ChangeLog-2020-04-10   [plain text]


2020-04-09  Simon Fraser  <simon.fraser@apple.com>

        [Async overflow scrolling] Vertical scrolls over a horizontally scrollable overflow are captured
        https://bugs.webkit.org/show_bug.cgi?id=210320

        Reviewed by Tim Horton.

        This patch adds somewhat more sophisticated latching logic to the scrolling thread, which
        fixes the inability to vertically scroll if the mouse is over an enclosed horizontal scroller.
        
        ScrollingTree owns a ScrollingTreeLatchingController, which determines when to latch and clear
        latching. Latch clearing uses a 100ms delay (like main thread latching) so that a starting gesture
        soon after another gesture, whose initial x and y are small, goes to the same scroller as before.
        
        Scrolling tree latching works as follows. When we receive a scroll event which allows use of the
        latched node, and there is a latched node, send the event directly to that node. Otherwise,
        hit-test to find the most deeply nested scroll target. Traverse up the parent chain giving each node
        an opportunity to handle the event. If handled by a node, that node becomes the latched node.
        
        ScrollingTree no longer tracks the latched node itself.

        Tests: scrollingcoordinator/mac/latching/horizontal-overflow-back-swipe.html
               scrollingcoordinator/mac/latching/horizontal-overflow-in-vertical-overflow.html

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * page/scrolling/ScrollingTree.cpp:
        (WebCore::ScrollingTree::shouldHandleWheelEventSynchronously):
        (WebCore::ScrollingTree::handleWheelEvent):
        (WebCore::ScrollingTree::commitTreeState):
        (WebCore::ScrollingTree::latchedNodeID const):
        (WebCore::ScrollingTree::clearLatchedNode):
        (WebCore::ScrollingTree::mainFrameScrollPosition const):
        (WebCore::ScrollingTree::scrollingTreeAsText):
        (WebCore::ScrollingTree::setOrClearLatchedNode): Deleted.
        (WebCore::ScrollingTree::latchedNode): Deleted.
        (WebCore::ScrollingTree::setLatchedNode): Deleted.
        * page/scrolling/ScrollingTree.h:
        (WebCore::ScrollingTree::hasLatchedNode const): Deleted.
        * page/scrolling/ScrollingTreeLatchingController.cpp: Added.
        (WebCore::ScrollingTreeLatchingController::receivedWheelEvent):
        (WebCore::ScrollingTreeLatchingController::latchedNodeForEvent const):
        (WebCore::ScrollingTreeLatchingController::latchedNodeID const):
        (WebCore::ScrollingTreeLatchingController::nodeDidHandleEvent):
        (WebCore::ScrollingTreeLatchingController::nodeWasRemoved):
        (WebCore::ScrollingTreeLatchingController::clearLatchedNode):
        * page/scrolling/ScrollingTreeLatchingController.h: Added.
        * page/scrolling/ScrollingTreeScrollingNode.cpp:
        (WebCore::ScrollingTreeScrollingNode::isLatchedNode const):
        (WebCore::ScrollingTreeScrollingNode::canScrollWithWheelEvent const):
        (WebCore::ScrollingTreeScrollingNode::scrollLimitReached const):
        * page/scrolling/ScrollingTreeScrollingNode.h:
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
        (WebCore::ScrollingTreeFrameScrollingNodeMac::handleWheelEvent):
        * page/scrolling/mac/ScrollingTreeOverflowScrollingNodeMac.mm:
        (WebCore::ScrollingTreeOverflowScrollingNodeMac::handleWheelEvent):

2020-04-10  Simon Fraser  <simon.fraser@apple.com>

        Hit-testing a WebTiledBackingLayer with an animation asserts
        https://bugs.webkit.org/show_bug.cgi?id=210318

        Reviewed by Tim Horton.

        collectDescendantLayersAtPoint() calls [layer presentationLayer] for layers
        with running animations, and this calls -initWithLayer: on our layer subclasses.
        Fix WebTiledBackingLayer to not assert in this case.

        Test: fast/scrolling/mac/hit-test-overflow-tiled-layer.html

        * platform/graphics/ca/cocoa/WebTiledBackingLayer.mm:
        (-[WebTiledBackingLayer initWithLayer:]):

2020-04-10  Youenn Fablet  <youenn@apple.com>

        Introduce a RealtimeMediaSource observer dedicated to receiving audio samples
        https://bugs.webkit.org/show_bug.cgi?id=210180

        Reviewed by Eric Carlson.

        RealtimeMediaSource::Observer was called on various threads which was making iterating through them difficult.
        Observers were copied to a vector for iterating each time and locking was happening for each indivudual observer.

        Instead of doing that, RealtimeMediaSource::Observer no longer gives access to audio samples, all its methods are called from the main thread.
        AudioSampleObserver is introduced with a single method to receive audio samples.
        RealtimeMediaSource keeps a set of AudioSampleObserver separated from its existing Observer hashset.
        These observers can only be added/removed from the main thread while audio sample delivery usually happens from a background thread.
        We no longer need to copy the audio sample observers in a vector and lock only once when iterating the audio sample observers.

        This change requires to update MediaStreamTrackPrivate and RealtimeMediaSource observers.
        This includes WebAudio, Audio Renderer and Media Recorder.
        Each corresponding class is now registering itself as a MediaStreamTrackPrivate::Observer and when needed as a RealtimeMediaSource::Observer.
        This allows removing the additional copy-in-vector/lock that was happening when iterating over MediaStreamTrackPrivate::Observers for audio samples.

        This change also allows for a consumer to always observe the MediaStreamTrackPrivate but receive audio samples only when needed.
        We change the AudioTrackPrivateMediaStream implementation so that, if the renderer is muted, not playing, the track is muted or not enabled,
        it no longer receives audio samples.
        This is especially useful in the typical case where a video element displays the locally captured stream (including a local audio track) but is muted
        to prevent feedback loop.
        For that reason, the player is now setting the muted state of the renderer instead of setting volume to 0.

        Covered by existing test sets.

        * Modules/mediarecorder/MediaRecorder.cpp:
        (WebCore::MediaRecorder::createMediaRecorderPrivate):
        * Modules/mediarecorder/MediaRecorder.h:
        * Modules/mediarecorder/MediaRecorderProvider.cpp:
        (WebCore::MediaRecorderProvider::createMediaRecorderPrivate):
        * Modules/mediarecorder/MediaRecorderProvider.h:
        * loader/EmptyClients.cpp:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setVolume):
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setMuted):
        * platform/mediarecorder/MediaRecorderPrivate.cpp:
        (WebCore::MediaRecorderPrivate::selectTracks):
        * platform/mediarecorder/MediaRecorderPrivate.h:
        (WebCore::MediaRecorderPrivate::setAudioSource):
        (WebCore::MediaRecorderPrivate::~MediaRecorderPrivate):
        * platform/mediarecorder/MediaRecorderPrivateAVFImpl.cpp:
        (WebCore::MediaRecorderPrivateAVFImpl::create):
        (WebCore::MediaRecorderPrivateAVFImpl::~MediaRecorderPrivateAVFImpl):
        (WebCore::MediaRecorderPrivateAVFImpl::audioSamplesAvailable):
        (WebCore::MediaRecorderPrivateAVFImpl::stopRecording):
        (WebCore::MediaRecorderPrivateAVFImpl::fetchData):
        * platform/mediarecorder/MediaRecorderPrivateAVFImpl.h:
        * platform/mediarecorder/MediaRecorderPrivateMock.cpp:
        (WebCore::MediaRecorderPrivateMock::MediaRecorderPrivateMock):
        (WebCore::MediaRecorderPrivateMock::~MediaRecorderPrivateMock):
        (WebCore::MediaRecorderPrivateMock::stopRecording):
        (WebCore::MediaRecorderPrivateMock::sampleBufferUpdated):
        (WebCore::MediaRecorderPrivateMock::audioSamplesAvailable):
        (WebCore::MediaRecorderPrivateMock::generateMockCounterString):
        (WebCore::MediaRecorderPrivateMock::fetchData):
        * platform/mediarecorder/MediaRecorderPrivateMock.h:
        * platform/mediastream/AudioTrackPrivateMediaStream.cpp:
        (WebCore::AudioTrackPrivateMediaStream::AudioTrackPrivateMediaStream):
        (WebCore::AudioTrackPrivateMediaStream::clear):
        (WebCore::AudioTrackPrivateMediaStream::play):
        (WebCore::AudioTrackPrivateMediaStream::pause):
        (WebCore::AudioTrackPrivateMediaStream::setMuted):
        (WebCore::AudioTrackPrivateMediaStream::audioSamplesAvailable):
        (WebCore::AudioTrackPrivateMediaStream::trackMutedChanged):
        (WebCore::AudioTrackPrivateMediaStream::trackEnabledChanged):
        (WebCore::AudioTrackPrivateMediaStream::trackEnded):
        (WebCore::AudioTrackPrivateMediaStream::updateRenderer):
        (WebCore::AudioTrackPrivateMediaStream::startRenderer):
        (WebCore::AudioTrackPrivateMediaStream::stopRenderer):
        * platform/mediastream/AudioTrackPrivateMediaStream.h:
        * platform/mediastream/gstreamer/GStreamerMediaStreamSource.cpp:
        (WebCore::webkitMediaStreamSrcFinalize):
        (WebCore::webkitMediaStreamSrcChangeState):
        (WebCore::webkitMediaStreamSrcSetupSrc):
        * platform/mediastream/MediaStreamPrivate.cpp:
        (WebCore::MediaStreamPrivate::forEachTrack):
        * platform/mediastream/MediaStreamPrivate.h:
        * platform/mediastream/MediaStreamTrackPrivate.cpp:
        (WebCore::MediaStreamTrackPrivate::forEachObserver const):
        (WebCore::MediaStreamTrackPrivate::addObserver):
        (WebCore::MediaStreamTrackPrivate::removeObserver):
        (WebCore::MediaStreamTrackPrivate::hasStartedProducingAudioData):
        * platform/mediastream/MediaStreamTrackPrivate.h:
        * platform/mediastream/RealtimeMediaSource.cpp:
        (WebCore::RealtimeMediaSource::addAudioSampleObserver):
        (WebCore::RealtimeMediaSource::removeAudioSampleObserver):
        (WebCore::RealtimeMediaSource::addObserver):
        (WebCore::RealtimeMediaSource::removeObserver):
        (WebCore::RealtimeMediaSource::forEachObserver const):
        (WebCore::RealtimeMediaSource::audioSamplesAvailable):
        * platform/mediastream/RealtimeMediaSource.h:
        * platform/mediastream/RealtimeOutgoingAudioSource.cpp:
        (WebCore::RealtimeOutgoingAudioSource::~RealtimeOutgoingAudioSource):
        (WebCore::RealtimeOutgoingAudioSource::observeSource):
        (WebCore::RealtimeOutgoingAudioSource::unobserveSource):
        * platform/mediastream/RealtimeOutgoingAudioSource.h:
        * platform/mediastream/WebAudioSourceProvider.h:
        * platform/mediastream/mac/WebAudioSourceProviderAVFObjC.h:
        * platform/mediastream/mac/WebAudioSourceProviderAVFObjC.mm:
        (WebCore::WebAudioSourceProviderAVFObjC::WebAudioSourceProviderAVFObjC):
        (WebCore::WebAudioSourceProviderAVFObjC::~WebAudioSourceProviderAVFObjC):
        (WebCore::WebAudioSourceProviderAVFObjC::trackEnabledChanged):
        (WebCore::WebAudioSourceProviderAVFObjC::audioSamplesAvailable):
        * testing/Internals.cpp:
        (WebCore::Internals::~Internals):
        (WebCore::createRecorderMockSource):
        (WebCore::Internals::observeMediaStreamTrack):
        (WebCore::Internals::videoSampleAvailable):
        * testing/Internals.h:

2020-04-10  Youenn Fablet  <youenn@apple.com>

        SWServer should not run a service worker that is terminating
        https://bugs.webkit.org/show_bug.cgi?id=210044

        Reviewed by Chris Dumez.

        If a test is being terminated and we want to restart it, we were previously running it right away.
        This does not work well as the service worker process might still have the terminating service worker in its map.
        Also, if the service worker is not able to terminate properly, we will kill the service worker process so there is no reason
        to try running this service worker in this process.
        Instead, wait for the service worker to terminate (which might include terminating the service worker process).

        In addition, we remove the isServiceWorkerRunning internals API since this is potentially flaky as the service worker
        might be terminated and rerunning in between two isServiceWorkerRunning checks.
        Instead, we introduce whenServiceWorkerIsTerminated which will resolve as soon as the service worker goes to terminated.

        Covered by existing spinning tests no longer crashing.

        * testing/Internals.cpp:
        (WebCore::Internals::whenServiceWorkerIsTerminated):
        * testing/Internals.h:
        * testing/Internals.idl:
        * workers/service/SWClientConnection.h:
        (WebCore::SWClientConnection::whenServiceWorkerIsTerminatedForTesting):
        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::runServiceWorkerIfNecessary):
        (WebCore::SWServer::runServiceWorker):
        (WebCore::SWServer::workerContextTerminated):
        * workers/service/server/SWServerWorker.cpp:
        (WebCore::SWServerWorker::whenTerminated):
        (WebCore::SWServerWorker::setState):
        * workers/service/server/SWServerWorker.h:
        (WebCore::SWServerWorker::isNotRunning const):

2020-04-10  Charlie Turner  <cturner@igalia.com>

        [EME][GStreamer] Relax proxy initialization assert
        https://bugs.webkit.org/show_bug.cgi?id=210258

        Reviewed by Xabier Rodriguez-Calvar.

        update() may be called on a session before its parent MediaKeys object
        has been associated with a media element. Supporting this is officially
        optional, but enough sites (including the W3C EME tests) depend on this
        optional behaviour that we should support it.

        Covered by imported/w3c/web-platform-tests/encrypted-media.

        * platform/encryptedmedia/CDMProxy.cpp:
        (WebCore::CDMInstanceProxy::mergeKeysFrom): Since the background
        proxy may not be installed yet, don't ASSERT() it exists.
        * platform/encryptedmedia/CDMProxy.h:
        (WebCore::KeyStore::hasKeys const):
        (WebCore::CDMInstanceProxy::setProxy): Now, when the background
        proxy is installed, check if any keys have been made available as
        described above, and if so, set them.

2020-04-10  Adrian Perez de Castro  <aperez@igalia.com>

        [GTK] Avoid direct GdkEvent field usage in GtkUtilities.h
        https://bugs.webkit.org/show_bug.cgi?id=210329

        Reviewed by Carlos Garcia Campos.

        No new tests needed.

        * platform/gtk/GtkUtilities.h:
        (WebCore::wallTimeForEvent): Use gdk_event_get_time() instead of direct field access.

2020-04-10  Youenn Fablet  <youenn@apple.com>

        Bump priority of LibWebRTCAudioModule thread
        https://bugs.webkit.org/show_bug.cgi?id=210107

        Reviewed by Eric Carlson.

        LibWebRTCAudioModule operates on its own thread and is responsible to generate and push remote audio track data to audio renderers.
        It does this every 50 milliseconds and any delay in this task will trigger audio crackling.

        Migrate LibWebRTCAudioModule from a thread based approach to a WorkQueue.
        This gives cleaner code and allows to set the WorkQueue QOS to QOS::UserInteractive
        so that it does not get imnterrupted too often.

        We expect the audio task to be done every 50 ms.
        If it takes less than 50 ms to dispatch the task and execute, we dispatch a new task with some delay
        to keep the exact 50ms delay.
        Otherwise, we dispatch a task without any delay to try recovering as much as we can.

        Manullay tested on iOS using mock sources on pages rendering multiple audio tracks.
        This reduces audio crackling a lot but not completely.

        * platform/mediastream/libwebrtc/LibWebRTCAudioModule.cpp:
        (WebCore::LibWebRTCAudioModule::LibWebRTCAudioModule):
        (WebCore::LibWebRTCAudioModule::StartPlayout):
        (WebCore::LibWebRTCAudioModule::StartPlayoutOnAudioThread):
        * platform/mediastream/libwebrtc/LibWebRTCAudioModule.h:

2020-04-09  Peng Liu  <peng.liu6@apple.com>

        REGRESSION: (r258434) [ Mac WK1 ] media/track/track-css-user-override.html is a flaky failure
        https://bugs.webkit.org/show_bug.cgi?id=210134

        Reviewed by Eric Carlson.

        Call captionPreferencesChanged() directly in CaptionUserPreferences::setCaptionsStyleSheetOverride().

        * page/CaptionUserPreferences.cpp:
        (WebCore::CaptionUserPreferences::setCaptionsStyleSheetOverride):

2020-04-09  Cathie Chen  <cathiechen@igalia.com>

        Fix up code style for scroll animation
        https://bugs.webkit.org/show_bug.cgi?id=210171

        Reviewed by Simon Fraser.

        1. Use AnimatedScroll instead of bool to indicate animated or not.
        2. Remove parameter ScrollRectToVisibleOptions, the autoscroll status is available from EventHandler.
        3. In order to keep consistent, use RenderLayer::setScrollPosition instead of RenderLayer::scrollToPosition.
        4. Add AnimatedScroll parameter to ScrollView::setContentsScrollPosition, then the scroll animation
        can be dealt in FrameView::setScrollPosition.
        5. In ScrollView::setScrollPosition, the scroll animation should be cancled before return.

        * dom/Element.cpp: Use AnimatedScroll instead of bool.
        (WebCore::Element::scrollTo):
        (WebCore::Element::setScrollLeft):
        (WebCore::Element::setScrollTop):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::scrollTo const): No need to call scrollToOffsetWithAnimation here.
        * page/FrameView.cpp:
        (WebCore::FrameView::setScrollPosition):
        * page/FrameView.h:
        * platform/ScrollTypes.h: Add AnimatedScroll.
        * platform/ScrollView.cpp:
        (WebCore::ScrollView::setContentsScrollPosition): Add parameter AnimatedScroll.
        (WebCore::ScrollView::setScrollPosition): Cancel the scroll animation before return.
        * platform/ScrollView.h:
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::setScrollLeft):
        (WebCore::RenderBox::setScrollTop):
        (WebCore::RenderBox::setScrollPosition):
        * rendering/RenderBox.h:
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::scrollToXPosition):
        (WebCore::RenderLayer::scrollToYPosition):
        (WebCore::RenderLayer::setScrollPosition):
        (WebCore::RenderLayer::scrollRectToVisible): Remove AutoscrollStatus.
        (WebCore::RenderLayer::autoscroll):
        (WebCore::RenderLayer::scrollToPosition): Deleted. Use setScrollPosition instead.
        * rendering/RenderLayer.h:
        * rendering/RenderListBox.cpp:
        (WebCore::RenderListBox::setScrollLeft):
        (WebCore::RenderListBox::setScrollTop):
        * rendering/RenderListBox.h:
        * rendering/RenderTextControlSingleLine.cpp:
        (WebCore::RenderTextControlSingleLine::setScrollLeft):
        (WebCore::RenderTextControlSingleLine::setScrollTop):
        * rendering/RenderTextControlSingleLine.h:

2020-04-09  Alex Christensen  <achristensen@webkit.org>

        IPC serialization of enums should serialize std::underlying_type instead of uint64_t
        https://bugs.webkit.org/show_bug.cgi?id=210228

        Reviewed by Chris Dumez and Darin Adler.

        No change in behavior, other than less memory and time spent in IPC code.

        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::drawTextInternal):
        * platform/graphics/GraphicsContext.cpp:
        (WebCore::GraphicsContextStateChange::dump const):
        * platform/graphics/GraphicsContext.h:
        * platform/graphics/ca/PlatformCALayer.cpp:
        (WebCore::PlatformCALayer::drawRepaintIndicator):
        * platform/graphics/cg/GraphicsContextCG.cpp:
        (WebCore::GraphicsContext::setPlatformTextDrawingMode):
        * platform/graphics/cocoa/FontCascadeCocoa.mm:
        (WebCore::shouldUseLetterpressEffect):
        (WebCore::FontCascade::drawGlyphs):
        * platform/mock/MockRealtimeVideoSource.cpp:
        (WebCore::MockRealtimeVideoSource::drawText):
        * rendering/TextPaintStyle.cpp:
        (WebCore::updateGraphicsContext):
        * rendering/TextPainter.cpp:
        (WebCore::TextPainter::paintTextAndEmphasisMarksIfNeeded):
        * rendering/svg/RenderSVGResourceGradient.cpp:
        (WebCore::RenderSVGResourceGradient::applyResource):
        * rendering/svg/RenderSVGResourcePattern.cpp:
        (WebCore::RenderSVGResourcePattern::applyResource):
        * rendering/svg/RenderSVGResourceSolidColor.cpp:
        (WebCore::RenderSVGResourceSolidColor::applyResource):

2020-04-08  Darin Adler  <darin@apple.com>

        [Cocoa] Simplify NSArray, NSDictionary, and NSNumber idioms throughout WebKit
        https://bugs.webkit.org/show_bug.cgi?id=210138

        Reviewed by Alex Christensen.

        - Added createNSArray and makeVector.
        - Use createNSArray and makeVector<String> in many places where we convert
          between NSArray and Vector, replacing multiple existing functions that were
          doing the same job before; later can use them even more.
        - Use @[] many places where we create an autoreleased NSArray.
        - Use @{} many places where we create an autoreleased NSDictionary.
        - Use @() many places where we create an autoreleased NSNumber.

        * PlatformMac.cmake: Moved Float/IntRectMac.mm to Float/IntRectCocoa.mm.
        * SourcesCocoa.txt: Ditto.
        * WebCore.xcodeproj/project.pbxproj: Ditto.

        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (AXAttributeStringSetBlockquoteLevel): Use @().
        (AXAttributeStringSetHeadingLevel): Use @().
        (-[WebAccessibilityObjectWrapper textMarkerRangeForSelection]): Use @[].
        (-[WebAccessibilityObjectWrapper _stringFromStartMarker:toEndMarker:attributed:]): Use @[].
        (-[WebAccessibilityObjectWrapper elementsForRange:]): Use @[].
        (-[WebAccessibilityObjectWrapper textMarkersForRange:]): Use @[].

        * accessibility/mac/AXObjectCacheMac.mm:
        (WebCore::textReplacementChangeDictionary): Use @().

        * accessibility/mac/WebAccessibilityObjectWrapperBase.mm:
        (makeVectorElement): Aded overload for AccessibilitySearchKey.
        (accessibilitySearchCriteriaForSearchPredicateParameterizedAttribute):
        Use makeVector<AccessibilitySearchKey>.

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (accessibilityTextCriteriaForParameterizedAttribute): Use makeVector<String>.
        (accessibilitySearchTextCriteriaForParameterizedAttribute): Use makeVector<String>.
        (AXAttributeStringSetStyle): Use @().
        (AXAttributeStringSetBlockquoteLevel): Use @().
        (AXAttributeStringSetHeadingLevel): Use @().
        (-[WebAccessibilityObjectWrapper accessibilityActionNames]): Use @[].
        (convertStringsToNSArray): Deleted.
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):
        Use @(), @[], and createNSArray.
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):
        Ditto.

        * bridge/objc/WebScriptObject.mm:
        (+[WebScriptObject _convertValueToObjcValue:originRootObject:rootObject:]):
        Use @().

        * editing/cocoa/AlternativeTextUIController.mm:
        (WebCore::AlternativeTextUIController::alternativesForContext):
        Use makeVector<String>.

        * editing/cocoa/HTMLConverter.mm:
        (defaultParagraphStyle): Use @[].
        (HTMLConverter::computedAttributesForElement): Use @().
        (HTMLConverter::_processMetaElementWithName): Use @().
        (HTMLConverter::_addTableForElement): Use @().

        * page/ios/FrameIOS.mm:
        (WebCore::Frame::interpretationsForCurrentRoot const): Use @[].

        * platform/cocoa/MIMETypeRegistryCocoa.mm:
        (WebCore::MIMETypeRegistry::getExtensionsForMIMEType): Use makeVector<String>.

        * platform/graphics/FloatRect.h: Added makeNSArrayElement overload so we can
        convert Vector<FloatRect> into NSArray<NSValue>.
        * platform/graphics/IntRect.h: Similarly for IntRect.

        * platform/graphics/avfoundation/MediaSelectionGroupAVFObjC.mm:
        (WebCore::MediaSelectionGroupAVFObjC::updateOptions): Use createNSArray.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::mediaDescriptionForKind): Use @[].
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL): Use @().
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerItem): Use @().
        (WebCore::MediaPlayerPrivateAVFoundationObjC::checkPlayability): Use @[].
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createVideoOutput): Use @{} and @().

        * platform/graphics/ca/cocoa/PlatformCAAnimationCocoa.mm:
        (WebCore::PlatformCAAnimationCocoa::valueFunction const):
        (WebCore::PlatformCAAnimationCocoa::setFromValue):
        (WebCore::PlatformCAAnimationCocoa::copyFromValueFrom):
        (WebCore::PlatformCAAnimationCocoa::setToValue):
        (WebCore::PlatformCAAnimationCocoa::copyToValueFrom):
        (WebCore::PlatformCAAnimationCocoa::setValues):
        (WebCore::PlatformCAAnimationCocoa::copyValuesFrom):
        (WebCore::PlatformCAAnimationCocoa::setKeyTimes):
        (WebCore::PlatformCAAnimationCocoa::copyKeyTimesFrom):
        (WebCore::PlatformCAAnimationCocoa::setTimingFunctions):
        (WebCore::PlatformCAAnimationCocoa::copyTimingFunctionsFrom):
        Use @(), @[], modern for loops, auto, and allocate with capacity.

        * platform/graphics/ca/cocoa/PlatformCAFiltersCocoa.mm:
        (WebCore::PlatformCAFilters::filterValueForOperation): Use @().

        * platform/graphics/cocoa/FloatRectCocoa.mm: Moved from mac/FloatRectMac.mm.
        (WebCore::makeNSArrayElement): Added so we can convert Vector<FloatRect>
        into NSArray<NSValue>.
        * platform/graphics/cocoa/IntRectCocoa.mm: Moved from mac/IntRectMac.mm.
        (WebCore::makeNSArrayElement): Similarly for IntRect.
        (WebCore::enclosingIntRect): Use clampTo to be consistent with what
        enclosingIntRect(FloatRect) does (while fixing check-webkit-style complaint).

        * platform/graphics/cocoa/WebGLLayer.mm:
        (-[WebGLLayer display]): Add WebCore namespace prefix; needed depending on
        how sources get unified (and was affecting my local build when it temporarily
        had an additional source file).
        (-[WebGLLayer allocateIOSurfaceBackingStoreWithSize:usingAlpha:]): Ditto.
        (-[WebGLLayer bindFramebufferToNextAvailableSurface]): Ditto.

        * platform/graphics/ios/FontCacheIOS.mm:
        (WebCore::systemFontModificationAttributes): Use @().

        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::getTypes): Use makeVector<String>.
        (WebCore::createItemProviderRegistrationList): Use createNSArray.
        (WebCore::PlatformPasteboard::updateSupportedTypeIdentifiers): Use createNSArray.

        * platform/ios/WebItemProviderPasteboard.mm:
        (-[WebItemProviderPasteboard setItemProviders:]): Use @[].
        * platform/ios/wak/WAKView.mm:
        (-[WAKView subviews]): Dittto.

        * platform/mac/PlatformPasteboardMac.mm:
        (WebCore::PlatformPasteboard::getTypes): Use makeVector<String>.
        (WebCore::PlatformPasteboard::getPathnamesForType const): Use makeVector<String>.
        (WebCore::PlatformPasteboard::addTypes): Use makeVector<String>.
        (WebCore::PlatformPasteboard::setTypes): Use makeVector<String>.

        * platform/mac/StringUtilities.h: Removed
        webCoreStringVectorFromNSStringArray, replaced by makeVector<String>
        * platform/mac/StringUtilities.mm:
        (WebCore::webCoreStringVectorFromNSStringArray): Deleted.

        * platform/mac/WebCoreNSURLExtras.mm: Removed unneeded include.

        * platform/mediarecorder/cocoa/MediaRecorderPrivateWriterCocoa.mm:
        (WebCore::MediaRecorderPrivateWriter::setVideoInput): Use @().
        * platform/mediastream/mac/AVVideoCaptureSource.mm:
        (WebCore::AVVideoCaptureSource::setupCaptureSession): Use @().
        * platform/network/cocoa/CookieCocoa.mm:
        (WebCore::Cookie::operator NSHTTPCookie * _Nullable  const): Use @().

        * platform/network/cocoa/NetworkStorageSessionCocoa.mm:
        (WebCore::NetworkStorageSession::setCookiesFromDOM const): Use @{}.

        * platform/network/cocoa/ResourceRequestCocoa.mm:
        (WebCore::ResourceRequest::doUpdatePlatformRequest): Use @YES/@NO.

2020-04-09  Daniel Bates  <dabates@apple.com>

        [ macOS debug wk2 ] REGRESSION(r259761): ASSERTION FAILED: !needsLayout() on fast/events/scroll-subframe-in-rendering-update.html
        https://bugs.webkit.org/show_bug.cgi?id=210278
        <rdar://problem/61517389>

        Reviewed by Simon Fraser.

        Add a comment to clarify that the needsLayout() check during EventRegion painting in
        RenderWidget::paint() is a workaround for <https://bugs.webkit.org/show_bug.cgi?id=210278>:
        it is needed because event regions are only stored on compositing layers. Following r259761
        a non-composited frames can request their enclosing compositing layer to update the event
        region on their behalf. Outside of this special request (tracked via RenderView::needsEventRegionUpdateForNonCompositedFrame())
        we want to do what the code did pre-r259761 and bail out in RenderWidget::paint() when
        asked to perform an event region paint. We cannot depend on RenderView::needsEventRegionUpdateForNonCompositedFrame()
        though since it could be have been set by a deep nested non-composited child frame and
        an intermediary child frame along the path may have had its layout dirtied. That is why
        we check needsLayout(). Eventually the needsEventRegionUpdateForNonCompositedFrame() bit
        will be serviced (and turned off) once all frames along the path to the originally requesting
        frame lay out.

        * rendering/RenderWidget.cpp:
        (WebCore::RenderWidget::paint):

2020-04-09  David Kilzer  <ddkilzer@apple.com>

        Add using WTF::isInBounds to CheckedArithmetic.h
        <https://webkit.org/b/210299>

        Reviewed by Darin Adler.

        * fileapi/Blob.cpp:
        (WebCore::Blob::size const):
        * page/PointerCaptureController.cpp:
        (WebCore::PointerCaptureController::elementWasRemoved):
        * platform/graphics/ImageSource.cpp:
        (WebCore::ImageSource::cacheNativeImageAtIndex):
        * platform/graphics/gpu/cocoa/GPUBindGroupMetal.mm:
        (WebCore::tryGetResourceAsBufferBinding):
        - Remove WTF:: prefix from isInBounds().

2020-04-09  Andres Gonzalez  <andresg_22@apple.com>

        Fix for crash in test accessibility/mac/aria-grid-with-strange-hierarchy.html in isolated tree mode.
        https://bugs.webkit.org/show_bug.cgi?id=210295

        Reviewed by Chris Fleizach.

        Covered by accessibility/mac/aria-grid-with-strange-hierarchy.html.

        - When AXIsolatedTree::applyPendingChanges encounters a change for an
        already existing object, the existing object is discarded and the new
        object replaces it in the nodes map. The existing and new objects must
        have the same platform wrapper. Thus the wrapper needs to be detached
        from the existing object about to be discarded, and re-attached to the
        new object. We were missing the re-attachment, and hence the crash when
        the wrapper tries to access its underlying object.
        - In addition, moved the LockHolder in a couple of intances to before
        AXIsolatedTree::nodeForID, because this method accesses a member
        variable used in both threads.
        - Added stricter assert checks to catch problems with the management of
        objects and wrappers during tree updates.

        * accessibility/isolatedtree/AXIsolatedTree.cpp:
        (WebCore::AXIsolatedTree::updateNode):
        (WebCore::AXIsolatedTree::updateChildren):
        (WebCore::AXIsolatedTree::applyPendingChanges):
        * accessibility/mac/WebAccessibilityObjectWrapperBase.mm:
        (-[WebAccessibilityObjectWrapperBase attachIsolatedObject:]):

2020-04-09  Said Abou-Hallawa  <sabouhallawa@apple.com>

        REGRESSION: CSS animations inside an embedded SVG image do not animate
        https://bugs.webkit.org/show_bug.cgi?id=209370

        Reviewed by Simon Fraser.

        If WebAnimation is enabled and the SVGImage includes CSS animations, the
        DocumentTimeline is added to the SVGDocument of the embedded SVGImage.
        Because the SVGImage has its own Page the RenderingUpdate is scheduled
        and the updateRendering steps run in this Page.

        The Page of the SVGImage is inactive such that scheduling RenderingUpdate
        fails; therefore the updateRendering steps never run and the CSS animation
        never advances.

        The fix is:

        1) Scheduling the RenderingUpdate: This has to happen in the Page which
           contains the renderer of the SVGImage. Because DocumentTimeline is
           added to SVGDocument, this scheduling will go through these hubs:
                - DocumentTimeline
                - Page
                - ChromeClient -> SVGImageChromeClient 
                - SVGImage
                - ImageObserver -> CachedImageObserver
                - CachedImage
                - CachedImageClient -> RenderElement
                - Page

        2) Running the updateRendering steps: Each document in the Page will
           enumerate its cached SVGImages. The updateRendering of the Page of
           each SVGImage will be called.

        To make enumerating the cached SVGImages of a Document faster, the URL
        of the cached SVGImage will be added to the cachedSVGImagesURLs of
        CachedResourceLoader when notifyFinished() is called for associated
        CachedImage.

        Tests: svg/animations/css-animation-background-svg.html
               svg/animations/css-animation-embedded-svg.html
               svg/animations/css-animation-hover-svg.html

        * animation/DocumentTimeline.cpp:
        (WebCore::DocumentTimeline::scheduleAnimationResolution):
        (WebCore::DocumentTimeline::updateAnimationsAndSendEvents):
        * html/ImageBitmap.cpp:
        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::hasSVGImage const):
        (WebCore::CachedImage::CachedImageObserver::scheduleTimedRenderingUpdate):
        (WebCore::CachedImage::scheduleTimedRenderingUpdate):
        * loader/cache/CachedImage.h:
        * loader/cache/CachedImageClient.h:
        (WebCore::CachedImageClient::scheduleTimedRenderingUpdate):
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::isSVGImageCachedResource):
        (WebCore::cachedResourceSVGImage):
        (WebCore::CachedResourceLoader::notifyFinished):
        (WebCore:: const):
        * loader/cache/CachedResourceLoader.h:
        * page/ChromeClient.h:
        (WebCore::ChromeClient::scheduleTimedRenderingUpdate):
        * page/Page.cpp:
        (WebCore::Page::scheduleTimedRenderingUpdate):
        (WebCore::Page::updateRendering):
        * page/Page.h:
        * platform/graphics/ImageObserver.h:
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::notifyFinished):
        (WebCore::RenderElement::scheduleTimedRenderingUpdate):
        * rendering/RenderElement.h:
        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::notifyFinished):
        * svg/graphics/SVGImage.h:
        * svg/graphics/SVGImageClients.h:

2020-04-09  Keith Miller  <keith_miller@apple.com>

        Remove legacy X-WebKit-CSP header support
        https://bugs.webkit.org/show_bug.cgi?id=210256
        <rdar://problem/60634363>

        Reviewed by Geoffrey Garen.

        Supporting this header is causes compatibly issues for some sites
        and they appear to be misconfigured. Additionally, no other
        browser has supported these headers in many years. This patch
        removes all support for the legacy X-WebKit-CSP header.

        * dom/Document.cpp:
        (WebCore::Document::processHttpEquiv):
        * page/csp/ContentSecurityPolicyDirectiveList.cpp:
        (WebCore::ContentSecurityPolicyDirectiveList::ContentSecurityPolicyDirectiveList):
        * page/csp/ContentSecurityPolicyResponseHeaders.cpp:
        (WebCore::ContentSecurityPolicyResponseHeaders::ContentSecurityPolicyResponseHeaders):
        * page/csp/ContentSecurityPolicyResponseHeaders.h:
        * platform/network/HTTPHeaderNames.in:
        * platform/network/ResourceResponseBase.cpp:
        (WebCore::isSafeCrossOriginResponseHeader):

2020-04-09  Per Arne Vollan  <pvollan@apple.com>

        [Cocoa] The function WebCore::systemHasBattery() should cache the result.
        https://bugs.webkit.org/show_bug.cgi?id=210296
        <rdar://problem/61331536>

        Reviewed by Darin Adler.

        The function WebCore::systemHasBattery() should cache the result, since the return value of this function
        will be the same on a specific device.

        No new tests, since there is no change in behavior.

        * platform/cocoa/SystemBattery.mm:
        (WebCore::systemHasBattery):

2020-04-09  Keith Rollin  <krollin@apple.com>

        Set ENTITLEMENTS_REQUIRED=NO for some Xcode build targets
        https://bugs.webkit.org/show_bug.cgi?id=210250
        <rdar://problem/61502270>

        Reviewed by Jonathan Bedard.

        When building with the public version of Xcode 11.4, with XCBuild
        enabled, and targeting the iOS device, some build targets issue an
        error like:

            error: An empty identity is not valid when signing a binary for
                the product type 'Command-line Tool'. (in target 'yasm' from
                project 'libwebrtc')

        A comment in <rdar://problem/47092353> suggests setting
        ENTITLEMENTS_REQUIRED=NO to relax the requirement. To that end, when
        building with the public Xcode, establish that setting for the
        affected targets.

        No new tests -- no changed functionality.

        * Configurations/WebCoreTestShim.xcconfig:
        * Configurations/WebCoreTestSupport.xcconfig:

2020-04-09  Rob Buis  <rbuis@igalia.com>

        Remove FrameLoader::outgoingOrigin
        https://bugs.webkit.org/show_bug.cgi?id=210286

        Reviewed by Darin Adler.

        Remove FrameLoader::outgoingOrigin since it is no longer used.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::outgoingOrigin const): Deleted.
        * loader/FrameLoader.h:

2020-04-09  Jacob Uphoff  <jacob_uphoff@apple.com>

        Unreviewed, reverting r259816.

        This commit broke the webkit build for macOS and iOS

        Reverted changeset:

        "Introduce a RealtimeMediaSource observer dedicated to
        receiving audio samples"
        https://bugs.webkit.org/show_bug.cgi?id=210180
        https://trac.webkit.org/changeset/259816

2020-04-09  Daniel Bates  <dabates@apple.com>

        [ macOS debug wk2 ] REGRESSION(r259762): ASSERTION FAILED: !needsLayout() on fast/events/scroll-subframe-in-rendering-update.html
        https://bugs.webkit.org/show_bug.cgi?id=210278
        <rdar://problem/61517389>

        Reviewed by Darin Adler.

        Only EventRegion paint the contents of the widget if the widget is a frame view that
        does not need layout because layout must come before painting. Otherwise, an assertion
        failure will occur.

        * rendering/RenderWidget.cpp:
        (WebCore::RenderWidget::paint):

2020-04-09  Simon Fraser  <simon.fraser@apple.com>

        eventSender.monitorWheelEvents() should clear latching state
        https://bugs.webkit.org/show_bug.cgi?id=210288

        Reviewed by Tim Horton.

        Use monitorWheelEvents() as a trigger to clear scroll latching state, both main-thread (via Page)
        and scrolling thread (via ScrollingTree).

        Page::ensureWheelEventTestMonitor() had side-effects, so hide it, and have clients explicitly call Page::startMonitoringWheelEvents().

        * page/Page.cpp:
        (WebCore::Page::startMonitoringWheelEvents):
        (WebCore::Page::ensureWheelEventTestMonitor):
        * page/Page.h:
        * testing/js/WebCoreTestSupport.cpp:
        (WebCoreTestSupport::monitorWheelEvents):
        (WebCoreTestSupport::setWheelEventMonitorTestCallbackAndStartMonitoring):

2020-04-09  Wenson Hsieh  <wenson_hsieh@apple.com>

        Add an API test for <https://trac.webkit.org/r259766>
        https://bugs.webkit.org/show_bug.cgi?id=210294

        Reviewed by Tim Horton.

        Avoid trying to place the missing value into paragraphSets in TextManipulationController by bailing if either
        the start or end positions are null (while the missing value requires both the start and end to be null, it is
        sufficient to bail if either are null because `observeParagraphs` will be a no-op anyways).

        See Tools/ChangeLog for more details.

        Test: TextManipulation.CompleteTextManipulationAvoidCrashingWhenContentIsRemoved

        * editing/TextManipulationController.cpp:
        (WebCore::TextManipulationController::scheduleObservartionUpdate):

2020-04-09  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, reverting r259804.

        Breaks the watchOS build.

        Reverted changeset:

        "IPC serialization of enums should serialize
        std::underlying_type instead of uint64_t"
        https://bugs.webkit.org/show_bug.cgi?id=210228
        https://trac.webkit.org/changeset/259804

2020-04-09  Youenn Fablet  <youenn@apple.com>

        Introduce a RealtimeMediaSource observer dedicated to receiving audio samples
        https://bugs.webkit.org/show_bug.cgi?id=210180

        Reviewed by Eric Carlson.

        RealtimeMediaSource::Observer was called on various threads which was making iterating through them difficult.
        Observers were copied to a vector for iterating each time and locking was happening for each indivudual observer.

        Instead of doing that, RealtimeMediaSource::Observer no longer gives access to audio samples, all its methods are called from the main thread.
        AudioSampleObserver is introduced with a single method to receive audio samples.
        RealtimeMediaSource keeps a set of AudioSampleObserver separated from its existing Observer hashset.
        These observers can only be added/removed from the main thread while audio sample delivery usually happens from a background thread.
        We no longer need to copy the audio sample observers in a vector and lock only once when iterating the audio sample observers.

        This change requires to update MediaStreamTrackPrivate and RealtimeMediaSource observers.
        This includes WebAudio, Audio Renderer and Media Recorder.
        Each corresponding class is now registering itself as a MediaStreamTrackPrivate::Observer and when needed as a RealtimeMediaSource::Observer.
        This allows removing the additional copy-in-vector/lock that was happening when iterating over MediaStreamTrackPrivate::Observers for audio samples.

        This change also allows for a consumer to always observe the MediaStreamTrackPrivate but receive audio samples only when needed.
        We change the AudioTrackPrivateMediaStream implementation so that, if the renderer is muted, not playing, the track is muted or not enabled,
        it no longer receives audio samples.
        This is especially useful in the typical case where a video element displays the locally captured stream (including a local audio track) but is muted
        to prevent feedback loop.
        For that reason, the player is now setting the muted state of the renderer instead of setting volume to 0.

        Covered by existing test sets.

        * Modules/mediarecorder/MediaRecorder.cpp:
        (WebCore::MediaRecorder::createMediaRecorderPrivate):
        * Modules/mediarecorder/MediaRecorder.h:
        * Modules/mediarecorder/MediaRecorderProvider.cpp:
        (WebCore::MediaRecorderProvider::createMediaRecorderPrivate):
        * Modules/mediarecorder/MediaRecorderProvider.h:
        * loader/EmptyClients.cpp:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setVolume):
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setMuted):
        * platform/mediarecorder/MediaRecorderPrivate.cpp:
        (WebCore::MediaRecorderPrivate::selectTracks):
        * platform/mediarecorder/MediaRecorderPrivate.h:
        (WebCore::MediaRecorderPrivate::setAudioSource):
        (WebCore::MediaRecorderPrivate::~MediaRecorderPrivate):
        * platform/mediarecorder/MediaRecorderPrivateAVFImpl.cpp:
        (WebCore::MediaRecorderPrivateAVFImpl::create):
        (WebCore::MediaRecorderPrivateAVFImpl::~MediaRecorderPrivateAVFImpl):
        (WebCore::MediaRecorderPrivateAVFImpl::audioSamplesAvailable):
        (WebCore::MediaRecorderPrivateAVFImpl::stopRecording):
        (WebCore::MediaRecorderPrivateAVFImpl::fetchData):
        * platform/mediarecorder/MediaRecorderPrivateAVFImpl.h:
        * platform/mediarecorder/MediaRecorderPrivateMock.cpp:
        (WebCore::MediaRecorderPrivateMock::MediaRecorderPrivateMock):
        (WebCore::MediaRecorderPrivateMock::~MediaRecorderPrivateMock):
        (WebCore::MediaRecorderPrivateMock::stopRecording):
        (WebCore::MediaRecorderPrivateMock::sampleBufferUpdated):
        (WebCore::MediaRecorderPrivateMock::audioSamplesAvailable):
        (WebCore::MediaRecorderPrivateMock::generateMockCounterString):
        (WebCore::MediaRecorderPrivateMock::fetchData):
        * platform/mediarecorder/MediaRecorderPrivateMock.h:
        * platform/mediastream/AudioTrackPrivateMediaStream.cpp:
        (WebCore::AudioTrackPrivateMediaStream::AudioTrackPrivateMediaStream):
        (WebCore::AudioTrackPrivateMediaStream::clear):
        (WebCore::AudioTrackPrivateMediaStream::play):
        (WebCore::AudioTrackPrivateMediaStream::pause):
        (WebCore::AudioTrackPrivateMediaStream::setMuted):
        (WebCore::AudioTrackPrivateMediaStream::audioSamplesAvailable):
        (WebCore::AudioTrackPrivateMediaStream::trackMutedChanged):
        (WebCore::AudioTrackPrivateMediaStream::trackEnabledChanged):
        (WebCore::AudioTrackPrivateMediaStream::trackEnded):
        (WebCore::AudioTrackPrivateMediaStream::updateRenderer):
        (WebCore::AudioTrackPrivateMediaStream::startRenderer):
        (WebCore::AudioTrackPrivateMediaStream::stopRenderer):
        * platform/mediastream/AudioTrackPrivateMediaStream.h:
        * platform/mediastream/gstreamer/GStreamerMediaStreamSource.cpp:
        (WebCore::webkitMediaStreamSrcFinalize):
        (WebCore::webkitMediaStreamSrcChangeState):
        (WebCore::webkitMediaStreamSrcSetupSrc):
        * platform/mediastream/MediaStreamPrivate.cpp:
        (WebCore::MediaStreamPrivate::forEachTrack):
        * platform/mediastream/MediaStreamPrivate.h:
        * platform/mediastream/MediaStreamTrackPrivate.cpp:
        (WebCore::MediaStreamTrackPrivate::forEachObserver const):
        (WebCore::MediaStreamTrackPrivate::addObserver):
        (WebCore::MediaStreamTrackPrivate::removeObserver):
        (WebCore::MediaStreamTrackPrivate::hasStartedProducingAudioData):
        * platform/mediastream/MediaStreamTrackPrivate.h:
        * platform/mediastream/RealtimeMediaSource.cpp:
        (WebCore::RealtimeMediaSource::addAudioSampleObserver):
        (WebCore::RealtimeMediaSource::removeAudioSampleObserver):
        (WebCore::RealtimeMediaSource::addObserver):
        (WebCore::RealtimeMediaSource::removeObserver):
        (WebCore::RealtimeMediaSource::forEachObserver const):
        (WebCore::RealtimeMediaSource::audioSamplesAvailable):
        * platform/mediastream/RealtimeMediaSource.h:
        * platform/mediastream/RealtimeOutgoingAudioSource.cpp:
        (WebCore::RealtimeOutgoingAudioSource::~RealtimeOutgoingAudioSource):
        (WebCore::RealtimeOutgoingAudioSource::observeSource):
        (WebCore::RealtimeOutgoingAudioSource::unobserveSource):
        * platform/mediastream/RealtimeOutgoingAudioSource.h:
        * platform/mediastream/WebAudioSourceProvider.h:
        * platform/mediastream/mac/WebAudioSourceProviderAVFObjC.h:
        * platform/mediastream/mac/WebAudioSourceProviderAVFObjC.mm:
        (WebCore::WebAudioSourceProviderAVFObjC::WebAudioSourceProviderAVFObjC):
        (WebCore::WebAudioSourceProviderAVFObjC::~WebAudioSourceProviderAVFObjC):
        (WebCore::WebAudioSourceProviderAVFObjC::trackEnabledChanged):
        (WebCore::WebAudioSourceProviderAVFObjC::audioSamplesAvailable):
        * testing/Internals.cpp:
        (WebCore::Internals::~Internals):
        (WebCore::createRecorderMockSource):
        (WebCore::Internals::observeMediaStreamTrack):
        (WebCore::Internals::videoSampleAvailable):
        * testing/Internals.h:

2020-04-09  Antti Koivisto  <antti@apple.com>

        Removed unused fields and functions from StylePropertyShorthand
        https://bugs.webkit.org/show_bug.cgi?id=210279

        Reviewed by Darin Adler.

        * css/StylePropertyShorthand.cpp:
        (WebCore::borderAbridgedShorthand): Deleted.
        * css/StylePropertyShorthand.h:
        (WebCore::StylePropertyShorthand::StylePropertyShorthand):
        (WebCore::StylePropertyShorthand::properties const):
        (WebCore::StylePropertyShorthand::propertiesForInitialization const): Deleted.

2020-04-08  Simon Fraser  <simon.fraser@apple.com>

        [Async overflow scroll] Horizontal scrolls can trigger unwanted back swipes
        https://bugs.webkit.org/show_bug.cgi?id=210095
        <rdar://problem/61376245>

        Reviewed by Tim Horton.

        With async overflow/frame scrolling, EventDispatcher::wheelEvent() can't immediately
        determine whether the scrolling tree handled the scroll; we have to wait until the
        event has been processed by the scrolling thread. To allow that, add a
        ScrollingEventResult::SendToScrollingThread return value and a give tryToHandleWheelEvent()
        a callback that's called when the scrolling thread is done with the event. EventDispatcher
        uses that to send the "didReceiveEvent" with "handled" back to the UI process, which then
        proceeds with history or reading list swipes.

        Various fixes were necessary to correctly determine whether the event was handled.
        
        ScrollingTreeFrameScrollingNodeMac::handleWheelEvent() didn't return an accurate ScrollingEventResult,
        and ScrollController didn't return false in cases where rubber-banding was disabled (which broke navigation swipes
        and reading list navigation).

        Tests: scrollingcoordinator/mac/latching/main-frame-back-swipe.html
               scrollingcoordinator/mac/latching/simple-page-rubberbands.html

        * page/scrolling/ScrollingCoordinatorTypes.h:
        * page/scrolling/ScrollingThread.h:
        * page/scrolling/ScrollingTree.cpp:
        (WebCore::ScrollingTree::handleWheelEvent):
        (WebCore::ScrollingTree::mainFrameCanRubberBandInDirection):
        * page/scrolling/ScrollingTree.h:
        * page/scrolling/ThreadedScrollingTree.cpp:
        (WebCore::ThreadedScrollingTree::tryToHandleWheelEvent):
        * page/scrolling/ThreadedScrollingTree.h:
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
        (WebCore::ScrollingTreeFrameScrollingNodeMac::handleWheelEvent):
        * page/scrolling/mac/ScrollingTreeScrollingNodeDelegateMac.mm:
        (WebCore::ScrollingTreeScrollingNodeDelegateMac::allowsHorizontalStretching const):
        (WebCore::ScrollingTreeScrollingNodeDelegateMac::allowsVerticalStretching const):
        (WebCore::ScrollingTreeScrollingNodeDelegateMac::shouldRubberBandInDirection const):
        * platform/cocoa/ScrollController.h:
        * platform/cocoa/ScrollController.mm:
        (WebCore::ScrollController::handleWheelEvent):
        (WebCore::ScrollController::wheelDeltaBiasingTowardsVertical):
        (WebCore::ScrollController::directionFromEvent):
        (WebCore::ScrollController::shouldRubberBandInHorizontalDirection const):
        (WebCore::ScrollController::shouldRubberBandInDirection const):
        (WebCore::ScrollController::shouldRubberBandInHorizontalDirection): Deleted.

2020-04-09  Alex Christensen  <achristensen@webkit.org>

        IPC serialization of enums should serialize std::underlying_type instead of uint64_t
        https://bugs.webkit.org/show_bug.cgi?id=210228

        Reviewed by Chris Dumez and Darin Adler.

        No change in behavior, other than less memory and time spent in IPC code.

        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::drawTextInternal):
        * platform/graphics/GraphicsContext.cpp:
        (WebCore::GraphicsContextStateChange::dump const):
        * platform/graphics/GraphicsContext.h:
        * platform/graphics/ca/PlatformCALayer.cpp:
        (WebCore::PlatformCALayer::drawRepaintIndicator):
        * platform/graphics/cg/GraphicsContextCG.cpp:
        (WebCore::GraphicsContext::setPlatformTextDrawingMode):
        * platform/graphics/cocoa/FontCascadeCocoa.mm:
        (WebCore::shouldUseLetterpressEffect):
        (WebCore::FontCascade::drawGlyphs):
        * platform/mock/MockRealtimeVideoSource.cpp:
        (WebCore::MockRealtimeVideoSource::drawText):
        * rendering/TextPaintStyle.cpp:
        (WebCore::updateGraphicsContext):
        * rendering/TextPainter.cpp:
        (WebCore::TextPainter::paintTextAndEmphasisMarksIfNeeded):
        * rendering/svg/RenderSVGResourceGradient.cpp:
        (WebCore::RenderSVGResourceGradient::applyResource):
        * rendering/svg/RenderSVGResourcePattern.cpp:
        (WebCore::RenderSVGResourcePattern::applyResource):
        * rendering/svg/RenderSVGResourceSolidColor.cpp:
        (WebCore::RenderSVGResourceSolidColor::applyResource):

2020-04-09  Antti Koivisto  <antti@apple.com>

        Use more WeakPtr in RenderTreeBuilder::FirstLetter
        https://bugs.webkit.org/show_bug.cgi?id=210251
        <rdar://problem/61180381>

        Reviewed by Zalan Bujtas.

        For safety.

        * rendering/updating/RenderTreeBuilderFirstLetter.cpp:
        (WebCore::RenderTreeBuilder::FirstLetter::createRenderers):

2020-04-09  Delan Azabani  <dazabani@igalia.com>

        Remove unnecessary explicit parsing for mo@maxsize value "infinity"
        https://bugs.webkit.org/show_bug.cgi?id=202720

        Reviewed by Frédéric Wang.

        In MathML 2, the default mo@maxsize was infinity [1], unless some other
        default was given by mstyle@maxsize [2]. The sole purpose of "infinity"
        was to give authors a way to set mo@maxsize to infinity when some other
        mstyle@maxsize was set.

        MathML Core removes mstyle@maxsize [3][4], such that "infinity" has the
        same semantics as any other missing or invalid mo@maxsize, so the spec
        has been simplified to make infinity an anonymous value [5][6].

        No functional change, because WebKit has never supported mstyle@maxsize
        anyway. To verify that there's no functional change:

        1.  Search for references to LengthType::Infinity, and observe that the
            mo@maxsize parser in MathMLOperatorElement::maxSize is the only
            place where a Length of ::type infinity is created
        2.  Search for references to that method, and observe that the only
            caller (RenderMathMLOperator::maxSize) passes intMaxForLayoutUnit
            (infinity) to toUserUnits as the referenceValue
        3.  Go to the definition of toUserUnits, and observe that the refer-
            enceValue is used as the ParsingFailed default
        4.  Step 1 shows that no other attributes would be affected by removing
            LengthType::Infinity, and steps 2 and 3 show that mo@maxsize treats
            invalid values as infinity, therefore it's safe to remove both the
            "infinity" parsing code and the underlying LengthType variant

        [1] https://www.w3.org/TR/MathML2/chapter3.html#id.3.2.5.2
        [2] https://www.w3.org/TR/MathML2/chapter3.html#presm.mstyle
        [3] https://mathml-refresh.github.io/mathml-core/#style-change-mstyle
        [4] https://github.com/mathml-refresh/mathml/issues/1
        [5] https://mathml-refresh.github.io/mathml-core/#dictionary-based-attributes
        [6] https://github.com/mathml-refresh/mathml/issues/107

        No new tests, because no functional change.

        * mathml/MathMLElement.h: Remove LengthType::Infinity.
        * mathml/MathMLOperatorElement.cpp:
        (WebCore::MathMLOperatorElement::maxSize): Remove explicit branch on "infinity". Replace what remains with an equivalent cachedMathMLLength call.
        * rendering/mathml/RenderMathMLBlock.cpp:
        (WebCore::toUserUnits): Remove explicit branch on LengthType::Infinity.
        * rendering/mathml/RenderMathMLOperator.cpp:
        (WebCore::RenderMathMLOperator::maxSize): Update comment to refer to the default value in the same way as the spec.

2020-04-08  Chris Dumez  <cdumez@apple.com>

        querySelector("#\u0000") should match an element with ID U+FFFD
        https://bugs.webkit.org/show_bug.cgi?id=210119

        Reviewed by Darin Adler.

        As per the specification [1][2], we should preprocess the input string before performing
        CSS tokenization. The preprocessing step replaces certain characters in the input string.

        However, our code did not have this preprocessing step and instead was trying to deal
        with those characters during tokenization. This is however not working as expected for
        the '\0' character (which is supposed to be replaced with U+FFFD REPLACEMENT CHARACTER)
        because our code deals with StringViews of the input String and just converts part of
        the input stream to Strings / AtomStrings.

        To address the issue, this patch adds a preprocessing step that replaces the '\0'
        character with the U+FFFD REPLACEMENT CHARACTER). I opted not to replace '\r' or '\f'
        characters since our tokenizer seems to be dealing fine with those.

        [1] https://drafts.csswg.org/css-syntax/#input-preprocessing
        [2] https://drafts.csswg.org/css-syntax/#parser-entry-points

        Test: imported/w3c/web-platform-tests/dom/nodes/ParentNode-querySelector-escapes.html

        * css/parser/CSSTokenizer.cpp:
        (WebCore::preprocessString):
        (WebCore::CSSTokenizer::CSSTokenizer):
        (WebCore::CSSTokenizer::lessThan):
        (WebCore::CSSTokenizer::hyphenMinus):
        (WebCore::CSSTokenizer::hash):
        (WebCore::CSSTokenizer::reverseSolidus):
        (WebCore::CSSTokenizer::letterU):
        (WebCore::CSSTokenizer::consumeNumber):
        (WebCore::CSSTokenizer::consumeIdentLikeToken):
        (WebCore::CSSTokenizer::consumeStringTokenUntil):
        (WebCore::CSSTokenizer::consumeUnicodeRange):
        (WebCore::CSSTokenizer::consumeUrlToken):
        (WebCore::CSSTokenizer::consumeBadUrlRemnants):
        (WebCore::CSSTokenizer::consumeSingleWhitespaceIfNext):
        (WebCore::CSSTokenizer::consumeIfNext):
        (WebCore::CSSTokenizer::consumeName):
        (WebCore::CSSTokenizer::consumeEscape):
        (WebCore::CSSTokenizer::nextTwoCharsAreValidEscape):
        (WebCore::CSSTokenizer::nextCharsAreNumber):
        (WebCore::CSSTokenizer::nextCharsAreIdentifier):
        * css/parser/CSSTokenizer.h:
        * css/parser/CSSTokenizerInputStream.h:
        (WebCore::CSSTokenizerInputStream::nextInputChar const):
        (WebCore::CSSTokenizerInputStream::peek const):
        (WebCore::CSSTokenizerInputStream::peekWithoutReplacement const): Deleted.

2020-04-08  Alex Christensen  <achristensen@webkit.org>

        _corsDisablingPatterns should allow security policy access to those patterns
        https://bugs.webkit.org/show_bug.cgi?id=210218
        <rdar://problem/61395166>

        Reviewed by Timothy Hatcher.

        This gives WKWebViewConfiguration._corsDisablingPatterns power similar to WKBundleAddOriginAccessWhitelistEntry
        but its API is per-WKWebView (even if its implementation is unfortunately currently process global in the web process).
        Functionality covered by a new API test.

        * page/Page.cpp:
        (WebCore::m_loadsFromNetwork):
        * page/PageConfiguration.h:
        * page/SecurityOrigin.cpp:
        (WebCore::SecurityOrigin::canRequest const):
        (WebCore::SecurityOrigin::canDisplay const):
        * page/SecurityPolicy.cpp:
        (WebCore::originAccessPatterns):
        (WebCore::SecurityPolicy::isAccessWhiteListed):
        (WebCore::SecurityPolicy::allowAccessTo):
        (WebCore::SecurityPolicy::isAccessToURLWhiteListed): Deleted.
        * page/SecurityPolicy.h:

2020-04-08  Wenson Hsieh  <wenson_hsieh@apple.com>

        REGRESSION (r258525): Occasional crashes under TextManipulationController::observeParagraphs
        https://bugs.webkit.org/show_bug.cgi?id=210215
        <rdar://problem/61362512>

        Reviewed by Darin Adler.

        In the case where `startOfParagraph` or `endOfParagraph` return a null `Position`, we end up crashing under
        TextManipulationController::observeParagraphs while creating `ParagraphContentIterator`, which expects non-null
        `Position`s because it dereferences the result of `makeBoundaryPoint`.

        Avoid this crash for now by bailing if either the start or end positions are null. Tests to be added in a
        followup patch.

        * editing/TextManipulationController.cpp:
        (WebCore::TextManipulationController::observeParagraphs):

2020-04-08  Kenneth Russell  <kbr@chromium.org>

        Release WebGLLayer earlier in ~GraphicsContextGLOpenGL
        https://bugs.webkit.org/show_bug.cgi?id=210213

        Reviewed by Dean Jackson.

        Release WebGLLayer earlier and remove public context property,
        which is no longer called.

        * platform/graphics/cocoa/GraphicsContextGLOpenGLCocoa.mm:
        (WebCore::GraphicsContextGLOpenGL::~GraphicsContextGLOpenGL):
        * platform/graphics/cocoa/WebGLLayer.h:
        * platform/graphics/cocoa/WebGLLayer.mm:

2020-04-08  Daniel Bates  <dabates@apple.com>

        Track editable elements on screen
        https://bugs.webkit.org/show_bug.cgi?id=209888
        <rdar://problem/61196886>

        Reviewed by Simon Fraser.

        Amend EventRegion to store a region of all the hit test visible rects of editable elements
        on the page. This data will be sent over to the UI process so that it can quickly determine
        if a search rect would intersect any editable elements. 

        An element is considered editable if it has CSS -webkit-user-modify value that isn't read-only.
        Note that the value of the HTML content attribute contenteditable is internally converted to
        its -webkit-user-modify equivalent (e.g. contenteditable="true" <=> "-webkit-user-modify: read-write").

        Tests: editing/editable-region/fixed-and-absolute-contenteditable-scrolled.html
               editing/editable-region/float-contenteditable.html
               editing/editable-region/hit-test-basic.html
               editing/editable-region/hit-test-fixed.html
               editing/editable-region/hit-test-overlap.html
               editing/editable-region/iframe.html
               editing/editable-region/input-basic.html
               editing/editable-region/out-hanging-child-of-contenteditable.html
               editing/editable-region/overflow-scroll-text-field-and-contenteditable.html
               editing/editable-region/relative-inside-fixed-contenteditable-scrolled.html
               editing/editable-region/relative-inside-transformed-contenteditable.html
               editing/editable-region/transformed-scrolled-on-top-of-fixed-contenteditables.html

        * Configurations/FeatureDefines.xcconfig: Add feature define to track editable elements on
        screen (enabled by default on iOS and iOS Simulator).
        * dom/Document.h:
        (WebCore::Document::mayHaveEditableElements const):
        (WebCore::Document::setMayHaveEditableElements):
        Add some state to each document to track whether it may have an editable element or not. This
        value represents a "maybe" because it is only set and never unset. It is set if the style resolver
        saw an element with an editable style. This flag is used as a performance optimization to avoid
        creating an event region if there are no editable elements on the page.

        * page/Frame.cpp:
        (WebCore::Frame::invalidateContentEventRegionsIfNeeded): Check if there are any editable elements.
        If so, invalidate the event region.
        * rendering/EventRegion.cpp:
        (WebCore::EventRegion::operator== const): Update for editable region.
        (WebCore::EventRegion::unite): If the specified style has a writable CSS user-modify value then
        unite the region with the editable region.
        (WebCore::EventRegion::translate): Update for editable region.
        (WebCore::EventRegion::containsEditableElementsInRect const): Added. Check if the specified rect
        intersects the editable region. If it does then that means there are one or more editable elements
        whose bounds intersect that rect. Otherwise, there are none.
        (WebCore::EventRegion::dump const): Update for editable region.
        * rendering/EventRegion.h:
        (WebCore::EventRegion::intersects const): Added.
        (WebCore::EventRegion::rectsForEditableElements const): Return the rects in the editable region.
        (WebCore::EventRegion::encode const): Encode the editable region.
        (WebCore::EventRegion::decode): Decode the editable region.
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::paintObject): Traverse descendants if the page has any editable elements
        so that we find all of them.
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::styleWillChange): Amend the event region invalidation criterion to look
        for a change in writability. If there was a change (e.g. read-only to read-write) then invalidate
        the event region to force a re-computation of it.
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::invalidateEventRegion): If the document has editable elements then we need
        to create an event region.
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateEventRegion): Update the region if there are editable elements.
        (WebCore::RenderLayerBacking::paintDebugOverlays): Paint the editable elements in the debug overlay.
        For now, I piggybacked (like was done for touch-action regions) on the non-fast scrollable region
        flag (not shown in the patch). I will look to add a dedicated debug overlay flag in a follow up patch.
        * style/StyleTreeResolver.cpp:
        (WebCore::Style::TreeResolver::resolveElement): Mark the document as having an editable element if
        the style for the element being resolved is writable.

2020-04-08  Daniel Bates  <dabates@apple.com>

        Should find touch-action elements inside non-composited iframes
        https://bugs.webkit.org/show_bug.cgi?id=210041
        <rdar://problem/61323558>

        Reviewed by Simon Fraser.

        Fix up event region code to traverse non-composited iframes that have elements with a non-auto
        touch-action. The event region is computed for each composited layer during a compositing layer
        update and was retricted to being updated if the layer's associated document may have an element
        with a non-auto touch-action. To make this work for non-composited iframes I find its enclosing
        compositing layer, set a special bit that it needs an event region update because of the non-
        composited child iframe and schedule a compositing layer update. When the update happens, it
        checks to see if the special bit is set and if so overrides any restrictions that would have
        prevented the event region from being updated. The painting code for widgets is also fixed up to
        pass through an EventRegionContext to update during EventRegion painting.

        This strategy works well for updating the event region. However debug paint overlays are not
        updated (i.e. RenderLayerBacking::paintDebugOverlays() is not called) until the embedding client's
        view is repainted. For now, to fix this up I added another a hack, a special bit (RenderView::needsRepaintHackAfterCompositingLayerUpdateForDebugOverlaysOnly())
        that is only set if debug overlays are to be shown, to have the compositor repaint the view after
        updating compositing layers.

        Tests: pointerevents/ios/programmatic-touch-action-none-inside-iframe.html
               pointerevents/ios/touch-action-none-inside-iframe.html
               pointerevents/ios/touch-action-none-inside-nested-iframe.html

        * dom/Document.cpp:
        (WebCore::Document::invalidateEventRegionsForFrame): Added. Try to invalidate the event region.
        This may fail if the document does not have an enclosing compositing layer for repaint (e.g. nested
        composited iframes - see test pointerevents/ios/touch-action-none-inside-nested-iframe.html). If
        this happens then recursive on our owner element's document. Recursion is used instead of a loop
        to future proof this code for out-of-process (OOP) frames, which will likely introduce document proxy objects.
        * dom/Document.h:
        * page/Frame.cpp:
        (WebCore::Frame::invalidateContentEventRegionsIfNeeded): Added. Check if our document has any elements with
        a non-auto touch-action. If it does then ask the compositor if the enclosing compositing layer for
        repaint's event region must be invalidated - it will only reply true if this is a non-composited iframe.
        If it does then forward this invalidation request to the document. The reason I delegate to the document
        instead of handling the logic here is to future proof this code for OOP iframes.
        * page/Frame.h:
        * page/FrameView.cpp:
        (WebCore::FrameView::didLayout): Call Frame::invalidateContentEventRegionsIfNeeded(). Also while
        I am here take out a ref on the document to ensure it lives through the end of this function, including
        through the accessibility's postNotification() code that calls out to the embedding client.

        (WebCore::FrameView::paintContents):
        * page/FrameView.h:
        * platform/ScrollView.cpp:
        (WebCore::ScrollView::paint):
        * platform/ScrollView.h:
        * platform/Scrollbar.cpp:
        (WebCore::Scrollbar::paint):
        * platform/Scrollbar.h:
        * platform/Widget.cpp:
        (WebCore::Widget::paint):
        * platform/Widget.h:
        * platform/gtk/WidgetGtk.cpp:
        (WebCore::Widget::paint):
        * platform/ios/WidgetIOS.mm:
        (WebCore::Widget::paint):
        * platform/mac/WidgetMac.mm:
        (WebCore::Widget::paint):
        * platform/win/WidgetWin.cpp:
        (WebCore::Widget::paint):
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::paintObject):
        Pass an EventRegionContext through.

        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::styleWillChange): Update code now that RendeLayer::invalidateEventRegion()
        takes a reason. 
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::paint): Pass the EventRegionContext through. If are passed one then update
        paint flags to collect event region.
        (WebCore::RenderLayer::invalidateEventRegion): Changed return value from void to bool so as to indicate
        to the caller whether the event region was actually invalidated. Also made it take an argument as
        to the reason for the invalidation. If invalidation is due to a non-composited iframe then sets some
        state and schedule a compositing layer update.

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateEventRegion):
        (WebCore::RenderLayerBacking::setContentsNeedDisplay):
        (WebCore::RenderLayerBacking::setContentsNeedDisplayInRect):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::updateCompositingLayers):
        Pass an EventRegionContext through

        (WebCore::RenderLayerCompositor::viewNeedsToInvalidateEventRegionOfEnclosingCompositingLayerForRepaint const): Added.

        * rendering/RenderLayerCompositor.h:
        * rendering/RenderScrollbar.cpp:
        (WebCore::RenderScrollbar::paint):
        * rendering/RenderScrollbar.h:
        * rendering/RenderView.h:
        Pass an EventRegionContext through.

        * rendering/RenderWidget.cpp:
        (WebCore::RenderWidget::paintContents): Translate the event region by our content paint offset.
        (WebCore::RenderWidget::paint): Update for EventRegion. If painting the event region and the view
        needs layout then do what we do now and bail out. Otherwise, proceed to paint the widget's content.
        The changes to FrameView::didLayout() above means that for non-composited frames that need an event
        region update they already performed a layout. So, these paints will be allowed to descend into
        painting of the widget's content.

2020-04-08  Rob Buis  <rbuis@igalia.com>

        Make more use of FrameLoader pageID/frameID getters
        https://bugs.webkit.org/show_bug.cgi?id=210182

        Reviewed by Chris Dumez.

        Make more use of FrameLoader pageID/frameID getters, before
        this change they were only used internally in FrameLoader.

        * dom/Document.cpp:
        (WebCore::Document::pageID const):
        (WebCore::Document::frameID const):
        * html/HTMLAnchorElement.cpp:
        (WebCore::HTMLAnchorElement::handleClick):
        * loader/CookieJar.cpp:
        (WebCore::CookieJar::cookies const):
        (WebCore::CookieJar::cookieRequestHeaderFieldProxy):
        (WebCore::CookieJar::setCookies):
        (WebCore::CookieJar::cookieRequestHeaderFieldValue const):
        (WebCore::CookieJar::getRawCookies const):
        * loader/NavigationAction.cpp:
        (WebCore::createGlobalFrameIdentifier):
        * loader/PolicyChecker.cpp:
        * testing/Internals.cpp:
        (WebCore::Internals::frameIdentifier const):

2020-04-08  Doug Kelly  <dougk@apple.com>

        Additional cleanup from "Hit test with clipPath referencing parent element causes infinite recursion"
        https://bugs.webkit.org/show_bug.cgi?id=210203
        <rdar://problem/60002347>

        Reviewed by Geoffrey Garen.

        As suggested from the review in bug #209773, this incorporates some additional cleanup, including making the
        SVGHitTestCycleDetectionScope constructor explicit, and clarifying the add/remove with the WeakHashSet, since
        WeakPtr's operator* returns a reference to the template type (which is what we need).

        No new tests as this is covered by existing tests and there are no functional changes.

        * rendering/svg/SVGRenderSupport.cpp:
        (WebCore::SVGHitTestCycleDetectionScope::SVGHitTestCycleDetectionScope):
        (WebCore::SVGHitTestCycleDetectionScope::~SVGHitTestCycleDetectionScope):
        * rendering/svg/SVGRenderSupport.h:

2020-04-08  Devin Rousso  <drousso@apple.com>

        Web Inspector: Storage: cannot clear out multiple or all local storage entries
        https://bugs.webkit.org/show_bug.cgi?id=209867

        Reviewed by Timothy Hatcher.

        Tests: inspector/storage/clearDOMStorageItems.html
               inspector/storage/getDOMStorageItems.html
               inspector/storage/removeDOMStorageItem.html
               inspector/storage/setDOMStorageItem.html

        * inspector/agents/InspectorDOMStorageAgent.h:
        * inspector/agents/InspectorDOMStorageAgent.cpp:
        (WebCore::InspectorDOMStorageAgent::clearDOMStorageItems): Added.
        Add a `clearDOMStorageItems` command instead of calling `removeDOMStorageItem` for each key.

2020-04-08  Kenneth Russell  <kbr@chromium.org>

        WebContent process crashes in com.apple.WebCore: rx::IOSurfaceSurfaceCGL::releaseTexImage
        https://bugs.webkit.org/show_bug.cgi?id=210151

        Reviewed by Dean Jackson.

        Explicitly check for context teardown when displaying a
        WebGLLayer.

        * platform/graphics/cocoa/WebGLLayer.mm:
        (-[WebGLLayer display]):

2020-04-08  Wenson Hsieh  <wenson_hsieh@apple.com>

        [macOS] Make PlatformPasteboard robust against types that cannot be encoded with +defaultCStringEncoding
        https://bugs.webkit.org/show_bug.cgi?id=210195
        <rdar://problem/61084208>

        Reviewed by Tim Horton.

        When setting pasteboard data using the three PlatformPasteboard methods below, avoid calling into NSPasteboard
        in the case where the pasteboard type fails to be encoded using +[NSString defaultCStringEncoding]. This is
        because AppKit pasteboard logic will attempt to convert the given string into a C string using [NSString
        defaultCStringEncoding], and then assume that the result is non-null, if the type is neither declared nor
        dynamic.

        * platform/mac/PlatformPasteboardMac.mm:
        (WebCore::canWritePasteboardType):
        (WebCore::PlatformPasteboard::setTypes):
        (WebCore::PlatformPasteboard::setBufferForType):
        (WebCore::PlatformPasteboard::setStringForType):

        Add early returns if canWritePasteboardType returns false.

2020-04-08  Truitt Savell  <tsavell@apple.com>

        Unreviewed, reverting r259708.

        Broke the iOS device Build

        Reverted changeset:

        "Enable the use of XCBuild by default in Apple builds"
        https://bugs.webkit.org/show_bug.cgi?id=209890
        https://trac.webkit.org/changeset/259708

2020-04-08  Rob Buis  <rbuis@igalia.com>

        Import fetch/origin/assorted.window.js
        https://bugs.webkit.org/show_bug.cgi?id=210128

        Reviewed by Youenn Fablet.

        Import fetch/origin/assorted.window.js and remove
        the hack to make the previous (incorrect) version work.

        * loader/cache/CachedResourceRequest.cpp:
        (WebCore::CachedResourceRequest::updateReferrerAndOriginHeaders):

2020-04-08  Doug Kelly  <dougk@apple.com>

        Hit test with clipPath referencing parent element causes infinite recursion
        https://bugs.webkit.org/show_bug.cgi?id=209773
        <rdar://problem/60002347>

        Reviewed by Geoffrey Garen.

        Upon further investigation, the original fix for the hit test in RenderSVGResourceClipper to prevent
        infinite recursion was incomplete, as something such as a use element could easily cause another cycle which
        would not be detected by the initial fix.  Instead, by maintaining a set of visited elements, we can prevent
        visiting the same element twice, and thus breaking any cycles which might occur in the SVG document.  We
        track these elements within the SVGHitTestCycleDetectionScope class, where the set of visited elements are
        maintained statically, and instances of the class will manage the scope, as an RAII-style object.

        This is covered by an existing test, but includes additional test cases which illustrate the more complex
        document structure.

        Tests: svg/hittest/svg-clip-path-child-element-with-use-root.html
               svg/hittest/svg-clip-path-child-element-with-use.html

        * rendering/svg/RenderSVGContainer.cpp:
        (WebCore::RenderSVGContainer::nodeAtFloatPoint):
        * rendering/svg/RenderSVGImage.cpp:
        (WebCore::RenderSVGImage::nodeAtFloatPoint):
        * rendering/svg/RenderSVGResourceClipper.cpp:
        (WebCore::RenderSVGResourceClipper::hitTestClipContent):
        * rendering/svg/RenderSVGRoot.cpp:
        (WebCore::RenderSVGRoot::nodeAtPoint):
        * rendering/svg/RenderSVGShape.cpp:
        (WebCore::RenderSVGShape::nodeAtFloatPoint):
        * rendering/svg/RenderSVGText.cpp:
        (WebCore::RenderSVGText::nodeAtFloatPoint):
        * rendering/svg/SVGRenderSupport.cpp:
        (WebCore::SVGRenderSupport::pointInClippingArea):
        (WebCore::SVGHitTestCycleDetectionScope::SVGHitTestCycleDetectionScope):
        (WebCore::SVGHitTestCycleDetectionScope::~SVGHitTestCycleDetectionScope):
        (WebCore::SVGHitTestCycleDetectionScope::visitedElements):
        (WebCore::SVGHitTestCycleDetectionScope::isEmpty):
        (WebCore::SVGHitTestCycleDetectionScope::isVisiting):
        * rendering/svg/SVGRenderSupport.h:

2020-04-08  Antoine Quint  <graouts@apple.com>

        transition-property is not computed correctly when transition-duration is set to "inherit"
        https://bugs.webkit.org/show_bug.cgi?id=204554
        <rdar://problem/57458091>

        Reviewed by Antti Koivisto.

        Test: transitions/transition-property-for-element-with-transition-duration-inherit.html

        The "transition-property" would behave as if "inherit" was set when the "transition-duration" property itself was set explicitly to "inherit".
        We fix this by storing all the information contained in the "transition-property" into the single Animation::m_property member instead of splitting
        it across Animation::m_mode as well. We now use a TransitionProperty struct which holds both the transition "mode" (none, all, single property,
        unknown property) and and the CSS property targeted itself.

        This requires modifying call sites of both Animation::property() and Animation::animationMode() throughout WebCore.

        * animation/AnimationTimeline.cpp:
        (WebCore::transitionMatchesProperty):
        (WebCore::compileTransitionPropertiesInStyle):
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::createTransitionPropertyValue):
        * css/CSSToStyleMap.cpp:
        (WebCore::CSSToStyleMap::mapAnimationProperty):
        * css/makeprop.pl:
        (generateAnimationPropertyInitialValueSetter):
        (generateAnimationPropertyInheritValueSetter):
        * page/animation/CompositeAnimation.cpp:
        (WebCore::CompositeAnimation::updateTransitions):
        * page/animation/ImplicitAnimation.cpp:
        (WebCore::ImplicitAnimation::ImplicitAnimation):
        * page/ios/ContentChangeObserver.cpp:
        (WebCore::ContentChangeObserver::didAddTransition):
        * platform/animation/Animation.cpp:
        (WebCore::Animation::Animation):
        (WebCore::Animation::operator=):
        (WebCore::Animation::animationsMatch const):
        (WebCore::operator<<):
        * platform/animation/Animation.h:
        (WebCore::Animation::property const):
        (WebCore::Animation::timingFunction const):
        (WebCore::Animation::setProperty):
        (WebCore::Animation::setTimingFunction):
        (WebCore::Animation::initialProperty):
        (WebCore::Animation::animationMode const): Deleted.
        (WebCore::Animation::setAnimationMode): Deleted.
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::adjustTransitions):
        (WebCore::RenderStyle::transitionForProperty const):

2020-04-08  Youenn Fablet  <youenn@apple.com>

        Handle errors when grabbing grabbing microphone audio samples from the AudioUnit
        https://bugs.webkit.org/show_bug.cgi?id=210185

        Reviewed by Eric Carlson.

        We compute the buffer size to copy microphone samples when setting up the Audio Unit.
        This is based on the preferred buffer size and sample rate.
        But these values might change over time by the web page durig the capture.
        If the preferred buffer size increases (for instance if the page stops using WebAudio), our buffer might be too small.
        Capture will fail but we will not notify the web application.

        Update the code to reconfigure the AudioUnit if AudioUnitRender returns an error of type kAudio_ParamError.
        Update the code to only increment the number of microphoneProcsCalled if AudioUnitRender succeeds.
        This will ensure that, should AudioUnitRender fails for some time, the timer will kick in and fail the capture.
        Page will be notified and can call getUserMedia again to restart capture.

        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioSharedUnit::processMicrophoneSamples):

2020-04-08  Keith Rollin  <krollin@apple.com>

        Enable the use of XCBuild by default in Apple builds
        https://bugs.webkit.org/show_bug.cgi?id=209890
        <rdar://problem/44182078>

        Reviewed by Darin Adler.

        Switch from the "legacy" Xcode build system to the "new" build system
        (also known as "XCBuild"). Switching to the new system speeds up
        builds by a small percentage, better validates projects for
        build-related issues (such as dependency cycles), lets WebKit benefit
        from future improvements in XCBuild such as those coming from the
        underlying llbuild open source project, and prepares us for any other
        tools built for this new ecosystem.

        Specific changes:

        - Remove Xcode project and workspace settings that selected the Build
          system, allowing the default to take hold (which is currently the
          New build system).
        - Updated webkitdirs.pm with a terser check for Xcode version.
        - Update build-webkit and Makefile.shared to be explicit when using
          the old build system (no longer treat it as a default or fall-back
          configuration).
        - Update various xcconfig files similarly to treat the default as
          using the new build system.
        - Update various post-processing build steps to check for Xcode 11.4
          and to no longer treat the default as using the old build system.

        No new tests -- no changed functionality.

        * WebCore.xcodeproj/project.pbxproj:

2020-04-08  Philippe Normand  <pnormand@igalia.com>

        [GTK][WPE] Release logs are unconditionally filling the journal
        https://bugs.webkit.org/show_bug.cgi?id=209421

        Reviewed by Carlos Alberto Lopez Perez.

        * platform/unix/LoggingUnix.cpp:
        (WebCore::logLevelString): Disable all logging when the
        WEBKIT_DEBUG environment variable is empty.

2020-04-07  Antoine Quint  <graouts@apple.com>

        [iPadOS] Unable to toggle subpages on sites.google.com
        https://bugs.webkit.org/show_bug.cgi?id=210143
        <rdar://problem/58653069>

        Reviewed by Brent Fulgham.

        If a site built with sites.google.com has some sub-pages, tapping on the right-pointing arrow will not disclose the sub-pages due to preventDefault() being called
        on the touchend event handler. We work around this issue by adding a new quirk that will prevent a given touch event type from being dispatched on a given element.
        This quirk is only true for sites.google.com and the right-pointing arrow for the sub-pages disclosure.

        * page/Quirks.cpp:
        (WebCore::Quirks::shouldPreventDispatchOfTouchEvent const):
        * page/Quirks.h:

2020-04-07  Tyler Wilcock  <twilco.o@protonmail.com>

        [css-values-4] Support font-relative lh and rlh unit
        https://bugs.webkit.org/show_bug.cgi?id=195180

        Reviewed by Antti Koivisto.

        Implement support for 'lh' and 'rlh' units.
        https://www.w3.org/TR/css-values-4/#font-relative-lengths

        * css/CSSCalculationValue.cpp:
        (WebCore::calcUnitCategory):
        (WebCore::calculationCategoryForCombination):
        (WebCore::hasDoubleValue):
        * css/CSSGradientValue.cpp:
        (WebCore::CSSLinearGradientValue::createGradient):
        (WebCore::CSSRadialGradientValue::createGradient):
        (WebCore::CSSConicGradientValue::createGradient):
        * css/CSSPrimitiveValue.cpp:
        (WebCore::isValidCSSUnitTypeForDoubleConversion):
        (WebCore::isStringType):
        (WebCore::CSSPrimitiveValue::cleanup):
        (WebCore::CSSPrimitiveValue::computeNonCalcLengthDouble):
        (WebCore::CSSPrimitiveValue::unitTypeString):
        (WebCore::CSSPrimitiveValue::formatNumberForCustomCSSText const):
        (WebCore::CSSPrimitiveValue::equals const):
        (WebCore::CSSPrimitiveValue::collectDirectComputationalDependencies const):
        (WebCore::CSSPrimitiveValue::collectDirectRootComputationalDependencies const):
        * css/CSSPrimitiveValue.h:
        (WebCore::CSSPrimitiveValue::isFontRelativeLength):
        (WebCore::CSSPrimitiveValue::isLength):
        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::convertingToLengthRequiresNonNullStyle const):
        * css/CSSToLengthConversionData.cpp:
        (WebCore::CSSToLengthConversionData::viewportWidthFactor const):
        (WebCore::CSSToLengthConversionData::viewportHeightFactor const):
        (WebCore::CSSToLengthConversionData::viewportMinFactor const):
        (WebCore::CSSToLengthConversionData::viewportMaxFactor const):
        * css/CSSToLengthConversionData.h: Replace bool 'm_computingFontSize' with Optional<CSSPropertyID> that indicates the property being computed, where none means the property being computed is unknown or unimportant to know.
        (WebCore::CSSToLengthConversionData::CSSToLengthConversionData): Add 'parentStyle' parameter, necessary for calculating lh/rlh unit values.
        (WebCore::CSSToLengthConversionData::parentStyle const):
        (WebCore::CSSToLengthConversionData::computingFontSize const):
        (WebCore::CSSToLengthConversionData::computingLineHeight const):
        (WebCore::CSSToLengthConversionData::copyWithAdjustedZoom const):
        (WebCore::CSSToLengthConversionData::copyWithAdjustedZoomAndPropertyToCompute const):
        * css/CSSUnits.cpp:
        (WebCore::operator<<):
        * css/CSSUnits.h:
        * css/MediaQueryEvaluator.cpp:
        (WebCore::MediaQueryEvaluator::evaluate const):
        * css/parser/CSSParserToken.cpp:
        (WebCore::cssPrimitiveValueUnitFromTrie):
        * css/parser/CSSPropertyParserHelpers.cpp:
        (WebCore::CSSPropertyParserHelpers::consumeLength):
        * css/parser/SizesAttributeParser.cpp:
        (WebCore::SizesAttributeParser::computeLength):
        (WebCore::SizesAttributeParser::effectiveSizeDefaultValue):
        * html/shadow/TextControlInnerElements.cpp:
        (WebCore::TextControlInnerElement::resolveCustomStyle):
        * rendering/RenderElement.h:
        (WebCore::RenderElement::parentStyle const):
        * rendering/RenderThemeIOS.mm:
        (WebCore::applyCommonButtonPaddingToStyle):
        (WebCore::RenderThemeIOS::adjustButtonStyle const):
        * rendering/style/RenderStyle.cpp: Extract 'computedLineHeight' behavior into separate 'computeLineHeight' function so logic can be reused elsewhere.
        (WebCore::RenderStyle::computedLineHeight const):
        (WebCore::RenderStyle::computeLineHeight const):
        * rendering/style/RenderStyle.h:
        * style/StyleBuilderConverter.h: Extract zoom calculation logic out of 'csstoLengthConversionDataWithTextZoomFactor' into separate 'zoomWithTextZoomFactor' function so logic can be reused elsewhere.
        (WebCore::Style::zoomWithTextZoomFactor):
        (WebCore::Style::BuilderConverter::csstoLengthConversionDataWithTextZoomFactor):
        (WebCore::Style::BuilderConverter::convertLineHeight):
        * style/StyleBuilderCustom.h:
        (WebCore::Style::BuilderCustom::applyValueFontSize):
        * style/StyleBuilderState.cpp:
        (WebCore::Style::BuilderState::BuilderState):

2020-04-07  Zalan Bujtas  <zalan@apple.com>

        fastclick.com: A Gradient banner is missing
        https://bugs.webkit.org/show_bug.cgi?id=210169
        <rdar://problem/60680979>

        Reviewed by Simon Fraser.

        This patch ensures that if the non-fixed specified size for the background content computes to be a close-to-zero value, we produce at least one device pixel size content.
        (and this is similar to what we do for FillSizeType::Contain/Cover.)

        Test: fast/backgrounds/generated-bck-image-with-small-relative-size.html

        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::calculateFillTileSize const):

2020-04-07  Joonghun Park  <jh718.park@samsung.com>

        Unreviewed. remove the build warning below since r243033.
        warning: unused parameter ‘pageMuted’ [-Wunused-parameter]

        No new tests, no new behaviors.

        * platform/mediastream/RealtimeMediaSource.cpp:
        (WebCore::RealtimeMediaSource::setInterrupted):

2020-04-07  Chris Fleizach  <cfleizach@apple.com>

        AX: VoiceOver can't activate combobox when textfield is inside it
        https://bugs.webkit.org/show_bug.cgi?id=210081

        Reviewed by Joanmarie Diggs.

        Change accessKeyAction to return whether a simulated click event was dispatched.
        Accessibility uses that information to decide whether it should sent an event afterwards, because
        some objects accessKeyAction is only to focus(). AX is expected here to press on the object (and possibly focus).

        Test: accessibility/activation-of-input-field-inside-other-element.html

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::press):
        * dom/Element.h:
        (WebCore::Element::accessKeyAction):
        * html/BaseCheckableInputType.cpp:
        (WebCore::BaseCheckableInputType::accessKeyAction):
        * html/BaseCheckableInputType.h:
        * html/BaseChooserOnlyDateAndTimeInputType.cpp:
        (WebCore::BaseChooserOnlyDateAndTimeInputType::accessKeyAction):
        * html/BaseChooserOnlyDateAndTimeInputType.h:
        * html/BaseClickableWithKeyInputType.cpp:
        (WebCore::BaseClickableWithKeyInputType::accessKeyAction):
        * html/BaseClickableWithKeyInputType.h:
        * html/HTMLAnchorElement.cpp:
        (WebCore::HTMLAnchorElement::accessKeyAction):
        * html/HTMLAnchorElement.h:
        * html/HTMLButtonElement.cpp:
        (WebCore::HTMLButtonElement::accessKeyAction):
        * html/HTMLButtonElement.h:
        * html/HTMLElement.cpp:
        (WebCore::HTMLElement::accessKeyAction):
        * html/HTMLElement.h:
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::accessKeyAction):
        * html/HTMLInputElement.h:
        * html/HTMLLabelElement.cpp:
        (WebCore::HTMLLabelElement::accessKeyAction):
        * html/HTMLLabelElement.h:
        * html/HTMLLegendElement.cpp:
        (WebCore::HTMLLegendElement::accessKeyAction):
        * html/HTMLLegendElement.h:
        * html/HTMLOptGroupElement.cpp:
        (WebCore::HTMLOptGroupElement::accessKeyAction):
        * html/HTMLOptGroupElement.h:
        * html/HTMLOptionElement.cpp:
        (WebCore::HTMLOptionElement::accessKeyAction):
        * html/HTMLOptionElement.h:
        * html/HTMLSelectElement.cpp:
        (WebCore::HTMLSelectElement::accessKeyAction):
        * html/HTMLSelectElement.h:
        * html/HTMLTextAreaElement.cpp:
        (WebCore::HTMLTextAreaElement::accessKeyAction):
        * html/HTMLTextAreaElement.h:
        * html/HiddenInputType.cpp:
        (WebCore::HiddenInputType::accessKeyAction):
        * html/HiddenInputType.h:
        * html/InputType.cpp:
        (WebCore::InputType::accessKeyAction):
        * html/InputType.h:
        * html/RangeInputType.cpp:
        (WebCore::RangeInputType::accessKeyAction):
        * html/RangeInputType.h:
        * svg/SVGElement.cpp:
        (WebCore::SVGElement::accessKeyAction):
        * svg/SVGElement.h:

2020-04-07  Jiewen Tan  <jiewen_tan@apple.com>

        [WebAuthn] Cancel WebAuthn requests when users cancel LocalAuthentication prompts
        https://bugs.webkit.org/show_bug.cgi?id=209923
        <rdar://problem/61223713>

        Reviewed by Brent Fulgham.

        Covered by new tests within existing test files.

        * testing/MockWebAuthenticationConfiguration.h:
        (WebCore::MockWebAuthenticationConfiguration::LocalConfiguration::encode const):
        (WebCore::MockWebAuthenticationConfiguration::LocalConfiguration::decode):
        * testing/MockWebAuthenticationConfiguration.idl:
        Adds a new parameter to reflect user cancellations on LocalAuthentication UI.

2020-04-07  Tadeu Zagallo  <tzagallo@apple.com>

        Not using strict mode within ClassDeclaration statement
        https://bugs.webkit.org/show_bug.cgi?id=205578
        <rdar://problem/58194589>

        Reviewed by Yusuke Suzuki.

        Test: JSTests/ stress/superclass-expression-strictness.js

        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::IDLOperation<JSDOMWindow>::cast):
        * bindings/js/JSEventTargetCustom.h:
        (WebCore::IDLOperation<JSEventTarget>::call):
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation):

2020-04-07  Simon Fraser  <simon.fraser@apple.com>

        Use RectEdges<> in some scrolling tree code
        https://bugs.webkit.org/show_bug.cgi?id=210141

        Reviewed by Tim Horton.

        Add utility functions on ScrollingTreeScrollingNode to get pinned and rubberband state.
        Use them to push main frame state to the scrolling tree (which we do so we can safely
        access the state from the EventDispatcher thread).

        * page/scrolling/ScrollingTree.cpp:
        (WebCore::ScrollingTree::setMainFramePinnedState):
        (WebCore::ScrollingTree::setMainFrameCanRubberBand):
        (WebCore::ScrollingTree::willWheelEventStartSwipeGesture):
        (WebCore::ScrollingTree::setMainFramePinState): Deleted.
        (WebCore::ScrollingTree::setCanRubberBandState): Deleted.
        * page/scrolling/ScrollingTree.h:
        * page/scrolling/ScrollingTreeScrollingNode.cpp:
        (WebCore::ScrollingTreeScrollingNode::edgePinnedState const):
        (WebCore::ScrollingTreeScrollingNode::isRubberBanding const):
        * page/scrolling/ScrollingTreeScrollingNode.h:
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
        (WebCore::ScrollingTreeFrameScrollingNodeMac::updateMainFramePinAndRubberbandState):

2020-04-07  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: Change ATK mapping of the ARIA alert and alertdialog roles
        https://bugs.webkit.org/show_bug.cgi?id=210121

        Reviewed by Chris Fleizach.

        The ARIA alert role is a live region; not a dialog/message box. In contrast,
        the ATK alert role is for dialogs such as a warning message which should be
        presented immediately to the user. Because of the similarity in role names,
        the original mappings in the Core-AAM were not ideal. They have recently
        been fixed so we need to update our implementation accordingly.

        Changed mappings
        - alertdialog from ATK_ROLE_DIALOG to ATK_ROLE_ALERT
        - alert from ATK_ROLE_ALERT to ATK_ROLE_NOTIFICATION

        Updated existing tests to reflect this change.

        * accessibility/atk/WebKitAccessible.cpp:
        (atkRole):

2020-04-07  Antti Koivisto  <antti@apple.com>

        Make StylePropertyShorthand iterable
        https://bugs.webkit.org/show_bug.cgi?id=210117

        Reviewed by Darin Adler.

        Enable modern for-loops.

        * animation/AnimationTimeline.cpp:
        (WebCore::transitionMatchesProperty):
        (WebCore::compileTransitionPropertiesInStyle):
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::updateStyleIfNeededForProperty):
        * css/StyleProperties.cpp:
        (WebCore::StyleProperties::propertyIsImportant const):
        (WebCore::MutableStyleProperties::setProperty):
        * css/StylePropertyShorthand.h:
        (WebCore::StylePropertyShorthand::begin const):
        (WebCore::StylePropertyShorthand::end const):
        * css/parser/CSSPropertyParser.cpp:
        (WebCore::CSSPropertyParser::addExpandedPropertyForValue):
        * inspector/agents/InspectorCSSAgent.cpp:
        (WebCore::InspectorCSSAgent::getSupportedCSSProperties):
        * page/animation/CSSPropertyAnimation.cpp:
        (WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):

2020-04-07  Chris Dumez  <cdumez@apple.com>

        documentFragment.getElementById() should not work for empty-string IDs
        https://bugs.webkit.org/show_bug.cgi?id=210111

        Reviewed by Geoffrey Garen.

        Make sure that getElementById() returns null when given an empty string ID:
        - https://dom.spec.whatwg.org/#concept-id

        Test: imported/w3c/web-platform-tests/dom/nodes/DocumentFragment-getElementById.html

        * dom/DocumentFragment.cpp:
        (WebCore::DocumentFragment::getElementById const):
        * dom/TreeScope.cpp:
        (WebCore::TreeScope::getElementById const):

2020-04-07  Timothy Hatcher  <timothy@apple.com>

        WKUserScripts deferred from injection are not injected if -[WKWebView _notifyUserScripts] is called early.
        https://bugs.webkit.org/show_bug.cgi?id=210131
        rdar://problem/61368446

        Reviewed by Brady Eidson.

        If Page::notifyToInjectUserScripts() is called early, before Frame::injectUserScripts() happens,
        m_hasBeenNotifiedToInjectUserScripts will be false, allowing scripts to build up in m_userScriptsAwaitingNotification
        and never being injected (since Page::notifyToInjectUserScripts() will not be called again).

        * page/Page.cpp:
        (WebCore::Page::notifyToInjectUserScripts): Set m_hasBeenNotifiedToInjectUserScripts to true when called.

2020-04-07  Devin Rousso  <drousso@apple.com>

        Web Inspector: unable to see cookies on pages that have subframes which have been denied access to cookies
        https://bugs.webkit.org/show_bug.cgi?id=210125
        <rdar://problem/61357992>

        Reviewed by Timothy Hatcher.

        Previously, the same boolean value was re-used when checking whether that URL and `document`
        pairs is able to access cookies, meaning that if the last check returned `false`, the logic
        would incorrectly think that none of the URL and `document` pairs would have access to any
        cookies, resulting in an empty array.

        Instead of using this all-or-nothing boolean, if a URL and `document` pair is not able to
        access cookies, simply ignore it and move on to the next pair.

        * inspector/agents/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::getCookies):

2020-04-07  Ryosuke Niwa  <rniwa@webkit.org>

        TextManipulationController fails to replace a paragraph that ends with a br
        https://bugs.webkit.org/show_bug.cgi?id=210099

        Reviewed by Wenson Hsieh.

        The bug was caused by TextManipulationController::replace not ignoring the br at the end of a paragraph
        even through it doesn't appear as a token. We also need to insert this br back at the end of the paragraph
        when completing the manipulation.

        * editing/TextManipulationController.cpp:
        (WebCore::TextManipulationController::replace):

2020-04-07  Jer Noble  <jer.noble@apple.com>

        Make sure playback of remote audio tracks is stable even if pages are using webaudio
        https://bugs.webkit.org/show_bug.cgi?id=210052

        Reviewed by Eric Carlson.

        If a client requests data from AudioSampleDataSource, and the time requested happens to land
        precicely on the end of the AudioSampleDataSoure's CARingBuffer's range, the function will get
        into an inconsistent state where it believes both that not enough samples are available to
        fulfill the request, but also that the number of frames available is equal to the number of
        requested frames. This is due to an off-by-one error, where the end of the CARingBuffer's range
        is incorrectly treated as inclusive, rather than exclusive. All subsequent requests will start at
        sampleCount + timestamp, as if that data was returned correctly, rather than returning zeros,
        propogating the error to future requests.

        Fix this state by correctly checking if timestamp is greater-than-or-equal-to endFrame. This will
        cause the method to return zero frames, and correctly apply an offset so the next request will start
        at the same effective timestamp.

        * platform/audio/mac/AudioSampleDataSource.mm:
        (WebCore::AudioSampleDataSource::pullSamplesInternal):

2020-04-07  Alicia Boya García  <aboya@igalia.com>

        [GStreamer] Log a warning if playbin is not found
        https://bugs.webkit.org/show_bug.cgi?id=210112

        Reviewed by Philippe Normand.

        I spent quite a bit of time looking in the debugger for what ended up
        being a trivial configuration issue because there was no logging
        showing any obvious problem. Let's add it.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::isAvailable):

2020-04-07  Adrian Perez de Castro  <aperez@igalia.com>

        [GTK] CMake find module for GTK4
        https://bugs.webkit.org/show_bug.cgi?id=210110

        Reviewed by Don Olmstead.

        No new tests needed.

        * PlatformGTK.cmake: Use the GTK::GTK imported target.

2020-04-07  Andres Gonzalez  <andresg_22@apple.com>

        Initialization of modal nodes should happen lazily, not in the AXObjectCache constructor.
        https://bugs.webkit.org/show_bug.cgi?id=210090

        Reviewed by Chris Fleizach.

        - The initialization of modal nodes was performed in the AXObjectCache
        constructor, which is not necessary. Instead, this change performs the
        initialization of the modal nodes before they are needed.
        - updateCurrentModalNode was replaced with currentModalNode, and its
        implementation cleaned up.
        - Now the initialization and update of AXObjectCached::m_modalNodesSet
        and m_currentMOdalNode is clearer.

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::AXObjectCache):
        (WebCore::AXObjectCache::findModalNodes):
        (WebCore::AXObjectCache::currentModalNode const):
        (WebCore::AXObjectCache::modalNode):
        (WebCore::AXObjectCache::handleModalChange):
        (WebCore::AXObjectCache::updateCurrentModalNode): Renamed currentModalNode.
        * accessibility/AXObjectCache.h:

2020-04-07  Youenn Fablet  <youenn@apple.com>

        Remove unnecessary memory allocation from RealtimeIncomingAudioSourceCocoa::OnData
        https://bugs.webkit.org/show_bug.cgi?id=209969

        Reviewed by Eric Carlson.

        Instead of allocating a new buffer for every audio chunk and copy the audio chunk,
        Create a WebAudioBufferList once (without any buffer allocation) and set the audio buffer pointer
        given by libwebrtc as the WebAudioBufferList buffer pointer.
        We do not take care of muted state anymore since this is done by consumers anyway.
        Covered by existing tests.

        * platform/mediastream/mac/RealtimeIncomingAudioSourceCocoa.cpp:
        (WebCore::RealtimeIncomingAudioSourceCocoa::OnData):
        * platform/mediastream/mac/RealtimeIncomingAudioSourceCocoa.h:

2020-04-07  Claudio Saavedra  <csaavedra@igalia.com>

        [GTK] gtk_icon_info_free is deprecated since GTK+ 3.8
        https://bugs.webkit.org/show_bug.cgi?id=118381

        Reviewed by Carlos Garcia Campos.

        GtkIconInfo is a GObject since 3.8, update accordingly.

        * platform/graphics/gtk/ImageGtk.cpp:
        (WebCore::loadMissingImageIconFromTheme):
        * platform/gtk/GUniquePtrGtk.h:

2020-04-07  Doug Kelly  <dougk@apple.com>

        Add release asserts to KeyframeEffectStack::ensureEffectsAreSorted()
        https://bugs.webkit.org/show_bug.cgi?id=210084
        <rdar://problem/61359275>

        Reviewed by Ryosuke Niwa.

        To ensure any potential problems in KeyframeEffectStack::ensureEffectsAreSorted() are found closer to the
        root cause, add several RELEASE_ASSERTs throughout this function (and its associated comparison function).
        This should guard against null pointers/null WeakPtrs, as well as other state problems which would be
        unexpected for the comparison function used by std::sort.

        No new tests; this only adds additional asserts, so there is no change to functionality, and this code is
        covered by existing tests.

        * animation/KeyframeEffectStack.cpp:
        (WebCore::KeyframeEffectStack::ensureEffectsAreSorted):
        * animation/WebAnimationUtilities.cpp:
        (WebCore::compareAnimationsByCompositeOrder):

2020-04-07  Rob Buis  <rbuis@igalia.com>

        Use GlobalFrameIdentifier in NavigationAction
        https://bugs.webkit.org/show_bug.cgi?id=210036

        Reviewed by Darin Adler.

        Use GlobalFrameIdentifier in NavigationAction rather than adding
        yet another custom data type.

        * loader/NavigationAction.cpp:
        (WebCore::createGlobalFrameIdentifier):
        (WebCore::m_globalFrameIdentifier):
        * loader/NavigationAction.h:
        (WebCore::NavigationAction::Requester::globalFrameIdentifier const):
        (WebCore::NavigationAction::Requester::pageID const): Deleted.
        (WebCore::NavigationAction::Requester::frameID const): Deleted.

2020-04-06  Jack Lee  <shihchieh_lee@apple.com>

        Nullptr crash in CompositeEditCommand::splitTreeToNode when inserting image in anchor element that has uneditable parent
        https://bugs.webkit.org/show_bug.cgi?id=210004
        <rdar://problem/61206583>

        Reviewed by Ryosuke Niwa.

        RemoveNodePreservingChildren can fail and leave the children dangling if the parent of the node
        is uneditable. Added editability check for the to-be-removed node.

        Test: editing/inserting/insert-img-anchor-uneditable-parent.html

        * editing/RemoveNodePreservingChildrenCommand.cpp:
        (WebCore::RemoveNodePreservingChildrenCommand::doApply):

2020-04-06  David Kilzer  <ddkilzer@apple.com>

        Use-after-move of Vector<ManipulationToken> in TextManipulationController::observeParagraphs()
        <https://webkit.org/b/210086>

        Reviewed by Ryosuke Niwa.

        * editing/TextManipulationController.cpp:
        (WebCore::TextManipulationController::observeParagraphs):
        - Replace WTFMove() with std::exchange() to fix the clang static
          analyzer warning.  For WTF::Vector, this has no change in
          behavior.

2020-04-06  Jack Lee  <shihchieh_lee@apple.com>

        Nullptr crash in WebCore::lastPositionInNode when indenting text node that has user-select:all parent.
        https://bugs.webkit.org/show_bug.cgi?id=210016
        <rdar://problem/61014577>

        Reviewed by Ryosuke Niwa.

        In rangeForParagraphSplittingTextNodesIfNeeded, added null check for previousSibling()
        after splitTextNode is called, and returns empty positions to caller.

        In formatSelection, check the returned positions from rangeForParagraphSplittingTextNodesIfNeeded
        and stop indenting the rest of the paragraphs.

        Test: fast/editing/indent-pre-user-select-all-crash.html

        * editing/ApplyBlockElementCommand.cpp:
        (WebCore::ApplyBlockElementCommand::formatSelection):
        (WebCore::ApplyBlockElementCommand::rangeForParagraphSplittingTextNodesIfNeeded):

2020-04-06  Devin Rousso  <drousso@apple.com>

        Web Inspector: `console.log(...)` appear as `CONSOLE LOG LOG` in the system console
        https://bugs.webkit.org/show_bug.cgi?id=210083

        Reviewed by Timothy Hatcher.

        * page/PageConsoleClient.cpp:
        (WebCore::PageConsoleClient::addMessage):
        Use the actual `MessageSource` and `MessageType` when printing console messages.

2020-04-06  Wenson Hsieh  <wenson_hsieh@apple.com>

        REGRESSION: 4 TestWebKitAPI.DragAndDropTests.DataTransferSetData tests failing on iOS
        https://bugs.webkit.org/show_bug.cgi?id=209685
        <rdar://problem/60987461>

        Reviewed by Megan Gardner.

        After updating a WebKit open source test runner to iOS 13.4, 4 pasteboard-related API tests began to fail in
        release builds on that particular bot. Logging statements added in r259465, r259518, r259534, and r259541
        strongly suggest that this is due to an IPC dispatch race when clearing the platform pasteboard before writing
        custom pasteboard data. On iOS, the former is dispatched asynchronously, while the latter is dispatched as sync
        IPC. This means that if the UI process happens to be waiting for a sync IPC response from the web process, it
        will end up handling the incoming IPC messages out of order by immediately dispatching sync IPC (in this case,
        writing custom pasteboard data) before dispatching the async IPC (clearing data). This causes the custom
        pasteboard data to be cleared on the platform pasteboard immediately after it is written.

        To fix this, we limit clearing pasteboard data to when we would've otherwise avoided writing any custom
        pasteboard data, and additionally make it so that writing custom pasteboard data always clears out any pre-
        existing content on the pasteboard (obviating the need for a separate message to clear the pasteboard). Note
        that writing custom pasteboard data always clears the existing pasteboard on macOS and iOS -- on macOS, we use
        `-declareTypes:owner:`; on iOS, we use `-setItemProviders:`; in the case of macCatalyst, we `-setItems:`.

        * dom/DataTransfer.cpp:
        (WebCore::DataTransfer::commitToPasteboard):

        Push the call to clear the pasteboard down from the call sites of `commitToPasteboard` into `commitToPasteboard`
        itself; then, only explicitly clear the pasteboard in the case where we aren't writing custom pasteboard data
        (i.e. either custom pasteboard data is disabled, or there is no data to write),

        (WebCore::DataTransfer::moveDragState): See above.
        * editing/Editor.cpp:
        (WebCore::dispatchClipboardEvent): See above.
        * platform/ios/WebItemProviderPasteboard.mm:
        (-[WebItemProviderPasteboard stageRegistrationLists:]):

        Remove always-on logging added in r259541 to help diagnose the test failures.

2020-04-06  Zalan Bujtas  <zalan@apple.com>

        Delete line boxes when moving text renderers between block flows
        https://bugs.webkit.org/show_bug.cgi?id=210000

        Reviewed by Antti Koivisto.

        After style and/or tree mutation the existing line boxes are destroyed during the subsequent layout.
        When the text renderer moves between block flows and the destination block flow initiates a different
        type of line layout, we need to make sure the previous line content is cleaned up properly.

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::layoutSimpleLines):
        (WebCore::RenderBlockFlow::layoutLFCLines):
        * rendering/RenderText.cpp:
        (WebCore::RenderText::removeAndDestroyTextBoxes):
        (WebCore::RenderText::dirtyLineBoxes):
        (WebCore::RenderText::deleteLineBoxes):
        * rendering/RenderText.h:

2020-04-06  Ross Kirsling  <ross.kirsling@sony.com>

        Update minimum ICU version to 60.2
        https://bugs.webkit.org/show_bug.cgi?id=209694

        Reviewed by Darin Adler.

        * PlatformMac.cmake:
        * WebCore.xcodeproj/project.pbxproj:
        * icu/LICENSE: Deleted.
        * icu/README: Deleted.
        Remove leftover files following r219155 as well as a corresponding Xcode step.

        * editing/cocoa/DataDetection.mm:
        (WebCore::buildQuery):
        * page/ios/FrameIOS.mm:
        (WebCore::Frame::interpretationsForCurrentRoot const):
        * platform/cocoa/KeyEventCocoa.mm:
        (WebCore::keyForCharCode):
        * platform/cocoa/TelephoneNumberDetectorCocoa.cpp:
        (WebCore::TelephoneNumberDetector::find):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::shouldWaitForLoadingOfResource):
        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::createFontForCharacters):
        (WebCore::FontCache::prewarm):
        * platform/graphics/mac/ComplexTextControllerCoreText.mm:
        (WebCore::provideStringAndAttributes):
        * platform/graphics/mac/GlyphPageMac.cpp:
        (WebCore::GlyphPage::fill):
        Manually convert between UChar and UniChar/unichar where needed.

        * platform/text/CharacterProperties.h:
        (WebCore::isEmojiGroupCandidate):
        (WebCore::isEmojiWithPresentationByDefault):
        (WebCore::isEmojiModifierBase):
        (WebCore::icuLibraryUnderstandsSupplementalSymbolsAndPictographs): Deleted.
        Remove obsoleted compile-time and runtime version checks.

2020-04-06  Simon Fraser  <simon.fraser@apple.com>

        Make ScrollableArea TextStream-loggable
        https://bugs.webkit.org/show_bug.cgi?id=210042

        Reviewed by Darin Adler.

        ScrollableArea is a pure virtual base class, so has to dump via a virtual function,
        so add debugDescription() and implement it in derived classes.

        Make the common pattern be that operator<<(TextStream&, ...) calls debugDescription.

        * page/Frame.cpp:
        (WebCore::Frame::debugDescription const):
        (WebCore::operator<<):
        * page/Frame.h:
        * page/FrameView.cpp:
        (WebCore::FrameView::debugDescription const):
        (WebCore::operator<<):
        * page/FrameView.h:
        * platform/ScrollView.cpp:
        (WebCore::ScrollView::debugDescription const):
        * platform/ScrollView.h:
        * platform/ScrollableArea.cpp:
        (WebCore::operator<<):
        * platform/ScrollableArea.h:
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::debugDescription const):
        (WebCore::RenderLayer::calculateClipRects const):
        * rendering/RenderLayer.h:
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::updateCompositingLayers):
        * rendering/RenderListBox.cpp:
        (WebCore::RenderListBox::debugDescription const):
        * rendering/RenderListBox.h:

2020-04-06  Jack Lee  <shihchieh_lee@apple.com>

        Nullptr crash in CompositeEditCommand::moveParagraphContentsToNewBlockIfNecessary with draggable text
        https://bugs.webkit.org/show_bug.cgi?id=209999
        <rdar://problem/58978340>

        Reviewed by Ryosuke Niwa.

        VisibleParagraphStart/End may return empty VisiblePosition if no proper element or node
        can be used as position candidate. Add null check for the returned VisiblePositions.

        Test: fast/css/style-change-draggable-text.html

        * editing/CompositeEditCommand.cpp:
        (WebCore::CompositeEditCommand::moveParagraphContentsToNewBlockIfNecessary):

2020-04-06  Jer Noble  <jer.noble@apple.com>

        Strengthen the ASSERT in ImageDecoderAVFObjC::storeSampleBuffer().
        https://bugs.webkit.org/show_bug.cgi?id=209972
        <rdar://problem/60727431>

        Reviewed by Brent Fulgham.

        * platform/graphics/avfoundation/objc/ImageDecoderAVFObjC.mm:
        (WebCore::ImageDecoderAVFObjC::storeSampleBuffer):

2020-04-06  Jer Noble  <jer.noble@apple.com>

        [ Mac wk2 ] http/tests/media/track-in-band-hls-metadata.html is flaky crashing.
        https://bugs.webkit.org/show_bug.cgi?id=209490
        <rdar://problem/60837555>

        Reviewed by Darin Adler.

        To ensure the TaskDispatcher doesn't get destroyed on a background thread at the same time it's
        executing tasks on the main thread, when a GenericTaskQueue is destroyed on a background thread,
        move the TaskDispatcher into a task, and use the dispatcher itself to destroy itself on the
        main thread.

        * platform/GenericTaskQueue.h:
        (WebCore::GenericTaskQueue::GenericTaskQueue):
        (WebCore::GenericTaskQueue::~GenericTaskQueue):
        (WebCore::GenericTaskQueue::enqueueTask):

2020-04-06  Antti Koivisto  <antti@apple.com>

        'currentcolor' doesn't need setHasExplicitlyInheritedProperties marking anymore
        https://bugs.webkit.org/show_bug.cgi?id=210017

        Reviewed by Darin Adler.

        Removing this marking reveals problems in style update avoidance code in CSSComputedStyleDeclaration
        that also need to be addressed. The problems are not specific to exlicit 'currentcolor', they also reproduce
        with the initial value (thus the new test).

        Test: fast/css/currentColor-initial-style-update.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::nonInheritedColorPropertyHasValueCurrentColor):

        Add a helper.

        (WebCore::hasValidStyleForProperty):

        Treat a non-inherited color property as inherited if it is 'currentcolor'.

        (WebCore::updateStyleIfNeededForProperty):

        Expand shorthands so properties like border-color test correctly.

        * css/CSSProperty.cpp:
        (WebCore::CSSProperty::isColorProperty):

        Move here from CSSParserFastPaths.

        * css/CSSProperty.h:
        * css/parser/CSSParserFastPaths.cpp:
        (WebCore::CSSParserFastPaths::maybeParseValue):
        (WebCore::isColorPropertyID): Deleted.
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::unresolvedColorForProperty const):

        Factor into a helper.
        Handle all color values.

        (WebCore::RenderStyle::colorResolvingCurrentColor const):

        Renamed for clarity and some cleanups.

        (WebCore::RenderStyle::visitedDependentColor const):
        (WebCore::RenderStyle::colorIncludingFallback const): Deleted.
        * rendering/style/RenderStyle.h:
        (WebCore::RenderStyle::isCurrentColor):
        * style/StyleBuilderState.cpp:
        (WebCore::Style::BuilderState::colorFromPrimitiveValue const):

        Remove setHasExplicitlyInheritedProperties marking.

2020-04-06  Simon Fraser  <simon.fraser@apple.com>

        Make RenderObject TextStream-loggable
        https://bugs.webkit.org/show_bug.cgi?id=210035

        Post-landing followup. More use of StringBuilder's variadic append. Have Node::debugDescription() include
        its address, and have derived classes get the base class debugDescription(). Add an override in Text.

        * dom/Element.cpp:
        (WebCore::Element::debugDescription const):
        * dom/Node.cpp:
        (WebCore::Node::debugDescription const):
        * dom/Text.cpp:
        (WebCore::Text::debugDescription const):
        (WebCore::Text::formatForDebugger const):
        * dom/Text.h:
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::debugDescription const):

2020-04-06  Cathie Chen  <cathiechen@igalia.com>

        The change of zoom shouldn't affect ResizeObserverSize
        https://bugs.webkit.org/show_bug.cgi?id=209947

        Reviewed by Simon Fraser.

        Zoom in/out shouldn't affect ResizeObserverSize. Use adjustLayoutUnitForAbsoluteZoom instead.

        Test: imported/w3c/web-platform-tests/resize-observer/resize-observer-with-zoom.html

        * page/ResizeObservation.cpp:
        (WebCore::ResizeObservation::computeObservedSize const):

2020-04-06  Antoine Quint  <graouts@apple.com>

        [Web Animations] Move Document.getAnimations() to DocumentOrShadowRoot
        https://bugs.webkit.org/show_bug.cgi?id=202192
        <rdar://problem/55697775>

        Reviewed by Antti Koivisto.

        We remove the getAnimations() declaration from the Document interface and instead move it on the DocumentOrShadowRoot interface.

        We add the new method Document::matchingAnimations() which takes a lambda that is provided an animation's effect's target to determine whether
        that animation should be found in the list of animations.

        In the case of Document::getAnimations(), we filter out animations targeting elements hosted in shadow roots, while in ShadowRoot:getAnimations(),
        we filter out animations targeting elements that are not hosted in the shadow root the method was called on.

        * dom/Document.cpp:
        (WebCore::Document::getAnimations):
        (WebCore::Document::matchingAnimations):
        * dom/Document.h:
        * dom/Document.idl:
        * dom/DocumentOrShadowRoot.idl:
        * dom/Element.cpp:
        (WebCore::Element::getAnimations):
        * dom/ShadowRoot.cpp:
        (WebCore::ShadowRoot::getAnimations):
        * dom/ShadowRoot.h:

2020-04-04  Darin Adler  <darin@apple.com>

        Stop using live ranges in DocumentMarkerController
        https://bugs.webkit.org/show_bug.cgi?id=209985

        Reviewed by Antti Koivisto.

        - Removed uses of live ranges from DocumentMarkerController.
        - Removed "active/inactive text match marker", which was only ever used
          by Chromium, and has been dead code in WebKit for while now.
        - Made a replacement for Range::absoluteTextQuads, in RenderObject,
          and moved all callers over.
        - Added a fast path for Node::isCharacterDataNode that makes it work
          without a virtual function call for the common node types.
        - Added a Node::length function that matches the DOM specification's
          definiton of a node's length, part of how ranges are defined.
        - Added a structure OffsetRange to represent start/end offsets within
          a single character data node. This is a common idiom to handle possible
          partial selection of text nodes at the start and end of the range when
          iterating text within a range.
        - Changed DocumentMarker functions to use OffsetRange.
        - Added helper functions for turning a vector of quads into a vector
          of bounding box rectangles, and for computing a union of all the
          rectangles, since both of these are common coding patterns.
        - Added an intersectingNodes function, producing a for-loop-compatible
          range for iterating all nodes covered by a DOM range.
        - Changed RenderObject::SetLayoutNeededForbiddenScope so it can be used
          without an #if at each call site, expands to nothing in release builds.
        - Eliminated uses of RetainPtr<id> instead of just id to pass arguments.

        * dom/CharacterData.h: Updated since isCharacterDataNode is no longer a
        virtual function.

        * dom/Document.cpp:
        (WebCore::Document::textInserted): Pass an OffsetRange to removeMarkers.
        (WebCore::Document::textRemoved): Ditto.

        * dom/DocumentMarker.h: Removed most platform-specific functions.
        Removed the active match boolean, which was only ever used for Chromium.
        Use OffsetRange. Updated some obsolete comments.

        * dom/DocumentMarkerController.cpp: Removed include of "Range.h".
        (WebCore::DocumentMarkerController::collectTextRanges): Change return value
        to return a structure with a node and an offset range rather than using a
        SimpleRange; adds clarity to the fact that it's guranteed to be only a
        single node. May even want to consider some day moving TextIterator over
        to this, but it's definitely better here for now.
        (WebCore::DocumentMarkerController::addMarker): Updated for the change to
        collectTextRanges and to DocumentMarker construction, and to use construction
        syntax that doesn't repeat the DocumentMarker class name. Deleted overloads
        that are no longer needed.
        (WebCore::DocumentMarkerController::addMarkerToNode): Ditto.
        (WebCore::DocumentMarkerController::addTextMatchMarker): Ditto.
        (WebCore::DocumentMarkerController::addDictationPhraseWithAlternativesMarker): Deleted.
        (WebCore::DocumentMarkerController::addDictationResultMarker): Deleted.
        (WebCore::DocumentMarkerController::addDraggedContentMarker): Updated as above.
        (WebCore::DocumentMarkerController::addPlatformTextCheckingMarker): Deleted.
        (WebCore::DocumentMarkerController::copyMarkers): Fix a mistake where copying
        markers would have a side effect of modifying the original.
        (WebCore::DocumentMarkerController::removeMarkers): Just have this call
        filterMarkers with null for the function.
        (WebCore::DocumentMarkerController::filterMarkers): Updated for the change to
        collectTextRanges and to pass a OffsetRange.
        (WebCore::updateRenderedRectsForMarker): Use SimpleRange instead of a live
        range. Use the new RenderObject::absoluteTextQuads and boundingBoxes functions
        to make this clearer and simpler.
        (WebCore::shouldInsertAsSeparateMarker): Update for changes to DocumentMarker.
        (WebCore::DocumentMarkerController::copyMarkers): Take an OffsetRange instead
        of a start and length. Also removed the unused "delta" argument since all
        callers were passing 0.
        (WebCore::DocumentMarkerController::removeMarkers): Removed unneeded
        check if a key is still in the map.
        (WebCore::DocumentMarkerController::forEach): Added. Shared logic for the multiple
        functions that iterate the markers covered by a SimpleRange.
        (WebCore::DocumentMarkerController::markersInRange): Call forEach.
        (WebCore::DocumentMarkerController::repaintMarkers): Simplified loops.
        (WebCore::DocumentMarkerController::setMarkersActive): Deleted. Was only
        used for Chromium and has been dead code since.
        (WebCore::DocumentMarkerController::hasMarkers): Call forEach.
        (WebCore::DocumentMarkerController::clearDescriptionOnMarkersIntersectingRange):
        Call forEach.
        * dom/DocumentMarkerController.h: Updated for the above.

        * dom/Element.cpp:
        (WebCore::Element::boundsInRootViewSpace): Use unitedBoundingBoxes.
        (WebCore::Element::absoluteEventBounds): Ditto.
        (WebCore::Element::boundingAbsoluteRectWithoutLayout): Ditto.

        * dom/Node.h: Added inline fast path for isCharacterDataNode.
        Moved some inline function bodies out of class definition so it's
        easier to read it and get an overview.

        * dom/Range.cpp:
        (WebCore::Range::absoluteRectsForRangeInText const): Use boundingBoxes.
        (WebCore::Range::absoluteTextQuads const): Deleted.
        (WebCore::Range::borderAndTextRects const): Use boundingBoxes.

        * dom/Range.h: Deleted absoluteTextQuads.

        * dom/RenderedDocumentMarker.h: Use rvalue references and move.

        * dom/SimpleRange.cpp:
        (WebCore::fastIsCharacterData): Deleted. Moved the optimizations into
        Node::isCharacterDataNode so now all callers get them.
        (WebCore::length): Deleted. Moved to Node::length.
        (WebCore::makeBoundaryPointAfterNodeContents): Use Node::length.
        (WebCore::IntersectingNodeRange::first const): Added.
        (WebCore::IntersectingNodeRange::sentinel const): Added.
        (WebCore::characterDataOffsetRange): Added.
        (WebCore::IntersectingNodeIterator::operator++): Added.

        * dom/SimpleRange.h: Added intersectingNodes function, and the
        IntersectingNodeRange and IntersectingNodeIterator classes used
        to make it work. Added the OffsetRange structure and the
        characterDataOffsetRange function, also to help with iteration.

        * editing/AlternativeTextController.cpp:
        (WebCore::AlternativeTextController::respondToMarkerAtEndOfWord):
        Take out unneeded holds_alternative check.
        (WebCore::AlternativeTextController::removeDictationAlternativesForMarker):
        Removed unneeded assertion.
        (WebCore::AlternativeTextController::dictationAlternativesForMarker):
        Removed unneeded assertion.
        (WebCore::AlternativeTextController::applyDictationAlternative):
        Removed unneeded local variables.
        (WebCore::AlternativeTextController::show): Pass reference to range
        rather than pointer to rootViewRectForRange.
        (WebCore::AlternativeTextController::timerFired): Ditto.
        (WebCore::AlternativeTextController::rootViewRectForRange const):
        Take a SimpleRange instead of a live range. Also use
        RenderObject::absoluteTextQuads and unitedBoundingBoxes.
        * editing/AlternativeTextController.h: Updated for above.

        * editing/CompositeEditCommand.cpp:
        (WebCore::CompositeEditCommand::replaceTextInNodePreservingMarkers):
        Removed most of the code since we can copy marker data without
        separate code for each type. Also use SimpleRange instead of a live range.

        * editing/DictationCommand.cpp: Call addMarker instead of
        addMarkerToNode.

        * editing/Editing.cpp:
        (WebCore::visiblePositionForIndexUsingCharacterIterator): Use
        SimpleRange instead of a live range.

        * editing/Editor.cpp:
        (WebCore::Editor::updateMarkersForWordsAffectedByEditing):
        Removed a local variable.

        * editing/Editor.h: Remove use of RetainPtr<id> for arguments.

        * editing/FrameSelection.cpp:
        (WebCore::FrameSelection::getTextRectangles const): Deleted.
        (WebCore::FrameSelection::getClippedVisibleTextRectangles const):
        Merged the logic from getTextRectangles in here, and changed to
        use RenderObject::absoluteTextQuads and boundingBoxes.
        * editing/FrameSelection.h: Updated for above.

        * editing/SplitTextNodeCommand.cpp:
        (WebCore::SplitTextNodeCommand::doApply): Updated for changes to
        the copyMarkers function.
        (WebCore::SplitTextNodeCommand::doUnapply): Ditto.

        * editing/cocoa/DataDetection.mm:
        (WebCore::detectItemAtPositionWithRange): Use
        RenderObject::absoluteTextQuads and unitedBoundingBoxes.

        * editing/ios/DictationCommandIOS.cpp:
        (WebCore::DictationCommandIOS::DictationCommandIOS): Remove use of
        RetainPtr<id> for arguments.
        (WebCore::DictationCommandIOS::create): Move from header.
        (WebCore::DictationCommandIOS::doApply): Updated to do the work here
        since we don't have addDictationPhraseWithAlternativesMarker any more.
        Specifically, remove the first interpretation, which leaves behind a
        vector of alternatives. Same for addDictationResultMarker.
        * editing/ios/DictationCommandIOS.h: Updated for the above.

        * editing/ios/EditorIOS.mm:
        (WebCore::Editor::insertDictationPhrases): Take id instead of
        RetainPtr<id>.
        (WebCore::Editor::setDictationPhrasesAsChildOfElement): Changed
        around since we don't have addDictationPhraseWithAlternativesMarker
        or addDictationResultMarker any more.

        * page/FrameView.cpp:
        (WebCore::FrameView::paintContents): Update for changes to
        SetLayoutNeededForbiddenScope.

        * page/ios/FrameIOS.mm:
        (WebCore::Frame::interpretationsForCurrentRoot const):
        Get alternatives directly from DocumentMarker::data, now that
        there is not a separate DocumentMarker::alternatives function.

        * page/mac/ServicesOverlayController.mm:
        (WebCore::textQuadsToBoundingRectForRange): Deleted.
        (WebCore::ServicesOverlayController::buildPhoneNumberHighlights):
        Use RenderObject::absoluteTextQuads, unitedBoundingBoxes,
        and enclosingIntRect to do what textQuadsToBoundingRectForRange did.

        * platform/SerializedPlatformDataCueValue.h: Remove definition of
        id since that's now done in RetainPtr.h.

        * platform/graphics/FloatQuad.cpp:
        (WebCore::boundingBoxes): Added.
        (WebCore::unitedBoundingBoxes): Added.
        * platform/graphics/FloatQuad.h: A couple tweaks, plus declared the
        functions above.

        * platform/network/ResourceHandle.h: Remove definition of
        id since that's now done in RetainPtr.h.
        * platform/network/cf/AuthenticationChallenge.h: Ditto.

        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::resolveStyleForMarkedText): Take out
        isActiveMatch logic that was used for Chromium only.

        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::minPreferredLogicalWidth const): Update for
        changes to SetLayoutNeededForbiddenScope.
        (WebCore::RenderBox::maxPreferredLogicalWidth const): Ditto.
        * rendering/RenderCounter.cpp:
        (WebCore::RenderCounter::computePreferredLogicalWidths): Ditto.
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::paintIntoLayer): Ditto.

        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::SetLayoutNeededForbiddenScope::SetLayoutNeededForbiddenScope):
        Changed to take a const& instead of a *.
        (WebCore::RenderObject::SetLayoutNeededForbiddenScope::~SetLayoutNeededForbiddenScope):
        Ditto.
        (WebCore::RenderObject::markContainingBlocksForLayout): Update for
        changes to SetLayoutNeededForbiddenScope.
        (WebCore::RenderObject::absoluteBoundingBoxRect const): Use
        unitedBoundingBoxes and enclosingIntRect.
        (WebCore::RenderObject::absoluteBoundingBoxRectForRange): Use
        the new RenderObject::absoluteTextQuads and unitedBoundingBoxes.
        (WebCore::RenderObject::absoluteTextQuads): Added. Moved here from
        Range::absoluteTextQuads, but refactored for simplicity and removed
        the unused, and mildly complex to implement, feature that would
        indicate whether some or all of the quads were from fixed positioning.

        * rendering/RenderObject.h: Tweaked comments. Moved multi-line function
        bodies out of the RenderObject class definition to make it easier to
        read. Declared a new absoluteTextQuads function. Made
        m_setNeedsLayoutForbidden so setNeedsLayoutIsForbidden can be const.
        Conditionalized isSetNeedsLayoutForbidden and SetLayoutNeededForbiddenScope
        so both can be used in production builds but expand to no code.

        * rendering/RenderReplaced.cpp:
        (WebCore::draggedContentContainsReplacedElement): Simplified and updated
        now that the dragged content data no longer has its own named structure.
        (WebCore::RenderReplaced::paint): Update for changes to
        SetLayoutNeededForbiddenScope.
        * rendering/RenderTableSection.cpp:
        (WebCore::RenderTableSection::calcRowLogicalHeight): Ditto.
        (WebCore::RenderTableSection::layoutRows): Ditto.

        * rendering/RenderTheme.cpp:
        (WebCore::RenderTheme::textSearchHighlightColor const): Removed the Chromium-only
        concept of active vs. inactive text search highlight colors.
        (WebCore::RenderTheme::platformTextSearchHighlightColor const): Ditto.
        (WebCore::RenderTheme::activeTextSearchHighlightColor const): Deleted.
        (WebCore::RenderTheme::inactiveTextSearchHighlightColor const): Deleted.
        (WebCore::RenderTheme::platformActiveTextSearchHighlightColor const): Deleted.
        (WebCore::RenderTheme::platformInactiveTextSearchHighlightColor const): Deleted.
        * rendering/RenderTheme.h: Ditto.
        * rendering/RenderThemeMac.h: Ditto.
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::platformTextSearchHighlightColor const): Ditto.
        (WebCore::RenderThemeMac::platformActiveTextSearchHighlightColor const): Deleted.
        (WebCore::RenderThemeMac::platformInactiveTextSearchHighlightColor const): Deleted.

        * testing/Internals.cpp:
        (WebCore::Internals::addTextMatchMarker): Deleted. Was only used for a test
        of Chromium-specific scroll tick marks.
        * testing/Internals.h: Deleted addTextMatchMarker.
        * testing/Internals.idl: Ditto.

2020-04-06  Antti Koivisto  <antti@apple.com>

        Remove instance fields and methods from StyleColor
        https://bugs.webkit.org/show_bug.cgi?id=210045

        Reviewed by Zalan Bujtas.

        They are unused. The type itself remains as a namespace for static functions.
        We might want bring it back later but there is no need to leave dead code around now.

        * css/StyleColor.h:
        (WebCore::StyleColor::StyleColor): Deleted.
        (WebCore::StyleColor::currentColor): Deleted.
        (WebCore::StyleColor::isCurrentColor const): Deleted.
        (WebCore::StyleColor::getColor const): Deleted.
        (WebCore::StyleColor::resolve const): Deleted.
        (WebCore::operator==): Deleted.
        (WebCore::operator!=): Deleted.

2020-04-06  Said Abou-Hallawa  <sabouhallawa@apple.com>

        CanvasRenderingContext2D.drawImage should ignore the EXIF orientation if the image-orientation is none
        https://bugs.webkit.org/show_bug.cgi?id=209849

        Reviewed by Darin Adler.

        drawImage() will get the image-orientation of the HTMLImageElement from
        its computed style. This will be passed to GraphicsContext::drawImage()
        in the ImagePaintingOptions. Previously we were passing FromImage always.

        Test: fast/images/image-orientation-none-canvas.html

        * html/canvas/CanvasRenderingContext2DBase.cpp:
        (WebCore::CanvasRenderingContext2DBase::drawImage):
        * html/canvas/CanvasRenderingContext2DBase.h:

2020-04-05  Rob Buis  <rbuis@igalia.com>

        Remove code that has no effect from loadURL
        https://bugs.webkit.org/show_bug.cgi?id=210029

        Reviewed by Darin Adler.

        Remove setDomainForCachePartition from loadURL since it will be
        overwritten in DocumentLoader::loadMainResource, this was
        introduced by r213126.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadURL):

2020-04-05  Manuel Rego Casasnovas  <rego@igalia.com>

        Computed style for "outline-offset" is wrong when "outline-style" is "none"
        https://bugs.webkit.org/show_bug.cgi?id=209913

        Reviewed by Daniel Bates.

        Computed style for outline-offset was not returning the proper value
        if "outline-style" was "none".
        This was due to a check in RenderStyle::outlineOffset()
        that this patch removes.

        This code could be there because this is needed for "outline-width"
        as specified in the spec (https://drafts.csswg.org/css-ui/#outline-props),
        however there's nothing about this on the "outline-offset" property.

        Test: imported/w3c/web-platform-tests/css/css-ui/parsing/outline-offset-computed.html

        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::outlineOffset const):

2020-04-05  Peng Liu  <peng.liu6@apple.com>

        The value of [AVPlayerViewController isPictureInPicturePossible] is NO in the first attempt to enter PiP
        https://bugs.webkit.org/show_bug.cgi?id=204979

        Reviewed by Darin Adler.

        We should use "#if HAVE(AVOBSERVATIONCONTROLLER)" instead of
        "#if HAVE(HAVE_AVOBSERVATIONCONTROLLER)".

        * platform/ios/VideoFullscreenInterfaceAVKit.mm:
        (-[WebAVPlayerViewController initWithFullscreenInterface:]):
        (VideoFullscreenInterfaceAVKit::doEnterFullscreen):

2020-04-05  Wenson Hsieh  <wenson_hsieh@apple.com>

        Address review comments after r259550
        https://bugs.webkit.org/show_bug.cgi?id=208472

        Reviewed by Darin Adler.

        * platform/ios/ValidationBubbleIOS.mm:

        Change a few named constants to be `constexpr` instead, and add comments describing their purpose.

        (label):
        (updateLabelFrame):

        Rename these helper functions and move them up the file. Turn what was previously named
        `WebValidationBubbleViewController_labelFrame` into `updateLabelFrame`, and have it additionally update the
        view controller's label's frame to avoid repeating this logic in the subclassed method implementations below.

        (callSuper):
        (WebValidationBubbleViewController_viewDidLoad):
        (WebValidationBubbleViewController_viewWillLayoutSubviews):
        (WebValidationBubbleViewController_viewSafeAreaInsetsDidChange):
        (allocWebValidationBubbleViewControllerInstance):

        Instead of using `-valueForKey`, use `objc_getAssociatedObject` and `objc_setAssociatedObject`, with
        `OBJC_ASSOCIATION_RETAIN_NONATOMIC`.

        (WebCore::ValidationBubble::ValidationBubble):
        (invokeUIViewControllerSelector): Deleted.
        (WebValidationBubbleViewController_dealloc): Deleted.

        Remove the -dealloc override. We don't need this anymore, since we're now using associated objects with
        `OBJC_ASSOCIATION_RETAIN_NONATOMIC` to hold on to and keep track of our label.

        (WebValidationBubbleViewController_labelFrame): Deleted.
        (WebValidationBubbleViewController_label): Deleted.

2020-04-05  Simon Fraser  <simon.fraser@apple.com>

        Make RenderObject TextStream-loggable
        https://bugs.webkit.org/show_bug.cgi?id=210035

        Reviewed by Zalan Bujtas.

        Add operator<<(TextStream, const RenderObject&) and add virtual debugDescription() functions on
        Node and RenderObject which should eventually replace the awkward formatForDebugger(char* buffer, unsigned length).

        Convert RenderLayer to use renderer's debug description.

        * dom/Element.cpp:
        (WebCore::Element::debugDescription const):
        * dom/Element.h:
        * dom/Node.cpp:
        (WebCore::Node::debugDescription const):
        (WebCore::operator<<):
        * dom/Node.h:
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::name const):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::debugDescription const):
        (WebCore::operator<<):
        * rendering/RenderObject.h:

2020-04-05  Zan Dobersek  <zdobersek@igalia.com>

        Unreviewed, adding missing header inclusions to get
        non-unified build building.

        * html/HTMLCanvasElement.cpp:
        * loader/ResourceLoadNotifier.h:
        * workers/service/ServiceWorkerProvider.h:

2020-04-05  Wenson Hsieh  <wenson_hsieh@apple.com>

        [iOS] Ugly and misaligned form validation bubble
        https://bugs.webkit.org/show_bug.cgi?id=208472
        <rdar://problem/59984027>

        Reviewed by Tim Horton.

        In iOS 13, the view of a `UIViewController` that is presented as a popover encompasses the arrow (connected to
        the popover) that points to the target rect. This means that our current logic for laying out the inner text
        label of a form validation bubble on iOS no longer works, since it sets a frame that is offset vertically and
        horizontally from the bounds of the view controller's view.

        To fix this, we need to respect the safe area insets of the view controller's view when laying out the label.
        The idiomatic way to do this is to subclass -viewSafeAreaInsetsDidChange and -viewWillLayoutSubviews on the view
        controller, and update the subview's (i.e. label's) frame; unfortunately, since ValidationBubble is implemented
        in WebCore, we can't explicitly link against UIKit, so we need to dynamically create a UIViewController subclass
        and override these subclassing hooks to get our desired behavior.

        * platform/ValidationBubble.h:
        * platform/ios/ValidationBubbleIOS.mm:
        (invokeUIViewControllerSelector):
        (WebValidationBubbleViewController_dealloc):
        (WebValidationBubbleViewController_viewDidLoad):
        (WebValidationBubbleViewController_viewWillLayoutSubviews):
        (WebValidationBubbleViewController_viewSafeAreaInsetsDidChange):
        (WebValidationBubbleViewController_labelFrame):
        (WebValidationBubbleViewController_label):
        (allocWebValidationBubbleViewControllerInstance):

        Subclass and create a custom UIViewController to ensure that the label is vertically centered in its popover.
        See above for more details.

        (WebCore::ValidationBubble::ValidationBubble):
        (WebCore::ValidationBubble::show):

        Minor style fixes: remove extraneous `.get()`s on `RetainPtr`, and use property syntax when possible.

        (WebCore::ValidationBubble::setAnchorRect):

        Additionally remove a line of code that currently forces the form validation popover to present below its target
        rect (and therefore have an arrow pointing up). It wasn't apparent why this logic was added in r208361, but it
        seems the intention wasn't to restrict the popover to presenting below the target.

        This allows the form validation popover to show up in the case where the input element is aligned to the very
        bottom of the web view, such that there isn't enough space below the field to show the validation bubble.

2020-04-04  Rob Buis  <rbuis@igalia.com>

        Remove LockHistory parameter from loadWithNavigationAction
        https://bugs.webkit.org/show_bug.cgi?id=210007

        Reviewed by Darin Adler.

        Remove LockHistory parameter from loadWithNavigationAction since NavigationAction
        has a member for this. Where needed explicitly set the LockHistory on the actions.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadURL):
        (WebCore::FrameLoader::loadWithNavigationAction):
        (WebCore::FrameLoader::loadPostRequest):
        (WebCore::FrameLoader::continueLoadAfterNewWindowPolicy):
        (WebCore::FrameLoader::loadDifferentDocumentItem):
        * loader/FrameLoader.h:

2020-04-04  David Kilzer  <ddkilzer@apple.com>

        Build fix v2: HTMLFormElement should use WeakPtr to keep track of its FormNamedItem
        https://bugs.webkit.org/show_bug.cgi?id=209925

        * html/HTMLFormElement.cpp:
        (WebCore::HTMLFormElement::elementFromPastNamesMap const):
        (WebCore::HTMLFormElement::addToPastNamesMap):
        - Apply macros consistently.  Regressed in r259513 and was
          not fixed by r259527.

2020-04-04  Wenson Hsieh  <wenson_hsieh@apple.com>

        Add a fourth round of logging to help diagnose <webkit.org/b/209685>
        https://bugs.webkit.org/show_bug.cgi?id=210011

        Reviewed by Darin Adler.

        Augment logging in WebItemProviderPasteboard to additionally dump a backtrace when registering item providers
        when initiating a drag on iOS. Logging thus far suggests that this is due to an IPC dispatch race when sending
        the following messages to the UI process: `WebPasteboardProxy::writeCustomData` and
        `WebPasteboardProxy::writeStringToPasteboard`. While `writeCustomData` is dispatched synchronously,
        `writeStringToPasteboard` is dispatched asynchronously; this means that it is possible for the call to
        `writeCustomData` to be dispatched before `writeStringToPasteboard` even if the web process sends the
        `writeCustomData` message later, due to the UI-process-side mechanism for immediately dispatching incoming sync
        IPC if it is currently processing sync IPC itself.

        A backtrace here should help to confirm this theory.

        * platform/ios/WebItemProviderPasteboard.mm:
        (-[WebItemProviderPasteboard stageRegistrationLists:]):

2020-04-04  Doug Kelly  <dougk@apple.com>

        Additional sanity checks in compareAnimationsByCompositeOrder()
        https://bugs.webkit.org/show_bug.cgi?id=209996

        Reviewed by Geoffrey Garen.

        compareAnimationsByCompositeOrder() is used by std::sort() which requires strict weak ordering.
        This adds additional checks to ensure strict weak ordering is maintained, first by ensuring
        the transitionProperty string is different before returning that comparison, then by only using
        if the animation is a CSSTransition or CSSAnimation if the left hand and right hand sides differ.
        This should leave all remaining cases to sort by the global animation list.

        No new tests; this should be covered by existing tests and should not change functionality
        otherwise.

        * animation/WebAnimationUtilities.cpp:
        (WebCore::compareAnimationsByCompositeOrder):

2020-04-04  Wenson Hsieh  <wenson_hsieh@apple.com>

        Add even more logging to try and diagnose <webkit.org/b/209685>
        https://bugs.webkit.org/show_bug.cgi?id=210008

        Reviewed by Tim Horton.

        * platform/ios/WebItemProviderPasteboard.mm:
        (-[WebItemProviderPasteboard stageRegistrationLists:]):

2020-04-04  Myles C. Maxfield  <mmaxfield@apple.com>

        Ahom text is busted
        https://bugs.webkit.org/show_bug.cgi?id=209898
        <rdar://problem/60571257>

        Reviewed by Tim Horton.

        https://en.wikipedia.org/wiki/Ahom_language

        The Ahom language, U+11700 - U+1173F, requires the complex text codepath.
        This patch also makes some languages adjacent in codepoint-space (Dogra,
        Dives Akuru, Nandinagari, Zanabazar Square, Soyombo, Warang Citi, and
        Pau Cin Hau) use the complex path too.

        At some point, we really need to make the fast text codepath opt-in instead
        of opt-out. This patch is a simple band-aid fix until we can do that.

        No new tests because I can't find an appropriately licenced font.
        There is Noto Serif Ahom, but that's licenced under SIL OFL, and I'm
        not sure if that's an acceptable license to be committed to WebKit.
        https://github.com/googlefonts/noto-fonts/tree/master/hinted/NotoSerifAhom

        * platform/graphics/FontCascade.cpp:
        (WebCore::FontCascade::characterRangeCodePath):

2020-04-04  Antti Koivisto  <antti@apple.com>

        Implement the css-color-4 behavior for inheritance of currentColor
        https://bugs.webkit.org/show_bug.cgi?id=193171
        <rdar://problem/47287516>

        Reviewed by Simon Fraser.

        In CSS3/4 'currentcolor' inherits as 'currentcolor' instead of as a resolved color value.

        Value 'currentcolor' is represented in RenderStyle as invalid Color object. This has been true
        even before the explicit property value for it was added. Fallback to 'color' has always been
        the default behavior of most color properties.

        As a result the correct behavior falls pretty easily from WebKit code. It essentially amounts to allowing
        color properties to inherit normally even when they are invalid/currentcolor.

        In future we might want to wrap RenderStyle color values into a type that makes 'currentcolor' more explicit.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::valueForPropertyInStyle):
        * css/CSSGradientValue.cpp:
        (WebCore::CSSGradientValue::gradientWithStylesResolved):
        * css/CSSProperties.json:

        - Remove 'no-default-color' which triggered to old inheritance behavior.
        - Rename initial value invalidColor to currentColor for clarity.

        * css/makeprop.pl:

        Code for 'no-default-color' generation is not needed anymore.

        (generateInheritValueSetter):
        * page/animation/CSSPropertyAnimation.cpp:
        (WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::colorIncludingFallback const):

        Resolve 'background-color' like the rest so setting it to 'currentcolor' works correctly.

        * rendering/style/RenderStyle.h:
        (WebCore::RenderStyle::currentColor):
        (WebCore::RenderStyle::invalidColor): Deleted.
        * style/StyleBuilderCustom.h:
        (WebCore::Style::BuilderCustom::applyTextOrBoxShadowValue):
        * style/StyleBuilderState.cpp:
        (WebCore::Style::BuilderState::createFilterOperations):
        (WebCore::Style::BuilderState::colorFromPrimitiveValue const):

        Don't resolve 'currentcolor', instead return it as a value.

        (WebCore::Style::BuilderState::colorFromPrimitiveValueWithResolvedCurrentColor const):

        Helper for a few cases where we still resolve current color during style building time. It is
        used for filters and generated images.

        * style/StyleBuilderState.h:
        * svg/SVGStopElement.cpp:
        (WebCore::SVGStopElement::stopColorIncludingOpacity const):

        Resolve 'currentcolor' during use time for svg color stops.

2020-04-04  Peng Liu  <peng.liu6@apple.com>

        REGRESSION (r259095): ASSERTION FAILED: m_videoFullscreenMode != VideoFullscreenModeNone seen with TestWebKitAPI.WebKitLegacy.AudioSessionCategoryIOS
        https://bugs.webkit.org/show_bug.cgi?id=209680

        Reviewed by Jer Noble.

        API test: WebKitLegacy.PreemptVideoFullscreen

        Call fullscreenModeChanged(VideoFullscreenModeNone) right before calling the
        functions of ChromeClient to make sure the state (m_videoFullscreenMode)
        has the expected value when some callbacks come back to the video element.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::dispatchEvent):
        (WebCore::HTMLMediaElement::exitFullscreen):

        Add null pointer checkings to fix two crashes found in stress tests.
        * platform/ios/WebVideoFullscreenControllerAVKit.mm:
        (VideoFullscreenControllerContext::requestVideoContentLayer):
        (VideoFullscreenControllerContext::returnVideoContentLayer):

2020-04-03  David Kilzer  <ddkilzer@apple.com>

        Build fix: HTMLFormElement should use WeakPtr to keep track of its FormNamedItem
        https://bugs.webkit.org/show_bug.cgi?id=209925

        * html/HTMLFormElement.cpp:
        (WebCore::HTMLFormElement::elementFromPastNamesMap const):
        - Apply macros consistently.  Regressed in r259513.

2020-04-03  Jack Lee  <shihchieh_lee@apple.com>

        Protect contentFrame in SubframeLoader::loadOrRedirectSubframe with RefPtr.
        https://bugs.webkit.org/show_bug.cgi?id=127096
        <rdar://problem/61221941>

        Reviewed by Alex Christensen.

        ContentFrame is used throughout loadOrRedirectSubframe so it needs to be protected with RefPtr.
        And if loader changes frame in SubframeLoader::loadSubframe, return nullptr to notify the caller.

        No new tests, covered by existing test.

        * loader/SubframeLoader.cpp:
        (WebCore::SubframeLoader::loadOrRedirectSubframe):
        (WebCore::SubframeLoader::loadSubframe):
        * loader/SubframeLoader.h:

2020-04-03  Alex Christensen  <achristensen@webkit.org>

        Add SPI to make WKUserScripts wait for a notification
        https://bugs.webkit.org/show_bug.cgi?id=209845
        <rdar://problem/60342299>

        Reviewed by Chris Dumez.

        There's also SPI on WKWebView to provide this notification, and on WKWebViewConfiguration to start out with this notification.

        * dom/ExtensionStyleSheets.cpp:
        (WebCore::ExtensionStyleSheets::updateInjectedStyleSheetCache const):
        * html/ImageDocument.cpp:
        (WebCore::ImageDocument::createDocumentStructure):
        * html/MediaDocument.cpp:
        (WebCore::MediaDocumentParser::createDocumentStructure):
        * html/PluginDocument.cpp:
        (WebCore::PluginDocumentParser::createDocumentStructure):
        * html/parser/HTMLConstructionSite.cpp:
        (WebCore::HTMLConstructionSite::dispatchDocumentElementAvailableIfNeeded):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::finishedParsing):
        * page/Frame.cpp:
        (WebCore::Frame::injectUserScripts):
        (WebCore::Frame::injectUserScriptImmediately):
        * page/Page.cpp:
        (WebCore::m_deviceOrientationUpdateProvider):
        (WebCore::Page::notifyToInjectUserScripts):
        (WebCore::Page::addUserScriptAwaitingNotification):
        (WebCore::Page::injectUserStyleSheet):
        (WebCore::Page::removeInjectedUserStyleSheet):
        * page/Page.h:
        (WebCore::Page::hasBeenNotifiedToInjectUserScripts const):
        * page/PageConfiguration.h:
        * page/UserContentTypes.h:
        (): Deleted.
        * page/UserScript.h:
        (WebCore::UserScript::UserScript):
        (WebCore::UserScript::waitForNotificationBeforeInjecting const):
        (WebCore::UserScript::encode const):
        (WebCore::UserScript::decode):
        * page/UserScriptTypes.h:
        (): Deleted.
        * page/UserStyleSheet.h:
        (WebCore::UserStyleSheet::UserStyleSheet):
        * xml/parser/XMLDocumentParserLibxml2.cpp:
        (WebCore::XMLDocumentParser::startElementNs):

2020-04-03  Alex Christensen  <achristensen@webkit.org>

        Use-after-move of `formState` in WebCore::PolicyChecker::checkNavigationPolicy()
        https://bugs.webkit.org/show_bug.cgi?id=209987

        Reviewed by Chris Dumez.

        Use std::exchange because formState is used later.
        No change in behavior, but this will allow use-after-move hunts to continue.

        * loader/PolicyChecker.cpp:
        (WebCore::PolicyChecker::checkNavigationPolicy):

2020-04-03  Sihui Liu  <sihui_liu@apple.com>

        ASSERTION FAILED: objectStoreInfo in SQLiteIDBBackingStore::getRecord
        https://bugs.webkit.org/show_bug.cgi?id=209976
        <rdar://problem/55005363>

        Reviewed by Geoffrey Garen.

        Return error if objectStoreInfo is null in SQLiteIDBBackingStore::getRecord, because there is a possibility 
        SQLiteIDBBackingStore does not have requested objectStoreInfo.

        * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
        (WebCore::IDBServer::SQLiteIDBBackingStore::getRecord):

2020-04-03  Wenson Hsieh  <wenson_hsieh@apple.com>

        Add more logging to help diagnose <webkit.org/b/209685>
        https://bugs.webkit.org/show_bug.cgi?id=209988

        Reviewed by Timothy Hatcher.

        Remove logging that was previously added in r259465.

        * platform/ios/WebItemProviderPasteboard.mm:
        (-[WebItemProviderPasteboard updateSupportedTypeIdentifiers:]):

2020-04-02  Ryosuke Niwa  <rniwa@webkit.org>

        HTMLFormElement should use WeakPtr to keep track of its FormNamedItem
        https://bugs.webkit.org/show_bug.cgi?id=209925

        Reviewed by Wenson Hsieh.

        Like r259393, this patch replaces the HashMap of AtomString to the raw pointer of a FormNamedItem
        by a HashMap of AtomString to WeakPtr of a FormNamedItem.

        It also replaces a bunch of ASSERT_WITH_SECURITY_IMPLICATIONs with ASSERTs since there are no more
        security implications left after this patch.

        * html/HTMLFormElement.cpp:
        (WebCore::HTMLFormElement::formElementIndex):
        (WebCore::HTMLFormElement::removeFormElement):
        (WebCore::HTMLFormElement::assertItemCanBeInPastNamesMap const):
        (WebCore::HTMLFormElement::elementFromPastNamesMap const):
        (WebCore::HTMLFormElement::addToPastNamesMap):
        (WebCore::HTMLFormElement::removeFromPastNamesMap):
        * html/HTMLFormElement.h:

2020-04-03  Tim Horton  <timothy_horton@apple.com>

        Add a visual debug indicator for locating and identifying all kinds of WebViews
        https://bugs.webkit.org/show_bug.cgi?id=209982
        <rdar://problem/60339870>

        Reviewed by Simon Fraser.

        Add a debug overlay that can be enabled with a single switch for all
        *WebView variants, which indicates the type of *WebView in an unmissable,
        gaudy fashion.

        This is intended to address some shortcomings of existing mechanisms
        that people use to answer the "what kind of web view is X app using?"
        question. Specifically:

        - it will appear even if the Web Content process does not launch or crashes
        - it will appear even if a custom content view is being used (e.g. PDF)
        - it will appear even if compositing is not enabled (e.g. in a legacy WebView on macOS)
        - it explicitly states in written text the class name of the web view, with no need for interpreting colors
        - it covers the entire web view, so cannot be accidentally obscured

        No new tests, just debugging UI.

        * SourcesCocoa.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * testing/cocoa/WebViewVisualIdentificationOverlay.h: Added.
        * testing/cocoa/WebViewVisualIdentificationOverlay.mm: Added.
        (+[WebViewVisualIdentificationOverlay shouldIdentifyWebViews]):
        Use a single default across all kinds of WebViews, instead of using
        WebPreferences and friends, in order to make it extremely easy to turn on,
        and because it's intended to be set globally, and is not useful on a
        per-view basis.

        (+[WebViewVisualIdentificationOverlay installForWebViewIfNeeded:kind:deprecated:]):
        (-[WebViewVisualIdentificationOverlay initWithWebView:kind:deprecated:]):
        (-[WebViewVisualIdentificationOverlay dealloc]):
        (-[WebViewVisualIdentificationOverlay observeValueForKeyPath:ofObject:change:context:]):
        (-[WebViewVisualIdentificationOverlay drawLayer:inContext:]):
        Draw a wash and the class name over the entire face of the web view.
        The wash is blue for WKWebView and red for all of the deprecated web views (WKView, WebView, UIWebView).

2020-04-03  David Kilzer  <ddkilzer@apple.com>

        REGRESSION (r8412): Use RetainPtr<> for NSMutableAttributedString in -[WebAccessibilityObjectWrapper doAXAttributedStringForTextMarkerRange:spellCheck:]
        <https://webkit.org/b/209980>

        Reviewed by Darin Adler.

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper doAXAttributedStringForTextMarkerRange:spellCheck:]):
        Make use of RetainPtr<>.

2020-04-03  Kenneth Russell  <kbr@chromium.org>

        Fix bugs related to VideoTextureCopierCV and ANGLE roll script
        https://bugs.webkit.org/show_bug.cgi?id=209943

        Reviewed by Dean Jackson.

        Fixed longstanding preexisting bugs related to creation and
        deletion of OpenGL objects inside VideoTextureCopierCV, including
        in which context its internal framebuffer was created. Unbind the
        output texture after hooking it up to the framebuffer to avoid any
        appearance of rendering feedback loops.

        Stop setting the WebGL compatibility context creation attribute
        for VideoTextureCopier's context.

        Covered by preexisting layout tests.

        * platform/graphics/cocoa/GraphicsContextGLOpenGLCocoa.mm:
        (WebCore::GraphicsContextGLOpenGL::GraphicsContextGLOpenGL):
        * platform/graphics/cv/VideoTextureCopierCV.cpp:
        (WebCore::VideoTextureCopierCV::VideoTextureCopierCV):
        (WebCore::VideoTextureCopierCV::~VideoTextureCopierCV):
        (WebCore::VideoTextureCopierCV::copyImageToPlatformTexture):
        (WebCore::VideoTextureCopierCV::copyVideoTextureToPlatformTexture):

2020-04-03  Eric Carlson  <eric.carlson@apple.com>

        Filter some capture device names
        https://bugs.webkit.org/show_bug.cgi?id=209941
        <rdar://problem/59141886>

        Reviewed by Youenn Fablet.

        Test: fast/mediastream/anonymize-device-name.html

        * platform/mediastream/CaptureDevice.h:
        (WebCore::CaptureDevice::label const):

2020-04-03  Rob Buis  <rbuis@igalia.com>

        Remove unused parameter from loadWithNavigationAction
        https://bugs.webkit.org/show_bug.cgi?id=209959

        Reviewed by Darin Adler.

        Remove unused parameter from loadWithNavigationAction.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadWithNavigationAction):
        (WebCore::FrameLoader::load):
        (WebCore::FrameLoader::loadWithDocumentLoader):
        (WebCore::FrameLoader::reloadWithOverrideEncoding):
        (WebCore::FrameLoader::reload):
        (WebCore::FrameLoader::loadDifferentDocumentItem):
        * loader/FrameLoader.h:

2020-04-03  David Kilzer  <ddkilzer@apple.com>

        [Xcode] Replace ASAN_OTHER_CFLAGS and ASAN_OTHER_CPLUSPLUSFLAGS with $(inherited)
        <https://webkit.org/b/209963>
        <rdar://problem/61257504>

        Reviewed by Alexey Proskuryakov.

        * Configurations/Base.xcconfig:
        - Remove ASAN_OTHER_CFLAGS, ASAN_OTHER_CPLUSPLUSFLAGS and
          ASAN_OTHER_LDFLAGS.

2020-04-03  Wenson Hsieh  <wenson_hsieh@apple.com>

        Add logging to help diagnose <webkit.org/b/209685>
        https://bugs.webkit.org/show_bug.cgi?id=209967

        Reviewed by Darin Adler.

        Add logging to try and diagnose a handful of API test failures on iOS 13.4 test runners. The failures seem to
        only reproduce in release builds on one particular bot; even then, the problem still doesn't reproduce when
        running the API tests on this failing bot.

        As such, add some logging to try and verify whether...
        (1) the UI process is even attempting to update its supported item provider types, which should happen after
            each drag session update.
        (2) WKContentView is receiving calls to update the drag session in the first place.

        * platform/ios/WebItemProviderPasteboard.mm:
        (-[WebItemProviderPasteboard updateSupportedTypeIdentifiers:]):

2020-04-03  Sihui Liu  <sihui_liu@apple.com>

        ASSERTION FAILED: m_delegate in IDBConnectionToClient::identifier()
        https://bugs.webkit.org/show_bug.cgi?id=209891
        <rdar://problem/59293891>

        Reviewed by Geoffrey Garen.

        IDBConnectionToClient::connectionToClientClosed() can lead UniqueIDBDatabase to start processing new requests, 
        and we should make sure it ignores the requests from the closed connection. Otherwise, the connection can be 
        held alive by the request being processed. We can do that by marking connection closed before calling 
        connectionToClientClosed on UniqueIDBDatabaseConnection.

        API Test: IndexedDB.KillWebProcessWithOpenConnection

        * Modules/indexeddb/server/IDBConnectionToClient.cpp:
        (WebCore::IDBServer::IDBConnectionToClient::connectionToClientClosed):

2020-04-03  Zalan Bujtas  <zalan@apple.com>

        [MultiColumn] Infinite loop in RenderBlockFlow::pushToNextPageWithMinimumLogicalHeight
        https://bugs.webkit.org/show_bug.cgi?id=209948
        <rdar://problem/59331899>

        Reviewed by Antti Koivisto.

        pushToNextPageWithMinimumLogicalHeight is supposed to find the next page/column with enough space for the content.
        However we keep finding the same column because it is not balanced properly yet (while in layout, they have the initial height of LayoutUnit::max).    

        Test: fast/multicol/infinite-loop-with-unbalanced-column.html

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::pushToNextPageWithMinimumLogicalHeight const):

2020-04-03  youenn fablet  <youenn@apple.com>

        Add initial support for WebRTC HEVC
        https://bugs.webkit.org/show_bug.cgi?id=204283

        Reviewed by Eric Carlson.

        Add a runtime flag for H265 in lieu of VP8 and pipe it to libwebrtc factories.
        Test: webrtc/h265.html

        * page/Page.cpp:
        (WebCore::m_deviceOrientationUpdateProvider):
        * page/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::webRTCH265CodecEnabled const):
        (WebCore::RuntimeEnabledFeatures::setWebRTCH265CodecEnabled):
        * platform/mediastream/libwebrtc/LibWebRTCProvider.h:
        * platform/mediastream/libwebrtc/LibWebRTCProviderCocoa.cpp:
        (WebCore::LibWebRTCProviderCocoa::createDecoderFactory):
        (WebCore::LibWebRTCProviderCocoa::createEncoderFactory):
        * testing/Internals.cpp:
        (WebCore::Internals::resetToConsistentState):

2020-04-03  Yousuke Kimoto  <yousuke.kimoto@sony.com>

        FileSystem handle leaks in CurlCacheManager and NetworkCacheData when failed to open a file
        https://bugs.webkit.org/show_bug.cgi?id=209949

        Reviewed by Fujii Hironori.

        A file handle of FileSystem is not closed when the file handle doesn't
        return its status. The handle should be released before returning.

        No new tests, no behavior change.

        * platform/network/curl/CurlCacheManager.cpp:
        (WebCore::CurlCacheManager::loadIndex):

2020-04-03  Peng Liu  <peng.liu6@apple.com>

        WebCore::HTMLMediaElement::mediaCanStart crashes
        https://bugs.webkit.org/show_bug.cgi?id=209950

        Reviewed by Jer Noble.

        Use WeakHashSet instead of HashSet to record MediaCanStartListeners in Document.

        * dom/Document.cpp:
        (WebCore::Document::addMediaCanStartListener):
        (WebCore::Document::removeMediaCanStartListener):
        (WebCore::Document::takeAnyMediaCanStartListener):
        * dom/Document.h:
        * page/MediaCanStartListener.h:

2020-04-03  Simon Fraser  <simon.fraser@apple.com>

        Flesh out enclosingScrollableArea() implementations
        https://bugs.webkit.org/show_bug.cgi?id=209953

        Reviewed by Timothy Hatcher.

        enclosingScrollableArea() is a virtual function on ScrollableArea. It's currently
        only called in an unused iOS WebKit1 code path, but will soon be used for scroll
        latching, so flesh out implementations.

        Will be tested by future scroll latching tests.

        * page/FrameView.cpp:
        (WebCore::FrameView::enclosingScrollableArea const):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::enclosingScrollableArea const):
        * rendering/RenderListBox.cpp:
        (WebCore::RenderListBox::enclosingScrollableArea const):

2020-04-02  Simon Fraser  <simon.fraser@apple.com>

        Rename widgetDidHandleWheelEvent back to passWheelEventToWidget and make some functions private
        https://bugs.webkit.org/show_bug.cgi?id=209951

        Reviewed by Zalan Bujtas.

        Revert the rename from r199331, and make private wheel-event related functions that
        are internal to EventHandler.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::handleWheelEvent):
        (WebCore::EventHandler::passWheelEventToWidget):
        (WebCore::EventHandler::widgetDidHandleWheelEvent): Deleted.
        * page/EventHandler.h:
        * page/ios/EventHandlerIOS.mm:
        (WebCore::EventHandler::passWheelEventToWidget):
        (WebCore::EventHandler::widgetDidHandleWheelEvent): Deleted.
        * page/mac/EventHandlerMac.mm:
        (WebCore::EventHandler::passWheelEventToWidget):
        (WebCore::EventHandler::widgetDidHandleWheelEvent): Deleted.

2020-04-02  Andres Gonzalez  <andresg_22@apple.com>

        Crash in RenderMenuList::didUpdateActiveOption.
        https://bugs.webkit.org/show_bug.cgi?id=208867
        <rdar://problem/60035390>

        Reviewed by Chris Fleizach.

        Enabled test accessibility/menu-list-sends-change-notification.html.

        - Check the type of the AccessibilityObject before downcasting in RenderMenuList.
        - Fixed handling of the AXMenuListValueChanged notification on the Mac.
        This notification was previously ignored and hence the LayoutTest was failing.

        * accessibility/mac/AXObjectCacheMac.mm:
        (WebCore::AXObjectCache::postPlatformNotification):
        * rendering/RenderMenuList.cpp:
        (RenderMenuList::didUpdateActiveOption):

2020-04-02  Eric Carlson  <eric.carlson@apple.com>

        Remove unused media controls code
        https://bugs.webkit.org/show_bug.cgi?id=209875
        <rdar://problem/61172738>

        Remove code for the, now unused, C++ based media controls.

        Reviewed by Daniel Bates.

        No new tests, no functional change.

        * Modules/mediacontrols/MediaControlsHost.cpp:
        (WebCore::MediaControlsHost::textTrackContainer):
        * Modules/mediacontrols/MediaControlsHost.h:
        * Modules/plugins/QuickTimePluginReplacement.mm:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * accessibility/AXObjectCache.cpp:
        (WebCore::createFromRenderer):
        * accessibility/AccessibilityMediaControls.cpp: Removed.
        * accessibility/AccessibilityMediaControls.h: Removed.
        * dom/Node.h:
        (WebCore::Node::isMediaControlElement const): Deleted.
        (WebCore::Node::isMediaControls const): Deleted.
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::HTMLMediaElement):
        (WebCore::HTMLMediaElement::~HTMLMediaElement):
        (WebCore::HTMLMediaElement::childShouldCreateRenderer const):
        (WebCore::HTMLMediaElement::pauseAfterDetachedTask):
        (WebCore::HTMLMediaElement::updateRenderer):
        (WebCore::HTMLMediaElement::selectMediaResource):
        (WebCore::HTMLMediaElement::mediaLoadingFailed):
        (WebCore::HTMLMediaElement::setNetworkState):
        (WebCore::HTMLMediaElement::changeNetworkStateFromLoadingToIdle):
        (WebCore::HTMLMediaElement::setReadyState):
        (WebCore::HTMLMediaElement::progressEventTimerFired):
        (WebCore::HTMLMediaElement::setMuted):
        (WebCore::HTMLMediaElement::playbackProgressTimerFired):
        (WebCore::HTMLMediaElement::addTextTrack):
        (WebCore::HTMLMediaElement::removeTextTrack):
        (WebCore::HTMLMediaElement::didAddTextTrack):
        (WebCore::HTMLMediaElement::ensureMediaControlsShadowRoot):
        (WebCore::HTMLMediaElement::updateCaptionContainer):
        (WebCore::HTMLMediaElement::layoutSizeChanged):
        (WebCore::HTMLMediaElement::configureTextTracks):
        (WebCore::HTMLMediaElement::mediaPlayerCharacteristicChanged):
        (WebCore::HTMLMediaElement::updateVolume):
        (WebCore::HTMLMediaElement::updatePlayState):
        (WebCore::HTMLMediaElement::enterFullscreen):
        (WebCore::HTMLMediaElement::exitFullscreen):
        (WebCore::HTMLMediaElement::didBecomeFullscreenElement):
        (WebCore::HTMLMediaElement::willStopBeingFullscreenElement):
        (WebCore::HTMLMediaElement::textTrackReadyStateChanged):
        (WebCore::HTMLMediaElement::configureTextTrackDisplay):
        (WebCore::HTMLMediaElement::updateTextTrackDisplay):
        (WebCore::HTMLMediaElement::updateTextTrackRepresentationImageIfNeeded):
        (WebCore::HTMLMediaElement::setClosedCaptionsVisible):
        (WebCore::HTMLMediaElement::configureMediaControls):
        (WebCore::HTMLMediaElement::captionPreferencesChanged):
        (WebCore::HTMLMediaElement::setController):
        (WebCore::HTMLMediaElement::getCurrentMediaControlsStatus):
        (WebCore::HTMLMediaElement::closeCaptionTracksChanged): Deleted.
        (WebCore::HTMLMediaElement::mediaControls const): Deleted.
        (WebCore::HTMLMediaElement::hasMediaControls const): Deleted.
        (WebCore::HTMLMediaElement::createMediaControls): Deleted.
        * html/HTMLMediaElement.h:
        (WebCore::HTMLMediaElement::mediaControlsHost):
        * html/shadow/MediaControlElementTypes.cpp: Removed.
        * html/shadow/MediaControlElementTypes.h: Removed.
        * html/shadow/MediaControlElements.cpp: Removed.
        * html/shadow/MediaControlElements.h: Removed.
        * html/shadow/MediaControlTextTrackContainerElement.cpp: Added.
        (WebCore::MediaControlTextTrackContainerElement::create):
        (WebCore::MediaControlTextTrackContainerElement::MediaControlTextTrackContainerElement):
        (WebCore::MediaControlTextTrackContainerElement::createElementRenderer):
        (WebCore::compareCueIntervalForDisplay):
        (WebCore::MediaControlTextTrackContainerElement::updateDisplay):
        (WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentationImageIfNeeded):
        (WebCore::MediaControlTextTrackContainerElement::processActiveVTTCue):
        (WebCore::MediaControlTextTrackContainerElement::updateActiveCuesFontSize):
        (WebCore::MediaControlTextTrackContainerElement::updateTextStrokeStyle):
        (WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentationIfNeeded):
        (WebCore::MediaControlTextTrackContainerElement::clearTextTrackRepresentation):
        (WebCore::MediaControlTextTrackContainerElement::updateTextTrackStyle):
        (WebCore::MediaControlTextTrackContainerElement::enteredFullscreen):
        (WebCore::MediaControlTextTrackContainerElement::exitedFullscreen):
        (WebCore::MediaControlTextTrackContainerElement::updateVideoDisplaySize):
        (WebCore::MediaControlTextTrackContainerElement::updateSizes):
        (WebCore::MediaControlTextTrackContainerElement::createTextTrackRepresentationImage):
        (WebCore::MediaControlTextTrackContainerElement::textTrackRepresentationBoundsChanged):
        (WebCore::MediaControlTextTrackContainerElement::hide):
        (WebCore::MediaControlTextTrackContainerElement::show):
        (WebCore::MediaControlTextTrackContainerElement::isShowing const):
        (WebCore::MediaControlTextTrackContainerElement::logger const):
        (WebCore::MediaControlTextTrackContainerElement::logIdentifier const):
        (WebCore::MediaControlTextTrackContainerElement::logChannel const):
        * html/shadow/MediaControlTextTrackContainerElement.h: Added.
        * html/shadow/MediaControls.cpp: Removed.
        * html/shadow/MediaControls.h: Removed.
        * page/CaptionUserPreferencesMediaAF.cpp:
        * page/Page.cpp:
        (WebCore::Page::setPageScaleFactor):
        (WebCore::Page::setUserInterfaceLayoutDirection):
        * rendering/RenderMediaControls.cpp: Removed.
        * rendering/RenderMediaControls.h: Removed.
        * rendering/RenderSlider.cpp:
        * rendering/RenderTheme.cpp:
        * rendering/RenderThemeAdwaita.cpp:
        * rendering/RenderThemeCocoa.h:
        * rendering/RenderThemeCocoa.mm:
        (WebCore::RenderThemeCocoa::mediaControlsFormattedStringForDuration):
        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::mediaControlsStyleSheet):
        (WebCore::RenderThemeIOS::modernMediaControlsStyleSheet):
        (WebCore::RenderThemeIOS::mediaControlsScript):
        (WebCore::RenderThemeIOS::mediaControlsBase64StringForIconNameAndType):
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::mediaControlsStyleSheet):
        (WebCore::RenderThemeMac::modernMediaControlsStyleSheet):
        (WebCore::RenderThemeMac::mediaControlsScript):
        (WebCore::RenderThemeMac::mediaControlsBase64StringForIconNameAndType):
        * testing/Internals.cpp:
        (WebCore::Internals::getCurrentMediaControlsStatusForElement):

2020-04-02  Eric Carlson  <eric.carlson@apple.com>

        Don't call -[AVCapture startRunning] when interruption ends
        https://bugs.webkit.org/show_bug.cgi?id=209919
        <rdar://problem/61090625>

        Calling -[AVCaptureSession startRunning] after a VideoNotAllowedInSideBySide interruption
        ends triggers a bug in AVCapture that hangs the app for several seconds, but restarting the
        capture session isn't necessary because it will restart automatically in that case.

        Reviewed by Youenn Fablet.

        Tested manually.

        * platform/mediastream/mac/AVVideoCaptureSource.h: Remove InterruptionReason enum, convert
        m_interruption to m_interrupted bool
        * platform/mediastream/mac/AVVideoCaptureSource.mm:
        (WebCore::AVVideoCaptureSource::AVVideoCaptureSource): Remove InterruptionReason enum checking.
        (WebCore::AVVideoCaptureSource::stopProducingData): m_interruption -> m_interrupted.
        (WebCore::AVVideoCaptureSource::interrupted const): Ditto.
        (WebCore::AVVideoCaptureSource::captureSessionBeginInterruption): Ditto.
        (WebCore::AVVideoCaptureSource::captureSessionEndInterruption): Ditto. Don't restart the session.
        (-[WebCoreAVVideoCaptureSourceObserver observeValueForKeyPath:ofObject:change:context:]):
        Drive-by fix: always log notifications to help with debugging.

2020-04-02  David Kilzer  <ddkilzer@apple.com>

        REGRESSION (r258525): Leak of NSMutableAttributedString in -[WebAccessibilityObjectWrapper doAXAttributedStringForTextMarkerRange:spellCheck:]
        <https://webkit.org/b/209932>
        <rdar://problem/61228565>

        Reviewed by Chris Fleizach.

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper doAXAttributedStringForTextMarkerRange:spellCheck:]):
        Move early return to avoid leaking NSMutableAttributedString.

2020-04-02  Chris Dumez  <cdumez@apple.com>

        ActiveDOMObject::hasPendingActivity() should stop preventing wrapper collection after ActiveDOMObject::stop() has been called
        https://bugs.webkit.org/show_bug.cgi?id=209886

        Reviewed by Ryosuke Niwa.

        ActiveDOMObject::stop() gets called when the script execution context is about to be destroyed.
        ActiveDOMObject objects should no longer run script after that and there is therefore no point
        in keeping the JS wrapper alive once stop() has been called. Worse, depending on the
        implementation of virtualHasPendingActivity(), keeping the wrapper alive past this point may
        actually cause JS wrapper leaks. Some of the virtualHasPendingActivity() were properly checking
        if the context was stopped but not all of them. To address the issue, we now check
        ActiveDOMObject::isContextStopped() in the JS bindings, in addition to
        ActiveDOMObject::hasPendingActivity(), so that it is no longer possible to keep a JS wrapper
        alive past the point where the script execution context has been stopped. This new approach
        is a lot less leak/error prone.

        * Modules/indexeddb/IDBDatabase.cpp:
        (WebCore::IDBDatabase::virtualHasPendingActivity const):
        * Modules/indexeddb/IDBOpenDBRequest.cpp:
        (WebCore::IDBOpenDBRequest::requestCompleted):
        * Modules/indexeddb/IDBRequest.cpp:
        (WebCore::IDBRequest::virtualHasPendingActivity const):
        (WebCore::IDBRequest::stop):
        (WebCore::IDBRequest::enqueueEvent):
        (WebCore::IDBRequest::dispatchEvent):
        * Modules/indexeddb/IDBRequest.h:
        * Modules/indexeddb/IDBTransaction.cpp:
        (WebCore::IDBTransaction::virtualHasPendingActivity const):
        (WebCore::IDBTransaction::stop):
        (WebCore::IDBTransaction::notifyDidAbort):
        (WebCore::IDBTransaction::enqueueEvent):
        (WebCore::IDBTransaction::dispatchEvent):
        * Modules/indexeddb/IDBTransaction.h:
        * Modules/mediastream/MediaDevices.cpp:
        (WebCore::MediaDevices::virtualHasPendingActivity const):
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation):
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        (WebCore::JSTestInterfaceOwner::isReachableFromOpaqueRoots):
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
        (WebCore::JSTestNamedConstructorOwner::isReachableFromOpaqueRoots):
        * css/FontFace.cpp:
        (WebCore::FontFace::virtualHasPendingActivity const):
        * dom/ActiveDOMObject.h:
        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::virtualHasPendingActivity const):
        * workers/service/ServiceWorkerRegistration.cpp:
        (WebCore::ServiceWorkerRegistration::getOrCreate):
        (WebCore::ServiceWorkerRegistration::update):
        (WebCore::ServiceWorkerRegistration::unregister):
        (WebCore::ServiceWorkerRegistration::queueTaskToFireUpdateFoundEvent):
        (WebCore::ServiceWorkerRegistration::stop):
        (WebCore::ServiceWorkerRegistration::virtualHasPendingActivity const):
        * workers/service/ServiceWorkerRegistration.h:

2020-04-02  Simon Fraser  <simon.fraser@apple.com>

        Rename some wheel-event related functions
        https://bugs.webkit.org/show_bug.cgi?id=209918

        Reviewed by Zalan Bujtas.

        Rename some functions to describe what they do, rather than being generic "platform" things, to make
        the code easier to read.

        Similarly, rename m_clearLatchingStateTimer for what it does.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::EventHandler):
        (WebCore::EventHandler::clearLatchedStateTimerFired):
        (WebCore::EventHandler::determineWheelEventTarget):
        (WebCore::EventHandler::recordWheelEventForDeltaFilter):
        (WebCore::EventHandler::processWheelEventForScrolling):
        (WebCore::EventHandler::processWheelEventForScrollSnap):
        (WebCore::EventHandler::completeWidgetWheelEvent):
        (WebCore::EventHandler::handleWheelEvent):
        (WebCore::EventHandler::platformPrepareForWheelEvents): Deleted.
        (WebCore::EventHandler::platformRecordWheelEvent): Deleted.
        (WebCore::EventHandler::platformCompleteWheelEvent): Deleted.
        (WebCore::EventHandler::platformNotifyIfEndGesture): Deleted.
        * page/EventHandler.h:
        * page/mac/EventHandlerMac.mm:
        (WebCore::EventHandler::clearOrScheduleClearingLatchedStateIfNeeded):
        (WebCore::EventHandler::determineWheelEventTarget):
        (WebCore::EventHandler::recordWheelEventForDeltaFilter):
        (WebCore::EventHandler::processWheelEventForScrolling):
        (WebCore::EventHandler::processWheelEventForScrollSnap):
        (WebCore::EventHandler::platformPrepareForWheelEvents): Deleted.
        (WebCore::EventHandler::platformRecordWheelEvent): Deleted.
        (WebCore::EventHandler::platformCompleteWheelEvent): Deleted.
        (WebCore::EventHandler::platformNotifyIfEndGesture): Deleted.

2020-04-02  Daniel Bates  <dabates@apple.com>

        Traverse float descendants when computing event and touch-action regions
        https://bugs.webkit.org/show_bug.cgi?id=209896
        <rdar://problem/61196287>

        Reviewed by Antti Koivisto.

        Consider floating objects when computing the event region and touch-action region.
        For touch-action hit testing this means that CSS touch-action is honored on floating
        objects.

        Tests: fast/scrolling/ios/event-region-float.html
               pointerevents/ios/touch-action-region-float.html

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::paintObject):

2020-04-02  Jer Noble  <jer.noble@apple.com>

        Hulu.com gets stuck in a "loading" state when seeking
        https://bugs.webkit.org/show_bug.cgi?id=209916
        <rdar://problem/55041979>

        Reviewed by Eric Carlson.

        Hulu.com depends on the "canplay" event firing after a seek to hide their loading indicator.
        The HTML spec says that "canplay" should only be fired when moving from the HAVE_CURRENT_DATA
        to HAVE_FUTURE_DATA or greater, but when seeking within the buffered range, the readyState
        never drops below HAVE_FUTURE_DATA. To work around this behavior, add a quirk for Hulu.com
        that always fires "canplay" after a seek completes, so long as the readyState is HAVE_FUTURE_DATA
        or higher.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::seekTask):
        (WebCore::HTMLMediaElement::finishSeek):
        * page/Quirks.cpp:
        (WebCore::Quirks::needsCanPlayAfterSeekedQuirk const):
        * page/Quirks.h:

2020-04-02  Wenson Hsieh  <wenson_hsieh@apple.com>

        Avoid null deref after inserting a text field with a list attribute
        https://bugs.webkit.org/show_bug.cgi?id=209909
        <rdar://problem/60742229>

        Reviewed by Ryosuke Niwa.

        On macOS, when painting a text field with an associated datalist (i.e. `HTMLInputElement::list()` is non-null),
        we assume that the datalist suggestions dropdown button has a renderer (in other words, it does not have a style
        of `display: none`).

        Existing logic in `TextFieldInputType` is responsible for upholding this invariant -- when the list attribute
        changes on an input field (e.g. when we parse the list attribute, or when it is set by JavaScript), we update
        the inline display style of `m_dataListDropdownIndicator`, such that it is set to `display: none` only if there
        is either no list attribute, or the list attribute is empty, or the list does not refer to a connected datalist
        element. However, there is one scenario in which this invariant is violated. Consider the following:

        1. An input field is created, and its list attribute is set to "foo". Importantly, it is not connected yet.
        2. A datalist element with id "foo" is then created and then added to the document.
        3. The input field created in (1) is then added to the document.

        In this scenario, `listAttributeTargetChanged()` is invoked after (1), but since it is not connected, it has no
        datalist yet, and so `m_dataListDropdownIndicator` will remain non-rendered. When it is later added to the DOM,
        nothing attempts to `m_dataListDropdownIndicator` even though its list attribute now refers to a datalist, so
        it remains hidden. When we later go to paint the input's datalist dropdown button in
        `RenderThemeMac::paintListButtonForInput`, we assume that the dropdown button must be rendered because the input
        has a datalist and subsequently crash since `buttonElement->renderer()` remains null.

        To fix this, we add logic to update the datalist dropdown button's inline display style when it is connected to
        the document with an existing, non-empty list attribute.

        Test: fast/forms/datalist/append-input-with-list-attribute.html

        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::parseAttribute):
        (WebCore::HTMLInputElement::didFinishInsertingNode):

        Notify the InputType subclass that the datalist element may have changed after an input element is connected
        to the document with a non-empty list attribute.

        (WebCore::HTMLInputElement::dataListMayHaveChanged):
        (WebCore::ListAttributeTargetObserver::idTargetChanged):
        (WebCore::HTMLInputElement::listAttributeTargetChanged): Deleted.

        Rename listAttributeTargetChanged to dataListMayHaveChanged, since it is no longer called only when the list
        attribute changes value, but rather when the input's datalist element may have changed.

        * html/HTMLInputElement.h:
        * html/InputType.cpp:
        (WebCore::InputType::dataListMayHaveChanged):
        (WebCore::InputType::listAttributeTargetChanged): Deleted.
        * html/InputType.h:
        * html/RangeInputType.cpp:
        (WebCore::RangeInputType::dataListMayHaveChanged):
        (WebCore::RangeInputType::listAttributeTargetChanged): Deleted.
        * html/RangeInputType.h:
        * html/TextFieldInputType.cpp:
        (WebCore::TextFieldInputType::dataListMayHaveChanged):
        (WebCore::TextFieldInputType::listAttributeTargetChanged): Deleted.
        * html/TextFieldInputType.h:

2020-04-01  Darin Adler  <darin@apple.com>

        Remove all uses of live ranges from TextIterator
        https://bugs.webkit.org/show_bug.cgi?id=209723

        Reviewed by Antti Koivisto.

        - Replaced TextIterator::getLocationAndLengthFromRange with a function named
          characterRange that computes a CharacterRange given a scope and a range.
        - Removed the overload of plainText that takes a pointer to a live range.
        - Update the many callers of plainText that pass a pointer to a live range
          to pass a reference instead, adding null checks as needed to preserve behavior.
        - Rewrote some call sites to not use live ranges at all, or use them minimally.

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::nextSentenceEndPosition const): Streamlined
        the logic in this function, using a smaller number of null checks since the
        functions we are calling also do null checks, simpler variable names and
        fewer local variables. Pass a reference to a live range rather than a
        pointer to the plainText function.
        (WebCore::AccessibilityObject::previousSentenceStartPosition const): Ditto.
        (WebCore::AccessibilityObject::nextParagraphEndPosition const): Ditto.
        (WebCore::AccessibilityObject::previousParagraphStartPosition const): Ditto.
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::textUnderElement const): Ditto.
        (WebCore::boundsForRects): Converted this to a file-local function and changed
        it to take a SimpleRange instead of a live range.
        (WebCore::AccessibilityRenderObject::boundsForVisiblePositionRange const): Pass
        a reference to a live range instead of a pointer.
        (WebCore::AccessibilityRenderObject::boundsForRange const): Ditto.
        * accessibility/AccessibilityRenderObject.h: Removed boundsForRects.

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper _convertToNSRange:]): Rewrote to use
        characterRange instead of TextIterator::getLocationAndLengthFromRange.

        * dom/BoundaryPoint.h:
        (WebCore::makeBoundaryPointBeforeNodeContents): Added.

        * dom/Element.cpp:
        (WebCore::Element::innerText): Pass a SimpleRange instead of a live range
        to the plainText function.

        * dom/Range.cpp:
        (WebCore::Range::text const): Pass a reference to a live range instead of a
        pointer to the plainText function.

        * dom/SimpleRange.cpp:
        (WebCore::makeBoundaryPointAfterNodeContents): Added.
        (WebCore::makeRangeSelectingNodeContents): Use makeBoundaryPointBeforeNodeContents
        and makeBoundaryPointAfterNodeContents

        * editing/AlternativeTextController.cpp:
        (WebCore::AlternativeTextController::applyPendingCorrection): Pass a reference
        to a live range to plainText.
        (WebCore::AlternativeTextController::show): Ditto.
        (WebCore::AlternativeTextController::timerFired): Ditto.
        (WebCore::AlternativeTextController::handleAlternativeTextUIResult): Ditto.
        (WebCore::AlternativeTextController::recordAutocorrectionResponse): Ditto. Also
        take a SimpleRange argument.
        (WebCore::AlternativeTextController::markPrecedingWhitespaceForDeletedAutocorrectionAfterCommand):
        Ditto.
        (WebCore::AlternativeTextController::respondToMarkerAtEndOfWord):Ditto.
        * editing/AlternativeTextController.h: Update for the above changes.

        * editing/Editor.cpp:
        (WebCore::Editor::markMisspellingsAfterTypingToWord): Pass a reference
        to a live range to plainText.
        (WebCore::correctSpellcheckingPreservingTextCheckingParagraph): Ditto.
        Also refactor for simplicity and clarity.
        (WebCore::Editor::markAndReplaceFor): Ditto.
        (WebCore::Editor::changeBackToReplacedString): Ditto.
        (WebCore::Editor::transpose): Ditto.
        (WebCore::Editor::addRangeToKillRing): Ditto.
        (WebCore::Editor::stringForCandidateRequest const): Ditto.
        * editing/ReplaceRangeWithTextCommand.cpp:
        (WebCore::ReplaceRangeWithTextCommand::doApply): Ditto.
        * editing/ReplaceSelectionCommand.cpp:
        (WebCore::ReplacementFragment::ReplacementFragment): Ditto.
        * editing/SpellingCorrectionCommand.cpp:
        (WebCore::SpellingCorrectionCommand::doApply): Ditto.
        * editing/TextCheckingHelper.cpp:
        (WebCore::TextCheckingParagraph::text const): Ditto.
        (WebCore::TextCheckingHelper::findFirstMisspellingOrBadGrammar): Ditto.

        * editing/TextIterator.cpp: Use more constexpr.
        (WebCore::characterSubrange): Deleted. Moved the logic from this function
        into the one place using it, the rangeForMatch function.
        (WebCore::resolveCharacterLocation): Deleted. Moved to the header file.
        (WebCore::TextIterator::getLocationAndLengthFromRange): Deleted.
        (WebCore::plainText): Deleted the overload that takes a live range pointer.
        (WebCore::plainTextUsingBackwardsTextIteratorForTesting): Deleted. Moved
        the implementation to Internals. There's nothing special about the algorithm,
        it uses SimplifiedBackwardsTextIterator in a simple way.
        (WebCore::collapsedToBoundary): Deleted. Moved the code to the one place
        it's used, the rangeForMatch function.
        (WebCore::forEachMatch): Renamed from findPlainTextMatches and changed to
        work without any use of live ranges and to use CharacterRange.
        (WebCore::rangeForMatch): Rewrote to include more of the logic, removing
        the collapsedToBoundary and characterSubrange functions, and to not use
        any live ranges.
        (WebCore::findClosestPlainText): Rewrote to tighten up the algorithm a
        bit, break ties based on the search direction, and have less repetitive code.
        (WebCore::findPlainText): Rewrote for clarity.

        * editing/TextIterator.h: Removed the forward declaration of Range.
        Removed the overload of plainText that takes a live range pointer. Moved
        the functions that work with character ranges up to the top of the file,
        grouped the other functions more logically. Deleted the
        TextIterator::getLocationAndLengthFromRange function. Put some inline
        function definitions here.

        * editing/TypingCommand.cpp:
        (WebCore::TypingCommand::markMisspellingsAfterTyping): Pass a reference
        to a live range to plainText.
        * editing/VisibleUnits.cpp:
        (WebCore::charactersAroundPosition): Pass a SimpleRange to plainText
        rather than a live range.
        * editing/cocoa/DataDetection.mm:
        (WebCore::detectItemAtPositionWithRange): Pass a reference to a live
        range to plainText.
        * editing/cocoa/DictionaryLookup.mm:
        (WebCore::DictionaryLookup::rangeForSelection): Ditto.

        * editing/cocoa/HTMLConverter.h: Tweaked #if a bit.

        * editing/mac/DictionaryLookupLegacy.mm:
        (WebCore::DictionaryLookup::rangeForSelection): Pass a reference to a
        live range to plainText. Also rewrote logic to use mostly SimpleRange.
        (WebCore::DictionaryLookup::rangeAtHitTestResult): Ditto.
        * editing/markup.cpp:
        (WebCore::StyledMarkupAccumulator::renderedTextRespectingRange): Ditto.
        * html/HTMLTextAreaElement.cpp:
        (WebCore::HTMLTextAreaElement::handleBeforeTextInsertedEvent const): Ditto.
        * page/ContextMenuController.cpp:
        (WebCore::ContextMenuController::contextMenuItemSelected): Ditto.
        * page/DOMSelection.cpp:
        (WebCore::DOMSelection::toString): Ditto.

        * page/Page.cpp:
        (WebCore::Page::replaceRangesWithText): Rewrote to replaces use of
        TextIterator::getLocationAndLengthFromRange with characterRange.

        * page/ios/FrameIOS.mm:
        (WebCore::Frame::interpretationsForCurrentRoot const): Pass a
        reference to a live range to plainText.

        * testing/Internals.cpp:
        (WebCore::Internals::locationFromRange): Use characterRange.
        (WebCore::Internals::lengthFromRange): Ditto.
        (WebCore::Internals::rangeAsTextUsingBackwardsTextIterator):
        USe SimplifiedBackwardsTextIterator directly since we no longer have
        the function plainTextUsingBackwardsTextIteratorForTesting.

2020-04-02  Ryosuke Niwa  <rniwa@webkit.org>

        Remove a superflous blank line added in the previous commit as pointed out during the code review.

        * html/HTMLFormElement.cpp:
        (WebCore::HTMLFormElement::copyAssociatedElementsVector const):

2020-04-01  Ryosuke Niwa  <rniwa@webkit.org>

        HTMLFormElement should use WeakPtr to keep track of its associated elements
        https://bugs.webkit.org/show_bug.cgi?id=209894

        Reviewed by Wenson Hsieh.

        Replaced the vector of raw pointers to FormAssociatedElement in HTMLFormElement by a vector
        of WeakPtr to the equivalent HTMLElement. Most of code changes below are due to type of elements
        in the vector changing from FormAssociatedElement to HTMLElement and needing conversion.

        This patch also moves clearing of m_form from ~FormAssociatedElement to its subclasses'
        destructors since we need to make a virtual function call to get HTMLElement* out of
        FormAssociatedElement, which would be too late inside ~FormAssociatedElement.

        No new tests since there should be no behavioral change.

        * html/FormAssociatedElement.cpp:
        (WebCore::FormAssociatedElement::~FormAssociatedElement): Assert that m_form had been cleared
        instead of clearing it here.
        * html/FormAssociatedElement.h:
        (WebCore::FormAssociatedElement::clearForm): Added.
        * html/FormController.cpp:
        (WebCore::recordFormStructure):
        * html/HTMLFormControlElement.cpp:
        (WebCore::HTMLFormControlElement::~HTMLFormControlElement): Now calls clearForm. Also removed
        the redundant comment.
        * html/HTMLFormControlsCollection.cpp:
        (WebCore::findFormAssociatedElement):
        (WebCore::HTMLFormControlsCollection::unsafeFormControlElements const): Deleted.
        (WebCore::HTMLFormControlsCollection::copyFormControlElementsVector const): Deleted.
        (WebCore::HTMLFormControlsCollection::customElementAfter const):
        (WebCore::HTMLFormControlsCollection::updateNamedElementCache const):
        * html/HTMLFormControlsCollection.h:
        * html/HTMLFormElement.cpp:
        (WebCore::HTMLFormElement::~HTMLFormElement):
        (WebCore::HTMLFormElement::removedFromAncestor):
        (WebCore::HTMLFormElement::length const):
        (WebCore::HTMLFormElement::textFieldValues const):
        (WebCore::HTMLFormElement::resetAssociatedFormControlElements):
        (WebCore::HTMLFormElement::formElementIndexWithFormAttribute):
        (WebCore::HTMLFormElement::registerFormElement):
        (WebCore::HTMLFormElement::removeFormElement):
        (WebCore::HTMLFormElement::checkInvalidControlsAndCollectUnhandled):
        (WebCore::HTMLFormElement::assertItemCanBeInPastNamesMap const):
        (WebCore::HTMLFormElement::unsafeAssociatedElements const):
        (WebCore::HTMLFormElement::copyAssociatedElementsVector const):
        * html/HTMLFormElement.h:
        * html/HTMLObjectElement.cpp:
        (WebCore::HTMLObjectElement::~HTMLObjectElement): Added. Calls clearForm.
        * html/HTMLObjectElement.h:

2020-04-02  Alex Christensen  <achristensen@webkit.org>

        Add SPI to restrict loading to main resources or non-network loads
        https://bugs.webkit.org/show_bug.cgi?id=209893

        Reviewed by Tim Horton.

        This will allow two projects that currently use the injected bundle SPI to use these instead.
        Covered by API tests.

        * Modules/websockets/ThreadableWebSocketChannel.cpp:
        (WebCore::ThreadableWebSocketChannel::validateURL):
        * loader/ResourceLoadNotifier.cpp:
        (WebCore::ResourceLoadNotifier::assignIdentifierToInitialRequest):
        (WebCore::ResourceLoadNotifier::dispatchWillSendRequest):
        * loader/ResourceLoadNotifier.h:
        * page/Page.cpp:
        (WebCore::m_loadsFromNetwork):
        (WebCore::m_deviceOrientationUpdateProvider): Deleted.
        * page/Page.h:
        (WebCore::Page::loadsSubresources const):
        (WebCore::Page::loadsFromNetwork const):
        * page/PageConfiguration.h:

2020-04-02  Eric Carlson  <eric.carlson@apple.com>

        [iOS] Allow WebKit to use camera in multi-tasking mode
        https://bugs.webkit.org/show_bug.cgi?id=209904

        Reviewed by Youenn Fablet.

        * platform/mediastream/mac/AVVideoCaptureSource.mm:
        (WebCore::AVVideoCaptureSource::setupSession):

2020-04-02  Antoine Quint  <graouts@apple.com>

        Video previews on shutterstock.com don't play when tapped on iPadOS
        https://bugs.webkit.org/show_bug.cgi?id=209903
        <rdar://problem/58844166>

        Reviewed by Wenson Hsieh.

        When tapping on a video preview after searching for a video on shutterstock.com, for instance on https://www.shutterstock.com/video/search/people,
        we correctly enter the hover state thanks to our content observation heuristics, but the <video> preview inserted fails to play and show due to a
        style rule setting a "display: none" style if the media-query "pointer: coarse" evaluates to true.

        In order to improve this website's behavior on iPadOS, we add a new quirk that prevents the "pointer: coarse" media query from evaluating to true.
        This new quirk, shouldPreventPointerMediaQueryFromEvaluatingToCoarse(), evaluates to true only for this this website.

        * css/MediaQueryEvaluator.cpp:
        (WebCore::pointerEvaluate):
        * page/Quirks.cpp:
        (WebCore::Quirks::shouldPreventPointerMediaQueryFromEvaluatingToCoarse const):
        * page/Quirks.h:

2020-04-02  youenn fablet  <youenn@apple.com>

        Remove synchronous termination of service workers
        https://bugs.webkit.org/show_bug.cgi?id=209666

        Reviewed by Chris Dumez.

        Instead of supporting synchronous IPC to terminate a service worker, SWServerWorker will asynchronously ask for the service worker to terminate.
        If it is not terminated after some time, SWServerWorker will then ask to terminate the process running the service worker.
        Time is kept to 10 seconds.

        We can then remove all synchronous related code related to termination.
        We migrate the terminateServiceWorker internal API to be Promise based.

        Covered by existing tests.

        * testing/Internals.cpp:
        (WebCore::Internals::terminateServiceWorker):
        * testing/Internals.h:
        * testing/Internals.idl:
        * workers/service/ServiceWorkerProvider.h:
        * workers/service/SWClientConnection.h:
        * workers/service/WorkerSWClientConnection.cpp:
        * workers/service/WorkerSWClientConnection.h:
        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::~SWServer):
        (WebCore::SWServer::unregisterServiceWorkerClient):
        * workers/service/server/SWServer.h:
        * workers/service/server/SWServerToContextConnection.h:
        * workers/service/server/SWServerWorker.cpp:
        (WebCore::m_terminationTimer):
        (WebCore::SWServerWorker::~SWServerWorker):
        (WebCore::SWServerWorker::terminate):
        (WebCore::SWServerWorker::startTermination):
        (WebCore::SWServerWorker::terminateCompleted):
        (WebCore::SWServerWorker::callTerminationCallbacks):
        (WebCore::SWServerWorker::terminationTimerFired):
        (WebCore::SWServerWorker::setState):
        (WebCore::SWServerWorker::didFailHeartBeatCheck):
        * workers/service/server/SWServerWorker.h:
        (WebCore::SWServerWorker::terminate):

2020-04-02  Rob Buis  <rbuis@igalia.com>

        Remove FrameLoader::addExtraFieldsToMainResourceRequest
        https://bugs.webkit.org/show_bug.cgi?id=209853

        Reviewed by Darin Adler.

        Remove FrameLoader::addExtraFieldsToMainResourceRequest since the call is
        not needed in DocumentLoader and can be inlined in FrameLoader. The call
        in DocumentLoader is no longer needed since adding the User-Agent header
        is decoupled from addExtraFields functionality and the User-Agent header
        will be added in CachedResourceLoader after any custom setting of the
        user agent (setCustomUserAgent API).

        Test: http/tests/navigation/useragent-reload.php

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::startLoadingMainResource):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::load):
        (WebCore::FrameLoader::addExtraFieldsToMainResourceRequest): Deleted.
        * loader/FrameLoader.h:

2020-04-01  Ryosuke Niwa  <rniwa@webkit.org>

        Crash in WebCore::HTMLDocumentParser::insert
        https://bugs.webkit.org/show_bug.cgi?id=209892

        Reviewed by Darin Adler.

        Speculative fix to check that the parser hasn't been detached before running preload scanner.

        No new tests since there is no reproduction and I couldn't come up with one.

        * html/parser/HTMLDocumentParser.cpp:
        (WebCore::HTMLDocumentParser::pumpTokenizer):
        (WebCore::HTMLDocumentParser::insert):

2020-04-01  Jack Lee  <shihchieh_lee@apple.com>

        Remove the unnecessary null check for document
        https://bugs.webkit.org/show_bug.cgi?id=209819

        Reviewed by Ryosuke Niwa.

        No new tests, covered by existing test.

        * dom/Node.cpp:
        (WebCore::Node::removedFromAncestor):

2020-04-01  Wenson Hsieh  <wenson_hsieh@apple.com>

        Remove some PLATFORM(IOS_FAMILY) guards in TextFieldInputType
        https://bugs.webkit.org/show_bug.cgi?id=209883

        Reviewed by Darin Adler.

        Refactor what is currently a compile-time IOS_FAMILY guard into a runtime check behind a private helper method
        on TextFieldInputType. This makes the intention behind the iOS-specific logic more self-evident; no change in
        behavior.

        * html/TextFieldInputType.cpp:
        (WebCore::TextFieldInputType::handleFocusEvent):
        (WebCore::TextFieldInputType::handleBlurEvent):
        (WebCore::TextFieldInputType::createDataListDropdownIndicator):
        (WebCore::TextFieldInputType::shouldOnlyShowDataListDropdownButtonWhenFocusedOrEdited const):
        (WebCore::TextFieldInputType::didSetValueByUserEdit):
        (WebCore::TextFieldInputType::listAttributeTargetChanged):
        * html/TextFieldInputType.h:

2020-04-01  Per Arne Vollan  <pvollan@apple.com>

        [Cocoa] UTI from MIME type cache can be removed after r258915
        https://bugs.webkit.org/show_bug.cgi?id=209787

        Unreviewed rollout of r257828.

        In r257828, a UTI from MIME type cache was added to avoid connecting to a launch services daemon in the
        WebContent process, but after <https://trac.webkit.org/changeset/258915> this cache is not strictly needed
        anymore, since r258915 solves the problem of avoiding to connect to the daemon in a general way.

        * platform/network/mac/UTIUtilities.h:
        * platform/network/mac/UTIUtilities.mm:
        (WebCore::UTIFromMIMETypeCachePolicy::createValueForKey):
        (WebCore::mapUTIFromMIMEType): Deleted.
        (WebCore::additionalMIMETypes): Deleted.
        (WebCore::createUTIFromMIMETypeMap): Deleted.
        (WebCore::setUTIFromMIMETypeMap): Deleted.
        * testing/Internals.cpp:
        (WebCore::Internals::getUTIFromMIMEType): Deleted.
        * testing/Internals.h:
        * testing/Internals.idl:
        * testing/Internals.mm:
        (WebCore::Internals::getUTIFromMIMEType): Deleted.

2020-04-01  Chris Dumez  <cdumez@apple.com>

        http/tests/navigation/page-cache-fontfaceset.html is flaky crashing
        https://bugs.webkit.org/show_bug.cgi?id=209881
        <rdar://problem/61114827>

        Reviewed by Darin Adler.

        Make sure CSSFontSelector::m_beginLoadingTimer uses a SuspendableTimer instead of a regular
        timer so that it cannot fire while in the back/forward cache and start a load.

        No new tests, covered by existing test.

        * css/CSSFontSelector.cpp:
        (WebCore::CSSFontSelector::CSSFontSelector):
        (WebCore::CSSFontSelector::clearDocument):
        * css/CSSFontSelector.h:

2020-04-01  Chris Dumez  <cdumez@apple.com>

        ASSERTION FAILED: m_wrapper on webgl/max-active-contexts-webglcontextlost-prevent-default.html
        https://bugs.webkit.org/show_bug.cgi?id=209863
        <rdar://problem/61164936>

        Reviewed by Darin Adler.

        The HTMLCanvasElement JS wrapper needs to stay alive as long as JS events may need to be fired.
        When the canvas has a WebGL context, the WebGL context may cause contextlost / contextrestored
        / contextchanged events at any point, unless the context is unrecoverably lost. To fix the
        issue, we now override virtualHasPendingActivity() in HTMLCanvasElement and return true if
        it has a WebGL context that is not unrecoverably lost and if relevant WebGL event listeners
        are registed.

        No new tests, covered by existing test.

        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::~HTMLCanvasElement):
        (WebCore::HTMLCanvasElement::virtualHasPendingActivity const):
        (WebCore::HTMLCanvasElement::stop):
        (WebCore::HTMLCanvasElement::eventListenersDidChange):
        * html/HTMLCanvasElement.h:
        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::isContextUnrecoverablyLost const):
        * html/canvas/WebGLRenderingContextBase.h:

2020-04-01  Jer Noble  <jer.noble@apple.com>

        CRASH in MediaPlayerPrivateMediaSourceAVFObjC::addAudioRenderer(), uncaught ObjC exception
        https://bugs.webkit.org/show_bug.cgi?id=209827
        <rdar://problem/61113080>

        Reviewed by Eric Carlson.

        -[AVSampleBufferAudioRenderer init] can, in exceptional conditions, return nil. Passing a
        nil object, or another object that AVSampleBufferRenderSynchronizer considers "invalid", into
        -[AVSampleBufferRenderSynchronizer addRenderer:] will throw an exception. Protect against this
        scenario in two ways:

        - Check the return value of -[AVSampleBufferAudioRenderer init], and if nil, log an error,
          log to console, and set the network state to "DecodeError".
        - Wrap calls to -addRenderer: in @try/@catch blocks, which if caught, log an error, assert,
          and set the network state to "DecodeError".

        * Modules/mediasource/MediaSource.cpp:
        (WebCore::MediaSource::failedToCreateRenderer):
        * Modules/mediasource/MediaSource.h:
        * platform/graphics/MediaSourcePrivateClient.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::ensureLayer):
        * platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.mm:
        (WebCore::MediaSourcePrivateAVFObjC::failedToCreateAudioRenderer):
        (WebCore::MediaSourcePrivateAVFObjC::failedToCreateVideoRenderer):
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        (WebCore::SourceBufferPrivateAVFObjC::trackDidChangeEnabled):

2020-04-01  Chris Dumez  <cdumez@apple.com>

        ASSERTION FAILED: m_wrapper on imported/w3c/web-platform-tests/html/semantics/embedded-content/media-elements/ready-states/autoplay.html
        https://bugs.webkit.org/show_bug.cgi?id=209684
        <rdar://problem/60987285>

        Reviewed by Darin Adler.

        Make sure the JS wrapper does not get collected while the HTMLMediaElement is in a state where
        is may still fire events (and there are JS event listeners registered). In particular, it used
        to be possible for the wrapper to get collected because media playback had started and we would
        crash trying to fire the very early 'canplay' JS event.

        No new tests, covered by existing test.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::virtualHasPendingActivity const):

2020-04-01  Don Olmstead  <don.olmstead@sony.com>

        [PlayStation] Use OBJECT libraries for WebCore and PAL
        https://bugs.webkit.org/show_bug.cgi?id=209835

        Reviewed by Ross Kirsling.

        After moving to object libraries MediaStrategy's constructor and destructor were
        being reported as linker errors despite being set to default. Moving the definitions
        to a source file stopped these issues.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/MediaStrategy.cpp: Copied from Source/WebCore/platform/MediaStrategy.h.
        * platform/MediaStrategy.h:

2020-04-01  Keith Miller  <keith_miller@apple.com>

        Bindings that override getOwnPropertySlotByIndex need to say they MayHaveIndexedAccessors
        https://bugs.webkit.org/show_bug.cgi?id=209762

        Reviewed by Darin Adler.

        There may be places where we rely on this for semantic
        correctness. I couldn't find any right now but we might as
        well be conservative since this isn't a performance regression.

        * bindings/js/JSDOMWindowProperties.h:
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader):
        * bindings/scripts/test/JS/JSInterfaceName.h:
        (WebCore::JSInterfaceName::createStructure):
        * bindings/scripts/test/JS/JSMapLike.h:
        (WebCore::JSMapLike::createStructure):
        * bindings/scripts/test/JS/JSReadOnlyMapLike.h:
        (WebCore::JSReadOnlyMapLike::createStructure):
        * bindings/scripts/test/JS/JSReadOnlySetLike.h:
        (WebCore::JSReadOnlySetLike::createStructure):
        * bindings/scripts/test/JS/JSSetLike.h:
        (WebCore::JSSetLike::createStructure):
        * bindings/scripts/test/JS/JSTestActiveDOMObject.h:
        (WebCore::JSTestActiveDOMObject::createStructure):
        * bindings/scripts/test/JS/JSTestCEReactions.h:
        (WebCore::JSTestCEReactions::createStructure):
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.h:
        (WebCore::JSTestCEReactionsStringifier::createStructure):
        * bindings/scripts/test/JS/JSTestCallTracer.h:
        (WebCore::JSTestCallTracer::createStructure):
        * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.h:
        (WebCore::JSTestClassWithJSBuiltinConstructor::createStructure):
        * bindings/scripts/test/JS/JSTestDOMJIT.h:
        (WebCore::JSTestDOMJIT::createStructure):
        * bindings/scripts/test/JS/JSTestEnabledBySetting.h:
        (WebCore::JSTestEnabledBySetting::createStructure):
        * bindings/scripts/test/JS/JSTestEnabledForContext.h:
        (WebCore::JSTestEnabledForContext::createStructure):
        * bindings/scripts/test/JS/JSTestEventConstructor.h:
        (WebCore::JSTestEventConstructor::createStructure):
        * bindings/scripts/test/JS/JSTestEventTarget.h:
        (WebCore::JSTestEventTarget::createStructure):
        * bindings/scripts/test/JS/JSTestException.h:
        (WebCore::JSTestException::createStructure):
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.h:
        (WebCore::JSTestGenerateIsReachable::createStructure):
        * bindings/scripts/test/JS/JSTestGlobalObject.h:
        (WebCore::JSTestGlobalObject::createStructure):
        * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.h:
        (WebCore::JSTestIndexedSetterNoIdentifier::createStructure):
        * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.h:
        (WebCore::JSTestIndexedSetterThrowingException::createStructure):
        * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.h:
        (WebCore::JSTestIndexedSetterWithIdentifier::createStructure):
        * bindings/scripts/test/JS/JSTestInterface.h:
        * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.h:
        (WebCore::JSTestInterfaceLeadingUnderscore::createStructure):
        * bindings/scripts/test/JS/JSTestIterable.h:
        (WebCore::JSTestIterable::createStructure):
        * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.h:
        (WebCore::JSTestJSBuiltinConstructor::createStructure):
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
        (WebCore::JSTestMediaQueryListListener::createStructure):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.h:
        (WebCore::JSTestNamedAndIndexedSetterNoIdentifier::createStructure):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.h:
        (WebCore::JSTestNamedAndIndexedSetterThrowingException::createStructure):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.h:
        (WebCore::JSTestNamedAndIndexedSetterWithIdentifier::createStructure):
        * bindings/scripts/test/JS/JSTestNamedConstructor.h:
        (WebCore::JSTestNamedConstructor::createStructure):
        * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.h:
        (WebCore::JSTestNamedDeleterNoIdentifier::createStructure):
        * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.h:
        (WebCore::JSTestNamedDeleterThrowingException::createStructure):
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.h:
        (WebCore::JSTestNamedDeleterWithIdentifier::createStructure):
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.h:
        (WebCore::JSTestNamedDeleterWithIndexedGetter::createStructure):
        * bindings/scripts/test/JS/JSTestNamedGetterCallWith.h:
        (WebCore::JSTestNamedGetterCallWith::createStructure):
        * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.h:
        (WebCore::JSTestNamedGetterNoIdentifier::createStructure):
        * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.h:
        (WebCore::JSTestNamedGetterWithIdentifier::createStructure):
        * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.h:
        (WebCore::JSTestNamedSetterNoIdentifier::createStructure):
        * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.h:
        (WebCore::JSTestNamedSetterThrowingException::createStructure):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.h:
        (WebCore::JSTestNamedSetterWithIdentifier::createStructure):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.h:
        (WebCore::JSTestNamedSetterWithIndexedGetter::createStructure):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.h:
        (WebCore::JSTestNamedSetterWithIndexedGetterAndSetter::createStructure):
        * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.h:
        (WebCore::JSTestNamedSetterWithOverrideBuiltins::createStructure):
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.h:
        (WebCore::JSTestNamedSetterWithUnforgableProperties::createStructure):
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.h:
        (WebCore::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins::createStructure):
        * bindings/scripts/test/JS/JSTestNode.h:
        * bindings/scripts/test/JS/JSTestObj.h:
        (WebCore::JSTestObj::createStructure):
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.h:
        (WebCore::JSTestOverloadedConstructors::createStructure):
        * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.h:
        (WebCore::JSTestOverloadedConstructorsWithSequence::createStructure):
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.h:
        (WebCore::JSTestOverrideBuiltins::createStructure):
        * bindings/scripts/test/JS/JSTestPluginInterface.h:
        (WebCore::JSTestPluginInterface::createStructure):
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.h:
        (WebCore::JSTestPromiseRejectionEvent::createStructure):
        * bindings/scripts/test/JS/JSTestSerialization.h:
        (WebCore::JSTestSerialization::createStructure):
        * bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.h:
        (WebCore::JSTestSerializationIndirectInheritance::createStructure):
        * bindings/scripts/test/JS/JSTestSerializationInherit.h:
        (WebCore::JSTestSerializationInherit::createStructure):
        * bindings/scripts/test/JS/JSTestSerializationInheritFinal.h:
        (WebCore::JSTestSerializationInheritFinal::createStructure):
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
        (WebCore::JSTestSerializedScriptValueInterface::createStructure):
        * bindings/scripts/test/JS/JSTestStringifier.h:
        (WebCore::JSTestStringifier::createStructure):
        * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.h:
        (WebCore::JSTestStringifierAnonymousOperation::createStructure):
        * bindings/scripts/test/JS/JSTestStringifierNamedOperation.h:
        (WebCore::JSTestStringifierNamedOperation::createStructure):
        * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.h:
        (WebCore::JSTestStringifierOperationImplementedAs::createStructure):
        * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.h:
        (WebCore::JSTestStringifierOperationNamedToString::createStructure):
        * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.h:
        (WebCore::JSTestStringifierReadOnlyAttribute::createStructure):
        * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.h:
        (WebCore::JSTestStringifierReadWriteAttribute::createStructure):
        * bindings/scripts/test/JS/JSTestTypedefs.h:
        (WebCore::JSTestTypedefs::createStructure):

2020-04-01  Jer Noble  <jer.noble@apple.com>

        Don't use raw pointers in ShadowRoot.
        https://bugs.webkit.org/show_bug.cgi?id=209843
        <rdar://problem/61069603>

        Reviewed by Brent Fulgham.

        * dom/Element.cpp:
        (WebCore::Element::addShadowRoot):
        * dom/ShadowRoot.h:

2020-04-01  Jack Lee  <shihchieh_lee@apple.com>

        Notify accessibility when a node is removed from its ancestor.
        https://bugs.webkit.org/show_bug.cgi?id=209819

        Reviewed by Chris Fleizach.

        Covered by existing tests in LayoutTests/accessibility.

        * dom/Node.cpp:
        (WebCore::Node::removedFromAncestor):

2020-04-01  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, reverting r259282.
        https://bugs.webkit.org/show_bug.cgi?id=209860

        Caused memory corruption (Requested by ap on #webkit).

        Reverted changeset:

        "Scroll latching state is not a stack"
        https://bugs.webkit.org/show_bug.cgi?id=209790
        https://trac.webkit.org/changeset/259282

2020-04-01  youenn fablet  <youenn@apple.com>

        Bump libwebrtc to M82
        https://bugs.webkit.org/show_bug.cgi?id=209542

        Reviewed by Eric Carlson.

        Removed dtx/rtx support since this is no longer MTI and associatedStatId as obsolete.
        Update mock connection according new virtual pure methods.

        Covered by existing tests.

        * Modules/mediastream/RTCStatsReport.h:
        * Modules/mediastream/RTCStatsReport.idl:
        * Modules/mediastream/libwebrtc/LibWebRTCStatsCollector.cpp:
        (WebCore::fillRTCRTPStreamStats):
        * Modules/mediastream/libwebrtc/LibWebRTCUtils.cpp:
        (WebCore::toRTCEncodingParameters):
        (WebCore::toRTCHeaderExtensionParameters):
        (WebCore::fromRTCHeaderExtensionParameters):
        (WebCore::toRTCRtpSendParameters):
        (WebCore::toRTCRtpTransceiverDirection):
        * testing/MockLibWebRTCPeerConnection.h:

2020-04-01  youenn fablet  <youenn@apple.com>

        Support resolution of IPv6 STUN/TURN addresses
        https://bugs.webkit.org/show_bug.cgi?id=209808

        Reviewed by Eric Carlson.

        Add family access to IPAddress to support both IPv4 and IPv6.
        Store IPAddress internal value as IPv6 and cast them to IPv4 on demand.

        * platform/network/DNS.h:
        * platform/network/soup/DNSResolveQueueSoup.cpp:
        (WebCore::resolvedWithObserverCallback):

2020-03-31  Simon Fraser  <simon.fraser@apple.com>

        Make FrameView and Frame TextStream-loggable
        https://bugs.webkit.org/show_bug.cgi?id=209826

        Reviewed by Darin Adler.

        Provide operator<<(TextStream&, ...) for Frame and FrameView so they can be logged.
        Only basic data logging currently; this can be adjusted as necessary.

        * page/Frame.cpp:
        (WebCore::operator<<):
        * page/Frame.h:
        * page/FrameView.cpp:
        (WebCore::operator<<):
        * page/FrameView.h:

2020-03-31  Zalan Bujtas  <zalan@apple.com>

        [MultiColumn] Call RenderTreeBuilder::multiColumnDescendantInserted only when the enclosing fragmented flow has changed
        https://bugs.webkit.org/show_bug.cgi?id=209816
        <rdar://problem/60742191>

        Reviewed by Antti Koivisto.

        Just because an element goes from out-of-flow to in-flow, it does not necessarily mean that the enclosing flow is going to change.
        This patch ensure that we only call RenderTreeBuilder::multiColumnDescendantInserted when the flow actually gains new content.

        Test: fast/multicol/absolute-to-static-change-same-enclosing-flow.html

        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::childFlowStateChangesAndAffectsParentBlock):

2020-03-31  Simon Fraser  <simon.fraser@apple.com>

        Add type traits for ScrollableArea, and other cleanup
        https://bugs.webkit.org/show_bug.cgi?id=209838

        Reviewed by Chris Dumez.

        Make it possible to use type casts on ScrollableArea so that EventHandler code can stop
        passing around so many different types.

        Because ScrollView inherits from both Widget and ScrollableArea, expand out its SPECIALIZE_TYPE_TRAITS macros.

        Mark RenderLayer and RenderListBox ScrollableArea overrides as final.

        * page/mac/EventHandlerMac.mm:
        (WebCore::EventHandler::platformPrepareForWheelEvents): Null-check page and return early.
        * platform/ScrollView.h:
        (isType):
        * platform/ScrollableArea.h:
        (WebCore::ScrollableArea::isScrollView const):
        (WebCore::ScrollableArea::isRenderLayer const):
        (WebCore::ScrollableArea::isListBox const):
        (WebCore::ScrollableArea::isPDFPlugin const):
        * rendering/RenderLayer.h:
        (isType):
        * rendering/RenderListBox.h:
        (isType):

2020-03-31  Kate Cheney  <katherine_cheney@apple.com>

        Requests for messageHandlers() in the DOMWindow should be ignored for non-app-bound navigations
        https://bugs.webkit.org/show_bug.cgi?id=209836
        <rdar://problem/61071607>

        Reviewed by Brent Fulgham.

        Ignore calls for WebKitNamespace::messageHandlers() and add release
        logging if the domain is not app-bound.

        * page/WebKitNamespace.cpp:
        (WebCore::WebKitNamespace::messageHandlers):

2020-03-31  Wenson Hsieh  <wenson_hsieh@apple.com>

        Datalist option's label not used
        https://bugs.webkit.org/show_bug.cgi?id=201768
        <rdar://problem/55361186>

        Reviewed by Darin Adler.

        Refactor DataListSuggestionInformation's suggestions to include label text as well as values, and then adjust
        TextFieldInputType::suggestions() to match label text as well as values for ports that are capable of showing
        label text in datalist suggestion UI.

        Test: fast/forms/datalist/datalist-option-labels.html

        * html/DataListSuggestionInformation.h:

        Introduce DataListSuggestion, a wrapper around a value and label. Currently, the list of datalist suggestions
        is only a `Vector<String>`; change it to be a `Vector<DataListSuggestion>` instead.

        (WebCore::DataListSuggestion::encode const):
        (WebCore::DataListSuggestion::decode):
        (WebCore::DataListSuggestionInformation::encode const):
        (WebCore::DataListSuggestionInformation::decode):

        Move encoding and decoding for DataListSuggestionInformation out of WebCoreArgumentCoders and into WebCore.

        * html/TextFieldInputType.cpp:
        (WebCore::TextFieldInputType::listAttributeTargetChanged):
        (WebCore::TextFieldInputType::suggestions):

        When computing suggestions, match label text in addition to values on ports that display label text in the
        chrome; for the time being, this is only the case for macOS, but will be extended to iOS as well in a future
        patch. Note that we don't plumb label text if it is already the same as the value, to avoid duplicate strings
        from showing up.

        (WebCore::TextFieldInputType::didCloseSuggestions):
        * html/TextFieldInputType.h:
        * loader/EmptyClients.h:
        * page/ChromeClient.h:

        Add a chrome client hook to return whether or not the client shows label text in its datalist UI.

        * platform/DataListSuggestionsClient.h:

2020-03-31  Don Olmstead  <don.olmstead@sony.com>

        [PlayStation] Fix build breaks after r259112
        https://bugs.webkit.org/show_bug.cgi?id=209830

        Unreviewed build fix.

        Add USE(GLIB) guards around RunLoopSourcePriority usage.

        * platform/ScrollAnimationKinetic.cpp:
        (WebCore::ScrollAnimationKinetic::ScrollAnimationKinetic):

2020-03-31  Sihui Liu  <sihui_liu@apple.com>

        IndexedDB: destroy WebIDBServer when session is removed in network process
        https://bugs.webkit.org/show_bug.cgi?id=209606
        <rdar://problem/59310081>

        Reviewed by Geoffrey Garen.

        Rename immediateCloseForUserDelete to immediateClose as we now use it in destructor of IDBServer to make sure 
        everything in database finishes correctly.

        * Modules/indexeddb/server/IDBServer.cpp:
        (WebCore::IDBServer::IDBServer::~IDBServer):
        (WebCore::IDBServer::IDBServer::closeAndDeleteDatabasesModifiedSince):
        (WebCore::IDBServer::IDBServer::closeAndDeleteDatabasesForOrigins):
        * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
        (WebCore::IDBServer::UniqueIDBDatabase::immediateClose):
        (WebCore::IDBServer::UniqueIDBDatabase::immediateCloseForUserDelete): Deleted.
        * Modules/indexeddb/server/UniqueIDBDatabase.h:

2020-03-31  Chris Dumez  <cdumez@apple.com>

        Regression(r253357) DeviceMotionEvent acceleration and rotationRate are null
        https://bugs.webkit.org/show_bug.cgi?id=209831
        <rdar://problem/60720953>

        Reviewed by Darin Adler.

        The issue was that DeviceMotionClientIOS::motionChanged() would only initialize the
        acceleration and rotationRate if [m_motionManager gyroAvailable] returned YES. After
        r253357, m_motionManager is nil because we get motion data from the UIProcess so
        [m_motionManager gyroAvailable] would always resolve to NO.

        To address the issue, I made the rotationRate parameters to motionChanged() optional
        and we rely on them being set to know if gyro data is available. Note that I did not
        make the acceleration optional because according to [1], all devices have an
        accelerometer.

        [1] https://developer.apple.com/documentation/coremotion/cmmotionmanager/1616094-devicemotionavailable?language=objc

        * platform/ios/DeviceMotionClientIOS.h:
        * platform/ios/DeviceMotionClientIOS.mm:
        (WebCore::DeviceMotionClientIOS::motionChanged):
        * platform/ios/DeviceOrientationUpdateProvider.h:
        * platform/ios/MotionManagerClient.h:
        (WebCore::MotionManagerClient::motionChanged):
        * platform/ios/WebCoreMotionManager.mm:
        (-[WebCoreMotionManager sendAccelerometerData:]):

2020-03-31  Antoine Quint  <graouts@apple.com>

        [iPadOS] Unable to scrub videos on nba.com
        https://bugs.webkit.org/show_bug.cgi?id=209829
        <rdar://problem/58804360>

        Reviewed by Dean Jackson.

        Opt nba.com into the simulated mouse events dispatch quirk.

        * page/Quirks.cpp:
        (WebCore::Quirks::shouldDispatchSimulatedMouseEvents const):

2020-03-31  Rob Buis  <rbuis@igalia.com>

        Append Upgrade-Insecure-Requests header in CachedResourceLoader
        https://bugs.webkit.org/show_bug.cgi?id=209664

        Reviewed by Youenn Fablet.

        Append Upgrade-Insecure-Requests header in CachedResourceLoader, following
        the fetch spec [1, step 3].

        [1] https://fetch.spec.whatwg.org/#concept-main-fetch

        * loader/FormSubmission.cpp:
        (WebCore::FormSubmission::populateFrameLoadRequest):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::addExtraFieldsToMainResourceRequest):
        (WebCore::FrameLoader::loadDifferentDocumentItem):
        (WebCore::createWindow):
        (WebCore::FrameLoader::addHTTPUpgradeInsecureRequestsIfNeeded): Deleted.
        * loader/FrameLoader.h:
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestResource):

2020-03-31  Pinki Gyanchandani  <pgyanchandani@apple.com>

        Invalid memory access @ WebCore::FrameLoader::dispatchDidCommitLoad
        https://bugs.webkit.org/show_bug.cgi?id=209786

        Reviewed by Ryosuke Niwa.

        No new tests. Reduced test would be added later. Currently issue is verified with the original testcase in associated radar-58416328.

        Webkit1 only issue, where m_client.dispatchDidCommitLoad in FrameLoader::dispatchDidCommitLoad could cause the frame
        to be destroyed, and m_frame still being accessed outside. Changes made to protect the DocumentLoader and Frame.        

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::finishedLoading):
        (WebCore::DocumentLoader::handleSubstituteDataLoadNow):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::receivedFirstData):

2020-03-31  Lauro Moura  <lmoura@igalia.com>

        Buildfix after r259928.

        Replace outer function with its virtual implementation in
        child class.

        Unreviewed build fix.

        * workers/WorkerAnimationController.cpp:
        (WebCore::WorkerAnimationController::virtualHasPendingActivity const):
        (WebCore::WorkerAnimationController::hasPendingActivity const): Deleted.
        * workers/WorkerAnimationController.h:

2020-03-31  Eric Carlson  <eric.carlson@apple.com>

        [iPad] Use AVAudioSession to detect AirPlay route changes
        https://bugs.webkit.org/show_bug.cgi?id=209789
        <rdar://problem/58065279>

        Reviewed by Jer Noble.

        No new tests: changes only affect playback on device to an actual AirPlay device, which
        is not testable on our current testing infrastructure.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::checkPlaybackTargetCompatablity): Drive-by fix: pass log identifier
        into lambda so the method name is logged.
        (WebCore::HTMLMediaElement::setIsPlayingToWirelessTarget): Ditto. 
        (WebCore::HTMLMediaElement::setWirelessPlaybackTarget): Update logging.
        (WebCore::HTMLMediaElement::setShouldPlayToPlaybackTarget): Call setIsPlayingToWirelessTarget
        so we kick off a media player compatibility check.

        * platform/audio/PlatformMediaSessionManager.h: Remove unused instance variables.
        * platform/audio/ios/MediaSessionHelperIOS.mm:
        (MediaSessionHelperiOS::activeAudioRouteDidChange): Change parameter to bool as it is always
        present.
        (MediaSessionHelperiOS::activeVideoRouteDidChange): Remove parameters, use the new
        MediaPlaybackTargetCocoa create method and ask it if the target supports AirPlay.
        (-[WebMediaSessionHelper initWithCallback:]): Listen for AVAudioSessionRouteChangeNotification.
        (-[WebMediaSessionHelper activeOutputDeviceDidChange:]): Update for new notification source.
        (-[WebMediaSessionHelper activeAudioRouteDidChange:]): Deleted.

        * platform/audio/ios/MediaSessionManagerIOS.h:
        * platform/audio/ios/MediaSessionManagerIOS.mm:
        (WebCore::MediaSessionManageriOS::sessionWillBeginPlayback): Set playback target on session
        that is about to begin playback.
        (WebCore::MediaSessionManageriOS::activeVideoRouteDidChange): Save the target and state.

        * platform/graphics/MediaPlaybackTarget.h:
        * platform/graphics/avfoundation/MediaPlaybackTargetCocoa.h:
        * platform/graphics/avfoundation/MediaPlaybackTargetCocoa.mm:
        (WebCore::MediaPlaybackTargetCocoa::create): Create a target from the application's currently
        active AVOutputContext.
        (WebCore::MediaPlaybackTargetCocoa::supportsAirPlayVideo const): New.
        (WebCore::MediaPlaybackTargetCocoa::hasActiveRoute const): Use new API if available instead
        of just checking for the AVOutputContext name.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setWirelessPlaybackTarget): Log.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setShouldPlayToPlaybackTarget): 
        * platform/mock/MediaPlaybackTargetMock.h:

2020-03-31  Jer Noble  <jer.noble@apple.com>

        REGRESSION: [ Mac wk2 Release ] Flaky crash in WebCore::MediaPlayer::createVideoFullscreenLayer
        https://bugs.webkit.org/show_bug.cgi?id=209668
        <rdar://problem/60976297>

        Reviewed by Darin Adler.

        Null check m_player and m_videoElement before calling createVideoFullscreenLayer().

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::createVideoFullscreenLayer):
        * platform/cocoa/VideoFullscreenModelVideoElement.mm:
        (WebCore::VideoFullscreenModelVideoElement::createVideoFullscreenLayer):

2020-03-31  Chris Dumez  <cdumez@apple.com>

        ASSERTION FAILED: m_wrapper on imported/w3c/web-platform-tests/html/semantics/embedded-content/media-elements/ready-states/autoplay.html
        https://bugs.webkit.org/show_bug.cgi?id=209684
        <rdar://problem/60987285>

        Reviewed by Darin Adler.

        I have not been able to reproduce so this is a speculative fix. HTMLMediaElement::virtualHasPendingActivity()
        was checking MainThreadGenericEventQueue::hasPendingEvents() but this would return false for a short amount
        of time where we've removed the last event from the queue and before we've actually fired the event. To
        address the issue, we now rely on MainThreadGenericEventQueue::hasPendingActivity() which keeps returning
        true after we've dequeued the last event, until we've fired it.

        No new tests, covered by imported/w3c/web-platform-tests/html/semantics/embedded-content/media-elements/ready-states/autoplay.html.

        * Modules/mediasource/MediaSource.cpp:
        (WebCore::MediaSource::virtualHasPendingActivity const):
        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::virtualHasPendingActivity const):
        * dom/GenericEventQueue.cpp:
        (WebCore::MainThreadGenericEventQueue::dispatchOneEvent):
        (WebCore::MainThreadGenericEventQueue::hasPendingActivity const):
        (WebCore::MainThreadGenericEventQueue::hasPendingEvents const): Deleted.
        * dom/GenericEventQueue.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::virtualHasPendingActivity const):
        * html/track/TrackListBase.cpp:
        (WebCore::TrackListBase::virtualHasPendingActivity const):

2020-03-31  Chris Lord  <clord@igalia.com>

        requestAnimationFrame and cancelAnimationFrame should be present on DedicatedWorkerGlobalScope
        https://bugs.webkit.org/show_bug.cgi?id=202525

        Reviewed by Simon Fraser.

        Implement AnimationFrameProvider on DedicatedWorkerGlobalScope,
        This allows use of requestAnimationFrame and cancelAnimationFrame
        inside a dedicated worker thread. This is useful to control animation
        when using OffscreenCanvas, and this implementation is only enabled
        with the OffscreenCanvas build flag and runtime setting.
        Specification: https://html.spec.whatwg.org/multipage/imagebitmap-and-animations.html#animation-frames

        No new tests. Covered by existing tests.

        * Headers.cmake:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/WebCoreBuiltinNames.h:
        * dom/RequestAnimationFrameCallback.h:
        * workers/DedicatedWorkerGlobalScope.cpp:
        (WebCore::DedicatedWorkerGlobalScope::requestAnimationFrame):
        (WebCore::DedicatedWorkerGlobalScope::cancelAnimationFrame):
        * workers/DedicatedWorkerGlobalScope.h:
        * workers/DedicatedWorkerGlobalScope.idl:
        * workers/WorkerAnimationController.cpp: Added.
        * workers/WorkerAnimationController.h: Added.
        * workers/WorkerGlobalScope.cpp:
        (WebCore::WorkerGlobalScope::WorkerGlobalScope):
        * workers/WorkerGlobalScope.h:
        (WebCore::WorkerGlobalScope::requestAnimationFrameEnabled const):
        * workers/WorkerMessagingProxy.cpp:
        (WebCore::WorkerMessagingProxy::startWorkerGlobalScope):
        * workers/WorkerThread.cpp:
        (WebCore::WorkerParameters::isolatedCopy const):
        * workers/WorkerThread.h:
        * workers/service/context/ServiceWorkerThread.cpp:
        (WebCore::ServiceWorkerThread::ServiceWorkerThread):

2020-03-31  Zalan Bujtas  <zalan@apple.com>

        [Tables] Infinite recursion in RenderTreeBuilder::attach
        https://bugs.webkit.org/show_bug.cgi?id=209771
        <rdar://problem/59923112>

        Reviewed by Simon Fraser.

        Let's construct a COLGROUP wrapper when a COL element is inserted into a <table>. The rest of the table code assumes such structure.
        (https://www.w3.org/TR/html52/tabular-data.html#the-col-element)

        Test: fast/table/anonymous-colgroup-simple.html

        * rendering/RenderTableCol.cpp:
        (WebCore::RenderTableCol::RenderTableCol):
        (WebCore::RenderTableCol::updateFromElement):
        * rendering/RenderTableCol.h:
        * rendering/updating/RenderTreeBuilderTable.cpp:
        (WebCore::RenderTreeBuilder::Table::findOrCreateParentForChild):

2020-03-31  youenn fablet  <youenn@apple.com>

        Fix SDP filtering after https://trac.webkit.org/changeset/258545
        https://bugs.webkit.org/show_bug.cgi?id=209799

        Reviewed by Eric Carlson.

        Covered by updated test.

        * Modules/mediastream/PeerConnectionBackend.cpp:
        (WebCore::PeerConnectionBackend::filterSDP const):
        Do not return early in case of filtering of mDNS candidate inlined in SDP description.

2020-03-31  youenn fablet  <youenn@apple.com>

        Ensure that RealtimeMediaSource::setShouldApplyRotation is called on the main thread
        https://bugs.webkit.org/show_bug.cgi?id=209797

        Reviewed by Eric Carlson.

        Hop to the main thread before calling setShouldApplyRotation on the source.

        * platform/mediastream/RealtimeOutgoingVideoSource.cpp:
        (WebCore::RealtimeOutgoingVideoSource::setSource):
        (WebCore::RealtimeOutgoingVideoSource::applyRotation):

2020-03-31  Andres Gonzalez  <andresg_22@apple.com>

        The relative frame and hit test of isolated objects must be dispatched to the main thread.
        https://bugs.webkit.org/show_bug.cgi?id=209792

        Reviewed by Chris Fleizach.

        The relative frame of isolated objects must be calculated on the main
        thread because it requires the scroll ancestor to convert to the
        appropriate scroll offset. The relative frame cannot be cached because
        the scroll offset can change.
        Accordingly, the hit test cannot rely on a cached relative frame and
        must be dispatched to be computed on the main thread as well.

        * accessibility/AXObjectCache.h:
        * accessibility/isolatedtree/AXIsolatedObject.cpp:
        (WebCore::AXIsolatedObject::initializeAttributeData): Do not cache the relative frame any longer.
        (WebCore::AXIsolatedObject::accessibilityHitTest const): Dispatched to the main thread.
        (WebCore::AXIsolatedObject::relativeFrame const): Dispatched to the main thread.
        * accessibility/isolatedtree/AXIsolatedObject.h:
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper position]):
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):
        (-[WebAccessibilityObjectWrapper accessibilityHitTest:]):

2020-03-31  Antti Koivisto  <antti@apple.com>

        Nullptr crash in InlineTextBox::emphasisMarkExistsAndIsAbove
        https://bugs.webkit.org/show_bug.cgi?id=207034

        Reviewed by Zalan Bujtas.

        The repro case was fixed in https://bugs.webkit.org/show_bug.cgi?id=209695.

        Test: editing/selection/selection-update-during-anonymous-inline-teardown.html

        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::emphasisMarkExistsAndIsAbove const):

        Also add a null check to be sure.

2020-03-31  Zan Dobersek  <zdobersek@igalia.com>

        [GTK][WPE] Jumpy rendering of fixed-element layers while scrolling
        https://bugs.webkit.org/show_bug.cgi?id=209466

        Reviewed by Carlos Garcia Campos.

        Avoid intermittent state application that can occur when asynchronous
        scrolling is done on the dedicated thread while the general scene update
        is being done in parallel on the composition thread, leading to partial
        scrolling updates that visually present themselves as e.g. fixed
        elements "jumping" around the view.

        Instead of the staging state of a given Nicosia::CompositionLayer, the
        scrolling nodes now update the base state with the given scrolling
        change. At the end of the update, inside the UpdateScope descructor,
        the updated states inside the scene are flushed into the staging phase
        before they are adopted by the composition thread.

        * page/scrolling/nicosia/ScrollingTreeFixedNode.cpp:
        (WebCore::ScrollingTreeFixedNode::applyLayerPositions):
        * page/scrolling/nicosia/ScrollingTreeFrameScrollingNodeNicosia.cpp:
        (WebCore::ScrollingTreeFrameScrollingNodeNicosia::repositionScrollingLayers):
        (WebCore::ScrollingTreeFrameScrollingNodeNicosia::repositionRelatedLayers):
        * page/scrolling/nicosia/ScrollingTreeOverflowScrollProxyNode.cpp:
        (WebCore::ScrollingTreeOverflowScrollProxyNode::applyLayerPositions):
        * page/scrolling/nicosia/ScrollingTreeOverflowScrollingNodeNicosia.cpp:
        (WebCore::ScrollingTreeOverflowScrollingNodeNicosia::repositionScrollingLayers):
        * page/scrolling/nicosia/ScrollingTreePositionedNode.cpp:
        (WebCore::ScrollingTreePositionedNode::applyLayerPositions):
        * page/scrolling/nicosia/ScrollingTreeStickyNode.cpp:
        (WebCore::ScrollingTreeStickyNode::applyLayerPositions):
        * platform/graphics/nicosia/NicosiaPlatformLayer.h:
        (Nicosia::CompositionLayer::accessStaging): Deleted.
        * platform/graphics/nicosia/NicosiaSceneIntegration.cpp:
        (Nicosia::SceneIntegration::SceneIntegration):
        (Nicosia::SceneIntegration::invalidate):
        (Nicosia::SceneIntegration::UpdateScope::~UpdateScope):
        * platform/graphics/nicosia/NicosiaSceneIntegration.h:
        (Nicosia::SceneIntegration::create):
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::CoordinatedGraphicsLayer::syncPosition):
        Don't signal the related attribute delta flag since this change is now
        strictly applied by the scrolling thread.
        (WebCore::CoordinatedGraphicsLayer::syncBoundsOrigin): Ditto.

2020-03-30  Simon Fraser  <simon.fraser@apple.com>

        Scroll latching state is not a stack
        https://bugs.webkit.org/show_bug.cgi?id=209790

        Reviewed by Zalan Bujtas.

        No-one ever called Page::popLatchingState(), so the fact that latchingState on Page
        was a stack was never important. Just make it a single state.

        * page/Page.cpp:
        (WebCore::Page::latchingState):
        (WebCore::Page::setLatchingState):
        (WebCore::Page::resetLatchingState):
        (WebCore::Page::removeLatchingStateForTarget):
        (WebCore::Page::pushNewLatchingState): Deleted.
        (WebCore::Page::popLatchingState): Deleted.
        * page/Page.h:
        (WebCore::Page::latchingStateStack const): Deleted.
        * page/mac/EventHandlerMac.mm:
        (WebCore::EventHandler::platformPrepareForWheelEvents):
        * page/scrolling/ScrollLatchingState.h:

2020-03-28  Simon Fraser  <simon.fraser@apple.com>

        ScrollLatchingState should use WeakPtr<Element>
        https://bugs.webkit.org/show_bug.cgi?id=209714

        Reviewed by Darin Adler.

        ScrollLatchingState shouldn't affect element lifetimes. Change it to use WeakPtr instead
        of RefPtr<>.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::defaultWheelEventHandler):
        * page/mac/EventHandlerMac.mm:
        (WebCore::EventHandler::platformPrepareForWheelEvents):
        * page/scrolling/ScrollLatchingState.cpp:
        (WebCore::ScrollLatchingState::setWheelEventElement):
        (WebCore::ScrollLatchingState::setPreviousWheelScrolledElement):
        (WebCore::ScrollLatchingState::setScrollableContainer):
        * page/scrolling/ScrollLatchingState.h:

2020-03-30  Megan Gardner  <megan_gardner@apple.com>

        Update to new Data Detectors SPI
        https://bugs.webkit.org/show_bug.cgi?id=209788
        <rdar://problem/60690050>

        Reviewed by Tim Horton.

        Updating to a newer SPI to help Data Detectors. 
        No behavior change.

        * page/mac/ServicesOverlayController.mm:
        (WebCore::ServicesOverlayController::buildPhoneNumberHighlights):
        (WebCore::ServicesOverlayController::buildSelectionHighlight):

2020-03-30  John Wilander  <wilander@apple.com>

        Experimental: Enforce SameSite=strict for domains classified as bounce trackers
        https://bugs.webkit.org/show_bug.cgi?id=209761
        <rdar://problem/59394943>

        Reviewed by Brent Fulgham and Kate Cheney (informal).

        This experimental feature is part of Intelligent Tracking Prevention and only enabled if
        ITP (Resource Load Statistics) are. A new enum WebCore::SameSiteStrictEnforcementEnabled
        controls the new behavior with default setting WebCore::SameSiteStrictEnforcementEnabled::No.

        The features keeps a separate count of topFrameUniqueRedirectsToSinceSameSiteStrictEnforcement
        which builds up to a threshold. Once a domain goes above the threshold, its cookies are
        rewritten as SameSite=strict and the topFrameUniqueRedirectsToSinceSameSiteStrictEnforcement
        counter for that domain is reset, effectively giving the domain a new chance to change its
        behavior.

        Tests: http/tests/resourceLoadStatistics/enforce-samesite-strict-based-on-top-frame-unique-redirects-to-database.html
               http/tests/resourceLoadStatistics/enforce-samesite-strict-based-on-top-frame-unique-redirects-to.html

        * loader/ResourceLoadStatistics.h:
            New field topFrameUniqueRedirectsToSinceSameSiteStrictEnforcement.
        * page/Settings.yaml:
        * platform/network/NetworkStorageSession.h:
            New enum SameSiteStrictEnforcementEnabled.

2020-03-30  Devin Rousso  <drousso@apple.com>

        [CSS Selectors 4] Add support for `:is()` with the same logic for the existing `:matches()`
        https://bugs.webkit.org/show_bug.cgi?id=209707

        Reviewed by Antti Koivisto.

        Add `PseudoClassType::PseudoClassIs` and use it where `PseudoClassTyle::PseudoClassMatches`
        is already used now.

        Tests: fast/css/is-specificity-1.html
               fast/css/is-specificity-2.html
               fast/css/is-specificity-3.html
               fast/css/is-specificity-4.html
               fast/css/is-specificity-5.html
               fast/css/is-specificity-6.html
               fast/css/is-specificity-7.html
               fast/css/is-specificity-8.html
               fast/css/is-specificity-9.html
               fast/css/is-specificity-10.html
               fast/css/parsing-css-is-1.html
               fast/css/parsing-css-is-2.html
               fast/css/parsing-css-is-3.html
               fast/css/parsing-css-is-4.html
               fast/css/parsing-css-is-5.html
               fast/css/parsing-css-is-6.html
               fast/css/parsing-css-is-7.html
               fast/css/parsing-css-is-8.html
               fast/selectors/is-backtracking.html
               fast/selectors/is-complex.html
               fast/selectors/is-selector-list.html
               fast/selectors/is-selector-list-ending-with-never-matching-selectors.html
               fast/selectors/is-with-pseudo-element.html
               fast/selectors/pseudo-element-inside-is.html
               fast/selectors/querySelector-is.html
               imported/w3c/web-platform-tests/css/selectors/invalidation/is.html
               imported/w3c/web-platform-tests/css/selectors/is-nested.html
               imported/w3c/web-platform-tests/css/selectors/is-specificity.html

        * css/CSSSelector.h:
        * css/CSSSelector.cpp:
        (WebCore::simpleSelectorSpecificityInternal):
        (WebCore::simpleSelectorFunctionalPseudoClassStaticSpecificity):
        (WebCore::CSSSelector::selectorText const):
        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::matchRecursively const):
        * css/SelectorPseudoClassAndCompatibilityElementMap.in:
        * css/parser/CSSSelectorParser.cpp:
        (WebCore::isOnlyPseudoClassFunction):
        (WebCore::CSSSelectorParser::consumePseudo):
        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::addPseudoClassType):
        (WebCore::SelectorChecker::checkOne const):

        * inspector/InspectorStyleSheet.cpp:
        (WebCore::hasDynamicSpecificity):

        * features.json:

2020-03-30  Chris Dumez  <cdumez@apple.com>

        Overrides of ActiveDOMObject::hasPendingActivity() should not need to query the base class's hasPendingActivity()
        https://bugs.webkit.org/show_bug.cgi?id=209754

        Reviewed by Geoff Garen and Darin Adler.

        Overrides of ActiveDOMObject::hasPendingActivity() should not need to query the base
        class's hasPendingActivity(). This is error-prone and leads to bad bugs.

        To address the issue, ActiveDOMObject::hasPendingActivity() is no longer virtual and
        checks both m_pendingActivityCount and a virtual virtualHasPendingActivity() function.
        Subclasses now override virtualHasPendingActivity() and no longer need to query the
        base class's virtualHasPendingActivity().

        * Modules/encryptedmedia/MediaKeySession.cpp:
        (WebCore::MediaKeySession::virtualHasPendingActivity const):
        (WebCore::MediaKeySession::hasPendingActivity const): Deleted.
        * Modules/encryptedmedia/MediaKeySession.h:
        * Modules/encryptedmedia/legacy/WebKitMediaKeySession.cpp:
        (WebCore::WebKitMediaKeySession::virtualHasPendingActivity const):
        (WebCore::WebKitMediaKeySession::hasPendingActivity const): Deleted.
        * Modules/encryptedmedia/legacy/WebKitMediaKeySession.h:
        * Modules/indexeddb/IDBDatabase.cpp:
        (WebCore::IDBDatabase::virtualHasPendingActivity const):
        (WebCore::IDBDatabase::hasPendingActivity const): Deleted.
        * Modules/indexeddb/IDBDatabase.h:
        * Modules/indexeddb/IDBIndex.cpp:
        (WebCore::IDBIndex::virtualHasPendingActivity const):
        (WebCore::IDBIndex::hasPendingActivity const): Deleted.
        * Modules/indexeddb/IDBIndex.h:
        * Modules/indexeddb/IDBObjectStore.cpp:
        (WebCore::IDBObjectStore::virtualHasPendingActivity const):
        (WebCore::IDBObjectStore::hasPendingActivity const): Deleted.
        * Modules/indexeddb/IDBObjectStore.h:
        * Modules/indexeddb/IDBRequest.cpp:
        (WebCore::IDBRequest::virtualHasPendingActivity const):
        (WebCore::IDBRequest::hasPendingActivity const): Deleted.
        * Modules/indexeddb/IDBRequest.h:
        * Modules/indexeddb/IDBTransaction.cpp:
        (WebCore::IDBTransaction::virtualHasPendingActivity const):
        (WebCore::IDBTransaction::hasPendingActivity const): Deleted.
        * Modules/indexeddb/IDBTransaction.h:
        * Modules/mediarecorder/MediaRecorder.cpp:
        (WebCore::MediaRecorder::virtualHasPendingActivity const):
        (WebCore::MediaRecorder::hasPendingActivity const): Deleted.
        * Modules/mediarecorder/MediaRecorder.h:
        * Modules/mediasource/MediaSource.cpp:
        (WebCore::MediaSource::virtualHasPendingActivity const):
        (WebCore::MediaSource::hasPendingActivity const): Deleted.
        * Modules/mediasource/MediaSource.h:
        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::virtualHasPendingActivity const):
        (WebCore::SourceBuffer::hasPendingActivity const): Deleted.
        * Modules/mediasource/SourceBuffer.h:
        * Modules/mediastream/MediaDevices.cpp:
        (WebCore::MediaDevices::virtualHasPendingActivity const):
        (WebCore::MediaDevices::hasPendingActivity const): Deleted.
        * Modules/mediastream/MediaDevices.h:
        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::virtualHasPendingActivity const):
        (WebCore::MediaStream::hasPendingActivity const): Deleted.
        * Modules/mediastream/MediaStream.h:
        * Modules/mediastream/MediaStreamTrack.cpp:
        (WebCore::MediaStreamTrack::virtualHasPendingActivity const):
        (WebCore::MediaStreamTrack::hasPendingActivity const): Deleted.
        * Modules/mediastream/MediaStreamTrack.h:
        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::RTCPeerConnection::virtualHasPendingActivity const):
        (WebCore::RTCPeerConnection::hasPendingActivity const): Deleted.
        * Modules/mediastream/RTCPeerConnection.h:
        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::virtualHasPendingActivity const):
        (WebCore::WebAnimation::hasPendingActivity const): Deleted.
        * animation/WebAnimation.h:
        * css/FontFace.cpp:
        (WebCore::FontFace::virtualHasPendingActivity const):
        (WebCore::FontFace::hasPendingActivity const): Deleted.
        * css/FontFace.h:
        * dom/ActiveDOMObject.cpp:
        (WebCore::ActiveDOMObject::hasPendingActivity const): Deleted.
        * dom/ActiveDOMObject.h:
        * dom/MessagePort.cpp:
        (WebCore::MessagePort::virtualHasPendingActivity const):
        (WebCore::MessagePort::hasPendingActivity const): Deleted.
        * dom/MessagePort.h:
        * fileapi/FileReader.cpp:
        (WebCore::FileReader::virtualHasPendingActivity const):
        (WebCore::FileReader::hasPendingActivity const): Deleted.
        * fileapi/FileReader.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::virtualHasPendingActivity const):
        (WebCore::HTMLMediaElement::hasPendingActivity const): Deleted.
        * html/HTMLMediaElement.h:
        * html/HTMLTrackElement.cpp:
        (WebCore::HTMLTrackElement::virtualHasPendingActivity const):
        (WebCore::HTMLTrackElement::hasPendingActivity const): Deleted.
        * html/HTMLTrackElement.h:
        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::hasPendingActivity const): Deleted.
        * html/canvas/WebGLRenderingContextBase.h:
        * html/track/TrackListBase.cpp:
        (WebCore::TrackListBase::virtualHasPendingActivity const):
        (WebCore::TrackListBase::hasPendingActivity const): Deleted.
        * html/track/TrackListBase.h:
        * page/IntersectionObserver.cpp:
        (WebCore::IntersectionObserver::virtualHasPendingActivity const):
        (WebCore::IntersectionObserver::hasPendingActivity const): Deleted.
        * page/IntersectionObserver.h:
        * page/ResizeObserver.cpp:
        (WebCore::ResizeObserver::virtualHasPendingActivity const):
        (WebCore::ResizeObserver::hasPendingActivity const): Deleted.
        * page/ResizeObserver.h:
        * page/SuspendableTimer.cpp:
        (WebCore::SuspendableTimerBase::virtualHasPendingActivity const):
        (WebCore::SuspendableTimerBase::hasPendingActivity const): Deleted.
        * page/SuspendableTimer.h:
        * workers/Worker.cpp:
        (WebCore::Worker::virtualHasPendingActivity const):
        (WebCore::Worker::hasPendingActivity const): Deleted.
        * workers/Worker.h:
        * workers/service/ServiceWorkerRegistration.cpp:
        (WebCore::ServiceWorkerRegistration::virtualHasPendingActivity const):
        (WebCore::ServiceWorkerRegistration::hasPendingActivity const): Deleted.
        * workers/service/ServiceWorkerRegistration.h:
        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::virtualHasPendingActivity const):
        (WebCore::XMLHttpRequest::hasPendingActivity const): Deleted.
        * xml/XMLHttpRequest.h:

2020-03-30  Simon Fraser  <simon.fraser@apple.com>

        scrollIntoView() erroneously scrolls non-containing block scrollers
        https://bugs.webkit.org/show_bug.cgi?id=209715

        Reviewed by Zalan Bujtas.

        RenderLayer::scrollByRecursively() would just walk up the parent RenderLayer chain
        trying to scroll each one. However, this would hit overflow:scroll which wasn't in the
        containing block chain, erroneously scrolling unrelated scrollers.

        Fix by adding RenderLayer::enclosingLayerInContainingBlockOrder() and calling
        it from RenderLayer::enclosingScrollableLayer(). Also extend enclosingScrollableLayer()
        to make explicit 'include self' and frame-boundary crossing.

        In future, scrollByRecursively() should really be virtual on ScrollableArea, and implemented
        on its subclasses.

        Test: http/wpt/css/cssom-view/scrollintoview-containingblock-chain.html

        * page/mac/EventHandlerMac.mm:
        (WebCore::EventHandler::platformPrepareForWheelEvents):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::enclosingLayerInContainingBlockOrder const):
        (WebCore::enclosingContainingBlockLayer):
        (WebCore::RenderLayer::enclosingScrollableLayer const):
        (WebCore::RenderLayer::scrollByRecursively):
        (WebCore::RenderLayer::scrollRectToVisible):
        (WebCore::RenderLayer::enclosingScrollableArea const):
        (WebCore::RenderLayer::hasScrollableOrRubberbandableAncestor):
        (WebCore::RenderLayer::calculateClipRects const):
        (WebCore::parentLayerCrossFrame): Deleted.
        * rendering/RenderLayer.h:

2020-03-30  Wenson Hsieh  <wenson_hsieh@apple.com>

        WebPasteboardProxy::SetPasteboardURL should fail gracefully when the copied NSURL is nil
        https://bugs.webkit.org/show_bug.cgi?id=209785
        <rdar://problem/61075986>

        Reviewed by Tim Horton.

        Harden PlatformPasteboard::setURL() against the possibility of a null NSURL when converting the given
        PasteboardURL's WebKit URL into a URL string using -[NSURL absoluteString].

        * platform/mac/PlatformPasteboardMac.mm:
        (WebCore::PlatformPasteboard::setURL):

2020-03-27  Ryosuke Niwa  <rniwa@webkit.org>

        Assertion failure in HTMLFormElement::formElementIndex
        https://bugs.webkit.org/show_bug.cgi?id=209643

        Reviewed by Darin Adler.

        The bug was caused by FormAssociatedElement::findAssociatedForm finding a wrong form element
        when it's called on an element which appears later in the removed subtree.

        When we find the new form element to associate this element with, check to make sure its root
        element is that of the tree scope. This condition will be false if this element is in in the midst
        of being removed.

        * html/FormAssociatedElement.cpp:
        (WebCore::FormAssociatedElement::findAssociatedForm):

2020-03-30  Don Olmstead  <don.olmstead@sony.com>

        Non-unified build fixes late March 2020 edition
        https://bugs.webkit.org/show_bug.cgi?id=209781

        Unreviewed build fix.

        * animation/ElementAnimationRareData.cpp:
        * dom/SimpleRange.cpp:
        * editing/VisiblePosition.cpp:
        * layout/blockformatting/BlockFormattingContext.cpp:
        * layout/blockformatting/BlockFormattingContextGeometry.cpp:
        * layout/inlineformatting/InlineFormattingContext.cpp:
        * layout/invalidation/InvalidationState.cpp:
        * layout/tableformatting/TableFormattingContext.cpp:
        * page/FocusController.cpp:
        * page/PageConfiguration.cpp:
        * rendering/RenderBlock.cpp:
        * svg/SVGClipPathElement.cpp:
        * xml/parser/XMLDocumentParserLibxml2.cpp:

2020-03-30  Devin Rousso  <drousso@apple.com>

        Web Inspector: provide a way to log messages from the network process
        https://bugs.webkit.org/show_bug.cgi?id=204775

        Reviewed by Brian Burg.

        ITP can be influenced by multiple pages simultaneously, meaning that sending a console
        message to the Web Inspector that's connected to the page that caused a change may not be
        useful as developers often don't test in complete isolation. As such, having a way to
        broadcast a console message to all Web Inspectors ensures that any changes caused by any
        page are always able to be seen, no matter which page is being actively inspected.

        * loader/AdClickAttribution.h:
        * loader/AdClickAttribution.cpp:
        (WebCore::AdClickAttribution::parseConversionRequest):
        Add a console message to Web Inspector if there are any errors when parsing an ad click
        attribution link attribute.

2020-03-30  Jacob Uphoff  <jacob_uphoff@apple.com>

        Unreviewed, reverting r259158.

        This commit caused an assertion failure

        Reverted changeset:

        "Nullptr crash in InlineTextBox::emphasisMarkExistsAndIsAbove"
        https://bugs.webkit.org/show_bug.cgi?id=207034
        https://trac.webkit.org/changeset/259158

2020-03-30  Andres Gonzalez  <andresg_22@apple.com>

        [WebAccessibilityObjectWrapper remoteAccessibilityParentObject should be cached to avoid hitting the main thread often.
        https://bugs.webkit.org/show_bug.cgi?id=209576

        Reviewed by Chris Fleizach.

        [WebAccessibilityObjectWrapper remoteAccessibilityParentObject] is
        called very often and thus is a performance hit in isolated tree mode
        since it has to be dispatched to the main thread. This change caches
        this value in AXIsolatedObject, so no need to dispatch to the main
        thread any longer.
        In addition, the PlatformWidget that was cached in a member variable,
        is now cached in the attribute map as well as the remoteParentObject.

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::remoteParentObject const): Actual implementation of this method.
        * accessibility/AccessibilityObject.h:
        * accessibility/AccessibilityObjectInterface.h:
        * accessibility/isolatedtree/AXIsolatedObject.cpp:
        (WebCore::AXIsolatedObject::initializeAttributeData):
        (WebCore::AXIsolatedObject::platformWidget const): Deleted.
        * accessibility/isolatedtree/AXIsolatedObject.h:
        (WebCore::AXIsolatedObject::propertyValue const):
        * accessibility/isolatedtree/mac/AXIsolatedObjectMac.mm:
        (WebCore::AXIsolatedObject::remoteParentObject const):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper remoteAccessibilityParentObject]): No need to dispatch to main thread.
        (-[WebAccessibilityObjectWrapper scrollViewParent]):

2020-03-30  Per Arne Vollan  <pvollan@apple.com>

        [Cocoa] Sleep disabling should be performed in the UI process
        https://bugs.webkit.org/show_bug.cgi?id=209676

        Reviewed by Darin Adler.

        Remove unnecessary include.

        * platform/SleepDisabler.h:

2020-03-30  Sihui Liu  <sihui_liu@apple.com>

        IndexedDB: destroy UniqueIDBDatabase when it's not used
        https://bugs.webkit.org/show_bug.cgi?id=209532
        <rdar://problem/60906908>

        Reviewed by Geoffrey Garen.

        When all connections of a UniqueIDBDatabase object are closed and there are no pending reuqests, the 
        object may not be used any more. We should delete it for better memory use.

        * Modules/indexeddb/server/IDBServer.cpp:
        (WebCore::IDBServer::IDBServer::deleteDatabase):
        (WebCore::IDBServer::IDBServer::establishTransaction):
        (WebCore::IDBServer::IDBServer::databaseConnectionClosed):
        (WebCore::IDBServer::IDBServer::openDBRequestCancelled):
        * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
        (WebCore::IDBServer::UniqueIDBDatabase::tryClose):
        * Modules/indexeddb/server/UniqueIDBDatabase.h:

2020-03-30  Jack Lee  <shihchieh_lee@apple.com>

        Division by zero in RenderBlockFlow::computeColumnCountAndWidth
        https://bugs.webkit.org/show_bug.cgi?id=209485
        <rdar://problem/60746109>

        Reviewed by Zalan Bujtas.

        When computing content width and height, set it to 0 if the computed size
        is negative.

        Test: fast/multicol/negativeColumnGap.html

        * rendering/RenderBox.h:
        (WebCore::RenderBox::contentWidth const):
        (WebCore::RenderBox::contentHeight const):

2020-03-30  Chris Dumez  <cdumez@apple.com>

        NetworkStorageSession::unregisterCookieChangeListenersIfNecessary() should use new CFNetwork SPI when available
        https://bugs.webkit.org/show_bug.cgi?id=209742
        <rdar://problem/61040492>

        Reviewed by Geoffrey Garen.

        NetworkStorageSession::unregisterCookieChangeListenersIfNecessary() should use new CFNetwork SPI when available.
        Using the old SPI on builds that no longer have it causes crashes.

        * platform/network/cocoa/NetworkStorageSessionCocoa.mm:
        (WebCore::NetworkStorageSession::unregisterCookieChangeListenersIfNecessary):

2020-03-30  Devin Rousso  <drousso@apple.com>

        [Web Animations] Crash under `KeyframeEffect::getKeyframes` for a `DeclarativeAnimation`
        https://bugs.webkit.org/show_bug.cgi?id=209682
        <rdar://problem/60962458>

        Reviewed by Antoine Quint.

        Test: webanimations/css-animation-effect-target-change-and-get-keyframes-crash.html

        * animation/KeyframeEffect.cpp:
        (WebCore::KeyframeEffect::getKeyframes):
        * inspector/agents/InspectorAnimationAgent.cpp:
        (WebCore::buildObjectForKeyframes):
        With the flexibility of the Web Animations API, it's possible for a `DeclarativeAnimation`
        to not have a `target`. As such, we should not expect it to exist, and should remove any
        `ASSERT` or unchecked dereferences.

        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::effectTimingDidChange):
        Drive-by: ensure that `InspectorInstrumentation` is called last.

2020-03-30  Michael Catanzaro  <mcatanzaro@gnome.org>

        Add user agent quirk for Red Hat Bugzilla
        https://bugs.webkit.org/show_bug.cgi?id=209484

        Reviewed by Adrian Perez de Castro.

        Red Hat Bugzilla displays a warning page when performing searches with WebKitGTK's standard
        user agent.

        * platform/UserAgentQuirks.cpp:
        (WebCore::urlRequiresFirefoxBrowser):

2020-03-30  Per Arne Vollan  <pvollan@apple.com>

        [Cocoa] Sleep disabling should be performed in the UI process
        https://bugs.webkit.org/show_bug.cgi?id=209676

        Reviewed by Darin Adler.

        Since sleep disabling is causing communication with the power management service, it should be performed in the UI process.
        This patch fixes this by creating a sleep disabler client, which will notify the UI process when a sleep disabler is being
        created and destroyed. In response to these messages, the UI process will perform the actual sleep disabling and enabling.
        A new sleep disabler class is created which wraps the PAL sleep disabler, and notifies the sleep disabler client when set.
        If the sleep disabler client is set, a PAL sleep disabler instance will not be created in the WebContent process, since this
        will then happen in the UI process.

        API test: WebKit.SleepDisabler

        * Headers.cmake:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::updateSleepDisabling):
        * html/HTMLMediaElement.h:
        * platform/SleepDisabler.cpp: Added.
        (WebCore::SleepDisabler::SleepDisabler):
        (WebCore::SleepDisabler::~SleepDisabler):
        * platform/SleepDisabler.h: Added.
        (WebCore::SleepDisabler::type const):
        * platform/SleepDisablerClient.cpp: Added.
        (WebCore::sleepDisablerClient):
        * platform/SleepDisablerClient.h: Added.
        (WebCore::SleepDisablerClient::~SleepDisablerClient):
        * platform/SleepDisablerIdentifier.h: Added.
        * testing/Internals.cpp:
        (WebCore::Internals::createSleepDisabler):
        (WebCore::Internals::destroySleepDisabler):
        * testing/Internals.h:
        * testing/Internals.idl:

2020-03-30  Antoine Quint  <graouts@apple.com>

        Mark Pointer Events and Web Animations features as completed in https://webkit.org/status/
        https://bugs.webkit.org/show_bug.cgi?id=209730

        Reviewed by Antti Koivisto.

        Pointer Events and Web Animations have been completed already, mark those as Supported in https://webkit.org/status/.
        Additionally, we fix an alphabetical ordering issue.

        * features.json:

2020-03-30  Carlos Garcia Campos  <cgarcia@igalia.com>

        Unreviewed. [GTK][WPE] Media controls: Remove references to -webkit-media-controls-time-remaining-display

        * Modules/mediacontrols/mediaControlsAdwaita.css:
        (audio::-webkit-media-controls-current-time-display.hidden,):

2020-03-30  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK][WPE] REGRESSION(r257775): Media controls current time label changes its size when it's updated
        https://bugs.webkit.org/show_bug.cgi?id=209593

        Reviewed by Xabier Rodriguez-Calvar.

        This regressed in r257775 for me, because my system font doesn't use fixed width for digits. We should try to
        use the tabular-nums font variant if available.

        * Modules/mediacontrols/mediaControlsAdwaita.css:
        (audio::-webkit-media-controls-current-time-display,): Add font-variant-numeric: tabular-nums;

2020-03-30  Zan Dobersek  <zdobersek@igalia.com>

        [WPE] Can't create WebGL context after r259139
        https://bugs.webkit.org/show_bug.cgi?id=209722

        Reviewed by Carlos Garcia Campos.

        Adjust the WebXRWebGLRenderingContext tuple depending on the WebGL2
        feature being enabled or not.

        * Modules/webxr/WebXRWebGLLayer.h:
        * Modules/webxr/WebXRWebGLLayer.idl:

2020-03-30  Carlos Garcia Campos  <cgarcia@igalia.com>

        [HarfBuzz] Not all CSS font features are applied
        https://bugs.webkit.org/show_bug.cgi?id=209591

        Reviewed by Adrian Perez de Castro.

        Implement font feature precedence algorithm for HarfBuzz, including features specified in font-face rule and
        font-variant settings that we were ignoring.

        7.2. Feature precedence
        https://www.w3.org/TR/css-fonts-3/#feature-precedence

        * platform/graphics/freetype/FontCacheFreeType.cpp:
        (WebCore::FontCache::createFontPlatformData): Add font features to be enanled to the font config pattern.
        * platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp:
        (WebCore::FontCustomPlatformData::fontPlatformData): Ditto.
        * platform/graphics/harfbuzz/ComplexTextControllerHarfBuzz.cpp:
        (WebCore::setFeatureSettingsFromVariants): Helper to add font-variant settings.
        (WebCore::fontFeatures): Implement font feature precedence algorithm.
        (WebCore::findScriptForVerticalGlyphSubstitution): Use HB_TAG direftly.
        (WebCore::ComplexTextController::collectComplexTextRunsForCharacters): Pass FontPlatformData to fontFeatures().

2020-03-29  Antoine Quint  <graouts@apple.com>

        [AutoSizing] Bring back the old auto-sizing code as a deprecated codepath for compatibility reasons
        https://bugs.webkit.org/show_bug.cgi?id=209669
        <rdar://problem/60111081>

        Reviewed by Alan Bujtas and Darin Adler.

        We changed the auto-sizing code for webkit.org/b/196743 in r244098, but some clients need it and we bring it back
        via two exclusive auto-sizing mode: fixed-width (the existing mode) and size-to-content (the resurrected mode).

        * page/FrameView.cpp:
        (WebCore::FrameView::autoSizeIfEnabled):
        (WebCore::FrameView::performFixedWidthAutoSize):
        (WebCore::FrameView::performSizeToContentAutoSize):
        (WebCore::FrameView::enableFixedWidthAutoSizeMode):
        (WebCore::FrameView::enableSizeToContentAutoSizeMode):
        (WebCore::FrameView::enableAutoSizeMode):
        * page/FrameView.h:
        * testing/Internals.cpp:
        (WebCore::Internals::resetToConsistentState):
        (WebCore::Internals::enableFixedWidthAutoSizeMode):
        (WebCore::Internals::enableAutoSizeMode): Deleted.
        * testing/Internals.h:
        * testing/Internals.idl:

2020-03-29  Darin Adler  <darin@apple.com>

        Move TextIterator::rangeFromLocationAndLength off of live ranges
        https://bugs.webkit.org/show_bug.cgi?id=209408

        Reviewed by Antti Koivisto.

        - Put CharacterRange into a header, CharacterRange.h.
        - Replaced CharacterOffset with direct uses of uint64_t.
          Because this can be a single offset into an entire document, use a
          64-bit integer so we don't limit an entire document to 2^32 characters;
          in theory this makes it so we can support a document with tons of
          text nodes that add up to more than 2^32.
        - Because CharacterRange uses 64-bit integers we can now convert more
          easily to and from NSRange and CFRange on Cocoa platforms.

        * Headers.cmake: Added CharacterRange.h.
        * WebCore.xcodeproj/project.pbxproj: Ditto.

        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper _convertToDOMRange:]):
        Use CharacterRange, resolveCharacterLocation/Range.
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (AXAttributeStringSetSpelling): Ditto.
        (-[WebAccessibilityObjectWrapper _textMarkerForIndex:]): Ditto.

        * dom/DocumentMarkerController.cpp:
        (WebCore::DocumentMarkerController::collectTextRanges): Take SimpleRange.
        (WebCore::DocumentMarkerController::addMarker): Ditto.
        (WebCore::DocumentMarkerController::addDictationResultMarker): Ditto.
        (WebCore::DocumentMarkerController::addPlatformTextCheckingMarker): Ditto.
        * dom/DocumentMarkerController.h: Updated for above changes.

        * dom/Position.h: Export createLegacyEditingPosition so it can be used
        outside of WebCore.

        * dom/SimpleRange.cpp:
        (WebCore::fastIsCharacterData): Added. Could be moved to the Node class.
        (WebCore::length): Added. Could be moved to the Node class.
        (WebCore::makeRangeSelectingNodeContents): Added. Analogous to the
        Range::selectNodeContents function.
        * dom/SimpleRange.h: Updated for the above.

        * editing/AlternativeTextController.cpp:
        (WebCore::AlternativeTextController::applyAlternativeTextToRange):
        Use CharacterRange, resolveCharacterLocation/Range.
        * editing/ApplyStyleCommand.cpp:
        (WebCore::ApplyStyleCommand::applyBlockStyle): Ditto.

        * editing/CharacterRange.h: Added.

        * editing/CompositeEditCommand.cpp:
        (WebCore::CompositeEditCommand::moveParagraphs):
        Use CharacterRange, resolveCharacterLocation/Range.
        * editing/Editing.cpp:
        (WebCore::visiblePositionForIndex): Ditto.
        * editing/Editor.cpp:
        (WebCore::Editor::advanceToNextMisspelling): Ditto.
        (WebCore::correctSpellcheckingPreservingTextCheckingParagraph): Ditto.
        (WebCore::Editor::markAndReplaceFor): Ditto.
        (WebCore::Editor::changeBackToReplacedString): Ditto.
        (WebCore::Editor::scanRangeForTelephoneNumbers): Ditto.
        (WebCore::Editor::rangeForTextCheckingResult const): Ditto.
        * editing/TextCheckingHelper.cpp:
        (WebCore::findGrammaticalErrors): Ditto.
        (WebCore::findMisspellings): Ditto.
        (WebCore::TextCheckingParagraph::invalidateParagraphRangeValues): Ditto.
        (WebCore::TextCheckingParagraph::rangeLength const): Ditto.
        (WebCore::TextCheckingParagraph::subrange const): Ditto.
        (WebCore::TextCheckingParagraph::offsetTo const): Ditto.
        (WebCore::TextCheckingParagraph::text const): Ditto. Also use StringView.
        (WebCore::TextCheckingParagraph::checkingStart const): Ditto.
        (WebCore::TextCheckingParagraph::checkingEnd const): Ditto. Also compute
        this by adding start and length, and don't cache it.
        (WebCore::TextCheckingParagraph::checkingLength const): Ditto.
        (WebCore::TextCheckingParagraph::automaticReplacementStart const): Ditto.
        (WebCore::TextCheckingParagraph::automaticReplacementLength const): Ditto.
        (WebCore::TextCheckingHelper::findFirstMisspelling): Ditto.
        (WebCore::TextCheckingHelper::findFirstMisspellingOrBadGrammar): Ditto.
        (WebCore::TextCheckingHelper::findFirstGrammarDetail const): Ditto.
        (WebCore::TextCheckingHelper::findFirstBadGrammar const): Ditto.
        (WebCore::TextCheckingHelper::isUngrammatical const): Ditto.
        (WebCore::TextCheckingHelper::guessesForMisspelledOrUngrammaticalRange const): Ditto.
        (WebCore::TextCheckingHelper::markAllMisspellings): Ditto.
        (WebCore::TextCheckingHelper::markAllBadGrammar): Ditto.
        (WebCore::checkTextOfParagraph): Ditto.
        * editing/TextCheckingHelper.h: Updated for the above. Also got rid of
        m_checkingEnd since it's sufficient to cache the start and the length.
        Should come back later and use CharacterRange instead of 2x CharacterCount.

        * editing/TextIterator.cpp:
        (WebCore::characterCount): Use uint64_t.
        (WebCore::TextIterator::subrange): Deleted.
        (WebCore::TextIterator::rangeFromLocationAndLength): Deleted.
        (WebCore::clampedAdd): Added. Helps implement resolveCharacterRange in a way
        that can work with any character count without concern about overflow.
        (WebCore::resolveCharacterRange): Added. Replaces both subrange and
        rangeFromLocationAndLength, using an algorithm close to the one from
        the latter function, including workarounds it had. Replaced the boolean
        "forSelectionPreservation" with the TextIteratorBehavior options, which seems
        to make good sense at all the call sites.
        (WebCore::resolveCharacterLocation): Added. Like resolveCharacterRange, but
        instead of resolving CharacterRange to SimpleRange, resolves a character location
        to a BoundaryPoint. Made a separate function for this in case we later refactor
        for efficiency, but for now this simply calls resolveCharacterRange with a zero
        length range.

        * editing/TextIterator.h: Moved CharacterCount and CharagerRange into a
        separate header. Replaced TextIterator::rangeFromLocationAndLength and
        TextIterator::subrange with resolveCharacterLocation and resolveCharacterRange.

        * editing/cocoa/DataDetection.mm:
        (WebCore::detectItemAtPositionWithRange): Use CharacterRange,
        resolveCharacterLocation/Range.
        (WebCore::DataDetection::detectContentInRange): Ditto.
        * editing/cocoa/DictionaryLookup.mm:
        (WebCore::DictionaryLookup::rangeForSelection): Ditto.
        (WebCore::DictionaryLookup::rangeAtHitTestResult): Ditto.
        * editing/ios/DictationCommandIOS.cpp:
        (WebCore::DictationCommandIOS::doApply): Ditto.
        * editing/mac/DictionaryLookupLegacy.mm:
        (WebCore::DictionaryLookup::rangeAtHitTestResult): Ditto.
        * page/EventHandler.cpp:
        (WebCore::textDistance): Ditto.
        * page/Page.cpp:
        (WebCore::replaceRanges): Ditto.
        (WebCore::Page::replaceRangesWithText): Ditto.
        * platform/text/TextChecking.h: Ditto.
        * testing/Internals.cpp:
        (WebCore::Internals::rangeFromLocationAndLength): Ditto.
        (WebCore::Internals::subrange): Ditto.
        (WebCore::Internals::handleAcceptedCandidate): Ditto.

        * testing/Internals.h: Made location and length unsigned rather than signed.
        * testing/Internals.idl: Ditto.

2020-03-29  Rob Buis  <rbuis@igalia.com>

        Remove addHTTPOriginIfNeeded calls
        https://bugs.webkit.org/show_bug.cgi?id=209127

        Reviewed by Darin Adler.

        Remove unused code.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadURL):

2020-03-29  Zalan Bujtas  <zalan@apple.com>

        [LFC] Replace parent() calls with containingBlock() where applicable.
        https://bugs.webkit.org/show_bug.cgi?id=209717

        Reviewed by Antti Koivisto.

        While they both return the same layout box (parent), it's more correct to call continingBlock().

        * layout/blockformatting/BlockMarginCollapse.cpp:
        (WebCore::Layout::BlockFormattingContext::MarginCollapse::marginBeforeCollapsesWithParentMarginAfter const):
        (WebCore::Layout::BlockFormattingContext::MarginCollapse::marginBeforeCollapsesWithParentMarginBefore const):
        (WebCore::Layout::BlockFormattingContext::MarginCollapse::marginAfterCollapsesWithParentMarginBefore const):
        (WebCore::Layout::BlockFormattingContext::MarginCollapse::marginAfterCollapsesWithParentMarginAfter const):
        * layout/layouttree/LayoutBox.cpp:
        (WebCore::Layout::Box::isOverflowVisible const):
        * layout/tableformatting/TableGrid.cpp:
        (WebCore::Layout::TableGrid::appendCell):

2020-03-29  Zalan Bujtas  <zalan@apple.com>

        [LFC] Layout::Box::parent() should return const ContainerBox&
        https://bugs.webkit.org/show_bug.cgi?id=209400
        <rdar://problem/60742432>

        Reviewed by Antti Koivisto.

        Layout tree is immutable during layout, so every box should be able to return a valid parent (except the ICB, but
        class InitialContainingBlock deletes parent() function anyway).

        * layout/FormattingContextGeometry.cpp:
        (WebCore::Layout::FormattingContext::Geometry::staticVerticalPositionForOutOfFlowPositioned const):
        (WebCore::Layout::FormattingContext::Geometry::staticHorizontalPositionForOutOfFlowPositioned const):
        * layout/blockformatting/BlockFormattingContextQuirks.cpp:
        (WebCore::Layout::BlockFormattingContext::Quirks::stretchedInFlowHeight):
        * layout/blockformatting/BlockMarginCollapse.cpp:
        (WebCore::Layout::BlockFormattingContext::MarginCollapse::marginBeforeCollapsesWithParentMarginAfter const):
        (WebCore::Layout::BlockFormattingContext::MarginCollapse::marginBeforeCollapsesWithParentMarginBefore const):
        (WebCore::Layout::BlockFormattingContext::MarginCollapse::marginAfterCollapsesWithParentMarginBefore const):
        (WebCore::Layout::BlockFormattingContext::MarginCollapse::marginAfterCollapsesWithParentMarginAfter const):
        * layout/inlineformatting/InlineFormattingContext.cpp:
        (WebCore::Layout::nextInlineLevelBoxToLayout):
        (WebCore::Layout::InlineFormattingContext::constraintsForLine):
        * layout/layouttree/LayoutBox.cpp:
        (WebCore::Layout::Box::containingBlock const):
        (WebCore::Layout::Box::formattingContextRoot const):
        (WebCore::Layout::Box::initialContainingBlock const):
        (WebCore::Layout::Box::isOverflowVisible const):
        * layout/layouttree/LayoutBox.h:
        (WebCore::Layout::Box::parent const):
        * layout/layouttree/LayoutIterator.h:
        (WebCore::Layout::LayoutBoxTraversal::nextAncestorSibling):
        (WebCore::Layout::LayoutBoxTraversal::next):
        (WebCore::Layout::Traversal::firstWithin):
        (WebCore::Layout::Traversal::next):
        (WebCore::Layout::LayoutIterator<T>::traverseNext):
        * layout/tableformatting/TableGrid.cpp:
        (WebCore::Layout::TableGrid::appendCell):

2020-03-29  David Kilzer  <ddkilzer@apple.com>

        Windows build fix: Web Inspector: support editing cookie key/values from inspector
        https://bugs.webkit.org/show_bug.cgi?id=31157#c15
        <rdar://problem/19281523>

        * platform/network/cf/NetworkStorageSessionCFNetWin.cpp:
        (WebCore::NetworkStorageSession::setCookie):
        - Add placeholder to fix build after r259173.

2020-03-28  Devin Rousso  <drousso@apple.com>

        Web Inspector: support editing cookie key/values from inspector
        https://bugs.webkit.org/show_bug.cgi?id=31157
        <rdar://problem/19281523>

        Reviewed by Timothy Hatcher.

        Test: http/tests/inspector/page/setCookie.html

        * inspector/agents/InspectorPageAgent.h:
        * inspector/agents/InspectorPageAgent.cpp:
        (WebCore::buildObjectForCookie):
        (WebCore::parseCookieObject): Added.
        (WebCore::InspectorPageAgent::setCookie): Added.

        * loader/CookieJar.h:
        * loader/CookieJar.cpp:
        (WebCore::CookieJar::setRawCookie): Added.

2020-03-28  Simon Fraser  <simon.fraser@apple.com>

        Add a ScrollLatching log channel and improve some logging functionality
        https://bugs.webkit.org/show_bug.cgi?id=209706

        Reviewed by Darin Adler, David Kilzer.

        Add a "ScrollLatching" log channel. Make ScrollLatchingState and Node loggable.
        Make a convenience template class ValueOrNull<> which makes logging a pointer type convenient.

        Also change Page::pushNewLatchingState() to take the new latching state.

        * dom/Node.cpp:
        (WebCore::operator<<):
        * dom/Node.h:
        * page/EventHandler.cpp:
        (WebCore::EventHandler::clearLatchedState):
        * page/Page.cpp:
        (WebCore::Page::pushNewLatchingState):
        (WebCore::Page::popLatchingState):
        (WebCore::Page::removeLatchingStateForTarget):
        * page/Page.h:
        (WebCore::Page::latchingStateStack const):
        * page/mac/EventHandlerMac.mm:
        (WebCore::EventHandler::clearOrScheduleClearingLatchedStateIfNeeded):
        (WebCore::EventHandler::platformPrepareForWheelEvents):
        (WebCore::frameViewForLatchingState):
        (WebCore::EventHandler::platformCompleteWheelEvent):
        (WebCore::EventHandler::platformCompletePlatformWidgetWheelEvent):
        * page/scrolling/ScrollLatchingState.cpp:
        (WebCore::operator<<):
        * page/scrolling/ScrollLatchingState.h:
        (WebCore::ScrollLatchingState::wheelEventElement const):
        (WebCore::ScrollLatchingState::frame const):
        (WebCore::ScrollLatchingState::previousWheelScrolledElement const):
        (WebCore::ScrollLatchingState::scrollableContainer const):
        * page/scrolling/ScrollingTree.cpp:
        (WebCore::ScrollingTree::setOrClearLatchedNode):
        (WebCore::ScrollingTree::handleWheelEvent):
        * platform/Logging.h:

2020-03-28  Fujii Hironori  <Hironori.Fujii@sony.com>

        [WinCairo] Unreviewed build fix for WinCairo Debug builds
        https://bugs.webkit.org/show_bug.cgi?id=209098

        It's broken since r259139 (Bug 209098).

        > ..\..\Source\WebCore\platform\graphics\texmap\TextureMapperGC3DPlatformLayer.cpp(101): error C2065: 'm_state': undeclared identifier

        * platform/graphics/texmap/TextureMapperGC3DPlatformLayer.cpp:
        (WebCore::TextureMapperGC3DPlatformLayer::paintToTextureMapper): Replaced 'm_state' with 'm_context.m_state'.

2020-03-28  Wenson Hsieh  <wenson_hsieh@apple.com>

        Unreviewed, fix the watchOS build after r259151

        The declaration of Pasteboard(const String&) in Pasteboard.h is present for all PLATFORM(IOS_FAMILY), but the
        implementation is guarded by ENABLE(DRAG_SUPPORT). r259151 added a codepath that calls this constructor in
        IOS_FAMILY code, causing a linker error. Fix this by moving the implementation out of the ENABLE(DRAG_SUPPORT)
        guard, to match the declaration in the header.

        * platform/ios/PasteboardIOS.mm:

2020-03-27  Simon Fraser  <simon.fraser@apple.com>

        Sideways jiggles when scrolling the shelves on beta.music.apple.com
        https://bugs.webkit.org/show_bug.cgi?id=209696
        <rdar://problem/55092050>

        Reviewed by Anders Carlsson.
        
        If a scroll snapping animation was running, EventHandler::platformNotifyIfEndGesture() would
        reset the latching state. This was added in r190423, but not longer seems necessary
        according to manual testing, and the passing layout test.
        
        platformNotifyIfEndGesture() would be called at the end of the fingers-down scroll but
        before momentum, and resetting latching here would cause the momentum events to go to
        a new target, triggering incorrect scrolls.

        Test: tiled-drawing/scrolling/scroll-snap/scroll-snap-phase-change-relatching.html

        * page/mac/EventHandlerMac.mm:
        (WebCore::EventHandler::platformNotifyIfEndGesture):

2020-03-27  Simon Fraser  <simon.fraser@apple.com>

        Define ENABLE_WHEEL_EVENT_LATCHING and use it to wrap wheel event latching code
        https://bugs.webkit.org/show_bug.cgi?id=209693

        Reviewed by Zalan Bujtas.

        Replace some #if PLATFORM(MAC) with #if ENABLE(WHEEL_EVENT_LATCHING).

        ENABLE_WHEEL_EVENT_LATCHING is currently only enabled on macOS, but it's possible
        that it should be defined everywhere that ENABLE_KINETIC_SCROLLING is defined.
        This requires testing on WPE, GTK etc.

        * page/EventHandler.cpp:
        (WebCore::handleWheelEventInAppropriateEnclosingBox):
        (WebCore::EventHandler::handleWheelEvent):
        (WebCore::EventHandler::clearLatchedState):
        (WebCore::EventHandler::defaultWheelEventHandler):
        * page/Page.cpp:
        * page/Page.h:

2020-03-28  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Destroy the child first in RenderTreeBuilder::destroyAndCleanUpAnonymousWrappers
        https://bugs.webkit.org/show_bug.cgi?id=209695

        Reviewed by Antti Koivisto.

        The render tree tear down direction is usually leaf first (there are some non-trivial cases where we end up going container first).
        Being able to access the ancestor chain helps with some final cleanup activities (e.g repaints).
        This patch makes the renderer-inside-an-anonymous-wrapper case similar to the normal case as we destroy the leaf renderer first.
        However the anonymous ancestor chain tear down is still container first (see r228606).      

        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::destroyAndCleanUpAnonymousWrappers):
        (WebCore::isAnonymousAndSafeToDelete): Deleted.
        (WebCore::findDestroyRootIncludingAnonymous): Deleted.

2020-03-28  Antti Koivisto  <antti@apple.com>

        Nullptr crash in InlineTextBox::emphasisMarkExistsAndIsAbove
        https://bugs.webkit.org/show_bug.cgi?id=207034

        Reviewed by Zalan Bujtas.

        Reduced test case by Zalan.

        Test: editing/selection/selection-update-during-anonymous-inline-teardown.html

        * editing/FrameSelection.cpp:
        (WebCore::FrameSelection::setNeedsSelectionUpdateForRenderTreeChange):

        Don't clear the selection immediately, do it in updateAppearanceAfterLayoutOrStyleChange after render tree update/layout is done instead.
        This is safe as selection uses WeakPtrs to reference renderers.

        Renamed to emphasize the use case.

        (WebCore::FrameSelection::updateAppearanceAfterLayoutOrStyleChange):
        (WebCore::FrameSelection::setNeedsSelectionUpdate): Deleted.
        * editing/FrameSelection.h:
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::willBeDestroyed):
        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::willBeDestroyed):
        * rendering/RenderTextControlSingleLine.cpp:
        (WebCore::RenderTextControlSingleLine::layout):
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::detachFromRenderElement):

2020-03-28  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, reverting r259034.
        https://bugs.webkit.org/show_bug.cgi?id=209700

        Break StressGC bot (Requested by yusukesuzuki on #webkit).

        Reverted changeset:

        "IndexedDB: destroy UniqueIDBDatabase when it's not used"
        https://bugs.webkit.org/show_bug.cgi?id=209532
        https://trac.webkit.org/changeset/259034

2020-03-27  Simon Fraser  <simon.fraser@apple.com>

        Define ENABLE_WHEEL_EVENT_LATCHING and use it to wrap wheel event latching code
        https://bugs.webkit.org/show_bug.cgi?id=209693

        Reviewed by Zalan Bujtas.

        Replace some #if PLATFORM(MAC) with #if ENABLE(WHEEL_EVENT_LATCHING).

        ENABLE_WHEEL_EVENT_LATCHING is currently only enabled on macOS, but it's possible
        that it should be defined everywhere that ENABLE_KINETIC_SCROLLING is defined.
        This requires testing on WPE, GTK etc.

        * page/EventHandler.cpp:
        (WebCore::handleWheelEventInAppropriateEnclosingBox):
        (WebCore::EventHandler::handleWheelEvent):
        (WebCore::EventHandler::clearLatchedState):
        (WebCore::EventHandler::defaultWheelEventHandler):
        * page/Page.cpp:
        * page/Page.h:

2020-03-27  Jack Lee  <shihchieh_lee@apple.com>

        Nullptr crash in CompositeEditCommand::moveParagraphs when inserting OL into uneditable parent.
        https://bugs.webkit.org/show_bug.cgi?id=209641
        <rdar://problem/60915598>

        Reviewed by Ryosuke Niwa.

        Inserting BR in unlistifyParagraph() or OL/UL in listifyParagraph() would fail
        because their insertion position is uneditable. In this case BR/OL/UL becomes
        parentless and the code crashes later when their parent is dereferenced in 
        moveParagraphs(). 
        In unlistifyParagraph(), only insertNodeBefore() and insertNodeAfter() are used
        and both check parent of listNode for editability, so in order to avoid assertion 
        in the above functions, we check the editability of listNode before insertion.
        In listifyParagraph() it is hard to predict where the final insertion position would be,
        so we check the editability of the insertion position after it is finalized.

        Test: editing/inserting/insert-ol-uneditable-parent.html

        * editing/InsertListCommand.cpp:
        (WebCore::InsertListCommand::unlistifyParagraph):
        (WebCore::InsertListCommand::listifyParagraph):

2020-03-27  Eugene But  <eugenebut@chromium.org>

        Fix null pointer crash in RenderBox::styleDidChange
        https://bugs.webkit.org/show_bug.cgi?id=208311

        Reviewed by Ryosuke Niwa.

        RenderBox::styleDidChange crashes when changing style for HTMLBodyElement element.
        Crash happens on dereferencing null document().documentElement()->renderer() pointer:

        if (.... || !documentElementRenderer->style().hasExplicitlySetWritingMode())) {

        That HTMLBodyElement was added as the second child of document, which is not allowed per spec: 
        
        If parent is a document, and any of the statements below, switched on node,
        are true, then throw a "HierarchyRequestError" DOMException:
            .......
            element
                parent has an element child that is not child or a doctype is following child.
            ......
        https://dom.spec.whatwg.org/#concept-node-replace

        This patch prevents adding HTMLBodyElement as the second child by running more strict checks
        inside WebCore::Document::canAcceptChild(). Previously canAcceptChild() would allow all
        Replace operations if new child had the same type as old child, even if old child has changed the parent.

        If old child has changed the parent (parent is not document), it means that child was removed from document
        and it is possible that mutation event handler has already added a new child to document. This is normal
        situation, but it means that canAcceptChild() can not short circuit only on comparing the types of old and
        new child, and has to run all checks listed in https://dom.spec.whatwg.org/#concept-node-replace
       
        Tests: fast/dom/add-document-child-during-document-child-replacement.html
               fast/dom/add-document-child-and-reparent-old-child-during-document-child-replacement.html

        * Source/WebCore/dom/Document.cpp:
        (WebCore::Document::canAcceptChild):

2020-03-27  Wenson Hsieh  <wenson_hsieh@apple.com>

        Web content processes should not be able to arbitrarily request pasteboard data from the UI process
        https://bugs.webkit.org/show_bug.cgi?id=209657
        <rdar://problem/59611585>

        Reviewed by Geoff Garen.

        Match macOS behavior in the iOS implementation of Pasteboard::createForCopyAndPaste by using the name of the
        general pasteboard by default, when initializing a Pasteboard for copying and pasting. In WebKit2, this allows
        us to grant permission to the web process when reading from the general pasteboard.

        * platform/ios/PasteboardIOS.mm:
        (WebCore::Pasteboard::createForCopyAndPaste):

2020-03-27  Zalan Bujtas  <zalan@apple.com>

        REGRESSION (r256577): Previous page continues to display after navigating to media document
        https://bugs.webkit.org/show_bug.cgi?id=209630
        <rdar://problem/60609318>

        Reviewed by Simon Fraser.

        Add a way for non-HTML documents to signal visually non-empty state (for example when media document constructs the controls for the media content.)

        * html/FTPDirectoryDocument.cpp:
        (WebCore::FTPDirectoryDocumentParser::appendEntry):
        * html/MediaDocument.cpp:
        (WebCore::MediaDocumentParser::createDocumentStructure):
        * html/PluginDocument.cpp:
        (WebCore::PluginDocumentParser::createDocumentStructure):
        * page/FrameView.cpp:
        (WebCore::FrameView::resetLayoutMilestones):
        (WebCore::FrameView::checkAndDispatchDidReachVisuallyNonEmptyState):
        * page/FrameView.h:

2020-03-27  Simon Fraser  <simon.fraser@apple.com>

        Change SVGRenderingContext::renderSubtreeToImageBuffer() to SVGRenderingContext::renderSubtreeToContext()
        https://bugs.webkit.org/show_bug.cgi?id=209679

        Reviewed by Said Abou-Hallawa.

        renderSubtreeToImageBuffer() just gets the context from the buffer, so change the name and signature
        and just pass a GraphicsContext.

        * rendering/svg/RenderSVGResourceClipper.cpp:
        (WebCore::RenderSVGResourceClipper::drawContentIntoMaskImage):
        * rendering/svg/RenderSVGResourceMasker.cpp:
        (WebCore::RenderSVGResourceMasker::drawContentIntoMaskImage):
        * rendering/svg/RenderSVGResourcePattern.cpp:
        (WebCore::RenderSVGResourcePattern::createTileImage const):
        * rendering/svg/SVGRenderingContext.cpp:
        (WebCore::SVGRenderingContext::renderSubtreeToContext):
        (WebCore::SVGRenderingContext::renderSubtreeToImageBuffer): Deleted.
        * rendering/svg/SVGRenderingContext.h:
        * svg/graphics/filters/SVGFEImage.cpp:
        (WebCore::FEImage::platformApplySoftware):

2020-03-26  Yusuke Suzuki  <ysuzuki@apple.com>

        Use EnsureStillAliveScope to keep JSValues alive
        https://bugs.webkit.org/show_bug.cgi?id=209577

        Reviewed by Geoffrey Garen.

        Some of WebCore code is using JSC::Strong<> to ensure JSC value alive while doing some operations.
        But JSC::EnsureStillAliveScope is sufficient for this use case. This patch replaces these Strong<> use
        with JSC::EnsureStillAliveScope.

        * bindings/js/JSEventListener.h:
        (WebCore::JSEventListener::ensureJSFunction const):
        * bindings/js/JSWindowProxy.cpp:
        (WebCore::JSWindowProxy::setWindow):
        * bindings/js/WorkerScriptController.cpp:
        (WebCore::WorkerScriptController::initScript):

2020-03-27  Kenneth Russell  <kbr@chromium.org>

        Use ANGLE_robust_client_memory to replace framebuffer/texture validation
        https://bugs.webkit.org/show_bug.cgi?id=209098

        Reviewed by Dean Jackson.

        Original patch by James Darpinian.

        Delegate most framebuffer, compressed texture, renderbuffer, draw call,
        clear, and ReadPixels validation to the ANGLE_robust_client_memory
        extension. Delegate much, but not all, texture validation as well.
        Remove tracking of textures' levels and immutability state, framebuffer
        size and format, and unrenderable texture units from WebCore; these are
        now handled by ANGLE. Hook up WebGL 2.0 draw/read framebuffer support
        and BlitFramebuffer.

        Disable WebGL 2.0 for non-ANGLE backends. It is infeasible to maintain
        correctness of GraphicsContextGLOpenGL and GraphicsContextGLOpenGLES
        under relaxed OpenGL ES 3.0 constraints.

        Covered by existing WebGL layout tests. Several more webgl/2.0.0 tests
        pass completely with this change.

        * html/canvas/WebGL2RenderingContext.cpp:
        (WebCore::WebGL2RenderingContext::blitFramebuffer):
        (WebCore::WebGL2RenderingContext::getInternalformatParameter):
        (WebCore::WebGL2RenderingContext::readBuffer):
        (WebCore::WebGL2RenderingContext::renderbufferStorageMultisample):
        (WebCore::WebGL2RenderingContext::texStorage2D):
        (WebCore::WebGL2RenderingContext::clear):
        (WebCore::WebGL2RenderingContext::renderbufferStorage):
        (WebCore::WebGL2RenderingContext::baseInternalFormatFromInternalFormat):
        * html/canvas/WebGL2RenderingContext.h:
        * html/canvas/WebGLFramebuffer.cpp:
        * html/canvas/WebGLFramebuffer.h:
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::clear):
        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::create):
        (WebCore::WebGLRenderingContextBase::initializeNewContext):
        (WebCore::WebGLRenderingContextBase::clearIfComposited):
        (WebCore::WebGLRenderingContextBase::reshape):
        (WebCore::WebGLRenderingContextBase::bindFramebuffer):
        (WebCore::WebGLRenderingContextBase::bindTexture):
        (WebCore::WebGLRenderingContextBase::checkFramebufferStatus):
        (WebCore::WebGLRenderingContextBase::compressedTexImage2D):
        (WebCore::WebGLRenderingContextBase::compressedTexSubImage2D):
        (WebCore::WebGLRenderingContextBase::copyTexSubImage2D):
        (WebCore::WebGLRenderingContextBase::deleteTexture):
        (WebCore::WebGLRenderingContextBase::validateVertexAttributes):
        (WebCore::WebGLRenderingContextBase::drawArrays):
        (WebCore::WebGLRenderingContextBase::drawElements):
        (WebCore::WebGLRenderingContextBase::generateMipmap):
        (WebCore::WebGLRenderingContextBase::readPixels):
        (WebCore::WebGLRenderingContextBase::texImageSource2D):
        (WebCore::WebGLRenderingContextBase::texImage2DBase):
        (WebCore::WebGLRenderingContextBase::texImage2DImpl):
        (WebCore::WebGLRenderingContextBase::validateTexFunc):
        (WebCore::WebGLRenderingContextBase::texImage2D):
        (WebCore::WebGLRenderingContextBase::texSubImage2DImpl):
        (WebCore::WebGLRenderingContextBase::texSubImage2D):
        (WebCore::WebGLRenderingContextBase::validateTexFuncFormatAndType):
        (WebCore::WebGLRenderingContextBase::texSubImage2DBase):
        (WebCore::WebGLRenderingContextBase::copyTexImage2D):
        (WebCore::WebGLRenderingContextBase::texParameter):
        (WebCore::WebGLRenderingContextBase::getBoundReadFramebufferColorFormat):
        (WebCore::WebGLRenderingContextBase::getBoundReadFramebufferWidth):
        (WebCore::WebGLRenderingContextBase::getBoundReadFramebufferHeight):
        (WebCore::WebGLRenderingContextBase::validateTextureBinding):
        (WebCore::WebGLRenderingContextBase::validateTexFuncLevel):
        (WebCore::WebGLRenderingContextBase::restoreCurrentFramebuffer):
        (WebCore::WebGLRenderingContextBase::restoreCurrentTexture2D):
        (WebCore::WebGLRenderingContextBase::drawArraysInstanced):
        (WebCore::WebGLRenderingContextBase::drawElementsInstanced):
        (WebCore::WebGLRenderingContextBase::getBoundFramebufferColorFormat): Deleted.
        (WebCore::WebGLRenderingContextBase::getBoundFramebufferWidth): Deleted.
        (WebCore::WebGLRenderingContextBase::getBoundFramebufferHeight): Deleted.
        * html/canvas/WebGLRenderingContextBase.h:
        * html/canvas/WebGLTexture.cpp:
        (WebCore::WebGLTexture::WebGLTexture):
        (WebCore::WebGLTexture::setTarget):
        (WebCore::WebGLTexture::deleteObjectImpl):
        (WebCore::WebGLTexture::computeLevelCount):
        (WebCore::WebGLTexture::canGenerateMipmaps):
        * html/canvas/WebGLTexture.h:
        * platform/graphics/ExtensionsGL.h:
        * platform/graphics/angle/ExtensionsGLANGLE.cpp:
        (WebCore::ExtensionsGLANGLE::getBooleanvRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getBufferParameterivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getFloatvRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getFramebufferAttachmentParameterivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getIntegervRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getProgramivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getRenderbufferParameterivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getShaderivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getTexParameterfvRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getTexParameterivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getUniformfvRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getUniformivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getVertexAttribfvRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getVertexAttribivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getVertexAttribPointervRobustANGLE):
        (WebCore::ExtensionsGLANGLE::readPixelsRobustANGLE):
        (WebCore::ExtensionsGLANGLE::texImage2DRobustANGLE):
        (WebCore::ExtensionsGLANGLE::texParameterfvRobustANGLE):
        (WebCore::ExtensionsGLANGLE::texParameterivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::texSubImage2DRobustANGLE):
        (WebCore::ExtensionsGLANGLE::compressedTexImage2DRobustANGLE):
        (WebCore::ExtensionsGLANGLE::compressedTexSubImage2DRobustANGLE):
        (WebCore::ExtensionsGLANGLE::compressedTexImage3DRobustANGLE):
        (WebCore::ExtensionsGLANGLE::compressedTexSubImage3DRobustANGLE):
        (WebCore::ExtensionsGLANGLE::texImage3DRobustANGLE):
        (WebCore::ExtensionsGLANGLE::texSubImage3DRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getQueryivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getQueryObjectuivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getBufferPointervRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getIntegeri_vRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getInternalformativRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getVertexAttribIivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getVertexAttribIuivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getUniformuivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getActiveUniformBlockivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getInteger64vRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getInteger64i_vRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getBufferParameteri64vRobustANGLE):
        (WebCore::ExtensionsGLANGLE::samplerParameterivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::samplerParameterfvRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getSamplerParameterivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getSamplerParameterfvRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getFramebufferParameterivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getProgramInterfaceivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getBooleani_vRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getMultisamplefvRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getTexLevelParameterivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getTexLevelParameterfvRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getPointervRobustANGLERobustANGLE):
        (WebCore::wipeAlphaChannelFromPixels):
        (WebCore::ExtensionsGLANGLE::readnPixelsRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getnUniformfvRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getnUniformivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getnUniformuivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::texParameterIivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::texParameterIuivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getTexParameterIivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getTexParameterIuivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::samplerParameterIivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::samplerParameterIuivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getSamplerParameterIivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getSamplerParameterIuivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getQueryObjectivRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getQueryObjecti64vRobustANGLE):
        (WebCore::ExtensionsGLANGLE::getQueryObjectui64vRobustANGLE):
        * platform/graphics/angle/ExtensionsGLANGLE.h:
        * platform/graphics/angle/GraphicsContextGLANGLE.cpp:
        (WebCore::GraphicsContextGLOpenGL::reshapeFBOs):
        (WebCore::GraphicsContextGLOpenGL::readPixels):
        (WebCore::GraphicsContextGLOpenGL::readRenderingResults):
        (WebCore::GraphicsContextGLOpenGL::reshape):
        (WebCore::GraphicsContextGLOpenGL::bindFramebuffer):
        (WebCore::GraphicsContextGLOpenGL::copyTexImage2D):
        (WebCore::GraphicsContextGLOpenGL::copyTexSubImage2D):
        (WebCore::GraphicsContextGLOpenGL::deleteFramebuffer):
        (WebCore::GraphicsContextGLOpenGL::blitFramebuffer):
        (WebCore::GraphicsContextGLOpenGL::readBuffer):
        * platform/graphics/cocoa/GraphicsContextGLOpenGLCocoa.mm:
        (WebCore::GraphicsContextGLOpenGL::GraphicsContextGLOpenGL):
        * platform/graphics/opengl/ExtensionsGLOpenGLCommon.cpp:
        (WebCore::ExtensionsGLOpenGLCommon::getTranslatedShaderSourceANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getBooleanvRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getBufferParameterivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getFloatvRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getFramebufferAttachmentParameterivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getIntegervRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getProgramivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getRenderbufferParameterivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getShaderivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getTexParameterfvRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getTexParameterivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getUniformfvRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getUniformivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getVertexAttribfvRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getVertexAttribivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getVertexAttribPointervRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::readPixelsRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::texImage2DRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::texParameterfvRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::texParameterivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::texSubImage2DRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::compressedTexImage2DRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::compressedTexSubImage2DRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::compressedTexImage3DRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::compressedTexSubImage3DRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::texImage3DRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::texSubImage3DRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getQueryivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getQueryObjectuivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getBufferPointervRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getIntegeri_vRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getInternalformativRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getVertexAttribIivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getVertexAttribIuivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getUniformuivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getActiveUniformBlockivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getInteger64vRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getInteger64i_vRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getBufferParameteri64vRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::samplerParameterivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::samplerParameterfvRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getSamplerParameterivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getSamplerParameterfvRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getFramebufferParameterivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getProgramInterfaceivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getBooleani_vRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getMultisamplefvRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getTexLevelParameterivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getTexLevelParameterfvRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getPointervRobustANGLERobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::readnPixelsRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getnUniformfvRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getnUniformivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getnUniformuivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::texParameterIivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::texParameterIuivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getTexParameterIivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getTexParameterIuivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::samplerParameterIivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::samplerParameterIuivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getSamplerParameterIivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getSamplerParameterIuivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getQueryObjectivRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getQueryObjecti64vRobustANGLE):
        (WebCore::ExtensionsGLOpenGLCommon::getQueryObjectui64vRobustANGLE):
        * platform/graphics/opengl/ExtensionsGLOpenGLCommon.h:
        * platform/graphics/opengl/GraphicsContextGLOpenGL.h:
        * platform/graphics/opengl/GraphicsContextGLOpenGLBase.cpp:
        (WebCore::GraphicsContextGLOpenGL::reshapeFBOs):
        (WebCore::GraphicsContextGLOpenGL::readPixels):
        * platform/graphics/opengl/GraphicsContextGLOpenGLCommon.cpp:
        (WebCore::GraphicsContextGLOpenGL::prepareTexture):
        (WebCore::GraphicsContextGLOpenGL::readRenderingResults):
        (WebCore::GraphicsContextGLOpenGL::reshape):
        (WebCore::GraphicsContextGLOpenGL::bindFramebuffer):
        (WebCore::GraphicsContextGLOpenGL::copyTexImage2D):
        (WebCore::GraphicsContextGLOpenGL::copyTexSubImage2D):
        (WebCore::GraphicsContextGLOpenGL::deleteFramebuffer):
        * platform/graphics/opengl/GraphicsContextGLOpenGLES.cpp:
        (WebCore::GraphicsContextGLOpenGL::readPixels):
        (WebCore::GraphicsContextGLOpenGL::reshapeFBOs):
        (WebCore::GraphicsContextGLOpenGL::GraphicsContextGLOpenGL):
        * platform/graphics/texmap/GraphicsContextGLTextureMapper.cpp:
        (WebCore::GraphicsContextGLOpenGL::GraphicsContextGLOpenGL):

2020-03-27  Chris Dumez  <cdumez@apple.com>

        HTMLTrackElement should be pending while it is waiting for LoadableTextTrack request
        https://bugs.webkit.org/show_bug.cgi?id=208798
        <rdar://problem/60325421>

        Reviewed by Geoffrey Garen.

        Have HTMLTrackElement and subclass ActiveDOMObject::hasPendingActivity() to keeps its
        wrapper alive if its in LOADING state and the page's script has relevant load events
        event listeners registered.

        No new tests, covered by media/track/track-disabled-addcue.html.

        * html/HTMLTrackElement.cpp:
        (WebCore::HTMLTrackElement::HTMLTrackElement):
        (WebCore::HTMLTrackElement::create):
        (WebCore::HTMLTrackElement::didCompleteLoad):
        (WebCore::HTMLTrackElement::readyState const):
        (WebCore::HTMLTrackElement::activeDOMObjectName const):
        (WebCore::HTMLTrackElement::eventListenersDidChange):
        (WebCore::HTMLTrackElement::hasPendingActivity const):
        (WebCore::HTMLTrackElement::readyState): Deleted.
        * html/HTMLTrackElement.h:
        * html/HTMLTrackElement.idl:

2020-03-27  Simon Fraser  <simon.fraser@apple.com>

        Hovering over countries at https://covidinc.io/ shows bizarre rendering artifacts
        https://bugs.webkit.org/show_bug.cgi?id=209635
        <rdar://problem/60935010>

        Reviewed by Said Abou-Hallawa.

        RenderSVGResourceClipper::applyClippingToContext() cached an ImageBuffer per RenderObject
        when using a image buffer mask. However, the function created and rendered into this image buffer
        using repaintRect, which can change between invocations. Painting with different repaintRects
        is very common when rendering into page tiles.

        The buffer can only be re-used if the inputs used to create the buffer (objectBoundingBox, absoluteTransform)
        are the same, so store those and compare them when determining when to use the cached buffer, and
        don't use repaintRect when setting up the buffer.

        This revealed another problem where renderers with visual overflow could be truncated by
        the clipping, tested by imported/mozilla/svg/svg-integration/clipPath-html-03.xhtml, which occurred
        because RenderLayer::setupClipPath() used the 'svgReferenceBox' for the clipping bounds, which
        is the content box of the renderer excluding overflow. Fix this by using the bounds of the layer,
        which includes the bounds of descendants.

        Tests: svg/clip-path/clip-path-on-overflowing.html
               svg/clip-path/resource-clipper-multiple-repaints.html

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::setupClipPath):
        * rendering/svg/RenderSVGResourceClipper.cpp:
        (WebCore::RenderSVGResourceClipper::removeAllClientsFromCache):
        (WebCore::RenderSVGResourceClipper::applyClippingToContext):
        (WebCore::RenderSVGResourceClipper::drawContentIntoMaskImage):
        (WebCore::RenderSVGResourceClipper::addRendererToClipper):
        (WebCore::RenderSVGResourceClipper::resourceBoundingBox):
        * rendering/svg/RenderSVGResourceClipper.h:

2020-03-27  Chris Dumez  <cdumez@apple.com>

        [StressGC] ASSERTION FAILED: m_wrapper under WebCore::MediaRecorder::dispatchError
        https://bugs.webkit.org/show_bug.cgi?id=209674
        <rdar://problem/60541201>

        Reviewed by Darin Adler.

        Keep the MediaRecorder wrapper alive while its state is not inactive (i.e. it is recording
        or paused), as it may still dispatch events.

        Also drop MediaRecorder::scheduleDeferredTask() and use the utility functions in
        ActiveDOMObject instead to achieve the same thing.

        No new tests, already covered by http/wpt/mediarecorder/MediaRecorder-onremovetrack.html.

        * Modules/mediarecorder/MediaRecorder.cpp:
        (WebCore::MediaRecorder::suspend):
        (WebCore::MediaRecorder::stopRecording):
        (WebCore::MediaRecorder::didAddOrRemoveTrack):
        (WebCore::MediaRecorder::hasPendingActivity const):
        (WebCore::MediaRecorder::scheduleDeferredTask): Deleted.
        * Modules/mediarecorder/MediaRecorder.h:

2020-03-27  Chris Dumez  <cdumez@apple.com>

        [StressGC] ASSERTION FAILED: m_wrapper under WebCore::WebGLRenderingContextBase::dispatchContextLostEvent
        https://bugs.webkit.org/show_bug.cgi?id=209660
        <rdar://problem/60541733>

        Reviewed by Darin Adler.

        Make HTMLCanvasElement an ActiveDOMObject since WebGLRenderingContextBase needs to dispatch events
        asynchronously on its canvas element. Update WebGLRenderingContextBase to use the HTML event loop
        to dispatch those events asynchronously instead of using suspendible timers.

        No new tests, already covered by webgl/max-active-contexts-webglcontextlost-prevent-default.html.

        * dom/TaskSource.h:
        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::HTMLCanvasElement):
        (WebCore::HTMLCanvasElement::create):
        (WebCore::HTMLCanvasElement::activeDOMObjectName const):
        * html/HTMLCanvasElement.h:
        * html/HTMLCanvasElement.idl:
        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::WebGLRenderingContextBase):
        (WebCore::WebGLRenderingContextBase::loseContextImpl):
        (WebCore::WebGLRenderingContextBase::scheduleTaskToDispatchContextLostEvent):
        (WebCore::WebGLRenderingContextBase::dispatchContextChangedNotification):
        (WebCore::WebGLRenderingContextBase::dispatchContextLostEvent): Deleted.
        (WebCore::WebGLRenderingContextBase::dispatchContextChangedEvent): Deleted.
        * html/canvas/WebGLRenderingContextBase.h:

2020-03-27  Simon Fraser  <simon.fraser@apple.com>

        Use Optional<> for a lazily-computed bounds rectangle
        https://bugs.webkit.org/show_bug.cgi?id=209659

        Reviewed by Zalan Bujtas.

        Replace LayoutRect& rootRelativeBounds, bool& rootRelativeBoundsComputed with Optional<LayoutRect>.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::setupClipPath):
        (WebCore::RenderLayer::setupFilters):
        (WebCore::RenderLayer::paintLayerContents):
        * rendering/RenderLayer.h:

2020-03-27  Wenson Hsieh  <wenson_hsieh@apple.com>

        DragData::containsURL() should avoid reading URL strings from the pasteboard
        https://bugs.webkit.org/show_bug.cgi?id=209642
        Work towards <rdar://problem/59611585>

        Reviewed by Tim Horton.

        Refactor the implementation of DragData::containsURL(), such that in WebKit2, the web process never needs to
        reason about the value of any string data in the pasteboard. We move most of the Cocoa-specific logic in
        DragData::containsURL into PlatformPasteboard, and add new PasteboardStrategy methods in support of this. See
        below for more details. There should be no change in behavior; however, this has the minor benefit of reducing
        the number of sync IPC to 1 (2 in the case of macOS) in both containsURL and asURL.

        * platform/PasteboardStrategy.h:

        Add new strategy methods containsURLStringSuitableForLoading and urlStringSuitableForLoading, which are used in
        DragData::containsURL and DragData::asURL, respectively.

        * platform/PlatformPasteboard.h:
        * platform/cocoa/DragDataCocoa.mm:
        (WebCore::DragData::containsURL const):

        In Cocoa platforms, the argument to containsURL was effectively unused. Leave only the type behind, now that we
        don't need to plumb it through to asURL() anymore.

        (WebCore::DragData::asURL const):

        In both asURL and containsURL, use the new PasteboardStrategy helpers to get information about loadable URLs in
        the drag pasteboard. A bit of macOS-specific code remains here since it relies on DragData::fileNames() --
        information which is not present in the platform pasteboard.

        * platform/cocoa/PlatformPasteboardCocoa.mm:
        (WebCore::PlatformPasteboard::urlStringSuitableForLoading):

        Move the Cocoa-specific implementation of DragData::asURL into PlatformPasteboardCocoa, since the implementation
        is mostly the same (with some minor additions for macOS). The only minor changes here (and below, in
        containsURLStringSuitableForLoading) is the use of URL::protocolIsInHTTPFamily() instead of checking that
        -[NSURL scheme] is equal to either @"http" or @"https".

        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::containsURLStringSuitableForLoading):

        Move the platform-dependent implementations of DragData::containsURL to PlatformPasteboardIOS and
        PlatformPasteboardMac. These implementations were already quite different, so this split into -IOS and -Mac
        files is cleaner than using #if and #else in the same method implementation.

        * platform/mac/PlatformPasteboardMac.mm:
        (WebCore::PlatformPasteboard::containsURLStringSuitableForLoading):

2020-03-27  Chris Dumez  <cdumez@apple.com>

        [StressGC] ASSERTION FAILED: m_wrapper under WebCore::MainThreadGenericEventQueue::dispatchOneEvent
        https://bugs.webkit.org/show_bug.cgi?id=209655
        <rdar://problem/60541442>

        Reviewed by Geoffrey Garen.

        TrackListBase should subclass ActiveDOMObject and keep its wrapper alive when there are pending
        events to be dispatched. TrackListBase has a queue to dispatch events asynchronously.

        No new tests, covered by media/track/track-remove-track.html.

        * html/track/AudioTrackList.cpp:
        (WebCore::AudioTrackList::activeDOMObjectName const):
        * html/track/AudioTrackList.h:
        * html/track/AudioTrackList.idl:
        * html/track/TextTrackList.cpp:
        (WebCore::TextTrackList::activeDOMObjectName const):
        * html/track/TextTrackList.h:
        * html/track/TextTrackList.idl:
        * html/track/TrackListBase.cpp:
        (WebCore::TrackListBase::TrackListBase):
        (WebCore::TrackListBase::hasPendingActivity const):
        * html/track/TrackListBase.h:
        * html/track/VideoTrackList.cpp:
        (WebCore::VideoTrackList::activeDOMObjectName const):
        * html/track/VideoTrackList.h:
        * html/track/VideoTrackList.idl:

2020-03-27  Rob Buis  <rbuis@igalia.com>

        Move applyUserAgentIfNeeded calls to a more central place
        https://bugs.webkit.org/show_bug.cgi?id=209587

        Reviewed by Darin Adler.

        Make main resource loads stop calling applyUserAgentIfNeeded
        and instead do it in the CachedResourceLoader.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::addExtraFieldsToRequest):
        * loader/appcache/ApplicationCacheGroup.cpp:
        (WebCore::ApplicationCacheGroup::createRequest):
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::updateHTTPRequestHeaders):
        (WebCore::CachedResourceLoader::requestResource):
        * loader/cache/CachedResourceLoader.h:
        * loader/cache/CachedResourceRequest.cpp:
        (WebCore::CachedResourceRequest::updateReferrerAndOriginHeaders):
        (WebCore::CachedResourceRequest::updateUserAgentHeader):
        (WebCore::CachedResourceRequest::updateReferrerOriginAndUserAgentHeaders): Deleted.
        * loader/cache/CachedResourceRequest.h:

2020-03-27  youenn fablet  <youenn@apple.com>

        Filter DOMCache records in network process to reduce the number of records being sent to WebProcess
        https://bugs.webkit.org/show_bug.cgi?id=209469
        <rdar://problem/55207565>

        Reviewed by Alex Christensen.

        Instead of retrieving all records and filtering them in WebProcess, WebProcess is now
        sending filtering options to NetworkProcess.
        In case of keys, ask network process to not send back any response.

        Covered by existing tests.

        * Headers.cmake:
        * Modules/cache/CacheStorageConnection.h:
        * Modules/cache/DOMCache.cpp:
        (WebCore::DOMCache::doMatch):
        (WebCore::DOMCache::matchAll):
        (WebCore::DOMCache::keys):
        (WebCore::DOMCache::queryCache):
        (WebCore::DOMCache::retrieveRecords): Deleted.
        (WebCore::DOMCache::queryCacheWithTargetStorage): Deleted.
        * Modules/cache/DOMCache.h:
        * Modules/cache/WorkerCacheStorageConnection.cpp:
        (WebCore::WorkerCacheStorageConnection::retrieveRecords):
        * Modules/cache/WorkerCacheStorageConnection.h:
        * WebCore.xcodeproj/project.pbxproj:
        * page/CacheStorageProvider.h:

2020-03-27  Miguel Gomez  <magomez@igalia.com>

        [WPE] Unnecessary gl synchronization when using an OpenMAX video decoder and GLES2
        https://bugs.webkit.org/show_bug.cgi?id=209647

        Reviewed by Adrian Perez de Castro.

        Don't perform the call to gst_gl_sync_meta_wait_cpu() when using an OpenMAX decoder,
        as we don't need synchronization in that case and the internal call to glFinish()
        casues an important fps drop.

        * platform/graphics/gstreamer/GStreamerCommon.h:
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::GstVideoFrameHolder::waitForCPUSync):
        (WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin):

2020-03-27  Chris Lord  <clord@igalia.com>

        [GTK][WPE] Enable kinetic scrolling with async rendering
        https://bugs.webkit.org/show_bug.cgi?id=209230

        Reviewed by Žan Doberšek.

        Refactor ScrollAnimationKinetic so that it no longer depends on
        ScrollableArea, uses RunLoop::Timer and is responsible for tracking
        the history of scroll events. This allows it to be used in
        ScrollingTree*ScrollingNodeNicosia to provide kinetic scrolling when
        async scrolling is enabled, on GTK and WPE.

        No new tests, this just enables existing functionality in more situations.

        * page/scrolling/ScrollingTreeScrollingNode.cpp:
        (WebCore::ScrollingTreeScrollingNode::scrollTo):
        * page/scrolling/ScrollingTreeScrollingNode.h:
        * page/scrolling/nicosia/ScrollingTreeFrameScrollingNodeNicosia.cpp:
        (WebCore::ScrollingTreeFrameScrollingNodeNicosia::ScrollingTreeFrameScrollingNodeNicosia):
        (WebCore::ScrollingTreeFrameScrollingNodeNicosia::handleWheelEvent):
        (WebCore::ScrollingTreeFrameScrollingNodeNicosia::stopScrollAnimations):
        * page/scrolling/nicosia/ScrollingTreeFrameScrollingNodeNicosia.h:
        * page/scrolling/nicosia/ScrollingTreeOverflowScrollingNodeNicosia.cpp:
        (WebCore::ScrollingTreeOverflowScrollingNodeNicosia::ScrollingTreeOverflowScrollingNodeNicosia):
        (WebCore::ScrollingTreeOverflowScrollingNodeNicosia::handleWheelEvent):
        (WebCore::ScrollingTreeOverflowScrollingNodeNicosia::stopScrollAnimations):
        * page/scrolling/nicosia/ScrollingTreeOverflowScrollingNodeNicosia.h:
        * platform/ScrollAnimationKinetic.cpp:
        (WebCore::ScrollAnimationKinetic::ScrollAnimationKinetic):
        (WebCore::ScrollAnimationKinetic::appendToScrollHistory):
        (WebCore::ScrollAnimationKinetic::clearScrollHistory):
        (WebCore::ScrollAnimationKinetic::computeVelocity):
        (WebCore::ScrollAnimationKinetic::start):
        * platform/ScrollAnimationKinetic.h:
        * platform/generic/ScrollAnimatorGeneric.cpp:
        (WebCore::ScrollAnimatorGeneric::ScrollAnimatorGeneric):
        (WebCore::ScrollAnimatorGeneric::scrollToOffsetWithoutAnimation):
        (WebCore::ScrollAnimatorGeneric::handleWheelEvent):
        (WebCore::ScrollAnimatorGeneric::willEndLiveResize):
        (WebCore::ScrollAnimatorGeneric::didAddVerticalScrollbar):
        (WebCore::ScrollAnimatorGeneric::didAddHorizontalScrollbar):
        * platform/generic/ScrollAnimatorGeneric.h:

2020-03-27  Michael Catanzaro  <mcatanzaro@gnome.org>

        Update Chrome and Firefox versions in user agent quirks
        https://bugs.webkit.org/show_bug.cgi?id=209631

        Reviewed by Carlos Garcia Campos.

        * platform/UserAgentQuirks.cpp:
        (WebCore::UserAgentQuirks::stringForQuirk):

2020-03-26  Don Olmstead  <don.olmstead@sony.com>

        [MSVC] Remove experimental lambda processor usage
        https://bugs.webkit.org/show_bug.cgi?id=209358

        Reviewed by Fujii Hironori.

        Fix build for Visual Studio scoping issue for lambdas. The experimental lambada
        processor did build this code but is now failing to build WebKit at all.

        * dom/DocumentStorageAccess.cpp:
        (WebCore::DocumentStorageAccess::requestStorageAccess):

2020-03-26  Peng Liu  <peng.liu6@apple.com>

        Swipe down gestures cause the video layer to stick for a moment before bouncing back into place
        https://bugs.webkit.org/show_bug.cgi?id=209610

        Reviewed by Eric Carlson.

        Fix an exit fullscreen animation issue by firing the end fullscreen event
        to let the page change the video element back to its original position/size
        before exiting fullscreen.

        Covered by existing tests.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::dispatchEvent):
        (WebCore::HTMLMediaElement::exitFullscreen):

2020-03-26  Michael Catanzaro  <mcatanzaro@gnome.org>

        Fix various compiler warnings
        https://bugs.webkit.org/show_bug.cgi?id=209438

        Reviewed by Darin Adler.

        * dom/Element.cpp: Fix -Wunused-variable warnings.
        (WebCore::Element::webAnimations const):
        (WebCore::Element::cssAnimations const):
        (WebCore::Element::transitions const):
        (WebCore::Element::hasCompletedTransitionsForProperty const):
        (WebCore::Element::hasRunningTransitionsForProperty const):
        (WebCore::Element::hasRunningTransitions const):
        * page/scrolling/ThreadedScrollingTree.cpp: Fix -Wunused-variable warning.
        (WebCore::ThreadedScrollingTree::scrollingTreeNodeDidScroll):
        * platform/network/HTTPParsers.h: Fix -Wredundant-move warning.
        (WebCore::parseAccessControlAllowList):

2020-03-26  Sihui Liu  <sihui_liu@apple.com>

        REGRESSION(r259034): access to null UniqueIDBDatabase in UniqueIDBDatabaseConnection::~UniqueIDBDatabaseConnection()
        https://bugs.webkit.org/show_bug.cgi?id=209618
        <rdar://problem/60919105>

        Reviewed by Geoffrey Garen.

        It's possible UniqueIDBDatabase is destroyed before UniqueIDBDatabaseConnection in 
        UniqueIDBDatabase::connectionClosedFromClient, so it's better not access 
        UniqueIDBDatabase in ~UniqueIDBDatabaseConnection() and let UniqueIDBDatabaseConnection have a IDBServer member.

        * Modules/indexeddb/server/UniqueIDBDatabaseConnection.cpp:
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::UniqueIDBDatabaseConnection):
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::~UniqueIDBDatabaseConnection):
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::abortTransactionWithoutCallback):
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::connectionClosedFromClient):
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::didFireVersionChangeEvent):
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::didFinishHandlingVersionChange):
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::establishTransaction):
        * Modules/indexeddb/server/UniqueIDBDatabaseConnection.h:
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::database):
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::server):

2020-03-26  Daniel Bates  <dabates@apple.com>

        Remove hitTestOrder from ElementContext as it is no longer need
        https://bugs.webkit.org/show_bug.cgi?id=209561
        <rdar://problem/60888305>

        Reviewed by Wenson Hsieh.

        Revert the temporary workaround made in r257749 as <rdar://problem/59602885>
        has been fixed.

        * dom/ElementContext.h:
        (WebCore::ElementContext::encode const):
        (WebCore::ElementContext::decode):

2020-03-26  Tim Horton  <timothy_horton@apple.com>

        Pinch to zoom gesture has to be repeated twice if the cursor isn't moved between gestures
        https://bugs.webkit.org/show_bug.cgi?id=203132
        <rdar://problem/27439348>

        Reviewed by Simon Fraser.

        * page/EventHandler.h:

2020-03-26  Chris Dumez  <cdumez@apple.com>

        [StressGC] ASSERTION FAILED: m_wrapper under WebCore::HTMLMediaElement::dispatchEvent
        https://bugs.webkit.org/show_bug.cgi?id=209616
        <rdar://problem/60541294>

        Reviewed by Saam Barati.

        HTMLMediaElement::hasPendingActivity() should return true if there are pending tasks on
        m_playbackTargetIsWirelessQueue since the tasks we enqueue there dispatch events.

        No new tests, covered by media/modern-media-controls/placard-support/placard-support-airplay.html.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::hasPendingActivity const):

2020-03-26  Chris Dumez  <cdumez@apple.com>

        [ Mac wk1] ASSERTION FAILED: m_wrapper under WebCore::XMLHttpRequestUpload::dispatchProgressEvent
        https://bugs.webkit.org/show_bug.cgi?id=209560
        <rdar://problem/60887773>

        Reviewed by Geoffrey Garen.

        XMLHttpRequest::hasPendingActivity() was returning false if the XMLHttpRequest object did not
        have any relevant event listeners. However, the XMLHttpRequestUpload's wrapper lifetime is tried
        to the lifetime of its XMLHttpRequest wrapper. As a result, both the XMLHttpRequest and
        XMLHttpRequestUpload wrappers could get garbage collected if the XMLHttpRequest did not have a
        relevant listener, even though XMLHttpRequestUpload may have a relevant event listeners. We would
        then hit the assertion when trying to fire an event on this XMLHttpRequestUpload object.

        To address the issue, we update XMLHttpRequest::hasPendingActivity() to return false if both
        XMLHttpRequest AND XMLHttpRequestUpload have no relevant event listeners.

        No new tests, covered by imported/w3c/web-platform-tests/xhr/send-response-upload-event-progress.htm

        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::hasPendingActivity const):
        * xml/XMLHttpRequestUpload.cpp:
        (WebCore::XMLHttpRequestUpload::eventListenersDidChange):
        * xml/XMLHttpRequestUpload.h:

2020-03-26  Ryosuke Niwa  <rniwa@webkit.org>

        Crash in RadioButtonGroups::requiredStateChanged
        https://bugs.webkit.org/show_bug.cgi?id=209585

        Reviewed by Zalan Bujtas.

        Like r254722, radio group could be null in RadioButtonGroups::requiredStateChanged. Added a null check.

        Test: fast/forms/update-required-state-on-radio-before-finalizing-tree-insertion-crash.html

        * dom/RadioButtonGroups.cpp:
        (WebCore::RadioButtonGroups::requiredStateChanged):

2020-03-26  Charlie Turner  <cturner@igalia.com>

        [GStreamer] Fix missing NULL-check in setSyncOnClock
        https://bugs.webkit.org/show_bug.cgi?id=209609

        Unreviewed, simple fix.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::setSyncOnClock): Some systems are configured so that
        audio sinks are not available. Make sure not to crash when asking
        to sync with a NULL sink.

2020-03-26  Chris Dumez  <cdumez@apple.com>

        REGRESSION: ASSERTION FAILED: m_wrapper on storage/indexeddb/modern/abort-requests tests
        https://bugs.webkit.org/show_bug.cgi?id=209499
        <rdar://problem/60842165>

        Reviewed by Alex Christensen.

        IDBTransaction::hasPendingActivity() was failing to consult ActiveDOMObject::hasPendingActivity()
        so the JS wrapper would get garbage collected even though the ActiveDOMObject base class was
        aware of some pending activity.

        No new tests, unskipped existing tests.

        * Modules/indexeddb/IDBTransaction.cpp:
        (WebCore::IDBTransaction::hasPendingActivity const):

2020-03-25  Ryosuke Niwa  <rniwa@webkit.org>

        Sequential focus navigation can't get out of a descendent of a slot element in a document tree
        https://bugs.webkit.org/show_bug.cgi?id=199633

        Reviewed by Darin Adler.

        The bug was caused by slot element outside a shadow tree not being treated as a focus navigation
        scope owner as specified in the HTML5 specification:
        https://html.spec.whatwg.org/multipage/interaction.html#focus-navigation-scope-owner

        Fixed the bug by treating it as such unless custom focusing behavior is used.

        Test: fast/shadow-dom/focus-across-slot-outside-shadow-tree.html

        * page/FocusController.cpp:
        (WebCore::isFocusScopeOwner):

2020-03-26  Kate Cheney  <katherine_cheney@apple.com>

        ScopeRuleSets::initializeUserStyle() should not add console logging if there are no injected user style sheets
        https://bugs.webkit.org/show_bug.cgi?id=209548
        <rdar://problem/60851745>

        Reviewed by Darin Adler.

        Logging when there are no injected user style sheets is unnecessary and confusing.

        * style/StyleScopeRuleSets.cpp:
        (WebCore::Style::ScopeRuleSets::initializeUserStyle):

2020-03-26  Alexey Proskuryakov  <ap@apple.com>

        REGRESSION(r259042): It creates some test failures (Requested by youenn on #webkit).
        Roll back the patch.

2020-03-26  Antti Koivisto  <antti@apple.com>

        REGRESSION (r254669): Expand media button doesn't work on first try on photos on reddit.com
        https://bugs.webkit.org/show_bug.cgi?id=209590
        <rdar://problem/60461809>

        Reviewed by Darin Adler.

        Image intrinsic size computed from width/height attributes is ignored during preferred width computation
        (used for float sizing in this case). This creates a mismatch between layout and preferred width computation,
        causing the final image size to be miscomputed.

        Test: fast/images/preferred-width-computation-with-attribute-intrinsic-size.html

        * rendering/RenderReplaced.cpp:
        (WebCore::RenderReplaced::computePreferredLogicalWidths const):

        Compute attribute based intrinsic size already during preferred width computation if needed.

2020-03-26  Nikos Mouchtaris  <nmouchtaris@apple.com>

        Remove manual redacting of billing contact after wallet fix for rdar://problem/59075234
        https://bugs.webkit.org/show_bug.cgi?id=209557
        <rdar://problem/60883506>

        Reviewed by Andy Estes.

        Removed manual redaction of billing address after wallet fixed
        their redaction code.

        No new tests. Current tests cover this functionality.

        * Modules/applepay/cocoa/PaymentMethodCocoa.mm:
        (WebCore::convert):

2020-03-26  Per Arne Vollan  <pvollan@apple.com>

        [iOS] Adopt ScreenProperties class.
        https://bugs.webkit.org/show_bug.cgi?id=191767

        Reviewed by Brent Fulgham.

        On macOS, the ScreenProperties class is used to collect screen properties in the UI process
        and forward these to the Web process. We should also do this on iOS, in order to be able
        to block frontboard services.
 
        No new tests. Covered by existing tests.

        * Sources.txt:
        * platform/PlatformScreen.h:
        * platform/ScreenProperties.h:
        (WebCore::ScreenData::encode const):
        (WebCore::ScreenData::decode):
        * platform/ios/PlatformScreenIOS.mm:
        (WebCore::screenIsMonochrome):
        (WebCore::screenHasInvertedColors):
        (WebCore::screenSupportsExtendedColor):
        (WebCore::collectScreenProperties):
        * platform/mac/PlatformScreenMac.mm:
        (WebCore::primaryOpenGLDisplayMask):
        (WebCore::displayMaskForDisplay):
        (WebCore::primaryGPUID):
        (WebCore::gpuIDForDisplay):
        (WebCore::screenIsMonochrome):
        (WebCore::screenHasInvertedColors):
        (WebCore::screenDepth):
        (WebCore::screenDepthPerComponent):
        (WebCore::screenRectForDisplay):
        (WebCore::screenRect):
        (WebCore::screenAvailableRect):
        (WebCore::screenColorSpace):
        (WebCore::screenSupportsExtendedColor):
        (WebCore::screenProperties): Deleted.
        (WebCore::primaryScreenDisplayID): Deleted.
        (WebCore::setScreenProperties): Deleted.
        (WebCore::screenData): Deleted.
        (WebCore::getScreenProperties): Deleted.

2020-03-26  Rob Buis  <rbuis@igalia.com>

        Take into account referrer-policy in append Origin header algorithm
        https://bugs.webkit.org/show_bug.cgi?id=209066

        Reviewed by Youenn Fablet.

        Start taking into account referrer-policy in more places when we
        append the origin header [1]. To prevent computing SecurityOrigin
        needlessly add a helper function doesRequestNeedHTTPOriginHeader.

        [1] https://fetch.spec.whatwg.org/#append-a-request-origin-header

        * loader/FormSubmission.cpp:
        (WebCore::FormSubmission::populateFrameLoadRequest):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::addExtraFieldsToRequest):
        (WebCore::FrameLoader::loadResourceSynchronously):
        (WebCore::FrameLoader::loadDifferentDocumentItem):
        (WebCore::FrameLoader::addHTTPOriginIfNeeded): Deleted.
        * loader/FrameLoader.h:
        * loader/NavigationScheduler.cpp:
        * loader/PingLoader.cpp:
        (WebCore::PingLoader::sendPing):
        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::checkRedirectionCrossOriginAccessControl):
        * loader/cache/CachedResourceRequest.cpp:
        (WebCore::CachedResourceRequest::updateReferrerOriginAndUserAgentHeaders):
        * platform/network/ResourceRequestBase.cpp:
        (WebCore::doesRequestNeedHTTPOriginHeader):
        * platform/network/ResourceRequestBase.h:

2020-03-25  Sihui Liu  <sihui_liu@apple.com>

        IndexedDB: destroy UniqueIDBDatabase when it's not used
        https://bugs.webkit.org/show_bug.cgi?id=209532

        Reviewed by Geoffrey Garen.

        Reviewed by Geoffrey Garen.

        When all connections of a UniqueIDBDatabase object are closed and there are no pending reuqests, the 
        object may not be used any more. We should delete it for better memory use.

        * Modules/indexeddb/server/IDBServer.cpp:
        (WebCore::IDBServer::IDBServer::removeUniqueIDBDatabase):
        (WebCore::IDBServer::IDBServer::closeAndTakeUniqueIDBDatabase): Deleted.
        * Modules/indexeddb/server/IDBServer.h:
        * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
        (WebCore::IDBServer::UniqueIDBDatabase::handleDelete):
        (WebCore::IDBServer::UniqueIDBDatabase::connectionClosedFromClient):
        (WebCore::IDBServer::UniqueIDBDatabase::tryCloseAndRemoveFromServer):
        * Modules/indexeddb/server/UniqueIDBDatabase.h:

2020-03-25  Said Abou-Hallawa  <sabouhallawa@apple.com>

        [ macOS ] svg/custom/textPath-change-id-pattern.svg is flakey failing
        https://bugs.webkit.org/show_bug.cgi?id=208532

        Reviewed by Darin Adler.

        In this layout test, the id of a <path> element changes. This <path> is
        referenced by a <textPath> element which is a child of a <pattern> element.
        The <pattern> element is used to fill a <rect> element.

        This patch ensures all clients (<rect>) of the resource ancestor (<pattern>)
        of any sub-resource (<textPath>) is marked for repaint when the id of a
        sub-sub-resource (<path>) changes.

        * rendering/svg/RenderSVGResourceContainer.cpp:
        (WebCore::RenderSVGResourceContainer::markAllClientsForRepaint):
        * rendering/svg/RenderSVGResourceContainer.h:
        * svg/SVGElement.cpp:
        (WebCore::SVGElement::buildPendingResourcesIfNeeded):
        (WebCore::SVGElement::invalidateInstances):
        Unrelated change. This is a leftover from r179807 which was converting a
        "do { } while();" statement to "while() { }" statement.

2020-03-25  Jack Lee  <shihchieh_lee@apple.com>

        Nullptr crash in WebCore::Node::isDescendantOf when inserting list
        https://bugs.webkit.org/show_bug.cgi?id=209529
        <rdar://problem/60693542>

        Reviewed by Darin Adler.

        The visible positions may be null if the DOM tree is altered before an edit command is applied. 
        Add null check for visible positions at the beginning of InsertListCommand::doApply.

        Test: editing/inserting/insert-list-during-node-removal-crash.html

        * editing/InsertListCommand.cpp:
        (WebCore::InsertListCommand::doApply):

2020-03-25  Alexey Shvayka  <shvaikalesh@gmail.com>

        Invalid numeric and named references should be early syntax errors
        https://bugs.webkit.org/show_bug.cgi?id=178175

        Reviewed by Ross Kirsling.

        Accounts for changes of YarrParser's Delegate interface, no behavioral changes.
        resetForReparsing() is never called because we disable numeric backrefences
        and named forward references (see arguments of Yarr::parse() call).

        Test: TestWebKitAPI.ContentExtensionTest.ParsingFailures

        * contentextensions/URLFilterParser.cpp:
        (WebCore::ContentExtensions::PatternParser::resetForReparsing):
        (WebCore::ContentExtensions::URLFilterParser::addPattern):
        (WebCore::ContentExtensions::PatternParser::isValidNamedForwardReference): Deleted.

2020-03-25  Pinki Gyanchandani  <pgyanchandani@apple.com>

        CanvasRenderingContext2D.putImageData() should not process neutered ImageData
        https://bugs.webkit.org/show_bug.cgi?id=208303

        Reviewed by Said Abou-Hallawa.

        Test: fast/canvas/canvas-putImageData-neutered-ImageData.html

        The crash happens when putImageData is called on a neutered ImageData object. 
        Added a check to exit from CanvasRenderingContext2D.putImageData() function when ImageData object is neutered.

        * html/canvas/CanvasRenderingContext2DBase.cpp:
        (WebCore::CanvasRenderingContext2DBase::putImageData):

2020-03-25  Chris Dumez  <cdumez@apple.com>

        Use JSC::EnsureStillAliveScope RAII object in the generated bindings code
        https://bugs.webkit.org/show_bug.cgi?id=209552

        Reviewed by Yusuke Suzuki.

        Use JSC::EnsureStillAliveScope RAII object in the generated bindings code
        instead of explicit ensureStillAlive() calls. This makes the bindings
        generator code simpler and results in nicer generated code too.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateParametersCheck):
        (GenerateWriteBarriersForArguments):
        (GenerateImplementationFunctionCall):
        (GenerateEnsureStillAliveCallsForArguments): Deleted.
        * bindings/scripts/test/JS/JSMapLike.cpp:
        (WebCore::jsMapLikePrototypeFunctionGetBody):
        (WebCore::jsMapLikePrototypeFunctionHasBody):
        (WebCore::jsMapLikePrototypeFunctionForEachBody):
        (WebCore::jsMapLikePrototypeFunctionSetBody):
        (WebCore::jsMapLikePrototypeFunctionDeleteBody):
        * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
        (WebCore::jsReadOnlyMapLikePrototypeFunctionGetBody):
        (WebCore::jsReadOnlyMapLikePrototypeFunctionHasBody):
        (WebCore::jsReadOnlyMapLikePrototypeFunctionForEachBody):
        * bindings/scripts/test/JS/JSReadOnlySetLike.cpp:
        (WebCore::jsReadOnlySetLikePrototypeFunctionHasBody):
        (WebCore::jsReadOnlySetLikePrototypeFunctionForEachBody):
        * bindings/scripts/test/JS/JSSetLike.cpp:
        (WebCore::jsSetLikePrototypeFunctionHasBody):
        (WebCore::jsSetLikePrototypeFunctionForEachBody):
        (WebCore::jsSetLikePrototypeFunctionAddBody):
        (WebCore::jsSetLikePrototypeFunctionDeleteBody):
        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        (WebCore::jsTestActiveDOMObjectPrototypeFunctionExcitingFunctionBody):
        (WebCore::jsTestActiveDOMObjectPrototypeFunctionPostMessageBody):
        (WebCore::jsTestActiveDOMObjectPrototypeFunctionOverloadedMethod1Body):
        (WebCore::jsTestActiveDOMObjectPrototypeFunctionOverloadedMethod2Body):
        * bindings/scripts/test/JS/JSTestCallTracer.cpp:
        (WebCore::jsTestCallTracerPrototypeFunctionTestOperationWithArgumentsBody):
        (WebCore::jsTestCallTracerPrototypeFunctionTestOperationWithNullableArgumentBody):
        (WebCore::jsTestCallTracerPrototypeFunctionTestOperationWithVariantArgumentBody):
        (WebCore::jsTestCallTracerPrototypeFunctionTestOperationWithNullableVariantArgumentBody):
        (WebCore::jsTestCallTracerPrototypeFunctionTestOperationWithOptionalVariantArgumentBody):
        (WebCore::jsTestCallTracerPrototypeFunctionTestOperationWithDefaultVariantArgumentBody):
        * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
        (WebCore::jsTestDOMJITPrototypeFunctionGetAttributeBody):
        (WebCore::jsTestDOMJITPrototypeFunctionItemBody):
        (WebCore::jsTestDOMJITPrototypeFunctionGetElementByIdBody):
        (WebCore::jsTestDOMJITPrototypeFunctionGetElementsByNameBody):
        * bindings/scripts/test/JS/JSTestEnabledBySetting.cpp:
        (WebCore::jsTestEnabledBySettingPrototypeFunctionEnabledBySettingOperationBody):
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        (WebCore::JSTestEventConstructorConstructor::construct):
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        (WebCore::jsTestEventTargetPrototypeFunctionItemBody):
        * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
        (WebCore::jsTestGlobalObjectInstanceFunctionRegularOperationBody):
        (WebCore::jsTestGlobalObjectInstanceFunctionEnabledAtRuntimeOperation1Body):
        (WebCore::jsTestGlobalObjectInstanceFunctionEnabledAtRuntimeOperation2Body):
        (WebCore::jsTestGlobalObjectConstructorFunctionEnabledAtRuntimeOperationStaticBody):
        (WebCore::jsTestGlobalObjectInstanceFunctionEnabledInSpecificWorldBody):
        (WebCore::jsTestGlobalObjectInstanceFunctionEnabledInSpecificWorldWhenRuntimeFeatureEnabledBody):
        (WebCore::jsTestGlobalObjectInstanceFunctionEnabledInSpecificWorldWhenRuntimeFeaturesEnabledBody):
        * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp:
        (WebCore::jsTestIndexedSetterWithIdentifierPrototypeFunctionIndexedSetterBody):
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        (WebCore::JSTestInterfaceConstructor::construct):
        (WebCore::jsTestInterfacePrototypeFunctionImplementsMethod2Body):
        (WebCore::jsTestInterfacePrototypeFunctionSupplementalMethod2Body):
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
        (WebCore::jsTestMediaQueryListListenerPrototypeFunctionMethodBody):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp:
        (WebCore::jsTestNamedAndIndexedSetterWithIdentifierPrototypeFunctionNamedSetterBody):
        (WebCore::jsTestNamedAndIndexedSetterWithIdentifierPrototypeFunctionIndexedSetterBody):
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
        (WebCore::JSTestNamedConstructorNamedConstructor::construct):
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp:
        (WebCore::jsTestNamedDeleterWithIdentifierPrototypeFunctionNamedDeleterBody):
        * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp:
        (WebCore::jsTestNamedGetterWithIdentifierPrototypeFunctionGetterNameBody):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp:
        (WebCore::jsTestNamedSetterWithIdentifierPrototypeFunctionNamedSetterBody):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp:
        (WebCore::jsTestNamedSetterWithIndexedGetterPrototypeFunctionNamedSetterBody):
        (WebCore::jsTestNamedSetterWithIndexedGetterPrototypeFunctionIndexedSetterBody):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp:
        (WebCore::jsTestNamedSetterWithIndexedGetterAndSetterPrototypeFunctionNamedSetterBody):
        (WebCore::jsTestNamedSetterWithIndexedGetterAndSetterPrototypeFunctionIndexedSetter1Body):
        (WebCore::jsTestNamedSetterWithIndexedGetterAndSetterPrototypeFunctionIndexedSetter2Body):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::JSTestObjConstructor::construct):
        (WebCore::callJSTestObj1):
        (WebCore::callJSTestObj2):
        (WebCore::jsTestObjPrototypeFunctionEnabledAtRuntimeOperation1Body):
        (WebCore::jsTestObjPrototypeFunctionEnabledAtRuntimeOperation2Body):
        (WebCore::jsTestObjConstructorFunctionEnabledAtRuntimeOperationStaticBody):
        (WebCore::jsTestObjPrototypeFunctionEnabledInSpecificWorldWhenRuntimeFeatureEnabledBody):
        (WebCore::jsTestObjPrototypeFunctionWorldSpecificMethodBody):
        (WebCore::jsTestObjPrototypeFunctionVoidMethodWithArgsBody):
        (WebCore::jsTestObjPrototypeFunctionByteMethodWithArgsBody):
        (WebCore::jsTestObjPrototypeFunctionOctetMethodWithArgsBody):
        (WebCore::jsTestObjPrototypeFunctionLongMethodWithArgsBody):
        (WebCore::jsTestObjPrototypeFunctionObjMethodWithArgsBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithArgTreatingNullAsEmptyStringBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithXPathNSResolverParameterBody):
        (WebCore::jsTestObjPrototypeFunctionNullableStringSpecialMethodBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithEnumArgBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithStandaloneEnumArgBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalEnumArgBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalEnumArgAndDefaultValueBody):
        (WebCore::jsTestObjPrototypeFunctionMethodThatRequiresAllArgsAndThrowsBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithUSVStringArgBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithNullableUSVStringArgBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithUSVStringArgTreatingNullAsEmptyStringBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithByteStringArgBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithNullableByteStringArgBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithByteStringArgTreatingNullAsEmptyStringBody):
        (WebCore::jsTestObjPrototypeFunctionSerializedValueBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithRecordBody):
        (WebCore::jsTestObjPrototypeFunctionPrivateMethodBody):
        (WebCore::jsTestObjPrototypeFunctionPublicAndPrivateMethodBody):
        (WebCore::jsTestObjPrototypeFunctionAddEventListenerBody):
        (WebCore::jsTestObjPrototypeFunctionRemoveEventListenerBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalArgBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalArgAndDefaultValueBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithNonOptionalArgAndOptionalArgBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithNonOptionalArgAndTwoOptionalArgsBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalStringBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalUSVStringBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalAtomStringBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalStringAndDefaultValueBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalAtomStringAndDefaultValueBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalStringIsNullBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalStringIsUndefinedBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalAtomStringIsNullBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalStringIsEmptyStringBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalUSVStringIsEmptyStringBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalAtomStringIsEmptyStringBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalDoubleIsNaNBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalFloatIsNaNBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalLongLongBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalLongLongIsZeroBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalUnsignedLongLongBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalUnsignedLongLongIsZeroBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalSequenceBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalSequenceIsEmptyBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalBooleanBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalBooleanIsFalseBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalAnyBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalObjectBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalNullableWrapperBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalNullableWrapperIsNullBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalXPathNSResolverBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalRecordBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalPromiseBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithCallbackArgBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithNonCallbackArgAndCallbackArgBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithCallbackAndOptionalArgBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithCallbackFunctionArgBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithNonCallbackArgAndCallbackFunctionArgBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithCallbackFunctionAndOptionalArgBody):
        (WebCore::jsTestObjConstructorFunctionStaticMethodWithCallbackAndOptionalArgBody):
        (WebCore::jsTestObjConstructorFunctionStaticMethodWithCallbackArgBody):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod1Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod2Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod3Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod4Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod5Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod6Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod7Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod8Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod9Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod10Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod11Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod12Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethodWithOptionalParameter1Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethodWithOptionalParameter2Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethodWithDistinguishingUnion1Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethodWithDistinguishingUnion2Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethodWith2DistinguishingUnions1Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethodWith2DistinguishingUnions2Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethodWithNonDistinguishingUnion1Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethodWithNonDistinguishingUnion2Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadWithNullableUnion1Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadWithNullableUnion2Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadWithOptionalUnion1Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadWithOptionalUnion2Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadWithNullableNonDistinguishingParameter1Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadWithNullableNonDistinguishingParameter2Body):
        (WebCore::jsTestObjConstructorFunctionClassMethodWithOptionalBody):
        (WebCore::jsTestObjConstructorFunctionOverloadedMethod11Body):
        (WebCore::jsTestObjConstructorFunctionOverloadedMethod12Body):
        (WebCore::jsTestObjPrototypeFunctionClassMethodWithClampBody):
        (WebCore::jsTestObjPrototypeFunctionClassMethodWithClampOnOptionalBody):
        (WebCore::jsTestObjPrototypeFunctionClassMethodWithEnforceRangeBody):
        (WebCore::jsTestObjPrototypeFunctionClassMethodWithEnforceRangeOnOptionalBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithUnsignedLongSequenceBody):
        (WebCore::jsTestObjPrototypeFunctionStringArrayFunctionBody):
        (WebCore::jsTestObjPrototypeFunctionDomStringListFunctionBody):
        (WebCore::jsTestObjPrototypeFunctionOperationWithOptionalUnionParameterBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithAndWithoutNullableSequenceBody):
        (WebCore::jsTestObjPrototypeFunctionGetElementByIdBody):
        (WebCore::jsTestObjPrototypeFunctionConvert1Body):
        (WebCore::jsTestObjPrototypeFunctionConvert2Body):
        (WebCore::jsTestObjPrototypeFunctionConvert3Body):
        (WebCore::jsTestObjPrototypeFunctionConvert4Body):
        (WebCore::jsTestObjPrototypeFunctionVariadicStringMethodBody):
        (WebCore::jsTestObjPrototypeFunctionVariadicDoubleMethodBody):
        (WebCore::jsTestObjPrototypeFunctionVariadicNodeMethodBody):
        (WebCore::jsTestObjPrototypeFunctionVariadicUnionMethodBody):
        (WebCore::jsTestObjPrototypeFunctionAnyBody):
        (WebCore::jsTestObjPrototypeFunctionTestPromiseFunctionWithFloatArgumentBody):
        (WebCore::jsTestObjPrototypeFunctionTestPromiseFunctionWithOptionalIntArgumentBody):
        (WebCore::jsTestObjPrototypeFunctionTestPromiseOverloadedFunction1Body):
        (WebCore::jsTestObjPrototypeFunctionTestPromiseOverloadedFunction2Body):
        (WebCore::jsTestObjPrototypeFunctionConditionalOverload1Body):
        (WebCore::jsTestObjPrototypeFunctionConditionalOverload2Body):
        (WebCore::jsTestObjPrototypeFunctionSingleConditionalOverload1Body):
        (WebCore::jsTestObjPrototypeFunctionSingleConditionalOverload2Body):
        (WebCore::jsTestObjPrototypeFunctionAttachShadowRootBody):
        (WebCore::jsTestObjPrototypeFunctionOperationWithExternalDictionaryParameterBody):
        (WebCore::jsTestObjPrototypeFunctionBufferSourceParameterBody):
        (WebCore::jsTestObjPrototypeFunctionLegacyCallerNamedBody):
        (WebCore::jsTestObjPrototypeFunctionTestReturnValueOptimizationBody):
        (WebCore::jsTestObjPrototypeFunctionTestReturnValueOptimizationWithExceptionBody):
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        (WebCore::constructJSTestOverloadedConstructors1):
        (WebCore::constructJSTestOverloadedConstructors2):
        (WebCore::constructJSTestOverloadedConstructors3):
        (WebCore::constructJSTestOverloadedConstructors4):
        * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
        (WebCore::constructJSTestOverloadedConstructorsWithSequence1):
        (WebCore::constructJSTestOverloadedConstructorsWithSequence2):
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
        (WebCore::jsTestOverrideBuiltinsPrototypeFunctionNamedItemBody):
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:
        (WebCore::JSTestPromiseRejectionEventConstructor::construct):
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
        (WebCore::jsTestSerializedScriptValueInterfacePrototypeFunctionFunctionBody):
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        (WebCore::JSTestTypedefsConstructor::construct):
        (WebCore::jsTestTypedefsPrototypeFunctionFuncBody):
        (WebCore::jsTestTypedefsPrototypeFunctionSetShadowBody):
        (WebCore::jsTestTypedefsPrototypeFunctionMethodWithSequenceArgBody):
        (WebCore::jsTestTypedefsPrototypeFunctionNullableSequenceArgBody):
        (WebCore::jsTestTypedefsPrototypeFunctionSequenceOfNullablesArgBody):
        (WebCore::jsTestTypedefsPrototypeFunctionNullableSequenceOfNullablesArgBody):
        (WebCore::jsTestTypedefsPrototypeFunctionNullableSequenceOfUnionsArgBody):
        (WebCore::jsTestTypedefsPrototypeFunctionUnionArgBody):
        (WebCore::jsTestTypedefsPrototypeFunctionFuncWithClampBody):
        (WebCore::jsTestTypedefsPrototypeFunctionFuncWithClampInTypedefBody):
        (WebCore::jsTestTypedefsPrototypeFunctionStringSequenceFunctionBody):
        (WebCore::jsTestTypedefsPrototypeFunctionStringSequenceFunction2Body):
        (WebCore::jsTestTypedefsPrototypeFunctionCallWithSequenceThatRequiresIncludeBody):

2020-03-25  Wenson Hsieh  <wenson_hsieh@apple.com>

        Unreviewed, fix the watchOS build after r259008

        Put a call to Pasteboard::nameOfDragPasteboard behind ENABLE(DRAG_SUPPORT); additionally, update an out-of-date
        comment to reflect the fact that arbitrary UIPasteboards can be converted to a list of NSItemProviders, whose
        data can be traversed in fidelity order.

        * platform/ios/PasteboardIOS.mm:
        (WebCore::Pasteboard::respectsUTIFidelities const):

2020-03-25  Simon Fraser  <simon.fraser@apple.com>

        Flashing and partly visible elements
        https://bugs.webkit.org/show_bug.cgi?id=204605

        Reviewed by Zalan Bujtas.

        If, during a compositing update, a layer becomes non-composited, then we repaint its
        location in its new target compositing layer. However, that layer might be in the list
        of BackingSharingState's layers that may paint into backing provided by some ancestor,
        so they'd be in a limbo state where their repaint target was unknown. We'd erroneously
        repaint in some ancestor, resulting in missing content.

        Fix by having BackingSharingState track a set of layers that can't be repainted currently
        because their ancestor chain contains a maybe-sharing layer, and repaint them when
        the backing sharing state is resolved.

        This is only an issue during RenderLayerCompositor::computeCompositingRequirements()
        when the backing sharing state is being computed, so most repaints are not affected.

        Test: compositing/shared-backing/repaint-into-shared-backing.html

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::BackingSharingState::isPotentialBackingSharingLayer const):
        (WebCore::RenderLayerCompositor::BackingSharingState::addLayerNeedingRepaint):
        (WebCore::RenderLayerCompositor::BackingSharingState::endBackingSharingSequence):
        (WebCore::RenderLayerCompositor::BackingSharingState::issuePendingRepaints):
        (WebCore::RenderLayerCompositor::computeCompositingRequirements):
        (WebCore::RenderLayerCompositor::updateBacking):
        (WebCore::RenderLayerCompositor::updateLayerCompositingState):
        (WebCore::RenderLayerCompositor::layerRepaintTargetsBackingSharingLayer const):
        * rendering/RenderLayerCompositor.h:

2020-03-25  Chris Dumez  <cdumez@apple.com>

        Event listeners registered with 'once' option may get garbage collected too soon
        https://bugs.webkit.org/show_bug.cgi?id=209504
        <rdar://problem/60541567>

        Reviewed by Yusuke Suzuki.

        In EventTarget::innerInvokeEventListeners, if the listener we're about to call is a one-time
        listener (has 'once' flag set), we would first unregister the event listener and then call
        it, as per the DOM specification. However, once unregistered, the event listener is no longer
        visited for GC purposes and its internal JS Function may get garbage collected before we get
        a chance to call it.

        To address the issue, we now make sure the JS Function (and its wrapper) stay alive for the
        duration of the scope using ensureStillAliveHere().

        Test: http/tests/inspector/network/har/har-page-aggressive-gc.html

        * bindings/js/JSEventListener.h:
        * dom/EventListener.h:
        (WebCore::EventListener::jsFunction const):
        (WebCore::EventListener::wrapper const):
        * dom/EventTarget.cpp:
        (WebCore::EventTarget::innerInvokeEventListeners):

2020-03-25  Wenson Hsieh  <wenson_hsieh@apple.com>

        Rename "data interaction pasteboard" to "drag and drop pasteboard"
        https://bugs.webkit.org/show_bug.cgi?id=209556

        Reviewed by Tim Horton.

        "Data interaction" is an obsolete term for drag and drop on iOS, and was meant only to be used early on in
        development. Replace this with the more descriptive name "drag and drop pasteboard", and additionally hide the
        name behind a Cocoa-only Pasteboard helper method so that each call site won't need to repeat the string.

        * platform/Pasteboard.h:
        * platform/cocoa/DragDataCocoa.mm:
        (WebCore::DragData::DragData):
        * platform/ios/PasteboardIOS.mm:
        (WebCore::Pasteboard::nameOfDragPasteboard):
        (WebCore::Pasteboard::createForDragAndDrop):
        (WebCore::Pasteboard::respectsUTIFidelities const):
        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::PlatformPasteboard):
        * platform/mac/PasteboardMac.mm:
        (WebCore::Pasteboard::nameOfDragPasteboard):

2020-03-25  Frank Yang  <guowei_yang@apple.com>

        Unprefix -webkit-text-orientation
        https://bugs.webkit.org/show_bug.cgi?id=196139

        Reviewed by Myles C. Maxfield

        In order to unprefix -webkit-text-orientation to be text-orientation, 
        a new property, "text-orientation" is added to CSSProperties.json. 
        I didn't use alias because the prefixed version still supports non-standard values, 
        and we want the unprefixed version to strictly follow the specs.
        However only adding a new property is not enough because -webkit-text-orientation
        is a high-priority property, and without extra logic, the CSS property 
        "last-one-wins" ordering rule cannot be enforced because high-priority properties 
        are applied to elements in the order they appear in the generated CSSPropertyNames.cpp file. 
        Therefore a codegen flag, "related-property" is added to both 
        -webkit-text-orientation and text-orientation to point to each other, 
        so that when applying high priorities, the algorithm will know that the 
        two properties are modifying the same style of the element (in our case, text orientation)
        and thus the CSS property "last-one-wins" ordering rule will take effect. 

        This code change also helps future developments when we want to unprefix other high-priority properties.

        Tests: fast/text/orientation-inheritance.html
               fast/text/orientation-mixed-unprefix.html
               fast/text/orientation-sideways-prefix-unprefix.html
               fast/text/orientation-sideways-unprefix.html
               fast/text/orientation-upright-unprefix.html
               fast/text/test-orientation-parsing-001.html
               fast/text/text-orientation-parse-competition.html
               fast/text/text-orientation-parse.html
               imported/w3c/web-platform-tests/css/css-writing-modes/text-orientation-parsing-001.html

        * css/CSSComputedStyleDeclaration.cpp: 
            - added support for parsing "text-orientation"
        (WebCore::ComputedStyleExtractor::valueForPropertyInStyle):
            - added a new RenderStyle, CSSPropertyTextOrientation 
        * css/CSSProperties.json: 
            - added a new codegen property, "related-property"
        * css/makeprop.pl: 
            - added new rules for generating code to parse related properties
        (addProperty):
            - inserts new rule in the generated code to parse related properties
        * css/parser/CSSParserFastPaths.cpp:
            - Specified the CSS property values that the unprefixed "text-orientation" can take
        (WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue):
            - Only supports the standard values for text-orientation
        (WebCore::CSSParserFastPaths::isKeywordPropertyID):
            - Added switch case value CSSPropertyTextOrientation
        * css/parser/CSSParserImpl.cpp: 
            - Added rules to treat related properties differently
        (WebCore::filterProperties):
            - For related rules that are also high priority, 
              if we saw one in the property list, we will mark all the related property 
              as seen, in order to enforce the "last-one-wins" ordering rule
        * style/StyleBuilderCustom.h:
        (WebCore::Style::BuilderCustom::applyValueTextOrientation):
            - added functionality to parse the newly added "text-orientation" property

2020-03-25  Simon Fraser  <simon.fraser@apple.com>

        Remove CompositingChangeRepaint which was always CompositingChangeRepaintNow
        https://bugs.webkit.org/show_bug.cgi?id=209551

        Reviewed by Zalan Bujtas.

        All callers to updateBacking() passed CompositingChangeRepaintNow, so remove this argument
        and the enum.

        No behavior change.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::computeCompositingRequirements):
        (WebCore::RenderLayerCompositor::layerStyleChanged):
        (WebCore::RenderLayerCompositor::updateBacking):
        (WebCore::RenderLayerCompositor::updateLayerCompositingState):
        * rendering/RenderLayerCompositor.h:

2020-03-25  Sergio Villar Senin  <svillar@igalia.com>

        Unreviewed build fix for GTK.

        In wkb.ug/209536 we replaced ENABLE_WEBGL by ENABLE_WEBXR for cmake
        builds. We just forgot to do it the same for derived sources.

        * Sources.txt: replaced ENABLE_WEBGL by ENABLE_WEBXR.

2020-03-25  youenn fablet  <youenn@apple.com>

        Fix build after https://trac.webkit.org/changeset/258977/webkit
        https://bugs.webkit.org/show_bug.cgi?id=209545

        Unreviewed.

        * dom/Document.cpp:
        (WebCore::Document::visibilityStateChanged):
        Add ENABLE(MEDIA_STREAM) compilation flag.

2020-03-25  Frank Yang  <guowei_yang@apple.com>

        WebKit uses Alphabetic Baseline when "-webkit-text-orientation" is "mixed" in Vertical Writing Mode
        https://bugs.webkit.org/show_bug.cgi?id=208824

        Reviewed by Myles C. Maxfield.

        According to the CSS documentation, https://drafts.csswg.org/css-writing-modes/#text-orientation and 
        https://drafts.csswg.org/css-writing-modes/#text-baselines "In vertical typographic mode, 
        the central baseline is used as the dominant baseline when text-orientation is mixed or upright. 
        Otherwise the alphabetic baseline is used." 

        However, InlineFlowBox::requiresIdeographicsBaseline returns true only when text orientation is 
        "upright", meaning it applies the same baseline for mixed and sideways text orientation.
        Therefore, a new clause is added to check if text-orientation is "mixed" 

        Currently in our implementation, text orientation is determinted by the following:
                - mixed:    FontDescription returns Vertical   and   nonCJKGlyphOrientation returns Mixed
                - upright:  FontDescription returns Vertical   and   nonCJKGlyphOrientation returns Upright
                - sideways: FontDescription returns Horizontal and   nonCJKGlyphOrientation returns Mixed
        Original code only checks if FontDescription returns Vertical and nonCJKGlyphOrientation returns Mixed, which
        is only checking if text orientation is "upright", and returns true for requiresIdeographicBaseline, treating        
        "mixed" and "sideways" the same, requesting alphabetic baseline, which is incorrect.

        Therefore, to correct this bahavior, change the code so that requiresIdeographicsBaseline returns true either 
        when text-orientation is "mixed" or "upright". Equivalently, we return true when FontDescription returns Vertical
        false otherwise. 

        Test: imported/w3c/web-platform-tests/css/css-writing-modes/

        * rendering/InlineFlowBox.cpp:
        (WebCore::InlineFlowBox::requiresIdeographicBaseline const):

2020-03-25  Sergio Villar Senin  <svillar@igalia.com>

        Use ENABLE_WEBXR to guard WebXR IDL files in CMakeLists.txt
        https://bugs.webkit.org/show_bug.cgi?id=209536

        Reviewed by Darin Adler.

        * CMakeLists.txt: replaced ENABLE_WEBGL by ENABLE_WEBXR.

2020-03-25  Kate Cheney  <katherine_cheney@apple.com>

        App-bound domain checks should provide more debugging details at script evaluation sites
        https://bugs.webkit.org/show_bug.cgi?id=209521
        <rdar://problem/60837954>

        Reviewed by Chris Dumez.

        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::executeScriptInWorld):
        Return makeUnexpected object with an error message instead of null to
        provide more details as to why the executeScriptInWorld()
        call was not completed. Also add console logging and release logging.
 
        * page/Frame.cpp:
        (WebCore::Frame::injectUserScriptImmediately):
        There is no option to return an exception here, so this patch adds
        console logging and release logging.

2020-03-25  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r251385): box-shadow interferes with backdrop-filter
        https://bugs.webkit.org/show_bug.cgi?id=208070
        <rdar://problem/59683152>

        Reviewed by Dean Jackson.

        updateClippingStrategy() compares the rounded rect passed in with the geometry
        of the first layer argument, so the rect needs to have a zero origin. We do
        the same computation in GraphicsLayerCA::updateContentsRects().

        Test: compositing/filters/backdrop-filter-rect.html

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::updateBackdropFiltersRect):

2020-03-25  Wenson Hsieh  <wenson_hsieh@apple.com>

        Avoid querying pasteboard strings while dragging content over a potential drop target
        https://bugs.webkit.org/show_bug.cgi?id=209531

        Reviewed by Tim Horton and Ryosuke Niwa.

        A couple of places in WebCore currently use PasteboardStrategy::stringForType() to query for pasteboard URL
        strings. These call sites attempt to read URL strings (using both readString and stringForType) for the purposes
        of checking whether or not we should avoid exposing the URL string to web content (note that in the case of
        containsPlainText, we actually check whether or not the string is empty, which depends on whether or not the
        string is safe to expose to the web -- e.g., not a file URL).

        This is incompatible with some changes in the near future which will prevent the web content process from
        reading any data from the pasteboard, if a paste or drop action has not yet been performed. To address this
        issue, we introduce an alternate PasteboardStrategy method, containsStringSafeForDOMToReadForType, which returns
        (for a given platform pasteboard type) whether or not a string that can be safely exposed to bindings exists.

        Rather than allow the web process to read the entire string, limit it to just this true/false answer.

        * platform/PasteboardStrategy.h:
        * platform/PlatformPasteboard.h:
        * platform/cocoa/DragDataCocoa.mm:
        (WebCore::DragData::containsPlainText const):

        Use containsStringSafeForDOMToReadForType instead of stringForType.

        * platform/cocoa/PasteboardCocoa.mm:
        (WebCore::Pasteboard::fileContentState):

        Use containsStringSafeForDOMToReadForType instead of readString.

        * platform/cocoa/PlatformPasteboardCocoa.mm:
        (WebCore::PlatformPasteboard::containsStringSafeForDOMToReadForType const):

2020-03-25  Ting-Wei Lan  <lantw44@gmail.com>

        [GTK] Add user agent quirk for auth.mayohr.com
        https://bugs.webkit.org/show_bug.cgi?id=209378

        Reviewed by Michael Catanzaro.

        This site blocks the login page completely and asks the user to download
        Google Chrome when using our standard user agent. It only blocks the
        login page. After logging in, it works fine without user agent quirks.

        Note that it is required to hide Version/X from the user agent string
        for the site to recognize it as a valid Chrome user agent. Since Chrome
        itself does not use Version/X, it should be safe to modify the existing
        quirk instead of adding a new one to handle it.

        * platform/UserAgentQuirks.cpp:
        (WebCore::urlRequiresChromeBrowser):
        (WebCore::urlRequiresNoSafariVersion):
        (WebCore::UserAgentQuirks::quirksForURL):
        (WebCore::UserAgentQuirks::stringForQuirk):
        * platform/UserAgentQuirks.h:
        * platform/glib/UserAgentGLib.cpp:
        (WebCore::buildUserAgentString):

2020-03-25  Youenn Fablet  <youenn@apple.com>

        Audio fails to capture stream in WebRTC if AudioSession gets interrupted
        https://bugs.webkit.org/show_bug.cgi?id=208516
        <rdar://problem/60020467>

        Reviewed by Eric Carlson.

        In case of page going to hidden, continue calling each capture factory to mute the corresponding sources if needed.
        In case of page being visible again, reset all tracks according page muted state. This allows restarting tracks that have been
        muted while page was hidden (video tracks or suspended audio tracks).

        Since tracks can go to muted when visibility changes, we no longer return early when setting the muted state of a page to the same value.
        Instead we apply it which ensures we comply with what UIProcess wants.

        We start removing the concept of a RealtimeMediaSource be interrupted. Instead we use muting of sources.
        This allows UIProcess or the page to override any muted state, for instance if page goes in foreground again.

        We update the AudioSharedUnit to allow restarting capture even if suspended.
        This ensures that we are able to restart capturing even if we do not receive the audio session end of interruption.
        Also, this notification sometimes takes a long time to happen and we do not want to wait for it when user is interacting with the page.
        A future refactoring will further remove RealtimeMediaSource interrupted-related code.

        Manually tested.

        * dom/Document.cpp:
        (WebCore::Document::visibilityStateChanged):
        * page/Page.cpp:
        (WebCore::Page::setMuted):
        * platform/audio/PlatformMediaSessionManager.h:
        (WebCore::PlatformMediaSessionManager::isInterrupted const):
        * platform/mediastream/RealtimeMediaSource.cpp:
        (WebCore::RealtimeMediaSource::setInterrupted):
        (WebCore::RealtimeMediaSource::setMuted):
        * platform/mediastream/mac/BaseAudioSharedUnit.cpp:
        (WebCore::BaseAudioSharedUnit::startProducingData):
        (WebCore::BaseAudioSharedUnit::resume):
        (WebCore::BaseAudioSharedUnit::suspend):

2020-03-25  Charlie Turner  <cturner@igalia.com>

        [GStreamer] Remove noisy warning about broken LC support
        https://bugs.webkit.org/show_bug.cgi?id=209472

        Reviewed by Philippe Normand.

        * platform/graphics/gstreamer/GStreamerCommon.cpp:
        (WebCore::initializeGStreamer): There's no seemingly nice way of
        ensuring this message is issued once in WebKit the
        lifetime. Issuing multiple times is upsetting users. We can't rely
        on Gst logging at this point, and there's no established story of
        using the LOG_CHANNEL stuff on WPE/GTK ports for suppressible
        WebKit message AFAICT.

2020-03-24  Andres Gonzalez  <andresg_22@apple.com>

        Avoid multiple unnecessary updates of the IsolatedTree.
        https://bugs.webkit.org/show_bug.cgi?id=209409

        Reviewed by Chris Fleizach.

        AXObjectCache::notificationPostTimerFired was updating the isolated tree
        in every single notification, causing a big performance hit.
        This change filters out repeated notifications for the same node, thus
        reducing significantly the number of times the isolated tree is updated.

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::notificationPostTimerFired):
        (WebCore::AXObjectCache::postNotification):
        (WebCore::AXObjectCache::postTextStateChangeNotification):
        (WebCore::AXObjectCache::generateIsolatedTree):
        (WebCore::AXObjectCache::updateIsolatedTree):
        (WebCore::appendIfNotContainsMatching): Helper function that might be
        added to WTF::Vector.
        (WebCore::createIsolatedTreeHierarchy): Became AXIsolatedTree::createSubtree
        * accessibility/AXObjectCache.h:
        * accessibility/AccessibilityObjectInterface.h:
        (WebCore::AXCoreObject::childrenIDs):
        * accessibility/isolatedtree/AXIsolatedTree.cpp:
        (WebCore::AXIsolatedTree::removeTreeForPageID):
        (WebCore::AXIsolatedTree::generateSubtree):
        (WebCore::AXIsolatedTree::createSubtree):
        (WebCore::AXIsolatedTree::updateNode): Updates only the given node.
        (WebCore::AXIsolatedTree::updateSubtree): Recreates the entire subtree.
        (WebCore::AXIsolatedTree::updateChildren): Updates the associated object,
        recreating only the children that are added and removing the ones that
        are no longer present in the AX tree.
        (WebCore::AXIsolatedTree::removeNode):
        (WebCore::AXIsolatedTree::removeSubtree):
        (WebCore::AXIsolatedTree::appendNodeChanges):
        (WebCore::AXIsolatedTree::applyPendingChanges):
        * accessibility/isolatedtree/AXIsolatedTree.h:

2020-03-24  John Wilander  <wilander@apple.com>

        Build fix for deprecated DDHighlightCreateWithRectsInVisibleRectWithStyleAndDirection
        https://bugs.webkit.org/show_bug.cgi?id=209530
        <rdar://problem/60855794>

        Unreviewed build fix. Solution suggested by Darin Adler.

        * page/mac/ServicesOverlayController.mm:
        (WebCore::ServicesOverlayController::buildPhoneNumberHighlights):
            Use of DDHighlightCreateWithRectsInVisibleRectWithStyleAndDirection put between
            ALLOW_DEPRECATED_DECLARATIONS_BEGIN and ALLOW_DEPRECATED_DECLARATIONS_END.
        (WebCore::ServicesOverlayController::buildSelectionHighlight):
            Use of DDHighlightCreateWithRectsInVisibleRectWithStyleAndDirection put between
            ALLOW_DEPRECATED_DECLARATIONS_BEGIN and ALLOW_DEPRECATED_DECLARATIONS_END.

2020-03-24  Zalan Bujtas  <zalan@apple.com>

        [MultiColumn] Infinite recursion in RenderBlockFlow::relayoutToAvoidWidows
        https://bugs.webkit.org/show_bug.cgi?id=209527
        <rdar://problem/56993589>

        Reviewed by Simon Fraser.

        This patch expands on r204980. This is yet another case when we can't possibly accommodate widows in the current column.

        Test: fast/multicol/page-cant-accommodate-widow-crash.html

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::adjustLinePositionForPagination):

2020-03-24  Wenson Hsieh  <wenson_hsieh@apple.com>

        Rename DragDataMac and DragImageMac to DragDataCocoa and DragImageCocoa
        https://bugs.webkit.org/show_bug.cgi?id=209523

        Reviewed by Megan Gardner.

        Rename DragDataMac to DragDataCocoa, and DragImageMac to DragImageCocoa. These files contain logic relevant to
        both macOS and iOS, and as such, belong in platform/cocoa rather than platform/mac.

        No change in behavior.

        * SourcesCocoa.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/cocoa/DragDataCocoa.mm: Renamed from Source/WebCore/platform/mac/DragDataMac.mm.
        (WebCore::rtfPasteboardType):
        (WebCore::rtfdPasteboardType):
        (WebCore::stringPasteboardType):
        (WebCore::urlPasteboardType):
        (WebCore::htmlPasteboardType):
        (WebCore::colorPasteboardType):
        (WebCore::pdfPasteboardType):
        (WebCore::tiffPasteboardType):
        (WebCore::DragData::DragData):
        (WebCore::DragData::containsURLTypeIdentifier const):
        (WebCore::DragData::canSmartReplace const):
        (WebCore::DragData::containsColor const):
        (WebCore::DragData::containsFiles const):
        (WebCore::DragData::numberOfFiles const):
        (WebCore::DragData::asFilenames const):
        (WebCore::DragData::containsPlainText const):
        (WebCore::DragData::asPlainText const):
        (WebCore::DragData::asColor const):
        (WebCore::DragData::containsCompatibleContent const):
        (WebCore::DragData::containsPromise const):
        (WebCore::DragData::containsURL const):
        (WebCore::DragData::asURL const):
        * platform/cocoa/DragImageCocoa.mm: Renamed from Source/WebCore/platform/mac/DragImageMac.mm.
        (WebCore::dragImageSize):
        (WebCore::deleteDragImage):
        (WebCore::scaleDragImage):
        (WebCore::dissolveDragImageToFraction):
        (WebCore::createDragImageFromImage):
        (WebCore::createDragImageIconForCachedImageFilename):
        (WebCore::dragOffsetForLinkDragImage):
        (WebCore::anchorPointForLinkDragImage):
        (WebCore::LinkImageLayout::LinkImageLayout):
        (WebCore::createDragImageForLink):
        (WebCore::createDragImageForColor):
        * platform/graphics/gpu/cocoa/GPUShaderModuleMetal.mm:

        Unrelated build fix due to changing unified sources.

2020-03-24  Jer Noble  <jer.noble@apple.com>

        REGRESSION(r258314): Leak in MediaPlayerPrivateMediaSourceAVFObjC::updateLastPixelBuffer()
        https://bugs.webkit.org/show_bug.cgi?id=209519

        Reviewed by Eric Carlson.

        Obey the "copy" rule and adopt the results of -copyPixelBufferForSourceTime:sourceTimeForDisplay:.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::updateLastPixelBuffer):

2020-03-24  Jiewen Tan  <jiewen_tan@apple.com>

        [WebAuthn] Customize a bit more on the macOS LocalAuthentication prompt
        https://bugs.webkit.org/show_bug.cgi?id=208703
        <rdar://problem/60136974>

        Reviewed by Brent Fulgham.

        Part 2.

        This patch adds a different LocalAuthentication prompt title for getAssertion.
        It also polishes the text used for makeCredential.

        Besides that, it also enhances the iOS title strings.

        * en.lproj/Localizable.strings:
        * platform/LocalizedStrings.cpp:
        (WebCore::getAssertionTouchIDPromptTitle):
        * platform/LocalizedStrings.h:

2020-03-24  Chris Dumez  <cdumez@apple.com>

        Function passed to addEventListener may get garbage collected before the event listener is even added
        https://bugs.webkit.org/show_bug.cgi?id=209445

        Reviewed by Yusuke Suzuki.

        Function passed to addEventListener may get garbage collected before the event listener is even added.
        The issue is that the JS bindings for addEventListener() would first create a JSEventListener to store
        the JSC Function that was passed in and then add this JSEventListener as an event listener on the
        EventTarget. The JSC function held by JSEventListener is supposed to get visited by
        JSEventListener::visitJSFunction() which gets called by EventTarget::visitJSEventListeners() which
        gets called every time an EventTarget wrapper gets visited. The issue is that when the JSEventListener
        gets created, the JSEventListener is not yet connected to its EventTarget and thus
        EventTarget::visitJSEventListeners() would not visit it. However, the constructor of JSEventListener
        would issue a write barrier on that JSC Function.

        Several changes were made to address this issue in the generated bindings:
        1. We now create a local variable (named argumentX, X being argument index) for each argument that gets
           passed in to an operation
        2. At the end of the operation implementation, we call ensureStillAliveHere() on each JSValue argument
           to make sure they stay alive until the end of the operation
        3. For EventListeners / EventHandlers, we also issue a write barrier at the end of the operation
           implementation, when it is safe to do so. Now that we do this here in the bindings, I dropped the
           code in the JSEventListener constructor to issue the write barrier (as this was too early).

        * bindings/js/JSEventListener.cpp:
        (WebCore::JSEventListener::JSEventListener):
        * bindings/scripts/CodeGeneratorJS.pm:
        (GetOperationReturnedParameterName):
        (GenerateAttributeSetterBodyDefinition):
        (GenerateParametersCheck):
        (GenerateEnsureStillAliveCallsForArguments):
        (GenerateImplementationFunctionCall):
        * bindings/scripts/test/JS/JSMapLike.cpp:
        (WebCore::jsMapLikePrototypeFunctionGetBody):
        (WebCore::jsMapLikePrototypeFunctionHasBody):
        (WebCore::jsMapLikePrototypeFunctionEntriesBody):
        (WebCore::jsMapLikePrototypeFunctionKeysBody):
        (WebCore::jsMapLikePrototypeFunctionValuesBody):
        (WebCore::jsMapLikePrototypeFunctionForEachBody):
        (WebCore::jsMapLikePrototypeFunctionSetBody):
        (WebCore::jsMapLikePrototypeFunctionDeleteBody):
        * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
        (WebCore::jsReadOnlyMapLikePrototypeFunctionGetBody):
        (WebCore::jsReadOnlyMapLikePrototypeFunctionHasBody):
        (WebCore::jsReadOnlyMapLikePrototypeFunctionEntriesBody):
        (WebCore::jsReadOnlyMapLikePrototypeFunctionKeysBody):
        (WebCore::jsReadOnlyMapLikePrototypeFunctionValuesBody):
        (WebCore::jsReadOnlyMapLikePrototypeFunctionForEachBody):
        * bindings/scripts/test/JS/JSReadOnlySetLike.cpp:
        (WebCore::jsReadOnlySetLikePrototypeFunctionHasBody):
        (WebCore::jsReadOnlySetLikePrototypeFunctionEntriesBody):
        (WebCore::jsReadOnlySetLikePrototypeFunctionKeysBody):
        (WebCore::jsReadOnlySetLikePrototypeFunctionValuesBody):
        (WebCore::jsReadOnlySetLikePrototypeFunctionForEachBody):
        * bindings/scripts/test/JS/JSSetLike.cpp:
        (WebCore::jsSetLikePrototypeFunctionHasBody):
        (WebCore::jsSetLikePrototypeFunctionEntriesBody):
        (WebCore::jsSetLikePrototypeFunctionKeysBody):
        (WebCore::jsSetLikePrototypeFunctionValuesBody):
        (WebCore::jsSetLikePrototypeFunctionForEachBody):
        (WebCore::jsSetLikePrototypeFunctionAddBody):
        (WebCore::jsSetLikePrototypeFunctionDeleteBody):
        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        (WebCore::jsTestActiveDOMObjectPrototypeFunctionExcitingFunctionBody):
        (WebCore::jsTestActiveDOMObjectPrototypeFunctionPostMessageBody):
        (WebCore::jsTestActiveDOMObjectPrototypeFunctionOverloadedMethod1Body):
        (WebCore::jsTestActiveDOMObjectPrototypeFunctionOverloadedMethod2Body):
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
        (WebCore::jsTestCEReactionsStringifierPrototypeFunctionToStringBody):
        * bindings/scripts/test/JS/JSTestCallTracer.cpp:
        (WebCore::jsTestCallTracerPrototypeFunctionTestOperationWithArgumentsBody):
        (WebCore::jsTestCallTracerPrototypeFunctionTestOperationWithNullableArgumentBody):
        (WebCore::jsTestCallTracerPrototypeFunctionTestOperationWithVariantArgumentBody):
        (WebCore::jsTestCallTracerPrototypeFunctionTestOperationWithNullableVariantArgumentBody):
        (WebCore::jsTestCallTracerPrototypeFunctionTestOperationWithOptionalVariantArgumentBody):
        (WebCore::jsTestCallTracerPrototypeFunctionTestOperationWithDefaultVariantArgumentBody):
        * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
        (WebCore::jsTestDOMJITPrototypeFunctionGetAttributeBody):
        (WebCore::jsTestDOMJITPrototypeFunctionItemBody):
        (WebCore::jsTestDOMJITPrototypeFunctionHasAttributeBody):
        (WebCore::jsTestDOMJITPrototypeFunctionGetElementByIdBody):
        (WebCore::jsTestDOMJITPrototypeFunctionGetElementsByNameBody):
        * bindings/scripts/test/JS/JSTestEnabledBySetting.cpp:
        (WebCore::jsTestEnabledBySettingPrototypeFunctionEnabledBySettingOperationBody):
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        (WebCore::JSTestEventConstructorConstructor::construct):
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        (WebCore::jsTestEventTargetPrototypeFunctionItemBody):
        * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
        (WebCore::jsTestGlobalObjectInstanceFunctionRegularOperationBody):
        (WebCore::jsTestGlobalObjectInstanceFunctionEnabledAtRuntimeOperation1Body):
        (WebCore::jsTestGlobalObjectInstanceFunctionEnabledAtRuntimeOperation2Body):
        (WebCore::jsTestGlobalObjectConstructorFunctionEnabledAtRuntimeOperationStaticBody):
        (WebCore::jsTestGlobalObjectInstanceFunctionEnabledInSpecificWorldBody):
        (WebCore::jsTestGlobalObjectInstanceFunctionEnabledInSpecificWorldWhenRuntimeFeatureEnabledBody):
        (WebCore::jsTestGlobalObjectInstanceFunctionEnabledInSpecificWorldWhenRuntimeFeaturesEnabledBody):
        (WebCore::jsTestGlobalObjectInstanceFunctionGetSecretBooleanBody):
        (WebCore::jsTestGlobalObjectInstanceFunctionTestFeatureGetSecretBooleanBody):
        * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp:
        (WebCore::jsTestIndexedSetterWithIdentifierPrototypeFunctionIndexedSetterBody):
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        (WebCore::JSTestInterfaceConstructor::construct):
        (WebCore::jsTestInterfacePrototypeFunctionImplementsMethod2Body):
        (WebCore::jsTestInterfacePrototypeFunctionTakeNodesBody):
        (WebCore::jsTestInterfacePrototypeFunctionSupplementalMethod2Body):
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
        (WebCore::jsTestMediaQueryListListenerPrototypeFunctionMethodBody):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp:
        (WebCore::jsTestNamedAndIndexedSetterWithIdentifierPrototypeFunctionNamedSetterBody):
        (WebCore::jsTestNamedAndIndexedSetterWithIdentifierPrototypeFunctionIndexedSetterBody):
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
        (WebCore::JSTestNamedConstructorNamedConstructor::construct):
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp:
        (WebCore::jsTestNamedDeleterWithIdentifierPrototypeFunctionNamedDeleterBody):
        * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp:
        (WebCore::jsTestNamedGetterWithIdentifierPrototypeFunctionGetterNameBody):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp:
        (WebCore::jsTestNamedSetterWithIdentifierPrototypeFunctionNamedSetterBody):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp:
        (WebCore::jsTestNamedSetterWithIndexedGetterPrototypeFunctionNamedSetterBody):
        (WebCore::jsTestNamedSetterWithIndexedGetterPrototypeFunctionIndexedSetterBody):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp:
        (WebCore::jsTestNamedSetterWithIndexedGetterAndSetterPrototypeFunctionNamedSetterBody):
        (WebCore::jsTestNamedSetterWithIndexedGetterAndSetterPrototypeFunctionIndexedSetter1Body):
        (WebCore::jsTestNamedSetterWithIndexedGetterAndSetterPrototypeFunctionIndexedSetter2Body):
        * bindings/scripts/test/JS/JSTestNode.cpp:
        (WebCore::jsTestNodePrototypeFunctionGetSecretBooleanBody):
        (WebCore::jsTestNodePrototypeFunctionTestFeatureGetSecretBooleanBody):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::JSTestObjConstructor::construct):
        (WebCore::callJSTestObj1):
        (WebCore::callJSTestObj2):
        (WebCore::setJSTestObjOnfooSetter):
        (WebCore::setJSTestObjOnwebkitfooSetter):
        (WebCore::jsTestObjPrototypeFunctionEnabledAtRuntimeOperation1Body):
        (WebCore::jsTestObjPrototypeFunctionEnabledAtRuntimeOperation2Body):
        (WebCore::jsTestObjConstructorFunctionEnabledAtRuntimeOperationStaticBody):
        (WebCore::jsTestObjPrototypeFunctionEnabledInSpecificWorldWhenRuntimeFeatureEnabledBody):
        (WebCore::jsTestObjPrototypeFunctionWorldSpecificMethodBody):
        (WebCore::jsTestObjPrototypeFunctionGetSecretBooleanBody):
        (WebCore::jsTestObjPrototypeFunctionTestFeatureGetSecretBooleanBody):
        (WebCore::jsTestObjPrototypeFunctionVoidMethodWithArgsBody):
        (WebCore::jsTestObjPrototypeFunctionByteMethodBody):
        (WebCore::jsTestObjPrototypeFunctionByteMethodWithArgsBody):
        (WebCore::jsTestObjPrototypeFunctionOctetMethodBody):
        (WebCore::jsTestObjPrototypeFunctionOctetMethodWithArgsBody):
        (WebCore::jsTestObjPrototypeFunctionLongMethodBody):
        (WebCore::jsTestObjPrototypeFunctionLongMethodWithArgsBody):
        (WebCore::jsTestObjPrototypeFunctionObjMethodBody):
        (WebCore::jsTestObjPrototypeFunctionObjMethodWithArgsBody):
        (WebCore::jsTestObjInstanceFunctionUnforgeableMethodBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithArgTreatingNullAsEmptyStringBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithXPathNSResolverParameterBody):
        (WebCore::jsTestObjPrototypeFunctionNullableStringMethodBody):
        (WebCore::jsTestObjConstructorFunctionNullableStringStaticMethodBody):
        (WebCore::jsTestObjPrototypeFunctionNullableStringSpecialMethodBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithEnumArgBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithStandaloneEnumArgBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalEnumArgBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalEnumArgAndDefaultValueBody):
        (WebCore::jsTestObjPrototypeFunctionMethodThatRequiresAllArgsAndThrowsBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithUSVStringArgBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithNullableUSVStringArgBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithUSVStringArgTreatingNullAsEmptyStringBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithByteStringArgBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithNullableByteStringArgBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithByteStringArgTreatingNullAsEmptyStringBody):
        (WebCore::jsTestObjPrototypeFunctionSerializedValueBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithRecordBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithExceptionReturningLongBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithExceptionReturningObjectBody):
        (WebCore::jsTestObjPrototypeFunctionPrivateMethodBody):
        (WebCore::jsTestObjPrototypeFunctionPublicAndPrivateMethodBody):
        (WebCore::jsTestObjPrototypeFunctionAddEventListenerBody):
        (WebCore::jsTestObjPrototypeFunctionRemoveEventListenerBody):
        (WebCore::jsTestObjPrototypeFunctionWithExecStateObjBody):
        (WebCore::jsTestObjPrototypeFunctionWithExecStateObjExceptionBody):
        (WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContextAndExecStateObjExceptionBody):
        (WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContextAndExecStateWithSpacesBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalArgBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalArgAndDefaultValueBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithNonOptionalArgAndOptionalArgBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithNonOptionalArgAndTwoOptionalArgsBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalStringBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalUSVStringBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalAtomStringBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalStringAndDefaultValueBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalAtomStringAndDefaultValueBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalStringIsNullBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalStringIsUndefinedBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalAtomStringIsNullBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalStringIsEmptyStringBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalUSVStringIsEmptyStringBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalAtomStringIsEmptyStringBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalDoubleIsNaNBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalFloatIsNaNBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalLongLongBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalLongLongIsZeroBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalUnsignedLongLongBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalUnsignedLongLongIsZeroBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalSequenceBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalSequenceIsEmptyBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalBooleanBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalBooleanIsFalseBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalAnyBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalObjectBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalNullableWrapperBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalNullableWrapperIsNullBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalXPathNSResolverBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalRecordBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalPromiseBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithCallbackArgBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithNonCallbackArgAndCallbackArgBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithCallbackAndOptionalArgBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithCallbackFunctionArgBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithNonCallbackArgAndCallbackFunctionArgBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithCallbackFunctionAndOptionalArgBody):
        (WebCore::jsTestObjConstructorFunctionStaticMethodWithCallbackAndOptionalArgBody):
        (WebCore::jsTestObjConstructorFunctionStaticMethodWithCallbackArgBody):
        (WebCore::jsTestObjPrototypeFunctionConditionalMethod1Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod1Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod2Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod3Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod4Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod5Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod6Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod7Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod8Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod9Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod10Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod11Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod12Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethodWithOptionalParameter1Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethodWithOptionalParameter2Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethodWithDistinguishingUnion1Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethodWithDistinguishingUnion2Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethodWith2DistinguishingUnions1Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethodWith2DistinguishingUnions2Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethodWithNonDistinguishingUnion1Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethodWithNonDistinguishingUnion2Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadWithNullableUnion1Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadWithNullableUnion2Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadWithOptionalUnion1Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadWithOptionalUnion2Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadWithNullableNonDistinguishingParameter1Body):
        (WebCore::jsTestObjPrototypeFunctionOverloadWithNullableNonDistinguishingParameter2Body):
        (WebCore::jsTestObjConstructorFunctionClassMethodWithOptionalBody):
        (WebCore::jsTestObjConstructorFunctionOverloadedMethod11Body):
        (WebCore::jsTestObjConstructorFunctionOverloadedMethod12Body):
        (WebCore::jsTestObjPrototypeFunctionClassMethodWithClampBody):
        (WebCore::jsTestObjPrototypeFunctionClassMethodWithClampOnOptionalBody):
        (WebCore::jsTestObjPrototypeFunctionClassMethodWithEnforceRangeBody):
        (WebCore::jsTestObjPrototypeFunctionClassMethodWithEnforceRangeOnOptionalBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithUnsignedLongSequenceBody):
        (WebCore::jsTestObjPrototypeFunctionStringArrayFunctionBody):
        (WebCore::jsTestObjPrototypeFunctionDomStringListFunctionBody):
        (WebCore::jsTestObjPrototypeFunctionOperationWithOptionalUnionParameterBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithAndWithoutNullableSequenceBody):
        (WebCore::jsTestObjPrototypeFunctionGetElementByIdBody):
        (WebCore::jsTestObjPrototypeFunctionGetSVGDocumentBody):
        (WebCore::jsTestObjPrototypeFunctionConvert1Body):
        (WebCore::jsTestObjPrototypeFunctionConvert2Body):
        (WebCore::jsTestObjPrototypeFunctionConvert3Body):
        (WebCore::jsTestObjPrototypeFunctionConvert4Body):
        (WebCore::jsTestObjPrototypeFunctionMutablePointFunctionBody):
        (WebCore::jsTestObjPrototypeFunctionVariadicStringMethodBody):
        (WebCore::jsTestObjPrototypeFunctionVariadicDoubleMethodBody):
        (WebCore::jsTestObjPrototypeFunctionVariadicNodeMethodBody):
        (WebCore::jsTestObjPrototypeFunctionVariadicUnionMethodBody):
        (WebCore::jsTestObjPrototypeFunctionAnyBody):
        (WebCore::jsTestObjPrototypeFunctionTestPromiseFunctionWithFloatArgumentBody):
        (WebCore::jsTestObjPrototypeFunctionTestPromiseFunctionWithOptionalIntArgumentBody):
        (WebCore::jsTestObjPrototypeFunctionTestPromiseOverloadedFunction1Body):
        (WebCore::jsTestObjPrototypeFunctionTestPromiseOverloadedFunction2Body):
        (WebCore::jsTestObjPrototypeFunctionTestReturnsOwnPromiseAndPromiseProxyFunctionBody):
        (WebCore::jsTestObjPrototypeFunctionConditionalOverload1Body):
        (WebCore::jsTestObjPrototypeFunctionConditionalOverload2Body):
        (WebCore::jsTestObjPrototypeFunctionSingleConditionalOverload1Body):
        (WebCore::jsTestObjPrototypeFunctionSingleConditionalOverload2Body):
        (WebCore::jsTestObjPrototypeFunctionAttachShadowRootBody):
        (WebCore::jsTestObjPrototypeFunctionOperationWithExternalDictionaryParameterBody):
        (WebCore::jsTestObjPrototypeFunctionBufferSourceParameterBody):
        (WebCore::jsTestObjPrototypeFunctionLegacyCallerNamedBody):
        (WebCore::jsTestObjPrototypeFunctionTestReturnValueOptimizationBody):
        (WebCore::jsTestObjPrototypeFunctionTestReturnValueOptimizationWithExceptionBody):
        (WebCore::jsTestObjPrototypeFunctionToStringBody):
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        (WebCore::constructJSTestOverloadedConstructors1):
        (WebCore::constructJSTestOverloadedConstructors2):
        (WebCore::constructJSTestOverloadedConstructors3):
        (WebCore::constructJSTestOverloadedConstructors4):
        * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
        (WebCore::constructJSTestOverloadedConstructorsWithSequence1):
        (WebCore::constructJSTestOverloadedConstructorsWithSequence2):
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
        (WebCore::jsTestOverrideBuiltinsPrototypeFunctionNamedItemBody):
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:
        (WebCore::JSTestPromiseRejectionEventConstructor::construct):
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
        (WebCore::jsTestSerializedScriptValueInterfacePrototypeFunctionFunctionBody):
        (WebCore::jsTestSerializedScriptValueInterfacePrototypeFunctionFunctionReturningBody):
        * bindings/scripts/test/JS/JSTestStringifier.cpp:
        (WebCore::jsTestStringifierPrototypeFunctionToStringBody):
        * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp:
        (WebCore::jsTestStringifierAnonymousOperationPrototypeFunctionToStringBody):
        * bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp:
        (WebCore::jsTestStringifierNamedOperationPrototypeFunctionIdentifierBody):
        (WebCore::jsTestStringifierNamedOperationPrototypeFunctionToStringBody):
        * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp:
        (WebCore::jsTestStringifierOperationImplementedAsPrototypeFunctionIdentifierBody):
        (WebCore::jsTestStringifierOperationImplementedAsPrototypeFunctionToStringBody):
        * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp:
        (WebCore::jsTestStringifierOperationNamedToStringPrototypeFunctionToStringBody):
        * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp:
        (WebCore::jsTestStringifierReadOnlyAttributePrototypeFunctionToStringBody):
        * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp:
        (WebCore::jsTestStringifierReadWriteAttributePrototypeFunctionToStringBody):
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        (WebCore::JSTestTypedefsConstructor::construct):
        (WebCore::jsTestTypedefsPrototypeFunctionFuncBody):
        (WebCore::jsTestTypedefsPrototypeFunctionSetShadowBody):
        (WebCore::jsTestTypedefsPrototypeFunctionMethodWithSequenceArgBody):
        (WebCore::jsTestTypedefsPrototypeFunctionNullableSequenceArgBody):
        (WebCore::jsTestTypedefsPrototypeFunctionSequenceOfNullablesArgBody):
        (WebCore::jsTestTypedefsPrototypeFunctionNullableSequenceOfNullablesArgBody):
        (WebCore::jsTestTypedefsPrototypeFunctionNullableSequenceOfUnionsArgBody):
        (WebCore::jsTestTypedefsPrototypeFunctionUnionArgBody):
        (WebCore::jsTestTypedefsPrototypeFunctionFuncWithClampBody):
        (WebCore::jsTestTypedefsPrototypeFunctionFuncWithClampInTypedefBody):
        (WebCore::jsTestTypedefsPrototypeFunctionPointFunctionBody):
        (WebCore::jsTestTypedefsPrototypeFunctionStringSequenceFunctionBody):
        (WebCore::jsTestTypedefsPrototypeFunctionStringSequenceFunction2Body):
        (WebCore::jsTestTypedefsPrototypeFunctionCallWithSequenceThatRequiresIncludeBody):

2020-03-24  Alex Christensen  <achristensen@webkit.org>

        Add console message when legacy TLS is used
        https://bugs.webkit.org/show_bug.cgi?id=209444

        Reviewed by Darin Adler.

        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::didReceiveResponse):
        Indent less, add host to inspector, add release logging without host.

2020-03-24  Antoine Quint  <graouts@apple.com>

        [Web Animations] Clean timeline headers up
        https://bugs.webkit.org/show_bug.cgi?id=209482

        Reviewed by Antti Koivisto.

        The AnimationTimeline::removeAnimationsForElement() method isn't used and DocumentTimeline::applyPendingAcceleratedAnimations()
        is only used internally in DocumentTimeline so it can be made private.

        * animation/AnimationTimeline.cpp:
        (WebCore::AnimationTimeline::removeAnimationsForElement): Deleted.
        * animation/AnimationTimeline.h:
        * animation/DocumentTimeline.h:

2020-03-24  Antoine Quint  <graouts@apple.com>

        [iOS+macOS Debug] ASSERTION FAILED: m_effects.isEmpty() in WebCore::KeyframeEffectStack::~KeyframeEffectStack()
        https://bugs.webkit.org/show_bug.cgi?id=208718
        <rdar://problem/59956433>

        Reviewed by Darin Adler.

        This assertion is only valid in the case where elements with relevant animations are still alive when the document is
        torn down. However, it's fine to have an Element be destroyed with a relevant animation while its document is still alive.

        * animation/KeyframeEffectStack.cpp:
        (WebCore::KeyframeEffectStack::~KeyframeEffectStack):

2020-03-23  Simon Fraser  <simon.fraser@apple.com>

        Safari jetsams with repeated drawImage/getImageData
        https://bugs.webkit.org/show_bug.cgi?id=207957

        Reviewed by Tim Horton.

        SubimageCacheWithTimer used a DeferrableOneShotTimer to clear itself, but if content
        adds an entry to the cache on every frame (as might content drawing video frames into a canvas)
        then the cache was never cleared. Nor was it cleared via a memory warning.

        Fix by tracking cache entries by age, and using a repeating timer to prune old images
        from the cache. Also hook up the cache to the memory pressure handler, which clears it.

        Reduce the timer frequency from 1s to 500ms, since that was observed to reduce the memory use
        on the provided testcase from ~600M to ~350M, making jetsam less likely.

        Rename m_images to m_imageCounts to make its role clearer.

        * page/cocoa/MemoryReleaseCocoa.mm:
        (WebCore::platformReleaseMemory):
        * platform/graphics/cg/SubimageCacheWithTimer.cpp:
        (WebCore::SubimageCacheWithTimer::clear):
        (WebCore::SubimageCacheAdder::translate):
        (WebCore::SubimageCacheWithTimer::SubimageCacheWithTimer):
        (WebCore::SubimageCacheWithTimer::pruneCacheTimerFired):
        (WebCore::SubimageCacheWithTimer::prune):
        (WebCore::SubimageCacheWithTimer::subimage):
        (WebCore::SubimageCacheWithTimer::clearImageAndSubimages):
        (WebCore::SubimageCacheWithTimer::clearAll):
        (WebCore::SubimageCacheWithTimer::invalidateCacheTimerFired): Deleted.
        * platform/graphics/cg/SubimageCacheWithTimer.h:

2020-03-23  Stephan Szabo  <stephan.szabo@sony.com>

        [WinCairo][PlayStation] Failure to build with ENABLE_XSLT=OFF
        https://bugs.webkit.org/show_bug.cgi?id=209454

        Reviewed by Ross Kirsling.

        No new tests, build fix.

        * xml/parser/XMLDocumentParserLibxml2.cpp:

2020-03-23  Zalan Bujtas  <zalan@apple.com>

        becu.org: Placeholder text "Search" is cut off
        https://bugs.webkit.org/show_bug.cgi?id=209447
        <rdar://problem/45951728>

        Reviewed by Simon Fraser.

        'line-height: initial' ensures that that the placeholder text is visible and properly positioned when the input itself has
        incompatible values. This is also what Chrome has in their UA stylesheet.

        Test: fast/forms/placeholder-content-line-height.html

        * css/html.css:
        (input::placeholder):

2020-03-23  Simon Fraser  <simon.fraser@apple.com>

        [mac-wk1] fast/scrolling/arrow-key-scroll-in-rtl-document.html is a flaky timeout
        https://bugs.webkit.org/show_bug.cgi?id=209427

        Reviewed by Wenson Hsieh.

        In WebKit1, arrow-key scrolls are instantaneous, so scrolling is complete before the test
        registers the 'monitor wheel events' callback. However, nothing triggers a subsequent rendering
        update, so the test never completes.

        Fix by having WheelEventTestMonitor::setTestCallbackAndStartMonitoring() trigger a rendering
        update.

        * page/WheelEventTestMonitor.cpp:
        (WebCore::WheelEventTestMonitor::setTestCallbackAndStartMonitoring):

2020-03-23  Zalan Bujtas  <zalan@apple.com>

        [LFC] Layout::Box::initialContainingBlock() should return const InitialContainingBlock&
        https://bugs.webkit.org/show_bug.cgi?id=209406
        <rdar://problem/60749715>

        Reviewed by Antti Koivisto.

        Use is<InitialContainingBlock> where applicable.

        * layout/FormattingContext.cpp:
        (WebCore::Layout::FormattingContext::geometryForBox const):
        (WebCore::Layout::FormattingContext::collectOutOfFlowDescendantsIfNeeded):
        * layout/FormattingContextQuirks.cpp:
        (WebCore::Layout::FormattingContext::Quirks::heightValueOfNearestContainingBlockWithFixedHeight):
        * layout/blockformatting/BlockFormattingContextQuirks.cpp:
        * layout/displaytree/DisplayPainter.cpp:
        (WebCore::Display::absoluteDisplayBox):
        * layout/invalidation/InvalidationState.cpp:
        (WebCore::Layout::InvalidationState::markNeedsUpdate):
        * layout/layouttree/LayoutBox.cpp:
        (WebCore::Layout::Box::establishesBlockFormattingContext const):
        (WebCore::Layout::Box::containingBlock const):
        (WebCore::Layout::Box::formattingContextRoot const):
        (WebCore::Layout::Box::initialContainingBlock const):
        (WebCore::Layout::Box::isInFormattingContextOf const):
        (WebCore::Layout::Box::isOverflowVisible const):
        * layout/layouttree/LayoutBox.h:
        (WebCore::Layout::Box::isInitialContainingBlock const):
        (WebCore::Layout::Box::isInlineTextBox const):
        (WebCore::Layout::Box::isLineBreakBox const):
        (WebCore::Layout::Box::isReplacedBox const):
        * layout/layouttree/LayoutInitialContainingBlock.cpp:
        (WebCore::Layout::InitialContainingBlock::InitialContainingBlock):
        * layout/layouttree/LayoutInlineTextBox.cpp:
        (WebCore::Layout::InlineTextBox::InlineTextBox):
        * layout/layouttree/LayoutLineBreakBox.cpp:
        (WebCore::Layout::LineBreakBox::LineBreakBox):
        * layout/layouttree/LayoutReplacedBox.cpp:
        (WebCore::Layout::ReplacedBox::ReplacedBox):
        * layout/layouttree/LayoutTreeBuilder.cpp:
        (WebCore::Layout::outputLayoutBox):

2020-03-23  Justin Fan  <justin_fan@apple.com>

        [ Mac wk2 Debug ] webgpu/whlsl/vector-compare.html is flaky crashing.
        https://bugs.webkit.org/show_bug.cgi?id=209024

        Reviewed by Myles C. Maxfield.

        Prevent GPUBindGroup destructor from accidentally dereferencing GPUBindGroupAllocator too many times
        if the owning GPUDevice has already been destroyed. A GPUBindGroupAllocator should reset whenever its
        spawned GPUBindGroups are all cleaned up. 

        Covered by existing tests.

        * platform/graphics/gpu/GPUBindGroupAllocator.h:
        * platform/graphics/gpu/cocoa/GPUBindGroupAllocatorMetal.mm:
        (WebCore::GPUBindGroupAllocator::allocateAndSetEncoders):
        (WebCore::GPUBindGroupAllocator::tryReset):
        * platform/graphics/gpu/cocoa/GPUBindGroupMetal.mm:
        (WebCore::GPUBindGroup::~GPUBindGroup):

2020-03-23  Wenson Hsieh  <wenson_hsieh@apple.com>

        Remove the unused method PasteboardStrategy::uniqueName()
        https://bugs.webkit.org/show_bug.cgi?id=209452

        Reviewed by Tim Horton.

        This was introduced in <https://trac.webkit.org/r107844>, where it was used in the implementation of
        Editor::newGeneralClipboard. However, this was subsequently removed in <https://trac.webkit.org/r150351>.

        No change in behavior.

        * platform/PasteboardStrategy.h:
        * platform/PlatformPasteboard.h:
        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::uniqueName): Deleted.
        * platform/mac/PlatformPasteboardMac.mm:
        (WebCore::PlatformPasteboard::uniqueName): Deleted.

2020-03-23  Alex Christensen  <achristensen@webkit.org>

        Add console message when legacy TLS is used
        https://bugs.webkit.org/show_bug.cgi?id=209444

        Reviewed by Darin Adler.

        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::didReceiveResponse):

2020-03-23  John Wilander  <wilander@apple.com>

        Add the capability to change all of a website's cookies to SameSite=Strict
        https://bugs.webkit.org/show_bug.cgi?id=209369
        <rdar://problem/60710690>

        Reviewed by Alex Christensen and David Kilzer.

        Test: http/tests/resourceLoadStatistics/set-all-cookies-to-same-site-strict.html

        * platform/network/NetworkStorageSession.cpp:
        (WebCore::NetworkStorageSession::setAllCookiesToSameSiteStrict):
            Stub function for non-Cocoa platforms.
        * platform/network/NetworkStorageSession.h:
        * platform/network/cocoa/NetworkStorageSessionCocoa.mm:
        (WebCore::NetworkStorageSession::setAllCookiesToSameSiteStrict):
        * testing/Internals.h:
            Added code to expose SameSite=None and path properties of cookies.
            However, they don't seem to carry over so I'll have to revisit the
            internal workings.

2020-03-23  Michael Catanzaro  <mcatanzaro@gnome.org>

        [WPE][GTK] Allow distributors to brand user agent
        https://bugs.webkit.org/show_bug.cgi?id=162611

        Unreviewed, un-break my previous commit.

        * platform/glib/UserAgentGLib.cpp:
        (WebCore::standardUserAgent):

2020-03-23  Simon Fraser  <simon.fraser@apple.com>

        [iOS WK2] compositing/overflow/dynamic-composited-scrolling-status.html asserts
        https://bugs.webkit.org/show_bug.cgi?id=209440
        <rdar://problem/60705261>

        Reviewed by Wenson Hsieh.

        nonFastScrollableRectsForTesting() needs to eagerly update event regions after r258528,
        as we do for touchEventRectsForEventForTesting().

        Also renamed the function so it's clear that it's for testing only.

        * page/Page.cpp:
        (WebCore::Page::nonFastScrollableRectsForTesting):
        (WebCore::Page::nonFastScrollableRects): Deleted.
        * page/Page.h:
        * testing/Internals.cpp:
        (WebCore::Internals::nonFastScrollableRects const):

2020-03-24  James Darpinian  <jdarpinian@chromium.org>

        Set important EGL context attributes
        https://bugs.webkit.org/show_bug.cgi?id=208724

        Reviewed by Dean Jackson.

        Re-landing this change after r258875.

        These EGL context attributes are important to make ANGLE's validation correct for
        WebGL contexts. ROBUST_RESOURCE_INITIALIZATION is especially important; the lack
        of it may be a root cause of some of the test flakiness we have seen. With this
        change WebKit's EGL context attributes now match Chromium's for ANGLE/WebGL
        contexts.

        * platform/graphics/cocoa/GraphicsContextGLOpenGLCocoa.mm:
        (WebCore::GraphicsContextGLOpenGL::GraphicsContextGLOpenGL):

2020-03-23  Michael Catanzaro  <mcatanzaro@gnome.org>

        [GTK] Allow distributors to brand user agent
        https://bugs.webkit.org/show_bug.cgi?id=162611

        Reviewed by Adrian Perez de Castro.

        * platform/glib/UserAgentGLib.cpp:
        (WebCore::buildUserAgentString):

2020-03-23  Dean Jackson  <dino@apple.com>

        [WebGL] Skip vertexAttrib0 simulation when using ANGLE
        https://bugs.webkit.org/show_bug.cgi?id=209416
        <rdar://problem/60765734>

        Reviewed by Antoine Quint.

        When using ANGLE as a backend, we do not need to simulate a
        missing vertexAttrib0 at the WebGL layer, since ANGLE will
        handle it for us.

        This causes a couple of tests to begin passing (they were marked as
        failures). It also allows us to re-land r258025, which was rolled
        out in r258226.

        * html/canvas/WebGL2RenderingContext.cpp: Wrap any code that does vertexAttrib0
        simulation in a !USE(ANGLE).
        (WebCore::WebGL2RenderingContext::initializeVertexArrayObjects):
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::initializeVertexArrayObjects):
        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::~WebGLRenderingContextBase):
        (WebCore::WebGLRenderingContextBase::disableVertexAttribArray):
        (WebCore::WebGLRenderingContextBase::validateDrawArrays):
        (WebCore::WebGLRenderingContextBase::validateDrawElements):
        (WebCore::WebGLRenderingContextBase::drawArrays):
        (WebCore::WebGLRenderingContextBase::drawElements):
        (WebCore::WebGLRenderingContextBase::getActiveUniform):
        (WebCore::WebGLRenderingContextBase::getVertexAttrib):
        (WebCore::WebGLRenderingContextBase::vertexAttribfImpl):
        (WebCore::WebGLRenderingContextBase::vertexAttribfvImpl):
        * html/canvas/WebGLRenderingContextBase.h:
        * html/canvas/WebGLVertexArrayObjectBase.cpp:
        (WebCore::WebGLVertexArrayObjectBase::unbindBuffer):

2020-03-23  Darin Adler  <darin@apple.com>

        Change TextIterator::rangeLength to not require a live range
        https://bugs.webkit.org/show_bug.cgi?id=209207

        Reviewed by Antti Koivisto.

        - Renamed TextIterator::rangeLength to characterCount.

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::rangeMatchesTextNearRange): Use characterCount.
        (WebCore::resetNodeAndOffsetForReplacedNode): Ditto.
        (WebCore::AXObjectCache::nextCharacterOffset): Ditto.
        * accessibility/atk/AXObjectCacheAtk.cpp:
        (WebCore::AXObjectCache::nodeTextChangePlatformNotification): Ditto.
        * accessibility/atk/WebKitAccessibleHyperlink.cpp:
        (rangeLengthForObject): Ditto.
        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper _convertToNSRange:]): Ditto.

        * dom/SimpleRange.h: Export another constructor.

        * editing/AlternativeTextController.cpp:
        (WebCore::AlternativeTextController::applyAlternativeTextToRange):
        Use characterCount.
        * editing/ApplyStyleCommand.cpp:
        (WebCore::ApplyStyleCommand::applyBlockStyle): Ditto.
        * editing/CompositeEditCommand.cpp:
        (WebCore::CompositeEditCommand::moveParagraphs): Ditto.
        * editing/Editing.cpp:
        (WebCore::indexForVisiblePosition): Ditto.
        * editing/TextCheckingHelper.cpp:
        (WebCore::TextCheckingParagraph::rangeLength const): Ditto.
        (WebCore::TextCheckingParagraph::offsetTo const): Ditto.
        (WebCore::TextCheckingParagraph::checkingStart const): Ditto.
        (WebCore::TextCheckingParagraph::checkingEnd const): Ditto.
        (WebCore::TextCheckingParagraph::checkingLength const): Ditto.
        (WebCore::TextCheckingParagraph::automaticReplacementStart const): Ditto.
        (WebCore::TextCheckingParagraph::automaticReplacementLength const): Ditto.
        (WebCore::TextCheckingHelper::findFirstMisspellingOrBadGrammar): Ditto.
        (WebCore::TextCheckingHelper::isUngrammatical const): Ditto.

        * editing/TextIterator.cpp:
        (WebCore::TextIterator::rangeLength): Deleted.
        (WebCore::characterCount): Like the baove but the argument is SimpleRange
        and return is CharacterCount. Even though each individual node is limited
        to 32-bit size, ranges covering multiple nodes could have a count of
        characters that exceeds 32 bits, so CharacterCount is size_t.
        (WebCore::TextIterator::getLocationAndLengthFromRange): Use characterCount.

        * editing/TextIterator.h: Added characterCount function,
        CharacterCount and CharacterRange types. Removed TextIterator::rangeLength.
        Added FIXME comments about the next steps.

        * editing/VisiblePosition.cpp:
        (WebCore::makeBoundaryPoint): Added.
        * editing/VisiblePosition.h: Added makeBoundaryPoint. Also removed
        extraneous forward declarations and moved some function bodies out of the
        class definition.

        * editing/VisibleUnits.cpp:
        (WebCore::distanceBetweenPositions): Changed return type to ptrdiff_t.
        Use characterCount.
        * editing/VisibleUnits.h: Updated for the above.

        * editing/cocoa/DataDetection.mm:
        (WebCore::detectItemAtPositionWithRange): Use characterCount.
        * editing/cocoa/DictionaryLookup.mm:
        (WebCore::DictionaryLookup::rangeForSelection): Ditto.
        (WebCore::DictionaryLookup::rangeAtHitTestResult): Ditto.
        * editing/ios/DictationCommandIOS.cpp:
        (WebCore::DictationCommandIOS::doApply): Ditto.
        * editing/mac/DictionaryLookupLegacy.mm:
        (WebCore::DictionaryLookup::rangeForSelection): Ditto.
        (WebCore::DictionaryLookup::rangeAtHitTestResult): Ditto.
        * page/EventHandler.cpp:
        (WebCore::textDistance): Ditto.

2020-03-23  youenn fablet  <youenn@apple.com>

        Rename blankURL to aboutBlankURL
        https://bugs.webkit.org/show_bug.cgi?id=209344

        Reviewed by Darin Adler.

        No change of behavior.

        * dom/Document.cpp:
        (WebCore::Document::setURL):
        (WebCore::Document::completeURL const):
        (WebCore::Document::ensureTemplateDocument):
        * dom/Document.h:
        (WebCore::Document::urlForBindings const):
        * dom/InlineStyleSheetOwner.cpp:
        (WebCore::parserContextForElement):
        * dom/Node.cpp:
        (WebCore::Node::baseURI const):
        * editing/cocoa/WebContentReaderCocoa.mm:
        (WebCore::WebContentReader::readWebArchive):
        * editing/markup.cpp:
        (WebCore::createFragmentFromMarkup):
        * html/DOMURL.cpp:
        (WebCore::DOMURL::create):
        * html/HTMLFrameElementBase.cpp:
        (WebCore::HTMLFrameElementBase::openURL):
        (WebCore::HTMLFrameElementBase::location const):
        * html/parser/XSSAuditor.cpp:
        (WebCore::XSSAuditor::filterScriptToken):
        (WebCore::XSSAuditor::filterObjectToken):
        (WebCore::XSSAuditor::filterParamToken):
        (WebCore::XSSAuditor::filterEmbedToken):
        (WebCore::XSSAuditor::filterFormToken):
        (WebCore::XSSAuditor::filterInputToken):
        (WebCore::XSSAuditor::filterButtonToken):
        (WebCore::XSSAuditor::isLikelySafeResource):
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::maybeLoadEmpty):
        * loader/DocumentLoader.h:
        (WebCore::DocumentLoader::serverRedirectSourceForHistory const):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadWithDocumentLoader):
        * loader/HistoryController.cpp:
        (WebCore::HistoryController::currentItemShouldBeReplaced const):
        (WebCore::HistoryController::initializeItem):
        * loader/SubframeLoader.cpp:
        (WebCore::SubframeLoader::requestFrame):
        * loader/archive/cf/LegacyWebArchive.cpp:
        (WebCore::LegacyWebArchive::createFromSelection):
        * page/Location.cpp:
        (WebCore::Location::url const):
        * page/SecurityPolicy.cpp:
        (WebCore::SecurityPolicy::shouldInheritSecurityOriginFromOwner):
        * platform/win/ClipboardUtilitiesWin.cpp:
        (WebCore::markupToCFHTML):
        * svg/SVGImageLoader.cpp:
        (WebCore::SVGImageLoader::sourceURI const):

2020-03-23  youenn fablet  <youenn@apple.com>

        Remove DOMCache::m_records
        https://bugs.webkit.org/show_bug.cgi?id=209425

        Reviewed by Alex Christensen.

        We do not need to keep references of FetchRequest and FetchResponse since we clone them before exposing them.
        For that reason, remove m_records and directly use records given from the CacheStorageConnection.
        Minor refactoring to modernize/improve code readability.

        This is a first step towards a future refactoring that will reduce the sending of records from network process to web process
        based on the request parameters: record filtering will be done in network process instead of web process.

        No change of behavior.

        * Modules/cache/DOMCache.cpp:
        (WebCore::createResponse):
        (WebCore::DOMCache::doMatch):
        (WebCore::DOMCache::cloneResponses):
        (WebCore::DOMCache::matchAll):
        (WebCore::createRequest):
        (WebCore::DOMCache::keys):
        (WebCore::DOMCache::retrieveRecords):
        (WebCore::DOMCache::queryCache):
        (WebCore::DOMCache::queryCacheWithTargetStorage):
        (WebCore::DOMCache::batchDeleteOperation):
        (WebCore::DOMCache::batchPutOperation):
        (WebCore::copyRequestRef): Deleted.
        (WebCore::queryCacheMatch): Deleted.
        (WebCore::DOMCache::updateRecords): Deleted.
        * Modules/cache/DOMCache.h:

2020-03-23  Rob Buis  <rbuis@igalia.com>

        XMLHttpRequest: getAllResponseHeaders() sorting
        https://bugs.webkit.org/show_bug.cgi?id=200565

        Reviewed by Darin Adler.

        Sort headers using the ASCII-uppercase header name as key but use ASCII-lowercase header
        names in the string result.

        Nehavior matches Firefox and Chrome.

        Test: imported/web-platform-tests/xhr/getallresponseheaders.htm

        [1] https://xhr.spec.whatwg.org/#dom-xmlhttprequest-getallresponseheaders

        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::getAllResponseHeaders const):

2020-03-23  Truitt Savell  <tsavell@apple.com>

        Unreviewed, reverting r258847.

        Broke testing on Mac Debug with an Assert

        Reverted changeset:

        "[LFC] Layout::Box::initialContainingBlock() should return
        const InitialContainingBlock&"
        https://bugs.webkit.org/show_bug.cgi?id=209406
        https://trac.webkit.org/changeset/258847

2020-03-23  Kate Cheney  <katherine_cheney@apple.com>

        Add checks for app-bound navigations when evaluating user style sheets
        https://bugs.webkit.org/show_bug.cgi?id=209368
        <rdar://problem/60204230>

        Reviewed by Brent Fulgham.

        * page/Page.cpp:
        (WebCore::Page::injectUserStyleSheet):
        If the style sheet is for a specific WebView, it will have a pageID
        and we can check for app-bound navigation in the page object.

        * style/StyleScopeRuleSets.cpp:
        (WebCore::Style::ScopeRuleSets::initializeUserStyle):
        If the user style sheet is being applied to all WebViews, we can check for 
        for a page's existence and navigation state here before the style sheet is
        updated.

2020-03-23  Antoine Quint  <graouts@apple.com>

        DocumentTimeline / CSSTransition objects are leaking on CNN.com
        https://bugs.webkit.org/show_bug.cgi?id=208069
        <rdar://problem/59680143>

        Reviewed by Darin Adler.

        Integrating post-commit review feedback from Darin. 

        * testing/Internals.cpp:
        (WebCore::Internals::animationWithIdExists const):

2020-03-23  Chris Dumez  <cdumez@apple.com>

        Port window.postMessage to the HTML event loop
        https://bugs.webkit.org/show_bug.cgi?id=209359

        Reviewed by Alex Christensen.

        Port window.postMessage to the HTML event loop instead of using a 0-timer.

        * inspector/InspectorInstrumentation.cpp:
        (WebCore::InspectorInstrumentation::willPostMessageImpl):
        (WebCore::InspectorInstrumentation::didPostMessageImpl):
        (WebCore::InspectorInstrumentation::didFailPostMessageImpl):
        (WebCore::InspectorInstrumentation::willDispatchPostMessageImpl):
        (WebCore::InspectorInstrumentation::didDispatchPostMessageImpl):
        * inspector/InspectorInstrumentation.h:
        (WebCore::InspectorInstrumentation::willPostMessage):
        (WebCore::InspectorInstrumentation::didPostMessage):
        (WebCore::InspectorInstrumentation::didFailPostMessage):
        (WebCore::InspectorInstrumentation::willDispatchPostMessage):
        (WebCore::InspectorInstrumentation::didDispatchPostMessage):
        * inspector/agents/WebDebuggerAgent.cpp:
        (WebCore::WebDebuggerAgent::willPostMessage):
        (WebCore::WebDebuggerAgent::didPostMessage):
        (WebCore::WebDebuggerAgent::didFailPostMessage):
        (WebCore::WebDebuggerAgent::willDispatchPostMessage):
        (WebCore::WebDebuggerAgent::didDispatchPostMessage):
        (WebCore::WebDebuggerAgent::didClearAsyncStackTraceData):
        * inspector/agents/WebDebuggerAgent.h:
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::postMessage):
        (WebCore::PostMessageTimer::PostMessageTimer): Deleted.
        (WebCore::PostMessageTimer::event): Deleted.
        (WebCore::PostMessageTimer::targetOrigin const): Deleted.
        (WebCore::PostMessageTimer::stackTrace const): Deleted.
        (WebCore::DOMWindow::postMessageTimerFired): Deleted.
        * page/DOMWindow.h:

2020-03-23  Zalan Bujtas  <zalan@apple.com>

        [LFC] Layout::Box::initialContainingBlock() should return const InitialContainingBlock&
        https://bugs.webkit.org/show_bug.cgi?id=209406
        <rdar://problem/60749715>

        Reviewed by Antti Koivisto.

        Use is<InitialContainingBlock> where applicable.

        * layout/FormattingContext.cpp:
        (WebCore::Layout::FormattingContext::geometryForBox const):
        (WebCore::Layout::FormattingContext::collectOutOfFlowDescendantsIfNeeded):
        * layout/FormattingContextQuirks.cpp:
        (WebCore::Layout::FormattingContext::Quirks::heightValueOfNearestContainingBlockWithFixedHeight):
        * layout/blockformatting/BlockFormattingContextQuirks.cpp:
        * layout/displaytree/DisplayPainter.cpp:
        (WebCore::Display::absoluteDisplayBox):
        * layout/invalidation/InvalidationState.cpp:
        (WebCore::Layout::InvalidationState::markNeedsUpdate):
        * layout/layouttree/LayoutBox.cpp:
        (WebCore::Layout::Box::establishesBlockFormattingContext const):
        (WebCore::Layout::Box::containingBlock const):
        (WebCore::Layout::Box::formattingContextRoot const):
        (WebCore::Layout::Box::initialContainingBlock const):
        (WebCore::Layout::Box::isInFormattingContextOf const):
        (WebCore::Layout::Box::isOverflowVisible const):
        * layout/layouttree/LayoutBox.h:
        (WebCore::Layout::Box::isInitialContainingBlock const):
        (WebCore::Layout::Box::isInlineTextBox const):
        (WebCore::Layout::Box::isLineBreakBox const):
        (WebCore::Layout::Box::isReplacedBox const):
        * layout/layouttree/LayoutInitialContainingBlock.cpp:
        (WebCore::Layout::InitialContainingBlock::InitialContainingBlock):
        * layout/layouttree/LayoutInlineTextBox.cpp:
        (WebCore::Layout::InlineTextBox::InlineTextBox):
        * layout/layouttree/LayoutLineBreakBox.cpp:
        (WebCore::Layout::LineBreakBox::LineBreakBox):
        * layout/layouttree/LayoutReplacedBox.cpp:
        (WebCore::Layout::ReplacedBox::ReplacedBox):
        * layout/layouttree/LayoutTreeBuilder.cpp:
        (WebCore::Layout::outputLayoutBox):

2020-03-23  Jer Noble  <jer.noble@apple.com>

        [MSE] Handle the case where AVStreamDataParser packages sync and non-sync samples together in a CMSampleBufferRef.
        https://bugs.webkit.org/show_bug.cgi?id=209365
        <rdar://problem/60625209>

        Reviewed by Eric Carlson.

        AVStreamDataParser will package together muliple samples into a single CMSampleBufferRef for efficiency's sake. When
        this occurs, it may include sync and non-sync samples together into the same CMSampleBufferRef, which is problematic
        as we consider a CMSampleBufferRef to be "sync" only when every sample inside the buffer is also sync.

        To handle this scenario, when receiving a CMSampleBufferRef from AVStreamDataParser, first check whether that buffer
        is "homogeneous", meaning every sample within the buffer has the same effective MediaSample flags. Then, if the buffer
        is not homogenous, break the buffer into muliple homogenious CMSampleBufferRefs. Then, each of those resulting buffers
        is passed up to SourceBuffer as a MediaSample individually.

        * platform/graphics/avfoundation/objc/MediaSampleAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm:
        (WebCore::isCMSampleBufferAttachmentRandomAccess):
        (WebCore::isCMSampleBufferRandomAccess):
        (WebCore::isCMSampleBufferAttachmentNonDisplaying):
        (WebCore::isCMSampleBufferNonDisplaying):
        (WebCore::MediaSampleAVFObjC::flags const):
        (WebCore::MediaSampleAVFObjC::isHomogeneous const):
        (WebCore::MediaSampleAVFObjC::divideIntoHomogeneousSamples):
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        (WebCore::SourceBufferPrivateAVFObjC::processCodedFrame):

2020-03-23  Alicia Boya García  <aboya@igalia.com>

        [MSE][GStreamer] Clean and explain first sample PTS hack
        https://bugs.webkit.org/show_bug.cgi?id=209335

        Reviewed by Philippe Normand.

        MediaSample::applyPtsOffset() had a rather confusing name, so it has
        been changed to something more descriptive of its actual function:
        extendToTheBeginning().

        Also, its only argument has been removed, as it's always zero.

        An explanation of the hack has also been added.

        This patch introduces no behavior changes.

        * platform/graphics/gstreamer/MediaSampleGStreamer.cpp:
        (WebCore::MediaSampleGStreamer::extendToTheBeginning):
        (WebCore::MediaSampleGStreamer::applyPtsOffset): Deleted.
        * platform/graphics/gstreamer/MediaSampleGStreamer.h:
        * platform/graphics/gstreamer/mse/AppendPipeline.cpp:
        (WebCore::AppendPipeline::appsinkNewSample):

2020-03-23  Zalan Bujtas  <zalan@apple.com>

        [LFC] Remove unused LayoutAncestorIterator class
        https://bugs.webkit.org/show_bug.cgi?id=209401
        <rdar://problem/60743144>

        Reviewed by Sam Weinig.

        * WebCore.xcodeproj/project.pbxproj:
        * layout/blockformatting/BlockFormattingContextGeometry.cpp:
        * layout/displaytree/DisplayPainter.cpp:
        * layout/layouttree/LayoutAncestorIterator.h: Removed.
        * layout/layouttree/LayoutChildIterator.h:
        (WebCore::Layout::LayoutChildIteratorAdapter<T>::last const): Deleted.
        * layout/layouttree/LayoutIterator.h:
        (WebCore::Layout::LayoutBoxTraversal::nextSkippingChildren): Deleted.
        (WebCore::Layout::Traversal::lastChild): Deleted.
        (WebCore::Layout::Traversal::previousSibling): Deleted.
        (WebCore::Layout::Traversal::findAncestorOfType): Deleted.
        (WebCore::Layout::LayoutIterator<T>::traversePreviousSibling): Deleted.
        (WebCore::Layout::LayoutIterator<T>::traverseAncestor): Deleted.
        * layout/layouttree/LayoutTreeBuilder.cpp:

2020-03-23  Antoine Quint  <graouts@apple.com>

        [Web Animations] Refactor cancelDeclarativeAnimationsForElement and willDestroyRendererForElement on AnimationTimeline
        https://bugs.webkit.org/show_bug.cgi?id=209423

        Reviewed by Antti Koivisto.

        The methods cancelDeclarativeAnimationsForElement and willDestroyRendererForElement on AnimationTimeline did the same
        thing save for the argument passed to WebAnimation::cancel(). We now refactor those two methods into a single
        cancelDeclarativeAnimationsForElement method with an argument to set whether cancelation should be silent.
        As a result, we also change WebAnimation::cancel() to have a single flavor instead of one without an argument and one
        with the silent argument.

        No test because there is no change in visible behavior.

        * animation/AnimationTimeline.cpp:
        (WebCore::AnimationTimeline::elementWasRemoved):
        (WebCore::AnimationTimeline::cancelDeclarativeAnimationsForElement):
        (WebCore::AnimationTimeline::willDestroyRendererForElement): Deleted.
        * animation/AnimationTimeline.h:
        * animation/DeclarativeAnimation.cpp:
        (WebCore::DeclarativeAnimation::cancel):
        * animation/DeclarativeAnimation.h:
        * animation/WebAnimation.cpp:
        * animation/WebAnimation.h:
        * rendering/updating/RenderTreeUpdater.cpp:
        (WebCore::RenderTreeUpdater::tearDownRenderers):

2020-03-23  Youenn Fablet  <youenn@apple.com>

        AudioTrackPrivateMediaStream recovers from a muted track very late
        https://bugs.webkit.org/show_bug.cgi?id=209411

        Reviewed by Eric Carlson.

        In case of a muted track, the AudioSampleDataSource is not pushed any new sample.
        When unmuting the tracks, pulled samples will be zeroes for some time until the newly pushed samples are used.
        To fix this, we pause the audio player whenever muted/disabled/ended and restart playing when unmuted/enabled.
        Manually tested.

        * platform/mediastream/AudioTrackPrivateMediaStream.cpp:
        (WebCore::AudioTrackPrivateMediaStream::updateRendererMutedState):

2020-03-23  Youenn Fablet  <youenn@apple.com>

        AudioMediaStreamTrackRendererCocoa does not recover from AudioSession interruption
        https://bugs.webkit.org/show_bug.cgi?id=209412

        Reviewed by Eric Carlson.

        In case there is an AudioSession interruption, like the app is in the background
        and another app starts to play audio, AudioMediaStreamTrackRendererCocoa will not restart playing audio.
        Fix this by clearing the AudioUnit when starting since the renderer is paused during the interruption.
        This ensures resuming from the interruption in a clean state.

        Manually tested.

        * platform/mediastream/mac/AudioMediaStreamTrackRendererCocoa.cpp:
        (WebCore::AudioMediaStreamTrackRendererCocoa::start):

2020-03-23  youenn fablet  <youenn@apple.com>

        MediaDevices::refreshDevices should take device type into account
        https://bugs.webkit.org/show_bug.cgi?id=209417
        <rdar://problem/60521332>

        Reviewed by Eric Carlson.

        Now that we set deviceId to the empty string when media capture is not granted,
        we can have two devices with the same ID. We also need to handle the device type.

        * Modules/mediastream/MediaDevices.cpp:
        (WebCore::MediaDevices::refreshDevices):

2020-03-23  Zalan Bujtas  <zalan@apple.com>

        [LFC] Box::establishesBlockFormattingContext should check isInitialContainingBlock
        https://bugs.webkit.org/show_bug.cgi?id=209390
        <rdar://problem/60735021>

        Reviewed by Antti Koivisto.

        It's more correct to call isInitialContainingBlock() to check if the current box is the ICB.

        * layout/layouttree/LayoutBox.cpp:
        (WebCore::Layout::Box::establishesBlockFormattingContext const):
        (WebCore::Layout::Box::initialContainingBlock const):

2020-03-23  Antoine Quint  <graouts@apple.com>

        [Web Animations] ElementAnimationRareData is created too frequently
        https://bugs.webkit.org/show_bug.cgi?id=209415

        Reviewed by Antti Koivisto.

        The various accessors on Element to access transitions and animations will ensure there is a backing
        ElementAnimationRareData object. However, in a lot of cases, such as when we consider whether CSS
        Transitions should be created, updated or removed under AnimationTimeline::updateCSSTransitionsForElement(),
        we end up not needing to actually access the data structures on ElementAnimationRareData.

        We now make the various methods on Element to access transitions and animations `const T*` and add ensure*()
        methods to access the collections for modification. We also add methods to query whether there are running or
        completed transitions at all or for a given property.

        No test because there is no change in visible behavior.

        * animation/AnimationTimeline.cpp:
        (WebCore::AnimationTimeline::animationWasAddedToElement):
        (WebCore::AnimationTimeline::animationWasRemovedFromElement):
        (WebCore::AnimationTimeline::removeDeclarativeAnimationFromListsForOwningElement):
        (WebCore::AnimationTimeline::animationsForElement const):
        (WebCore::AnimationTimeline::willDestroyRendererForElement):
        (WebCore::AnimationTimeline::cancelDeclarativeAnimationsForElement):
        (WebCore::AnimationTimeline::updateCSSTransitionsForElementAndProperty):
        (WebCore::AnimationTimeline::updateCSSTransitionsForElement):
        * animation/AnimationTimeline.h:
        * animation/DocumentTimeline.cpp:
        (WebCore::DocumentTimeline::transitionDidComplete):
        * dom/Element.cpp:
        (WebCore::Element::webAnimations const):
        (WebCore::Element::cssAnimations const):
        (WebCore::Element::transitions const):
        (WebCore::Element::hasCompletedTransitionsForProperty const):
        (WebCore::Element::hasRunningTransitionsForProperty const):
        (WebCore::Element::hasRunningTransitions const):
        (WebCore::Element::ensureWebAnimations):
        (WebCore::Element::ensureCSSAnimations):
        (WebCore::Element::ensureTransitions):
        (WebCore::Element::ensureCompletedTransitionsByProperty):
        (WebCore::Element::ensureRunningTransitionsByProperty):
        (WebCore::Element::webAnimations): Deleted.
        (WebCore::Element::cssAnimations): Deleted.
        (WebCore::Element::transitions): Deleted.
        (WebCore::Element::completedTransitionsByProperty): Deleted.
        (WebCore::Element::runningTransitionsByProperty): Deleted.
        * dom/Element.h:

2020-03-23  Charlie Turner  <cturner@igalia.com>

        [GStreamer] Fail gracefully in the absence of a WebVTT encoder.
        https://bugs.webkit.org/show_bug.cgi?id=209290

        Reviewed by Philippe Normand.

        Covered by existing tests.

        * platform/graphics/gstreamer/GStreamerCommon.cpp:
        (WebCore::initializeGStreamer): Gets rid of "plugin not found"
        errors. It's not an error to have potentially broken AAC decoders,
        but it's nice to give a clear warning.
        * platform/graphics/gstreamer/TextCombinerGStreamer.cpp:
        (webkit_text_combiner_class_init):
        (webkitTextCombinerNew): Check for the "subenc" *plugin*. This
        check indirectly tells us the "webvttenc" *element* will exist.

2020-03-23  Carlos Garcia Campos  <cgarcia@igalia.com>

        [WPE] AsyncScrolling: horizontal scrolling is inverted
        https://bugs.webkit.org/show_bug.cgi?id=208638

        Reviewed by Adrian Perez de Castro.

        Scrolling down should scroll to the right and up to the left..

        * page/scrolling/nicosia/ScrollingTreeFrameScrollingNodeNicosia.cpp:
        (WebCore::ScrollingTreeFrameScrollingNodeNicosia::handleWheelEvent): Invert also the x axis.
        * page/scrolling/nicosia/ScrollingTreeOverflowScrollingNodeNicosia.cpp:
        (WebCore::ScrollingTreeOverflowScrollingNodeNicosia::handleWheelEvent): Ditto.

2020-03-23  Antoine Quint  <graouts@apple.com>

        [Web Animations] Fix the typo for ElementAnimationRareData::completedTransitionByProperty()
        https://bugs.webkit.org/show_bug.cgi?id=209413

        Reviewed by Antti Koivisto.

        There can be several completed transitions by property, so renaming this property to completedTransitionsByProperty.

        * animation/AnimationTimeline.cpp:
        (WebCore::AnimationTimeline::removeDeclarativeAnimationFromListsForOwningElement):
        (WebCore::AnimationTimeline::updateCSSTransitionsForElement):
        * animation/DocumentTimeline.cpp:
        (WebCore::DocumentTimeline::transitionDidComplete):
        * animation/ElementAnimationRareData.h:
        (WebCore::ElementAnimationRareData::completedTransitionsByProperty):
        (WebCore::ElementAnimationRareData::completedTransitionByProperty): Deleted.
        * dom/Element.cpp:
        (WebCore::Element::completedTransitionsByProperty):
        (WebCore::Element::completedTransitionByProperty): Deleted.
        * dom/Element.h:

2020-03-22  Antoine Quint  <graouts@apple.com>

        DocumentTimeline / CSSTransition objects are leaking on CNN.com
        https://bugs.webkit.org/show_bug.cgi?id=208069
        <rdar://problem/59680143>

        Reviewed by Simon Fraser, Geoffrey Garen and Darin Adler.

        Test: webanimations/leak-css-animation.html

        We add a test feature that lets use query the availability of a given WebAnimation by its "id" property in the WebAnimation::instances list.
        We also fix some build issues that appeared with a change in UnifiedSources order.

        * animation/ElementAnimationRareData.cpp:
        (WebCore::ElementAnimationRareData::setAnimationsCreatedByMarkup):
        * animation/ElementAnimationRareData.h:
        (WebCore::ElementAnimationRareData::setAnimationsCreatedByMarkup): Deleted.
        * animation/WebAnimation.h:
        * testing/Internals.cpp:
        (WebCore::Internals::animationWithIdExists const):
        * testing/Internals.h:
        * testing/Internals.idl:

2020-03-22  Antoine Quint  <graouts@apple.com>

        [ Mac ] imported/w3c/web-platform-tests/web-animations/timing-model/timelines/update-and-send-events-replacement.html is flaky failing.
        https://bugs.webkit.org/show_bug.cgi?id=209239
        <rdar://problem/60591358>

        Reviewed by Simon Fraser.

        This test was made flaky by r257417, the initial fix for webkit.org/b/208069. A new, appropriate fix for that bug is in the works. In the
        meantime we revert r257417 in this patch.

        The reason this test became flaky is that it features the following code:

            animB.timeline = new DocumentTimeline({
              originTime:
                document.timeline.currentTime - 100 * MS_PER_SEC - animB.startTime,
            });

        In this case the only reference to the created DocumentTimeline is through `animB.timeline`. But because r257417 made the timeline reference from
        WebAnimation a weak reference, in some cases, if GC kicks in, the timeline would be dereferenced and the test would fail. We restore that relationship
        to its previous state, which is a strong reference.

        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::setTimeline):
        (WebCore::WebAnimation::setTimelineInternal):
        (WebCore::WebAnimation::enqueueAnimationEvent):
        (WebCore::WebAnimation::acceleratedStateDidChange):
        (WebCore::WebAnimation::timeline const): Deleted.
        * animation/WebAnimation.h:
        (WebCore::WebAnimation::timeline const):

2020-03-22  Zalan Bujtas  <zalan@apple.com>

        [LFC] Introduce InitialContainingBox class
        https://bugs.webkit.org/show_bug.cgi?id=209399
        <rdar://problem/60741767>

        Reviewed by Antti Koivisto.

        ICB is the top level containing block. This helps to make sure we don't accidentally call parent() on the ICB.
        This is also a preparation for "const Box& Layout::Box::parent()".

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * layout/integration/LayoutIntegrationBoxTree.cpp:
        (WebCore::LayoutIntegration::BoxTree::BoxTree):
        (): Deleted.
        * layout/integration/LayoutIntegrationBoxTree.h:
        (WebCore::LayoutIntegration::BoxTree::rootLayoutBox const):
        (WebCore::LayoutIntegration::BoxTree::rootLayoutBox):
        * layout/layouttree/LayoutBox.cpp:
        (WebCore::Layout::Box::isInitialContainingBlock const): Deleted.
        * layout/layouttree/LayoutBox.h:
        (WebCore::Layout::Box::isInitialContainingBlock const):
        * layout/layouttree/LayoutContainerBox.h:
        * layout/layouttree/LayoutTreeBuilder.cpp:
        (WebCore::Layout::TreeBuilder::buildLayoutTree):

2020-03-22  Zalan Bujtas  <zalan@apple.com>

        [LFC] Layout::Box::containingBlock should return a const ContainerBox&
        https://bugs.webkit.org/show_bug.cgi?id=209381
        <rdar://problem/60732278>

        Reviewed by Antti Koivisto.

        Layout tree is immutable during layout, so every box should be able to return a valid containing block (except the ICB).
        (This patch also removes the unused isDescendantOf() function and renames isDescendantOfFormattingRoot to isInFormattingContextOf).

        * layout/FormattingContext.cpp:
        (WebCore::Layout::FormattingContext::layoutOutOfFlowContent):
        (WebCore::Layout::FormattingContext::validateGeometryConstraintsAfterLayout const):
        * layout/FormattingContextGeometry.cpp:
        (WebCore::Layout::isHeightAuto):
        (WebCore::Layout::FormattingContext::Geometry::computedHeightValue const):
        (WebCore::Layout::FormattingContext::Geometry::staticVerticalPositionForOutOfFlowPositioned const):
        (WebCore::Layout::FormattingContext::Geometry::staticHorizontalPositionForOutOfFlowPositioned const):
        (WebCore::Layout::FormattingContext::Geometry::outOfFlowNonReplacedHorizontalGeometry):
        (WebCore::Layout::FormattingContext::Geometry::outOfFlowReplacedHorizontalGeometry const):
        (WebCore::Layout::FormattingContext::Geometry::inFlowPositionedPositionOffset const):
        * layout/FormattingContextQuirks.cpp:
        (WebCore::Layout::FormattingContext::Quirks::heightValueOfNearestContainingBlockWithFixedHeight):
        * layout/Verification.cpp:
        (WebCore::Layout::outputMismatchingBlockBoxInformationIfNeeded):
        * layout/blockformatting/BlockFormattingContext.cpp:
        (WebCore::Layout::BlockFormattingContext::layoutInFlowContent):
        (WebCore::Layout::BlockFormattingContext::usedAvailableWidthForFloatAvoider):
        (WebCore::Layout::BlockFormattingContext::precomputeVerticalPositionForAncestors):
        (WebCore::Layout::BlockFormattingContext::precomputeVerticalPositionForBoxAndAncestors):
        (WebCore::Layout::BlockFormattingContext::verticalPositionWithMargin const):
        * layout/blockformatting/BlockFormattingContextGeometry.cpp:
        (WebCore::Layout::BlockFormattingContext::Geometry::inFlowNonReplacedWidthAndMargin const):
        * layout/blockformatting/BlockFormattingContextQuirks.cpp:
        (WebCore::Layout::BlockFormattingContext::Quirks::stretchedInFlowHeight):
        (WebCore::Layout::initialContainingBlock): Deleted.
        * layout/blockformatting/BlockMarginCollapse.cpp:
        (WebCore::Layout::BlockFormattingContext::MarginCollapse::marginsCollapseThrough const):
        * layout/blockformatting/PrecomputedBlockMarginCollapse.cpp:
        (WebCore::Layout::BlockFormattingContext::MarginCollapse::precomputedPositiveNegativeValues const):
        * layout/displaytree/DisplayPainter.cpp:
        (WebCore::Display::absoluteDisplayBox):
        * layout/floats/FloatingContext.cpp:
        (WebCore::Layout::FloatingContext::verticalPositionWithClearance const):
        (WebCore::Layout::FloatingContext::absoluteDisplayBoxCoordinates const):
        (WebCore::Layout::FloatingContext::mapToFloatingStateRoot const):
        (WebCore::Layout::FloatingContext::mapTopToFloatingStateRoot const):
        (WebCore::Layout::FloatingContext::mapPointFromFormattingContextRootToFloatingStateRoot const):
        * layout/floats/FloatingState.cpp:
        (WebCore::Layout::FloatingState::bottom const):
        (WebCore::Layout::FloatingState::top const):
        * layout/floats/FloatingState.h:
        (WebCore::Layout::FloatingState::FloatItem::isInFormattingContextOf const):
        (WebCore::Layout::FloatingState::FloatItem::isDescendantOfFormattingRoot const): Deleted.
        * layout/layouttree/LayoutBox.cpp:
        (WebCore::Layout::Box::containingBlock const):
        (WebCore::Layout::Box::formattingContextRoot const):
        (WebCore::Layout::Box::isInFormattingContextOf const):
        (WebCore::Layout::Box::isDescendantOf const): Deleted.
        (WebCore::Layout::Box::isContainingBlockDescendantOf const): Deleted.
        * layout/layouttree/LayoutBox.h:

2020-03-21  Said Abou-Hallawa  <sabouhallawa@apple.com>

        An animated PNG plays the frames one time more than the image loopCount
        https://bugs.webkit.org/show_bug.cgi?id=205640

        Reviewed by Darin Adler.

        Make the repetitionCount calculation for GIFs different from it for other
        image formats.

        Tests: fast/images/animated-gif-loop-count.html
               fast/images/animated-png-loop-count.html

        * platform/graphics/cg/ImageDecoderCG.cpp:
        (WebCore::ImageDecoderCG::repetitionCount const):
        * platform/graphics/cg/UTIRegistry.cpp:
        (WebCore::isGIFImageType):
        * platform/graphics/cg/UTIRegistry.h:

2020-03-21  Jack Lee  <shihchieh_lee@apple.com>

        Nullptr crash in RenderObject::RenderObjectBitfields::isBox when current renderer is the RenderView
        https://bugs.webkit.org/show_bug.cgi?id=209251
        <rdar://problem/60103614>

        Reviewed by Darin Adler.

        In this case, which is a valid scenario, we are looking for sibling of an AccessibilityRenderObject through the parent of its renderer, which happens to be of <RenderView>. Since <RenderView> has no parent, we need to skip calling isInlineWithContinuation with a null parent, by adding null check.

        Test: fast/frames/iframe-empty-doc-crash.html

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::nextSibling const):

2020-03-21  Philippe Normand  <pnormand@igalia.com>

        Make the MediaSample::toJSONString method generic
        https://bugs.webkit.org/show_bug.cgi?id=209287

        Reviewed by Eric Carlson.

        It is generic and thus can be shared to sub-classes.

        * platform/MediaSample.h:
        (WebCore::MediaSample::toJSONString const):
        * platform/graphics/avfoundation/objc/MediaSampleAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm:

2020-03-21  Zalan Bujtas  <zalan@apple.com>

        telerik.com: Placeholder text is misaligned in search text box
        https://bugs.webkit.org/show_bug.cgi?id=209371
        <rdar://problem/45945564>

        Reviewed by Antti Koivisto.

        Let the placeholder box do its own vertical positioning/sizing.
        The placeholder box's height is currently set to the height of the editable renderer (sibling box), so when the ::placeholder has
        a large font-size set, the text is oddly positioned and gets cut off (the placeholder box has 'overflow: hidden' UA style).
        This patch makes the placeholder box center aligned and sized based on the used size (matches both Chrome and FF).

        Test: fast/forms/placeholder-content-center.html

        * rendering/RenderTextControlSingleLine.cpp:
        (WebCore::RenderTextControlSingleLine::layout):

2020-03-20  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r258679): [ Mac ] fast/scrolling/arrow-key-scroll-in-rtl-document.html is failing and timing out
        https://bugs.webkit.org/show_bug.cgi?id=209299

        Reviewed by Daniel Bates.

        fast/scrolling/arrow-key-scroll-in-rtl-document.html is unusual in that it uses monitorWheelEvents()
        but then issues arrow key presses.

        WebCore responds to arrow keys via WebEditorClient::handleKeyboardEvent() calling down into
        WebPage::scroll() which ends up in FrameView::requestScrollPositionUpdate() and bounces to the
        scrolling thread. This isn't tracked by existing 'defer' reasons on WheelEventTestMonitor, so add a
        new defer reason that covers the period for adding the requested scroll go the scrolling state tree,
        and responding to it in the scrolling thread.

        * page/WheelEventTestMonitor.cpp:
        (WebCore::operator<<):
        * page/WheelEventTestMonitor.h:
        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::requestScrollPositionUpdate):
        * page/scrolling/ThreadedScrollingTree.cpp:
        (WebCore::ThreadedScrollingTree::scrollingTreeNodeRequestsScroll):
        * page/scrolling/ThreadedScrollingTree.h:

2020-03-20  David Kilzer  <ddkilzer@apple.com>

        Content-Type & Nosniff Ignored on XML External Entity Resources
        <https://webkit.org/b/191171>
        <rdar://problem/45763222>

        Reviewed by Darin Adler.

        Test: http/tests/security/contentTypeOptions/nosniff-xml-external-entity.xhtml

        * platform/MIMETypeRegistry.cpp:
        (WebCore::MIMETypeRegistry::isXMLEntityMIMEType): Add.
        * platform/MIMETypeRegistry.h:
        (WebCore::MIMETypeRegistry::isXMLEntityMIMEType): Add.
        - Checks for XML external entity MIME types.

        * xml/parser/XMLDocumentParserLibxml2.cpp:
        (WebCore::externalEntityMimeTypeAllowedByNosniff): Add.
        - Checks whether the MIME type is valid based on the presence of
          the "X-Content-Type-Options: nosniff" header.
        (WebCore::openFunc):
        - Drop the contents of the resource that was returned and print
          an error message to the Web Inspector console if
          externalEntityMimeTypeAllowedByNosniff() says the MIME type is
          not allowed.

2020-03-20  Alex Christensen  <achristensen@webkit.org>

        CORS-disabling SPI introduced in r253978 should make responses non-opaque
        https://bugs.webkit.org/show_bug.cgi?id=209351
        <rdar://problem/60024850>

        Reviewed by Chris Dumez.

        Covered by making the API test actually check that response content is readable.

        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::responseReceived):

2020-03-20  Jer Noble  <jer.noble@apple.com>

        Ensure media cache directory is created before passing to AVURLAsset.
        https://bugs.webkit.org/show_bug.cgi?id=209341

        Reviewed by Eric Carlson.

        Sandbox changes require the media cache directory to be created before passing to
        AVFoundation, to ensure that a sandbox extension is allowed to be created for that
        directory.

        When the mediaCacheDirectory is empty or null, no longer specify a temporary directory. This
        allows clients to disable caching by specifying an empty string for the cache directory.
        Since now assetCacheForPath() can return nil, update all the call sites to handle that
        possibility. Add a new method, ensureAssetCacheExistsAtPath() which tries to create a
        directory at the specified path, and returns nil if that is not possible. This ensures the
        cache path exists before adding the AVAssetCache to the AVURLAsset options dictionary.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::assetCacheForPath):
        (WebCore::ensureAssetCacheExistsForPath):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::originsInMediaCache):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::clearMediaCache):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::clearMediaCacheForOrigins):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL):

2020-03-20  David Kilzer  <ddkilzer@apple.com>

        Fix name of "X-Content-Type:" HTTP header in console logging
        <https://webkit.org/b/209348>

        Reviewed by Devin Rousso.

        * css/StyleSheetContents.cpp:
        (WebCore::StyleSheetContents::parseAuthorStyleSheet):
        * dom/LoadableClassicScript.cpp:
        (WebCore::LoadableClassicScript::notifyFinished):
        * workers/WorkerScriptLoader.cpp:
        (WebCore::WorkerScriptLoader::validateWorkerResponse):
        - Change "X-Content-Type:" to "X-Content-Type-Options:" to fix
          the name of the header.

2020-03-20  Ali Juma  <ajuma@chromium.org>

        Intersection Observer intersections are wrong with zooming
        https://bugs.webkit.org/show_bug.cgi?id=209264

        Reviewed by Simon Fraser.

        An IntersectionObserver's rootMargin is expressed in CSS pixels,
        but we weren't accounting for page zoom. Fix this by multiplying
        the root margin by the zoom factor.

        Test: intersection-observer/root-margin-with-zoom.html

        * dom/Document.cpp:
        (WebCore::expandRootBoundsWithRootMargin):
        (WebCore::computeIntersectionState):

2020-03-20  Don Olmstead  <don.olmstead@sony.com>

        [GPUP] Add PlatformLayerContainer to hold pointer to PlatformLayer
        https://bugs.webkit.org/show_bug.cgi?id=208963

        Reviewed by Eric Carlson.

        Add a PlatformLayerContainer definition for use within the GPU Process code.
        Migrate to using over typedef in the file.

        * platform/graphics/PlatformLayer.h:

2020-03-20  Andres Gonzalez  <andresg_22@apple.com>

        Isolated tree updates must happen after AXObject has finished handling notifications.
        https://bugs.webkit.org/show_bug.cgi?id=209354

        Reviewed by Chris Fleizach.

        Isolated tree updates were happening in AXObjectCache::postNotification,
        but that is too early because the AXObject tree is updated during
        notificationPostTimerFired. Thus, moved the updates to after all
        AXObject tree updates have been done.
        In addition, fixed the check for replacement of the IsolatedObject in
        AXIsolatedTree::applyPendingChanges, which now happens only if the old
        and new objects have the same platform wrapper.

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::notificationPostTimerFired):
        (WebCore::AXObjectCache::postNotification):
        * accessibility/isolatedtree/AXIsolatedTree.cpp:
        (WebCore::AXIsolatedTree::applyPendingChanges):

2020-03-20  Andres Gonzalez  <andresg_22@apple.com>

        Fix for retrieving focus in isolated tree mode.
        https://bugs.webkit.org/show_bug.cgi?id=209336

        Reviewed by Chris Fleizach.

        Focused object requests can come on the secondary thread before the
        isolated tree has been generated. Thus, AXObjectCache::isolatedTreeFocusedObject
        needs to generate the isolated tree if it doesn't exist, similar to
        isolatedTreeRootObject.

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::isolatedTreeFocusedObject):
        (WebCore::AXObjectCache::focusedUIElementForPage):
        (WebCore::AXObjectCache::getOrCreateIsolatedTree const):
        (WebCore::AXObjectCache::isolatedTreeRootObject):
        * accessibility/AXObjectCache.h:
        * accessibility/isolatedtree/AXIsolatedObject.cpp:
        (WebCore::AXIsolatedObject::focusedUIElement const):
        * accessibility/isolatedtree/AXIsolatedTree.h:
        m_pendingFocusedNodeID wasn't being initialized, which was causing
        random crashes when accessing the HashMap of isolated objects for a
        spurious AXID.

2020-03-20  Tim Horton  <timothy_horton@apple.com>

        Upstream a variety of Cocoa-platform HAVE and ENABLE macros
        https://bugs.webkit.org/show_bug.cgi?id=209307

        Reviewed by Andy Estes.

        * Configurations/FeatureDefines.xcconfig:

2020-03-20  youenn fablet  <youenn@apple.com>

        Add routines to check about:blank and about:srcdoc URLs
        https://bugs.webkit.org/show_bug.cgi?id=209174

        Reviewed by Alex Christensen.

        * Modules/fetch/FetchRequest.cpp:
        (WebCore::computeReferrer):
        * dom/Document.cpp:
        (WebCore::isURLPotentiallyTrustworthy):
        * html/HTMLFrameElementBase.cpp:
        (WebCore::HTMLFrameElementBase::location const):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::shouldTreatURLAsSrcdocDocument const):
        * page/SecurityPolicy.cpp:
        (WebCore::SecurityPolicy::shouldInheritSecurityOriginFromOwner):

2020-03-20  Chris Dumez  <cdumez@apple.com>

        [iOS] Articles on NYTimes.com get truncated when switching between MobileSafari and another app
        https://bugs.webkit.org/show_bug.cgi?id=209321
        <rdar://problem/59763843>

        Reviewed by Tim Horton.

        Articles on NYTimes.com get truncated when switching between MobileSafari and another app
        (multitasking). The reason is that when you home out of MobileSafari, snapshots of the
        web view are taken at various sizes and we were firing 5 resizes events at the page as a
        result. Those resize events were confusing the logic on NYTimes.com and causing it to
        truncate the article.

        To address the issue, we stop firing resize events at the page if the resize is happening
        during the snapshotting sequence.

        * page/FrameView.cpp:
        (WebCore::FrameView::sendResizeEventIfNeeded):
        * page/Page.h:
        (WebCore::Page::shouldFireResizeEvents const):
        (WebCore::Page::setShouldFireResizeEvents):

2020-03-20  Jacob Uphoff  <jacob_uphoff@apple.com>

        Unreviewed, reverting r258748.

        This commit broke the Catalina build

        Reverted changeset:

        "Upstream a variety of Cocoa-platform HAVE and ENABLE macros"
        https://bugs.webkit.org/show_bug.cgi?id=209307
        https://trac.webkit.org/changeset/258748

2020-03-20  Zalan Bujtas  <zalan@apple.com>

        [LFC][IFC] Avoid infinite loop when stuck on partial content
        https://bugs.webkit.org/show_bug.cgi?id=209312
        <rdar://problem/59954605>

        Reviewed by Simon Fraser.

        Speculative fix to address infinite loop/running out of inline run vector capacity at InlineFormattingContext::setDisplayBoxesForLine.
        (Checking if we managed to progress on the content while having partial runs.)

        * layout/inlineformatting/InlineFormattingContext.cpp:
        (WebCore::Layout::InlineFormattingContext::lineLayout):
        * layout/inlineformatting/LineLayoutContext.cpp:
        (WebCore::Layout::LineLayoutContext::nextContentForLine):
        (WebCore::Layout::LineLayoutContext::handleFloatsAndInlineContent):

2020-03-20  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] White-list vp09 in the codec registry
        https://bugs.webkit.org/show_bug.cgi?id=209288

        Reviewed by Xabier Rodriguez-Calvar.

        * platform/graphics/gstreamer/GStreamerRegistryScanner.cpp:
        (WebCore::GStreamerRegistryScanner::initialize):

2020-03-20  Jack Lee  <shihchieh_lee@apple.com>

        Nullptr crash in RenderObject::RenderObjectBitfields::isBox when current renderer is the RenderView
        https://bugs.webkit.org/show_bug.cgi?id=209251
        <rdar://problem/60103614>

        Reviewed by Antti Koivisto.

        It’s perfectly fine to call AccessibilityRenderObject::nextSibling on the RenderView (empty document) and since the RenderView has no sibling, let’s just early return with nullptr.

        Test: fast/frames/iframe-empty-doc-crash.html

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::nextSibling const):

2020-03-20  Mike Gorse  <mgorse@suse.com>

        Fix build with gstreamer 1.12
        https://bugs.webkit.org/show_bug.cgi?id=209296

        Reviewed by Philippe Normand.

        No new tests (build fix only).

        * platform/graphics/gstreamer/GLVideoSinkGStreamer.cpp:
        (webKitGLVideoSinkChangeState): Add GST_VERSION_CHECK around check for
        GST_STATE_CHANGE_READY_TO_READY.

2020-03-20  Philippe Normand  <pnormand@igalia.com>

        [Unix] Allow runtime release logging levels configuration
        https://bugs.webkit.org/show_bug.cgi?id=209286

        Reviewed by Adrian Perez de Castro.

        Setting to a comma-separated list like in this example should now work as expected:

        WEBKIT_DEBUG="Media=debug,MediaSource=info" run-minibrowser --gtk ...

        * platform/unix/LoggingUnix.cpp:
        (WebCore::logLevelString):

2020-03-19  Simon Fraser  <simon.fraser@apple.com>

        Some scroll snapping tests are still flaky
        https://bugs.webkit.org/show_bug.cgi?id=165196

        Reviewed by Wenson Hsieh.

        WheelEventTestMonitor could trigger too early if the main thread was bogged down, delaying
        the firing of the m_updateNodeScrollPositionTimer scheduled from
        AsyncScrollingCoordinator::scheduleUpdateScrollPositionAfterAsyncScroll().

        Fix by extending the life of the "ScrollingThreadSyncNeeded" reason until after the m_updateNodeScrollPositionTimer
        has fired

        Fixes flakiness of tiled-drawing/scrolling/scroll-snap/scroll-snap-mandatory-mainframe-slow-vertical.html
        and others.

        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::noteScrollingThreadSyncCompleteForNode):
        (WebCore::AsyncScrollingCoordinator::scheduleUpdateScrollPositionAfterAsyncScroll):
        (WebCore::AsyncScrollingCoordinator::updateScrollPositionAfterAsyncScrollTimerFired):
        * page/scrolling/AsyncScrollingCoordinator.h:
        * page/scrolling/ThreadedScrollingTree.cpp:
        (WebCore::ThreadedScrollingTree::scrollingTreeNodeDidScroll):

2020-03-19  Peng Liu  <peng.liu6@apple.com>

        Safari video gravity changes performance improvements
        https://bugs.webkit.org/show_bug.cgi?id=209316

        Reviewed by Eric Carlson.

        Remove an unnecessary (and harmful) call of setVideoLayerFrame in WebAVPlayerLayer:layoutSublayers.

        When a video with the gravity AVLayerVideoGravityResizeAspectFill needs to enter the
        picture-in-picture mode from fullscreen, the extra call of setVideoLayerFrame will send
        an extra IPC message to the Web process to set the video layer bounds. So the [CATransaction commit]
        will need to wait for three property changes to complete - two in the Web process, and one in the
        UI process. The interval of the two property changes in the Web process is over 100 ms, because we
        delay the call of resolveBounds (which calls the second setVideoLayerFrame) at least 100 ms
        in WebAVPlayerLayer:layoutSublayers. That leads to long durations of core animation commits.
        In the test, the longest duration of commits is over 500 ms. After applying this patch,
        the longest duration in the test is about 50 ms.

        * platform/ios/VideoFullscreenInterfaceAVKit.mm:
        (-[WebAVPlayerLayer layoutSublayers]):

2020-03-19  Tim Horton  <timothy_horton@apple.com>

        Upstream a variety of Cocoa-platform HAVE and ENABLE macros
        https://bugs.webkit.org/show_bug.cgi?id=209307

        Reviewed by Andy Estes.

        * Configurations/FeatureDefines.xcconfig:

2020-03-19  Sunny He  <sunny_he@apple.com>

        ScriptDisallowedScope should disable isEventAllowedInMainThread and isEventDispatchAllowedInSubtree asserts in WebKit1
        https://bugs.webkit.org/show_bug.cgi?id=209165

        Reviewed by Ryosuke Niwa.

        Under very intricate sequences of event dispatch in WebKit1, it is
        possible for security asserts to be triggered even if there is no
        underlying security issue soley due to the design patterns of
        WebKit1.

        No new tests since the conditions for reproduction are very delicate
        and difficult to reliably capture in a test case.

        * dom/ScriptDisallowedScope.h:
        (WebCore::ScriptDisallowedScope::isEventAllowedInMainThread):
        (WebCore::ScriptDisallowedScope::InMainThread::isEventDispatchAllowedInSubtree):

2020-03-19  Tim Horton  <timothy_horton@apple.com>

        Upstream the definition of HAVE_READ_ONLY_SYSTEM_VOLUME
        https://bugs.webkit.org/show_bug.cgi?id=209305

        Reviewed by Andy Estes.

        * platform/mac/BlacklistUpdater.mm:

2020-03-19  Javier Fernandez  <jfernandez@igalia.com>

        [css-grid] Changes in grid or elements inside the grid affects margin on other elements in the grid
        https://bugs.webkit.org/show_bug.cgi?id=209203

        Reviewed by Darin Adler.

        We should ignore the previously computed auto margins wheneven a relayout is performed.

        Tests: imported/w3c/web-platform-tests/css/css-grid/alignment/grid-block-axis-alignment-auto-margins-001.html
               imported/w3c/web-platform-tests/css/css-grid/alignment/grid-block-axis-alignment-auto-margins-002.html
               imported/w3c/web-platform-tests/css/css-grid/alignment/grid-block-axis-alignment-auto-margins-003.html
               imported/w3c/web-platform-tests/css/css-grid/alignment/grid-block-axis-alignment-auto-margins-004.html
               imported/w3c/web-platform-tests/css/css-grid/alignment/grid-block-axis-alignment-auto-margins-005.html
               imported/w3c/web-platform-tests/css/css-grid/alignment/grid-block-axis-alignment-auto-margins-006.html
               imported/w3c/web-platform-tests/css/css-grid/alignment/grid-block-axis-alignment-auto-margins-007.html
               imported/w3c/web-platform-tests/css/css-grid/alignment/grid-block-axis-alignment-auto-margins-008.html
               imported/w3c/web-platform-tests/css/css-grid/alignment/grid-inline-axis-alignment-auto-margins-001.html
               imported/w3c/web-platform-tests/css/css-grid/alignment/grid-inline-axis-alignment-auto-margins-002.html
               imported/w3c/web-platform-tests/css/css-grid/alignment/grid-inline-axis-alignment-auto-margins-003.html
               imported/w3c/web-platform-tests/css/css-grid/alignment/grid-inline-axis-alignment-auto-margins-004.html
               imported/w3c/web-platform-tests/css/css-grid/alignment/grid-inline-axis-alignment-auto-margins-005.html
               imported/w3c/web-platform-tests/css/css-grid/alignment/grid-inline-axis-alignment-auto-margins-006.html
               imported/w3c/web-platform-tests/css/css-grid/alignment/grid-inline-axis-alignment-auto-margins-007.html
               imported/w3c/web-platform-tests/css/css-grid/alignment/grid-inline-axis-alignment-auto-margins-008.html

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::updateAutoMarginsInRowAxisIfNeeded):
        (WebCore::RenderGrid::updateAutoMarginsInColumnAxisIfNeeded):

2020-03-19  Andres Gonzalez  <andresg_22@apple.com>

        Remove caching of isOnScreen since it is not used.
        https://bugs.webkit.org/show_bug.cgi?id=209306

        Reviewed by Chris Fleizach.

        AXIsolatedObject was caching isOnScreen and it wasn't used. It has a
        performance impact since it needs to run on the main thread. thus this
        change removes it from the cache.

        * accessibility/AccessibilityObjectInterface.h:
        * accessibility/isolatedtree/AXIsolatedObject.cpp:
        (WebCore::AXIsolatedObject::initializeAttributeData):
        * accessibility/isolatedtree/AXIsolatedObject.h:

2020-03-19  Andres Gonzalez  <andresg_22@apple.com>

        URL needs to be isolatedCopied when cached in AXIsolatedObject.
        https://bugs.webkit.org/show_bug.cgi?id=209298

        Reviewed by Chris Fleizach.

        AXIsolatedObject needs to isolatedCopy the URL property in order to use
        it on the secondary thread.

        * accessibility/isolatedtree/AXIsolatedObject.cpp:
        (WebCore::AXIsolatedObject::initializeAttributeData):

2020-03-19  Takashi Komori  <Takashi.Komori@sony.com>

        [Curl] Add an API returns description of verification errors.
        https://bugs.webkit.org/show_bug.cgi?id=208913

        Reviewed by Fujii Hironori.

        WKCertificateInfoCopyVerificationErrorDescription returns the description of SSL verification error as human readable string.
        Browser can display more precise error information with this API.

        API Test: Curl.CertificateAPI

        * platform/network/curl/CertificateInfo.h:
        * platform/network/curl/CertificateInfoCurl.cpp:
        (WebCore::CertificateInfo::verificationErrorDescription const):

2020-03-19  Tim Horton  <timothy_horton@apple.com>

        Implement support for cursor interactions on iPad
        https://bugs.webkit.org/show_bug.cgi?id=209268

        Reviewed by Darin Adler.

        No new tests in this patch, just upstreaming. Will attempt to enable
        some macOS mouse event tests on iOS in the future, though.

        * platform/RuntimeApplicationChecks.h:
        * platform/cocoa/RuntimeApplicationChecksCocoa.mm:
        (WebCore::IOSApplication::isNews):
        (WebCore::IOSApplication::isStocks):
        (WebCore::IOSApplication::isFeedly):
        Add some bundle ID checks needed in WebKit.

2020-03-19  Andres Gonzalez  <andresg_22@apple.com>

        AXIsolatedObject implementation of the title method.
        https://bugs.webkit.org/show_bug.cgi?id=209291

        Reviewed by Chris Fleizach.

        - Implements AXIsolatedObgject::title.
        - Modified implementation of AXIsolatedObject::titleAttributeValue to
        use its appropriate key.

        * accessibility/isolatedtree/AXIsolatedObject.cpp:
        (WebCore::AXIsolatedObject::initializeAttributeData):
        (WebCore::AXIsolatedObject::title const): Deleted.
        * accessibility/isolatedtree/AXIsolatedObject.h:

2020-03-19  Chris Fleizach  <cfleizach@apple.com>

        AX: VO and safari: can't press the play button
        https://bugs.webkit.org/show_bug.cgi?id=209249

        Reviewed by Darin Adler.

        Test: accessibility/ios-simulator/has-touch-event-listener-with-shadow.html

        If a node is in a shadowRoot, going up the node parent tree will stop and not check the entire tree for touch event listeners
        and a touch event won't be dispatched. We need to change to use the parentInComposedTree instead to go up the chain.

        * accessibility/ios/AccessibilityObjectIOS.mm:
        (WebCore::AccessibilityObject::hasTouchEventListener const):

2020-03-19  Andres Gonzalez  <andresg_22@apple.com>

        [WebAccessibilityObjectWrapper remoteAccessibilityParentObject] must run on the main thread.
        https://bugs.webkit.org/show_bug.cgi?id=209284

        Reviewed by Chris Fleizach.

        - Dispatch [WebAccessibilityObjectWrapper remoteAccessibilityParentObject] to the main thread.
        - [WebAccessibilityObjectWrapper windowElement:] must then call it outside the dispatched lambda.

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper remoteAccessibilityParentObject]):
        (-[WebAccessibilityObjectWrapper windowElement:]):

2020-03-19  Antoine Quint  <graouts@apple.com>

        [Web Animations] Mark promises as handled when rejected
        https://bugs.webkit.org/show_bug.cgi?id=209240
        <rdar://problem/60592305>

        Reviewed by Youenn Fablet.

        Implementing the spec change discussed in https://github.com/w3c/csswg-drafts/issues/4556.

        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::cancel):
        (WebCore::WebAnimation::resetPendingTasks):

2020-03-19  Charlie Turner  <cturner@igalia.com>

        Fix many warnings with Clang 7.0 on GTK x86-64 in Debug.
        https://bugs.webkit.org/show_bug.cgi?id=209146

        Reviewed by Darin Adler.

        Warning fixes, no new tests.

        * Modules/encryptedmedia/MediaKeys.cpp:
        (WebCore::MediaKeys::MediaKeys):
        * Modules/webaudio/MediaStreamAudioSource.h: The m_numberOfFrames ivar
        is platform-specific.
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::load):
        * platform/graphics/texmap/TextureMapperGL.cpp:
        (WebCore::TextureMapperGLData::getStaticVBO):
        * platform/mediastream/RealtimeVideoSource.h:
        * platform/mediastream/gstreamer/GStreamerAudioCapturer.h: There are
        still virtual methods in this class, but no virtual destructor. Since
        this won't be subclassed further (I doubt, anyway!) lets make it final
        and plug the bug.
        * platform/mediastream/gstreamer/GStreamerVideoCaptureSource.cpp:
        * platform/mediastream/gstreamer/GStreamerVideoCapturer.h: See
        AudioCapturer.
        * platform/mediastream/libwebrtc/GStreamerVideoDecoderFactory.cpp:
        (WebCore::GStreamerVideoDecoder::RegisterDecodeCompleteCallback): Deleted.
        (WebCore::GStreamerVideoDecoder::ImplementationName const): Deleted.
        * platform/mediastream/libwebrtc/GStreamerVideoEncoder.cpp:
        * platform/mediastream/libwebrtc/GStreamerVideoEncoderFactory.cpp: The
        encoder was being used uninitialized, and hence codec support can not
        be working as intended. Fix that bug.
        (WebCore::GStreamerVideoEncoder::AddCodecIfSupported):
        (WebCore::GStreamerVideoEncoder::InitEncode): Deleted.
        (WebCore::GStreamerVideoEncoder::GetEncoderInfo const): Deleted.
        * platform/mediastream/libwebrtc/GStreamerVideoEncoderFactory.h:
        * platform/network/soup/NetworkStorageSessionSoup.cpp:
        (WebCore::NetworkStorageSession::setCookies):
        * rendering/RenderLayerBacking.h: Condition the bear trap on Cocoa
        platform where the crash is being seen. On GTK these traps generate
        warning spam and we don't see the crash here.
        * rendering/RenderThemeAdwaita.h:
        * testing/Internals.cpp:
        (WebCore::Internals::readPreferenceInteger):
        (WebCore::Internals::encodedPreferenceValue):
        (WebCore::Internals::getUTIFromMIMEType):
        (WebCore::Internals::getUTIFromTag):

2020-03-19  Antoine Quint  <graouts@apple.com>

        onwebkit{animation, transition}XX handlers missing from Document
        https://bugs.webkit.org/show_bug.cgi?id=206170
        <rdar://problem/58596373>

        Reviewed by Youenn Fablet.

        We now specify the non-standard CSS Animations and CSS Transitions event handlers on DocumentAndElementEventHandlers.idl rather than Element.idl
        such that they specified on both Element and Document.

        * dom/DocumentAndElementEventHandlers.idl:
        * dom/Element.idl:

2020-03-19  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK][WPE] Media controls numeric position value is not automatically updated during playback
        https://bugs.webkit.org/show_bug.cgi?id=209051

        Reviewed by Philippe Normand.

        The time label is not updated because updateTime() thinks the media controls are hidden when not hovered, but
        for audio elements the controls are always visible.

        * Modules/mediacontrols/mediaControlsAdwaita.js:
        (Controller.prototype.controlsAreAlwaysVisible): Return true for audio elements.

2020-03-19  Enrique Ocaña González  <eocanha@igalia.com>

        [GTK] media/track/track-automatic-subtitles.html is timing out
        https://bugs.webkit.org/show_bug.cgi?id=116957

        Reviewed by Adrian Perez de Castro.

        Moved CaptionUserPreferencesMediaAF::textTrackSelectionScore() implementation
        to the CaptionUserPreferencesMedia superclass.

        Tested by existing test.

        * page/CaptionUserPreferences.cpp:
        (WebCore::CaptionUserPreferences::textTrackSelectionScore const):
        * page/CaptionUserPreferencesMediaAF.cpp:
        * page/CaptionUserPreferencesMediaAF.h:

2020-03-19  Philippe Normand  <pnormand@igalia.com>

        [GTK][WPE] Unreviewed, build fixes after r258547 when disabling release logging support

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::MediaPlayerPrivateGStreamer):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
        * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.h:

2020-03-19  youenn fablet  <youenn@apple.com>

        Make URL::path() return a StringView
        https://bugs.webkit.org/show_bug.cgi?id=209173

        Reviewed by Alex Christensen.

        Update code according new path return type.

        * Modules/plugins/YouTubePluginReplacement.cpp:
        (WebCore::processAndCreateYouTubeURL):
        (WebCore::YouTubePluginReplacement::youTubeURLFromAbsoluteURL):
        * html/Autofill.cpp:
        (WebCore::AutofillData::createFromHTMLFormControlElement):
        * html/URLUtils.h:
        (WebCore::URLUtils<T>::pathname const):
        * loader/FormSubmission.cpp:
        (WebCore::appendMailtoPostFormDataToURL):
        * loader/appcache/ManifestParser.cpp:
        (WebCore::manifestPath):
        * page/Location.cpp:
        (WebCore::Location::pathname const):
        * page/UserContentURLPattern.cpp:
        (WebCore::MatchTester::MatchTester):
        (WebCore::UserContentURLPattern::matchesPath const):
        * page/csp/ContentSecurityPolicySource.cpp:
        (WebCore::ContentSecurityPolicySource::pathMatches const):
        * platform/network/curl/CookieJarDB.cpp:
        (WebCore::CookieJarDB::searchCookies):
        (WebCore::CookieJarDB::deleteCookie):
        * platform/network/curl/CookieUtil.cpp:
        (WebCore::CookieUtil::defaultPathForURL):
        * platform/network/curl/CurlRequest.cpp:
        (WebCore::CurlRequest::invokeDidReceiveResponseForFile):
        * platform/text/TextEncoding.cpp:
        (WebCore::decodeURLEscapeSequences):
        * platform/text/TextEncoding.h:
        * workers/WorkerLocation.cpp:
        (WebCore::WorkerLocation::pathname const):
        * workers/service/ServiceWorkerContainer.cpp:
        (WebCore::ServiceWorkerContainer::addRegistration):
        * workers/service/ServiceWorkerJob.cpp:
        (WebCore::ServiceWorkerJob::validateServiceWorkerResponse):
        * workers/service/server/RegistrationDatabase.cpp:
        (WebCore::RegistrationDatabase::doPushChanges):

2020-03-18  Peng Liu  <peng.liu6@apple.com>

        The value of [AVPlayerViewController isPictureInPicturePossible] is NO in the first attempt to enter PiP
        https://bugs.webkit.org/show_bug.cgi?id=204979

        Reviewed by Jer Noble.

        A follow-up patch to fix build failures.
        This patch also removes a meaningless line in the dealloc of WebAVPlayerViewController.

        * platform/ios/VideoFullscreenInterfaceAVKit.mm:
        (-[WebAVPlayerViewController initWithFullscreenInterface:]):
        (-[WebAVPlayerViewController dealloc]):
        (VideoFullscreenInterfaceAVKit::doEnterFullscreen):

2020-03-18  Andres Gonzalez  <andresg_22@apple.com>

        Use helper function retainPtr(T*) instead of creating one.
        https://bugs.webkit.org/show_bug.cgi?id=209269

        Reviewed by Chris Fleizach.

        This is acorrection to patch in bug: https://bugs.webkit.org/show_bug.cgi?id=209247.
        Use the existing retainPtr helper funtion instead of creating a new helper.

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper attachmentView]):
        (-[WebAccessibilityObjectWrapper doAXAttributedStringForTextMarkerRange:spellCheck:]):
        (-[WebAccessibilityObjectWrapper textMarkerRangeFromVisiblePositions:endPosition:]):
        (-[WebAccessibilityObjectWrapper associatedPluginParent]):
        (-[WebAccessibilityObjectWrapper windowElement:]):
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):
        (-[WebAccessibilityObjectWrapper accessibilityShowContextMenu]):
        (-[WebAccessibilityObjectWrapper textMarkerRangeAtTextMarker:forUnit:]):
        (-[WebAccessibilityObjectWrapper lineTextMarkerRangeForTextMarker:forUnit:]):
        (-[WebAccessibilityObjectWrapper textMarkerForTextMarker:atUnit:]):
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):
        (retainWrapper): Deleted.

2020-03-18  Zalan Bujtas  <zalan@apple.com>

        [Multicolumn] RenderListItem::positionListMarker should not fail when the list marker is inside a spanner.
        https://bugs.webkit.org/show_bug.cgi?id=209262
        <rdar://problem/58447665>

        Reviewed by Simon Fraser.

        When the list marker is in a column spanner and as a result it gets moved under the column flow, the
        normal "let's find the list item by walking up on the ancestor chain" does not work anymore.
        We need to check if this list marker is inside a spanner and climb up on the ancestor chain by
        using the spanner placeholder position (see RenderListMarker::parentBox).
        This patch also moves the marker's overflow computation from the list item to the marker.

        Test: fast/multicol/list-item-marker-inside-column-spanner.html

        * rendering/RenderListItem.cpp:
        (WebCore::RenderListItem::addOverflowFromChildren):
        (WebCore::RenderListItem::positionListMarker): Deleted.
        * rendering/RenderListMarker.cpp:
        (WebCore::RenderListMarker::parentBox):
        (WebCore::RenderListMarker::addOverflowFromListMarker):
        (WebCore::RenderListMarker::layout):
        * rendering/RenderListMarker.h:

2020-03-18  Simon Fraser  <simon.fraser@apple.com>

        eventSender.monitorWheelEvents() is very fragile
        https://bugs.webkit.org/show_bug.cgi?id=197819
        <rdar://problem/51319456>

        Reviewed by Tim Horton.

        Deflake tests using eventSender.monitorWheelEvents() by fixing several causes of flakiness,
        adding back changes from r257844 that were reverted in r258558.
        
        First, have EventSendingController keep track of whether it's seen then "end" event
        for the scrolling and momentum phases, and pass this down to WheelEventTestMonitor, which
        now waits until it sees these, which prevents premature triggering which was a common cause of
        failure before.
        
        Second, remove WheelEventTestMonitor's 1/60s timer and instead have WheelEventTestMonitor test
        for completion in a callout from the end of Page::updateRendering(), which makes it test
        and fire at a more consistent time.
        
        Third, push WheelEventTestMonitor to the ScrollingTree, so that reasons for deferral
        can be added on the scrolling thread. This fixes an issue where the RunLoop::main().dispatch()
        used to send the "ScrollingThreadSyncNeeded" reason to the main thread would get delayed,
        also resulting in a premature trigger.

        * Modules/applepay/ApplePaySession.cpp: Unified sources!
        * dom/WindowEventLoop.cpp: Unified sources!
        * page/EventHandler.cpp:
        (WebCore::EventHandler::handleWheelEvent):
        * page/FrameView.cpp:
        (WebCore::FrameView::scrollOffsetChangedViaPlatformWidgetImpl):
        * page/Page.cpp:
        (WebCore::Page::doAfterUpdateRendering):
        (WebCore::Page::wheelEventTestMonitor const):
        (WebCore::Page::clearWheelEventTestMonitor):
        (WebCore::Page::isMonitoringWheelEvents const):
        (WebCore::Page::ensureWheelEventTestMonitor):
        * page/Page.h:
        (WebCore::Page::wheelEventTestMonitor const): Deleted.
        (WebCore::Page::clearWheelEventTestMonitor): Deleted.
        (WebCore::Page::isMonitoringWheelEvents const): Deleted.
        * page/WheelEventTestMonitor.cpp:
        (WebCore::WheelEventTestMonitor::WheelEventTestMonitor):
        (WebCore::WheelEventTestMonitor::clearAllTestDeferrals):
        (WebCore::WheelEventTestMonitor::setTestCallbackAndStartMonitoring):
        (WebCore::WheelEventTestMonitor::deferForReason):
        (WebCore::WheelEventTestMonitor::removeDeferralForReason):
        (WebCore::WheelEventTestMonitor::receivedWheelEvent):
        (WebCore::WheelEventTestMonitor::scheduleCallbackCheck):
        (WebCore::WheelEventTestMonitor::checkShouldFireCallbacks):
        (WebCore::operator<<):
        (WebCore::WheelEventTestMonitor::setTestCallbackAndStartNotificationTimer): Deleted.
        (WebCore::WheelEventTestMonitor::triggerTestTimerFired): Deleted.
        * page/WheelEventTestMonitor.h:
        (WebCore::WheelEventTestMonitorCompletionDeferrer::WheelEventTestMonitorCompletionDeferrer):
        (WebCore::WheelEventTestMonitorCompletionDeferrer::~WheelEventTestMonitorCompletionDeferrer):
        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::frameViewLayoutUpdated):
        (WebCore::AsyncScrollingCoordinator::deferWheelEventTestCompletionForReason const): Deleted.
        (WebCore::AsyncScrollingCoordinator::removeWheelEventTestCompletionDeferralForReason const): Deleted.
        * page/scrolling/AsyncScrollingCoordinator.h:
        * page/scrolling/ScrollingCoordinator.h:
        (WebCore::ScrollingCoordinator::startMonitoringWheelEvents):
        (WebCore::ScrollingCoordinator::stopMonitoringWheelEvents):
        * page/scrolling/ScrollingTree.cpp:
        (WebCore::ScrollingTree::handleWheelEvent):
        * page/scrolling/ScrollingTree.h:
        (WebCore::ScrollingTree::setWheelEventTestMonitor):
        (WebCore::ScrollingTree::receivedWheelEvent):
        * page/scrolling/ThreadedScrollingTree.cpp:
        (WebCore::ThreadedScrollingTree::scrollingTreeNodeDidScroll):
        (WebCore::ThreadedScrollingTree::deferWheelEventTestCompletionForReason): Deleted.
        (WebCore::ThreadedScrollingTree::removeWheelEventTestCompletionDeferralForReason): Deleted.
        * page/scrolling/ThreadedScrollingTree.h:
        * page/scrolling/mac/ScrollingCoordinatorMac.h:
        * page/scrolling/mac/ScrollingCoordinatorMac.mm:
        (WebCore::ScrollingCoordinatorMac::startMonitoringWheelEvents):
        (WebCore::ScrollingCoordinatorMac::stopMonitoringWheelEvents):
        * page/scrolling/mac/ScrollingTreeMac.h:
        * page/scrolling/mac/ScrollingTreeMac.mm:
        (ScrollingTreeMac::setWheelEventTestMonitor):
        (ScrollingTreeMac::receivedWheelEvent):
        (ScrollingTreeMac::deferWheelEventTestCompletionForReason):
        (ScrollingTreeMac::removeWheelEventTestCompletionDeferralForReason):
        * page/scrolling/mac/ScrollingTreeScrollingNodeDelegateMac.mm:
        (WebCore::ScrollingTreeScrollingNodeDelegateMac::deferWheelEventTestCompletionForReason const):
        (WebCore::ScrollingTreeScrollingNodeDelegateMac::removeWheelEventTestCompletionDeferralForReason const):
        * testing/js/WebCoreTestSupport.cpp:
        (WebCoreTestSupport::setWheelEventMonitorTestCallbackAndStartMonitoring):
        (WebCoreTestSupport::setTestCallbackAndStartNotificationTimer): Deleted.
        * testing/js/WebCoreTestSupport.h:

2020-03-18  Fujii Hironori  <Hironori.Fujii@sony.com>

        AuthenticatorResponseData::decode should check bufferIsLargeEnoughToContain before allocating buffers
        https://bugs.webkit.org/show_bug.cgi?id=209133

        Reviewed by Darin Adler.

        Check bufferIsLargeEnoughToContain with the decoded size before
        allocating buffers.

        Replaced ArrayBuffer::create with ArrayBuffer::tryCreate, and
        added a null check.

        * Modules/webauthn/AuthenticatorResponseData.h:
        (WebCore::encodeArrayBuffer): Added.
        (WebCore::decodeArrayBuffer): Added.
        (WebCore::AuthenticatorResponseData::encode const):
        (WebCore::AuthenticatorResponseData::decode):

2020-03-18  Andres Gonzalez  <andresg_22@apple.com>

        Several TextMarker attributes need to run on the main thread.
        https://bugs.webkit.org/show_bug.cgi?id=209247

        Reviewed by Chris Fleizach.

        - Dispatch several TextMarker parameterized attributes to the main
        thread.
        - Added helper methods to return TextMarkers and TextMarkerRanges for
        diffferent units of text such as word or sentence.
        - Added a helper function, retainWrapper to make code a bit more
        readable in lambda definitions.

        * accessibility/mac/AXObjectCacheMac.mm:
        (WebCore::textMarkerForVisiblePosition):
        (WebCore::textMarkerRangeFromVisiblePositions):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (retainWrapper):
        (-[WebAccessibilityObjectWrapper attachmentView]):
        (-[WebAccessibilityObjectWrapper doAXAttributedStringForTextMarkerRange:spellCheck:]):
        (-[WebAccessibilityObjectWrapper textMarkerRangeFromVisiblePositions:endPosition:]):
        (-[WebAccessibilityObjectWrapper associatedPluginParent]):
        (-[WebAccessibilityObjectWrapper windowElement:]):
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):
        (-[WebAccessibilityObjectWrapper accessibilityShowContextMenu]):
        (-[WebAccessibilityObjectWrapper textMarkerRangeAtTextMarker:forUnit:]):
        (-[WebAccessibilityObjectWrapper lineTextMarkerRangeForTextMarker:forUnit:]):
        (-[WebAccessibilityObjectWrapper textMarkerForTextMarker:atUnit:]):
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):

2020-03-18  Zalan Bujtas  <zalan@apple.com>

        [MultiColumn] Ignore spanner boxes inside <legend>
        https://bugs.webkit.org/show_bug.cgi?id=209248
        <rdar://problem/51857865>

        Reviewed by Simon Fraser.

        <legend> boxes don't participate in the multicolumn flow, they are simply ignored.
        This patch ensures that we don't include their descendants in the spanner construction.
        <column>some<legend><div spanner></div></legend>content</column> <- the "spanner" div won't span the column content. 

        Test: fast/multicol/spanner-inside-legend-crash.html

        * rendering/updating/RenderTreeBuilderMultiColumn.cpp:
        (WebCore::isValidColumnSpanner):

2020-03-18  Yusuke Suzuki  <ysuzuki@apple.com>

        Add a way to mark a rejected promise as handled
        https://bugs.webkit.org/show_bug.cgi?id=209241

        Reviewed by Michael Saboff.

        This adds an interface using JSPromise::rejectAsHandled to DOMPromise classes.

        * bindings/js/DOMPromiseProxy.h:
        (WebCore::DOMPromiseProxy<IDLType>::reject):
        (WebCore::DOMPromiseProxy<IDLVoid>::reject):
        (WebCore::DOMPromiseProxyWithResolveCallback<IDLType>::reject):
        * bindings/js/JSDOMPromiseDeferred.cpp:
        (WebCore::DeferredPromise::callFunction):
        (WebCore::DeferredPromise::reject):
        * bindings/js/JSDOMPromiseDeferred.h:
        (WebCore::DeferredPromise::reject):
        (WebCore::DeferredPromise::rejectWithCallback):
        (WebCore::DOMPromiseDeferredBase::reject):
        (WebCore::DOMPromiseDeferredBase::rejectType):

2020-03-18  youenn fablet  <youenn@apple.com>

        WebPage should own a Ref<WebFrame>
        https://bugs.webkit.org/show_bug.cgi?id=209235

        Reviewed by Geoffrey Garen.

        * loader/FrameLoaderStateMachine.h:
        Export committedFirstRealDocumentLoad/

2020-03-18  Eugene But  <eugenebut@chromium.org>

        Fix ReplaceSelectionCommand::InsertedNodes::willRemoveNodePreservingChildren crash
        https://bugs.webkit.org/show_bug.cgi?id=208312
        
        Reviewed by Ryosuke Niwa

        ReplaceSelectionCommand::InsertedNodes::willRemoveNodePreservingChildren
        was crashing on dereferencing m_firstNodeInserted pointer. Before the crash
        ReplaceSelectionCommand::InsertedNodes object received the following calls:

        respondToNodeInsertion() with node A, which set m_firstNodeInserted and m_lastNodeInserted to A
        willRemoveNode() with node B, which left m_firstNodeInserted and m_lastNodeInserted unchanged (A)
        (node A was destroyed setting m_firstNodeInserted and m_lastNodeInserted to null)
        respondToNodeInsertion() with node C, which set m_firstNodeInserted and m_lastNodeInserted to C
        willRemoveNodePreservingChildren() with node C, which set m_firstNodeInserted to null and crashed

        This patch checks m_firstNodeInserted before dereferencing and sets m_lastNodeInserted to null if
        m_firstNodeInserted became null. It seems like having non-null value for m_lastNodeInserted would
        be an invalid state.

        Test: editing/pasteboard/insert-apple-style-span-after-timeout.html

        * editing/ReplaceSelectionCommand.cpp:
        (WebCore::ReplaceSelectionCommand::InsertedNodes::willRemoveNodePreservingChildren):

2020-03-18  Youenn Fablet  <youenn@apple.com>

        CrossOriginPreflightResultCacheItem::allows methods should not use out parameters
        https://bugs.webkit.org/show_bug.cgi?id=209224

        Reviewed by Alex Christensen.

        Instead of having an out parameter for the error description, either return whether there is an error or not.
        Covered by existing tests.

        * loader/CrossOriginPreflightResultCache.cpp:
        (WebCore::CrossOriginPreflightResultCacheItem::validateMethodAndHeaders const):
        (WebCore::CrossOriginPreflightResultCacheItem::allowsCrossOriginMethod const):
        (WebCore::CrossOriginPreflightResultCacheItem::validateCrossOriginHeaders const):
        (WebCore::CrossOriginPreflightResultCacheItem::allowsRequest const):
        (WebCore::CrossOriginPreflightResultCacheItem::allowsCrossOriginHeaders const): Deleted.
        * loader/CrossOriginPreflightResultCache.h:

2020-03-18  Peng Liu  <peng.liu6@apple.com>

        The value of [AVPlayerViewController isPictureInPicturePossible] is NO in the first attempt to enter PiP
        https://bugs.webkit.org/show_bug.cgi?id=204979

        Reviewed by Jer Noble.

        Since [AVPlayerViewControl isPictureInPicturePossible] can be NO initially, we may fail to enter
        the Picture-in-Picture mode.

        This patch implements the mechanism to observe [AVPlayerViewControl isPictureInPicturePossible] after
        a user requests to enter the Picture-in-Picture mode, and call [AVPlayerViewController startPictureInPicture]
        when [AVPlayerViewController isPictureInPicturePossible] changes to YES.
        A timer is added to monitor the status. If [AVPlayerViewController isPictureInPicturePossible] does not
        change to YES in 0.5 second, we will give up the attempt.

        * platform/ios/VideoFullscreenInterfaceAVKit.mm:
        (-[WebAVPlayerViewController initWithFullscreenInterface:]):
        (-[WebAVPlayerViewController dealloc]):
        (-[WebAVPlayerViewController MY_NO_RETURN]):
        (VideoFullscreenInterfaceAVKit::doEnterFullscreen):

2020-03-18  Frederic Wang  <fwang@igalia.com>

        frame/iframe scrolling attribute does to recognize value "noscroll" or "off"
        https://bugs.webkit.org/show_bug.cgi?id=208570

        Reviewed by Rob Buis.

        Tests: imported/w3c/web-platform-tests/html/rendering/non-replaced-elements/the-page/iframe-scrolling-attribute.html
               imported/w3c/web-platform-tests/html/rendering/non-replaced-elements/the-page/iframe-scrolling-attribute-values.html

        * html/HTMLFrameElementBase.cpp:
        (WebCore::HTMLFrameElementBase::scrollingMode const): Treat "noscroll" and "off" the same as "no".

2020-03-18  Chris Dumez  <cdumez@apple.com>

        [ Mac wk2 ] http/wpt/beacon/beacon-quota.html is flaky failing
        https://bugs.webkit.org/show_bug.cgi?id=207894
        <rdar://problem/59551688>

        Reviewed by Geoffrey Garen.

        Add internals API exposing the number of inflight beacon loads for a given navigator object
        so that the test can rely on it.

        * Modules/beacon/NavigatorBeacon.h:
        * testing/Internals.cpp:
        (WebCore::Internals::inflightBeaconsCount const):
        * testing/Internals.h:
        * testing/Internals.idl:

2020-03-18  Frederic Wang  <fwang@igalia.com>

        [intersection-observer] Accept a Document as an explicit root
        https://bugs.webkit.org/show_bug.cgi?id=208047

        Reviewed by Rob Buis.

        No new tests, no behavior change.

        * page/IntersectionObserver.cpp:
        (WebCore::IntersectionObserver::create):
        (WebCore::IntersectionObserver::IntersectionObserver):
        * page/IntersectionObserver.h:
        (WebCore::IntersectionObserver::root const):

2020-03-18  Joonghun Park  <jh718.park@samsung.com>

        Unreviewed. Remove the build warnings below since r256756
        warning: unused parameter ‘foo’ [-Wunused-parameter]

        no new tests, no new behaviours.

        * testing/Internals.cpp:
        (WebCore::Internals::readPreferenceInteger):
        (WebCore::Internals::encodedPreferenceValue):
        (WebCore::Internals::getUTIFromMIMEType):
        (WebCore::Internals::getUTIFromTag):

2020-03-18  Joonghun Park  <jh718.park@samsung.com>

        Unreviewed. Remove the build warning below since r256196
        warning: variable ‘highlightEnd’ set but not used [-Wunused-but-set-variable]

        no new tests, no new behaviours.

        * rendering/HighlightData.cpp:
        (WebCore::HighlightData::highlightStateForRenderer):

2020-03-18  youenn fablet  <youenn@apple.com>

        Make sure a preflight fails if response headers are invalid
        https://bugs.webkit.org/show_bug.cgi?id=208924

        Reviewed by Alex Christensen.

        Implement https://fetch.spec.whatwg.org/#cors-preflight-fetch-0 step 7.3.
        In case header parsing is wrong, fail the preflight with a meaningful message.
        Update parsing of headers to return an Optional so that parsing error is handled as a nullopt.
        Minor refactoring to return Expected/Optional for error handlng instead of passing an out parameter.
        Also, adding preflight cache entry if it is valid, no matter whether preflight succeeds or not.

        Tests: imported/w3c/web-platform-tests/fetch/api/cors/cors-preflight-response-validation.any.html
               imported/w3c/web-platform-tests/fetch/api/cors/cors-preflight-response-validation.any.worker.html

        * loader/CrossOriginAccessControl.cpp:
        (WebCore::validatePreflightResponse):
        * loader/CrossOriginPreflightResultCache.cpp:
        (WebCore::CrossOriginPreflightResultCacheItem::create):
        (WebCore::CrossOriginPreflightResultCacheItem::validateMethodAndHeaders const):
        * loader/CrossOriginPreflightResultCache.h:
        (WebCore::CrossOriginPreflightResultCacheItem::CrossOriginPreflightResultCacheItem):
        * platform/network/HTTPParsers.h:
        (WebCore::parseAccessControlAllowList):
        * platform/network/ResourceResponseBase.cpp:
        (WebCore::ResourceResponseBase::filter):
        (WebCore::ResourceResponseBase::sanitizeHTTPHeaderFieldsAccordingToTainting):

2020-03-18  Joonghun Park  <jh718.park@samsung.com>

        Unreviewed. Remove the build warning below since r258458
        warning: unused variable ‘frame’ [-Wunused-variable]

        No new tests, no new behaviors.

        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::didReceiveResponse):

2020-03-18  youenn fablet  <youenn@apple.com>

        FrameLoader should own its FrameLoaderClient
        https://bugs.webkit.org/show_bug.cgi?id=208918

        Reviewed by Geoff Garen.

        Update Frame/FrameLoader constructors to get a UniqueRef<FrameLoaderClient>.
        This makes the lifetime management much clearer and allows some WebKit1/WebKit2 clean-up.

        Covered by existing tests.

        * loader/EmptyClients.cpp:
        (WebCore::pageConfigurationWithEmptyClients):
        * loader/EmptyFrameLoaderClient.h:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::FrameLoader):
        (WebCore::FrameLoader::~FrameLoader):
        (WebCore::FrameLoader::init):
        (WebCore::FrameLoader::initForSynthesizedDocument):
        (WebCore::FrameLoader::didExplicitOpen):
        (WebCore::FrameLoader::receivedFirstData):
        (WebCore::FrameLoader::finishedParsing):
        (WebCore::FrameLoader::loadArchive):
        (WebCore::FrameLoader::setOpener):
        (WebCore::FrameLoader::provisionalLoadStarted):
        (WebCore::FrameLoader::loadInSameDocument):
        (WebCore::FrameLoader::prepareForLoadStart):
        (WebCore::FrameLoader::setupForReplace):
        (WebCore::FrameLoader::load):
        (WebCore::FrameLoader::loadWithNavigationAction):
        (WebCore::FrameLoader::loadWithDocumentLoader):
        (WebCore::FrameLoader::willLoadMediaElementURL):
        (WebCore::FrameLoader::reloadWithOverrideEncoding):
        (WebCore::FrameLoader::reload):
        (WebCore::FrameLoader::setDocumentLoader):
        (WebCore::FrameLoader::commitProvisionalLoad):
        (WebCore::FrameLoader::transitionToCommitted):
        (WebCore::FrameLoader::clientRedirectCancelledOrFinished):
        (WebCore::FrameLoader::clientRedirected):
        (WebCore::FrameLoader::closeOldDataSources):
        (WebCore::FrameLoader::willChangeTitle):
        (WebCore::FrameLoader::dispatchDidFailProvisionalLoad):
        (WebCore::FrameLoader::checkLoadCompleteForThisFrame):
        (WebCore::FrameLoader::didReachLayoutMilestone):
        (WebCore::FrameLoader::didReachVisuallyNonEmptyState):
        (WebCore::FrameLoader::frameLoadCompleted):
        (WebCore::FrameLoader::checkLoadComplete):
        (WebCore::FrameLoader::userAgent const):
        (WebCore::FrameLoader::dispatchOnloadEvents):
        (WebCore::FrameLoader::detachViewsAndDocumentLoader):
        (WebCore::FrameLoader::receivedMainResourceError):
        (WebCore::FrameLoader::continueLoadAfterNavigationPolicy):
        (WebCore::FrameLoader::continueLoadAfterNewWindowPolicy):
        (WebCore::FrameLoader::loadedResourceFromMemoryCache):
        (WebCore::FrameLoader::loadDifferentDocumentItem):
        (WebCore::FrameLoader::cancelledError const):
        (WebCore::FrameLoader::blockedByContentBlockerError const):
        (WebCore::FrameLoader::blockedError const):
        (WebCore::FrameLoader::blockedByContentFilterError const):
        (WebCore::FrameLoader::connectionProperties):
        (WebCore::FrameLoader::dispatchDidClearWindowObjectInWorld):
        (WebCore::FrameLoader::dispatchGlobalObjectAvailableInAllWorlds):
        (WebCore::FrameLoader::didChangeTitle):
        (WebCore::FrameLoader::dispatchDidCommitLoad):
        (WebCore::FrameLoader::tellClientAboutPastMemoryCacheLoads):
        (WebCore::FrameLoader::completePageTransitionIfNeeded):
        * loader/FrameLoader.h:
        * loader/FrameLoaderClient.h:
        * page/Frame.cpp:
        (WebCore::Frame::Frame):
        (WebCore::Frame::create):
        * page/Frame.h:
        * page/Page.cpp:
        (WebCore::Page::Page):
        * page/PageConfiguration.cpp:
        (WebCore::PageConfiguration::PageConfiguration):
        * page/PageConfiguration.h:
        * workers/service/context/SWContextManager.cpp:
        * workers/service/context/SWContextManager.h:

2020-03-18  Philippe Normand  <pnormand@igalia.com>

        [GTK][WPE] Migrate to Flatpak-based dev SDK
        https://bugs.webkit.org/show_bug.cgi?id=205658

        Reviewed by Carlos Alberto Lopez Perez.

        * platform/text/hyphen/HyphenationLibHyphen.cpp:
        (WebCore::scanTestDictionariesDirectoryIfNecessary): Check for flatpak-installed dictionaries.

2020-03-17  Pinki Gyanchandani  <pgyanchandani@apple.com>

        Crash in CSSPrimitiveValue::cleanup
        https://bugs.webkit.org/show_bug.cgi?id=208316

        Reviewed by Ryosuke Niwa.

        Added a NULL check before calling deref() for CSSUnitType :: CSS_CALC.

        During initialization of CSSCalcValue, createCSS returns nullptr when processing min() operator
        and there is a category mismatch between length and percent for min() operator
        as seen in this newly added test case.

        Test: editing/execCommand/primitive-value-cleanup-minimal.html

        * css/CSSPrimitiveValue.cpp:
        (WebCore::CSSPrimitiveValue::cleanup):

2020-03-17  Fujii Hironori  <Hironori.Fujii@sony.com>

        SerializedScriptValue::decode should check bufferIsLargeEnoughToContain before allocating a buffer
        https://bugs.webkit.org/show_bug.cgi?id=209132

        Reviewed by Darin Adler.

        * bindings/js/SerializedScriptValue.h:
        (WebCore::SerializedScriptValue::decode): Added bufferIsLargeEnoughToContain check.
        Added a null check for Gigacage::tryMalloc.

2020-03-17  Chris Fleizach  <cfleizach@apple.com>

        AX: WebKit crashes with VO and keyboard support fails on encapsulated radio button components.
        https://bugs.webkit.org/show_bug.cgi?id=208844
        <rdar://problem/60252659>

        Reviewed by Darin Adler.

        Test: accessibility/mac/crash-bounds-for-range.html

        Don't access renderer if nil in getInlineBoxAndOffset.

        * dom/Position.cpp:
        (WebCore::Position::getInlineBoxAndOffset const):

2020-03-17  Eric Carlson  <eric.carlson@apple.com>

        TextTrackBase should validate language before setting m_validBCP47Language
        https://bugs.webkit.org/show_bug.cgi?id=209094
        <rdar://problem/60439603>

        Unreviewed, address post-commit review comments.

        * html/track/TrackBase.cpp:
        (WebCore::TrackBase::setLanguage): Use makeString instead of StringBuilder.

2020-03-17  Eric Carlson  <eric.carlson@apple.com>

        TextTrackBase should validate language before setting m_validBCP47Language
        https://bugs.webkit.org/show_bug.cgi?id=209094
        <rdar://problem/60439603>

        Reviewed by Jer Noble.
        
        Test: media/track/track-bcp-language.html

        * html/track/TextTrack.idl:
        * html/track/TrackBase.cpp:
        (WebCore::TrackBase::TrackBase): Don't set m_validBCP47Language unless the language is valid.
        (WebCore::TrackBase::setLanguage): Clear m_validBCP47Language if the language is invalid. 
        Restructure the code to use early returns.
        (WebCore::TrackBase::validBCP47Language const): Deleted.
        * html/track/TrackBase.h:
        (WebCore::TrackBase::validBCP47Language const):
        * testing/Internals.cpp:
        (WebCore::Internals::textTrackBCP47Language):
        * testing/Internals.h:
        * testing/Internals.idl:

2020-03-17  Alex Christensen  <achristensen@webkit.org>

        REGRESSION(r254856) Add exception for window.openDatabase to not masquerade as undefined in currently shipping Jesus Calling Devotional app
        https://bugs.webkit.org/show_bug.cgi?id=209160
        <rdar://problem/60297073>

        Reviewed by Geoff Garen.

        Manually verified this fixes the app, which compares typeof openDatabase with 'undefined'
        Going forward, we intend to completely remove WebSQL, so this is a temporary exception to our removal strategy.

        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::JSDOMWindow::openDatabase const):
        * platform/RuntimeApplicationChecks.h:
        * platform/cocoa/RuntimeApplicationChecksCocoa.mm:
        (WebCore::IOSApplication::isJesusCalling):

2020-03-17  Andres Gonzalez  <andresg_22@apple.com>

        AXIsolatedTree removal should set all nodes to be removed on AX secondary thread.
        https://bugs.webkit.org/show_bug.cgi?id=209169

        Reviewed by Chris Fleizach.

        - AXIsolatedTree::removeTreeForPageID is called on the main thread but
        it should not remove the nodes in the main thread, but instead add them
        to the pending changes to be removed on the secondary thread. This was
        causing the problem of empty new trees when the old tree would go away
        but the client was holding a reference to an object that has been
        disconnected and thus had no children.
        - In addition, this change fixes an isolated tree mode crash in AccessibilityMenuList.

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::~AXObjectCache):
        * accessibility/AccessibilityMenuList.cpp:
        (WebCore::AccessibilityMenuList::isCollapsed const):
        * accessibility/isolatedtree/AXIsolatedTree.cpp:
        (WebCore::AXIsolatedTree::removeTreeForPageID):

2020-03-17  Jacob Uphoff  <jacob_uphoff@apple.com>

        Unreviewed, reverting r257844.

        this revision caused a test to start timing out

        Reverted changeset:

        "(r256513) [ Mac ] fast/scrolling/programmatic-scroll-to-zero-
        zero.html is a flaky failure"
        https://bugs.webkit.org/show_bug.cgi?id=207948
        https://trac.webkit.org/changeset/257844

2020-03-17  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, reverting r258339.
        https://bugs.webkit.org/show_bug.cgi?id=209179

        "Is it sometimes breaking rendering" (Requested by youenn on
        #webkit).

        Reverted changeset:

        "FrameLoader should own its FrameLoaderClient"
        https://bugs.webkit.org/show_bug.cgi?id=208918
        https://trac.webkit.org/changeset/258339

2020-03-17  Philippe Normand  <pnormand@igalia.com>

        RELEASE_LOG should not be Cocoa specific
        https://bugs.webkit.org/show_bug.cgi?id=195182

        Reviewed by Konstantin Tokarev.

        WPE/GTK build fixes related with Release logging support.

        * bridge/npruntime_internal.h:
        * dom/ScriptedAnimationController.cpp:
        (WebCore::throttlingReasonToString):
        * page/PerformanceLogging.cpp:
        (WebCore::toString):
        * page/PerformanceMonitor.cpp:
        (WebCore::stringForCPUSamplingActivityState):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::MediaPlayerPrivateGStreamer):
        (WebCore::MediaPlayerPrivateGStreamer::logChannel const):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
        (WebCore::MediaPlayerPrivateGStreamer::mediaPlayerLogIdentifier):
        (WebCore::MediaPlayerPrivateGStreamer::mediaPlayerLogger):
        * platform/graphics/gstreamer/eme/CDMProxyClearKey.cpp:
        (WebCore::CDMProxyClearKey::cencDecryptSubsampled):
        (WebCore::CDMProxyClearKey::initializeGcrypt):
        * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.h:
        * platform/graphics/gstreamer/mse/MediaSourceGStreamer.cpp:
        (WebCore::MediaSourceGStreamer::MediaSourceGStreamer):
        (WebCore::MediaSourceGStreamer::~MediaSourceGStreamer):
        (WebCore::MediaSourceGStreamer::addSourceBuffer):
        (WebCore::MediaSourceGStreamer::logChannel const):
        * platform/graphics/gstreamer/mse/MediaSourceGStreamer.h:
        * platform/graphics/gstreamer/mse/SourceBufferPrivateGStreamer.cpp:
        (WebCore::SourceBufferPrivateGStreamer::SourceBufferPrivateGStreamer):
        (WebCore::SourceBufferPrivateGStreamer::logChannel const):
        * platform/graphics/gstreamer/mse/SourceBufferPrivateGStreamer.h:
        * platform/mediastream/AudioMediaStreamTrackRenderer.cpp:
        * platform/mediastream/libwebrtc/LibWebRTCProvider.cpp:
        (WebCore::computeLogLevel):
        * platform/network/soup/NetworkStorageSessionSoup.cpp:
        (WebCore::NetworkStorageSession::getRawCookies const):

2020-03-17  youenn fablet  <youenn@apple.com>

        Safari doesn't insert mDNS candidates to SDP
        https://bugs.webkit.org/show_bug.cgi?id=209050
        <rdar://problem/60419936>

        Reviewed by Eric Carlson.

        Instead of removing host candidate lines in SDP, replace the host IP address by the corresponding mDNS name.
        Covered by updated test.

        * Modules/mediastream/PeerConnectionBackend.cpp:
        (WebCore::extractIPAddress):
        (WebCore::PeerConnectionBackend::filterSDP const):
        (WebCore::PeerConnectionBackend::finishedRegisteringMDNSName):
        * Modules/mediastream/PeerConnectionBackend.h:

2020-03-17  Philippe Normand  <pnormand@igalia.com>

        [GStreamer][MSE] Playback rate update support
        https://bugs.webkit.org/show_bug.cgi?id=208454

        Reviewed by Xabier Rodriguez-Calvar.

        Implement playback rate update support for the MSE player. Also
        includes drive-by logging cleanups.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::updatePlaybackRate):
        (WebCore::MediaPlayerPrivateGStreamer::setRate):
        (WebCore::MediaPlayerPrivateGStreamer::setPreservesPitch):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
        (WebCore::MediaPlayerPrivateGStreamer::pipeline const):
        * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
        (WebCore::MediaPlayerPrivateGStreamerMSE::seek):
        (WebCore::MediaPlayerPrivateGStreamerMSE::doSeek):
        (WebCore::MediaPlayerPrivateGStreamerMSE::maybeFinishSeek):
        (WebCore::MediaPlayerPrivateGStreamerMSE::seekCompleted):
        (WebCore::MediaPlayerPrivateGStreamerMSE::updatePlaybackRate): Deleted.
        (WebCore::MediaPlayerPrivateGStreamerMSE::setRate): Deleted.
        * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.h:

2020-03-16  Simon Fraser  <simon.fraser@apple.com>

        Remove the zero-delay ScrollingCoordinatorMac commit timer
        https://bugs.webkit.org/show_bug.cgi?id=209164

        Reviewed by Zalan Bujtas.

        The scrolling tree on macOS should just commit at rendering update time. There's no need
        for a separate zero-delay timer.

        Tested by existing tests.

        * page/scrolling/mac/ScrollingCoordinatorMac.h:
        * page/scrolling/mac/ScrollingCoordinatorMac.mm:
        (WebCore::ScrollingCoordinatorMac::ScrollingCoordinatorMac):
        (WebCore::ScrollingCoordinatorMac::pageDestroyed):
        (WebCore::ScrollingCoordinatorMac::scheduleTreeStateCommit):
        (WebCore::ScrollingCoordinatorMac::commitTreeStateIfNeeded):
        (WebCore::ScrollingCoordinatorMac::commitTreeState): Deleted.

2020-03-16  Simon Fraser  <simon.fraser@apple.com>

        Add a bit more UIHitTesting logging, and make it possible to dump EventRegions from WebKit
        https://bugs.webkit.org/show_bug.cgi?id=209058

        Reviewed by Antti Koivisto.

        Export operator<<(TextStream&, const EventRegion&) so it can be used from Webkit.

        * rendering/EventRegion.h:

2020-03-16  Tim Horton  <timothy_horton@apple.com>

        Remove a 'using namespace WebCore' in MediaSessionManagerCocoa
        https://bugs.webkit.org/show_bug.cgi?id=209162

        Reviewed by Simon Fraser.

        * platform/audio/cocoa/MediaSessionManagerCocoa.mm:
        Unified source cleanliness. Not currently causing any trouble, but
        it did when I changed something locally!

2020-03-16  ChangSeok Oh  <changseok@webkit.org>

        A change event gets dispatched when textarea gets changed without focus
        https://bugs.webkit.org/show_bug.cgi?id=202144

        Reviewed by Ryosuke Niwa.

        A crash happens in WebCore::ValidationMessage::buildBubbleTree. An immediate reason
        is that DOM tree is modified in buildBubbleTree triggered by a timer.
        The function calls document.updateLayout() that causes a change event
        for textarea to fire when something changed in the textarea.
        This bug is not reproduced on Mac because buildBubbleTree is not called.
        See ValidationMessage::setMessage.
        On the other hand, the root cause of this issue is triggering the change event
        for textarea even if it is not focused when a change is made. This behavior
        is different to what Gecko and Chromium do. When loading the test, they do not
        trigger the change event although the textarea is filled by the script
        since the textarea is not focused. Only when we manually make a change (meaning
        the textarea is focused by user input), the event gets dispatched. To fix it,
        setChangedSinceLastFormControlChangeEvent(true) is moved below the focus check
        in HTMLTextAreaElement::subtreeHasChanged();

        Test: fast/forms/textfield-onchange-without-focus.html

        * html/HTMLTextAreaElement.cpp:
        (WebCore::HTMLTextAreaElement::subtreeHasChanged):

2020-03-16  Simon Fraser  <simon.fraser@apple.com>

        Update touch event regions once per frame
        https://bugs.webkit.org/show_bug.cgi?id=209153

        Reviewed by Zalan Bujtas.

        Call document->updateTouchEventRegions() once at the end of Page::updateRendering() instead
        of relying on a timer.

        Also rename the functions called from Internal to make it clear they are testing-only.

        Page::scrollingStateTreeAsText() needs to eagerly update event regions because they are input
        to the scrolling tree.

        * dom/Document.cpp:
        (WebCore::Document::Document):
        * page/Page.cpp:
        (WebCore::Page::scrollingStateTreeAsText):
        (WebCore::Page::touchEventRectsForEventForTesting):
        (WebCore::Page::passiveTouchEventListenerRectsForTesting):
        (WebCore::Page::doAfterUpdateRendering):
        (WebCore::Page::touchEventRectsForEvent): Deleted.
        (WebCore::Page::passiveTouchEventListenerRects): Deleted.
        * page/Page.h:
        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::absoluteEventTrackingRegionsForFrame const):
        * testing/Internals.cpp:
        (WebCore::Internals::touchEventRectsForEvent):
        (WebCore::Internals::passiveTouchEventListenerRects):

2020-03-15  Darin Adler  <darin@apple.com>

        Move most of TextIterator off of live ranges
        https://bugs.webkit.org/show_bug.cgi?id=209129

        Reviewed by Antti Koivisto.

        - Change almost all arguments and return values of functions in TextIterator.h
          to use SimpleRange instead of live ranges. Exceptions are an overload of plainText
          TextIterator::rangeLength, TextIterator::rangeFromLocationAndLength,
          TextIterator::getLocationAndLengthFromRange, and TextIterator::subrange. Those
          five are a little trickier to convert, so I will do them each in separate patches.

        - Go with the flow in adding an include of Node.h to BoundaryPoint.h. I had avoided
          this in the initial version, but now it seems practical to just leave it that way.
          This led to removing BoundaryPoint.cpp and moving all functions to the header.

        - Converted many member functions of the Position class from using int to unsigned
          for offsets. The DOM specifies unsigned for offsets, but for some reason we used
          int for them a lot historically, even though negative numbers don't make sense.
          New classes like StaticRange, SimpleRange, and BoundaryPoint are already using
          unsigned exclusively and we'll eventually convert everything.

        - Remove includes of SimpleRange.h from files that also include TextIterator.h,
          now that TextIterator.h pulls it in.

        * Sources.txt: Removed BoundaryPoint.cpp.
        * WebCore.xcodeproj/project.pbxproj: Ditto.

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::traverseToOffsetInRange): Updated to pass a reference
        to a range rather than a pointer, after null-checking it.
        (WebCore::AXObjectCache::lengthForRange): Ditto.
        (WebCore::AXObjectCache::nextBoundary): Ditto.
        (WebCore::AXObjectCache::previousBoundary): Ditto.
        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::stringForRange const): Ditto.
        (WebCore::AccessibilityObject::stringForVisiblePositionRange): Ditto.
        (WebCore::AccessibilityObject::lengthForVisiblePositionRange const): Ditto.

        * accessibility/AccessibilityObjectInterface.h: Removed an extra include.

        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper arrayOfTextForTextMarkers:attributed:]):
        Updated to pass a reference to a range rather than a pointer, after null-checking it.
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper doAXAttributedStringForTextMarkerRange:spellCheck:]): Ditto.

        * dom/BoundaryPoint.cpp: Removed.

        * dom/BoundaryPoint.h: Removed redundant includes and forward declarations
        since we're now committing to including "Node.h" here. Moved functions
        all out of the .cpp file and made them inlines.

        * dom/DocumentMarkerController.cpp:
        (WebCore::DocumentMarkerController::collectTextRanges): Pass a reference to
        a range instead of a pointer.

        * dom/Position.cpp:
        (WebCore::Position::Position): Take unsigned.
        (WebCore::Position::moveToPosition): Ditto.
        (WebCore::Position::moveToOffset): Ditto.
        (WebCore::Position::parentAnchoredEquivalent const): Cast to unsigned.
        (WebCore::Position::anchorTypeForLegacyEditingPosition): Take unsigned.
        (WebCore::Position::previous const): Use unsigned.
        (WebCore::Position::next const): Ditto.
        (WebCore::Position::uncheckedPreviousOffset): Take unsigned.
        (WebCore::Position::uncheckedPreviousOffsetForBackwardDeletion): Ditto.
        (WebCore::Position::uncheckedNextOffset): Ditto.
        (WebCore::Position::atLastEditingPositionForNode const): Cast to unsigned.
        (WebCore::Position::atEndOfTree const): Ditto.
        (WebCore::Position::rendersInDifferentPosition const): Added casts to
        unsigned and also removed unneeded redundant checks. In a place where
        we had already checked that both nodes were the same and both offsets
        were different, we were checking the types of both nodes (but they are
        the same so only need to check one) and we were checking that both
        offsets were different (but we already knew they were different).
        (WebCore::searchAheadForBetterMatch): Use unsigned.
        (WebCore::Position::getInlineBoxAndOffset const): Ditto.
        (WebCore::Position::equals const): Removed a cast to int.
        (WebCore::makeBoundaryPoint): Moved this function here so now it can be
        used in more places.

        * dom/Position.h: Changed many argument types to unsigned. Moved declarations
        of all the functions up above all the inline implementations of the functions
        to separate interface from implementation a bit better. Wrote a FIXME about
        the name createLegacyEditingPosition. Moved makeBoundaryPoint here and exported
        it from WebCore so we can use it from more places.

        * dom/Range.cpp:
        (WebCore::createLiveRange): Moved these functions here from SimpleRange.cpp
        because a live range is more advanced concept, so makes more sense for live
        range to know about simple range rather than vice versa.

        * dom/Range.h: Removed some unneeded includes and forward declarations.
        Added a FIXME about renaming to LiveRange. Moved the createLiveRange
        functions here. Moved declarations of functions above inline function bodies.

        * dom/SimpleRange.cpp:
        (WebCore::createLiveRange): Moved to Range.cpp.

        * dom/SimpleRange.h: Exported the constructor. Removed unneeded overload
        that takes a Range*.

        * editing/ApplyStyleCommand.cpp:
        (WebCore::ApplyStyleCommand::mergeStartWithPreviousIfIdentical):
        Refactored code a bit and use unsigned.
        (WebCore::ApplyStyleCommand::mergeEndWithNextIfIdentical): Use unsigned.

        * editing/Editing.cpp:
        (WebCore::visibleImageElementsInRangeWithNonLoadedImages): Use a reference
        to a range rather than a pointer.

        * editing/Editing.h: Added a forward declaration of Range that now seems to
        be needed to compile.

        * editing/Editor.cpp:
        (WebCore::Editor::selectedText const): Call makeBoundaryPoint twice here to
        convert two Position objects into a SimpleRange.

        * editing/HTMLInterchange.cpp: Removed some extra includes.
        (WebCore::convertHTMLTextToInterchangeFormat): Use variadic
        StringBuilder::append.

        * editing/TextIterator.cpp:
        (WebCore::firstNode): Added. We use this instead of Range::firstNode.
        If we find we need it outside TextIterator we can find a header for it.
        Not sure it would be great to add it to in BoundaryPoint.h, nor is it
        obviously better as a BoundaryPoint member function.
        (WebCore::TextIterator::TextIterator): Cut down on the extra constructors
        and have the single remaining one take a SimpleRange.
        (WebCore::SimplifiedBackwardsTextIterator::SimplifiedBackwardsTextIterator):
        Ditto. Also change some int to unsigned.
        (WebCore::CharacterIterator::CharacterIterator): Ditto.
        (WebCore::BackwardsCharacterIterator::BackwardsCharacterIterator): Ditto.
        (WebCore::WordAwareIterator::WordAwareIterator): Ditto.
        (WebCore::TextIterator::rangeLength): Since this is one of the functions
        that still takes a live range pointer, updated it to check for null and
        pass a reference rather than a pointer.
        (WebCore::TextIterator::rangeFromLocationAndLength): Ditto.
        (WebCore::hasAnyPlainText): Removed now-unneeded call to createLiveRange.
        (WebCore::plainText): Updated the main implementation to take a SimpleRange,
        eliminating the version that takes two Position objects, but keeping the
        one that takes a live range pointer for now.
        (WebCore::plainTextReplacingNoBreakSpace): Removed all but the one, and
        have that one take a SimpleRange.

        * editing/TextIterator.h: Removed the include of SimpleRange.h. Also
        Updated for the changes above, eliminating five different constructors
        that take a live range and also overloads that take two Position objects.

        * editing/TextManipulationController.cpp:
        (WebCore::ParagraphContentIterator::ParagraphContentIterator):
        Call makeBoundaryPoint twice here to convert two Position objects into
        a SimpleRange.

        * editing/VisibleSelection.cpp: Removed an include.

        * editing/VisibleUnits.cpp:
        (WebCore::suffixLengthForRange): Pass a reference to a range known to
        not be null.
        (WebCore::previousBoundary): Ditto.
        (WebCore::nextBoundary): Ditto.

        * editing/cocoa/DataDetection.mm:
        (WebCore::buildQuery): Take a SimpleRange.
        (WebCore::DataDetection::detectContentInRange): Added a null check on
        a live range and pass a reference to it.
        * editing/cocoa/DictionaryLookup.mm:
        (WebCOre::DictionaryLookup::rangeAtHitTestResult): Ditto.

        * editing/cocoa/HTMLConverter.mm:
        (WebCore::editingAttributedStringFromRange): Pass a reference to a range
        known to not be null.
        * page/TextIndicator.cpp:
        (WebCore::estimatedTextColorsForRange): Ditto.
        (WebCore::containsOnlyWhiteSpaceText): Ditto.
        * page/ios/FrameIOS.mm:
        (WebCore::Frame::interpretationsForCurrentRoot const): Ditto.

        * rendering/HitTestResult.cpp:
        (WebCore::HitTestResult::selectedText const): Added a null check on
        a live range and pass a reference to it.

2020-03-16  Pinki Gyanchandani  <pgyanchandani@apple.com>

        Crash in CSSValue::isPrimitiveValue
        https://bugs.webkit.org/show_bug.cgi?id=208309

        Reviewed by Ryosuke Niwa.

        Added a NULL check before dereferencing value in ApplyStyleCommand::computedFontSize

        Test: editing/execCommand/primitive-value.html

        * editing/ApplyStyleCommand.cpp:
        (WebCore::ApplyStyleCommand::computedFontSize):

2020-03-16  Megan Gardner  <megan_gardner@apple.com>

        Color Picker crashes on touch
        https://bugs.webkit.org/show_bug.cgi?id=209086

        Reviewed by Darin Adler.

        Vector sizing lost in refactor. Not perfomance sensitive code, so just expanding vector as needed.

        Test: fast/forms/color/color-input-activate-crash.html

        * html/ColorInputType.cpp:
        (WebCore::ColorInputType::suggestedColors const):

2020-03-16  Simon Fraser  <simon.fraser@apple.com>

        Remove FrameView::scheduleRenderingUpdate()
        https://bugs.webkit.org/show_bug.cgi?id=209109

        Reviewed by Antti Koivisto.

        FrameView::scheduleRenderingUpdate() called through to compositor(), but that just
        turned around to call scheduleRenderingUpdate() via Page. So Remove it and change
        callers to call Page::scheduleRenderingUpdate() directly.

        * page/FrameView.cpp:
        (WebCore::FrameView::setViewExposedRect):
        (WebCore::FrameView::scheduleRenderingUpdate): Deleted.
        * page/FrameView.h:
        * page/Page.cpp:
        (WebCore::Page::scheduleRenderingUpdate):
        * page/Page.h:
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::scheduleRenderingUpdate):

2020-03-16  Simon Fraser  <simon.fraser@apple.com>

        Commit Xcode-modified xcfilelist.

        New WebXR idl files.

        * DerivedSources-input.xcfilelist:
        * DerivedSources-output.xcfilelist:

2020-03-14  Simon Fraser  <simon.fraser@apple.com>

        Factor some post-updateRendering code into its own function
        https://bugs.webkit.org/show_bug.cgi?id=209108

        Reviewed by Antti Koivisto.

        Make a new function to hold code that needs to do post update-rendering work.
        It asserts that the layout is clean at the end.

        * page/Page.cpp:
        (WebCore::Page::updateRendering):
        (WebCore::Page::doAfterUpdateRendering):
        * page/Page.h:

2020-03-16  Daniel Bates  <dabates@apple.com>

        ASSERTION FAILURE: !result.innerNode() || (request.resultIsElementList() && result.listBasedTestResult().size()) in RenderLayer::hitTestContents()
        https://bugs.webkit.org/show_bug.cgi?id=209112

        Reviewed by Darin Adler.

        Fix rect-based hit testing (e.g. used in the impl of document.elementsFromPoint()) of ::before
        and ::after pseudo elements. Same issue as in r133330, updateHitTestResult() and addNodeToRectBasedTestResult()
        are using different "hit" nodes. In particular, RenderObject::updateHitTestResult() knows how to
        reason about ::before and ::after pseudo elements, but addNodeToRectBasedTestResult() cannot.
        Standardize the concept of the node used for hit testing from something-specifically added to RenderBlock
        in r133330 to all renderers. Have both updateHitTestResult() and addNodeToRectBasedTestResult()
        make use of this concept so that they consider the same hit node.

        Test: fast/dom/nodesFromRect/pseudo-empty-svg-image-crash.html

        * layout/integration/LayoutIntegrationLineLayout.cpp:
        (WebCore::LayoutIntegration::LineLayout::hitTest):
        * rendering/EllipsisBox.cpp:
        (WebCore::EllipsisBox::nodeAtPoint):
        * rendering/InlineFlowBox.cpp:
        (WebCore::InlineFlowBox::nodeAtPoint):
        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::nodeAtPoint):
        Update code to call nodeForHitTest() to keep the code behavior we have today. Note that RenderElement::element()
        and RenderText::textNode() just cast the return value of RenderObject::node().
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::nodeForHitTest const): Remove special case for RenderView now that I added RenderView::nodeForHitTest().
        Moreover, this special case was returning the document even though RenderView::updateHitTestResult() hit
        test the document element. See remarks for RenderView::nodeForHitTest() for more details.
        * rendering/RenderBlock.h:
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::nodeAtPoint): Use nodeForHitTest(). This fixes the bug. Currently, updateHitTestResult()
        knows that when RenderObject::node() is nullptr and the parent renderer is for generated content that it can
        walk up the hierarchy to find the hit PseudoElement. But in the call to addNodeToListBasedTestResult(), RenderObject::element()
        was passed, which is nullptr for an anonymous node, and addNodeToListBasedTestResult() doesn't have enough info
        to know that this means generated content was hit and hence it is not able to find the PseudoElement. This
        disagreement caused the assertion failure because updateHitTestResult() would update the inner node, but
        addNodeToListBasedTestResult() would not add a node to the set.
        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::hitTestCulledInline): Use nodeForHitTest().
        (WebCore::RenderInline::updateHitTestResult): Update code as needed to use nodeForHitTest(). Also while I
        am here fix up code style of comment and rename the local from element to node to match the return value
        of nodeForHitTest().
        * rendering/RenderMultiColumnSet.cpp:
        (WebCore::RenderMultiColumnSet::nodeForHitTest const): Added.
        (WebCore::RenderMultiColumnSet::updateHitTestResult): Update code as needed to use nodeForHitTest().
        * rendering/RenderMultiColumnSet.h:
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::nodeForHitTest const): Added.
        (WebCore::RenderObject::updateHitTestResult): Update code as needed to use nodeForHitTest().
        * rendering/RenderObject.h:
        * rendering/RenderTable.cpp:
        (WebCore::RenderTable::nodeAtPoint): Ditto.
        * rendering/RenderView.cpp:
        (WebCore::RenderView::nodeForHitTest const): Added. This overrides RenderBlock::nodeForHitTest(), which
        following r155370 was returning the document as the hit test node even though RenderView::updateHitTestResult()
        considered the document element as the hit node for a RenderView. As a result of this change, the rect-based
        hit testing no longer returns the document (seen in test results as #document) in the list of nodes.
        (WebCore::RenderView::updateHitTestResult): Update code as needed to use nodeForHitTest().
        * rendering/RenderView.h:
        * rendering/SimpleLineLayoutFunctions.cpp:
        (WebCore::SimpleLineLayout::hitTestFlow): Ditto.
        * rendering/svg/RenderSVGContainer.cpp:
        (WebCore::RenderSVGContainer::nodeAtFloatPoint): Ditto.
        * rendering/svg/RenderSVGImage.cpp:
        (WebCore::RenderSVGImage::nodeAtFloatPoint): Ditto.
        * rendering/svg/RenderSVGRoot.cpp:
        (WebCore::RenderSVGRoot::nodeAtPoint): Ditto.
        * rendering/svg/RenderSVGShape.cpp:
        (WebCore::RenderSVGShape::nodeAtFloatPoint): Ditto.
        * rendering/svg/SVGInlineTextBox.cpp:
        (WebCore::SVGInlineTextBox::nodeAtPoint): Ditto.

2020-03-16  Youenn Fablet  <youenn@apple.com>

        Make CoreAudioCaptureSourceFactoryIOS an AudioSession::InterruptionObserver
        https://bugs.webkit.org/show_bug.cgi?id=209138

        Reviewed by Eric Carlson.

        Instead of listening to Audiosession interruptions, CoreAudioCaptureSourceFactoryIOS is now relying on AudioSession directly.
        This allows removing some duplicate code.
        No change of behavior.

        * platform/mediastream/ios/CoreAudioCaptureSourceIOS.h:
        * platform/mediastream/ios/CoreAudioCaptureSourceIOS.mm:
        (-[WebCoreAudioCaptureSourceIOSListener initWithCallback:]):
        (WebCore::CoreAudioCaptureSourceFactoryIOS::CoreAudioCaptureSourceFactoryIOS):
        (WebCore::CoreAudioCaptureSourceFactoryIOS::~CoreAudioCaptureSourceFactoryIOS):
        (-[WebCoreAudioCaptureSourceIOSListener handleInterruption:]): Deleted.

2020-03-16  Youenn Fablet  <youenn@apple.com>

        Apply rotation at source level if WebRTC sink ask so
        https://bugs.webkit.org/show_bug.cgi?id=205645

        Reviewed by Eric Carlson.

        Add a virtual method to RealtimeMediaSource to pass the information that the sink prefers the frames to be rotated before sending them.
r       By default, the method does nothing and RealtimeOutgoingVideoSource will continue to do the rotation itself.
        Update ImageRotationSessionVT to be more easily usable by users having MediaSample instead of CVPixelBuffer.
        Update RealtimeOutgoingVideoSource to use that routine: whenever applying rotation is needed,
        it will ask its track source to apply rotation. If the track source cannot do it, it will do it on its own.

        Test: webrtc/video-rotation-no-cvo.html

        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
        (WebCore::LibWebRTCPeerConnectionBackend::applyRotationForOutgoingVideoSources):
        * WebCore.xcodeproj/project.pbxproj:
        * platform/graphics/cv/ImageRotationSessionVT.h:
        (WebCore::operator==):
        (WebCore::operator!=):
        * platform/graphics/cv/ImageRotationSessionVT.mm:
        (WebCore::ImageRotationSessionVT::ImageRotationSessionVT):
        (WebCore::ImageRotationSessionVT::initialize):
        (WebCore::ImageRotationSessionVT::rotate):
        * platform/mediastream/RealtimeMediaSource.h:
        * platform/mediastream/RealtimeOutgoingVideoSource.cpp:
        (WebCore::RealtimeOutgoingVideoSource::setSource):
        (WebCore::RealtimeOutgoingVideoSource::applyRotation):
        (WebCore::RealtimeOutgoingVideoSource::AddOrUpdateSink):
        * platform/mediastream/RealtimeOutgoingVideoSource.h:

2020-03-16  youenn fablet  <youenn@apple.com>

        Audio is not played from an audio element when the srcObject object has unstarted video tracks
        https://bugs.webkit.org/show_bug.cgi?id=207041
        <rdar://problem/59084745>

        Reviewed by Eric Carlson.

        In case MediaPlayer is an audio element, we should just make it as if there is no video track in the stream.

        Test: imported/w3c/web-platform-tests/webrtc/audio-video-element-playing.html

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueVideoSample):
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayers):
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::activeVideoTrack const):
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::didPassCORSAccessCheck const):
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::currentDisplayMode const):
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::currentReadyState):
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::checkSelectedVideoTrack):
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks):

2020-03-16  youenn fablet  <youenn@apple.com>

        RTCRtpSender of kind video should have a null dtmf attribute
        https://bugs.webkit.org/show_bug.cgi?id=209135

        Reviewed by Eric Carlson.

        Test: imported/w3c/web-platform-tests/webrtc/RTCRtpSender.https.html

        * Modules/mediastream/RTCRtpSender.cpp:
        (WebCore::RTCRtpSender::dtmf):

        * rendering/line/LineLayoutTraversal.h: Removed some unneeded includes.
        * testing/Internals.cpp: Ditto.

2020-03-13  Sergio Villar Senin  <svillar@igalia.com>

        [WebXR] IDLs, stubs and build configuration for WPE
        https://bugs.webkit.org/show_bug.cgi?id=208702

        Reviewed by Dean Jackson.

        Added the IDLs defined by the spec with very basic empty implementations to get them
        built. Apart from that a very basic implementation of the required platform code using
        OpenXR API was also added.

        No new tests as no new functionality was really added (empty implementations). However
        follow up patches will import the already available WPT tests for WebXR.

        Largely based on previous work by Žan Doberšek.

        * CMakeLists.txt:
        * Configurations/FeatureDefines.xcconfig: Added ENABLE_WEBXR off by default.
        * DerivedSources.make:
        * Modules/webxr/NavigatorWebXR.cpp: Added.
        (WebCore::NavigatorWebXR::xr):
        (WebCore::NavigatorWebXR::from):
        * Modules/webxr/NavigatorWebXR.h: Added.
        * Modules/webxr/NavigatorWebXR.idl: Added.
        * Modules/webxr/WebXRBoundedReferenceSpace.cpp: Added.
        (WebCore::WebXRBoundedReferenceSpace::boundsGeometry const):
        * Modules/webxr/WebXRBoundedReferenceSpace.h: Added.
        * Modules/webxr/WebXRBoundedReferenceSpace.idl: Added.
        * Modules/webxr/WebXRFrame.cpp: Added.
        (WebCore::WebXRFrame::create):
        (WebCore::WebXRFrame::WebXRFrame):
        (WebCore::WebXRFrame::session const):
        (WebCore::WebXRFrame::getViewerPose):
        (WebCore::WebXRFrame::getPose):
        * Modules/webxr/WebXRFrame.h: Added.
        * Modules/webxr/WebXRFrame.idl: Added.
        * Modules/webxr/WebXRInputSource.cpp: Added.
        (WebCore::WebXRInputSource::create):
        (WebCore::WebXRInputSource::WebXRInputSource):
        (WebCore::WebXRInputSource::handedness const):
        (WebCore::WebXRInputSource::targetRayMode const):
        (WebCore::WebXRInputSource::targetRaySpace const):
        (WebCore::WebXRInputSource::gripSpace const):
        (WebCore::WebXRInputSource::profiles const):
        * Modules/webxr/WebXRInputSource.h: Added.
        * Modules/webxr/WebXRInputSource.idl: Added.
        * Modules/webxr/WebXRInputSourceArray.cpp: Added.
        (WebCore::WebXRInputSourceArray::length const):
        (WebCore::WebXRInputSourceArray::item const):
        * Modules/webxr/WebXRInputSourceArray.h: Added.
        * Modules/webxr/WebXRInputSourceArray.idl: Added.
        * Modules/webxr/WebXRPose.cpp: Added.
        (WebCore::WebXRPose::create):
        (WebCore::WebXRPose::WebXRPose):
        (WebCore::WebXRPose::transform const):
        (WebCore::WebXRPose::emulatedPosition const):
        * Modules/webxr/WebXRPose.h: Added.
        * Modules/webxr/WebXRPose.idl: Added.
        * Modules/webxr/WebXRReferenceSpace.cpp: Added.
        (WebCore::WebXRReferenceSpace::WebXRReferenceSpace):
        (WebCore::WebXRReferenceSpace::getOffsetReferenceSpace):
        * Modules/webxr/WebXRReferenceSpace.h: Added.
        * Modules/webxr/WebXRReferenceSpace.idl: Added.
        * Modules/webxr/WebXRRenderState.cpp: Added.
        (WebCore::WebXRRenderState::create):
        (WebCore::WebXRRenderState::WebXRRenderState):
        (WebCore::WebXRRenderState::depthNear const):
        (WebCore::WebXRRenderState::depthFar const):
        (WebCore::WebXRRenderState::inlineVerticalFieldOfView const):
        (WebCore::WebXRRenderState::baseLayer const):
        * Modules/webxr/WebXRRenderState.h: Added.
        * Modules/webxr/WebXRRenderState.idl: Added.
        * Modules/webxr/WebXRRigidTransform.cpp: Added.
        (WebCore::WebXRRigidTransform::create):
        (WebCore::WebXRRigidTransform::WebXRRigidTransform):
        (WebCore::WebXRRigidTransform::position const):
        (WebCore::WebXRRigidTransform::orientation const):
        (WebCore::WebXRRigidTransform::matrix const):
        (WebCore::WebXRRigidTransform::inverse const):
        * Modules/webxr/WebXRRigidTransform.h: Added.
        * Modules/webxr/WebXRRigidTransform.idl: Added.
        * Modules/webxr/WebXRSession.cpp: Added.
        (WebCore::WebXRSession::environmentBlendMode const):
        (WebCore::WebXRSession::visibilityState const):
        (WebCore::WebXRSession::renderState const):
        (WebCore::WebXRSession::inputSources const):
        (WebCore::WebXRSession::updateRenderState):
        (WebCore::WebXRSession::requestReferenceSpace):
        (WebCore::WebXRSession::requestAnimationFrame):
        (WebCore::WebXRSession::cancelAnimationFrame):
        (WebCore::WebXRSession::end):
        (WebCore::WebXRSession::activeDOMObjectName const):
        (WebCore::WebXRSession::stop):
        * Modules/webxr/WebXRSession.h: Added.
        * Modules/webxr/WebXRSession.idl: Added.
        * Modules/webxr/WebXRSpace.cpp: Added.
        (WebCore::WebXRSpace::WebXRSpace):
        * Modules/webxr/WebXRSpace.h: Added.
        * Modules/webxr/WebXRSpace.idl: Added.
        * Modules/webxr/WebXRSystem.cpp: Added.
        (WebCore::WebXRSystem::create):
        (WebCore::WebXRSystem::WebXRSystem):
        (WebCore::WebXRSystem::isSessionSupported):
        (WebCore::WebXRSystem::requestSession):
        (WebCore::WebXRSystem::activeDOMObjectName const):
        (WebCore::WebXRSystem::stop):
        * Modules/webxr/WebXRSystem.h: Added.
        * Modules/webxr/WebXRSystem.idl: Added.
        * Modules/webxr/WebXRView.cpp: Added.
        (WebCore::WebXRView::create):
        (WebCore::WebXRView::WebXRView):
        (WebCore::WebXRView::eye const):
        (WebCore::WebXRView::projectionMatrix const):
        (WebCore::WebXRView::transform const):
        * Modules/webxr/WebXRView.h: Added.
        * Modules/webxr/WebXRView.idl: Added.
        * Modules/webxr/WebXRViewerPose.cpp: Added.
        (WebCore::WebXRViewerPose::create):
        (WebCore::WebXRViewerPose::views const):
        * Modules/webxr/WebXRViewerPose.h: Added.
        * Modules/webxr/WebXRViewerPose.idl: Added.
        * Modules/webxr/WebXRViewport.cpp: Added.
        (WebCore::WebXRViewport::create):
        (WebCore::WebXRViewport::x const):
        (WebCore::WebXRViewport::y const):
        (WebCore::WebXRViewport::width const):
        (WebCore::WebXRViewport::height const):
        * Modules/webxr/WebXRViewport.h: Added.
        * Modules/webxr/WebXRViewport.idl: Added.
        * Modules/webxr/WebXRWebGLLayer.cpp: Added.
        (WebCore::WebXRWebGLLayer::create):
        (WebCore::WebXRWebGLLayer::WebXRWebGLLayer):
        (WebCore::WebXRWebGLLayer::antialias const):
        (WebCore::WebXRWebGLLayer::ignoreDepthValues const):
        (WebCore::WebXRWebGLLayer::framebuffer const):
        (WebCore::WebXRWebGLLayer::framebufferWidth const):
        (WebCore::WebXRWebGLLayer::framebufferHeight const):
        (WebCore::WebXRWebGLLayer::getViewport):
        (WebCore::WebXRWebGLLayer::getNativeFramebufferScaleFactor):
        * Modules/webxr/WebXRWebGLLayer.h: Added.
        * Modules/webxr/WebXRWebGLLayer.idl: Added.
        * Modules/webxr/XREnvironmentBlendMode.h: Added.
        * Modules/webxr/XREnvironmentBlendMode.idl: Added.
        * Modules/webxr/XREye.h: Added.
        * Modules/webxr/XREye.idl: Added.
        * Modules/webxr/XRFrameRequestCallback.h: Added.
        * Modules/webxr/XRFrameRequestCallback.idl: Added.
        * Modules/webxr/XRHandedness.h: Added.
        * Modules/webxr/XRHandedness.idl: Added.
        * Modules/webxr/XRInputSourceEvent.cpp: Added.
        (WebCore::XRInputSourceEvent::create):
        (WebCore::XRInputSourceEvent::XRInputSourceEvent):
        (WebCore::XRInputSourceEvent::frame const):
        (WebCore::XRInputSourceEvent::inputSource const):
        (WebCore::XRInputSourceEvent::buttonIndex const):
        * Modules/webxr/XRInputSourceEvent.h: Added.
        * Modules/webxr/XRInputSourceEvent.idl: Added.
        * Modules/webxr/XRInputSourcesChangeEvent.cpp: Added.
        (WebCore::XRInputSourcesChangeEvent::create):
        (WebCore::XRInputSourcesChangeEvent::XRInputSourcesChangeEvent):
        (WebCore::XRInputSourcesChangeEvent::session const):
        (WebCore::XRInputSourcesChangeEvent::added const):
        (WebCore::XRInputSourcesChangeEvent::removed const):
        * Modules/webxr/XRInputSourcesChangeEvent.h: Added.
        * Modules/webxr/XRInputSourcesChangeEvent.idl: Added.
        * Modules/webxr/XRReferenceSpaceEvent.cpp: Added.
        (WebCore::XRReferenceSpaceEvent::create):
        (WebCore::XRReferenceSpaceEvent::XRReferenceSpaceEvent):
        (WebCore::XRReferenceSpaceEvent::referenceSpace const):
        (WebCore::XRReferenceSpaceEvent::transform const):
        * Modules/webxr/XRReferenceSpaceEvent.h: Added.
        * Modules/webxr/XRReferenceSpaceEvent.idl: Added.
        * Modules/webxr/XRReferenceSpaceType.h: Added.
        * Modules/webxr/XRReferenceSpaceType.idl: Added.
        * Modules/webxr/XRRenderStateInit.h: Added.
        * Modules/webxr/XRRenderStateInit.idl: Added.
        * Modules/webxr/XRSessionEvent.cpp: Added.
        (WebCore::XRSessionEvent::create):
        (WebCore::XRSessionEvent::XRSessionEvent):
        (WebCore::XRSessionEvent::session const):
        * Modules/webxr/XRSessionEvent.h: Added.
        * Modules/webxr/XRSessionEvent.idl: Added.
        * Modules/webxr/XRSessionInit.h: Added.
        * Modules/webxr/XRSessionInit.idl: Added.
        * Modules/webxr/XRSessionMode.h: Added.
        * Modules/webxr/XRSessionMode.idl: Added.
        * Modules/webxr/XRTargetRayMode.h: Added.
        * Modules/webxr/XRTargetRayMode.idl: Added.
        * Modules/webxr/XRVisibilityState.h: Added.
        * Modules/webxr/XRVisibilityState.idl: Added.
        * Modules/webxr/XRWebGLLayerInit.h: Added.
        * Modules/webxr/XRWebGLLayerInit.idl: Added.
        * PlatformWPE.cmake: Added OpenXR libraries and include paths.
        * Sources.txt: Added new cpp files.
        * WebCore.xcodeproj/project.pbxproj: Added new files.
        * bindings/IDLTypes.h: Added SequenceStorageType.
        * bindings/js/JSDOMConvertSequences.h:
        * bindings/js/WebCoreBuiltinNames.h:
        * dom/EventNames.h:
        * dom/EventNames.in: Added WebXR events.
        * dom/EventTargetFactory.in: Added WebXR event targets.
        * page/RuntimeEnabledFeatures.h: Added new runtime feature for WebXR.
        (WebCore::RuntimeEnabledFeatures::setWebXREnabled):
        (WebCore::RuntimeEnabledFeatures::webXREnabled const):
        * platform/xr/PlatformXR.cpp: Added.
        * platform/xr/PlatformXR.h: Added.
        * platform/xr/openxr/PlatformXR.cpp: Added.
        (PlatformXR::createStructure): Utility function to create OpenXR structs.
        (PlatformXR::resultToString): Translates OpenXR error codes to strings.
        (PlatformXR::Instance::Impl::Impl):
        (PlatformXR::Instance::Impl::~Impl):
        (PlatformXR::Instance::singleton):

2020-03-16  Zan Dobersek  <zdobersek@igalia.com>

        [Cairo] Path copy constructor and operator must also copy over CTM
        https://bugs.webkit.org/show_bug.cgi?id=183327

        Reviewed by Carlos Garcia Campos.

        Cairo implementations of Path copy constructor and assignment operator
        must also copy over the current transformation matrix that's maintained
        on the source path's cairo_t context.

        cairo_copy_path() copies the current path off of a Cairo context, but
        during that also transforms every point on the path through inverse of
        the CTM, back into user coordinates. For copying to be done correctly,
        the copied path must be transformed through the CTM when it's appended
        to the target Cairo context. For that reason the CTM has to be copied
        over from source to target context before the path is copied and
        appended.

        * platform/graphics/cairo/PathCairo.cpp:
        (WebCore::Path::Path):
        (WebCore::Path::operator=):

2020-03-16  youenn fablet  <youenn@apple.com>

        Unique origins should not be Potentially Trustworthy
        https://bugs.webkit.org/show_bug.cgi?id=209049

        Reviewed by Darin Adler.

        Unique origins should not be considered trustworthy as per https://w3c.github.io/webappsec-secure-contexts/#is-origin-trustworthy.

        Test: http/tests/security/iframe-unique-origin.https.html

        * dom/Document.cpp:
        (WebCore::Document::isSecureContext const):
        Removed check for top level origins as we make all unique origins not trusted.
        * page/SecurityOrigin.cpp:

2020-03-16  youenn fablet  <youenn@apple.com>

        Remove the use of empty WebRTC sources for receiver tracks
        https://bugs.webkit.org/show_bug.cgi?id=209061

        Reviewed by Eric Carlson.

        We no longer need to create receivers with empty sources since we now always have a libwebrtc receiver from which we can get the track.
        We remove that code path.
        This sldo allows using the right track parameters from the start, like track id.

        Covered by existing and rebased tests.

        * Modules/mediastream/RTCPeerConnection.h:
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCMediaEndpoint::addPendingTrackEvent):
        (WebCore::LibWebRTCMediaEndpoint::collectTransceivers):
        (WebCore::LibWebRTCMediaEndpoint::newTransceiver):
        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
        (WebCore::LibWebRTCPeerConnectionBackend::createReceiver):
        (WebCore::LibWebRTCPeerConnectionBackend::addTrack):
        (WebCore::LibWebRTCPeerConnectionBackend::addTransceiverFromTrackOrKind):
        (WebCore::LibWebRTCPeerConnectionBackend::newRemoteTransceiver):
        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.h:
        * Modules/mediastream/libwebrtc/LibWebRTCRtpReceiverBackend.cpp:
        (WebCore::LibWebRTCRtpReceiverBackend::createSource):
        * Modules/mediastream/libwebrtc/LibWebRTCRtpReceiverBackend.h:
        * platform/mediastream/RealtimeIncomingAudioSource.cpp:
        (WebCore::RealtimeIncomingAudioSource::RealtimeIncomingAudioSource):
        * platform/mediastream/RealtimeIncomingAudioSource.h:
        * platform/mediastream/RealtimeIncomingVideoSource.cpp:
        (WebCore::RealtimeIncomingVideoSource::RealtimeIncomingVideoSource):
        * platform/mediastream/RealtimeIncomingVideoSource.h:
        * testing/MockLibWebRTCPeerConnection.h:
        (WebCore::MockMediaStreamTrack::state const):
        (WebCore::MockRtpReceiver::SetObserver):

2020-03-16  Hurnjoo Lee  <hurnjoo.lee@samsung.com>, Fujii Hironori  <Hironori.Fujii@sony.com>, Carlos Garcia Campos  <cgarcia@igalia.com>

        [Cairo][SVG] marker-mid isn't shown on a joint of rectilinearly connected line-to path segments
        https://bugs.webkit.org/show_bug.cgi?id=113849

        Reviewed by Adrian Perez de Castro.

        Marker-mid of svg is not displayed because path elements that added to
        cairo backend are optimized. If the new line_to has same slope with
        the previous path element, then the path element is joined to previous
        path element.

        Example:

        added path elements : moveto(-5,-2), lineto(0,-2), lineto(5,-2)
        cairo_path_data : moveto(-5,-2), lineto(5, -2)

        This patch stores all of path informations separately in order to avoid
        this problem. When generating positions of markers, we use stored path
        informations instead of cairo_path_data.

        When a new operation can't be directly stored in an ElementPath, we fallback to use cairo_path_data() in
        Path::apply().

        * platform/graphics/Path.h: Add new constructor that receives a cairo context, make ensureCairoPath() private
        and add m_elements member.
        * platform/graphics/cairo/FontCairo.cpp:
        (WebCore::Font::platformPathForGlyph const): Create a cairo context for the path and use the new constructor
        that receives a RefPtr<cairo_t>&&.
        * platform/graphics/cairo/PathCairo.cpp:
        (WebCore::Path::Path): Initialize m_elements to an empty vector when created without a cairo context.
        (WebCore::Path::operator=): Also copy m_elements.
        (WebCore::Path::clear): Initialize m_elements to an empty vector.
        (WebCore::Path::translate): Apply the translate to elements in m_elements.
        (WebCore::Path::appendElement): Helper to add an operation to m_elements.
        (WebCore::Path::moveToSlowCase): Call appendElement() if m_elements is not nullopt.
        (WebCore::Path::addLineToSlowCase): Ditto.
        (WebCore::Path::addRect): Ditto.
        (WebCore::Path::addQuadCurveToSlowCase): Ditto.
        (WebCore::Path::addBezierCurveToSlowCase): Ditto.
        (WebCore::Path::addArcSlowCase): Set m_elements to nullopt.
        (WebCore::Path::addArcTo): Ditto.
        (WebCore::Path::addEllipse): Ditto.
        (WebCore::Path::addPath): Ditto.
        (WebCore::Path::closeSubpath): Call appendElement() if m_elements is not nullopt.
        (WebCore::Path::applySlowCase const): Use elements from m_elements if it's not nullopt, otherwise fallback to
        use cairo_path_data.
        (WebCore::Path::transform): Apply the transform to elements in m_elements.

2020-03-16  Rob Buis  <rbuis@igalia.com>

        Remove addHTTPOriginIfNeeded calls
        https://bugs.webkit.org/show_bug.cgi?id=209127

        Reviewed by Darin Adler.

        Remove addHTTPOriginIfNeeded calls since they are get requests and navigations and the spec [1]
        indicates that the Origin header should not be written out, making these calls no-ops.

       [1] https://fetch.spec.whatwg.org/#append-a-request-origin-header

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::changeLocation):
        (WebCore::FrameLoader::loadURL):

2020-03-16  Rob Buis  <rbuis@igalia.com>

        Simplify ChromeClient.createWindow
        https://bugs.webkit.org/show_bug.cgi?id=209123

        Reviewed by Darin Adler.

        Simplify ChromeClient.createWindow by removing the FrameLoadRequest parameter.
        It was only passed for its ResourceRequest member, which can also be obtained
        from the NavigationAction parameter.

        * loader/EmptyClients.h:
        * loader/FrameLoader.cpp:
        (WebCore::createWindow):
        * page/Chrome.cpp:
        (WebCore::Chrome::createWindow const):
        * page/Chrome.h:
        * page/ChromeClient.h:
        * page/ContextMenuController.cpp:
        (WebCore::openNewWindow):

2020-03-15  Fujii Hironori  <Hironori.Fujii@sony.com>

        KeyedDecoderGeneric fails to allocate Vector while decoding broken data
        https://bugs.webkit.org/show_bug.cgi?id=207324

        Reviewed by Darin Adler.

        There were three crash bugs in it.

        KeyedDecoderGeneric was trying to allocate a buffer without
        ensuring the size wouldn't exceed the decoding data size by using
        bufferIsLargeEnoughToContain.

        It was trying to push an itme into the top dictionary of emtpy
        m_dictionaryStack when EndObject tag would appear without the
        preceding BeginObject tag.

        It was trying to push an item into the top array of empty
        m_arrayStack when EndArray tag would appear without the preceding
        BeginArray tag.

        Tests: TestWebKitAPI: KeyedCoding.DecodeRandomData

        * platform/generic/KeyedDecoderGeneric.cpp:
        (WebCore::readString):
        (WebCore::KeyedDecoderGeneric::KeyedDecoderGeneric):
        Check bufferIsLargeEnoughToContain(size) before allocating a Vector with size.
        Check if m_dictionaryStack and m_arrayStack are empty.

2020-03-15  Chris Dumez  <cdumez@apple.com>

        [DRT] InternalSettingsGenerated::resetToConsistentState() may override TestOptions::enableBackForwardCache
        https://bugs.webkit.org/show_bug.cgi?id=207481
        <rdar://problem/59331661>

        Reviewed by Darin Adler.

        Add a support for a new excludeFromInternalSetting option in Settings.yaml and use it for
        'usesBackForwardCache' setting. This means that script will no longer be able to toggle
        this particular setting via internals.settings JS API. Tests wanting to turn on the
        back / forward cache are supposed to use the following:
        <!-- webkit-test-runner [ enableBackForwardCache=true ] -->

        Using internals.settings JS API to turn on the back/forward cache would not work well
        with WebKit2 because of process-swap-on-navigation. Support for it in WK1 / DRT was
        causing flakiness because of a conflict between the 2 ways of enabling the setting.

        * Scripts/GenerateSettings.rb:
        * Scripts/SettingsTemplates/InternalSettingsGenerated.cpp.erb:
        * Scripts/SettingsTemplates/InternalSettingsGenerated.h.erb:
        * Scripts/SettingsTemplates/InternalSettingsGenerated.idl.erb:
        * page/Settings.yaml:

2020-03-15  Zalan Bujtas  <zalan@apple.com>

        [LFC][TFC] Add basic column span support for content box width
        https://bugs.webkit.org/show_bug.cgi?id=209120
        <rdar://problem/60463424>

        Reviewed by Antti Koivisto.

        Take the column spanning into account when computing the content width for the table cell.
        [content box width = column width(1) + column width(2) + .. + column width(spanning value) + ((spanning value - 1) * horizontal spacing)]

        Test: fast/layoutformattingcontext/table-colspan-simple.html

        * layout/tableformatting/TableFormattingContext.cpp:
        (WebCore::Layout::TableFormattingContext::layoutInFlowContent):
        (WebCore::Layout::TableFormattingContext::layoutTableCellBox):
        (WebCore::Layout::TableFormattingContext::positionTableCells):
        * layout/tableformatting/TableFormattingContext.h:
        * layout/tableformatting/TableGrid.cpp:
        (WebCore::Layout::TableGrid::appendCell):
        * layout/tableformatting/TableGrid.h:
        (WebCore::Layout::TableGrid::CellInfo::startColumn const):
        (WebCore::Layout::TableGrid::CellInfo::endColumn const):
        (WebCore::Layout::TableGrid::CellInfo::startRow const):
        (WebCore::Layout::TableGrid::CellInfo::endRow const):
        (WebCore::Layout::TableGrid::CellInfo::columnSpan const):
        (WebCore::Layout::TableGrid::CellInfo::rowSpan const):

2020-03-15  Yusuke Suzuki  <ysuzuki@apple.com>

        Should not use variable-length-array (VLA)
        https://bugs.webkit.org/show_bug.cgi?id=209043

        Reviewed by Mark Lam.

        * Configurations/Base.xcconfig:
        * crypto/mac/SerializedCryptoKeyWrapMac.mm:
        (WebCore::wrapSerializedCryptoKey):
        (WebCore::unwrapSerializedCryptoKey):
        * html/canvas/WebGL2RenderingContext.cpp:
        (WebCore::WebGL2RenderingContext::getInternalformatParameter):
        * platform/mediastream/mac/CoreAudioCaptureDeviceManager.cpp:
        (WebCore::CoreAudioCaptureDeviceManager::refreshAudioCaptureDevices):
        * platform/mediastream/mac/ScreenDisplayCaptureSourceMac.mm:
        (WebCore::updateDisplayID):
        (WebCore::ScreenDisplayCaptureSourceMac::screenCaptureDevices):

2020-03-14  Brent Fulgham  <bfulgham@apple.com>

        Add missing checks needed for AppBound Quirk
        https://bugs.webkit.org/show_bug.cgi?id=209117
        <rdar://problem/60460097>

        Reviewed by John Wilander.

        The checks for the 'NeedsInAppBrowserPrivacyQuirks' flag added in r258101 was incomplete.
        Two additional call sites need to check the state of the flag.

        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::executeScriptInWorld): Add missing check for the quirk.
        * loader/FrameLoaderClient.h: Add new API for the 'NeedsInAppBrowserPrivacyQuirks'
        debug flag.
        * page/Frame.cpp:
        (WebCore::Frame::injectUserScriptImmediately): Ditto.

2020-03-10  Darin Adler  <darin@apple.com>

        Change all return values in TextIterator header from live ranges to SimpleRange
        https://bugs.webkit.org/show_bug.cgi?id=208906

        Reviewed by Antti Koivisto.

        This is another step in moving off of live ranges for WebKit internals.

        - Change return values of remaining functions that were returning live ranges in
          the TextIterator header to return SimpleRange.
        - Change some arguments from live ranges to SimpleRange.
        - At some call sites, use createLiveRange to convert the SimpleRange into a live
          range (for now), but at others update the code to use SimpleRange.
        - Renamed a version of findPlainText that returns a boolean to containsPlainText.
        - Convert call sites that were using createLiveRange just to use the
          Range::startPosition and Range::endPosition functions to instead use a new
          overload of the createLegacyEditingPosition function that can be used with
          SimpleRange::start and SimpleRange::end because it takes a BoundaryPoint.

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::rangeMatchesTextNearRange): Return Optional<SimpleRange>
        and take SimpleRange argument.
        (WebCore::AXObjectCache::previousBoundary): Updated since
        SimplifiedBackwardsTextIterator::range now returns SimpleRange.
        * accessibility/AXObjectCache.h: Updated for the above.

        * accessibility/AccessibilityObjectInterface.h:
        (WebCore::AXCoreObject::containsText const): Updated for name change.
        Now containsPlainText instead of findPlainText.

        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper arrayOfTextForTextMarkers:attributed:]):
        Use createLegacyEditingPosition instead of createLiveRange.
        (-[WebAccessibilityObjectWrapper rangeFromMarkers:withText:]): Use createLiveRange.

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper doAXAttributedStringForTextMarkerRange:spellCheck:]):
        Use createLegacyEditingPosition instead of createLiveRange.

        * dom/Position.cpp:
        (WebCore::createLegacyEditingPosition): Added an overload that takes a BoundaryPoint.
        * dom/Position.h: Updated for the above, also removed unneeded includes and forward
        declarations.

        * editing/Editing.cpp:
        (WebCore::visiblePositionForIndexUsingCharacterIterator): Updated since
        CharacterIterator::range is now a SimpleRange, use createLegacyEditingPosition.

        * editing/Editor.cpp:
        (WebCore::Editor::advanceToNextMisspelling): Updated since CharacterIterator::range
        is now a SimpleRange.
        (WebCore::Editor::rangeOfString): Updated since findPlainText now returns a
        SimpleRange; use createLiveRange.
        (WebCore::Editor::countMatchesForText): Ditto.

        * editing/TextIterator.cpp:
        (WebCore::SimplifiedBackwardsTextIterator::range const): Return a SimpleRange.
        (WebCore::CharacterIterator::range const): Ditto.
        (WebCore::characterSubrange): Updated since CharacterIterator::range returns
        a SimpleRange. Use createLiveRange.
        (WebCore::BackwardsCharacterIterator::BackwardsCharacterIterator): Cut down
        code here by initializing data members in the class definition.
        (WebCore::BackwardsCharacterIterator::range const): Return a SimpleRange.
        (WebCore::WordAwareIterator::WordAwareIterator): Cut down code here by
        initializing data members in the class definition.
        (WebCore::hasAnyPlainText): Take a SimpleRange, use createLiveRange.
        (WebCore::plainTextUsingBackwardsTextIteratorForTesting): Take a SimpleRange,
        use createLiveRange.
        (WebCore::collapsedToBoundary): Take and return a SimpleRange.
        (WebCore::findPlainTextMatches): Take a SimpleRange, use createLiveRange.
        (WebCore::rangeForMatch): Take and return a SimpleRange.
        (WebCore::findClosestPlainText): Ditto.
        (WebCore::findPlainText): Ditto.
        (WebCore::containsPlainText): Renamed from findPlainText since this returns
        a boolean, not a found location of some text.
        * editing/TextIterator.h: Updated for the above. Also changed some data
        members to use unsigned for offsets rather than int.

        * editing/TextManipulationController.cpp:
        (WebCore::ParagraphContentIterator::startPosition): Use
        createLegacyEditingPosition instead of createLiveRange.
        (WebCore::ParagraphContentIterator::endPosition): Ditto.

        * editing/VisiblePosition.h: Added a forward declaration here since Position.h
        no longer forward declares it.

        * editing/VisibleSelection.cpp:
        (WebCore::VisibleSelection::appendTrailingWhitespace): Updated since
        CharacterIterator::range is now a SimpleRange, use createLegacyEditingPosition.
        * editing/VisibleUnits.cpp:
        (WebCore::previousBoundary): Ditto.
        (WebCore::nextBoundary): Ditto.

        * testing/Internals.cpp:
        (WebCore::Internals::rangeOfStringNearLocation): Updated since
        findClosestPlainText now returns a SimpleRange, use createLiveRange.

2020-03-14  Zalan Bujtas  <zalan@apple.com>

        [LFC][TFC] Fill in the gaps with anonymous table cell boxes
        https://bugs.webkit.org/show_bug.cgi?id=209114
        <rdar://problem/60458806>

        Reviewed by Antti Koivisto.

        17.5 Visual layout of table contents
        A "missing cell" is a cell in the row/column grid that is not
        occupied by an element or pseudo-element. Missing cells are rendered
        as if an anonymous table-cell box occupied their position in the grid.
        (https://www.w3.org/TR/CSS22/tables.html)

        This helps to keep TableGrid an actual grid.

        Test: fast/layoutformattingcontext/table-missing-cells-simple.html

        * layout/layouttree/LayoutTreeBuilder.cpp:
        (WebCore::Layout::TreeBuilder::buildTableStructure):

2020-03-14  Peng Liu  <peng.liu6@apple.com>

        Cleanup RenderMediaControls.cpp and RenderMediaControlElements.cpp
        https://bugs.webkit.org/show_bug.cgi?id=209008

        Reviewed by Daniel Bates.

        Merge RenderMediaControls.[h|cpp] and RenderMediaControlElements.[h|cpp].
        Remove class RenderMediaVolumeSliderContainer because we can use RenderBlockFlow
        to render MediaControlTextTrackContainerElement.

        No new tests, no functional change.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * html/shadow/MediaControlElementTypes.cpp:
        * html/shadow/MediaControlElements.cpp:
        (WebCore::MediaControlTextTrackContainerElement::createElementRenderer):
        * rendering/RenderMediaControlElements.cpp: Removed.
        * rendering/RenderMediaControlElements.h: Removed.
        * rendering/RenderMediaControls.cpp:
        (WebCore::RenderMediaVolumeSliderContainer::RenderMediaVolumeSliderContainer):
        (WebCore::RenderMediaVolumeSliderContainer::layout):
        (WebCore::RenderMediaControlTimelineContainer::RenderMediaControlTimelineContainer):
        (WebCore::RenderMediaControlTimelineContainer::layout):
        * rendering/RenderMediaControls.h:
        * rendering/RenderThemeMac.mm:

2020-03-14  Daniel Bates  <dabates@apple.com>

        Share HitTestResult::addNodeToListBasedTestResult() impl for LayoutRect and FloatRect overloads
        https://bugs.webkit.org/show_bug.cgi?id=209107

        Reviewed by Brady Eidson.

        Remove code duplication for adding a node to the result set.

        * rendering/HitTestResult.cpp:
        (WebCore::HitTestResult::addNodeToListBasedTestResultCommon): Added.
        (WebCore::HitTestResult::addNodeToListBasedTestResult): Write in terms of addNodeToListBasedTestResultCommon().
        * rendering/HitTestResult.h:

2020-03-14  Zalan Bujtas  <zalan@apple.com>

        [Tree building] Reset the fragmented flow status before calling child.willBeRemovedFromTree.
        https://bugs.webkit.org/show_bug.cgi?id=209100
        <rdar://problem/60434672>

        Reviewed by Simon Fraser.

        ::willBeRemovedFromTree() assumes all the cleanup has happened and it's the final step before calling d'tor.
        It clears m_fragmentList that resetFragmentedFlowStateOnRemoval() later checks for consistency (m_fragmentList.contains(fragment)).

        Test: fast/multicol/reparent-fragment-flow-content.html

        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::detachFromRenderElement):

2020-03-14  Rob Buis  <rbuis@igalia.com>

        Set Origin header value to null rather than omitting it
        https://bugs.webkit.org/show_bug.cgi?id=186030

        Reviewed by Youenn Fablet.

        For every redirect, addHTTPOriginIfNeeded should be called to
        make sure that the tainted origin logic is applied [1, Step 10] and
        thus the request after redirect has the correct Origin header.

        Make AppleWin treat 308 redirects like 307 and so keeping http
        methods across redirects. This is similar to
        https://bugs.webkit.org/show_bug.cgi?id=154348.

        [1] https://fetch.spec.whatwg.org/#concept-http-network-or-cache-fetch

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::addHTTPOriginIfNeeded):
        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::checkRedirectionCrossOriginAccessControl):
        * platform/network/cf/ResourceHandleCFURLConnectionDelegate.cpp:
        (WebCore::ResourceHandleCFURLConnectionDelegate::createResourceRequest):

2020-03-14  Ryosuke Niwa  <rniwa@webkit.org>

        Call SVGTRefElement::buildPendingResource in SVGElement::didFinishInsertingNode
        https://bugs.webkit.org/show_bug.cgi?id=208981

        Reviewed by Antti Koivisto.

        This patch moves the call to SVGTRefElement::buildPendingResource from SVGElement::insertedIntoAncestor
        to SVGElement::didFinishInsertingNode.

        * svg/SVGElement.cpp:
        (WebCore::SVGElement::insertedIntoAncestor): Return true when the element has a pending resource ID.
        (WebCore::SVGElement::didFinishInsertingNode): Added. Calls buildPendingResourcesIfNeeded.
        * svg/SVGElement.h:

2020-03-13  Said Abou-Hallawa  <said@apple.com>

        SVGMatrix should have the access right of its owner SVGTransform always
        https://bugs.webkit.org/show_bug.cgi?id=207462

        Reviewed by Simon Fraser.

        The SVGMatrix needs to be reattached to its owner SVGTransform when the
        access right of this owner changes. The access right of the owner changes
        when it gets attached to or detached from a higher level owner.

        Test: svg/dom/SVGTransformList-anim-read-only.html

        * svg/SVGTransform.h:
        * svg/properties/SVGProperty.h:
        (WebCore::SVGProperty::attach):
        (WebCore::SVGProperty::detach):
        (WebCore::SVGProperty::reattach):

2020-03-13  Alex Christensen  <achristensen@webkit.org>

        WKWebView._negotiatedLegacyTLS should be correct after back/forward navigations
        https://bugs.webkit.org/show_bug.cgi?id=209011
        <rdar://problem/59370588>

        Reviewed by Youenn Fablet.

        This is basically r258343 but for legacy TLS negotiation instead of plaintext HTTP use.

        * dom/SecurityContext.h:
        (WebCore::SecurityContext::usedLegacyTLS const):
        (WebCore::SecurityContext::setUsedLegacyTLS):
        * history/CachedFrame.cpp:
        (WebCore::CachedFrame::usedLegacyTLS const):
        (WebCore::CachedFrame::setUsedLegacyTLS): Deleted.
        * history/CachedFrame.h:
        (WebCore::CachedFrame::usedLegacyTLS const): Deleted.
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::commitProvisionalLoad):
        * platform/network/ResourceResponseBase.cpp:
        (WebCore::ResourceResponseBase::includeCertificateInfo const):
        * platform/network/ResourceResponseBase.h:
        (WebCore::ResourceResponseBase::setUsedLegacyTLS):

2020-03-13  Zalan Bujtas  <zalan@apple.com>

        [Tree building] Block::attachIgnoringContinuation should allow inline tables as before child container
        https://bugs.webkit.org/show_bug.cgi?id=209095
        <rdar://problem/59837588>

        Reviewed by Simon Fraser.

        It's perfectly valid to have an inline table as the anonymous container for the before child.
        It'll get wrapped inside an anonymous block right before we insert the block box candidate, so
        the final result will be something like:

        new block level child (this is the child we are inserting)
        anonymous block wrapper
          inline table (this is the before child's inline container)
            before child 

        Test: fast/table/before-child-is-inline-table.html

        * rendering/updating/RenderTreeBuilderBlock.cpp:
        (WebCore::RenderTreeBuilder::Block::attachIgnoringContinuation):

2020-03-13  Said Abou-Hallawa  <sabouhallawa@apple.com>

        [GPU Process] GraphicsContextStateChange::apply() should process ShadowsIgnoreTransformsChange before processing ShadowChange
        https://bugs.webkit.org/show_bug.cgi?id=209071

        Reviewed by Darin Adler.

        Ensure GraphicsContextStateChange::apply() calls shadowsIgnoreTransforms()
        before calling setLegacyShadow() or setShadow().

        Test: This patch fixes the following tests when running:
        "run-webkit-tests --internal-feature RenderCanvasInGPUProcessEnabled"
            fast/canvas/canvas-image-shadow.html
            fast/canvas/canvas-scale-drawImage-shadow.html
            fast/canvas/canvas-scale-fillPath-shadow.html
            fast/canvas/canvas-scale-fillRect-shadow.html
            fast/canvas/canvas-scale-shadowBlur.html
            fast/canvas/canvas-transforms-fillRect-shadow.html
            fast/canvas/fillText-shadow.html

        * platform/graphics/GraphicsContext.cpp:
        (WebCore::GraphicsContextStateChange::apply const):

2020-03-13  John Wilander  <wilander@apple.com>

        Remove unused code related to removePrevalentDomains()
        https://bugs.webkit.org/show_bug.cgi?id=209078
        <rdar://problem/59681984>

        Reviewed by Brent Fulgham.

        The various removePrevalentDomains() functions and its IPC endpoint are unused and should be removed.

        No new tests. Just dead code removal.

        * platform/network/NetworkStorageSession.cpp:
        (WebCore::NetworkStorageSession::removePrevalentDomains): Deleted.
        * platform/network/NetworkStorageSession.h:

2020-03-13  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] Push applicationSDKVersion() down from WebCore into WTF
        https://bugs.webkit.org/show_bug.cgi?id=209030

        Reviewed by Simon Fraser.

        * html/HTMLObjectElement.cpp:
        * html/MediaElementSession.cpp:
        (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback const):
        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest):
        * platform/RuntimeApplicationChecks.h:
        * platform/Timer.cpp:
        (WebCore::shouldSuppressThreadSafetyCheck):
        * platform/cocoa/RuntimeApplicationChecksCocoa.mm:
        (WebCore::applicationSDKVersionOverride): Deleted.
        (WebCore::setApplicationSDKVersion): Deleted.
        (WebCore::applicationSDKVersion): Deleted.

2020-03-13  Jiewen Tan  <jiewen_tan@apple.com>

        [WebAuthn] Customize a bit more on the macOS LocalAuthentication prompt
        https://bugs.webkit.org/show_bug.cgi?id=208703
        <rdar://problem/60136974>

        Reviewed by Darin Adler.

        * en.lproj/Localizable.strings:
        * platform/LocalizedStrings.cpp:
        (WebCore::touchIDPromptTitle):
        * platform/LocalizedStrings.h:
        Adds a new formatted UI string to help with RP ID.

2020-03-13  Peng Liu  <peng.liu6@apple.com>

        Safari sometimes crashes when switch video into PiP mode
        https://bugs.webkit.org/show_bug.cgi?id=208904

        Reviewed by Simon Fraser.

        With this patch, MediaControlTextTrackContainerElement won't paint its subtree
        to an image buffer (for the captions in video fullscreen or picture-in-picture mode)
        when the cues are updated. Instead, it only sets the flag m_needsGenerateTextTrackRepresentation
        to true after running layout based on the new cues. After that, it paints its subtree
        to an image buffer if needed at the end of Page::updateRendering() when the layout is clean.
        TextTrackRepresentationCocoa will use the image buffer to set the content of the layer
        for captions in video fullscreen or picture-in-picture mode.

        MediaControlTextTrackContainerElement class is responsible for rendering the captions in both:
        1) a video player in the inline mode.
        2) a video player in "video fullscreen" or picture-in-picture mode.
        This patch refactors some functions to make their responsibilities clear.

        * Modules/mediacontrols/MediaControlsHost.cpp:
        (WebCore::MediaControlsHost::updateTextTrackRepresentationImageIfNeeded):
        * Modules/mediacontrols/MediaControlsHost.h:
        * dom/Document.cpp:
        (WebCore::Document::setMediaElementShowingTextTrack):
        (WebCore::Document::clearMediaElementShowingTextTrack):
        (WebCore::Document::updateTextTrackRepresentationImageIfNeeded):
        * dom/Document.h:

        Functions textTracksAreReady(), textTrackReadyStateChanged() and configureTextTrackDisplay()
        should be wrapped with "#if ENABLE(VIDEO_TRACK)".
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::setTextTrackRepresentation):
        (WebCore::HTMLMediaElement::textTracksAreReady const):
        (WebCore::HTMLMediaElement::textTrackReadyStateChanged):
        (WebCore::HTMLMediaElement::configureTextTrackDisplay):
        (WebCore::HTMLMediaElement::updateTextTrackRepresentationImageIfNeeded):
        * html/HTMLMediaElement.h:

        * html/shadow/MediaControlElements.cpp:
        (WebCore::MediaControlTextTrackContainerElement::createElementRenderer):
        (WebCore::MediaControlTextTrackContainerElement::updateDisplay):
        (WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentationImageIfNeeded):
        (WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentationIfNeeded):
        (WebCore::MediaControlTextTrackContainerElement::clearTextTrackRepresentation):
        (WebCore::MediaControlTextTrackContainerElement::updateTextTrackStyle):
        (WebCore::MediaControlTextTrackContainerElement::enteredFullscreen):
        (WebCore::MediaControlTextTrackContainerElement::updateVideoDisplaySize):
        (WebCore::MediaControlTextTrackContainerElement::updateSizes):
        (WebCore::MediaControlTextTrackContainerElement::createTextTrackRepresentationImage):
        (WebCore::MediaControlTextTrackContainerElement::textTrackRepresentationBoundsChanged):
        (WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentation): Deleted.
        (WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentationStyle): Deleted.
        (WebCore::MediaControlTextTrackContainerElement::layoutIfNecessary): Deleted.
        (WebCore::MediaControlTextTrackContainerElement::updateCueStyles): Deleted.
        * html/shadow/MediaControlElements.h:
        * html/shadow/MediaControls.cpp:
        (WebCore::MediaControls::updateTextTrackRepresentationImageIfNeeded):
        * html/shadow/MediaControls.h:
        * page/Page.cpp:
        (WebCore::Page::updateRendering):
        * rendering/RenderMediaControlElements.cpp:
        (WebCore::RenderMediaControlTextTrackContainer::RenderMediaControlTextTrackContainer):
        (WebCore::RenderMediaControlTextTrackContainer::layout):
        (WebCore::RenderTextTrackContainerElement::RenderTextTrackContainerElement): Deleted.
        (WebCore::RenderTextTrackContainerElement::layout): Deleted.
        * rendering/RenderMediaControlElements.h:

2020-03-13  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, reverting r258391.

        Breaks internal builds.

        Reverted changeset:

        "Apply rotation at source level if WebRTC sink ask so"
        https://bugs.webkit.org/show_bug.cgi?id=205645
        https://trac.webkit.org/changeset/258391

2020-03-13  Kate Cheney  <katherine_cheney@apple.com>

        Report all third party loads on a per-page basis
        https://bugs.webkit.org/show_bug.cgi?id=209032
        <rdar://problem/60397323>

        Reviewed by Chris Dumez.

        Test: http/tests/resourceLoadStatistics/loaded-registrable-domains-get-reported.html

        Rename this function to more accurately reflect its purpose of sending
        loaded registrable domains to the WebPage.

        * Modules/websockets/WebSocket.cpp:
        (WebCore::WebSocket::connect):
        * loader/FrameLoaderClient.h:
        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::willSendRequestInternal):
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestResource):

2020-03-13  Antti Koivisto  <antti@apple.com>

        Remove AffectedByDrag style flag
        https://bugs.webkit.org/show_bug.cgi?id=209054

        Reviewed by Simon Fraser.

        As a followup to r258321, remove the last remaining user action related AffectedBy flag.

        This also cleans out a bunch of scetchy, risky code from render tree (style invalidation!).

        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::checkOne const):
        * dom/DataTransfer.cpp:
        (WebCore::DataTransfer::createDragImage const):
        * dom/Element.cpp:
        (WebCore::Element::isUserActionElementDragged const):
        (WebCore::Element::setBeingDragged):

        Move dragged state for render tree to Element where it belongs.

        (WebCore::Element::hasFlagsSetDuringStylingOfChildren const):
        * dom/Element.h:
        (WebCore::Element::isBeingDragged const):
        (WebCore::Element::descendantsAffectedByPreviousSibling const):
        (WebCore::Element::setDescendantsAffectedByPreviousSibling):
        (WebCore::Element::childrenAffectedByDrag const): Deleted.
        (WebCore::Element::setChildrenAffectedByDrag): Deleted.
        * dom/Node.h:
        * dom/UserActionElementSet.h:
        (WebCore::UserActionElementSet::isBeingDragged):
        (WebCore::UserActionElementSet::setBeingDragged):

        Invalidate using PseudoClassChangeInvalidation that doesn't require any flags.

        * platform/DragImage.cpp:
        (WebCore::ScopedNodeDragEnabler::ScopedNodeDragEnabler):
        (WebCore::ScopedNodeDragEnabler::~ScopedNodeDragEnabler):
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::updateDragState): Deleted.
        * rendering/RenderBlock.h:
        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::updateDragState): Deleted.
        * rendering/RenderInline.h:
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::updateDragState): Deleted.
        (WebCore::RenderObject::setIsDragging): Deleted.
        * rendering/RenderObject.h:
        (WebCore::RenderObject::RenderObjectRareData::RenderObjectRareData):
        (WebCore::RenderObject::isDragging const): Deleted.
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::RenderStyle):
        * rendering/style/RenderStyle.h:
        (WebCore::RenderStyle::NonInheritedFlags::operator== const):
        (WebCore::RenderStyle::affectedByDrag const): Deleted.
        (WebCore::RenderStyle::setAffectedByDrag): Deleted.
        * style/StyleRelations.cpp:
        (WebCore::Style::commitRelationsToRenderStyle):
        (WebCore::Style::commitRelations):
        * style/StyleRelations.h:

2020-03-13  Andres Gonzalez  <andresg_22@apple.com>

        [WebAccessibilityObjectWrapper renderWidgetChildren] does not need to run on main thread.
        https://bugs.webkit.org/show_bug.cgi?id=209053
        <rdar://problem/60349440>

        Reviewed by Chris Fleizach.

        Since we are caching the platform widget in IsolatedMode (NSView),
        there is no need to dispatch renderWidgetChildren to the main thread.

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper renderWidgetChildren]):

2020-03-13  Ryosuke Niwa  <rniwa@webkit.org>

        Crash in TextIterator::node via TextManipulationController::replace
        https://bugs.webkit.org/show_bug.cgi?id=209048

        Reviewed by Wenson Hsieh.

        The crash was caused by item.start being null in TextManipulationController::replace for a paragraph
        consisting of just an image because TextManipulationController::observeParagraphs never may never set
        startOfCurrentParagraph in such a case (content.isTextContent can be false for an image!).

        Fixed the bug by setting startOfCurrentParagraph to a position before the current content's node
        when inserting a token for a RenderReplaced if it's null.

        Test: TextManipulation.CompleteTextManipulationShouldReplaceContentsAroundParagraphWithJustImage

        * editing/TextManipulationController.cpp:
        (WebCore::TextManipulationController::observeParagraphs):

2020-03-13  Michael Catanzaro  <mcatanzaro@gnome.org>

        -Wredundant-move in CSSPropertyParserHelpers.cpp
        https://bugs.webkit.org/show_bug.cgi?id=209019

        Reviewed by Youenn Fablet.

        Silence compiler warning by removing improper WTFMove().

        * css/parser/CSSPropertyParserHelpers.cpp:
        (WebCore::CSSPropertyParserHelpers::consumeDeprecatedRadialGradient):

2020-03-13  Youenn Fablet  <youenn@apple.com>

        Apply rotation at source level if WebRTC sink ask so
        https://bugs.webkit.org/show_bug.cgi?id=205645

        Reviewed by Eric Carlson.

        Add a virtual method to RealtimeMediaSource to pass the information that the sink prefers the frames to be rotated before sending them.
r       By default, the method does nothing and RealtimeOutgoingVideoSource will continue to do the rotation itself.
        Update ImageRotationSessionVT to be more easily usable by users having MediaSample instead of CVPixelBuffer.
        Update RealtimeOutgoingVideoSource to use that routine: whenever applying rotation is needed,
        it will ask its track source to apply rotation. If the track source cannot do it, it will do it on its own.

        Test: webrtc/video-rotation-no-cvo.html

        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
        (WebCore::LibWebRTCPeerConnectionBackend::applyRotationForOutgoingVideoSources):
        * WebCore.xcodeproj/project.pbxproj:
        * platform/graphics/cv/ImageRotationSessionVT.h:
        (WebCore::operator==):
        (WebCore::operator!=):
        * platform/graphics/cv/ImageRotationSessionVT.mm:
        (WebCore::ImageRotationSessionVT::ImageRotationSessionVT):
        (WebCore::ImageRotationSessionVT::initialize):
        (WebCore::ImageRotationSessionVT::rotate):
        * platform/mediastream/RealtimeMediaSource.h:
        * platform/mediastream/RealtimeOutgoingVideoSource.cpp:
        (WebCore::RealtimeOutgoingVideoSource::setSource):
        (WebCore::RealtimeOutgoingVideoSource::applyRotation):
        (WebCore::RealtimeOutgoingVideoSource::AddOrUpdateSink):
        * platform/mediastream/RealtimeOutgoingVideoSource.h:

2020-03-13  youenn fablet  <youenn@apple.com>

        Remove use of PlatformMediaSession types in AudioSession
        https://bugs.webkit.org/show_bug.cgi?id=208995

        Reviewed by Eric Carlson.

        Remove type for beginInterruption since AudioSession always trigger system interruptions.
        Have a dedicated type for endInterruption.
        No change of behavior.

        * platform/audio/AudioSession.cpp:
        (WebCore::AudioSession::beginInterruption):
        (WebCore::AudioSession::endInterruption):
        * platform/audio/AudioSession.h:
        * platform/audio/ios/AudioSessionIOS.mm:
        (-[WebInterruptionObserverHelper interruption:]):
        (WebCore::AudioSession::beginInterruption):
        (WebCore::AudioSession::endInterruption):
        * platform/audio/ios/MediaSessionManagerIOS.h:

2020-03-13  Antti Koivisto  <antti@apple.com>

        Remove unused affectedBy style flags
        https://bugs.webkit.org/show_bug.cgi?id=209009

        Reviewed by Antoine Quint.

        These flags are unused after r258321. Remove the flags and the code that generates them.

        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::checkOne const):
        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::addStyleRelationFunction):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsActive):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsHovered):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementHasFocusWithin):
        * dom/Element.cpp:
        (WebCore::Element::hasFlagsSetDuringStylingOfChildren const):
        (WebCore::Element::resetStyleRelations):
        * dom/Element.h:
        (WebCore::Element::styleAffectedByEmpty const):
        (WebCore::Element::descendantsAffectedByPreviousSibling const):
        (WebCore::Element::setStyleAffectedByEmpty):
        (WebCore::Element::setDescendantsAffectedByPreviousSibling):
        (WebCore::Element::styleAffectedByActive const): Deleted.
        (WebCore::Element::styleAffectedByFocusWithin const): Deleted.
        (WebCore::Element::childrenAffectedByHover const): Deleted.
        (WebCore::Element::setStyleAffectedByFocusWithin): Deleted.
        (WebCore::Element::setChildrenAffectedByHover): Deleted.
        (WebCore::Element::setStyleAffectedByActive): Deleted.
        * dom/Node.h:
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::RenderStyle):
        * rendering/style/RenderStyle.h:
        (WebCore::RenderStyle::affectedByDrag const):
        (WebCore::RenderStyle::NonInheritedFlags::operator== const):
        (WebCore::RenderStyle::affectedByHover const): Deleted.
        (WebCore::RenderStyle::affectedByActive const): Deleted.
        (WebCore::RenderStyle::setAffectedByHover): Deleted.
        (WebCore::RenderStyle::setAffectedByActive): Deleted.
        * style/StyleRelations.cpp:
        (WebCore::Style::commitRelationsToRenderStyle):
        (WebCore::Style::commitRelations):
        * style/StyleRelations.h:
        * style/StyleSharingResolver.cpp:
        (WebCore::Style::SharingResolver::canShareStyleWithElement const):

        Compare the hasFocusWithin bit instead.

2020-03-12  Yusuke Suzuki  <ysuzuki@apple.com>

        Report crashed cell in jsCast in debug builds
        https://bugs.webkit.org/show_bug.cgi?id=209041
        <rdar://problem/59705631>

        Reviewed by Mark Lam.

        We should take JSLock when touching JSC::VM.

        * page/MemoryRelease.cpp:
        (WebCore::logMemoryStatisticsAtTimeOfDeath):
        * page/PerformanceLogging.cpp:
        (WebCore::PerformanceLogging::memoryUsageStatistics):

2020-03-12  Cathie Chen  <cathiechen@igalia.com>

        REGRESSION(r255957): Element with scroll-behavior:smooth isn't draggable after r255957
        https://bugs.webkit.org/show_bug.cgi?id=208566

        Reviewed by Simon Fraser and Frédéric Wang.

        To perform smooth scroll, RenderLayer::scrollRectToVisible checks the value of scroll-behavior.
        It starts an animated scrolling if scroll-behavior is smooth.
        On the other hand, the drag action would start an autoscroll if the element is scrollable.
        The autoscroll uses m_autoscrollTimer which is a repeating timer, when the timer fired it calls
        scrollRectToVisible with different positions.
        So if performing autoscroll on scroll-bahavior: smooth element, there are two nested animations.
        When timer fired, scrollRectToVisible is called, because of scroll-behavior:smooth, it starts
        animated scrolling not instant scrolling. Then there's the next timer fired, the previous
        animated scrolling would be canceled. Eventually, the element becomes un-draggable.
        To fix this, while performing autoscroll, scrollRectToVisible shouldn't trigger animated scrolling
        no matter what the value of scroll-behavior is.

        Test: fast/events/drag-smooth-scroll-element.html

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::scrollRectToVisible):
        (WebCore::RenderLayer::autoscroll):
        * rendering/RenderLayer.h:

2020-03-12  Zalan Bujtas  <zalan@apple.com>

        RenderTreeNeedsLayoutChecker asserts with imported/w3c/web-platform-tests/css/css-position/position-absolute-crash-chrome-005.html
        https://bugs.webkit.org/show_bug.cgi?id=209022
        <rdar://problem/60390647>

        Reviewed by Simon Fraser.

        Fix the case when
        1. the block level box is no longer the containing block for its out-of-flow descendants and
        2. the new containing block does not get marked dirty because there's a re-layout boundary (overflow: hidden)
        between the old and the new containing block.

        Test: fast/block/containing-block-for-out-of-flow-becomes-static.html

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::removePositionedObjectsIfNeeded):
        (WebCore::RenderBlock::removePositionedObjects):

2020-03-12  Ryosuke Niwa  <rniwa@webkit.org>

        Crash in TextManipulationController::replace
        https://bugs.webkit.org/show_bug.cgi?id=209021

        Reviewed by Wenson Hsieh.

        This patch addresses two issues that can lead to a crash in TextManipulationController::replace.

        The biggest issue here is that commonAncestor can be a descendent of insertionPoint's containerNode.
        Addressed this issue by computing the first node to remove in the same traveral where commonAncestor
        is computed by way of remembering the very first content node (firstContentNode). This also lets us
        eliminate the secondary, redundant traversal to discover all the nodes to remove.

        In addition, the set of nodes to remove could sometimes contain commonAncestor and its ancestors.
        This patch addresses this issue by removing all inclusive ancestors of commonAncestor from nodesToRemove.

        * editing/TextManipulationController.cpp:
        (WebCore::TextManipulationController::replace):

2020-03-12  Per Arne Vollan  <pvollan@apple.com>

        [macOS] _AXSApplicationAccessibilityEnabled should not be called
        https://bugs.webkit.org/show_bug.cgi?id=208953

        Reviewed by Brent Fulgham.

        The function _AXSApplicationAccessibilityEnabled and the notification kAXSApplicationAccessibilityEnabledNotification
        exist on macOS, but they do not have the same behavior as on iOS, and should not be used in the same way. Using this
        function and notification on macOS was introduced in <https://bugs.webkit.org/show_bug.cgi?id=208690>, and this patch
        partially reverts this behavior.

        API test: WebKit.IsRemoteUIAppForAccessibility

        * testing/Internals.cpp:
        (WebCore::Internals::isRemoteUIAppForAccessibility):
        * testing/Internals.h:
        * testing/Internals.idl:
        * testing/Internals.mm:
        (WebCore::Internals::isRemoteUIAppForAccessibility):

2020-03-12  Andres Gonzalez  <andresg_22@apple.com>

        Cache the ScrollView platformWidget to avoid [WebAccessibilityObjectWrapper scrollViewParent] hitting the main thread too often.
        https://bugs.webkit.org/show_bug.cgi?id=209010

        Reviewed by Chris Fleizach.

        - [WebAccessibilityObjectWrapper scrollViewParent] is called very often
        and blocks the AXThread to retrieve a value from the main thread. This
        change caches the PlatformWidget for the corresponding ScrollView (an
        NSView) to avoid hitting the main thread that often.
        - In Addition, made the ScrollView member of AccessibilityScrollView a
        WeakPtr instead of a naked pointer.
        - Removed an unused lock from AXIsolatedObject and the const qualifier
        from the return value of stringAttributeValue which is unnecessary.

        * accessibility/AccessibilityObject.h:
        * accessibility/AccessibilityObjectInterface.h:
        * accessibility/AccessibilityScrollView.cpp:
        (WebCore::AccessibilityScrollView::AccessibilityScrollView):
        (WebCore::AccessibilityScrollView::platformWidget const):
        (WebCore::AccessibilityScrollView::widgetForAttachmentView const):
        (WebCore::AccessibilityScrollView::webAreaObject const):
        (WebCore::AccessibilityScrollView::documentFrameView const):
        (WebCore::AccessibilityScrollView::parentObject const):
        (WebCore::AccessibilityScrollView::parentObjectIfExists const):
        (WebCore::AccessibilityScrollView::getScrollableAreaIfScrollable const):
        * accessibility/AccessibilityScrollView.h:
        * accessibility/isolatedtree/AXIsolatedObject.cpp:
        (WebCore::AXIsolatedObject::initializeAttributeData):
        (WebCore::AXIsolatedObject::stringAttributeValue const):
        (WebCore::AXIsolatedObject::platformWidget const):
        * accessibility/isolatedtree/AXIsolatedObject.h:
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper scrollViewParent]):

2020-03-12  Andres Gonzalez  <andresg_22@apple.com>

        Attributes SelectionTextMarkerRange and Start/EndTextMarker need to run on the main thread.
        https://bugs.webkit.org/show_bug.cgi?id=208996

        Reviewed by Chris Fleizach.

        Covered by existing tests.

        Dispatch to the main thread the computation of these accessibility attributes.

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):

2020-03-12  Andres Gonzalez  <andresg_22@apple.com>

        AX: Isolated tree: Crash in URL retrieval
        https://bugs.webkit.org/show_bug.cgi?id=208942
        <rdar://problem/60337588>

        Reviewed by Chris Fleizach.

        Test: accessibility/url-test.html

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::url const): Check for m_renderer
        before dereferencing and re-use the associated Node. Also fixes the last
        type check and downcast that were using different types.

2020-03-12  Alex Christensen  <achristensen@webkit.org>

        WKWebView.hasOnlySecureContent should be correct after back/forward navigations
        https://bugs.webkit.org/show_bug.cgi?id=207609
        <rdar://problem/59371252>

        Reviewed by Ryosuke Niwa.

        The web process informs the UI process of insecure content loads when http resources are requested from https pages.
        The web process also remembers that this happened.
        Rather than ask the UI process during a navigation, which can sometimes get information about the wrong navigation,
        just use the remembered values.  We will need to do something for legacy TLS loads too, but I left that code as it is
        for this patch.  Another is coming soon.

        Covered by API tests.

        * history/CachedFrame.cpp:
        (WebCore::CachedFrame::setUsedLegacyTLS):
        (WebCore::CachedFrame::hasInsecureContent const):
        (WebCore::CachedFrame::setHasInsecureContent): Deleted.
        * history/CachedFrame.h:
        (WebCore::CachedFrame::hasInsecureContent const): Deleted.
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::commitProvisionalLoad):

2020-03-12  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r257938): Some pointerevents/ios/touch-action-region tests started to fail
        https://bugs.webkit.org/show_bug.cgi?id=209005
        <rdar://problem/60337239>

        Reviewed by Tim Horton, Wenson Hsieh.

        We need to continue to paint event regions if there are touch-action elements.

        Tested by existing tests.

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateEventRegion):

2020-03-12  youenn fablet  <youenn@apple.com>

        FrameLoader should own its FrameLoaderClient
        https://bugs.webkit.org/show_bug.cgi?id=208918

        Reviewed by Geoffrey Garen.

        Update Frame/FrameLoader constructors to get a UniqueRef<FrameLoaderClient>.
        This makes the lifetime management much clearer and allows some WebKit1/WebKit2 clean-up.

        Covered by existing tests.

        * loader/EmptyClients.cpp:
        (WebCore::pageConfigurationWithEmptyClients):
        * loader/EmptyFrameLoaderClient.h:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::FrameLoader):
        (WebCore::FrameLoader::~FrameLoader):
        (WebCore::FrameLoader::init):
        (WebCore::FrameLoader::initForSynthesizedDocument):
        (WebCore::FrameLoader::didExplicitOpen):
        (WebCore::FrameLoader::receivedFirstData):
        (WebCore::FrameLoader::finishedParsing):
        (WebCore::FrameLoader::loadArchive):
        (WebCore::FrameLoader::setOpener):
        (WebCore::FrameLoader::provisionalLoadStarted):
        (WebCore::FrameLoader::loadInSameDocument):
        (WebCore::FrameLoader::prepareForLoadStart):
        (WebCore::FrameLoader::setupForReplace):
        (WebCore::FrameLoader::load):
        (WebCore::FrameLoader::loadWithNavigationAction):
        (WebCore::FrameLoader::loadWithDocumentLoader):
        (WebCore::FrameLoader::willLoadMediaElementURL):
        (WebCore::FrameLoader::reloadWithOverrideEncoding):
        (WebCore::FrameLoader::reload):
        (WebCore::FrameLoader::setDocumentLoader):
        (WebCore::FrameLoader::commitProvisionalLoad):
        (WebCore::FrameLoader::transitionToCommitted):
        (WebCore::FrameLoader::clientRedirectCancelledOrFinished):
        (WebCore::FrameLoader::clientRedirected):
        (WebCore::FrameLoader::closeOldDataSources):
        (WebCore::FrameLoader::willChangeTitle):
        (WebCore::FrameLoader::dispatchDidFailProvisionalLoad):
        (WebCore::FrameLoader::checkLoadCompleteForThisFrame):
        (WebCore::FrameLoader::didReachLayoutMilestone):
        (WebCore::FrameLoader::didReachVisuallyNonEmptyState):
        (WebCore::FrameLoader::frameLoadCompleted):
        (WebCore::FrameLoader::checkLoadComplete):
        (WebCore::FrameLoader::userAgent const):
        (WebCore::FrameLoader::dispatchOnloadEvents):
        (WebCore::FrameLoader::detachViewsAndDocumentLoader):
        (WebCore::FrameLoader::receivedMainResourceError):
        (WebCore::FrameLoader::continueLoadAfterNavigationPolicy):
        (WebCore::FrameLoader::continueLoadAfterNewWindowPolicy):
        (WebCore::FrameLoader::loadedResourceFromMemoryCache):
        (WebCore::FrameLoader::loadDifferentDocumentItem):
        (WebCore::FrameLoader::cancelledError const):
        (WebCore::FrameLoader::blockedByContentBlockerError const):
        (WebCore::FrameLoader::blockedError const):
        (WebCore::FrameLoader::blockedByContentFilterError const):
        (WebCore::FrameLoader::connectionProperties):
        (WebCore::FrameLoader::dispatchDidClearWindowObjectInWorld):
        (WebCore::FrameLoader::dispatchGlobalObjectAvailableInAllWorlds):
        (WebCore::FrameLoader::didChangeTitle):
        (WebCore::FrameLoader::dispatchDidCommitLoad):
        (WebCore::FrameLoader::tellClientAboutPastMemoryCacheLoads):
        (WebCore::FrameLoader::completePageTransitionIfNeeded):
        * loader/FrameLoader.h:
        * loader/FrameLoaderClient.h:
        * page/Frame.cpp:
        (WebCore::Frame::Frame):
        (WebCore::Frame::create):
        * page/Frame.h:
        * page/Page.cpp:
        (WebCore::Page::Page):
        * page/PageConfiguration.cpp:
        (WebCore::PageConfiguration::PageConfiguration):
        * page/PageConfiguration.h:
        * workers/service/context/SWContextManager.cpp:
        * workers/service/context/SWContextManager.h:

2020-03-11  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r254054): finance.google.com watch list renders initially then disappears for 5+ seconds before reappearing
        https://bugs.webkit.org/show_bug.cgi?id=208972
        <rdar://problem/59727171>

        Reviewed by Zalan Bujtas.
        
        After r254054 we could get a style change in which opacity was unchanged, but
        hasAutoUsedZIndex() in the style changed (because Adjuster::adjustAnimatedStyle() can set it).

        In this case we failed to trigger layout, which means that we failed to recompute visual
        overflow when a layer changed from being self-painting to non-self-painting (which affects
        visual overflow computation and has hasAutoUsedZIndex() as input). We'd thus fail to paint some
        renderers because their visual overflow didn't intersect the paint dirty rect.

        Fix by having RenderStyle::changeRequiresLayout() return true if hasAutoUsedZIndex() differs
        between the styles. This has minimal performance impact; rareNonInheritedDataChangeRequiresLayout()
        already returns true if opacity, filters and other stacking-context-affecting properties change.

        Test: fast/overflow/animation-recompute-overflow.html

        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::addOverflowFromChild):
        (WebCore::RenderBox::addLayoutOverflow):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::changeRequiresLayout const):

2020-03-12  Daniel Bates  <dabates@apple.com>

        FocusController::setFocusedElement() should tell client of refocused element
        https://bugs.webkit.org/show_bug.cgi?id=208880

        Reviewed by Wenson Hsieh.

        If the specified new focus element is non-nullptr and is already focused then tell the client
        that the element was re-focused so that it may update its input state, if needed. On iOS, this
        lets the UI process evaluate again whether to start an input session (i.e. bring up the keyboard),
        which may have been disallowed when the element was originally focused (say, it was programmatically
        focused and there was no hardware keyboard attached).

        * page/FocusController.cpp:
        (WebCore::FocusController::setFocusedElement):

2020-03-12  Rob Buis  <rbuis@igalia.com>

        Implement wildcard behavior for Cross-Origin-Expose-Headers
        https://bugs.webkit.org/show_bug.cgi?id=208800

        Reviewed by Youenn Fablet.

        Implement wildcard behavior for Cross-Origin-Expose-Headers [1] while also
        checking for credentials mode.

        Test: imported/w3c/web-platform-tests/xhr/cors-expose-star.sub.any.html

        [1] https://fetch.spec.whatwg.org/#ref-for-concept-response-cors-exposed-header-name-list%E2%91%A2

        * Modules/fetch/FetchResponse.cpp:
        (WebCore::FetchResponse::create):
        (WebCore::FetchResponse::BodyLoader::didReceiveResponse):
        (WebCore::FetchResponse::BodyLoader::start):
        * Modules/fetch/FetchResponse.h:
        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::didReceiveResponse):
        (WebCore::DocumentThreadableLoader::didFinishLoading):
        * platform/network/ResourceResponseBase.cpp:
        (WebCore::ResourceResponseBase::filter):
        (WebCore::ResourceResponseBase::sanitizeHTTPHeaderFieldsAccordingToTainting):
        * platform/network/ResourceResponseBase.h:

2020-03-12  youenn fablet  <youenn@apple.com>

        Remove no longer used code in LibWebRTCMediaEndpoint to handle remote streams
        https://bugs.webkit.org/show_bug.cgi?id=208919

        Reviewed by Eric Carlson.

        These stream APIs are legacy now and not useful anymore.
        Stop implementing the corresponding callbacks and remove related code.
        Coverd by existing tests.

        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCMediaEndpoint::addRemoteStream): Deleted.
        (WebCore::LibWebRTCMediaEndpoint::addRemoteTrack): Deleted.
        (WebCore::LibWebRTCMediaEndpoint::OnAddStream): Deleted.
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.h:

2020-03-12  Pavel Feldman  <pavel.feldman@gmail.com>

        [Curl] sort out MS vs Seconds confusion in Cookies
        https://bugs.webkit.org/show_bug.cgi?id=208964

        Reviewed by Don Olmstead.

        Making sure curl parser is storing expires using millis in the code. Using consistent time
        functions around the changed code.
 
        * platform/network/curl/CookieJarDB.cpp:
        (WebCore::CookieJarDB::searchCookies):
        (WebCore::CookieJarDB::getAllCookies):
        (WebCore::CookieJarDB::setCookie):
        * platform/network/curl/CookieUtil.cpp:
        (WebCore::CookieUtil::parseExpiresMS):
        (WebCore::CookieUtil::parseCookieAttributes):

2020-03-12  youenn fablet  <youenn@apple.com>

        Move AudioSession interruption listener code to AudioSession
        https://bugs.webkit.org/show_bug.cgi?id=208714

        Reviewed by Jer Noble.

        Move AudioSession interruption detection code from MediaSessionManagerIOS helper to AudioSessionIOS.
        Add interruption observer capabilities to AudioSession and make MediaSessionManagerIOS an observer of it.
        Manually tested.

        * platform/audio/AudioSession.cpp:
        (WebCore::AudioSession::addInterruptionObserver):
        (WebCore::AudioSession::removeInterruptionObserver):
        (WebCore::AudioSession::beginInterruption):
        (WebCore::AudioSession::endInterruption):
        * platform/audio/AudioSession.h:
        * platform/audio/ios/AudioSessionIOS.mm:
        (-[WebInterruptionObserverHelper initWithCallback:]):
        (-[WebInterruptionObserverHelper dealloc]):
        (-[WebInterruptionObserverHelper clearCallback]):
        (-[WebInterruptionObserverHelper interruption:]):
        (WebCore::AudioSessionPrivate::AudioSessionPrivate):
        (WebCore::AudioSessionPrivate::~AudioSessionPrivate):
        (WebCore::AudioSession::addInterruptionObserver):
        (WebCore::AudioSession::removeInterruptionObserver):
        (WebCore::AudioSession::beginInterruption):
        (WebCore::AudioSession::endInterruption):
        * platform/audio/ios/MediaSessionHelperIOS.h:
        * platform/audio/ios/MediaSessionHelperIOS.mm:
        (-[WebMediaSessionHelper initWithCallback:]):
        * platform/audio/ios/MediaSessionManagerIOS.h:
        * platform/audio/ios/MediaSessionManagerIOS.mm:
        (WebCore::MediaSessionManageriOS::MediaSessionManageriOS):
        (WebCore::MediaSessionManageriOS::~MediaSessionManageriOS):
        (WebCore::MediaSessionManageriOS::providePresentingApplicationPIDIfNecessary):

2020-03-12  Antti Koivisto  <antti@apple.com>

        Accurate style invalidation for user action pseudo classes
        https://bugs.webkit.org/show_bug.cgi?id=208859
        <rdar://problem/55196888>

        Reviewed by Zalan Bujtas.

        Currently :hover, :focus, :focus-within and :active lack fine grained invalidation using
        rule sets like we do with class and attribute selectors.

        This can be added easily following the same pattern.

        Tests: fast/selectors/style-invalidation-hover-change-descendants.html
               fast/selectors/style-invalidation-hover-change-siblings.html
               fast/selectors/style-invalidation-focus-change-descendants.html
               fast/selectors/style-invalidation-focus-change-siblings.html
               fast/selectors/style-invalidation-focus-within-change-descendants.html
               fast/selectors/style-invalidation-focus-within-change-siblings.html

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * dom/Element.cpp:
        (WebCore::Element::setActive):
        (WebCore::Element::setFocus):
        (WebCore::Element::setHasFocusWithin):
        (WebCore::Element::setHovered):

        Use PseudoClassChangeInvalidation.

        * dom/Element.h:
        (WebCore::Element::setHasFocusWithin): Deleted.
        * page/FrameViewLayoutContext.cpp:
        (WebCore::RenderTreeNeedsLayoutChecker::~RenderTreeNeedsLayoutChecker):
        * style/PseudoClassChangeInvalidation.cpp: Added.
        (WebCore::Style::PseudoClassChangeInvalidation::computeInvalidation):

        Compute invalidation rule set for a pseudo class change.

        (WebCore::Style::PseudoClassChangeInvalidation::invalidateStyleWithRuleSets):
        * style/PseudoClassChangeInvalidation.h: Added.
        (WebCore::Style::PseudoClassChangeInvalidation::PseudoClassChangeInvalidation):
        (WebCore::Style::PseudoClassChangeInvalidation::~PseudoClassChangeInvalidation):
        * style/RuleFeature.cpp:
        (WebCore::Style::RuleFeatureSet::recursivelyCollectFeaturesFromSelector):
        (WebCore::Style::RuleFeatureSet::collectFeatures):

        Collect pseudo class features, similar to classes/attributes.

        (WebCore::Style::RuleFeatureSet::add):
        (WebCore::Style::RuleFeatureSet::clear):
        (WebCore::Style::RuleFeatureSet::shrinkToFit):
        * style/RuleFeature.h:
        * style/StyleScopeRuleSets.cpp:
        (WebCore::Style::ScopeRuleSets::collectFeatures const):
        (WebCore::Style::ensureInvalidationRuleSets):

        Make more generic to allow enum key.

        (WebCore::Style::ScopeRuleSets::pseudoClassInvalidationRuleSets const):

        Create pseudo class invalidation ruleset.

        * style/StyleScopeRuleSets.h:

2020-03-12  Said Abou-Hallawa  <sabouhallawa@apple.com>

        [GPU Process] GraphicsContextStateChange must accumulate fill and stroke fields as single properties
        https://bugs.webkit.org/show_bug.cgi?id=208971

        Reviewed by Simon Fraser.

        Setting the fill or the stroke should set one field: color, gradient or
        pattern. When detecting a change any of them, accumulate() should copy
        all of the fields from the source state to the destination state.

        * platform/graphics/GraphicsContext.cpp:
        (WebCore::GraphicsContextStateChange::accumulate):
        * platform/graphics/GraphicsContext.h:

2020-03-11  Antoine Quint  <graouts@webkit.org>

        AnimationTimeline should not have multiple HashMaps with raw Element* keys
        https://bugs.webkit.org/show_bug.cgi?id=208079
        <rdar://problem/59687906>

        Reviewed by Ryosuke Niwa.

        We introduce a new ElementAnimationRareData class that holds the KeyframeEffectStack previously owned by ElementRareData as well as a few maps and lists
        owned by AnimationTimeline which would use raw Element pointers as keys. Specifically, this is what changed:

        - AnimationTimeline::m_elementToRunningCSSTransitionByCSSPropertyID → ElementAnimationRareData::runningTransitionByProperty()
        - AnimationTimeline::m_elementToCompletedCSSTransitionByCSSPropertyID → ElementAnimationRareData::completedTransitionByProperty()
        - AnimationTimeline::m_elementToCSSAnimationsCreatedByMarkupMap → ElementAnimationRareData::animationsCreatedByMarkup()
        - AnimationTimeline::m_elementToCSSTransitionsMap → ElementAnimationRareData::transitions()
        - AnimationTimeline::m_elementToCSSAnimationsMap → ElementAnimationRareData::cssAnimations()
        - AnimationTimeline::m_elementToAnimationsMap → ElementAnimationRareData::webAnimations()

        For convenience, these new members are exposed via Element directly.

        No change in behavior, so no new tests.

        * Headers.cmake:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * animation/AnimationPlaybackEventInit.h:
        * animation/AnimationTimeline.cpp:
        (WebCore::AnimationTimeline::animationWasAddedToElement):
        (WebCore::removeCSSTransitionFromMap):
        (WebCore::AnimationTimeline::animationWasRemovedFromElement):
        (WebCore::AnimationTimeline::removeDeclarativeAnimationFromListsForOwningElement):
        (WebCore::AnimationTimeline::animationsForElement const):
        (WebCore::AnimationTimeline::removeCSSAnimationCreatedByMarkup):
        (WebCore::AnimationTimeline::willDestroyRendererForElement):
        (WebCore::AnimationTimeline::elementWasRemoved):
        (WebCore::AnimationTimeline::cancelDeclarativeAnimationsForElement):
        (WebCore::AnimationTimeline::updateCSSAnimationsForElement):
        (WebCore::propertyInStyleMatchesValueForTransitionInMap):
        (WebCore::AnimationTimeline::updateCSSTransitionsForElementAndProperty):
        (WebCore::AnimationTimeline::updateCSSTransitionsForElement):
        (WebCore::removeAnimationFromMapForElement): Deleted.
        (WebCore::AnimationTimeline::ensureRunningTransitionsByProperty): Deleted.
        * animation/AnimationTimeline.h:
        * animation/ComputedEffectTiming.h:
        * animation/DocumentTimeline.cpp:
        (WebCore::DocumentTimeline::transitionDidComplete):
        * animation/ElementAnimationRareData.cpp: Copied from Source/WebCore/animation/ComputedEffectTiming.h.
        (WebCore::ElementAnimationRareData::ElementAnimationRareData):
        (WebCore::ElementAnimationRareData::~ElementAnimationRareData):
        (WebCore::ElementAnimationRareData::ensureKeyframeEffectStack):
        * animation/ElementAnimationRareData.h: Added.
        (WebCore::ElementAnimationRareData::keyframeEffectStack):
        (WebCore::ElementAnimationRareData::webAnimations):
        (WebCore::ElementAnimationRareData::cssAnimations):
        (WebCore::ElementAnimationRareData::transitions):
        (WebCore::ElementAnimationRareData::animationsCreatedByMarkup):
        (WebCore::ElementAnimationRareData::setAnimationsCreatedByMarkup):
        (WebCore::ElementAnimationRareData::completedTransitionByProperty):
        (WebCore::ElementAnimationRareData::runningTransitionsByProperty):
        * animation/KeyframeEffect.h:
        * animation/OptionalEffectTiming.h:
        * animation/WebAnimation.h:
        * animation/WebAnimationTypes.h: Copied from Source/WebCore/animation/WebAnimationUtilities.h.
        (WebCore::WebAnimationsMarkableDoubleTraits::isEmptyValue):
        (WebCore::WebAnimationsMarkableDoubleTraits::emptyValue):
        * animation/WebAnimationUtilities.h:
        (WebCore::WebAnimationsMarkableDoubleTraits::isEmptyValue): Deleted.
        (WebCore::WebAnimationsMarkableDoubleTraits::emptyValue): Deleted.
        * dom/Element.cpp:
        (WebCore::Element::animationRareData const):
        (WebCore::Element::ensureAnimationRareData):
        (WebCore::Element::keyframeEffectStack const):
        (WebCore::Element::ensureKeyframeEffectStack):
        (WebCore::Element::hasKeyframeEffects const):
        (WebCore::Element::webAnimations):
        (WebCore::Element::cssAnimations):
        (WebCore::Element::transitions):
        (WebCore::Element::animationsCreatedByMarkup):
        (WebCore::Element::setAnimationsCreatedByMarkup):
        (WebCore::Element::completedTransitionByProperty):
        (WebCore::Element::runningTransitionsByProperty):
        * dom/Element.h:
        * dom/ElementRareData.h:
        (WebCore::ElementRareData::elementAnimationRareData):
        (WebCore::ElementRareData::useTypes const):
        (WebCore::ElementRareData::ensureAnimationRareData):
        (WebCore::ElementRareData::keyframeEffectStack): Deleted.
        (WebCore::ElementRareData::setKeyframeEffectStack): Deleted.
        * dom/Node.cpp:
        (WebCore::stringForRareDataUseType):
        * dom/NodeRareData.h:

2020-03-11  Jer Noble  <jer.noble@apple.com>

        Adopt AVSampleBufferVideoOutput
        https://bugs.webkit.org/show_bug.cgi?id=208951

        Reviewed by Eric Carlson.

        Adopt AVSampleBufferVideoOutput, used for extracting decoded samples from an AVSampleBufferDisplayLayer.

        Rather than use a separate decompression session when we need to, e.g., paint samples into WebGL, we will
        add a AVSBVO to the AVSBDL and use it to extract CVPixelBuffers when asked.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::updateLastPixelBuffer):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::acceleratedRenderingStateChanged):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::ensureLayer):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::isVideoOutputAvailable const):

2020-03-11  Andres Gonzalez  <andresg_22@apple.com>

        Removed unused textElements member from AccessibilityText structure.
        https://bugs.webkit.org/show_bug.cgi?id=208967

        Reviewed by Chris Fleizach.

        The textElements member of AccessibilityText is not used by any client
        and its computation is causing crashes in IsolatedTree mode. So this
        change removes it.

        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::AccessibilityNodeObject::titleElementText const):
        (WebCore::AccessibilityNodeObject::ariaLabeledByText const):
        * accessibility/AccessibilityObject.h:
        (WebCore::AccessibilityText::AccessibilityText):
        * accessibility/isolatedtree/AXIsolatedObject.cpp:
        (WebCore::AXIsolatedObject::initializeAttributeData):
        (WebCore::AXIsolatedObject::accessibilityText const):
        * accessibility/isolatedtree/AXIsolatedObject.h:

2020-03-11  Don Olmstead  <don.olmstead@sony.com>

        Non-unified build fixes early March 2020 edition Take 2
        https://bugs.webkit.org/show_bug.cgi?id=208968

        Unreviewed build fix.

        * editing/TextIterator.cpp:
        * editing/TextIterator.h:
        * editing/TextManipulationController.cpp:
        * editing/VisibleSelection.cpp:
        * editing/VisibleUnits.cpp:

2020-03-11  Wenson Hsieh  <wenson_hsieh@apple.com>

        Large single select elements are incorrectly sized
        https://bugs.webkit.org/show_bug.cgi?id=208966

        Reviewed by Tim Horton.

        Adjusts several size and margin values for menu lists (i.e. the default appearance of non-multiple select
        elements) to reflect recent changes in macOS. Additionally, adds a workaround for <rdar://problem/60350699>,
        which causes text inside many form controls (including select buttons) to be incorrectly sized.

        * platform/mac/ThemeMac.h:
        * platform/mac/ThemeMac.mm:
        (WebCore::ThemeMac::systemFontSizeFor):
        (WebCore::ThemeMac::controlFont const):
        * rendering/RenderThemeMac.mm:

        Replace calls to +[NSFont systemFontSizeForControlSize:] with `ThemeMac::systemFontSizeFor(NSControlSize size)`
        in order to work around <rdar://problem/60350699>.

        (WebCore::RenderThemeMac::updateCachedSystemFontDescription const):
        (WebCore::RenderThemeMac::setFontFromControlSize const):
        (WebCore::RenderThemeMac::controlSizeForSystemFont const):
        (WebCore::RenderThemeMac::popupButtonMargins const):
        (WebCore::menuListButtonSizes):

2020-03-11  Canhai Chen  <canhai_chen@apple.com>

        AX: accessibilityReplaceRange:withText: doesn't post an AXValueChanged notification like when typing with kb
        https://bugs.webkit.org/show_bug.cgi?id=208332
        <rdar://problem/58489685>

        Reviewed by Chris Fleizach.

        When accessibilityReplaceRange:withText: is called to insert or replace text, there should be a
        AXValueChanged notification posted with the correct user info to notify the AX client that the text value
        has been changed with detailed info about the change.

        Post a notification in Editor::replaceSelectionWithFragment for EditAction::Insert edit type 
        with replaced text and selection.

        Add a new test for text replacement value change notification in editable div, text input, and textarea,
        including direct text insertion and replace-and-insert.

        Test: accessibility/mac/replace-text-with-range-value-change-notification.html

        * editing/Editor.cpp:
        (WebCore::Editor::replaceSelectionWithFragment):
        * editing/ReplaceSelectionCommand.h:
        (WebCore::ReplaceSelectionCommand::documentFragmentPlainText const):

2020-03-11  Andres Gonzalez  <andresg_22@apple.com>

        AX: Isolated tree: enabling secondary thread for the wrong clients
        https://bugs.webkit.org/show_bug.cgi?id=208950

        Reviewed by Chris Fleizach.

        Removed incorrect call to _AXUIElementUseSecondaryAXThread and wrap it
        in initializeSecondaryAXThread with the appropriate checks.

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::isolatedTreeFocusedObject):
        (WebCore::AXObjectCache::initializeSecondaryAXThread):
        (WebCore::AXObjectCache::isolatedTreeRootObject):
        * accessibility/AXObjectCache.h:

2020-03-11  Jer Noble  <jer.noble@apple.com>

        [EME] Issue an "encrypted" event when a new encrypted initialization segment is encountered
        https://bugs.webkit.org/show_bug.cgi?id=208923

        Reviewed by Eric Carlson.

        When AVStreamDataParser encounters an initialization segment indicating encrypted content, it
        will issue a -streamDataParser:didProvideContentKeyRequestInitializationData:forTrackID: message
        to its delegate. If the parser is already associated with an AVContentKeySession, it will instead
        allow the session to handle the initialization segment and the delagete method will not be called.

        When the latter situation occurs, we can detect that the -didProvideRequest callback did not
        occur due to the client calling MediaKeySession.generateRequest() and therefore must have been
        due to parsing an encrypted segment. In response, store the request in a list of "unexpected"
        requests to be checked the next time a MediaKeySession tries to generateRequest(). Then, we will
        pass the initalizationData and type to HTMLMediaElement through a new client interface, where it
        will use that initializationData to issue an "encrypted" event. If the client passes that same
        initializationData back into MediaKeySession, the "unexpected" request can be found, and re-used.

        Drive-by fixes: Added a ton of debug logging messages to the CDMPrivate classes.

        * Modules/encryptedmedia/CDM.cpp:
        (WebCore::CDM::CDM):
        * Modules/encryptedmedia/CDM.h:
        * Modules/encryptedmedia/CDMClient.h:
        * Modules/encryptedmedia/MediaKeySession.cpp:
        (WebCore::MediaKeySession::create):
        (WebCore::MediaKeySession::MediaKeySession):
        * Modules/encryptedmedia/MediaKeySession.h:
        * Modules/encryptedmedia/MediaKeySystemAccess.cpp:
        (WebCore::MediaKeySystemAccess::createMediaKeys):
        * Modules/encryptedmedia/MediaKeySystemAccess.h:
        * Modules/encryptedmedia/MediaKeySystemAccess.idl:
        * Modules/encryptedmedia/MediaKeys.cpp:
        (WebCore::MediaKeys::MediaKeys):
        (WebCore::MediaKeys::createSession):
        (WebCore::MediaKeys::setServerCertificate):
        (WebCore::MediaKeys::attachCDMClient):
        (WebCore::MediaKeys::detachCDMClient):
        (WebCore::MediaKeys::attemptToResumePlaybackOnClients):
        (WebCore::MediaKeys::unrequestedInitializationDataReceived):
        (WebCore::MediaKeys::nextChildIdentifier const):
        * Modules/encryptedmedia/MediaKeys.h:
        (WebCore::MediaKeys::create): Deleted.
        (WebCore::MediaKeys::cdmInstance): Deleted.
        (WebCore::MediaKeys::cdmInstance const): Deleted.
        * Modules/encryptedmedia/MediaKeys.idl:
        * WebCore.xcodeproj/project.pbxproj:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::cdmClientUnrequestedInitializationDataReceived):
        * html/HTMLMediaElement.h:
        * platform/encryptedmedia/CDMFactory.h:
        * platform/encryptedmedia/CDMInstance.h:
        (WebCore::CDMInstance::setClient):
        (WebCore::CDMInstance::clearClient):
        (WebCore::CDMInstance::setLogger):
        * platform/encryptedmedia/CDMInstanceSession.h:
        (WebCore::CDMInstanceSession::setLogger):
        (WebCore::CDMInstanceSession::setClient):
        * platform/encryptedmedia/CDMPrivate.h:
        (WebCore::CDMPrivate::setLogger):
        * platform/graphics/avfoundation/CDMFairPlayStreaming.cpp:
        (WebCore::logChannel):
        (WebCore::CDMPrivateFairPlayStreaming::setLogger):
        (WebCore::CDMPrivateFairPlayStreaming::supportsConfiguration const):
        * platform/graphics/avfoundation/CDMFairPlayStreaming.h:
        * platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.h:
        * platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.mm:
        (WebCore::logChannel):
        (WebCore::initTypeForRequest):
        (WebCore::CDMInstanceFairPlayStreamingAVFObjC::setLogger):
        (WebCore::CDMInstanceFairPlayStreamingAVFObjC::takeUnexpectedKeyRequestForInitializationData):
        (WebCore::CDMInstanceFairPlayStreamingAVFObjC::setServerCertificate):
        (WebCore::CDMInstanceFairPlayStreamingAVFObjC::setStorageDirectory):
        (WebCore::CDMInstanceFairPlayStreamingAVFObjC::setClient):
        (WebCore::CDMInstanceFairPlayStreamingAVFObjC::clearClient):
        (WebCore::CDMInstanceFairPlayStreamingAVFObjC::didProvideRequest):
        (WebCore::CDMInstanceFairPlayStreamingAVFObjC::didProvideRequests):
        (WebCore::CDMInstanceFairPlayStreamingAVFObjC::didProvideRenewingRequest):
        (WebCore::CDMInstanceFairPlayStreamingAVFObjC::didProvidePersistableRequest):
        (WebCore::CDMInstanceFairPlayStreamingAVFObjC::didFailToProvideRequest):
        (WebCore::CDMInstanceFairPlayStreamingAVFObjC::requestDidSucceed):
        (WebCore::CDMInstanceFairPlayStreamingAVFObjC::shouldRetryRequestForReason):
        (WebCore::CDMInstanceFairPlayStreamingAVFObjC::groupSessionIdentifierChanged):
        (WebCore::CDMInstanceFairPlayStreamingAVFObjC::sessionForRequest const):
        (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::setLogger):
        (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::requestLicense):
        (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::updateLicense):
        (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::loadSession):
        (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::closeSession):
        (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::removeSessionData):
        (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::setClient):
        (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::hasRequest const):

2020-03-11  Jiewen Tan  <jiewen_tan@apple.com>

        [WebAuthn] Formalize the Keychain schema
        https://bugs.webkit.org/show_bug.cgi?id=183533
        <rdar://problem/43347926>

        Reviewed by Brent Fulgham.

        Covered by new test contents within existing files.

        * Modules/webauthn/AuthenticatorAssertionResponse.cpp:
        (WebCore::AuthenticatorAssertionResponse::create):
        (WebCore::AuthenticatorAssertionResponse::AuthenticatorAssertionResponse):
        * Modules/webauthn/AuthenticatorAssertionResponse.h:
        Modifies the constructors to accept userEntity.name.

        * Modules/webauthn/cbor/CBORValue.h:
        Adds a FIXME.

        * testing/MockWebAuthenticationConfiguration.h:
        (WebCore::MockWebAuthenticationConfiguration::LocalConfiguration::encode const):
        (WebCore::MockWebAuthenticationConfiguration::LocalConfiguration::decode):
        * testing/MockWebAuthenticationConfiguration.idl:
        Modifies the test infra to use Credential ID as the unique identifier for a credential instead of
        the original combination of RP ID and user handle.

2020-03-11  Daniel Bates  <dabates@apple.com>

        REGRESSION (r257502): HitTestLocation::HitTestLocation(const FloatPoint&, const FloatQuad&) should set m_isRectBased to true
        https://bugs.webkit.org/show_bug.cgi?id=208947

        Reviewed by Wenson Hsieh.

        Partial revert of r257502. I accidentally removed initialization of m_isRectBased when refactoring
        the code in HitTestLocation::HitTestLocation(const FloatPoint&, const FloatQuad&). Revert this to
        be faithful to the code before my change.

        * rendering/HitTestLocation.cpp:

2020-03-11  Myles C. Maxfield  <mmaxfield@apple.com>

        icloud.com Notes text in titles and headings is distorted
        https://bugs.webkit.org/show_bug.cgi?id=208908
        <rdar://problem/58874371>

        Reviewed by Zalan Bujtas.

        icloud.com Notes determines if a font has finished loading by measuring it repeatedly.
        Depending on the state of the page, we may slice the text differently in different
        circumstances. These slices are all supposed to sum together equivalently, but
        floating point precision may cause the results to be slightly off.

        WidthIterator::applyFontTransforms() was summing a large list of numbers, and then
        subtracting the same large list of numbers. A more robust design would be to sum
        it twice, and then subtract the two sums.

        Test: fast/text/shaping-width-precision.html

        * platform/graphics/WidthIterator.cpp:
        (WebCore::WidthIterator::applyFontTransforms):

2020-03-11  Zalan Bujtas  <zalan@apple.com>

        SVG filter triggers unstable layout.
        https://bugs.webkit.org/show_bug.cgi?id=207444
        rdar://problem/59297004

        Reviewed by Simon Fraser.

        SVG filter code marks DOM nodes dirty and schedules style recalc outside of the SVG root
        while in layout. This could lead to unstable layout and cause battery drain.
        (See webkit.org/b/208903)

        * rendering/RenderLayer.cpp: Remove filterNeedsRepaint(). It's a dangerously misleading name and should
        not be part of RenderLayer.
        (WebCore::RenderLayer::calculateClipRects const):
        * rendering/RenderLayer.h:
        * rendering/RenderLayerFilters.cpp:
        (WebCore::RenderLayerFilters::notifyFinished):
        * rendering/svg/RenderSVGResourceContainer.cpp:
        (WebCore::RenderSVGResourceContainer::markAllClientsForInvalidation):
        (WebCore::RenderSVGResourceContainer::markAllClientLayersForInvalidation):

2020-03-11  Antoine Quint  <graouts@webkit.org>

        [Mac wk2 Release] imported/w3c/web-platform-tests/web-animations/timing-model/animations/updating-the-finished-state.html flaky fail
        https://bugs.webkit.org/show_bug.cgi?id=206746
        <rdar://problem/58867580>

        Reviewed by Dean Jackson.

        Because we could end up in situation where localTime was very marginally smaller than endTime inside of WebAnimation::play(), we would end up
        with an unresolved hold time and we would return before calling WebAnimation::timingDidChange() and thus scheduling an animation update from
        the timeline because we'd assume it was paused. As a result, the animation would never end and the test would wait for a "finish" event which
        would never come.

        We now account for an epsilon value when comparing times to account for such situations.

        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::play):

2020-03-11  Chris Dumez  <cdumez@apple.com>

        Defer async scripts until DOMContentLoaded or first paint, whichever comes first
        https://bugs.webkit.org/show_bug.cgi?id=208896

        Reviewed by Darin Adler.

        Defer async scripts until DOMContentLoaded or first paint, whichever comes first. In
        Bug 207698, we deferred them until DOMContentLoaded, as a first-paint optimization.
        However, this seems overly aggressive on pages like wikipedia and it is sufficient
        to defer those scripts until first-paint to get the performance win.

        * dom/Document.cpp:
        (WebCore::Document::shouldDeferAsynchronousScriptsUntilParsingFinishes const):
        * page/Settings.yaml:

2020-03-11  Jack Lee  <shihchieh_lee@apple.com>

        Consolidate detachment of document timeline into Document::commonTeardown.
        https://bugs.webkit.org/show_bug.cgi?id=208786
        <rdar://problem/59936716>

        Reviewed by Ryosuke Niwa.

        Move detachment of DocumentTimeline to Document::commonTeardown(). 

        No new tests. Covered by existing document tests.

        * dom/Document.cpp:
        (WebCore::Document::removedLastRef):
        (WebCore::Document::commonTeardown):
        (WebCore::Document::prepareForDestruction):

2020-03-11  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, reverting r258263.
        https://bugs.webkit.org/show_bug.cgi?id=208922

        it is breaking internal builds (Requested by youenn on
        #webkit).

        Reverted changeset:

        "Move AudioSession interruption listener code to AudioSession"
        https://bugs.webkit.org/show_bug.cgi?id=208714
        https://trac.webkit.org/changeset/258263

2020-03-11  youenn fablet  <youenn@apple.com>

        Move AudioSession interruption listener code to AudioSession
        https://bugs.webkit.org/show_bug.cgi?id=208714

        Reviewed by Jer Noble.

        Move AudioSession interruption detection code from MediaSessionManagerIOS helper to AudioSessionIOS.
        Add interruption observer capabilities to AudioSession and make MediaSessionManagerIOS an observer of it.
        Manually tested.

        * platform/audio/AudioSession.cpp:
        (WebCore::AudioSession::addInterruptionObserver):
        (WebCore::AudioSession::removeInterruptionObserver):
        (WebCore::AudioSession::beginInterruption):
        (WebCore::AudioSession::endInterruption):
        * platform/audio/AudioSession.h:
        * platform/audio/ios/AudioSessionIOS.mm:
        (-[WebInterruptionObserverHelper initWithCallback:]):
        (-[WebInterruptionObserverHelper dealloc]):
        (-[WebInterruptionObserverHelper clearCallback]):
        (-[WebInterruptionObserverHelper interruption:]):
        (WebCore::AudioSessionPrivate::AudioSessionPrivate):
        (WebCore::AudioSessionPrivate::~AudioSessionPrivate):
        (WebCore::AudioSession::addInterruptionObserver):
        (WebCore::AudioSession::removeInterruptionObserver):
        (WebCore::AudioSession::beginInterruption):
        (WebCore::AudioSession::endInterruption):
        * platform/audio/ios/MediaSessionHelperIOS.h:
        * platform/audio/ios/MediaSessionHelperIOS.mm:
        (-[WebMediaSessionHelper initWithCallback:]):
        * platform/audio/ios/MediaSessionManagerIOS.h:
        * platform/audio/ios/MediaSessionManagerIOS.mm:
        (WebCore::MediaSessionManageriOS::MediaSessionManageriOS):
        (WebCore::MediaSessionManageriOS::~MediaSessionManageriOS):
        (WebCore::MediaSessionManageriOS::providePresentingApplicationPIDIfNecessary):

2020-03-11  Jack Lee  <shihchieh_lee@apple.com>

        Crash in KeyframeEffect::getAnimatedStyle
        https://bugs.webkit.org/show_bug.cgi?id=208318
        <rdar://problem/59848234>

        Reviewed by Antoine Quint.

        Quit getAnimatedStyle if element is rendererless.

        Test: fast/animation/keyframe-rendererless-element-crash.html

        * animation/KeyframeEffect.cpp:
        (WebCore::KeyframeEffect::getAnimatedStyle):

2020-03-11  Youenn Fablet  <youenn@apple.com>

        [iOS] Unskip fast/mediastream tests
        https://bugs.webkit.org/show_bug.cgi?id=208636

        Reviewed by Eric Carlson.

        Add label to the settings so that we correctly send this information back to WebProcess.
        Covered by existing tests.

        * platform/mediastream/mac/AVVideoCaptureSource.mm:
        (WebCore::AVVideoCaptureSource::settings):
        * platform/mock/MockRealtimeAudioSource.cpp:
        (WebCore::MockRealtimeAudioSource::settings):
        * platform/mock/MockRealtimeVideoSource.cpp:
        (WebCore::MockRealtimeVideoSource::settings):

2020-03-10  Tomoki Imai  <Tomoki.Imai@sony.com>

        [OpenSSL] Implement WebCrypto APIs for AES-CTR and AES-KW
        https://bugs.webkit.org/show_bug.cgi?id=208186

        Reviewed by Fujii Hironori.

        Added WebCrypto implementations for the following algorithms with OpenSSL.
        - AES-CTR
        - AES-KW

        Enabled WebCrypto LayoutTests for AES-CTR and AES-KW.

        * crypto/openssl/CryptoAlgorithmAES_CTROpenSSL.cpp:
        (WebCore::aesAlgorithm): Added. Helper function to select which AES-CTR algorithm to be used by checking key size.
        (WebCore::crypt): Added. Helper function shared by platformEncrypt/platformDecrypt.
        (WebCore::CryptoAlgorithmAES_CTR::platformEncrypt): Implemented.
        (WebCore::CryptoAlgorithmAES_CTR::platformDecrypt): Implemented.
        * crypto/openssl/CryptoAlgorithmAES_KWOpenSSL.cpp:
        (WebCore::aesAlgorithm): Added. Helper function to select which AES-KW algorithm to be used by checking key size.
        (WebCore::cryptWrapKey):  Added. Helper function for platformWrapKey.
        (WebCore::cryptUnwrapKey): Added. Helper function for platformUnwrapKey.
        (WebCore::CryptoAlgorithmAES_KW::platformWrapKey): Implemented.
        (WebCore::CryptoAlgorithmAES_KW::platformUnwrapKey): Implemented.
        * crypto/openssl/CryptoAlgorithmRegistryOpenSSL.cpp:
        (WebCore::CryptoAlgorithmRegistry::platformRegisterAlgorithms): Registered CryptoAlgorithmAES_CTR and CryptoAlgorithmAES_KW.

2020-03-10  Don Olmstead  <don.olmstead@sony.com>

        [GPU Process] Work towards compiling out on non-Cocoa ports
        https://bugs.webkit.org/show_bug.cgi?id=208899

        Reviewed by Darin Adler.

        Add in additional headers required for GPU Process build.

        * Headers.cmake:

2020-03-08  Darin Adler  <darin@apple.com>

        Make TextIterator::range return a SimpleRange
        https://bugs.webkit.org/show_bug.cgi?id=208797

        Reviewed by Don Olmstead.

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::traverseToOffsetInRange): Updated since
        TextIterator::range returns a SimpleRange. Also use TextIterator::node where
        appropriate instead of repeating the code for it here.
        (WebCore::AXObjectCache::lengthForRange): Use TextIterator::node.

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::stringForRange const): Use TextIterator::node.
        (WebCore::AccessibilityObject::stringForVisiblePositionRange): Ditto.
        (WebCore::AccessibilityObject::lengthForVisiblePositionRange const): Ditto.

        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper arrayOfTextForTextMarkers:attributed:]):
        Use TextIterator::node and createLiveRange.

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm: Added include
        of SimpleRange and removed "using namespace HTMLNames".
        (AXAttributeStringSetStyle): Use HTMLNames namespace explicitly.
        (-[WebAccessibilityObjectWrapper doAXAttributedStringForTextMarkerRange:spellCheck:]):
        Use TextIterator::node.
        (-[WebAccessibilityObjectWrapper subrole]): Use HTMLNames namespace explicitly.

        * dom/DocumentMarkerController.cpp:
        (WebCore::DocumentMarkerController::collectTextRanges): Use createLiveRange
        here since we don't want to convert move the class to SimpleRange at this time.

        * dom/Position.cpp: Added include of Range.h.

        * dom/RangeBoundaryPoint.h: Removed a bogus "const" on the return value of
        RangeBoundaryPoint::toPosition.

        * editing/TextIterator.cpp:
        (WebCore::BitStack::BitStack): Deleted.
        (WebCore::BitStack::size const): Deleted.
        (WebCore::TextIterator::range const): Return a SimpleRange.
        (WebCore::TextIterator::node const): Updated for the above.
        (WebCore::CharacterIterator::range const): Use SimpleRange right up until the
        return statement, where we do createLiveRange. Will come back and remove that soon.
        (WebCore::TextIterator::rangeFromLocationAndLength): Use createLiveRange in
        one place, SimpleRange in another.

        * editing/TextIterator.h: Removed include of "Range.h" since we can just use
        a forward declaration instead. Removed unneeded forward declarations. Simplified
        the BitStack and TextIteratorCopyableText classes by initializing data members
        and removing explicit definitions of the constructors and destructors. Took out
        a stray "explicit" that wasn't needed. Changed the return value of
        TextIterator::range to SimpleRange.

        * editing/TextManipulationController.cpp:
        (WebCore::ParagraphContentIterator::ParagraphContentIterator): Call
        createLiveRange.
        (WebCore::ParagraphContentIterator::advance): Ditto.
        (WebCore::ParagraphContentIterator::startPosition): Ditto.
        (WebCore::ParagraphContentIterator::endPosition): Ditto.

        * editing/cocoa/DataDetection.mm:
        (WebCore::DataDetection::detectContentInRange): Use createLiveRange.

        * editing/cocoa/HTMLConverter.mm:
        (WebCore::editingAttributedStringFromRange): Use SimpleRange instead
        of a live range.

2020-03-10  Simon Fraser  <simon.fraser@apple.com>

        Track "scrolling scope" on RenderLayers
        https://bugs.webkit.org/show_bug.cgi?id=208620

        Reviewed by Zalan Bujtas.
        
        The scrolling scope code added in r257920 failed to recompute m_contentsScrollingScope
        when hasCompositedScrollableOverflow() changed, causing bugs on gmail.

        Recompute the m_contentsScrollingScope to match or not match the m_boxScrollingScope
        based on whether the layer is composited-scrollable.

        Test: fast/scrolling/mac/absolute-in-overflow-scroll-dynamic.html

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::updateLayerPosition):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::isScrolledByOverflowScrollLayer):

2020-03-10  Don Olmstead  <don.olmstead@sony.com>

        Non-unified build fixes early March 2020 edition
        https://bugs.webkit.org/show_bug.cgi?id=208897

        Unreviewed build fix.

        * Modules/mediacontrols/MediaControlsHost.h:
        * dom/BoundaryPoint.h:
        * dom/StaticRange.cpp:
        * editing/FrameSelection.cpp:
        * loader/cache/CachedResourceRequest.cpp:
        * page/scrolling/ScrollingTreeFrameScrollingNode.h:

2020-03-10  Jack Lee  <shihchieh_lee@apple.com>

        Nullptr crash in CompositeEditCommand::moveParagraphWithClones when indenting non-enclosed elements.
        https://bugs.webkit.org/show_bug.cgi?id=208628
        <rdar://problem/52011509>

        Reviewed by Ryosuke Niwa.

        When indenting a non-enclosed paragraph, quit if start of contents is not a descendant or sibling of outer block.

        Test: fast/editing/indent-non-enclosed-element-crash.html

        * editing/IndentOutdentCommand.cpp:
        (WebCore::IndentOutdentCommand::indentIntoBlockquote):

2020-03-10  Stephan Szabo  <stephan.szabo@sony.com>

        [PlayStation] incomplete type 'WebCore::ScrollingStateFrameScrollingNode' named in nested name specifier
        https://bugs.webkit.org/show_bug.cgi?id=208882

        Reviewed by Simon Fraser.

        No new tests, build fix.

        * page/scrolling/ScrollingTreeScrollingNode.cpp:
          Add include of ScrollingStateFrameScrollingNode
          when ENABLE(SCROLLING_THREAD) is true.

2020-03-10  Alex Christensen  <achristensen@webkit.org>

        Build fix.

        * platform/audio/ios/MediaSessionHelperIOS.mm:
        (MediaSessionHelperiOS::providePresentingApplicationPID):
        Fix an unused parameter warning.

2020-03-10  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r257920): inbox flickers and disappears when scrolling gmail
        https://bugs.webkit.org/show_bug.cgi?id=208883
        rdar://problem/60287447

        Partially revert r257920 since it caused gmail scrolling flickers.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::isScrolledByOverflowScrollLayer):

2020-03-10  Dean Jackson  <dino@apple.com>

        Set important EGL context attributes
        https://bugs.webkit.org/show_bug.cgi?id=208724
        <rdar://problem/60168306>

        Temporarily revert r258025 while investigating a crash.

        * platform/graphics/cocoa/GraphicsContextGLOpenGLCocoa.mm:
        (WebCore::GraphicsContextGLOpenGL::GraphicsContextGLOpenGL):

2020-03-10  youenn fablet  <youenn@apple.com>

        Make sure that ServiceWorkerFrameLoaderClient lifetime exceeds its frame lifetime
        https://bugs.webkit.org/show_bug.cgi?id=208855
        <rdar://problem/60187332>

        Reviewed by Geoffrey Garen.

        Add lifetime management of the loader client to SWContextManager instead of its connection, which has a shorter lifetime.
        No JS observable change of behavior.

        * workers/service/context/SWContextManager.cpp:
        (WebCore::SWContextManager::addServiceWorkerFrameLoaderClient):
        (WebCore::SWContextManager::removeServiceWorkerFrameLoaderClient):
        * workers/service/context/SWContextManager.h:

2020-03-10  Jer Noble  <jer.noble@apple.com>

        Add logging for Modern EME methods.
        https://bugs.webkit.org/show_bug.cgi?id=205519

        Reviewed by Eric Carlson.

        * Modules/encryptedmedia/MediaKeySession.cpp:
        (WebCore::MediaKeySession::create):
        (WebCore::MediaKeySession::MediaKeySession):
        (WebCore::MediaKeySession::generateRequest):
        (WebCore::MediaKeySession::load):
        (WebCore::MediaKeySession::update):
        (WebCore::MediaKeySession::close):
        (WebCore::MediaKeySession::remove):
        (WebCore::MediaKeySession::sessionClosed):
        (WebCore::MediaKeySession::logChannel const):
        * Modules/encryptedmedia/MediaKeySession.h:
        * Modules/encryptedmedia/MediaKeys.cpp:
        (WebCore::MediaKeys::createSession):
        (WebCore::MediaKeys::setServerCertificate):
        * Modules/encryptedmedia/MediaKeys.h:
        * Modules/encryptedmedia/MediaKeys.idl:
        * Modules/encryptedmedia/NavigatorEME.cpp:
        (WTF::LogArgument<Vector<T>>::toString):
        (WTF::LogArgument<Optional<T>>::toString):
        (WebCore::NavigatorEME::requestMediaKeySystemAccess):
        (WebCore::tryNextSupportedConfiguration):
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/encryptedmedia/CDMLogging.cpp: Added.
        (WebCore::toJSONObject):
        (WebCore::toJSONString):
        (WTF::LogArgument<WebCore::CDMKeySystemConfiguration>::toString):
        (WTF::LogArgument<WebCore::CDMMediaCapability>::toString):
        (WTF::LogArgument<WebCore::CDMRestrictions>::toString):
        (WTF::LogArgument<WebCore::CDMEncryptionScheme>::toString):
        (WTF::LogArgument<WebCore::CDMKeyStatus>::toString):
        (WTF::LogArgument<WebCore::CDMMessageType>::toString):
        (WTF::LogArgument<WebCore::CDMRequirement>::toString):
        (WTF::LogArgument<WebCore::CDMSessionType>::toString):
        * platform/encryptedmedia/CDMLogging.h: Added.
        * platform/mediastream/libwebrtc/LibWebRTCProviderCocoa.cpp:

2020-03-10  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Remove the special DisplayList handling in CanvasRenderingContext2DBase
        https://bugs.webkit.org/show_bug.cgi?id=208828

        Reviewed by Myles C. Maxfield.

        Remove DisplayListDrawingContext and use DisplayList::DrawingContext
        instead. Remove 'tracksDisplayListReplay' since it is always 'false'.
        Remove contextDisplayListMap() since items are added to it only if
        'tracksDisplayListReplay' is true which never happens.

        * html/CustomPaintCanvas.cpp:
        (WebCore::CustomPaintCanvas::getContext):
        * html/canvas/CanvasRenderingContext2DBase.cpp:
        (WebCore::CanvasRenderingContext2DBase::~CanvasRenderingContext2DBase):
        (WebCore::CanvasRenderingContext2DBase::paintRenderingResultsToCanvas):
        (WebCore::CanvasRenderingContext2DBase::drawingContext const):
        (WebCore::DisplayListDrawingContext::DisplayListDrawingContext): Deleted.
        (WebCore::contextDisplayListMap): Deleted.
        (WebCore::CanvasRenderingContext2DBase::setTracksDisplayListReplay): Deleted.
        (WebCore::CanvasRenderingContext2DBase::displayListAsText const): Deleted.
        (WebCore::CanvasRenderingContext2DBase::replayDisplayListAsText const): Deleted.
        * html/canvas/CanvasRenderingContext2DBase.h:
        (WebCore::CanvasRenderingContext2DBase::tracksDisplayListReplay const): Deleted.
        * platform/graphics/displaylists/DisplayListDrawingContext.h:

2020-03-10  Jer Noble  <jer.noble@apple.com>

        [MSE] Use CMSampleBufferGetOutputPresentationTimeStamp / CMSampleBufferGetOutputDuration for all presentation times and durations
        https://bugs.webkit.org/show_bug.cgi?id=208827

        Reviewed by Eric Carlson.

        CMSampleBufferGetOutputPresentationTimeStamp takes into account pre-roll trim durations and
        movie edit lists, and as such, should be used as the "correct" value for "presentation
        time".

        outputPresentationTime() is inconsistently used, so rather than replacing all references of
        outputPresentationTime() with presentationTime(), simply redefine presetationTime() in terms
        of CMSampleBufferGetPresentationTimeStamp() and remove outputPresentationTime() entirely.

        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::updateMinimumUpcomingPresentationTime):
        * platform/MediaSample.h:
        (WebCore::MediaSample::outputPresentationTime const): Deleted.
        (WebCore::MediaSample::outputDuration const): Deleted.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::calculateTimelineOffset):
        * platform/graphics/avfoundation/objc/MediaSampleAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm:
        (WebCore::MediaSampleAVFObjC::presentationTime const):
        (WebCore::MediaSampleAVFObjC::duration const):
        (WebCore::MediaSampleAVFObjC::outputDuration const):
        (WebCore::MediaSampleAVFObjC::dump const):
        (WebCore::MediaSampleAVFObjC::toJSONString const):
        (WebCore::MediaSampleAVFObjC::outputPresentationTime const): Deleted.
        * platform/mediastream/RealtimeVideoCaptureSource.cpp:
        (WebCore::RealtimeVideoCaptureSource::adaptVideoSample):

2020-03-10  Chris Dumez  <cdumez@apple.com>

        Add release logging for when a navigation by a third-party (or untrusted) iframe is blocked
        https://bugs.webkit.org/show_bug.cgi?id=208863

        Reviewed by Youenn Fablet.

        Add release logging for when a navigation by a third-party (or untrusted) iframe is blocked, to
        help identify potential regressions in behavior.

        * dom/Document.cpp:
        (WebCore::Document::canNavigate):
        (WebCore::Document::frameID const):
        (WebCore::Document::isAlwaysOnLoggingAllowed const):
        * dom/Document.h:

2020-03-10  youenn fablet  <youenn@apple.com>

        Remove SampleBufferDisplayLayer sync IPC
        https://bugs.webkit.org/show_bug.cgi?id=208804

        Reviewed by Eric Carlson.

        Add an initialize method to initialize the sample buffer display layer.
        It takes a completion handler so that the initialization can be asynchronous.
        Update the player to, on initialization callback, create the necessary observers and hook the fullscreen manager.

        Update MediaPlayerPrivateMediaStreamAVFObjC to no longer expose rootLayer and rootLayerBoundsDidChange.
        This was used by the root layer observer.
        Instead, pass the root layer to the observer when starting the observer and pass a callback to the observer.
        Covered by existing tests.

        * platform/graphics/avfoundation/SampleBufferDisplayLayer.cpp:
        (WebCore::SampleBufferDisplayLayer::create):
        * platform/graphics/avfoundation/SampleBufferDisplayLayer.h:
        * platform/graphics/avfoundation/objc/LocalSampleBufferDisplayLayer.h:
        * platform/graphics/avfoundation/objc/LocalSampleBufferDisplayLayer.mm:
        (WebCore::LocalSampleBufferDisplayLayer::create):
        (WebCore::LocalSampleBufferDisplayLayer::LocalSampleBufferDisplayLayer):
        (WebCore::LocalSampleBufferDisplayLayer::initialize):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
        (-[WebRootSampleBufferBoundsChangeListener initWithCallback:]):
        (-[WebRootSampleBufferBoundsChangeListener invalidate]):
        (-[WebRootSampleBufferBoundsChangeListener begin:]):
        (-[WebRootSampleBufferBoundsChangeListener stop]):
        (-[WebRootSampleBufferBoundsChangeListener observeValueForKeyPath:ofObject:change:context:]):
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::MediaPlayerPrivateMediaStreamAVFObjC):
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayers):
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateDisplayLayer):
        (-[WebRootSampleBufferBoundsChangeListener initWithParent:]): Deleted.
        (-[WebRootSampleBufferBoundsChangeListener begin]): Deleted.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::rootLayer const): Deleted.

2020-03-09  Carlos Garcia Campos  <cgarcia@igalia.com>

        [Cairo] Use std::unique_ptr for cairo_path_t
        https://bugs.webkit.org/show_bug.cgi?id=208808

        Reviewed by Sergio Villar Senin.

        * platform/graphics/cairo/CairoOperations.cpp:
        (WebCore::Cairo::clipForPatternFilling):
        (WebCore::Cairo::drawPathShadow):
        * platform/graphics/cairo/CairoUniquePtr.h:
        (WebCore::CairoPtrDeleter<cairo_path_t>::operator() const):
        * platform/graphics/cairo/CairoUtilities.cpp:
        (WebCore::appendPathToCairoContext):
        * platform/graphics/cairo/PathCairo.cpp:
        (WebCore::Path::Path):
        (WebCore::Path::operator=):
        (WebCore::Path::addPath):
        (WebCore::Path::applySlowCase const):

2020-03-10  Carlos Garcia Campos  <cgarcia@igalia.com>

        [Cairo] Remove PlatformPathCairo
        https://bugs.webkit.org/show_bug.cgi?id=208807

        Reviewed by Darin Adler.

        We have a class CairoPath defined in PlatformPathCairo.h that simply wraps a cairo_t. We can use the cairo_t
        directly as PlatformPath and simplify the cairo path implementation.

        * platform/SourcesCairo.txt:
        * platform/graphics/Path.h:
        (WebCore::Path::platformPath const):
        * platform/graphics/cairo/CairoOperations.cpp:
        (WebCore::Cairo::fillRectWithRoundedHole):
        (WebCore::Cairo::fillPath):
        (WebCore::Cairo::strokePath):
        (WebCore::Cairo::clipPath):
        * platform/graphics/cairo/CairoUtilities.cpp:
        (WebCore::appendWebCorePathToCairoContext):
        * platform/graphics/cairo/FontCairo.cpp:
        (WebCore::Font::platformPathForGlyph const):
        * platform/graphics/cairo/PathCairo.cpp:
        (WebCore::Path::Path):
        (WebCore::Path::ensurePlatformPath):
        (WebCore::Path::operator=):
        (WebCore::Path::clear):
        (WebCore::Path::isEmptySlowCase const):
        (WebCore::Path::currentPointSlowCase const):
        (WebCore::Path::translate):
        (WebCore::Path::moveToSlowCase):
        (WebCore::Path::addLineToSlowCase):
        (WebCore::Path::addRect):
        (WebCore::Path::addQuadCurveTo):
        (WebCore::Path::addBezierCurveTo):
        (WebCore::Path::addArcSlowCase):
        (WebCore::Path::addArcTo):
        (WebCore::Path::addEllipse):
        (WebCore::Path::addPath):
        (WebCore::Path::closeSubpath):
        (WebCore::Path::boundingRectSlowCase const):
        (WebCore::Path::strokeBoundingRect const):
        (WebCore::Path::contains const):
        (WebCore::Path::strokeContains const):
        (WebCore::Path::applySlowCase const):
        (WebCore::Path::transform):
        * platform/graphics/cairo/PlatformPathCairo.cpp: Removed.
        * platform/graphics/cairo/PlatformPathCairo.h: Removed.

2020-03-10  youenn fablet  <youenn@apple.com>

        [iOS] Make sure a MediStreamTrack clone does not interrupt the being cloned track
        https://bugs.webkit.org/show_bug.cgi?id=208634

        Reviewed by Eric Carlson.

        Covered by reenabled tests.

        * platform/mediastream/RealtimeMediaSourceFactory.h:
        (WebCore::SingleSourceFactory::activeSource): .

2020-03-10  youenn fablet  <youenn@apple.com>

        Remove sync IPC when creating a remote capture source
        https://bugs.webkit.org/show_bug.cgi?id=208816

        Reviewed by Eric Carlson.

        Add a whenInitialized method to allow for async creation of realtime media source.
        Use this method when creating a MediaStream for getUserMedia/getDisplayMedia.
        Covered by existing tests.

        * platform/mediastream/MediaStreamPrivate.cpp:
        (WebCore::MediaStreamPrivate::create):
        * platform/mediastream/MediaStreamPrivate.h:
        * platform/mediastream/RealtimeMediaSource.h:
        * platform/mediastream/RealtimeMediaSourceCenter.cpp:
        (WebCore::RealtimeMediaSourceCenter::createMediaStream):

2020-03-10  Philippe Normand  <pnormand@igalia.com>

        Unreviewed, !USE(GSTREAMER_GL) build fix after r258197.
        
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::GstVideoFrameHolder::platformLayerBuffer):

2020-03-10  Philippe Normand  <philn@igalia.com>

        [GStreamer][GL] External OES textures rendering support
        https://bugs.webkit.org/show_bug.cgi?id=208572

        Reviewed by Žan Doberšek.

        For hardware that contains native YUV samplers, some drivers may
        only support external-oes import of YUV textures, so by supporting
        this texture target in the MediaPlayer we can avoid some costly
        operations in the pipeline.

        * platform/graphics/gstreamer/GLVideoSinkGStreamer.cpp:
        (webKitGLVideoSinkSetMediaPlayerPrivate):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::GstVideoFrameHolder::GstVideoFrameHolder):
        (WebCore::GstVideoFrameHolder::platformLayerBuffer):
        (WebCore::MediaPlayerPrivateGStreamer::paint):
        * platform/graphics/gstreamer/VideoTextureCopierGStreamer.cpp:
        (WebCore::VideoTextureCopierGStreamer::copyVideoTextureToPlatformTexture):
        * platform/graphics/texmap/TextureMapperGL.cpp:
        (WebCore::TextureMapperGL::drawTexturedQuadWithProgram):
        (WebCore::TextureMapperGL::drawTextureExternalOES):
        * platform/graphics/texmap/TextureMapperGL.h:
        * platform/graphics/texmap/TextureMapperPlatformLayerBuffer.cpp:
        (WebCore::TextureMapperPlatformLayerBuffer::clone):
        (WebCore::TextureMapperPlatformLayerBuffer::paintToTextureMapper):
        * platform/graphics/texmap/TextureMapperPlatformLayerBuffer.h:
        * platform/graphics/texmap/TextureMapperShaderProgram.cpp:
        (WebCore::TextureMapperShaderProgram::create):
        * platform/graphics/texmap/TextureMapperShaderProgram.h:

2020-03-10  Rob Buis  <rbuis@igalia.com>

        Align with Origin header changes
        https://bugs.webkit.org/show_bug.cgi?id=199261

        Reviewed by Darin Adler.

        Call generateOriginHeader in more places so that we comply
        more with "append a request `Origin` header" algorithm [1].

        Test: imported/w3c/web-platform-tests/fetch/origin/assorted.window.html

        [1] https://fetch.spec.whatwg.org/#append-a-request-origin-header

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::submitForm):
        * loader/cache/CachedResourceRequest.cpp:
        (WebCore::CachedResourceRequest::updateReferrerOriginAndUserAgentHeaders):

2020-03-09  Yusuke Suzuki  <ysuzuki@apple.com>

        REGRESSION: (r257905) [ Mac wk2 Debug ] ASSERTION FAILED: !m_isolatedWorld->isNormal() || m_wrapper || !m_jsFunction
        https://bugs.webkit.org/show_bug.cgi?id=208642

        Reviewed by Darin Adler.

        This patch fixes stale assertions and comments in JSEventListener.h, which has various problems.

        1. This assertion is saying, "If m_wrapper is dead, m_jsFunction must be dead". This is wrong. Given that we have conservative
           GC, JSC never guarantees such a condition. Even if m_wrapper is dead, m_jsFunction can be alive by various reasons: conservative
           GC finds it, user code stores this function somewhere reachable from the root, etc.
           The reason why this wrong assertion exists here is because the JSEventListener code and assertion assume that m_jsFunction is nullptr
           when it is not initialized, and once it is initialized, it should be non nullptr. This is wrong because Weak<> can collect it if it
           is not retained. This `!m_jsFunction` check mixes "it is not initialized" and "it is already initialized but collected".
           The correct assertion should be checking `m_wrapper` and `m_jsFunction` are alive (not checking deadness, which is not guaranteed) if
           the event-listener is once initialized. This patch adds m_isInitialized member to track this status separately from `m_wrapper` and
           `m_jsFunction`.
        2. JSEventListener::jsFunction has `if (!m_jsFunction)` condition. But this is not correct. This can revive JSFunction if it is collected
           because m_wrapper is gone or some way, but this is not expected behavior. The correct way is checking `m_isInitialized`. Once the event-listener
           is initialized, keeping m_wrapper and m_jsFunction alive is the responsibility of JSEventListener's owner.
        3. The comments about "zombie m_jsFunctions" is wrong. We are using JSC::Weak<>. So if the object gets collected, it returns
           nullptr, not getting a zombie pointer.
        4. We are emitting write-barrier in a wrong order. In the heavily stressed scenario, it is possible that concurrent marking
           scans JSEventListener just after we emit the write-barrier, and this marking misses the assigned value. We must emit
           a write-barrier after the assignment. If the write-barrier code is written after the assignment, it correctly offers memory
           fence to ensure this ordering.
        5. We also remove "world is not normal, anything is allowed" assertion. The assertion is allowing non-normal world to get dead m_wrapper.
           But skipping event handlers only in non-normal world does not make sense. And it is originally added as a hack to avoid assertions
           caused by non-normal world.

        While we are not sure which test is causing, it seems that we found a real bug by fixing this assertion[1].

        [1]: https://bugs.webkit.org/show_bug.cgi?id=208798

        * bindings/js/JSEventListener.cpp:
        (WebCore::JSEventListener::JSEventListener):
        (WebCore::JSEventListener::visitJSFunction):
        * bindings/js/JSEventListener.h:
        (WebCore::JSEventListener::wrapper const):
        (WebCore::JSEventListener::setWrapperWhenInitializingJSFunction const):
        (WebCore::JSEventListener::jsFunction const):
        (WebCore::JSEventListener::setWrapper const): Deleted.
        * bindings/js/JSLazyEventListener.cpp:
        (WebCore::JSLazyEventListener::initializeJSFunction const):

2020-03-09  Zalan Bujtas  <zalan@apple.com>

        [LayoutTests] Do not expose didAddHorizontal/VerticalScrollbar and willRemoveHorizontal/VerticalScrollbar
        https://bugs.webkit.org/show_bug.cgi?id=208833
        <rdar://problem/60244801>

        Reviewed by Simon Fraser.

        didAdd* and willRemove* functions are triggered by layout. Optimal layouts can happen at any point of time.
        Tests should not rely on the number/order of layouts unless they are specifically designed
        to test e.g. lack of layouts (see internals.layoutCount).
        It's sufficient to dump the mouse entered/moved/etc actions only.

        * platform/mock/ScrollAnimatorMock.cpp:
        (WebCore::ScrollAnimatorMock::didAddVerticalScrollbar):
        (WebCore::ScrollAnimatorMock::didAddHorizontalScrollbar):
        (WebCore::ScrollAnimatorMock::willRemoveVerticalScrollbar):
        (WebCore::ScrollAnimatorMock::willRemoveHorizontalScrollbar):

2020-03-09  Simon Fraser  <simon.fraser@apple.com>

        ASSERT(!m_textCheckingRequest) on editing/spelling/spellcheck-async-remove-frame.html
        https://bugs.webkit.org/show_bug.cgi?id=126606

        Reviewed by Wenson Hsieh.

        SpellChecker's sequence numbers need to be unique between frames, because they are sent out
        to EditorClient which may be one per web view, move from a per-SpellChecker int to
        TextCheckingRequestIdentifier.

        Change terminology from "sequence" to "identifier" and use Optional in
        TextCheckingRequestData to represent the unset state.

        Tested by existing tests.

        * editing/SpellChecker.cpp:
        (WebCore::SpellCheckRequest::SpellCheckRequest):
        (WebCore::SpellCheckRequest::didSucceed):
        (WebCore::SpellCheckRequest::didCancel):
        (WebCore::SpellCheckRequest::setCheckerAndIdentifier):
        (WebCore::SpellChecker::SpellChecker):
        (WebCore::SpellChecker::requestCheckingFor):
        (WebCore::SpellChecker::didCheck):
        (WebCore::SpellChecker::didCheckSucceed):
        (WebCore::SpellChecker::didCheckCancel):
        (WebCore::SpellCheckRequest::setCheckerAndSequence): Deleted.
        * editing/SpellChecker.h:
        (WebCore::SpellChecker::lastRequestIdentifier const):
        (WebCore::SpellChecker::lastProcessedIdentifier const):
        (WebCore::SpellChecker::lastRequestSequence const): Deleted.
        (WebCore::SpellChecker::lastProcessedSequence const): Deleted.
        * platform/text/TextChecking.h:
        (WebCore::TextCheckingRequestData::TextCheckingRequestData):
        (WebCore::TextCheckingRequestData::identifier const):
        (WebCore::TextCheckingRequestData::sequence const): Deleted.
        * testing/Internals.cpp:
        (WebCore::Internals::lastSpellCheckRequestSequence):
        (WebCore::Internals::lastSpellCheckProcessedSequence):
        * testing/Internals.h:
        * testing/Internals.idl:

2020-03-09  Don Olmstead  <don.olmstead@sony.com>

        Remove obsolete feature flags
        https://bugs.webkit.org/show_bug.cgi?id=208830

        Reviewed by Alex Christensen.

        Remove ENABLE_CUSTOM_SCHEME_HANDLER and ENABLE_MAC_VIDEO_TOOLBOX since they
        are no longer used.

        * Configurations/FeatureDefines.xcconfig:
        * editing/cocoa/AlternativeTextUIController.h: USE(DICTION_ALTERNATIVES) -> USE(DICTION_ALTERNATIVES)
        * html/TextFieldInputType.cpp: ENABLE(DATALIST) -> ENABLE(DATALIST_ELEMENT)
        (WebCore::TextFieldInputType::destroyShadowSubtree):
        * platform/graphics/gpu/cocoa/GPUBindGroupMetal.mm: ENABLE(WEBBPU) typo

2020-03-09  Zalan Bujtas  <zalan@apple.com>

        REGRESSION (257846) Crash on maps.google.com under Element::isVisibleWithoutResolvingFullStyle
        https://bugs.webkit.org/show_bug.cgi?id=208841
        <rdar://problem/60238539>

        Reviewed by Simon Fraser.

        Resolve the computed style for the composed ancestors when not available.

        * dom/Element.cpp:
        (WebCore::Element::isVisibleWithoutResolvingFullStyle const):

2020-03-09  Andres Gonzalez  <andresg_22@apple.com>

        Remove required setting for libAccessibility.
        https://bugs.webkit.org/show_bug.cgi?id=208836
        <rdar://problem/60227703>

        Reviewed by Chris Fleizach.

        Made libAccessibility an optional library for Webcore since
        accessibility is soft linking it.

        * WebCore.xcodeproj/project.pbxproj:

2020-03-09  Chris Dumez  <cdumez@apple.com>

        Unreviewed, drop forward declaration that is no longer needed after r258159.

        * xml/XMLHttpRequestProgressEventThrottle.h:

2020-03-09  Chris Dumez  <cdumez@apple.com>

        Align garbage collection for XMLHttpRequest objects with the specification
        https://bugs.webkit.org/show_bug.cgi?id=208481

        Reviewed by Ryosuke Niwa.

        Align garbage collection for XMLHttpRequest objects with the specification:
        - https://xhr.spec.whatwg.org/#garbage-collection

        We now override ActiveDOMObject::hasPendingActivity() to match exactly the text
        in the specification:
        """
        An XMLHttpRequest object must not be garbage collected if its state is either
        opened with the send() flag set, headers received, or loading, and it has one or
        more event listeners registered whose type is one of readystatechange, progress,
        abort, error, load, timeout, and loadend.
        """

        Previously, we were trying to implement this behavior with ActiveDOMObject's
        setPendingActivity() / unsetPendingActivity() but this was error and leak prone.
        It was also keeping the JS wrapper alive too long in the cases where the JS
        does not have any event listeners. If the JS has not event listeners, then we
        can collect the JS wrapper, we just need to keep the implementation
        XMLHttpRequest object for the duration of the load.

        No new tests, covered by existing test such as:
        fast/xmlhttprequest/xmlhttprequest-gc.html

        * dom/EventTarget.cpp:
        (WebCore::EventTarget::addEventListener):
        (WebCore::EventTarget::removeEventListener):
        (WebCore::EventTarget::removeAllEventListeners):
        * dom/EventTarget.h:
        (WebCore::EventTarget::eventListenersDidChange):
        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::XMLHttpRequest):
        (WebCore::XMLHttpRequest::changeState):
        (WebCore::XMLHttpRequest::open):
        (WebCore::XMLHttpRequest::prepareToSend):
        (WebCore::XMLHttpRequest::createRequest):
        (WebCore::XMLHttpRequest::abort):
        (WebCore::XMLHttpRequest::internalAbort):
        (WebCore::XMLHttpRequest::networkError):
        (WebCore::XMLHttpRequest::didFail):
        (WebCore::XMLHttpRequest::didFinishLoading):
        (WebCore::XMLHttpRequest::didReachTimeout):
        (WebCore::XMLHttpRequest::contextDestroyed):
        (WebCore::XMLHttpRequest::eventListenersDidChange):
        (WebCore::XMLHttpRequest::hasPendingActivity const):
        * xml/XMLHttpRequest.h:
        * xml/XMLHttpRequestProgressEventThrottle.cpp:
        (WebCore::XMLHttpRequestProgressEventThrottle::XMLHttpRequestProgressEventThrottle):
        (WebCore::XMLHttpRequestProgressEventThrottle::dispatchEventWhenPossible):
        (WebCore::XMLHttpRequestProgressEventThrottle::suspend):
        (WebCore::XMLHttpRequestProgressEventThrottle::resume):
        * xml/XMLHttpRequestProgressEventThrottle.h:

2020-03-09  Wenson Hsieh  <wenson_hsieh@apple.com>

        Creating paths that are single-segment bezier or quad curves should not require a CGPath allocation
        https://bugs.webkit.org/show_bug.cgi?id=208812

        Reviewed by Tim Horton.

        Extend the inline path data mechanism introduced in r258118 to encompass two more cases of simple path objects:
        single-segment quad and bezier curves. In these scenarios, we can simply store the start point, end point, and
        one or two control points (respectively). See below for more details; there should be no change in behavior.

        * platform/graphics/InlinePathData.h:

        Add the new inline path data types to the variant. Note that does not increase the size of the InlinePathData
        variant, nor does it increase the size of Path, since the variant is already 32 bytes large due to ArcData.

        (WebCore::QuadCurveData::encode const):
        (WebCore::QuadCurveData::decode):
        (WebCore::BezierCurveData::encode const):
        (WebCore::BezierCurveData::decode):

        Add encoders and decoders for QuadCurveData and BezierCurveData.

        * platform/graphics/Path.cpp:
        (WebCore::Path::apply const):

        In the cases where we have quad and bezier curves, we can apply the path without having to fall back to
        allocating a platform path object.

        (WebCore::Path::currentPoint const):

        Return endPoint in both of the new inline curve cases.

        (WebCore::Path::elementCount const):

        Return 2 in both of the new cases.

        (WebCore::Path::addQuadCurveTo):
        (WebCore::Path::addBezierCurveTo):

        If the path is null (we haven't modified anything yet) or the path was only moved to some location, stuff
        information about the quad or bezier curve into inline data on Path and avoid creating a CGPath on CoreGraphics
        platforms (and other types of platform paths elsewhere).

        * platform/graphics/Path.h:
        * platform/graphics/cairo/PathCairo.cpp:
        (WebCore::Path::addQuadCurveToSlowCase):
        (WebCore::Path::addBezierCurveToSlowCase):
        (WebCore::Path::addQuadCurveTo): Deleted.
        (WebCore::Path::addBezierCurveTo): Deleted.
        * platform/graphics/cg/PathCG.cpp:
        (WebCore::Path::createCGPath const):
        (WebCore::Path::addQuadCurveToSlowCase):
        (WebCore::Path::addBezierCurveToSlowCase):

        Add -SlowCase suffixes to these methods, and move the main implementation of addQuadCurve and addBezierCurve
        into platform-agnostic code in Path.cpp where we update the inline path data and bail early if appropriate, and
        otherwise fall back to addQuadCurveToSlowCase or addBezierCurveToSlowCase.

        (WebCore::Path::addQuadCurveTo): Deleted.
        (WebCore::Path::addBezierCurveTo): Deleted.
        * platform/graphics/win/PathDirect2D.cpp:
        (WebCore::Path::addQuadCurveToSlowCase):
        (WebCore::Path::addBezierCurveToSlowCase):
        (WebCore::Path::addQuadCurveTo): Deleted.
        (WebCore::Path::addBezierCurveTo): Deleted.

2020-03-09  Antoine Quint  <graouts@apple.com>

        Remove the compile-time flag for Pointer Events
        https://bugs.webkit.org/show_bug.cgi?id=208821
        <rdar://problem/60223471>

        Reviewed by Dean Jackson.

        * Configurations/FeatureDefines.xcconfig:
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::touchActionFlagsToCSSValue):
        (WebCore::ComputedStyleExtractor::valueForPropertyInStyle):
        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::operator OptionSet<TouchAction> const):
        * css/CSSProperties.json:
        * css/CSSValueKeywords.in:
        * css/parser/CSSPropertyParser.cpp:
        (WebCore::consumeTouchAction):
        (WebCore::CSSPropertyParser::parseSingleValue):
        * dom/Document.cpp:
        (WebCore::Document::prepareMouseEvent):
        (WebCore::Document::invalidateRenderingDependentRegions):
        * dom/Document.h:
        * dom/Element.cpp:
        (WebCore::dispatchPointerEventIfNeeded):
        (WebCore::Element::allowsDoubleTapGesture const):
        (WebCore::Element::removedFromAncestor):
        * dom/Element.h:
        * dom/Element.idl:
        * dom/EventNames.in:
        * dom/NavigatorMaxTouchPoints.idl:
        * dom/PointerEvent.cpp:
        * dom/PointerEvent.h:
        * dom/PointerEvent.idl:
        * dom/ios/PointerEventIOS.cpp:
        * page/EventHandler.cpp:
        (WebCore::EventHandler::pointerCaptureElementDidChange):
        (WebCore::EventHandler::prepareMouseEvent):
        * page/EventHandler.h:
        * page/Navigator.h:
        * page/Page.cpp:
        (WebCore::Page::Page):
        (WebCore::Page::didChangeMainDocument):
        * page/Page.h:
        (WebCore::Page::inspectorController const):
        (WebCore::Page::pointerCaptureController const):
        * page/PointerCaptureController.cpp:
        * page/PointerCaptureController.h:
        * page/PointerLockController.cpp:
        (WebCore::PointerLockController::requestPointerLock):
        * platform/TouchAction.h:
        * rendering/EventRegion.cpp:
        (WebCore::EventRegion::operator== const):
        (WebCore::EventRegion::unite):
        (WebCore::EventRegion::translate):
        (WebCore::operator<<):
        * rendering/EventRegion.h:
        (WebCore::EventRegion::encode const):
        (WebCore::EventRegion::decode):
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::paintObject):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::styleWillChange):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::calculateClipRects const):
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateEventRegion):
        (WebCore::patternForTouchAction):
        (WebCore::RenderLayerBacking::paintDebugOverlays):
        * rendering/style/RenderStyle.h:
        (WebCore::RenderStyle::effectiveTouchActions const):
        (WebCore::RenderStyle::setEffectiveTouchActions):
        (WebCore::RenderStyle::initialTouchActions):
        * rendering/style/StyleRareInheritedData.cpp:
        (WebCore::StyleRareInheritedData::StyleRareInheritedData):
        (WebCore::StyleRareInheritedData::operator== const):
        * rendering/style/StyleRareInheritedData.h:
        * rendering/style/StyleRareNonInheritedData.cpp:
        (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):
        (WebCore::StyleRareNonInheritedData::operator== const):
        * rendering/style/StyleRareNonInheritedData.h:
        * style/StyleAdjuster.cpp:
        (WebCore::Style::isScrollableOverflow):
        (WebCore::Style::computeEffectiveTouchActions):
        (WebCore::Style::Adjuster::adjust const):
        * style/StyleBuilderConverter.h:
        (WebCore::Style::BuilderConverter::convertTouchAction):
        * style/StyleTreeResolver.cpp:
        (WebCore::Style::TreeResolver::resolveElement):

2020-03-09  Rob Buis  <rbuis@igalia.com>

        Rename urlSelected to changeLocation
        https://bugs.webkit.org/show_bug.cgi?id=208529

        Reviewed by Darin Adler.

        Rename urlSelected to changeLocation and remove the existing
        changeLocation. The name changeLocation is more intuitive
        than urlSelected.

        No new tests -- no new or changed functionality.

        * html/HTMLAnchorElement.cpp:
        (WebCore::HTMLAnchorElement::handleClick):
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::handleClick):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::changeLocation):
        (WebCore::FrameLoader::urlSelected): Deleted.
        * loader/FrameLoader.h:
        * loader/NavigationScheduler.cpp:
        * mathml/MathMLElement.cpp:
        (WebCore::MathMLElement::defaultEventHandler):
        * svg/SVGAElement.cpp:
        (WebCore::SVGAElement::defaultEventHandler):

2020-03-09  youenn fablet  <youenn@apple.com>

        Log error in clearNowPlayingInfo/setNowPlayingInfo
        https://bugs.webkit.org/show_bug.cgi?id=208805

        Reviewed by Eric Carlson.

        No change of behavior.

        * platform/audio/cocoa/MediaSessionManagerCocoa.mm:
        (MediaSessionManagerCocoa::clearNowPlayingInfo):
        (MediaSessionManagerCocoa::setNowPlayingInfo):

2020-03-09  Zalan Bujtas  <zalan@apple.com>

        [LFC][IFC] Do not floor the computed intrinsic width values
        https://bugs.webkit.org/show_bug.cgi?id=208796
        <rdar://problem/60209522>

        Reviewed by Antti Koivisto.

        Floored intrinsic values could lead to unexpected line breaks.
        (This happens because IFC uses float currently, while other layout systems use LayoutUnit.)

        Test: fast/layoutformattingcontext/absolute-positioned-simple-table3.html

        * layout/LayoutUnits.h:
        (WebCore::Layout::ceiledLayoutUnit):
        * layout/inlineformatting/InlineFormattingContext.cpp:
        (WebCore::Layout::InlineFormattingContext::computedIntrinsicWidthConstraints):
        (WebCore::Layout::InlineFormattingContext::computedIntrinsicWidthForConstraint const):
        * layout/inlineformatting/InlineFormattingContext.h:

2020-03-09  Zalan Bujtas  <zalan@apple.com>

        [LFC][TFC] Do no try to distribute extra space in case of shrink to fit (max preferred width).
        https://bugs.webkit.org/show_bug.cgi?id=208795
        <rdar://problem/60208329>

        Reviewed by Antti Koivisto.

        When we shrink-to-fit the table and it isn't constrained by the containing block's width, we
        should use the maximum width instead of trying to distribute the space.

        * layout/tableformatting/TableFormattingContext.cpp:
        (WebCore::Layout::TableFormattingContext::layoutInFlowContent):
        (WebCore::Layout::TableFormattingContext::layoutTableCellBox):
        (WebCore::Layout::TableFormattingContext::computeAndDistributeExtraHorizontalSpace):
        * layout/tableformatting/TableFormattingContext.h:

2020-03-07  Darin Adler  <darin@apple.com>

        Begin moving off of live ranges for WebKit internals
        https://bugs.webkit.org/show_bug.cgi?id=208432

        Reviewed by Daniel Bates.

        The DOM Range class is a live range. The live updating feature of these ranges mean
        they are expensive to create and destroy and also make all DOM mutation more expensive
        while they are alive. We will be able to speed up, likely measurable on Speedometer,
        if we can cut down uses of live ranges.

        - Refactored the StaticRange class to create two new structs.
        - The BoundaryPoint struct implements what the DOM standard calls a boundary point:
          a node and offset. Similar to the RangeBoundaryPoint class, which supports
          being the boundary point of a live range, but simpler and not live.
        - The SimpleRange struct implements what the DOM standard calls a range (not a live
          range). Like StaticRange but without reference counting and DOM binding.
        - Since StaticRange is derived publicly from SimpleRange you can pass either to any
          function that takes a SimpleRange. And since there is a constructor to create a
          SimpleRange from a Range you can pass a Range to those functions too.
        - Renamed StaticRange::createFromRange to StaticRange::create.

        * Headers.cmake: Added BoundaryPoint.h, SimpleRange.h, and StaticRange.h.
        * Sources.txt: Added BoundaryPoint.cpp and SimpleRange.cpp.
        * WebCore.xcodeproj/project.pbxproj: Added BoundaryPoint.cpp/h and SimpleRange.cpp/h.

        * dom/BoundaryPoint.cpp: Added.
        * dom/BoundaryPoint.h: Added.
        * dom/SimpleRange.cpp: Added.
        * dom/SimpleRange.h: Added.

        * dom/StaticRange.cpp:
        (WebCore::StaticRange::StaticRange): Take an rvalue reference to a SimpleRange.
        (WebCore::StaticRange::create): Ditto. Changed the other overloads to create
        a SimpleRange first then call through to the main one.
        (WebCore::isDocumentTypeOrAttr): Wrote a much more efficient version of this.
        The old version called the virtual function nodeType twice. This calls it at
        most once, and mostly doesn't call it at all.
        * dom/StaticRange.h: Simplified this class, putting most of the actual range
        logic into the base class. Note that this change eliminated the peculiar code
        that in the == operator that compared nodes using isEqualNode instead of using
        node identity. There was no one who needed that other behavior. Also fixed
        mistaken use of unsigned long in StaticRange::Init. It's unsigned long in
        the IDL file, but confusingly that's just unsigned in .cpp files.

        * dom/StaticRange.idl: Tweaked formatting.

        * editing/CompositeEditCommand.cpp:
        (WebCore::CompositeEditCommand::targetRanges const): Updated for rename
        of StaticRange::create.
        * editing/ReplaceRangeWithTextCommand.cpp:
        (WebCore::ReplaceRangeWithTextCommand::doApply): Updated since VisibleSelection
        takes SimpleRange now.
        (WebCore::ReplaceRangeWithTextCommand::targetRanges const): Updated for
        rename of StaticRange::create.
        * editing/SpellingCorrectionCommand.cpp:
        (WebCore::SpellingCorrectionCommand::SpellingCorrectionCommand): Updated
        since a selection now takes a SimpleRange&, not a StaticRange.
        (WebCore::SpellingCorrectionCommand::targetRanges const): Updated for
        rename of StaticRange::create.
        * editing/TypingCommand.cpp:
        (WebCore::TypingCommand::willAddTypingToOpenCommand): Ditto.

        * editing/VisibleSelection.cpp:
        (WebCore::VisibleSelection::VisibleSelection): Use SimpleRange
        instead of StaticRange and Range.
        * editing/VisibleSelection.h: Updated for the above.

        * editing/mac/EditorMac.mm: Added include.
        * page/DragController.cpp: Ditto.
        * page/TextIndicator.cpp: Ditto.
        (WebCore::TextIndicator::createWithRange): Updated since VisibleSelection
        takes SimpleRange now.

        * page/mac/EventHandlerMac.mm:
        (WebCore::InlineTextBox::collectMarkedTextsForHighlights): Tweaked coding
        style a bit.

2020-03-08  Per Arne Vollan  <pvollan@apple.com>

        Unreviewed, speculative link fix.

        * platform/cocoa/UTTypeRecordSwizzler.mm:

2020-03-08  Per Arne Vollan  <pvollan@apple.com>

        Unreviewed, speculative link fix.

        * platform/cocoa/UTTypeRecordSwizzler.mm:

2020-03-08  Konstantin Tokarev  <annulen@yandex.ru>

        [CMake] Unreviewed build fix for Mac port

        * PlatformMac.cmake:

2020-03-08  Per Arne Vollan  <pvollan@apple.com>

        [iOS] Mapping to UTI from tag and tag class should be performed in the UI process
        https://bugs.webkit.org/show_bug.cgi?id=208783

        Reviewed by Brent Fulgham.

        This mapping should be done in the UI process, since it is using a system service that will no longer be available
        in the WebContent process. To achieve this, the method +[UTTypeRecord typeRecordWithTagOverride] is swizzled in
        the WebContent process, and is using the cached mapping sent from the UI process.

        API test: WebKit.UTIFromTag

        * WebCore.xcodeproj/project.pbxproj:
        * platform/cocoa/UTTypeRecordSwizzler.h: Added.
        (WebCore::UTTypeItem::encode const):
        (WebCore::UTTypeItem::decode):
        * platform/cocoa/UTTypeRecordSwizzler.mm: Added.
        (-[WebUTTypeRecord setIdentifier:]):
        (WebCore::vectorOfUTTypeRecords):
        (WebCore::typeRecordWithTagOverride):
        (WebCore::createVectorOfUTTypeItem):
        (WebCore::setVectorOfUTTypeItem):
        (WebCore::swizzleUTTypeRecord):
        * platform/network/mac/UTIUtilities.h:
        * platform/network/mac/UTIUtilities.mm:
        (WebCore::UTIFromTag):
        * testing/Internals.cpp:
        (WebCore::Internals::getUTIFromTag):
        * testing/Internals.h:
        * testing/Internals.idl:
        * testing/Internals.mm:
        (WebCore::Internals::getUTIFromTag):

2020-03-08  Wenson Hsieh  <wenson_hsieh@apple.com>

        Lazily generate CGPaths for some simple types of paths, such as arcs and lines
        https://bugs.webkit.org/show_bug.cgi?id=208464
        <rdar://problem/59963226>

        Reviewed by Daniel Bates, Darin Adler and Tim Horton.

        When the GPU process is enabled and used to render the canvas element, some canvas-related subtests in
        MotionMark see significant performance regressions. One of the reasons for this is that in the process of
        decoding display list items that contain `WebCore::Path`s in the GPU process, we end up allocating a new CGPath
        for each WebCore::Path. This dramatically increases page demand and memory usage in the GPU process in contrast
        to shipping WebKit, due to the fact that all of these CGPaths allocated up-front, and must all exist somewhere
        in the heap upon decoding the display list.

        In contrast, in shipping WebKit, each call to stroke the current canvas path (i.e. invoking
        GraphicsContext::strokePath) is succeeded by clearing the path, which deallocates the CGPath backing the WebCore
        Path. The next time a CGPath needs to be created, CoreGraphics is free to then allocate the new CGPath at the
        address of the previous CGPath which was just destroyed, which prevents us from dirtying more pages than
        necessary. This phenomenon affects most of the canvas-related MotionMark subtests to some degree, though the
        impact is most noticeable with Canvas Lines.

        On top of all this, a significant portion of time is also spent calling CGPathApply and converting the resulting
        CGPathElements into serializable data when encoding each WebCore Path.

        To mitigate these two issues and restore the wins we get from memory locality when drawing paths in large
        quantities, we can:

        1.  In the case of simple paths, stuff some information about how each path was created as inline data on
            WebCore::Path itself, as a new data member. For now, this only encompasses lines, arcs, and moves (Paths
            where only `Path::moveTo` was invoked), but may be expanded in the future to include ellipses and rects.
            This allows us to achieve two things: (a) make encoding cheaper by not requiring a walk through all of
            CGPath's elements, and (b) make decoding cheaper by just initializing the Path using inline data, rather
            than having to create a new CGPath.

        2.  When painting the StrokePath display list item, just discard `m_path` after we're done painting with it.
            This, in conjunction with (1), means that the CGPath backing the WebCore::Path in the GPU process is only
            created when we're just about to paint (i.e. when calling into strokePath()), and destroyed right after
            we're done painting with it.

        See below for details. There should be no change in behavior.

        * Headers.cmake:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/graphics/InlinePathData.h: Added.
        (WebCore::MoveData::encode const):
        (WebCore::MoveData::decode):
        (WebCore::LineData::encode const):
        (WebCore::LineData::decode):
        (WebCore::ArcData::encode const):
        (WebCore::ArcData::decode):

        Introduce InlinePathData, a Variant of several different inline data types, each of which represents one simple
        path type that is stored using only inline data. This includes line segments (a start point and an end point),
        as well as arcs (which, in addition to a center and start and end angles) also includes an optional offset,
        which represents the current position of the path at the time "addArc" was called.

        For instance, in the following scenario, the path would have an arc that is offset by (100, 0); if filled, it
        would result in a composite shape resembling a semicircle on top of a triangle:

        path.moveTo(100, 0);
        path.addArc(100, 100, 50, 0, PI, false);
        context.fill(path);

        When a Path is initialized (or after it is cleared), it starts off with neither a CGPath nor inline data. Moving
        the path causes it to store inline MoveData; calling calling `addLineTo` or `addArc` then replaces the inline
        data with either LineData or ArcData.

        If, at any point, the path changes in a different way (i.e. neither line, arc, nor move), we clear out the
        inline data and fall back to just representing the path data using the CGPath (m_path).

        * platform/graphics/Path.cpp:

        Refactor the following 10 methods: moveTo, addLineTo, addArc, isEmpty, currentPoint, apply, elementCount,
        hasCurrentPoint, fastBoundingRect, and boundingRect such that their implementations are now in platform-agnostic
        code in Path.cpp. Logic in this platform-agnostic code will generally attempt to use inline path data to compute
        an answer (or apply the requested mutations) without having to initialize the platform path representation.
        Failing this, we fall back to calling -SlowCase versions of these methods, which will exercise the appropriate
        APIs on each platform.

        (WebCore::Path::elementCountSlowCase const):
        (WebCore::Path::apply const):
        (WebCore::Path::isEmpty const):
        (WebCore::Path::hasCurrentPoint const):
        (WebCore::Path::currentPoint const):
        (WebCore::Path::elementCount const):
        (WebCore::Path::addArc):
        (WebCore::Path::addLineTo):
        (WebCore::Path::moveTo):

        In the case of these three methods for mutating a path, if we've either only moved the path or haven't touched
        it at all, we can get away with only updating our inline path data, and avoid creating a CGPath.

        (WebCore::Path::boundingRect const):
        (WebCore::Path::fastBoundingRect const):
        (WebCore::Path::boundingRectFromInlineData const):
        (WebCore::Path::polygonPathFromPoints):
        * platform/graphics/Path.h:
        (WebCore::Path::encode const):
        (WebCore::Path::decode):

        Teach Path::encode and Path::decode to respectively serialize and deserialize WebCore::Path by consulting only
        the inline data, if it is present. For simple types of paths, this decreases the cost of both IPC encoding and
        decoding, but adds a negligible amount of overhead in the case where the path is non-inline.

        (WebCore::Path::hasInlineData const):
        (WebCore::Path::hasAnyInlineData const):
        (WebCore::Path::isNull const): Deleted.
        * platform/graphics/cairo/PathCairo.cpp:
        (WebCore::Path::isEmptySlowCase const):
        (WebCore::Path::currentPointSlowCase const):
        (WebCore::Path::moveToSlowCase):
        (WebCore::Path::addLineToSlowCase):
        (WebCore::Path::addArcSlowCase):
        (WebCore::Path::boundingRectSlowCase const):
        (WebCore::Path::applySlowCase const):
        (WebCore::Path::fastBoundingRectSlowCase const):
        (WebCore::Path::isNull const):
        (WebCore::Path::isEmpty const): Deleted.
        (WebCore::Path::hasCurrentPoint const): Deleted.
        (WebCore::Path::currentPoint const): Deleted.
        (WebCore::Path::moveTo): Deleted.
        (WebCore::Path::addLineTo): Deleted.
        (WebCore::Path::addArc): Deleted.
        (WebCore::Path::boundingRect const): Deleted.
        (WebCore::Path::apply const): Deleted.
        * platform/graphics/cg/PathCG.cpp:
        (WebCore::Path::createCGPath const):

        Add a helper method that is invoked when the Path is asked for a CGPath. In this case, if there is inline data,
        we need to lazily create the path and apply any inline path data we've accumulated. Once we're done applying the
        inline data, set a flag (m_needsToApplyInlineData) to false to avoid re-applying inline data to the path.

        (WebCore::Path::platformPath const):
        (WebCore::Path::ensurePlatformPath):

        When ensurePlatformPath is invoked, we are about to mutate our CGPath in such a way that it can't be expressed
        in terms of inline data (at least, not with the changes in this patch). Clear out the inline path data in this
        case, and apply the CGPath mutations that were previously stashed away in inline path data.

        (WebCore::Path::isNull const):

        A path is now considered null if it is not only missing a CGPath, but also does not have any inline path data.
        This maintains the invariant that `isNull()` is true iff the `platformPath()` returns 0x0.

        (WebCore::Path::Path):
        (WebCore::Path::swap):

        Update the constructors and `swap` helper method (used by assignment operators) to account for the new members.

        (WebCore::Path::contains const):
        (WebCore::Path::transform):
        (WebCore::zeroRectIfNull):
        (WebCore::Path::boundingRectSlowCase const):
        (WebCore::Path::fastBoundingRectSlowCase const):
        (WebCore::Path::moveToSlowCase):
        (WebCore::Path::addLineToSlowCase):
        (WebCore::Path::addArcSlowCase):
        (WebCore::Path::clear):

        When clearing Path, instead of setting `m_path` to a newly allocated CGPath, simply reset it to null. This
        ensures that if we then apply some changes that can be expressed using only inline path data, we avoid having to
        update the CGPath, and instead just update the inline path data.

        (WebCore::Path::isEmptySlowCase const):
        (WebCore::Path::currentPointSlowCase const):
        (WebCore::Path::applySlowCase const):
        (WebCore::Path::elementCountSlowCase const):
        (WebCore::Path::boundingRect const): Deleted.
        (WebCore::Path::fastBoundingRect const): Deleted.
        (WebCore::Path::moveTo): Deleted.
        (WebCore::Path::addLineTo): Deleted.
        (WebCore::Path::addArc): Deleted.
        (WebCore::Path::isEmpty const): Deleted.
        (WebCore::Path::hasCurrentPoint const): Deleted.
        (WebCore::Path::currentPoint const): Deleted.
        (WebCore::Path::apply const): Deleted.
        (WebCore::Path::elementCount const): Deleted.
        * platform/graphics/displaylists/DisplayListItems.cpp:
        (WebCore::DisplayList::StrokePath::apply const):

        Throw out the current WebCore::Path after we're done painting with it (see (2) in the above ChangeLog entry).

        * platform/graphics/displaylists/DisplayListItems.h:
        * platform/graphics/win/PathDirect2D.cpp:
        (WebCore::Path::boundingRectSlowCase const):
        (WebCore::Path::fastBoundingRectSlowCase const):
        (WebCore::Path::moveToSlowCase):
        (WebCore::Path::addLineToSlowCase):
        (WebCore::Path::addArcSlowCase):
        (WebCore::Path::isEmptySlowCase const):
        (WebCore::Path::currentPointSlowCase const):
        (WebCore::Path::applySlowCase const):
        (WebCore::Path::isNull const):
        (WebCore::Path::boundingRect const): Deleted.
        (WebCore::Path::fastBoundingRect const): Deleted.
        (WebCore::Path::moveTo): Deleted.
        (WebCore::Path::addLineTo): Deleted.
        (WebCore::Path::addArc): Deleted.
        (WebCore::Path::isEmpty const): Deleted.
        (WebCore::Path::hasCurrentPoint const): Deleted.
        (WebCore::Path::currentPoint const): Deleted.
        (WebCore::Path::apply const): Deleted.

2020-03-08  Konstantin Tokarev  <annulen@yandex.ru>

        [CMake] Some fixes for building Mac port
        https://bugs.webkit.org/show_bug.cgi?id=208770

        Reviewed by Don Olmstead.

        * PlatformMac.cmake:

2020-03-08  Andres Gonzalez  <andresg_22@apple.com>

        Implementation of AccessibilitySupport AXSIsolatedTreeMode.
        https://bugs.webkit.org/show_bug.cgi?id=208691
        <rdar://problem/60178602>

        Reviewed by Chris Fleizach.

        Honors the system AccessibilitySupport IsolatedTreeMode setting. The
        system has three modes for IsolatedTree functionality: off, on on main
        thread, and on on secondary thread.

        * WebCore.xcodeproj/project.pbxproj:
        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::isolatedTreeFocusedObject):
        (WebCore::AXObjectCache::focusedUIElementForPage):
        (WebCore::AXObjectCache::isIsolatedTreeEnabled):
        (WebCore::AXObjectCache::isolatedTreeRootObject):
        (WebCore::AXObjectCache::canUseSecondaryAXThread):
        * accessibility/AXObjectCache.h:
        * accessibility/mac/WebAccessibilityObjectWrapperBase.mm:
        (-[WebAccessibilityObjectWrapperBase detach]):
        (-[WebAccessibilityObjectWrapperBase axBackingObject]):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper additionalAccessibilityAttributeNames]):

2020-03-08  Jer Noble  <jer.noble@apple.com>

        Unreviewed watchOS build fix: add platform guards.

        * platform/audio/ios/MediaSessionHelperIOS.mm:
        (MediaSessionHelperiOS::startMonitoringWirelessRoutes):
        (MediaSessionHelperiOS::stopMonitoringWirelessRoutes):

2020-03-08  Fujii Hironori  <Hironori.Fujii@sony.com>

        generate-bindings-all.pl: "my" variable $fh masks earlier declaration in same scope
        https://bugs.webkit.org/show_bug.cgi?id=208757

        Reviewed by Yusuke Suzuki.

        * bindings/scripts/generate-bindings-all.pl: Reuse $fh variable instead of defining new one.

2020-03-06  Jer Noble  <jer.noble@apple.com>

        [GPUP] Move AVSystemController code into the GPU process
        https://bugs.webkit.org/show_bug.cgi?id=208727

        Reviewed by Eric Carlson.

        Move AVSystemController code out of MediaSessionManageriOS and into a new
        class MediaSessionHelper, which is currently iOS only. The abstract base class
        will be overriden by WebKit in the WebContent process.

        Drive-by fix: Don't call a virtual method (resetRestrictions()) from the constructor of a
        virtual base class; the virtual function table hasn't been created yet, and the subclasses'
        overridden methods won't be called. Move the call to post-creation.

        * platform/audio/PlatformMediaSessionManager.cpp:
        (WebCore::PlatformMediaSessionManager::sharedManager):
        (WebCore::PlatformMediaSessionManager::PlatformMediaSessionManager):
        * platform/audio/ios/MediaSessionHelperIOS.h: Added.
        * platform/audio/ios/MediaSessionHelperIOS.mm: Copied from Source/WebCore/platform/audio/ios/MediaSessionManagerIOS.mm.
        (sharedHelperInstance):
        (MediaSessionHelper::sharedHelper):
        (MediaSessionHelper::resetSharedHelper):
        (MediaSessionHelper::setSharedHelper):
        (MediaSessionHelper::addClient):
        (MediaSessionHelper::removeClient):
        (MediaSessionHelperiOS::MediaSessionHelperiOS):
        (MediaSessionHelperiOS::~MediaSessionHelperiOS):
        (MediaSessionHelperiOS::providePresentingApplicationPID):
        (MediaSessionHelperiOS::startMonitoringWirelessRoutes):
        (MediaSessionHelperiOS::stopMonitoringWirelessRoutes):
        (MediaSessionHelperiOS::carPlayServerDied):
        (MediaSessionHelperiOS::updateCarPlayIsConnected):
        (MediaSessionHelperiOS::setIsPlayingToAutomotiveHeadUnit):
        (MediaSessionHelperiOS::activeAudioRouteDidChange):
        (MediaSessionHelperiOS::activeVideoRouteDidChange):
        (MediaSessionHelperiOS::receivedInterruption):
        (MediaSessionHelperiOS::applicationDidBecomeActive):
        (MediaSessionHelperiOS::applicationDidEnterBackground):
        (MediaSessionHelperiOS::applicationWillBecomeInactive):
        (MediaSessionHelperiOS::applicationWillEnterForeground):
        (MediaSessionHelperiOS::externalOutputDeviceAvailableDidChange):
        (-[WebMediaSessionHelper initWithCallback:]):
        (-[WebMediaSessionHelper dealloc]):
        (-[WebMediaSessionHelper clearCallback]):
        (-[WebMediaSessionHelper hasWirelessTargetsAvailable]):
        (-[WebMediaSessionHelper startMonitoringAirPlayRoutes]):
        (-[WebMediaSessionHelper stopMonitoringAirPlayRoutes]):
        (-[WebMediaSessionHelper interruption:]):
        (-[WebMediaSessionHelper applicationWillEnterForeground:]):
        (-[WebMediaSessionHelper applicationDidBecomeActive:]):
        (-[WebMediaSessionHelper applicationWillResignActive:]):
        (-[WebMediaSessionHelper wirelessRoutesAvailableDidChange:]):
        (-[WebMediaSessionHelper applicationDidEnterBackground:]):
        (-[WebMediaSessionHelper carPlayServerDied:]):
        (-[WebMediaSessionHelper carPlayIsConnectedDidChange:]):
        (-[WebMediaSessionHelper activeAudioRouteDidChange:]):
        * platform/audio/ios/MediaSessionManagerIOS.h:
        * platform/audio/ios/MediaSessionManagerIOS.mm:
        (WebCore::MediaSessionManageriOS::MediaSessionManageriOS):
        (WebCore::MediaSessionManageriOS::~MediaSessionManageriOS):
        (WebCore::MediaSessionManageriOS::hasWirelessTargetsAvailable):
        (WebCore::MediaSessionManageriOS::configureWireLessTargetMonitoring):
        (WebCore::MediaSessionManageriOS::providePresentingApplicationPIDIfNecessary):
        (WebCore::MediaSessionManageriOS::providePresentingApplicationPID):
        (WebCore::MediaSessionManageriOS::externalOutputDeviceAvailableDidChange):
        (WebCore::MediaSessionManageriOS::isPlayingToAutomotiveHeadUnitDidChange):
        (WebCore::MediaSessionManageriOS::activeAudioRouteDidChange):
        (WebCore::MediaSessionManageriOS::activeVideoRouteDidChange):
        (WebCore::MediaSessionManageriOS::receivedInterruption):
        (WebCore::MediaSessionManageriOS::applicationWillEnterForeground):
        (WebCore::MediaSessionManageriOS::applicationDidBecomeActive):
        (WebCore::MediaSessionManageriOS::applicationDidEnterBackground):
        (WebCore::MediaSessionManageriOS::applicationWillBecomeInactive):
        (WebCore::MediaSessionManageriOS::carPlayServerDied): Deleted.
        (WebCore::MediaSessionManageriOS::updateCarPlayIsConnected): Deleted.
        (-[WebMediaSessionHelper initWithCallback:]): Deleted.
        (-[WebMediaSessionHelper dealloc]): Deleted.
        (-[WebMediaSessionHelper clearCallback]): Deleted.
        (-[WebMediaSessionHelper hasWirelessTargetsAvailable]): Deleted.
        (-[WebMediaSessionHelper startMonitoringAirPlayRoutes]): Deleted.
        (-[WebMediaSessionHelper stopMonitoringAirPlayRoutes]): Deleted.
        (-[WebMediaSessionHelper interruption:]): Deleted.
        (-[WebMediaSessionHelper applicationWillEnterForeground:]): Deleted.
        (-[WebMediaSessionHelper applicationDidBecomeActive:]): Deleted.
        (-[WebMediaSessionHelper applicationWillResignActive:]): Deleted.
        (-[WebMediaSessionHelper wirelessRoutesAvailableDidChange:]): Deleted.
        (-[WebMediaSessionHelper applicationDidEnterBackground:]): Deleted.
        (-[WebMediaSessionHelper carPlayServerDied:]): Deleted.
        (-[WebMediaSessionHelper carPlayIsConnectedDidChange:]): Deleted.
        (-[WebMediaSessionHelper activeAudioRouteDidChange:]): Deleted.

2020-03-08  Andres Gonzalez  <andresg_22@apple.com>

        Fix for LayoutTests/accessibility/mac/value-change/value-change-user-info-contenteditable.html in IsolatedTree mode.
        https://bugs.webkit.org/show_bug.cgi?id=208462
        <rdar://problem/59980673>

        Reviewed by Chris Fleizach.

        Covered by LayoutTests/accessibility/mac/value-change/value-change-user-info-contenteditable.html.

        - Updates the IsolatedTree on the TextStateChange notification.
        - Renamed isAccessibilityScrollView to isAccessibilityScrollViewInstance
        and used isScrollView instead everywhere it's appropriate. This makes
        code like AXObjectCache::rootWebArea work for both AXObjects and IsolatedObjects.
        - Moved several utility functions from WebAccessibilityObjectWrapperMac.mm
        to AXObjectCacheMac.mm where they belong, so that they can be used by
        AXObjectCache implementation in addition to by the wrapper.

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::postTextStateChangeNotification):
        (WebCore::AXObjectCache::rootWebArea):
        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::isOnScreen const):
        (WebCore::AccessibilityObject::scrollToGlobalPoint const):
        * accessibility/AccessibilityObject.h:
        * accessibility/AccessibilityObjectInterface.h:
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::getScrollableAreaIfScrollable const):
        * accessibility/AccessibilityScrollView.h:
        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper accessibilityContainer]):
        * accessibility/isolatedtree/AXIsolatedObject.cpp:
        (WebCore::AXIsolatedObject::isAccessibilityScrollViewInstance const):
        (WebCore::AXIsolatedObject::isAccessibilityScrollView const): Renamed.
        * accessibility/isolatedtree/AXIsolatedObject.h:
        * accessibility/mac/AXObjectCacheMac.mm:
        (WebCore::AXObjectCache::postTextStateChangePlatformNotification): Uses
        TextMarker utilities instead of calling into the wrapper. This fixes
        the crash caused by the wrapper updating the backingObject that in turn
        may change the wrapper.
        (WebCore::AXTextMarkerRange): Moved from WebAccessibilityObjectWrapperMac.mm.
        (WebCore::textMarkerRangeFromMarkers): Moved from WebAccessibilityObjectWrapperMac.mm.
        (WebCore::textMarkerForVisiblePosition): Moved from WebAccessibilityObjectWrapperMac.mm.
        (WebCore::textMarkerRangeFromVisiblePositions): Moved from WebAccessibilityObjectWrapperMac.mm.
        * accessibility/mac/WebAccessibilityObjectWrapperMac.h:
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (AXTextMarkerRange): Moved.
        (textMarkerForVisiblePosition): Moved.
        (textMarkerRangeFromMarkers): Moved.
        (textMarkerRangeFromVisiblePositions): Moved.

2020-03-08  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Canvas drawing commands have to be flushed to the GPUProcess in batches
        https://bugs.webkit.org/show_bug.cgi?id=208597

        Reviewed by Myles C. Maxfield.

        Make DisplayList::ImageBuffer an observer of DisplayList::Recorder.
        It can track adding an item to the recoded DisplayList.

        * platform/graphics/displaylists/DisplayListDrawingContext.cpp:
        (WebCore::DisplayList::DrawingContext::DrawingContext):
        * platform/graphics/displaylists/DisplayListDrawingContext.h:
        * platform/graphics/displaylists/DisplayListImageBuffer.h:
        (WebCore::DisplayList::ImageBuffer::ImageBuffer):
        * platform/graphics/displaylists/DisplayListRecorder.cpp:
        (WebCore::DisplayList::Recorder::Recorder):
        (WebCore::DisplayList::Recorder::willAppendItem):
        * platform/graphics/displaylists/DisplayListRecorder.h:
        (WebCore::DisplayList::Recorder::Observer::~Observer):
        (WebCore::DisplayList::Recorder::Observer::willAppendItem):

2020-03-08  Konstantin Tokarev  <annulen@yandex.ru>

        [GTK] Fix compilation with disabled OpenGL
        https://bugs.webkit.org/show_bug.cgi?id=208773

        Reviewed by Yusuke Suzuki.

        * html/OffscreenCanvas.h:

2020-03-07  Brent Fulgham  <bfulgham@apple.com>

        Create a flag to disable in-app browser quirks
        https://bugs.webkit.org/show_bug.cgi?id=208777
        <rdar://problem/60062197>

        Reviewed by Simon Fraser.

        This patch makes the following changes:

        1. Adds a new flag 'NeedsInAppBrowserPrivacyQuirks' to allow quirks to be toggled
           during testing.
        2. Reclassify this new flag, and the existing 'InAppBrowserPrivacyEnabled' flag from 
           'settings' to Internal Debug settings

        The renamed flags are covered by existing tests.

        * page/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::setNeedsInAppBrowserPrivacyQuirks):
        (WebCore::RuntimeEnabledFeatures::needsInAppBrowserPrivacyQuirks const):
        * page/Settings.yaml:

2020-03-07  Jer Noble  <jer.noble@apple.com>

        [GPUP] Implement Legacy EME API in the GPU Process
        https://bugs.webkit.org/show_bug.cgi?id=208402

        Reviewed by Eric Carlson.

        Prepare for running the LegacyCDM et. al. in the GPU process.

        Slightly modernize LegacyCDM to allow all methods representaing a LegacyCDMFactory to be WTF::Functions.

        Allow the list of registered factories to be cleared and reset at runtime.

        Modify WebKitMediaKeys to notify the MediaPlayer when the keys object is added to a HTMLMediaElement.

        Expose the pointer to the internal CDMPrivateInterface for use in WebKit.

        * Modules/encryptedmedia/legacy/LegacyCDM.cpp:
        (WebCore::LegacyCDM::platformRegisterFactories):
        (WebCore::installedCDMFactories):
        (WebCore::LegacyCDM::registerCDMFactory):
        (WebCore::LegacyCDMFactoryForKeySystem):
        (WebCore::LegacyCDM::supportsKeySystem):
        (WebCore::LegacyCDM::keySystemSupportsMimeType):
        (WebCore::LegacyCDM::LegacyCDM):
        (WebCore::LegacyCDM::createSession):
        * Modules/encryptedmedia/legacy/LegacyCDM.h:
        * Modules/encryptedmedia/legacy/WebKitMediaKeys.cpp:
        (WebCore::WebKitMediaKeys::setMediaElement):
        * WebCore.xcodeproj/project.pbxproj:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaEngineWasUpdated):
        * platform/graphics/LegacyCDMSession.h:
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::setCDM):
        * platform/graphics/MediaPlayer.h:
        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::setCDM):

2020-03-07  Jer Noble  <jer.noble@apple.com>

        [GPUP] LayoutTest debug assertion crashes: InitDataRegistry::registerInitDataType() called mulitple times with same type
        https://bugs.webkit.org/show_bug.cgi?id=208765

        Reviewed by Simon Fraser.

        Wrap calls to registerInitDataType() in a std::call_once, to ensure it's not called muliple times when
        platformRegisterFactories() is called multiple times.

        * platform/graphics/avfoundation/CDMFairPlayStreaming.cpp:
        (WebCore::CDMFactory::platformRegisterFactories):

2020-03-07  Simon Fraser  <simon.fraser@apple.com>

        Generalize setSynchronousScrollingReasons() to take a ScrollingNodeID
        https://bugs.webkit.org/show_bug.cgi?id=208774

        Reviewed by Zalan Bujtas.

        We'll be calling setSynchronousScrollingReasons() for overflow nodes at some point,
        so change the argument from FrameView to ScrollingNodeID.

        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::setSynchronousScrollingReasons):
        * page/scrolling/AsyncScrollingCoordinator.h:
        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::updateSynchronousScrollingReasons):
        * page/scrolling/ScrollingCoordinator.h:
        (WebCore::ScrollingCoordinator::setSynchronousScrollingReasons):

2020-03-07  Andres Gonzalez  <andresg_22@apple.com>

        REGRESSION: (r257760?) [ Mac wk2 Debug ] ASSERTION FAILED: child->parentObject() == this in WebCore::AccessibilityObject::insertChild
        https://bugs.webkit.org/show_bug.cgi?id=208648

        Reviewed by Chris Fleizach.

        [WebAccessibilityObjectWrapper textMarkerRangeFromVisiblePositions] must
        not update the backing store but instead just get the backing object.

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper textMarkerRangeFromVisiblePositions:endPosition:]):

2020-03-07  Ryosuke Niwa  <rniwa@webkit.org>

        TextManipulationController should work with ARIA labels
        https://bugs.webkit.org/show_bug.cgi?id=208759

        Reviewed by Wenson Hsieh.

        This patch makes TextManipulationController work with a few ARIA content attributes.

        It also makes observeParagraphs observe content across the entire document since canonicalizing
        the starting position can end up skipping some content with ARIA.

        Tests: TextManipulation.StartTextManipulationFindAttributeContent
               TextManipulation.CompleteTextManipulationShouldReplaceAttributeContent

        * editing/TextManipulationController.cpp:
        (WebCore::TextManipulationController::startObservingParagraphs): Now takes two Positions instead
        of two VisiblePositions.
        (WebCore::isAttributeForTextManipulation): Added.
        (WebCore::TextManipulationController::observeParagraphs): Added the code to find elements with
        ARIA attributes and a few other elements that don't generate RenderObject's.
        (WebCore::TextManipulationController::scheduleObservartionUpdate):
        (WebCore::TextManipulationController::addItem): Now takes ManipulationItemData instead of indivisual
        fields in it.
        (WebCore::TextManipulationController::replace): Added the logic to handle ManipulationItemData
        that specify element and attributeName.
        * editing/TextManipulationController.h:
        (WebCore::TextManipulationController::ManipulationItemData): Added element and attributeName.

2020-03-07  Megan Gardner  <megan_gardner@apple.com>

        Adopt UIContextMenu for WKFileUploadPanel
        https://bugs.webkit.org/show_bug.cgi?id=208687

        Reviewed by Tim Horton.

        New string, no tests needed.

        * en.lproj/Localizable.strings:

2020-03-07  Daniel Bates  <dabates@apple.com>

        [iOS] Implement support for dictation alternatives
        https://bugs.webkit.org/show_bug.cgi?id=208720
        <rdar://problem/58540114>

        Reviewed by Brent Fulgham.

        Part 3

        Separate code that is actually USE(AUTOCORRECTION_PANEL)-specific from code that can also
        be used when building with USE(DICTATION_ALTERNATIVES) enabled.

        Note that I haven't enable USE_DICTATION_ALTERNATIVES on iOS. So, this code isn't being
        compiled for iOS. I will do that in a subsequent change once after all the code is in place
        to do so.

        * SourcesCocoa.txt: Mark TextAlternativeWithRange.mm as @no-unify to fix build breakage when
        a unified source file includes both TextAlternativeWithRange.mm and a file that ultimately
        includes LengthBox.h (e.g. WebArchiveResourceFromNSAttributedString.mm). TextAlternativeWithRange.mm
        ultimately includes SFNTLayoutTypes.h, which defines a Fixed type that conflicts with enumerator
        Fixed (part of the LengthType enumeration) defined in Length.h. Ideally the LengthType enumeration
        would be an enum class or scoped to Length to avoid this ambiguity. This would be a big change to do
        and so for now I am fixing the build breakage using @no-unify.
        * WebCore.xcodeproj/project.pbxproj: Add TextAlternativeWithRange.mm to the project now that
        it is excluded from the unified build.
        * editing/AlternativeTextController.cpp:
        (WebCore::markerTypesForAppliedDictationAlternative):
        (WebCore::AlternativeTextController::alternativeTextClient):
        (WebCore::AlternativeTextController::markerDescriptionForAppliedAlternativeText):
        (WebCore::AlternativeTextController::applyAlternativeTextToRange):
        * editing/AlternativeTextController.h:

2020-03-07  Daniel Bates  <dabates@apple.com>

        [iOS] Implement support for dictation alternatives
        https://bugs.webkit.org/show_bug.cgi?id=208720
        <rdar://problem/58540114>

        Reviewed by Wenson Hsieh.

        Part 2

        Include UIKitSPI.h in TextAlternativeWithRange.mm to get the definition of NSTextAlternatives
        when building for iOS. Also while I am here, fix up some code style issues and use uniform
        initializer syntax.

        Note that I haven't enable USE_DICTATION_ALTERNATIVES on iOS. So, this code isn't being
        compiled for iOS. I will do that in a subsequent change once after all the code is in place
        to do so.

        * editing/mac/TextAlternativeWithRange.mm:
        (WebCore::TextAlternativeWithRange::TextAlternativeWithRange):

2020-03-07  Daniel Bates  <dabates@apple.com>

        [iOS] Implement support for dictation alternatives
        https://bugs.webkit.org/show_bug.cgi?id=208720
        <rdar://problem/58540114>

        Reviewed by Wenson Hsieh.

        Part 1

        Rename editing/mac/AlternativeTextUIController.{h, mm} to editing/cocoa/AlternativeTextUIController.{h, mm}
        as it can be shared by both Mac and iOS. I also took this opportunity to do some very minor modernization
        and cleanup to these files: use =default constructors and put the * on the right side for Objective-C types.

        Note that I haven't enable USE_DICTATION_ALTERNATIVES on iOS. So, this code isn't being
        compiled for iOS. I will do that in a subsequent change once after all the code is in place
        to do so.

        * SourcesCocoa.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * editing/cocoa/AlternativeTextContextController.h:
        * editing/cocoa/AlternativeTextContextController.mm: Added.
        (WebCore::AlternativeTextContextController::addAlternatives):
        (WebCore::AlternativeTextContextController::alternativesForContext):
        (WebCore::AlternativeTextContextController::removeAlternativesForContext):
        (WebCore::AlternativeTextContextController::clear):
        * editing/cocoa/AlternativeTextUIController.h: Renamed from Source/WebCore/editing/mac/AlternativeTextUIController.h.
        * editing/cocoa/AlternativeTextUIController.mm: Renamed from Source/WebCore/editing/mac/AlternativeTextUIController.mm.
        (WebCore::AlternativeTextUIController::addAlternatives):
        (WebCore::AlternativeTextUIController::alternativesForContext):
        (WebCore::AlternativeTextUIController::clear):
        (WebCore::AlternativeTextUIController::showAlternatives):
        (WebCore::AlternativeTextUIController::handleAcceptedAlternative):
        (WebCore::AlternativeTextUIController::dismissAlternatives):
        (WebCore::AlternativeTextUIController::removeAlternatives):

2020-03-07  Fujii Hironori  <Hironori.Fujii@sony.com>

        [CMake][Win] GenerateSettings.rb are invoked twice in WebCoreBindings.vcxproj and WebCoreTestSupportBindings.vcxproj
        https://bugs.webkit.org/show_bug.cgi?id=208771

        Reviewed by Konstantin Tokarev.

        CMake Visual Studio generator put a custom command of
        GenerateSettings.rb into both WebCoreBindings.vcxproj and
        WebCoreTestSupportBindings.vcxproj because both projects are
        using the generated files as source files. This causes
        unnecessary recompilation.

        The fundamental issue of this bug was fixed in CMake 3.12.
        <https://gitlab.kitware.com/cmake/cmake/issues/16767>
        All Windows ports are using newer CMake for Visual Studio 2019
        support.

        However, WebCoreTestSupportBindings needs to have a direct or
        indirect dependency to WebCoreBindings for CMake Visual Studio
        generator to eliminate duplicated custom commands. Otherwise,
        GenerateSettings.rb will be triggered in both projects.

        * CMakeLists.txt: Added a explicit dependency to WebCoreBindings
        for WebCoreTestSupportBindings.
        * WebCoreMacros.cmake: Removed stale comment.

2020-03-07  Eric Carlson  <eric.carlson@apple.com>

        Implement setWirelessPlaybackTarget, performTaskAtMediaTime, and wouldTaintOrigin in GPUProcess
        https://bugs.webkit.org/show_bug.cgi?id=208651
        <rdar://problem/60088298>

        Reviewed by Youenn Fablet.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::updateActiveTextTrackCues): Remove unused lambda parameter.

        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::performTaskAtMediaTime): Make MediaTime parameter const ref
        so it isn't copied.
        * platform/graphics/MediaPlayer.h:

        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::performTaskAtMediaTime): Ditto.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::performTaskAtMediaTime): Ditto.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::performTaskAtMediaTime): Ditto.

        * platform/graphics/avfoundation/objc/VideoLayerManagerObjC.mm:
        (WebCore::VideoLayerManagerObjC::setVideoFullscreenLayer): Don't set inline image
        contents if image is NULL.

2020-03-07  Brady Eidson  <beidson@apple.com>

        Add runtime flag for incremental PDF loading.
        https://bugs.webkit.org/show_bug.cgi?id=208763

        Reviewed by Tim Horton.

        * page/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::setIncrementalPDFLoadingEnabled):
        (WebCore::RuntimeEnabledFeatures::incrementalPDFLoadingEnabled const):

2020-03-07  Zalan Bujtas  <zalan@apple.com>

        [LFC][Verification] Use the table wrapper box's offset when matching out-of-flow tables
        https://bugs.webkit.org/show_bug.cgi?id=208769
        <rdar://problem/60191322>

        Reviewed by Antti Koivisto.

        In LFC, an out-of-flow table initiates a wrapper table box (out-of-flow) and a child table box (in-flow).
        Apply the wrapper table box's offset, when matching the display and the render tree.

        Test: fast/layoutformattingcontext/absolute-positioned-simple-table2.html

        * layout/Verification.cpp:
        (WebCore::Layout::outputMismatchingBlockBoxInformationIfNeeded):

2020-03-07  Darin Adler  <darin@apple.com>

        Make Editor::applyEditingStyleToBodyElement do things in a straightforward manner
        https://bugs.webkit.org/show_bug.cgi?id=208177

        Reviewed by Wenson Hsieh.

        * editing/Editor.cpp:
        (WebCore::Editor::applyEditingStyleToBodyElement const): Use Document::body and
        StyledElement::setInlineStyleProperty to apply styles to the body. The older code
        was looping over all body elements in the document, for no good reason, and using
        the CSS object model wrapper object for the styles, also for no good reason.

2020-03-05  Sam Weinig  <weinig@apple.com>

        Move JavaScriptCore related feature defines from FeatureDefines.xcconfig to PlatformEnableCocoa.h
        https://bugs.webkit.org/show_bug.cgi?id=207436
        <rdar://problem/59296762>

        Reviewed by Darin Adler.

        * Configurations/FeatureDefines.xcconfig:
        Remove JSC related defines.

2020-03-07  Chris Fleizach  <cfleizach@apple.com>

        AX: Provide a way to run tests in isolated tree mode
        https://bugs.webkit.org/show_bug.cgi?id=208629
        <rdar://problem/60075583>

        Reviewed by Ryosuke Niwa.

        Now that we have a way to run this with tests, we don't need to allow usage for an unknown client.

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::clientSupportsIsolatedTree):

2020-03-07  Zalan Bujtas  <zalan@apple.com>

        [LFC][IFC] Use start-aligned horizontal adjustment when justify is not eligible.
        https://bugs.webkit.org/show_bug.cgi?id=208762
        <rdar://problem/60188433>

        Reviewed by Antti Koivisto.

        Make sure we apply "text-align: start" when "text-align: justify" is not eligible.
        Currently "text-align: start" is a no-op, so no chnange in functionality (this might change in the future).

        * layout/inlineformatting/InlineLineBuilder.cpp:
        (WebCore::Layout::LineBuilder::alignHorizontally):
        (WebCore::Layout::LineBuilder::removeTrailingTrimmableContent):
        * layout/inlineformatting/InlineLineBuilder.h:
        (WebCore::Layout::LineBuilder::isTextAlignJustify const): Deleted.
        (WebCore::Layout::LineBuilder::isTextAlignRight const): Deleted.

2020-03-07  Zalan Bujtas  <zalan@apple.com>

        [LFC][IFC] Do not text-align: justify the runs on the current line if they are followed by a forced break
        https://bugs.webkit.org/show_bug.cgi?id=208761
        <rdar://problem/59825136>

        Reviewed by Antti Koivisto.

        https://www.w3.org/TR/css-text-3/#text-align-property
        "Text is justified according to the method specified by the text-justify property,
        in order to exactly fill the line box. Unless otherwise specified by text-align-last,
        the last line before a forced break or the end of the block is start-aligned."

        Test: fast/text/text-align-justify-and-forced-line-break.html

        * layout/inlineformatting/InlineLineBuilder.cpp:
        (WebCore::Layout::LineBuilder::alignHorizontally):

2020-03-07  Konstantin Tokarev  <annulen@yandex.ru>

        REGRESSION(r257975): [GTK][WPE] Build failure after a clean build
        https://bugs.webkit.org/show_bug.cgi?id=208711

        Reviewed by Yusuke Suzuki.

        Make sure that InternalSettingsGenerated,idl is generated before bindings
        generation starts.

        Also, make IDL preprocessor die if specified IDL file is missing, instead
        of going on silently.

        * CMakeLists.txt:
        * WebCoreMacros.cmake:
        * bindings/scripts/preprocess-idls.pl:
        (getFileContents):

2020-03-07  Andres Gonzalez  <andresg_22@apple.com>

        AXIsolatedObject support for documentLinks.
        https://bugs.webkit.org/show_bug.cgi?id=208734

        Reviewed by Chris Fleizach.

        - Expose documentLinks through the AXCoreObject interface, so that
        wrapper code works for both AXObject and AXIsolatedObjects.
        - Struct NodeChange now retains wrapper which was causing crash as the
        wrapper was destroyed before it was attached to the IsolatedObject.

        * accessibility/AccessibilityObject.h:
        * accessibility/AccessibilityObjectInterface.h:
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::documentLinks):
        (WebCore::AccessibilityRenderObject::getDocumentLinks): Deleted.
        * accessibility/AccessibilityRenderObject.h:
        * accessibility/isolatedtree/AXIsolatedObject.cpp:
        (WebCore::AXIsolatedObject::initializeAttributeData):
        * accessibility/isolatedtree/AXIsolatedObject.h:
        * accessibility/isolatedtree/AXIsolatedTree.cpp:
        (WebCore::AXIsolatedTree::setFocusedNode):
        (WebCore::AXIsolatedTree::applyPendingChanges):
        * accessibility/isolatedtree/AXIsolatedTree.h:
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):

2020-03-07  chris fleizach  <cfleizach@apple.com>

        Unreviewed, rolling out r258047.

        Referenced SPI not yet available for Safari builders.

        Reverted changeset:

        "Implementation of AccessibilitySupport AXSIsolatedTreeMode."
        https://bugs.webkit.org/show_bug.cgi?id=208691
        https://trac.webkit.org/changeset/258047

2020-03-06  David Kilzer  <ddkilzer@apple.com>

        REGRESSION (r258051): WinCairo/WPE/GTK build failures
        <https://bugs.webkit.org/show_bug.cgi?id=208621>
        <rdar://problem/60068047>

        * Headers.cmake:
        (WebCore_PRIVATE_FRAMEWORK_HEADERS): Add html/ImageData.h to
        attempt a build fix.

2020-03-06  Yusuke Suzuki  <ysuzuki@apple.com>

        Put remaining fixed-sized cells into IsoSubspace
        https://bugs.webkit.org/show_bug.cgi?id=208754

        Reviewed by Keith Miller.

        * bindings/js/JSDOMIterator.h:
        * bindings/scripts/CodeGeneratorJS.pm:
        (GeneratePrototypeDeclaration):
        * bindings/scripts/test/JS/JSInterfaceName.cpp:
        * bindings/scripts/test/JS/JSMapLike.cpp:
        * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
        * bindings/scripts/test/JS/JSReadOnlySetLike.cpp:
        * bindings/scripts/test/JS/JSSetLike.cpp:
        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        (WebCore::JSTestActiveDOMObjectConstructor::prototypeForStructure):
        * bindings/scripts/test/JS/JSTestCEReactions.cpp:
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
        * bindings/scripts/test/JS/JSTestCallTracer.cpp:
        (WebCore::JSTestCallTracerConstructor::prototypeForStructure):
        * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
        * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
        * bindings/scripts/test/JS/JSTestEnabledBySetting.cpp:
        * bindings/scripts/test/JS/JSTestEnabledForContext.cpp:
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        * bindings/scripts/test/JS/JSTestException.cpp:
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
        * bindings/scripts/test/JS/JSTestGlobalObject.h:
        * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp:
        * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        (WebCore::JSTestInterfaceConstructor::construct):
        * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp:
        * bindings/scripts/test/JS/JSTestIterable.cpp:
        * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp:
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp:
        * bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp:
        * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp:
        (WebCore::JSTestNamedSetterWithUnforgablePropertiesConstructor::prototypeForStructure):
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp:
        (WebCore::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltinsConstructor::prototypeForStructure):
        * bindings/scripts/test/JS/JSTestNode.cpp:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::JSTestObjConstructor::construct):
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
        * bindings/scripts/test/JS/JSTestPluginInterface.cpp:
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:
        * bindings/scripts/test/JS/JSTestSerialization.cpp:
        * bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.cpp:
        * bindings/scripts/test/JS/JSTestSerializationInherit.cpp:
        * bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp:
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
        * bindings/scripts/test/JS/JSTestStringifier.cpp:
        * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp:
        * bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp:
        * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp:
        * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp:
        * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp:
        * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp:
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        (WebCore::JSTestTypedefsConstructor::construct):

2020-03-06  Simon Fraser  <simon.fraser@apple.com>

        Fix scrolling tree hit-testing on scrolled and zoomed pages
        https://bugs.webkit.org/show_bug.cgi?id=208755

        Reviewed by Zalan Bujtas.

        Map the hit-test point from view to content coordinates before hit-testing the scrolling tree.

        Tests: fast/scrolling/mac/overflow-scrolled-document.html
               fast/scrolling/mac/overflow-zoomed-document.html

        * page/scrolling/ScrollingTree.cpp:
        (WebCore::ScrollingTree::handleWheelEvent):

2020-03-06  Alex Christensen  <achristensen@webkit.org>

        Add SPI to disable cross origin access control checks
        https://bugs.webkit.org/show_bug.cgi?id=208748
        <rdar://problem/59861114>

        Reviewed by Tim Hatcher.

        Because loading is done process-globally in the WebProcess, use a CrossOriginAccessControlCheckDisabler::singleton for those checks.
        Pass a parameter to the NetworkResourceLoaders to disable these checks only for loads from a web process without access control checks.
        As long as we're changing the signature of passesAccessControlCheck, make it return an Expected instead of a bool with an out parameter.

        * loader/CrossOriginAccessControl.cpp:
        (WebCore::CrossOriginAccessControlCheckDisabler::singleton):
        (WebCore::CrossOriginAccessControlCheckDisabler::setCrossOriginAccessControlCheckEnabled):
        (WebCore::CrossOriginAccessControlCheckDisabler::crossOriginAccessControlCheckEnabled const):
        (WebCore::passesAccessControlCheck):
        (WebCore::validatePreflightResponse):
        * loader/CrossOriginAccessControl.h:
        * loader/CrossOriginPreflightChecker.cpp:
        (WebCore::CrossOriginPreflightChecker::validatePreflightResponse):
        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::loadRequest):
        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::willSendRequestInternal):
        (WebCore::SubresourceLoader::didReceiveResponse):
        (WebCore::SubresourceLoader::checkResponseCrossOriginAccessControl):
        (WebCore::SubresourceLoader::checkRedirectionCrossOriginAccessControl):
        * loader/SubresourceLoader.h:
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::loadFrom):

2020-03-06  Myles C. Maxfield  <mmaxfield@apple.com>

        [GPU Process] Implement CanvasRenderingContext2D.putImageData()
        https://bugs.webkit.org/show_bug.cgi?id=208621
        <rdar://problem/60068047>

        Reviewed by Simon Fraser.

        putImageData() is implemented just as a DisplayListItem. Conceptually, it's the
        same as a draw command. Unfortunately, it can't be implemented on top of
        GraphicsContext, and instead has to be implemented on top of ImageBuffer, so
        this patch also adds a delegate to DisplayList::Replayer which can implement the
        commands that require an ImageBuffer. This moves in the direction of making the
        display list raw data, and moving the applier functions somewhere else at a
        higher level.

        Implementing this as a DisplayListItem rather than its own IPC message is superior
        because it gives us more control about when to flush the in-flight display list.

        There is still a few unnecessary copies - we're copying into / out of a SharedData
        during encoding. Being able to either have the ImageBuffer retain the SharedBuffer,
        or have putImageData() have an overload which accepts a SharedBuffer, would be a
        good opportunity for improvement.

        Test: fast/canvas/putImageData-multiple.html

        * html/ImageData.cpp:
        (WebCore::ImageData::deepClone const):
        * html/ImageData.h:
        * platform/graphics/AlphaPremultiplication.h:
        * platform/graphics/GraphicsContext.h:
        (WebCore::GraphicsContext::impl):
        * platform/graphics/displaylists/DisplayList.h:
        * platform/graphics/displaylists/DisplayListDrawingContext.cpp:
        (WebCore::DisplayList::DrawingContext::recorder):
        * platform/graphics/displaylists/DisplayListDrawingContext.h:
        * platform/graphics/displaylists/DisplayListItems.cpp:
        (WebCore::DisplayList::Item::sizeInBytes):
        (WebCore::DisplayList::PutImageData::PutImageData):
        (WebCore::DisplayList::PutImageData::apply const):
        (WebCore::DisplayList::operator<<):
        * platform/graphics/displaylists/DisplayListItems.h:
        (WebCore::DisplayList::DrawingItem::globalBounds const):
        (WebCore::DisplayList::PutImageData::create):
        (WebCore::DisplayList::PutImageData::inputFormat const):
        (WebCore::DisplayList::PutImageData::imageData const):
        (WebCore::DisplayList::PutImageData::srcRect const):
        (WebCore::DisplayList::PutImageData::destPoint const):
        (WebCore::DisplayList::PutImageData::encode const):
        (WebCore::DisplayList::PutImageData::decode):
        (WebCore::DisplayList::Item::encode const):
        (WebCore::DisplayList::Item::decode):
        * platform/graphics/displaylists/DisplayListRecorder.cpp:
        (WebCore::DisplayList::Recorder::putImageData):
        (WebCore::DisplayList::Recorder::updateItemExtent const):
        * platform/graphics/displaylists/DisplayListRecorder.h:
        * platform/graphics/displaylists/DisplayListReplayer.cpp:
        (WebCore::DisplayList::Replayer::Replayer):
        (WebCore::DisplayList::Replayer::replay):
        * platform/graphics/displaylists/DisplayListReplayer.h:
        (WebCore::DisplayList::Replayer::Delegate::~Delegate):
        (WebCore::DisplayList::Replayer::Delegate::apply):

2020-03-06  Daniel Bates  <dabates@apple.com>

        Add support for inserting and removing a text placeholder
        https://bugs.webkit.org/show_bug.cgi?id=208661
        <rdar://problem/59371073>

        Reviewed by Simon Fraser and Ryosuke Niwa.

        Implements the concept of a text placeholder, which is an element that acts like whitespace:
        it takes up space in the page layout, but has no visual appearance.

        Tests: editing/text-placeholder/insert-and-remove-into-text-field.html
               editing/text-placeholder/insert-into-content-editable.html
               editing/text-placeholder/insert-into-empty-text-field.html
               editing/text-placeholder/insert-into-text-field-in-iframe.html
               editing/text-placeholder/insert-into-text-field.html

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * dom/Element.h:
        (WebCore::Element::isTextPlaceholderElement const): Added. Defaults to false. I override this
        in TextPlaceholderElement.h.

        * editing/Editor.cpp:
        (WebCore::Editor::insertTextPlaceholder):
        (WebCore::Editor::removeTextPlaceholder):
        Insert a new placeholder or remove an existing one.

        * editing/Editor.h:
        * html/shadow/TextPlaceholderElement.cpp: Added.
        (WebCore::TextPlaceholderElement::create):
        (WebCore::TextPlaceholderElement::TextPlaceholderElement): Set inline styles to size the placeholder.
        (WebCore::TextPlaceholderElement::insertedIntoAncestor): If the placeholder is inserted inside an
        HTMLTextFormControlElement (e.g. <input> or <textarea>) then hide the HTML placeholder text.
        (WebCore::TextPlaceholderElement::removedFromAncestor): If the placeholder was removed from inside
        an HTMLTextFormControlElement then show the HTML placeholder text.
        * html/shadow/TextPlaceholderElement.h:
        (isType):
        * testing/Internals.cpp:
        (WebCore::Internals::insertTextPlaceholder): Added.
        (WebCore::Internals::removeTextPlaceholder): Added.
        * testing/Internals.h:
        * testing/Internals.idl:

2020-03-06  Andres Gonzalez  <andresg_22@apple.com>

        Implementation of AccessibilitySupport AXSIsolatedTreeMode.
        https://bugs.webkit.org/show_bug.cgi?id=208691

        Reviewed by Chris Fleizach.

        Support for the AccessibilitySupport AXIsolatedTreMode accessibility setting.

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::isolatedTreeFocusedObject):
        (WebCore::AXObjectCache::focusedUIElementForPage):
        (WebCore::AXObjectCache::isIsolatedTreeEnabled):
        (WebCore::AXObjectCache::rootObject):
        (WebCore::AXObjectCache::isolatedTreeRootObject):
        (WebCore::AXObjectCache::canUseSecondaryAXThread):
        * accessibility/AXObjectCache.h:
        * accessibility/mac/WebAccessibilityObjectWrapperBase.mm:
        (-[WebAccessibilityObjectWrapperBase detach]):
        (-[WebAccessibilityObjectWrapperBase axBackingObject]):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper additionalAccessibilityAttributeNames]):

2020-03-06  Simon Fraser  <simon.fraser@apple.com>

        Hit-test CALayers on the scrolling thread for async frame/overflow scrolling
        https://bugs.webkit.org/show_bug.cgi?id=208740
        <rdar://problem/48028836>

        Reviewed by Tim Horton.

        Implement hit-testing in the scrolling thread so we can determine which overflow/subframe
        to scroll without hitting the main thread.

        ScrollingTreeMac overrides scrollingNodeForPoint() and hit-tests through CALayers, starting at the
        root content layer. Locking ensures that the CALayer tree doesn't change while we're hit-testing it.
        We collect layers for the given point in back-to-front order much like the iOS code _web_findDescendantViewAtPoint
        (too different to share though), and consult event regions on PlatformCALayerCocoa's to determine if the
        point is inside the part of the layer that should receive events.

        To handle the complex stacking/containing block cases, isScrolledBy() consults the scrolling tree.

        For testing, fix it so that multiple calls to monitorWheelEvents() in a single test each start
        with clean state.

        Tests: fast/scrolling/mac/absolute-in-overflow-scroll.html
               fast/scrolling/mac/async-scroll-overflow.html
               fast/scrolling/mac/move-node-in-overflow-scroll.html
               fast/scrolling/mac/overlapped-overflow-scroll.html

        * page/scrolling/ScrollingTree.cpp:
        (WebCore::ScrollingTree::handleWheelEvent):
        (WebCore::ScrollingTree::scrollingNodeForPoint):
        * page/scrolling/ScrollingTree.h:
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h:
        * page/scrolling/mac/ScrollingTreeMac.h:
        * page/scrolling/mac/ScrollingTreeMac.mm:
        (collectDescendantLayersAtPoint):
        (scrollingNodeIDForLayer):
        (isScrolledBy):
        (ScrollingTreeMac::scrollingNodeForPoint):
        * testing/js/WebCoreTestSupport.cpp:
        (WebCoreTestSupport::monitorWheelEvents): Make sure that each call to eventSender.monitorWheelEvents() clears previous state.

2020-03-06  Jer Noble  <jer.noble@apple.com>

        [GPUP] Convert CDMFactory away from platformStrategies() and use WebProcess settings instead
        https://bugs.webkit.org/show_bug.cgi?id=208699

        Reviewed by Youenn Fablet.

        * platform/MediaStrategy.h:
        * platform/encryptedmedia/CDMFactory.cpp:

2020-03-06  Ryosuke Niwa  <rniwa@webkit.org>

        TextManipulationController should preserve images
        https://bugs.webkit.org/show_bug.cgi?id=208692

        Reviewed by Wenson Hsieh.

        This patch makes TextManipulationController preserve images (img and SVG) and their ordering,
        and lays down the foundation for preserving other non-text content.

        To do this, this patch introduces ParagraphContentIterator which wraps TextIterator and introduces
        a secondary node iteration which detects all ndoes that have been skipped. Ideally, we would update
        TextIterator to do this natively but this is tricky due to the multitude of the node traveral options
        supported by TextIterator at the moment. ParagraphContentIterator::advance stops at every node
        including ones that do not generate text in TextIterator. This also allows more code sharing between
        TextManipulationController's observeParagraphs and replace functions.

        For now, we special case nodes with RenderReplaced like img element and the root SVG element.

        Tests: TextManipulation.CompleteTextManipulationShouldPreserveImagesAsExcludedTokens
               TextManipulation.CompleteTextManipulationShouldPreserveSVGAsExcludedTokens
               TextManipulation.CompleteTextManipulationShouldPreserveOrderOfBlockImage

        * editing/TextManipulationController.cpp:
        (WebCore::ParagraphContentIterator): Added.
        (WebCore::ParagraphContentIterator::ParagraphContentIterator): Added.
        (WebCore::ParagraphContentIterator::advance): Added.
        (WebCore::ParagraphContentIterator::currentContent): Added.
        (WebCore::ParagraphContentIterator::startPosition): Added.
        (WebCore::ParagraphContentIterator::endPosition): Added.
        (WebCore::ParagraphContentIterator::atEnd const): Added.
        (WebCore::ParagraphContentIterator::moveCurrentNodeForward): Added.
        (WebCore::TextManipulationController::observeParagraphs): Adopted ParagraphContentIterator. For
        nodes with RenderReplaced, we generate an excluded token "[]". Removed the dead code which was
        creating a subrange from TextIterator, and renamed the previously misleadingly named endOfLastNewLine
        to startOfCurrentLine for clarity.
        (WebCore::TextManipulationController::replace): Adopted ParagraphContentIterator. Fixed a bug that
        excluded content were always assumed to be text, and a bug that the replaced content was inserted
        at a wrong location when insertionPoint is a position anchored at a node being removed. Also fixed
        an obvious bug that we were inserting root replaced contents at the position before a node which
        appears immediately before insertionPoint instead of after; this also resulted in the replaced content
        being inserted at a wrong location in some cases.

2020-03-06  Andres Gonzalez  <andresg_22@apple.com>

        Crash accessing AXIsolatedObject::m_childrenIDS from removeSubtree on the main thread.
        https://bugs.webkit.org/show_bug.cgi?id=208728

        Reviewed by Chris Fleizach.

        AXIsolatedTree::removeSubtree was accessing AXIsolatedObject::m_childrenIDs
        on the main thread to remove all descendants recursively. But the lock
        had to be unlocked and locked again on each iteration, creating problems
        if the secondary thread modifies the children in between iterations.
        The solution in this patch is to eliminate removeSubtree, and make
        removeNode and applyPendingChanges to remove all descendants.

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::updateIsolatedTree):
        * accessibility/isolatedtree/AXIsolatedTree.cpp:
        (WebCore::AXIsolatedTree::appendNodeChanges): Renamed local vars to make it clearer.
        (WebCore::AXIsolatedTree::applyPendingChanges):
        (WebCore::AXIsolatedTree::removeSubtree): Deleted.
        * accessibility/isolatedtree/AXIsolatedTree.h:

2020-03-06  Yusuke Suzuki  <ysuzuki@apple.com>

        JSDOMIterator classes should be in IsoSubspace
        https://bugs.webkit.org/show_bug.cgi?id=208705

        Reviewed by Sam Weinig.

        JSDOMIterator should be allocated in IsoSubspace. So we can put all WebCore related cells into IsoSubspaces.
        To collect all iterator subspaces in DOMIsoSubspaces class, we scan `iterable<...>` pattern in preprocess-idls.pl.
        Then, we create a class for each DOM iterator instead of using `using XXXIterator = JSDOMIterator<...>` to put
        subspaceFor implementation easily. And we rename JSDOMIterator to JSDOMIteratorBase to explicitly state that
        this is Base class of actual iterators.

        * bindings/js/JSDOMIterator.h:
        (WebCore::JSDOMIteratorBase::JSDOMIteratorBase):
        (WebCore::IteratorTraits>::asJS):
        (WebCore::IteratorTraits>::destroy):
        (WebCore::IteratorTraits>::next):
        (WebCore::JSDOMIterator::createStructure): Deleted.
        (WebCore::JSDOMIterator::create): Deleted.
        (WebCore::JSDOMIterator::createPrototype): Deleted.
        (WebCore::JSDOMIterator::JSDOMIterator): Deleted.
        * bindings/js/JSDOMWrapper.h:
        (WebCore::JSDOMObject::subspaceFor):
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateIterableDefinition):
        (GeneratePrototypeDeclaration):
        * bindings/scripts/preprocess-idls.pl:
        (interfaceIsIterable):
        * bindings/scripts/test/JS/JSInterfaceName.cpp:
        (WebCore::JSInterfaceNamePrototype::create): Deleted.
        (WebCore::JSInterfaceNamePrototype::createStructure): Deleted.
        (WebCore::JSInterfaceNamePrototype::JSInterfaceNamePrototype): Deleted.
        * bindings/scripts/test/JS/JSMapLike.cpp:
        (WebCore::JSMapLikePrototype::create): Deleted.
        (WebCore::JSMapLikePrototype::createStructure): Deleted.
        (WebCore::JSMapLikePrototype::JSMapLikePrototype): Deleted.
        * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
        (WebCore::JSReadOnlyMapLikePrototype::create): Deleted.
        (WebCore::JSReadOnlyMapLikePrototype::createStructure): Deleted.
        (WebCore::JSReadOnlyMapLikePrototype::JSReadOnlyMapLikePrototype): Deleted.
        * bindings/scripts/test/JS/JSReadOnlySetLike.cpp:
        (WebCore::JSReadOnlySetLikePrototype::create): Deleted.
        (WebCore::JSReadOnlySetLikePrototype::createStructure): Deleted.
        (WebCore::JSReadOnlySetLikePrototype::JSReadOnlySetLikePrototype): Deleted.
        * bindings/scripts/test/JS/JSSetLike.cpp:
        (WebCore::JSSetLikePrototype::create): Deleted.
        (WebCore::JSSetLikePrototype::createStructure): Deleted.
        (WebCore::JSSetLikePrototype::JSSetLikePrototype): Deleted.
        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        (WebCore::JSTestActiveDOMObjectConstructor::prototypeForStructure):
        (WebCore::JSTestActiveDOMObjectPrototype::create): Deleted.
        (WebCore::JSTestActiveDOMObjectPrototype::createStructure): Deleted.
        (WebCore::JSTestActiveDOMObjectPrototype::JSTestActiveDOMObjectPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestCEReactions.cpp:
        (WebCore::JSTestCEReactionsPrototype::create): Deleted.
        (WebCore::JSTestCEReactionsPrototype::createStructure): Deleted.
        (WebCore::JSTestCEReactionsPrototype::JSTestCEReactionsPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
        (WebCore::JSTestCEReactionsStringifierPrototype::create): Deleted.
        (WebCore::JSTestCEReactionsStringifierPrototype::createStructure): Deleted.
        (WebCore::JSTestCEReactionsStringifierPrototype::JSTestCEReactionsStringifierPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestCallTracer.cpp:
        (WebCore::JSTestCallTracerConstructor::prototypeForStructure):
        (WebCore::JSTestCallTracerPrototype::create): Deleted.
        (WebCore::JSTestCallTracerPrototype::createStructure): Deleted.
        (WebCore::JSTestCallTracerPrototype::JSTestCallTracerPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
        (WebCore::JSTestClassWithJSBuiltinConstructorPrototype::create): Deleted.
        (WebCore::JSTestClassWithJSBuiltinConstructorPrototype::createStructure): Deleted.
        (WebCore::JSTestClassWithJSBuiltinConstructorPrototype::JSTestClassWithJSBuiltinConstructorPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
        (WebCore::JSTestDOMJITPrototype::create): Deleted.
        (WebCore::JSTestDOMJITPrototype::createStructure): Deleted.
        (WebCore::JSTestDOMJITPrototype::JSTestDOMJITPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestEnabledBySetting.cpp:
        (WebCore::JSTestEnabledBySettingPrototype::create): Deleted.
        (WebCore::JSTestEnabledBySettingPrototype::createStructure): Deleted.
        (WebCore::JSTestEnabledBySettingPrototype::JSTestEnabledBySettingPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestEnabledForContext.cpp:
        (WebCore::JSTestEnabledForContextPrototype::create): Deleted.
        (WebCore::JSTestEnabledForContextPrototype::createStructure): Deleted.
        (WebCore::JSTestEnabledForContextPrototype::JSTestEnabledForContextPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        (WebCore::JSTestEventConstructorPrototype::create): Deleted.
        (WebCore::JSTestEventConstructorPrototype::createStructure): Deleted.
        (WebCore::JSTestEventConstructorPrototype::JSTestEventConstructorPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        (WebCore::JSTestEventTargetPrototype::create): Deleted.
        (WebCore::JSTestEventTargetPrototype::createStructure): Deleted.
        (WebCore::JSTestEventTargetPrototype::JSTestEventTargetPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestException.cpp:
        (WebCore::JSTestExceptionPrototype::create): Deleted.
        (WebCore::JSTestExceptionPrototype::createStructure): Deleted.
        (WebCore::JSTestExceptionPrototype::JSTestExceptionPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
        (WebCore::JSTestGenerateIsReachablePrototype::create): Deleted.
        (WebCore::JSTestGenerateIsReachablePrototype::createStructure): Deleted.
        (WebCore::JSTestGenerateIsReachablePrototype::JSTestGenerateIsReachablePrototype): Deleted.
        * bindings/scripts/test/JS/JSTestGlobalObject.h:
        (WebCore::JSTestGlobalObjectPrototype::create): Deleted.
        (WebCore::JSTestGlobalObjectPrototype::createStructure): Deleted.
        (WebCore::JSTestGlobalObjectPrototype::JSTestGlobalObjectPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp:
        (WebCore::JSTestIndexedSetterNoIdentifierPrototype::create): Deleted.
        (WebCore::JSTestIndexedSetterNoIdentifierPrototype::createStructure): Deleted.
        (WebCore::JSTestIndexedSetterNoIdentifierPrototype::JSTestIndexedSetterNoIdentifierPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp:
        (WebCore::JSTestIndexedSetterThrowingExceptionPrototype::create): Deleted.
        (WebCore::JSTestIndexedSetterThrowingExceptionPrototype::createStructure): Deleted.
        (WebCore::JSTestIndexedSetterThrowingExceptionPrototype::JSTestIndexedSetterThrowingExceptionPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp:
        (WebCore::JSTestIndexedSetterWithIdentifierPrototype::create): Deleted.
        (WebCore::JSTestIndexedSetterWithIdentifierPrototype::createStructure): Deleted.
        (WebCore::JSTestIndexedSetterWithIdentifierPrototype::JSTestIndexedSetterWithIdentifierPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        (WebCore::JSTestInterfaceConstructor::construct):
        (WebCore::jsTestInterfacePrototypeFunctionEntriesCaller):
        (WebCore::JSTestInterfacePrototype::create): Deleted.
        (WebCore::JSTestInterfacePrototype::createStructure): Deleted.
        (WebCore::JSTestInterfacePrototype::JSTestInterfacePrototype): Deleted.
        * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp:
        (WebCore::JSTestInterfaceLeadingUnderscorePrototype::create): Deleted.
        (WebCore::JSTestInterfaceLeadingUnderscorePrototype::createStructure): Deleted.
        (WebCore::JSTestInterfaceLeadingUnderscorePrototype::JSTestInterfaceLeadingUnderscorePrototype): Deleted.
        * bindings/scripts/test/JS/JSTestIterable.cpp:
        (WebCore::jsTestIterablePrototypeFunctionEntriesCaller):
        (WebCore::JSTestIterablePrototype::create): Deleted.
        (WebCore::JSTestIterablePrototype::createStructure): Deleted.
        (WebCore::JSTestIterablePrototype::JSTestIterablePrototype): Deleted.
        * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
        (WebCore::JSTestJSBuiltinConstructorPrototype::create): Deleted.
        (WebCore::JSTestJSBuiltinConstructorPrototype::createStructure): Deleted.
        (WebCore::JSTestJSBuiltinConstructorPrototype::JSTestJSBuiltinConstructorPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
        (WebCore::JSTestMediaQueryListListenerPrototype::create): Deleted.
        (WebCore::JSTestMediaQueryListListenerPrototype::createStructure): Deleted.
        (WebCore::JSTestMediaQueryListListenerPrototype::JSTestMediaQueryListListenerPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp:
        (WebCore::JSTestNamedAndIndexedSetterNoIdentifierPrototype::create): Deleted.
        (WebCore::JSTestNamedAndIndexedSetterNoIdentifierPrototype::createStructure): Deleted.
        (WebCore::JSTestNamedAndIndexedSetterNoIdentifierPrototype::JSTestNamedAndIndexedSetterNoIdentifierPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp:
        (WebCore::JSTestNamedAndIndexedSetterThrowingExceptionPrototype::create): Deleted.
        (WebCore::JSTestNamedAndIndexedSetterThrowingExceptionPrototype::createStructure): Deleted.
        (WebCore::JSTestNamedAndIndexedSetterThrowingExceptionPrototype::JSTestNamedAndIndexedSetterThrowingExceptionPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp:
        (WebCore::JSTestNamedAndIndexedSetterWithIdentifierPrototype::create): Deleted.
        (WebCore::JSTestNamedAndIndexedSetterWithIdentifierPrototype::createStructure): Deleted.
        (WebCore::JSTestNamedAndIndexedSetterWithIdentifierPrototype::JSTestNamedAndIndexedSetterWithIdentifierPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
        (WebCore::JSTestNamedConstructorPrototype::create): Deleted.
        (WebCore::JSTestNamedConstructorPrototype::createStructure): Deleted.
        (WebCore::JSTestNamedConstructorPrototype::JSTestNamedConstructorPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp:
        (WebCore::JSTestNamedDeleterNoIdentifierPrototype::create): Deleted.
        (WebCore::JSTestNamedDeleterNoIdentifierPrototype::createStructure): Deleted.
        (WebCore::JSTestNamedDeleterNoIdentifierPrototype::JSTestNamedDeleterNoIdentifierPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp:
        (WebCore::JSTestNamedDeleterThrowingExceptionPrototype::create): Deleted.
        (WebCore::JSTestNamedDeleterThrowingExceptionPrototype::createStructure): Deleted.
        (WebCore::JSTestNamedDeleterThrowingExceptionPrototype::JSTestNamedDeleterThrowingExceptionPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp:
        (WebCore::JSTestNamedDeleterWithIdentifierPrototype::create): Deleted.
        (WebCore::JSTestNamedDeleterWithIdentifierPrototype::createStructure): Deleted.
        (WebCore::JSTestNamedDeleterWithIdentifierPrototype::JSTestNamedDeleterWithIdentifierPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp:
        (WebCore::JSTestNamedDeleterWithIndexedGetterPrototype::create): Deleted.
        (WebCore::JSTestNamedDeleterWithIndexedGetterPrototype::createStructure): Deleted.
        (WebCore::JSTestNamedDeleterWithIndexedGetterPrototype::JSTestNamedDeleterWithIndexedGetterPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp:
        (WebCore::JSTestNamedGetterCallWithPrototype::create): Deleted.
        (WebCore::JSTestNamedGetterCallWithPrototype::createStructure): Deleted.
        (WebCore::JSTestNamedGetterCallWithPrototype::JSTestNamedGetterCallWithPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp:
        (WebCore::JSTestNamedGetterNoIdentifierPrototype::create): Deleted.
        (WebCore::JSTestNamedGetterNoIdentifierPrototype::createStructure): Deleted.
        (WebCore::JSTestNamedGetterNoIdentifierPrototype::JSTestNamedGetterNoIdentifierPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp:
        (WebCore::JSTestNamedGetterWithIdentifierPrototype::create): Deleted.
        (WebCore::JSTestNamedGetterWithIdentifierPrototype::createStructure): Deleted.
        (WebCore::JSTestNamedGetterWithIdentifierPrototype::JSTestNamedGetterWithIdentifierPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp:
        (WebCore::JSTestNamedSetterNoIdentifierPrototype::create): Deleted.
        (WebCore::JSTestNamedSetterNoIdentifierPrototype::createStructure): Deleted.
        (WebCore::JSTestNamedSetterNoIdentifierPrototype::JSTestNamedSetterNoIdentifierPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp:
        (WebCore::JSTestNamedSetterThrowingExceptionPrototype::create): Deleted.
        (WebCore::JSTestNamedSetterThrowingExceptionPrototype::createStructure): Deleted.
        (WebCore::JSTestNamedSetterThrowingExceptionPrototype::JSTestNamedSetterThrowingExceptionPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp:
        (WebCore::JSTestNamedSetterWithIdentifierPrototype::create): Deleted.
        (WebCore::JSTestNamedSetterWithIdentifierPrototype::createStructure): Deleted.
        (WebCore::JSTestNamedSetterWithIdentifierPrototype::JSTestNamedSetterWithIdentifierPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp:
        (WebCore::JSTestNamedSetterWithIndexedGetterPrototype::create): Deleted.
        (WebCore::JSTestNamedSetterWithIndexedGetterPrototype::createStructure): Deleted.
        (WebCore::JSTestNamedSetterWithIndexedGetterPrototype::JSTestNamedSetterWithIndexedGetterPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp:
        (WebCore::JSTestNamedSetterWithIndexedGetterAndSetterPrototype::create): Deleted.
        (WebCore::JSTestNamedSetterWithIndexedGetterAndSetterPrototype::createStructure): Deleted.
        (WebCore::JSTestNamedSetterWithIndexedGetterAndSetterPrototype::JSTestNamedSetterWithIndexedGetterAndSetterPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp:
        (WebCore::JSTestNamedSetterWithOverrideBuiltinsPrototype::create): Deleted.
        (WebCore::JSTestNamedSetterWithOverrideBuiltinsPrototype::createStructure): Deleted.
        (WebCore::JSTestNamedSetterWithOverrideBuiltinsPrototype::JSTestNamedSetterWithOverrideBuiltinsPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp:
        (WebCore::JSTestNamedSetterWithUnforgablePropertiesConstructor::prototypeForStructure):
        (WebCore::JSTestNamedSetterWithUnforgablePropertiesPrototype::create): Deleted.
        (WebCore::JSTestNamedSetterWithUnforgablePropertiesPrototype::createStructure): Deleted.
        (WebCore::JSTestNamedSetterWithUnforgablePropertiesPrototype::JSTestNamedSetterWithUnforgablePropertiesPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp:
        (WebCore::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltinsConstructor::prototypeForStructure):
        (WebCore::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltinsPrototype::create): Deleted.
        (WebCore::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltinsPrototype::createStructure): Deleted.
        (WebCore::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltinsPrototype::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltinsPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestNode.cpp:
        (WebCore::jsTestNodePrototypeFunctionEntriesCaller):
        (WebCore::JSTestNodePrototype::create): Deleted.
        (WebCore::JSTestNodePrototype::createStructure): Deleted.
        (WebCore::JSTestNodePrototype::JSTestNodePrototype): Deleted.
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::JSTestObjConstructor::construct):
        (WebCore::JSTestObjPrototype::create): Deleted.
        (WebCore::JSTestObjPrototype::createStructure): Deleted.
        (WebCore::JSTestObjPrototype::JSTestObjPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        (WebCore::JSTestOverloadedConstructorsPrototype::create): Deleted.
        (WebCore::JSTestOverloadedConstructorsPrototype::createStructure): Deleted.
        (WebCore::JSTestOverloadedConstructorsPrototype::JSTestOverloadedConstructorsPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
        (WebCore::JSTestOverloadedConstructorsWithSequencePrototype::create): Deleted.
        (WebCore::JSTestOverloadedConstructorsWithSequencePrototype::createStructure): Deleted.
        (WebCore::JSTestOverloadedConstructorsWithSequencePrototype::JSTestOverloadedConstructorsWithSequencePrototype): Deleted.
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
        (WebCore::JSTestOverrideBuiltinsPrototype::create): Deleted.
        (WebCore::JSTestOverrideBuiltinsPrototype::createStructure): Deleted.
        (WebCore::JSTestOverrideBuiltinsPrototype::JSTestOverrideBuiltinsPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestPluginInterface.cpp:
        (WebCore::JSTestPluginInterfacePrototype::create): Deleted.
        (WebCore::JSTestPluginInterfacePrototype::createStructure): Deleted.
        (WebCore::JSTestPluginInterfacePrototype::JSTestPluginInterfacePrototype): Deleted.
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:
        (WebCore::JSTestPromiseRejectionEventPrototype::create): Deleted.
        (WebCore::JSTestPromiseRejectionEventPrototype::createStructure): Deleted.
        (WebCore::JSTestPromiseRejectionEventPrototype::JSTestPromiseRejectionEventPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestSerialization.cpp:
        (WebCore::JSTestSerializationPrototype::create): Deleted.
        (WebCore::JSTestSerializationPrototype::createStructure): Deleted.
        (WebCore::JSTestSerializationPrototype::JSTestSerializationPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.cpp:
        (WebCore::JSTestSerializationIndirectInheritancePrototype::create): Deleted.
        (WebCore::JSTestSerializationIndirectInheritancePrototype::createStructure): Deleted.
        (WebCore::JSTestSerializationIndirectInheritancePrototype::JSTestSerializationIndirectInheritancePrototype): Deleted.
        * bindings/scripts/test/JS/JSTestSerializationInherit.cpp:
        (WebCore::JSTestSerializationInheritPrototype::create): Deleted.
        (WebCore::JSTestSerializationInheritPrototype::createStructure): Deleted.
        (WebCore::JSTestSerializationInheritPrototype::JSTestSerializationInheritPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp:
        (WebCore::JSTestSerializationInheritFinalPrototype::create): Deleted.
        (WebCore::JSTestSerializationInheritFinalPrototype::createStructure): Deleted.
        (WebCore::JSTestSerializationInheritFinalPrototype::JSTestSerializationInheritFinalPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
        (WebCore::JSTestSerializedScriptValueInterfacePrototype::create): Deleted.
        (WebCore::JSTestSerializedScriptValueInterfacePrototype::createStructure): Deleted.
        (WebCore::JSTestSerializedScriptValueInterfacePrototype::JSTestSerializedScriptValueInterfacePrototype): Deleted.
        * bindings/scripts/test/JS/JSTestStringifier.cpp:
        (WebCore::JSTestStringifierPrototype::create): Deleted.
        (WebCore::JSTestStringifierPrototype::createStructure): Deleted.
        (WebCore::JSTestStringifierPrototype::JSTestStringifierPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp:
        (WebCore::JSTestStringifierAnonymousOperationPrototype::create): Deleted.
        (WebCore::JSTestStringifierAnonymousOperationPrototype::createStructure): Deleted.
        (WebCore::JSTestStringifierAnonymousOperationPrototype::JSTestStringifierAnonymousOperationPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp:
        (WebCore::JSTestStringifierNamedOperationPrototype::create): Deleted.
        (WebCore::JSTestStringifierNamedOperationPrototype::createStructure): Deleted.
        (WebCore::JSTestStringifierNamedOperationPrototype::JSTestStringifierNamedOperationPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp:
        (WebCore::JSTestStringifierOperationImplementedAsPrototype::create): Deleted.
        (WebCore::JSTestStringifierOperationImplementedAsPrototype::createStructure): Deleted.
        (WebCore::JSTestStringifierOperationImplementedAsPrototype::JSTestStringifierOperationImplementedAsPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp:
        (WebCore::JSTestStringifierOperationNamedToStringPrototype::create): Deleted.
        (WebCore::JSTestStringifierOperationNamedToStringPrototype::createStructure): Deleted.
        (WebCore::JSTestStringifierOperationNamedToStringPrototype::JSTestStringifierOperationNamedToStringPrototype): Deleted.
        * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp:
        (WebCore::JSTestStringifierReadOnlyAttributePrototype::create): Deleted.
        (WebCore::JSTestStringifierReadOnlyAttributePrototype::createStructure): Deleted.
        (WebCore::JSTestStringifierReadOnlyAttributePrototype::JSTestStringifierReadOnlyAttributePrototype): Deleted.
        * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp:
        (WebCore::JSTestStringifierReadWriteAttributePrototype::create): Deleted.
        (WebCore::JSTestStringifierReadWriteAttributePrototype::createStructure): Deleted.
        (WebCore::JSTestStringifierReadWriteAttributePrototype::JSTestStringifierReadWriteAttributePrototype): Deleted.
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        (WebCore::JSTestTypedefsConstructor::construct):
        (WebCore::JSTestTypedefsPrototype::create): Deleted.
        (WebCore::JSTestTypedefsPrototype::createStructure): Deleted.
        (WebCore::JSTestTypedefsPrototype::JSTestTypedefsPrototype): Deleted.

2020-03-06  James Darpinian  <jdarpinian@chromium.org>

        Set important EGL context attributes
        https://bugs.webkit.org/show_bug.cgi?id=208724

        Reviewed by Dean Jackson.

        These EGL context attributes are important to make ANGLE's validation correct for
        WebGL contexts. ROBUST_RESOURCE_INITIALIZATION is especially important; the lack
        of it may be a root cause of some of the test flakiness we have seen. With this
        change WebKit's EGL context attributes now match Chromium's for ANGLE/WebGL
        contexts.

        * platform/graphics/cocoa/GraphicsContextGLOpenGLCocoa.mm:
        (WebCore::GraphicsContextGLOpenGL::GraphicsContextGLOpenGL):

2020-03-06  Youenn Fablet  <youenn@apple.com>

        Use ObjectIdentifier to identify media sessions
        https://bugs.webkit.org/show_bug.cgi?id=208710

        Reviewed by Eric Carlson.

        No change of behavior, except that the identifier is now stable over time and unique per process.

        * Headers.cmake:
        * WebCore.xcodeproj/project.pbxproj:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::HTMLMediaElement):
        (WebCore::HTMLMediaElement::mediaSessionUniqueIdentifier const):
        * html/HTMLMediaElement.h:
        * platform/audio/NowPlayingInfo.h:
        (WebCore::NowPlayingInfo::decode):
        * platform/audio/PlatformMediaSessionManager.h:
        (WebCore::PlatformMediaSessionManager::lastUpdatedNowPlayingInfoUniqueIdentifier const):
        * platform/audio/cocoa/MediaSessionManagerCocoa.h:
        * platform/audio/cocoa/MediaSessionManagerCocoa.mm:
        (MediaSessionManagerCocoa::setNowPlayingInfo):
        (MediaSessionManagerCocoa::updateNowPlayingInfo):
        * testing/Internals.cpp:
        (WebCore::Internals::nowPlayingState const):

2020-03-06  Jason Lawrence  <lawrence.j@apple.com>

        Unreviewed, rolling out r257760.

        This commit caused flaky crashing on Mac wk2.

        Reverted changeset:

        "Fix for LayoutTests/accessibility/mac/value-change/value-
        change-user-info-contenteditable.html in IsolatedTree mode."
        https://bugs.webkit.org/show_bug.cgi?id=208462
        https://trac.webkit.org/changeset/257760

2020-03-06  David Quesada  <david_quesada@apple.com>

        Add _WKResourceLoadInfo.resourceType SPI
        https://bugs.webkit.org/show_bug.cgi?id=208723

        Reviewed by Alex Christensen.

        Covered by API tests.

        * Modules/beacon/NavigatorBeacon.cpp:
        (WebCore::NavigatorBeacon::sendBeacon):
        * loader/PingLoader.cpp:
        (WebCore::PingLoader::sendPing):
        * platform/network/ResourceRequestBase.h:

2020-03-06  Youenn Fablet  <youenn@apple.com>

        Add support for NowPlaying commands in GPUProcess
        https://bugs.webkit.org/show_bug.cgi?id=208707

        Reviewed by Eric Carlson.

        Add a NowPlayingManager that is responsible to clear/set/update NowPlaying information as well as receive commands
        and send them to the current NowPlaying client.
        Manually tested.

        * Headers.cmake:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/audio/PlatformMediaSessionManager.h:

2020-03-06  Simon Fraser  <simon.fraser@apple.com>

        Move synchronousScrollingReasons to ScrollingTreeScrollingNode
        https://bugs.webkit.org/show_bug.cgi?id=208721

        Reviewed by Antti Koivisto.

        synchronousScrollingReasons was on Scrolling*FrameScrollingNode, but with async overflow
        scrolling, some overflow scrolls will need to scroll synchronously if they paint any
        background-attachment:fixed, so move synchronousScrollingReasons down to Scrolling*ScrollingNode.

        Also wrap the scrolling tree parts in #if ENABLE(SCROLLING_THREAD) since synchronous scrolling
        is only a thing if you use threaded scrolling. Ideally more of the ScrollingCoordinator code
        would also have #if ENABLE(SCROLLING_THREAD) but that can be done later.

        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::setSynchronousScrollingReasons):
        * page/scrolling/ScrollingStateFrameScrollingNode.cpp:
        (WebCore::ScrollingStateFrameScrollingNode::ScrollingStateFrameScrollingNode):
        (WebCore::ScrollingStateFrameScrollingNode::setPropertyChangedBitsAfterReattach):
        (WebCore::ScrollingStateFrameScrollingNode::dumpProperties const):
        (WebCore::ScrollingStateFrameScrollingNode::setSynchronousScrollingReasons): Deleted.
        * page/scrolling/ScrollingStateFrameScrollingNode.h:
        * page/scrolling/ScrollingStateScrollingNode.cpp:
        (WebCore::ScrollingStateScrollingNode::ScrollingStateScrollingNode):
        (WebCore::ScrollingStateScrollingNode::setPropertyChangedBitsAfterReattach):
        (WebCore::ScrollingStateScrollingNode::setSynchronousScrollingReasons):
        (WebCore::ScrollingStateScrollingNode::dumpProperties const):
        * page/scrolling/ScrollingStateScrollingNode.h:
        (WebCore::ScrollingStateScrollingNode::synchronousScrollingReasons const):
        * page/scrolling/ScrollingTreeFrameScrollingNode.cpp:
        (WebCore::ScrollingTreeFrameScrollingNode::commitStateBeforeChildren):
        (WebCore::ScrollingTreeFrameScrollingNode::dumpProperties const):
        * page/scrolling/ScrollingTreeFrameScrollingNode.h:
        * page/scrolling/ScrollingTreeScrollingNode.cpp:
        (WebCore::ScrollingTreeScrollingNode::commitStateBeforeChildren):
        (WebCore::ScrollingTreeScrollingNode::dumpProperties const):
        * page/scrolling/ScrollingTreeScrollingNode.h:

2020-03-06  Simon Fraser  <simon.fraser@apple.com>

        Make it possible to safely access CALayers and PlatformCALayerCocoa objects on the scrolling thread
        https://bugs.webkit.org/show_bug.cgi?id=208672

        Reviewed by Antti Koivisto.

        Async overflow/frame scrolling on macOS is going to hit-test through the CALayer tree on the
        scrolling thread, and access PlatformCALayers that hang off CALayers. We therefore have to ensure
        that those layers are not getting mutated while hit-testing.

        We only touch PlatformCALayers and CALayers through two codepaths: GraphicsLayer::flushCompositingState()
        when pushing GraphicsLayer changes to CA, and when destroying GraphicsLayers which tears down their associated
        PlatformCALayers (the CALayers remain parented in the tree).

        To prevent a PlatformCALayer from being destroyed while being accessed on the scrolling thread, we make
        it ThreadSafeRefCounted<>, and lock around fetching thePlatformCALayer from the layerToPlatformLayerMap() which
        retains it.

        To prevent the CALayer/PlatformCALayer trees being mutated during layer flushing, we lock around 
        rootLayer->flushCompositingState() in RenderLayerCompositor::flushPendingLayerChanges().

        The lock is owned by ScrollingTreeMac.

        * page/scrolling/AsyncScrollingCoordinator.h:
        (WebCore::LayerTreeHitTestLocker::LayerTreeHitTestLocker):
        (WebCore::LayerTreeHitTestLocker::~LayerTreeHitTestLocker):
        * page/scrolling/ScrollingTree.h:
        (WebCore::ScrollingTree::lockLayersForHitTesting):
        (WebCore::ScrollingTree::unlockLayersForHitTesting):
        * page/scrolling/mac/ScrollingTreeMac.h:
        * page/scrolling/mac/ScrollingTreeMac.mm:
        (ScrollingTreeMac::lockLayersForHitTesting):
        (ScrollingTreeMac::unlockLayersForHitTesting):
        * platform/graphics/ca/PlatformCALayer.h:
        * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:
        (WebCore::layerToPlatformLayerMapMutex):
        (WebCore::PlatformCALayer::platformCALayerForLayer):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::flushPendingLayerChanges):

2020-03-06  Simon Fraser  <simon.fraser@apple.com>

        Put an event region on scroll container layers
        https://bugs.webkit.org/show_bug.cgi?id=208684

        Reviewed by Antti Koivisto.
        
        Hit-testing through the CALayer tree on macOS, where we don't have scroll views for overflow,
        is simpler if scroll container layers have an event region that just represents the bounds of
        the layer. These regions are harmless to have on iOS too.

        This patch adds them for overflow scroll, and for m_clipLayer which is the scroll container
        layer for scrollable subframes.

        Tests: fast/scrolling/mac/event-region-scrolled-contents-layer.html
               fast/scrolling/mac/event-region-subframe.html

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateEventRegion):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::updateScrollLayerClipping):

2020-03-06  Antti Koivisto  <antti@apple.com>

        Reduce ThreadTimers maxDurationOfFiringTimers to 16ms
        https://bugs.webkit.org/show_bug.cgi?id=208717

        Reviewed by Simon Fraser.

        50ms -> 16ms.

        This gives us more chances to do rendering updates. A/B testing says it is neutral for performance.

        * platform/ThreadTimers.cpp:

2020-03-06  Kate Cheney  <katherine_cheney@apple.com>

        Remove redundant flags in script evaluation checks
        https://bugs.webkit.org/show_bug.cgi?id=208609
        <rdar://problem/60058656>
        
        Reviewed by Brent Fulgham.
        
        hasNavigatedAwayFromAppBoundDomain only gets set in WebPageProxy if
        its a main frame navigation and In-App Browser privacy is enabled,
        we don't need to check again at the sites.

        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::executeScriptInWorld):
        * page/Frame.cpp:
        (WebCore::Frame::injectUserScriptImmediately):

2020-03-06  Zalan Bujtas  <zalan@apple.com>

        [LFC][TFC] Absolute positioned table should generate a static table box inside the out-of-flow table wrapper box
        https://bugs.webkit.org/show_bug.cgi?id=208713
        <rdar://problem/60151358>

        Reviewed by Antti Koivisto.

        Test: fast/layoutformattingcontext/absolute-positioned-simple-table.html

        <table style="position: absolute"> should generate
        1. absolute positioned table wrapper box
        2. static (inflow) positioned table box inside the out-of-flow table wrapper box. 

        * layout/layouttree/LayoutTreeBuilder.cpp:
        (WebCore::Layout::TreeBuilder::buildTableStructure):

2020-03-05  Darin Adler  <darin@apple.com>

        Improve some media code
        https://bugs.webkit.org/show_bug.cgi?id=208322

        Reviewed by Anders Carlsson.

        - TextTrack objects now take Document instead of ScriptExecutionContext.
        - Made more TextTrack functions private and protected.
        - Made TextTrack parsing functions use return values rather than out arguments.
        - Use references rather than pointers and Ref rather than RefPtr for non-null things.
        - Made MediaControlsHost use a WeakPtr instead of a raw pointer.

        * Modules/mediacontrols/MediaControlsHost.cpp:
        (WebCore::alwaysOnKeyword): Made private to this file instead of exposed in header.
        (WebCore::manualKeyword): Ditto.
        (WebCore::MediaControlsHost::create): Take a reference instead of a pointer to
        the media element.
        (WebCore::MediaControlsHost::MediaControlsHost): Ditto, and make a weak pointer.
        (WebCore::MediaControlsHost::sortedTrackListForMenu): Added null check.
        (WebCore::MediaControlsHost::displayNameForTrack): Ditto.
        (WebCore::MediaControlsHost::captionMenuOffItem): Ditto.
        (WebCore::MediaControlsHost::captionMenuAutomaticItem): Ditto.
        (WebCore::MediaControlsHost::captionDisplayMode const): Ditto.
        (WebCore::MediaControlsHost::setSelectedTextTrack): Ditto.
        (WebCore::MediaControlsHost::textTrackContainer): Ditto.
        (WebCore::MediaControlsHost::allowsInlineMediaPlayback const): Ditto.
        (WebCore::MediaControlsHost::supportsFullscreen const): Ditto.
        (WebCore::MediaControlsHost::isVideoLayerInline const): Ditto.
        (WebCore::MediaControlsHost::isInMediaDocument const): Ditto.
        (WebCore::MediaControlsHost::setPreparedToReturnVideoLayerToInline): Ditto.
        (WebCore::MediaControlsHost::userGestureRequired const): Ditto.
        (WebCore::MediaControlsHost::shouldForceControlsDisplay const): Ditto.
        (WebCore::MediaControlsHost::externalDeviceDisplayName const): Ditto.
        (WebCore::MediaControlsHost::externalDeviceType const): Ditto.
        (WebCore::MediaControlsHost::controlsDependOnPageScaleFactor const): Ditto.
        (WebCore::MediaControlsHost::setControlsDependOnPageScaleFactor): Ditto.
        (WebCore::MediaControlsHost::generateUUID): Made a static member.
        (WebCore::MediaControlsHost::shadowRootCSSText): Ditto.
        (WebCore::MediaControlsHost::base64StringForIconNameAndType): Ditto.
        (WebCore::MediaControlsHost::formattedStringForDuration): Ditto.
        (WebCore::MediaControlsHost::compactMode const): Tweaked logic a bit.

        * Modules/mediacontrols/MediaControlsHost.h: Made various member functions
        into static member functions, used references instead of pointers for
        things that are never null, used WeakPtr for m_mediaElement.

        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveInitializationSegment):
        Document instead of ScriptExecutionContext.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaPlayerDidAddTextTrack): Document instead of
        ScriptExecutionContext.
        (WebCore::HTMLMediaElement::updateCaptionContainer): Pass reference to
        MediaControlsHost::create.
        (WebCore::HTMLMediaElement::setSelectedTextTrack): Update since special items
        are now references rather than pointers.
        (WebCore::HTMLMediaElement::updateTextTrackDisplay): Pass reference.
        (WebCore::HTMLMediaElement::didAddUserAgentShadowRoot): Ditto.

        * html/HTMLTrackElement.cpp:
        (WebCore::HTMLTrackElement::parseAttribute): Removed setIsDefault function
        since the track can simply read the attribute out of the element instead.

        * html/shadow/MediaControlElements.cpp:
        (WebCore::MediaControlClosedCaptionsTrackListElement::updateDisplay):
        Update since special items are now referencse rather than pointers.

        * html/track/DataCue.cpp:
        (WebCore::DataCue::DataCue): Document instead of ScriptExecutionContext.
        (WebCore::DataCue::create): Moved these functions out of the header.
        * html/track/DataCue.h: Updated for the above.
        * html/track/DataCue.idl: Ditto.

        * html/track/InbandDataTextTrack.cpp:
        (WebCore::InbandDataTextTrack::InbandDataTextTrack): Document instead
        of ScriptExecutionContext.
        (WebCore::InbandDataTextTrack::create): Ditto.
        (WebCore::InbandDataTextTrack::addDataCue): Ditto. Also use reference
        instead of pointer when calling hasCue.
        * html/track/InbandDataTextTrack.h: Updated for the above.

        * html/track/InbandGenericTextTrack.cpp:
        (WebCore::InbandGenericTextTrack::InbandGenericTextTrack): Document
        instead of ScriptExecutionContext.
        (WebCore::InbandGenericTextTrack::create): Ditto.
        (WebCore::InbandGenericTextTrack::addGenericCue): Ditto. Also use
        reference instead of pointer when calling hasCue.
        (WebCore::InbandGenericTextTrack::parser): Ditto.
        (WebCore::InbandGenericTextTrack::newCuesParsed): Ditto. Also use
        return value from takeCues instead of out arguenmt from getNewCues.
        Also use reference instead of pointer when calling hasCue.
        (WebCore::InbandGenericTextTrack::newRegionsParsed): Ditto.
        * html/track/InbandGenericTextTrack.h: Update for above.

        * html/track/InbandTextTrack.cpp:
        (WebCore::InbandTextTrack::create): Document instead of
        ScriptExecutionContext.
        (WebCore::InbandTextTrack::InbandTextTrack): Ditto.
        * html/track/InbandTextTrack.h: Update for above.

        * html/track/InbandWebVTTTextTrack.cpp:
        (WebCore::InbandWebVTTTextTrack::InbandWebVTTTextTrack): Document
        instead of ScriptExecutionContext.
        (WebCore::InbandWebVTTTextTrack::create): Ditto.
        (WebCore::InbandWebVTTTextTrack::parser): Ditto.
        (WebCore::InbandWebVTTTextTrack::newCuesParsed): Ditto. Also use
        return value from takeCues instead of out arguenmt from getNewCues.
        Also use reference instead of pointer when calling hasCue.
        (WebCore::InbandWebVTTTextTrack::newRegionsParsed): Ditto.
        * html/track/InbandWebVTTTextTrack.h: Update for above.

        * html/track/LoadableTextTrack.cpp:
        (WebCore::LoadableTextTrack::create): Moved here from header.
        (WebCore::LoadableTextTrack::loadTimerFired): Document instead of
        ScriptExecutionContext.
        (WebCore::LoadableTextTrack::newRegionsAvailable): Use return value
        from getNewRegions instead of out argument.
        (WebCore::LoadableTextTrack::isDefault const): New implementation that
        does not rely on a data member; checks attribute on video element.
        * html/track/LoadableTextTrack.h: Updated for above changes.

        * html/track/TextTrack.cpp:
        (WebCore::TextTrack::captionMenuOffItem): Return a reference rather
        than a pointer.
        (WebCore::TextTrack::captionMenuAutomaticItem): Ditto.
        (WebCore::TextTrack::create): Document rather than ScriptExecutionContext.
        (WebCore::TextTrack::document const): Added. For use by derived classes.
        (WebCore::TextTrack::addRegion): Ref rather than RefPtr.
        (WebCore::TextTrack::removeRegion): Reference rather than pointer.
        (WebCore::TextTrack::cueWillChange): Ditto.
        (WebCore::TextTrack::cueDidChange): Ditto.
        (WebCore::TextTrack::hasCue): Ditto.

        * html/track/TextTrack.h: Removed declarations of non-existent
        disabledKeyword, hiddenKeyword, and showingKeyword functions.
        Made setKind, client, and hasCue protected. Made overrides of
        eventTargetInterface, scriptExecutionContext, and logClassName
        private. Removed setIsDefault. Updated for changes above.

        * html/track/TextTrack.idl: Did what FIXME suggested, making the region
        parameters non-nullable. Passing null silently did nothing before. There
        is some small risk of website incompatibility if someone accidentally
        relied on this WebKit-specific behavior.

        * html/track/TextTrackCue.cpp:
        (WebCore::TextTrackCue::create): Document instead of ScriptExecutionContext.
        (WebCore::TextTrackCue::TextTrackCue): Ditto.
        (WebCore::TextTrackCue::willChange): Pass reference.
        (WebCore::TextTrackCue::didChange): Ditto.
        * html/track/TextTrackCue.h: Update for above changes.
        * html/track/TextTrackCue.idl: Ditto.

        * html/track/TextTrackCueGeneric.cpp:
        (WebCore::TextTrackCueGeneric::TextTrackCueGeneric): Update since the base
        class now takes an rvalue reference to the string.
        (WebCore::TextTrackCueGeneric::isOrderedBefore const): Use auto.
        (WebCore::TextTrackCueGeneric::isPositionedAbove const): Ditto.

        * html/track/VTTCue.cpp:
        (WebCore::VTTCue::create): Document instead of ScriptExecutionContext.
        Also take String with an rvalue reference.
        (WebCore::VTTCue::VTTCue): Ditto.
        * html/track/VTTCue.h: Update for above changes.
        * html/track/VTTCue.idl: Ditto.

        * html/track/WebVTTParser.cpp:
        (WebCore::WebVTTParser::WebVTTParser): Document instead of
        ScriptExecutionContext. References instead of pointers. Initialize
        m_state in class definition.
        (WebCore::WebVTTParser::takeCues): Renamed from getNewCues and changed
        to use a return value instead of an out argument.
        (WebCore::WebVTTParser::takeRegions): Ditto.
        (WebCore::WebVTTParser::takeStyleSheets): Ditto.
        (WebCore::WebVTTParser::parseCueData): Remove null check of m_client.
        (WebCore::WebVTTParser::parse): Ditto.
        (WebCore::WebVTTParser::collectWebVTTBlock): Ditto.
        (WebCore::WebVTTParser::checkAndCreateRegion): Pass document.
        (WebCore::WebVTTParser::checkAndStoreRegion): Use
        Vector::removeFirstMatching instead of Vector::removeFirst.
        (WebCore::WebVTTParser::createNewCue): Remove null check of m_client.
        * html/track/WebVTTParser.h: Update for above changes.

        * loader/TextTrackLoader.cpp:
        (WebCore::TextTrackLoader::TextTrackLoader): Document instead of
        ScriptExecutionContext. References instead of pointers. Initialize
        data members in in class definition.
        (WebCore::TextTrackLoader::processNewCueData): Pass references.
        (WebCore::TextTrackLoader::corsPolicyPreventedLoad): Use m_document.
        (WebCore::TextTrackLoader::load): Ditto.
        (WebCore::TextTrackLoader::getNewCues): Use takeCues.
        (WebCore::TextTrackLoader::getNewRegions): Changed to return a vector
        instead of using an out argument. Use takeRegions.
        (WebCore::TextTrackLoader::getNewStyleSheets): Ditto.
        * loader/TextTrackLoader.h: Updated for the above.

        * page/CaptionUserPreferences.cpp:
        (WebCore::trackDisplayName): Updated since these are references.
        (WebCore::CaptionUserPreferences::mediaSelectionOptionForTrack const): Ditto.
        (WebCore::CaptionUserPreferences::sortedTrackListForMenu): Ditto.
        * page/CaptionUserPreferencesMediaAF.cpp:
        (WebCore::trackDisplayName): Ditto.
        (WebCore::CaptionUserPreferencesMediaAF::sortedTrackListForMenu): Ditto.
        * platform/cocoa/PlaybackSessionModelMediaElement.mm:
        (WebCore::PlaybackSessionModelMediaElement::selectLegibleMediaOption): Ditto.
        (WebCore::PlaybackSessionModelMediaElement::legibleMediaSelectedIndex const):
        Updated to use references rather than pointers. Refactored the logic to
        use Optional and nested if statements to make the algorithm clearer.

2020-03-05  Simon Fraser  <simon.fraser@apple.com>

        Use an OptionSet<> for SynchronousScrollingReasons
        https://bugs.webkit.org/show_bug.cgi?id=208697

        Reviewed by Antti Koivisto.

        Convert SynchronousScrollingReasons to an OptionSet<SynchronousScrollingReason>.

        * page/PerformanceLoggingClient.cpp:
        (WebCore::PerformanceLoggingClient::synchronousScrollingReasonsAsString):
        * page/PerformanceLoggingClient.h:
        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::setSynchronousScrollingReasons):
        (WebCore::AsyncScrollingCoordinator::reportSynchronousScrollingReasonsChanged):
        * page/scrolling/AsyncScrollingCoordinator.h:
        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::synchronousScrollingReasons const):
        (WebCore::ScrollingCoordinator::shouldUpdateScrollLayerPositionSynchronously const):
        (WebCore::ScrollingCoordinator::synchronousScrollingReasonsAsText):
        * page/scrolling/ScrollingCoordinator.h:
        (WebCore::ScrollingCoordinator::setSynchronousScrollingReasons):
        * page/scrolling/ScrollingCoordinatorTypes.h:
        * page/scrolling/ScrollingStateFrameScrollingNode.cpp:
        (WebCore::ScrollingStateFrameScrollingNode::setSynchronousScrollingReasons):
        (WebCore::ScrollingStateFrameScrollingNode::dumpProperties const):
        * page/scrolling/ScrollingStateFrameScrollingNode.h:
        * page/scrolling/ScrollingTree.h:
        (WebCore::ScrollingTree::reportSynchronousScrollingReasonsChanged):
        * page/scrolling/ScrollingTreeFrameScrollingNode.cpp:
        (WebCore::ScrollingTreeFrameScrollingNode::dumpProperties const):
        * page/scrolling/ScrollingTreeFrameScrollingNode.h:
        * page/scrolling/ThreadedScrollingTree.cpp:
        (WebCore::ThreadedScrollingTree::reportSynchronousScrollingReasonsChanged):
        * page/scrolling/ThreadedScrollingTree.h:

2020-03-06  Antoine Quint  <graouts@webkit.org>

        Remove the experimental flag for Pointer Events
        https://bugs.webkit.org/show_bug.cgi?id=208655
        <rdar://problem/60090545>

        Reviewed by Dean Jackson.

        * dom/Element.cpp:
        (WebCore::dispatchPointerEventIfNeeded):
        (WebCore::Element::removedFromAncestor):
        * dom/Element.idl:
        * dom/NavigatorMaxTouchPoints.idl:
        * dom/PointerEvent.idl:
        * page/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::setPointerEventsEnabled): Deleted.
        (WebCore::RuntimeEnabledFeatures::pointerEventsEnabled const): Deleted.
        * style/StyleTreeResolver.cpp:
        (WebCore::Style::TreeResolver::resolveElement):

2020-03-06  Enrique Ocaña González  <eocanha@igalia.com>

        [GStreamer] Streaming aac/mp3 audio doesn't always work
        https://bugs.webkit.org/show_bug.cgi?id=205801

        Reviewed by Philippe Normand.

        Don't rely on response size to replace Content-Length. This may break streaming videos,
        which should always have an Infinite duration.

        This patch is based on the fix found by Philippe Normand <pnormand@igalia.com>

        Test: http/tests/media/video-no-content-length-stall.html

        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (CachedResourceStreamingClient::dataReceived):

2020-03-06  Frederic Wang  <fwang@igalia.com>

        [intersection-observer] Accept a Document as an explicit root
        https://bugs.webkit.org/show_bug.cgi?id=208047

        Reviewed by Simon Fraser.

        This patch introduces a recent enhancement to the Intersection Observer specification: the
        root initialization parameter can be explicitly be set to a Document. The typical use case
        is when document is an iframe. See https://github.com/w3c/IntersectionObserver/issues/372

        This patch also updates the way Element's intersection observer data is handled so that it is
        more consistent with the explicit Document root case introduced here.

        Test: imported/w3c/web-platform-tests/intersection-observer/document-scrolling-element-root.html

        * dom/Document.cpp:
        (WebCore::Document::~Document): Notify observers about our desctruction.
        (WebCore::Document::updateIntersectionObservations): Use new method name. This does not
        require null-check because ensureIntersectionObserverData() has been called in
        IntersectionObserver::observe().
        (WebCore::Document::ensureIntersectionObserverData): Return reference to intersection
        observer data for this document, creating one if it does not exist.
        * dom/Document.h: Add new intersection observer data, used for documents that are explicit
        intersection observer roots.
        (WebCore::Document::intersectionObserverDataIfExists): Return pointer to intersection
        observer data or null if it does not exist.
        * dom/Element.cpp:
        (WebCore::Element::didMoveToNewDocument): Use new method name.
        (WebCore::Element::disconnectFromIntersectionObservers): Ditto and null-check weak refs.
        (WebCore::Element::intersectionObserverDataIfExists): Rename method to match Document's one
        and be more explicit that it will be null if it does not exist.
        (WebCore::Element::intersectionObserverData): Renamed.
        * dom/Element.h: Renamed.
        * html/LazyLoadImageObserver.cpp:
        (WebCore::LazyLoadImageObserver::intersectionObserver): Initialize with a WTF::Optional
        after API change.
        * page/IntersectionObserver.cpp:
        (WebCore::IntersectionObserver::create): Pass a Node* root, which can be null (implicit
        root), Document* or Element* (explicit roots). This is determined from init.root.
        (WebCore::IntersectionObserver::IntersectionObserver): Handle the case of explicit Document
        root.
        (WebCore::IntersectionObserver::~IntersectionObserver): Ditto and update method name for
        the explicit Element case. Note that in both explicit root cases the corresponding
        ensureIntersectionObserverData() method had been called in the constructor so they can
        be safely deferenced.
        (WebCore::IntersectionObserver::removeTargetRegistration): Use new method name.
        * page/IntersectionObserver.h: Update comment and code now that explicit root is a Node* and
        IntersectionObserver::Init::root is either an Element or a Document or null.
        (WebCore::IntersectionObserver::root const): Ditto.
        (): Deleted.
        * page/IntersectionObserver.idl: Update IDL to match the spec IntersectionObserver::root
        is a nullable Node and IntersectionObserverInit::root a nullable Element or Document.

2020-03-06  Yusuke Suzuki  <ysuzuki@apple.com>

        Put all generated JSCells in WebCore into IsoSubspace
        https://bugs.webkit.org/show_bug.cgi?id=205107

        Reviewed by Saam Barati.

        This patch automatically generates IsoSubspace per WebCore DOM object type.
        In preprocess-idls.pl, we collect all the DOM object types and generate DOMIsoSubspaces class,
        which contains all the necessary IsoSubspaces. And it is held by WebCoreJSClientData.

        CodeGeneratorJS.pm starts putting `subspaceFor` and `subspaceForImpl` for each JS DOM wrapper classes.
        And we dynamically create IsoSubspace and set it to WebCoreJSClientData's DOMIsoSubspaces. At the same
        time, we register IsoSubspace to m_outputConstraintSpaces if the class has output constraits callback.

        From the previous patch, we fixed outputConstraintSpaces bug, which is returning a copy of Vector<>
        instead of a reference to the member Vector.

        * CMakeLists.txt:
        * DerivedSources-output.xcfilelist:
        * DerivedSources.make:
        * WebCoreMacros.cmake:
        * bindings/js/JSDOMWrapper.cpp:
        (WebCore::outputConstraintSubspaceFor): Deleted.
        * bindings/js/JSDOMWrapper.h:
        * bindings/js/WebCoreJSClientData.cpp:
        (WebCore::JSVMClientData::JSVMClientData):
        * bindings/js/WebCoreJSClientData.h:
        (WebCore::JSVMClientData::forEachOutputConstraintSpace):
        (WebCore::JSVMClientData::subspaces):
        (WebCore::JSVMClientData::outputConstraintSpace): Deleted.
        (WebCore::JSVMClientData::subspaceForJSDOMWindow): Deleted.
        (WebCore::JSVMClientData::subspaceForJSDedicatedWorkerGlobalScope): Deleted.
        (WebCore::JSVMClientData::subspaceForJSRemoteDOMWindow): Deleted.
        (WebCore::JSVMClientData::subspaceForJSWorkerGlobalScope): Deleted.
        (WebCore::JSVMClientData::subspaceForJSServiceWorkerGlobalScope): Deleted.
        (WebCore::JSVMClientData::subspaceForJSPaintWorkletGlobalScope): Deleted.
        (WebCore::JSVMClientData::subspaceForJSWorkletGlobalScope): Deleted.
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader):
        (GenerateImplementation):
        * bindings/scripts/generate-bindings-all.pl:
        * bindings/scripts/preprocess-idls.pl:
        * bindings/scripts/test/JS/JSInterfaceName.cpp:
        (WebCore::JSInterfaceName::subspaceForImpl):
        * bindings/scripts/test/JS/JSInterfaceName.h:
        (WebCore::JSInterfaceName::subspaceFor):
        * bindings/scripts/test/JS/JSMapLike.cpp:
        (WebCore::JSMapLike::subspaceForImpl):
        * bindings/scripts/test/JS/JSMapLike.h:
        (WebCore::JSMapLike::subspaceFor):
        * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
        (WebCore::JSReadOnlyMapLike::subspaceForImpl):
        * bindings/scripts/test/JS/JSReadOnlyMapLike.h:
        (WebCore::JSReadOnlyMapLike::subspaceFor):
        * bindings/scripts/test/JS/JSReadOnlySetLike.cpp:
        (WebCore::JSReadOnlySetLike::subspaceForImpl):
        * bindings/scripts/test/JS/JSReadOnlySetLike.h:
        (WebCore::JSReadOnlySetLike::subspaceFor):
        * bindings/scripts/test/JS/JSSetLike.cpp:
        (WebCore::JSSetLike::subspaceForImpl):
        * bindings/scripts/test/JS/JSSetLike.h:
        (WebCore::JSSetLike::subspaceFor):
        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        (WebCore::JSTestActiveDOMObject::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestActiveDOMObject.h:
        (WebCore::JSTestActiveDOMObject::subspaceFor):
        * bindings/scripts/test/JS/JSTestCEReactions.cpp:
        (WebCore::JSTestCEReactions::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestCEReactions.h:
        (WebCore::JSTestCEReactions::subspaceFor):
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
        (WebCore::JSTestCEReactionsStringifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.h:
        (WebCore::JSTestCEReactionsStringifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestCallTracer.cpp:
        (WebCore::JSTestCallTracer::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestCallTracer.h:
        (WebCore::JSTestCallTracer::subspaceFor):
        * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
        (WebCore::JSTestClassWithJSBuiltinConstructor::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.h:
        (WebCore::JSTestClassWithJSBuiltinConstructor::subspaceFor):
        * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
        (WebCore::JSTestDOMJIT::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestDOMJIT.h:
        (WebCore::JSTestDOMJIT::subspaceFor):
        * bindings/scripts/test/JS/JSTestEnabledBySetting.cpp:
        (WebCore::JSTestEnabledBySetting::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestEnabledBySetting.h:
        (WebCore::JSTestEnabledBySetting::subspaceFor):
        * bindings/scripts/test/JS/JSTestEnabledForContext.cpp:
        (WebCore::JSTestEnabledForContext::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestEnabledForContext.h:
        (WebCore::JSTestEnabledForContext::subspaceFor):
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        (WebCore::JSTestEventConstructor::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestEventConstructor.h:
        (WebCore::JSTestEventConstructor::subspaceFor):
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        (WebCore::JSTestEventTarget::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestEventTarget.h:
        (WebCore::JSTestEventTarget::subspaceFor):
        * bindings/scripts/test/JS/JSTestException.cpp:
        (WebCore::JSTestException::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestException.h:
        (WebCore::JSTestException::subspaceFor):
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
        (WebCore::JSTestGenerateIsReachable::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.h:
        (WebCore::JSTestGenerateIsReachable::subspaceFor):
        * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
        (WebCore::JSTestGlobalObject::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestGlobalObject.h:
        (WebCore::JSTestGlobalObject::subspaceFor):
        * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp:
        (WebCore::JSTestIndexedSetterNoIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.h:
        (WebCore::JSTestIndexedSetterNoIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp:
        (WebCore::JSTestIndexedSetterThrowingException::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.h:
        (WebCore::JSTestIndexedSetterThrowingException::subspaceFor):
        * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp:
        (WebCore::JSTestIndexedSetterWithIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.h:
        (WebCore::JSTestIndexedSetterWithIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        (WebCore::JSTestInterface::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestInterface.h:
        * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp:
        (WebCore::JSTestInterfaceLeadingUnderscore::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.h:
        (WebCore::JSTestInterfaceLeadingUnderscore::subspaceFor):
        * bindings/scripts/test/JS/JSTestIterable.cpp:
        (WebCore::JSTestIterable::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestIterable.h:
        (WebCore::JSTestIterable::subspaceFor):
        * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
        (WebCore::JSTestJSBuiltinConstructor::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.h:
        (WebCore::JSTestJSBuiltinConstructor::subspaceFor):
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
        (WebCore::JSTestMediaQueryListListener::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
        (WebCore::JSTestMediaQueryListListener::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp:
        (WebCore::JSTestNamedAndIndexedSetterNoIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.h:
        (WebCore::JSTestNamedAndIndexedSetterNoIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp:
        (WebCore::JSTestNamedAndIndexedSetterThrowingException::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.h:
        (WebCore::JSTestNamedAndIndexedSetterThrowingException::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp:
        (WebCore::JSTestNamedAndIndexedSetterWithIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.h:
        (WebCore::JSTestNamedAndIndexedSetterWithIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
        (WebCore::JSTestNamedConstructor::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedConstructor.h:
        (WebCore::JSTestNamedConstructor::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp:
        (WebCore::JSTestNamedDeleterNoIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.h:
        (WebCore::JSTestNamedDeleterNoIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp:
        (WebCore::JSTestNamedDeleterThrowingException::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.h:
        (WebCore::JSTestNamedDeleterThrowingException::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp:
        (WebCore::JSTestNamedDeleterWithIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.h:
        (WebCore::JSTestNamedDeleterWithIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp:
        (WebCore::JSTestNamedDeleterWithIndexedGetter::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.h:
        (WebCore::JSTestNamedDeleterWithIndexedGetter::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp:
        (WebCore::JSTestNamedGetterCallWith::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedGetterCallWith.h:
        (WebCore::JSTestNamedGetterCallWith::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp:
        (WebCore::JSTestNamedGetterNoIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.h:
        (WebCore::JSTestNamedGetterNoIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp:
        (WebCore::JSTestNamedGetterWithIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.h:
        (WebCore::JSTestNamedGetterWithIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp:
        (WebCore::JSTestNamedSetterNoIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.h:
        (WebCore::JSTestNamedSetterNoIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp:
        (WebCore::JSTestNamedSetterThrowingException::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.h:
        (WebCore::JSTestNamedSetterThrowingException::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp:
        (WebCore::JSTestNamedSetterWithIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.h:
        (WebCore::JSTestNamedSetterWithIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp:
        (WebCore::JSTestNamedSetterWithIndexedGetter::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.h:
        (WebCore::JSTestNamedSetterWithIndexedGetter::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp:
        (WebCore::JSTestNamedSetterWithIndexedGetterAndSetter::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.h:
        (WebCore::JSTestNamedSetterWithIndexedGetterAndSetter::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp:
        (WebCore::JSTestNamedSetterWithOverrideBuiltins::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.h:
        (WebCore::JSTestNamedSetterWithOverrideBuiltins::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp:
        (WebCore::JSTestNamedSetterWithUnforgableProperties::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.h:
        (WebCore::JSTestNamedSetterWithUnforgableProperties::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp:
        (WebCore::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.h:
        (WebCore::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins::subspaceFor):
        * bindings/scripts/test/JS/JSTestNode.cpp:
        (WebCore::JSTestNode::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNode.h:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::JSTestObj::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestObj.h:
        (WebCore::JSTestObj::subspaceFor):
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        (WebCore::JSTestOverloadedConstructors::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.h:
        (WebCore::JSTestOverloadedConstructors::subspaceFor):
        * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
        (WebCore::JSTestOverloadedConstructorsWithSequence::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.h:
        (WebCore::JSTestOverloadedConstructorsWithSequence::subspaceFor):
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
        (WebCore::JSTestOverrideBuiltins::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.h:
        (WebCore::JSTestOverrideBuiltins::subspaceFor):
        * bindings/scripts/test/JS/JSTestPluginInterface.cpp:
        (WebCore::JSTestPluginInterface::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestPluginInterface.h:
        (WebCore::JSTestPluginInterface::subspaceFor):
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:
        (WebCore::JSTestPromiseRejectionEvent::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.h:
        (WebCore::JSTestPromiseRejectionEvent::subspaceFor):
        * bindings/scripts/test/JS/JSTestSerialization.cpp:
        (WebCore::JSTestSerialization::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestSerialization.h:
        (WebCore::JSTestSerialization::subspaceFor):
        * bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.cpp:
        (WebCore::JSTestSerializationIndirectInheritance::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.h:
        (WebCore::JSTestSerializationIndirectInheritance::subspaceFor):
        * bindings/scripts/test/JS/JSTestSerializationInherit.cpp:
        (WebCore::JSTestSerializationInherit::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestSerializationInherit.h:
        (WebCore::JSTestSerializationInherit::subspaceFor):
        * bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp:
        (WebCore::JSTestSerializationInheritFinal::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestSerializationInheritFinal.h:
        (WebCore::JSTestSerializationInheritFinal::subspaceFor):
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
        (WebCore::JSTestSerializedScriptValueInterface::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
        (WebCore::JSTestSerializedScriptValueInterface::subspaceFor):
        * bindings/scripts/test/JS/JSTestStringifier.cpp:
        (WebCore::JSTestStringifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestStringifier.h:
        (WebCore::JSTestStringifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp:
        (WebCore::JSTestStringifierAnonymousOperation::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.h:
        (WebCore::JSTestStringifierAnonymousOperation::subspaceFor):
        * bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp:
        (WebCore::JSTestStringifierNamedOperation::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestStringifierNamedOperation.h:
        (WebCore::JSTestStringifierNamedOperation::subspaceFor):
        * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp:
        (WebCore::JSTestStringifierOperationImplementedAs::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.h:
        (WebCore::JSTestStringifierOperationImplementedAs::subspaceFor):
        * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp:
        (WebCore::JSTestStringifierOperationNamedToString::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.h:
        (WebCore::JSTestStringifierOperationNamedToString::subspaceFor):
        * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp:
        (WebCore::JSTestStringifierReadOnlyAttribute::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.h:
        (WebCore::JSTestStringifierReadOnlyAttribute::subspaceFor):
        * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp:
        (WebCore::JSTestStringifierReadWriteAttribute::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.h:
        (WebCore::JSTestStringifierReadWriteAttribute::subspaceFor):
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        (WebCore::JSTestTypedefs::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestTypedefs.h:
        (WebCore::JSTestTypedefs::subspaceFor):

2020-03-06  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r257950.
        https://bugs.webkit.org/show_bug.cgi?id=208704

        causing debug failure (Requested by yusukesuzuki on #webkit).

        Reverted changeset:

        "Put all generated JSCells in WebCore into IsoSubspace"
        https://bugs.webkit.org/show_bug.cgi?id=205107
        https://trac.webkit.org/changeset/257950

2020-03-06  Michael Catanzaro  <mcatanzaro@gnome.org>

        [WPE][GTK] Use Firefox user agent quirk more aggressively on Google Docs
        https://bugs.webkit.org/show_bug.cgi?id=208647

        Reviewed by Carlos Garcia Campos.

        I had previously determined that we need to send a Firefox user agent quirk to
        accounts.youtube.com to avoid unsupported browser warnings on Google Docs. Either the user
        agent check has since become more aggressive, or it somehow depends on factors I don't
        understand, but as of today it's no longer enough. We now need the quirk for docs.google.com
        as well.

        * platform/UserAgentQuirks.cpp:
        (WebCore::urlRequiresFirefoxBrowser):

2020-03-05  Zalan Bujtas  <zalan@apple.com>

        [LFC][TFC] An absolute positioned <table> should establish a table formatting context
        https://bugs.webkit.org/show_bug.cgi?id=208695
        <rdar://problem/60122473>

        Reviewed by Antti Koivisto.

        Not all type of content gets blockified when out-of-flow positioned or floated.

        * layout/layouttree/LayoutBox.cpp:
        (WebCore::Layout::Box::establishesBlockFormattingContext const):

2020-02-29  Darin Adler  <darin@apple.com>

        Simplify gradient parsing
        https://bugs.webkit.org/show_bug.cgi?id=208417

        Reviewed by Anders Carlsson.

        - Use Optional<> and invalid Color to represent unspecified positions and colors.
          This is simpler and easier to get right than separate booleans.
        - Simplified sorting of stops in legacy gradients to remove extra CSS value
          evaluation and unnecessary "sort in place" technique.
        - Rewrote equals functions for CSS gradient value classes. The new pattern is
          to compare all the data members that hold parsed CSS data, handling null
          correctly, since the parser won't set inappropriate ones. The old code had
          complex logic to only compare certain data members, which was unnecessary
          and hard to read to tell if it was correct.
        - Added some more use of WTFMove to cut down on reference count churn.

        * css/CSSGradientValue.cpp:
        (WebCore::CSSGradientValue::image): Removed unneeded call to get().
        (WebCore::compareStops): Deleted.
        (WebCore::CSSGradientValue::sortStopsIfNeeded): Deleted.
        (WebCore::resolveStopColors): Take advantage of the fact that we know because
        of parsing rules that the only stops without colors are midpoints to drastically
        simplify this function to a trivial loop.
        (WebCore::CSSGradientValue::hasColorDerivedFromElement const): Added.
        Checks to see if any of the stop colors is derived from the element. The old
        code confusingly would store the answer to this in the stop, but only in the
        first stop with this property. Computing it without modifying the stop, and
        memoizing it in the gradient preserves the same performance characteristics
        as before without requiring a boolean in each stop in the stops vector.
        (WebCore::CSSGradientValue::gradientWithStylesResolved): Call the new
        hasColorDerivedFromElement function instead of having the logic here.
        (WebCore::LinearGradientAdapter::normalizeStopsAndEndpointsOutsideRange):
        Update since GradientStop now has optional offsets. By the time this
        function is called they are all guaranteed to be filled in, so we can
        just use the * operator.
        (WebCore::RadialGradientAdapter::normalizeStopsAndEndpointsOutsideRange):
        Ditto.
        (WebCore::ConicGradientAdapter::normalizeStopsAndEndpointsOutsideRange):
        Ditto.
        (WebCore::CSSGradientValue::computeStops): Moved the sorting of stops for
        the deprecated gradients here. Also updated since Gradient::ColorStop
        no longer uses "m_" prefixes on its public struct data members. Some
        simplification because we no longer need to explicitly set "specified"
        to true since it's no longer a separate boolean.
        (WebCore::positionFromValue): Handle a null pointer for value by returning
        0, which is what the caller was doing explicitly before. Use float
        instead of int for some internal computations that were mixing the two
        for no good reason.
        (WebCore::computeEndPoint): Removed null checks now that positionFromValue
        does them for us, turning this into a one-liner.
        (WebCore::CSSGradientValue::isCacheable const): Use hasColorDerivedFromElement.
        (WebCore::CSSGradientValue::knownToBeOpaque const): Removed unnnecessary
        checking the color both before and after when a color filter is involved.
        (WebCore::CSSGradientValue::equals const): Added. Shared by all the equals
        functions for derived classes.
        (WebCore::appendGradientStops): Updated for changes to CSSGradientColorStop.
        (WebCore::appendSpaceSeparatedOptionalCSSPtrText): Added template helper
        for writing two optional CSS values with a space between.
        (WebCore::writeColorStop): Ditto. Also converted to non-member function,
        removed unneeded isMidpoint check, use appendSpaceSeparatedOptionalCSSPtrText.
        (WebCore::CSSLinearGradientValue::customCSSText const): Call function
        members so we don't have to expose CSSGradientValue data members as
        protected things that can be accessed by derived classes. Some other
        small refactoring, such as getting rid of extra boolean wroteFirstStop.
        (WebCore::CSSLinearGradientValue::createGradient): Updated to use
        function members instead of protected data members.
        (WebCore::CSSLinearGradientValue::equals const): Compare all data
        members and use CSSGradientValue::equals, makes this a 1-liner.
        (WebCore::CSSRadialGradientValue::customCSSText const): Call function
        members as described above and use appendSpaceSeparatedOptionalCSSPtrText.
        (WebCore::CSSRadialGradientValue::createGradient): Ditto.
        (WebCore::CSSRadialGradientValue::equals const): Compare all data
        members and use CSSGradientValue::equals.
        (WebCore::CSSConicGradientValue::customCSSText const): Call function
        members as described above and use appendSpaceSeparatedOptionalCSSPtrText.
        (WebCore::CSSConicGradientValue::createGradient): Ditto.
        (WebCore::CSSConicGradientValue::equals const): Compare all data
        members and use CSSGradientValue::equals, makes this a 1-liner.

        * css/CSSGradientValue.h: Removed unneeded includes and forward declarations.
        Renamed CSSGradientColorStop data members to not use m_ prefix since this is
        a struct with public data members, and WebKit style says not to do that here.
        Removed m_colorIsDerivedFromElement and isMidpoint from CSSGradientColorStop,
        m_colorIsDerivedFromElement is now stored in the gradient, not the color stop,
        and midpoints are any color stop with null color. Replaced the
        CSSGradientValue::stopCount function, which mixed size_t and unsigned types,
        with a hasTwoStops function, which is all the caller needs. Converted the
        isFixedSize, fixedSize, isPending, and loadSubimages into static member
        functions: they don't do any work and so don't need an instance. Removed
        the unneeded gradient type argument to the cloning constructors. Removed
        m_stopsSorted and added m_hasColorDerivedFromElement and
        hasColorDerivedFromElement. Added getter functions that are protected so
        the data members themselves can be private. Removed sortStopsIfNeeded
        and writeColorStop.

        * css/parser/CSSPropertyParserHelpers.cpp:
        (WebCore::CSSPropertyParserHelpers::consumeDeprecatedGradientColorStop):
        Updated for CSSGradientColorStop member renaming.
        (WebCore::CSSPropertyParserHelpers::consumeDeprecatedGradient): Use
        more WTFMove to save a little bit of reference count churn; in some cases
        that means moving the setter calls to the end of the function after all
        the error checking.
        (WebCore::CSSPropertyParserHelpers::consumeGradientColorStops): Ditto.
        Removed code to set isMidpoint and the FIXME-NEWPARSER comment that said
        it could be removed. Used lambda to cut down on repeated code. Changed
        parsing of stops with a second position to repeat the color instead of
        relying on later computation to repeat it; this is required so we can
        always treat an omitted color as a midpoint.
        (WebCore::CSSPropertyParserHelpers::consumeDeprecatedRadialGradient): Ditto.
        (WebCore::CSSPropertyParserHelpers::consumeRadialGradient): Ditto.
        (WebCore::CSSPropertyParserHelpers::consumeLinearGradient): Ditto.
        (WebCore::CSSPropertyParserHelpers::consumeConicGradient): Ditto.

        * html/HTMLInputElement.cpp:
        (WebCore::autoFillStrongPasswordMaskImage): Updated for the renamed
        CSSGradientColorStop members, added a missing call to doneAddingStops,
        and use some WTFMove to cut down on reference count churn.

2020-03-05  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Remove the optimization for discarding no operation DisplayList items between Save and Restore items
        https://bugs.webkit.org/show_bug.cgi?id=208659

        Reviewed by Simon Fraser.

        This optimization is wrong in the case of drawing a canvas in general.
        The original implementation of the DisplayList assumes balanced Save/
        Restore GraphicsContext. In canvas a GraphicsConext 'save' can be issued
        in a frame and the corresponding restore is issued many frames later.

        * platform/graphics/displaylists/DisplayList.cpp:
        (WebCore::DisplayList::DisplayList::removeItemsFromIndex): Deleted.
        * platform/graphics/displaylists/DisplayList.h:
        * platform/graphics/displaylists/DisplayListItems.cpp:
        (WebCore::DisplayList::operator<<):
        * platform/graphics/displaylists/DisplayListItems.h:
        (WebCore::DisplayList::Save::encode const):
        (WebCore::DisplayList::Save::decode):
        (WebCore::DisplayList::Save::restoreIndex const): Deleted.
        (WebCore::DisplayList::Save::setRestoreIndex): Deleted.
        * platform/graphics/displaylists/DisplayListRecorder.cpp:
        (WebCore::DisplayList::Recorder::save):
        (WebCore::DisplayList::Recorder::restore):
        * platform/graphics/displaylists/DisplayListRecorder.h:
        (WebCore::DisplayList::Recorder::ContextState::cloneForSave const):

2020-03-05  Ben Nham  <nham@apple.com>

        Add signposts for top-level execution of script elements
        https://bugs.webkit.org/show_bug.cgi?id=208548

        Reviewed by Alex Christensen.

        This adds signposts for initial global scope code evaluation of script elements. This makes
        it easier to understand what code is executing and blocking initial HTML parsing from
        completing.

        In the long run, it would be nice to extend this to all top-level entry points back into JS
        (e.g. we should emit an interval if we re-enter a script via setTimeout). However, such
        probes have been removed in the past for being too noisy or slow (like in
        https://bugs.webkit.org/show_bug.cgi?id=187196), so let's just start with this for now.

        Note that we do emit the script URL in the signpost, but the signpost is gated behind both
        an environment variable and an Apple-internal check to prevent accidentally leaking
        sensitive info.

        * dom/ScriptElement.cpp:
        (WebCore::ScriptElement::executeClassicScript):
        (WebCore::ScriptElement::executeModuleScript):

2020-03-05  Zalan Bujtas  <zalan@apple.com>

        [First paint] Fixed sized SVG content should taken into account when computing VNE status
        https://bugs.webkit.org/show_bug.cgi?id=208663
        <rdar://problem/60096896>

        Reviewed by Simon Fraser.

        Let's add fixed sized SVG to the list of content we track as VNE pixel count.
        It helps to reach VNE status sooner on youtube.com.

        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::reportVisuallyNonEmptyContent):

2020-03-05  Yusuke Suzuki  <ysuzuki@apple.com>

        Put all generated JSCells in WebCore into IsoSubspace
        https://bugs.webkit.org/show_bug.cgi?id=205107

        Reviewed by Saam Barati.

        This patch automatically generates IsoSubspace per WebCore DOM object type.
        In preprocess-idls.pl, we collect all the DOM object types and generate DOMIsoSubspaces class,
        which contains all the necessary IsoSubspaces. And it is held by WebCoreJSClientData.

        CodeGeneratorJS.pm starts putting `subspaceFor` and `subspaceForImpl` for each JS DOM wrapper classes.
        And we dynamically create IsoSubspace and set it to WebCoreJSClientData's DOMIsoSubspaces. At the same
        time, we register IsoSubspace to m_outputConstraintSpaces if the class has output constraits callback.

        We also remove stale assertion in JSEventListener. It is saying the following.

            1. If the world is normal.
            2. If m_wrapper is gone.
            3. If m_jsFunction is not gone.

        Then, the assertion hits. But this is wrong. We have no guarantee that m_jsFunction is gone when m_wrapper is gone.
        We have conservative GC. We have generational GC. Someone can hold m_jsFunction's instance. Everything makes it possible
        that m_jsFunction is live while m_wrapper is gone. This patch removes this assertion.

        * CMakeLists.txt:
        * DerivedSources-output.xcfilelist:
        * DerivedSources.make:
        * WebCoreMacros.cmake:
        * bindings/js/JSDOMWrapper.cpp:
        (WebCore::outputConstraintSubspaceFor): Deleted.
        * bindings/js/JSDOMWrapper.h:
        * bindings/js/JSEventListener.h:
        (WebCore::JSEventListener::jsFunction const):
        * bindings/js/WebCoreJSClientData.cpp:
        (WebCore::JSVMClientData::JSVMClientData):
        * bindings/js/WebCoreJSClientData.h:
        (WebCore::JSVMClientData::forEachOutputConstraintSpace):
        (WebCore::JSVMClientData::subspaces):
        (WebCore::JSVMClientData::outputConstraintSpace): Deleted.
        (WebCore::JSVMClientData::subspaceForJSDOMWindow): Deleted.
        (WebCore::JSVMClientData::subspaceForJSDedicatedWorkerGlobalScope): Deleted.
        (WebCore::JSVMClientData::subspaceForJSRemoteDOMWindow): Deleted.
        (WebCore::JSVMClientData::subspaceForJSWorkerGlobalScope): Deleted.
        (WebCore::JSVMClientData::subspaceForJSServiceWorkerGlobalScope): Deleted.
        (WebCore::JSVMClientData::subspaceForJSPaintWorkletGlobalScope): Deleted.
        (WebCore::JSVMClientData::subspaceForJSWorkletGlobalScope): Deleted.
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader):
        (GenerateImplementation):
        * bindings/scripts/generate-bindings-all.pl:
        * bindings/scripts/preprocess-idls.pl:
        * bindings/scripts/test/JS/JSInterfaceName.cpp:
        (WebCore::JSInterfaceName::subspaceForImpl):
        * bindings/scripts/test/JS/JSInterfaceName.h:
        (WebCore::JSInterfaceName::subspaceFor):
        * bindings/scripts/test/JS/JSMapLike.cpp:
        (WebCore::JSMapLike::subspaceForImpl):
        * bindings/scripts/test/JS/JSMapLike.h:
        (WebCore::JSMapLike::subspaceFor):
        * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
        (WebCore::JSReadOnlyMapLike::subspaceForImpl):
        * bindings/scripts/test/JS/JSReadOnlyMapLike.h:
        (WebCore::JSReadOnlyMapLike::subspaceFor):
        * bindings/scripts/test/JS/JSReadOnlySetLike.cpp:
        (WebCore::JSReadOnlySetLike::subspaceForImpl):
        * bindings/scripts/test/JS/JSReadOnlySetLike.h:
        (WebCore::JSReadOnlySetLike::subspaceFor):
        * bindings/scripts/test/JS/JSSetLike.cpp:
        (WebCore::JSSetLike::subspaceForImpl):
        * bindings/scripts/test/JS/JSSetLike.h:
        (WebCore::JSSetLike::subspaceFor):
        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        (WebCore::JSTestActiveDOMObject::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestActiveDOMObject.h:
        (WebCore::JSTestActiveDOMObject::subspaceFor):
        * bindings/scripts/test/JS/JSTestCEReactions.cpp:
        (WebCore::JSTestCEReactions::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestCEReactions.h:
        (WebCore::JSTestCEReactions::subspaceFor):
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
        (WebCore::JSTestCEReactionsStringifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.h:
        (WebCore::JSTestCEReactionsStringifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestCallTracer.cpp:
        (WebCore::JSTestCallTracer::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestCallTracer.h:
        (WebCore::JSTestCallTracer::subspaceFor):
        * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
        (WebCore::JSTestClassWithJSBuiltinConstructor::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.h:
        (WebCore::JSTestClassWithJSBuiltinConstructor::subspaceFor):
        * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
        (WebCore::JSTestDOMJIT::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestDOMJIT.h:
        (WebCore::JSTestDOMJIT::subspaceFor):
        * bindings/scripts/test/JS/JSTestEnabledBySetting.cpp:
        (WebCore::JSTestEnabledBySetting::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestEnabledBySetting.h:
        (WebCore::JSTestEnabledBySetting::subspaceFor):
        * bindings/scripts/test/JS/JSTestEnabledForContext.cpp:
        (WebCore::JSTestEnabledForContext::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestEnabledForContext.h:
        (WebCore::JSTestEnabledForContext::subspaceFor):
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        (WebCore::JSTestEventConstructor::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestEventConstructor.h:
        (WebCore::JSTestEventConstructor::subspaceFor):
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        (WebCore::JSTestEventTarget::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestEventTarget.h:
        (WebCore::JSTestEventTarget::subspaceFor):
        * bindings/scripts/test/JS/JSTestException.cpp:
        (WebCore::JSTestException::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestException.h:
        (WebCore::JSTestException::subspaceFor):
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
        (WebCore::JSTestGenerateIsReachable::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.h:
        (WebCore::JSTestGenerateIsReachable::subspaceFor):
        * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
        (WebCore::JSTestGlobalObject::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestGlobalObject.h:
        (WebCore::JSTestGlobalObject::subspaceFor):
        * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp:
        (WebCore::JSTestIndexedSetterNoIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.h:
        (WebCore::JSTestIndexedSetterNoIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp:
        (WebCore::JSTestIndexedSetterThrowingException::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.h:
        (WebCore::JSTestIndexedSetterThrowingException::subspaceFor):
        * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp:
        (WebCore::JSTestIndexedSetterWithIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.h:
        (WebCore::JSTestIndexedSetterWithIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        (WebCore::JSTestInterface::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestInterface.h:
        * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp:
        (WebCore::JSTestInterfaceLeadingUnderscore::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.h:
        (WebCore::JSTestInterfaceLeadingUnderscore::subspaceFor):
        * bindings/scripts/test/JS/JSTestIterable.cpp:
        (WebCore::JSTestIterable::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestIterable.h:
        (WebCore::JSTestIterable::subspaceFor):
        * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
        (WebCore::JSTestJSBuiltinConstructor::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.h:
        (WebCore::JSTestJSBuiltinConstructor::subspaceFor):
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
        (WebCore::JSTestMediaQueryListListener::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
        (WebCore::JSTestMediaQueryListListener::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp:
        (WebCore::JSTestNamedAndIndexedSetterNoIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.h:
        (WebCore::JSTestNamedAndIndexedSetterNoIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp:
        (WebCore::JSTestNamedAndIndexedSetterThrowingException::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.h:
        (WebCore::JSTestNamedAndIndexedSetterThrowingException::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp:
        (WebCore::JSTestNamedAndIndexedSetterWithIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.h:
        (WebCore::JSTestNamedAndIndexedSetterWithIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
        (WebCore::JSTestNamedConstructor::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedConstructor.h:
        (WebCore::JSTestNamedConstructor::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp:
        (WebCore::JSTestNamedDeleterNoIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.h:
        (WebCore::JSTestNamedDeleterNoIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp:
        (WebCore::JSTestNamedDeleterThrowingException::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.h:
        (WebCore::JSTestNamedDeleterThrowingException::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp:
        (WebCore::JSTestNamedDeleterWithIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.h:
        (WebCore::JSTestNamedDeleterWithIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp:
        (WebCore::JSTestNamedDeleterWithIndexedGetter::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.h:
        (WebCore::JSTestNamedDeleterWithIndexedGetter::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp:
        (WebCore::JSTestNamedGetterCallWith::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedGetterCallWith.h:
        (WebCore::JSTestNamedGetterCallWith::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp:
        (WebCore::JSTestNamedGetterNoIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.h:
        (WebCore::JSTestNamedGetterNoIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp:
        (WebCore::JSTestNamedGetterWithIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.h:
        (WebCore::JSTestNamedGetterWithIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp:
        (WebCore::JSTestNamedSetterNoIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.h:
        (WebCore::JSTestNamedSetterNoIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp:
        (WebCore::JSTestNamedSetterThrowingException::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.h:
        (WebCore::JSTestNamedSetterThrowingException::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp:
        (WebCore::JSTestNamedSetterWithIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.h:
        (WebCore::JSTestNamedSetterWithIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp:
        (WebCore::JSTestNamedSetterWithIndexedGetter::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.h:
        (WebCore::JSTestNamedSetterWithIndexedGetter::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp:
        (WebCore::JSTestNamedSetterWithIndexedGetterAndSetter::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.h:
        (WebCore::JSTestNamedSetterWithIndexedGetterAndSetter::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp:
        (WebCore::JSTestNamedSetterWithOverrideBuiltins::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.h:
        (WebCore::JSTestNamedSetterWithOverrideBuiltins::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp:
        (WebCore::JSTestNamedSetterWithUnforgableProperties::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.h:
        (WebCore::JSTestNamedSetterWithUnforgableProperties::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp:
        (WebCore::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.h:
        (WebCore::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins::subspaceFor):
        * bindings/scripts/test/JS/JSTestNode.cpp:
        (WebCore::JSTestNode::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNode.h:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::JSTestObj::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestObj.h:
        (WebCore::JSTestObj::subspaceFor):
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        (WebCore::JSTestOverloadedConstructors::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.h:
        (WebCore::JSTestOverloadedConstructors::subspaceFor):
        * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
        (WebCore::JSTestOverloadedConstructorsWithSequence::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.h:
        (WebCore::JSTestOverloadedConstructorsWithSequence::subspaceFor):
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
        (WebCore::JSTestOverrideBuiltins::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.h:
        (WebCore::JSTestOverrideBuiltins::subspaceFor):
        * bindings/scripts/test/JS/JSTestPluginInterface.cpp:
        (WebCore::JSTestPluginInterface::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestPluginInterface.h:
        (WebCore::JSTestPluginInterface::subspaceFor):
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:
        (WebCore::JSTestPromiseRejectionEvent::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.h:
        (WebCore::JSTestPromiseRejectionEvent::subspaceFor):
        * bindings/scripts/test/JS/JSTestSerialization.cpp:
        (WebCore::JSTestSerialization::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestSerialization.h:
        (WebCore::JSTestSerialization::subspaceFor):
        * bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.cpp:
        (WebCore::JSTestSerializationIndirectInheritance::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.h:
        (WebCore::JSTestSerializationIndirectInheritance::subspaceFor):
        * bindings/scripts/test/JS/JSTestSerializationInherit.cpp:
        (WebCore::JSTestSerializationInherit::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestSerializationInherit.h:
        (WebCore::JSTestSerializationInherit::subspaceFor):
        * bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp:
        (WebCore::JSTestSerializationInheritFinal::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestSerializationInheritFinal.h:
        (WebCore::JSTestSerializationInheritFinal::subspaceFor):
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
        (WebCore::JSTestSerializedScriptValueInterface::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
        (WebCore::JSTestSerializedScriptValueInterface::subspaceFor):
        * bindings/scripts/test/JS/JSTestStringifier.cpp:
        (WebCore::JSTestStringifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestStringifier.h:
        (WebCore::JSTestStringifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp:
        (WebCore::JSTestStringifierAnonymousOperation::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.h:
        (WebCore::JSTestStringifierAnonymousOperation::subspaceFor):
        * bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp:
        (WebCore::JSTestStringifierNamedOperation::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestStringifierNamedOperation.h:
        (WebCore::JSTestStringifierNamedOperation::subspaceFor):
        * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp:
        (WebCore::JSTestStringifierOperationImplementedAs::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.h:
        (WebCore::JSTestStringifierOperationImplementedAs::subspaceFor):
        * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp:
        (WebCore::JSTestStringifierOperationNamedToString::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.h:
        (WebCore::JSTestStringifierOperationNamedToString::subspaceFor):
        * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp:
        (WebCore::JSTestStringifierReadOnlyAttribute::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.h:
        (WebCore::JSTestStringifierReadOnlyAttribute::subspaceFor):
        * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp:
        (WebCore::JSTestStringifierReadWriteAttribute::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.h:
        (WebCore::JSTestStringifierReadWriteAttribute::subspaceFor):
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        (WebCore::JSTestTypedefs::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestTypedefs.h:
        (WebCore::JSTestTypedefs::subspaceFor):

2020-03-05  Andres Gonzalez  <andresg_22@apple.com>

        Fix for several failures of LayoutTests in isolated tree mode.
        https://bugs.webkit.org/show_bug.cgi?id=208658

        Reviewed by Chris Fleizach.

        - Exposes the scrollView method through the AXCoreObject interface so
        that wrapper code can use it for both AXObjects and IsolatedObjects.
        - Fix for a crash/assert where InvalidAXID cannot be passed as key to
        the HashMap methods.

        * accessibility/AccessibilityObject.h:
        * accessibility/AccessibilityObjectInterface.h:
        * accessibility/AccessibilityScrollView.h:
        * accessibility/isolatedtree/AXIsolatedObject.cpp:
        (WebCore::AXIsolatedObject::scrollView const):
        * accessibility/isolatedtree/AXIsolatedObject.h:
        * accessibility/isolatedtree/AXIsolatedTree.cpp:
        (WebCore::AXIsolatedTree::applyPendingChanges):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper scrollViewParent]):
        (-[WebAccessibilityObjectWrapper _accessibilityShowContextMenu]):

2020-03-05  Jacob Uphoff  <jacob_uphoff@apple.com>

        Unreviewed, rolling out r257945.

        This causes tests to fail

        Reverted changeset:

        "Remove the optimization for discarding no operation
        DisplayList items between Save and Restore items"
        https://bugs.webkit.org/show_bug.cgi?id=208659
        https://trac.webkit.org/changeset/257945

2020-03-05  Simon Fraser  <simon.fraser@apple.com>

        When using the scrolling thread, push ScrollingNodeIDs onto PlatformCALayers
        https://bugs.webkit.org/show_bug.cgi?id=208654

        Reviewed by Antti Koivisto.

        The scrolling thread on macOS will need to be able to associate layers with scrolling nodes,
        so push a ScrollingNodeID down through GraphicsLayer to PlatformCALayerCocoa.
        
        We only need one ScrollingNodeID per platform layer, since a given platform layer only
        ever has one scrolling role.

        * page/scrolling/ScrollingTree.cpp:
        (WebCore::ScrollingTree::scrollingTreeAsText):
        * platform/graphics/GraphicsLayer.cpp:
        (WebCore::GraphicsLayer::dumpProperties const):
        * platform/graphics/GraphicsLayer.h:
        (WebCore::GraphicsLayer::scrollingNodeID const):
        (WebCore::GraphicsLayer::setScrollingNodeID):
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::setScrollingNodeID):
        (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers):
        (WebCore::GraphicsLayerCA::updateScrollingNode):
        * platform/graphics/ca/GraphicsLayerCA.h:
        * platform/graphics/ca/PlatformCALayer.h: setEventRegion() doesn't need to be pure virtual.
        * platform/graphics/ca/cocoa/PlatformCALayerCocoa.h:
        * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:
        (WebCore::PlatformCALayerCocoa::setEventRegion):
        (WebCore::PlatformCALayerCocoa::eventRegionContainsPoint const):
        * platform/graphics/ca/win/PlatformCALayerWin.h:
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::detachFromScrollingCoordinator):
        (WebCore::RenderLayerBacking::setScrollingNodeIDForRole):
        * rendering/RenderLayerBacking.h:
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::ensureRootLayer):
        (WebCore::RenderLayerCompositor::attachScrollingNode): For subframe scrolling, the clipLayer
        is the layer that gets associated with a scrolling node.
        (WebCore::RenderLayerCompositor::updateScrollingNodeForScrollingProxyRole):

2020-03-05  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Remove the optimization for discarding no operation DisplayList items between Save and Restore items
        https://bugs.webkit.org/show_bug.cgi?id=208659

        Reviewed by Simon Fraser.

        This optimization is wrong in the case of drawing a canvas in general.
        The original implementation of the DisplayList assumes balanced Save/
        Restore GraphicsContext. In canvas a GraphicsConext 'save' can be issued
        in a frame and the corresponding restore is issued many frames later.

        * platform/graphics/displaylists/DisplayList.cpp:
        (WebCore::DisplayList::DisplayList::removeItemsFromIndex): Deleted.
        * platform/graphics/displaylists/DisplayList.h:
        * platform/graphics/displaylists/DisplayListItems.cpp:
        * platform/graphics/displaylists/DisplayListItems.h:
        (WebCore::DisplayList::Save::encode const):
        (WebCore::DisplayList::Save::decode):
        (WebCore::DisplayList::Save::restoreIndex const): Deleted.
        (WebCore::DisplayList::Save::setRestoreIndex): Deleted.
        * platform/graphics/displaylists/DisplayListRecorder.cpp:
        (WebCore::DisplayList::Recorder::save):
        (WebCore::DisplayList::Recorder::restore):
        * platform/graphics/displaylists/DisplayListRecorder.h:
        (WebCore::DisplayList::Recorder::ContextState::cloneForSave const):

2020-03-05  Simon Fraser  <simon.fraser@apple.com>

        Windows build fix after r257938.
        
        Surround the event region painting code with #if ENABLE(ASYNC_SCROLLING); Windows
        doesn't need to build this code.

        * rendering/RenderLayerBacking.cpp:
        * rendering/RenderLayerBacking.h:
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::updateBackingAndHierarchy):

2020-03-05  Antoine Quint  <graouts@apple.com>

        Page-specific UserStyleSheets should wait until the initial empty document has been removed to be injected
        https://bugs.webkit.org/show_bug.cgi?id=208644
        <rdar://problem/60042429>

        Reviewed by Brady Eidson.

        When a WKWebView is created and asked to load a URL, it will first load an empty initial document (about:blank) prior
        to creating a Document for the requested URL. We need to ensure that page-specific UserStyleSheets are only injected
        once the Document for the requested URL starts loading.

        When Page::injectUserStyleSheet() is called, if we determine that the empty initial document is visible, we enqueue
        the provided UserStyleSheet and wait until the new mainFrameDidChangeToNonInitialEmptyDocument() method is called
        to empty that queue and inject the UserStyleSheets then.

        This new method is called from Frame::setDocument() for a main frame once we've determined the frame's document has
        changed to a non-null value and that the frame loader's state machine indicates that we're no longer displaying the
        initial empty document.

        * dom/ExtensionStyleSheets.h:
        * page/Frame.cpp:
        (WebCore::Frame::setDocument):
        * page/Page.cpp:
        (WebCore::Page::injectUserStyleSheet):
        (WebCore::Page::removeInjectedUserStyleSheet):
        (WebCore::Page::mainFrameDidChangeToNonInitialEmptyDocument):
        * page/Page.h:

2020-03-05  Simon Fraser  <simon.fraser@apple.com>

        Generate layer event regions for async overflow scrolling on macOS
        https://bugs.webkit.org/show_bug.cgi?id=208649

        Reviewed by Antti Koivisto.

        Turn on the existing code for event region generation on macOS, and generate event
        regions when async overflow scroll is enabled.
        
        Tweak the region debug color to be more visible.

        Tests: fast/scrolling/mac/border-radius-event-region.html
               fast/scrolling/mac/event-region-visibility-hidden.html

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateEventRegion):
        (WebCore::RenderLayerBacking::paintDebugOverlays):

2020-03-05  Jer Noble  <jer.noble@apple.com>

        [GPUP] Implement RemoteAudioSession
        https://bugs.webkit.org/show_bug.cgi?id=208583

        Reviewed by Alex Christensen.

        Add EnumTraits for all the enumerations inside AudioSession.

        Make many AudioSession methods virtual, so they can be overridden in the case where the
        GPU process is enabled.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/audio/AudioSession.cpp:
        (WebCore::AudioSession::create):
        (WebCore::AudioSession::sharedSession):
        * platform/audio/AudioSession.h:

2020-03-05  Simon Fraser  <simon.fraser@apple.com>

        Make m_viewportConstrainedObjects into a WeakHashSet
        https://bugs.webkit.org/show_bug.cgi?id=208625

        Reviewed by Ryosuke Niwa.

        Use WeakHashSet<> for m_viewportConstrainedObjects.

        * page/FrameView.cpp:
        (WebCore::FrameView::didDestroyRenderTree):
        (WebCore::FrameView::addViewportConstrainedObject):
        (WebCore::FrameView::removeViewportConstrainedObject):
        (WebCore::FrameView::scrollContentsFastPath):
        (WebCore::FrameView::setViewportConstrainedObjectsNeedLayout):
        * page/FrameView.h:
        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::hasVisibleSlowRepaintViewportConstrainedObjects const):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::updateCompositingLayers):
        * rendering/RenderLayerModelObject.cpp:
        (WebCore::RenderLayerModelObject::willBeDestroyed):
        (WebCore::RenderLayerModelObject::styleDidChange):

2020-03-05  Kenneth Russell  <kbr@chromium.org>

        REGRESSION: [ Mac ] fast/canvas/webgl/texImage2D-video-flipY-false.html is Timing out
        https://bugs.webkit.org/show_bug.cgi?id=205734

        Fix two bugs in MediaPlayerPrivateAVFoundationObjC causing the
        preferred AVPlayerItemVideoOutput code path to not be taken, in
        the situation where GPU-to-GPU copies are not possible because the
        video's format doesn't allow them.

        Implement currentTime, fixing longstanding bug in the
        AVAssetImageGenerator fallback where only the first frame of the
        video would be displayed.

        Covered by existing layout test.

        Reviewed by Dean Jackson.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::currentTime const):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::paintCurrentFrameInContext):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::paintWithVideoOutput):

2020-03-05  youenn fablet  <youenn@apple.com>

        In case an activating service worker is terminated, it should go to activated state
        https://bugs.webkit.org/show_bug.cgi?id=208440
        <rdar://problem/59742332>

        Reviewed by Chris Dumez.

        Covered by updated test.

        * workers/service/server/SWServerWorker.cpp:
        (WebCore::SWServerWorker::setState):
        As per spec, if an activated service worker is terminated or its activate event is timing out,
        we should move it to activate state.

2020-03-05  Zalan Bujtas  <zalan@apple.com>

        [LFC][Integration] Reset position style on line breaks.
        https://bugs.webkit.org/show_bug.cgi?id=208646
        <rdar://problem/60086589>

        Reviewed by Antti Koivisto.

        Test: fast/inline/out-of-flow-positioned-line-break.html

        We need to treat line breaks as statically positioned inline content.
        In the long run we should do something along these lines:
        https://github.com/w3c/csswg-drafts/issues/610

        * layout/integration/LayoutIntegrationBoxTree.cpp:
        (WebCore::LayoutIntegration::BoxTree::buildTree):

2020-03-05  Eric Carlson  <eric.carlson@apple.com>

        Some media tests crash when run in the GPU process
        https://bugs.webkit.org/show_bug.cgi?id=208611
        <rdar://problem/60060320>

        Reviewed by Jer Noble.

        The AVPlayerItemOutputPullDelegate is not called on the main queue, so it can't
        use a WeakPtr that is created on the main queue. Rather than having the ObjC 
        delegate object call back to MediaPlayerPrivateAVFoundationObjC to signal a
        semaphore it owns, have the delegate object own the semaphore and expose it
        so MediaPlayerPrivateAVFoundationObjC can use it, removing the need for the
        WeakPtr completely.

        No new tests, this fixes a crash in existing tests.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::MediaPlayerPrivateAVFoundationObjC):
        Don't allocate m_videoOutputDelegate, it isn't needed immediately.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenLayer): Drive-by
        optimization: don't update the current image when the fullscreen layer is set to NULL.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createVideoOutput): Allocate m_videoOutputDelegate.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::waitForVideoOutputMediaDataWillChange):
        Wait on the deletage's semphore.
        (-[WebCoreAVFPullDelegate outputMediaDataWillChange:]):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::outputMediaDataWillChange): Deleted.
        (-[WebCoreAVFPullDelegate initWithPlayer:]): Deleted.

2020-03-05  Simon Fraser  <simon.fraser@apple.com>

        Change ScrollingTreeMac.cpp to a .mm file
        https://bugs.webkit.org/show_bug.cgi?id=208652

        Reviewed by Antti Koivisto.

        Simple file rename.

        * SourcesCocoa.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * page/scrolling/mac/ScrollingTreeMac.mm: Renamed from Source/WebCore/page/scrolling/mac/ScrollingTreeMac.cpp.

2020-03-05  Jason Lawrence  <lawrence.j@apple.com>

        Unreviewed, rolling out r257905.

        This commit caused crashes on Mac wk2 Debug.

        Reverted changeset:

        "Put all generated JSCells in WebCore into IsoSubspace"
        https://bugs.webkit.org/show_bug.cgi?id=205107
        https://trac.webkit.org/changeset/257905

2020-03-05  Simon Fraser  <simon.fraser@apple.com>

        Track "scrolling scope" on RenderLayers
        https://bugs.webkit.org/show_bug.cgi?id=208620

        Reviewed by Zalan Bujtas.

        Keep track of a "scrolling scope" on RenderLayers. Layers that share a scrolling scope
        get scrolled by some common async-scrollable containing-block ancestor. The scope is just
        a unique identifier.
        
        Each layer has two scopes; a "box" scope that applies to the background/borders, and
        a "content" scope that applies to (potentially) scrollable content. For most layers,
        these will be the same, and shared with the layer's containing block ancestor layer.

        For async-scrollable overflow, "box" scope is shared with the cb ancestor, but "content" scope
        will have a new value that applies to all the layers moved by that scroller.

        Having this value makes it easy to ask the question "is this layer scrolled by some ancestor",
        which is a tricky computation for things like a position:absolute layer inside a non-containing block
        stacking context overflow:scroll. Also, position:fixed whose containing block is the root will share
        the scrolling scope of the root.

        No behavior change.

        * rendering/RenderLayer.cpp:
        (WebCore::nextScrollingScope):
        (WebCore::RenderLayer::RenderLayer):
        (WebCore::RenderLayer::updateLayerPositions):
        (WebCore::RenderLayer::updateLayerPosition):
        (WebCore::outputPaintOrderTreeLegend):
        (WebCore::outputPaintOrderTreeRecursive):
        * rendering/RenderLayer.h:
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::isScrolledByOverflowScrollLayer):

2020-03-05  youenn fablet  <youenn@apple.com>

        Add logging support for capture sources in GPUProcess
        https://bugs.webkit.org/show_bug.cgi?id=208637

        Reviewed by Eric Carlson.

        Make sure RealtimeVideoSource propagates its logger to its underlying source and to its clones.
        No change of behavior.

        * platform/mediastream/RealtimeMediaSource.h:
        * platform/mediastream/RealtimeVideoSource.cpp:
        (WebCore::RealtimeVideoSource::clone):
        (WebCore::RealtimeVideoSource::setLogger):
        * platform/mediastream/RealtimeVideoSource.h:

2020-03-05  Wenson Hsieh  <wenson_hsieh@apple.com>

        Optimize Path::encode on platforms that support CGPathGetNumberOfElements
        https://bugs.webkit.org/show_bug.cgi?id=208266

        Reviewed by Darin Adler and Simon Fraser.

        When encoding Path objects, we currently first encode the number of elements in the path by iterating over each
        path element and incrementing a counter; then, we iterate over each element again, and encode information
        (points, angles, etc.) for each path element.

        However, on platforms that have the fix for <rdar://problem/59828724>, the first call to CGPathApply can be
        skipped, since CoreGraphics can (in constant time, for the most part) simply tell us how many elements are in
        the CGPath. See comments below for more details.

        There should be no change in behavior.

        * platform/graphics/Path.cpp:
        * platform/graphics/Path.h:

        Add an `elementCount` method on Path, which returns the count of elements in the path. On platforms where
        CGPathGetNumberOfElements exists (and the fix for <rdar://problem/59828724> is also present), we return the
        result of calling this SPI. Otherwise, fall back to mapping over each path element and incrementing a count.

        (WebCore::Path::encode const):

        Use the new `elementCount` method when encoding a WebCore::Path.

        * platform/graphics/cg/PathCG.cpp:
        (WebCore::Path::elementCount const):

2020-03-05  Zalan Bujtas  <zalan@apple.com>

        [LFC][Invalidation] Incoming image data should invalidate layout tree content
        https://bugs.webkit.org/show_bug.cgi?id=208640
        <rdar://problem/60083229>

        Reviewed by Antti Koivisto.

        This is a forced invalidation (in the least intrusive way) to make sure LFC has up-to-date replaced information.

        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::imageChanged):

2020-03-05  Youenn Fablet  <youenn@apple.com>

        Remove CoreAudioCaptureSourceFactory::setCoreAudioActiveSource/unsetCoreAudioActiveSource
        https://bugs.webkit.org/show_bug.cgi?id=208632

        Reviewed by Eric Carlson.

        We can remove this code since suspend/resume is now directly handled
        by the AudioSharedUnit singleton instead of going through the source.
        No change of behavior.

        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioCaptureSource::~CoreAudioCaptureSource):
        (WebCore::CoreAudioCaptureSource::startProducingData):
        * platform/mediastream/mac/CoreAudioCaptureSource.h:

2020-03-05  Youenn Fablet  <youenn@apple.com>

        Export NowPlaying commands to GPUProcess when media playing in GPUProcess is enabled
        https://bugs.webkit.org/show_bug.cgi?id=208568

        Reviewed by Eric Carlson.

        Removed PlatformMediaSessionClient NowPlaying getters since only HTMLMediaElement is eligible.
        Let MediaElementSession generates its own NowPlayingInfo when requested by the session manager.
        Use platform strategies to abstract out how to execute NowPlaying orders.

        Manually tested for NowPlaying functionality.
        Also covered by existing tests for the refactoring bits.

        * Headers.cmake:
        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::sourceApplicationIdentifier const): Deleted.
        * Modules/webaudio/AudioContext.h:
        * WebCore.xcodeproj/project.pbxproj:
        * html/HTMLMediaElement.h:
        * html/MediaElementSession.cpp:
        (WebCore::MediaElementSession::allowsPlaybackControlsForAutoplayingAudio const):
        (WebCore::MediaElementSession::nowPlayingInfo const):
        (WebCore::MediaElementSession::allowsNowPlayingControlsVisibility const): Deleted.
        * html/MediaElementSession.h:
        * platform/MediaStrategy.h:
        * platform/audio/AudioSession.h:
        * platform/audio/NowPlayingInfo.h: Added.
        (WebCore::NowPlayingInfo::encode const):
        (WebCore::NowPlayingInfo::decode):
        * platform/audio/PlatformMediaSession.cpp:
        (WebCore::PlatformMediaSession::nowPlayingInfo const):
        (WebCore::PlatformMediaSession::uniqueIdentifier const): Deleted.
        (WebCore::PlatformMediaSession::title const): Deleted.
        (WebCore::PlatformMediaSession::duration const): Deleted.
        (WebCore::PlatformMediaSession::currentTime const): Deleted.
        (WebCore::PlatformMediaSession::sourceApplicationIdentifier const): Deleted.
        (WebCore::PlatformMediaSessionClient::mediaSessionUniqueIdentifier const): Deleted.
        (WebCore::PlatformMediaSessionClient::mediaSessionTitle const): Deleted.
        (WebCore::PlatformMediaSessionClient::mediaSessionDuration const): Deleted.
        (WebCore::PlatformMediaSessionClient::mediaSessionCurrentTime const): Deleted.
        * platform/audio/PlatformMediaSession.h:
        (WebCore::PlatformMediaSession::allowsNowPlayingControlsVisibility const): Deleted.
        * platform/audio/cocoa/MediaSessionManagerCocoa.h:
        * platform/audio/cocoa/MediaSessionManagerCocoa.mm:
        (MediaSessionManagerCocoa::clearNowPlayingInfo):
        (MediaSessionManagerCocoa::setNowPlayingInfo):
        (MediaSessionManagerCocoa::nowPlayingEligibleSession):
        (MediaSessionManagerCocoa::updateNowPlayingInfo):
        * platform/audio/ios/MediaSessionManagerIOS.h:
        * platform/audio/ios/MediaSessionManagerIOS.mm:
        (WebCore::MediaSessionManageriOS::providePresentingApplicationPIDIfNecessary):
        (WebCore::MediaSessionManageriOS::providePresentingApplicationPID):

2020-03-04  Yusuke Suzuki  <ysuzuki@apple.com>

        Put all generated JSCells in WebCore into IsoSubspace
        https://bugs.webkit.org/show_bug.cgi?id=205107

        Reviewed by Saam Barati.

        This patch automatically generates IsoSubspace per WebCore DOM object type.
        In preprocess-idls.pl, we collect all the DOM object types and generate DOMIsoSubspaces class,
        which contains all the necessary IsoSubspaces. And it is held by WebCoreJSClientData.

        CodeGeneratorJS.pm starts putting `subspaceFor` and `subspaceForImpl` for each JS DOM wrapper classes.
        And we dynamically create IsoSubspace and set it to WebCoreJSClientData's DOMIsoSubspaces. At the same
        time, we register IsoSubspace to m_outputConstraintSpaces if the class has output constraits callback.

        * CMakeLists.txt:
        * DerivedSources-output.xcfilelist:
        * DerivedSources.make:
        * WebCoreMacros.cmake:
        * bindings/js/JSDOMWrapper.cpp:
        (WebCore::outputConstraintSubspaceFor): Deleted.
        * bindings/js/JSDOMWrapper.h:
        * bindings/js/WebCoreJSClientData.cpp:
        (WebCore::JSVMClientData::JSVMClientData):
        * bindings/js/WebCoreJSClientData.h:
        (WebCore::JSVMClientData::forEachOutputConstraintSpace):
        (WebCore::JSVMClientData::subspaces):
        (WebCore::JSVMClientData::outputConstraintSpace): Deleted.
        (WebCore::JSVMClientData::subspaceForJSDOMWindow): Deleted.
        (WebCore::JSVMClientData::subspaceForJSDedicatedWorkerGlobalScope): Deleted.
        (WebCore::JSVMClientData::subspaceForJSRemoteDOMWindow): Deleted.
        (WebCore::JSVMClientData::subspaceForJSWorkerGlobalScope): Deleted.
        (WebCore::JSVMClientData::subspaceForJSServiceWorkerGlobalScope): Deleted.
        (WebCore::JSVMClientData::subspaceForJSPaintWorkletGlobalScope): Deleted.
        (WebCore::JSVMClientData::subspaceForJSWorkletGlobalScope): Deleted.
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader):
        (GenerateImplementation):
        * bindings/scripts/generate-bindings-all.pl:
        * bindings/scripts/preprocess-idls.pl:
        * bindings/scripts/test/JS/JSInterfaceName.cpp:
        (WebCore::JSInterfaceName::subspaceForImpl):
        * bindings/scripts/test/JS/JSInterfaceName.h:
        (WebCore::JSInterfaceName::subspaceFor):
        * bindings/scripts/test/JS/JSMapLike.cpp:
        (WebCore::JSMapLike::subspaceForImpl):
        * bindings/scripts/test/JS/JSMapLike.h:
        (WebCore::JSMapLike::subspaceFor):
        * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
        (WebCore::JSReadOnlyMapLike::subspaceForImpl):
        * bindings/scripts/test/JS/JSReadOnlyMapLike.h:
        (WebCore::JSReadOnlyMapLike::subspaceFor):
        * bindings/scripts/test/JS/JSReadOnlySetLike.cpp:
        (WebCore::JSReadOnlySetLike::subspaceForImpl):
        * bindings/scripts/test/JS/JSReadOnlySetLike.h:
        (WebCore::JSReadOnlySetLike::subspaceFor):
        * bindings/scripts/test/JS/JSSetLike.cpp:
        (WebCore::JSSetLike::subspaceForImpl):
        * bindings/scripts/test/JS/JSSetLike.h:
        (WebCore::JSSetLike::subspaceFor):
        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        (WebCore::JSTestActiveDOMObject::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestActiveDOMObject.h:
        (WebCore::JSTestActiveDOMObject::subspaceFor):
        * bindings/scripts/test/JS/JSTestCEReactions.cpp:
        (WebCore::JSTestCEReactions::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestCEReactions.h:
        (WebCore::JSTestCEReactions::subspaceFor):
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
        (WebCore::JSTestCEReactionsStringifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.h:
        (WebCore::JSTestCEReactionsStringifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestCallTracer.cpp:
        (WebCore::JSTestCallTracer::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestCallTracer.h:
        (WebCore::JSTestCallTracer::subspaceFor):
        * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
        (WebCore::JSTestClassWithJSBuiltinConstructor::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.h:
        (WebCore::JSTestClassWithJSBuiltinConstructor::subspaceFor):
        * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
        (WebCore::JSTestDOMJIT::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestDOMJIT.h:
        (WebCore::JSTestDOMJIT::subspaceFor):
        * bindings/scripts/test/JS/JSTestEnabledBySetting.cpp:
        (WebCore::JSTestEnabledBySetting::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestEnabledBySetting.h:
        (WebCore::JSTestEnabledBySetting::subspaceFor):
        * bindings/scripts/test/JS/JSTestEnabledForContext.cpp:
        (WebCore::JSTestEnabledForContext::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestEnabledForContext.h:
        (WebCore::JSTestEnabledForContext::subspaceFor):
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        (WebCore::JSTestEventConstructor::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestEventConstructor.h:
        (WebCore::JSTestEventConstructor::subspaceFor):
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        (WebCore::JSTestEventTarget::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestEventTarget.h:
        (WebCore::JSTestEventTarget::subspaceFor):
        * bindings/scripts/test/JS/JSTestException.cpp:
        (WebCore::JSTestException::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestException.h:
        (WebCore::JSTestException::subspaceFor):
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
        (WebCore::JSTestGenerateIsReachable::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.h:
        (WebCore::JSTestGenerateIsReachable::subspaceFor):
        * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
        (WebCore::JSTestGlobalObject::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestGlobalObject.h:
        (WebCore::JSTestGlobalObject::subspaceFor):
        * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp:
        (WebCore::JSTestIndexedSetterNoIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.h:
        (WebCore::JSTestIndexedSetterNoIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp:
        (WebCore::JSTestIndexedSetterThrowingException::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.h:
        (WebCore::JSTestIndexedSetterThrowingException::subspaceFor):
        * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp:
        (WebCore::JSTestIndexedSetterWithIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.h:
        (WebCore::JSTestIndexedSetterWithIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        (WebCore::JSTestInterface::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestInterface.h:
        * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp:
        (WebCore::JSTestInterfaceLeadingUnderscore::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.h:
        (WebCore::JSTestInterfaceLeadingUnderscore::subspaceFor):
        * bindings/scripts/test/JS/JSTestIterable.cpp:
        (WebCore::JSTestIterable::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestIterable.h:
        (WebCore::JSTestIterable::subspaceFor):
        * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
        (WebCore::JSTestJSBuiltinConstructor::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.h:
        (WebCore::JSTestJSBuiltinConstructor::subspaceFor):
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
        (WebCore::JSTestMediaQueryListListener::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
        (WebCore::JSTestMediaQueryListListener::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp:
        (WebCore::JSTestNamedAndIndexedSetterNoIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.h:
        (WebCore::JSTestNamedAndIndexedSetterNoIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp:
        (WebCore::JSTestNamedAndIndexedSetterThrowingException::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.h:
        (WebCore::JSTestNamedAndIndexedSetterThrowingException::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp:
        (WebCore::JSTestNamedAndIndexedSetterWithIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.h:
        (WebCore::JSTestNamedAndIndexedSetterWithIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
        (WebCore::JSTestNamedConstructor::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedConstructor.h:
        (WebCore::JSTestNamedConstructor::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp:
        (WebCore::JSTestNamedDeleterNoIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.h:
        (WebCore::JSTestNamedDeleterNoIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp:
        (WebCore::JSTestNamedDeleterThrowingException::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.h:
        (WebCore::JSTestNamedDeleterThrowingException::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp:
        (WebCore::JSTestNamedDeleterWithIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.h:
        (WebCore::JSTestNamedDeleterWithIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp:
        (WebCore::JSTestNamedDeleterWithIndexedGetter::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.h:
        (WebCore::JSTestNamedDeleterWithIndexedGetter::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp:
        (WebCore::JSTestNamedGetterCallWith::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedGetterCallWith.h:
        (WebCore::JSTestNamedGetterCallWith::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp:
        (WebCore::JSTestNamedGetterNoIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.h:
        (WebCore::JSTestNamedGetterNoIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp:
        (WebCore::JSTestNamedGetterWithIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.h:
        (WebCore::JSTestNamedGetterWithIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp:
        (WebCore::JSTestNamedSetterNoIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.h:
        (WebCore::JSTestNamedSetterNoIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp:
        (WebCore::JSTestNamedSetterThrowingException::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.h:
        (WebCore::JSTestNamedSetterThrowingException::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp:
        (WebCore::JSTestNamedSetterWithIdentifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.h:
        (WebCore::JSTestNamedSetterWithIdentifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp:
        (WebCore::JSTestNamedSetterWithIndexedGetter::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.h:
        (WebCore::JSTestNamedSetterWithIndexedGetter::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp:
        (WebCore::JSTestNamedSetterWithIndexedGetterAndSetter::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.h:
        (WebCore::JSTestNamedSetterWithIndexedGetterAndSetter::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp:
        (WebCore::JSTestNamedSetterWithOverrideBuiltins::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.h:
        (WebCore::JSTestNamedSetterWithOverrideBuiltins::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp:
        (WebCore::JSTestNamedSetterWithUnforgableProperties::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.h:
        (WebCore::JSTestNamedSetterWithUnforgableProperties::subspaceFor):
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp:
        (WebCore::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.h:
        (WebCore::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins::subspaceFor):
        * bindings/scripts/test/JS/JSTestNode.cpp:
        (WebCore::JSTestNode::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestNode.h:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::JSTestObj::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestObj.h:
        (WebCore::JSTestObj::subspaceFor):
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        (WebCore::JSTestOverloadedConstructors::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.h:
        (WebCore::JSTestOverloadedConstructors::subspaceFor):
        * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
        (WebCore::JSTestOverloadedConstructorsWithSequence::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.h:
        (WebCore::JSTestOverloadedConstructorsWithSequence::subspaceFor):
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
        (WebCore::JSTestOverrideBuiltins::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.h:
        (WebCore::JSTestOverrideBuiltins::subspaceFor):
        * bindings/scripts/test/JS/JSTestPluginInterface.cpp:
        (WebCore::JSTestPluginInterface::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestPluginInterface.h:
        (WebCore::JSTestPluginInterface::subspaceFor):
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:
        (WebCore::JSTestPromiseRejectionEvent::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.h:
        (WebCore::JSTestPromiseRejectionEvent::subspaceFor):
        * bindings/scripts/test/JS/JSTestSerialization.cpp:
        (WebCore::JSTestSerialization::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestSerialization.h:
        (WebCore::JSTestSerialization::subspaceFor):
        * bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.cpp:
        (WebCore::JSTestSerializationIndirectInheritance::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.h:
        (WebCore::JSTestSerializationIndirectInheritance::subspaceFor):
        * bindings/scripts/test/JS/JSTestSerializationInherit.cpp:
        (WebCore::JSTestSerializationInherit::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestSerializationInherit.h:
        (WebCore::JSTestSerializationInherit::subspaceFor):
        * bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp:
        (WebCore::JSTestSerializationInheritFinal::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestSerializationInheritFinal.h:
        (WebCore::JSTestSerializationInheritFinal::subspaceFor):
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
        (WebCore::JSTestSerializedScriptValueInterface::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
        (WebCore::JSTestSerializedScriptValueInterface::subspaceFor):
        * bindings/scripts/test/JS/JSTestStringifier.cpp:
        (WebCore::JSTestStringifier::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestStringifier.h:
        (WebCore::JSTestStringifier::subspaceFor):
        * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp:
        (WebCore::JSTestStringifierAnonymousOperation::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.h:
        (WebCore::JSTestStringifierAnonymousOperation::subspaceFor):
        * bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp:
        (WebCore::JSTestStringifierNamedOperation::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestStringifierNamedOperation.h:
        (WebCore::JSTestStringifierNamedOperation::subspaceFor):
        * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp:
        (WebCore::JSTestStringifierOperationImplementedAs::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.h:
        (WebCore::JSTestStringifierOperationImplementedAs::subspaceFor):
        * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp:
        (WebCore::JSTestStringifierOperationNamedToString::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.h:
        (WebCore::JSTestStringifierOperationNamedToString::subspaceFor):
        * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp:
        (WebCore::JSTestStringifierReadOnlyAttribute::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.h:
        (WebCore::JSTestStringifierReadOnlyAttribute::subspaceFor):
        * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp:
        (WebCore::JSTestStringifierReadWriteAttribute::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.h:
        (WebCore::JSTestStringifierReadWriteAttribute::subspaceFor):
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        (WebCore::JSTestTypedefs::subspaceForImpl):
        * bindings/scripts/test/JS/JSTestTypedefs.h:
        (WebCore::JSTestTypedefs::subspaceFor):

2020-03-04  Andres Gonzalez  <andresg_22@apple.com>

        Fix for test accessibility/mac/aria-liveregions-addedelement.html in IsolatedTree mode.
        https://bugs.webkit.org/show_bug.cgi?id=208624

        Reviewed by Chris Fleizach.

        Test: accessibility/mac/aria-liveregions-addedelement.html

        LayoutTests can request the focused element before they call any method
        in the WebAccessibilityObjectWrapper through AccessibilityController::focusedElement,
        and thus the focused element may be amongst the pending appends of the
        IsolatedTree. This change sets the focused element in the isolated
        treee during generation, so it can be returned to the AccessibilityController
        even if no WebAccessibilityObjectWrapper calls have been made.

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::generateIsolatedTree):
        * accessibility/isolatedtree/AXIsolatedTree.cpp:
        (WebCore::AXIsolatedTree::focusedUIElement):
        (WebCore::AXIsolatedTree::setFocusedNode):
        * accessibility/isolatedtree/AXIsolatedTree.h:

2020-03-04  Simon Fraser  <simon.fraser@apple.com>

        Make m_slowRepaintObjects a WeakHashSet
        https://bugs.webkit.org/show_bug.cgi?id=208623

        Reviewed by Ryosuke Niwa.

        Use WeakHashSet<> for m_slowRepaintObjects, rather than a HashSet of raw pointers.

        * page/FrameView.cpp:
        (WebCore::FrameView::didDestroyRenderTree):
        (WebCore::FrameView::addSlowRepaintObject):
        (WebCore::FrameView::removeSlowRepaintObject):
        (WebCore::FrameView::repaintSlowRepaintObjects):
        * page/FrameView.h:

2020-03-04  Sihui Liu  <sihui_liu@apple.com>

        Remove unused variable m_allUniqueIDBDatabases in IDBServer
        https://bugs.webkit.org/show_bug.cgi?id=208613

        Reviewed by Chris Dumez.

        * Modules/indexeddb/server/IDBServer.h:
        (WebCore::IDBServer::IDBServer::addDatabase): Deleted.
        (WebCore::IDBServer::IDBServer::removeDatabase): Deleted.
        * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
        (WebCore::IDBServer::UniqueIDBDatabase::UniqueIDBDatabase):
        (WebCore::IDBServer::UniqueIDBDatabase::~UniqueIDBDatabase):

2020-03-04  Zalan Bujtas  <zalan@apple.com>

        [VNE layout] Move visually non-empty content reporting to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=208606
        <rdar://problem/60056951>

        Reviewed by Simon Fraser.

        Move the VNE reporting logic from the c'tors to the RenderTreeBuilder.

        * rendering/RenderEmbeddedObject.cpp:
        (WebCore::RenderEmbeddedObject::RenderEmbeddedObject):
        * rendering/RenderHTMLCanvas.cpp:
        (WebCore::RenderHTMLCanvas::RenderHTMLCanvas):
        * rendering/RenderText.cpp:
        (WebCore::RenderText::RenderText):
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::attach):
        (WebCore::RenderTreeBuilder::attachInternal):
        (WebCore::RenderTreeBuilder::attachIgnoringContinuation):
        (WebCore::RenderTreeBuilder::reportVisuallyNonEmptyContent):
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeUpdater.cpp:
        (WebCore::RenderTreeUpdater::createRenderer):
        (WebCore::RenderTreeUpdater::createTextRenderer):

2020-03-04  Wenson Hsieh  <wenson_hsieh@apple.com>

        Add system trace points around display list replay
        https://bugs.webkit.org/show_bug.cgi?id=208616

        Reviewed by Simon Fraser.

        Surround DisplayList::Replayer::replay with trace points.

        * platform/graphics/displaylists/DisplayListReplayer.cpp:
        (WebCore::DisplayList::Replayer::replay):

2020-03-04  Doug Kelly  <dougk@apple.com>

        Crash in SVGElement::removeEventListener with symbol element
        https://bugs.webkit.org/show_bug.cgi?id=207920

        Reviewed by Ryosuke Niwa.

        Resolves a crash in SVGElement::removeEventListener by only attaching the events to the window if the SVG element is both the outermost
        SVG element, in addition to ensuring the SVG element is attached to the tree.  The symbol element's behavior when referenced by a use
        tag actually creates an svg tag instead, so the SVGSVGElement's special behavior for copying attributes is vital.

        Note that Chrome and Firefox have a similar behavior for detached SVG elements as to what this change creates: in both other browsers,
        onerror is not fired for a detached svg element, and in Firefox, onresize is not fired for a detached svg element (it is however fired
        in Chrome).

        Tests: fast/events/detached-svg-parent-window-events.html
               fast/events/onerror-svg-symbol.html

        * svg/SVGSVGElement.cpp:
        (WebCore::SVGSVGElement::parseAttribute):

2020-03-04  Andres Gonzalez  <andresg_22@apple.com>

        Fix for crash in AXIsolatedObject::fillChildrenVectorForProperty.
        https://bugs.webkit.org/show_bug.cgi?id=208618

        Reviewed by Chris Fleizach.

        Reserve capacity of WTF::Vector before using it since constructor
        doesn't do it.

        * accessibility/isolatedtree/AXIsolatedObject.cpp:
        (WebCore::AXIsolatedObject::fillChildrenVectorForProperty const):
        * accessibility/isolatedtree/AXIsolatedTree.cpp:
        (WebCore::AXIsolatedTree::objectsForIDs const):

2020-03-04  Chris Dumez  <cdumez@apple.com>

        Adopt new and improved CFNetwork SPI for cookie change notifications
        https://bugs.webkit.org/show_bug.cgi?id=208594
        <rdar://problem/60053313>

        Reviewed by Alex Christensen.

        Adopt new and improved CFNetwork SPI for cookie change notifications. Notifications are now per domain
        and the domain matches one of the domains we listen for cookie changes on.

        This also fixes a bug where httpOnly cookies would be sent to the WebContent processes in cookie change
        notifications, even though the WebProcesses are not interested in those.

        * platform/network/NetworkStorageSession.h:
        * platform/network/cocoa/NetworkStorageSessionCocoa.mm:
        (WebCore::NetworkStorageSession::registerCookieChangeListenersIfNecessary):

2020-03-04  Alex Christensen  <achristensen@webkit.org>

        Add SPI to evaluate JavaScript in an iframe
        https://bugs.webkit.org/show_bug.cgi?id=208605

        Reviewed by Brady Eidson.

        Covered by new API tests.

        * bindings/js/DOMWrapperWorld.cpp:
        (WebCore::DOMWrapperWorld::DOMWrapperWorld):
        Remove a now-invalid assertion that was firing during my test.
        API::ContentWorld::defaultClientWorld creates a world with no name and type Type::User.
        I'm surprised this wasn't hit before.

2020-03-03  Jiewen Tan  <jiewen_tan@apple.com>

        [WebAuthn] Implement -[_WKWebAuthenticationPanelDelegate panel:decidePolicyForLocalAuthenticatorWithCompletionHandler:] SPI
        https://bugs.webkit.org/show_bug.cgi?id=208533
        <rdar://problem/60010184>

        Reviewed by Alex Christensen.

        Covered by new tests within existing test files.

        * en.lproj/Localizable.strings:
        * platform/LocalizedStrings.cpp:
        (WebCore::touchIDPromptTitle):
        (WebCore::biometricFallbackPromptTitle):
        * platform/LocalizedStrings.h:
        Adds localized strings to support the customized LocalAuthentication dialog.

2020-03-04  Antoine Quint  <graouts@apple.com>

        Add an SPI to allow UserStyleSheet injection to target a specific WKWebView
        https://bugs.webkit.org/show_bug.cgi?id=208575
        <rdar://problem/59773690>

        Reviewed by Brady Eidson.

        Add a new Optional<PageIdentifier> member to UserStyleSheet which indicates whether the UserStyleSheet is supposed
        to be injected for all WKWebViews, or only a specific top-level WKWebView associated with a Page with the give ID.

        In ExtensionStyleSheets::updateInjectedStyleSheetCache(), UserStyleSheets with a specified pageID are ignored. Instead,
        we now also consider CSSStyleSheets listed in the new m_pageSpecificStyleSheets which contains page-specific stylesheets
        to be injected for the associated Document.

        The new Page::injectUserStyleSheet() method allows the addition of a UserStyleSheet on its documents' ExtensionStyleSheets,
        and will call this method either for the main frame's Document, or all Documents, depending on the UserStyleSheet's configuration.

        Finally, these new targeted UserStyleSheets can be removed via Page::removeInjectedUserStyleSheet() and
        ExtensionStyleSheets::removePageSpecificUserStyleSheet().

        * dom/ExtensionStyleSheets.cpp:
        (WebCore::ExtensionStyleSheets::updateInjectedStyleSheetCache const):
        (WebCore::ExtensionStyleSheets::injectPageSpecificUserStyleSheet):
        (WebCore::ExtensionStyleSheets::removePageSpecificUserStyleSheet):
        (WebCore::ExtensionStyleSheets::detachFromDocument):
        * dom/ExtensionStyleSheets.h:
        * page/Page.cpp:
        (WebCore::Page::injectUserStyleSheet):
        (WebCore::Page::removeInjectedUserStyleSheet):
        * page/Page.h:
        * page/UserStyleSheet.h:
        (WebCore::UserStyleSheet::UserStyleSheet):
        (WebCore::UserStyleSheet::pageID const):

2020-03-04  Jer Noble  <jer.noble@apple.com>

        [GPUP] Implement Modern EME API in the GPU Process
        https://bugs.webkit.org/show_bug.cgi?id=208090

        Reviewed by Eric Carlson.

        Add export macros to CDMFactory::registeredFactories().

        * platform/encryptedmedia/CDMFactory.h:

2020-03-04  Ben Nham  <nham@apple.com>

        Remove initial layout throttler
        https://bugs.webkit.org/show_bug.cgi?id=208285

        Reviewed by Antti Koivisto.

        This removes a throttle that can prevent us from laying out during the first 250 ms of page
        load. This throttle is generally not effective (many pages have JS that force a sync layout
        before the first 250 ms of loading) and is also extremely outdated (the comment says the
        interval is too high for dual G5s). We already have too many throttles in too many places,
        so let's remove this one.

        * dom/Document.cpp:
        (WebCore::Document::implicitClose):
        (WebCore::Document::shouldScheduleLayout const):
        (WebCore::Document::isLayoutTimerActive const):
        (WebCore::Document::shouldScheduleLayout): Deleted.
        (WebCore::Document::isLayoutTimerActive): Deleted.
        (WebCore::Document::minimumLayoutDelay): Deleted.
        (WebCore::Document::timeSinceDocumentCreation const): Deleted.
        * dom/Document.h:
        (WebCore::Document::parsing const):
        (WebCore::Document::timeSinceDocumentCreation const):
        * page/FrameViewLayoutContext.cpp:
        (WebCore::FrameViewLayoutContext::layout):
        (WebCore::FrameViewLayoutContext::reset):
        (WebCore::FrameViewLayoutContext::scheduleLayout):
        (WebCore::FrameViewLayoutContext::unscheduleLayout):
        (WebCore::FrameViewLayoutContext::scheduleSubtreeLayout):
        * page/FrameViewLayoutContext.h:
        * page/SettingsBase.cpp:
        (WebCore::SettingsBase::SettingsBase):
        (WebCore::SettingsBase::setLayoutInterval): Deleted.
        * page/SettingsBase.h:
        (WebCore::SettingsBase::layoutInterval const): Deleted.

2020-03-04  Antti Koivisto  <antti@apple.com>

        Avoid full style resolution on Element::focus()
        https://bugs.webkit.org/show_bug.cgi?id=208504
        <rdar://problem/60035288>

        Unreviewed followup.

        * dom/Element.cpp:
        (WebCore::Element::resolveComputedStyle):
        (WebCore::Element::isVisibleWithoutResolvingFullStyle const):

        Emilio spotted that this neeeds to be a composed ancestor walk to match resolveComputedStyle.

2020-03-04  Simon Fraser  <simon.fraser@apple.com>

        (r256513) [ Mac ] fast/scrolling/programmatic-scroll-to-zero-zero.html is a flaky failure
        https://bugs.webkit.org/show_bug.cgi?id=207948

        Reviewed by Zalan Bujtas.

        It was possible for WheelEventTestMonitor to fire the callback before receiving any wheel events, if
        no deferral reasons happened before the timer fires. Let's require at least one deferral.

        There was no deferral for main-thread iframe wheel event handling, so add that so that tests that
        slow-scroll iframes work.

        Should de-flake fast/scrolling/programmatic-scroll-to-zero-zero.html and maybe other tests.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::handleWheelEvent):
        * page/WheelEventTestMonitor.cpp:
        (WebCore::WheelEventTestMonitor::clearAllTestDeferrals):
        (WebCore::WheelEventTestMonitor::deferForReason):
        (WebCore::WheelEventTestMonitor::triggerTestTimerFired):
        (WebCore::operator<<):
        * page/WheelEventTestMonitor.h:
        (WebCore::WheelEventTestMonitorCompletionDeferrer::WheelEventTestMonitorCompletionDeferrer):
        (WebCore::WheelEventTestMonitorCompletionDeferrer::~WheelEventTestMonitorCompletionDeferrer):

2020-03-04  Zalan Bujtas  <zalan@apple.com>

        [LFC][IFC] Display::Run::TextContent::expand(unsigned) is called with the value of -1.
        https://bugs.webkit.org/show_bug.cgi?id=208558
        <rdar://problem/60026658>

        Reviewed by Antti Koivisto.

        * layout/displaytree/DisplayRun.h:
        (WebCore::Display::Run::TextContent::shrink):
        * layout/inlineformatting/InlineLineBuilder.cpp:
        (WebCore::Layout::LineBuilder::Run::removeTrailingWhitespace):

2020-03-04  Zalan Bujtas  <zalan@apple.com>

        [First paint] Going from visually empty to non-empty should immediately trigger layer unfreezing
        https://bugs.webkit.org/show_bug.cgi?id=208385
        <rdar://problem/59895900>

        Reviewed by Antti Koivisto.

        Now that VNE check and layout are decoupled, we should also decouple the VNE layout milestone and
        layer unfreezing.
        In many cases a style change does not initiate synchronous layout (see Document::updateStyleIfNeeded) which
        potentially delays the first paint. This patch ensure that we unfreeze the layer tree and issue paint soon after
        the style change produced a VNE content. 

        * loader/EmptyFrameLoaderClient.h:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::didReachVisuallyNonEmptyState):
        * loader/FrameLoader.h:
        * loader/FrameLoaderClient.h:
        * page/FrameView.cpp:
        (WebCore::FrameView::styleAndRenderTreeDidChange):
        (WebCore::FrameView::checkAndDispatchDidReachVisuallyNonEmptyState):
        (WebCore::FrameView::fireLayoutRelatedMilestonesIfNeeded):
        (WebCore::FrameView::qualifiesAsVisuallyNonEmpty const): Deleted.
        * page/FrameView.h:

2020-03-04  Antti Koivisto  <antti@apple.com>

        Avoid full style resolution on Element::focus()
        https://bugs.webkit.org/show_bug.cgi?id=208504

        Reviewed by Zalan Bujtas.

        Element::focus() currently triggers full style resolution both before (to compute element visibility)
        and after (for no particular reason).

        Resolving style can be costly if there are further DOM mutations that end up invalidating it again.
        This patch adds a cheaper single-element way to computing visibility and uses it for focus().

        This appears to be 3-4% Speedometer progression.

        Test: fast/forms/focus-after-visibility-change.html

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::focusedUIElementForPage):

        AX code assumes renderers have exist for focused element so ensure style is up to date.

        * dom/Document.cpp:
        (WebCore::Document::setFocusedElement):

        Remove style resolution.

        * dom/Element.cpp:
        (WebCore::Element::isFocusable const):

        Use isVisibleWithoutResolvingFullStyle helper.

        (WebCore::Element::focus):

        Avoid style resolution if the element is in a subtree that doesn't have renderers yet.

        (WebCore::Element::resolveComputedStyle):

        Add a mode where we bail out when we figure out we are in display:none subtree.

        (WebCore::Element::hasValidStyle const):

        See if we already have valid style.

        (WebCore::Element::isVisibleWithoutResolvingFullStyle const):

        Use computed style mechanism for subtrees that have no renderers yet.

        (WebCore::Element::computedStyle):
        * dom/Element.h:
        * html/HTMLAreaElement.cpp:
        (WebCore::HTMLAreaElement::isFocusable const):

        Use isVisibleWithoutResolvingFullStyle here too.

        * html/HTMLSelectElement.cpp:
        (WebCore::HTMLSelectElement::platformHandleKeydownEvent):
        (WebCore::HTMLSelectElement::menuListDefaultEventHandler):

        Update style after explicit focus() calls to keep the existing behavior.

        * html/HTMLTextFormControlElement.cpp:
        (WebCore::HTMLTextFormControlElement::setRangeText):

        Ensure the renderer is created.

        * html/shadow/SpinButtonElement.cpp:
        (WebCore::SpinButtonElement::forwardEvent):

        Remove unneeded renderer test.

2020-03-04  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK][WPE] Use restore view icon for exit fullscreen button in media controls
        https://bugs.webkit.org/show_bug.cgi?id=208511

        Reviewed by Xabier Rodriguez-Calvar.

        We currently use view fullscreen for both entering and leaving.

        * Modules/mediacontrols/mediaControlsAdwaita.css:
        (video::-webkit-media-controls-fullscreen-button.exit):
        (audio::-webkit-media-controls-fullscreen-button,): Deleted.
        (audio::-webkit-media-controls-fullscreen-button.hidden,): Deleted.
        * Modules/mediacontrols/mediaControlsAdwaita.js:
        (Controller.prototype.handleFullscreenChange):

2020-03-04  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK][WPE] Stop adding volume-box class to volume box element
        https://bugs.webkit.org/show_bug.cgi?id=208510

        Reviewed by Xabier Rodriguez-Calvar.

        The class was removed in r257705 because it's not used by our css.

        * Modules/mediacontrols/mediaControlsAdwaita.js:
        (Controller.prototype.createControls):

2020-03-03  Devin Rousso  <drousso@apple.com>

        Web Inspector: re-add `InspectorFrontendHost` support for moving the inspected window
        https://bugs.webkit.org/show_bug.cgi?id=208555

        Reviewed by Timothy Hatcher.

        Partially revert r257759, as the design changed enough such that this code is still useful.

        Allow the Web Inspector frontend to ask the containing app (via `InspectorFrontendClient`)
        whether it supports the given docking configuration.

        * inspector/InspectorFrontendHost.idl:
        * inspector/InspectorFrontendHost.h:
        * inspector/InspectorFrontendHost.cpp:
        (WebCore::dockSideFromString): Added.
        (WebCore::InspectorFrontendHost::supportsDockSide): Added.
        (WebCore::InspectorFrontendHost::requestSetDockSide):
        (WebCore::InspectorFrontendHost::startWindowDrag): Added.
        (WebCore::InspectorFrontendHost::moveWindowBy const): Added.

        * inspector/InspectorFrontendClient.h:

        * inspector/InspectorFrontendClientLocal.cpp:
        * inspector/InspectorFrontendClientLocal.h:
        (WebCore::InspectorFrontendClientLocal::moveWindowBy): Added.

        * testing/Internals.cpp:
        (WebCore::InspectorStubFrontend::supportsDockSide): Added.

2020-03-03  Devin Rousso  <drousso@apple.com>

        Web Inspector: set both the page's and the window's appearance when modifying the frontend forced appearance in the case that the frontend is docked
        https://bugs.webkit.org/show_bug.cgi?id=208557

        Reviewed by Timothy Hatcher.

        * inspector/InspectorFrontendHost.cpp:
        (WebCore::InspectorFrontendHost::setForcedAppearance):
        `InspectorFrontendClient::setForcedAppearance` only has an effect when Web Inspector is
        detached/undocked, meaning that changing the Appearance in the Settings Tab when docked has
        no effect. In addition to notifying the `InspectorFrontendClient`, we should also call
        `Page::setUseDarkAppearanceOverride` so that if Web Inspector is docked, the apperance
        changes. The Web Inspector frontend page's apperance would normally change to match the
        appearance of the window, but when Web Inspector is docked there is no window.

2020-03-03  Ryosuke Niwa  <rniwa@webkit.org>

        Batch observations and completions of text manipulations
        https://bugs.webkit.org/show_bug.cgi?id=208406

        Reviewed by Wenson Hsieh.

        This patch updates TextManipulationController to notify and replace multiple paragraphs at once.

        To allow some form of parallelism for the client application to process items while WebContent's main thread
        is finding paragraphs, we notify the client every 128 items.

        Tests: TestWebKitAPI.TextManipulation.StartTextManipulationSupportsLegacyDelegateCallback: Added.
               TestWebKitAPI.TextManipulation.LegacyCompleteTextManipulationReplaceSimpleSingleParagraph: Added.
               TestWebKitAPI.TextManipulation.CompleteTextManipulationReplaceMultipleSimpleParagraphsAtOnce: Added.
               TestWebKitAPI.TextManipulation.CompleteTextManipulationShouldBatchItemCallback: Added.
               TestWebKitAPI.TextManipulation.CompleteTextManipulationFailWhenItemIdentifierIsDuplicated: Added.
               TestWebKitAPI.TextManipulation.CompleteTextManipulationCanHandleSubsetOfItemsToFail: Added.

        * editing/TextManipulationController.cpp:
        (WebCore::TextManipulationController::startObservingParagraphs):
        (WebCore::TextManipulationController::scheduleObservartionUpdate):
        (WebCore::TextManipulationController::addItem): Added.
        (WebCore::TextManipulationController::flushPendingItemsForCallback): Added.
        (WebCore::TextManipulationController::completeManipulation): Apply each ManipulationItem changes and return
        an array for ManipulationFailure for those that failed.
        (WebCore::TextManipulationController::replace):
        * editing/TextManipulationController.h:
        (WebCore::TextManipulationController::ManipulationItem): Added.
        (WebCore::TextManipulationController::ManipulationFailureType): Renamed from ManipulationResult.
        (WebCore::TextManipulationController::ManipulationFailure): Added.
        (WebCore::TextManipulationController::ManipulationItemData): Renamed from ManipulationItem. 
        (WebCore::TextManipulationController::ManipulationItem::encode const): Added.
        (WebCore::TextManipulationController::ManipulationItem::decode): Added.
        (WebCore::TextManipulationController::ManipulationFailure::encode const): Added.
        (WebCore::TextManipulationController::ManipulationFailure::decode): Added.

2020-03-03  Per Arne Vollan  <pvollan@apple.com>

        [Cocoa] Mapping from MIME type to UTI type should be done in the UI process
        https://bugs.webkit.org/show_bug.cgi?id=208415

        Reviewed by Brent Fulgham.

        This is currently done in the WebContent process, but since this is using a system service which will be closed,
        this mapping should be moved to the UI process. The UI process will create this mapping for a set of mime types,
        and send it to the WebContent process.

        API test: WebKit.UTIFromMIMEType

        * platform/network/mac/UTIUtilities.h:
        * platform/network/mac/UTIUtilities.mm:
        (WebCore::mapUTIFromMIMEType):
        (WebCore::UTIFromMIMETypeCachePolicy::createValueForKey):
        (WebCore::cacheUTIFromMimeType):
        (WebCore::UTIFromMIMEType):
        (WebCore::mimeTypes):
        (WebCore::createUTIFromMIMETypeMap):
        (WebCore::setUTIFromMIMETypeMap):
        * testing/Internals.cpp:
        (WebCore::Internals::getUTIFromMIMEType):
        * testing/Internals.mm:
        (WebCore::Internals::getUTIFromMIMEType):
        * testing/Internals.h:
        * testing/Internals.idl:

2020-03-03  Wenson Hsieh  <wenson_hsieh@apple.com>

        Path::m_path should be a RetainPtr<CGMutablePathRef> on platforms that use CoreGraphics
        https://bugs.webkit.org/show_bug.cgi?id=208492

        Reviewed by Simon Fraser and Said Abou-Hallawa.

        Make m_path a RetainPtr<CGMutablePathRef> on platforms that use CoreGraphics. This allows us to remove all the
        manual retaining and releasing on m_path that currently resides in PathCG.cpp. See below for more details.
        There should be no change in behavior.

        * platform/graphics/Path.h:
        * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:

        Add `adoptCF` when constructing the WebCore::Path from the newly created CGMutablePathRef.

        (WebCore::PlatformCALayerCocoa::shapePath const):
        * platform/graphics/