock of IDBServer is held everywhere.
        (WebCore::IDBServer::IDBServer::IDBServer):
        (WebCore::IDBServer::IDBServer::~IDBServer):
        (WebCore::IDBServer::IDBServer::registerConnection):
        (WebCore::IDBServer::IDBServer::unregisterConnection):
        (WebCore::IDBServer::IDBServer::registerTransaction):
        (WebCore::IDBServer::IDBServer::unregisterTransaction):
        (WebCore::IDBServer::IDBServer::getOrCreateUniqueIDBDatabase):
        (WebCore::IDBServer::IDBServer::openDatabase):
        (WebCore::IDBServer::IDBServer::deleteDatabase):
        (WebCore::IDBServer::IDBServer::abortTransaction):
        (WebCore::IDBServer::IDBServer::createObjectStore):
        (WebCore::IDBServer::IDBServer::deleteObjectStore):
        (WebCore::IDBServer::IDBServer::renameObjectStore):
        (WebCore::IDBServer::IDBServer::clearObjectStore):
        (WebCore::IDBServer::IDBServer::createIndex):
        (WebCore::IDBServer::IDBServer::deleteIndex):
        (WebCore::IDBServer::IDBServer::renameIndex):
        (WebCore::IDBServer::IDBServer::putOrAdd):
        (WebCore::IDBServer::IDBServer::getRecord):
        (WebCore::IDBServer::IDBServer::getAllRecords):
        (WebCore::IDBServer::IDBServer::getCount):
        (WebCore::IDBServer::IDBServer::deleteRecord):
        (WebCore::IDBServer::IDBServer::openCursor):
        (WebCore::IDBServer::IDBServer::iterateCursor):
        (WebCore::IDBServer::IDBServer::establishTransaction):
        (WebCore::IDBServer::IDBServer::commitTransaction):
        (WebCore::IDBServer::IDBServer::didFinishHandlingVersionChangeTransaction):
        (WebCore::IDBServer::IDBServer::databaseConnectionPendingClose):
        (WebCore::IDBServer::IDBServer::databaseConnectionClosed):
        (WebCore::IDBServer::IDBServer::abortOpenAndUpgradeNeeded):
        (WebCore::IDBServer::IDBServer::didFireVersionChangeEvent):
        (WebCore::IDBServer::IDBServer::openDBRequestCancelled):
        (WebCore::IDBServer::IDBServer::getAllDatabaseNames):
        (WebCore::IDBServer::IDBServer::closeAndDeleteDatabasesModifiedSince):
        (WebCore::IDBServer::IDBServer::closeAndDeleteDatabasesForOrigins):
        (WebCore::IDBServer::IDBServer::removeDatabasesWithOriginsForVersion):
        (WebCore::IDBServer::IDBServer::requestSpace):
        (WebCore::IDBServer::IDBServer::stopDatabaseActivitiesOnMainThread):
        (WebCore::IDBServer::IDBServer::create): Deleted.
        (WebCore::IDBServer::IDBServer::confirmDidCloseFromServer): Deleted.
        (WebCore::IDBServer::IDBServer::performGetAllDatabaseNames): Deleted.
        (WebCore::IDBServer::IDBServer::didGetAllDatabaseNames): Deleted.
        (WebCore::IDBServer::IDBServer::postDatabaseTask): Deleted. IDBServer is on the background thread only. This 
        functionality is moved to its parent (WebIDBServer/InProcessIDBServer).
        (WebCore::IDBServer::IDBServer::postDatabaseTaskReply): Deleted.
        (WebCore::IDBServer::generateDeleteCallbackID): Deleted.
        (WebCore::IDBServer::IDBServer::performCloseAndDeleteDatabasesModifiedSince): Deleted. Merged to 
        closeAndDeleteDatabasesModifiedSince.
        (WebCore::IDBServer::IDBServer::performCloseAndDeleteDatabasesForOrigins): Deleted. Merged to 
        closeAndDeleteDatabasesForOrigins.
        (WebCore::IDBServer::IDBServer::didPerformCloseAndDeleteDatabases): Deleted.
        (WebCore::IDBServer::IDBServer::tryStop): Deleted.
        (WebCore::IDBServer::IDBServer::resume): Deleted.
        * Modules/indexeddb/server/IDBServer.h:
        (WebCore::IDBServer::IDBServer::lock):

        * Modules/indexeddb/server/UniqueIDBDatabase.cpp: Biggest changes are:
        1. merge all perform[Task] and didPerform[Task] functions into [Task] functions.
        2. remove all database members used to track state between main thread and database thread, because the tasks
        are executed in order on one background thread.
        3. m_operationAndTransactionTimer is removed. operationAndTransactionTimerFired is replaced by two functions:
        handleDatabaseOperations and handleTransactions. And these functions are placed at places where we schedule the 
        timer.
        4. lock is moved to IDBServer because UniqueIDBDatabase will never be accessed from different threads.
        (WebCore::IDBServer::UniqueIDBDatabase::UniqueIDBDatabase):
        (WebCore::IDBServer::UniqueIDBDatabase::~UniqueIDBDatabase):
        (WebCore::IDBServer::UniqueIDBDatabase::openDatabaseConnection):
        (WebCore::IDBServer::UniqueIDBDatabase::performCurrentOpenOperation):
        (WebCore::IDBServer::UniqueIDBDatabase::performCurrentDeleteOperation):
        (WebCore::IDBServer::UniqueIDBDatabase::deleteBackingStore):
        (WebCore::IDBServer::UniqueIDBDatabase::didDeleteBackingStore):
        (WebCore::IDBServer::UniqueIDBDatabase::handleDatabaseOperations):
        (WebCore::IDBServer::UniqueIDBDatabase::handleCurrentOperation):
        (WebCore::IDBServer::UniqueIDBDatabase::handleDelete):
        (WebCore::IDBServer::UniqueIDBDatabase::startVersionChangeTransaction):
        (WebCore::IDBServer::UniqueIDBDatabase::maybeNotifyConnectionsOfVersionChange):
        (WebCore::IDBServer::UniqueIDBDatabase::notifyCurrentRequestConnectionClosedOrFiredVersionChangeEvent):
        (WebCore::IDBServer::UniqueIDBDatabase::createObjectStore):
        (WebCore::IDBServer::UniqueIDBDatabase::deleteObjectStore):
        (WebCore::IDBServer::UniqueIDBDatabase::renameObjectStore):
        (WebCore::IDBServer::UniqueIDBDatabase::clearObjectStore):
        (WebCore::IDBServer::UniqueIDBDatabase::createIndex):
        (WebCore::IDBServer::UniqueIDBDatabase::deleteIndex):
        (WebCore::IDBServer::UniqueIDBDatabase::renameIndex):
        (WebCore::IDBServer::UniqueIDBDatabase::putOrAdd):
        (WebCore::IDBServer::UniqueIDBDatabase::getRecord):
        (WebCore::IDBServer::UniqueIDBDatabase::getAllRecords):
        (WebCore::IDBServer::UniqueIDBDatabase::getCount):
        (WebCore::IDBServer::UniqueIDBDatabase::deleteRecord):
        (WebCore::IDBServer::UniqueIDBDatabase::openCursor):
        (WebCore::IDBServer::UniqueIDBDatabase::iterateCursor):
        (WebCore::IDBServer::UniqueIDBDatabase::prefetchCursor):
        (WebCore::IDBServer::UniqueIDBDatabase::commitTransaction):
        (WebCore::IDBServer::UniqueIDBDatabase::abortTransaction):
        (WebCore::IDBServer::UniqueIDBDatabase::didFinishHandlingVersionChange):
        (WebCore::IDBServer::UniqueIDBDatabase::connectionClosedFromClient):
        (WebCore::IDBServer::UniqueIDBDatabase::connectionClosedFromServer):
        (WebCore::IDBServer::UniqueIDBDatabase::enqueueTransaction):
        (WebCore::IDBServer::UniqueIDBDatabase::handleTransactions):
        (WebCore::IDBServer::UniqueIDBDatabase::activateTransactionInBackingStore):
        (WebCore::IDBServer::UniqueIDBDatabase::takeNextRunnableTransaction):
        (WebCore::IDBServer::UniqueIDBDatabase::transactionCompleted):
        (WebCore::IDBServer::UniqueIDBDatabase::immediateCloseForUserDelete):
        (WebCore::IDBServer::UniqueIDBDatabase::abortActiveTransactions):
        (WebCore::IDBServer::UniqueIDBDatabase::close):
        (WebCore::IDBServer::UniqueIDBDatabase::takeNextRunnableRequest):
        (WebCore::IDBServer::UniqueIDBDatabase::hasAnyPendingCallbacks const): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::isVersionChangeInProgress): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::performUnconditionalDeleteBackingStore): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::scheduleShutdownForClose): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::shutdownForClose): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::didShutdownForClose): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::generateUniqueCallbackIdentifier): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::storeCallbackOrFireError): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::performStartVersionChangeTransaction): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::didPerformStartVersionChangeTransaction): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::openBackingStore): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::didOpenBackingStore): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::performCreateObjectStore): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::didPerformCreateObjectStore): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::performDeleteObjectStore): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::didPerformDeleteObjectStore): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::performRenameObjectStore): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::didPerformRenameObjectStore): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::performClearObjectStore): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::didPerformClearObjectStore): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::performCreateIndex): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::didPerformCreateIndex): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::performDeleteIndex): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::didPerformDeleteIndex): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::performRenameIndex): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::didPerformRenameIndex): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::performPutOrAdd): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::didPerformPutOrAdd): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::performGetRecord): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::performGetIndexRecord): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::didPerformGetRecord): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::performGetAllRecords): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::didPerformGetAllRecords): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::performGetCount): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::didPerformGetCount): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::performDeleteRecord): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::didPerformDeleteRecord): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::performOpenCursor): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::didPerformOpenCursor): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::performIterateCursor): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::performPrefetchCursor): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::didPerformIterateCursor): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::prepareToFinishTransaction): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::performCommitTransaction): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::didPerformCommitTransaction): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::performAbortTransaction): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::didPerformAbortTransaction): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::transactionDestroyed): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::confirmDidCloseFromServer): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::isCurrentlyInUse const): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::hasUnfinishedTransactions const): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::invokeOperationAndTransactionTimer): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::operationAndTransactionTimerFired): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::performActivateTransactionInBackingStore): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::didPerformActivateTransactionInBackingStore): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::postDatabaseTask): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::postDatabaseTaskReply): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTask): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTaskReply): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::maybeFinishHardClose): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::isDoneWithHardClose): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::performErrorCallback): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::performKeyDataCallback): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::performGetResultCallback): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::performGetAllResultsCallback): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::performCountCallback): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::forgetErrorCallback): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::abortTransactionOnMainThread): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::commitTransactionOnMainThread): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::suspend): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabase::resume): Deleted.
        * Modules/indexeddb/server/UniqueIDBDatabase.h:
        (WebCore::IDBServer::UniqueIDBDatabase::server):
        (WebCore::IDBServer::UniqueIDBDatabase::hardClosedForUserDelete const): Deleted.
        (): Deleted.

        * Modules/indexeddb/server/UniqueIDBDatabaseConnection.cpp: The callbacks will be called right away, so there
        is no need to keep weak pointers.
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::UniqueIDBDatabaseConnection):
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::~UniqueIDBDatabaseConnection):
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::abortTransactionWithoutCallback):
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::connectionClosedFromClient):
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::didFireVersionChangeEvent):
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::didFinishHandlingVersionChange):
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::establishTransaction):
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::didAbortTransaction):
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::confirmDidCloseFromServer): Deleted.
        * Modules/indexeddb/server/UniqueIDBDatabaseConnection.h:
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::database):
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::server):
        * Modules/indexeddb/server/UniqueIDBDatabaseTransaction.cpp:
        (WebCore::IDBServer::UniqueIDBDatabaseTransaction::UniqueIDBDatabaseTransaction):
        (WebCore::IDBServer::UniqueIDBDatabaseTransaction::~UniqueIDBDatabaseTransaction):
        (WebCore::IDBServer::UniqueIDBDatabaseTransaction::abort):
        (WebCore::IDBServer::UniqueIDBDatabaseTransaction::commit):
        (WebCore::IDBServer::UniqueIDBDatabaseTransaction::createObjectStore):
        (WebCore::IDBServer::UniqueIDBDatabaseTransaction::deleteObjectStore):
        (WebCore::IDBServer::UniqueIDBDatabaseTransaction::renameObjectStore):
        (WebCore::IDBServer::UniqueIDBDatabaseTransaction::clearObjectStore):
        (WebCore::IDBServer::UniqueIDBDatabaseTransaction::createIndex):
        (WebCore::IDBServer::UniqueIDBDatabaseTransaction::deleteIndex):
        (WebCore::IDBServer::UniqueIDBDatabaseTransaction::renameIndex):
        (WebCore::IDBServer::UniqueIDBDatabaseTransaction::putOrAdd):
        (WebCore::IDBServer::UniqueIDBDatabaseTransaction::getRecord):
        (WebCore::IDBServer::UniqueIDBDatabaseTransaction::getAllRecords):
        (WebCore::IDBServer::UniqueIDBDatabaseTransaction::getCount):
        (WebCore::IDBServer::UniqueIDBDatabaseTransaction::deleteRecord):
        (WebCore::IDBServer::UniqueIDBDatabaseTransaction::openCursor):
        (WebCore::IDBServer::UniqueIDBDatabaseTransaction::iterateCursor):
        * Modules/indexeddb/server/UniqueIDBDatabaseTransaction.h:
        (WebCore::IDBServer::UniqueIDBDatabaseTransaction::databaseConnection):
        (WebCore::IDBServer::UniqueIDBDatabaseTransaction::setMainThreadAbortResult):
        (WebCore::IDBServer::UniqueIDBDatabaseTransaction::mainThreadAbortResult const):
        (WebCore::IDBServer::UniqueIDBDatabaseTransaction::setState): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabaseTransaction::state const): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabaseTransaction::setResult): Deleted.
        (WebCore::IDBServer::UniqueIDBDatabaseTransaction::result const): Deleted.
        (): Deleted.
        * Modules/indexeddb/shared/IDBResourceIdentifier.cpp:
        (WebCore::nextServerResourceNumber):
        * loader/EmptyClients.cpp:

2019-12-18  Devin Rousso  <drousso@apple.com>

        Web Inspector: Elements: restrict showing paint flashing and compositing borders to the Web Inspector session
        https://bugs.webkit.org/show_bug.cgi?id=205201

        Reviewed by Timothy Hatcher.

        We often get bugs from users who turn on paint flashing or compositing borders, close Web
        Inspector, reopen Web Inspector, and are then surprised when the page flashes red or these
        borders exist all over the page.

        Given that the dark mode and print styles toggles are limited to the Web Inspector session,
        we should make these have the same behavior.

        * page/Settings.yaml:
        * inspector/agents/InspectorPageAgent.h:
        * inspector/agents/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::getCompositingBordersVisible): Deleted.
        (WebCore::InspectorPageAgent::setCompositingBordersVisible): Deleted.
        Allow Web Inspector to override the `showDebugBorders` and `showRepaintCounter` settings via
        the `inspectorOverride` key, rather than setting them manually via a special `Page` command.

2019-12-18  Tim Horton  <timothy_horton@apple.com>

        macCatalyst: Cursor should update when the platform deems it necessary
        https://bugs.webkit.org/show_bug.cgi?id=205429
        <rdar://problem/57983076>

        Reviewed by Wenson Hsieh.

        * page/EventHandler.h:
        Expose selectCursor for WebKit's use.

2019-12-18  Antoine Quint  <graouts@apple.com>

        Animations stop if new tab opened (and closed)
        https://bugs.webkit.org/show_bug.cgi?id=202360
        <rdar://problem/55923261>

        Reviewed by Dean Jackson.

        In the case where we would have a fill-forwards software animation when an animation that could be
        accelerated started, we would fail to start an accelerated animation because we had no composited
        renderer. However, we would still advertise a state of "running accelerated" and the DocumentTimeline
        would not schedule ticks to run the animation in software.

        We now only schedule accelerated animations once their delay phase is over and the animation is in its
        "active" phase, which helps to only schedule accelerated animations once they actually have an effect
        that is worth accelerating, and reset pending accelerated actions in case we try to start an accelerated
        animation but fail to because we don't have a composited renderer.

        Test: webanimations/animation-of-accelerated-property-after-non-accelerated-property.html

        * animation/KeyframeEffect.cpp:
        (WebCore::KeyframeEffect::apply):
        (WebCore::KeyframeEffect::updateAcceleratedAnimationState):
        (WebCore::KeyframeEffect::applyPendingAcceleratedActions):
        * animation/KeyframeEffect.h:

2019-12-18  Eric Carlson  <eric.carlson@apple.com>

        Remove more unused MediaPlayer methods
        https://bugs.webkit.org/show_bug.cgi?id=205405
        <rdar://problem/58049744>

        Reviewed by Jer Noble.

        No new tests, this just removes unused code.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaPlayerIsInMediaDocument const): Deleted.
        * html/HTMLMediaElement.h:
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::inMediaDocument const): Deleted.
        (WebCore::MediaPlayer::handlePlaybackCommand): Deleted.
        * platform/graphics/MediaPlayer.h:
        (WebCore::MediaPlayerClient::mediaPlayerPlatformVolumeConfigurationRequired const):
        (WebCore::MediaPlayerClient::mediaPlayerHandlePlaybackCommand): Deleted.
        (WebCore::MediaPlayerClient::mediaPlayerIsInMediaDocument const): Deleted.
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
        (WebCore::MediaPlayerPrivateAVFoundation::requestedRate const): Deleted.
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
        (WebCore::MediaPlayerPrivateAVFoundation::metaDataAvailable const):
        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
        (WebCore::MediaPlayerPrivateAVFoundationCF::platformPlay):

2019-12-18  Yury Semikhatsky  <yurys@chromium.org>

        Web Inspector: Runtime.enable reports duplicates (non existent) contexts
        https://bugs.webkit.org/show_bug.cgi?id=204859

        Reviewed by Devin Rousso.

        Do not report main world context as non-main world one when Runtime.enable is called.

        Test: inspector/runtime/executionContextCreated-onEnable.html

        * inspector/agents/page/PageRuntimeAgent.cpp:
        (WebCore::PageRuntimeAgent::enable):
        (WebCore::PageRuntimeAgent::reportExecutionContextCreation):

2019-12-18  Antti Koivisto  <antti@apple.com>

        Optimize Style::Invalidator for multiple RuleSet case
        https://bugs.webkit.org/show_bug.cgi?id=205406

        Reviewed by Zalan Bujtas.

        * style/StyleInvalidator.cpp:
        (WebCore::Style::m_dirtiesAllStyle):
        (WebCore::Style::Invalidator::Invalidator):
        (WebCore::Style::Invalidator::collectRuleInformation):

        Collect bunch of bits so we don't need to traverse again.

        (WebCore::Style::Invalidator::invalidateIfNeeded):

        Bail out when we find a reson to invalidate.

        (WebCore::Style::Invalidator::invalidateStyle):
        (WebCore::Style::Invalidator::invalidateInShadowTreeIfNeeded):
        * style/StyleInvalidator.h:

2019-12-18  Andres Gonzalez  <andresg_22@apple.com>

        AXIsolatedObject support for spin button increment/decrementButton.
        https://bugs.webkit.org/show_bug.cgi?id=205356

        Reviewed by Chris Fleizach.

        Several LayoutTests exercise this functionality.

        - Exposed increment/decrementButton in AXCoreObject in order to
        properly support it in AXIsolatedObject.
        - Used AXCoreObject::increment/decrementButton in the wrapper instead
        of downcasting to an implementation class, which does not work for an
        isolated object.
        - Implemented AXIsolatedObject::isDetachedFromParent.
        - Fixed initialization of AXIsolatedObject::m_parent and m_id.

        * accessibility/AccessibilityObject.h:
        * accessibility/AccessibilityObjectInterface.h:
        * accessibility/AccessibilitySpinButton.h:
        * accessibility/isolatedtree/AXIsolatedTreeNode.cpp:
        (WebCore::AXIsolatedObject::initializeAttributeData):
        (WebCore::AXIsolatedObject::isDetachedFromParent):
        (WebCore::AXIsolatedObject::isAccessibilityScrollView const):
        * accessibility/isolatedtree/AXIsolatedTreeNode.h:
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):

2019-12-18  Zalan Bujtas  <zalan@apple.com>

        [LFC][IFC] LineLayoutContext::m_uncommittedList is not always a continuous list of runs
        https://bugs.webkit.org/show_bug.cgi?id=205404
        <rdar://problem/58049699>

        Reviewed by Antti Koivisto.

        Since LineLayoutContext's m_uncommittedList is not necessarily continuous set of runs (continuous in the content of not having a soft wrap opportunity)
        we can't use LineBreaker's Content struct anymore to store the uncommitted content.
        Let's use a dedicated UncommittedContent struct instead. It also enables us to pass in a const RunList& to the ContinousContent. ContinousContent should never mutate this list.

        * layout/inlineformatting/InlineLineBreaker.cpp:
        (WebCore::Layout::shouldKeepEndOfLineWhitespace):
        (WebCore::Layout::LineBreaker::breakingContextForInlineContent):
        (WebCore::Layout::LineBreaker::ContinousContent::ContinousContent):
        (WebCore::Layout::LineBreaker::ContinousContent::hasTextContentOnly const):
        (WebCore::Layout::LineBreaker::ContinousContent::isVisuallyEmptyWhitespaceContentOnly const):
        (WebCore::Layout::LineBreaker::ContinousContent::firstTextRunIndex const):
        (WebCore::Layout::LineBreaker::ContinousContent::hasNonContentRunsOnly const):
        (WebCore::Layout::LineBreaker::ContinousContent::TrailingCollapsibleContent::reset):
        (WebCore::Layout::LineBreaker::Content::append): Deleted.
        (WebCore::Layout::LineBreaker::Content::reset): Deleted.
        (WebCore::Layout::LineBreaker::Content::shrink): Deleted.
        (WebCore::Layout::LineBreaker::Content::hasTextContentOnly const): Deleted.
        (WebCore::Layout::LineBreaker::Content::isVisuallyEmptyWhitespaceContentOnly const): Deleted.
        (WebCore::Layout::LineBreaker::Content::firstTextRunIndex const): Deleted.
        (WebCore::Layout::LineBreaker::Content::hasNonContentRunsOnly const): Deleted.
        (WebCore::Layout::LineBreaker::Content::TrailingCollapsibleContent::reset): Deleted.
        * layout/inlineformatting/InlineLineBreaker.h:
        (WebCore::Layout::LineBreaker::ContinousContent::runs const):
        (WebCore::Layout::LineBreaker::ContinousContent::isEmpty const):
        (WebCore::Layout::LineBreaker::ContinousContent::size const):
        (WebCore::Layout::LineBreaker::Content::runs): Deleted.
        (WebCore::Layout::LineBreaker::Content::runs const): Deleted.
        (WebCore::Layout::LineBreaker::Content::isEmpty const): Deleted.
        (WebCore::Layout::LineBreaker::Content::size const): Deleted.
        (WebCore::Layout::LineBreaker::Content::width const): Deleted.
        (WebCore::Layout::LineBreaker::Content::nonCollapsibleWidth const): Deleted.
        (WebCore::Layout::LineBreaker::Content::hasTrailingCollapsibleContent const): Deleted.
        (WebCore::Layout::LineBreaker::Content::isTrailingContentFullyCollapsible const): Deleted.
        * layout/inlineformatting/LineLayoutContext.cpp:
        (WebCore::Layout::LineLayoutContext::processUncommittedContent):
        (WebCore::Layout::LineLayoutContext::UncommittedContent::append):
        (WebCore::Layout::LineLayoutContext::UncommittedContent::reset):
        (WebCore::Layout::LineLayoutContext::UncommittedContent::shrink):
        * layout/inlineformatting/LineLayoutContext.h:
        (WebCore::Layout::LineLayoutContext::UncommittedContent::width const):
        (WebCore::Layout::LineLayoutContext::UncommittedContent::size):
        (WebCore::Layout::LineLayoutContext::UncommittedContent::isEmpty):
        (WebCore::Layout::LineLayoutContext::UncommittedContent::runs const):

2019-12-18  youenn fablet  <youenn@apple.com>

        Protect ServiceWorker::postMessage from a null execState
        https://bugs.webkit.org/show_bug.cgi?id=205394
        <rdar://problem/57392221>

        Reviewed by Chris Dumez.

        Crash logs indicate null pointer crashes.
        We should return early in that case.

        * workers/service/ServiceWorker.cpp:
        (WebCore::ServiceWorker::postMessage):

2019-12-18  Zalan Bujtas  <zalan@apple.com>

        [LFC][IFC] LineBreaker::lastSoftWrapOpportunity should take a list of runs
        https://bugs.webkit.org/show_bug.cgi?id=205402
        <rdar://problem/58048310>

        Reviewed by Antti Koivisto.

        LineBreaker::Content is supposed to hold a continuous set of runs and the input to lastSoftWrapOpportunity is not
        necessarily continuous (most of the time it is though). 

        * layout/inlineformatting/InlineLineBreaker.cpp:
        (WebCore::Layout::isContentSplitAllowed):
        (WebCore::Layout::LineBreaker::wrapTextContent const):
        (WebCore::Layout::LineBreaker::tryBreakingTextRun const):
        (WebCore::Layout::LineBreaker::lastSoftWrapOpportunity):
        (WebCore::Layout::LineBreaker::Content::lastSoftWrapOpportunity): Deleted.
        * layout/inlineformatting/InlineLineBreaker.h:
        * layout/inlineformatting/LineLayoutContext.cpp:
        (WebCore::Layout::LineLayoutContext::placeInlineItem):

2019-12-18  youenn fablet  <youenn@apple.com>

        AppCache should request certificate info when loading resources
        https://bugs.webkit.org/show_bug.cgi?id=205393

        Reviewed by Anders Carlsson.

        Covered by existing tests not crashing in Debug with newly added ASSERT.

        * Modules/mediastream/UserMediaController.cpp:
        (WebCore::isSecure):
        ASSERT that certificate info is there.
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::responseReceived):
        ASSERT that certificate info is there.
        * loader/appcache/ApplicationCacheResourceLoader.cpp:
        (WebCore::ApplicationCacheResourceLoader::create):
        Request certificate info for all app cache resources.

2019-12-18  youenn fablet  <youenn@apple.com>

        Add support for Audio Capture in GPUProcess
        https://bugs.webkit.org/show_bug.cgi?id=205056

        Reviewed by Eric Carlson.

        Export some WebCore headers.
        Allow disabling the audio session debug assert in the GPU process.
        No change of behavior.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/mediastream/mac/BaseAudioSharedUnit.cpp:
        (WebCore::BaseAudioSharedUnit::startUnit):
        * platform/mediastream/mac/BaseAudioSharedUnit.h:
        (WebCore::BaseAudioSharedUnit::setDisableAudioSessionCheck):
        * platform/mediastream/mac/MockAudioSharedUnit.h:

2019-12-18  Eric Carlson  <eric.carlson@apple.com>

        Remove unused MediaPlayer methods
        https://bugs.webkit.org/show_bug.cgi?id=205341
        <rdar://problem/58006776>

        Reviewed by Jer Noble.

        No new tests, this just removes unused code.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaLoadingFailedFatally):
        (WebCore::HTMLMediaElement::mediaPlayerSawUnsupportedTracks): Deleted.
        (WebCore::HTMLMediaElement::mediaPlayerSetSize): Deleted.
        (WebCore::HTMLMediaElement::mediaPlayerIsPaused const): Deleted.
        * html/HTMLMediaElement.h:
        * html/HTMLVideoElement.cpp:
        (WebCore::HTMLVideoElement::setDisplayMode):
        * html/MediaDocument.cpp:
        (WebCore::MediaDocument::MediaDocument):
        (WebCore::MediaDocument::~MediaDocument):
        (WebCore::MediaDocument::mediaElementSawUnsupportedTracks): Deleted.
        * html/MediaDocument.h:
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::canLoadPoster const): Deleted.
        (WebCore::MediaPlayer::setPoster): Deleted.
        * platform/graphics/MediaPlayer.h:
        (WebCore::MediaPlayerClient::mediaPlayerContentsScale const):
        (WebCore::MediaPlayerClient::mediaPlayerPlatformVolumeConfigurationRequired const):
        (WebCore::MediaPlayerClient::mediaPlayerSawUnsupportedTracks): Deleted.
        (WebCore::MediaPlayerClient::mediaPlayerSetSize): Deleted.
        (WebCore::MediaPlayerClient::mediaPlayerIsPaused const): Deleted.
        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::setSize):
        (WebCore::MediaPlayerPrivateInterface::canLoadPoster const): Deleted.
        (WebCore::MediaPlayerPrivateInterface::setPoster): Deleted.
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
        (WebCore::MediaPlayerPrivateAVFoundation::setSize): Deleted.
        (WebCore::MediaPlayerPrivateAVFoundation::repaint): Deleted.
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setClosedCaptionsVisible): Deleted.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setSize): Deleted.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:

2019-12-18  Doug Kelly  <dougk@apple.com>

        Ensure transparency layers are properly ended when only painting root background
        https://bugs.webkit.org/show_bug.cgi?id=205285

        Reviewed by Simon Fraser.

        Ensure that if we are in a transparency layer and returning early from paintLayerContents() because of PaintLayerPaintingRootBackgroundOnly, we properly
        reset the transparency state before returning.

        * platform/graphics/GraphicsContext.h:
        (WebCore::GraphicsContextStateStackChecker::~GraphicsContextStateStackChecker):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::paintLayerContents):

2019-12-18  ChangSeok Oh  <changseok@webkit.org>

        [GTK] WebGL backed by ANGLE flickers when USE_OPENGL_ES is enabled.
        https://bugs.webkit.org/show_bug.cgi?id=202508

        Reviewed by Žan Doberšek.

        The color format and internal one of BitmapTextureGL cannot be matched
        where USE_ANGLE_WEBGL and USE_OPENGL_ES are enabled simultaneously.
        This causes the flickering issue on WebGL scene since it prevents TextureMapper
        from recycling available layer buffers due to mismatched color format.
        When ANGLE_WEBGL is enabled, the internal color format is set GL_RGBA8.
        However, that is not compatible to GLES textures. To address this,
        We always make the color format of BitmapTextureGL GL_RGBA,
        and only set its internal color format with a given value.

        No new tests since no functionality changed.

        * platform/graphics/nicosia/texmap/NicosiaGC3DLayer.cpp:
        (Nicosia::GC3DLayer::swapBuffersIfNeeded):
        * platform/graphics/texmap/BitmapTextureGL.cpp:
        (WebCore::BitmapTextureGL::BitmapTextureGL):

2019-12-18  Antti Koivisto  <antti@apple.com>

        Style::Invalidator should be able to invalidate using multiple RuleSets in one pass
        https://bugs.webkit.org/show_bug.cgi?id=205391

        Reviewed by Zalan Bujtas.

        It is inefficient to do multiple passes over DOM if there are multiple RuleSets to invalidate with.

        * style/AttributeChangeInvalidation.cpp:
        (WebCore::Style::AttributeChangeInvalidation::invalidateStyle):

        Collect to a HashMap per MatchElement.

        (WebCore::Style::AttributeChangeInvalidation::invalidateStyleWithRuleSets):

        Call to common invalidation function in Style::Invalidator.

        * style/AttributeChangeInvalidation.h:
        * style/ClassChangeInvalidation.cpp:
        (WebCore::Style::ClassChangeInvalidation::computeInvalidation):
        (WebCore::Style::ClassChangeInvalidation::invalidateStyleWithRuleSets):

        Same for classes.

        * style/ClassChangeInvalidation.h:
        * style/StyleInvalidator.cpp:
        (WebCore::Style::Invalidator::Invalidator):

        Take a Vector of RuleSets.

        (WebCore::Style::Invalidator::invalidateIfNeeded):

        Loop as needed.

        (WebCore::Style::Invalidator::invalidateStyle):
        (WebCore::Style::Invalidator::invalidateInShadowTreeIfNeeded):
        (WebCore::Style::Invalidator::invalidateWithMatchElementRuleSets):

        Factor the invalidation loop and HashMap to Invalidator.

        * style/StyleInvalidator.h:

2019-12-18  Simon Fraser  <simon.fraser@apple.com>

        Move m_exposedContentRect into the DelegatedScrollingGeometry optional
        https://bugs.webkit.org/show_bug.cgi?id=205377

        Reviewed by Tim Horton.

        ScrollView's m_exposedContentRect is only set for delegated scrolling, so move it into
        DelegatedScrollingGeometry and remove the iOS #ifdefs around it. Move the WAK/NSView-related
        code into platformExposedContentRect() for iOS WK1. Stub out exposedContentRect() functions
        on TiledCoreAnimationDrawingArea.        

        * platform/ScrollView.cpp:
        (WebCore::ScrollView::exposedContentRect const):
        (WebCore::ScrollView::setExposedContentRect):
        (WebCore::ScrollView::platformExposedContentRect const):
        * platform/ScrollView.h:
        * platform/ios/ScrollViewIOS.mm:
        (WebCore::ScrollView::platformExposedContentRect const):
        (WebCore::ScrollView::exposedContentRect const): Deleted.
        (WebCore::ScrollView::setExposedContentRect): Deleted.

2019-12-18  Chris Dumez  <cdumez@apple.com>

        REGRESSION: 32 Tests Crashing on Mac Debug wk2 with ASSERTION FAILED: m_pendingActivityForEventDispatch
        https://bugs.webkit.org/show_bug.cgi?id=205397
        <rdar://problem/58043626>

        Unreviewed, fix debug assertion after r253667. The debug assertion is confused because we now use
        the HTML5 event loop, which takes care of taking an ActiveDOMObject PendingActivity whenever we
        queue an event.

        * workers/service/ServiceWorkerRegistration.cpp:
        (WebCore::ServiceWorkerRegistration::ServiceWorkerRegistration):
        (WebCore::ServiceWorkerRegistration::getNewestWorker const):
        (WebCore::ServiceWorkerRegistration::updateStateFromServer):
        (WebCore::ServiceWorkerRegistration::queueTaskToFireUpdateFoundEvent):
        (WebCore::ServiceWorkerRegistration::stop):
        (WebCore::ServiceWorkerRegistration::hasPendingActivity const):
        (WebCore::ServiceWorkerRegistration::getNewestWorker): Deleted.
        (WebCore::ServiceWorkerRegistration::updatePendingActivityForEventDispatch): Deleted.
        * workers/service/ServiceWorkerRegistration.h:

2019-12-18  Diego Pino Garcia  <dpino@igalia.com>

        [GTK][WPE] Renderization of Conic gradients
        https://bugs.webkit.org/show_bug.cgi?id=202739

        Reviewed by Carlos Alberto Lopez Perez.

        * platform/graphics/cairo/GradientCairo.cpp:
        (WebCore::Gradient::createPlatformGradient): Add support for conic gradient.
        (WebCore::addColorStopRGBA): Refactored code to a function.
        (WebCore::createConic): Creates a conic gradient.
        (WebCore::addConicSector): Adds a sector to a conic gradient.
        (WebCore::setCornerColorRGBA): Sets a RGBA color to mesh patch.
        (WebCore::interpolateColorStop): Offset and RGBA color interpolation.

2019-12-18  Zalan Bujtas  <zalan@apple.com>

        [LFC][IFC] LineBreaker::isAtSoftWrapOpportunity should return the wrap position
        https://bugs.webkit.org/show_bug.cgi?id=205371
        <rdar://problem/58029811>

        Reviewed by Antti Koivisto.

        Rename isAtSoftWrapOpportunity to lastSoftWrapOpportunity to reflect that it returns the last soft wrap
        opportunity index.

        * layout/inlineformatting/InlineLineBreaker.cpp:
        (WebCore::Layout::LineBreaker::Content::lastSoftWrapOpportunity):
        (WebCore::Layout::LineBreaker::Content::append):
        (WebCore::Layout::LineBreaker::Content::isAtSoftWrapOpportunity): Deleted.
        * layout/inlineformatting/InlineLineBreaker.h:
        * layout/inlineformatting/LineLayoutContext.cpp:
        (WebCore::Layout::LineLayoutContext::placeInlineItem):

2019-12-18  Zalan Bujtas  <zalan@apple.com>

        [LFC][IFC] Add lastInlineItemWithContent to LineBreaker::Content::isAtSoftWrapOpportunity
        https://bugs.webkit.org/show_bug.cgi?id=205362
        <rdar://problem/58025349>

        Reviewed by Antti Koivisto.

        This is in preparation for being able to return a previous run index as the soft wrapping opportunity.

        * layout/inlineformatting/InlineLineBreaker.cpp:
        (WebCore::Layout::endsWithSoftWrapOpportunity):
        (WebCore::Layout::LineBreaker::Content::isAtSoftWrapOpportunity):

2019-12-18  Dean Jackson  <dino@apple.com>

        Reverting libANGLE.a -> libANGLE-shared.dylib.

        The internal Apple build systems are still unhappy with
        this change, so I'm reverting it until I can be sure
        they'll accept it.

        * Configurations/WebCore.xcconfig:
        * Configurations/WebCoreTestSupport.xcconfig:
        * platform/graphics/ANGLEWebKitBridge.cpp:
        (WebCore::ANGLEWebKitBridge::ANGLEWebKitBridge):
        (WebCore::ANGLEWebKitBridge::cleanupCompilers):
        (WebCore::ANGLEWebKitBridge::compileShaderSource):
        (WebCore::ANGLEWebKitBridge::angleAvailable): Deleted.
        * platform/graphics/ANGLEWebKitBridge.h:
        * platform/graphics/cocoa/GraphicsContext3DCocoa.mm:
        (WebCore::GraphicsContext3D::GraphicsContext3D):

2019-12-18  Chris Lord  <clord@igalia.com>

        Missing headers in worker files cause random build failures when adding new files
        https://bugs.webkit.org/show_bug.cgi?id=205385

        Reviewed by Youenn Fablet.

        No new tests, no behavioral changes.

        * workers/service/context/ServiceWorkerThreadProxy.cpp:
        * workers/service/server/SWServerRegistration.cpp:

2019-12-18  Chris Lord  <clord@igalia.com>

        [GTK][WPE] OffscreenCanvas worker tests that call drawImage crash in debug builds
        https://bugs.webkit.org/show_bug.cgi?id=205339

        Reviewed by Carlos Garcia Campos.

        Don't unnecessarily create an Image object in the Cairo graphics
        backend when using drawImage/drawPattern. Doing so calls code that
        isn't safe to use off-main-thread and causes OffscreenCanvas worker
        tests to crash in debug builds.

        No new tests, no behavioral changes.

        * platform/graphics/cairo/ImageBufferCairo.cpp:
        (WebCore::cairoSurfaceCopy):
        (WebCore::cairoSurfaceCoerceToImage):
        (WebCore::ImageBuffer::draw):
        (WebCore::ImageBuffer::drawPattern):

2019-12-17  Simon Fraser  <simon.fraser@apple.com>

        Remove iOS #ifdefs around unobscuredContentSize
        https://bugs.webkit.org/show_bug.cgi?id=205372

        Reviewed by Tim Horton.

        Long-term, all of the ScrollView geometry data related to delegated scrolling
        will move to Optional<DelegatedScrollingGeometry> m_delegatedScrollingGeometry
        and not be wrapped in platform #ifdefs.

        Take the first step of moving unobscuredContentSize into that struct.

        I added platformUnobscuredContentRect() to handle the iOS WK1 case, called 
        when there is a platform widget.
        
        m_fixedVisibleContentRect is only used by coördinated graphics.

        * page/FrameView.cpp:
        (WebCore::FrameView::unobscuredContentSizeChanged):
        * page/FrameView.h:
        * platform/ScrollView.cpp:
        (WebCore::ScrollView::unobscuredContentSize const):
        (WebCore::ScrollView::setUnobscuredContentSize):
        (WebCore::ScrollView::unobscuredContentRect const):
        (WebCore::ScrollView::platformVisibleContentRect const):
        (WebCore::ScrollView::platformVisibleContentSize const):
        (WebCore::ScrollView::platformVisibleContentRectIncludingObscuredArea const):
        (WebCore::ScrollView::platformVisibleContentSizeIncludingObscuredArea const):
        (WebCore::ScrollView::platformUnobscuredContentRect const):
        * platform/ScrollView.h:
        (WebCore::ScrollView::unobscuredContentSize const): Deleted.
        * platform/ios/ScrollViewIOS.mm:
        (WebCore::ScrollView::platformUnobscuredContentRect const):
        (WebCore::ScrollView::unobscuredContentRect const): Deleted.
        (WebCore::ScrollView::setUnobscuredContentSize): Deleted.
        * platform/mac/ScrollViewMac.mm:
        (WebCore::ScrollView::platformUnobscuredContentRect const):

2019-12-17  Chris Dumez  <cdumez@apple.com>

        Port service worker code to the HTML5 event loop
        https://bugs.webkit.org/show_bug.cgi?id=205359

        Reviewed by Ryosuke Niwa.

        Port service worker code to the HTML5 event loop. We were mixing using the HTML5 event loop and ScriptExecutionContext::postTask().
        This would cause test flakiness because tasks posted via thsse 2 mechanisms could get processed out of order, even though the
        service worker specification guarantees a specific ordering.

        The new pattern is that we only use WorkerRunLoop::postTask() to hop to the worker thread from the main thread, and not for any work
        specified in the service workers specification. Whenever the service workers specifications to "queue a task", we now queue a task
        on the ScriptExecutionContext's event loop, with the specified TaskSource.

        No new tests, updated existing test.

        * dom/ScriptExecutionContext.cpp:
        * dom/ScriptExecutionContext.h:
        * workers/service/SWClientConnection.cpp:
        (WebCore::dispatchToContextThreadIfNecessary):
        (WebCore::SWClientConnection::postTaskForJob):
        (WebCore::SWClientConnection::updateRegistrationState):
        (WebCore::SWClientConnection::updateWorkerState):
        (WebCore::SWClientConnection::fireUpdateFoundEvent):
        (WebCore::SWClientConnection::notifyClientsOfControllerChange):
        (WebCore::SWClientConnection::clearPendingJobs):
        * workers/service/ServiceWorker.cpp:
        (WebCore::ServiceWorker::updateState):
        * workers/service/ServiceWorker.h:
        * workers/service/ServiceWorkerContainer.cpp:
        (WebCore::ServiceWorkerContainer::updateRegistrationState):
        (WebCore::ServiceWorkerContainer::updateWorkerState):
        (WebCore::ServiceWorkerContainer::queueTaskToFireUpdateFoundEvent):
        (WebCore::ServiceWorkerContainer::queueTaskToDispatchControllerChangeEvent):
        * workers/service/ServiceWorkerContainer.h:
        * workers/service/ServiceWorkerRegistration.cpp:
        (WebCore::ServiceWorkerRegistration::queueTaskToFireUpdateFoundEvent):
        * workers/service/ServiceWorkerRegistration.h:
        * workers/service/context/SWContextManager.cpp:
        (WebCore::SWContextManager::postMessageToServiceWorker):
        (WebCore::SWContextManager::fireInstallEvent):
        (WebCore::SWContextManager::fireActivateEvent):
        * workers/service/context/ServiceWorkerThread.cpp:
        (WebCore::ServiceWorkerThread::queueTaskToFireFetchEvent):
        (WebCore::ServiceWorkerThread::queueTaskToPostMessage):
        (WebCore::ServiceWorkerThread::queueTaskToFireInstallEvent):
        (WebCore::ServiceWorkerThread::queueTaskToFireActivateEvent):
        * workers/service/context/ServiceWorkerThread.h:
        * workers/service/context/ServiceWorkerThreadProxy.cpp:
        (WebCore::ServiceWorkerThreadProxy::notifyNetworkStateChange):
        (WebCore::ServiceWorkerThreadProxy::startFetch):

2019-12-17  Chris Dumez  <cdumez@apple.com>

        Unreviewed, revert r253493 because it broke an Apple internal site

        * html/HTMLFormElement.cpp:
        (WebCore::HTMLFormElement::submit):
        * html/HTMLFormElement.h:
        * loader/FormSubmission.h:
        (WebCore::FormSubmission::cancel): Deleted.
        (WebCore::FormSubmission::wasCancelled const): Deleted.
        * loader/NavigationScheduler.cpp:

2019-12-17  Fujii Hironori  <fujii.hironori@gmail.com>

        [cairo] text-align:justify wrongly expands CJK ideograph characters
        https://bugs.webkit.org/show_bug.cgi?id=205321

        Reviewed by Carlos Garcia Campos.

        Even though canExpandAroundIdeographsInComplexText of
        FontCairoHarfbuzzNG.cpp returns false, ComplexTextController
        doesn't take it account. It ends up to expanding all ideographs
        with a undesired expansion width.

        WidthIterator properly checks canExpandAroundIdeographsInComplexText.
        ComplexTextController also should do so.

        * platform/graphics/ComplexTextController.cpp:
        (WebCore::ComplexTextController::adjustGlyphsAndAdvances): Check canExpandAroundIdeographsInComplexText.
        * platform/graphics/FontCascade.h: Friend with ComplexTextController to allow calling canExpandAroundIdeographsInComplexText.

2019-12-17  Brent Fulgham  <bfulgham@apple.com>

        Limit URL to reasonable size
        https://bugs.webkit.org/show_bug.cgi?id=203825
        <rdar://problem/56878680>

        Reviewed by Ryosuke Niwa.

        * page/SecurityOrigin.cpp:
        (WebCore::SecurityOrigin::canDisplay const): Place an upper bound on the amount of
        memory a URL may consume.

2019-12-17  Eric Carlson  <eric.carlson@apple.com>

        Add remote media player methods for prepareToPlay, preload, private browsing mode, preserves pitch, and failed to load
        https://bugs.webkit.org/show_bug.cgi?id=205351
        <rdar://problem/58018451>

        Reviewed by Jer Noble.

        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::remoteEngineFailedToLoad):
        * platform/graphics/MediaPlayer.h:

2019-12-17  Kate Cheney  <katherine_cheney@apple.com>

        Add run-time flag for in-app browser privacy
        https://bugs.webkit.org/show_bug.cgi?id=205288
        <rdar://problem/57569206>

        Reviewed by John Wilander.

        * page/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::setInAppBrowserPrivacyEnabled):
        (WebCore::RuntimeEnabledFeatures::isInAppBrowserPrivacyEnabled const):
        * page/Settings.yaml:

2019-12-17  Ryosuke Niwa  <rniwa@webkit.org>

        executeIfJavaScriptURL should check requester's security origin
        https://bugs.webkit.org/show_bug.cgi?id=205324

        Reviewed by Brent Fulgham.

        Don't execute the JavaScript in ScriptController::executeIfJavaScriptURL if the security origin
        of the current document is no longer accessible from the request originator's security origin.

        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::executeIfJavaScriptURL): Added a check.
        * bindings/js/ScriptController.h:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::urlSelected): Pass around the security origin of the requester.
        (WebCore::FrameLoader::submitForm):

2019-12-16  Ryosuke Niwa  <rniwa@webkit.org>

        Document::setFocusedElement should not set m_focusedElement to an element in another document
        https://bugs.webkit.org/show_bug.cgi?id=205325

        Reviewed by Wenson Hsieh.

        Added an early exit for when the newly focused element had moved
        while blurring the previously focused element.

        * dom/Document.cpp:
        (WebCore::Document::setFocusedElement):

2019-12-17  James Darpinian  <jdarpinian@chromium.org>

        Fix WebGL conformance test build_177_to_178.html with USE_ANGLE
        https://bugs.webkit.org/show_bug.cgi?id=204927

        Disable ANGLE_texture_rectangle when compiling user shaders.
        This mirrors a change I made to Chromium here:
        https://chromium-review.googlesource.com/c/chromium/src/+/1842223

        Reviewed by Dean Jackson.

        * platform/graphics/angle/GraphicsContext3DANGLE.cpp:
        (WebCore::GraphicsContext3D::compileShader):

2019-12-17  Tim Horton  <timothy_horton@apple.com>

        macCatalyst: Cursor should update on mouse movement and style change
        https://bugs.webkit.org/show_bug.cgi?id=205317
        <rdar://problem/46793696>

        Reviewed by Anders Carlsson.

        * Configurations/WebCore.xcconfig:
        Link AppKit for NSCursor.

        * SourcesCocoa.txt:
        Remove CursorIOS.cpp.
        De-unify CursorMac; because it imports AppKit headers, we have to
        take care to make sure it doesn't also get WAK (which it does if you
        leave it unified).

        * WebCore.xcodeproj/project.pbxproj:
        Remove CursorIOS.cpp and de-unify CursorMac (by adding it to the target)

        * loader/EmptyClients.h:
        * page/Chrome.cpp:
        (WebCore::Chrome::setCursor):
        (WebCore::Chrome::setCursorHiddenUntilMouseMoves):
        Unifdef many things.

        * page/ChromeClient.h:
        (WebCore::ChromeClient::supportsSettingCursor):
        Add a ChromeClient bit, supportsSettingCursor, which can be used
        to guard work that shouldn't happen if a platform doesn't support
        pushing cursor updates out from WebCore. This will be true everywhere
        except iOS, and does the work of the old platform ifdefs.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::EventHandler):
        (WebCore::EventHandler::clear):
        (WebCore::EventHandler::updateCursor):
        (WebCore::EventHandler::selectCursor):
        (WebCore::EventHandler::handleMouseMoveEvent):
        (WebCore::EventHandler::scheduleCursorUpdate):
        * page/EventHandler.h:
        * platform/Cursor.cpp:
        * platform/Cursor.h:
        Unifdef, and use supportsSettingCursor to avoid some unnecessary work.

        * platform/ios/CursorIOS.cpp: Removed.
        * platform/ios/WidgetIOS.mm:
        (WebCore::Widget::setCursor):
        Propagate cursor changes upwards.

        * platform/mac/CursorMac.mm:
        (WebCore::cursor):
        (WebCore::Cursor::ensurePlatformCursor const):
        CursorMac is now built in macCatalyst. However, parts that depend
        on HIServices or NSImage are #ifdeffed out, and fall back to an arrow.

2019-12-17  Antti Koivisto  <antti@apple.com>

        REGRESSION: ASSERTION FAILED: FontCache::singleton().generation() == m_generation
        https://bugs.webkit.org/show_bug.cgi?id=204933
        <rdar://problem/57458432>

        Reviewed by Zalan Bujtas.

        Test: fast/shadow-dom/font-cache-invalidation.html

        When font cache version number is bumped we need to invalidate matches declarations caches because
        they may now contain stale font references. The code to do this failed to look into shadow trees.

        * dom/Document.cpp:
        (WebCore::Document::invalidateMatchedPropertiesCacheAndForceStyleRecalc):
        * style/StyleScope.cpp:
        (WebCore::Style::Scope::invalidateMatchedDeclarationsCache):

        Also invalidate the shadow trees.

        * style/StyleScope.h:

2019-12-17  Zalan Bujtas  <zalan@apple.com>

        [LFC][Painting] Add basic support for z-index based painting
        https://bugs.webkit.org/show_bug.cgi?id=205345
        <rdar://problem/58010942>

        Reviewed by Antti Koivisto.

        This is just a very simple z-index based painting to be able to run WPT where
        z-index is heavily used to hide/reveal red/green boxes.

        * layout/displaytree/DisplayPainter.cpp:
        (WebCore::Display::absoluteDisplayBox):
        (WebCore::Display::isPaintRootCandidate):
        (WebCore::Display::paintSubtree):
        (WebCore::Display::collectPaintRootsAndContentRect):
        (WebCore::Display::Painter::paint):
        (WebCore::Display::paintBoxDecorationAndChildren): Deleted.

2019-12-17  youenn fablet  <youenn@apple.com>

        Update session category in MockAudioSharedUnit as done in CoreAudioSharedUnit
        https://bugs.webkit.org/show_bug.cgi?id=205328

        Reviewed by Eric Carlson.

        We were updating the audio session when starting capturing with the CoreAudioSharedUnit
        but not with the MockAudioSharedUnit.
        Refactor the code to update the audio session in the base class BaseAudioSharedUnit.
        Share more code between start and resume case in BaseAudioSharedUnit.

        Covered by platform/ios/mediastream/audio-muted-in-background-tab.html in Debug.

        * platform/mediastream/mac/BaseAudioSharedUnit.cpp:
        (WebCore::BaseAudioSharedUnit::startProducingData):
        (WebCore::BaseAudioSharedUnit::startUnit):
        (WebCore::BaseAudioSharedUnit::resume):
        * platform/mediastream/mac/BaseAudioSharedUnit.h:
        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioSharedUnit::startInternal):
        * platform/mediastream/mac/MockAudioSharedUnit.mm:
        (WebCore::MockAudioSharedUnit::startInternal):

2019-12-17  Thibault Saunier  <tsaunier@igalia.com>

        [GStreamer][WPE] Fix regressions related to our 'Fix GStreamer capturer mock' patch
        https://bugs.webkit.org/show_bug.cgi?id=205270

        MockGStreamerAudioCaptureSource rightfully defaults to echoCancellation=True,
        see https://bugs.webkit.org/show_bug.cgi?id=205057

        Reviewed by Philippe Normand.

        This fixes existing tests

        * platform/mediastream/gstreamer/MockGStreamerAudioCaptureSource.cpp:
        (WebCore::WrappedMockRealtimeAudioSource::addHum):

2019-12-17  Antti Koivisto  <antti@apple.com>

        Resolve dynamic media queries without reconstructing RuleSets
        https://bugs.webkit.org/show_bug.cgi?id=205264

        Reviewed by Zalan Bujtas.

        We currently do a full style resolver reset whenever a media query result changes. This is very inefficient
        as we need to reconstuct all RuleSets and optimization structures. We also lose related caches and are forced
        to re-resolve full document style. This may happen frequently, for example when resizing window on a responsive
        web site.

        With this patch we construct RuleDatas also for non-matching dynamic media queries and simply mark them disabled.
        We create a data structure that allows enabling and disabling them efficiently as a response to environment changes
        (like view resize). This allows us to avoid throwing away anything during common scenarios.

        Test: fast/media/media-query-dynamic-with-font-face.html

        * css/MediaQueryEvaluator.cpp:
        (WebCore::MediaQueryEvaluator::evaluate const):

        Add a mode where dynamic media queries all evaluate to true and only static properties can cause the query to fail.

        * css/MediaQueryEvaluator.h:
        * style/ElementRuleCollector.cpp:
        (WebCore::Style::ElementRuleCollector::collectMatchingRulesForList):

        Skip disabled rules during rule collection.

        * style/RuleData.cpp:
        (WebCore::Style::RuleData::RuleData):
        * style/RuleData.h:
        (WebCore::Style::RuleData::isEnabled const):
        (WebCore::Style::RuleData::setEnabled):

        Add a bit.

        * style/RuleSet.cpp:
        (WebCore::Style::RuleSet::addRule):

        Collect positions of rules affected by dynamic media queries.

        (WebCore::Style::RuleSet::addPageRule):
        (WebCore::Style::RuleSet::addChildRules):
        (WebCore::Style::RuleSet::addRulesFromSheet):

        First check for a special case where we have style resolver mutating rules (like @font-face) inside a media query.
        In this case we fall back to static resolution.

        Then collect the rules. Static media queries (print etc) are evaluated right away, dynamic ones are collected by MediaQueryCollector.

        (WebCore::Style::RuleSet::addStyleRule):
        (WebCore::Style::RuleSet::traverseRuleDatas):
        (WebCore::Style::RuleSet::evaluteDynamicMediaQueryRules):

        Evaluate media queries for changes and flip the enabled state of the rules if needed.

        (WebCore::Style::RuleSet::MediaQueryCollector::pushAndEvaluate):
        (WebCore::Style::RuleSet::MediaQueryCollector::pop):
        (WebCore::Style::RuleSet::MediaQueryCollector::didMutateResolver):
        (WebCore::Style::RuleSet::MediaQueryCollector::addRulePositionIfNeeded):
        * style/RuleSet.h:
        (WebCore::Style::RuleSet::hasViewportDependentMediaQueries const):
        * style/StyleResolver.cpp:
        (WebCore::Style::Resolver::hasViewportDependentMediaQueries const):
        (WebCore::Style::Resolver::evaluateDynamicMediaQueries):
        (WebCore::Style::Resolver::addMediaQueryDynamicResults): Deleted.
        (WebCore::Style::Resolver::hasMediaQueriesAffectedByViewportChange const): Deleted.
        (WebCore::Style::Resolver::hasMediaQueriesAffectedByAccessibilitySettingsChange const): Deleted.
        (WebCore::Style::Resolver::hasMediaQueriesAffectedByAppearanceChange const): Deleted.

        Profiling doesn't show any need to handle the cases separately. Replace with single evaluateDynamicMediaQueries path.
        We can bring type specific paths back easily if needed.

        * style/StyleResolver.h:
        (WebCore::Style::Resolver::hasViewportDependentMediaQueries const): Deleted.
        (WebCore::Style::Resolver::hasAccessibilitySettingsDependentMediaQueries const): Deleted.
        (WebCore::Style::Resolver::hasAppearanceDependentMediaQueries const): Deleted.
        * style/StyleScope.cpp:
        (WebCore::Style::Scope::evaluateMediaQueriesForViewportChange):
        (WebCore::Style::Scope::evaluateMediaQueriesForAccessibilitySettingsChange):
        (WebCore::Style::Scope::evaluateMediaQueriesForAppearanceChange):

        Call into general evaluateDynamicMediaQueries.

        (WebCore::Style::Scope::evaluateMediaQueries):

        In normal case we can just invalidate style, not throw everything away.
        This can be further improved by adding optimization rule sets.

        * style/StyleScopeRuleSets.cpp:
        (WebCore::Style::ScopeRuleSets::updateUserAgentMediaQueryStyleIfNeeded const):
        (WebCore::Style::ScopeRuleSets::initializeUserStyle):
        (WebCore::Style::ScopeRuleSets::collectRulesFromUserStyleSheets):
        (WebCore::Style::makeRuleSet):
        (WebCore::Style::ScopeRuleSets::hasViewportDependentMediaQueries const):
        (WebCore::Style::ScopeRuleSets::evaluteDynamicMediaQueryRules):
        (WebCore::Style::ScopeRuleSets::appendAuthorStyleSheets):
        (WebCore::Style::ensureInvalidationRuleSets):
        * style/StyleScopeRuleSets.h:

2019-12-17  youenn fablet  <youenn@apple.com>

        FileList should be exposed to workers
        https://bugs.webkit.org/show_bug.cgi?id=204074

        Reviewed by Chris Dumez.

        Covered by rebased test.

        * fileapi/FileList.idl:

2019-12-16  Joonghun Park  <jh718.park@samsung.com>

        Unreviewed. Remove the build warnings below since r253488.
        warning: unused parameter ‘foo’ [-Wunused-parameter]

        No new tests, no behavioral changes.

        * testing/Internals.cpp:
        (WebCore::Internals::hasSandboxMachLookupAccessToXPCServiceName):

2019-12-16  Said Abou-Hallawa  <sabouhallawa@apple.com>

        WebGLRenderingContext.texImage2D() should respect EXIF orientation
        https://bugs.webkit.org/show_bug.cgi?id=205141

        Reviewed by Simon Fraser.

        If image orientation is not the default, WebGLRenderingContext.texImage2D()
        needs to draw this image into an ImageBuffer, makes a temporary Image
        from the ImageBuffer then draw this temporary Image to the WebGL texture.

        Test: fast/images/exif-orientation-webgl-texture.html

        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::texSubImage2D):
        (WebCore::WebGLRenderingContextBase::texImage2D):
        * platform/graphics/BitmapImage.h:
        * platform/graphics/Image.h:
        (WebCore::Image::orientation const):

2019-12-16  Simon Fraser  <simon.fraser@apple.com>

        Change 'delegatesPageScaling' from a Setting to a flag on ScrollView
        https://bugs.webkit.org/show_bug.cgi?id=205319

        Reviewed by Tim Horton.

        delegatesPageScaling() is never toggled at runtime (even by tests), and it should
        be a flag on FrameView just like delegatesScrolling (maybe in future the flags can merge).

        So remove the Setting, and have DrawingArea control whether page scaling is delegated.
        
        In WebKit1, WebFrameLoaderClient::transitionToCommittedForNewPage() turns on delegated
        page scaling for iOS.

        * page/Frame.cpp:
        (WebCore::Frame::frameScaleFactor const):
        * page/FrameSnapshotting.cpp:
        (WebCore::snapshotFrameRectWithClip):
        * page/FrameView.cpp:
        (WebCore::FrameView::visibleContentScaleFactor const):
        * page/Page.cpp:
        (WebCore::Page::setPageScaleFactor):
        * page/Settings.yaml:
        * platform/ScrollView.cpp:
        (WebCore::ScrollView::setDelegatesPageScaling):
        * platform/ScrollView.h:
        (WebCore::ScrollView::delegatesPageScaling const):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::addToOverlapMap const):

2019-12-16  Ryosuke Niwa  <rniwa@webkit.org>

        TextManipulationController should observe newly inserted or displayed contents
        https://bugs.webkit.org/show_bug.cgi?id=205203
        <rdar://problem/56567020>

        Reviewed by Wenson Hsieh.

        This patch makes TextManipulationController detect newly inserted or displayed contents and invoke
        the callbacks with the newly found items.

        To do this, we add a new WeakHashSet to TextManipulationController to which an element is added
        whenever its renderer is created. Because it's expensive (and not safe) to find paragraphs around
        a newly inserted content, we schedule a new event loop task to do this work.

        To find newly inserted paragraphs, we first expand the element's boundary to its start and end of
        paragraphs. Because each element in this paragraph could have been added in the weak hash set, we
        use hash map to de-duplicate start and end positions. We also filter out any element whose parent
        is also in the weak hash set since they would simply find inner paragraphs.

        Tests: TextManipulation.StartTextManipulationFindNewlyInsertedParagraph
               TextManipulation.StartTextManipulationFindNewlyDisplayedParagraph
               TextManipulation.StartTextManipulationFindSameParagraphWithNewContent

        * dom/TaskSource.h:
        (WebCore::TaskSource::InternalAsyncTask): Added.
        * editing/TextManipulationController.cpp:
        (WebCore::TextManipulationController::startObservingParagraphs):
        (WebCore::TextManipulationController::observeParagraphs): Extracted out of startObservingParagraphs.
        (WebCore::TextManipulationController::didCreateRendererForElement): Added. Gets called whenever
        a new RenderElement is created.
        (WebCore::makePositionTuple): Added.
        (WebCore::makeHashablePositionRange): Added.
        (WebCore::TextManipulationController::scheduleObservartionUpdate): Added.
        * editing/TextManipulationController.h:
        * rendering/updating/RenderTreeUpdater.cpp:
        (WebCore::RenderTreeUpdater::createRenderer):

2019-12-16  Daniel Bates  <dabates@apple.com>

        Reproducible case of backwards nextParagraph returning a position ahead of the input position
        https://bugs.webkit.org/show_bug.cgi?id=196127
        <rdar://problem/49135890>

        Reviewed by Wenson Hsieh.

        Fix up the code to handle:

                1. When the specified position is at a paragraph boundary.
                        For this case, we do what we do now for the !withinUnitOfGranularity case.
                2. When the specified position is actually inside a paragraph:
                        For this case, we need to return the end of the previous paragraph or the
                        start of the next paragraph depending on wh