2018-04-25  Youenn Fablet  <youenn@apple.com>

        Make DocumentThreadableLoader error logging more consistent
        https://bugs.webkit.org/show_bug.cgi?id=184853

        Reviewed by Chris Dumez.

        Covered by rebased tests.
        Make EventSource, XHR and Fetch log error messages consistently.
        This patch also prepares consistent error logging between WK1 and WK2 as WK2 NetworkProcess
        will issue more and more errors in places different from WK1.
        This is the reason for SubresourceLoader changes in this patch and DTL/didFail/preflightFailure changes.

        Update ImageLoader error message to be more general than CORS.

        * loader/CrossOriginPreflightChecker.cpp:
        (WebCore::CrossOriginPreflightChecker::doPreflight): Add some more logging for consistency between WK1 and WK2.
        (WebCore::CrossOriginPreflightChecker::validatePreflightResponse): Ditto.
        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::didFail):
        (WebCore::DocumentThreadableLoader::preflightFailure):
        (WebCore::DocumentThreadableLoader::logErrorAndFail):
        * loader/ImageLoader.cpp:
        (WebCore::ImageLoader::notifyFinished):
        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::didFail):
        * loader/ThreadableLoader.cpp:
        (WebCore::ThreadableLoader::logError):
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::load):
        * loader/cache/CachedResourceRequestInitiators.cpp:
        (WebCore::CachedResourceRequestInitiators::CachedResourceRequestInitiators):
        * loader/cache/CachedResourceRequestInitiators.h:
        * page/EventSource.cpp:
        (WebCore::EventSource::connect):
        (WebCore::EventSource::didFail):
        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::didFail):

2018-04-25  Zalan Bujtas  <zalan@apple.com>

        [LFC] Implement Layout::Box functions.
        https://bugs.webkit.org/show_bug.cgi?id=184974

        Reviewed by Antti Koivisto.

        * layout/layouttree/LayoutBlockContainer.h:
        * layout/layouttree/LayoutBox.cpp:
        (WebCore::Layout::Box::Box):
        (WebCore::Layout::Box::~Box):
        (WebCore::Layout::Box::establishesFormattingContext const):
        (WebCore::Layout::Box::establishesBlockFormattingContext const):
        (WebCore::Layout::Box::isRelativelyPositioned const):
        (WebCore::Layout::Box::isStickyPositioned const):
        (WebCore::Layout::Box::isAbsolutelyPositioned const):
        (WebCore::Layout::Box::isFixedPositioned const):
        (WebCore::Layout::Box::isFloatingPositioned const):
        (WebCore::Layout::Box::containingBlock const):
        (WebCore::Layout::Box::isDescendantOf const):
        (WebCore::Layout::Box::isAnonymous const):
        (WebCore::Layout::Box::isInlineBlockBox const):
        (WebCore::Layout::Box::isBlockLevelBox const):
        (WebCore::Layout::Box::isInlineLevelBox const):
        (WebCore::Layout::Box::isBlockContainerBox const):
        (WebCore::Layout::Box::isInitialContainingBlock const):
        (WebCore::Layout::Box::nextInFlowSibling const):
        (WebCore::Layout::Box::nextInFlowOrFloatingSibling const):
        (WebCore::Layout::Box::previousInFlowSibling const):
        (WebCore::Layout::Box::previousInFlowOrFloatingSibling const):
        (WebCore::Layout::Box::setParent):
        (WebCore::Layout::Box::setNextSibling):
        (WebCore::Layout::Box::setPreviousSibling):
        (WebCore::Layout::Box::isOverflowVisible const):
        * layout/layouttree/LayoutBox.h:
        (WebCore::Layout::Box::establishesInlineFormattingContext const):
        (WebCore::Layout::Box::isInFlow const):
        (WebCore::Layout::Box::isPositioned const):
        (WebCore::Layout::Box::isInFlowPositioned const):
        (WebCore::Layout::Box::isOutOfFlowPositioned const):
        (WebCore::Layout::Box::isFloatingOrOutOfFlowPositioned const):
        (WebCore::Layout::Box::parent const):
        (WebCore::Layout::Box::nextSibling const):
        (WebCore::Layout::Box::previousSibling const):
        (WebCore::Layout::Box::weakPtrFactory const):
        * layout/layouttree/LayoutContainer.h:
        * layout/layouttree/LayoutInlineBox.h:
        * layout/layouttree/LayoutInlineContainer.h:

2018-04-25  Per Arne Vollan  <pvollan@apple.com>

        [Win] Crash under WebCore::SimpleLineLayout::generateLineBoxTree
        https://bugs.webkit.org/show_bug.cgi?id=184953

        This is possibly a MSVC compiler bug, since a simple rearrangement of the code fixes the crash.
        The crash is only happening in release builds, which also is an indication of this being a
        compiler issue.

        Reviewed by Zalan Bujtas.

        No new tests, covered by existing tests.

        * rendering/SimpleLineLayoutFunctions.cpp:
        (WebCore::SimpleLineLayout::generateLineBoxTree):

2018-04-25  Dean Jackson  <dino@apple.com>

        Make a better flag for system preview, and disable it where necessary
        https://bugs.webkit.org/show_bug.cgi?id=184968
        <rdar://problem/39686506>

        Reviewed by Eric Carlson.

        Use USE(SYSTEM_PREVIEW).

        * html/HTMLAnchorElement.cpp:
        (WebCore::HTMLAnchorElement::isSystemPreviewLink const):
        * html/HTMLAnchorElement.h:
        * html/HTMLImageElement.cpp:
        * html/HTMLImageElement.h:
        * html/HTMLPictureElement.cpp:
        * html/HTMLPictureElement.h:
        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::paintIntoRect):
        * rendering/RenderTheme.cpp:
        * rendering/RenderTheme.h:
        * testing/Internals.cpp:
        (WebCore::Internals::systemPreviewRelType):
        (WebCore::Internals::isSystemPreviewLink const):
        (WebCore::Internals::isSystemPreviewImage const):

2018-04-25  Zalan Bujtas  <zalan@apple.com>

        Fix project file after r230931.

        * WebCore.xcodeproj/project.pbxproj:

2018-04-25  Miguel Gomez  <magomez@igalia.com>

        [GTK] fast/repaint/fixed-scale.html failing since r230479 "[TexMap] TextureMapperLayer unnecessarily duplicates state in GraphicsLayerTransform"
        https://bugs.webkit.org/show_bug.cgi?id=184780

        Reviewed by Žan Doberšek.

        Initialize the anchorPoint to (0.5, 0.5, 0) in TextureMapperLayer::State.

        Covered by existent tests.

        * platform/graphics/texmap/TextureMapperLayer.h:

2018-04-25  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Implement MouseEvent.buttons
        https://bugs.webkit.org/show_bug.cgi?id=184913

        Reviewed by Žan Doberšek.

        Add helper function to get the state modifier of a GDK button.

        * platform/gtk/GtkUtilities.cpp:
        (WebCore::stateModifierForGdkButton):
        * platform/gtk/GtkUtilities.h:

2018-04-24  Ryosuke Niwa  <rniwa@webkit.org>

        Release assert in ScriptController::canExecuteScripts via CachedSVGFont::ensureCustomFontData during
        Document::updateStyleIfNeeded
        https://bugs.webkit.org/show_bug.cgi?id=184950

        Reviewed by Zalan Bujtas.

        Convert an existing ScriptDisallowedScope::EventAllowedScope which only disables the debug assertions
        by ScriptDisallowedScope::DisableAssertionsInScope which also disables the release assertion.

        Because SVG font is loaded in a document isolated from the rest of the page (m_externalSVGDocument),
        there is no security implication to execute scripts in this isolated document.

        Unfortunately, no new tests. I could never make CachedSVGFont::ensureCustomFontData to get called inside
        style resolution with m_externalSVGDocument set to nullptr after many attempts. Even EventAllowedScope
        I added 13 months ago in r211965, which this patch replaces by DisableAssertionsInScope, is not utilized
        by the existing layout tests since removing the assertion doesn't cause any layout test to hit an assertion.

        * dom/ScriptDisallowedScope.h: Updated the comment.
        * loader/cache/CachedSVGFont.cpp:
        (WebCore::CachedSVGFont::ensureCustomFontData): Replaced the asssertion.

2018-04-24  Simon Fraser  <simon.fraser@apple.com>

        visitedDependentColor() should take a CSSPropertyID
        https://bugs.webkit.org/show_bug.cgi?id=184949

        Reviewed by Sam Weinig.
        
        Change RenderStyle::colorIncludingFallback(), RenderStyle::visitedDependentColor()
        and RenderElement::selectionColor() to take CSSPropertyID rather than int.

        No behavior change.

        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::selectionColor const):
        * rendering/RenderElement.h:
        * rendering/RenderTableCell.cpp:
        (WebCore::RenderTableCell::computeCollapsedStartBorder const):
        (WebCore::RenderTableCell::computeCollapsedEndBorder const):
        (WebCore::RenderTableCell::computeCollapsedBeforeBorder const):
        (WebCore::RenderTableCell::computeCollapsedAfterBorder const):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::colorIncludingFallback const):
        (WebCore::RenderStyle::visitedDependentColor const):
        * rendering/style/RenderStyle.h:

2018-04-24  Simon Fraser  <simon.fraser@apple.com>

        Add a new "color-filter" CSS property as an experimental feature
        https://bugs.webkit.org/show_bug.cgi?id=184940
        rdar://problem/39664904

        Reviewed by Jon Lee.
        
        Add a new CSS property called "color-filter" as an experimental feature (off by default).
        
        This property specifies a list of filter functions (as specified in https://drafts.fxtf.org/filter-effects/#supported-filter-functions)
        to CSS colors, allowing authors to modify the provided page colors, for example to improve accessibility.
        Filters that move pixels (i.e. blur() and drop-shadow()) are invalid in this property.
        
        Colors will be mapped through the filter functions just before paint time, and gradient stop colors will also be mapped.
        
        This patch adds support for parsing color-filter.

        Test: css3/color-filters/color-filter-parsing.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::valueForPropertyinStyle):
        * css/CSSProperties.json:
        * css/parser/CSSParser.cpp:
        (WebCore::CSSParserContext::CSSParserContext):
        (WebCore::operator==):
        * css/parser/CSSParserMode.h:
        * css/parser/CSSPropertyParser.cpp:
        (WebCore::CSSPropertyParser::parseSingleValue):
        * css/parser/CSSPropertyParserHelpers.cpp:
        (WebCore::CSSPropertyParserHelpers::isColorFilterFunction):
        (WebCore::CSSPropertyParserHelpers::consumeFilterFunction):
        (WebCore::CSSPropertyParserHelpers::consumeFilter):
        * css/parser/CSSPropertyParserHelpers.h:
        * page/Settings.yaml:
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::changeRequiresRepaint const):
        * rendering/style/RenderStyle.h:
        (WebCore::RenderStyle::mutableColorFilter):
        (WebCore::RenderStyle::colorFilter const):
        (WebCore::RenderStyle::hasColorFilter const):
        (WebCore::RenderStyle::setColorFilter):
        (WebCore::RenderStyle::initialColorFilter):
        * rendering/style/StyleRareInheritedData.cpp:
        (WebCore::StyleRareInheritedData::StyleRareInheritedData):
        (WebCore::StyleRareInheritedData::operator== const):
        (WebCore::StyleRareInheritedData::hasColorFilters const):
        * rendering/style/StyleRareInheritedData.h:

2018-04-24  Simon Fraser  <simon.fraser@apple.com>

        shape-outside and filter styles occur twice in the result of getComputedStyle
        https://bugs.webkit.org/show_bug.cgi?id=184931

        Reviewed by Antti Koivisto.

        CSSPropertyShapeOutside and CSSPropertyFilter were duplicated in the list of computedProperties[]
        used by getComputedStyle. Remove the duplication.
        
        Tested by existing tests.

        * css/CSSComputedStyleDeclaration.cpp:

2018-04-24  Basuke Suzuki  <Basuke.Suzuki@sony.com>

        [Curl] Extract proxy settings into a separate class to hold advanced information.
        https://bugs.webkit.org/show_bug.cgi?id=184714

        It was simplely structure to hold proxy setting. To support advanced feature of proxy
        such as authentication, more inteligent object is required to store intermediate state
        or errors. That's why we've introduced new class for that purpose.

        Reviewed by Youenn Fablet.

        No new tests because there's no new behavior.

        * platform/Curl.cmake:
        * platform/network/curl/CurlContext.cpp:
        (WebCore::CurlHandle::enableProxyIfExists):
        (WebCore::CurlContext::ProxyInfo::url const): Deleted.
        (WebCore::CurlContext::setProxyInfo): Deleted.
        * platform/network/curl/CurlContext.h:
        (WebCore::CurlContext::proxySettings const):
        (WebCore::CurlContext::setProxySettings):
        (WebCore::CurlContext::setProxyUserPass):
        (WebCore::CurlContext::proxyInfo const): Deleted.
        (WebCore::CurlContext::setProxyInfo): Deleted.
        * platform/network/curl/CurlProxySettings.cpp: Added.
        (WebCore::CurlProxySettings::CurlProxySettings):
        (WebCore::CurlProxySettings::rebuildUrl):
        (WebCore::CurlProxySettings::setUserPass):
        (WebCore::protocolIsInSocksFamily):
        (WebCore::getProxyPort):
        (WebCore::createProxyUrl):
        * platform/network/curl/CurlProxySettings.h: Added.
        (WebCore::CurlProxySettings::CurlProxySettings):
        (WebCore::CurlProxySettings::isEmpty const):
        (WebCore::CurlProxySettings::mode const):
        (WebCore::CurlProxySettings::url const):
        (WebCore::CurlProxySettings::ignoreHosts const):
        (WebCore::CurlProxySettings::user const):
        (WebCore::CurlProxySettings::password const):
        * platform/network/curl/CurlRequest.cpp:
        (WebCore::CurlRequest::didReceiveHeader):
        * platform/network/curl/CurlResponse.h:
        (WebCore::CurlResponse::isolatedCopy const):
        * platform/network/curl/ResourceResponseCurl.cpp:
        (WebCore::ResourceResponse::ResourceResponse):

2018-04-24  Youenn Fablet  <youenn@apple.com>

        Throw in case of PeerConnection created for detached documents
        https://bugs.webkit.org/show_bug.cgi?id=184921
        <rdar://problem/39629216>

        Reviewed by Eric Carlson.

        Add a check to ensure that page is not null when creating a peer connection backend.
        In that case, the peer connection constructor will later on throw.
        The same for setConfiguration is done.
        Behavior is consistent with Chrome.

        Test: webrtc/pc-detached-document.html

        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
        (WebCore::createLibWebRTCPeerConnectionBackend):
        (WebCore::LibWebRTCPeerConnectionBackend::LibWebRTCPeerConnectionBackend):
        (WebCore::LibWebRTCPeerConnectionBackend::setConfiguration):
        (WebCore::libWebRTCProvider): Deleted.
        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.h:

2018-04-24  John Wilander  <wilander@apple.com>

        From-Origin: Support for 'same' and 'same-site' response header, nested frame origin check
        https://bugs.webkit.org/show_bug.cgi?id=184560
        <rdar://problem/38901344>

        Reviewed by Youenn Fablet and Daniel Bates.

        Tests: http/tests/from-origin/document-from-origin-same-accepted.html
               http/tests/from-origin/document-from-origin-same-blocked.html
               http/tests/from-origin/document-from-origin-same-site-accepted.html
               http/tests/from-origin/document-from-origin-same-site-blocked.html
               http/tests/from-origin/document-nested-from-origin-same-accepted.html
               http/tests/from-origin/document-nested-from-origin-same-blocked.html
               http/tests/from-origin/fetch-data-iframe-from-origin-same-blocked.html
               http/tests/from-origin/fetch-from-origin-same-accepted.html
               http/tests/from-origin/fetch-from-origin-same-blocked.html
               http/tests/from-origin/fetch-from-origin-same-site-accepted.html
               http/tests/from-origin/fetch-from-origin-same-site-blocked.html
               http/tests/from-origin/fetch-iframe-from-origin-same-accepted.html
               http/tests/from-origin/fetch-iframe-from-origin-same-blocked.html
               http/tests/from-origin/image-about-blank-from-origin-same-blocked.html
               http/tests/from-origin/image-from-origin-same-accepted.html
               http/tests/from-origin/image-from-origin-same-blocked.html
               http/tests/from-origin/image-from-origin-same-site-accepted.html
               http/tests/from-origin/image-from-origin-same-site-blocked.html
               http/tests/from-origin/redirect-document-from-origin-same-blocked.html
               http/tests/from-origin/redirect-fetch-from-origin-same-blocked.html
               http/tests/from-origin/redirect-image-from-origin-same-blocked.html
               http/tests/from-origin/redirect-script-from-origin-same-blocked.html
               http/tests/from-origin/redirect-xhr-from-origin-same-blocked.html
               http/tests/from-origin/sandboxed-sub-frame-from-origin-same-blocked.html
               http/tests/from-origin/sandboxed-sub-frame-nested-cross-origin-from-origin-same-blocked.html
               http/tests/from-origin/sandboxed-sub-frame-nested-same-origin-from-origin-same-blocked.html
               http/tests/from-origin/script-from-origin-same-accepted.html
               http/tests/from-origin/script-from-origin-same-blocked.html
               http/tests/from-origin/script-from-origin-same-site-accepted.html
               http/tests/from-origin/script-from-origin-same-site-blocked.html
               http/tests/from-origin/top-frame-document-from-origin-same-accepted.php
               http/tests/from-origin/xhr-from-origin-same-accepted.html
               http/tests/from-origin/xhr-from-origin-same-blocked.html
               http/tests/from-origin/xhr-from-origin-same-site-accepted.html
               http/tests/from-origin/xhr-from-origin-same-site-blocked.html

        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::didFail):
            Outputs the error's localized description in a console message except when the destination
            is FetchOptions::Destination::Serviceworker or FetchOptions::Destination::EmptyString.
        * page/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::setFromOriginResponseHeaderEnabled):
        (WebCore::RuntimeEnabledFeatures::fromOriginResponseHeaderEnabled const):
            Added From-Origin support as an experimental feature.
        * platform/network/HTTPHeaderNames.in:
            Added From-Origin.
        * platform/network/HTTPParsers.cpp:
        (WebCore::parseFromOriginHeader):
            Parses the From-Origin header, currently supporting 'Same' and 'Same-Site.'
        * platform/network/HTTPParsers.h:

2018-04-24  Antti Koivisto  <antti@apple.com>

        Rename LayoutCtx.h/cpp to LayoutContext.h/cpp
        https://bugs.webkit.org/show_bug.cgi?id=184922

        Reviewed by Zalan Bujtas.

        To achieve this the existing LayoutContext class is renamed to FrameViewLayoutContext.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * layout/LayoutContext.cpp: Copied from Source/WebCore/layout/LayoutCtx.cpp.
        * layout/LayoutContext.h: Copied from Source/WebCore/layout/LayoutCtx.h.
        * layout/LayoutCtx.cpp: Removed.
        * layout/LayoutCtx.h: Removed.
        * page/FrameView.cpp:
        (WebCore::FrameView::shouldDeferScrollUpdateAfterContentSizeChange):
        (WebCore::FrameView::updateLayoutViewport):
        (WebCore::FrameView::updateLayerPositionsAfterScrolling):
        (WebCore::FrameView::updateCompositingLayersAfterScrolling):
        (WebCore::FrameView::availableContentSizeChanged):
        * page/FrameView.h:
        * page/FrameViewLayoutContext.cpp: Copied from Source/WebCore/page/LayoutContext.cpp.
        (WebCore::LayoutScope::LayoutScope):
        (WebCore::FrameViewLayoutContext::FrameViewLayoutContext):
        (WebCore::FrameViewLayoutContext::~FrameViewLayoutContext):
        (WebCore::FrameViewLayoutContext::layout):
        (WebCore::FrameViewLayoutContext::runOrScheduleAsynchronousTasks):
        (WebCore::FrameViewLayoutContext::runAsynchronousTasks):
        (WebCore::FrameViewLayoutContext::flushAsynchronousTasks):
        (WebCore::FrameViewLayoutContext::reset):
        (WebCore::FrameViewLayoutContext::needsLayout const):
        (WebCore::FrameViewLayoutContext::setNeedsLayout):
        (WebCore::FrameViewLayoutContext::enableSetNeedsLayout):
        (WebCore::FrameViewLayoutContext::disableSetNeedsLayout):
        (WebCore::FrameViewLayoutContext::scheduleLayout):
        (WebCore::FrameViewLayoutContext::unscheduleLayout):
        (WebCore::FrameViewLayoutContext::scheduleSubtreeLayout):
        (WebCore::FrameViewLayoutContext::layoutTimerFired):
        (WebCore::FrameViewLayoutContext::convertSubtreeLayoutToFullLayout):
        (WebCore::FrameViewLayoutContext::setSubtreeLayoutRoot):
        (WebCore::FrameViewLayoutContext::canPerformLayout const):
        (WebCore::FrameViewLayoutContext::applyTextSizingIfNeeded):
        (WebCore::FrameViewLayoutContext::updateStyleForLayout):
        (WebCore::FrameViewLayoutContext::handleLayoutWithFrameFlatteningIfNeeded):
        (WebCore::FrameViewLayoutContext::startLayoutAtMainFrameViewIfNeeded):
        (WebCore::FrameViewLayoutContext::layoutDelta const):
        (WebCore::FrameViewLayoutContext::addLayoutDelta):
        (WebCore::FrameViewLayoutContext::layoutDeltaMatches):
        (WebCore::FrameViewLayoutContext::layoutState const):
        (WebCore::FrameViewLayoutContext::pushLayoutState):
        (WebCore::FrameViewLayoutContext::pushLayoutStateForPaginationIfNeeded):
        (WebCore::FrameViewLayoutContext::popLayoutState):
        (WebCore::FrameViewLayoutContext::checkLayoutState):
        (WebCore::FrameViewLayoutContext::frame const):
        (WebCore::FrameViewLayoutContext::view const):
        (WebCore::FrameViewLayoutContext::renderView const):
        (WebCore::FrameViewLayoutContext::document const):
        (WebCore::LayoutContext::LayoutContext): Deleted.
        (WebCore::LayoutContext::~LayoutContext): Deleted.
        (WebCore::LayoutContext::layout): Deleted.
        (WebCore::LayoutContext::runOrScheduleAsynchronousTasks): Deleted.
        (WebCore::LayoutContext::runAsynchronousTasks): Deleted.
        (WebCore::LayoutContext::flushAsynchronousTasks): Deleted.
        (WebCore::LayoutContext::reset): Deleted.
        (WebCore::LayoutContext::needsLayout const): Deleted.
        (WebCore::LayoutContext::setNeedsLayout): Deleted.
        (WebCore::LayoutContext::enableSetNeedsLayout): Deleted.
        (WebCore::LayoutContext::disableSetNeedsLayout): Deleted.
        (WebCore::LayoutContext::scheduleLayout): Deleted.
        (WebCore::LayoutContext::unscheduleLayout): Deleted.
        (WebCore::LayoutContext::scheduleSubtreeLayout): Deleted.
        (WebCore::LayoutContext::layoutTimerFired): Deleted.
        (WebCore::LayoutContext::convertSubtreeLayoutToFullLayout): Deleted.
        (WebCore::LayoutContext::setSubtreeLayoutRoot): Deleted.
        (WebCore::LayoutContext::canPerformLayout const): Deleted.
        (WebCore::LayoutContext::applyTextSizingIfNeeded): Deleted.
        (WebCore::LayoutContext::updateStyleForLayout): Deleted.
        (WebCore::LayoutContext::handleLayoutWithFrameFlatteningIfNeeded): Deleted.
        (WebCore::LayoutContext::startLayoutAtMainFrameViewIfNeeded): Deleted.
        (WebCore::LayoutContext::layoutDelta const): Deleted.
        (WebCore::LayoutContext::addLayoutDelta): Deleted.
        (WebCore::LayoutContext::layoutDeltaMatches): Deleted.
        (WebCore::LayoutContext::layoutState const): Deleted.
        (WebCore::LayoutContext::pushLayoutState): Deleted.
        (WebCore::LayoutContext::pushLayoutStateForPaginationIfNeeded): Deleted.
        (WebCore::LayoutContext::popLayoutState): Deleted.
        (WebCore::LayoutContext::checkLayoutState): Deleted.
        (WebCore::LayoutContext::frame const): Deleted.
        (WebCore::LayoutContext::view const): Deleted.
        (WebCore::LayoutContext::renderView const): Deleted.
        (WebCore::LayoutContext::document const): Deleted.
        * page/FrameViewLayoutContext.h: Copied from Source/WebCore/page/LayoutContext.h.
        (WebCore::LayoutContext::startDisallowingLayout): Deleted.
        (WebCore::LayoutContext::endDisallowingLayout): Deleted.
        (WebCore::LayoutContext::layoutPhase const): Deleted.
        (WebCore::LayoutContext::isLayoutNested const): Deleted.
        (WebCore::LayoutContext::isLayoutPending const): Deleted.
        (WebCore::LayoutContext::isInLayout const): Deleted.
        (WebCore::LayoutContext::isInRenderTreeLayout const): Deleted.
        (WebCore::LayoutContext::inPaintableState const): Deleted.
        (WebCore::LayoutContext::layoutCount const): Deleted.
        (WebCore::LayoutContext::subtreeLayoutRoot const): Deleted.
        (WebCore::LayoutContext::clearSubtreeLayoutRoot): Deleted.
        (WebCore::LayoutContext::resetFirstLayoutFlag): Deleted.
        (WebCore::LayoutContext::didFirstLayout const): Deleted.
        (WebCore::LayoutContext::setNeedsFullRepaint): Deleted.
        (WebCore::LayoutContext::needsFullRepaint const): Deleted.
        (WebCore::LayoutContext::isPaintOffsetCacheEnabled const): Deleted.
        (WebCore::LayoutContext::layoutDisallowed const): Deleted.
        (WebCore::LayoutContext::isLayoutSchedulingEnabled const): Deleted.
        (WebCore::LayoutContext::inAsynchronousTasks const): Deleted.
        (WebCore::LayoutContext::disablePaintOffsetCache): Deleted.
        (WebCore::LayoutContext::enablePaintOffsetCache): Deleted.
        * page/LayoutContext.cpp: Removed.
        * page/LayoutContext.h: Removed.
        * rendering/LayoutState.cpp:
        (WebCore::LayoutState::LayoutState):
        (WebCore::LayoutState::computePaginationInformation):
        (WebCore::LayoutState::establishLineGrid):
        (WebCore::LayoutStateDisabler::LayoutStateDisabler):
        * rendering/LayoutState.h:

2018-04-24  Mark Lam  <mark.lam@apple.com>

        Need to acquire the VM lock before calling toNumber on a JSValue.
        https://bugs.webkit.org/show_bug.cgi?id=184924
        <rdar://problem/39690679>

        Reviewed by Saam Barati.

        * bridge/objc/objc_utility.mm:
        (JSC::Bindings::convertValueToObjcValue):

2018-04-24  Tadeu Zagallo  <tzagallo@apple.com>

        REGRESSION(r221839): Fix requests with FormData containing empty files
        https://bugs.webkit.org/show_bug.cgi?id=184490
        <rdar://problem/39385169>

        Reviewed by Geoffrey Garen.

        We should not append the blob to the FormData when it is a file but has no path. It broke
        the submission since the request was failing to read the file in FormDataStreamCFNet.h:156

        Test: http/tests/local/formdata/send-form-data-with-empty-file.html

        * platform/network/FormData.cpp:
        (WebCore::FormData::appendMultiPartFileValue):

2018-04-24  Zalan Bujtas  <zalan@apple.com>

        Fix project file after r230931.

        * WebCore.xcodeproj/project.pbxproj:

2018-04-24  Jer Noble  <jer.noble@apple.com>

        Don't add system framework paths to FRAMEWORK_SEARCH_PATHS
        https://bugs.webkit.org/show_bug.cgi?id=184786

        Reviewed by Tim Horton.

        * Configurations/WebCore.xcconfig:
        * DerivedSources.make:
        * WebCore.xcodeproj/project.pbxproj:

2018-04-24  Zan Dobersek  <zdobersek@igalia.com>

        [CoordGraphics] Remove dead fixed layer code
        https://bugs.webkit.org/show_bug.cgi?id=184912

        Reviewed by Michael Catanzaro.

        Remove CoordinatedGraphicsLayer::setFixedToViewport() and the
        corresponding attribute on the CoordinatedGraphicsLayerState struct.
        The method is not called anywhere since r230952.

        CoordinatedGraphicsState struct also loses the scrollPosition attribute
        that also isn't used anymore.

        Changes to GraphicsLayerTextureMapper class mirror those made to
        CoordinatedGraphicsLayer, removing support for the fixed-to-viewport
        attribute. This too was not called from anywhere.

        All that enables us removing fixed-to-viewport handling in the
        TextureMapperLayer class. Along with related changes in the
        CoordinatedGraphicsScene class, we're able to remove a bunch of methods
        and member variables that are not used or needed anymore.

        * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
        (WebCore::GraphicsLayerTextureMapper::GraphicsLayerTextureMapper):
        (WebCore::GraphicsLayerTextureMapper::commitLayerChanges):
        (WebCore::GraphicsLayerTextureMapper::setFixedToViewport): Deleted.
        * platform/graphics/texmap/GraphicsLayerTextureMapper.h:
        * platform/graphics/texmap/TextureMapperLayer.cpp:
        (WebCore::TextureMapperLayer::computeTransformsRecursive):
        (WebCore::TextureMapperLayer::setFixedToViewport): Deleted.
        (WebCore::TextureMapperLayer::isAncestorFixedToViewport const): Deleted.
        (WebCore::TextureMapperLayer::setScrollPositionDeltaIfNeeded): Deleted.
        * platform/graphics/texmap/TextureMapperLayer.h:
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::CoordinatedGraphicsLayer::CoordinatedGraphicsLayer):
        (WebCore::CoordinatedGraphicsLayer::syncLayerState):
        (WebCore::CoordinatedGraphicsLayer::setFixedToViewport): Deleted.
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsState.h:
        (WebCore::CoordinatedGraphicsLayerState::CoordinatedGraphicsLayerState):

2018-04-24  Zan Dobersek  <zdobersek@igalia.com>

        [CoordGraphics] Remove unused fixed layout functionality
        https://bugs.webkit.org/show_bug.cgi?id=184908

        Reviewed by Carlos Garcia Campos.

        Ports using the CoordinatedGraphics subsystem don't expose fixed layout
        support. As such, we're able to remove a lot of unused code and
        unnecessary USE(COORDINATED_GRAPHICS) special cases in generic sections
        in both WebCore and WebKit.

        With fixed layout not available for use to users of the GTK+ and WPE
        ports, we can remove the ScrollingCoordinatorCoordinatedGraphics
        implementation, making room for an implementation that inherits from
        AsyncScrollingCoordinator in the future. For that purpose the
        ScrollingCoordinator::create() function is moved into the
        ScrollingCoordinatorCoordinatedGraphics.cpp file already.

        This also enables removing delegatedScrollRequested() method from
        HostWindow and the inheriting ChromeClient interface.

        * loader/EmptyClients.h:
        * page/Chrome.cpp:
        (WebCore::Chrome::delegatedScrollRequested): Deleted.
        * page/Chrome.h:
        * page/ChromeClient.h:
        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::create):
        * page/scrolling/coordinatedgraphics/ScrollingCoordinatorCoordinatedGraphics.cpp:
        (WebCore::ScrollingCoordinator::create):
        (WebCore::ScrollingCoordinatorCoordinatedGraphics::ScrollingCoordinatorCoordinatedGraphics): Deleted.
        (WebCore::ScrollingCoordinatorCoordinatedGraphics::attachToStateTree): Deleted.
        (WebCore::ScrollingCoordinatorCoordinatedGraphics::detachFromStateTree): Deleted.
        (WebCore::ScrollingCoordinatorCoordinatedGraphics::clearStateTree): Deleted.
        (WebCore::ScrollingCoordinatorCoordinatedGraphics::updateNodeLayer): Deleted.
        (WebCore::ScrollingCoordinatorCoordinatedGraphics::updateNodeViewportConstraints): Deleted.
        (WebCore::ScrollingCoordinatorCoordinatedGraphics::requestScrollPositionUpdate): Deleted.
        * page/scrolling/coordinatedgraphics/ScrollingCoordinatorCoordinatedGraphics.h: Removed.
        * platform/HostWindow.h:

2018-04-24  Daniel Bates  <dabates@apple.com>

        Attempt to fix the Apple Internal build following r230922
        (https://bugs.webkit.org/show_bug.cgi?id=184737)

        Cast the return value of std::map::size() to a size_t before logging it with format specifier
        "%zu". std::map::size() returns a size_type. According to <http://en.cppreference.com/w/cpp/container/map>
        size_type is "usually a size_t", but it may not be. An Apple Internal debug builder reports
        that size_type = unsigned int != unsigned long = size_t.

        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::provideMediaData):

2018-04-24  Zan Dobersek  <zdobersek@igalia.com>

        [CoordGraphics] Avoid painting backing stores for zero-opacity layers
        https://bugs.webkit.org/show_bug.cgi?id=184143

        Reviewed by Carlos Garcia Campos.

        Skip generating backing stores for layers that have zero opacity and do
        not animate the opacity value. In the current CoordinatedGraphics system
        this can end up saving loads of memory on Web content that deploys a
        large number of such elements.

        * platform/graphics/texmap/TextureMapperLayer.h:
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::CoordinatedGraphicsLayer::shouldHaveBackingStore const):

2018-04-24  Daniel Bates  <dabates@apple.com>

        Attempt to fix the Apple Internal build following r230944
        (https://bugs.webkit.org/show_bug.cgi?id=159464)

        * platform/network/mac/CookieJarMac.mm:

2018-04-24  Daniel Bates  <dabates@apple.com>

        Another attempt to fix the Mac and iOS build following r230944
        (https://bugs.webkit.org/show_bug.cgi?id=159464)

        * platform/network/mac/CookieJarMac.mm:
        (WebCore::policyProperties):

2018-04-24  Daniel Bates  <dabates@apple.com>

        Attempt to fix the Mac and iOS build following r230944
        (https://bugs.webkit.org/show_bug.cgi?id=159464)

        * platform/network/mac/CookieJarMac.mm:
        (WebCore::policyProperties):

2018-04-23  Daniel Bates  <dabates@apple.com>

        Implement Same-Site cookies
        https://bugs.webkit.org/show_bug.cgi?id=159464
        <rdar://problem/27196358>

        Reviewed by Brent Fulgham.

        Implements support for Same-Site cookies as per <https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site-00>.
        The implementation is materially consistent with the spec. though implements the computation
        for a document's "site for cookies" indirectly as part of loading its frame. This is done to
        avoid traversing the frame tree on each subresource request initiated by the document or one
        of its workers. We take advantage of the fact that Web Workers and Service Workers use their
        host document's loader to load resources on their behalf to use the correct "site for cookies"
        for requests (e.g. fetch()) initiating by them without the need to duplicate and store the
        host document's "site for cookies" in the worker's script execution context.

        The implementation differs from the spec. in the handling of about: URLs and the empty URL
        and makes the implementation in WebKit match the behavior of Chrome and Firefox as well as
        consistent with origin inheritance as described in <https://html.spec.whatwg.org/multipage/browsers.html#origin>
        (16 April 2018). Specifically, requests to about:blank, about:srcdoc and the empty URL ("")
        are treated as same-site because these URLs inherit their origin from their owner.

        Tests: http/tests/cookies/same-site/fetch-after-navigating-iframe-in-cross-origin-page.html
               http/tests/cookies/same-site/fetch-after-top-level-navigation-from-cross-origin-page.html
               http/tests/cookies/same-site/fetch-after-top-level-navigation-initiated-from-iframe-in-cross-origin-page.html
               http/tests/cookies/same-site/fetch-cookies-set-in-about-blank-iframe.html
               http/tests/cookies/same-site/fetch-in-about-blank-page.html
               http/tests/cookies/same-site/fetch-in-cross-origin-iframe.html
               http/tests/cookies/same-site/fetch-in-cross-origin-page.html
               http/tests/cookies/same-site/fetch-in-cross-origin-service-worker.html
               http/tests/cookies/same-site/fetch-in-cross-origin-worker.html
               http/tests/cookies/same-site/fetch-in-same-origin-page.html
               http/tests/cookies/same-site/fetch-in-same-origin-service-worker.html
               http/tests/cookies/same-site/fetch-in-same-origin-srcdoc-iframe.html
               http/tests/cookies/same-site/fetch-in-same-origin-worker.html
               http/tests/cookies/same-site/popup-cross-site-post.html
               http/tests/cookies/same-site/popup-cross-site.html
               http/tests/cookies/same-site/popup-same-site-post.html
               http/tests/cookies/same-site/popup-same-site-via-cross-site-redirect.html
               http/tests/cookies/same-site/popup-same-site-via-same-site-redirect.html
               http/tests/cookies/same-site/popup-same-site.html

        * Sources.txt: Add source file SameSiteInfo.cpp.
        * WebCore.xcodeproj/project.pbxproj: Add source files SameSiteInfo.{cpp, h}.
        * dom/Document.cpp:
        (WebCore::Document::initSecurityContext): Modified to call SecurityPolicy::shouldInheritSecurityOriginFromOwner().
        (WebCore::Document::shouldInheritContentSecurityPolicyFromOwner const): Ditto.
        (WebCore::shouldInheritSecurityOriginFromOwner): Deleted; moved to SecurityPolicy.
        * dom/Document.h:
        (WebCore::Document::firstPartyForSameSiteCookies const): Added.
        (WebCore::Document::setFirstPartyForSameSiteCookies): Added.
        * loader/CookieJar.cpp:
        (WebCore::sameSiteInfo): Returns the same-site info for the request used to load the specified document.
        (WebCore::cookies): Pass the same-site info down to the platform.
        (WebCore::cookieRequestHeaderFieldProxy): Ditto.
        (WebCore::setCookies): Ditto.
        (WebCore::cookieRequestHeaderFieldValue): Ditto.
        (WebCore::getRawCookies): Ditto.
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::willSendRequest): Add same-site info to the request.
        (WebCore::DocumentLoader::startLoadingMainResource): Update a FIXME comment to explain that
        we can simplify ResourceRequestBase if we can remove the call to addExtraFieldsToMainResourceRequest()
        here. Specifically, we would not need to differentiate between a request with an unspecified
        same-site state (default state of a new request) from a request whose same-site state has
        been explicitly set if we can assume that the same-site state of a request is set exactly
        once. In absence of this guarantee we need an "unspecified" state to avoid overriding existing
        same-site information computed with a null initiating document (the case of a new address bar
        initiated load) from a load initiated by the document associated with this loader.
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::setFirstPartyForCookies): Modified to also update the first party for
        same-site cookies ("site for cookies").
        (WebCore::FrameLoader::load): Add same-site info to the request.
        (WebCore::FrameLoader::reload): Ditto.
        (WebCore::FrameLoader::setOriginalURLForDownloadRequest): Ditto.
        (WebCore::FrameLoader::addExtraFieldsToRequest): If the request does not already have
        same-site info then compute it and add it to the request. Mark main frame main resource
        requests as a "top-site".
        (WebCore::FrameLoader::addSameSiteInfoToRequestIfNeeded): Implements the "'Same-site' and 'cross-site'
        Requests" algorithm from <https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site-00#section-2.1>.
        (WebCore::createWindow): Add same-site info to the request.
        * loader/FrameLoader.h:
        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::init): Ditto.
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::createWindow): Ditto.
        * page/SecurityPolicy.cpp:
        (WebCore::SecurityPolicy::shouldInheritSecurityOriginFromOwner): Moved from Document.cpp.
        * page/SecurityPolicy.h:
        * platform/CookiesStrategy.h:
        * platform/network/CacheValidation.cpp:
        (WebCore::headerValueForVary): Pass the same-site info down to the platform.
        * platform/network/CookieRequestHeaderFieldProxy.h:
        (WebCore::CookieRequestHeaderFieldProxy::encode const): Encode same-site bits.
        (WebCore::CookieRequestHeaderFieldProxy::decode): Decode same-site bits.
        * platform/network/PlatformCookieJar.h:
        * platform/network/ResourceRequestBase.cpp:
        (WebCore::ResourceRequestBase::setAsIsolatedCopy): Added.
        (WebCore::ResourceRequestBase::isSameSite const): Added.
        (WebCore::ResourceRequestBase::setIsSameSite): Added.
        (WebCore::ResourceRequestBase::isTopSite const): Added.
        (WebCore::ResourceRequestBase::setIsTopSite): Added.
        (WebCore::equalIgnoringHeaderFields):
        * platform/network/ResourceRequestBase.h:
        (WebCore::ResourceRequestBase::isSameSiteUnspecified const): Added. See comment for DocumentLoader::startLoadingMainResource()
        for more details.
        (WebCore::registrableDomainsAreEqual): Added.
        (WebCore::ResourceRequestBase::encodeBase const): Encode same-site bits.
        (WebCore::ResourceRequestBase::decodeBase): Decode same-site bits.
        * platform/network/SameSiteInfo.cpp: Added.
        (WebCore::SameSiteInfo::create):
        * platform/network/SameSiteInfo.h: Added.
        (WebCore::SameSiteInfo::encode const):
        (WebCore::SameSiteInfo::decode):
        * platform/network/cf/CookieJarCFNet.cpp:
        (WebCore::setCookiesFromDOM): Pass Same-Site info down.
        (WebCore::cookiesForDOM): Ditto.
        (WebCore::cookieRequestHeaderFieldValue): Ditto.
        (WebCore::getRawCookies): Ditto.
        * platform/network/cf/ResourceRequestCFNet.cpp:
        (WebCore::siteForCookies): Added.
        (WebCore::ResourceRequest::doUpdatePlatformRequest): Update platform request with same-site info.
        (WebCore::ResourceRequest::doUpdateResourceRequest): Ditto.
        * platform/network/cocoa/ResourceRequestCocoa.mm:
        (WebCore::ResourceRequest::doUpdateResourceRequest): Ditto.
        (WebCore::siteForCookies): Added.
        (WebCore::ResourceRequest::doUpdatePlatformRequest): Update platform request with same-site info.
        * platform/network/curl/CookieJarCurl.cpp:
        (WebCore::cookiesForDOM): Pass Same-Site info down.
        (WebCore::setCookiesFromDOM): Ditto.
        (WebCore::cookieRequestHeaderFieldValue): Ditto.
        (WebCore::getRawCookies): Ditto.
        * platform/network/curl/CookieJarCurl.h:
        * platform/network/curl/CookieJarCurlDatabase.cpp:
        (WebCore::CookieJarCurlDatabase::setCookiesFromDOM const): Ditto.
        (WebCore::CookieJarCurlDatabase::cookiesForDOM const): Ditto.
        (WebCore::CookieJarCurlDatabase::cookieRequestHeaderFieldValue const): Ditto.
        (WebCore::CookieJarCurlDatabase::getRawCookies const): Ditto.
        * platform/network/curl/CookieJarCurlDatabase.h:
        * platform/network/curl/ResourceHandleCurl.cpp:
        (WebCore::ResourceHandle::createCurlRequest): Ditto.
        * platform/network/mac/CookieJarMac.mm:
        (WebCore::cookiesForURL): Added; shared function to return the cookies based on the specified criterion. 
        (WebCore::setHTTPCookiesForURL): Moved from the bottom of the file to top to be closer to the other
        CFNetwork helper functions. Modified to support fetching same-site cookies.
        (WebCore::httpCookiesForURL): Moved to be under setHTTPCookiesForURL(). Modified to call cookiesForURL().
        Note the SPI used in cookiesForURL() apply the same criterion for whether to fetch secure cookies as we
        were computing here. That is, the CFNetwork SPI only returns secure cookies if the specified URL's scheme
        case-insensitively matches "https".
        (WebCore::cookiesInPartitionForURL): Wrote in terms of cookiesForURL().
        (WebCore::cookiesForSession): Pass the Same-Site info.
        (WebCore::cookiesForDOM): Ditto.
        (WebCore::cookieRequestHeaderFieldValue): Ditto.
        (WebCore::setCookiesFromDOM): Ditto.
        (WebCore::getRawCookies): Ditto.
        (WebCore::deleteCookie): Pass std::nullopt for the Same-Site info so that we do not consider the SameSite
        attribute when fetching cookies to delete.
        * platform/network/soup/CookieJarSoup.cpp:
        (WebCore::setCookiesFromDOM): Pass the Same-Site info.
        (WebCore::cookiesForDOM): Ditto.
        (WebCore::cookieRequestHeaderFieldValue): Ditto.
        (WebCore::getRawCookies): Ditto.
        * workers/service/context/ServiceWorkerThreadProxy.cpp:
        (WebCore::createPageForServiceWorker): Set the first party for same site cookies ("site for cookies") to
        the script URL.
        * xml/XSLTProcessor.cpp:
        (WebCore::XSLTProcessor::createDocumentFromSource): Copy the first party for same-site cookies to the
        new document.

2018-04-23  Youenn Fablet  <youenn@apple.com>

        Make WebLoaderStrategy send to NetworkResourceLoader necessary parameters to handle full loads in NetworkProcess
        https://bugs.webkit.org/show_bug.cgi?id=184763

        Reviewed by Chris Dumez.

        No change of behavior yet since we do not use these parameters in NetworkProcess yet.

        Add PreflightPolicy and CSP response headers as ResourceLoaderOptions.
        This allows passing them from DocumentThreadableLoader to WebLoaderStrategy.

        Allow getting the original headers from a SubresourceLoader.
        This allows passing them from DocumentThreadableLoader down to WebLoaderStrategy.

        * Modules/fetch/FetchLoader.cpp:
        (WebCore::FetchLoader::startLoadingBlobURL):
        (WebCore::FetchLoader::start):
        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::DocumentThreadableLoader):
        (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest):
        (WebCore::DocumentThreadableLoader::makeSimpleCrossOriginAccessRequest):
        * loader/ResourceLoaderOptions.h:
        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::originalHeaders const):
        * loader/SubresourceLoader.h:
        * loader/ThreadableLoader.cpp:
        (WebCore::ThreadableLoaderOptions::ThreadableLoaderOptions):
        (WebCore::ThreadableLoaderOptions::isolatedCopy const):
        * loader/ThreadableLoader.h:
        * page/EventSource.cpp:
        (WebCore::EventSource::connect):
        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::createRequest):

2018-04-23  Michael Catanzaro  <mcatanzaro@igalia.com>

        [WPE][GTK] Remove WlUniquePtr<wl_display> footgun
        https://bugs.webkit.org/show_bug.cgi?id=184405

        Reviewed by Carlos Garcia Campos.

        WlUniquePtr<wl_display> is a pretty big footgun because there are two different destruction
        functions -- wl_display_disconnect() and wl_display_destroy() -- and which one you need to
        use depends on how the wl_display() was created, and WebKit uses both in different places.
        So WlUniquePtr<wl_display> is pretty unsafe. See bug #176490 for an example of fun caused
        by using it incorrectly.

        Let's use std::unique_ptr with custom deleter functors instead.

        * platform/graphics/wayland/WlUniquePtr.h:

2018-04-23  Antti Koivisto  <antti@apple.com>

        REGRESSION (r220112): reCAPTCHA images render off screen on Twitch.tv app Log In or Sign Up
        https://bugs.webkit.org/show_bug.cgi?id=182859
        <rdar://problem/37595065>

        Reviewed by Zalan Bujtas.

        Roll out this change from the trunk as the issue it fixed no longer occurs.

        * css/MediaQueryEvaluator.cpp:
        (WebCore::orientationEvaluate):
        (WebCore::aspectRatioEvaluate):
        (WebCore::heightEvaluate):
        (WebCore::widthEvaluate):
        * page/FrameView.cpp:
        (WebCore::FrameView::layoutSizeForMediaQuery const): Deleted.
        * page/FrameView.h:
        * page/LayoutContext.cpp:
        (WebCore::LayoutContext::handleLayoutWithFrameFlatteningIfNeeded):

2018-04-23  Daniel Bates  <dabates@apple.com>

        Another attempt to fix the Windows build following r230921
        (https://bugs.webkit.org/show_bug.cgi?id=159464)

        Pass dictionary key name using a string instead of a constant and pass CFURL* to
        siteForCookies().

        * platform/network/cf/ResourceRequestCFNet.cpp:
        (WebCore::ResourceRequest::doUpdatePlatformRequest):
        (WebCore::ResourceRequest::doUpdateResourceRequest):

2018-04-23  Zalan Bujtas  <zalan@apple.com>

        [LayoutFormattingContext] Initial commit.
        https://bugs.webkit.org/show_bug.cgi?id=184896

        Reviewed by Antti Koivisto.

        This is the initial commit of the new layout component -class definitions only (and mostly public functions).
        See the header files (and Tools/LayoutReloaded project) for more information.

        // Top level layout.
        rootContainer = TreeBuilder::createLayoutTree(document);
        rootDisplayBox = new Display::Box();
        rootDisplayBox->setSize(viewportSize);
        layoutContext = new LayoutContext(rootContainer, rootDisplayBox);
        layoutContext->layout(rootContainer);

        Driven by build time flag (currently off). Not testable yet.

        * Configurations/FeatureDefines.xcconfig:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * layout/BlockFormatting/BlockFormattingContext.cpp: Added.
        * layout/BlockFormatting/BlockFormattingContext.h: Added.
        * layout/BlockFormatting/BlockFormattingState.cpp: Added.
        * layout/BlockFormatting/BlockFormattingState.h: Added.
        * layout/BlockFormatting/BlockMarginCollapse.cpp: Added.
        * layout/BlockFormatting/BlockMarginCollapse.h: Added.
        * layout/DisplayTree/DisplayBox.cpp: Added.
        * layout/DisplayTree/DisplayBox.h: Added.
        * layout/FloatingContext.cpp: Added.
        * layout/FloatingContext.h: Added.
        * layout/FloatingState.cpp: Added.
        * layout/FloatingState.h: Added.
        * layout/FormattingContext.cpp: Added.
        * layout/FormattingContext.h: Added.
        * layout/FormattingState.cpp: Added.
        * layout/FormattingState.h: Added.
        * layout/InlineFormatting/InlineFormattingContext.cpp: Added.
        * layout/InlineFormatting/InlineFormattingContext.h: Added.
        * layout/InlineFormatting/InlineFormattingState.cpp: Added.
        * layout/InlineFormatting/InlineFormattingState.h: Added.
        * layout/LayoutCtx.cpp: Added.
        * layout/LayoutCtx.h: Added.
        * layout/LayoutTree/LayoutBlockContainer.cpp: Added.
        * layout/LayoutTree/LayoutBlockContainer.h: Added.
        * layout/LayoutTree/LayoutBox.cpp: Added.
        * layout/LayoutTree/LayoutBox.h: Added.
        * layout/LayoutTree/LayoutContainer.cpp: Added.
        * layout/LayoutTree/LayoutContainer.h: Added.
        * layout/LayoutTree/LayoutCtx.h: Added.
        * layout/LayoutTree/LayoutInlineBox.cpp: Added.
        * layout/LayoutTree/LayoutInlineBox.h: Added.
        * layout/LayoutTree/LayoutInlineContainer.cpp: Added.
        * layout/LayoutTree/LayoutInlineContainer.h: Added.

2018-04-23  Daniel Bates  <dabates@apple.com>

        Attempt to fix the Mac and iOS build after r230921
        (https://bugs.webkit.org/show_bug.cgi?id=159464)

        Pass strings for the dictionary key names instead of using an extern constant as the
        latter may not be available on all systems.

        * platform/network/mac/CookieJarMac.mm:
        (WebCore::setHTTPCookiesForURL):

2018-04-23  Daniel Bates  <dabates@apple.com>

        Attempt to fix the build after r230921
        (https://bugs.webkit.org/show_bug.cgi?id=159464)

        Pass Same-Site info through.

        * platform/network/cf/CookieJarCFNet.cpp:
        (WebCore::cookieRequestHeaderFieldValue):
        * platform/network/curl/CookieJarCurl.cpp:
        (WebCore::cookieRequestHeaderFieldValue):
        * platform/network/curl/CookieJarCurlDatabase.cpp:
        (WebCore::CookieJarCurlDatabase::cookieRequestHeaderFieldValue const):
        * platform/network/soup/CookieJarSoup.cpp:
        (WebCore::cookieRequestHeaderFieldValue):

2018-04-23  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, speculative macOS build fix attempt.

        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::provideMediaData):

2018-04-23  Daniel Bates  <dabates@apple.com>

        Implement Same-Site cookies
        https://bugs.webkit.org/show_bug.cgi?id=159464
        <rdar://problem/27196358>

        Reviewed by Brent Fulgham.

        Implements support for Same-Site cookies as per <https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site-00>.
        The implementation is materially consistent with the spec. though implements the computation
        for a document's "site for cookies" indirectly as part of loading its frame. This is done to
        avoid traversing the frame tree on each subresource request initiated by the document or one
        of its workers. We take advantage of the fact that Web Workers and Service Workers use their
        host document's loader to load resources on their behalf to use the correct "site for cookies"
        for requests (e.g. fetch()) initiating by them without the need to duplicate and store the
        host document's "site for cookies" in the worker's script execution context.

        The implementation differs from the spec. in the handling of about: URLs and the empty URL
        and makes the implementation in WebKit match the behavior of Chrome and Firefox as well as
        consistent with origin inheritance as described in <https://html.spec.whatwg.org/multipage/browsers.html#origin>
        (16 April 2018). Specifically, requests to about:blank, about:srcdoc and the empty URL ("")
        are treated as same-site because these URLs inherit their origin from their owner.

        Tests: http/tests/cookies/same-site/fetch-after-navigating-iframe-in-cross-origin-page.html
               http/tests/cookies/same-site/fetch-after-top-level-navigation-from-cross-origin-page.html
               http/tests/cookies/same-site/fetch-after-top-level-navigation-initiated-from-iframe-in-cross-origin-page.html
               http/tests/cookies/same-site/fetch-cookies-set-in-about-blank-iframe.html
               http/tests/cookies/same-site/fetch-in-about-blank-page.html
               http/tests/cookies/same-site/fetch-in-cross-origin-iframe.html
               http/tests/cookies/same-site/fetch-in-cross-origin-page.html
               http/tests/cookies/same-site/fetch-in-cross-origin-service-worker.html
               http/tests/cookies/same-site/fetch-in-cross-origin-worker.html
               http/tests/cookies/same-site/fetch-in-same-origin-page.html
               http/tests/cookies/same-site/fetch-in-same-origin-service-worker.html
               http/tests/cookies/same-site/fetch-in-same-origin-srcdoc-iframe.html
               http/tests/cookies/same-site/fetch-in-same-origin-worker.html
               http/tests/cookies/same-site/popup-cross-site-post.html
               http/tests/cookies/same-site/popup-cross-site.html
               http/tests/cookies/same-site/popup-same-site-post.html
               http/tests/cookies/same-site/popup-same-site-via-cross-site-redirect.html
               http/tests/cookies/same-site/popup-same-site-via-same-site-redirect.html
               http/tests/cookies/same-site/popup-same-site.html

        * Sources.txt: Add source file SameSiteInfo.cpp.
        * WebCore.xcodeproj/project.pbxproj: Add source files SameSiteInfo.{cpp, h}.
        * dom/Document.cpp:
        (WebCore::Document::initSecurityContext): Modified to call SecurityPolicy::shouldInheritSecurityOriginFromOwner().
        (WebCore::Document::shouldInheritContentSecurityPolicyFromOwner const): Ditto.
        (WebCore::shouldInheritSecurityOriginFromOwner): Deleted; moved to SecurityPolicy.
        * dom/Document.h:
        (WebCore::Document::firstPartyForSameSiteCookies const): Added.
        (WebCore::Document::setFirstPartyForSameSiteCookies): Added.
        * loader/CookieJar.cpp:
        (WebCore::sameSiteInfo): Returns the same-site info for the request used to load the specified document.
        (WebCore::cookies): Pass the same-site info down to the platform.
        (WebCore::cookieRequestHeaderFieldProxy): Ditto.
        (WebCore::setCookies): Ditto.
        (WebCore::cookieRequestHeaderFieldValue): Ditto.
        (WebCore::getRawCookies): Ditto.
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::willSendRequest): Add same-site info to the request.
        (WebCore::DocumentLoader::startLoadingMainResource): Update a FIXME comment to explain that
        we can simplify ResourceRequestBase if we can remove the call to addExtraFieldsToMainResourceRequest()
        here. Specifically, we would not need to differentiate between a request with an unspecified
        same-site state (default state of a new request) from a request whose same-site state has
        been explicitly set if we can assume that the same-site state of a request is set exactly
        once. In absence of this guarantee we need an "unspecified" state to avoid overriding existing
        same-site information computed with a null initiating document (the case of a new address bar
        initiated load) from a load initiated by the document associated with this loader.
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::setFirstPartyForCookies): Modified to also update the first party for
        same-site cookies ("site for cookies").
        (WebCore::FrameLoader::load): Add same-site info to the request.
        (WebCore::FrameLoader::reload): Ditto.
        (WebCore::FrameLoader::setOriginalURLForDownloadRequest): Ditto.
        (WebCore::FrameLoader::addExtraFieldsToRequest): If the request does not already have
        same-site info then compute it and add it to the request. Mark main frame main resource
        requests as a "top-site".
        (WebCore::FrameLoader::addSameSiteInfoToRequestIfNeeded): Implements the "'Same-site' and 'cross-site'
        Requests" algorithm from <https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site-00#section-2.1>.
        (WebCore::createWindow): Add same-site info to the request.
        * loader/FrameLoader.h:
        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::init): Ditto.
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::createWindow): Ditto.
        * page/SecurityPolicy.cpp:
        (WebCore::SecurityPolicy::shouldInheritSecurityOriginFromOwner): Moved from Document.cpp.
        * page/SecurityPolicy.h:
        * platform/CookiesStrategy.h:
        * platform/network/CacheValidation.cpp:
        (WebCore::headerValueForVary): Pass the same-site info down to the platform.
        * platform/network/CookieRequestHeaderFieldProxy.h:
        (WebCore::CookieRequestHeaderFieldProxy::encode const): Encode same-site bits.
        (WebCore::CookieRequestHeaderFieldProxy::decode): Decode same-site bits.
        * platform/network/PlatformCookieJar.h:
        * platform/network/ResourceRequestBase.cpp:
        (WebCore::ResourceRequestBase::setAsIsolatedCopy): Added.
        (WebCore::ResourceRequestBase::isSameSite const): Added.
        (WebCore::ResourceRequestBase::setIsSameSite): Added.
        (WebCore::ResourceRequestBase::isTopSite const): Added.
        (WebCore::ResourceRequestBase::setIsTopSite): Added.
        (WebCore::equalIgnoringHeaderFields):
        * platform/network/ResourceRequestBase.h:
        (WebCore::ResourceRequestBase::isSameSiteUnspecified const): Added. See comment for DocumentLoader::startLoadingMainResource()
        for more details.
        (WebCore::registrableDomainsAreEqual): Added.
        (WebCore::ResourceRequestBase::encodeBase const): Encode same-site bits.
        (WebCore::ResourceRequestBase::decodeBase): Decode same-site bits.
        * platform/network/SameSiteInfo.cpp: Added.
        (WebCore::SameSiteInfo::create):
        * platform/network/SameSiteInfo.h: Added.
        (WebCore::SameSiteInfo::encode const):
        (WebCore::SameSiteInfo::decode):
        * platform/network/cf/CookieJarCFNet.cpp:
        (WebCore::setCookiesFromDOM): Pass Same-Site info down.
        (WebCore::cookiesForDOM): Ditto.
        (WebCore::cookieRequestHeaderFieldValue): Ditto.
        (WebCore::getRawCookies): Ditto.
        * platform/network/cf/ResourceRequestCFNet.cpp:
        (WebCore::siteForCookies): Added.
        (WebCore::ResourceRequest::doUpdatePlatformRequest): Update platform request with same-site info.
        (WebCore::ResourceRequest::doUpdateResourceRequest): Ditto.
        * platform/network/cocoa/ResourceRequestCocoa.mm:
        (WebCore::ResourceRequest::doUpdateResourceRequest): Ditto.
        (WebCore::siteForCookies): Added.
        (WebCore::ResourceRequest::doUpdatePlatformRequest): Update platform request with same-site info.
        * platform/network/curl/CookieJarCurl.cpp:
        (WebCore::cookiesForDOM): Pass Same-Site info down.
        (WebCore::setCookiesFromDOM): Ditto.
        (WebCore::cookieRequestHeaderFieldValue): Ditto.
        (WebCore::getRawCookies): Ditto.
        * platform/network/curl/CookieJarCurl.h:
        * platform/network/curl/CookieJarCurlDatabase.cpp:
        (WebCore::CookieJarCurlDatabase::setCookiesFromDOM const): Ditto.
        (WebCore::CookieJarCurlDatabase::cookiesForDOM const): Ditto.
        (WebCore::CookieJarCurlDatabase::cookieRequestHeaderFieldValue const): Ditto.
        (WebCore::CookieJarCurlDatabase::getRawCookies const): Ditto.
        * platform/network/curl/CookieJarCurlDatabase.h:
        * platform/network/curl/ResourceHandleCurl.cpp:
        (WebCore::ResourceHandle::createCurlRequest): Ditto.
        * platform/network/mac/CookieJarMac.mm:
        (WebCore::cookiesForURL): Added; shared function to return the cookies based on the specified criterion.
        (WebCore::setHTTPCookiesForURL): Moved from the bottom of the file to top to be closer to the other
        CFNetwork helper functions. Modified to support fetching same-site cookies.
        (WebCore::httpCookiesForURL): Moved to be under setHTTPCookiesForURL(). Modified to call cookiesForURL().
        Note the SPI used in cookiesForURL() apply the same criterion for whether to fetch secure cookies as we
        were computing here. That is, the CFNetwork SPI only returns secure cookies if the specified URL's scheme
        case-insensitively matches "https".
        (WebCore::cookiesInPartitionForURL): Wrote in terms of cookiesForURL().
        (WebCore::cookiesForSession): Pass the Same-Site info.
        (WebCore::cookiesForDOM): Ditto.
        (WebCore::cookieRequestHeaderFieldValue): Ditto.
        (WebCore::setCookiesFromDOM): Ditto.
        (WebCore::getRawCookies): Ditto.
        (WebCore::deleteCookie): Pass std::nullopt for the Same-Site info so that we do not consider the SameSite
        attribute when fetching cookies to delete.
        * platform/network/soup/CookieJarSoup.cpp:
        (WebCore::setCookiesFromDOM): Pass the Same-Site info.
        (WebCore::cookiesForDOM): Ditto.
        (WebCore::cookieRequestHeaderFieldValue): Ditto.
        (WebCore::getRawCookies): Ditto.
        * workers/service/context/ServiceWorkerThreadProxy.cpp:
        (WebCore::createPageForServiceWorker): Set the first party for same site cookies ("site for cookies") to
        the script URL.
        * xml/XSLTProcessor.cpp:
        (WebCore::XSLTProcessor::createDocumentFromSource): Copy the first party for same-site cookies to the
        new document.

2018-04-23  Chris Dumez  <cdumez@apple.com>

        HTML String load cannot be prevented by responding 'Cancel' asynchronously in decidePolicyForNavigationAction
        https://bugs.webkit.org/show_bug.cgi?id=184848
        <rdar://problem/39145306>

        Reviewed by Brady Eidson.

        When calling loadHTMLString on a WebView, we end up doing a load for 'about:blank'
        with substitute data. In such case, we want to do a regular asynchronous policy
        delegate check, there is no reason we need it to be synchronous. Update our check
        to make sure we only do a synchronous policy check for initial 'about:blank' loads
        that do not have substitute data.

        * loader/PolicyChecker.cpp:
        (WebCore::PolicyChecker::checkNavigationPolicy):

2018-04-23  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Extra zoom mode] 100vw is roughly half of the viewport width in extra zoom mode
        https://bugs.webkit.org/show_bug.cgi?id=184871
        <rdar://problem/39477595>

        Reviewed by Andy Estes.

        Currently, when computing CSS viewport units, we use ViewportConfiguration::initialScaleIgnoringContentSize().
        This method computes an initial scale from the layout width and height without relying on any information
        derived from the current content size. This is done to ensure that the content size and viewport dimensions for
        CSS viewport units should not be simultaneously dependent on each other.

        Since shrink-to-fit heuristics depend on content size, we currently assume that shrink-to-fit is disabled when
        computing initialScaleIgnoringContentSize, by always passing in `false` for `shouldIgnoreScalingConstraints`.
        However, in extra zoom mode, the opposite is true: since we force both `m_canIgnoreScalingConstraints` and
        `m_forceHorizontalShrinkToFit` to be `true` in this mode, we will always try to shrink-to-fit regardless of
        content size.

        Because of this shrink-to-fit disparity between `initialScale` and `initialScaleIgnoringContentSize`, viewport
        units in extra zoom mode are currently computed assuming an initial scale set by the page, whereas the real
        viewport is scaled to fit, which causes any lengths computed in terms of vw and vh to be incorrect. To fix this,
        we introduce a version of shouldIgnoreScalingConstraints() that returns `true` iff scaling constraints are
        always ignored, regardless of content size. We then use this in initialScaleIgnoringContentSize, instead of
        always passing in `false` for `shouldIgnoreScalingConstraints`.

        Test: fast/css/extrazoom/viewport-units-shrink-to-fit.html

        * page/ViewportConfiguration.cpp:
        (WebCore::ViewportConfiguration::shouldIgnoreScalingConstraintsRegardlessOfContentSize const):
        (WebCore::ViewportConfiguration::initialScaleIgnoringContentSize const):
        * page/ViewportConfiguration.h:

2018-04-23  Zalan Bujtas  <zalan@apple.com>

        [Simple line layout] Generate inline boxtree using simple line layout runs.
        https://bugs.webkit.org/show_bug.cgi?id=184833

        Reviewed by Antti Koivisto.

        RenderBlockFlow::ensureLineBoxes triggers line layout on the block content to replace
        the simple line layout runs with an inline boxtree. The runs generated by the fast path
        should always match the inline tree boxes.
        In this patch instead of triggering layout, we just convert the simple line runs to
        inline boxes.
        Currently, it works with only one, non-paginated text renderer, but we should be
        able to extend it to all the simple line layout content.   

        Covered by existing tests.

        * rendering/InlineBox.h:
        (WebCore::InlineBox::setHasHyphen):
        (WebCore::InlineBox::setCanHaveLeadingExpansion):
        (WebCore::InlineBox::setCanHaveTrailingExpansion):
        (WebCore::InlineBox::setForceTrailingExpansion):
        (WebCore::InlineBox::setForceLeadingExpansion):
        (WebCore::InlineBox::hasHyphen const):
        (WebCore::InlineBox::canHaveLeadingExpansion const):
        (WebCore::InlineBox::canHaveTrailingExpansion const):
        (WebCore::InlineBox::forceTrailingExpansion const):
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::ensureLineBoxes):
        * rendering/RenderBlockFlow.h:
        * rendering/SimpleLineLayoutFlowContents.h:
        (WebCore::SimpleLineLayout::FlowContents::segmentForRun const):
        * rendering/SimpleLineLayoutFunctions.cpp:
        (WebCore::SimpleLineLayout::canUseForLineBoxTree):
        (WebCore::SimpleLineLayout::initializeInlineBox):
        (WebCore::SimpleLineLayout::generateLineBoxTree):
        * rendering/SimpleLineLayoutFunctions.h:
        * rendering/SimpleLineLayoutResolver.cpp:
        (WebCore::SimpleLineLayout::RunResolver::rangeForLine const):
        * rendering/SimpleLineLayoutResolver.h:

2018-04-23  Zan Dobersek  <zdobersek@igalia.com>

        [CoordGraphics] Remove unused trajectory cruft in CoordinatedLayerTreeHost, CoordinatedGraphicsLayer
        https://bugs.webkit.org/show_bug.cgi?id=184881

        Reviewed by Michael Catanzaro.

        Remove the redundant findFirstDescendantWithContentsRecursively() and
        setVisibleContentRectTrajectoryVector() methods on the
        CoordinatedGraphicsLayer class.

        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::CoordinatedGraphicsLayer::findFirstDescendantWithContentsRecursively): Deleted.
        (WebCore::CoordinatedGraphicsLayer::setVisibleContentRectTrajectoryVector): Deleted.
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:

2018-04-23  Zan Dobersek  <zdobersek@igalia.com>

        [CoordGraphics] TiledBackingStore unnecessarily tracks alpha support value
        https://bugs.webkit.org/show_bug.cgi?id=184880

        Reviewed by Michael Catanzaro.

        Drop the m_supportsAlpha member from the TiledBackingStore class. The
        member value was unused. TiledBackingStore::setSupportsAlpha() method
        is removed.

        TiledBackingStore::setSupportsAlpha() invalidated the backing store,
        so CoordinatedGraphicsLayer::setContentsOpaque() now enforces the same
        behavior by manually updating the m_needsDisplay struct. This means
        that during the following layer flush the backing store is repainted
        in its entirety.

        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::CoordinatedGraphicsLayer::setContentsOpaque):
        (WebCore::CoordinatedGraphicsLayer::createBackingStore):
        * platform/graphics/texmap/coordinated/TiledBackingStore.cpp:
        (WebCore::TiledBackingStore::TiledBackingStore):
        (WebCore::TiledBackingStore::setSupportsAlpha): Deleted.
        * platform/graphics/texmap/coordinated/TiledBackingStore.h:

2018-04-23  Thibault Saunier  <tsaunier@igalia.com>

        [GStreamer] Start implementing Audio/VideoTrackPrivateGSTreamer::kind method
        https://bugs.webkit.org/show_bug.cgi?id=184650

        Reviewed by Philippe Normand.

        In the playbin3 case we can assume that if the GstStream is selected by default,
        it is the Main track of that kind.

        No new tests are added as:
            * It relies on playbin3 case which support might be compiled out
            * we already have a few test that are currently disabled in the mediastream
              testsuite. This patch is part of the work to enable them.

        * platform/graphics/gstreamer/AudioTrackPrivateGStreamer.cpp:
        (WebCore::AudioTrackPrivateGStreamer::kind const):
        * platform/graphics/gstreamer/AudioTrackPrivateGStreamer.h:
        * platform/graphics/gstreamer/VideoTrackPrivateGStreamer.cpp:
        (WebCore::VideoTrackPrivateGStreamer::kind const):
        * platform/graphics/gstreamer/VideoTrackPrivateGStreamer.h:

2018-04-23  Alicia Boya García  <aboya@igalia.com>

        [MSE] Add allSamplesInTrackEnqueued event
        https://bugs.webkit.org/show_bug.cgi?id=184737

        MediaSource has a .endOfStream() method to signal when there are no more frames
        after the ones currently buffered.

        This bit of data is important for some multimedia frameworks. For instance, in
        GStreamer a stream of frames being decoded should be terminated by a
        'end-of-stream' (EOS) event that has a similar meaning. Some GStreamer elements
        will expect this event in order to work properly under some circumstances.

        Unfortunately currently WebKit provides no mechanism for this: an event of
        sorts should be emitted after no more frames are going to be enqueued to signal
        the end of the stream. The closest mechanism WebKit has for this is
        `markEndOfStream()`, but it's not exactly the same: markEndOfStream() informs
        that -- as far as network buffering is concerned -- we are done; but at that
        point there may still be (and often are) many frames waiting in the
        decodeQueue, so it would be wrong to signal the decoder that there are no more
        frames.

        This patch introduces a new optional method in SourceBufferPrivate,
        `allSamplesInTrackEnqueued(const AtomicString& trackID)` that is called
        whenever the MediaSource is in "ended" state (the user has called
        `MediaSource.endOfStream()`) and the decodeQueue is empty. Media framework
        implementations can use this method to send a EOS event to a decoder that needs
        it.

        Reviewed by Xabier Rodriguez-Calvar.

        * Modules/mediasource/MediaSource.cpp:
        (WebCore::MediaSource::streamEndedWithError):
        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::provideMediaData):
        (WebCore::SourceBuffer::trySignalAllSamplesInTrackEnqueued):
        (WebCore::SourceBuffer::trySignalAllSamplesEnqueued):
        * Modules/mediasource/SourceBuffer.h:
        * platform/graphics/SourceBufferPrivate.h:
        (WebCore::SourceBufferPrivate::allSamplesInTrackEnqueued):
        * platform/graphics/gstreamer/mse/MediaSourceClientGStreamerMSE.cpp:
        (WebCore::MediaSourceClientGStreamerMSE::allSamplesInTrackEnqueued):
        * platform/graphics/gstreamer/mse/MediaSourceClientGStreamerMSE.h:
        * platform/graphics/gstreamer/mse/PlaybackPipeline.cpp:
        (WebCore::PlaybackPipeline::allSamplesInTrackEnqueued):
        * platform/graphics/gstreamer/mse/PlaybackPipeline.h:
        * platform/graphics/gstreamer/mse/SourceBufferPrivateGStreamer.cpp:
        (WebCore::SourceBufferPrivateGStreamer::allSamplesInTrackEnqueued):
        * platform/graphics/gstreamer/mse/SourceBufferPrivateGStreamer.h:

2018-04-23  Ms2ger  <Ms2ger@igalia.com>

        Avoid uninitialized memory read.
        https://bugs.webkit.org/show_bug.cgi?id=184505
        <rdar://problem/39348325>

        Reviewed by Dean Jackson.

        Test: imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-bounds.html

        * html/ImageBitmap.cpp:
        (WebCore::croppedSourceRectangleWithFormatting):

2018-04-23  Zan Dobersek  <zdobersek@igalia.com>

        [TexMap] Drop RefCounted inheritance off of TextureMapperBackingStore
        https://bugs.webkit.org/show_bug.cgi?id=184810

        Reviewed by Carlos Garcia Campos.

        Turn TextureMapperBackingStore into a simple interface that doesn't
        inherit from RefCounted<>. Instead, push that inheritance off to the
        classes that implement the TextureMapperBackingStore interface. This
        narrows down the purpose of TextureMapperBackingStore towards a simple
        interface that TextureMapper algorithms can work with.

        TextureMapperLayer has its m_backingStore member variable turn into
        a simple pointer instead of a RefPtr<>. Setter method and call sites of
        that method are updated to reflect that.

        TextureMapperTiledBackingStore now inherits from RefCounted<> directly,
        instead of through TextureMapperBackingStore.

        * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
        (WebCore::GraphicsLayerTextureMapper::commitLayerChanges):
        (WebCore::GraphicsLayerTextureMapper::updateBackingStoreIfNeeded):
        * platform/graphics/texmap/GraphicsLayerTextureMapper.h:
        * platform/graphics/texmap/TextureMapperBackingStore.h:
        * platform/graphics/texmap/TextureMapperLayer.cpp:
        (WebCore::TextureMapperLayer::setBackingStore):
        * platform/graphics/texmap/TextureMapperLayer.h:
        * platform/graphics/texmap/TextureMapperTiledBackingStore.h:

2018-04-22  Zan Dobersek  <zdobersek@igalia.com>

        [AsyncScrolling] Add generic ScrollingThread implementation
        https://bugs.webkit.org/show_bug.cgi?id=184809

        Reviewed by Yusuke Suzuki.

        Add a generic ScrollingThread implementation that internally uses
        RunLoop facilities to run the scrolling thread and dispatch
        callbacks on that thread.

        ScrollingThread::initializeRunLoop() retrieves address of the
        thread-specific RunLoop and signals the Condition object.
        ScrollingThread::wakeUpRunLoop() uses RunLoop::dispatch() to schedule
        callback dispatches on the scrolling thread.

        ScrollingThread::createThreadIfNeeded() mimics Cocoa implementation and
        waits for the RunLoop address to be retrieved before continuing.

        * SourcesGTK.txt: Add to build.
        * SourcesWPE.txt: Ditto.
        * page/scrolling/ScrollingThread.cpp:
        (WebCore::ScrollingThread::createThreadIfNeeded):
        * page/scrolling/ScrollingThread.h:
        * page/scrolling/generic/ScrollingThreadGeneric.cpp: Added.
        (WebCore::ScrollingThread::initializeRunLoop):
        (WebCore::ScrollingThread::wakeUpRunLoop):

2018-04-22  Zan Dobersek  <zdobersek@igalia.com>

        [CoordinatedGraphics] Unused contentsSize, coveredRect attributes in CoordinatedGraphicsState
        https://bugs.webkit.org/show_bug.cgi?id=184811

        Reviewed by Carlos Garcia Campos.

        Remove the unused contentsSize and coveredRect attributes on the
        CoordinatedGraphicsState struct. CoordinatedGraphicsLayer::coverRect()
        method is now unused and can also be removed.

        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsState.h:

2018-04-21  Daniel Bates  <dabates@apple.com>

        Cleanup CookieRequestHeaderFieldProxy
        https://bugs.webkit.org/show_bug.cgi?id=184868

        Remove extraneous whitespace that I inadvertently added.

        * platform/network/CookieRequestHeaderFieldProxy.h:
        (WebCore::CookieRequestHeaderFieldProxy::decode):

2018-04-21  Daniel Bates  <dabates@apple.com>

        Cleanup CookieRequestHeaderFieldProxy
        https://bugs.webkit.org/show_bug.cgi?id=184868

        Reviewed by Youenn Fablet.

        Simplify the struct CookieRequestHeaderFieldProxy and make it consistent with other structs.
        Among other changes, remove constructors for CookieRequestHeaderFieldProxy as they are
        unnecessary as all supported compilers support non-static data member initializers (NSDMI)
        for aggregates, remove prefix "m_" from the name of fields as this is struct exists for
        convenience and offers no encapsulation and simplify decoding logic of this struct.

        No functionality changed. So, no new tests.

        * loader/CookieJar.cpp:
        (WebCore::cookieRequestHeaderFieldProxy):
        * platform/network/CookieRequestHeaderFieldProxy.h:
        (WebCore::CookieRequestHeaderFieldProxy::encode const):
        (WebCore::CookieRequestHeaderFieldProxy::decode):
        (WebCore::CookieRequestHeaderFieldProxy::CookieRequestHeaderFieldProxy): Deleted.
        * platform/network/SocketStreamHandleImpl.cpp:
        (WebCore::cookieDataForHandshake):
        * platform/network/cf/CookieJarCFNet.cpp:
        (WebCore::cookieRequestHeaderFieldValue):
        * platform/network/curl/CookieJarCurl.cpp:
        (WebCore::cookieRequestHeaderFieldValue):
        * platform/network/curl/CookieJarCurlDatabase.cpp:
        (WebCore::CookieJarCurlDatabase::cookieRequestHeaderFieldValue const):
        * platform/network/mac/CookieJarMac.mm:
        (WebCore::cookieRequestHeaderFieldValue):
        * platform/network/soup/CookieJarSoup.cpp:
        (WebCore::cookieRequestHeaderFieldValue):

2018-04-21  Antoine Quint  <graouts@apple.com>

        [Modern Media Controls] Show a loading indicator after pressing the play button in compact mode
        https://bugs.webkit.org/show_bug.cgi?id=184863
        <rdar://problem/38939468>

        Reviewed by Dean Jackson.

        We now display a loading indicator after pressing the play button when in compact mode. We also update the
        behavior to use assets provided through WebKitAdditions (see webkit.org/b/184862) for the play button and
        the invalid icon. Additionally, we always show a 20% opaque black overlay in the background while any piece
        of user interface is up.

        * Modules/modern-media-controls/controls/compact-activity-indicator.css: Added.
        (button.compact-activity-indicator > picture): The loading indicator asset is a sprite made of 23 frames, so
        we specify the mask size (since all buttons are rendered via a mask) to be 23 * 100% the rendered size. The
        display of the loading indicator is performed with a first intro animation which runs once through the first
        8 frames and then a continuously looping animation going through the remaining frames. We use a frames()
        timing function to achieve the frame-by-frame effect while using only from/to keyframe animations. When we
        fade out, we use a simply opacity fade, which is combined with the spinning animation. We use CSS variables
        to encode both animations so they can be used combined or one at a time without redefining the whole animation
        property.
        (button.compact-activity-indicator.spins > picture): Use the "spins" animation variable when spinning.
        (button.compact-activity-indicator.spins.fades-out > picture): Combine the "spins" and "fades-out" animation
        variables when fading out.
        (@keyframes compact-activity-indicator-intro): Animation going through the first 8 frames of the loading indicator.
        (@keyframes compact-activity-indicator-loop): Animation going through the remaining frames of the loading indicator.
        (@keyframes compact-activity-indicator-fades-out): Animation fading opacity from 1 to 0.
        * Modules/modern-media-controls/controls/compact-activity-indicator.js: Added.
        (CompactActivityIndicator):
        (CompactActivityIndicator.prototype.show): Add the "spins" CSS class to show the control spinning with the intro animation.
        (CompactActivityIndicator.prototype.hide): Add the "fades-out" CSS class to hide the control, removing both this class and
        the "spins" class when the fade-out animation completes.
        * Modules/modern-media-controls/controls/compact-media-controls.css: Added.
        (.media-controls.compact:before): Add a 20% black overlay over the video frame to provide contrast for controls.
        (.media-controls.compact button): Ensure buttons are sized to use the entire video frame so that their hit region
        comprises the whole video frame.
        (.media-controls.compact button > picture): Override default blending styles for a simple solid white mask.
        (.media-controls.compact button:active > picture): Turn off the scale down effect when pressing a button.
        * Modules/modern-media-controls/controls/compact-media-controls.js: Expose a "state" property for the compact media controls,
        which can be exlusively one of three: "paused", "pending" and "invalid".
        (CompactMediaControls.):
        (CompactMediaControls.prototype.get state):
        (CompactMediaControls.prototype.set state):
        (CompactMediaControls.prototype.layout): In the "paused" state, show the play button. In the "pending" state show
        the loading indicator. In the "invalid" state show the invalid button.
        (CompactMediaControls.prototype.get placard): Deleted.
        (CompactMediaControls.prototype.set placard): Deleted.
        * Modules/modern-media-controls/js-files:
        * Modules/modern-media-controls/media/compact-media-controls-support.js: Added.
        (CompactMediaControlsSupport.prototype.get mediaEvents):
        (CompactMediaControlsSupport.prototype.handleEvent): Make the controls enter the "paused" state when receiving a "pause"
        event. Make the controls enter the "invalid" state when receiving an "error" event. 
        (CompactMediaControlsSupport.prototype.enable):
        (CompactMediaControlsSupport.prototype.disable):
        (CompactMediaControlsSupport.prototype.buttonWasPressed): Play the media when pressing the play button and make the controls
        enter the "pending" state. When pressing the loading indicator, pause the media and make the controls enter the "paused" state.
        (CompactMediaControlsSupport.prototype._buttons):
        (CompactMediaControlsSupport):
        * Modules/modern-media-controls/media/media-controller.js:
        (MediaController.prototype._supportingObjectClasses): Only use CompactMediaControlsSupport as a media controller supporting object
        in the compact mode.
        * Modules/modern-media-controls/media/placard-support.js:
        (PlacardSupport.prototype.get mediaEvents): This media controller support object no longer needs to deal with compact mode.
        * Modules/modern-media-controls/media/playback-support.js:
        (PlaybackSupport.prototype.syncControl): This media controller support object no longer needs to deal with compact mode.
        (PlaybackSupport):

2018-04-21  Antoine Quint  <graouts@apple.com>

        [Modern Media Controls] Obtain compact mode icons through WebKitAdditions
        https://bugs.webkit.org/show_bug.cgi?id=184862
        <rdar://problem/39621645>

        Reviewed by Jon Lee.

        * Modules/modern-media-controls/controls/button.js:
        (Button.prototype._updateImageMetrics): Handle PDF assets where the image source's intrinsic size needs
        to be adjusted for the device pixel density.
        (Button):
        * Modules/modern-media-controls/controls/icon-service.js: Expect three additional icons provided through
        WebKitAdditions, including two in the PDF format, so we add support for this format.
        * WebCore.xcodeproj/project.pbxproj: Copy additional assets from the WebKitAdditions build directory should
        any be present.

2018-04-21  Dean Jackson  <dino@apple.com>

        Expose whether you've build with the Apple Internal SDK
        https://bugs.webkit.org/show_bug.cgi?id=184864

        Reviewed by Wenson Hsieh.

        Internals API to let a test know if it is running with the
        Apple internal SDK.

        * testing/Internals.cpp:
        (WebCore::usingAppleInternalSDK const):
        * testing/Internals.h:
        * testing/Internals.idl:

2018-04-20  Nan Wang  <n_wang@apple.com>

        AX: AOM does not work with DOM Level 1 events
        https://bugs.webkit.org/show_bug.cgi?id=184847

        Reviewed by Chris Fleizach.

        Added the accessibility events to the HTML attribute names.

        Test cases are added to the existing layout tests.

        * html/HTMLAttributeNames.in:
        * html/HTMLElement.cpp:
        (WebCore::HTMLElement::createEventHandlerNameMap):

2018-04-20  Carlos Garcia Campos  <cgarcia@igalia.com>

        REGRESSION(r228088): [SOUP] Check TLS errors for WebSockets on GTlsConnection::accept-certificate
        https://bugs.webkit.org/show_bug.cgi?id=184804

        Reviewed by Michael Catanzaro.

        * platform/network/soup/SocketStreamHandleImpl.h: Add a public url getter.
        * platform/network/soup/SocketStreamHandleImplSoup.cpp:
        (WebCore::acceptCertificateCallback): Call SoupNetworkSession::checkTLSErrors() to decide whether to accept the
        certificate or not.
        (WebCore::connectProgressCallback): Receive the SocketStreamHandle and pass it to acceptCertificateCallback callback.
        (WebCore::socketClientEventCallback): Ditto.
        (WebCore::SocketStreamHandleImpl::create): Always connect to network events.
        (WebCore::wssConnectionAcceptCertificateCallback): Deleted.
        (WebCore::wssSocketClientEventCallback): Deleted.

2018-04-20  Carlos Garcia Campos  <cgarcia@igalia.com>

        [SOUP] Do TLS error checking on GTlsConnection::accept-certificate
        https://bugs.webkit.org/show_bug.cgi?id=184480

        Reviewed by Michael Catanzaro.

        * platform/network/soup/ResourceError.h: Change tlsError to recieve a failing URL instead of a SoupRequest,
        since the request was only used to get the failing URL.
        * platform/network/soup/ResourceErrorSoup.cpp:
        (WebCore::ResourceError::tlsError): Use the given failing URL.
        * platform/network/soup/SoupNetworkSession.cpp:
        (WebCore::SoupNetworkSession::SoupNetworkSession): Use ssl-strict when creating the SoupSession to handle the
        certificates ourselves by connecting to GTlsConnection::accept-certificate.
        (WebCore::SoupNetworkSession::checkTLSErrors): Updated to receive a URL, certificate and errors instead of
        receiving a SoupRequest and SoupMessage and extract the url, certirficate and errors from them. Also return the
        optional error directly instead of using a completion handler since the function is always synchronous.
        * platform/network/soup/SoupNetworkSession.h:

2018-04-20  Tim Horton  <timothy_horton@apple.com>

        Adjust geolocation feature flag
        https://bugs.webkit.org/show_bug.cgi?id=184856

        Reviewed by Wenson Hsieh.

        * Configurations/FeatureDefines.xcconfig:

2018-04-20  Chris Dumez  <cdumez@apple.com>

        Unreviewed attempt to fix Windows build after r230875.

        * platform/network/cf/CookieJarCFNet.cpp:
        (WebCore::cookieRequestHeaderFieldValue):
        * platform/network/curl/CookieJarCurlDatabase.cpp:

2018-04-20  Chris Dumez  <cdumez@apple.com>

        REGRESSION (r229828): web view doesn’t update or respond to resizing until client calls policy decision handler
        https://bugs.webkit.org/show_bug.cgi?id=184210
        <rdar://problem/39072354>

        Reviewed by Wenson Hsieh.

        r229828 tried to have some API tests happy on iOS by freezing the layer tree
        during the navigation policy decision. However, this is observable by the client
        application and a regression from when the policy delegate was synchronous.

        To address the issue, this patch reverts r229828 and instead updates the iOS
        API tests to wait for the next presentation update after navigating
        before interacting with the view.

        * loader/FrameLoaderClient.h:
        * loader/PolicyChecker.cpp:
        (WebCore::PolicyChecker::checkNavigationPolicy):

2018-04-20  Brent Fulgham  <bfulgham@apple.com>

        Limit cookie header access to Network process
        https://bugs.webkit.org/show_bug.cgi?id=184764
        <rdar://problem/36785285>

        Reviewed by Youenn Fablet.

        Revise the handling of cookie request headers so that we don't interact with them in the
        WebContent process. They are only needed for interaction with the server and the network
        process, so we should limit their scope to just the Network process.

        Instead, we should handle a token that represents the cookie headers in the WebContent
        process, which can be converted to the relevant cookie data in the network process when
        needed.

        * Modules/websockets/WebSocketChannel.cpp:
        (WebCore::WebSocketChannel::didOpenSocketStream):
        * Modules/websockets/WebSocketHandshake.cpp:
        (WebCore::WebSocketHandshake::clientHandshakeMessage const):
        (WebCore::WebSocketHandshake::clientHandshakeRequest const):
        (WebCore::WebSocketHandshake::clientHandshakeCookieRequestHeaderFieldProxy const):
        (WebCore::WebSocketHandshake::clientHandshakeMessage): Deleted.
        (WebCore::WebSocketHandshake::clientHandshakeRequest): Deleted.
        * Modules/websockets/WebSocketHandshake.h:
        * WebCore.xcodeproj/project.pbxproj:
        * loader/CookieJar.cpp:
        (WebCore::cookieRequestHeaderFieldProxy):
        * loader/CookieJar.h:
        * platform/network/CookieRequestHeaderFieldProxy.h: Added.
        (WebCore::CookieRequestHeaderFieldProxy::CookieRequestHeaderFieldProxy):
        (WebCore::CookieRequestHeaderFieldProxy::isolatedCopy const):
        (WebCore::CookieRequestHeaderFieldProxy::encode const):
        (WebCore::CookieRequestHeaderFieldProxy::decode):
        * platform/network/PlatformCookieJar.h:
        * platform/network/SocketStreamHandle.cpp:
        (WebCore::SocketStreamHandle::sendHandshake):
        * platform/network/SocketStreamHandle.h:
        * platform/network/SocketStreamHandleImpl.cpp:
        (WebCore::SocketStreamHandleImpl::platformSendHandshake):
        * platform/network/cf/SocketStreamHandleImpl.h:
        * platform/network/curl/CookieJarCurl.cpp:
        (WebCore::cookieRequestHeaderFieldValue):
        * platform/network/curl/CookieJarCurl.h:
        * platform/network/curl/SocketStreamHandleImpl.h:
        * platform/network/mac/CookieJarMac.mm:
        (WebCore::cookieRequestHeaderFieldValue):
        * platform/network/soup/CookieJarSoup.cpp:
        (WebCore::cookieRequestHeaderFieldValue):
        * platform/network/soup/SocketStreamHandleImpl.h:

2018-04-20  Daniel Bates  <dabates@apple.com>

        Hide Strong Password label when text field is too narrow
        https://bugs.webkit.org/show_bug.cgi?id=184785
        <rdar://problem/38183939>

        Reviewed by Zalan Bujtas.

        We accomplish this illusion by allowing the text field's decorations to wrap, specifying flex
        shrink factors, a flex basis and hiding overflow. Hiding overflow is accomplished by a
        combination of setting "overflow: hidden", "text-overflow: clip", and patching RenderTextControlSingleLine::layout()
        to ensure that the height of the container element is equal to the intrinsic height of the
        inner elements. Because the container is a flex box and we want to vertically center its
        contents we also need to fix up the y-position of the container element as it may have flexed
        as a result of forcing its height to match the intrinsic height of the inner elements.

        * css/html.css:
        (input::-webkit-strong-password-auto-fill-button): Specify a flex-shrink factor and prevent
        wrapping of the "Strong Password" text when flexed.
        * html/shadow/TextControlInnerElements.cpp:
        (WebCore::TextControlInnerContainer::TextControlInnerContainer): Register for a custom style
        resolution callback so that we can style the container if it is a Strong Password or Strong
        Confirmation Password text field. Ideally we could accomplish this effect with a user agent-
        specific pseudo class together with a selector definition in the user agent style sheet,
        html.css. Unfortunately the style resolver does not seem to apply pseudo classes to
        shadow DOM pseudo elements (why?). Therefore we use a custom style resolution callback to
        achieve the same effect.
        (WebCore::isStrongPasswordTextField): Returns whether the specified DOM element is a Strong
        Password text field.
        (WebCore::TextControlInnerContainer::resolveCustomStyle): Conditionally apply CSS properties
        "flex-wrap: wrap" and overflow: hidden" if the shadow host of this container is a Strong
        Password text field.
        (WebCore::TextControlInnerElement::resolveCustomStyle): Conditionally style the inner text
        if the shadow host of this container is a Strong Password text field. We need to apply these
        styles here as opposed to in html.css for the same reason we need to apply the styles to
        the container in a custom style resolution callback. See the comments for TextControlInnerContainer()
        above for more details
        * html/shadow/TextControlInnerElements.h:
        * rendering/RenderTextControlSingleLine.cpp:
        (WebCore::resetOverriddenHeight): Added. Incorporates the logic from setNeedsLayoutOnAncestors().
        (WebCore::RenderTextControlSingleLine::layout): Override the height of the container element to
        match the height of the inner elements when this text field is a Strong Password field. We cache
        the container's logical top before adjusting its height so that we can restore it after performing
        a second layout of this renderer. This is needed because we vertically center the elements in this
        renderer and adjusting the height of the container may cause it to flex and re-position along its
        cross axis when the container's height is taller than the inner element's height (e.g. the "Strong
        Password" label wraps to the next line). This re-positioning causes a noticeable jitter when
        transitioning from a field that has a visible "Strong Password" label to one that does not. Caching
        and restoring the logical top of the container element avoids this jitter.
        (WebCore::setNeedsLayoutOnAncestors): Deleted. Moved its implementation into resetOverriddenHeight().

2018-04-20  Dean Jackson  <dino@apple.com>

        Render a badge on system preview images
        https://bugs.webkit.org/show_bug.cgi?id=184854
        <rdar://problem/39615154>

        Reviewed by Tim Horton.

        At paint time, if a RenderImage is an image element
        which is identified as a system preview, then draw
        a little badge in the top right corner.

        It is expected that platforms will override the
        default rendering with something that identifies
        how a system preview will operate. e.g. QuickLook
        on Apple systems.

        Test: system-preview/badge.html

        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::paintIntoRect): If we are
        a system preview, call RenderTheme to draw a badge.
        * rendering/RenderTheme.cpp:
        (WebCore::RenderTheme::paintSystemPreviewBadge): A default
        implementation that draws a red circle.
        * rendering/RenderTheme.h:

2018-04-20  Brian Burg  <bburg@apple.com>

        Web Inspector: remove some dead code in IdentifiersFactory
        https://bugs.webkit.org/show_bug.cgi?id=184839

        Reviewed by Timothy Hatcher.

        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::setProcessId): Deleted.
        * inspector/InspectorController.h:

2018-04-20  Chris Dumez  <cdumez@apple.com>

        Use WindowProxy in DOMWindow.idl
        https://bugs.webkit.org/show_bug.cgi?id=184820

        Reviewed by Sam Weinig.

        Use WindowProxy in DOMWindow.idl to match the specification more closely.

        * bindings/js/JSWindowProxy.h:
        * bindings/js/WindowProxy.cpp:
        (WebCore::WindowProxy::window const):
        * bindings/js/WindowProxy.h:
        * bindings/scripts/CodeGeneratorJS.pm:
        (NativeToJSValueDOMConvertNeedsState):
        * dom/Document.cpp:
        * dom/Document.h:
        * dom/Document.idl:
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::focus):
        (WebCore::DOMWindow::self const):
        (WebCore::DOMWindow::opener const):
        (WebCore::DOMWindow::parent const):
        (WebCore::DOMWindow::top const):
        (WebCore::DOMWindow::open):
        * page/DOMWindow.h:
        * page/DOMWindow.idl:
        * testing/Internals.cpp:
        (WebCore::Internals::openDummyInspectorFrontend):
        * testing/Internals.h:
        * testing/Internals.idl:

2018-04-20  Chris Dumez  <cdumez@apple.com>

        Update cross-origin SecurityError messages to not include the target origin
        https://bugs.webkit.org/show_bug.cgi?id=184803
        <rdar://problem/39547724>

        Reviewed by Sam Weinig.

        No new tests, rebaselined existing tests.

        * bindings/js/JSDOMBindingSecurity.cpp:
        (WebCore::canAccessDocument):
        (WebCore::BindingSecurity::shouldAllowAccessToFrame):
        (WebCore::BindingSecurity::shouldAllowAccessToDOMWindow):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::crossDomainAccessErrorMessage):
        (WebCore::DOMWindow::isInsecureScriptAccess):
        * page/DOMWindow.h:
        * page/Location.cpp:
        (WebCore::Location::reload):

2018-04-20  Chris Nardi  <cnardi@chromium.org>

        Update HSL/HSLA parsing to match CSS Color 4
        https://bugs.webkit.org/show_bug.cgi?id=180528
        <rdar://problem/35926675>

        CSS Color 4 specifies a comma optional syntax for HSL/HSLA, as well as allowing angle values for the
        hue and percent alpha values. Update our parsing to match this.

        Reviewed by Simon Fraser.

        This change also updates the import of WPT css-color to test the changes.

        Tests: LayoutTests/imported/w3c/web-platform-tests/css/css-color/hsl{a}-{001-008}.html

        * css/parser/CSSPropertyParserHelpers.cpp:
        (WebCore::CSSPropertyParserHelpers::parseHSLParameters):
        (WebCore::CSSPropertyParserHelpers::parseColorFunction):
        (WebCore::CSSPropertyParserHelpers::consumeColor):
        * platform/graphics/Color.cpp:
        (WebCore::calcHue):
        (WebCore::makeRGBAFromHSLA):

2018-04-20  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Extra zoom mode] Injected bundle form client should be notified when editing text fields
        https://bugs.webkit.org/show_bug.cgi?id=184822
        <rdar://problem/38807319>

        Reviewed by Tim Horton.

        Export the constructor and destructor of UserTypingGestureIndicator for use in WebKit (see WebPage.cpp).

        Test: fast/forms/extrazoom/edit-text-field-calls-injected-bundle.html

        * dom/UserTypingGestureIndicator.h:

2018-04-18  Jer Noble  <jer.noble@apple.com>

        Don't put build products into WK_ALTERNATE_WEBKIT_SDK_PATH for engineering builds
        https://bugs.webkit.org/show_bug.cgi?id=184762

        Reviewed by Dan Bernstein.

        * Configurations/WebCore.xcconfig:
        * WebCore.xcodeproj/project.pbxproj:

2018-04-20  Daniel Bates  <dabates@apple.com>

        Remove code for compilers that did not support NSDMI for aggregates
        https://bugs.webkit.org/show_bug.cgi?id=184599

        Reviewed by Per Arne Vollan.

        Remove workaround for earlier Visual Studio versions that did not support non-static data
        member initializers (NSDMI) for aggregates. We have since updated all the build.webkit.org
        and EWS bots to a newer version that supports this feature.

        * Modules/cache/CacheQueryOptions.h:
        (WebCore::CacheQueryOptions::CacheQueryOptions): Deleted.
        * dom/Node.h:
        (WebCore::Node::InsertionType::InsertionType): Deleted.
        (WebCore::Node::RemovalType::RemovalType): Deleted.
        * html/canvas/CanvasStyle.h:
        (WebCore::CanvasStyle::CMYKAColor::CMYKAColor): Deleted.
        * page/EventHandler.h:
        (WebCore::EventHandler::DragTargetResponse::DragTargetResponse): Deleted.
        * page/animation/CSSAnimationController.h:
        (WebCore::AnimationUpdate::AnimationUpdate): Deleted.
        * platform/graphics/FontSelectionAlgorithm.h:
        (WebCore::FontSelectionRequest::tied const):
        (WebCore::FontSelectionRequest::FontSelectionRequest): Deleted.
        (WebCore::FontSelectionCapabilities::FontSelectionCapabilities): Deleted.
        * platform/mediastream/IceCandidate.h:
        (WebCore::IceCandidate::IceCandidate): Deleted.
        * platform/text/StringWithDirection.h:
        (WebCore::StringWithDirection::StringWithDirection): Deleted.
        * rendering/MarkedText.h:
        (WebCore::MarkedText::MarkedText): Deleted.
        * style/StyleUpdate.h:
        (WebCore::Style::ElementUpdate::ElementUpdate): Deleted.
        (WebCore::Style::ElementUpdates::ElementUpdates): Deleted.
        (WebCore::Style::TextUpdate::TextUpdate): Deleted.

2018-04-20  Youenn Fablet  <youenn@apple.com>

        WebPage sometimes incorrectly rules out PDF as a mime type that can be showed
        https://bugs.webkit.org/show_bug.cgi?id=184369

        Reviewed by Chris Dumez.

        WebPage does need to check for plugins at reception of the response.
        In that case, the page URL is the URL from which we are navigating out.
        Add plugin API to check for plugin availability with an extra URL parameter to cover that case.

        Covered by API test.

        * plugins/PluginData.cpp:
        (WebCore::PluginData::supportsWebVisibleMimeTypeForURL const):
        (WebCore::PluginData::supportsWebVisibleMimeType const):
        * plugins/PluginData.h:

2018-04-20  Daniel Bates  <dabates@apple.com>

        Remove Strong Password decoration when text field type changes
        https://bugs.webkit.org/show_bug.cgi?id=184795
        <rdar://problem/38325108>

        Reviewed by Antti Koivisto.

        Remove the Strong Password decoration when the text field's type changes to avoid interfering
        with web sites that allow a person to show/hide their password.

        Test: fast/forms/auto-fill-button/hide-strong-password-when-field-type-changes.html

        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::updateType):

2018-04-20  Javier Fernandez  <jfernandez@igalia.com>

        Update Alignment shorthands to the spec now that they are not ambiguous
        https://bugs.webkit.org/show_bug.cgi?id=184812

        Reviewed by Antti Koivisto.

        Now that the issue [1] about the syntax ambiguity has been resolved we
        don't need to use the custom syntax anymore. The Alignment shorthands
        use now the simple syntax, defined based on the longhands' syntax.

        Since we allow all the values valid for each longhand, we'll update
        in this CL the corresponding web platform tests. Additionally, this CL
        updates also the shorthand serialization tests [2], which didn't
        consider the new value 'legacy' for justify-items (and place-items) due
        to the bug [3] Firefox still has pending to be fixed.

        [1] https://github.com/w3c/csswg-drafts/issues/1001
        [2] css/css-align/default-alignment/shorthand-serialization-001.html
        [3] https://bugzilla.mozilla.org/show_bug.cgi?id=1363875

        Tests: imported/w3c/web-platform-tests/css/css-align/default-alignment/shorthand-serialization-001.html
               imported/w3c/web-platform-tests/css/css-align/gaps/gap-normal-computed-001.html
               imported/w3c/web-platform-tests/css/css-align/gaps/gap-normal-used-001.html
               imported/w3c/web-platform-tests/css/css-align/gaps/gap-normal-used-002.html

        * css/parser/CSSPropertyParser.cpp:
        (WebCore::CSSPropertyParser::consumePlaceContentShorthand): Using the justify-content and align-content parsing logic to parse the shorthand.
        (WebCore::CSSPropertyParser::consumePlaceItemsShorthand): Using the justify-items and align-items parsing logic to parse the shorthand.
        (WebCore::CSSPropertyParser::consumePlaceSelfShorthand): Using the justify-self and align-self parsing logic to parse the shorthand.

2018-04-20  Daniel Bates  <dabates@apple.com>

        Unreviewed, rolling out r230117.

        Broke find-in-page for PDFs

        Reverted changeset:

        "ASSERTION FAILED: ASSERT(!containsImage ||
        MIMETypeRegistry::isSupportedImageResourceMIMEType([resource
        MIMEType])) in -[NSPasteboard(WebExtras)
        _web_writePromisedRTFDFromArchive:containsImage:]"
        https://bugs.webkit.org/show_bug.cgi?id=184161
        https://trac.webkit.org/changeset/230117

2018-04-20  Eric Carlson  <eric.carlson@apple.com>

        Pausing should clear m_waitingToEnterFullscreen
        https://bugs.webkit.org/show_bug.cgi?id=184831
        <rdar://problem/39602852>

        Reviewed by Jer Noble.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::pause): Clear m_waitingToEnterFullscreen

2018-04-20  Eric Carlson  <eric.carlson@apple.com>

        [Extra zoom mode] Disable CA transactions while setting up for fullscreen
        https://bugs.webkit.org/show_bug.cgi?id=184817
        <rdar://problem/39596075>

        Reviewed by Jer Noble.

        This was tested manually as it is not possible to write an automated test for this.

        * platform/ios/VideoFullscreenInterfaceAVKit.mm:
        (VideoFullscreenInterfaceAVKit::doSetup): Move the call to disable CA transactions outside
        of the EXTRA_ZOOM_MODE check, the [CATransaction commit] was already unguarded.

2018-04-20  Youenn Fablet  <youenn@apple.com>

        Make PluginData cache its web visible plugins
        https://bugs.webkit.org/show_bug.cgi?id=184421

        Reviewed by Chris Dumez.

        Buffer visible plugins until the page URL changes.
        For that purpose, we now cache the visible plugins and the URL it was computed from in PluginData.

        Update plugin info provider API to pass the URL used to check for plugin visibility.

        No observable change of behavior.

        * loader/EmptyClients.cpp:
        * plugins/PluginData.cpp:
        (WebCore::PluginData::webVisiblePlugins const):
        (WebCore::PluginData::publiclyVisiblePlugins const):
        (WebCore::PluginData::supportsMimeType const):
        * plugins/PluginData.h:
        * plugins/PluginInfoProvider.h:

2018-04-20  Chris Dumez  <cdumez@apple.com>

        Unreviewed build fix after r230840.

        * bindings/js/JSWindowProxy.cpp:
        (WebCore::JSWindowProxy::attachDebugger):

2018-04-20  Chris Dumez  <cdumez@apple.com>

        Unreviewed attempt to fix the Windows build after r230831.

        * bindings/js/JSWindowProxy.cpp:
        (WebCore::JSWindowProxy::create):
        (WebCore::JSWindowProxy::attachDebugger):

2018-04-20  Chris Nardi  <cnardi@chromium.org>

        Omit default value when serializing font-feature-settings
        https://bugs.webkit.org/show_bug.cgi?id=182382

        Reviewed by Myles C. Maxfield.

        According to the shortest-serialization principle [1], values should be omitted if their omission
        wouldn't change the value of reparsing. As "1"/"on" is the default value for font-feature-settings,
        omit this when serializing, matching the behavior of Firefox and Chrome.

        [1]: https://github.com/w3c/csswg-drafts/issues/1564

        Updated css3/font-feature-settings-parsing.html, fast/css/inherited-properties-rare-text.html,
        and fast/text/font-face-javascript.html.

        * css/CSSFontFeatureValue.cpp:
        (WebCore::CSSFontFeatureValue::customCSSText const):

2018-04-19  Alexey Proskuryakov  <ap@apple.com>

        More WK_ALTERNATE_FRAMEWORKS_DIR adoption in WebCore
        https://bugs.webkit.org/show_bug.cgi?id=184805

        Reviewed by Dan Bernstein.

        * Configurations/WebCoreTestShim.xcconfig:
        * Configurations/WebCoreTestSupport.xcconfig:

2018-04-19  Brady Eidson  <beidson@apple.com>

        Make back forward cache work with process swapping.
        <rdar://problem/38676604> and https://bugs.webkit.org/show_bug.cgi?id=184793

        Reviewed by Chris Dumez.

        Covered by API tests.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadWithNavigationAction):
        (WebCore::FrameLoader::load):
        (WebCore::FrameLoader::loadWithDocumentLoader):
        (WebCore::FrameLoader::reloadWithOverrideEncoding):
        (WebCore::FrameLoader::reload):
        (WebCore::FrameLoader::commitProvisionalLoad):
        (WebCore::FrameLoader::loadDifferentDocumentItem):
        * loader/FrameLoader.h:

2018-04-19  Chris Dumez  <cdumez@apple.com>

        Rename JSDOMWindowProxy to JSWindowProxy
        https://bugs.webkit.org/show_bug.cgi?id=184797

        Reviewed by Sam Weinig.

        Rename JSDOMWindowProxy to JSWindowProxy for consistency with WindowProxy.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/IDLTypes.h:
        * bindings/js/JSBindingsAllInOne.cpp:
        * bindings/js/JSDOMConvertWindowProxy.h:
        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::JSDOMWindowBase::JSDOMWindowBase):
        (WebCore::JSDOMWindowBase::finishCreation):
        (WebCore::JSDOMWindowBase::proxy const):
        (WebCore::toJSDOMWindow):
        * bindings/js/JSDOMWindowBase.h:
        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::JSDOMWindow::toWrapped):
        * bindings/js/JSEventTargetCustom.cpp:
        (WebCore::JSEventTarget::toWrapped):
        * bindings/js/JSRemoteDOMWindowBase.cpp:
        (WebCore::JSRemoteDOMWindowBase::JSRemoteDOMWindowBase):
        (WebCore::toJSRemoteDOMWindow):
        * bindings/js/JSRemoteDOMWindowBase.h:
        * bindings/js/JSWindowProxy.cpp: Renamed from Source/WebCore/bindings/js/JSDOMWindowProxy.cpp.
        (WebCore::JSWindowProxy::JSWindowProxy):
        (WebCore::JSWindowProxy::finishCreation):
        (WebCore::JSWindowProxy::create):
        (WebCore::JSWindowProxy::destroy):
        (WebCore::JSWindowProxy::setWindow):
        (WebCore::JSWindowProxy::attachDebugger):
        (WebCore::JSWindowProxy::wrapped const):
        (WebCore::JSWindowProxy::toWrapped):
        (WebCore::toJS):
        (WebCore::toJSWindowProxy):
        * bindings/js/JSWindowProxy.h: Renamed from Source/WebCore/bindings/js/JSDOMWindowProxy.h.
        (WebCore::toJS):
        (WebCore::toJSWindowProxy):
        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::initScriptForWindowProxy):
        * bindings/js/ScriptController.h:
        * bindings/js/WindowProxy.cpp:
        (WebCore::WindowProxy::createJSWindowProxy):
        (WebCore::WindowProxy::jsWindowProxiesAsVector const):
        (WebCore::WindowProxy::createJSWindowProxyWithInitializedScript):
        * bindings/js/WindowProxy.h:
        (WebCore::WindowProxy::jsWindowProxy):
        (WebCore::WindowProxy::existingJSWindowProxy const):
        * bindings/scripts/CodeGeneratorJS.pm:
        (AddToIncludesForIDLType):
        (GenerateHeader):
        (GenerateOverloadDispatcher):
        (GenerateImplementation):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethodOverloadDispatcher):
        * page/Frame.cpp:
        * page/csp/ContentSecurityPolicy.cpp:
        (WebCore::ContentSecurityPolicy::didCreateWindowProxy const):
        * page/csp/ContentSecurityPolicy.h:

2018-04-19  Dirk Schulze  <krit@webbkit.org>

        Introduce SVGGeometryElement interface
        https://bugs.webkit.org/show_bug.cgi?id=184768

        Reviewed by Antti Koivisto.

        Start implementing SVGGeometryElement interface from SVG2.
        https://svgwg.org/svg2-draft/types.html#InterfaceSVGGeometryElement

        Start with SVGPathElement only for now. Also, just inferface gets implemented
        by this patch. No new functionality like isPointInFill yet.
        Fix getPointAtLength and make it more restrictive. This follows the spec and
        all other implementations.

        Added additional test scenarios to existing tests.

        * CMakeLists.txt:
        * DerivedSources.make:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/scripts/CodeGeneratorJS.pm:
        (GetGnuVTableOffsetForType):
        * svg/SVGAllInOne.cpp:
        * svg/SVGGeometryElement.cpp: Added.
        (WebCore::SVGGeometryElement::SVGGeometryElement):
        (WebCore::SVGGeometryElement::isSupportedAttribute):
        (WebCore::SVGGeometryElement::parseAttribute):
        (WebCore::SVGGeometryElement::svgAttributeChanged):
        (WebCore::SVGGeometryElement::createElementRenderer):
        * svg/SVGGeometryElement.h: Added.
        * svg/SVGGeometryElement.idl: Added.
        * svg/SVGGradientElement.cpp:
        * svg/SVGPathElement.cpp:
        (WebCore::SVGPathElement::SVGPathElement):
        (WebCore::SVGPathElement::parseAttribute):
        (WebCore::SVGPathElement::svgAttributeChanged):
        (WebCore::SVGPathElement::insertedIntoAncestor):
        (WebCore::SVGPathElement::removedFromAncestor):
        * svg/SVGPathElement.h:
        * svg/SVGPathElement.idl:

2018-04-19  Tadeu Zagallo  <tzagallo@apple.com>

        REGRESSION(r227340): ArrayBuffers were not being serialized when sent via MessagePorts
        https://bugs.webkit.org/show_bug.cgi?id=184254
        <rdar://problem/39140200>

        Reviewed by Daniel Bates.

        Add a new encoding method to SerializedScriptValue that includes ArrayBuffers.

        Test: workers/message-port.html

        * bindings/js/SerializedScriptValue.h:
        (WebCore::SerializedScriptValue::encode const):
        (WebCore::SerializedScriptValue::decode):
        * dom/messageports/MessageWithMessagePorts.h:
        (WebCore::MessageWithMessagePorts::encode const):
        (WebCore::MessageWithMessagePorts::decode):

2018-04-19  David Kilzer  <ddkilzer@apple.com>

        Enable Objective-C weak references
        <https://webkit.org/b/184789>
        <rdar://problem/39571716>

        Reviewed by Dan Bernstein.

        * Configurations/Base.xcconfig:
        (CLANG_ENABLE_OBJC_WEAK): Enable.

2018-04-19  Antti Koivisto  <antti@apple.com>

        Don't use RenderTreeBuilder::current() in RenderTreeUpdater
        https://bugs.webkit.org/show_bug.cgi?id=184794

        Reviewed by Zalan Bujtas.

        Pass the builder as a parameter where needed.

        * rendering/updating/RenderTreeUpdater.cpp:
        (WebCore::RenderTreeUpdater::updateElementRenderer):
        (WebCore::RenderTreeUpdater::updateTextRenderer):
        (WebCore::RenderTreeUpdater::tearDownRenderers):
        (WebCore::RenderTreeUpdater::tearDownRenderer):
        (WebCore::RenderTreeUpdater::tearDownTextRenderer):
        (WebCore::RenderTreeUpdater::tearDownLeftoverPaginationRenderersIfNeeded):
        (WebCore::RenderTreeUpdater::tearDownLeftoverShadowHostChildren):
        * rendering/updating/RenderTreeUpdater.h:
        * rendering/updating/RenderTreeUpdaterGeneratedContent.cpp:
        (WebCore::RenderTreeUpdater::GeneratedContent::updatePseudoElement):
        (WebCore::RenderTreeUpdater::GeneratedContent::removeBeforePseudoElement):
        (WebCore::RenderTreeUpdater::GeneratedContent::removeAfterPseudoElement):
        * rendering/updating/RenderTreeUpdaterGeneratedContent.h:

2018-04-19  Eric Carlson  <eric.carlson@apple.com>

        Runtime logging during GC can cause crash
        https://bugs.webkit.org/show_bug.cgi?id=184792
        <rdar://problem/39567927>

        Reviewed by Jer Noble.

        Test: media/destructor-logging-crash.html

        * dom/Document.cpp:
        (WebCore::Document::~Document): Clear the logger observer immediately so anything logged
        as a side effect of the destructor won't cause a problem.
        (WebCore::Document::didLogMessage): Create the ConsoleMessage in a task.
        * dom/Document.h:

2018-04-19  Youenn Fablet  <youenn@apple.com>

        Web Inspector backend should get headers & cookies from network process separately from resource requests
        https://bugs.webkit.org/show_bug.cgi?id=184396
        <rdar://problem/38877384>

        Reviewed by Brian Burg.

        Add two new loader strategies to get response and network metrics directly from
        NetworkProcess based on resource loader identifier.
        Use these methods in InspectorNetworkAgent when response/metrics might be filtered.

        Covered by existing tests, in particular http/tests/inspector/network/fetch-network-data.html which would fail
        without this since we are now setting the sourceOrigin for NetworkResourceLoader, which is used to sanitize response headers.

        * inspector/agents/InspectorNetworkAgent.cpp:
        (WebCore::InspectorNetworkAgent::didReceiveResponse):
        (WebCore::InspectorNetworkAgent::didFinishLoading):
        * loader/LoaderStrategy.cpp:
        (WebCore::LoaderStrategy::responseFromResourceLoaIdentifier):
        (WebCore::LoaderStrategy::networkMetricsFromResourceLoaIdentifier):
        * loader/LoaderStrategy.h:

2018-04-19  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Extra zoom mode] Add a mechanism to extend the height of the layout viewport in extra zoom mode
        https://bugs.webkit.org/show_bug.cgi?id=184782
        <rdar://problem/38346712>

        Reviewed by Tim Horton.

        Add a new helper on FrameView to compute an expanded layout viewport size, as well as a new setting for the
        height expansion factor when computing visual viewport dimensions. See WebKit/ChangeLog for more detail.

        Test: fast/visual-viewport/extrazoom/layout-viewport-after-scrolling-and-resizing.html

        * page/FrameView.cpp:
        (WebCore::FrameView::expandedLayoutViewportSize):
        * page/FrameView.h:
        * page/Settings.yaml:

2018-04-19  Chris Dumez  <cdumez@apple.com>

        REGRESSION (r229133): decidePolicyForNavigationAction not called for loading an HTML string
        https://bugs.webkit.org/show_bug.cgi?id=184209
        <rdar://problem/39145306>

        Reviewed by Ryosuke Niwa.

        In r229133, we stopped doing navigation policy checks for about:blank because about:blank
        loads need to happen synchronously for Web-compatibility. However, this regressed loading
        an HTML string in a WebView because in such cases, the URL is also about:blank with
        substitute data.

        In this patch, we take a more conservative approach and restore policy checking for
        'about:blank' but using synchronous IPC.

        * loader/PolicyChecker.cpp:
        (WebCore::PolicyChecker::checkNavigationPolicy):

2018-04-19  Chris Nardi  <cnardi@chromium.org>

        Support calc() in webkit-gradient and cross-fade
        https://bugs.webkit.org/show_bug.cgi?id=182225

        Reviewed by Simon Fraser.

        calc() was previously unsupported in webkit-gradient and webkit-cross-fade, but both should take calc() values.
        Update the code to support calc() values.

        Tests: LayoutTests/css3/calc/cross-fade-calc.html
               LayoutTests/css3/calc/webkit-gradient-calc.html

        * css/parser/CSSPropertyParserHelpers.cpp:
        (WebCore::CSSPropertyParserHelpers::consumeDeprecatedGradientColorStop):
        (WebCore::CSSPropertyParserHelpers::consumeCrossFade):

2018-04-17  Filip Pizlo  <fpizlo@apple.com>

        The InternalFunction hierarchy should be in IsoSubspaces
        https://bugs.webkit.org/show_bug.cgi?id=184721

        Reviewed by Saam Barati.

        No new tests because no new behavior.

        * bindings/js/WebCoreJSClientData.cpp:
        (WebCore::JSVMClientData::JSVMClientData):
        * bindings/js/WebCoreJSClientData.h:
        (WebCore::JSVMClientData::runtimeMethodSpace):
        * bridge/runtime_method.cpp:
        (JSC::RuntimeMethod::subspaceForImpl):
        * bridge/runtime_method.h:

2018-04-19  Brady Eidson  <beidson@apple.com>

        Add globally-unique HistoryItem identifiers (and have WebKit2 adopt them).
        <rdar://problem/39533949> and https://bugs.webkit.org/show_bug.cgi?id=184750

        Reviewed by Ryosuke Niwa.

        No new tests (Refactor, no behavior change).

        In WebCore, we:
        - Add a process-unique "BackForwardItemIdentifier"
        - Make all HistoryItems have such an identifier as a member

        * WebCore.xcodeproj/project.pbxproj:

        * history/BackForwardItemIdentifier.h: Added.
        (WebCore::BackForwardItemIdentifier::logString const):
        (WebCore::operator==):
        (WebCore::BackForwardItemIdentifier::encode const):
        (WebCore::BackForwardItemIdentifier::decode):
        (WebCore::BackForwardItemIdentifier::hash const):
        (WTF::BackForwardItemIdentifierHash::hash):
        (WTF::BackForwardItemIdentifierHash::equal):
        (WTF::HashTraits<WebCore::BackForwardItemIdentifier>::emptyValue):
        (WTF::HashTraits<WebCore::BackForwardItemIdentifier>::constructDeletedValue):
        (WTF::HashTraits<WebCore::BackForwardItemIdentifier>::isDeletedValue):

        * history/HistoryItem.cpp:
        (WebCore::HistoryItem::generateSequenceNumber):
        (WebCore::HistoryItem::HistoryItem):
        (WebCore::generateSequenceNumber): Deleted.

        * history/HistoryItem.h:
        (WebCore::HistoryItem::create):
        (WebCore::HistoryItem::identifier const):

2018-04-19  Nan Wang  <n_wang@apple.com>

        AX: AOM: respect the accessibility setting for dispatching the accessible events
        https://bugs.webkit.org/show_bug.cgi?id=184619

        Reviewed by Ryosuke Niwa.

        Added accessibilityEventsEnabled as a setting on the page.

        Test: accessibility/ios-simulator/accessibility-events-setting.html

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::shouldDispatchAccessibilityEvent const):
        * page/Settings.yaml:
        * testing/InternalSettings.cpp:
        (WebCore::InternalSettings::Backup::Backup):
        (WebCore::InternalSettings::Backup::restoreTo):
        (WebCore::InternalSettings::setAccessibilityEventsEnabled):
        * testing/InternalSettings.h:
        * testing/InternalSettings.idl:

2018-04-18  Jer Noble  <jer.noble@apple.com>

        Fix build when WK_ALTERNATE_FRAMEWORKS_DIR is set to non-empty value
        https://bugs.webkit.org/show_bug.cgi?id=184693
        <rdar://problem/39491884>

        Reviewed by Tim Horton.

        * Configurations/WebCore.xcconfig:

2018-04-19  Eric Stobbart  <ericstobbart@gmail.com>

        Change MediaSource WebCore to return NewObject for SourceBuffers
        https://bugs.webkit.org/show_bug.cgi?id=184642

        Reviewed by Chris Dumez.

        Minor change inline with IDL documentation

        * Modules/mediasource/MediaSource.cpp:
        (WebCore::MediaSource::addSourceBuffer):
        (): Deleted.
        * Modules/mediasource/MediaSource.h:
        * Modules/mediasource/MediaSource.idl:

2018-04-19  Yusuke Suzuki  <utatane.tea@gmail.com>

        Unreviewed, build fix for Ubuntu LTS GCC
        https://bugs.webkit.org/show_bug.cgi?id=184756

        The variable name "windowProxy" (with auto&) conflicts with the function name "windowProxy".

        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::updateDocument):
        (WebCore::ScriptController::collectIsolatedContexts):

2018-04-19  Manuel Rego Casasnovas  <rego@igalia.com>

        Caret rendered at incorrect location inside empty table cell
        https://bugs.webkit.org/show_bug.cgi?id=85385

        Reviewed by Zalan Bujtas.

        This is based on a previous patch by Shezan Baig <shezbaig.wk@gmail.com>.

        This fixes the position of the caret in empty cells,
        that was painted lower than expected
        (and then modified when you start to edit the cell).

        Ensures that editable table cells have at least one line when
        they are laid out. This ensures that the cell's intrinsic before/after
        padding is calculated correctly, which results in the caret location
        being calculated correctly.

        Test: editing/caret/caret-in-empty-cell.html

        * rendering/RenderTableCell.cpp:
        (WebCore::RenderTableCell::hasLineIfEmpty): Override method to consider
        that it has an an empty line if the table cell is editable.
        * rendering/RenderTableCell.h:

2018-04-18  Daniel Bates  <dabates@apple.com>

        Cleanup TextControlInnerElements
        https://bugs.webkit.org/show_bug.cgi?id=184475

        Reviewed by Antti Koivisto.

        Clean up TextControlInnerElement::resolveCustomStyle(), move the implementation of
        TextControlPlaceholderElement::create() from the header to the cpp file, replace
        fancy comments to demarcate classes with MARK: so that they show up in Xcode's
        function menu.

        * html/shadow/TextControlInnerElements.cpp:
        (WebCore::TextControlInnerElement::resolveCustomStyle):
        (WebCore::TextControlPlaceholderElement::TextControlPlaceholderElement):
        (WebCore::TextControlPlaceholderElement::create):
        * html/shadow/TextControlInnerElements.h:

2018-04-18  Chris Dumez  <cdumez@apple.com>

        Rename WindowProxyController to WindowProxy
        https://bugs.webkit.org/show_bug.cgi?id=184756

        Reviewed by Sam Weinig.

        Rename WindowProxyController to WindowProxy for clarity. When the IDL uses WindowProxy, the implementation
        needed use WindowProxyController type, which was a bit confusing.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/DOMWrapperWorld.cpp:
        (WebCore::DOMWrapperWorld::~DOMWrapperWorld):
        (WebCore::DOMWrapperWorld::clearWrappers):
        * bindings/js/DOMWrapperWorld.h:
        (WebCore::DOMWrapperWorld::didCreateWindowProxy):
        (WebCore::DOMWrapperWorld::didDestroyWindowProxy):
        * bindings/js/JSBindingsAllInOne.cpp:
        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::toJS):
        * bindings/js/JSDOMWindowProxy.cpp:
        (WebCore::toJS):
        (WebCore::toJSDOMWindowProxy):
        * bindings/js/JSDOMWindowProxy.h:
        (WebCore::toJS):
        (WebCore::toJSDOMWindowProxy):
        * bindings/js/ScriptCachedFrameData.cpp:
        (WebCore::ScriptCachedFrameData::ScriptCachedFrameData):
        (WebCore::ScriptCachedFrameData::restore):
        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::evaluateInWorld):
        (WebCore::ScriptController::loadModuleScriptInWorld):
        (WebCore::ScriptController::linkAndEvaluateModuleScriptInWorld):
        (WebCore::ScriptController::evaluateModule):
        (WebCore::ScriptController::setupModuleScriptHandlers):
        (WebCore::ScriptController::windowProxy):
        (WebCore::ScriptController::enableEval):
        (WebCore::ScriptController::enableWebAssembly):
        (WebCore::ScriptController::disableEval):
        (WebCore::ScriptController::disableWebAssembly):
        (WebCore::ScriptController::updateDocument):
        (WebCore::ScriptController::collectIsolatedContexts):
        (WebCore::ScriptController::windowScriptNPObject):
        (WebCore::ScriptController::executeIfJavaScriptURL):
        * bindings/js/ScriptController.h:
        (WebCore::ScriptController::globalObject):
        * bindings/js/ScriptControllerMac.mm:
        (WebCore::ScriptController::windowScriptObject):
        * bindings/js/ScriptState.cpp:
        (WebCore::mainWorldExecState):
        * bindings/js/WindowProxy.cpp: Renamed from Source/WebCore/bindings/js/WindowProxyController.cpp.
        (WebCore::WindowProxy::WindowProxy):
        (WebCore::WindowProxy::~WindowProxy):
        (WebCore::WindowProxy::destroyJSWindowProxy):
        (WebCore::WindowProxy::createJSWindowProxy):
        (WebCore::WindowProxy::jsWindowProxiesAsVector const):
        (WebCore::WindowProxy::createJSWindowProxyWithInitializedScript):
        (WebCore::WindowProxy::clearJSWindowProxiesNotMatchingDOMWindow):
        (WebCore::WindowProxy::setDOMWindow):
        (WebCore::WindowProxy::attachDebugger):
        * bindings/js/WindowProxy.h: Renamed from Source/WebCore/bindings/js/WindowProxyController.h.
        (WebCore::WindowProxy::jsWindowProxies const):
        (WebCore::WindowProxy::releaseJSWindowProxies):
        (WebCore::WindowProxy::setJSWindowProxies):
        (WebCore::WindowProxy::jsWindowProxy):
        (WebCore::WindowProxy::existingJSWindowProxy const):
        (WebCore::WindowProxy::globalObject):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::clear):
        (WebCore::FrameLoader::dispatchDidClearWindowObjectInWorld):
        * page/AbstractFrame.cpp:
        (WebCore::AbstractFrame::AbstractFrame):
        * page/AbstractFrame.h:
        (WebCore::AbstractFrame::windowProxy):
        (WebCore::AbstractFrame::windowProxy const):
        * page/Page.cpp:
        (WebCore::Page::setDebugger):
        * page/RemoteDOMWindow.cpp:
        (WebCore::RemoteDOMWindow::self const):
        (WebCore::RemoteDOMWindow::top const):
        (WebCore::RemoteDOMWindow::opener const):
        (WebCore::RemoteDOMWindow::parent const):
        * page/RemoteDOMWindow.h:

2018-04-18  Chris Dumez  <cdumez@apple.com>

        Set RemoteDOMWindow's initial opener
        https://bugs.webkit.org/show_bug.cgi?id=184716

        Reviewed by Sam Weinig.

        Add support for WindowProxy type in the IDL. The implementation should
        return a WindowProxyController and toJS() will take care of converting
        this into a JSValue via JSDOMWindowProxy.

        No new tests, rebaselined existing test.

        * WebCore.xcodeproj/project.pbxproj:
        * bindings/IDLTypes.h:
        * bindings/js/JSDOMConvertWindowProxy.h: Added.
        (WebCore::JSConverter<IDLWindowProxy>::convert):
        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::toJS):
        * bindings/js/JSDOMWindowBase.h:
        (WebCore::toJS):
        * bindings/js/JSDOMWindowProxy.cpp:
        (WebCore::toJS):
        (WebCore::toJSDOMWindowProxy):
        * bindings/js/JSDOMWindowProxy.h:
        (WebCore::toJS):
        (WebCore::toJSDOMWindowProxy):
        * bindings/js/JSRemoteDOMWindowBase.cpp:
        * bindings/js/JSRemoteDOMWindowBase.h:
        * bindings/scripts/CodeGenerator.pm:
        (IsBuiltinType):
        * bindings/scripts/CodeGeneratorJS.pm:
        (AddToIncludesForIDLType):
        (GetBaseIDLType):
        * page/RemoteDOMWindow.cpp:
        (WebCore::RemoteDOMWindow::self const):
        (WebCore::RemoteDOMWindow::top const):
        (WebCore::RemoteDOMWindow::opener const):
        (WebCore::RemoteDOMWindow::parent const):
        * page/RemoteDOMWindow.h:
        * page/RemoteDOMWindow.idl:
        * page/RemoteFrame.h:

2018-04-18  Dean Jackson  <dino@apple.com>

        Detect system preview links
        https://bugs.webkit.org/show_bug.cgi?id=184753
        <rdar://problem/39500514>

        Reviewed by Antoine Quint.

        Detect a special type of link anchor, which we're calling System Previews.
        Ultimately this will allow WebKit to present such links in a special
        way.

        A System Preview link is an <a> element, with a rel attribute that
        includes "system-preview". It has a single element child, which is
        either an <img> or a <picture>.

        Test: system-preview/detection.html

        * html/HTMLAnchorElement.cpp:
        (WebCore::HTMLAnchorElement::relList): Add braces.
        (WebCore::HTMLAnchorElement::isSystemPreviewLink const): New
        function.
        * html/HTMLAnchorElement.h:

        * html/HTMLImageElement.cpp:
        (WebCore::HTMLImageElement::isSystemPreviewImage const): Ask the
        parent if it is a system preview link.
        * html/HTMLImageElement.h:
        * html/HTMLPictureElement.cpp:
        (WebCore::HTMLPictureElement::isSystemPreviewImage const): Ditto.
        * html/HTMLPictureElement.h:

        * testing/Internals.cpp: Testing helpers.
        (WebCore::Internals::systemPreviewRelType):
        (WebCore::Internals::isSystemPreviewLink const):
        (WebCore::Internals::isSystemPreviewImage const):
        * testing/Internals.h:
        * testing/Internals.idl:

2018-04-18  Antti Koivisto  <antti@apple.com>

        :active pseudo class doesn't deactivate when using pressure sensitive trackpad
        https://bugs.webkit.org/show_bug.cgi?id=181680

        Reviewed by Beth Dakin.

        Trackpad sends a mouse force event with force of zero after mouse up event. This causes the element under cursor
        activate again.

        Even a fake event test doesn't appear to be currently possible as TestRunner crashes if you try to send mouseForceChanged.
        All the tests using it are skipped.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::handleMouseForceEvent):

        Don't add HitTestRequest::Active if the force of the force event is zero.

2018-04-18  Megan Gardner  <megan_gardner@apple.com>

        Ensure correct screen sizes
        https://bugs.webkit.org/show_bug.cgi?id=184757
        
        Reviewed by Wenson Hsieh.
        
        Make sure that the screen sizes are actually correct.

        Not currently testable, will add tests when it is.

        * platform/ios/PlatformScreenIOS.mm:

2018-04-18  Nan Wang  <n_wang@apple.com>

        AX: [macOS] WebKit hangs when triggering an alert from an AOM increment event
        https://bugs.webkit.org/show_bug.cgi?id=184742

        Reviewed by Chris Fleizach.

        Made increment and decrement actions on the macOS to be async. So that VoiceOver
        won't hang indefinitely if performing the actions causes an alert or other modal
        behaviors.

        Test: accessibility/mac/async-increment-decrement-action.html

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper accessibilityPerformIncrementAction]):
        (-[WebAccessibilityObjectWrapper _accessibilityPerformIncrementAction]):
        (-[WebAccessibilityObjectWrapper accessibilityPerformDecrementAction]):
        (-[WebAccessibilityObjectWrapper _accessibilityPerformDecrementAction]):
        (-[WebAccessibilityObjectWrapper accessibilityPerformAction:]):

2018-04-18  Youenn Fablet  <youenn@apple.com>

        MediaResourceLoader should set its fetch destination
        https://bugs.webkit.org/show_bug.cgi?id=184746

        Reviewed by Eric Carlson.

        Covered by updated test.

        * loader/MediaResourceLoader.cpp:
        (WebCore::MediaResourceLoader::requestResource):

2018-04-18  Jer Noble  <jer.noble@apple.com>

        Fix runtime errors in simulator while playing media
        https://bugs.webkit.org/show_bug.cgi?id=184751

        Reviewed by Eric Carlson.

        AVURLAssetHTTPCookiesKey may not be present, and AVPlayer may not respond to certain methods.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayer):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::updateDisableExternalPlayback):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setShouldDisableSleep):

2018-04-18  Jer Noble  <jer.noble@apple.com>

        Ignore ASSERT when setting AVAudioSessionCategory returns an error on simulator.
        https://bugs.webkit.org/show_bug.cgi?id=184698

        Reviewed by Eric Carlson.

        * platform/audio/ios/AudioSessionIOS.mm:
        * platform/audio/mac/AudioSessionMac.cpp:

2018-04-18  Sihui Liu  <sihui_liu@apple.com>

        REGRESSION: Using the reload button while offline pushes identical pages onto the back/forward list
        https://bugs.webkit.org/show_bug.cgi?id=184570
        <rdar://problem/34807323>

        Reviewed by Chris Dumez.

        Set FrameLoadType properly when error occurs in reload.

        tests: Tools/TestWebKitAPI/Tests/WebKitCocoa/LoadAlternateHTMLString.mm

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::load):

2018-04-18  Chris Dumez  <cdumez@apple.com>

        Add support for converting a local window to a remote window
        https://bugs.webkit.org/show_bug.cgi?id=184515
        <rdar://problem/39011318>

        Reviewed by Ryosuke Niwa.

        Add initial support for process-swapping when navigating cross-origin as a result
        of a window.open(). The window object returned by window.open() is initially same
        origin and is for about:blank. The navigation cross-origin then happens and the
        JS wrappers for the window then point to a cross-origin window which is remote (i.e.
        hosted in another WebProcess).

        The RemoteDOMWindow exposed to JS looks like a regular cross-origin Window with a few
        exceptions due to our incomplete implementation (e.g. w.location returns null) and 
        most of its API is currently not functional. The RemoteDOMWindow API will be implemented
        in a follow-up by relying on IPC.

        Test: http/tests/navigation/process-swap-window-open.html

        * bindings/js/JSDOMGlobalObject.cpp:
        (WebCore::JSDOMGlobalObject::scriptExecutionContext const):
        * bindings/js/JSDOMPromiseDeferred.h:
        * bindings/js/JSDOMWindowProperties.cpp:
        (WebCore::JSDOMWindowProperties::getOwnPropertySlot):
        * bindings/js/JSDOMWindowProxy.cpp:
        (WebCore::JSDOMWindowProxy::finishCreation):
        (WebCore::JSDOMWindowProxy::create):
        * bindings/js/JSDOMWindowProxy.h:
        * bindings/js/JSDOMWrapper.cpp:
        (WebCore::JSDOMObject::JSDOMObject):
        * bindings/js/JSDOMWrapper.h:
        * bindings/js/WindowProxyController.cpp:
        (WebCore::WindowProxyController::createWindowProxy):
        (WebCore::WindowProxyController::setDOMWindowForWindowProxy):
        * bridge/objc/WebScriptObject.mm:
        (-[WebScriptObject _isSafeScript]):
        Teach more of our bindings code about RemoteDOMWindows.

        * dom/Document.cpp:
        (WebCore::Document::createDOMWindow):
        * loader/FrameLoaderClient.h:
        Add FrameLoaderClient function to notify the client when a DOMWindow is constructed in
        the frame. This is needed for WebKit2 to link the old window to its new representation
        in the new WebProcess.

2018-04-17  Zan Dobersek  <zdobersek@igalia.com>

        [CMake] Add and enable the ENABLE_CSS_ANIMATIONS_LEVEL_2 feature define
        https://bugs.webkit.org/show_bug.cgi?id=184681

        Reviewed by Carlos Garcia Campos.

        * Sources.txt: Include CSSAnimationTriggerScrollValue.cpp in the build.
        * WebCore.xcodeproj/project.pbxproj: Remove CSSAnimationTriggerScrollValue.cpp
        build target now that it's built via Sources.txt.

2018-04-17  Zan Dobersek  <zdobersek@igalia.com>

        [CoordGraphics] CoordinatedImageBacking can simplify image drawing
        https://bugs.webkit.org/show_bug.cgi?id=183986

        Reviewed by Michael Catanzaro.

        In CoordinatedImageBacking::update(), when drawing the image into a
        freshly-created image backing, we can avoid save-and-restoring the
        painting context. We also don't have to clip it, since the clipping area
        is the same as the image (and buffer) bounds. Since the buffer is
        initialized to transparent color, we can use the CompositeCopy operator
        to just copy image data into the destination since there's nothing to
        paint the source over.

        No new tests -- no change in functionality.

        * platform/graphics/texmap/coordinated/CoordinatedImageBacking.cpp:
        (WebCore::CoordinatedImageBacking::update):

2018-04-17  Michael Catanzaro  <mcatanzaro@igalia.com>

        [GTK] Webkit should spoof as Safari on a Mac for Outlook.com
        https://bugs.webkit.org/show_bug.cgi?id=184573

        Reviewed by Carlos Alberto Lopez Perez.

        Add quirk for outlook.live.com.

        * platform/UserAgentQuirks.cpp:
        (WebCore::urlRequiresMacintoshPlatform):

2018-04-17  Mark Lam  <mark.lam@apple.com>

        Templatize CodePtr/Refs/FunctionPtrs with PtrTags.
        https://bugs.webkit.org/show_bug.cgi?id=184702
        <rdar://problem/35391681>

        Reviewed by Filip Pizlo and Saam Barati.

        No new tests. This is covered by existing tests.

        * WebCore.xcodeproj/project.pbxproj:
        * css/ElementRuleCollector.cpp:
        (WebCore::ElementRuleCollector::ruleMatches):
        * cssjit/CSSPtrTag.h: Added.
        * cssjit/CompiledSelector.h:
        * cssjit/FunctionCall.h:
        (WebCore::FunctionCall::FunctionCall):
        (WebCore::FunctionCall::setFunctionAddress):
        (WebCore::FunctionCall::prepareAndCall):
        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::compileSelector):
        (WebCore::SelectorCompiler::SelectorFragment::appendUnoptimizedPseudoClassWithContext):
        (WebCore::SelectorCompiler::addPseudoClassType):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::compile):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementAttributeFunctionCallValueMatching):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementFunctionCallTest):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateContextFunctionCallTest):
        * cssjit/SelectorCompiler.h:
        (WebCore::SelectorCompiler::ruleCollectorSimpleSelectorCheckerFunction):
        (WebCore::SelectorCompiler::querySelectorSimpleSelectorCheckerFunction):
        (WebCore::SelectorCompiler::ruleCollectorSelectorCheckerFunctionWithCheckingContext):
        (WebCore::SelectorCompiler::querySelectorSelectorCheckerFunctionWithCheckingContext):
        * dom/SelectorQuery.cpp:
        (WebCore::SelectorDataList::executeCompiledSingleMultiSelectorData const):
        (WebCore::SelectorDataList::execute const):
        * dom/SelectorQuery.h:

2018-04-17  Tadeu Zagallo  <tzagallo@apple.com>

        Retain MessagePortChannel for transfer when disentangling ports
        https://bugs.webkit.org/show_bug.cgi?id=184502
        <rdar://problem/39372771>

        Reviewed by Geoffrey Garen.

        MessagePortChannels should be retained while ports are being transferred, but that was only
        happening when sending a port through another port, but not when sending it through a worker.

        Test: workers/worker-to-worker.html

        * dom/messageports/MessagePortChannel.cpp:
        (WebCore::MessagePortChannel::entanglePortWithProcess):
        (WebCore::MessagePortChannel::disentanglePort):
        (WebCore::MessagePortChannel::postMessageToRemote):
        (WebCore::MessagePortChannel::takeAllMessagesForPort):

2018-04-17  Tadeu Zagallo  <tzagallo@apple.com>

        References from CSSStyleDeclaration to CSSValues should be weak
        https://bugs.webkit.org/show_bug.cgi?id=180280
        <rdar://problem/35804869>

        Reviewed by Geoffrey Garen.

        No new tests - used the existing test to verify the leak

        * css/DeprecatedCSSOMValue.h:
        (WebCore::DeprecatedCSSOMValue::weakPtrFactory):
        * css/PropertySetCSSStyleDeclaration.cpp:
        (WebCore::PropertySetCSSStyleDeclaration::wrapForDeprecatedCSSOM):
        * css/PropertySetCSSStyleDeclaration.h:

2018-04-17  Jonathan Bedard  <jbedard@apple.com>

        Unreviewed rollout of r230632. Regression in memory usage.

        That bug tracked in https://bugs.webkit.org/show_bug.cgi?id=184569.

        Tests: animations/animation-internals-api-multiple-keyframes.html
               animations/animation-internals-api.html
               transitions/transition-drt-api-delay.html
               transitions/transition-drt-api.html

        * page/RuntimeEnabledFeatures.h:
        * testing/Internals.cpp:
        (WebCore::Internals::pseudoElement): Deleted.
        * testing/Internals.h:
        * testing/Internals.idl:

2018-04-17  Tadeu Zagallo  <tzagallo@apple.com>

        Do not unregister MessagePorts on deallocation if it has been disentangled
        https://bugs.webkit.org/show_bug.cgi?id=184285
        <rdar://problem/39256714>

        Reviewed by Darin Adler.

        Test: workers/message-port-gc.html

        * dom/MessagePort.cpp:
        (WebCore::MessagePort::deref const):

2018-04-17  Basuke Suzuki  <Basuke.Suzuki@sony.com>

        [Curl] Fix timing of reporting error to the client
        https://bugs.webkit.org/show_bug.cgi?id=184707

        Before checking the result code, check the status of callback invocation and
        do the right thing.

        Reviewed by Youenn Fablet.

        No new tests because there's no new behavior.

        * platform/network/curl/CurlRequest.cpp:
        (WebCore::CurlRequest::didCompleteTransfer):
        * platform/network/curl/CurlRequest.h:
        (WebCore::CurlRequest::needToInvokeDidReceiveResponse const):

2018-04-17  Basuke Suzuki  <Basuke.Suzuki@sony.com>

        [Curl] Export authentication information to be used by the client.
        https://bugs.webkit.org/show_bug.cgi?id=184709

        Just added getters for username and password member variables.

        Reviewed by Alex Christensen.

        No new tests because there's no new behavior.

        * platform/network/curl/CurlRequest.h:
        (WebCore::CurlRequest::user const):
        (WebCore::CurlRequest::password const):

2018-04-17  Chris Dumez  <cdumez@apple.com>

        REGRESSION (r229831): CMD-clicking an iCloud web app link unexpectedly opens that link in a new tab and the current tab
        https://bugs.webkit.org/show_bug.cgi?id=184678
        <rdar://problem/39422122>

        Reviewed by Alex Christensen.

        Frament navigations need to happen synchronously for Web-compatibility. Because of this,
        r225657 added code to make sure that if the client does not make the navigation policy
        decision synchronously for frament navigations, then we'll stop waiting for the client
        and proceed with the navigation. However, r229831 make the navigation policy decision
        IPC decision, meaning that even if the client responds synchronously, it would be
        asynchronously from WebCore's point of view. As a result, we would always ignore the
        client's policy decision when doing a fragment navigation.

        This is an issue on iclould.com because the web-app links are fragment URLs. When you
        CMD+click one of these link, we do the navigation policy check. As a result of this
        check, Safari responds IGNORE to the policy decision and instead decides to load the
        link in a new tab (because CMD key is pressed). Due to the bug mentioned above, we
        would not obey the IGNORE policy decision from Safari and load the link in the current
        tab, even though Safari would already be loading it in a new tab.

        To address the issue, I reintroduced a synchronous code path for navigation policy
        decision making, backed by synchronous IPC. This synchronous code path is now used for
        fragment navigations to restore pre-r229831 behavior. If the client does not answer
        synchronously, we'll proceed with the navigation anyway, as was happening pre-r229831.

        Test: http/tests/navigation/fragment-navigation-policy-ignore.html

        * loader/EmptyClients.cpp:
        (WebCore::EmptyFrameLoaderClient::dispatchDecidePolicyForNavigationAction):
        * loader/EmptyFrameLoaderClient.h:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadURL):
        (WebCore::FrameLoader::loadWithDocumentLoader):
        * loader/FrameLoaderClient.h:
        * loader/PolicyChecker.cpp:
        (WebCore::PolicyChecker::checkNavigationPolicy):
        * loader/PolicyChecker.h:

2018-04-17  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r230713.

        This caused internal build failures.

        Reverted changeset:

        "Implement checked cast for DDResultRef once
        DDResultGetTypeID() is available"
        https://bugs.webkit.org/show_bug.cgi?id=184554
        https://trac.webkit.org/changeset/230713

2018-04-17  Chris Dumez  <cdumez@apple.com>

        Add bindings code for RemoteDOMWindow
        https://bugs.webkit.org/show_bug.cgi?id=184653

        Reviewed by Ryosuke Niwa.

        Add bindings code for RemoteDOMWindow. A RemoteDOMWindow behaves exactly like a cross-origin
        DOMWindow, which is backed by a RemoteDOMWindow object instead of a DOMWindow one. Since
        a RemoteDOMWindow is always cross origin, we do not need cross-origin checks and the bindings
        code is identical to the DOMWindow code paths from cross-origin handling.

        No new tests, this code will be used and tested via Bug 184515.

        * CMakeLists.txt:
        * DerivedSources.make:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSBindingsAllInOne.cpp:
        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::jsDOMWindowGetOwnPropertySlotRestrictedAccess):
        (WebCore::JSDOMWindow::getOwnPropertySlot):
        (WebCore::JSDOMWindow::getOwnPropertySlotByIndex):
        (WebCore::addCrossOriginWindowOwnPropertyNames):
        * bindings/js/JSDOMWindowCustom.h:

        * bindings/js/JSRemoteDOMWindowBase.cpp: Added.
        (WebCore::JSRemoteDOMWindowBase::JSRemoteDOMWindowBase):
        (WebCore::JSRemoteDOMWindowBase::destroy):
        (WebCore::JSRemoteDOMWindowBase::javaScriptRuntimeFlags):
        (WebCore::toJS):
        (WebCore::toJSRemoteDOMWindow):
        * bindings/js/JSRemoteDOMWindowBase.h: Added.
        JSRemoteDOMWindow unfortunately currently needs to be a global object because of:
        1. a JSProxy's target needs to be a JSGlobalObject currently
        2. The 'structure()->setGlobalObject(vm, &window);' call in
           JSDOMWindowProxy::setWindow(VM&, JSDOMGlobalObject&) which requires a JSGlobalObject.
        Ideally, this wouldn't be the case in the future but this would require some code refactoring.
        Our DOM global objects normally subclass JSDOMGlobalObject so I decided to subclass JSDOMGlobalObject,
        which brings some things our bindings code expect. However, subclassing JSDOMGlobalObject directly is
        problematic because it does not hold the m_wrapped implementation pointer. To address this issue, all
        our our DOM global objects have a JS*Base base class which subclasses JSDOMGlobalObject and stores the
        m_wrapped implementation pointer. I followed the same pattern here.

        (WebCore::toJS):
        * bindings/js/JSRemoteDOMWindowCustom.cpp: Added.
        (WebCore::JSRemoteDOMWindow::getOwnPropertySlot):
        (WebCore::JSRemoteDOMWindow::getOwnPropertySlotByIndex):
        (WebCore::JSRemoteDOMWindow::put):
        (WebCore::JSRemoteDOMWindow::putByIndex):
        (WebCore::JSRemoteDOMWindow::deleteProperty):
        (WebCore::JSRemoteDOMWindow::deletePropertyByIndex):
        (WebCore::JSRemoteDOMWindow::getOwnPropertyNames):
        (WebCore::JSRemoteDOMWindow::defineOwnProperty):
        (WebCore::JSRemoteDOMWindow::getPrototype):
        (WebCore::JSRemoteDOMWindow::preventExtensions):
        (WebCore::JSRemoteDOMWindow::toStringName):
        * bindings/scripts/CodeGeneratorJS.pm:
        (IsDOMGlobalObject):
        (GenerateHeader):
        (GenerateOverloadDispatcher):
        (GenerateImplementation):
        * page/RemoteDOMWindow.idl: Added.

2018-04-17  David Kilzer  <ddkilzer@apple.com>

        Implement checked cast for DDResultRef once DDResultGetTypeID() is available
        <https://webkit.org/b/184554>
        <rdar://problem/36241894>

        Reviewed by Brent Fulgham.

        * editing/cocoa/DataDetection.mm:
        (WebCore::detectItemAtPositionWithRange): Implement checked cast
        for DDResultRef.

2018-04-17  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Animated GIF imagery with finite looping are falling one loop short
        https://bugs.webkit.org/show_bug.cgi?id=183153

        Reviewed by Simon Fraser.

        The Netscape Looping Application Extension is a block which may be added
        to a GIF file to tell the viewer to loop through the entire GIF frames.
        This is communicated through two bytes designated for the "loopCount" in
        this block.

        The entire block may not be found in the GIF, in which case the GIF is 
        supposed to animate its entire frames only once.

        If the block exists and loopCount = 0, this means the image has to loop
        through its frames indefinitely.

        If the block exist and loopCount > 0, this should mean the image has to
        loop through its frames loopCount + 1 times. The extra loop seems to be
        the consensus among most of the GIF generators and viewers. For example,
        if the image designer wants the image to loop through its frames n times:
        -- The GIF generator (e.g. Adobe Photoshop and https://ezgif.com/maker) 
           will write n - 1 for loopCount. However http://gifmaker.me and 
           http://gifmaker.org write n for loopCount.
        -- The browser (e.g. Chrome 65.0.3325 181 and FireFox Quantum 59.0.2) will
           translate loopCount = n - 1 to: animate GIF once + loop n - 1, which 
           means loop the GIF n times.

        Because the specs are not really clear about this, we are going to consider
        the agreed-upon behavior among most of the web browsers the specs here.

        * platform/graphics/cg/ImageDecoderCG.cpp:
        (WebCore::ImageDecoderCG::repetitionCount const):
        * platform/image-decoders/gif/GIFImageDecoder.cpp:
        (WebCore::GIFImageDecoder::repetitionCount const):

2018-04-17  Saam Barati  <sbarati@apple.com>

        Add system trace points for process launch and for initializeWebProcess
        https://bugs.webkit.org/show_bug.cgi?id=184669

        Reviewed by Simon Fraser.

        No testing needed because there is no new functionality here.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::provisionalLoadStarted):
        (WebCore::FrameLoader::checkLoadCompleteForThisFrame):
        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::willSendRequestInternal):
        (WebCore::SubresourceLoader::didFinishLoading):
        (WebCore::SubresourceLoader::didFail):
        (WebCore::SubresourceLoader::didCancel):

2018-04-17  Eric Carlson  <eric.carlson@apple.com>

        [iOS] AirPlay device name is sometimes wrong
        https://bugs.webkit.org/show_bug.cgi?id=184543
        <rdar://problem/39105498>

        Reviewed by Jer Noble.

        No new tests, this can only be tested with a specific hardware setup.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::exernalDeviceDisplayNameForPlayer): Get the device name from the AVOutputContext
        when possible.

2018-04-17  Carlos Alberto Lopez Perez  <clopez@igalia.com>

        [GTK] Build fix after r230529 (WaylandCompositorDisplay leaks its wl_display)
        https://bugs.webkit.org/show_bug.cgi?id=184406

        Rubber-stamped by Michael Catanzaro.

        Fix build with clang 3.8

        No new tests, it is a build fix.

        * platform/graphics/wayland/PlatformDisplayWayland.cpp:
        (WebCore::PlatformDisplayWayland::create):

2018-04-16  Antoine Quint  <graouts@apple.com>

        Layout Test animations/needs-layout.html is a flaky Image Failure.
        https://bugs.webkit.org/show_bug.cgi?id=172397

        Reviewed by Dean Jackson.

        Animations that animate a transform and uses a relative value for either the x or y components
        require a layout before starting, which CSSAnimationController would perform in the call to
        CSSAnimationControllerPrivate::animationTimerFired() made immediately after a CSS animation was
        created.

        We now perform a similar task where upon setting new blending keyframes we compute a flag indicating
        if the keyframe effect is animating a transform with relative x or y components. Then, when we perform
        the first invalidation task, which runs in the next run loop after a change to the timing model has
        been made, such as a call to play() on a CSSAnimation made in the TreeResolver::createAnimatedElementUpdate()
        where the CSSAnimation was created, we call forceLayout() on this element's FrameView. We also ensure
        we commit animations on the compositor immediately after that too, instead of waiting until the next
        DisplayRefreshMonitor callback.

        * animation/DocumentTimeline.cpp:
        (WebCore::DocumentTimeline::performInvalidationTask):
        (WebCore::DocumentTimeline::updateAnimations):
        * animation/KeyframeEffectReadOnly.cpp:
        (WebCore::KeyframeEffectReadOnly::forceLayoutIfNeeded):
        (WebCore::KeyframeEffectReadOnly::setBlendingKeyframes):
        (WebCore::KeyframeEffectReadOnly::computedNeedsForcedLayout):
        (WebCore::KeyframeEffectReadOnly::applyPendingAcceleratedActions):
        * animation/KeyframeEffectReadOnly.h:

2018-04-16  Pablo Saavedra  <psaavedra@igalia.com>

        Inconsistent EGL defines in ImageBufferCairo
        https://bugs.webkit.org/show_bug.cgi?id=184661

        Reviewed by Žan Doberšek.

        On revision r219391 libepoxy is added. The headers in
        ImageBufferCairo.cpp become inconsistent when 2D canvas is enabled
        (-DENABLE_ACCELERATED_2D_CANVAS=ON) due to a redefinition error during
        the Webkit build:

            ...
            /usr/include/GLES2/gl2.h:503:82: error: 'voi
            epoxy_glAttachShader(GLuint, GLuint)' redeclared as different kind
            of symbol
            GL_APICALL void         GL_APIENTRY glAttachShader (GLuint
            program, GLuint shader);

        No new tests.

        * platform/graphics/cairo/ImageBufferCairo.cpp:

2018-04-16  Filip Pizlo  <fpizlo@apple.com>

        MutationObserver should be in an IsoHeap
        https://bugs.webkit.org/show_bug.cgi?id=184671
        <rdar://problem/36081981>

        Reviewed by Sam Weinig.

        No new tests because no new behavior.

        * dom/MutationObserver.cpp:
        * dom/MutationObserver.h:

2018-04-16  Youenn Fablet  <youenn@apple.com>

        Use NetworkLoadChecker to handle synchronous HTTP loads
        https://bugs.webkit.org/show_bug.cgi?id=184240

        Reviewed by Chris Dumez.

        Update LoaderStrategy::loadResourceSynchronously to pass FetchOptions directly.
        Update various call sites accordingly. This allows NetworkProcess to do all necessary checks.
        Add an option to disable security checks if NetworkProcess does it for WebProcess.
        This option will be also used for regular asynchronous loads in future patches.

        Update DocumentThreadableLoader to bypass preflighting and response validation checks in case they are done in NetworkProcess.

        Covered by existing and rebased tests.

        * loader/CrossOriginPreflightChecker.cpp:
        (WebCore::CrossOriginPreflightChecker::doPreflight):
        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::DocumentThreadableLoader):
        (WebCore::DocumentThreadableLoader::loadRequest):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadResourceSynchronously):
        * loader/FrameLoader.h:
        * loader/LoaderStrategy.h:
        * xml/XSLTProcessorLibxslt.cpp:
        (WebCore::docLoaderFunc):
        * xml/parser/XMLDocumentParserLibxml2.cpp:
        (WebCore::openFunc):

2018-04-16  Christopher Reid  <chris.reid@sony.com>

        [WinCairo] Media elements should be enabled by default
        https://bugs.webkit.org/show_bug.cgi?id=184597

        Reviewed by Per Arne Vollan.

        Enabling media elements by default with media foundation.

        * page/SettingsDefaultValues.h:

2018-04-16  Christopher Reid  <chris.reid@sony.com>

        [Curl] Add the Accept-Language field to curl request headers
        https://bugs.webkit.org/show_bug.cgi?id=184605

        Reviewed by Alex Christensen.

        Add Accept-Language field to curl request headers

        * platform/network/curl/CurlRequest.cpp:
        * platform/network/curl/CurlRequest.h:

2018-04-16  Chris Dumez  <cdumez@apple.com>

        Move more WindowProxy-related logic from ScriptController to WindowProxyController
        https://bugs.webkit.org/show_bug.cgi?id=184640

        Reviewed by Ryosuke Niwa.

        Move more WindowProxy-related logic from ScriptController to WindowProxyController,
        for clarity.

        * bindings/js/JSDOMWindowProxy.cpp:
        (WebCore::JSDOMWindowProxy::attachDebugger):
        * bindings/js/JSDOMWindowProxy.h:
        * bindings/js/ScriptCachedFrameData.cpp:
        (WebCore::ScriptCachedFrameData::ScriptCachedFrameData):
        (WebCore::ScriptCachedFrameData::restore):
        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::~ScriptController):
        (WebCore::ScriptController::initScriptForWindowProxy):
        * bindings/js/ScriptController.h:
        (WebCore::ScriptController::existingCacheableBindingRootObject const):
        * bindings/js/WindowProxyController.cpp:
        (WebCore::collectGarbageAfterWindowProxyDestruction):
        (WebCore::WindowProxyController::~WindowProxyController):
        (WebCore::WindowProxyController::clearWindowProxiesNotMatchingDOMWindow):
        (WebCore::WindowProxyController::setDOMWindowForWindowProxy):
        (WebCore::WindowProxyController::attachDebugger):
        * bindings/js/WindowProxyController.h:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::clear):
        * page/Page.cpp:
        (WebCore::Page::setDebugger):

2018-04-16  Thibault Saunier  <tsaunier@igalia.com>

        [GStreamer] Set *TrackPrivateGStreamer::active based on GstStream default select in constructor
        https://bugs.webkit.org/show_bug.cgi?id=184652

        Reviewed by Philippe Normand.

        In the constructor we should mark selected streams based on the default values from GstStream,
        if the user changes them, they will be updated as required later on.

        No new tests are added as we already have a few ones that are currently disabled in
        the mediastream testsuite. This patch is part of the work to enable them.

        * platform/graphics/gstreamer/AudioTrackPrivateGStreamer.cpp:
        (WebCore::AudioTrackPrivateGStreamer::AudioTrackPrivateGStreamer):
        * platform/graphics/gstreamer/VideoTrackPrivateGStreamer.cpp:
        (WebCore::VideoTrackPrivateGStreamer::VideoTrackPrivateGStreamer):

2018-04-16  Thibault Saunier  <tsaunier@igalia.com>

        [GStreamer] Set TrackPrivateBaseGStreamer metadata information even if no client is avalaible
        https://bugs.webkit.org/show_bug.cgi?id=184651

        Reviewed by Philippe Normand.

        We can't notify the client if none is connected, but still we need to fill our metadatas from
        the provided GstTagList, especially in the case of playbin3 where the client is not set yet
        at construct time but the metadata might already be preset (and won't be updated later on).

        No new tests are added as we already have a few ones that are currently disabled in
        the mediastream testsuite. This patch is part of the work to enable them.

        * platform/graphics/gstreamer/TrackPrivateBaseGStreamer.cpp:
        (WebCore::TrackPrivateBaseGStreamer::notifyTrackOfTagsChanged):

2018-04-16  Antoine Quint  <graouts@apple.com>

        [Web Animations] Ensure we never return -0 through the API
        https://bugs.webkit.org/show_bug.cgi?id=184644

        Reviewed by Dean Jackson.

        We could sometimes return -0 instead of 0, which is surprising and leads to an error in WPT tests.
        This would happen when playbackRate < 0.

        * animation/WebAnimationUtilities.h:
        (WebCore::secondsToWebAnimationsAPITime):

2018-04-15  Antoine Quint  <graouts@apple.com>

        [Web Animations] Animations do not naturally get a finish event
        https://bugs.webkit.org/show_bug.cgi?id=184639
        <rdar://problem/39397649>

        Reviewed by Jon Lee.

        We must call updateFinishedState() when an animation gets sampled as it means its timeline's time has progressed
        and it may have crossed to a finished state. Calling updateFinishedState() when sampling means that we'll correctly
        set the animation's hold time to its end value, which means that currentTime() will now always be clamped to return
        the end time once its has reached it, so we must not schedule animations to resolve immediately anymore since otherwise
        they will keep being scheduled in a loop.

        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::timeToNextRequiredTick const):
        (WebCore::WebAnimation::resolve):

2018-04-15  Chris Dumez  <cdumez@apple.com>

        Change Event's returnValue so it doesn't expose a new primitive
        https://bugs.webkit.org/show_bug.cgi?id=184415

        Reviewed by Darin Adler.

        Update Event.returnValue setter to match the latest DOM specification after:
        - https://github.com/whatwg/dom/pull/626

        In particular, the returnValue setter is now a no-op if the new flag value
        is true. If the input flag value is false, it only sets the 'canceled' flag
        if the event is cancelable and the event’s in passive listener flag is unset.

        Test: imported/w3c/web-platform-tests/dom/events/Event-returnValue.html

        * dom/Event.cpp:
        (WebCore::Event::setLegacyReturnValue):
        (WebCore::Event::setCanceledFlagIfPossible):
        (WebCore::Event::preventDefault):
        * dom/Event.h:

2018-04-14  Thibault Saunier  <tsaunier@igalia.com>

        [GStreamer] Expose a method to retrieve the GstStream from a TrackPrivateBaseGStreamer
        https://bugs.webkit.org/show_bug.cgi?id=184620

        Reviewed by Philippe Normand.

        This is a minor change, a dedicated test doesn't really make sense here.

        * platform/graphics/gstreamer/TrackPrivateBaseGStreamer.h:
        (WebCore::TrackPrivateBaseGStreamer::stream):

2018-04-13  Ryosuke Niwa  <rniwa@webkit.org>

        WebKit crashes when libwebrtc.dylib is missing
        https://bugs.webkit.org/show_bug.cgi?id=184607

        Rubber-stamped by Jer Noble.

        Don't call LibWebRTC related code when libwebrtc is not available.

        * dom/Document.cpp:
        (WebCore::Document::prepareForDestruction):
        (WebCore::Document::suspend):

2018-04-13  Chris Dumez  <cdumez@apple.com>

        Split WindowProxy handling out of ScriptController and into a new class owned by AbstractFrame
        https://bugs.webkit.org/show_bug.cgi?id=184591

        Reviewed by Sam Weinig.

        Split WindowProxy handling out of ScriptController and into a new class owned by AbstractFrame.
        RemoteFrames do not need a ScriptController but do need to maintain WindowProxies.
        This is work towards fixing Bug 184515.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/DOMWrapperWorld.cpp:
        (WebCore::DOMWrapperWorld::~DOMWrapperWorld):
        (WebCore::DOMWrapperWorld::clearWrappers):
        * bindings/js/DOMWrapperWorld.h:
        (WebCore::DOMWrapperWorld::didCreateWindowProxy):
        (WebCore::DOMWrapperWorld::didDestroyWindowProxy):
        * bindings/js/JSBindingsAllInOne.cpp:
        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::toJSDOMWindow):
        * bindings/js/JSDOMWindowProxy.cpp:
        (WebCore::toJS):
        (WebCore::toJSDOMWindowProxy):
        * bindings/js/ScriptCachedFrameData.cpp:
        (WebCore::ScriptCachedFrameData::ScriptCachedFrameData):
        (WebCore::ScriptCachedFrameData::restore):
        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::~ScriptController):
        (WebCore::ScriptController::evaluateInWorld):
        (WebCore::ScriptController::loadModuleScriptInWorld):
        (WebCore::ScriptController::linkAndEvaluateModuleScriptInWorld):
        (WebCore::ScriptController::evaluateModule):
        (WebCore::ScriptController::clearWindowProxiesNotMatchingDOMWindow):
        (WebCore::ScriptController::setDOMWindowForWindowProxy):
        (WebCore::ScriptController::initScriptForWindowProxy):
        (WebCore::ScriptController::setupModuleScriptHandlers):
        (WebCore::ScriptController::windowProxyController):
        (WebCore::ScriptController::enableEval):
        (WebCore::ScriptController::enableWebAssembly):
        (WebCore::ScriptController::disableEval):
        (WebCore::ScriptController::disableWebAssembly):
        (WebCore::ScriptController::attachDebugger):
        (WebCore::ScriptController::updateDocument):
        (WebCore::ScriptController::collectIsolatedContexts):
        (WebCore::ScriptController::windowScriptNPObject):
        (WebCore::ScriptController::executeIfJavaScriptURL):
        * bindings/js/ScriptController.h:
        (WebCore::ScriptController::globalObject):
        * bindings/js/ScriptControllerMac.mm:
        (WebCore::ScriptController::windowScriptObject):
        * bindings/js/ScriptState.cpp:
        (WebCore::mainWorldExecState):
        * bindings/js/WindowProxyController.cpp: Added.
        (WebCore::WindowProxyController::WindowProxyController):
        (WebCore::WindowProxyController::destroyWindowProxy):
        (WebCore::WindowProxyController::createWindowProxy):
        (WebCore::WindowProxyController::windowProxies):
        (WebCore::WindowProxyController::createWindowProxyWithInitializedScript):
        * bindings/js/WindowProxyController.h: Added.
        (WebCore::WindowProxyController::releaseWindowProxies):
        (WebCore::WindowProxyController::setWindowProxies):
        (WebCore::WindowProxyController::windowProxy):
        (WebCore::WindowProxyController::existingWindowProxy const):
        (WebCore::WindowProxyController::globalObject):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::dispatchDidClearWindowObjectInWorld):
        * page/AbstractFrame.cpp:
        (WebCore::AbstractFrame::AbstractFrame):
        * page/AbstractFrame.h:
        (WebCore::AbstractFrame::windowProxyController):
        (WebCore::AbstractFrame::windowProxyController const):

2018-04-13  Brady Eidson  <beidson@apple.com>

        Introduce SuspendedPageProxy to keep old web processes around after their WebPageProxy has been swapped to a new one.
        https://bugs.webkit.org/show_bug.cgi?id=184559

        Reviewed by Alex Christensen.

        Covered by new API test.

        WebCore changes rework the meaning of a "ForSuspension" policy to simply navigate the page to about:blank.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::redirectReceived):
        (WebCore::DocumentLoader::willSendRequest):
        (WebCore::DocumentLoader::startLoadingMainResource):
        * loader/DocumentLoader.h:

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::init):
        (WebCore::FrameLoader::continueLoadAfterNavigationPolicy):

2018-04-13  Chris Dumez  <cdumez@apple.com>

        input.webkitEntries does not work as expected when folder contains accented chars
        https://bugs.webkit.org/show_bug.cgi?id=184517
        <rdar://problem/39265537>

        Reviewed by Alex Christensen.

        Use String::fromUTF8() to construct a WTF String from the char* returned by
        dirname() in FileSystem::directoryName(). Previously, we were just calling
        the String constructor, which would treat the input as latin 1 instead of
        UTF-8.

        Change is covered by an API test rather than a layout test due to file versioning
        limitations.

        * platform/posix/FileSystemPOSIX.cpp:
        (WebCore::FileSystem::directoryName):

2018-04-13  Yusuke Suzuki  <utatane.tea@gmail.com>

        [WebCore] Use @getByIdDirectPrivate / @putByIdDirectPrivate in WebCore JS
        https://bugs.webkit.org/show_bug.cgi?id=184401

        Rubber stamped by Saam Barati.

        Apply bug 183970 changes to WebCore JS too. This offers solid type checking
        with @getByIdDirectPrivate().

        * Modules/mediastream/RTCPeerConnection.js:
        (initializeRTCPeerConnection):
        (getLocalStreams):
        (getStreamById):
        (addStream):
        * Modules/mediastream/RTCPeerConnectionInternals.js:
        (isRTCPeerConnection):
        * Modules/streams/ReadableByteStreamController.js:
        (enqueue):
        (error):
        (close):
        (getter.byobRequest):
        * Modules/streams/ReadableByteStreamInternals.js:
        (privateInitializeReadableStreamBYOBReader):
        (privateInitializeReadableByteStreamController):
        (privateInitializeReadableStreamBYOBRequest):
        (isReadableByteStreamController):
        (isReadableStreamBYOBRequest):
        (isReadableStreamBYOBReader):
        (readableByteStreamControllerCancel):
        (readableByteStreamControllerError):
        (readableByteStreamControllerClose):
        (readableByteStreamControllerClearPendingPullIntos):
        (readableByteStreamControllerGetDesiredSize):
        (readableStreamHasBYOBReader):
        (readableStreamHasDefaultReader):
        (readableByteStreamControllerHandleQueueDrain):
        (readableByteStreamControllerPull):
        (readableByteStreamControllerShouldCallPull):
        (readableByteStreamControllerCallPullIfNeeded):
        (readableByteStreamControllerEnqueue):
        (readableByteStreamControllerEnqueueChunk):
        (readableByteStreamControllerRespondWithNewView):
        (readableByteStreamControllerRespond):
        (readableByteStreamControllerRespondInternal):
        (readableByteStreamControllerRespondInReadableState):
        (readableByteStreamControllerRespondInClosedState):
        (readableByteStreamControllerProcessPullDescriptors):
        (readableByteStreamControllerFillDescriptorFromQueue):
        (readableByteStreamControllerShiftPendingDescriptor):
        (readableByteStreamControllerInvalidateBYOBRequest):
        (readableByteStreamControllerCommitDescriptor):
        (readableStreamFulfillReadIntoRequest):
        (readableByteStreamControllerPullInto):
        (readableStreamAddReadIntoRequest):
        * Modules/streams/ReadableStream.js:
        (initializeReadableStream):
        (pipeThrough):
        * Modules/streams/ReadableStreamBYOBReader.js:
        (cancel):
        (read):
        (releaseLock):
        (getter.closed):
        * Modules/streams/ReadableStreamBYOBRequest.js:
        (respond):
        (respondWithNewView):
        (getter.view):
        * Modules/streams/ReadableStreamDefaultController.js:
        (error):
        * Modules/streams/ReadableStreamDefaultReader.js:
        (cancel):
        (read):
        (releaseLock):
        (getter.closed):
        * Modules/streams/ReadableStreamInternals.js:
        (privateInitializeReadableStreamDefaultReader):
        (readableStreamReaderGenericInitialize):
        (readableStreamDefaultControllerError):
        (readableStreamPipeTo):
        (readableStreamTee):
        (isReadableStream):
        (isReadableStreamDefaultReader):
        (isReadableStreamDefaultController):
        (readableStreamError):
        (readableStreamDefaultControllerCallPullIfNeeded):
        (readableStreamDefaultControllerGetDesiredSize):
        (readableStreamReaderGenericCancel):
        (readableStreamCancel):
        (readableStreamDefaultControllerCancel):
        (readableStreamDefaultControllerPull):
        (readableStreamDefaultControllerClose):
        (readableStreamClose):
        (readableStreamFulfillReadRequest):
        (readableStreamDefaultReaderRead):
        (readableStreamAddReadRequest):
        (isReadableStreamDisturbed):
        (readableStreamReaderGenericRelease):
        (readableStreamDefaultControllerCanCloseOrEnqueue):
        (privateInitializeReadableStreamDefaultController): Deleted.
        * Modules/streams/StreamInternals.js:
        (validateAndNormalizeQueuingStrategy):
        * Modules/streams/WritableStream.js:
        (initializeWritableStream):
        (abort):
        (close):
        (write):
        (getter.closed):
        (getter.ready):
        (getter.state):
        * Modules/streams/WritableStreamInternals.js:
        (isWritableStream):
        (syncWritableStreamStateWithQueue):
        (errorWritableStream):
        (callOrScheduleWritableStreamAdvanceQueue):
        * bindings/js/JSDOMBindingInternals.js:
        (mapLikeForEach):

2018-04-12  Antoine Quint  <graouts@apple.com>

        [Web Animations] Turn CSS Animations and CSS Transitions as Web Animations on by default
        https://bugs.webkit.org/show_bug.cgi?id=184569
        <rdar://problem/38671301>

        Reviewed by Jon Lee.

        We now set the CSS Animations and CSS Transitions as Web Animations flag on by default. To ensure that some remaining
        tests pass with this flag on, we expose a way to get to a PseudoElement via a new internals.pseudoElement() method. This
        allows tests that used internals.pauseAnimationAtTimeOnPseudoElement() and internals.pauseTransitionAtTimeOnPseudoElement()
        to now work with the Web Animations API.

        * page/RuntimeEnabledFeatures.h:
        * testing/Internals.cpp:
        (WebCore::Internals::pseudoElement):
        * testing/Internals.h:
        * testing/Internals.idl:

2018-04-13  Sergio Villar Senin  <svillar@igalia.com>

        [WebVR][OpenVR] Implement requestPresent()/exitPresent() and getLayers()
        https://bugs.webkit.org/show_bug.cgi?id=184530

        Reviewed by Žan Doberšek.

        WebVR apps should invoke requestPresent() to start presenting contents of a VRLayerInit
        (right now a HTML canvas with a WebGL context) on the VRDisplay. This request might fail for
        a variety of reasons and can be eventually cancelled with exitPresent(). Once we are
        presenting we could access the presenting layers (right now just one) with getLayers().

        Note that we are not presenting anything to the HMD yet, that will be done later in a follow
        up patch.

        I took the chance to correct a mistak in the VRDisplayCapabilities object which has a method
        that should be called maxLayers instead of maxLayer.

        * Modules/webvr/VRDisplay.cpp:
        (WebCore::VRDisplay::requestPresent):
        (WebCore::VRDisplay::stopPresenting):
        (WebCore::VRDisplay::exitPresent):
        (WebCore::VRDisplay::getLayers const):
        (WebCore::VRDisplay::isPresenting const): Deleted. Implemented in the header file.
        * Modules/webvr/VRDisplay.h:
        (WebCore::VRDisplay::isPresenting const):
        * Modules/webvr/VRDisplayCapabilities.h:
        (WebCore::VRDisplayCapabilities::maxLayers const): Renamed from maxLayer().
        (WebCore::VRDisplayCapabilities::maxLayer const): Deleted.
        * Modules/webvr/VRDisplayCapabilities.idl:

2018-04-13  Miguel Gomez  <magomez@igalia.com>

        REGRESSION(r230627): [GTK][WPE] Possible deadlock when destroying the player in non AC mode
        https://bugs.webkit.org/show_bug.cgi?id=184583

        Reviewed by Carlos Garcia Campos.

        In non AC mode, ensure that a deadlock can't happen when destroying MediaPlayerPrivateGStreamerBase.

        Covered by existent tests.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::~MediaPlayerPrivateGStreamerBase):
        (WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint):
        (WebCore::MediaPlayerPrivateGStreamerBase::cancelRepaint):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:

2018-04-13  Miguel Gomez  <magomez@igalia.com>

        [GTK] [gstreamer] video won't unpause when built with -DUSE_GSTREAMER_GL=OFF
        https://bugs.webkit.org/show_bug.cgi?id=183362

        Reviewed by Carlos Garcia Campos.

        Remove the drawCancelled flag and use a new one to indicate that the player is being destroyed.
        That new flag is only enabled on destruction and it's not modified by cancelRepaint(), which
        can be used to handle the pause event without avoiding future renderings. Also cancelRepaint()
        has only effect when not in AC mode.

        Covered by existent tests.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::~MediaPlayerPrivateGStreamerBase):
        (WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint):
        (WebCore::MediaPlayerPrivateGStreamerBase::cancelRepaint):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:

2018-04-13  Xabier Rodriguez Calvar  <calvaris@igalia.com>

        [GStreamer] Convert GStreamerUtilities in GStreamerCommon and include the GStreamer smart pointer traits
        https://bugs.webkit.org/show_bug.cgi?id=184533

        Reviewed by Philippe Normand.

        Renamed GStreamerUtilities* files into GStreamerCommon* and
        modified files including them accordingly. Include
        GRefPtrGStreamer.h and GUniquePtrGStreamer.h in GStreamerCommon.h
        to avoid problems destroying objects when those files are
        forgotten to be included.

        * Modules/webaudio/AudioContext.cpp:
        * platform/GStreamer.cmake:
        * platform/audio/gstreamer/WebKitWebAudioSourceGStreamer.cpp:
        * platform/graphics/gstreamer/AudioTrackPrivateGStreamer.h:
        * platform/graphics/gstreamer/GStreamerCommon.cpp: Renamed from Source/WebCore/platform/graphics/gstreamer/GStreamerUtilities.cpp.
        * platform/graphics/gstreamer/GStreamerCommon.h: Renamed from Source/WebCore/platform/graphics/gstreamer/GStreamerUtilities.h.
        * platform/graphics/gstreamer/ImageGStreamer.h:
        * platform/graphics/gstreamer/ImageGStreamerCairo.cpp:
        * platform/graphics/gstreamer/InbandTextTrackPrivateGStreamer.cpp:
        * platform/graphics/gstreamer/InbandTextTrackPrivateGStreamer.h:
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
        * platform/graphics/gstreamer/MediaSampleGStreamer.cpp:
        * platform/graphics/gstreamer/MediaSampleGStreamer.h:
        * platform/graphics/gstreamer/TextCombinerGStreamer.cpp:
        * platform/graphics/gstreamer/TrackPrivateBaseGStreamer.cpp:
        * platform/graphics/gstreamer/TrackPrivateBaseGStreamer.h:
        * platform/graphics/gstreamer/VideoSinkGStreamer.cpp:
        * platform/graphics/gstreamer/VideoTrackPrivateGStreamer.h:
        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        * platform/graphics/gstreamer/eme/GStreamerEMEUtilities.cpp:
        * platform/graphics/gstreamer/eme/GStreamerEMEUtilities.h:
        * platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.cpp:
        * platform/graphics/gstreamer/eme/WebKitCommonEncryptionDecryptorGStreamer.cpp:
        * platform/graphics/gstreamer/mse/AppendPipeline.cpp:
        * platform/graphics/gstreamer/mse/AppendPipeline.h:
        * platform/graphics/gstreamer/mse/GStreamerMediaDescription.cpp:
        * platform/graphics/gstreamer/mse/GStreamerMediaDescription.h:
        * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
        * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.h:
        * platform/graphics/gstreamer/mse/MediaSourceClientGStreamerMSE.h:
        * platform/graphics/gstreamer/mse/PlaybackPipeline.cpp:
        * platform/graphics/gstreamer/mse/SourceBufferPrivateGStreamer.cpp:
        * platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp:
        * platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.h:

2018-04-12  Christopher Reid  <chris.reid@sony.com>

        [Curl] Fix clang build error in CurlContext.cpp
        https://bugs.webkit.org/show_bug.cgi?id=184561

        Reviewed by Darin Adler.

        MSVC allows explicit template specialization in classes but gcc/clang do not.

        * platform/network/curl/CurlContext.cpp:

2018-04-12  Christopher Reid  <chris.reid@sony.com>

        [Curl] Cookie Database on memory path should be :memory:
        https://bugs.webkit.org/show_bug.cgi?id=184572

        Reviewed by Alex Christensen.

        CookieJarDB::isOnMemory is comparing the database path with :onmemory: but it should be using :memory:
        For reference, see: https://www.sqlite.org/inmemorydb.html

        * platform/network/curl/CookieJarDB.h:

2018-04-12  Daniel Bates  <dabates@apple.com>

        Attmept to fix the Windows build following <https://trac.webkit.org/changeset/230602/>
        (https://bugs.webkit.org/show_bug.cgi?id=184386)

        Visual Studio cannot prove that all cases in the switch are covered :(
        So, add an ASSERT_NOT_REACHED() and a return a value outside of the switch block. 

        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::destinationForType):

2018-04-12  Chris Dumez  <cdumez@apple.com>

        Introduce remote variants of Frame / DOMWindow classes
        https://bugs.webkit.org/show_bug.cgi?id=184467
        <rdar://problem/39011267>

        Reviewed by Ryosuke Niwa.

        Introduce remote variants of Frame / DOMWindow classes, for when these frames / windows
        are hosted on another WebProcess. Those will be used in a follow-up patch.

        The hierarchy is as follows (class naming will be improved in a follow-up patch to minimise
        patch size):
        - AbstractFrame: A frame that can be either local or remote (hosted on another WebProcess)
            - Frame: A local frame
            - RemoteFrame: A frame hosted on another WebProcess. A RemoteFrame's window is also remote.
        - AbstractDOMWindow: A window that be either local or remote (hosted on another WebProcess)
            - DOMWindow: A local DOMWindow
            - RemoteDOMWindow: A window hosted on another WebProcess. A RemoteDOMWindow's frame is also
              remote. A RemoteDOMWindow is always cross-origin.

        This patch introduces global identifiers (unique across all WebProcesses) for both Frames and
        Windows. This is useful as we need to know which Frame / DOMWindow a particular RemoteFrame /
        RemoteDOMWindow is pointing to.

        Follow-up patch will add support for converting a local DOMWindow / Frame into a remote ones,
        when a newly opened window (via window.open) is navigated cross-origin (Bug 184515).

        Other things we'll need to implement in follow-ups:
        - RemoteDOMWindow will need to know about its opener in order to support the window.opener
          API. Internally, the opener will be stored as a RemoteFrame so that window.opener always
          returns the current window in the opener frame (which changes upon navigation).
        - Nullify a RemoteDOMWindow's frame whenever the window it is pointing to becomes frameless.
          A frameless window behaves very differently (e.g. very little API is exposed to the Web).
          This happens when either the newly opened window is either closed or navigated.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * loader/ContentFilter.cpp:
        (WebCore::ContentFilter::didDecide):
        * page/AbstractDOMWindow.cpp: Added.
        (WebCore::AbstractDOMWindow::AbstractDOMWindow):
        (WebCore::AbstractDOMWindow::~AbstractDOMWindow):
        * page/AbstractDOMWindow.h: Added.
        (WebCore::AbstractDOMWindow::identifier const):
        * page/AbstractFrame.cpp: Added.
        (WebCore::AbstractFrame::AbstractFrame):
        (WebCore::AbstractFrame::~AbstractFrame):
        * page/AbstractFrame.h: Added.
        (WebCore::AbstractFrame::window const):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::DOMWindow):
        * page/DOMWindow.h:
        (isType):
        * page/Frame.cpp:
        (WebCore::Frame::window const):
        (WebCore::Frame::virtualWindow const):
        * page/Frame.h:
        (isType):
        * page/GlobalFrameIdentifier.h: Added.
        (WebCore::GlobalFrameIdentifier::encode const):
        (WebCore::GlobalFrameIdentifier::decode):
        * page/GlobalWindowIdentifier.h: Added.
        (WebCore::operator==):
        (WebCore::GlobalWindowIdentifier::hash const):
        (WebCore::GlobalWindowIdentifier::encode const):
        (WebCore::GlobalWindowIdentifier::decode):
        (WTF::GlobalWindowIdentifierHash::hash):
        (WTF::GlobalWindowIdentifierHash::equal):
        (WTF::HashTraits<WebCore::GlobalWindowIdentifier>::emptyValue):
        (WTF::HashTraits<WebCore::GlobalWindowIdentifier>::constructDeletedValue):
        (WTF::HashTraits<WebCore::GlobalWindowIdentifier>::isDeletedValue):

        * page/RemoteDOMWindow.cpp: Added.
        (WebCore::RemoteDOMWindow::RemoteDOMWindow):
        (WebCore::RemoteDOMWindow::~RemoteDOMWindow):
        (WebCore::RemoteDOMWindow::self const):
        (WebCore::RemoteDOMWindow::location const):
        (WebCore::RemoteDOMWindow::close):
        (WebCore::RemoteDOMWindow::closed const):
        (WebCore::RemoteDOMWindow::focus):
        (WebCore::RemoteDOMWindow::blur):
        (WebCore::RemoteDOMWindow::length const):
        (WebCore::RemoteDOMWindow::top const):
        (WebCore::RemoteDOMWindow::opener const):
        (WebCore::RemoteDOMWindow::parent const):
        (WebCore::RemoteDOMWindow::postMessage):
        The DOM API exposed on RemoteDOMWindow is only the subset of the DOMWindow API that is exposed cross origin,
        since remote DOMWindow are always from a different origin. The short-term plan is to implement these in a
        follow-up by relying on IPC (synchronous when necessary) to fetch the information from the real window in
        the WebProcess where it lives. Longer term, we should probably keep RemoteDOMWindow members in sync with the
        DOMWindow they're pointing to, so we do not have to rely on synchronous IPC.

        * page/RemoteDOMWindow.h: Added.
        (isType):
        * page/RemoteFrame.cpp: Added.
        (WebCore::RemoteFrame::RemoteFrame):
        (WebCore::RemoteFrame::~RemoteFrame):
        (WebCore::RemoteFrame::virtualWindow const):
        * page/RemoteFrame.h: Added.
        (isType):

2018-04-12  Daniel Bates  <dabates@apple.com>

        Content-Type not enforced for <script> allows for XSS
        https://bugs.webkit.org/show_bug.cgi?id=184386
        <rdar://problem/39112268>

        Reviewed by Brady Eidson.

        As per the Fetch standard, <https://fetch.spec.whatwg.org/#should-response-to-request-be-blocked-due-to-mime-type?> (16 March 2018),
        we should block JavaScript scripts that are served with MIME type text/csv, or a MIME type
        that begins with "audio/", "image/" or "video/".

        As a side benefit of this change we now set the destination property [1] on preload requests.

        [1] <https://fetch.spec.whatwg.org/#concept-request-destination>

        Tests: http/tests/security/script-with-banned-mimetype.html
               http/tests/workers/worker-importScripts-banned-mimetype.html

        * Sources.txt: Add file FetchIdioms.cpp.
        * WebCore.xcodeproj/project.pbxproj: Add files FetchIdioms.{cpp, h}.
        * dom/LoadableClassicScript.cpp:
        (WebCore::LoadableClassicScript::notifyFinished): Check the MIME type of the response and
        block the script if applicable.
        * dom/LoadableScript.h: Add error type MIMEType.
        * loader/FetchIdioms.cpp: Added.
        (WebCore::shouldBlockResponseDueToMIMEType): Implements the "Should response to request be blocked
        due to its MIME type?" algorithm from the Fetch standard.
        * loader/FetchIdioms.h: Added.
        * loader/FetchOptions.h:
        (WebCore::isScriptLikeDestination): Implements the definition of "script like" as per <https://fetch.spec.whatwg.org/#request-destination-script-like>.
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestImage): Removed logic to set the destination property as
        CachedResourceLoader::requestResource() is now responsible for doing this.
        (WebCore::CachedResourceLoader::requestFont): Ditto.
        (WebCore::CachedResourceLoader::requestTextTrack): Ditto.
        (WebCore::CachedResourceLoader::requestCSSStyleSheet): Ditto.
        (WebCore::CachedResourceLoader::requestScript): Ditto.
        (WebCore::CachedResourceLoader::requestXSLStyleSheet): Ditto.
        (WebCore::CachedResourceLoader::requestMedia): Update comment to express that we should assert
        that the destination property is either video or audio.
        (WebCore::CachedResourceLoader::requestIcon): Remove logic to set the destination property as
        CachedResourceLoader::requestResource() is now responsible for doing this.
        (WebCore::CachedResourceLoader::requestRawResource): Removed assertion as this function is used to
        load many kinds of requests that have different destination properties. The caller is responsible
        for setting the appropriate destintion property.
        (WebCore::CachedResourceLoader::requestMainResource): Remove logic to set the destination property
        as CachedResourceLoader::requestResource() is now responsible for doing this.
        (WebCore::destinationForType): Helper function that maps CachedResource::Type to FetchOptions::Destination.
        (WebCore::CachedResourceLoader::requestResource): Set the destination property on the request if not
        already set.
        * loader/cache/CachedResourceLoader.h: Segregate requestRawResource() from the other request functions
        and add a comment to explain what it is used for.
        * workers/Worker.cpp:
        (WebCore::Worker::create):
        * workers/WorkerScriptLoader.cpp:
        (WebCore::WorkerScriptLoader::loadSynchronously): Set the destination property to FetchOptions::Destination::Script
        and store it in an instance variable as we will need to reference it once we receive the HTTP response.
        Note that this function is only used to support the Web API importScripts().
        (WebCore::WorkerScriptLoader::loadAsynchronously): Store the passed destination property in an
        instance as we will need to reference it once we receive the HTTP response.
        (WebCore::WorkerScriptLoader::didReceiveResponse): Check the MIME type of the response and
        block the script if applicable.
        * workers/WorkerScriptLoader.h:
        * workers/service/ServiceWorkerJob.cpp:
        (WebCore::ServiceWorkerJob::fetchScriptWithContext): Set the destination property to FetchOptions::Destination::Serviceworker.

2018-04-12  Antoine Quint  <graouts@apple.com>

        [Web Animations] Fix a host of small CSS Animations and CSS Transitions issues
        https://bugs.webkit.org/show_bug.cgi?id=184555

        Reviewed by Dean Jackson.

        A series of small and intertwined issues were preventing a number of CSS Animations and CSS Trantions
        tests to fail when expressed as Web Animations.

        * animation/AnimationTimeline.cpp:
        (WebCore::AnimationTimeline::updateCSSAnimationsForElement): Pass the old and new RenderStyles to CSSAnimation::create()
        since we're refactoring DeclarativeAnimation to create blending keyframes in initialize(), no longer requiring each subclass
        to create them.
        (WebCore::AnimationTimeline::cssAnimationForElementAndProperty): Return the animation, if any, for a property animated by
        a CSS animation, so that we can determine if a property is already being animated when running a CSS Transition.
        (WebCore::AnimationTimeline::updateCSSTransitionsForElement): Since a property can be specified twice in a "transition" property,
        once via "all" and once explicitly, ensure we look at all currently running transitions for the currently-processed property to
        see if we need to cancel this transition. Previously, we used to only see if it had been transitioned in the old style. We also
        start transitions even if the duration is 0 provided the delay is a positive, non-zero value. Then, if there is a CSS Animation
        for this property already running, use that animation's original unanimated style as the from value.
        * animation/AnimationTimeline.h:
        * animation/CSSAnimation.cpp:
        (WebCore::CSSAnimation::create): The animation name is now set in the CSSAnimation constructor.
        (WebCore::CSSAnimation::CSSAnimation): Set the animation name and keep a copy of the unanimated style such that we can
        get it when a CSS Transition is created and takes precedence over this CSS Animation.
        (WebCore::CSSAnimation::initialize): Deleted.
        * animation/CSSAnimation.h:
        * animation/CSSTransition.cpp:
        (WebCore::CSSTransition::create):
        (WebCore::CSSTransition::initialize):
        * animation/CSSTransition.h:
        * animation/DeclarativeAnimation.cpp:
        (WebCore::DeclarativeAnimation::initialize): Call the new computeDeclarativeAnimationBlendingKeyframes() on the KeyframeEffect
        directly in this method so that subclasses don't need to create it manually, but most important so that keyframes are created
        before timing properties are set based on the backing animation.
        * animation/DeclarativeAnimation.h:
        * animation/KeyframeEffectReadOnly.cpp:
        (WebCore::KeyframeEffectReadOnly::getKeyframes): Ensure we have a CSSValue before trying to serialize it.
        (WebCore::KeyframeEffectReadOnly::computeDeclarativeAnimationBlendingKeyframes):
        (WebCore::KeyframeEffectReadOnly::computeCSSAnimationBlendingKeyframes): Use the animation's unanimated style to compute keyframes,
        instead of a default RenderStyle which would not use the right values for implicit keyframes.
        (WebCore::KeyframeEffectReadOnly::stylesWouldYieldNewCSSTransitionsBlendingKeyframes const): Look at the property used to create
        the transition rather than that specified on the backing Animation object since it can be CSSPropertyInvalid in the case of
        "transition: all".
        (WebCore::KeyframeEffectReadOnly::setAnimatedPropertiesInStyle): If we're dealing with a CSS animation, we consider the first and
        last keyframes to always have the property listed since the underlying style was provided and should be captured.
        * animation/KeyframeEffectReadOnly.h:
        * style/StyleTreeResolver.cpp:
        (WebCore::Style::TreeResolver::createAnimatedElementUpdate): Apply CSS Animations after CSS Trasitions since they take precedence.

2018-04-12  Antoine Quint  <graouts@apple.com>

        [Web Animations] Only cancel declarative animations upon element removal
        https://bugs.webkit.org/show_bug.cgi?id=184553

        Reviewed by Dean Jackson.

        Ensure we only call cancel() on CSSAnimation and CSSTransition objects as we might otherwise reject
        the ready promise and produce spurious logging from WPT tests.

        * animation/AnimationTimeline.cpp:
        (WebCore::AnimationTimeline::cancelDeclarativeAnimationsForElement):
        (WebCore::AnimationTimeline::cancelAnimationsForElement): Deleted.
        * animation/AnimationTimeline.h:
        * dom/Element.cpp:
        (WebCore::Element::removedFromAncestor):
        * dom/PseudoElement.cpp:
        (WebCore::PseudoElement::clearHostElement):
        * rendering/updating/RenderTreeUpdater.cpp:
        (WebCore::RenderTreeUpdater::tearDownRenderers):

2018-04-12  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r230554.

        The non-ASCII character in the filename causes issues with SVN

        Reverted changeset:

        "input.webkitEntries does not work as expected when folder
        contains accented chars"
        https://bugs.webkit.org/show_bug.cgi?id=184517
        https://trac.webkit.org/changeset/230554

2018-04-12  Alicia Boya García  <aboya@igalia.com>

        [MSE] Add isValid() assertions on PlatformTimeRanges::add() range ends
        https://bugs.webkit.org/show_bug.cgi?id=180253

        Right now it's checked that start <= end but it's not checked that
        neither of them is undefined.

        When this happens, the bug can be hard to track down.

        The assertion is not enabled for Mac because there is currently a test
        that is hitting it.

        Reviewed by Jer Noble.

        * platform/graphics/PlatformTimeRanges.cpp:
        (WebCore::PlatformTimeRanges::add):

2018-04-12  Chris Dumez  <cdumez@apple.com>

        Process::setIdentifier() / Process::identifier() do not need a lock
        https://bugs.webkit.org/show_bug.cgi?id=184544

        Reviewed by Brady Eidson.

        Process::setIdentifier() / Process::identifier() do not need a lock.
        Process::setIdentifier() gets called in ChildProcess::initialize(),
        before we start any background threads. It is then safe to query
        this process identifier later on from background threads without
        locks.

        * platform/Process.cpp:
        (WebCore::Process::setIdentifier):
        (WebCore::Process::identifier):

2018-04-12  Antoine Quint  <graouts@apple.com>

        Unreviewed, fix the Windows build.

        * animation/DocumentTimeline.cpp:
        (WebCore::DocumentTimeline::computeExtentOfAnimation const):

2018-04-12  Antoine Quint  <graouts@apple.com>

        [Web Animations] Suspend animations when required
        https://bugs.webkit.org/show_bug.cgi?id=184541

        Reviewed by Jon Lee.

        Animations managed by CSSAnimationController get suspended under a number of scenarios, we now add the possibility
        to suspend animations on a DocumentTimeline as well such that Web Animations and CSS Animations and CSS Transitions
        implemented as Web Animations get suspended under the same conditions as well. We also update the implementation for
        Internals::numberOfActiveAnimations() such that tests checking that animations get suspended pass.

        * animation/DocumentTimeline.cpp:
        (WebCore::DocumentTimeline::suspendAnimations): When asked to be suspended, the DocumentTimeline cancels pending
        invalidation tasks and updates all of the animations it manages, including those running on the compositor.
        (WebCore::DocumentTimeline::resumeAnimations): When asked to be resumed, the DocumentTimeline resumes animations
        it manages and rewinds its invalidation timer.
        (WebCore::DocumentTimeline::animationsAreSuspended):
        (WebCore::DocumentTimeline::numberOfActiveAnimationsForTesting const): Called by Internals::numberOfActiveAnimations(),
        this returns the number of animations managed by this timeline that are not suspended.
        (WebCore::DocumentTimeline::currentTime):
        (WebCore::DocumentTimeline::timingModelDidChange): Ensure the invalidation timer is not rewound if the timeline
        is suspended.
        * animation/DocumentTimeline.h:
        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::setTimeline): When moving to a new timeline, ensure we match the new timeline's animation state.
        (WebCore::WebAnimation::setSuspended): Toggle the accelerated running state of any backing hardware animations when
        the suspension state of an animation changes.
        * animation/WebAnimation.h:
        (WebCore::WebAnimation::isSuspended const):
        * dom/Document.cpp:
        (WebCore::Document::didBecomeCurrentDocumentInFrame):
        (WebCore::Document::resume):
        * dom/Document.h:
        * history/CachedFrame.cpp:
        (WebCore::CachedFrameBase::restore):
        * page/Frame.cpp:
        (WebCore::Frame::clearTimers):
        * page/Page.cpp:
        (WebCore::Page::setIsVisibleInternal):
        (WebCore::Page::hiddenPageCSSAnimationSuspensionStateChanged):
        * testing/Internals.cpp:
        (WebCore::Internals::numberOfActiveAnimations const):
        (WebCore::Internals::animationsAreSuspended const):
        (WebCore::Internals::suspendAnimations const):
        (WebCore::Internals::resumeAnimations const):

2018-04-12  Antoine Quint  <graouts@apple.com>

        [Web Animations] Throttle animations when lowPowerMode is on
        https://bugs.webkit.org/show_bug.cgi?id=184540

        Reviewed by Jon Lee.

        Ensure animations are sampled at a lower frequency when lowPowerMode is on.

        * animation/DocumentTimeline.cpp:
        (WebCore::DocumentTimeline::updateThrottlingState):
        (WebCore::DocumentTimeline::animationInterval const):
        (WebCore::DocumentTimeline::updateAnimationSchedule):
        (WebCore::DocumentTimeline::scheduleAnimationResolution):
        * animation/DocumentTimeline.h:
        * page/Page.cpp:
        (WebCore::Page::handleLowModePowerChange):
        * testing/Internals.cpp:
        (WebCore::Internals::animationsInterval const):

2018-04-12  Antoine Quint  <graouts@apple.com>

        [Web Animations] Ensure elements overlapping with elements animating also get composited
        https://bugs.webkit.org/show_bug.cgi?id=184539

        Reviewed by Jon Lee.

        A number of compositing tests failed because we didn't call into the Web Animations engine while various calls
        on RenderLayer and RenderLayerBacking were made. We bring the functionality over from CSSAnimationController to
        DocumentTimeline and KeyframeAnimation to KeyframeEffectReadOnly.

        * animation/AnimationTimeline.cpp:
        (WebCore::AnimationTimeline::animationsForElement const): Update this method's signature to be const since it
        should be callable by other const method.
        (WebCore::AnimationTimeline::animationsForElement): Deleted.
        * animation/AnimationTimeline.h:
        * animation/DocumentTimeline.cpp:
        (WebCore::DocumentTimeline::computeExtentOfAnimation const): Adapt this method from CSSAnimationController.
        (WebCore::DocumentTimeline::isRunningAnimationOnRenderer const): Adapt this method from CSSAnimationController.
        (WebCore::DocumentTimeline::isRunningAcceleratedAnimationOnRenderer const): Adapt this method from CSSAnimationController.
        * animation/DocumentTimeline.h:
        * animation/KeyframeEffectReadOnly.cpp:
        (WebCore::KeyframeEffectReadOnly::computeExtentOfTransformAnimation const): Bring this method over from KeyframeAnimation.
        (WebCore::containsRotation): Bring this method over from KeyframeAnimation.
        (WebCore::KeyframeEffectReadOnly::computeTransformedExtentViaTransformList const): Bring this method over from KeyframeAnimation.
        (WebCore::KeyframeEffectReadOnly::computeTransformedExtentViaMatrix const): Bring this method over from KeyframeAnimation.
        * animation/KeyframeEffectReadOnly.h:
        (WebCore::KeyframeEffectReadOnly::animatedProperties const): DocumentTimeline::computeExtentOfAnimation() needs to get a list
        of all animated properties to see if a transform is animated, so we now expose such a list.
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::currentTransform const): Update this method to call into DocumentTimeline if the CSS Animations
        and CSS Transitions as Web Animations flag is on.
        (WebCore::RenderLayer::calculateClipRects const): Update this method to call into DocumentTimeline if the CSS Animations
        and CSS Transitions as Web Animations flag is on.
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateGeometry): Update this method to call into DocumentTimeline if the CSS Animations
        and CSS Transitions as Web Animations flag is on.
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::isRunningTransformAnimation const): Update this method to call into DocumentTimeline
        if the CSS Animations and CSS Transitions as Web Animations flag is on.
        * rendering/RenderObject.h:
        (WebCore::RenderObject::documentTimeline const):

2018-04-11  Antoine Quint  <graouts@apple.com>

        [Web Animations] Enable seeking for hardware animations
        https://bugs.webkit.org/show_bug.cgi?id=184518

        Reviewed by Dean Jackson.

        Hardware animations had lagged behind software animations in support and this patch bring their respective level
        of support closer to one another. Importantly, we add the ability to seek an animation added to a GraphicsLayerCA
        since many tests pause and seek animations to test their state. Animations may also have their playback state changed
        along with their current time in the same run loop, so we now maintain a list of pending processing actions for
        hardware animations.

        * animation/DocumentTimeline.cpp:
        (WebCore::DocumentTimeline::updateAnimationSchedule): If we have animations queued up for updates to their accelerated
        state we can schedule animation resolution immediately since we've already established we'll have work to do.
        (WebCore::DocumentTimeline::updateAnimations): Factor the updates of pending accelerated animations out in a dedicated
        method.
        (WebCore::DocumentTimeline::applyPendingAcceleratedAnimations): Go through all pending accelerated animations and update
        their state.
        * animation/KeyframeEffectReadOnly.cpp:
        (WebCore::KeyframeEffectReadOnly::setBlendingKeyframes): Update the m_shouldRunAccelerated flag when setting blending keyframes.
        (WebCore::KeyframeEffectReadOnly::apply): Ensure we finish accelerated animations if the progress is 1 or null (no longer active).
        start accelerated animations if the animation is starting and always resolve styles in software as well to ensure that
        hit testing will work as expected.
        (WebCore::KeyframeEffectReadOnly::computeShouldRunAccelerated):
        (WebCore::KeyframeEffectReadOnly::animationPlayStateDidChange): Called by WebAnimation when play() or pause() is called
        with the appropriate flag.
        (WebCore::KeyframeEffectReadOnly::animationDidSeek): Called by WebAnimation when the currentTime property is set.
        (WebCore::KeyframeEffectReadOnly::addPendingAcceleratedAction): Add the provided action to the list of pending accelerated
        actions and notify the animation that the accelerated state needs changing.
        (WebCore::KeyframeEffectReadOnly::applyPendingAcceleratedActions): Called by DocumentTimeline, through WebAnimation, to apply
        all pending accelerated actions.
        (WebCore::KeyframeEffectReadOnly::backingAnimationForCompositedRenderer const): If we're dealing with a declarative animation,
        we already have a backing Animation object, so use it directly. Otherwise, create one and ensure it reflects all timing properties
        for the animation.
        (WebCore::KeyframeEffectReadOnly::shouldRunAccelerated): Deleted.
        (WebCore::KeyframeEffectReadOnly::startOrStopAccelerated): Deleted.
        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::setCurrentTime): Call animationDidSeek() on the effect to ensure its accelerated animation gets seeked.
        (WebCore::WebAnimation::play): Call animationPlayStateDidChange() on the effect to ensure its accelerated animation is started or resumed.
        (WebCore::WebAnimation::pause): Call animationPlayStateDidChange() on the effect to ensure its accelerated animation gets paused.
        (WebCore::WebAnimation::acceleratedStateDidChange): 
        (WebCore::WebAnimation::applyPendingAcceleratedActions):
        (WebCore::WebAnimation::acceleratedRunningStateDidChange): Deleted.
        (WebCore::WebAnimation::startOrStopAccelerated): Deleted.
        * platform/graphics/GraphicsLayer.h:
        (WebCore::GraphicsLayer::seekAnimation):
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::addProcessingActionForAnimation): Add an AnimationProcessingAction to the list of such actions for a
        given animation name. In case we already have a Remove action, we ignore the action since the hardware animation will have been
        removed by the time we try to apply this processing action.
        (WebCore::GraphicsLayerCA::pauseAnimation): Add a Pause processing action.
        (WebCore::GraphicsLayerCA::seekAnimation): Add a Seek processing action.
        (WebCore::GraphicsLayerCA::removeAnimation): Add a Remove processing action.
        (WebCore::GraphicsLayerCA::updateAnimations): First ensure that all animations pending commit are committed and then update
        all animations based on the actions added through addProcessingActionForAnimation().
        (WebCore::GraphicsLayerCA::seekCAAnimationOnLayer): Generate a new animation based on the new seek time provided.
        * platform/graphics/ca/GraphicsLayerCA.h:
        (WebCore::GraphicsLayerCA::AnimationProcessingAction::AnimationProcessingAction):
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::animationSeeked):
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::animationSeeked):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::requiresCompositingForAnimation const): Fix an issue where we would run the CSSAnimationController
        logic even when the legacy animation engine was disabled.

2018-04-12  Xabier Rodriguez Calvar  <calvaris@igalia.com>

        Unreviewed, fix GStreamer builds

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::handleMessage): We were
        passing a String to a GST_WARNING call.

2018-04-11  Chris Dumez  <cdumez@apple.com>

        input.webkitEntries does not work as expected when folder contains accented chars
        https://bugs.webkit.org/show_bug.cgi?id=184517
        <rdar://problem/39265537>

        Reviewed by Ryosuke Niwa.

        Use String::fromUTF8() to construct a WTF String from the char* returned by
        dirname() in FileSystem::directoryName(). Previously, we were just calling
        the String constructor, which would treat the input as latin 1 instead of
        UTF-8.

        Test: fast/forms/file/entries-api/webkitEntries-nonascii-folder-name.html

        * platform/posix/FileSystemPOSIX.cpp:
        (WebCore::FileSystem::directoryName):

2018-04-11  Youenn Fablet  <youenn@apple.com>

        Preventively expect UTF8 strings from libwebrtc SDP and error messages
        https://bugs.webkit.org/show_bug.cgi?id=184509

        Reviewed by Eric Carlson.

        Make WebCore code expect any libwebrtc string to contain UTF-8.
        Currently SDPs do not contain any UTF-8 specific character
        but https://tools.ietf.org/html/rfc4566 allows it.

        Add Internals API to set track id so that we can inject UTF-8 inside some WebRTC tests.
        Test: webrtc/utf8-sdp.html

        * Modules/mediastream/MediaStreamTrack.h:
        (WebCore::MediaStreamTrack::setIdForTesting):
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::fromStdString):
        (WebCore::fromSessionDescription):
        (WebCore::LibWebRTCMediaEndpoint::doSetLocalDescription):
        (WebCore::LibWebRTCMediaEndpoint::doSetRemoteDescription):
        (WebCore::LibWebRTCMediaEndpoint::mediaStreamFromRTCStream):
        (WebCore::LibWebRTCMediaEndpoint::addRemoteTrack):
        (WebCore::LibWebRTCMediaEndpoint::addDataChannel):
        (WebCore::LibWebRTCMediaEndpoint::OnIceCandidate):
        (WebCore::LibWebRTCMediaEndpoint::createSessionDescriptionSucceeded):
        (WebCore::LibWebRTCMediaEndpoint::createSessionDescriptionFailed):
        (WebCore::LibWebRTCMediaEndpoint::setLocalSessionDescriptionFailed):
        (WebCore::LibWebRTCMediaEndpoint::setRemoteSessionDescriptionFailed):
        (WebCore::trackId): Deleted.
        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
        (WebCore::fromStdString):
        (WebCore::LibWebRTCPeerConnectionBackend::doAddIceCandidate):
        (WebCore::createReceiverForSource):
        * platform/mediastream/MediaStreamTrackPrivate.h:
        (WebCore::MediaStreamTrackPrivate::setIdForTesting):
        * testing/Internals.cpp:
        (WebCore::Internals::setMediaStreamTrackIdentifier):
        * testing/Internals.h:
        * testing/Internals.idl:

2018-04-11  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Cache glyphs (using display lists) when painting at high frequency
        https://bugs.webkit.org/show_bug.cgi?id=178750
        <rdar://problem/35201729>

        Reviewed by Antti Koivisto.

        This patch adds support for caching of glyph drawing commands when painting
        at high frequency. Caching the glyph drawing will be done using DisplayLists.

        GlyphDisplayListCache is basically a hash map which maps InlineTextBox
        or SimpleLineLayout::Run to DisplayList. Before adding a new entry to it
        we have to check whether the conditions for caching the glyph DisplayList
        are met or not. If no entry is found for a given run, a new DisplayList
        is created and a new entry is add to the cache.

        * WebCore.xcodeproj/project.pbxproj:
        * page/MemoryRelease.cpp:
        (WebCore::releaseNoncriticalMemory): Make GlyphDisplayListCache respond
        to memory pressure.

        * platform/graphics/FontCascade.cpp:
        (WebCore::FontCascade::displayListForTextRun const):
        * platform/graphics/FontCascade.h:
        (WebCore::FontCascade::displayListForTextRun):
        Record the drawing of a glyph run into a DisplayList.

        * rendering/GlyphDisplayListCache.h: Added.
        (WebCore::GlyphDisplayListCache::singleton):
        (WebCore::GlyphDisplayListCache::get):
        (WebCore::GlyphDisplayListCache::remove):
        (WebCore::GlyphDisplayListCache::clear):
        (WebCore::GlyphDisplayListCache::size const):
        (WebCore::GlyphDisplayListCache::sizeInBytes const):
        A simple cache for the TextRun DisplayList. Adding a new entry in the
        cache happens under restricted conditions. So this cache is not expected
        to grow much.

        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::~InlineTextBox):
        (WebCore::InlineTextBox::paint):
        (WebCore::InlineTextBox::paintMarkedTexts):
        (WebCore::InlineTextBox::paintMarkedTextBackground):
        (WebCore::InlineTextBox::paintMarkedTextForeground):
        (WebCore::InlineTextBox::paintMarkedTextDecoration):
        (WebCore::InlineTextBox::paintCompositionBackground):
        (WebCore::InlineTextBox::paintCompositionUnderlines const):
        (WebCore::InlineTextBox::paintCompositionUnderline const):
        * rendering/InlineTextBox.h:
        (WebCore::InlineTextBox::paintMarkedTexts):
        InlineTextBox::paintMarkedTextForeground() now requires PaintInfo to know
        whether the entry in the GlyphDisplayListCache should be removed or not.
        Change all the GraphicsContext arguments to be PaintInfo.

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::Layout::~Layout):
        * rendering/SimpleLineLayout.h:
        * rendering/SimpleLineLayoutFunctions.cpp:
        (WebCore::SimpleLineLayout::paintFlow):
        (WebCore::SimpleLineLayout::simpleLineLayoutWillBeDeleted):
        * rendering/SimpleLineLayoutFunctions.h:
        * rendering/SimpleLineLayoutResolver.h:
        (WebCore::SimpleLineLayout::RunResolver::Run::simpleRun const):
        Implement the glyph caching for SimpleLineLayout::Run.

        * rendering/TextPainter.cpp:
        (WebCore::TextPainter::paintTextOrEmphasisMarks): If the DisplayList is
        available, replay it back into the GraphicsContext. Make sure to reset to
        the DisplayList pointer to nullptr after painting.

        (WebCore::TextPainter::clearGlyphDisplayLists):
        (WebCore::TextPainter::shouldUseGlyphDisplayList): Check whether we should
        use DisplayList to the draw glyph run.

        * rendering/TextPainter.h:
        (WebCore::TextPainter::setGlyphDisplayListIfNeeded): Check whether we should
        should use DisplayList to the draw glyph run and if we should, ensure first
        the DisplayList is cached and set it in the TextPainter so it uses it when
        the run is painted.

        (WebCore::TextPainter::removeGlyphDisplayList): Remove the cached DisplayList
        entry for a glyph layout run.

2018-04-11  Brent Fulgham  <bfulgham@apple.com>

        GraphicsLayerCA::createPlatformCALayer always disables extended color in its backing store
        https://bugs.webkit.org/show_bug.cgi?id=184367
        <rdar://problem/39249074>

        Reviewed by Simon Fraser.

        'createPlatformCALayer' always passes a nil widget, which early returns from 'screenSupportsExtendedColor'
        with false. Instead, we should just pass the widget (nil or not) to the screen properties methods,
        which will use the primary screen if no screen is specified. I.e., we shouldn't do an early return
        here if the passed widget is nil.

        * platform/mac/PlatformScreenMac.mm:
        (WebCore::screenSupportsExtendedColor):

2018-04-11  Youenn Fablet  <youenn@apple.com>

        Pass FetchOptions and SecurityOrigin as load parameters from WebProcess to NetworkProcess
        https://bugs.webkit.org/show_bug.cgi?id=184374

        Reviewed by Chris Dumez.

        Add support for SecurityOrigin encode/decode routines.

        * page/SecurityOrigin.h:

2018-04-11  Thibault Saunier  <tsaunier@igalia.com>

        [GStreamer] Use of playbin3 when USE_PLAYBIN3 environment variable is set
        https://bugs.webkit.org/show_bug.cgi?id=184498

        Reviewed by Philippe Normand.

        [GStreamer] Use of playbin3 when USE_PLAYBIN3 environment variable is set

        This is the same behaviour as with playbin itself.

        Make sure to keep using "playbin" for MediaSource.

        No test added as this is basically a small rework of the way we expose a feature.

        * platform/graphics/gstreamer/AudioTrackPrivateGStreamer.cpp:
        * platform/graphics/gstreamer/AudioTrackPrivateGStreamer.h:
        * platform/graphics/gstreamer/GRefPtrGStreamer.cpp:
        * platform/graphics/gstreamer/GRefPtrGStreamer.h:
        * platform/graphics/gstreamer/InbandTextTrackPrivateGStreamer.cpp:
        * platform/graphics/gstreamer/InbandTextTrackPrivateGStreamer.h:
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::load):
        (WebCore::MediaPlayerPrivateGStreamer::enableTrack):
        (WebCore::MediaPlayerPrivateGStreamer::handleMessage):
        (WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
        * platform/graphics/gstreamer/TrackPrivateBaseGStreamer.cpp:
        (WebCore::TrackPrivateBaseGStreamer::disconnect):
        (WebCore::TrackPrivateBaseGStreamer::tagsChanged):
        * platform/graphics/gstreamer/TrackPrivateBaseGStreamer.h:
        * platform/graphics/gstreamer/VideoTrackPrivateGStreamer.cpp:
        * platform/graphics/gstreamer/VideoTrackPrivateGStreamer.h:

2018-04-10  Alex Christensen  <achristensen@webkit.org>

        IDN spoofing with Hebrew combining characters
        https://bugs.webkit.org/show_bug.cgi?id=184472
        <rdar://problem/39148687>

        Reviewed by Brent Fulgham.

        Covered by new API tests.

        * platform/mac/WebCoreNSURLExtras.mm:
        (WebCore::isLookalikeCharacter):
        Punycode-encode hosts with Hebrew combining marks that look like dots
        and Vav with a combining dot above like we do with dotless i and j.

2018-04-11  Brent Fulgham  <bfulgham@apple.com>

        Show punycode if URL contains Latin dum character
        https://bugs.webkit.org/show_bug.cgi?id=184477
        <rdar://problem/39121999>

        Reviewed by David Kilzer.

        Revise our "lookalike character" logic to include the small
        Latin dum character.

        Test: fast/url/host.html

        * platform/mac/WebCoreNSURLExtras.mm:
        (WebCore::isLookalikeCharacter):

2018-04-11  Michael Catanzaro  <mcatanzaro@igalia.com>

        [GTK] WaylandCompositorDisplay leaks its wl_display
        https://bugs.webkit.org/show_bug.cgi?id=184406

        Reviewed by Carlos Garcia Campos.

        Well, this was harder than expected. We really just want to fix a small leak in the WebKit
        layer, but that requires a change in how WaylandCompositorDisplay calls the
        PlatformDisplayWayland constructor, to pass NativeDisplayOwned::Yes. That means
        WaylandCompositorDisplay can no longer use PlatformDisplayWayland's protected default
        constructor. Problem is that the normal PlatformDisplayWayland constructor calls
        PlatformDisplayWayland::initialize, which calls PlatformDisplayWayland::registryGlobal,
        which is a virtual function. The WaylandCompositorDisplay portion of the object is not
        constructed yet at this point, so WaylandCompositorDisplay::registryGlobal will never be
        called if we do that. I had to revert the previous version of this fix due to this problem.
        It had broken accelerated compositing.

        I'm reminded of Effective C++ item #9: Never call virtual functions during construction or
        destruction ("because such calls will never go to a more derived class than that of the
        currently executing constructor or destructor"). This code is fragile and likely to break
        again in the future, so let's refactor it a bit. Instead of calling initialize in the
        constructor, we'll call it from create functions. We'll have to add a couple create
        functions, and make the constructor protected to ensure it's not possible to create a
        PlatformDisplayWayland without initializing it. For good parallelism, do the same for the
        other PlatformDisplay classes.

        This commit additionally removes PlatformDisplayWayland's protected default constructor,
        since it's not needed anymore.

        The NativeDisplayOwned arguments to the PlatformDisplay constructors are now mandatory,
        instead of using NativeDisplayOwned::No as the default value, since that was dangerously
        close to being the cause of this leak, and the constructors are now accessed from private
        create functions anyway. Some more caution when using default parameter values is warranted
        in the future.

        Lastly, since we have to change PlatformDisplay::createPlatformDisplay to use the new create
        functions, take the opportunity to move things around a bit for clarity. There should be no
        change in behavior. I was just disappointed that the PlatformDisplayWPE creation was at the
        bottom of the function, after a comment indicating that normal display creation has failed,
        which is not the case for WPE.

        This all might have been a bit overkill, since the leak could probably have been fixed by
        passing nullptr to the PlatformDisplayWayland constructor for the wl_display and not
        removing WaylandCompositorDisplay's call to PlatformDisplayWayland::initialize. But the
        correctness of that code would then rely on implementation details of initialize, so this
        refactor seems better.

        No new tests since there *should* be no behavior change. Then again, I'm touching
        PlatformDisplay, and history shows we don't have the greatest track record of touching this
        code without introducing problems.

        * platform/graphics/PlatformDisplay.cpp:
        (WebCore::PlatformDisplay::createPlatformDisplay):
        * platform/graphics/PlatformDisplay.h:
        * platform/graphics/wayland/PlatformDisplayWayland.cpp:
        (WebCore::PlatformDisplayWayland::create):
        (WebCore::PlatformDisplayWayland::create):
        (WebCore::PlatformDisplayWayland::createHeadless):
        (WebCore::PlatformDisplayWayland::PlatformDisplayWayland):
        (WebCore::PlatformDisplayWayland::initialize):
        * platform/graphics/wayland/PlatformDisplayWayland.h:
        * platform/graphics/win/PlatformDisplayWin.h:
        * platform/graphics/wpe/PlatformDisplayWPE.cpp:
        (WebCore::create):
        * platform/graphics/wpe/PlatformDisplayWPE.h:
        * platform/graphics/x11/PlatformDisplayX11.cpp:
        (WebCore::PlatformDisplayX11::create):
        (WebCore::PlatformDisplayX11::create):
        (WebCore::PlatformDisplayX11::createHeadless):
        * platform/graphics/x11/PlatformDisplayX11.h:

2018-04-11  Jianjun Zhu  <jianjun.zhu@intel.com>

        Fix a WebRTC data channel issue for non-ASCII characters.

        At the sender side, buffer size are calulcated after UTF8 encoding. At the
        receiver side, strings are constructed with UTF8 data.

        https://bugs.webkit.org/show_bug.cgi?id=184481

        Reviewed by Youenn Fablet.

        Updated test:
        LayoutTests/imported/w3c/web-platform-tests/webrtc/RTCDataChannel-send-expected.txt

        * Modules/mediastream/libwebrtc/LibWebRTCDataChannelHandler.cpp:
        (WebCore::LibWebRTCDataChannelHandler::sendStringData):
        (WebCore::LibWebRTCDataChannelHandler::OnMessage):

2018-04-11  Antti Koivisto  <antti@apple.com>

        ImageFrame type used by non-Cocoa image decoder should not be the same as that used by ImageSource
        https://bugs.webkit.org/show_bug.cgi?id=184418

        Reviewed by Said Abou-Hallawa.

        ScalableImageDecoder uses ImageFrame class which is meant to be an implementation detail of ImageSource.
        There are bunch of fields and methods in the type that are only used by one or the other client. For hackability
        there should be an unrelated frame type for ScalableImageDecoder.

        This patch adds ScalableImageDecoderFrame type used in ScalableImageDecoder only. It then cleans up
        unneeded things from both ImageFrame and ScalableImageDecoderFrame.

        * platform/ImageDecoders.cmake:
        * platform/graphics/ImageFrame.cpp:
        (WebCore::ImageFrame::operator=):
        (WebCore::ImageFrame::clearImage):
        (WebCore::ImageFrame::size const):
        (WebCore::ImageFrame::initialize): Deleted.
        * platform/graphics/ImageFrame.h:
        (WebCore::ImageFrame::setDisposalMethod): Deleted.
        (WebCore::ImageFrame::disposalMethod const): Deleted.
        (WebCore::ImageFrame::backingStore const): Deleted.
        (WebCore::ImageFrame::hasBackingStore const): Deleted.
        * platform/image-decoders/ScalableImageDecoder.cpp:
        (WebCore::ScalableImageDecoder::frameIsCompleteAtIndex const):
        (WebCore::ScalableImageDecoder::frameDurationAtIndex const):
        (WebCore::ScalableImageDecoder::createFrameImageAtIndex):
        * platform/image-decoders/ScalableImageDecoder.h:
        * platform/image-decoders/ScalableImageDecoderFrame.cpp: Copied from Source/WebCore/platform/graphics/ImageFrame.cpp.
        (WebCore::ScalableImageDecoderFrame::ScalableImageDecoderFrame):
        (WebCore::ScalableImageDecoderFrame::~ScalableImageDecoderFrame):
        (WebCore::ScalableImageDecoderFrame::operator=):
        (WebCore::ScalableImageDecoderFrame::setDecodingStatus):
        (WebCore::ScalableImageDecoderFrame::decodingStatus const):
        (WebCore::ScalableImageDecoderFrame::clearImage):
        (WebCore::ScalableImageDecoderFrame::clear):
        (WebCore::ScalableImageDecoderFrame::initialize):
        (WebCore::ScalableImageDecoderFrame::size const):
        (WebCore::ImageFrame::ImageFrame): Deleted.
        (WebCore::ImageFrame::~ImageFrame): Deleted.
        (WebCore::ImageFrame::defaultFrame): Deleted.
        (WebCore::ImageFrame::operator=): Deleted.
        (WebCore::ImageFrame::setDecodingStatus): Deleted.
        (WebCore::ImageFrame::decodingStatus const): Deleted.
        (WebCore::ImageFrame::clearImage): Deleted.
        (WebCore::ImageFrame::clear): Deleted.
        (WebCore::ImageFrame::initialize): Deleted.
        (WebCore::ImageFrame::size const): Deleted.
        (WebCore::ImageFrame::hasNativeImage const): Deleted.
        (WebCore::ImageFrame::hasFullSizeNativeImage const): Deleted.
        (WebCore::ImageFrame::hasDecodedNativeImageCompatibleWithOptions const): Deleted.
        (WebCore::ImageFrame::singlePixelSolidColor const): Deleted.
        * platform/image-decoders/ScalableImageDecoderFrame.h: Copied from Source/WebCore/platform/graphics/ImageFrame.h.
        (WebCore::ScalableImageDecoderFrame::ScalableImageDecoderFrame):
        (WebCore::ScalableImageDecoderFrame::disposalMethod const):
        (WebCore::ScalableImageDecoderFrame::hasAlpha const):
        (WebCore::ScalableImageDecoderFrame::hasBackingStore const):
        (WebCore::ImageFrame::ImageFrame): Deleted.
        (WebCore::ImageFrame::isInvalid const): Deleted.
        (WebCore::ImageFrame::isPartial const): Deleted.
        (WebCore::ImageFrame::isComplete const): Deleted.
        (WebCore::ImageFrame::sizeRespectingOrientation const): Deleted.
        (WebCore::ImageFrame::frameBytes const): Deleted.
        (WebCore::ImageFrame::subsamplingLevel const): Deleted.
        (WebCore::ImageFrame::setDisposalMethod): Deleted.
        (WebCore::ImageFrame::disposalMethod const): Deleted.
        (WebCore::ImageFrame::nativeImage const): Deleted.
        (WebCore::ImageFrame::setOrientation): Deleted.
        (WebCore::ImageFrame::orientation const): Deleted.
        (WebCore::ImageFrame::setDuration): Deleted.
        (WebCore::ImageFrame::duration const): Deleted.
        (WebCore::ImageFrame::setHasAlpha): Deleted.
        (WebCore::ImageFrame::hasAlpha const): Deleted.
        (WebCore::ImageFrame::hasNativeImage): Deleted.
        (WebCore::ImageFrame::hasFullSizeNativeImage): Deleted.
        (WebCore::ImageFrame::hasMetadata const): Deleted.
        (WebCore::ImageFrame::backingStore const): Deleted.
        (WebCore::ImageFrame::hasBackingStore const): Deleted.
        * platform/image-decoders/bmp/BMPImageDecoder.cpp:
        (WebCore::BMPImageDecoder::frameBufferAtIndex):
        * platform/image-decoders/bmp/BMPImageDecoder.h:
        * platform/image-decoders/bmp/BMPImageReader.h:
        (WebCore::BMPImageReader::setBuffer):
        * platform/image-decoders/gif/GIFImageDecoder.cpp:
        (WebCore::GIFImageDecoder::findFirstRequiredFrameToDecode):
        (WebCore::GIFImageDecoder::frameBufferAtIndex):
        (WebCore::GIFImageDecoder::clearFrameBufferCache):
        (WebCore::GIFImageDecoder::haveDecodedRow):
        (WebCore::GIFImageDecoder::frameComplete):
        (WebCore::GIFImageDecoder::initFrameBuffer):
        * platform/image-decoders/gif/GIFImageDecoder.h:
        * platform/image-decoders/gif/GIFImageReader.cpp:
        (GIFImageReader::parse):
        * platform/image-decoders/gif/GIFImageReader.h:
        (GIFFrameContext::GIFFrameContext):
        * platform/image-decoders/ico/ICOImageDecoder.cpp:
        (WebCore::ICOImageDecoder::frameBufferAtIndex):
        * platform/image-decoders/ico/ICOImageDecoder.h:
        * platform/image-decoders/jpeg/JPEGImageDecoder.cpp:
        (WebCore::JPEGImageDecoder::frameBufferAtIndex):
        (WebCore::setPixel):
        (WebCore::JPEGImageDecoder::outputScanlines):
        (WebCore::JPEGImageDecoder::jpegComplete):
        * platform/image-decoders/jpeg/JPEGImageDecoder.h:
        * platform/image-decoders/png/PNGImageDecoder.cpp:
        (WebCore::PNGImageDecoder::frameBufferAtIndex):
        (WebCore::PNGImageDecoder::rowAvailable):
        (WebCore::PNGImageDecoder::readChunks):
        (WebCore::PNGImageDecoder::clearFrameBufferCache):
        (WebCore::PNGImageDecoder::initFrameBuffer):
        (WebCore::PNGImageDecoder::frameComplete):
        * platform/image-decoders/png/PNGImageDecoder.h:
        * platform/image-decoders/webp/WEBPImageDecoder.cpp:
        (WebCore::WEBPImageDecoder::frameBufferAtIndex):
        (WebCore::WEBPImageDecoder::findFirstRequiredFrameToDecode):
        (WebCore::WEBPImageDecoder::decodeFrame):
        (WebCore::WEBPImageDecoder::initFrameBuffer):
        (WebCore::WEBPImageDecoder::applyPostProcessing):
        (WebCore::WEBPImageDecoder::clearFrameBufferCache):
        * platform/image-decoders/webp/WEBPImageDecoder.h:

2018-04-11  Antoine Quint  <graouts@apple.com>

        [Web Animations] Turn Web Animations on by default
        https://bugs.webkit.org/show_bug.cgi?id=184491

        Reviewed by Simon Fraser.

        * page/RuntimeEnabledFeatures.h:

2018-04-11  Ryosuke Niwa  <rniwa@webkit.org>

        Fix warning in HashTools.h for newer versions of clang
        https://bugs.webkit.org/show_bug.cgi?id=184489

        Reviewed by Alexey Proskuryakov.

        Removed "register" storage class specififer as it has been deprecated in C++11.

        * platform/HashTools.h:

2018-04-10  Wenson Hsieh  <wenson_hsieh@apple.com>

        FrameSelection::appearanceUpdateTimerFired should be robust against layout passes underneath it
        https://bugs.webkit.org/show_bug.cgi?id=183395
        <rdar://problem/38055732>

        Reviewed by Zalan Bujtas.

        In the case where a FrameSelection updates its appearance when m_appearanceUpdateTimer is fired, the
        FrameSelection's Frame is unprotected, and can be removed by arbitrary script. This patch applies a simple
        mitigation by wrapping the Frame in a Ref when firing the appearance update timer.

        Test: editing/selection/iframe-update-selection-appearance.html

        * editing/FrameSelection.cpp:
        (WebCore::FrameSelection::appearanceUpdateTimerFired):

2018-04-10  Brent Fulgham  <bfulgham@apple.com>

        Unreviewed follow-up to r230468.

        Switch some RELEASE_ASSERTs in hot codepaths to normal DEBUG asserts.

        * page/mac/EventHandlerMac.mm:
        (WebCore::lastEventIsMouseUp):
        (WebCore::EventHandler::sendFakeEventsAfterWidgetTracking):
        * platform/mac/EventLoopMac.mm:
        (WebCore::EventLoop::cycle):

2018-04-10  Wenson Hsieh  <wenson_hsieh@apple.com>

        Unreviewed, fix the iOS build

        I accidentally exported an inline function in r230506.

        * page/ViewportConfiguration.h:
        (WebCore::ViewportConfiguration::viewSize const):

2018-04-10  Nan Wang  <n_wang@apple.com>

        AX: Expose strong password fields on iOS
        https://bugs.webkit.org/show_bug.cgi?id=184465
        <rdar://problem/39325104>

        Reviewed by Chris Fleizach.

        Exposed the strong password field on iOS. And made sure
        we are returning its actual value in accessibilityValue.

        Test: accessibility/ios-simulator/strong-password-field.html

        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper _accessibilityIsStrongPasswordField]):
        (-[WebAccessibilityObjectWrapper accessibilityValue]):

2018-04-10  Fujii Hironori  <Hironori.Fujii@sony.com>

        [Win] Add UserAgentWin.cpp
        https://bugs.webkit.org/show_bug.cgi?id=184438

        Reviewed by Michael Catanzaro.

        No new tests (No behavior change).

        * PlatformWin.cmake:
        * platform/win/UserAgentWin.cpp: Added.
        (WebCore::standardUserAgent):
        (WebCore::standardUserAgentForURL):

2018-04-10  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Extra zoom mode] Add a mechanism to zoom to fixed scales when double tapping in extra zoom mode
        https://bugs.webkit.org/show_bug.cgi?id=184435
        <rdar://problem/38726260>

        Reviewed by Dean Jackson.

        Expose the size of the platform view. By default, in extra zoom mode, this *not* the same as the minimum layout
        size, since we lay out at a large width and then shrink down to real device dimensions when computing the
        initial scale (see r229063).

        ViewGestureGeometryCollector uses this in the process of computing a target zoom scale when double tapping.

        * page/ViewportConfiguration.h:
        (WebCore::ViewportConfiguration::viewSize const):

2018-04-10  Fujii Hironori  <Hironori.Fujii@sony.com>

        [Win][WebKit] LibWebRTCProvider::webRTCAvailable is an undefined symbol
        https://bugs.webkit.org/show_bug.cgi?id=184437

        Reviewed by Michael Catanzaro.

        No new tests (No behavior change).

        * PlatformWin.cmake: Added LibWebRTCProviderWin.cpp.
        * platform/mediastream/libwebrtc/LibWebRTCProviderWin.cpp: Added.
        (WebCore::LibWebRTCProvider::webRTCAvailable):

2018-04-10  Chris Dumez  <cdumez@apple.com>

        Unreviewed build fix.

        Those enum value names were too generic and would cause conflicts.

        * Modules/webvr/VRDisplayCapabilities.h:
        (WebCore::VRDisplayCapabilities::hasPosition const):
        (WebCore::VRDisplayCapabilities::hasOrientation const):
        (WebCore::VRDisplayCapabilities::hasExternalDisplay const):
        (WebCore::VRDisplayCapabilities::canPresent const):
        * platform/vr/VRPlatformDisplay.h:
        * platform/vr/openvr/VRPlatformDisplayOpenVR.cpp:
        (WebCore::VRPlatformDisplayOpenVR::VRPlatformDisplayOpenVR):

2018-04-10  Chris Dumez  <cdumez@apple.com>

        Avoid constructing a service worker RegistrationStore for private sessions
        https://bugs.webkit.org/show_bug.cgi?id=184463
        <rdar://problem/36613948>

        Reviewed by Youenn Fablet.

        Avoid constructing a service worker RegistrationStore for private sessions since there
        is no need for persistence and the registrationDatabaseDirectory is the empty string in
        such cases.

        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::removeRegistration):
        (WebCore::SWServer::clearAll):
        (WebCore::SWServer::clear):
        (WebCore::SWServer::SWServer):
        (WebCore::SWServer::didFinishActivation):
        * workers/service/server/SWServer.h:

2018-04-10  Chris Dumez  <cdumez@apple.com>

        Unreviewed build fix.

        * page/LayoutContext.cpp:
        (WebCore::LayoutContext::~LayoutContext):
        * page/LayoutContext.h:

2018-04-10  Jeremy Jones  <jeremyj@apple.com>

        MediaSessionManageriOS should defer creation of MPVolumeView until it needs to monitor AirPlay routes
        https://bugs.webkit.org/show_bug.cgi?id=184373
        <rdar://problem/35177606>

        Reviewed by Eric Carlson.

        No change of behavior.

        This delays the creation of MPVolumeView until airplay routes are monitored.
        MPVolumeView is now also released when monitoring ends. 
        This makes sure the MP* objects are only accessed from a UI safe thread. WebCore's "MainThread" may be different that the UI thread.
        Since this state change is necessarily asynchronous, starting and stopping must prevent races to keep state coherent.

        * platform/audio/ios/MediaSessionManagerIOS.mm:
        (-[WebMediaSessionHelper initWithCallback:]):
        (-[WebMediaSessionHelper dealloc]):
        (-[WebMediaSessionHelper startMonitoringAirPlayRoutes]):
        (-[WebMediaSessionHelper stopMonitoringAirPlayRoutes]):
        (-[WebMediaSessionHelper allocateVolumeView]): Deleted.
        (-[WebMediaSessionHelper setVolumeView:]): Deleted.

2018-04-10  Sihui Liu  <sihui_liu@apple.com>

        Loading of multipart response was cancelled because of content policy set in WebFrameLoaderClient::dispatchDecidePolicyForResponse
        https://bugs.webkit.org/show_bug.cgi?id=184268
        <rdar://problem/39144446>

        Reviewed by Chris Dumez.

        The assertion is no longer true after the change, because multiple resources could have same
        url. Used if condition here to make sure we only delete specified resource.

        No new tests. Updated an existing test to test the stop loading case by not using injected 
        bundle policy: http/tests/multipart/multipart-html.php.

        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::removeCachedResource):

2018-04-10  Zalan Bujtas  <zalan@apple.com>

        Do not layout images when we only need the overflow information.
        https://bugs.webkit.org/show_bug.cgi?id=175331

        Reviewed by Simon Fraser.

        This improves MotionMark's Simple Leaves by ~10%. 

        Covered by existing tests.

        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::layout):

2018-04-10  Zan Dobersek  <zdobersek@igalia.com>

        [TexMap] TextureMapperLayer unnecessarily duplicates state in GraphicsLayerTransform
        https://bugs.webkit.org/show_bug.cgi?id=183868

        Reviewed by Carlos Garcia Campos.

        Drop the GraphicsLayerTransform member variable from TextureMapperLayer
        and instead compute all the required transform information in the
        computeTransformsRecursive() method. These computations are not too
        expensive, and in turn we can drop an object from this class' state that
        was only duplicating a bunch of state variables.

        No new tests -- no change in functionality.

        * platform/graphics/texmap/TextureMapperLayer.cpp:
        (WebCore::TextureMapperLayer::computeTransformsRecursive):
        (WebCore::TextureMapperLayer::paintSelf):
        (WebCore::TextureMapperLayer::paintSelfAndChildren):
        (WebCore::TextureMapperLayer::paintSelfAndChildrenWithReplica):
        (WebCore::TextureMapperLayer::replicaTransform):
        (WebCore::TextureMapperLayer::computeOverlapRegions):
        (WebCore::TextureMapperLayer::setPosition):
        (WebCore::TextureMapperLayer::setSize):
        (WebCore::TextureMapperLayer::setAnchorPoint):
        (WebCore::TextureMapperLayer::setPreserves3D):
        (WebCore::TextureMapperLayer::setTransform):
        (WebCore::TextureMapperLayer::setChildrenTransform):
        (WebCore::TextureMapperLayer::syncAnimations):
        (WebCore::TextureMapperLayer::setScrollPositionDeltaIfNeeded):
        * platform/graphics/texmap/TextureMapperLayer.h:

2018-04-09  Brent Fulgham  <bfulgham@apple.com>

        Add ProcessPrivilege assertions to places that access NSApp
        https://bugs.webkit.org/show_bug.cgi?id=184322
        <rdar://problem/39194560>

        Reviewed by Per Arne Vollan.

        Add ProcessPrivilege assertions to places where we interact with NSApp so
        that we can prevent accidentally using them in the WebContent process.

        * page/mac/EventHandlerMac.mm:
        (WebCore::lastEventIsMouseUp):
        (WebCore::EventHandler::sendFakeEventsAfterWidgetTracking):
        * platform/mac/EventLoopMac.mm:
        (WebCore::EventLoop::cycle):
        * platform/mac/PasteboardMac.mm:
        (WebCore::Pasteboard::setDragImage):

2018-04-09  John Wilander  <wilander@apple.com>

        Refactor Ignore HSTS code
        https://bugs.webkit.org/show_bug.cgi?id=184433
        <rdar://problem/39298238>

        Reviewed by Darin Adler.

        This patch refactors our ignore HSTS code. The convenience functions are moved
        out of CFNetwork SPI in PAL, and into where they are used. It also switches
        from performSelector: calls to straight function calls, after checking that
        there is a responder.

        * platform/network/mac/WebCoreURLResponse.mm:
        (WebCore::schemeWasUpgradedDueToDynamicHSTS):
            Add convenience function here since it was moved out of
            CFNetworkSPI.h.

2018-04-09  Brady Eidson  <beidson@apple.com>

        Expand WebCore policy concept of "shouldContinue" to allow for more than true/false
        https://bugs.webkit.org/show_bug.cgi?id=184424

        Reviewed by Alex Christensen.

        No new tests (No behavior change, refactor only)

        Specifically this expands the "shouldContinue" bool to be an enum class with:
        -Yes
        -No
        -ForSuspension

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::willSendRequest):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadURL):
        (WebCore::FrameLoader::load):
        (WebCore::FrameLoader::loadWithDocumentLoader):
        (WebCore::FrameLoader::loadPostRequest):
        (WebCore::FrameLoader::continueLoadAfterNavigationPolicy):
        (WebCore::FrameLoader::continueLoadAfterNewWindowPolicy):
        * loader/FrameLoader.h:
        * loader/PolicyChecker.cpp:
        (WebCore::PolicyChecker::checkNavigationPolicy):
        (WebCore::PolicyChecker::checkNewWindowPolicy):
        * loader/PolicyChecker.h:

2018-04-09  Sihui Liu  <sihui_liu@apple.com>

        REGRESSION(r229929): localStorage is broken for WebInspector
        https://bugs.webkit.org/show_bug.cgi?id=184382
        <rdar://problem/39257355>

        Reviewed by Chris Dumez.

        Removed an if condition that caused false positive cases of database error. As per 
        https://www.sqlite.org/c3ref/errcode.html, return value of sqlite3_errcode() is undefined
        on successful API call, so we should not use the code to check if there is an error. We
        should only use it when there is an error.
        After moving this condition, LocalStorage might return empty string instead of NULL on
        sqlite3_column_blob() error.

        Modified a test to cover this case: 
        TestWebKitAPI/Tests/WebKitCocoa/LocalStoragePersistence.mm.

        * platform/sql/SQLiteStatement.cpp:
        (WebCore::SQLiteStatement::getColumnBlobAsString):

2018-04-09  Brent Fulgham  <bfulgham@apple.com>

        WebCore::EventHandler::targetPositionInWindowForSelectionAutoscroll is directly accessing NSScreen
        https://bugs.webkit.org/show_bug.cgi?id=184344
        <rdar://problem/39224969>

        Reviewed by Per Arne Vollan.

        The implementation of targetPositionInWindowForSelectionAutoscroll uses the display ID to get the
        screen boundaries of the current display. This causes a bunch of interaction with NSScreen that
        we do not want to allow in the WebContent process.

        Instead, we should just use the cached screen information the WebContent process already possesses.

        This patch makes the following changes:
        1. We now retrieve the screen rect of the page's display from the cache, rather than interacting with
           the WindowServer directly.
        2. Add a new 'toUserSpaceForPrimaryScreen' so we don't have to deal with a nil NSWindow when computing
           the user space version of the coordinates. A nil Window just means we want to get coordinates in
           terms of the primary display.
        3. Keep track of the primary display so we can refer to it later.
        4. Modify the IPC messages to include the primary display's ID so we can easily access it later.
        5. Modify the PlatformScreen methods to actually use the primary display when appropriate, rather
           than whichever screen happened to hash to the lowest value.

        * page/mac/EventHandlerMac.mm:
        (WebCore::EventHandler::targetPositionInWindowForSelectionAutoscroll const): Use new methods that
        don't require WindowServer access.
        * platform/PlatformScreen.h:
        * platform/mac/PlatformScreenMac.mm:
        (WebCore::displayID): Assert if we hit this code in the WebContent process.
        (WebCore::firstScreen): Ditto.
        (WebCore::window): Ditto.
        (WebCore::screen): Ditto.
        (WebCore::primaryScreenID): Added.
        (WebCore::getScreenProperties): Modify to return a pair consisting of the primary display ID and
        the HashSet of screen settings.
        (WebCore::setScreenProperties): Update to also track the primary display ID.
        (WebCore::screenProperties): Update to use the primary display ID.
        (WebCore::screenHasInvertedColors): Ditto.
        (WebCore::toUserSpaceForPrimaryScreen): Added.

2018-04-09  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Make InlineTextBox::createTextRun() take a const lvalue reference String
        https://bugs.webkit.org/show_bug.cgi?id=184182

        Reviewed by Zalan Bujtas.

        InlineTextBox::createTextRun() takes a non-const lvalue reference String.
        It is tempting to change the signature of this method to take a const lvalue 
        reference. But this was done intentionally. TextRun is effectively a StringView:
        it does not own the passed string. Having the argument a non-const lvalue
        reference makes the compiler prevent calls like createTextRun("abc").

        To have a better way to express the lifetime of TextRun, this patch does
        the following:

        -- It makes TextRun::m_text of type String instead of StringView.
        -- It adds a new constructor which takes const String&. This constructor
           will addRef the underlying StringImpl when assigning it to m_text.
        -- It keeps the constructor which takes a StringView. The caller of this
           constructor still has to make sure the underlying String outlives the
           TextRun. To avoid copying the underlying buffer of the StringView, we
           will not use  StringView::toString(). Instead we will use
           StringView::toStringWithoutCopying() which makes the returned String 
           accesses the same buffer the StringView uses. In this case, the returned
           String is effectively a StringView.

        * page/DebugPageOverlays.cpp:
        (WebCore::drawRightAlignedText):
        * platform/graphics/TextRun.cpp:
        * platform/graphics/TextRun.h:
        (WebCore::TextRun::TextRun):
        (WebCore::TextRun::subRun const):
        (WebCore::TextRun::length const):
        (WebCore::TextRun::setText):
        (WebCore::TextRun::string const): Deleted.
        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::localSelectionRect const):
        (WebCore::InlineTextBox::paint):
        (WebCore::InlineTextBox::paintPlatformDocumentMarker):
        (WebCore::InlineTextBox::paintMarkedTextBackground):
        (WebCore::InlineTextBox::paintMarkedTextForeground):
        (WebCore::InlineTextBox::paintMarkedTextDecoration):
        (WebCore::InlineTextBox::offsetForPosition const):
        (WebCore::InlineTextBox::positionForOffset const):
        (WebCore::InlineTextBox::createTextRun const):
        There is no need for this function to take a String argument anymore. The
        reason for passing the String was to guarantee its lifetime by keeping
        a copy of it in the caller side. Now there is no need for that. The TextRun
        itself will keep this copy.

        * rendering/InlineTextBox.h:
        * rendering/RenderText.cpp:
        (WebCore::RenderText::computeCanUseSimplifiedTextMeasuring const):
        RenderText::text() returns StringImpl. The compiler wants us to be more
        explicit about which constructor of TextRun to call.

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::canUseForFontAndText):
        * rendering/SimpleLineLayoutTextFragmentIterator.cpp:
        (WebCore::SimpleLineLayout::TextFragmentIterator::Style::Style):
        RenderStyle::hyphenString() returns an AtomicString.

2018-04-09  Michael Catanzaro  <mcatanzaro@igalia.com>

        Unreviewed, rolling out r230390.

        Broke accelerated compositing

        Reverted changeset:

        "[GTK] WaylandCompositorDisplay leaks its wl_display"
        https://bugs.webkit.org/show_bug.cgi?id=184406
        https://trac.webkit.org/changeset/230390

2018-04-03  Sergio Villar Senin  <svillar@igalia.com>

        [OpenVR][WebVR] Retrieve FrameData in WebVR's rAF
        https://bugs.webkit.org/show_bug.cgi?id=184265

        Reviewed by Žan Doberšek.

        VRFrameData contains all the required information to properly render a VR scene like view
        and projection matrices, pose data (position & orientation) and linear & angular velocity
        among others. The getFrameData() call must be issued inside a WebVR's own
        requestAnimationFrame.

        * Modules/webvr/VRDisplay.cpp:
        (WebCore::VRDisplay::getFrameData const):
        (WebCore::VRDisplay::getPose const):
        (WebCore::VRDisplay::requestAnimationFrame):
        (WebCore::VRDisplay::cancelAnimationFrame):
        * Modules/webvr/VRDisplay.h:
        * Modules/webvr/VREyeParameters.h:
        (WebCore::VREyeParameters::rawOffset const): Required to compute view matrices.
        * Modules/webvr/VRFrameData.cpp:
        (WebCore::matrixToArray):
        (WebCore::VRFrameData::leftProjectionMatrix const):
        (WebCore::VRFrameData::leftViewMatrix const):
        (WebCore::VRFrameData::rightProjectionMatrix const):
        (WebCore::VRFrameData::rightViewMatrix const):
        (WebCore::projectionMatrixFromFieldOfView):
        (WebCore::rotationMatrixFromQuaternion):
        (WebCore::applyHeadToEyeTransform):
        (WebCore::VRFrameData::update):
        (WebCore::VRFrameData::timestamp const): Deleted.
        * Modules/webvr/VRFrameData.h:
        (WebCore::VRFrameData::timestamp const):
        * Modules/webvr/VRPose.cpp:
        (WebCore::optionalFloat3ToJSCArray):
        (WebCore::VRPose::position const):
        (WebCore::VRPose::linearVelocity const):
        (WebCore::VRPose::linearAcceleration const):
        (WebCore::VRPose::orientation const):
        (WebCore::VRPose::angularVelocity const):
        (WebCore::VRPose::angularAcceleration const):
        * Modules/webvr/VRPose.h:
        (WebCore::VRPose::create):
        (WebCore::VRPose::update):
        (WebCore::VRPose::VRPose):
        * platform/vr/VRPlatformDisplay.h:
        (WebCore::VRPlatformTrackingInfo::Quaternion::Quaternion):
        (WebCore::VRPlatformTrackingInfo::Quaternion::conjugate):
        (WebCore::VRPlatformTrackingInfo::Quaternion::operator*):
        (WebCore::VRPlatformTrackingInfo::Float3::Float3): Just a group of 3 floats used to store
        both velocity and acceleration in a format which is very convenient to later generate JSC
        arrays.
        (WebCore::VRPlatformTrackingInfo::clear):
        * platform/vr/openvr/VRPlatformDisplayOpenVR.cpp:
        (WebCore::VRPlatformDisplayOpenVR::VRPlatformDisplayOpenVR):
        (WebCore::rotationMatrixToQuaternion):
        (WebCore::VRPlatformDisplayOpenVR::getTrackingInfo):
        * platform/vr/openvr/VRPlatformDisplayOpenVR.h:

2018-04-09  Michael Catanzaro  <mcatanzaro@igalia.com>

        [GTK] WaylandCompositorDisplay leaks its wl_display
        https://bugs.webkit.org/show_bug.cgi?id=184406

        Reviewed by Carlos Garcia Campos.

        Remove the protected default constructor, for good measure.

        * platform/graphics/wayland/PlatformDisplayWayland.h:

2018-04-08  Fujii Hironori  <Hironori.Fujii@sony.com>

        [CMake] WebKit should link to WebCore as a PRIVATE library if WebCore is a static library
        https://bugs.webkit.org/show_bug.cgi?id=184127

        Reviewed by Konstantin Tokarev.

        No new tests (No behaviour changes).

        * CMakeLists.txt: Added a interface library WebCoreHeaderInterface.

2018-04-08  Yusuke Suzuki  <utatane.tea@gmail.com>

        Use alignas instead of compiler-specific attributes
        https://bugs.webkit.org/show_bug.cgi?id=183508

        Reviewed by Mark Lam.

        Use alignas instead of aligned.

        * platform/graphics/cpu/arm/filters/FELightingNEON.cpp:
        * platform/graphics/cpu/arm/filters/FELightingNEON.h:
        (WebCore::FELighting::platformApplyNeon):

2018-04-08  Michael Catanzaro  <mcatanzaro@igalia.com>

        [WPE][GTK] Remove applicationDirectoryPath() and sharedResourcePath()
        https://bugs.webkit.org/show_bug.cgi?id=184381

        Reviewed by Carlos Garcia Campos.

        These are unused.

        * platform/FileSystem.h:
        * platform/glib/FileSystemGlib.cpp:
        (WebCore::FileSystem::applicationDirectoryPath): Deleted.
        (WebCore::FileSystem::sharedResourcesPath): Deleted.

2018-04-07  Daniel Bates  <dabates@apple.com>

        Have WorkerScriptLoader::loadAsynchronously() take a FetchOptions
        https://bugs.webkit.org/show_bug.cgi?id=184385

        Reviewed by Youenn Fablet.

        Currently we pass various FetchOptions to WorkerScriptLoader::loadAsynchronously()
        so that it can build up a ThreadableLoaderOptions structure to pass to the loader.
        Each time we want to set another FetchOptions option we need to add a new parameter.
        Instead we should have WorkerScriptLoader::loadAsynchronously() take a FetchOptions.
        This will make it straightforward for a caller to set new loader options as needed.
        In particular, this will make it straightforward to support setting the request's
        destination flag (i.e. FetchOptions::destination) to support blocking scripts with
        a non-JavaScript MIME type in a subsequent commit.

        No functionality changed. So, no new tests.

        * loader/ResourceLoaderOptions.h:
        (WebCore::ResourceLoaderOptions::ResourceLoaderOptions): Modified to take a FetchOptions
        by value so as to support both move and copy semantics.
        * loader/ThreadableLoader.cpp:
        (WebCore::ThreadableLoaderOptions::ThreadableLoaderOptions):  Added helper constructor
        that takes a FetchOptions.
        * loader/ThreadableLoader.h:
        * workers/Worker.cpp:
        (WebCore::Worker::create): Instantiate and pass a FetchOptions to the loader for the mode,
        cache policy, and redirect policy.
        * workers/WorkerScriptLoader.cpp:
        (WebCore::WorkerScriptLoader::loadAsynchronously): Modified to take a FetchOptions and
        instantiate a ThreadableLoaderOptions from it.
        * workers/WorkerScriptLoader.h:
        * workers/WorkerScriptLoaderClient.h:
        (WebCore::WorkerScriptLoaderClient::isServiceWorkerClient const): Deleted. This function
        is no longer needed because the Service Worker client now passes the service worker mode
        directly to the loader.
        * workers/service/ServiceWorkerJob.cpp:
        (WebCore::ServiceWorkerJob::fetchScriptWithContext): Instantiate and pass a FetchOptions
        to the loader.
        * workers/service/ServiceWorkerJob.h:

2018-04-07  Timothy Hatcher  <timothy@apple.com>

        Use the system's link color when system appearance is desired for a WebView.

        https://bugs.webkit.org/show_bug.cgi?id=184353
        rdar://problem/9420053

        Reviewed by Wenson Hsieh.

        Have Document consult RenderTheme via StyleColor for the various link colors.
        This allows the system to have different colors than the standard hardcoded ones.
        This adds StyleColor::Options, to avoid multiple booleans being passed around,
        since the "for visited link" state is now needed in RenderTheme.

        * WebCore.xcodeproj/project.pbxproj: Made StyleColor.h private, since RenderTheme.h includes it.
        * css/StyleColor.cpp:
        (WebCore::StyleColor::colorFromKeyword): Use options instead of a bool.
        (WebCore::StyleColor::isSystemColor): Consider CSSValueWebkitLink the start of system colors.
        * css/StyleColor.h:
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::colorFromPrimitiveValue const): Use StyleColor::Options.
        * css/parser/CSSParser.cpp:
        (WebCore::CSSParser::parseSystemColor): Use StyleColor::Options.
        * dom/Document.cpp:
        (WebCore::Document::resetLinkColor): Ask StyleColor for the link color instead of hardcoding it.
        (WebCore::Document::resetVisitedLinkColor): Ditto.
        (WebCore::Document::resetActiveLinkColor): Ditto.
        (WebCore::Document::styleColorOptions const): Added. Helper to get the options used.
        * dom/Document.h:
        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::drawFocusIfNeededInternal): Use StyleColor::Options.
        * rendering/RenderTheme.cpp:
        (WebCore::RenderTheme::systemColor const): Add default values here, moved from Document.
        (WebCore::RenderTheme::focusRingColor): Use StyleColor::Options.
        * rendering/RenderTheme.h:
        (WebCore::RenderTheme::platformFocusRingColor const): Use StyleColor::Options.
        * rendering/RenderThemeGtk.cpp:
        (WebCore::RenderThemeGtk::systemColor const): Use StyleColor::Options.
        * rendering/RenderThemeGtk.h:
        * rendering/RenderThemeIOS.h:
        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::systemColor const): Use StyleColor::Options.
        * rendering/RenderThemeMac.h:
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::platformFocusRingColor const): Use StyleColor::Options.
        (WebCore::RenderThemeMac::platformColorsDidChange): Clear m_systemVisitedLinkColor.
        (WebCore::RenderThemeMac::systemColor const): Use StyleColor::Options.
        (WebCore::RenderThemeMac::adjustMenuListStyle const): Ditto.
        * rendering/RenderThemeWin.cpp:
        (WebCore::RenderThemeWin::systemColor const): Use StyleColor::Options.
        * rendering/RenderThemeWin.h:
        * rendering/TextPaintStyle.cpp:
        (WebCore::computeTextPaintStyle): Use StyleColor::Options.

2018-04-06  Youenn Fablet  <youenn@apple.com>

        Response headers should be filtered when sent from NetworkProcess to WebProcess
        https://bugs.webkit.org/show_bug.cgi?id=184310

        Reviewed by Ryosuke Niwa.

        Did some refactoring to allow ResourceResponse to use header value parsing routines.
        We add sanitization levels for regular responses in case responses might be exposed to scripts or not.
        If not exposed to scripts, additional filtering is done.

        Add internal API to get unfiltered response headers from a fetch response.
        Test: http/wpt/service-workers/header-filtering.https.html

        * Modules/fetch/FetchResponse.h:
        * loader/CrossOriginPreflightResultCache.cpp:
        (WebCore::CrossOriginPreflightResultCacheItem::parse):
        * platform/network/HTTPParsers.h:
        (WebCore::addToAccessControlAllowList):
        (WebCore::parseAccessControlAllowList):
        * platform/network/ResourceResponseBase.cpp:
        (WebCore::isSafeToKeepRedirectionResponseHeader):
        (WebCore::isCrossOriginSafeToKeepResponseHeader):
        (WebCore::ResourceResponseBase::sanitizeHTTPHeaderFields):
        * platform/network/ResourceResponseBase.h:
        * testing/ServiceWorkerInternals.cpp:
        (WebCore::ServiceWorkerInternals::fetchResponseHeaderList):
        * testing/ServiceWorkerInternals.h:
        * testing/ServiceWorkerInternals.idl:

2018-04-06  Michael Catanzaro  <mcatanzaro@igalia.com>

        Unreviewed, fix unused parameter warning when credential storage is disabled

        * platform/network/soup/NetworkStorageSessionSoup.cpp:
        (WebCore::NetworkStorageSession::getCredentialFromPersistentStorage):

2018-04-06  Eric Carlson  <eric.carlson@apple.com>

        [Extra zoom mode] Block playback until fullscreen begins
        https://bugs.webkit.org/show_bug.cgi?id=184371
        <rdar://problem/39250891>

        Reviewed by Youenn Fablet.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::updatePlayState): Return early when waiting to enter fullscreen.
        (WebCore::HTMLMediaElement::enterFullscreen): Set m_waitingToEnterFullscreen.
        (WebCore::HTMLMediaElement::exitFullscreen): Clear m_waitingToEnterFullscreen.
        (WebCore::HTMLMediaElement::didBecomeFullscreenElement): Ditto.
        * html/HTMLMediaElement.h:

2018-04-06  Brent Fulgham  <bfulgham@apple.com>

        WebCore::screenSupportsExtendedColor improperly calls NSScreen functions in the WebContent process
        https://bugs.webkit.org/show_bug.cgi?id=184364
        <rdar://problem/39246314>

        Reviewed by Per Arne Vollan.

        The WebContent process is interacting directly with NSScreen to determine if the current screen
        has extended color support. This should be brokered from the UIProcess.
        
        Tested by fast/media/mq-color-gamut.html.

        * platform/ScreenProperties.h:
        (WebCore::ScreenProperties::encode const): Add screenSupportsExtendedColor.
        (WebCore::ScreenProperties::decode): Ditto.
        * platform/mac/PlatformScreenMac.mm:
        (WebCore::getScreenProperties): Retrieve extended color support.
        (WebCore::screenSupportsExtendedColor): Retrieve cached version when in the WebContent
        process. Assert that NSScreen is not accessed in the WebContent process.

2018-04-06  Fujii Hironori  <Hironori.Fujii@sony.com>

        [Win][WebCore] Expose a constant for scrollbar pixels per line (cScrollbarPixelsPerLine)
        https://bugs.webkit.org/show_bug.cgi?id=184296

        Reviewed by Alex Christensen.

        No new tests (No behavior changes).

        * platform/PlatformWheelEvent.h: Placed cScrollbarPixelsPerLine definition.
        * platform/win/WheelEventWin.cpp:
        (WebCore::PlatformWheelEvent::PlatformWheelEvent): Removed cScrollbarPixelsPerLine definition.

2018-04-06  Brent Fulgham  <bfulgham@apple.com>

        Unreviewed test fix after r230323

        * platform/mac/PlatformScreenMac.mm:
        (WebCore::screenSupportsExtendedColor): Remove assertion hit during test runs.

2018-04-06  Brent Fulgham  <bfulgham@apple.com>

        WebCore::screenColorSpace is retrieving CGColorSpace from NSScreen directly
        https://bugs.webkit.org/show_bug.cgi?id=184343
        <rdar://problem/39224881>

        Reviewed by Per Arne Vollan.

        Revise ScreenProperties to serialize the screen's color space, and later
        retrieve that in the WebContent process. This allows us to close off
        the CGSWindowServer connection.

        * platform/ScreenProperties.h:
        (WebCore::ScreenProperties::encode const): Add CGColorSpaceRef support.
        (WebCore::ScreenProperties::decode): Ditto.
        * platform/mac/PlatformScreenMac.mm:
        (WebCore::displayID): Add assertion to prevent use in WebContent process.
        (WebCore::firstScreen): Ditto.
        (WebCore::getScreenProperties): Add support for CGColorSpaceRef.
        (WebCore::screenColorSpace): Retrieve cached version when in WebContent process.
        Assert that NSScreen is not accessed in WebContent process.

2018-04-06  Ms2ger  <Ms2ger@igalia.com>

        Implement createImageBitmap(Blob)
        https://bugs.webkit.org/show_bug.cgi?id=183247

        Reviewed by Dean Jackson.

        Tests:
            - imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage.html
            - imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-invalid-args.html

        * fileapi/FileReaderLoader.h:
        (WebCore::FileReaderLoader::url): expose the Blob's URL.
        * html/ImageBitmap.cpp: implement createImageBitmap(Blob).
        * html/ImageBitmap.h: allow the BlobImageObserver class access to the creation function.
        * loader/cache/CachedImage.cpp: reuse extracted code.
        (WebCore::CachedImage::isPDFResource const):
        (WebCore::CachedImage::isPostScriptResource const):
        (WebCore::CachedImage::createImage):
        * platform/graphics/Image.cpp: extract some code from CachedImage to reuse.
        (WebCore::Image::create):
        (WebCore::Image::isPDFResource):
        (WebCore::Image::isPostScriptResource):
        * platform/graphics/Image.h: add declarations.

2018-04-06  Zalan Bujtas  <zalan@apple.com>

        Flex child does not get repainted when it is inserted back to the render tree.
        https://bugs.webkit.org/show_bug.cgi?id=184361
        <rdar://problem/34528716>

        Reviewed by Antti Koivisto.

        As with any regular block children, we should issue full repaint for flexbox items on their
        first layout (see RenderBlockFlow::layoutBlockChild()).

        Test: fast/flexbox/missing-repaint-when-flext-item-never-had-layout.html

        * rendering/RenderFlexibleBox.cpp:
        (WebCore::RenderFlexibleBox::layoutAndPlaceChildren):

2018-04-06  Ms2ger  <Ms2ger@igalia.com>

        Support transferring ImageBitmap objects
        https://bugs.webkit.org/show_bug.cgi?id=183131

        Reviewed by Dean Jackson.

        Test: imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-transfer.html

        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneSerializer::serialize): thread through ImageBitmaps.
        (WebCore::CloneSerializer::CloneSerializer): thread through ImageBitmaps.
        (WebCore::CloneSerializer::fillTransferMap): don't require a mutable reference.
        (WebCore::CloneSerializer::dumpImageBitmap): add.
        (WebCore::CloneSerializer::dumpIfTerminal): check for ImageBitmap.
        (WebCore::CloneDeserializer::deserialize): thread through ImageBitmaps.
        (WebCore::CloneDeserializer::CloneDeserializer): thread through ImageBitmaps.
        (WebCore::CloneDeserializer::readImageBitmap): add.
        (WebCore::CloneDeserializer::readTerminal): check for ImageBitmap.
        (WebCore::SerializedScriptValue::SerializedScriptValue): thread through ImageBitmaps.
        (WebCore::SerializedScriptValue::create): thread through ImageBitmaps.
        (WebCore::containsDuplicates): add.
        (WebCore::SerializedScriptValue::deserialize): handle ImageBitmap arguments.
        * bindings/js/SerializedScriptValue.h: update signatures, add member.
        * html/ImageBitmap.cpp:
        (WebCore::ImageBitmap::create): add.
        (WebCore::ImageBitmap::detachBitmaps): add.
        * html/ImageBitmap.h: add signatures.

2018-04-06  Said Abou-Hallawa  <sabouhallawa@apple.com>

        When recording the drawing, the DisplayList should be initialized with the GraphicsContextState of the underlying GraphicsContext
        https://bugs.webkit.org/show_bug.cgi?id=184336

        Reviewed by Antti Koivisto.

        The state of the drawing context has to be transfered to the recording 
        DisplayList before recording. Many recording GraphicsContext functions 
        will behave wrongly if it gets the default state.

        * html/canvas/CanvasRenderingContext2DBase.cpp:
        (WebCore::DisplayListDrawingContext::DisplayListDrawingContext):
        (WebCore::CanvasRenderingContext2DBase::drawingContext const):
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::recursiveCommitChanges):
        * platform/graphics/displaylists/DisplayListRecorder.cpp:
        (WebCore::DisplayList::Recorder::Recorder):
        * platform/graphics/displaylists/DisplayListRecorder.h:
        (WebCore::DisplayList::Recorder::ContextState::ContextState):
        (WebCore::DisplayList::Recorder::ContextState::cloneForSave const):
        * platform/graphics/displaylists/DisplayListReplayer.cpp:
        (WebCore::DisplayList::Replayer::replay):
        * platform/graphics/displaylists/DisplayListReplayer.h:
        (WebCore::DisplayList::Replayer::replay): If we do not have a clipping
        rectangle and we want to record all the drawing, we need a default value
        for the clipping rectangle and we want no clipping to happen.

2018-04-06  Daniel Bates  <dabates@apple.com>

        Emit a more informative message when a script is blocked due to "X-Content-Type: nosniff"
        https://bugs.webkit.org/show_bug.cgi?id=184359

        Reviewed by Per Arne Vollan.

        Emphasize in the message that the script was blocked from executing.

        Test: http/tests/security/contentTypeOptions/nosniff-importScript-blocked.html

        * dom/LoadableClassicScript.cpp:
        (WebCore::LoadableClassicScript::notifyFinished):
        * workers/WorkerScriptLoader.cpp:
        (WebCore::WorkerScriptLoader::didReceiveResponse):

2018-04-06  Daniel Bates  <dabates@apple.com>

        importScripts() should throw exception with a reason when it fails to load a script from the network
        https://bugs.webkit.org/show_bug.cgi?id=184345

        Reviewed by Alexey Proskuryakov.

        Currently importScripts() throws a NetworkError exception without a reason when
        it fails to load a script from the network. It is ambiguous whether the load failed
        due to an access control failure or some other error. Instead we should include
        the reason the load failed in the thrown exception.

        * workers/WorkerGlobalScope.cpp:
        (WebCore::WorkerGlobalScope::importScripts):

2018-04-06  Daniel Bates  <dabates@apple.com>

        Attempt to fix the build after <https://trac.webkit.org/changeset/230338>
        (https://bugs.webkit.org/show_bug.cgi?id=184360)

        Make lambdas mutable so that we can WTFMove() their captured arguments.

        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCMediaEndpoint::createSessionDescriptionFailed):
        (WebCore::LibWebRTCMediaEndpoint::setLocalSessionDescriptionFailed):
        (WebCore::LibWebRTCMediaEndpoint::setRemoteSessionDescriptionFailed):

2018-04-06  Daniel Bates  <dabates@apple.com>

        Have class Exception take String by value instead of a String&&
        https://bugs.webkit.org/show_bug.cgi?id=184360

        Reviewed by Alexey Proskuryakov.

        For convenience support instantiating an Exception with either an lvalue String or
        rvalue String.

        Although it can be argued that having Exception take a String by value instead of String&&
        can lead to missed opportunities to WTFMove() a String object into Exception such mistakes
        are just that, missed opportunities. That is, correctness is not affected and we may perform
        an unnecessary ref/deref of the underlying StringImpl when instantiating an Exception. If
        such missed opportunities show up in profiles and such mistakes happen often then we can
        re-evaluate the decision to have Exception take a String by value.

        * Modules/cache/DOMCache.cpp:
        (WebCore::DOMCache::put): Simplify code now that Exception takes a String by value.
        * Modules/fetch/FetchResponse.cpp:
        (WebCore::FetchResponse::BodyLoader::didFail): Ditto.
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCMediaEndpoint::createSessionDescriptionFailed): Move String into Exception to avoid an
        unnecessary ref/de-ref.
        (WebCore::LibWebRTCMediaEndpoint::setLocalSessionDescriptionFailed): Ditto.
        (WebCore::LibWebRTCMediaEndpoint::setRemoteSessionDescriptionFailed): Ditto.
        * dom/Exception.h:
        (WebCore::Exception::Exception): Take String by value. Also use uniform initializer syntax.

2018-04-06  Antti Koivisto  <antti@apple.com>

        Tighten ImageSource to have BitmapImage pointer instead of Image
        https://bugs.webkit.org/show_bug.cgi?id=184356

        Reviewed by Said Abou-Hallawa.

        ImageSource is an implementation detail of BitmapImage, not a generic type.

        * loader/ImageLoader.cpp:
        (WebCore::ImageLoader::decode):
        * platform/graphics/BitmapImage.h:
        * platform/graphics/Image.h:
        (WebCore::Image::decode): Deleted.
        (WebCore::Image::imageFrameAvailableAtIndex): Deleted.

        Also make some BitmapImage specific functions non-virtual and remove them from Image.

        * platform/graphics/ImageSource.cpp:
        (WebCore::ImageSource::ImageSource):
        * platform/graphics/ImageSource.h:
        (WebCore::ImageSource::create):

        Make constructors private.

        * platform/graphics/cg/GraphicsContext3DCG.cpp:
        (WebCore::GraphicsContext3D::ImageExtractor::extractImage):

2018-04-06  Brent Fulgham  <bfulgham@apple.com>

        Unreviewed test fix after r230323

        * platform/mac/PlatformScreenMac.mm:
        (WebCore::screen): Remove assertion we still hit due to event handling code.

2018-04-05  Youenn Fablet  <youenn@apple.com>

        REGRESSION (r230223): LayoutTest http/tests/contentextensions/css-display-none-overflows-rule-data-1.html is crashing
        https://bugs.webkit.org/show_bug.cgi?id=184306

        Reviewed by Ryosuke Niwa.

        Add an option to not compile CSS rules since they are not useful in NetworkProcess.
        Covered by tests no longer crashing in Debug WK2 bots.

        * contentextensions/ContentExtension.cpp:
        (WebCore::ContentExtensions::ContentExtension::create):
        (WebCore::ContentExtensions::ContentExtension::ContentExtension):
        * contentextensions/ContentExtension.h:
        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::addContentExtension):
        * contentextensions/ContentExtensionsBackend.h:

2018-04-05  Brent Fulgham  <bfulgham@apple.com>

        WebContent process is calling CGDisplayUsesInvertedPolarity
        https://bugs.webkit.org/show_bug.cgi?id=184337
        <rdar://problem/39215702>

        Reviewed by Zalan Bujtas.

        The PlatformScreenMac code is still calling display-related routines directly, specifically
        CGDisplayUsesInvertedPolarity and CGDisplayUsesForceToGray. These should be brokered from
        the UIProcess.
        
        There's also no reason to avoid the brokering behavior on current WebKit builds. Remove
        the compile guards so all macOS builds use this behavior.
        
        Finally, add some ProcessPrivilege assertions to guard against accidentally calling these
        routines in the future.

        Tested by existing regression tests.

        * platform/PlatformScreen.h:
        * platform/ScreenProperties.h:
        (WebCore::ScreenProperties::encode const): Add new values.
        (WebCore::ScreenProperties::decode):
        * platform/mac/PlatformScreenMac.mm:
        (WebCore::displayID): Add assertion that this is not calling display-related routines in
        the WebContent process.
        (WebCore::firstScreen): Ditto.
        (WebCore::screenProperties): Moved higher in the file so it can be reused. Add calls to
        CGDisplayUsesInvertedPolarity and CGDisplayUsesForceToGray.
        (WebCore::getScreenProperties): Moved higher in the file so it can be reused. Stop
        double-hashing displayID.
        (WebCore::screenIsMonochrome): Use cached values in WebContent process. Assert if this
        code attempts a display-related routine in the WebContent process.
        (WebCore::screenHasInvertedColors): Ditto.
        (WebCore::screenDepth): Add assertion that this is not calling display-related routines in
        the WebContent process.
        (WebCore::screenDepthPerComponent): Ditto.
        (WebCore::screenRect): Ditto.
        (WebCore::screenAvailableRect): Ditto.
        (WebCore::screen): Ditto.
        (WebCore::screenColorSpace): Ditto.
        (WebCore::screenSupportsExtendedColor): Ditto.

2018-04-05  John Wilander  <wilander@apple.com>

        Resource Load Statistics: Apply cookie blocking to setCookiesFromDOM()
        https://bugs.webkit.org/show_bug.cgi?id=184346
        <rdar://problem/39226036>

        Reviewed by Brent Fulgham.

        Since these cookies can't be seen and are not sent in requests, I
        can't write an automated test for them. This really should have been
        done as part of: https://bugs.webkit.org/show_bug.cgi?id=180682.
        That said, I have tested this manually.

        * platform/network/mac/CookieJarMac.mm:
        (WebCore::setCookiesFromDOM):

2018-04-05  Zalan Bujtas  <zalan@apple.com>

        Folding anonymous blocks should not result in deleting content.
        https://bugs.webkit.org/show_bug.cgi?id=184339
        <rdar://problem/37327428>

        Reviewed by Antti Koivisto.

        While folding multiple anonymous blocks (moving the children from next sibling over to previous sibling)
        we should ensure that the block we are about to destroy does not gain new descendants.
        In case of 4 sibling anonymous blocks (A B C D), while destroying B
        1. we move C's children to A and destroy C.
        2. While destroying C, we notice B and C as sibling anonymous blocks and we move
        D's children over to B (even though B is going to be destroyed as we climb back on the stack).
        
        In this patch, B is detached from the tree before we start moving renderers around so that a subsequent folding won't
        find B anymore as a candidate.

        Test: fast/block/crash-while-folding-anonymous-blocks.html

        * rendering/updating/RenderTreeBuilderBlock.cpp:
        (WebCore::RenderTreeBuilder::Block::detach):

2018-04-05  Andy Estes  <aestes@apple.com>

        Mark Payment Request as "Supported" in features.json
        https://bugs.webkit.org/show_bug.cgi?id=184338

        Reviewed by Anders Carlsson.

        * features.json:

2018-04-05  Chris Dumez  <cdumez@apple.com>

        Unreviewed, rolling out r230042.

        It is no longer needed now that it is safe to construct a
        SecurityOrigin from an on-main thread

        Reverted changeset:

        "WebSocket::didReceiveMessage() may construct a SecurityOrigin
        object on a non-main thread"
        https://bugs.webkit.org/show_bug.cgi?id=184068
        https://trac.webkit.org/changeset/230042

2018-04-05  Yusuke Suzuki  <utatane.tea@gmail.com>

        [WTF] Remove StaticLock
        https://bugs.webkit.org/show_bug.cgi?id=184332

        Reviewed by Mark Lam.

        No behavior change.

        * Modules/webdatabase/Database.cpp:
        (WebCore::Database::Database):
        (WebCore::Database::performOpenAndVerify):
        (WebCore::Database::closeDatabase):
        (WebCore::Database::getCachedVersion const):
        (WebCore::Database::setCachedVersion):
        * Modules/webdatabase/DatabaseTracker.cpp:
        (WebCore::DatabaseTracker::openDatabaseMutex):
        * Modules/webdatabase/DatabaseTracker.h:
        * Modules/websockets/WebSocket.cpp:
        (WebCore::WebSocket::allActiveWebSocketsMutex):
        * Modules/websockets/WebSocket.h:
        * bridge/objc/WebScriptObject.mm:
        * crypto/CryptoAlgorithmRegistry.cpp:
        (WebCore::CryptoAlgorithmRegistry::identifier):
        (WebCore::CryptoAlgorithmRegistry::name):
        (WebCore::CryptoAlgorithmRegistry::create):
        (WebCore::CryptoAlgorithmRegistry::registerAlgorithm):
        * dom/Node.cpp:
        * platform/URL.cpp:
        * platform/graphics/FontCache.cpp:
        * platform/graphics/MediaPlayer.cpp:
        * platform/ios/QuickLook.mm:
        * platform/ios/WebSQLiteDatabaseTrackerClient.mm:
        * platform/ios/wak/WebCoreThread.mm:
        * platform/ios/wak/WebCoreThreadRun.cpp:
        * platform/network/cf/LoaderRunLoopCF.cpp:
        (WebCore::loaderRunLoop):
        * platform/network/curl/CurlContext.cpp:
        (WebCore::CurlShareHandle::mutexFor):
        * platform/network/curl/CurlContext.h:
        * platform/sql/SQLiteDatabaseTracker.cpp:
        (WebCore::SQLiteDatabaseTracker::incrementTransactionInProgressCount):
        (WebCore::SQLiteDatabaseTracker::decrementTransactionInProgressCount):
        * platform/text/TextEncodingRegistry.cpp:
        (WebCore::buildBaseTextCodecMaps):
        (WebCore::newTextCodec):
        (WebCore::atomicCanonicalTextEncodingName):
        * workers/WorkerThread.cpp:
        (WebCore::WorkerThread::workerThreadCount):
        (WebCore::WorkerThread::WorkerThread):
        (WebCore::WorkerThread::~WorkerThread):
        (WebCore::WorkerThread::releaseFastMallocFreeMemoryInAllThreads):

2018-04-04  Youenn Fablet  <youenn@apple.com>

        WebRTC data channel only applications require capture permissions for direct connections
        https://bugs.webkit.org/show_bug.cgi?id=174500
        <rdar://problem/34134281>

        Reviewed by Eric Carlson.

        Test: webrtc/datachannel/mdns-ice-candidates.html

        Add support at PeerConnectionBackend to obfuscate any gathered host candidate
        by replacing the IP address with an opaque name that can be resolved by MDNS.
        An opaque name is generated for each IP address and is scoped by the document owning the peer connection object.

        Add support to resolve any such MDNS ICE candidate.
        A limit of 250 ms is fixed for the resolution to happen.
        After 250 ms, the candidate is discarded.

        Add an experimental flag around this feature, off by default.

        * Modules/mediastream/PeerConnectionBackend.cpp:
        (WebCore::extractIPAddres):
        (WebCore::PeerConnectionBackend::addIceCandidate):
        (WebCore::PeerConnectionBackend::addIceCandidateSucceeded):
        (WebCore::PeerConnectionBackend::addIceCandidateFailed):
        (WebCore::PeerConnectionBackend::newICECandidate):
        (WebCore::PeerConnectionBackend::doneGatheringCandidates):
        (WebCore::PeerConnectionBackend::registerMDNSName):
        (WebCore::PeerConnectionBackend::finishedRegisteringMDNSName):
        * Modules/mediastream/PeerConnectionBackend.h:
        * Modules/mediastream/RTCIceCandidate.h:
        (WebCore::RTCIceCandidate::setCandidate):
        * Modules/mediastream/RTCPeerConnection.h:
        * dom/Document.cpp:
        (WebCore::Document::prepareForDestruction):
        (WebCore::Document::suspend):
        * page/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::mdnsICECandidatesEnabled const):
        (WebCore::RuntimeEnabledFeatures::setMDNSICECandidatesEnabled):
        * platform/mediastream/libwebrtc/LibWebRTCProvider.h:

2018-04-04  Brian Burg  <bburg@apple.com>

        [Cocoa] WebDriver: test imported/w3c/webdriver/tests/cookies/add_cookie.py::test_add_non_session_cookie fails
        https://bugs.webkit.org/show_bug.cgi?id=184314
        <rdar://problem/39186578>

        Reviewed by Timothy Hatcher.

        Covered by several tests in add_cookie.py per the bug title.

        * platform/network/cocoa/CookieCocoa.mm:
        (WebCore::Cookie::operator NSHTTPCookie * const):
        By converting an integral UNIX timestamp to |maxAge| fractional seconds into the future, we introduce unwanted
        precision that is truncated when switching back to a UNIX timestamp later. Always round up maxAge so that
        the truncated value and actual value are the same.

2018-04-04  Alex Christensen  <achristensen@webkit.org>

        Move PingHandle to WebKitLegacy
        https://bugs.webkit.org/show_bug.cgi?id=184145

        Reviewed by Youenn Fablet.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/network/PingHandle.h: Removed.

2018-04-04  Per Arne Vollan  <pvollan@apple.com>

        The layout test fast/canvas/canvas-blending-global-alpha.html is failing when the WebContent process does not have WindowServer access.
        https://bugs.webkit.org/show_bug.cgi?id=183752
        <rdar://problem/38635731>

        The test is failing because the system is only providing software rendering when there is no access
        to the WindowServer, and software rendering is producing slightly different results than hardware
        rendering. To enable accelerated rendering, the GPU to be used for IOSurface rendering needs to be
        selected by handing over the OpenGL display mask to the IOSurface CGContext.

        Reviewed by Brent Fulgham.

        No new tests, covered by existing tests.

        * platform/graphics/GraphicsContext3D.h:
        * platform/graphics/cocoa/GraphicsContext3DCocoa.mm:
        (WebCore::GraphicsContext3D::getOpenGLDisplayMask):
        * platform/graphics/cocoa/IOSurface.mm:
        (WebCore::IOSurface::ensurePlatformContext):

2018-04-04  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Track the paint frequency through a new class named PaintFrequencyTracker
        https://bugs.webkit.org/show_bug.cgi?id=184311

        Reviewed by Antti Koivisto.

        PaintFrequencyTracker is a class which detects when a layer is painted 
        frequently. SinglePaintFrequencyTracking is used in conjunction with
        PaintFrequencyTracker to recored a single paint timing.

        * rendering/PaintFrequencyTracker.h: Added.
        (WebCore::PaintFrequencyTracker::begin):
        (WebCore::PaintFrequencyTracker::end):
        (WebCore::PaintFrequencyTracker::paintingFrequently const):
        Simplify the logic for tracking the paint frequency and move it from
        RenderLayer.cpp.

        (WebCore::SinglePaintFrequencyTracking::SinglePaintFrequencyTracking):
        (WebCore::SinglePaintFrequencyTracking::~SinglePaintFrequencyTracking):
        A convenient way to bracket the begin() and the end() methods of
        PaintFrequencyTracker.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::paintLayerContents):
        (WebCore::RenderLayer::calculateClipRects const):
        (WebCore::PaintFrequencyInfo::PaintFrequencyInfo): Deleted.
        (WebCore::PaintFrequencyInfo::setPaintedCacheableResource): Deleted.
        (WebCore::PaintFrequencyInfo::paintingFrequently const): Deleted.
        (WebCore::PaintFrequencyInfo::updatePaintFrequency): Deleted.
        (WebCore::PaintFrequencyInfo::paintingCacheableResource): Deleted.
        * rendering/RenderLayer.h:
        Rename PaintFrequencyInfo to PaintFrequencyTracker and move it a separate
        header file.

2018-04-04  Jer Noble  <jer.noble@apple.com>

        RELEASE_ASSERT in CaptionUserPreferencesMediaAF::CaptionUserPreferencesMediaAF() when MediaToolbox.framework missing
        https://bugs.webkit.org/show_bug.cgi?id=184247
        <rdar://problem/39007591>

        Rubber-stamped by Eric Carlson.

        Use SOFT_LINK_FRAMEWORK_OPTIONAL for frameworks which are not guaranteed to be present.

        * page/CaptionUserPreferencesMediaAF.cpp:
        (WebCore::CaptionUserPreferencesMediaAF::CaptionUserPreferencesMediaAF):

2018-04-04  Brent Fulgham  <bfulgham@apple.com>

        Failures from mach port reference handling should be fatal
        https://bugs.webkit.org/show_bug.cgi?id=184202
        <rdar://problem/37771114>

        Reviewed by Anders Carlsson.

        We may corrupt the Mach port space by improperly matching the equivalent of reference counting
        retains (mach_port_mod_refs) with releases (mach_port_deallocate).

        Our current implementation of MachSendRights::create does not grab a reference if the passed
        port is MACH_PORT_DEAD, but we unconditionally call mach_port_deallocate on the port, which
        could lead to a reference count mismatch.

        Likewise, our MachSendRight destructor does not release the port if it has changed to MACH_PORT_DEAD
        (e.g., if a child process dies), again leading to a mismatch in retain/releases.

        Finally, failures in mach_port_deallocate should be fatal because they indicate that the
        application was attempting to remove an unowned right. This is a fatal condition for Mach, and
        should lead to an abort. 

        This patch does the following:

        1. It creates a helper function that does the right thing for safely deallocating a mach port.
        2. It uses it in multiple places.
        3. It revises 'MachSendRight::create" so that it properly handles the condition of a dead port.
        4. It revises the MachSendRight destructor to properly handle the condition of a dead port.

        No new tests, no change in behavior expected.

        * SourcesCocoa.txt: Update for move of MachSendRight files.
        * WebCore.xcodeproj/project.pbxproj: Ditto.
        * page/cocoa/ResourceUsageThreadCocoa.mm:
        (WebCore::getMachThreads): Added.
        (WebCore::cpuUsage): Use the new cleanup helper function.
        * platform/cocoa/MachSendRight.cpp: Removed.
        * platform/cocoa/MachSendRight.h: Removed.
        * platform/graphics/avfoundation/objc/VideoFullscreenLayerManagerObjC.mm:
        (WebCore::VideoFullscreenLayerManagerObjC::setVideoFullscreenLayer):
        * platform/graphics/cocoa/IOSurface.h:
        * platform/graphics/cocoa/IOSurface.mm:

2018-04-04  Youenn Fablet  <youenn@apple.com>

        Remove unused HTTP header names
        https://bugs.webkit.org/show_bug.cgi?id=184272

        Reviewed by Alex Christensen.

        No change of behavior.
        Removed some names that are not used in the code base.
        This allows to strengthen filtering of responses sent to WebProcess.
        Added two headers used by web inspector.
        Updated existing code to use indexed HTTP header names.

        * html/parser/XSSAuditor.cpp:
        (WebCore::XSSAuditor::init):
        * inspector/agents/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::sourceMapURLForResource):
        * platform/network/HTTPHeaderNames.in:

2018-04-04  Beth Dakin  <bdakin@apple.com>

        Fix the !HAVE(AVFOUNDATION_VIDEO_OUTPUT) build
        https://bugs.webkit.org/show_bug.cgi?id=184309
        -and corresponding-
        rdar://problem/39179126

        Reviewed by Jer Noble.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::updateVideoFullscreenInlineImage):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenLayer):

2018-04-04  Youenn Fablet  <youenn@apple.com>

        MockRealtimeVideoSourceMac should produce kCVPixelFormatType_420YpCbCr8Planar buffers
        https://bugs.webkit.org/show_bug.cgi?id=184304

        Reviewed by Eric Carlson.

        Allows covering RealtimeOutgoingVideoSourceMac code path handling native buffers produced by capture video sources.
        ARGB buffer coverage is done through canvas capture streams.

        * platform/mediastream/mac/MockRealtimeVideoSourceMac.h:
        * platform/mediastream/mac/MockRealtimeVideoSourceMac.mm:
        (WebCore::MockRealtimeVideoSourceMac::CMSampleBufferFromPixelBuffer):

2018-04-04  Youenn Fablet  <youenn@apple.com>

        Introduce a ThreadSafeRefCounted parameter to ensure being destroyed on the main thread
        https://bugs.webkit.org/show_bug.cgi?id=183988

        Reviewed by Darin Adler.

        No change of behavior, TrackPrivate remains destroyed on the main thread.

        * platform/graphics/TrackPrivateBase.h:
        * platform/mediastream/mac/AudioTrackPrivateMediaStreamCocoa.cpp:
        (WebCore::AudioTrackPrivateMediaStreamCocoa::audioSamplesAvailable):
        (WebCore::AudioTrackPrivateMediaStreamCocoa::render):

2018-04-04  Carlos Garcia Campos  <cgarcia@igalia.com>

        Unreviewed. Fix the build with libsoup < 2.49.91 after r230251.

        Stop using ResourceHandle in SoupNetworkSession.

        * platform/network/soup/SoupNetworkSession.cpp:
        (WebCore::SoupNetworkSession::SoupNetworkSession):
        (WebCore::authenticateCallback): Deleted.
        (WebCore::requestStartedCallback): Deleted.

2018-04-03  Alex Christensen  <achristensen@webkit.org>

        Remove unused libsoup ResourceHandle implementation
        https://bugs.webkit.org/show_bug.cgi?id=184048

        Reviewed by Michael Catanzaro.

        This code is unused since r228901 so let's remove it!

        * platform/network/ResourceHandle.h:
        * platform/network/ResourceHandleInternal.h:
        (WebCore::ResourceHandleInternal::ResourceHandleInternal):
        * platform/network/soup/ResourceHandleSoup.cpp:
        (WebCore::ResourceHandle::~ResourceHandle):
        (WebCore::ResourceHandleInternal::soupSession):
        (WebCore::ResourceHandle::cancelledOrClientless):
        (WebCore::ResourceHandle::ensureReadBuffer):
        (WebCore::ResourceHandle::currentStreamPosition const):
        (WebCore::ResourceHandle::platformContinueSynchronousDidReceiveResponse):
        (WebCore::ResourceHandle::didStartRequest):
        (WebCore::ResourceHandle::start):
        (WebCore::ResourceHandle::releaseForDownload):
        (WebCore::ResourceHandle::sendPendingRequest):
        (WebCore::ResourceHandle::cancel):
        (WebCore::ResourceHandle::shouldUseCredentialStorage):
        (WebCore::ResourceHandle::continueDidReceiveAuthenticationChallenge):
        (WebCore::ResourceHandle::didReceiveAuthenticationChallenge):
        (WebCore::ResourceHandle::receivedRequestToContinueWithoutCredential):
        (WebCore::ResourceHandle::receivedCredential):
        (WebCore::ResourceHandle::receivedCancellation):
        (WebCore::ResourceHandle::receivedChallengeRejection):
        (WebCore::ResourceHandle::platformSetDefersLoading):
        (WebCore::sessionFromContext): Deleted.
        (WebCore::ResourceHandle::create): Deleted.
        (WebCore::ResourceHandle::ResourceHandle): Deleted.
        (WebCore::isAuthenticationFailureStatusCode): Deleted.
        (WebCore::tlsErrorsChangedCallback): Deleted.
        (WebCore::gotHeadersCallback): Deleted.
        (WebCore::applyAuthenticationToRequest): Deleted.
        (WebCore::restartedCallback): Deleted.
        (WebCore::shouldRedirect): Deleted.
        (WebCore::shouldRedirectAsGET): Deleted.
        (WebCore::continueAfterWillSendRequest): Deleted.
        (WebCore::doRedirect): Deleted.
        (WebCore::redirectSkipCallback): Deleted.
        (WebCore::wroteBodyDataCallback): Deleted.
        (WebCore::cleanupSoupRequestOperation): Deleted.
        (WebCore::nextMultipartResponsePartCallback): Deleted.
        (WebCore::sendRequestCallback): Deleted.
        (WebCore::continueAfterDidReceiveResponse): Deleted.
        (WebCore::startingCallback): Deleted.
        (WebCore::networkEventCallback): Deleted.
        (WebCore::createSoupMessageForHandleAndRequest): Deleted.
        (WebCore::createSoupRequestAndMessageForHandle): Deleted.
        (WebCore::ResourceHandle::timeoutFired): Deleted.
        (WebCore::waitingToSendRequest): Deleted.
        (WebCore::readCallback): Deleted.

2018-04-03  Ross Kirsling  <ross.kirsling@sony.com>

        Add missing WEBCORE_EXPORTs (for Windows shared library build)
        https://bugs.webkit.org/show_bug.cgi?id=184279

        Reviewed by Alex Christensen.

        * dom/Element.h:
        * dom/Node.h:
        * editing/FrameSelection.h:
        * html/DOMURL.h:
        * html/HTMLFormElement.h:
        * html/canvas/CanvasRenderingContext.h:
        * platform/graphics/GraphicsContext.h:
        * platform/graphics/PlatformDisplay.h:
        * platform/graphics/cairo/CairoOperations.h:
        * platform/graphics/cairo/GraphicsContextImplCairo.h:
        * platform/graphics/texmap/TextureMapperLayer.h:
        * platform/network/HTTPHeaderMap.h:
        * platform/network/ResourceRequestBase.h:
        * platform/network/ResourceResponseBase.h:
        * platform/network/curl/AuthenticationChallenge.h:
        * platform/network/curl/CurlFormDataStream.h:
        * platform/network/curl/CurlRequest.h:
        * platform/network/curl/CurlSSLHandle.h:
        * platform/network/curl/ResourceError.h:
        * platform/network/curl/ResourceResponse.h:

2018-04-03  Youenn Fablet  <youenn@apple.com>

        RealtimeOutgoingVideoSourceMac should pass a ObjCFrameBuffer buffer
        https://bugs.webkit.org/show_bug.cgi?id=184281
        rdar://problem/39153262

        Reviewed by Jer Noble.

        Covered by manual testing by going to WebRTC web sites.

        * platform/mediastream/mac/RealtimeOutgoingVideoSourceCocoa.cpp:
        (WebCore::RealtimeOutgoingVideoSourceCocoa::sampleBufferUpdated):

2018-04-03  Filip Pizlo  <fpizlo@apple.com>

        GC shouldn't do object distancing
        https://bugs.webkit.org/show_bug.cgi?id=184195

        Reviewed by Saam Barati.

        No new tests because no change in behavior.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSDOMGlobalObject.cpp:
        (WebCore::JSDOMGlobalObject::JSDOMGlobalObject):
        * bindings/js/JSDOMGlobalObject.h:
        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::JSDOMWindowBase::JSDOMWindowBase):
        * dom/Document.cpp:
        (WebCore::Document::threadLocalCache): Deleted.
        * dom/Document.h:
        * page/OriginThreadLocalCache.cpp: Removed.
        * page/OriginThreadLocalCache.h: Removed.

2018-04-03  Brent Fulgham  <bfulgham@apple.com>

        Guard against keychain/certificate access outside the network process
        https://bugs.webkit.org/show_bug.cgi?id=184214
        <rdar://problem/38734795>

        Reviewed by Youenn Fablet.

        Use the ProcessPrivilege assertions to guard against accessing the Keychain from
        a non-Networking process.

        * Modules/webauthn/cocoa/LocalAuthenticator.mm:
        (WebCore::LocalAuthenticator::makeCredential): Assert if we access the keychain from
        a proces other than the Network or UI process.
        (WebCore::LocalAuthenticator::getAssertion): Ditto.
        (WebCore::LocalAuthenticator::issueClientCertificate const): Ditto.
        * crypto/mac/SerializedCryptoKeyWrapMac.mm:
        (WebCore::createAndStoreMasterKey): Ditto.
        (WebCore::findMasterKey): Ditto.
        (WebCore::deleteDefaultWebCryptoMasterKey): Ditto.
        * platform/mac/SSLKeyGeneratorMac.mm:
        (WebCore::signedPublicKeyAndChallengeString): Ditto.
        * platform/network/cocoa/NetworkStorageSessionCocoa.mm:
        (WebCore::createPrivateStorageSession): Ditto.
        * platform/network/mac/ResourceHandleMac.mm:
        (WebCore::ResourceHandle::didReceiveAuthenticationChallenge): Ditto.

2018-04-03  Youenn Fablet  <youenn@apple.com>

        NetworkResourceLoader does not need to expose all redirect response headers
        https://bugs.webkit.org/show_bug.cgi?id=184114
        <rdar://problem/39010557>

        Reviewed by Ryosuke Niwa.

        No JS observable change of behavior.
        Behavior change is observable for injected bundles since they will no longer get access to the full response.
        List of response headers correspond to the one currently being used/exposed for redirections.

        Test: http/wpt/loading/redirect-headers.html

        * page/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::setRestrictedHTTPResponseAccess):
        (WebCore::RuntimeEnabledFeatures::restrictedHTTPResponseAccess const):
        * platform/network/ResourceResponseBase.cpp:
        (WebCore::isSafeToKeepRedirectionHeader):
        (WebCore::ResourceResponseBase::sanitizeRedirectionHTTPHeaderFields):
        * platform/network/ResourceResponseBase.h:

2018-04-03  Andy Estes  <aestes@apple.com>

        [Mac] Prioritize file promises over filenames during drag and drop
        https://bugs.webkit.org/show_bug.cgi?id=184237
        <rdar://problem/38278076>

        Reviewed by Wenson Hsieh.

        When performing a drag operation where the pasteboard contains both a file path and a file
        promise, we have historically preferred to accept the file path. Some versions of Photos.app
        will provide both a low-resolution thumbnail as a file path and its high-resolution
        counterpart as a file promise when dragging a photo, and our current logic leads us to
        choose the low-quality thumbnail.

        This patch changes our logic to prefer file promises over file paths. This matches the
        behavior of Finder and ensures we accept high-resolution assets from Photos.app.

        Covered by existing file promise drag tests. beginDragWithFilePromises() was updated to
        write a bogus file path to the pasteboard along with the legitimate file promise.

        * platform/mac/DragDataMac.mm:
        (WebCore::DragData::asFilenames const):
        * platform/mac/PasteboardMac.mm:
        (WebCore::Pasteboard::read):
        (WebCore::Pasteboard::readFilePaths):
        * platform/mac/PlatformPasteboardMac.mm:
        (WebCore::PlatformPasteboard::numberOfFiles const):

2018-04-03  Mark Lam  <mark.lam@apple.com>

        Fix mis-application of WTF_PREPARE_VTBL_POINTER_FOR_INSPECTION macro.
        https://bugs.webkit.org/show_bug.cgi?id=184276
        <rdar://problem/39109543>

        Rubber-stamped by Michael Saboff.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation):
        * bindings/scripts/test/JS/JSInterfaceName.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSMapLike.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestCEReactions.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestCallTracer.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestEnabledBySetting.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestException.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestIterable.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNode.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestPluginInterface.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestSerialization.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestStringifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        (WebCore::toJSNewlyCreated):

2018-04-03  Yousuke Kimoto  <yousuke.kimoto@sony.com>

        [CMake] gperf path should be given when WebCore/css/makevalues.pl is executed
        https://bugs.webkit.org/show_bug.cgi?id=184224

        Reviewed by Konstantin Tokarev.

        When a building evironment doens't include a path to gperf,
        WebCore/css/makevalue.pl failes due to failing to execute gperf,
        so the full path to gperf should be given like WebCore/css/makeprop.pl.

        No new tests, no Web-facing behavior change.

        * CMakeLists.txt: gperf path is given to css/makevalues.pl.
        * css/makevalues.pl: Add an argument to handle a given gperf path.

2018-04-03  Chris Dumez  <cdumez@apple.com>

        Drop MainFrame class
        https://bugs.webkit.org/show_bug.cgi?id=184191

        Reviewed by Darin Adler.

        Drop MainFrame class and move contents into Page / Frame since there is a 1:1
        relationship between the Page and the MainFrame.

        This is ground work for introducing LocalFrame / RemoteFrame concepts.

        * Modules/applepay/ApplePaySession.cpp:
        (WebCore::ApplePaySession::create):
        (WebCore::ApplePaySession::supportsVersion):
        (WebCore::ApplePaySession::canMakePayments):
        (WebCore::ApplePaySession::canMakePaymentsWithActiveCard):
        (WebCore::ApplePaySession::openPaymentSetup):
        (WebCore::ApplePaySession::paymentCoordinator const):
        * Modules/applepay/paymentrequest/ApplePayPaymentHandler.cpp:
        (WebCore::paymentCoordinator):
        * Modules/mediastream/MediaDevicesEnumerationRequest.cpp:
        * Modules/mediastream/UserMediaRequest.cpp:
        * Modules/plugins/QuickTimePluginReplacement.mm:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::mainFrame const):
        (WebCore::AccessibilityObject::visiblePositionForBounds const):
        * accessibility/AccessibilityObject.h:
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        * bindings/js/ScriptController.cpp:
        * bindings/js/ScriptState.cpp:
        * contentextensions/ContentExtensionsBackend.cpp:
        * css/MediaQueryEvaluator.cpp:
        (WebCore::displayModeEvaluate):
        * dom/DOMImplementation.cpp:
        * dom/Document.cpp:
        * dom/DocumentMarkerController.cpp:
        * dom/Element.cpp:
        (WebCore::Element::removedFromAncestor):
        * dom/EventDispatcher.cpp:
        * dom/ScriptedAnimationController.cpp:
        * editing/Editor.cpp:
        (WebCore::Editor::scanSelectionForTelephoneNumbers):
        * editing/EditorCommand.cpp:
        * editing/SelectionRectGatherer.cpp:
        (WebCore::SelectionRectGatherer::Notifier::~Notifier):
        * editing/cocoa/WebContentReaderCocoa.mm:
        * editing/markup.cpp:
        * history/CachedFrame.cpp:
        * history/CachedPage.cpp:
        * history/PageCache.cpp:
        (WebCore::destroyRenderTree):
        * html/HTMLMediaElement.cpp:
        * html/HTMLPlugInImageElement.cpp:
        * html/ImageDocument.cpp:
        * html/MediaElementSession.cpp:
        (WebCore::isMainContentForPurposesOfAutoplay):
        * html/canvas/WebGLRenderingContextBase.cpp:
        * inspector/InspectorClient.cpp:
        * inspector/InspectorController.cpp:
        * inspector/InspectorFrontendClientLocal.cpp:
        * inspector/InspectorFrontendHost.cpp:
        * inspector/InspectorInstrumentation.cpp:
        * inspector/InspectorOverlay.cpp:
        * inspector/PageScriptDebugServer.cpp:
        * inspector/agents/InspectorApplicationCacheAgent.cpp:
        * inspector/agents/InspectorCanvasAgent.cpp:
        * inspector/agents/InspectorDOMAgent.cpp:
        * inspector/agents/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::mainFrame):
        * inspector/agents/InspectorPageAgent.h:
        * inspector/agents/page/PageDebuggerAgent.cpp:
        * inspector/agents/page/PageRuntimeAgent.cpp:
        * loader/DocumentLoader.cpp:
        * loader/DocumentWriter.cpp:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadWithDocumentLoader):
        (WebCore::FrameLoader::setState):
        * loader/HistoryController.cpp:
        * loader/NavigationDisabler.h:
        * loader/ProgressTracker.cpp:
        * loader/ResourceLoadObserver.cpp:
        * loader/ResourceLoader.cpp:
        * loader/SubframeLoader.cpp:
        * loader/SubresourceLoader.cpp:
        * loader/appcache/ApplicationCacheHost.cpp:
        * loader/archive/mhtml/MHTMLArchive.cpp:
        * loader/cache/CachedResource.cpp:
        * loader/cache/CachedResourceLoader.cpp:
        * page/AutoscrollController.cpp:
        * page/Chrome.cpp:
        * page/ContextMenuController.cpp:
        * page/DOMWindow.cpp:
        * page/DebugPageOverlays.cpp:
        (WebCore::MouseWheelRegionOverlay::updateRegion):
        (WebCore::NonFastScrollableRegionOverlay::updateRegion):
        (WebCore::RegionOverlay::create):
        (WebCore::RegionOverlay::RegionOverlay):
        (WebCore::RegionOverlay::~RegionOverlay):
        (WebCore::DebugPageOverlays::ensureRegionOverlayForPage):
        (WebCore::DebugPageOverlays::showRegionOverlay):
        (WebCore::DebugPageOverlays::hideRegionOverlay):
        (WebCore::DebugPageOverlays::regionChanged):
        (WebCore::DebugPageOverlays::regionOverlayForPage const):
        (WebCore::DebugPageOverlays::updateOverlayRegionVisibility):
        (WebCore::DebugPageOverlays::settingsChanged):
        * page/DebugPageOverlays.h:
        (WebCore::DebugPageOverlays::hasOverlaysForPage const):
        (WebCore::DebugPageOverlays::hasOverlays):
        (WebCore::DebugPageOverlays::didLayout):
        (WebCore::DebugPageOverlays::didChangeEventHandlers):
        * page/DragController.cpp:
        (WebCore::DragController::performDragOperation):
        (WebCore::DragController::tryDHTMLDrag):
        (WebCore::DragController::beginDrag):
        (WebCore::DragController::doSystemDrag):
        * page/EventHandler.cpp:
        (WebCore::EventHandler::handleMousePressEvent):
        (WebCore::EventHandler::mouseMoved):
        (WebCore::EventHandler::handleMouseReleaseEvent):
        (WebCore::EventHandler::handleWheelEvent):
        (WebCore::EventHandler::clearLatchedState):
        (WebCore::EventHandler::defaultWheelEventHandler):
        * page/FocusController.cpp:
        * page/Frame.cpp:
        (WebCore::Frame::Frame):
        (WebCore::Frame::dropChildren):
        (WebCore::Frame::selfOnlyRef):
        (WebCore::Frame::selfOnlyDeref):
        * page/Frame.h:
        (WebCore::Frame::mainFrame const):
        * page/FrameTree.cpp:
        * page/FrameView.cpp:
        (WebCore::FrameView::setFrameRect):
        (WebCore::FrameView::setContentsSize):
        (WebCore::FrameView::didChangeScrollOffset):
        (WebCore::FrameView::setViewExposedRect):
        * page/History.cpp:
        * page/MainFrame.cpp: Removed.
        * page/MainFrame.h: Removed.
        * page/MemoryRelease.cpp:
        * page/Page.cpp:
        (WebCore::Page::Page):
        (WebCore::m_applicationManifest):
        (WebCore::Page::setDeviceScaleFactor):
        (WebCore::Page::latchingState):
        (WebCore::Page::pushNewLatchingState):
        (WebCore::Page::resetLatchingState):
        (WebCore::Page::popLatchingState):
        (WebCore::Page::removeLatchingStateForTarget):
        (WebCore::Page::setPaymentCoordinator):
        * page/Page.h:
        (WebCore::Page::mainFrame):
        (WebCore::Page::mainFrame const):
        (WebCore::Page::wheelEventDeltaFilter):
        (WebCore::Page::pageOverlayController):
        (WebCore::Page::servicesOverlayController):
        (WebCore::Page::paymentCoordinator const):
        (WebCore::Page::applicationManifest const):
        (WebCore::Page::performanceLogging const):
        * page/PageConsoleClient.cpp:
        * page/PageDebuggable.cpp:
        * page/PageGroup.cpp:
        * page/PageGroupLoadDeferrer.cpp:
        * page/PageOverlay.cpp:
        (WebCore::PageOverlay::controller const):
        * page/PageOverlayController.cpp:
        (WebCore::PageOverlayController::PageOverlayController):
        (WebCore::PageOverlayController::createRootLayersIfNeeded):
        (WebCore::PageOverlayController::layerWithDocumentOverlays):
        (WebCore::PageOverlayController::layerWithViewOverlays):
        (WebCore::PageOverlayController::installPageOverlay):
        (WebCore::PageOverlayController::updateForceSynchronousScrollLayerPositionUpdates):
        (WebCore::PageOverlayController::didChangeViewExposedRect):
        (WebCore::PageOverlayController::updateSettingsForLayer):
        (WebCore::PageOverlayController::deviceScaleFactor const):
        (WebCore::PageOverlayController::notifyFlushRequired):
        (WebCore::PageOverlayController::tiledBackingUsageChanged):
        * page/PageOverlayController.h:
        * page/PageSerializer.cpp:
        * page/PerformanceLogging.cpp:
        (WebCore::PerformanceLogging::PerformanceLogging):
        (WebCore::PerformanceLogging::didReachPointOfInterest):
        * page/PerformanceLogging.h:
        * page/PerformanceMonitor.cpp:
        * page/ResourceUsageOverlay.cpp:
        (WebCore::ResourceUsageOverlay::~ResourceUsageOverlay):
        (WebCore::ResourceUsageOverlay::initialize):
        * page/SettingsBase.cpp:
        * page/SpatialNavigation.cpp:
        * page/UserContentProvider.cpp:
        * page/ios/FrameIOS.mm:
        * page/mac/DragControllerMac.mm:
        * page/mac/EventHandlerMac.mm:
        (WebCore::latchingIsLockedToPlatformFrame):
        (WebCore::latchingIsLockedToAncestorOfThisFrame):
        (WebCore::EventHandler::clearOrScheduleClearingLatchedStateIfNeeded):
        (WebCore::EventHandler::platformPrepareForWheelEvents):
        (WebCore::EventHandler::platformRecordWheelEvent):
        (WebCore::EventHandler::platformCompleteWheelEvent):
        (WebCore::EventHandler::platformCompletePlatformWidgetWheelEvent):
        * page/mac/PageMac.mm:
        * page/mac/ServicesOverlayController.h:
        (WebCore::ServicesOverlayController::page const):
        * page/mac/ServicesOverlayController.mm:
        (WebCore::ServicesOverlayController::Highlight::Highlight):
        (WebCore::ServicesOverlayController::Highlight::notifyFlushRequired):
        (WebCore::ServicesOverlayController::Highlight::deviceScaleFactor const):
        (WebCore::ServicesOverlayController::ServicesOverlayController):
        (WebCore::ServicesOverlayController::invalidateHighlightsOfType):
        (WebCore::ServicesOverlayController::buildPotentialHighlightsIfNeeded):
        (WebCore::ServicesOverlayController::remainingTimeUntilHighlightShouldBeShown const):
        (WebCore::ServicesOverlayController::buildPhoneNumberHighlights):
        (WebCore::ServicesOverlayController::buildSelectionHighlight):
        (WebCore::ServicesOverlayController::hasRelevantSelectionServices):
        (WebCore::ServicesOverlayController::createOverlayIfNeeded):
        (WebCore::ServicesOverlayController::telephoneNumberRangesForFocusedFrame):
        (WebCore::ServicesOverlayController::findTelephoneNumberHighlightContainingSelectionHighlight):
        (WebCore::ServicesOverlayController::mouseEvent):
        (WebCore::ServicesOverlayController::handleClick):
        (WebCore::ServicesOverlayController::mainFrame const):
        * page/scrolling/AsyncScrollingCoordinator.cpp:
        * page/scrolling/ScrollingCoordinator.cpp:
        * page/scrolling/ios/ScrollingCoordinatorIOS.mm:
        * page/scrolling/mac/ScrollingCoordinatorMac.mm:
        * platform/graphics/ca/win/CACFLayerTreeHost.cpp:
        * plugins/DOMMimeType.cpp:
        * plugins/PluginInfoProvider.cpp:
        (WebCore::PluginInfoProvider::refresh):
        * rendering/RenderBox.cpp:
        * rendering/RenderLayer.cpp:
        * rendering/RenderLayerBacking.cpp:
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::hasAnyAdditionalCompositedLayers const):
        (WebCore::RenderLayerCompositor::updateCompositingLayers):
        (WebCore::RenderLayerCompositor::appendDocumentOverlayLayers):
        (WebCore::RenderLayerCompositor::attachRootLayer):
        (WebCore::RenderLayerCompositor::detachRootLayer):
        (WebCore::RenderLayerCompositor::rootLayerAttachmentChanged):
        * rendering/RenderObject.cpp:
        * replay/UserInputBridge.cpp:
        * storage/StorageEventDispatcher.cpp:
        * style/StyleTreeResolver.cpp:
        (WebCore::Style::suspendMemoryCacheClientCalls):
        * svg/SVGSVGElement.cpp:
        * svg/graphics/SVGImage.cpp:
        * testing/InternalSettings.cpp:
        * testing/Internals.cpp:
        (WebCore::Internals::Internals):
        (WebCore::Internals::installMockPageOverlay):
        (WebCore::Internals::pageOverlayLayerTreeAsText const):
        * testing/MockPageOverlay.cpp:
        * testing/MockPageOverlay.h:
        * testing/MockPageOverlayClient.cpp:
        (WebCore::MockPageOverlayClient::installOverlay):
        (WebCore::MockPageOverlayClient::layerTreeAsText):
        * testing/MockPageOverlayClient.h:
        * testing/MockPaymentCoordinator.cpp:
        (WebCore::MockPaymentCoordinator::MockPaymentCoordinator):
        (WebCore::MockPaymentCoordinator::showPaymentUI):
        (WebCore::MockPaymentCoordinator::completeMerchantValidation):
        (WebCore::MockPaymentCoordinator::changeShippingOption):
        (WebCore::MockPaymentCoordinator::changePaymentMethod):
        (WebCore::MockPaymentCoordinator::acceptPayment):
        (WebCore::MockPaymentCoordinator::cancelPayment):
        * testing/MockPaymentCoordinator.h:
        * workers/service/context/ServiceWorkerThreadProxy.cpp:

2018-04-03  Sihui Liu  <sihui_liu@apple.com>

        The referer header is not set after redirect
        https://bugs.webkit.org/show_bug.cgi?id=182644
        <rdar://problem/37479048>

        Reviewed by Youenn Fablet.

        Update referrer policy and recompute referrer in redirection check, so Referer header would be set after it's removed from cross-origin request.

        Add support for Referrer-Policy header, so referrer policy would be changed based on redirect response. 

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * dom/Document.cpp:
        (WebCore::Document::processReferrerPolicy):
        * loader/CrossOriginAccessControl.cpp:
        (WebCore::updateRequestReferrer):
        * loader/CrossOriginAccessControl.h:
        * loader/ResourceLoader.h:
        (WebCore::ResourceLoader::setReferrerPolicy):
        (WebCore::ResourceLoader::referrerPolicy const):
        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::checkRedirectionCrossOriginAccessControl):
        (WebCore::SubresourceLoader::updateReferrerPolicy):
        * loader/SubresourceLoader.h:
        * loader/cache/CachedResourceRequest.cpp:
        (WebCore::CachedResourceRequest::setAsPotentiallyCrossOrigin):
        (WebCore::CachedResourceRequest::updateForAccessControl):
        (WebCore::CachedResourceRequest::updateReferrerOriginAndUserAgentHeaders):
        * platform/ReferrerPolicy.cpp: Added.
        (WebCore::parseReferrerPolicy):
        * platform/ReferrerPolicy.h:
        * platform/network/HTTPHeaderNames.in:

2018-04-03  Chris Dumez  <cdumez@apple.com>

        Make SecurityOrigin safe to create and use from any thread
        https://bugs.webkit.org/show_bug.cgi?id=184216

        Reviewed by Youenn Fablet.

        We found that we have a decent amount of code constructing and using SecurityOrigin
        objects from non-main threads. Unfortunately, this was not safe, mostly due to
        SecurityOrigin's reliance on the SchemeRegistry.

        This patch makes it safe to construct a SecurityOrigin on any thread A and use
        it later on the same thread A. However, developers still need to call isolatedCopy()
        if they want to pass such object to another thread B.

        * page/SecurityOrigin.cpp:
        (WebCore::SecurityOrigin::canDisplay const):
        * page/SecurityOrigin.h:
        * page/SecurityPolicy.cpp:
        (WebCore::originAccessMapLock):
        (WebCore::originAccessMap):
        (WebCore::SecurityPolicy::isAccessWhiteListed):
        (WebCore::SecurityPolicy::addOriginAccessWhitelistEntry):
        (WebCore::SecurityPolicy::removeOriginAccessWhitelistEntry):
        (WebCore::SecurityPolicy::resetOriginAccessWhitelists):
        * platform/SchemeRegistry.cpp:
        (WebCore::schemeRegistryLock):
        (WebCore::allBuiltinSchemes):
        (WebCore::builtinLocalURLSchemes):
        (WebCore::localURLSchemes):
        (WebCore::displayIsolatedURLSchemes):
        (WebCore::builtinSecureSchemes):
        (WebCore::secureSchemes):
        (WebCore::builtinSchemesWithUniqueOrigins):
        (WebCore::schemesWithUniqueOrigins):
        (WebCore::builtinEmptyDocumentSchemes):
        (WebCore::emptyDocumentSchemes):
        (WebCore::schemesForbiddenFromDomainRelaxation):
        (WebCore::builtinCanDisplayOnlyIfCanRequestSchemes):
        (WebCore::canDisplayOnlyIfCanRequestSchemes):
        (WebCore::notAllowingJavascriptURLsSchemes):
        (WebCore::SchemeRegistry::registerURLSchemeAsLocal):
        (WebCore::SchemeRegistry::removeURLSchemeRegisteredAsLocal):
        (WebCore::schemesAllowingLocalStorageAccessInPrivateBrowsing):
        (WebCore::schemesAllowingDatabaseAccessInPrivateBrowsing):
        (WebCore::builtinCORSEnabledSchemes):
        (WebCore::CORSEnabledSchemes):
        (WebCore::ContentSecurityPolicyBypassingSchemes):
        (WebCore::cachePartitioningSchemes):
        (WebCore::serviceWorkerSchemes):
        (WebCore::alwaysRevalidatedSchemes):
        (WebCore::SchemeRegistry::shouldTreatURLSchemeAsLocal):
        (WebCore::SchemeRegistry::registerURLSchemeAsNoAccess):
        (WebCore::SchemeRegistry::shouldTreatURLSchemeAsNoAccess):
        (WebCore::SchemeRegistry::registerURLSchemeAsDisplayIsolated):
        (WebCore::SchemeRegistry::shouldTreatURLSchemeAsDisplayIsolated):
        (WebCore::SchemeRegistry::registerURLSchemeAsSecure):
        (WebCore::SchemeRegistry::shouldTreatURLSchemeAsSecure):
        (WebCore::SchemeRegistry::canDisplayOnlyIfCanRequest):
        (WebCore::SchemeRegistry::registerAsCanDisplayOnlyIfCanRequest):
        (WebCore::SchemeRegistry::registerURLSchemeAsBypassingContentSecurityPolicy):
        (WebCore::SchemeRegistry::removeURLSchemeRegisteredAsBypassingContentSecurityPolicy):
        (WebCore::SchemeRegistry::schemeShouldBypassContentSecurityPolicy):
        (WebCore::SchemeRegistry::registerURLSchemeAsCachePartitioned):
        (WebCore::SchemeRegistry::shouldPartitionCacheForURLScheme):
        (WebCore::SchemeRegistry::registerURLSchemeServiceWorkersCanHandle):
        (WebCore::SchemeRegistry::canServiceWorkersHandleURLScheme):
        (WebCore::SchemeRegistry::isServiceWorkerContainerCustomScheme):
        * platform/SchemeRegistry.h:

2018-04-03  Carlos Garcia Campos  <cgarcia@igalia.com>

        [SOUP] Stop using ResourceHandle to load GResources
        https://bugs.webkit.org/show_bug.cgi?id=184259

        Reviewed by Sergio Villar Senin.

        GResources are loaded in the WebProcess using ResourceHandle because soup handles them transparently. But now
        that we no longer use ResourceHandle, we can add a simple loader for GResources, similar to the one used for
        data URLS, since loading a GResource is a matter of calling g_resources_lookup_data() in the end.

        * SourcesGTK.txt:
        * SourcesWPE.txt:
        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::start): Check if resource to load is a GResource and call loadGResource().
        * loader/ResourceLoader.h:
        * loader/soup/ResourceLoaderSoup.cpp: Added.
        (WebCore::ResourceLoader::loadGResource): Load the GResource in a GTask thread.
        * platform/SharedBuffer.cpp:
        (WebCore::SharedBuffer::DataSegment::data const):
        (WebCore::SharedBuffer::DataSegment::size const):
        * platform/SharedBuffer.h:
        * platform/glib/SharedBufferGlib.cpp:
        (WebCore::SharedBuffer::SharedBuffer):
        (WebCore::SharedBuffer::create):

2018-04-02  Carlos Garcia Campos  <cgarcia@igalia.com>

        [Enchant] Clean up TextCheckerEnchant
        https://bugs.webkit.org/show_bug.cgi?id=184233

        Reviewed by Michael Catanzaro.

        Several cleanups and improvements:

        * platform/text/enchant/TextCheckerEnchant.cpp:
        (WebCore::TextCheckerEnchant::singleton): Make TextCheckerEnchant a singleton since it's always used as a
        singleton.
        (WebCore::TextCheckerEnchant::EnchantDictDeleter::operator() const):
        (WebCore::TextCheckerEnchant::TextCheckerEnchant):
        (WebCore::TextCheckerEnchant::ignoreWord): Convert to utf8 once instead of on every loop iteration.
        (WebCore::TextCheckerEnchant::learnWord): Ditton.
        (WebCore::TextCheckerEnchant::checkSpellingOfWord): m_enchantDictionaries is now a Vector of std::unique_ptr.
        (WebCore::TextCheckerEnchant::getGuessesForWord): Convert to utf8 once instead of on every loop iteration.
        (WebCore::TextCheckerEnchant::updateSpellCheckingLanguages): Get only the first language instead of building a
        vector to get its first item. Use WTFMove to replace m_enchantDictionaries with the new Vector.
        (WebCore::TextCheckerEnchant::loadedSpellCheckingLanguages const): Use a lambda to get the list of languages
        already converted to String and iterate only once.
        (WebCore::TextCheckerEnchant::availableSpellCheckingLanguages const): Ditto.
        (WebCore::enchantDictDescribeCallback): Deleted.
        (WebCore::TextCheckerEnchant::~TextCheckerEnchant): Deleted.
        (WebCore::TextCheckerEnchant::freeEnchantBrokerDictionaries): Deleted.
        * platform/text/enchant/TextCheckerEnchant.h:

2018-04-03  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Segfaults in enchant_broker_free_dict()
        https://bugs.webkit.org/show_bug.cgi?id=183738

        Reviewed by Michael Catanzaro.

        Check enchant_broker_request_dict() didn't return nullptr before adding it to the m_enchantDictionaries vector.

        * platform/text/enchant/TextCheckerEnchant.cpp:
        (WebCore::TextCheckerEnchant::updateSpellCheckingLanguages):

2018-04-03  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] NetworkProcess from WebKitGtk+ 2.19.9x SIGSEVs in NetworkStorageSession (secret search callback)
        https://bugs.webkit.org/show_bug.cgi?id=183346

        Reviewed by Michael Catanzaro.

        This might happen if a request is cancelled right after the password request starts and before it finishes. We
        should cancel the password search when the network request is cancelled, not only when the NetworkStorageSession
        is destroyed.

        * platform/network/NetworkStorageSession.h:
        * platform/network/soup/NetworkStorageSessionSoup.cpp:
        (WebCore::NetworkStorageSession::~NetworkStorageSession):
        (WebCore::SecretServiceSearchData::SecretServiceSearchData): Helper struct to keep the request cancellable and
        completion handler.
        (WebCore::NetworkStorageSession::getCredentialFromPersistentStorage): Create a SecretServiceSearchData for the
        request.
        * platform/network/soup/ResourceHandleSoup.cpp:
        (WebCore::ResourceHandle::didReceiveAuthenticationChallenge): Pass the request cancellable to
        NetworkStorageSession::getCredentialFromPersistentStorage().

2018-04-02  Eric Carlson  <eric.carlson@apple.com>

        [Extra zoom mode] Replace video with a placeholder image during fullscreen transition
        https://bugs.webkit.org/show_bug.cgi?id=184188
        <rdar://problem/38940307>

        Reviewed by Youenn Fablet.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::willExitFullscreen):
        * html/HTMLMediaElement.h:
        * platform/cocoa/VideoFullscreenChangeObserver.h:
        * platform/cocoa/VideoFullscreenModelVideoElement.h:
        * platform/cocoa/VideoFullscreenModelVideoElement.mm:
        (VideoFullscreenModelVideoElement::willExitFullscreen):
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::updateVideoFullscreenInlineImage):
        * platform/graphics/MediaPlayer.h:
        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::updateVideoFullscreenInlineImage):
        * platform/graphics/VideoFullscreenLayerManager.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerItem):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::updateVideoFullscreenInlineImage):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenLayer):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::updateLastPixelBuffer):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::updateLastImage):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::paintWithVideoOutput):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setVideoFullscreenLayer):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setVideoFullscreenLayer):
        * platform/graphics/avfoundation/objc/VideoFullscreenLayerManagerObjC.h:
        * platform/graphics/avfoundation/objc/VideoFullscreenLayerManagerObjC.mm:
        (WebCore::VideoFullscreenLayerManagerObjC::setVideoLayer):
        (WebCore::VideoFullscreenLayerManagerObjC::updateVideoFullscreenInlineImage):
        (WebCore::VideoFullscreenLayerManagerObjC::setVideoFullscreenLayer):
        * platform/ios/VideoFullscreenInterfaceAVKit.h:
        * platform/ios/VideoFullscreenInterfaceAVKit.mm:
        (VideoFullscreenInterfaceAVKit::exitFullscreen):
        (VideoFullscreenInterfaceAVKit::preparedToExitFullscreen):
        (VideoFullscreenInterfaceAVKit::shouldExitFullscreenWithReason):
        * platform/ios/WebVideoFullscreenControllerAVKit.mm:
        (VideoFullscreenControllerContext::willExitFullscreen):

2018-04-02  Eric Carlson  <eric.carlson@apple.com>

        Define AVKit softlink macro
        https://bugs.webkit.org/show_bug.cgi?id=184241

        Reviewed by Jer Noble.

        No new tests, no functional change.

        * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.mm:
        * platform/ios/PlaybackSessionInterfaceAVKit.mm:
        * platform/ios/VideoFullscreenInterfaceAVKit.mm:
        * platform/ios/WebAVPlayerController.mm:
        * platform/mac/PlaybackSessionInterfaceMac.mm:
        * platform/mac/VideoFullscreenInterfaceMac.mm:

2018-04-02  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Extra zoom mode] Update date picker UI to latest specifications
        https://bugs.webkit.org/show_bug.cgi?id=184234
        <rdar://problem/38804760>

        Reviewed by Timothy Hatcher.

        Tweak localizable strings. Day, month and year labels should be fully capitalized, and there needs to be a
        string for the "Set" button title.

        * English.lproj/Localizable.strings:
        * platform/LocalizedStrings.cpp:
        (WebCore::datePickerSetButtonTitle):
        (WebCore::datePickerDayLabelTitle):
        (WebCore::datePickerMonthLabelTitle):
        (WebCore::datePickerYearLabelTitle):
        * platform/LocalizedStrings.h:

2018-04-02  Ryosuke Niwa  <rniwa@webkit.org>

        REGRESSION(r228260):WebHTMLView beeps at every keydown for Chinese/Japanese/Korean Input Method
        https://bugs.webkit.org/show_bug.cgi?id=184231

        Reviewed by Alexey Proskuryakov.

        The bug was caused by EventHandler::internalKeyEvent calling setDefaultHandled and expecting it to stay true
        after dispatching the event even though m_defaultHandled is always cleared after r228260. This results in
        EventHandler::internalKeyEvent returning false, and resulting in a beep.

        Unfortunately, no new tests since there is no facility to detect this case in layout tests, and we can't
        easily emulate or trigger a real input method in API tests.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::internalKeyEvent):

2018-04-02  Jer Noble  <jer.noble@apple.com>

        AudioBufferSourceNode start method causes OfflineAudioContext to start running
        https://bugs.webkit.org/show_bug.cgi?id=181939
        <rdar://problem/36755393>

        Reviewed by Eric Carlson.

        Test: webaudio/offlineaudiocontext-restriction.html

        Don't respect playback restrictions for offline AudioContexts.

        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::constructCommon):
        * Modules/webaudio/AudioContext.h:
        (WebCore::AudioContext::isOfflineContext const):
        (WebCore::AudioContext::userGestureRequiredForAudioStart const):
        (WebCore::AudioContext::pageConsentRequiredForAudioStart const):
        (WebCore::AudioContext::isOfflineContext): Deleted.

2018-04-02  Alejandro G. Castro  <alex@igalia.com>

        [GTK] Make libwebrtc backend buildable for GTK  port
        https://bugs.webkit.org/show_bug.cgi?id=178860

        Reviewed by Youenn Fablet.

        This is the first step to add webrtc support to the GTK port using
        the libwebrtc backend.

        No new tests, no new feature added, it should be tested by current
        tests.

        * CMakeLists.txt: Add the new files to the compilation and set the
        new includes in the libwebrtc library.
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        Reorder the includes alphabetically and add some that are missing.
        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
        Ditto.
        * Sources.txt: Add new file to the compilation.
        * platform/mediastream/gstreamer/RealtimeIncomingAudioSourceLibWebRTC.cpp:
        Added. Initial implementation for GTK and WPE.
        * platform/mediastream/gstreamer/RealtimeIncomingAudioSourceLibWebRTC.h:
        Added. Ditto.
        * platform/mediastream/gstreamer/RealtimeIncomingVideoSourceLibWebRTC.cpp:
        Added. Ditto.
        * platform/mediastream/gstreamer/RealtimeIncomingVideoSourceLibWebRTC.h:
        Added. Ditto.
        * platform/mediastream/gstreamer/RealtimeOutgoingAudioSourceLibWebRTC.cpp:
        Added. Ditto.
        * platform/mediastream/gstreamer/RealtimeOutgoingAudioSourceLibWebRTC.h:
        Added. Ditto.
        * platform/mediastream/gstreamer/RealtimeOutgoingVideoSourceLibWebRTC.cpp:
        Added. Ditto.
        * platform/mediastream/gstreamer/RealtimeOutgoingVideoSourceLibWebRTC.h:
        Added. Ditto.
        * platform/mediastream/libwebrtc/LibWebRTCProviderGlib.cpp: Added includes
        for the compilation.
        * platform/mediastream/libwebrtc/LibWebRTCProviderGlib.h: Added, inherit from
        the LibWebRTCProvider to adapt for glib.

2018-04-01  Yusuke Suzuki  <utatane.tea@gmail.com>

        Use WTF::Lock instead of GMutex
        https://bugs.webkit.org/show_bug.cgi?id=184227

        Reviewed by Saam Barati.

        Prefer WTF::Lock over GMutex since these locks are just protecting WebKit C++ fields.

        No behavior change.

        * platform/audio/gstreamer/AudioSourceProviderGStreamer.cpp:
        (WebCore::AudioSourceProviderGStreamer::AudioSourceProviderGStreamer):
        (WebCore::AudioSourceProviderGStreamer::~AudioSourceProviderGStreamer):
        (WebCore::AudioSourceProviderGStreamer::provideInput):
        (WebCore::AudioSourceProviderGStreamer::handleAudioBuffer):
        (WebCore::AudioSourceProviderGStreamer::clearAdapters):
        * platform/audio/gstreamer/AudioSourceProviderGStreamer.h:
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::MediaPlayerPrivateGStreamerBase):
        (WebCore::MediaPlayerPrivateGStreamerBase::~MediaPlayerPrivateGStreamerBase):
        (WebCore::MediaPlayerPrivateGStreamerBase::naturalSize const):
        (WebCore::MediaPlayerPrivateGStreamerBase::pushTextureToCompositor):
        (WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint):
        (WebCore::MediaPlayerPrivateGStreamerBase::flushCurrentBuffer):
        (WebCore::MediaPlayerPrivateGStreamerBase::paint):
        (WebCore::MediaPlayerPrivateGStreamerBase::copyVideoTextureToPlatformTexture):
        (WebCore::MediaPlayerPrivateGStreamerBase::nativeImageForCurrentTime):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
        * platform/graphics/gstreamer/mse/PlaybackPipeline.cpp:
        * platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp:

2018-03-31  Brent Fulgham  <bfulgham@apple.com>

        Show punycode if URL contains hyphen character
        https://bugs.webkit.org/show_bug.cgi?id=184221
        <rdar://problem/38044633>

        Reviewed by Darin Adler.

        Revise our "lookalike character" logic to include the hyphen,
        non-breaking hyphen, and minus sign.

        Test: fast/url/host.html

        * platform/mac/WebCoreNSURLExtras.mm:
        (WebCore::isLookalikeCharacter):

2018-03-31  Filip Pizlo  <fpizlo@apple.com>

        JSObject shouldn't do index masking
        https://bugs.webkit.org/show_bug.cgi?id=184194

        Reviewed by Yusuke Suzuki.

        No new tests because no new behavior.

        * bindings/js/JSDOMConvertSequences.h:
        (WebCore::Detail::NumericSequenceConverter::convertArray):
        (WebCore::Detail::SequenceConverter::convertArray):

2018-03-30  Chris Dumez  <cdumez@apple.com>

        REGRESSION (r229828): Facebook login popup is blank
        https://bugs.webkit.org/show_bug.cgi?id=184206
        <rdar://problem/39057006>

        Reviewed by Wenson Hsieh.

        Since r229828, we freeze the layer tree during the navigation policy check.
        We freeze in WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction()
        and unfreeze in WebFrameLoaderClient::didDecidePolicyForNavigationAction().

        WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction() gets called
        from PolicyChecker::checkNavigationPolicy() which has 3 call sites in
        FrameLoader and one in DocumentLoader for redirects. The call sites in
        FrameLoader were taking care of calling didDecidePolicyForNavigationAction()
        on the FrameLoaderClient in their completion handler, but the DocumentLoader
        call site was failing to do so. As a result, the layer tree would stay frozen.

        To make this a lot less error prone, I moved the call to
        WebFrameLoaderClient::didDecidePolicyForNavigationAction() to
        PolicyChecker::checkNavigationPolicy(), inside the completion handler passed
        to WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction(). This way,
        even if new code starts calling PolicyChecker::checkNavigationPolicy(), we
        do not need to worry about letting the client know when the policy decision
        is made.

        No new tests, covered by existing redirection tests with the
        new assertion I added.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::continueFragmentScrollAfterNavigationPolicy):
        (WebCore::FrameLoader::continueLoadAfterNavigationPolicy):
        * loader/PolicyChecker.cpp:
        (WebCore::PolicyChecker::checkNavigationPolicy):

2018-03-30  Devin Rousso  <webkit@devinrousso.com>

        Web Inspector: tint all pixels drawn by shader program when hovering ShaderProgramTreeElement
        https://bugs.webkit.org/show_bug.cgi?id=175223

        Reviewed by Matt Baker.

        Test: inspector/canvas/setShaderProgramHighlighted.html

        * html/canvas/InspectorShaderProgram.h:
        (WebCore::InspectorShaderProgram::highlighted):
        (WebCore::InspectorShaderProgram::setHighlighted):

        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::InspectorScopedShaderProgramHighlight::InspectorScopedShaderProgramHighlight):
        (WebCore::InspectorScopedShaderProgramHighlight::~InspectorScopedShaderProgramHighlight):
        (WebCore::InspectorScopedShaderProgramHighlight::showHighlight):
        (WebCore::InspectorScopedShaderProgramHighlight::hideHighlight):
        (WebCore::InspectorScopedShaderProgramHighlight::saveBlendValue):
        (WebCore::InspectorScopedShaderProgramHighlight::hasBufferBinding):
        (WebCore::InspectorScopedShaderProgramHighlight::hasFramebufferParameterAttachment):
        (WebCore::WebGLRenderingContextBase::drawArrays):
        (WebCore::WebGLRenderingContextBase::drawElements):
        If the current shader program has been marked as highlighted, apply a blend right before
        `drawArrays` and `drawElements` is called, tinting the resulting pixels so that they are
        visually distinguished from pixels drawn by other shader programs.

        * inspector/InspectorCanvasAgent.h:
        * inspector/InspectorCanvasAgent.cpp:
        (WebCore::InspectorCanvasAgent::setShaderProgramHighlighted):
        (WebCore::InspectorCanvasAgent::isShaderProgramHighlighted):

        * inspector/InspectorInstrumentation.h:
        * inspector/InspectorInstrumentation.cpp:
        (WebCore::InspectorInstrumentation::isShaderProgramHighlighted):
        (WebCore::InspectorInstrumentation::isShaderProgramHighlightedImpl):

2018-03-30  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Extra zoom mode] Adopt list view controller UI for numeric input types
        https://bugs.webkit.org/show_bug.cgi?id=184184
        <rdar://problem/37238916>

        Reviewed by Timothy Hatcher.

        Add a localized string for the OK button shown on number pads in extra zoomed form controls.

        * English.lproj/Localizable.strings:
        * platform/LocalizedStrings.cpp:
        (WebCore::numberPadOKButtonTitle):
        * platform/LocalizedStrings.h:

2018-03-30  Ryosuke Niwa  <rniwa@webkit.org>

        Copying a list from Microsoft Word to TinyMCE fails when mso-list is the first property
        https://bugs.webkit.org/show_bug.cgi?id=182938
        <rdar://problem/37683007>

        Reviewed by Wenson Hsieh.

        Made the logic to detect Microsoft Word's mso-list CSS property more generic by detecting
        inline styles which start with "mso-list:" and one which line-break right before it: "\nmso-list:"

        Tests: PasteHTML.PreservesMSOList

        * editing/markup.cpp:
        (WebCore::StyledMarkupAccumulator::shouldPreserveMSOListStyleForElement):

2018-03-30  Youenn Fablet  <youenn@apple.com>

        NetworkLoadChecker should upgrade redirects if needed
        https://bugs.webkit.org/show_bug.cgi?id=184098

        Reviewed by Chris Dumez.

        Test: imported/w3c/web-platform-tests/beacon/upgrade-beacon.https.html

        * page/csp/ContentSecurityPolicy.h:

2018-03-30  Daniel Bates  <dabates@apple.com>

        ASSERTION FAILED: ASSERT(!containsImage || MIMETypeRegistry::isSupportedImageResourceMIMEType([resource MIMEType])) in -[NSPasteboard(WebExtras) _web_writePromisedRTFDFromArchive:containsImage:]
        https://bugs.webkit.org/show_bug.cgi?id=184161

        Reviewed by Per Arne Vollan.

        Fixes an assertion failure when quiting an app that uses a Legacy WebKit web view
        after dragging-and-dropping a PDF embedded using an HTML image element into the
        same web view.

        When performing a drag-and-drop of a PDF document image (WebCore::PDFDocumentImage) we create a WebArchive
        from the main frame's WebHTMLView and promise AppKit that will provide a Rich Text Format (RTF) document
        from this archive if needed. For some reason, on app termination AppKit requests that the WebHTMLView
        fullfill its RTF document promise for the WebArchive created at the start of the drag operation. WebKit
        expects that the created WebArchive is either for an inline image (e.g. <img>) or an image document that
        has a supported image resource MIME type (by querying MIMETypeRegistry::isSupportedImageResourceMIMEType())
        and checks for these cases in this order. PDF/PostScript are not listed in the set of supported image
        resource MIME types. So, the first check fails and WebKit assumes that the WebArchive was created from
        an image document of a supported image resource MIME type. However, the WebArchive was created from a
        WebHTMLView and has MIME type text/html. Therefore the assertion fails. We need to add PDF and PostScript
        to the set of supported image resource MIME types so that WebKit does not fall back to the WebHTMLView
        code path. Historically, PDF and PostScript were in the set supported image resource MIME types. Over time
        the set of MIME types for image resouces (images loaded as a document) became identical to the set of MIME
        types for images loaded inline (e.g. <img>) and this set omitted the MIME types for PDF and PostScript.

        Additionally it is sufficient to implement MIMETypeRegistry::isSupportedImageResourceMIMEType() in terms
        of MIMETypeRegistry::isSupportedImageMIMEType() and MIMETypeRegistry::isPDFOrPostScriptMIMEType() instead
        of allocating a dedicated HashSet for the supported image resource MIME types (as we currently do).

        * dom/DOMImplementation.cpp:
        (WebCore::DOMImplementation::createDocument): Assert that PDF is a supported image MIME type before
        instantiating an ImageDocument.
        * platform/MIMETypeRegistry.cpp:
        (WebCore::initializeSupportedImageMIMETypes): Remove unnecessary allocation of a HashSet for the support
        image resource MIME types.
        (WebCore::MIMETypeRegistry::isSupportedImageResourceMIMEType): Write in terms of MIMETypeRegistry::isSupportedImageMIMEType()
        and MIMETypeRegistry::isPDFOrPostScriptMIMEType().
        (WebCore::MIMETypeRegistry::getSupportedImageResourceMIMETypes): Deleted.
        * platform/MIMETypeRegistry.h:

2018-03-29  Antoine Quint  <graouts@apple.com>

        [Web Animations] CSSTransition objects should have fill: backwards to allow seeking prior to start time
        https://bugs.webkit.org/show_bug.cgi?id=184129

        Reviewed by Dean Jackson.

        In order to allow a CSS Transition to be seeked prior to its start time, it needs to have its fill mode set
        to backwards. Adding code to set the fill mode in CSSTransition::initialize() yields early timing model
        invalidation and we could get in a situation where stylesWouldYieldNewCSSTransitionsBlendingKeyframes()
        was called before we had a chance to create blending keyframes for a CSS transitions, since the call
        to create blending keyframes is made after the call to initialize(), so we now cater for this case.

        * animation/CSSTransition.cpp:
        (WebCore::CSSTransition::initialize):
        * animation/CSSTransition.h:
        * animation/KeyframeEffectReadOnly.cpp:
        (WebCore::KeyframeEffectReadOnly::stylesWouldYieldNewCSSTransitionsBlendingKeyframes const):

2018-03-30  Daniel Bates  <dabates@apple.com>

        Remove unused MIMETypeRegistry::getSupportedImageMIMETypesForEncoding()
        https://bugs.webkit.org/show_bug.cgi?id=184154

        Reviewed by Per Arne Vollan.

        * platform/MIMETypeRegistry.cpp:
        (WebCore::MIMETypeRegistry::getSupportedImageMIMETypesForEncoding): Deleted.
        * platform/MIMETypeRegistry.h:

2018-03-30  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r230102.

        Caused assertion failures on JSC bots.

        Reverted changeset:

        "A stack overflow in the parsing of a builtin (called by
        createExecutable) cause a crash instead of a catchable js
        exception"
        https://bugs.webkit.org/show_bug.cgi?id=184074
        https://trac.webkit.org/changeset/230102

2018-03-30  Robin Morisset  <rmorisset@apple.com>

        A stack overflow in the parsing of a builtin (called by createExecutable) cause a crash instead of a catchable js exception
        https://bugs.webkit.org/show_bug.cgi?id=184074
        <rdar://problem/37165897>

        Reviewed by Keith Miller.

        I had to slightly change the type of some bindings between JSC and WebCore. No functional change intended on the WebCore side.

        * bindings/js/JSReadableStreamPrivateConstructors.cpp:
        (WebCore::JSBuiltinReadableStreamDefaultReaderPrivateConstructor::initializeExecutable):
        (WebCore::JSBuiltinReadableStreamDefaultControllerPrivateConstructor::initializeExecutable):
        (WebCore::JSBuiltinReadableByteStreamControllerPrivateConstructor::initializeExecutable):
        (WebCore::JSBuiltinReadableStreamBYOBReaderPrivateConstructor::initializeExecutable):
        (WebCore::JSBuiltinReadableStreamBYOBRequestPrivateConstructor::initializeExecutable):
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateConstructorHelperMethods):
        * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
        (WebCore::JSTestClassWithJSBuiltinConstructorConstructor::initializeExecutable):
        * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
        (WebCore::JSTestJSBuiltinConstructorConstructor::initializeExecutable):

2018-03-29  Antoine Quint  <graouts@apple.com>

        [Web Animations] Correctly obtain the timing function for a given keyframe
        https://bugs.webkit.org/show_bug.cgi?id=184146

        Reviewed by Dean Jackson.

        The way we would get the timing function for a given KeyframeValue stored in a KeyframeList was really suboptimal.
        When keyframes were created, we would set the animated element's style on each keyframe, and set keyframe-specific
        properties and values on top. When figuring out the timing function for a KeyframeValue, we would look at its render
        style, go through its list of animations, which could include animations that are irrelevant to this specific keyframe
        list since all animations from the animated element are referenced, and we would have to look up the correct animation
        by name and get the timing function, even though the timing function stored on the animation was now specific to this
        particular keyframe.

        We now simply set a m_timingFunction member on a KeyframeValue, which is null if no explicit animation-timing-function
        was provided for this keyframe in CSS, and otherwise set to a valid TimingFunction.

        This fixes our behavior for a 4 existing animation tests when opted into the CSS Animations and CSS Transitions as
        Web Animations feature.

        * animation/KeyframeEffectReadOnly.cpp:
        (WebCore::KeyframeEffectReadOnly::timingFunctionForKeyframeAtIndex):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::keyframeStylesForAnimation):
        * page/animation/KeyframeAnimation.cpp:
        (WebCore::KeyframeAnimation::fetchIntervalEndpointsForProperty const):
        * platform/animation/TimingFunction.cpp:
        (WebCore::TimingFunction::createFromCSSText):
        (WebCore::TimingFunction::createFromCSSValue):
        * platform/animation/TimingFunction.h:
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::startAnimation):
        * rendering/style/KeyframeList.cpp:
        (WebCore::KeyframeValue::timingFunction const): Deleted.
        * rendering/style/KeyframeList.h:
        (WebCore::KeyframeValue::timingFunction const):
        (WebCore::KeyframeValue::setTimingFunction):

2018-03-29  Ryosuke Niwa  <rniwa@webkit.org>

        Copying a list from Microsoft Word to TinyMCE fails when mso-list is on tags other than P
        https://bugs.webkit.org/show_bug.cgi?id=182954
        <rdar://problem/37713141>

        Reviewed by Wenson Hsieh.

        Fixed the bug by relaxing the restriction that we only preserve mso-list on p.

        Tests: PasteHTML.PreservesMSOListOnH4

        * editing/markup.cpp:
        (WebCore::StyledMarkupAccumulator::shouldPreserveMSOListStyleForElement):

2018-03-29  JF Bastien  <jfbastien@apple.com>

        Use Forward.h instead of forward-declaring WTF::String
        https://bugs.webkit.org/show_bug.cgi?id=184172
        <rdar://problem/39026146>

        Reviewed by Yusuke Suzuki.

        As part of #184164 I'm changing WTF::String, and the forward
        declarations are just wrong because I'm making it templated. We
        should use Forward.h anyways, so do that instead.

        * css/makeprop.pl:
        * platform/cocoa/PlaybackSessionInterface.h:
        * platform/ios/Device.h:
        * platform/ios/PlaybackSessionInterfaceAVKit.h:
        * platform/ios/VideoFullscreenInterfaceAVKit.h:
        * platform/win/PathWalker.h:
        * testing/js/WebCoreTestSupport.h:

2018-03-29  Ross Kirsling  <ross.kirsling@sony.com>

        MSVC __forceinline slows down JSC release build fivefold after r229391
        https://bugs.webkit.org/show_bug.cgi?id=184062

        Reviewed by Alex Christensen.

        * platform/graphics/FormatConverter.cpp:
        Factor ALWAYS_INLINE_EXCEPT_MSVC out to WTF.

2018-03-29  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r230087.

        Introduced LayoutTest failures.

        Reverted changeset:

        "FrameSelection::appearanceUpdateTimerFired should be robust
        against layout passes underneath it"
        https://bugs.webkit.org/show_bug.cgi?id=183395
        https://trac.webkit.org/changeset/230087

2018-03-29  Wenson Hsieh  <wenson_hsieh@apple.com>

        FrameSelection::appearanceUpdateTimerFired should be robust against layout passes underneath it
        https://bugs.webkit.org/show_bug.cgi?id=183395
        <rdar://problem/38055732>

        Reviewed by Zalan Bujtas.

        In the case where a FrameSelection updates its appearance when m_appearanceUpdateTimer is fired, the
        FrameSelection's Frame is unprotected, and can be removed by arbitrary script. This patch applies a simple
        mitigation by wrapping the Frame in a Ref when firing the appearance update timer, and ensuring that layout is
        really up to date before calling updateAppearanceAfterLayoutOrStyleChange() from the timer.

        Test: editing/selection/iframe-update-selection-appearance.html

        * editing/FrameSelection.cpp:
        (WebCore::FrameSelection::appearanceUpdateTimerFired):

2018-03-29  Daniel Bates  <dabates@apple.com>

        Substitute ArchiveFactory::isArchiveMIMEType() for ArchiveFactory::isArchiveMimeType().

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::commitLoad):
        * loader/archive/ArchiveFactory.cpp:
        (WebCore::ArchiveFactory::isArchiveMIMEType):
        (WebCore::ArchiveFactory::isArchiveMimeType): Deleted.
        * loader/archive/ArchiveFactory.h:
        * platform/MIMETypeRegistry.h:

2018-03-29  Daniel Bates  <dabates@apple.com>

        MIMETypeRegistry should return const HashSets
        https://bugs.webkit.org/show_bug.cgi?id=184150

        Reviewed by Per Arne Vollan.

        Only getSupportedNonImageMIMETypes() needs to return a non-const HashSet so that
        LegacyWebKit can modify the set of non-image MIME types.

        * platform/MIMETypeRegistry.cpp:
        (WebCore::MIMETypeRegistry::getSupportedImageMIMETypes):
        (WebCore::MIMETypeRegistry::getSupportedImageResourceMIMETypes):
        (WebCore::MIMETypeRegistry::getSupportedImageMIMETypesForEncoding):
        (WebCore::MIMETypeRegistry::getSupportedMediaMIMETypes):
        (WebCore::MIMETypeRegistry::getPDFMIMETypes):
        (WebCore::MIMETypeRegistry::getUnsupportedTextMIMETypes):
        * platform/MIMETypeRegistry.h:

2018-03-29  Brady Eidson  <beidson@apple.com>

        Update Service Worker feature status.
        https://bugs.webkit.org/show_bug.cgi?id=184139

        Reviewed by Chris Dumez.

        * features.json:

2018-03-29  Chris Dumez  <cdumez@apple.com>

        Drop DOMWindow::frames() / DOMWindow::window() methods
        https://bugs.webkit.org/show_bug.cgi?id=184112

        Reviewed by Daniel Bates.

        Drop DOMWindow::frames() / DOMWindow::window() methods as they are just aliases for DOMWindow::self().

        * page/DOMWindow.h:
        * page/DOMWindow.idl:

2018-03-29  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r230062.
        https://bugs.webkit.org/show_bug.cgi?id=184128

        Broke mac port. web content process crashes while loading any
        web page (Requested by rniwa on #webkit).

        Reverted changeset:

        "MSVC __forceinline slows down JSC release build fivefold
        after r229391"
        https://bugs.webkit.org/show_bug.cgi?id=184062
        https://trac.webkit.org/changeset/230062

2018-03-28  Antoine Quint  <graouts@apple.com>

        [Web Animations] Implement more CSSPropertyBlendingClient methods
        https://bugs.webkit.org/show_bug.cgi?id=184077

        Reviewed by Dean Jackson.

        We only had stubs for several of the CSSPropertyBlendingClient methods and thus always implied that we
        were animating non-matching transform, filter and backdrop-filter properties. We now implement those using
        the same code used in KeyframeAnimation. This allows for 31 new tests to opt into the CSS Animations and
        CSS Transitions as Web Animations feature.

        We also ensure we only run a CSSAnimationController assertion in FrameView::didDestroyRenderTree() if
        we're not using the CSS Animations and CSS Transitions as Web Animations feature.

        * animation/KeyframeEffectReadOnly.cpp:
        (WebCore::KeyframeEffectReadOnly::copyPropertiesFromSource):
        (WebCore::KeyframeEffectReadOnly::updateBlendingKeyframes):
        (WebCore::KeyframeEffectReadOnly::setBlendingKeyframes):
        (WebCore::KeyframeEffectReadOnly::checkForMatchingTransformFunctionLists):
        (WebCore::KeyframeEffectReadOnly::checkForMatchingFilterFunctionLists):
        (WebCore::KeyframeEffectReadOnly::checkForMatchingBackdropFilterFunctionLists):
        (WebCore::KeyframeEffectReadOnly::computeCSSAnimationBlendingKeyframes):
        (WebCore::KeyframeEffectReadOnly::computeCSSTransitionBlendingKeyframes):
        * animation/KeyframeEffectReadOnly.h:
        * page/FrameView.cpp:
        (WebCore::FrameView::didDestroyRenderTree):

2018-03-28  Chris Dumez  <cdumez@apple.com>

        Align XMLHttpRequest's open() / send() / abort() with the latest specification
        https://bugs.webkit.org/show_bug.cgi?id=184108

        Reviewed by Youenn Fablet.

        Align XMLHttpRequest's open() / send() / abort() with the latest specification:
        - https://xhr.spec.whatwg.org

        No new tests, rebaselined existing layout tests.

        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::open):
        Align with https://xhr.spec.whatwg.org/#the-open()-method:
        - Change the order of some steps to match the order in the spec. In particular,
          open() no longer resets the state to UNSENT or abort any existing load when it
          fails early due to being passed a bad method.

        (WebCore::XMLHttpRequest::createRequest):
        Align with https://xhr.spec.whatwg.org/#the-send()-method:
        - Use the simpler "upload listener flag" logic from the spec instead of our more
          complex m_uploadEventsAllowed flag. This avoids constructing a SecurityOrigin
          objects on a background thread when XHR is used inside Web Workers, which was
          not thread-safe.
        - Set the upload complete flag when the request has no body as per step 9.
        - After firing the loadstartEvent, return early if the state is no longer OPEN or
          if the send flag is unset, as per step 11.3.

        (WebCore::XMLHttpRequest::abort):
        Align with https://xhr.spec.whatwg.org/#the-abort()-method:
        - Only set the state to UNSENT if the state is still DONE after firing the error
          events, as per step 3.

        (WebCore::XMLHttpRequest::didSendData):
        Use new "upload listener flag".

        (WebCore::XMLHttpRequest::dispatchErrorEvents):
        Align with https://xhr.spec.whatwg.org/#request-error-steps:
        - Stop firing a progress event in case of error as this is not as per specification
          and Firefox does not fire those either.

        * xml/XMLHttpRequest.h:

2018-03-28  Timothy Hatcher  <timothy@apple.com>

        Consolidate NSColor to WebCore::Color conversion and fix system colors.

        https://bugs.webkit.org/show_bug.cgi?id=184096
        rdar://problem/38918925

        Reviewed by Tim Horton.

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (CreateCGColorIfDifferent): Use CGColor property on NSColor, don't manually create new CGColor.
        * platform/graphics/mac/ColorMac.h:
        * platform/graphics/mac/ColorMac.mm:
        (WebCore::makeRGBAFromNSColor): Move pattern code from RenderThemeMac's convertNSColorToColor.
        Also use nextafter for proper RGBA float conversion.
        * platform/mac/PlatformPasteboardMac.mm:
        (WebCore::PlatformPasteboard::color): Use colorFromNSColor.
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::platformActiveSelectionBackgroundColor const): Use colorFromNSColor.
        (WebCore::RenderThemeMac::platformInactiveSelectionBackgroundColor const): Ditto.
        (WebCore::RenderThemeMac::platformActiveListBoxSelectionBackgroundColor const): Ditto.
        (WebCore::RenderThemeMac::systemColor const): Ditto.
        (WebCore::paintAttachmentTitleBackground): Ditto.
        (WebCore::convertNSColorToColor): Deleted.

2018-03-28  Said Abou-Hallawa  <sabouhallawa@apple.com>

        The SVGAnimatedProperty wrappers have to be detached from the referenced values before the SVGAnimatedType is deleted
        https://bugs.webkit.org/show_bug.cgi?id=183972

        Reviewed by Daniel Bates.

        If the SVGAnimatedType is a list type, e.g. SVGLengthListValues, the wrappers
        of the animated properties have to be detached from the items in the list
        before it's deleted.

        * svg/SVGAnimateElementBase.cpp:
        (WebCore::SVGAnimateElementBase::clearAnimatedType):

2018-03-28  Ross Kirsling  <ross.kirsling@sony.com>

        MSVC __forceinline slows down JSC release build fivefold after r229391
        https://bugs.webkit.org/show_bug.cgi?id=184062

        Reviewed by Alex Christensen.

        * platform/graphics/FormatConverter.cpp:
        Factor ALWAYS_INLINE_EXCEPT_MSVC out to WTF.

2018-03-28  Zalan Bujtas  <zalan@apple.com>

        Make it possible to override the screen size
        https://bugs.webkit.org/show_bug.cgi?id=184111
        <rdar://problem/38972181>

        Reviewed by Tim Horton.

        We just call screenSize() atm.

        * page/Chrome.cpp:
        (WebCore::Chrome::overrideScreenSize const):
        * page/Chrome.h:
        * page/ChromeClient.h:
        * platform/HostWindow.h:
        * platform/PlatformScreen.h:
        * platform/ios/PlatformScreenIOS.mm:
        (WebCore::screenRect):
        (WebCore::overrideScreenSize):

2018-03-28  Timothy Hatcher  <timothy@apple.com>

        Include the 'text' color keyword as a system color.

        https://bugs.webkit.org/show_bug.cgi?id=184113
        rdar://problem/38779267

        Reviewed by Tim Horton.

        * css/StyleColor.cpp:
        (WebCore::StyleColor::isColorKeyword): Don't check CSSValueMenu, it is a system color and is included.
        (WebCore::StyleColor::isSystemColor): Include CSSValueText. Check CSSValueWebkitFocusRingColor in the range,
        since it is immediately after CSSValueAppleSystemYellow.

2018-03-28  Wenson Hsieh  <wenson_hsieh@apple.com>

        [iOS] Multiple select appearance doesn't update when selecting or deselecting rows in the picker view
        https://bugs.webkit.org/show_bug.cgi?id=184110
        <rdar://problem/38796648>

        Reviewed by Tim Horton.

        HTMLSelectElement::optionSelectedByUser is invoked upon user interaction with a select menu. This currently
        takes two separate codepaths, depending on whether or not the menu list appearance is being used to render the
        select. If a menu list appearance is used, we call selectOption(), which updates validity, updates the element
        renderer, and then dispatches a `change` event if needed.

        However, if updateSelectedState() is used, we only update form validity and then dispatch the `change` event
        without updating the renderer, leaving it stale.

        Test: fast/forms/ios/ipad/multiple-select-updates-renderer.html

        * html/HTMLSelectElement.cpp:
        (WebCore::HTMLSelectElement::optionSelectedByUser):

        Update the renderer after updating the DOM to reflect the selected option.

2018-03-28  Daniel Bates  <dabates@apple.com>

        Substitute "strong password confirmation auto fill" for "strong confirmation password auto fill"
        <rdar://problem/36518856>

        * English.lproj/Localizable.strings:
        * platform/LocalizedStrings.cpp:
        (WebCore::AXAutoFillStrongConfirmationPasswordLabel):

2018-03-28  Daniel Bates  <dabates@apple.com>

        WebSocket cookie incorrectly stored
        https://bugs.webkit.org/show_bug.cgi?id=184100
        <rdar://problem/37928715>

        Reviewed by Brent Fulgham.

        A cookie received in a WebSocket response should be stored with respect to the
        origin of the WebSocket server in order for it to be sent in a subsequent request.

        Also removed a FIXME about implementing support for the long since
        deprecated Set-Cookie2 header.

        Test: http/tests/websocket/tests/hybi/websocket-cookie-overwrite-behavior.html

        * Modules/websockets/WebSocketChannel.cpp:
        (WebCore::WebSocketChannel::processBuffer):
        * Modules/websockets/WebSocketHandshake.h:

2018-03-28  Chris Dumez  <cdumez@apple.com>

        Do process swap when opening a cross-origin URL via window.open(url, '_blank', 'noopener')
        https://bugs.webkit.org/show_bug.cgi?id=183962
        <rdar://problem/38817833>

        Reviewed by Brady Eidson.

        Pass extra bits of information to the UIProcess via NavigationAction:
        - Is it a cross origin navigation caused by window.open()
        - Does the navigated frame have an opener

        This information is useful to determine on UIProcess side if we want
        to swap WebProcess.

        * loader/FrameLoadRequest.h:
        (WebCore::FrameLoadRequest::setIsCrossOriginWindowOpenNavigation):
        (WebCore::FrameLoadRequest::isCrossOriginWindowOpenNavigation const):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadURL):
        * loader/NavigationAction.h:
        (WebCore::NavigationAction::setIsCrossOriginWindowOpenNavigation):
        (WebCore::NavigationAction::isCrossOriginWindowOpenNavigation const):
        (WebCore::NavigationAction::setOpener):
        (WebCore::NavigationAction::opener const):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::createWindow):

2018-03-28  Chris Dumez  <cdumez@apple.com>

        Thread safety issue in IDBFactory' shouldThrowSecurityException()
        https://bugs.webkit.org/show_bug.cgi?id=184064

        Reviewed by Ryosuke Niwa.

        shouldThrowSecurityException() gets called on a non-main thread but
        it ended up using the SchemeRegistry via SecurityOrigin::canAccessDatabase()
        which calls SecurityOrigin::isLocal().

        Since using the SchemeRegistry from the background thread is not safe
        (we recently added locks which we're trying to remove), and since SecurityOrigin
        methods are often called from background threads, this patch make SecurityOrigin::isLocal()
        safe to call from a background thread. To achieve this, we now query the SchemeRegistry
        in the SecurityOrigin constructor instead as SecurityOrigin objects are expected to be
        constructed on the main thread.

        * page/SecurityOrigin.cpp:
        (WebCore::SecurityOrigin::SecurityOrigin):
        (WebCore::SecurityOrigin::isLocal const): Deleted.
        * page/SecurityOrigin.h:
        (WebCore::SecurityOrigin::isLocal const):

2018-03-28  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r230033.

        The LayoutTests modified in this change fail an assertion on
        WK1.

        Reverted changeset:

        "[Web Animations] Implement more CSSPropertyBlendingClient
        methods"
        https://bugs.webkit.org/show_bug.cgi?id=184077
        https://trac.webkit.org/changeset/230033

2018-03-28  Chris Dumez  <cdumez@apple.com>

        WebSocket::didReceiveMessage() may construct a SecurityOrigin object on a non-main thread
        https://bugs.webkit.org/show_bug.cgi?id=184068

        Reviewed by Youenn Fablet.

        WebSocket::didReceiveMessage() may construct a SecurityOrigin object on a non-main thread,
        which is not safe. We now use SecurityOriginData since we only need an origin String and
        it is safe to construct a SecurityOriginData on any thread.

        * Modules/websockets/WebSocket.cpp:
        (WebCore::WebSocket::didReceiveMessage):

2018-03-28  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Extra zoom mode] Make boosted text autosizing values switchable at runtime
        https://bugs.webkit.org/show_bug.cgi?id=184092
        <rdar://problem/38939917>

        Reviewed by Tim Horton.

        In r228697, we introduced a new set of boosted text autosizing constants tuned for extra zoom mode, which are
        currently hard-coded as default values in SettingsBase. However, we've since identified cases where clients may
        want to opt in or out of boosted text autosizing values and just use the existing values.

        This replaces settings to adjust text autosizing constants with a flag to enable or disable boosted text
        autosizing; when changed, we update all three text autosizing parameters to their default or boosted values, and
        then trigger style recalculation.

        Test: TextAutosizingBoost.ChangeAutosizingBoostAtRuntime

        * page/Settings.yaml:
        * page/SettingsBase.cpp:
        (WebCore::SettingsBase::shouldEnableTextAutosizingBoostChanged):
        (WebCore::SettingsBase::defaultOneLineTextMultiplierCoefficient): Deleted.
        (WebCore::SettingsBase::defaultMultiLineTextMultiplierCoefficient): Deleted.
        (WebCore::SettingsBase::defaultMaxTextAutosizingScaleIncrease): Deleted.

        Changed these to constant values instead of helper functions, and also introduced boosted text autosizing
        constants for use in extra zoom mode.

        * page/SettingsBase.h:
        (WebCore::SettingsBase::oneLineTextMultiplierCoefficient const):
        (WebCore::SettingsBase::multiLineTextMultiplierCoefficient const):
        (WebCore::SettingsBase::maxTextAutosizingScaleIncrease const):
        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::extraDefaultStyleSheet):

        Tweak the stylesheet to make `-webkit-text-size-adjust: auto` overridable by web content. Adding the !important
        is breaking many websites that positioned text such that it is positioned within layout viewport bounds without
        text autosizing.

2018-03-28  Brent Fulgham  <bfulgham@apple.com>

        Avoid uninitialized mach ports
        https://bugs.webkit.org/show_bug.cgi?id=184090
        <rdar://problem/37261129>

        Reviewed by Chris Dumez.

        It is possible for mach_port_allocate to return an error, but we rarely check its return value. The value
        of the argument passed to mach_port_allocate is not guaranteed to be valid when it returns an error, so
        there is a potential for us to try to use invalid ports.

        We should always check return values, and ensure that the mach port variables we seek to initialize are
        kept in a valid state.

        No new tests, no Web-facing behavior change.

        * platform/graphics/cocoa/GraphicsContext3DCocoa.mm:
        (WebCore::attachToAppleGraphicsControl): Initialize masterPort to a default value.

2018-03-28  Antoine Quint  <graouts@apple.com>

        [Web Animations] Implement more CSSPropertyBlendingClient methods
        https://bugs.webkit.org/show_bug.cgi?id=184077

        Reviewed by Dean Jackson.

        We only had stubs for several of the CSSPropertyBlendingClient methods and thus always implied that we
        were animating non-matching transform, filter and backdrop-filter properties. We now implement those using
        the same code used in KeyframeAnimation. This allows for 31 new tests to opt into the CSS Animations and
        CSS Transitions as Web Animations feature.

        * animation/KeyframeEffectReadOnly.cpp:
        (WebCore::KeyframeEffectReadOnly::copyPropertiesFromSource):
        (WebCore::KeyframeEffectReadOnly::updateBlendingKeyframes):
        (WebCore::KeyframeEffectReadOnly::setBlendingKeyframes):
        (WebCore::KeyframeEffectReadOnly::checkForMatchingTransformFunctionLists):
        (WebCore::KeyframeEffectReadOnly::checkForMatchingFilterFunctionLists):
        (WebCore::KeyframeEffectReadOnly::checkForMatchingBackdropFilterFunctionLists):
        (WebCore::KeyframeEffectReadOnly::computeCSSAnimationBlendingKeyframes):
        (WebCore::KeyframeEffectReadOnly::computeCSSTransitionBlendingKeyframes):
        * animation/KeyframeEffectReadOnly.h:

2018-03-28  Antoine Quint  <graouts@apple.com>

        [Web Animations] Comparing two matching FramesTimingFunction objects fails
        https://bugs.webkit.org/show_bug.cgi?id=184078

        Reviewed by Jon Lee.

        Fix a stupid mistake in the == operator for FramesTimingFunction. Without a correct check, we would mistakenly interrupt and
        restart any transition with a frames() timing function when we check that the Animation objects are similar.

        * platform/animation/TimingFunction.h:

2018-03-28  Miguel Gomez  <magomez@igalia.com>

        [GTK][WPE] Remove UpdateAtlas
        https://bugs.webkit.org/show_bug.cgi?id=184042

        Reviewed by Žan Doberšek.

        Remove UpdateAtlas and AreaAllocator classes. Instead of using UpdateAtlas as a cache
        of buffers to render tiles with cairo, allocate a new buffer for each tile instead.

        Covered by existent tests.

        * loader/EmptyClients.h:
        * page/ChromeClient.h:
        * platform/TextureMapper.cmake:
        * platform/graphics/texmap/coordinated/AreaAllocator.cpp: Removed.
        * platform/graphics/texmap/coordinated/AreaAllocator.h: Removed.
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::CoordinatedGraphicsLayer::updateContentBuffers):
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsState.h:
        * platform/graphics/texmap/coordinated/SurfaceUpdateInfo.h:
        (): Deleted.
        * platform/graphics/texmap/coordinated/UpdateAtlas.cpp: Removed.
        * platform/graphics/texmap/coordinated/UpdateAtlas.h: Removed.
        * testing/Internals.cpp:
        (WebCore::Internals::resetToConsistentState):

2018-03-27  Michael Catanzaro  <mcatanzaro@igalia.com>

        Unreviewed, rolling out r230008.

        Lots of HTTP test failures

        Reverted changeset:

        "Remove unused libsoup ResourceHandle implementation"
        https://bugs.webkit.org/show_bug.cgi?id=184048
        https://trac.webkit.org/changeset/230008

2018-03-27  Chris Dumez  <cdumez@apple.com>

        Make it possible to call ContentSecurityPolicy::upgradeInsecureRequestIfNeeded() from non-main threads
        https://bugs.webkit.org/show_bug.cgi?id=184029

        Reviewed by Youenn Fablet.

        Make it possible to call ContentSecurityPolicy::upgradeInsecureRequestIfNeeded() from non-main threads
        by having it use SecurityOriginData (which is safe to construct on non-main threads) instead of
        SecurityOrigin (which isn't).

        ContentSecurityPolicy::upgradeInsecureRequestIfNeeded() is already called from non-main thread in
        FetchLoader, XHR and WebSocket when used in workers. This wasn't safe.

        * loader/DocumentWriter.cpp:
        (WebCore::DocumentWriter::begin):
        * page/csp/ContentSecurityPolicy.cpp:
        (WebCore::ContentSecurityPolicy::upgradeInsecureRequestIfNeeded const):
        (WebCore::ContentSecurityPolicy::setUpgradeInsecureRequests):
        (WebCore::ContentSecurityPolicy::takeNavigationRequestsToUpgrade):
        (WebCore::ContentSecurityPolicy::setInsecureNavigationRequestsToUpgrade):
        * page/csp/ContentSecurityPolicy.h:

2018-03-27  Daniel Bates  <dabates@apple.com>

        Attempt to fix media control layout tests after <https://trac.webkit.org/changeset/230006/>
        (https://bugs.webkit.org/show_bug.cgi?id=179983)

        Exempt elements in user agent shadow DOM from having to perform a potentially CORS-
        enabled fetch for a mask image to try to fix the following tests from timing out:
            media/modern-media-controls/media-controller/media-controller-inline-to-fullscreen-to-inline.html
            media/modern-media-controls/media-controller/media-controller-inline-to-fullscreen-to-pip-to-inline.html

        * style/StylePendingResources.cpp:
        (WebCore::Style::loadPendingImage):

2018-03-27  Per Arne Vollan  <pvollan@apple.com>

        The layout test fast/canvas/webgl/read-pixels-test.html is timing out.
        https://bugs.webkit.org/show_bug.cgi?id=183923
        <rdar://problem/38756869>

        Reviewed by Brent Fulgham.

        The test is timing out when we do not interact directly with the WindowServer, causing
        OpenGL to fall back to software rendering. In this mode, any call to CGLChoosePixelFormat
        requesting an accelerated pixel format will fail because it cannot determine which GPU is
        connected to the display.

        OpenGL treats all GPUs as if they were offline when used in a process (like the WebContent
        process) that does not directly control the display.

        We can get correct behavior if we tell OpenGL which GPU is currently connected to the
        display, and if we instruct CGLChoosePixelFormat to create an offline renderer pixel format
        by including the 'kCGLPFAAllowOfflineRenderers' flag in its arguments.

        We can use CGLSetVirtualScreen with an OpenGL display mask that tells the OpenGL framework
        which GPU it should use.

        See https://developer.apple.com/library/content/technotes/tn2229/_index.html#//apple_ref/doc/uid/DTS40008924-CH1-SUBSECTION7
        for details on how the virtual screen is found from the OpenGL display mask.

        No new tests, covered by existing tests.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/graphics/GraphicsContext3D.h:
        * platform/graphics/cocoa/GraphicsContext3DCocoa.mm:
        (WebCore::setPixelFormat):
        (WebCore::identifyAndSetCurrentGPU):
        (WebCore::GraphicsContext3D::GraphicsContext3D):
        (WebCore::GraphicsContext3D::setOpenGLDisplayMask):
        (WebCore::GraphicsContext3D::allowOfflineRenderers):

2018-03-27  Jiewen Tan  <jiewen_tan@apple.com>

        [WebAuthN] Implement authenticatorGetAssertion
        https://bugs.webkit.org/show_bug.cgi?id=183881
        <rdar://problem/37258628>

        Reviewed by Brent Fulgham.

        This patch does the following few things:
        1) It implements the spec: https://www.w3.org/TR/webauthn/#op-get-assertion as of 5 December 2017.
        2) It tweaks encoding/decoding of PublicKeyCredentialRequestOptions such that options can be passed
        between UI and Web processes.
        3) It refines the way how LocalAuthenticator::makeCredential find intersection between
        excludeCredentialDescriptorList and existing credentials in the authenticator, such that it is faster.
        Basically, it takes the CredentialID from the list and treat it as an ASCII string and put it into a
        HashSet<String>. It should not matter if a duplicated CredentialID is added. If the hash set is not
        empty, the algorithm then queries Keychain for all CredentialIDs related to the current RP ID once.
        For every queried CredentialID, the algorithm then treats it as an ASCII string as well and look for
        a match in the hash set to produce the intersetction. The new way is also employed in
        LocalAuthenticator::getAssertion as well.
        4) It abstracts the way to produce authData and thus reorders a bit of code in
        LocalAuthenticator::makeCredential.

        Covered by API tests.

        * Modules/webauthn/AuthenticatorManager.cpp:
        (WebCore::AuthenticatorManager::create const):
        (WebCore::AuthenticatorManager::discoverFromExternalSource const):
        * Modules/webauthn/PublicKeyCredentialCreationOptions.h:
        * Modules/webauthn/PublicKeyCredentialRequestOptions.h:
        (WebCore::PublicKeyCredentialRequestOptions::encode const):
        (WebCore::PublicKeyCredentialRequestOptions::decode):
        * Modules/webauthn/cocoa/LocalAuthenticator.h:
        * Modules/webauthn/cocoa/LocalAuthenticator.mm:
        (WebCore::LocalAuthenticatorInternal::buildAuthData):
        (WebCore::LocalAuthenticatorInternal::produceHashSet):
        (WebCore::LocalAuthenticator::makeCredential):
        (WebCore::LocalAuthenticator::getAssertion):
        (WebCore::LocalAuthenticator::issueClientCertificate const):
        * WebCore.xcodeproj/project.pbxproj:

2018-03-27  Chris Dumez  <cdumez@apple.com>

        Avoid constructing SecurityOrigin objects from non-main threads
        https://bugs.webkit.org/show_bug.cgi?id=184024

        Reviewed by Youenn Fablet.

        Avoid constructing SecurityOrigin objects from non-main threads as much as possible
        as it is not safe. This patch gets rid of most offending cases but not all of them
        yet, which is why I haven't added a ASSERT(isMainThread()) to the SecurityOrigin
        constructor yet.

        For example, ContentSecurityPolicy::upgradeInsecureRequestIfNeeded() currently
        gets called from non-main threads and construct a SecurityOrigin. Fixing this
        will require some refactoring that would have made this patch much larger.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::matchRegistration):
        * page/EventSource.cpp:
        (WebCore::EventSource::didReceiveResponse):
        * page/SecurityOrigin.cpp:
        (WebCore::SecurityOrigin::SecurityOrigin):
        * page/SecurityOrigin.h:
        (WebCore::SecurityOrigin::isPotentiallyTrustworthy const):
        * testing/Internals.cpp:
        (WebCore::Internals::hasServiceWorkerRegistration):
        * workers/DedicatedWorkerGlobalScope.cpp:
        (WebCore::DedicatedWorkerGlobalScope::create):
        (WebCore::DedicatedWorkerGlobalScope::DedicatedWorkerGlobalScope):
        * workers/DedicatedWorkerGlobalScope.h:
        * workers/DedicatedWorkerThread.cpp:
        (WebCore::DedicatedWorkerThread::createWorkerGlobalScope):
        * workers/DedicatedWorkerThread.h:
        * workers/WorkerGlobalScope.cpp:
        (WebCore::WorkerGlobalScope::WorkerGlobalScope):
        * workers/WorkerGlobalScope.h:
        * workers/WorkerLocation.cpp:
        (WebCore::WorkerLocation::origin const):
        * workers/WorkerThread.cpp:
        (WebCore::WorkerThreadStartupData::WorkerThreadStartupData):
        (WebCore::WorkerThread::workerThread):
        * workers/WorkerThread.h:
        * workers/service/SWClientConnection.h:
        * workers/service/ServiceWorkerContainer.cpp:
        (WebCore::ServiceWorkerContainer::getRegistration):
        (WebCore::ServiceWorkerContainer::getRegistrations):
        * workers/service/ServiceWorkerGlobalScope.cpp:
        (WebCore::ServiceWorkerGlobalScope::create):
        (WebCore::ServiceWorkerGlobalScope::ServiceWorkerGlobalScope):
        * workers/service/ServiceWorkerGlobalScope.h:
        * workers/service/ServiceWorkerProvider.cpp:
        (WebCore::ServiceWorkerProvider::mayHaveServiceWorkerRegisteredForOrigin):
        * workers/service/ServiceWorkerProvider.h:
        * workers/service/context/ServiceWorkerThread.cpp:
        (WebCore::ServiceWorkerThread::createWorkerGlobalScope):
        (WebCore::fireMessageEvent):
        (WebCore::ServiceWorkerThread::postMessageToServiceWorker):
        * workers/service/context/ServiceWorkerThread.h:

2018-03-27  Alex Christensen  <achristensen@webkit.org>

        Remove unused libsoup ResourceHandle implementation
        https://bugs.webkit.org/show_bug.cgi?id=184048

        Reviewed by Michael Catanzaro.

        This code is unused since r228901 so let's remove it!

        * platform/network/ResourceHandle.h:
        * platform/network/ResourceHandleInternal.h:
        (WebCore::ResourceHandleInternal::ResourceHandleInternal):
        * platform/network/soup/ResourceHandleSoup.cpp:
        (WebCore::ResourceHandle::~ResourceHandle):
        (WebCore::ResourceHandleInternal::soupSession):
        (WebCore::ResourceHandle::cancelledOrClientless):
        (WebCore::ResourceHandle::ensureReadBuffer):
        (WebCore::ResourceHandle::currentStreamPosition const):
        (WebCore::ResourceHandle::platformContinueSynchronousDidReceiveResponse):
        (WebCore::ResourceHandle::didStartRequest):
        (WebCore::ResourceHandle::start):
        (WebCore::ResourceHandle::releaseForDownload):
        (WebCore::ResourceHandle::sendPendingRequest):
        (WebCore::ResourceHandle::cancel):
        (WebCore::ResourceHandle::shouldUseCredentialStorage):
        (WebCore::ResourceHandle::continueDidReceiveAuthenticationChallenge):
        (WebCore::ResourceHandle::didReceiveAuthenticationChallenge):
        (WebCore::ResourceHandle::receivedRequestToContinueWithoutCredential):
        (WebCore::ResourceHandle::receivedCredential):
        (WebCore::ResourceHandle::receivedCancellation):
        (WebCore::ResourceHandle::receivedChallengeRejection):
        (WebCore::ResourceHandle::platformSetDefersLoading):
        (WebCore::sessionFromContext): Deleted.
        (WebCore::ResourceHandle::create): Deleted.
        (WebCore::ResourceHandle::ResourceHandle): Deleted.
        (WebCore::isAuthenticationFailureStatusCode): Deleted.
        (WebCore::tlsErrorsChangedCallback): Deleted.
        (WebCore::gotHeadersCallback): Deleted.
        (WebCore::applyAuthenticationToRequest): Deleted.
        (WebCore::restartedCallback): Deleted.
        (WebCore::shouldRedirect): Deleted.
        (WebCore::shouldRedirectAsGET): Deleted.
        (WebCore::continueAfterWillSendRequest): Deleted.
        (WebCore::doRedirect): Deleted.
        (WebCore::redirectSkipCallback): Deleted.
        (WebCore::wroteBodyDataCallback): Deleted.
        (WebCore::cleanupSoupRequestOperation): Deleted.
        (WebCore::nextMultipartResponsePartCallback): Deleted.
        (WebCore::sendRequestCallback): Deleted.
        (WebCore::continueAfterDidReceiveResponse): Deleted.
        (WebCore::startingCallback): Deleted.
        (WebCore::networkEventCallback): Deleted.
        (WebCore::createSoupMessageForHandleAndRequest): Deleted.
        (WebCore::createSoupRequestAndMessageForHandle): Deleted.
        (WebCore::ResourceHandle::timeoutFired): Deleted.
        (WebCore::waitingToSendRequest): Deleted.
        (WebCore::readCallback): Deleted.

2018-03-27  Chris Dumez  <cdumez@apple.com>

        Move online state detection from the WebProcess to the NetworkProcess
        https://bugs.webkit.org/show_bug.cgi?id=183989
        <rdar://problem/37093299>

        Reviewed by Youenn Fablet.

        Move online state detection from the WebProcess to the NetworkProcess. This avoid executing the same (expensive) code in
        EACH web process whenever a network interface's state changes. Now, the Network Process monitors network interfaces
        and determines the online state whenever an interface's state changes. If the onLine state changes, it notifies all
        its connected WebProcesses via IPC.

        * inspector/agents/InspectorApplicationCacheAgent.cpp:
        (WebCore::InspectorApplicationCacheAgent::networkStateChanged):
        * loader/LoaderStrategy.h:
        * page/Navigator.cpp:
        (WebCore::Navigator::onLine const):
        * page/Page.cpp:
        * platform/network/NetworkStateNotifier.h:
        * workers/Worker.cpp:
        (WebCore::Worker::Worker):
        (WebCore::Worker::notifyFinished):
        * workers/service/context/ServiceWorkerThread.cpp:
        (WebCore::ServiceWorkerThread::ServiceWorkerThread):
        * workers/service/context/ServiceWorkerThreadProxy.cpp:
        (WebCore::ServiceWorkerThreadProxy::ServiceWorkerThreadProxy):

2018-03-27  Daniel Bates  <dabates@apple.com>

        CSS mask images should be retrieved using potentially CORS-enabled fetch
        https://bugs.webkit.org/show_bug.cgi?id=179983
        <rdar://problem/35678149>

        Reviewed by Brent Fulgham.

        As per <https://drafts.fxtf.org/css-masking-1/#priv-sec> (Editor’s Draft, 23 December 2017)
        we should fetch CSS mask images using a potentially CORS-enabled fetch.

        Both cross-origin CSS shape-outside images and CSS mask images may be sensitive to timing
        attacks that can be used to reveal their pixel data when retrieved without regard to CORS.
        For the same reason that we fetch CSS shape-outside images using a potentially CORS-enabled
        fetch we should fetch CSS mask the same way. This also makes the behavior of WebKit more
        closely align with the behavior in the spec.

        Test: http/tests/security/css-mask-image.html

        * page/Settings.yaml: Add a setting for toggle "Anonymous" mode fetching of mask images (defaults: true).
        We need this setting to avoid breaking the developer convenience feature that some modern media controls
        layout tests employ to load assets from the filesystem as opposed to using the hardcoded data URLs baked
        into the WebKit binary.
        * style/StylePendingResources.cpp: Substitute LoadPolicy::NoCORS and LoadPolicy::Anonymous for
        LoadPolicy::Normal and LoadPolicy::ShapeOutside, respectively, to match the terminology used
        in the HTML, CSS Shapes Module Level 1, and CSS Masking Module Level 1 specs.
        (WebCore::Style::loadPendingImage): Ditto.
        (WebCore::Style::loadPendingResources): Use load policy LoadPolicy::Anonymous when fetching
        a mask image or shape-outside image.

2018-03-27  Zalan Bujtas  <zalan@apple.com>

        RenderBox::parent/firstChild/nextSibling/previousSiblingBox() functions should type check.
        https://bugs.webkit.org/show_bug.cgi?id=184032
        <rdar://problem/38384984>

        Reviewed by Antti Koivisto.

        We cannot rely on the correctness of the render tree structure when querying for parent/child/next and previous
        sibling since some features (multicolumn/spanners) move subtrees out of their original position (which is highly
        undesired and should not be encouraged at all though).
        It should also be noted that these functions are not equivalent of typeOfChildren<RenderBox> and the following usage
            for (auto* boxChild = firstChildBox(); boxChild; boxChild = boxChild->nextSiblingBox())
        can lead to unexpected result.
 
        Test: fast/multicol/parent-box-when-spanner-is-present.html

        * rendering/RenderBox.h:
        (WebCore::RenderBox::parentBox const):
        (WebCore::RenderBox::firstChildBox const):
        (WebCore::RenderBox::lastChildBox const):
        (WebCore::RenderBox::previousSiblingBox const):
        (WebCore::RenderBox::nextSiblingBox const):
        * rendering/RenderListItem.cpp:
        (WebCore::RenderListItem::positionListMarker):
        * rendering/RenderListMarker.cpp:
        (WebCore::RenderListMarker::layout):
        * rendering/RenderMultiColumnSet.cpp:
        (WebCore::RenderMultiColumnSet::updateLogicalWidth):

2018-03-27  Brent Fulgham  <bfulgham@apple.com>

        Further refine cookie read/write logging
        https://bugs.webkit.org/show_bug.cgi?id=184044
        <rdar://problem/38915610>

        Reviewed by Chris Dumez.

        Export 'shouldBlockCookies' so that it can be accessed by the WebKit framework.

        * platform/network/NetworkStorageSession.h:

2018-03-27  Antoine Quint  <graouts@apple.com>

        [Web Animations] Stop using internals.pauseAnimationAtTimeOnElement() in favor of Web Animations API for animations tests
        https://bugs.webkit.org/show_bug.cgi?id=184038

        Reviewed by Dean Jackson.

        Expose a new method to indicate that the runtime flag for CSS Animations and CSS Transitions as Web Animations is enabled.

        * testing/InternalSettings.cpp:
        (WebCore::InternalSettings::cssAnimationsAndCSSTransitionsBackedByWebAnimationsEnabled):
        * testing/InternalSettings.h:
        * testing/InternalSettings.idl:

2018-03-27  Thibault Saunier  <tsaunier@igalia.com>

        [GStreamer] Enhance debugging in the BasePlayer
        https://bugs.webkit.org/show_bug.cgi?id=184035

        Reviewed by Philippe Normand.

        No behaviour changes so no test were added/enabled.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::handleSyncMessage):
        (WebCore::MediaPlayerPrivateGStreamerBase::ensureGstGLContext):
        (WebCore::MediaPlayerPrivateGStreamerBase::naturalSize const):
        (WebCore::MediaPlayerPrivateGStreamerBase::setVolume):
        (WebCore::MediaPlayerPrivateGStreamerBase::volumeChangedCallback):
        (WebCore::MediaPlayerPrivateGStreamerBase::setMuted):
        (WebCore::MediaPlayerPrivateGStreamerBase::muted const):
        (WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint):
        (WebCore::MediaPlayerPrivateGStreamerBase::flushCurrentBuffer):
        (WebCore::MediaPlayerPrivateGStreamerBase::setStreamVolumeElement):
        (WebCore::MediaPlayerPrivateGStreamerBase::cdmInstanceAttached):
        (WebCore::MediaPlayerPrivateGStreamerBase::cdmInstanceDetached):
        (WebCore::MediaPlayerPrivateGStreamerBase::dispatchDecryptionKey):
        (WebCore::MediaPlayerPrivateGStreamerBase::handleProtectionEvent):

2018-03-27  Eric Carlson  <eric.carlson@apple.com>

        Make AVFoundationEnabled preference available on iOS
        https://bugs.webkit.org/show_bug.cgi?id=183876
        <rdar://problem/38726459>

        Reviewed by Youenn Fablet.

        Test: AVFoundationPref API test.

        * html/HTMLAudioElement.idl: There is no need for a runtime setting to enable/disable audio,
        there is already settings.mediaEnabled.
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::prepareForLoad): Fail if there are no media engines registered.
        (WebCore::HTMLMediaElement::noneSupported): Return early if m_error has already been set.
        (WebCore::HTMLMediaElement::removeBehaviorsRestrictionsAfterFirstUserGesture): Remove a typo.

        * page/RuntimeEnabledFeatures.cpp:
        (WebCore::RuntimeEnabledFeatures::audioEnabled const): Deleted.
        * page/RuntimeEnabledFeatures.h:

2018-03-27  Fujii Hironori  <Hironori.Fujii@sony.com>

        [GTK] Layout test editing/deleting/delete-surrogatepair.html crashing with CRITICAL **: enchant_dict_check: assertion 'g_utf8_validate(word, len, NULL)' failed
        https://bugs.webkit.org/show_bug.cgi?id=176799

        Reviewed by Carlos Garcia Campos.

        The length of a surrogate-pair UTF-16 character is 2 even though
        the number of characters is 1. An incorrect string length was
        passed to enchant_dict_check if the string contains a
        surrogate-pair character because the length was calculated by
        applying UTF-16 character position to UTF-8 string.

        No new tests (Covered by existing tests).

        * platform/text/enchant/TextCheckerEnchant.cpp:
        (WebCore::TextCheckerEnchant::checkSpellingOfWord): Changed the
        type of an argument `word` from CString to String. Convert a
        substring of the argument into UTF-8.
        (WebCore::TextCheckerEnchant::checkSpellingOfString): Pass the
        original UTF-16 string to checkSpellingOfWord instead of a
        converted UTF-8 string.
        * platform/text/enchant/TextCheckerEnchant.h: Changed the type of
        an argument `word` from CString to String.

2018-03-26  Ms2ger  <Ms2ger@igalia.com>

        Remove an unnecessary const_cast from BitmapTextureGL::updateContents().
        https://bugs.webkit.org/show_bug.cgi?id=184007

        Reviewed by Žan Doberšek.

        No new tests.

        * platform/graphics/texmap/BitmapTextureGL.cpp:
        (WebCore::BitmapTextureGL::updateContents):

2018-03-23  Antoine Quint  <graouts@apple.com>

        [Web Animations] Make imported/mozilla/css-animations/test_animation-currenttime.html pass reliably
        https://bugs.webkit.org/show_bug.cgi?id=183819

        Reviewed by Dean Jackson.

        The current time for a CSS Animation exposed via the API should be clamped between 0 and the animation duration.

        * animation/CSSAnimation.cpp:
        (WebCore::CSSAnimation::bindingsCurrentTime const):
        * animation/CSSAnimation.h:
        * animation/WebAnimation.h:

2018-03-23  Antoine Quint  <graouts@apple.com>

        [Web Animations] Correctly handle timing functions specified by CSS Animations and CSS Transitions
        https://bugs.webkit.org/show_bug.cgi?id=183935

        Reviewed by Dean Jackson.

        We were incorrectly reflecting the animation-timing-function and transition-timing-function values on the generated
        DeclarativeAnimation effect timing "easing" property. In fact, those values should only be represented on the keyframes.

        In the case of a CSS Animation, the animation-timing-function property set on the element's style serves as the default
        value used for all keyframes, and individual keyframes can specify an overriding animation-timing-function. For a CSS
        Transition, the transition-timing-function property set on the element's style serves as the timing function of the
        from keyframe.

        To correctly reflect this, we provide a new timingFunctionForKeyframeAtIndex() function on KeyframeEffectReadOnly
        which will return the right TimingFunction object at a given index, regardless of the animation type. In the case
        of getKeyframes(), we manually return "linear" for the "to" keyframe since timingFunctionForKeyframeAtIndex()
        would otherwise return the same timing function as the "from" keyframe. This avoids creating an extra
        LinearTimingFunction object.

        As a result, a number of Mozilla imported tests progress since we have correct information on the "easing" property
        of objects returned by getKeyframes() and the "progress" reported by getComputedTiming() now always uses a linear
        timing function.

        * animation/DeclarativeAnimation.cpp:
        (WebCore::DeclarativeAnimation::syncPropertiesWithBackingAnimation): The timing function of the backing Animation should
        not be reflected on the effect's timing object.
        * animation/KeyframeEffectReadOnly.cpp:
        (WebCore::KeyframeEffectReadOnly::getKeyframes): Return the correct timing function for a keyframe, and use a "linear"
        value for the "to" keyframe of a CSS Transition.
        (WebCore::KeyframeEffectReadOnly::setAnimatedPropertiesInStyle):
        (WebCore::KeyframeEffectReadOnly::timingFunctionForKeyframeAtIndex):
        * animation/KeyframeEffectReadOnly.h:

2018-03-26  Chris Dumez  <cdumez@apple.com>

        Use SecurityOriginData more consistently in Service Worker code
        https://bugs.webkit.org/show_bug.cgi?id=183969

        Reviewed by Darin Adler.

        Use SecurityOriginData more consistently in Service Worker code to avoid constructing
        SecurityOrigin objects unnecessarily.

        I also updated SecurityOrigin to use SecurityOriginData as a data member. This reduces
        code duplication a bit. This also avoids constructing SecurityOriginData unnecessarily
        in some cases as callers can now use SecurityOrigin::data() instead of
        SecurityOriginData::fromSecurityOrigin().

        No new tests, no Web-facing behavior change.

        * Modules/cache/DOMCacheStorage.cpp:
        (WebCore::DOMCacheStorage::origin const):
        * Modules/encryptedmedia/CDM.cpp:
        (WebCore::CDM::storageDirectory const):
        * Modules/encryptedmedia/MediaKeySession.cpp:
        (WebCore::MediaKeySession::mediaKeysStorageDirectory const):
        * Modules/encryptedmedia/legacy/WebKitMediaKeySession.cpp:
        (WebCore::WebKitMediaKeySession::mediaKeysStorageDirectory const):
        * Modules/indexeddb/IDBFactory.cpp:
        (WebCore::IDBFactory::openInternal):
        (WebCore::IDBFactory::deleteDatabase):
        * Modules/indexeddb/client/IDBConnectionToServer.cpp:
        (WebCore::IDBClient::IDBConnectionToServer::getAllDatabaseNames):
        * Modules/webdatabase/Database.cpp:
        (WebCore::Database::securityOrigin):
        * Modules/webdatabase/DatabaseContext.cpp:
        (WebCore::DatabaseContext::securityOrigin const):
        * Modules/webdatabase/DatabaseContext.h:
        * Modules/webdatabase/DatabaseManager.cpp:
        (WebCore::DatabaseManager::fullPathForDatabase):
        (WebCore::DatabaseManager::detailsForNameAndOrigin):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaPlayerMediaKeysStorageDirectory const):
        * inspector/agents/InspectorDOMStorageAgent.cpp:
        (WebCore::InspectorDOMStorageAgent::findStorageArea):
        * loader/appcache/ApplicationCacheStorage.cpp:
        (WebCore::ApplicationCacheStorage::calculateQuotaForOrigin):
        (WebCore::ApplicationCacheStorage::calculateUsageForOrigin):
        (WebCore::ApplicationCacheStorage::calculateRemainingSizeForOriginExcludingCache):
        (WebCore::ApplicationCacheStorage::storeUpdatedQuotaForOrigin):
        (WebCore::ApplicationCacheStorage::store):
        (WebCore::ApplicationCacheStorage::ensureOriginRecord):
        * page/DOMWindow.cpp:
        (WebCore:: const):
        * page/SecurityOrigin.cpp:
        (WebCore::SecurityOrigin::SecurityOrigin):
        (WebCore::SecurityOrigin::isPotentiallyTrustworthy const):
        (WebCore::SecurityOrigin::canAccess const):
        (WebCore::SecurityOrigin::canDisplay const):
        (WebCore::SecurityOrigin::domainForCachePartition const):
        (WebCore::SecurityOrigin::isLocal const):
        (WebCore::SecurityOrigin::toString const):
        (WebCore::SecurityOrigin::toRawString const):
        (WebCore::SecurityOrigin::create):
        (WebCore::SecurityOrigin::isSameSchemeHostPort const):
        * page/SecurityOrigin.h:
        (WebCore::SecurityOrigin::protocol const):
        (WebCore::SecurityOrigin::host const):
        (WebCore::SecurityOrigin::port const):
        (WebCore::SecurityOrigin::data const):
        (WebCore::SecurityOrigin::isHTTPFamily const):
        * page/SecurityOriginData.cpp:
        (WebCore::SecurityOriginData::toString const):
        (WebCore::SecurityOriginData::fromFrame):
        * page/SecurityOriginData.h:
        (WebCore::SecurityOriginData::fromURL):
        * storage/StorageNamespaceProvider.cpp:
        (WebCore::StorageNamespaceProvider::localStorageArea):
        * testing/Internals.cpp:
        (WebCore::Internals::clearCacheStorageMemoryRepresentation):
        * workers/service/ServiceWorkerContainer.cpp:
        (WebCore::ServiceWorkerContainer::addRegistration):
        (WebCore::ServiceWorkerContainer::removeRegistration):
        (WebCore::ServiceWorkerContainer::updateRegistration):
        * workers/service/ServiceWorkerRegistrationKey.cpp:
        (WebCore::ServiceWorkerRegistrationKey::relatesToOrigin const):
        * workers/service/ServiceWorkerRegistrationKey.h:
        * workers/service/server/SWOriginStore.cpp:
        (WebCore::SWOriginStore::add):
        (WebCore::SWOriginStore::remove):
        (WebCore::SWOriginStore::clear):
        * workers/service/server/SWOriginStore.h:
        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::addRegistration):
        (WebCore::SWServer::removeRegistration):
        (WebCore::SWServer::clear):
        (WebCore::SWServer::tryInstallContextData):
        (WebCore::SWServer::serverToContextConnectionCreated):
        (WebCore::SWServer::markAllWorkersForOriginAsTerminated):
        (WebCore::SWServer::unregisterServiceWorkerClient):
        (WebCore::SWServer::needsServerToContextConnectionForOrigin const):
        * workers/service/server/SWServer.h:
        * workers/service/server/SWServerToContextConnection.cpp:
        (WebCore::SWServerToContextConnection::SWServerToContextConnection):
        (WebCore::SWServerToContextConnection::~SWServerToContextConnection):
        (WebCore::SWServerToContextConnection::connectionForOrigin):
        * workers/service/server/SWServerToContextConnection.h:
        (WebCore::SWServerToContextConnection::securityOrigin const):
        * workers/service/server/SWServerWorker.cpp:
        (WebCore::SWServerWorker::origin const):
        (WebCore::SWServerWorker::securityOrigin const):
        * workers/service/server/SWServerWorker.h:

2018-03-26  Brent Fulgham  <bfulgham@apple.com>

        Warn against cookie access in the WebContent process using ProcessPrivilege assertions
        https://bugs.webkit.org/show_bug.cgi?id=183911
        <rdar://problem/38762306>

        Reviewed by Youenn Fablet.

        Add a set of ProcessPrivilege assertions to enforce the rule that the WebContent process
        should never call Cookie API directly. That should only happen in the Networking or
        UIProcess. 

        Add a new static flag to NetworkStorageSession that indicates if the current process has
        permission to interact with the Cookie API.

        No new tests since there is no change in behavior.

        * platform/network/NetworkStorageSession.cpp:
        (WebCore::NetworkStorageSession::NetworkStorageSession):
        (WebCore::NetworkStorageSession::processMayUseCookieAPI): Added.
        (WebCore::NetworkStorageSession::permitProcessToUseCookieAPI): Added. This also adds
        the appropriate flag to the ProcessPrivileges data for the current process.
        * platform/network/NetworkStorageSession.h:
        * platform/network/cf/NetworkStorageSessionCFNet.cpp:
        (WebCore::createCFStorageSessionForIdentifier): Do not create cookie storage if the current
        process is prohibited from interacting with the Cookie API.
        (WebCore::NetworkStorageSession::NetworkStorageSession): Add assertions.
        (WebCore::NetworkStorageSession::switchToNewTestingSession): Do not create cookie storage if
        the current process is prohibited from interacting with the Cookie API.
        (WebCore::NetworkStorageSession::defaultStorageSession): Ditto.
        (WebCore::NetworkStorageSession::ensureSession): Ditto.
        (WebCore::NetworkStorageSession::cookieStorage const): Ditto.
        * platform/network/cocoa/CookieStorageObserver.mm:
        (WebCore::CookieStorageObserver::CookieStorageObserver): Assert if accessed from untrusted process.
        (WebCore::CookieStorageObserver::startObserving): Ditto.
        (WebCore::CookieStorageObserver::stopObserving): Ditto.
        * platform/network/cocoa/NetworkStorageSessionCocoa.mm:
        (WebCore::NetworkStorageSession::setCookie):
        (WebCore::NetworkStorageSession::setCookies):
        (WebCore::NetworkStorageSession::deleteCookie):
        (WebCore::nsCookiesToCookieVector):
        (WebCore::NetworkStorageSession::getAllCookies):
        (WebCore::NetworkStorageSession::getCookies):
        (WebCore::NetworkStorageSession::flushCookieStore):
        (WebCore::NetworkStorageSession::nsCookieStorage const):
        (WebCore::createPrivateStorageSession):
        * platform/network/mac/CookieJarMac.mm:
        (WebCore::httpCookies):
        (WebCore::deleteHTTPCookie):
        (WebCore::httpCookiesForURL):
        (WebCore::filterCookies):
        (WebCore::applyPartitionToCookies):
        (WebCore::cookiesInPartitionForURL):
        (WebCore::cookiesForSession):
        (WebCore::setHTTPCookiesForURL):
        (WebCore::deleteAllHTTPCookies):
        (WebCore::setCookiesFromDOM):
        (WebCore::httpCookieAcceptPolicy):
        (WebCore::deleteCookie):
        (WebCore::deleteCookiesForHostnames):
        (WebCore::deleteAllCookiesModifiedSince):

2018-03-26  Alex Christensen  <achristensen@webkit.org>

        Merge ResourceHandleClient::willCacheResponseAsync with ResourceHandleClient::willCacheResponse
        https://bugs.webkit.org/show_bug.cgi?id=183965

        Reviewed by Chris Dumez.

        It turns out that ResourceHandleClient::willCacheResponseAsync didn't do anything and the logic in
        ResourceHandleClient::willCacheResponse was not being called.  This makes it so there is one code
        path and it executes the logic in ResourceHandleClient::willCacheResponse.

        * loader/EmptyFrameLoaderClient.h:
        * loader/FrameLoaderClient.h:
        * loader/ResourceLoader.h:
        * loader/SubresourceLoader.h:
        * loader/cocoa/SubresourceLoaderCocoa.mm:
        (WebCore::SubresourceLoader::willCacheResponseAsync):
        (WebCore::SubresourceLoader::willCacheResponse): Deleted.
        * loader/mac/ResourceLoaderMac.mm:
        (WebCore::ResourceLoader::willCacheResponseAsync):
        (WebCore::ResourceLoader::willCacheResponse): Deleted.
        * platform/network/ResourceHandle.h:
        * platform/network/ResourceHandleClient.cpp:
        (WebCore::ResourceHandleClient::willCacheResponseAsync): Deleted.
        * platform/network/ResourceHandleClient.h:
        (WebCore::ResourceHandleClient::willCacheResponseAsync):
        (WebCore::ResourceHandleClient::shouldCacheResponse):
        (WebCore::ResourceHandleClient::willCacheResponse): Deleted.
        * platform/network/cf/ResourceHandleCFNet.cpp:
        (WebCore::ResourceHandle::continueWillCacheResponse): Deleted.
        * platform/network/cf/ResourceHandleCFURLConnectionDelegate.h:
        * platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.cpp:
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::willCacheResponse):
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::continueWillCacheResponse): Deleted.
        * platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.h:
        * platform/network/mac/ResourceHandleMac.mm:
        (WebCore::ResourceHandle::continueWillCacheResponse): Deleted.
        * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.h:
        * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
        (-[WebCoreResourceHandleAsOperationQueueDelegate connection:willCacheResponse:]):
        (-[WebCoreResourceHandleAsOperationQueueDelegate continueWillCacheResponse:]): Deleted.

2018-03-26  Miguel Gomez  <magomez@igalia.com>

        [GTK][WPE] Upload correct buffer in BitmapTextureGL::updateContents()
        https://bugs.webkit.org/show_bug.cgi?id=184004

        Reviewed by Žan Doberšek.

        Do not upload the original buffer. Upload the result of creating a subImage buffer
        if it was required.

        Covered by existent tests.

        * platform/graphics/texmap/BitmapTextureGL.cpp:
        (WebCore::BitmapTextureGL::updateContents):

2018-03-25  Zan Dobersek  <zdobersek@igalia.com>

        [TexMap] Clean up TextureMapperPlatformLayer, TextureMapperBackingStore code
        https://bugs.webkit.org/show_bug.cgi?id=183985

        Reviewed by Michael Catanzaro.

        Clean up TextureMapperPlatformLayer and TextureMapperBackingStore
        headers and implementation files. Remove dubious whitespace, use #pragma
        once, clean up constructors, destructors, method definitions and remove
        unnecessary includes in favor of forward declarations where possible.

        The TextureMapperPlatformLayer::swapBuffers() method is removed as it
        wasn't called or overridden anywhere.

        No new tests -- no change in functionality.

        * platform/graphics/texmap/TextureMapperBackingStore.cpp:
        * platform/graphics/texmap/TextureMapperBackingStore.h:
        (WebCore::TextureMapperBackingStore::drawRepaintCounter):
        * platform/graphics/texmap/TextureMapperPlatformLayer.h:
        (WebCore::TextureMapperPlatformLayer::setClient):
        (WebCore::TextureMapperPlatformLayer::TextureMapperPlatformLayer): Deleted.
        (WebCore::TextureMapperPlatformLayer::swapBuffers): Deleted.

2018-03-25  Dan Bernstein  <mitz@apple.com>

        [Xcode] Remove workaround only needed for deploying to iOS 10.0 and earlier
        https://bugs.webkit.org/show_bug.cgi?id=183999

        Reviewed by Sam Weinig.

        * Configurations/WebCore.xcconfig: Removed build settings.
        * Configurations/WebCoreTestSupport.xcconfig: Removed location of phony WebKitLegacy from
          frameworks search path.
        * Configurations/WebKitLegacyStub.iOS.tbd: Removed.
        * WebCore.xcodeproj/project.pbxproj: Removed script build phase from the Derived Sources target.

2018-03-25  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r229954.
        https://bugs.webkit.org/show_bug.cgi?id=184000

        Caused many layout tests to crash on Apple High Sierra,
        Sierra, iOS Simulator and GTK Linux Debug test bots (Requested
        by dydz on #webkit).

        Reverted changeset:

        "Use SecurityOriginData more consistently in Service Worker
        code"
        https://bugs.webkit.org/show_bug.cgi?id=183969
        https://trac.webkit.org/changeset/229954

2018-03-23  Alex Christensen  <achristensen@webkit.org>

        Use completion handlers for ResourceHandleClient::canAuthenticateAgainstProtectionSpaceAsync
        https://bugs.webkit.org/show_bug.cgi?id=183966

        Reviewed by Chris Dumez.

        No change in behavior.

        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::canAuthenticateAgainstProtectionSpaceAsync):
        * loader/ResourceLoader.h:
        * platform/network/BlobResourceHandle.cpp:
        * platform/network/PingHandle.h:
        * platform/network/ResourceHandle.h:
        * platform/network/ResourceHandleClient.h:
        * platform/network/SynchronousLoaderClient.cpp:
        (WebCore::SynchronousLoaderClient::canAuthenticateAgainstProtectionSpaceAsync):
        * platform/network/SynchronousLoaderClient.h:
        * platform/network/cf/ResourceHandleCFURLConnectionDelegate.h:
        * platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.cpp:
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::canRespondToProtectionSpace):
        * platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.h:
        * platform/network/mac/ResourceHandleMac.mm:
        (WebCore::ResourceHandle::canAuthenticateAgainstProtectionSpace):
        (WebCore::ResourceHandle::continueCanAuthenticateAgainstProtectionSpace): Deleted.
        * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.h:
        * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
        (-[WebCoreResourceHandleAsOperationQueueDelegate connection:canAuthenticateAgainstProtectionSpace:]):
        (-[WebCoreResourceHandleAsOperationQueueDelegate continueCanAuthenticateAgainstProtectionSpace:]): Deleted.

2018-03-24  Chris Dumez  <cdumez@apple.com>

        Use SecurityOriginData more consistently in Service Worker code
        https://bugs.webkit.org/show_bug.cgi?id=183969

        Reviewed by Darin Adler.

        Use SecurityOriginData more consistently in Service Worker code to avoid constructing
        SecurityOrigin objects unnecessarily.

        I also updated SecurityOrigin to use SecurityOriginData as a data member. This reduces
        code duplication a bit. This also avoids constructing SecurityOriginData unnecessarily
        in some cases as callers can now use SecurityOrigin::data() instead of
        SecurityOriginData::fromSecurityOrigin().

        No new tests, no Web-facing behavior change.

        * Modules/cache/DOMCacheStorage.cpp:
        (WebCore::DOMCacheStorage::origin const):
        * Modules/encryptedmedia/CDM.cpp:
        (WebCore::CDM::storageDirectory const):
        * Modules/encryptedmedia/MediaKeySession.cpp:
        (WebCore::MediaKeySession::mediaKeysStorageDirectory const):
        * Modules/encryptedmedia/legacy/WebKitMediaKeySession.cpp:
        (WebCore::WebKitMediaKeySession::mediaKeysStorageDirectory const):
        * Modules/indexeddb/IDBFactory.cpp:
        (WebCore::IDBFactory::openInternal):
        (WebCore::IDBFactory::deleteDatabase):
        * Modules/indexeddb/client/IDBConnectionToServer.cpp:
        (WebCore::IDBClient::IDBConnectionToServer::getAllDatabaseNames):
        * Modules/webdatabase/Database.cpp:
        (WebCore::Database::securityOrigin):
        * Modules/webdatabase/DatabaseContext.cpp:
        (WebCore::DatabaseContext::securityOrigin const):
        * Modules/webdatabase/DatabaseContext.h:
        * Modules/webdatabase/DatabaseManager.cpp:
        (WebCore::DatabaseManager::fullPathForDatabase):
        (WebCore::DatabaseManager::detailsForNameAndOrigin):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaPlayerMediaKeysStorageDirectory const):
        * inspector/agents/InspectorDOMStorageAgent.cpp:
        (WebCore::InspectorDOMStorageAgent::findStorageArea):
        * loader/appcache/ApplicationCacheStorage.cpp:
        (WebCore::ApplicationCacheStorage::calculateQuotaForOrigin):
        (WebCore::ApplicationCacheStorage::calculateUsageForOrigin):
        (WebCore::ApplicationCacheStorage::calculateRemainingSizeForOriginExcludingCache):
        (WebCore::ApplicationCacheStorage::storeUpdatedQuotaForOrigin):
        (WebCore::ApplicationCacheStorage::store):
        (WebCore::ApplicationCacheStorage::ensureOriginRecord):
        * page/DOMWindow.cpp:
        (WebCore:: const):
        * page/SecurityOrigin.cpp:
        (WebCore::SecurityOrigin::SecurityOrigin):
        (WebCore::SecurityOrigin::isPotentiallyTrustworthy const):
        (WebCore::SecurityOrigin::canAccess const):
        (WebCore::SecurityOrigin::canDisplay const):
        (WebCore::SecurityOrigin::domainForCachePartition const):
        (WebCore::SecurityOrigin::isLocal const):
        (WebCore::SecurityOrigin::toString const):
        (WebCore::SecurityOrigin::toRawString const):
        (WebCore::SecurityOrigin::create):
        (WebCore::SecurityOrigin::isSameSchemeHostPort const):
        * page/SecurityOrigin.h:
        (WebCore::SecurityOrigin::protocol const):
        (WebCore::SecurityOrigin::host const):
        (WebCore::SecurityOrigin::port const):
        (WebCore::SecurityOrigin::data const):
        (WebCore::SecurityOrigin::isHTTPFamily const):
        * page/SecurityOriginData.cpp:
        (WebCore::SecurityOriginData::toString const):
        (WebCore::SecurityOriginData::fromFrame):
        * page/SecurityOriginData.h:
        (WebCore::SecurityOriginData::fromURL):
        * storage/StorageNamespaceProvider.cpp:
        (WebCore::StorageNamespaceProvider::localStorageArea):
        * testing/Internals.cpp:
        (WebCore::Internals::clearCacheStorageMemoryRepresentation):
        * workers/service/ServiceWorkerContainer.cpp:
        (WebCore::ServiceWorkerContainer::addRegistration):
        (WebCore::ServiceWorkerContainer::removeRegistration):
        (WebCore::ServiceWorkerContainer::updateRegistration):
        * workers/service/ServiceWorkerRegistrationKey.cpp:
        (WebCore::ServiceWorkerRegistrationKey::relatesToOrigin const):
        * workers/service/ServiceWorkerRegistrationKey.h:
        * workers/service/server/SWOriginStore.cpp:
        (WebCore::SWOriginStore::add):
        (WebCore::SWOriginStore::remove):
        (WebCore::SWOriginStore::clear):
        * workers/service/server/SWOriginStore.h:
        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::addRegistration):
        (WebCore::SWServer::removeRegistration):
        (WebCore::SWServer::clear):
        (WebCore::SWServer::tryInstallContextData):
        (WebCore::SWServer::serverToContextConnectionCreated):
        (WebCore::SWServer::markAllWorkersForOriginAsTerminated):
        (WebCore::SWServer::unregisterServiceWorkerClient):
        (WebCore::SWServer::needsServerToContextConnectionForOrigin const):
        * workers/service/server/SWServer.h:
        * workers/service/server/SWServerToContextConnection.cpp:
        (WebCore::SWServerToContextConnection::SWServerToContextConnection):
        (WebCore::SWServerToContextConnection::~SWServerToContextConnection):
        (WebCore::SWServerToContextConnection::connectionForOrigin):
        * workers/service/server/SWServerToContextConnection.h:
        (WebCore::SWServerToContextConnection::securityOrigin const):
        * workers/service/server/SWServerWorker.cpp:
        (WebCore::SWServerWorker::origin const):
        (WebCore::SWServerWorker::securityOrigin const):
        * workers/service/server/SWServerWorker.h:

2018-03-24  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r229792.
        https://bugs.webkit.org/show_bug.cgi?id=183980

        not actually necessary (Requested by thorton on #webkit).

        Reverted changeset:

        "Fix the build"
        https://trac.webkit.org/changeset/229792

2018-03-23  Tim Horton  <timothy_horton@apple.com>

        Fix the geolocation build
        https://bugs.webkit.org/show_bug.cgi?id=183975

        * Modules/geolocation/ios/GeolocationPositionIOS.mm:
        (WebCore::GeolocationPosition::GeolocationPosition):

2018-03-23  Tim Horton  <timothy_horton@apple.com>

        Fix the build with no pasteboard
        https://bugs.webkit.org/show_bug.cgi?id=183973

        Reviewed by Dan Bernstein.

        * Configurations/FeatureDefines.xcconfig:
        * platform/ios/PlatformPasteboardIOS.mm:

2018-03-23  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Extra zoom mode] Fix some localizable strings after r229878
        https://bugs.webkit.org/show_bug.cgi?id=183963

        Reviewed by Tim Horton.

        The WEB_UI_STRING macro was incorrectly used for certain localized strings pertaining to extra zoom mode. To
        correct this, make the "Done" string use WEB_UI_STRING with actual UI-facing text; since day, year and month
        labels in the date picker are less generalizable to other UI, leave these as unique keys, but change them to
        use WEB_UI_STRING_KEY instead.

        Additionally, remove now-unused localizable strings for the text input view controller.

        * English.lproj/Localizable.strings:
        * platform/LocalizedStrings.cpp:
        (WebCore::formControlDoneButtonTitle):
        (WebCore::datePickerDayLabelTitle):
        (WebCore::datePickerMonthLabelTitle):
        (WebCore::datePickerYearLabelTitle):

2018-03-23  Chris Dumez  <cdumez@apple.com>

        NetworkStateNotifier::updateStateWithoutNotifying() is inefficient
        https://bugs.webkit.org/show_bug.cgi?id=183760
        <rdar://problem/37093299>

        Reviewed by Ryosuke Niwa.

        Update NetworkStateNotifier::updateStateWithoutNotifying() to stop calling
        SCDynamicStoreCopyKeyList(). SCDynamicStoreCopyKeyList() is expensive as it
        expects its key parameter to be a regular expression and it can match several
        keys. It is also unnecessary in our case since we already have an exact key.
        We now call the more efficient SCDynamicStoreCopyValue() instead, which is
        the right thing to call when we have an exact key.

        This change was suggested by the SC team.

        This was tested manually as there is no easy way to write an automated test
        for this.

        In a follow-up, I also plan to call this code in the UIProcess (or NetworkProcess)
        to avoid calling it once per WebProcess.

        * platform/network/mac/NetworkStateNotifierMac.cpp:
        (WebCore::NetworkStateNotifier::updateStateWithoutNotifying):

2018-03-23  Daniel Bates  <dabates@apple.com>

        Unreviewed, rolling out r229868.

        Caused media controls tests to timeout. Will investigate
        offline.

        Reverted changeset:

        "CSS mask images should be retrieved using potentially CORS-
        enabled fetch"
        https://bugs.webkit.org/show_bug.cgi?id=179983
        https://trac.webkit.org/changeset/229868

2018-03-23  Mark Lam  <mark.lam@apple.com>

        Add pointer profiling hooks to the CSS JIT.
        https://bugs.webkit.org/show_bug.cgi?id=183947
        <rdar://problem/38803593>

        Reviewed by JF Bastien.

        No new tests needed.  Covered by existing tests.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation):
        - Added a missing application of WTF_PREPARE_VTBL_POINTER_FOR_INSPECTION().

        * bindings/scripts/test/JS/JSInterfaceName.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSMapLike.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestCEReactions.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestCallTracer.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestEnabledBySetting.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestException.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestIterable.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNode.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestPluginInterface.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestSerialization.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestStringifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        (WebCore::toJSNewlyCreated):
        * css/ElementRuleCollector.cpp:
        (WebCore::ElementRuleCollector::ruleMatches):
        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::SelectorCodeGenerator::compile):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateSelectorChecker):
        * cssjit/SelectorCompiler.h:
        (WebCore::SelectorCompiler::ruleCollectorSimpleSelectorCheckerFunction):
        (WebCore::SelectorCompiler::querySelectorSimpleSelectorCheckerFunction):
        (WebCore::SelectorCompiler::ruleCollectorSelectorCheckerFunctionWithCheckingContext):
        (WebCore::SelectorCompiler::querySelectorSelectorCheckerFunctionWithCheckingContext):
        * dom/SelectorQuery.cpp:
        (WebCore::SelectorDataList::executeCompiledSingleMultiSelectorData const):
        (WebCore::SelectorDataList::execute const):

2018-03-23  Sihui Liu  <sihui_liu@apple.com>

        Local storage getItem() for an empty string returned UNDEFINED value.
        https://bugs.webkit.org/show_bug.cgi?id=69138
        <rdar://problem/13410974>

        Reviewed by Brady Eidson.

        * platform/sql/SQLiteStatement.cpp:
        (WebCore::SQLiteStatement::getColumnBlobAsString):

2018-03-23  Chris Dumez  <cdumez@apple.com>

        Promptly terminate service worker processes when they are no longer needed
        https://bugs.webkit.org/show_bug.cgi?id=183873
        <rdar://problem/38676995>

        Reviewed by Youenn Fablet.

        The StorageProcess now keeps track of service worker clients for each security
        origin. When there is no longer any clients for a given security origin, the
        StorageProcess asks the service worker process for the given origin to terminate
        and severs its connection to it.

        Change is covered by API test.

        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::markAllWorkersForOriginAsTerminated):
        Pass the security origin since this is called when a service worker process
        crashes. When a service worker process for origin A crashes, we only want
        to mark service workers in origin A as terminated, not ALL of them.

        (WebCore::SWServer::registerServiceWorkerClient):
        (WebCore::SWServer::unregisterServiceWorkerClient):
        (WebCore::SWServer::needsServerToContextConnectionForOrigin const):
        Tweak logic so that we only relaunch a service worker process if we still
        have clients for its security origin.

        * workers/service/server/SWServer.h:
        (WebCore::SWServer::disableServiceWorkerProcessTerminationDelay):
        Add a way to disable the service worker termination delay to facilitate
        testing.

        * workers/service/server/SWServerToContextConnection.h:

2018-03-23  Brady Eidson  <beidson@apple.com>

        Go to back/forward list items after a process-swapped navigation.
        <rdar://problem/38690544> and https://bugs.webkit.org/show_bug.cgi?id=183920

        Reviewed by Andy Estes.

        Covered by new API test.

        Most of the changes to WebCore are teaching HistoryItem navigations to know when they should
        do a policy check or not.

        * WebCore.xcodeproj/project.pbxproj:

        * history/BackForwardController.cpp:
        (WebCore::BackForwardController::goBackOrForward):
        (WebCore::BackForwardController::goBack):
        (WebCore::BackForwardController::goForward):

        * history/HistoryItem.cpp:
        (WebCore::HistoryItem::setStateObject): Actually push state object changes to the UIProcess.
          This was a long standing bug that made it difficult to effectively test this change.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadURLIntoChildFrame):
        (WebCore::FrameLoader::loadDifferentDocumentItem):
        (WebCore::FrameLoader::loadItem):
        (WebCore::FrameLoader::retryAfterFailedCacheOnlyMainResourceLoad):
        * loader/FrameLoader.h:
        * loader/FrameLoaderTypes.h:

        * loader/HistoryController.cpp:
        (WebCore::HistoryController::goToItem):
        (WebCore::HistoryController::setDefersLoading):
        (WebCore::HistoryController::recursiveGoToItem):
        * loader/HistoryController.h:

        * loader/NavigationPolicyCheck.h:

        * page/Page.cpp:
        (WebCore::Page::goToItem):
        * page/Page.h:

2018-03-23  John Wilander  <wilander@apple.com>

        Resource Load Statistics: Fix decoder key isPrevalentResource->isVeryPrevalentResource
        https://bugs.webkit.org/show_bug.cgi?id=183950
        <rdar://problem/38806275>

        Reviewed by Brent Fulgham.

        * loader/ResourceLoadStatistics.cpp:
        (WebCore::ResourceLoadStatistics::decode):
            Now isVeryPrevalentResource is decoded to the correct field.

2018-03-23  Youenn Fablet  <youenn@apple.com>

        WebProcessPool should not ask to register all clients for each service worker process creation
        https://bugs.webkit.org/show_bug.cgi?id=183941

        Reviewed by Chris Dumez.

        Covered by existing unit tests.
        Register all Documents of a process no matter its session ID when asked to.
        Make sure that whenever a WebProcess is asked to do so, any further Document will be registered
        by calling setMayHaveRegisteredServiceWorkers().
        This ensures that a WebProcess created before any service worker but empty at the time a service worker is created
        will actually register all its future clients.

        Add some assertions to ensure that a client is not registered twice.

        * workers/service/ServiceWorkerProvider.cpp:
        (WebCore::ServiceWorkerProvider::registerServiceWorkerClients):
        * workers/service/ServiceWorkerProvider.h:
        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::registerServiceWorkerClient):

2018-03-23  Eric Carlson  <eric.carlson@apple.com>

        HTMLElement factory doesn't need to call MediaPlayer::isAvailable
        https://bugs.webkit.org/show_bug.cgi?id=183946
        <rdar://problem/38802687>

        Reviewed by Youenn Fablet.

        Test: media/media-disabled.html

        * dom/make_names.pl:
        (printConstructorInterior):
        * page/Settings.yaml:
        * page/SettingsDefaultValues.h:

2018-03-23  David Kilzer  <ddkilzer@apple.com>

        Stop using dispatch_set_target_queue()
        <https://webkit.org/b/183908>
        <rdar://problem/33553533>

        Reviewed by Daniel Bates.

        No new tests since no change in behavior.

        * platform/mediastream/mac/AVMediaCaptureSource.mm:
        (WebCore::globaVideoCaptureSerialQueue): Remove use of
        dispatch_set_target_queue() by changing dispatch_queue_create()
        to dispatch_queue_create_with_target().

2018-03-23  Youenn Fablet  <youenn@apple.com>

        Use libwebrtc ObjectiveC H264 encoder and decoder
        https://bugs.webkit.org/show_bug.cgi?id=183912

        Reviewed by Eric Carlson.

        No observable change of behavior.
        Made use of libwebrtc WebKit utilities.
        Updated RealtimeINcomingVideoSourceCocoa as it now receives ObjcVideoFrame.

        * Configurations/WebCore.xcconfig:
        * SourcesCocoa.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/mediastream/libwebrtc/LibWebRTCProviderCocoa.cpp:
        (WebCore::LibWebRTCProviderCocoa::~LibWebRTCProviderCocoa):
        (WebCore::LibWebRTCProviderCocoa::setH264HardwareEncoderAllowed):
        (WebCore::LibWebRTCProviderCocoa::createDecoderFactory):
        (WebCore::LibWebRTCProviderCocoa::createEncoderFactory):
        (WebCore::LibWebRTCProviderCocoa::setActive):
        * platform/mediastream/libwebrtc/LibWebRTCProviderCocoa.h:
        * platform/mediastream/mac/RealtimeIncomingVideoSourceCocoa.mm: Renamed from Source/WebCore/platform/mediastream/mac/RealtimeIncomingVideoSourceCocoa.cpp.
        (WebCore::RealtimeIncomingVideoSourceCocoa::pixelBufferFromVideoFrame):
        (WebCore::RealtimeIncomingVideoSourceCocoa::OnFrame):
        * testing/Internals.cpp: Removed commented out include.

2018-03-23  Youenn Fablet  <youenn@apple.com>

        DocumentThreadableLoader should send credentials after redirections and preflight if fetch option credentials is include
        https://bugs.webkit.org/show_bug.cgi?id=183928

        Reviewed by Chris Dumez.

        Tests: imported/w3c/web-platform-tests/fetch/api/cors/cors-cookies-redirect.any.html
               imported/w3c/web-platform-tests/fetch/api/cors/cors-cookies-redirect.any.worker.html

        In case mode is include, keep sending credentials even after redirection with preflight.

        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::redirectReceived):

2018-03-23  Tim Horton  <timothy_horton@apple.com>

        Fix the build after r229858

        * platform/graphics/cocoa/GraphicsContext3DCocoa.mm:

2018-03-23  Youenn Fablet  <youenn@apple.com>

        Allow fully whitelisted plug-ins to match non HTTP URLs
        https://bugs.webkit.org/show_bug.cgi?id=183938
        rdar://problem/38534312

        Reviewed by Chris Dumez.

        Covered by manual testing and unit testing.

        * platform/URL.cpp:
        (WebCore::URL::isMatchingDomain const):

2018-03-23  Youenn Fablet  <youenn@apple.com>

        ActiveDOMObject should assert that they are destroyed in the thread they are created
        https://bugs.webkit.org/show_bug.cgi?id=183671

        Reviewed by Chris Dumez.

        No change of behavior.
        Moved MessagePort assertion to ActiveDOMObject.

        * dom/ActiveDOMObject.cpp:
        (WebCore::ActiveDOMObject::~ActiveDOMObject):
        * dom/ActiveDOMObject.h:
        * dom/MessagePort.cpp:
        (WebCore::MessagePort::~MessagePort):
        * dom/MessagePort.h:

2018-03-23  Youenn Fablet  <youenn@apple.com>

        Safari WebKitWebRTCAudioModule crash during <video> tag update when audio track present in MediaStream
        https://bugs.webkit.org/show_bug.cgi?id=181180
        <rdar://problem/36302375>

        Reviewed by Eric Carlson.

        Test: webrtc/video-update-often.html

        AudioTrackPrivateMediaStreamCocoa needs to be destroyed in the main thread since it owns a Ref to its MediaStreamTrackPrivate.
        We can still ref it on a background thread but we always deref it on the main thread.

        * platform/mediastream/mac/AudioTrackPrivateMediaStreamCocoa.cpp:
        (WebCore::AudioTrackPrivateMediaStreamCocoa::audioSamplesAvailable):
        (WebCore::AudioTrackPrivateMediaStreamCocoa::render):

2018-03-23  Sergio Villar Senin  <svillar@igalia.com>

        [css-grid] Fix auto repeat tracks computation with definite min sizes
        https://bugs.webkit.org/show_bug.cgi?id=183933

        Reviewed by Javier Fernandez.

        Indefinitely sized containers use the specified definite min-size (if any) as available
        space in order to compute the number of auto repeat tracks to create. A bug in that code was
        causing the grid to be one track larger than expected. That was only happening in the case
        of the free space being a multiple of the total size of the autorepeat tracks.

        Test: imported/w3c/web-platform-tests/css/css-grid/grid-definition/grid-inline-auto-repeat-001.html

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::computeAutoRepeatTracksCount const):

2018-03-23  Miguel Gomez  <magomez@igalia.com>

        [GTK][WPE] Avoid software color conversion inside BitmapTextureGL
        https://bugs.webkit.org/show_bug.cgi?id=183892

        Reviewed by Žan Doberšek.

        Always use RGBA format on BitmapTextureGL (when no other format is specifically requested). When
        the texture is updated from BGRA content, use a flag to indicate the shader to perform a color
        conversion during the painting. This way we don't need to swap the R and B components on the CPU.
        Also, remove one of the lists in BitmapTexturePool as now all of them have the same format, and
        remove the UpdateContentsFlag as we never need to modify the original image data.

        Covered by existent tests.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::updateTexture):
        * platform/graphics/texmap/BitmapTexture.cpp:
        (WebCore::BitmapTexture::updateContents):
        * platform/graphics/texmap/BitmapTexture.h:
        * platform/graphics/texmap/BitmapTextureGL.cpp:
        (WebCore::BitmapTextureGL::BitmapTextureGL):
        (WebCore::BitmapTextureGL::didReset):
        (WebCore::BitmapTextureGL::updateContents):
        (WebCore::BitmapTextureGL::applyFilters):
        (WebCore::swizzleBGRAToRGBA): Deleted.
        (WebCore::BitmapTextureGL::updateContentsNoSwizzle): Deleted.
        * platform/graphics/texmap/BitmapTextureGL.h:
        (WebCore::BitmapTextureGL::colorConvertFlags const):
        * platform/graphics/texmap/BitmapTexturePool.cpp:
        (WebCore::BitmapTexturePool::acquireTexture):
        (WebCore::BitmapTexturePool::releaseUnusedTexturesTimerFired):
        * platform/graphics/texmap/BitmapTexturePool.h:
        * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
        (WebCore::GraphicsLayerTextureMapper::updateBackingStoreIfNeeded):
        * platform/graphics/texmap/TextureMapperContextAttributes.cpp:
        (WebCore::TextureMapperContextAttributes::get):
        * platform/graphics/texmap/TextureMapperContextAttributes.h:
        * platform/graphics/texmap/TextureMapperGL.cpp:
        (WebCore::TextureMapperGL::drawNumber):
        (WebCore::TextureMapperGL::drawTexture):
        * platform/graphics/texmap/TextureMapperGL.h:
        * platform/graphics/texmap/TextureMapperLayer.cpp:
        (WebCore::TextureMapperLayer::paintIntoSurface):
        * platform/graphics/texmap/TextureMapperPlatformLayerBuffer.cpp:
        (WebCore::TextureMapperPlatformLayerBuffer::paintToTextureMapper):
        * platform/graphics/texmap/TextureMapperTile.cpp:
        (WebCore::TextureMapperTile::updateContents):
        * platform/graphics/texmap/TextureMapperTile.h:
        * platform/graphics/texmap/TextureMapperTiledBackingStore.cpp:
        (WebCore::TextureMapperTiledBackingStore::updateContentsFromImageIfNeeded):
        (WebCore::TextureMapperTiledBackingStore::updateContents):
        * platform/graphics/texmap/TextureMapperTiledBackingStore.h:

2018-03-23  Yusuke Suzuki  <utatane.tea@gmail.com>

        [WTF] Add standard containers with FastAllocator specialization
        https://bugs.webkit.org/show_bug.cgi?id=183789

        Reviewed by Darin Adler.

        * Modules/indexeddb/IDBKeyData.h:
        * Modules/mediasource/SampleMap.h:
        * Modules/mediasource/SourceBuffer.cpp:
        * Modules/webauthn/cbor/CBORValue.h:
        It did not use FastAllocator for its container.

        * page/WheelEventTestTrigger.h:
        * platform/audio/PlatformMediaSessionManager.h:
        * platform/graphics/avfoundation/objc/ImageDecoderAVFObjC.h:
        * platform/graphics/avfoundation/objc/ImageDecoderAVFObjC.mm:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        * platform/graphics/cv/VideoTextureCopierCV.cpp:
        (WebCore::YCbCrToRGBMatrixForRangeAndTransferFunction):
        * platform/mock/mediasource/MockSourceBufferPrivate.cpp:
        * platform/wpe/PlatformPasteboardWPE.cpp:
        * rendering/OrderIterator.h:

2018-03-23  Antoine Quint  <graouts@apple.com>

        [Web Animations] infinite repeat counts aren't reflected for CSS Animations
        https://bugs.webkit.org/show_bug.cgi?id=183932

        Reviewed by Dean Jackson.

        The "infinite" value for animation-repeat-count is reflected as a special value which resolves to -1. We need to check
        for this special value before setting the iterations count on the AnimationEffectTimingReadOnly object.

        * animation/CSSAnimation.cpp:
        (WebCore::CSSAnimation::syncPropertiesWithBackingAnimation):

2018-03-22  Antoine Quint  <graouts@apple.com>

        [Web Animations] Correctly cancel animations when a parent gets a "display: none" style or when an element is removed
        https://bugs.webkit.org/show_bug.cgi?id=183919

        Reviewed by Dean Jackson.

        The old CSSAnimationController provided a cancelAnimations(Element&) method that allowed for animations for a given element
        to be canceled when a parent element in the hierarchy gets a "display: none" style or if an element with animations is removed.
        We add a similar cancelAnimationsForElement(Element&) method on AnimationTimeline and update CSSAnimationController::cancelAnimations()
        call sites to use AnimationTimeline::cancelAnimationsForElement() when the flag to use Web Animations is on.

        * animation/AnimationTimeline.cpp:
        (WebCore::AnimationTimeline::cancelAnimationsForElement): Iterate over all animations for the provided element and call cancel() on them.
        * animation/AnimationTimeline.h:
        * animation/DocumentTimeline.cpp:
        (WebCore::DocumentTimeline::animatedStyleForRenderer): Drive-by fix while I was reviewed call sites to animationsForElement() to make
        sure we don't create extra RefPtr<> objects.
        * dom/Element.cpp:
        (WebCore::Element::removedFromAncestor): Call AnimationTimeline::cancelAnimationsForElement() if the Web Animations flag is on when an
        element is removed.
        * dom/PseudoElement.cpp:
        (WebCore::PseudoElement::clearHostElement): Call AnimationTimeline::cancelAnimationsForElement() if the Web Animations flag is on when
        a pseudo-element is removed.
        * rendering/updating/RenderTreeUpdater.cpp:
        (WebCore::RenderTreeUpdater::tearDownRenderers): Call AnimationTimeline::cancelAnimationsForElement() if the Web Animations flag is on
        for all children elements when an element gets a "display: none" style.

2018-03-23  Antoine Quint  <graouts@apple.com>

        [Web Animations] Animated transform styles are ignored when calling getComputedStyle()
        https://bugs.webkit.org/show_bug.cgi?id=183918

        Reviewed by Dean Jackson.

        Strictly looking at whether the renderer has a transform is a bad idea when determining whether a
        transform is applied for an element. Looking at the RenderStyle is preferable because in the case
        of animations running on the compositor, such as a transform-only animation or transition, the
        renderer doesn't necessarily have a transform style on it, since we don't blend properties in
        software as the animation progresses. Instead, all of the blending is performed by the compositor,
        and only the computed style object has the software-blended transform style on it.

        We do need to account for inline renderers though as these do not support transforms.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::computedTransform):

2018-03-22  Antoine Quint  <graouts@apple.com>

        [Web Animations] Support "transition: all" for CSS Transitions as Web Animations
        https://bugs.webkit.org/show_bug.cgi?id=183917

        Reviewed by Dean Jackson.

        We now support "transition: all" CSS Transitions by iterating over all known CSS properties should the mode
        of the backing animation be AnimateAll. Any property that we find to have a different value in the previous
        and current style will have a backing CSSTransition object created for it. To support this, we now explicitly
        provide a CSSPropertyID when creating a CSSTransition since we can no longer infer the transition property
        from the backing animation, as Animation objects with mode AnimateAll report CSSPropertyInvalid as their
        property.

        * animation/AnimationTimeline.cpp:
        (WebCore::shouldBackingAnimationBeConsideredForCSSTransition): New method that checks whether a given backing
        Animation object is suitable for consideration as a CSSTransition, where the mode must not be either AnimateNone
        or AnimateUnknownProperty, and should the mode be AnimateSingleProperty, the property must not be CSSPropertyInvalid.
        (WebCore::AnimationTimeline::updateCSSTransitionsForElement): We now assemble the list of previously animated
        properties by looking at the m_elementToCSSTransitionByCSSPropertyID map and getting its keys. Then we compile
        all backing Animation objects found in the old style that match the conditions enforced by the new method
        shouldBackingAnimationBeConsideredForCSSTransition(). Then as we iterate over backing Animation objects found
        in the new style, we iterate over all known CSS properties if the mode is AnimateAll, indicating that we're dealing
        with a "transition: all" style. If we're dealing with a single property, we only process that single property.
        * animation/CSSTransition.cpp:
        (WebCore::CSSTransition::create): Expect a new CSSPropertyID parameter when creating a new CSSTransition since
        we can no longer infer it from the backing Animation object.
        (WebCore::CSSTransition::CSSTransition): Expect a new CSSPropertyID parameter when creating a new CSSTransition
        since we can no longer infer it from the backing Animation object.
        (WebCore::CSSTransition::matchesBackingAnimationAndStyles const): We can no longer use the == overloaded operator
        for backing Animation objects to determine whether their respective properties match since this would compare the
        "property" member of both Animation objects and when going from a "transition: all" style to one targeting a single
        property, we would falsely identify mis-matching Animation objects. Instead, we pass a false flag to animationsMatch()
        which indicates that we don't care about matching the transition property itself.
        * animation/CSSTransition.h: Expose a new property() accessor which returns the CSSPropertyID passed at construction.
        * animation/KeyframeEffectReadOnly.cpp:
        (WebCore::KeyframeEffectReadOnly::computeCSSTransitionBlendingKeyframes): Use the new property() accessor on
        CSSTransition to get at the transition property.
        * platform/animation/Animation.cpp:
        (WebCore::Animation::animationsMatch const): Replace the boolean parameter, which was not in use in WebCore, to indicate
        whether we should match the property-related fields. We need this in CSSTransition::matchesBackingAnimationAndStyles().
        * platform/animation/Animation.h:

2018-03-22  Tim Horton  <timothy_horton@apple.com>

        Adopt WK_ALTERNATE_FRAMEWORKS_DIR in WebCore
        https://bugs.webkit.org/show_bug.cgi?id=183930
        <rdar://problem/38782249>

        Reviewed by Dan Bernstein.

        * Configurations/Base.xcconfig:
        * Configurations/WebCore.xcconfig:
        * Configurations/WebCoreTestSupport.xcconfig:

2018-03-22  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r229876.
        https://bugs.webkit.org/show_bug.cgi?id=183929

        Some webrtc tests are timing out on iOS simulator (Requested
        by youenn on #webkit).

        Reverted changeset:

        "Use libwebrtc ObjectiveC H264 encoder and decoder"
        https://bugs.webkit.org/show_bug.cgi?id=183912
        https://trac.webkit.org/changeset/229876

2018-03-22  Megan Gardner  <megan_gardner@apple.com>

        Expose more system colors via CSS
        https://bugs.webkit.org/show_bug.cgi?id=183764
        <rdar://problem/36975898>

        Reviewed by Tim Horton.

        Test: fast/css/apple-system-control-colors.html

        Expose Apple specific system colors via CSS.

        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::systemColor const):

2018-03-22  Nan Wang  <n_wang@apple.com>

        AX: Web table row count is incorrect when role row is added to <tr> in DOM
        https://bugs.webkit.org/show_bug.cgi?id=183922

        Reviewed by Chris Fleizach.

        Although the parent table for an ARIA grid row should be an ARIA table, we
        should return the native table if the row is native <tr>.

        Test: accessibility/row-with-aria-role-in-native-table.html

        * accessibility/AccessibilityARIAGridRow.cpp:
        (WebCore::AccessibilityARIAGridRow::parentTable const):

2018-03-22  Chris Dumez  <cdumez@apple.com>

        Include security origin in the service worker process name
        https://bugs.webkit.org/show_bug.cgi?id=183913

        Reviewed by Youenn Fablet.

        Updated localizable strings.

        * English.lproj/Localizable.strings:

2018-03-22  Youenn Fablet  <youenn@apple.com>

        Use libwebrtc ObjectiveC H264 encoder and decoder
        https://bugs.webkit.org/show_bug.cgi?id=183912

        Reviewed by Eric Carlson.

        No observable change of behavior.
        Made use of libwebrtc WebKit utilities.
        Updated RealtimeINcomingVideoSourceCocoa as it now receives ObjcVideoFrame.

        * Configurations/WebCore.xcconfig:
        * SourcesCocoa.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/mediastream/libwebrtc/LibWebRTCProviderCocoa.cpp:
        (WebCore::LibWebRTCProviderCocoa::~LibWebRTCProviderCocoa):
        (WebCore::LibWebRTCProviderCocoa::setH264HardwareEncoderAllowed):
        (WebCore::LibWebRTCProviderCocoa::createDecoderFactory):
        (WebCore::LibWebRTCProviderCocoa::createEncoderFactory):
        (WebCore::LibWebRTCProviderCocoa::setActive):
        * platform/mediastream/libwebrtc/LibWebRTCProviderCocoa.h:
        * platform/mediastream/mac/RealtimeIncomingVideoSourceCocoa.mm: Renamed from Source/WebCore/platform/mediastream/mac/RealtimeIncomingVideoSourceCocoa.cpp.
        (WebCore::RealtimeIncomingVideoSourceCocoa::pixelBufferFromVideoFrame):
        (WebCore::RealtimeIncomingVideoSourceCocoa::OnFrame):
        * testing/Internals.cpp: Removed commented out include.

2018-03-22  Michael Catanzaro  <mcatanzaro@gnome.org>

        Unreviewed, fix format string warnings in service worker code

        On Linux x86_64, uint64_t is unsigned long, not unsigned long long.

        * workers/service/ServiceWorkerContainer.cpp:
        (WebCore::ServiceWorkerContainer::addRegistration):
        (WebCore::ServiceWorkerContainer::removeRegistration):
        (WebCore::ServiceWorkerContainer::updateRegistration):
        (WebCore::ServiceWorkerContainer::jobFailedWithException):
        (WebCore::ServiceWorkerContainer::jobResolvedWithRegistration):
        (WebCore::ServiceWorkerContainer::jobResolvedWithUnregistrationResult):
        (WebCore::ServiceWorkerContainer::startScriptFetchForJob):
        (WebCore::ServiceWorkerContainer::jobFinishedLoadingScript):
        (WebCore::ServiceWorkerContainer::jobFailedLoadingScript):

2018-03-22  Daniel Bates  <dabates@apple.com>

        Expose SchemeRegistry::registerAsCanDisplayOnlyIfCanRequest() as WebKit SPI
        https://bugs.webkit.org/show_bug.cgi?id=183907
        <rdar://problem/38759127>

        Reviewed by Alex Christensen.

        Exports SchemeRegistry::registerAsCanDisplayOnlyIfCanRequest() so that we can use it from WebKit.

        * platform/SchemeRegistry.h:

2018-03-22  Daniel Bates  <dabates@apple.com>

        CSS mask images should be retrieved using potentially CORS-enabled fetch
        https://bugs.webkit.org/show_bug.cgi?id=179983
        <rdar://problem/35678149>

        Reviewed by Brent Fulgham.

        As per <https://drafts.fxtf.org/css-masking-1/#priv-sec> (Editor's Draft, 23 December 2017)
        we should fetch CSS mask images using a potentially CORS-enabled fetch.

        Both cross-origin CSS shape-outside images and CSS mask images may be sensitive to timing
        attacks that can be used to reveal their pixel data when retrieved without regard to CORS.
        For the same reason that we fetch CSS shape-outside images using a potentially CORS-enabled
        fetch we should fetch CSS mask the same way. This also makes the behavior of WebKit more
        closely align with the behavior in the spec.

        Test: http/tests/security/css-mask-image.html

        * style/StylePendingResources.cpp: Substitute LoadPolicy::NoCORS and LoadPolicy::Anonymous for
        LoadPolicy::Normal and LoadPolicy::ShapeOutside, respectively, to match the terminology used
        in the HTML, CSS Shapes Module Level 1, and CSS Masking Module Level 1 specs.
        (WebCore::Style::loadPendingImage): Ditto.
        (WebCore::Style::loadPendingResources): Use load policy LoadPolicy::Anonymous when fetching
        a mask image or shape-outside image.

2018-03-22  Zalan Bujtas  <zalan@apple.com>

        [Simple line layout] Text with letter spacing is not positioned properly.
        https://bugs.webkit.org/show_bug.cgi?id=183079
        <rdar://problem/38762569>

        Reviewed by Antti Koivisto.

        We need to recompute RenderText::m_canUseSimplifiedTextMeasuring when the font cascade changes
        since we might not be able to use the fast path anymore.

        Test: fast/text/simple-line-layout-dynamic-letter-word-spacing.html

        * rendering/RenderText.cpp:
        (WebCore::RenderText::styleDidChange):

2018-03-21  Antoine Quint  <graouts@apple.com>

        [Web Animations] Make imported/mozilla/css-animations/test_event-dispatch.html pass reliably
        https://bugs.webkit.org/show_bug.cgi?id=183845

        Reviewed by Dean Jackson.

        Finish the work to get DOM events for CSS Animations and CSS Transitions dispatching as specified.

        * animation/AnimationEffectReadOnly.cpp: Move timeEpsilon to be shared as part of WebAnimationUtilities.h since we now need it in
        WebAnimation::timeToNextRequiredTick().
        * animation/AnimationTimeline.cpp:
        (WebCore::AnimationTimeline::updateCSSAnimationsForElement): We add a pre-emptive return clause when we know that the AnimationList
        for previous and current styles are a match.
        * animation/CSSTransition.cpp:
        (WebCore::CSSTransition::matchesBackingAnimationAndStyles const): Ensure we have a valid effect before downcasting it.
        * animation/DeclarativeAnimation.cpp:
        (WebCore::DeclarativeAnimation::initialize): We need to call pause() for declarative animations that aren't playing so that the animation's
        playState is set correctly and the animation is not idle.
        * animation/DocumentTimeline.cpp:
        (WebCore::DocumentTimeline::updateAnimationSchedule): We no longer need to pass the current time to timeToNextRequiredTick() since the method has
        been reworked to use the animation's current time, which is based on the timeline's current time.
        (WebCore::DocumentTimeline::updateAnimations): Avoid creating a copy when iterating over pending hardware animations.
        * animation/KeyframeEffectReadOnly.cpp:
        (WebCore::KeyframeEffectReadOnly::stylesWouldYieldNewCSSTransitionsBlendingKeyframes const): We should never generate new blending keyframes if the
        old and new styles contain the same value, since there would be no transition between two equal values, and we should only look at whether the new
        style value and the recorded target value differ to determine if new blending keyframes are necessary.
        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::timeToNextRequiredTick const): We correct our scheduling code which was shown to be broken in several of the newly-imported
        Mozilla tests. Any running animation is now scheduled to invalidate again on the next tick, and we use timeEpsilon from WebAnimationUtilities.h to
        correctly check if we're right at the active threshold, when we also invalidate on the next tick. If our current time is negative, in other words
        when the animation has not yet started, we schedule this animation's next tick to be the negative of that value. In all other cases, no invalidation
        needs to be scheduled.
        * animation/WebAnimation.h: We move updateFinishedState() to private since this method is not actually used outside of WebAnimation.cpp.
        * animation/WebAnimationUtilities.h: Move timeEpsilon to be shared as part of WebAnimationUtilities.h.

2018-03-22  Tim Horton  <timothy_horton@apple.com>

        Improve readability of WebCore's OTHER_LDFLAGS
        https://bugs.webkit.org/show_bug.cgi?id=183909
        <rdar://problem/38760992>

        Reviewed by Dan Bernstein.

        * Configurations/Base.xcconfig:
        * Configurations/FeatureDefines.xcconfig:
        * Configurations/WebCore.xcconfig:

2018-03-22  Tim Horton  <timothy_horton@apple.com>

        Adopt USE(OPENGL[_ES]) in more places
        https://bugs.webkit.org/show_bug.cgi?id=183882
        <rdar://problem/37912195>

        Reviewed by Dan Bernstein.

        * platform/graphics/GraphicsContext3D.h:
        * platform/graphics/cocoa/GraphicsContext3DCocoa.mm:
        (WebCore::hasMuxableGPU):
        (WebCore::GraphicsContext3DManager::updateHighPerformanceState):
        (WebCore::GraphicsContext3D::GraphicsContext3D):
        (WebCore::GraphicsContext3D::~GraphicsContext3D):
        (WebCore::GraphicsContext3D::makeContextCurrent):
        (WebCore::GraphicsContext3D::checkGPUStatus):
        (WebCore::GraphicsContext3D::texImageIOSurface2D):
        * platform/graphics/cocoa/WebGLLayer.h:
        * platform/graphics/cocoa/WebGLLayer.mm:
        (-[WebGLLayer initWithGraphicsContext3D:]):
        (-[WebGLLayer copyImageSnapshotWithColorSpace:]):
        (-[WebGLLayer display]):
        * platform/graphics/ios/GraphicsContext3DIOS.h:
        * platform/graphics/opengl/Extensions3DOpenGL.cpp:
        (WebCore::Extensions3DOpenGL::blitFramebuffer):
        (WebCore::Extensions3DOpenGL::createVertexArrayOES):
        (WebCore::Extensions3DOpenGL::deleteVertexArrayOES):
        (WebCore::Extensions3DOpenGL::isVertexArrayOES):
        (WebCore::Extensions3DOpenGL::bindVertexArrayOES):
        * platform/graphics/opengl/Extensions3DOpenGL.h:
        * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
        (WebCore::GraphicsContext3D::reshapeFBOs):
        (WebCore::GraphicsContext3D::resolveMultisamplingIfNecessary):
        (WebCore::GraphicsContext3D::renderbufferStorage):
        (WebCore::GraphicsContext3D::getIntegerv):
        (WebCore::GraphicsContext3D::texImage2D):
        (WebCore::GraphicsContext3D::depthRange):
        (WebCore::GraphicsContext3D::clearDepth):
        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
        (WebCore::GraphicsContext3D::paintRenderingResultsToCanvas):
        Make it a bit more clear which code is platform-dependent and which code is GL/GLES-dependent.

2018-03-22  Zan Dobersek  <zdobersek@igalia.com>

        [TexMap] Make TextureMapperContextAttributes thread-specific
        https://bugs.webkit.org/show_bug.cgi?id=183895

        Reviewed by Carlos Garcia Campos.

        Store the TextureMapperContextAttributes in a thread-specific manner.
        The TextureMapperContextAttributes::get() method is now used to retrieve
        a reference to that thread-specific object. If it's not been initialized
        yet, then the current GL context is used for the initialization, as it
        used to be done in the now-removed initialize() method.

        TextureMapperPlatformLayerBuffer::clone() method now doesn't need to
        be passed a TextureMapperGL object, since the texture can be created
        directly by calling BitmapTextureGL::create(), passing the
        TextureMapperContextAttributes object that's retrieved from the
        thread-specific storage. This further simplifies the
        TextureMapperPlatformLayerProxy::Compositor interface, removing the
        texmapGL() getter from it.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::pushTextureToCompositor):
        * platform/graphics/texmap/TextureMapperContextAttributes.cpp:
        (WebCore::threadSpecificAttributes):
        (WebCore::TextureMapperContextAttributes::get):
        (WebCore::TextureMapperContextAttributes::initialize): Deleted.
        * platform/graphics/texmap/TextureMapperContextAttributes.h:
        * platform/graphics/texmap/TextureMapperGL.cpp:
        (WebCore::TextureMapperGL::TextureMapperGL):
        * platform/graphics/texmap/TextureMapperPlatformLayerBuffer.cpp:
        (WebCore::TextureMapperPlatformLayerBuffer::clone):
        * platform/graphics/texmap/TextureMapperPlatformLayerBuffer.h:
        * platform/graphics/texmap/TextureMapperPlatformLayerProxy.cpp:
        (WebCore::TextureMapperPlatformLayerProxy::dropCurrentBufferWhilePreservingTexture):
        * platform/graphics/texmap/TextureMapperPlatformLayerProxy.h:

2018-03-22  Zalan Bujtas  <zalan@apple.com>

        SVG root is skipped while marking percentage height descendants dirty.
        https://bugs.webkit.org/show_bug.cgi?id=183877

        Reviewed by Antti Koivisto.

        Calling continingBlock() to get to the correct container works as long as the ancestor inline element
        renderers are wrapped in anonymous blocks (continuation for example).

        While the SVG root renderer is an inline renderer, it is not wrapped or normalized in any way,
        so containingBlock() will elegantly skip it and return an SVG root ancestor.
        dirtyForLayoutFromPercentageHeightDescendants calls containingBlock() to walk up
        on the ancestor chain to mark elements dirty. This fails when there's an SVG subtree in the block chain.
        This patch marks the SVG subtree chain dirty to ensure that layout will get to all the dirty leaf renderers 
        (note that the SVG subtree is supposed to have only statically positioned elements so parent == containing block).

        Covered by existing tests.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::dirtyForLayoutFromPercentageHeightDescendants):

2018-03-22  Adrian Perez de Castro  <aperez@igalia.com>

        [WPE][GTK] Build failure when ENABLE_VIDEO, ENABLE_WEB_AUDIO and ENABLE_XSLT are disabled
        https://bugs.webkit.org/show_bug.cgi?id=183896

        Reviewed by Yusuke Suzuki.

        No new tests needed.

        * bindings/js/JSWebAnimationCustom.cpp: Add missing #include of Document.h

2018-03-21  Chris Dumez  <cdumez@apple.com>

        Regression(r229828): WebKit.NoHistoryItemScrollToFragment API test is failing on iOS
        https://bugs.webkit.org/show_bug.cgi?id=183886

        Reviewed by Wenson Hsieh.

        Since r229828, the FrameLoader needs to call FrameLoaderClient::didDecidePolicyForNavigationAction()
        whenever a navigation policy decision is made. I added such a call r229828 to
        FrameLoader::continueLoadAfterNavigationPolicy() but forgot to add one to
        FrameLoader::continueFragmentScrollAfterNavigationPolicy(), which is the equivalent
        for fragment navigations.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::continueFragmentScrollAfterNavigationPolicy):

2018-03-21  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Disconnect the SVGPathSegList items from their SVGPathElement before rebuilding a new list
        https://bugs.webkit.org/show_bug.cgi?id=183723
        <rdar://problem/38517871>

        Reviewed by Daniel Bates.

        When setting the "d" attribute directly on a path, we rebuild the list
        of path segments held for creating the property tear off. The old path
        segments need to get disconnected from the path element. We already do 
        that when a path segment is replaced or removed.

        Test: svg/dom/reuse-pathseg-after-changing-d.html

        * svg/SVGPathElement.cpp:
        (WebCore::SVGPathElement::svgAttributeChanged):
        * svg/SVGPathSegList.cpp:
        (WebCore::SVGPathSegList::clear): SVGPathSegListValues::clearContextAndRoles()
        will now be called from SVGPathSegListValues::clear() via SVGListProperty::clearValues().
        (WebCore::SVGPathSegList::replaceItem):
        (WebCore::SVGPathSegList::removeItem):
        (WebCore::SVGPathSegList::clearContextAndRoles): Deleted.
        * svg/SVGPathSegList.h: SVGPathSegListValues::clearContextAndRoles() will
        now be called from SVGPathSegListValues::clear() via SVGListProperty::initializeValues().
        * svg/SVGPathSegListValues.cpp:
        (WebCore::SVGPathSegListValues::clearItemContextAndRole):
        (WebCore::SVGPathSegListValues::clearContextAndRoles):
        * svg/SVGPathSegListValues.h:
        (WebCore::SVGPathSegListValues::operator=):
        (WebCore::SVGPathSegListValues::clear):

2018-03-21  Antoine Quint  <graouts@apple.com>

        [Web Animations] Ensure animationcancel and transitioncancel events are dispatched
        https://bugs.webkit.org/show_bug.cgi?id=183864

        Reviewed by Dean Jackson.

        In order to correctly dispatch animationcancel and transitioncancel events, we must call cancel() on CSSAnimation and CSSTransitions
        objects that are removed while in a play or pause phase. Additionally, we cancel declarative animations that are moving from a valid
        to a null timeline. Finally, when cancel() is called on a declarative animation, we record the timestamp and manually call
        invalidateDOMEvents() passing that timestamp in to ensure that the right phase change is recorded and results in the queuing of
        animationcancel and transitioncancel events.

        * animation/AnimationTimeline.cpp:
        (WebCore::AnimationTimeline::updateCSSAnimationsForElement): Make sure we cancel all recorded CSS Animations when we newly get a
        "display: none" style. We also call the new cancelOrRemoveDeclarativeAnimation() method, instead of removing animations outright,
        for all animations that previously existed but are no longer listed in the current style.
        (WebCore::AnimationTimeline::updateCSSTransitionsForElement): Like in updateCSSAnimationsForElement(), we cancel all recorded CSS
        Transitions when we newly get a "display: none" style. We now use the refactored removeDeclarativeAnimation() method to remove an
        a transition for a property that was already transitioned in the previous style but has a new backing Animation object. Finally,
        like in updateCSSAnimationsForElement(), we call the new cancelOrRemoveDeclarativeAnimation() method, instead of removing transitions
        outright, for all transitions that previously existed but are no longer listed in the current style.
        (WebCore::AnimationTimeline::removeDeclarativeAnimation): Refactor code into this new method to remove a declarative animation.
        (WebCore::AnimationTimeline::cancelOrRemoveDeclarativeAnimation): Cancels a DeclarativeAnimation if it's active or removes it right away.
        * animation/AnimationTimeline.h:
        * animation/DeclarativeAnimation.cpp:
        (WebCore::DeclarativeAnimation::setTimeline): If we're moving from a valid timeline to a null timeline, call cancel() on this animation
        such that an animationcancel or transitioncancel event can be dispatched.
        (WebCore::DeclarativeAnimation::cancel): Cancelations require the computation of the time at which a declarative animation was canceled,
        so we record the animation's active time as it's canceled and manually call invalidateDOMEvents() with that time after the general cancel()
        code has run.
        (WebCore::DeclarativeAnimation::invalidateDOMEvents): Accept an explicit timestamp for cancel events.
        * animation/DeclarativeAnimation.h:
        * animation/WebAnimation.h:

2018-03-21  Chris Dumez  <cdumez@apple.com>

        ScrollViewInsetTests.RestoreInitialContentOffsetAfterCrash API test is failing with async delegates
        https://bugs.webkit.org/show_bug.cgi?id=183787

        Reviewed by Wenson Hsieh.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::continueLoadAfterNavigationPolicy):
        * loader/FrameLoaderClient.h:

2018-03-21  Eric Carlson  <eric.carlson@apple.com>

        Clean up platform VideoFullscreenLayerManager
        https://bugs.webkit.org/show_bug.cgi?id=183859
        <rdar://problem/38715419>

        Reviewed by Jer Noble.

        No new tests, no functional change.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/graphics/VideoFullscreenLayerManager.h: Copied from Source/WebCore/platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.h.
        (WebCore::VideoFullscreenLayerManager::~VideoFullscreenLayerManager):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::MediaPlayerPrivateAVFoundationObjC):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerLayer):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::destroyVideoLayer):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::platformLayer const):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenLayer):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenFrame):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::updateVideoLayerGravity):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::requiresTextTrackRepresentation const):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::syncTextTrackBounds):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setTextTrackRepresentation):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::MediaPlayerPrivateMediaSourceAVFObjC):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::platformLayer const):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::ensureLayer):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::destroyLayer):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setVideoFullscreenLayer):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setVideoFullscreenFrame):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::requiresTextTrackRepresentation const):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::syncTextTrackBounds):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setTextTrackRepresentation):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::MediaPlayerPrivateMediaStreamAVFObjC):
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayers):
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::destroyLayers):
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::platformLayer const):
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setVideoFullscreenLayer):
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setVideoFullscreenFrame):
        * platform/graphics/avfoundation/objc/VideoFullscreenLayerManagerObjC.h: Renamed from Source/WebCore/platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.h.
        * platform/graphics/avfoundation/objc/VideoFullscreenLayerManagerObjC.mm: Renamed from Source/WebCore/platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.mm.
        (-[WebVideoContainerLayer setBounds:]):
        (-[WebVideoContainerLayer setPosition:]):
        (WebCore::VideoFullscreenLayerManagerObjC::VideoFullscreenLayerManagerObjC):
        (WebCore::VideoFullscreenLayerManagerObjC::setVideoLayer):
        (WebCore::VideoFullscreenLayerManagerObjC::setVideoFullscreenLayer):
        (WebCore::VideoFullscreenLayerManagerObjC::setVideoFullscreenFrame):
        (WebCore::VideoFullscreenLayerManagerObjC::didDestroyVideoLayer):
        (WebCore::VideoFullscreenLayerManagerObjC::requiresTextTrackRepresentation const):
        (WebCore::VideoFullscreenLayerManagerObjC::syncTextTrackBounds):
        (WebCore::VideoFullscreenLayerManagerObjC::setTextTrackRepresentation):

2018-03-21  Antoine Quint  <graouts@apple.com>

        [Web Animations] Dispatch DOM events for CSS Transitions and CSS Animations implemented as Web Animations
        https://bugs.webkit.org/show_bug.cgi?id=183781

        Reviewed by Dean Jackson.

        Now that we've implemented CSS Animations and CSS Transitions as Web Animations (webkit.org/b/183504) we can dispatch DOM events
        for targets of DeclarativeAnimation objects. To do that, we add a new invalidateDOMEvents() method on DeclarativeAnimations which
        is called when the timer scheduled after the timing model has been invalidated fires in DocumentTimeline::performInvalidationTask().
        When we check for DOM events to dispatch, we look at the last recorded phase and iteration and determine whether the state of the
        animation has changed. We use a GenericEventQueue to enqueue the events such that they are dispatched asynchronously at a moment
        when it is safe to evaluate script.

        * animation/AnimationEffectReadOnly.h: Make currentIteration() public since we now need it in DeclarativeAnimation::invalidateDOMEvents().
        * animation/CSSAnimation.cpp:
        (WebCore::CSSAnimation::create): Pass the animation target to the constructor instead of its document.
        (WebCore::CSSAnimation::CSSAnimation): Pass the animation target to the superclass instead of its document.
        * animation/CSSAnimation.h:
        * animation/CSSTransition.cpp:
        (WebCore::CSSTransition::create): Pass the animation target to the constructor instead of its document.
        (WebCore::CSSTransition::CSSTransition): Pass the animation target to the superclass instead of its document.
        * animation/CSSTransition.h:
        * animation/DeclarativeAnimation.cpp:
        (WebCore::DeclarativeAnimation::DeclarativeAnimation): Expect an Element instead of a Document and use that element as the target of the
        GenericEventQueue that we initialize. We also register this element as our m_target.
        (WebCore::DeclarativeAnimation::~DeclarativeAnimation): Close the GenericEventQueue member upon destruction.
        (WebCore::DeclarativeAnimation::initialize): We need to call pause() for declarative animations that aren't playing so that the animation's
        playState is set correctly and the animation is not idle.
        (WebCore::DeclarativeAnimation::phaseWithoutEffect const): Because we may need to get an animation's current phase in invalidateDOMEvents()
        after an animation's effect has been removed, we provide an alternate way to compute the phase just by looking at the animation's current time.
        (WebCore::DeclarativeAnimation::invalidateDOMEvents): Based on the previous and current pending state, iteration and phase, we enqueue animation
        and transition DOM events as specified by the CSS Animations Level 2 and CSS Transitions Level 2 specifications.
        (WebCore::DeclarativeAnimation::enqueueDOMEvent): Enqueue an event on the GenericEventQueue based on the animation type.
        * animation/DeclarativeAnimation.h:
        * animation/DocumentTimeline.cpp:
        (WebCore::DocumentTimeline::performInvalidationTask): We call invalidateDOMEvents() on all declarative animations registered with this timeline
        now that the timing model has been invalidated.
        * dom/EventNames.h: Add the names of newly-implemented events (animationcancel, transitioncancel, transitionrun and transitionstart).
        * dom/GlobalEventHandlers.idl: Add new attribute-based event handlers for the newly-implemented events.
        * html/HTMLAttributeNames.in: Add new attribute-based event handlers for the newly-implemented events.
        * html/HTMLElement.cpp:
        (WebCore::HTMLElement::createEventHandlerNameMap): Add new attribute-based event handlers for the newly-implemented events.

2018-03-21  Per Arne Vollan  <pvollan@apple.com>

        Compile error when not using IOSurface canvas backing store.
        https://bugs.webkit.org/show_bug.cgi?id=183855

        Reviewed by Brent Fulgham.

        The method IOSurface::createFromImageBuffer is only referenced when IOSurface
        is used as canvas backing store.

        * platform/graphics/cocoa/IOSurface.h:
        * platform/graphics/cocoa/IOSurface.mm:

2018-03-21  Zan Dobersek  <zdobersek@igalia.com>

        [CoordGraphics] Track dirty rects that need update in CoordinatedGraphicsLayer
        https://bugs.webkit.org/show_bug.cgi?id=175376

        Reviewed by Carlos Garcia Campos.

        Follow the GraphicsLayerCA class and track rectangles in need of display
        in a Vector object. In case the whole layer needs updating, it's marked
        separately, and further rects are ignored.

        During layer flush, all the rects are used to invalidate the backing
        store, or a single layer-sized rect is used in case the whole layer has
        to be updated. We can also bail early from updateContentBuffers() if
        there are no dirty rects recorded and there's no pending visible rect
        adjustment.

        At the end of updateContentBuffers() we now test for an existing
        previous backing store before inquiring the backing store if the visible
        area is already covered, enabling deletion of this backing store.

        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::CoordinatedGraphicsLayer::setNeedsDisplay):
        (WebCore::CoordinatedGraphicsLayer::setNeedsDisplayInRect):
        (WebCore::CoordinatedGraphicsLayer::updateContentBuffers):
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:

2018-03-21  Carlos Alberto Lopez Perez  <clopez@igalia.com>

        [WPE] Build failure with ENABLE_VIDEO=OFF when GStreamer is not available
        https://bugs.webkit.org/show_bug.cgi?id=183811

        Reviewed by Philippe Normand.

        Add build guards for USE_GSTREAMER.

        No new tests, it is a build fix.

        * platform/graphics/gstreamer/GStreamerUtilities.h:

2018-03-21  Zan Dobersek  <zdobersek@igalia.com>

        [Cairo] Draw Cairo patterns with cairo_paint_with_alpha()
        https://bugs.webkit.org/show_bug.cgi?id=183774

        Reviewed by Carlos Garcia Campos.

        In the drawPatternToCairoContext() helper in CairoOperations.cpp source
        file, always clip the painting region to the specified rectangle and
        then use cairo_paint_with_alpha() to paint the passed-in pattern object,
        not relaying rasterization to cairo_fill() when using opaque alpha. We
        still clamp the alpha value to the 0.0 - 1.0 range.

        No new tests -- no change in behavior.

        * platform/graphics/cairo/CairoOperations.cpp:
        (WebCore::Cairo::drawPatternToCairoContext):

2018-03-21  Zan Dobersek  <zdobersek@igalia.com>

        [TexMap] Have TextureMapperLayer::applyAnimationsRecursively() return running animation status
        https://bugs.webkit.org/show_bug.cgi?id=183771

        Reviewed by Carlos Garcia Campos.

        TextureMapperLayer::applyAnimationsRecursively() should return true when
        the TextureMapperLayer tree has currently-running animations that
        require continuous scene update.

        TextureMapperAnimation::ApplicationResult gains the hasRunningAnimation
        member that's set to true if any of the applied animations are still in
        playing state. That information is then returned in syncAnimations(),
        and the result is accumulated in the top applyAnimationsRecursively()
        call and returned there to the caller.

        No new tests -- no change in behavior.

        * platform/graphics/texmap/TextureMapperAnimation.cpp:
        (WebCore::TextureMapperAnimation::apply):
        * platform/graphics/texmap/TextureMapperAnimation.h:
        * platform/graphics/texmap/TextureMapperLayer.cpp:
        (WebCore::TextureMapperLayer::applyAnimationsRecursively):
        (WebCore::TextureMapperLayer::syncAnimations):
        * platform/graphics/texmap/TextureMapperLayer.h:

2018-03-21  Zan Dobersek  <zdobersek@igalia.com>

        Use-after-move in SWContextManager::terminateWorker() with Linux x86_64 calling convention
        https://bugs.webkit.org/show_bug.cgi?id=183783

        Reviewed by Chris Dumez.

        In SWContextManager::terminateWorker(), some calling conventions can
        end up moving the ServiceWorkerThreadProxy RefPtr into the lambda struct
        before that proxy's thread (on which the lambda is bound to execute) is
        retrieved.

        Avoid this by taking a reference to the thread in a separate earlier
        expression, before the RefPtr is moved into the lambda in the following
        one.

        * workers/service/context/SWContextManager.cpp:
        (WebCore::SWContextManager::terminateWorker):

2018-03-21  Timothy Horton  <timothy_horton@apple.com>

        Fix the build

        * platform/network/cf/FormDataStreamCFNet.cpp:

2018-03-20  Tim Horton  <timothy_horton@apple.com>

        Introduce HAVE_MEDIA_PLAYER and HAVE_CORE_VIDEO
        https://bugs.webkit.org/show_bug.cgi?id=183803
        <rdar://problem/38690487>

        Reviewed by Sam Weinig.

        * platform/audio/ios/MediaSessionManagerIOS.mm:
        (WebCore::MediaSessionManageriOS::configureWireLessTargetMonitoring):
        (WebCore::MediaSessionManageriOS::updateNowPlayingInfo):
        (-[WebMediaSessionHelper initWithCallback:]):
        (-[WebMediaSessionHelper dealloc]):
        (-[WebMediaSessionHelper hasWirelessTargetsAvailable]):
        * platform/cocoa/CoreVideoSoftLink.cpp:
        * platform/cocoa/CoreVideoSoftLink.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createVideoLayer):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::hasAvailableVideoFrame const):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::updateLastImage):
        * platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm:
        (WebCore::MediaSampleAVFObjC::getRGBAImageData const):
        * platform/graphics/cv/PixelBufferConformerCV.cpp:
        * platform/graphics/cv/PixelBufferConformerCV.h:
        * platform/graphics/cv/TextureCacheCV.h:
        * platform/graphics/cv/TextureCacheCV.mm:
        * platform/graphics/cv/VideoTextureCopierCV.cpp:
        * platform/graphics/cv/VideoTextureCopierCV.h:
        Make it possible to disable our dependency on MediaPlayer and CoreVideo.

2018-03-20  Tim Horton  <timothy_horton@apple.com>

        Enable the minimal simulator feature flag when appropriate
        https://bugs.webkit.org/show_bug.cgi?id=183807

        Reviewed by Dan Bernstein.

        * Configurations/FeatureDefines.xcconfig:

2018-03-19  Ryosuke Niwa  <rniwa@webkit.org>

        Expose content attributes on _WKLinkIconParameters
        https://bugs.webkit.org/show_bug.cgi?id=183768

        Reviewed by Alex Christensen.

        Collect a vector of content attributes upon finding touch and fav-icons in order to expose it in a WebKit API.

        Tests: IconLoading.DefaultFavicon

        * html/LinkIconCollector.cpp:
        (WebCore::LinkIconCollector::iconsOfTypes): Collect attributes.
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::startIconLoading): Use an empty vector for /favicon.ico.
        * platform/LinkIcon.h:
        (WebCore::LinkIcon::encode const): Encode the vector of content attributes.
        (WebCore::LinkIcon::decode): Ditto for decoding.

2018-03-20  Zalan Bujtas  <zalan@apple.com>

        RenderTreeNeedsLayoutChecker fails with absolutely positioned svg and <use>
        https://bugs.webkit.org/show_bug.cgi?id=183718

        Reviewed by Antti Koivisto.

        This patch ensures after resolving the style for an SVG element with a corresponding element (<use>),
        we adjust this style for the cloned SVG element too.

        Test: svg/in-html/path-with-absolute-positioned-svg-and-use-crash.html

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::adjustSVGElementStyle):
        (WebCore::StyleResolver::adjustRenderStyle):
        * css/StyleResolver.h:
        * svg/SVGElement.cpp:
        (WebCore::SVGElement::resolveCustomStyle):

2018-03-20  Brady Eidson  <beidson@apple.com>

        First piece of process swapping on navigation.
        https://bugs.webkit.org/show_bug.cgi?id=183665

        Reviewed by Andy Estes.

        Covered by API test(s)

        This patch:
        - A new PolicyAction::Suspend for future use in this feature
        - Makes sure that loads triggered as part of a process swap do *not* re-consult the policy delegate

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::continueAfterContentPolicy):

        * loader/FrameLoadRequest.h:
        (WebCore::FrameLoadRequest::setShouldCheckNavigationPolicy):
        (WebCore::FrameLoadRequest::shouldCheckNavigationPolicy const):

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::load):
        (WebCore::FrameLoader::loadWithDocumentLoader):
        * loader/FrameLoader.h:

        * loader/FrameLoaderTypes.h: Add a new Policy type "Suspend" to be used in the future
          by the process-swap-on-navigation mechanism.

        * loader/PolicyChecker.cpp:
        (WebCore::PolicyChecker::checkNavigationPolicy):
        (WebCore::PolicyChecker::checkNewWindowPolicy):

2018-03-20  Chris Dumez  <cdumez@apple.com>

        QuickLook.NavigationDelegate API test is failing on iOS with async policy delegates
        https://bugs.webkit.org/show_bug.cgi?id=183791

        Reviewed by Alex Christensen.

        Update PreviewLoader to not send data (or call finishFinishLoading) until
        the resource response has been processed.

        * loader/ios/PreviewLoader.mm:
        (-[WebPreviewLoader _sendDidReceiveResponseIfNecessary]):
        (-[WebPreviewLoader connection:didReceiveData:lengthReceived:]):
        (-[WebPreviewLoader connectionDidFinishLoading:]):

2018-03-20  Antoine Quint  <graouts@apple.com>

        [Web Animations] Update the timing model when pending tasks schedule changes
        https://bugs.webkit.org/show_bug.cgi?id=183785

        Reviewed by Dean Jackson.

        Changing the time at which a pending play or pause task is scheduled changes the pending
        state of the animation and thus should notify that the timing model has changed and invalidate
        the effect.

        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::setTimeToRunPendingPlayTask):
        (WebCore::WebAnimation::setTimeToRunPendingPauseTask):
        (WebCore::WebAnimation::updatePendingTasks):

2018-03-20  Tim Horton  <timothy_horton@apple.com>

        Add and adopt WK_PLATFORM_NAME and adjust default feature defines
        https://bugs.webkit.org/show_bug.cgi?id=183758
        <rdar://problem/38017644>

        Reviewed by Dan Bernstein.

        * Configurations/Base.xcconfig:
        * Configurations/FeatureDefines.xcconfig:
        * WebCore.xcodeproj/project.pbxproj:

2018-03-19  Tim Horton  <timothy_horton@apple.com>

        Apply some SDK checks in LocalDefaultSystemAppearance
        https://bugs.webkit.org/show_bug.cgi?id=183767
        <rdar://problem/38649611>

        Reviewed by Zalan Bujtas.

        * platform/mac/LocalDefaultSystemAppearance.h:
        * platform/mac/LocalDefaultSystemAppearance.mm:
        (WebCore::LocalDefaultSystemAppearance::LocalDefaultSystemAppearance):
        (WebCore::LocalDefaultSystemAppearance::~LocalDefaultSystemAppearance):

2018-03-19  Chris Dumez  <cdumez@apple.com>

        Have one service worker process per security origin
        https://bugs.webkit.org/show_bug.cgi?id=183600
        <rdar://problem/35280128>

        Reviewed by Brady Eidson.

        Split service workers from different origins into their own processes
        for security reasons.

        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::addRegistrationFromStore):
        (WebCore::SWServer::clear):
        (WebCore::SWServer::tryInstallContextData):
        (WebCore::SWServer::serverToContextConnectionCreated):
        (WebCore::SWServer::installContextData):
        (WebCore::SWServer::runServiceWorkerIfNecessary):
        (WebCore::SWServer::markAllWorkersAsTerminated):
        * workers/service/server/SWServer.h:
        * workers/service/server/SWServerToContextConnection.cpp:
        (WebCore::SWServerToContextConnection::SWServerToContextConnection):
        (WebCore::SWServerToContextConnection::~SWServerToContextConnection):
        (WebCore::SWServerToContextConnection::connectionForOrigin):
        * workers/service/server/SWServerToContextConnection.h:
        (WebCore::SWServerToContextConnection::origin):
        * workers/service/server/SWServerWorker.cpp:
        (WebCore::SWServerWorker::SWServerWorker):
        (WebCore::SWServerWorker::securityOrigin const):
        (WebCore::SWServerWorker::contextConnection):
        * workers/service/server/SWServerWorker.h:

2018-03-19  Megan Gardner  <megan_gardner@apple.com>

        Have select element respect current appearance
        https://bugs.webkit.org/show_bug.cgi?id=183753

        Reviewed by Tim Horton.

        Not currently testable, will add tests in a later patch.

        Have the menu lists/select elements follow the system colors.

        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::adjustMenuListStyle const):

2018-03-19  Nan Wang  <n_wang@apple.com>

        AX: embedded attachments do not work correctly with text marker APIs on macOS
        https://bugs.webkit.org/show_bug.cgi?id=183751

        Reviewed by Chris Fleizach.

        In WebKit1, embedded attachments are not working well with text marker APIs.
        We should use the corresponding attachment view in the following cases:
        1. Hit testing on an attachment object.
        2. Getting the attachment object at a text marker position.
        3. Asking for the associated element with NSAccessibilityAttachmentTextAttribute. 

        Not able to construct a layout test because it relies on embedded attachments.

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (AXAttributeStringSetElement):
        (-[WebAccessibilityObjectWrapper accessibilityHitTest:]):
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):

2018-03-19  Jiewen Tan  <jiewen_tan@apple.com>

        Unreviewed, another quick fix for r229699

        Restricts ENABLE_WEB_AUTHN to only macOS and iOS.

        * Configurations/FeatureDefines.xcconfig:

2018-03-19  Daniel Bates  <dabates@apple.com>

        Fix case of Strong Password localized string

        * English.lproj/Localizable.strings:
        * platform/LocalizedStrings.cpp:
        (WebCore::autoFillStrongPasswordLabel):

2018-03-19  Chris Dumez  <cdumez@apple.com>

        WebKit.WebsitePoliciesAutoplayQuirks API test times out with async policy delegates
        https://bugs.webkit.org/show_bug.cgi?id=183702
        <rdar://problem/38566060>

        Reviewed by Alex Christensen.

        The issue is that the test calls loadHTMLString then loadRequest right after, without
        waiting for the first load to complete first. loadHTMLString is special as it relies
        on substitute data and which schedules a timer to commit the data. When doing the
        navigation policy check for the following loadRequest(), the substitute data timer
        would fire and commit its data and load. This would in turn cancel the pending
        navigation policy check for the loadRequest().

        With sync policy delegates, this is not an issue because we take care of stopping
        all loaders when receiving the policy decision, which happens synchronously. However,
        when the policy decision happens asynchronously, the pending substitute data load
        does not get cancelled in time and it gets committed.

        To address the issue, we now cancel any pending provisional load before doing the
        navigation policy check.

        Test: fast/loader/inner-iframe-loads-data-url-into-parent-on-unload-crash-async-delegate.html

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::clearProvisionalLoadForPolicyCheck):
        * loader/FrameLoader.h:
        * loader/PolicyChecker.cpp:
        (WebCore::PolicyChecker::checkNavigationPolicy):
        Cancel any pending provisional load before starting the navigation policy check. This call
        needs to be here rather than in the call site of policyChecker().checkNavigationPolicy()
        because there is code in PolicyChecker::checkNavigationPolicy() which relies on
        FrameLoader::activeDocumentLoader().
        Also, we only cancel the provisional load if there is a policy document loader. In some
        rare cases (when we receive a redirect after navigation policy has been decided for the
        initial request), the provisional document loader needs to receive navigation policy
        decisions so we cannot clear the provisional document loader in such case.

2018-03-19  Eric Carlson  <eric.carlson@apple.com>

        [Extra zoom mode] Require fullscreen for video playback
        https://bugs.webkit.org/show_bug.cgi?id=183742
        <rdar://problem/38235862>

        Reviewed by Jer Noble.

        * Modules/modern-media-controls/media/playback-support.js:
        (PlaybackSupport.prototype.syncControl): Always show the play button.
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::updatePlayState): Return immediately if playback requires fullscreen
        (WebCore::HTMLMediaElement::didBecomeFullscreenElement): Call updatePlayState in case 
        playback is pending.
        * html/HTMLMediaElement.h:
        * platform/cocoa/VideoFullscreenModel.h:
        (WebCore::VideoFullscreenModel::presentingViewController): New.
        (WebCore::VideoFullscreenModel::createVideoFullscreenViewController): New.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerLayer):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenMode):
        * platform/ios/PlaybackSessionInterfaceAVKit.mm:
        (WebCore::PlaybackSessionInterfaceAVKit::seekableRangesChanged):

        * platform/ios/VideoFullscreenInterfaceAVKit.h:
        * platform/ios/VideoFullscreenInterfaceAVKit.mm: Wrap AVPlayerLayerView so we can change its
        behavior.
        (WebAVPlayerLayerView_playerLayer):
        (WebAVPlayerLayerView_videoView):
        (allocWebAVPlayerLayerViewInstance):
        (-[WebAVPlayerViewController initWithFullscreenInterface:]):
        (-[WebAVPlayerViewController playerViewControllerShouldHandleDoneButtonTap:]):
        (-[WebAVPlayerViewController enterFullScreenAnimated:completionHandler:]):
        (-[WebAVPlayerViewController exitFullScreenAnimated:completionHandler:]):
        (-[WebAVPlayerViewController NO_RETURN_DUE_TO_ASSERT]):
        (-[WebAVPlayerViewController isPictureInPicturePossible]):
        (-[WebAVPlayerViewController isPictureInPictureActive]):
        (-[WebAVPlayerViewController isPictureInPictureSuspended]):
        (-[WebAVPlayerViewController pictureInPictureActive]):
        (-[WebAVPlayerViewController pictureInPictureWasStartedWhenEnteringBackground]):
        (-[WebAVPlayerViewController view]):
        (-[WebAVPlayerViewController showsPlaybackControls]):
        (-[WebAVPlayerViewController setShowsPlaybackControls:]):
        (-[WebAVPlayerViewController setAllowsPictureInPicturePlayback:]):
        (-[WebAVPlayerViewController setDelegate:]):
        (-[WebAVPlayerViewController setPlayerController:]):
        (-[WebAVPlayerViewController avPlayerViewController]):
        (-[WebAVPlayerViewController removeFromParentViewController]):
        (VideoFullscreenInterfaceAVKit::setupFullscreen):
        (fallbackViewController):
        (VideoFullscreenInterfaceAVKit::presentingViewController):
        (VideoFullscreenInterfaceAVKit::shouldExitFullscreenWithReason):
        (VideoFullscreenInterfaceAVKit::doSetup):
        (WebCore::supportsPictureInPicture):

2018-03-19  Per Arne Vollan  <pvollan@apple.com>

        When the WebContent process is blocked from accessing the WindowServer, the call CVDisplayLinkCreateWithCGDisplay will fail.
        https://bugs.webkit.org/show_bug.cgi?id=183604
        <rdar://problem/38305109>

        Reviewed by Brent Fulgham.

        The call to CVDisplayLinkCreateWithCGDisplay can instead be made in the UIProcess. Notify the WebContent process
        about display updates by sending a message from the UIProcess on each screen update. This patch adds an extra
        IPC step when notifying the WebContent process about display updates. However, the MotionMark benchmark shows no
        performance regression when running it with this patch. A possible explanation for this is that the high priority
        display link thread is now running in the UIProcess instead of the WebContent process, which means there will be
        more available CPU resources for the WebContent process. A run loop observer is added to make sure that only one
        display callback (for each display observer) is executed in a single iteration of the run loop. This will make
        sure we are not filling the IPC message queue with unhandled display link messages.

        No new tests, covered by existing tests. 

        * platform/graphics/DisplayRefreshMonitor.h:
        (WebCore::DisplayRefreshMonitor::displayLinkFired):
        * platform/graphics/DisplayRefreshMonitorManager.cpp:
        (WebCore::DisplayRefreshMonitorManager::displayWasUpdated):
        * platform/graphics/DisplayRefreshMonitorManager.h:
        * platform/graphics/mac/DisplayRefreshMonitorMac.h:

2018-03-19  Megan Gardner  <megan_gardner@apple.com>

        Ensure local appearance actually mirrors the app's appearance
        https://bugs.webkit.org/show_bug.cgi?id=183743

        Reviewed by Tim Horton.

        Not currently testable, will add tests in a later patch.

        Current appearance isn't always accurate by default and needs to be set manually.

        * platform/mac/LocalDefaultSystemAppearance.mm:
        (WebCore::LocalDefaultSystemAppearance::LocalDefaultSystemAppearance):

2018-03-19  Zan Dobersek  <zdobersek@igalia.com>

        Unreviewed GCC 4.9 build-fix after r229672.

        * platform/graphics/nicosia/cairo/NicosiaCairoOperationRecorder.cpp:
        (Nicosia::createCommand): Don't depend on implicit conversion of the
        returning std::unique_ptr<> object, and instead only wrap the
        heap-allocated PaintingOperation-derived in a std::unique_ptr<> at the
        point of return.

2018-03-18  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r229689.
        https://bugs.webkit.org/show_bug.cgi?id=183735

        Causes fast/loader/inner-iframe-loads-data-url-into-parent-on-
        unload-crash.html to fail with async delegates (Requested by
        cdumez_ on #webkit).

        Reverted changeset:

        "WebKit.WebsitePoliciesAutoplayQuirks API test times out with
        async policy delegates"
        https://bugs.webkit.org/show_bug.cgi?id=183702
        https://trac.webkit.org/changeset/229689

2018-03-17  Tim Horton  <timothy_horton@apple.com>

        Correct redefined fnfErr type
        https://bugs.webkit.org/show_bug.cgi?id=183728
        <rdar://problem/38590063>

        Reviewed by Dan Bernstein.

        * platform/network/cf/FormDataStreamCFNet.cpp:
        CFStreamError's error parameter takes a SInt32, not an int.
        Make sure our redefinition has a compatible type.

2018-03-17  Jiewen Tan  <jiewen_tan@apple.com>

        [WebAuthN] Implement authenticatorMakeCredential
        https://bugs.webkit.org/show_bug.cgi?id=183527
        <rdar://problem/35275886>

        Reviewed by Brent Fulgham.

        This patch does the following few things:
        1) It implements the authenticatorMakeCredential logic from the spec: https://www.w3.org/TR/webauthn/#op-make-cred.
        2) It tweaks enocding and deocding of PublicKeyCredentialCreationOptions between UIProccess and WebProcess.
        3) It soft links LocalAuthentication.Framework to WebCore, which was linked to WebKit.
        4) It creates SPI header for DeviceIdentity.Framework, and provides stubs to link it to WebCore.

        Here is a detailed explanantion of 1):
        1. A helper class called LocalAuthenticator is crafted to represent Apple platform attached authenticator, i.e.
        the devices themselves. All operations are currently restricted to iOS at this moment as macOS lacks attestation
        support.
        2. To do testing, this helper class is then moved from WebKit to WebCore even though all operations can only happens
        in the UIProcess. We currently lack the ability to pretend a https environment in TestWebKitAPI which is required by
        the WebAuthN API, and thus it is moved to WebCore to perform unit tesing flavor API tests. This is not enough as it
        can't test message exchange between the UI and Web processes. We will address this in a subsequent patch.
        3. More on testing: The attestation process is abstracted into a protected method such that the testing enviroment can
        override it with self attestation as network access is restricted in the WebKit testing enviroment. Also, swizzlers of
        LocalAuthentication API are provided to override the behavoir of LAContext.
        4. More on testing: The actual Apple attestation can only happen in real device and with network access, therefore
        it can only be covered by manual tests at this moment.
        5. Back to LocalAuthenticator, it currently has two public methods:
                5.1. makeCredential(): This method is the one does all the magic.
                + It first checks some parameters.
                + It then invokes LAContext to get user consent.
                + It then talks to Apple Attestation Privacy CA to do attestations.
                + It then stores necessary information into the Keychain.
                + Finally it generates the attestation object.
                5.2 isAvailable():
                To check if a LocalAuthenticator is available or not.
        6. Even though files are of .mm format, they are written in a way that mixes NS, CF and C++ types. Here is the rule:
                6.1 Use CF type only if it is requested by APIs.
                6.2 Use NS type to manipulate all Objc objects.
                6.3 Use C++ otherwise.

        Covered by API tests.

        * Configurations/WebCore.xcconfig:
        * Modules/credentialmanagement/CredentialsMessenger.cpp:
        (WebCore::getIdFromAttestationObject): Deleted.
        Decoding attestation object is tedious. UIProcess will instead return credential ID and attestation object
        at the same time. Therefore, this method is removed.
        * Modules/credentialmanagement/CredentialsMessenger.h:
        (WebCore::CreationReturnBundle::CreationReturnBundle): Deleted.
        (WebCore::AssertionReturnBundle::AssertionReturnBundle): Deleted.
        * Modules/webauthn/COSEConstants.h: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredentialType.h.
        * Modules/webauthn/PublicKeyCredentialCreationOptions.h:
        (WebCore::PublicKeyCredentialCreationOptions::isolatedPartialCopyPtr const):
        (WebCore::PublicKeyCredentialCreationOptions::Parameters::encode const):
        (WebCore::PublicKeyCredentialCreationOptions::Parameters::decode):
        (WebCore::PublicKeyCredentialCreationOptions::encode const):
        (WebCore::PublicKeyCredentialCreationOptions::decode):
        * Modules/webauthn/PublicKeyCredentialDescriptor.h:
        (WebCore::PublicKeyCredentialDescriptor::encode const):
        (WebCore::PublicKeyCredentialDescriptor::decode):
        * Modules/webauthn/PublicKeyCredentialType.h:
        * Modules/webauthn/cocoa/LocalAuthenticator.h: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredentialCreationOptions.h.
        * Modules/webauthn/cocoa/LocalAuthenticator.mm: Added.
        (WebCore::LocalAuthenticatorInternal::freePtrs):
        (WebCore::LocalAuthenticator::makeCredential const):
        (WebCore::LocalAuthenticator::isAvailable const):
        (WebCore::LocalAuthenticator::issueClientCertificate const):
        * SourcesCocoa.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/cocoa/LocalAuthenticationSoftLink.h: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredentialType.h.
        * platform/cocoa/LocalAuthenticationSoftLink.mm: Added.
        * testing/MockCredentialsMessenger.cpp:
        (WebCore::MockCredentialsMessenger::setCreationReturnBundle):
        (WebCore::MockCredentialsMessenger::makeCredential):
        (WebCore::MockCredentialsMessenger::makeCredentialReply):
        (WebCore::MockCredentialsMessenger::setAttestationObject): Deleted.
        * testing/MockCredentialsMessenger.h:
        * testing/MockCredentialsMessenger.idl:

2018-03-16  Brent Fulgham  <bfulgham@apple.com>

        Correct debug assertion in Range::borderAndTextRects
        https://bugs.webkit.org/show_bug.cgi?id=183710
        <rdar://problem/38466976>

        Reviewed by Ryosuke Niwa.

        A debug assertion will fire if Range::borderAndTextRects is asked to evaluate a set of selected elements, where one of the elements does not have a parent.

        We should consider a nullptr parent as satisfying the condition of a parent not being present in the selection set.

        Tests: fast/dom/range/range-selection-empty-body.html

        * dom/Range.cpp:
        (WebCore::Range::borderAndTextRects const):

2018-03-15  Filip Pizlo  <fpizlo@apple.com>

        Put the DOM in IsoHeaps
        https://bugs.webkit.org/show_bug.cgi?id=183546

        Reviewed by Daniel Bates.

        No new tests because no change in behavior.
        
        This puts all descendants of WebCore::Node in isoheaps, so that UAFs on the DOM cannot be
        used for RCE attacks. This probably also makes it harder to use UAFs for UXSS, since it means
        that DOM UAFs cannot be used for universal read gadgets.
        
        This looks neutral on Speedometer and membuster, though I did have one round of testing
        that led me to believe that membuster was regressed - I just wasn't able to reproduce that
        result on subsequent testing.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * dom/Attr.cpp:
        * dom/Attr.h:
        * dom/CDATASection.cpp:
        * dom/CDATASection.h:
        * dom/CharacterData.cpp:
        * dom/CharacterData.h:
        * dom/Comment.cpp:
        * dom/Comment.h:
        * dom/ContainerNode.cpp:
        * dom/ContainerNode.h:
        * dom/Document.cpp:
        * dom/Document.h:
        * dom/DocumentFragment.cpp:
        * dom/DocumentFragment.h:
        * dom/DocumentType.cpp:
        * dom/DocumentType.h:
        * dom/Node.cpp:
        * dom/Node.h:
        * dom/ProcessingInstruction.cpp:
        * dom/ProcessingInstruction.h:
        * dom/PseudoElement.cpp:
        * dom/PseudoElement.h:
        * dom/ShadowRoot.cpp:
        * dom/ShadowRoot.h:
        * dom/StyledElement.cpp:
        * dom/StyledElement.h:
        * dom/TemplateContentDocumentFragment.cpp: Added.
        * dom/TemplateContentDocumentFragment.h:
        * dom/Text.cpp:
        * dom/Text.h:
        * dom/XMLDocument.cpp: Added.
        * dom/XMLDocument.h:
        * html/FTPDirectoryDocument.cpp:
        * html/FTPDirectoryDocument.h:
        * html/FileInputType.cpp:
        * html/HTMLAnchorElement.cpp:
        * html/HTMLAnchorElement.h:
        * html/HTMLAppletElement.cpp:
        * html/HTMLAppletElement.h:
        * html/HTMLAreaElement.cpp:
        * html/HTMLAreaElement.h:
        * html/HTMLAttachmentElement.cpp:
        * html/HTMLAttachmentElement.h:
        * html/HTMLBDIElement.cpp: Added.
        * html/HTMLBDIElement.h:
        * html/HTMLBRElement.cpp:
        * html/HTMLBRElement.h:
        * html/HTMLBaseElement.cpp:
        * html/HTMLBaseElement.h:
        * html/HTMLBodyElement.cpp:
        * html/HTMLBodyElement.h:
        * html/HTMLButtonElement.cpp:
        * html/HTMLButtonElement.h:
        * html/HTMLCanvasElement.cpp:
        * html/HTMLCanvasElement.h:
        * html/HTMLDListElement.cpp:
        * html/HTMLDListElement.h:
        * html/HTMLDataElement.cpp:
        * html/HTMLDataElement.h:
        * html/HTMLDataListElement.cpp:
        * html/HTMLDataListElement.h:
        * html/HTMLDetailsElement.cpp:
        * html/HTMLDetailsElement.h:
        * html/HTMLDirectoryElement.cpp:
        * html/HTMLDirectoryElement.h:
        * html/HTMLDivElement.cpp:
        * html/HTMLDivElement.h:
        * html/HTMLDocument.cpp:
        * html/HTMLDocument.h:
        * html/HTMLElement.cpp:
        * html/HTMLElement.h:
        * html/HTMLEmbedElement.cpp:
        * html/HTMLEmbedElement.h:
        * html/HTMLFieldSetElement.cpp:
        * html/HTMLFieldSetElement.h:
        * html/HTMLFontElement.cpp:
        * html/HTMLFontElement.h:
        * html/HTMLFormControlElement.cpp:
        * html/HTMLFormControlElement.h:
        * html/HTMLFormControlElementWithState.cpp:
        * html/HTMLFormControlElementWithState.h:
        * html/HTMLFormElement.cpp:
        * html/HTMLFormElement.h:
        * html/HTMLFrameElement.cpp:
        * html/HTMLFrameElement.h:
        * html/HTMLFrameElementBase.cpp:
        * html/HTMLFrameElementBase.h:
        * html/HTMLFrameOwnerElement.cpp:
        * html/HTMLFrameOwnerElement.h:
        * html/HTMLFrameSetElement.cpp:
        * html/HTMLFrameSetElement.h:
        * html/HTMLHRElement.cpp:
        * html/HTMLHRElement.h:
        * html/HTMLHeadElement.cpp:
        * html/HTMLHeadElement.h:
        * html/HTMLHeadingElement.cpp:
        * html/HTMLHeadingElement.h:
        * html/HTMLHtmlElement.cpp:
        * html/HTMLHtmlElement.h:
        * html/HTMLIFrameElement.cpp:
        * html/HTMLIFrameElement.h:
        * html/HTMLImageElement.cpp:
        * html/HTMLImageElement.h:
        * html/HTMLInputElement.cpp:
        * html/HTMLInputElement.h:
        * html/HTMLKeygenElement.cpp:
        * html/HTMLKeygenElement.h:
        * html/HTMLLIElement.cpp:
        * html/HTMLLIElement.h:
        * html/HTMLLabelElement.cpp:
        * html/HTMLLabelElement.h:
        * html/HTMLLegendElement.cpp:
        * html/HTMLLegendElement.h:
        * html/HTMLLinkElement.cpp:
        * html/HTMLLinkElement.h:
        * html/HTMLMapElement.cpp:
        * html/HTMLMapElement.h:
        * html/HTMLMarqueeElement.cpp:
        * html/HTMLMarqueeElement.h:
        * html/HTMLMenuElement.cpp:
        * html/HTMLMenuElement.h:
        * html/HTMLMenuItemElement.cpp:
        * html/HTMLMenuItemElement.h:
        * html/HTMLMetaElement.cpp:
        * html/HTMLMetaElement.h:
        * html/HTMLMeterElement.cpp:
        * html/HTMLMeterElement.h:
        * html/HTMLModElement.cpp:
        * html/HTMLModElement.h:
        * html/HTMLOListElement.cpp:
        * html/HTMLOListElement.h:
        * html/HTMLObjectElement.cpp:
        * html/HTMLObjectElement.h:
        * html/HTMLOptGroupElement.cpp:
        * html/HTMLOptGroupElement.h:
        * html/HTMLOptionElement.cpp:
        * html/HTMLOptionElement.h:
        * html/HTMLOutputElement.cpp:
        * html/HTMLOutputElement.h:
        * html/HTMLParagraphElement.cpp:
        * html/HTMLParagraphElement.h:
        * html/HTMLParamElement.cpp:
        * html/HTMLParamElement.h:
        * html/HTMLPictureElement.cpp:
        * html/HTMLPictureElement.h:
        * html/HTMLPlugInElement.cpp:
        * html/HTMLPlugInElement.h:
        * html/HTMLPlugInImageElement.cpp:
        * html/HTMLPlugInImageElement.h:
        * html/HTMLPreElement.cpp:
        * html/HTMLPreElement.h:
        * html/HTMLProgressElement.cpp:
        * html/HTMLProgressElement.h:
        * html/HTMLQuoteElement.cpp:
        * html/HTMLQuoteElement.h:
        * html/HTMLScriptElement.cpp:
        * html/HTMLScriptElement.h:
        * html/HTMLSelectElement.cpp:
        * html/HTMLSelectElement.h:
        * html/HTMLSlotElement.cpp:
        * html/HTMLSlotElement.h:
        * html/HTMLSourceElement.cpp:
        * html/HTMLSourceElement.h:
        * html/HTMLSpanElement.cpp:
        * html/HTMLSpanElement.h:
        * html/HTMLStyleElement.cpp:
        * html/HTMLStyleElement.h:
        * html/HTMLSummaryElement.cpp:
        * html/HTMLSummaryElement.h:
        * html/HTMLTableCaptionElement.cpp:
        * html/HTMLTableCaptionElement.h:
        * html/HTMLTableCellElement.cpp:
        * html/HTMLTableCellElement.h:
        * html/HTMLTableColElement.cpp:
        * html/HTMLTableColElement.h:
        * html/HTMLTableElement.cpp:
        * html/HTMLTableElement.h:
        * html/HTMLTablePartElement.cpp:
        * html/HTMLTablePartElement.h:
        * html/HTMLTableRowElement.cpp:
        * html/HTMLTableRowElement.h:
        * html/HTMLTableSectionElement.cpp:
        * html/HTMLTableSectionElement.h:
        * html/HTMLTemplateElement.cpp:
        * html/HTMLTemplateElement.h:
        * html/HTMLTextAreaElement.cpp:
        * html/HTMLTextAreaElement.h:
        * html/HTMLTextFormControlElement.cpp:
        * html/HTMLTextFormControlElement.h:
        * html/HTMLTimeElement.cpp:
        * html/HTMLTimeElement.h:
        * html/HTMLTitleElement.cpp:
        * html/HTMLTitleElement.h:
        * html/HTMLTrackElement.cpp:
        * html/HTMLTrackElement.h:
        * html/HTMLUListElement.cpp:
        * html/HTMLUListElement.h:
        * html/HTMLUnknownElement.cpp: Added.
        * html/HTMLUnknownElement.h:
        * html/HTMLWBRElement.cpp:
        * html/HTMLWBRElement.h:
        * html/ImageDocument.cpp:
        * html/ImageDocument.h:
        * html/LabelableElement.cpp:
        * html/LabelableElement.h:
        * html/MediaController.cpp:
        (MediaController::create): Deleted.
        (MediaController::MediaController): Deleted.
        (MediaController::addMediaElement): Deleted.
        (MediaController::removeMediaElement): Deleted.
        (MediaController::containsMediaElement const): Deleted.
        (MediaController::buffered const): Deleted.
        (MediaController::seekable const): Deleted.
        (MediaController::played): Deleted.
        (MediaController::duration const): Deleted.
        (MediaController::currentTime const): Deleted.
        (MediaController::setCurrentTime): Deleted.
        (MediaController::unpause): Deleted.
        (MediaController::play): Deleted.
        (MediaController::pause): Deleted.
        (MediaController::setDefaultPlaybackRate): Deleted.
        (MediaController::playbackRate const): Deleted.
        (MediaController::setPlaybackRate): Deleted.
        (MediaController::setVolume): Deleted.
        (MediaController::setMuted): Deleted.
        (playbackStateWaiting): Deleted.
        (playbackStatePlaying): Deleted.
        (playbackStateEnded): Deleted.
        (MediaController::playbackState const): Deleted.
        (MediaController::reportControllerState): Deleted.
        (eventNameForReadyState): Deleted.
        (MediaController::updateReadyState): Deleted.
        (MediaController::updatePlaybackState): Deleted.
        (MediaController::updateMediaElements): Deleted.
        (MediaController::bringElementUpToSpeed): Deleted.
        (MediaController::isBlocked const): Deleted.
        (MediaController::hasEnded const): Deleted.
        (MediaController::scheduleEvent): Deleted.
        (MediaController::asyncEventTimerFired): Deleted.
        (MediaController::clearPositionTimerFired): Deleted.
        (MediaController::hasAudio const): Deleted.
        (MediaController::hasVideo const): Deleted.
        (MediaController::hasClosedCaptions const): Deleted.
        (MediaController::setClosedCaptionsVisible): Deleted.
        (MediaController::supportsScanning const): Deleted.
        (MediaController::beginScrubbing): Deleted.
        (MediaController::endScrubbing): Deleted.
        (MediaController::beginScanning): Deleted.
        (MediaController::endScanning): Deleted.
        (MediaController::canPlay const): Deleted.
        (MediaController::isLiveStream const): Deleted.
        (MediaController::hasCurrentSrc const): Deleted.
        (MediaController::returnToRealtime): Deleted.
        (MediaController::startTimeupdateTimer): Deleted.
        (MediaController::scheduleTimeupdateEvent): Deleted.
        * html/MediaDocument.cpp:
        * html/MediaDocument.h:
        * html/PluginDocument.cpp:
        * html/PluginDocument.h:
        * html/RubyElement.cpp:
        * html/RubyElement.h:
        * html/RubyTextElement.cpp:
        * html/RubyTextElement.h:
        * html/TextDocument.cpp:
        * html/TextDocument.h:
        * html/shadow/AutoFillButtonElement.cpp:
        * html/shadow/AutoFillButtonElement.h:
        * html/shadow/DetailsMarkerControl.cpp:
        * html/shadow/DetailsMarkerControl.h:
        * html/shadow/ImageControlsRootElement.cpp:
        * html/shadow/ImageControlsRootElement.h:
        * html/shadow/MediaControlElementTypes.cpp:
        * html/shadow/MediaControlElementTypes.h:
        * html/shadow/MediaControlElements.cpp:
        * html/shadow/MediaControlElements.h:
        * html/shadow/MediaControls.cpp:
        * html/shadow/MediaControls.h:
        * html/shadow/ProgressShadowElement.cpp:
        * html/shadow/ProgressShadowElement.h:
        * html/shadow/SliderThumbElement.cpp:
        * html/shadow/SliderThumbElement.h:
        * html/shadow/SpinButtonElement.cpp:
        * html/shadow/SpinButtonElement.h:
        * html/shadow/TextControlInnerElements.cpp:
        * html/shadow/TextControlInnerElements.h:
        * html/shadow/YouTubeEmbedShadowElement.cpp:
        * html/shadow/YouTubeEmbedShadowElement.h:
        * html/shadow/mac/ImageControlsButtonElementMac.cpp:
        * html/shadow/mac/ImageControlsButtonElementMac.h:
        * html/shadow/mac/ImageControlsRootElementMac.cpp:
        * html/shadow/mac/ImageControlsRootElementMac.h:
        * html/track/TextTrackCueGeneric.cpp:
        * html/track/VTTCue.cpp:
        * html/track/VTTCue.h:
        * html/track/WebVTTElement.cpp:
        * html/track/WebVTTElement.h:
        * loader/SinkDocument.cpp:
        * loader/SinkDocument.h:
        * mathml/MathMLAnnotationElement.cpp:
        * mathml/MathMLAnnotationElement.h:
        * mathml/MathMLElement.cpp:
        * mathml/MathMLElement.h:
        * mathml/MathMLFractionElement.cpp:
        * mathml/MathMLFractionElement.h:
        * mathml/MathMLMathElement.cpp:
        * mathml/MathMLMathElement.h:
        * mathml/MathMLMencloseElement.cpp:
        * mathml/MathMLMencloseElement.h:
        * mathml/MathMLOperatorElement.cpp:
        * mathml/MathMLOperatorElement.h:
        * mathml/MathMLPaddedElement.cpp:
        * mathml/MathMLPaddedElement.h:
        * mathml/MathMLPresentationElement.cpp:
        * mathml/MathMLPresentationElement.h:
        * mathml/MathMLRootElement.cpp:
        * mathml/MathMLRootElement.h:
        * mathml/MathMLRowElement.cpp:
        * mathml/MathMLRowElement.h:
        * mathml/MathMLScriptsElement.cpp:
        * mathml/MathMLScriptsElement.h:
        * mathml/MathMLSelectElement.cpp:
        * mathml/MathMLSelectElement.h:
        * mathml/MathMLSpaceElement.cpp:
        * mathml/MathMLSpaceElement.h:
        * mathml/MathMLTokenElement.cpp:
        * mathml/MathMLTokenElement.h:
        * mathml/MathMLUnderOverElement.cpp:
        * mathml/MathMLUnderOverElement.h:
        * mathml/MathMLUnknownElement.cpp: Added.
        * mathml/MathMLUnknownElement.h:
        * svg/SVGAElement.cpp:
        * svg/SVGAElement.h:
        * svg/SVGAltGlyphDefElement.cpp:
        * svg/SVGAltGlyphDefElement.h:
        * svg/SVGAltGlyphElement.cpp:
        * svg/SVGAltGlyphElement.h:
        * svg/SVGAltGlyphItemElement.cpp:
        * svg/SVGAltGlyphItemElement.h:
        * svg/SVGAnimateColorElement.cpp:
        * svg/SVGAnimateColorElement.h:
        * svg/SVGAnimateElement.cpp:
        * svg/SVGAnimateElement.h:
        * svg/SVGAnimateElementBase.cpp:
        * svg/SVGAnimateElementBase.h:
        * svg/SVGAnimateMotionElement.cpp:
        * svg/SVGAnimateMotionElement.h:
        * svg/SVGAnimateTransformElement.cpp:
        * svg/SVGAnimateTransformElement.h:
        * svg/SVGAnimationElement.cpp:
        * svg/SVGAnimationElement.h:
        * svg/SVGCircleElement.cpp:
        * svg/SVGCircleElement.h:
        * svg/SVGClipPathElement.cpp:
        * svg/SVGClipPathElement.h:
        * svg/SVGComponentTransferFunctionElement.cpp:
        * svg/SVGComponentTransferFunctionElement.h:
        * svg/SVGCursorElement.cpp:
        * svg/SVGCursorElement.h:
        * svg/SVGDefsElement.cpp:
        * svg/SVGDefsElement.h:
        * svg/SVGDescElement.cpp:
        * svg/SVGDescElement.h:
        * svg/SVGDocument.cpp:
        * svg/SVGDocument.h:
        * svg/SVGElement.cpp:
        * svg/SVGElement.h:
        * svg/SVGEllipseElement.cpp:
        * svg/SVGEllipseElement.h:
        * svg/SVGFEBlendElement.cpp:
        * svg/SVGFEBlendElement.h:
        * svg/SVGFEColorMatrixElement.cpp:
        * svg/SVGFEColorMatrixElement.h:
        * svg/SVGFEComponentTransferElement.cpp:
        * svg/SVGFEComponentTransferElement.h:
        * svg/SVGFECompositeElement.cpp:
        * svg/SVGFECompositeElement.h:
        * svg/SVGFEConvolveMatrixElement.cpp:
        * svg/SVGFEConvolveMatrixElement.h:
        * svg/SVGFEDiffuseLightingElement.cpp:
        * svg/SVGFEDiffuseLightingElement.h:
        * svg/SVGFEDisplacementMapElement.cpp:
        * svg/SVGFEDisplacementMapElement.h:
        * svg/SVGFEDropShadowElement.cpp:
        * svg/SVGFEDropShadowElement.h:
        * svg/SVGFEFloodElement.cpp:
        * svg/SVGFEFloodElement.h:
        * svg/SVGFEGaussianBlurElement.cpp:
        * svg/SVGFEGaussianBlurElement.h:
        * svg/SVGFEImageElement.cpp:
        * svg/SVGFEImageElement.h:
        * svg/SVGFELightElement.cpp:
        * svg/SVGFELightElement.h:
        * svg/SVGFEMergeElement.cpp:
        * svg/SVGFEMergeElement.h:
        * svg/SVGFEMergeNodeElement.cpp:
        * svg/SVGFEMergeNodeElement.h:
        * svg/SVGFEMorphologyElement.cpp:
        * svg/SVGFEMorphologyElement.h:
        * svg/SVGFEOffsetElement.cpp:
        * svg/SVGFEOffsetElement.h:
        * svg/SVGFESpecularLightingElement.cpp:
        * svg/SVGFESpecularLightingElement.h:
        * svg/SVGFETileElement.cpp:
        * svg/SVGFETileElement.h:
        * svg/SVGFETurbulenceElement.cpp:
        * svg/SVGFETurbulenceElement.h:
        * svg/SVGFilterElement.cpp:
        * svg/SVGFilterElement.h:
        * svg/SVGFilterPrimitiveStandardAttributes.cpp:
        * svg/SVGFilterPrimitiveStandardAttributes.h:
        * svg/SVGFontFaceElement.cpp:
        * svg/SVGFontFaceElement.h:
        * svg/SVGFontFaceFormatElement.cpp:
        * svg/SVGFontFaceFormatElement.h:
        * svg/SVGFontFaceNameElement.cpp:
        * svg/SVGFontFaceNameElement.h:
        * svg/SVGFontFaceSrcElement.cpp:
        * svg/SVGFontFaceSrcElement.h:
        * svg/SVGFontFaceUriElement.cpp:
        * svg/SVGFontFaceUriElement.h:
        * svg/SVGForeignObjectElement.cpp:
        * svg/SVGForeignObjectElement.h:
        * svg/SVGGElement.cpp:
        * svg/SVGGElement.h:
        * svg/SVGGlyphElement.cpp:
        * svg/SVGGlyphElement.h:
        * svg/SVGGlyphRefElement.cpp:
        * svg/SVGGlyphRefElement.h:
        * svg/SVGGradientElement.cpp:
        * svg/SVGGradientElement.h:
        * svg/SVGGraphicsElement.cpp:
        * svg/SVGGraphicsElement.h:
        * svg/SVGHKernElement.cpp:
        * svg/SVGHKernElement.h:
        * svg/SVGImageElement.cpp:
        * svg/SVGImageElement.h:
        * svg/SVGLineElement.cpp:
        * svg/SVGLineElement.h:
        * svg/SVGLinearGradientElement.cpp:
        * svg/SVGLinearGradientElement.h:
        * svg/SVGMPathElement.cpp:
        * svg/SVGMPathElement.h:
        * svg/SVGMarkerElement.cpp:
        * svg/SVGMarkerElement.h:
        * svg/SVGMaskElement.cpp:
        * svg/SVGMaskElement.h:
        * svg/SVGMetadataElement.cpp:
        * svg/SVGMetadataElement.h:
        * svg/SVGMissingGlyphElement.cpp:
        * svg/SVGMissingGlyphElement.h:
        * svg/SVGPathElement.cpp:
        * svg/SVGPathElement.h:
        * svg/SVGPatternElement.cpp:
        * svg/SVGPatternElement.h:
        * svg/SVGPolyElement.cpp:
        * svg/SVGPolyElement.h:
        * svg/SVGPolygonElement.cpp:
        * svg/SVGPolygonElement.h:
        * svg/SVGPolylineElement.cpp:
        * svg/SVGPolylineElement.h:
        * svg/SVGRadialGradientElement.cpp:
        * svg/SVGRadialGradientElement.h:
        * svg/SVGRectElement.cpp:
        * svg/SVGRectElement.h:
        * svg/SVGSVGElement.cpp:
        * svg/SVGSVGElement.h:
        * svg/SVGScriptElement.cpp:
        * svg/SVGScriptElement.h:
        * svg/SVGSetElement.cpp:
        * svg/SVGSetElement.h:
        * svg/SVGStopElement.cpp:
        * svg/SVGStopElement.h:
        * svg/SVGStyleElement.cpp:
        * svg/SVGStyleElement.h:
        * svg/SVGSwitchElement.cpp:
        * svg/SVGSwitchElement.h:
        * svg/SVGSymbolElement.cpp:
        * svg/SVGSymbolElement.h:
        * svg/SVGTRefElement.cpp:
        * svg/SVGTRefElement.h:
        * svg/SVGTSpanElement.cpp:
        * svg/SVGTSpanElement.h:
        * svg/SVGTextContentElement.cpp:
        * svg/SVGTextContentElement.h:
        * svg/SVGTextElement.cpp:
        * svg/SVGTextElement.h:
        * svg/SVGTextPathElement.cpp:
        * svg/SVGTextPathElement.h:
        * svg/SVGTextPositioningElement.cpp:
        * svg/SVGTextPositioningElement.h:
        * svg/SVGTitleElement.cpp:
        * svg/SVGTitleElement.h:
        * svg/SVGUnknownElement.cpp: Added.
        * svg/SVGUnknownElement.h:
        * svg/SVGUseElement.cpp:
        * svg/SVGUseElement.h:
        * svg/SVGVKernElement.cpp:
        * svg/SVGVKernElement.h:
        * svg/SVGViewElement.cpp:
        * svg/SVGViewElement.h:
        * svg/animation/SVGSMILElement.cpp:
        * svg/animation/SVGSMILElement.h:

2018-03-16  Youenn Fablet  <youenn@apple.com>

        Ensure Document::responseReceived and clearResource are called on the main thread
        https://bugs.webkit.org/show_bug.cgi?id=183709

        Reviewed by Chris Dumez.

        No change of behavior.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::responseReceived):
        (WebCore::DocumentLoader::clearMainResource):

2018-03-16  Chris Dumez  <cdumez@apple.com>

        WebKit.WebsitePoliciesAutoplayQuirks API test times out with async policy delegates
        https://bugs.webkit.org/show_bug.cgi?id=183702

        Reviewed by Alex Christensen.

        The issue is that the test calls loadHTMLString then loadRequest right after, without
        waiting for the first load to complete first. loadHTMLString is special as it relies
        on substitute data and which schedules a timer to commit the data. When doing the
        navigation policy check for the following loadRequest(), the substitute data timer
        would fire and commit its data and load. This would in turn cancel the pending
        navigation policy check for the loadRequest().

        With sync policy delegates, this is not an issue because we take care of stopping
        all loaders when receiving the policy decision, which happens synchronously. However,
        when the policy decision happens asynchronously, the pending substitute data load
        does not get cancelled in time and it gets committed.

        To address the issue, this patch updates loadWithDocumentLoader() to cancel any
        provisional load when there is an asynchronous navigation policy decision pending.

        Change covered by new API test.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadWithDocumentLoader):

2018-03-16  Brent Fulgham  <bfulgham@apple.com>

        Set a trap to catch an infrequent form-related nullptr crash
        https://bugs.webkit.org/show_bug.cgi?id=183704
        <rdar://problem/37579354>

        Reviewed by Ryosuke Niwa.

        Make FormState a FrameDestructionObserver. We expect all relevant FormState objects to have been
        cleaned up prior to the frame being destroyed. If we find such a case, we'd like to see the
        stack trace to see what's going on.

        * loader/FormState.cpp:
        (WebCore::FormState::FormState):
        (WebCore::FormState::willDetachPage): RELEASE_ASSERT_NOT_REACHED if we ever get here.
        * loader/FormState.h:

2018-03-16  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: AccessibilityNodeObject::textForLabelElement() doesn't follow AccName calculation rules
        https://bugs.webkit.org/show_bug.cgi?id=183661

        Reviewed by Chris Fleizach.

        Have AccessibilityNodeObject::textForLabelElement() return the value from
        accessibleNameForNode() instead of innerText(). The former falls back on
        the latter if there is no author-provided accessible name.

        Tests: accessibility/aria-label-on-label-element.html
               accessibility/label-with-pseudo-elements.html

        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::AccessibilityNodeObject::textForLabelElement const):
        (WebCore::AccessibilityNodeObject::titleElementText const):

2018-03-16  Basuke Suzuki  <Basuke.Suzuki@sony.com>

        [Curl] Fix crash on websocket with bad handshake message.
        https://bugs.webkit.org/show_bug.cgi?id=183686

        Reviewed by Youenn Fablet.

        The closing cleanup was called multiple times. Add flag to detect
        it is already closed or not.

        No new tests because it is covered by existing test:
        - LayoutTests/http/tests/websocket/tests/hybi/bad-handshake-crash.html

        * platform/network/curl/SocketStreamHandleImpl.h:
        * platform/network/curl/SocketStreamHandleImplCurl.cpp:
        (WebCore::SocketStreamHandleImpl::platformClose):
        (WebCore::SocketStreamHandleImpl::didReceiveData):

2018-03-16  Jer Noble  <jer.noble@apple.com>

        Make Fullscreen API an Experimental Feature
        https://bugs.webkit.org/show_bug.cgi?id=183662

        Reviewed by Jon Lee.

        The Fullscreen APIs should be guarded by a Setting, so they are not present in the DOM when the
        Experimental Feature is disabled.

        * dom/Document.idl:
        * dom/Element.idl:

2018-03-16  Megan Gardner  <megan_gardner@apple.com>

        Ensure that style is updated when the effective appearance changes
        https://bugs.webkit.org/show_bug.cgi?id=183690
        <rdar://problem/38385900>

        Reviewed by Tim Horton and Wenson Hsieh.

        Only exposing a function to outside WebCore, no tests needed.

        * page/Page.h:

2018-03-16  Chris Dumez  <cdumez@apple.com>

        WebKit.RestoreSessionStateContainingScrollRestorationDefault API test is failing with async policy delegates
        https://bugs.webkit.org/show_bug.cgi?id=183679

        Reviewed by Alex Christensen.

        Update CachedRawResource::didAddClient() to not send data until we've received
        the policy decision for the response.

        No new tests, covered by new API test.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::handleSubstituteDataLoadNow):
        (WebCore::DocumentLoader::responseReceived):
        * loader/DocumentLoader.h:
        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::responseReceived):
        * loader/DocumentThreadableLoader.h:
        * loader/MediaResourceLoader.cpp:
        (WebCore::MediaResource::responseReceived):
        * loader/MediaResourceLoader.h:
        * loader/appcache/ApplicationCacheResourceLoader.cpp:
        (WebCore::ApplicationCacheResourceLoader::responseReceived):
        * loader/appcache/ApplicationCacheResourceLoader.h:
        * loader/cache/CachedRawResource.cpp:
        (WebCore::CachedRawResource::didAddClient):
        (WebCore::CachedRawResource::responseReceived):
        * loader/cache/CachedRawResourceClient.h:
        (WebCore::CachedRawResourceClient::responseReceived):
        * loader/cache/KeepaliveRequestTracker.cpp:
        (WebCore::KeepaliveRequestTracker::responseReceived):
        * loader/cache/KeepaliveRequestTracker.h:
        * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.h:
        * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
        (WebCore::WebCoreAVFResourceLoader::responseReceived):

2018-03-16  Youenn Fablet  <youenn@apple.com>

        Name Service Worker threads differently from regular Worker threads
        https://bugs.webkit.org/show_bug.cgi?id=183698

        Reviewed by Chris Dumez.

        No observable change of behavior.
        For debugging purposes, knowing that a thread is a service worker thread might help give context.
        It might also identify on a crash log whether the process is a service worker process or a regular web process.

        * workers/WorkerThread.cpp:
        (WebCore::WorkerThread::start):
        * workers/WorkerThread.h:
        (WebCore::WorkerThread::isServiceWorkerThread const):
        * workers/service/context/ServiceWorkerThread.h:

2018-03-16  Youenn Fablet  <youenn@apple.com>

        IceCandidates leak on webrtc/datachannel/basic.html and other tests
        https://bugs.webkit.org/show_bug.cgi?id=183676
        <rdar://problem/36116228>

        Reviewed by Eric Carlson.

        Covered by manual testing using --leaks option on WK1.
        WebKit should not release the candidates since libwebrtc is not taking ownership.

        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
        (WebCore::LibWebRTCPeerConnectionBackend::doSetLocalDescription):
        (WebCore::LibWebRTCPeerConnectionBackend::doSetRemoteDescription):

2018-03-16  Zan Dobersek  <zdobersek@igalia.com>

        [Nicosia] Add Cairo-specific GraphicsContext operation recorder
        https://bugs.webkit.org/show_bug.cgi?id=183593

        Reviewed by Carlos Garcia Campos.

        Add Nicosia::CairoOperationRecorder, GraphicsContextImpl implementation
        that records all GraphicsContext operations for deferred replay on a
        different thread. Recording here mostly consists of storing all the
        Cairo resources in a thread-safe manner, which is eased by the atomic
        reference counting used in Cairo.

        Nicosia::PaintingOperation derivatives are used for operations or state
        updates that require recording. Instances of these classes are appended
        to a Vector<> object that is then pushed into a thread pool in
        Nicosia::PaintingEngineThreaded , replaying all the operations against
        the Cairo context established from an associated target Nicosia::Buffer.

        This GraphicsContextImpl implementation is now used in the
        PaintingContextCairo::ForRecording constructor to construct the
        GraphicsContext implementation that will be used for recording.

        * platform/TextureMapper.cmake:
        * platform/graphics/nicosia/cairo/NicosiaCairoOperationRecorder.cpp: Added.
        (Nicosia::getContext):
        (Nicosia::OperationData::arg const const):
        (Nicosia::createCommand):
        (Nicosia::CairoOperationRecorder::CairoOperationRecorder):
        (Nicosia::m_commandList):
        (Nicosia::CairoOperationRecorder::updateState):
        (Nicosia::CairoOperationRecorder::clearShadow):
        (Nicosia::CairoOperationRecorder::setLineCap):
        (Nicosia::CairoOperationRecorder::setLineDash):
        (Nicosia::CairoOperationRecorder::setLineJoin):
        (Nicosia::CairoOperationRecorder::setMiterLimit):
        (Nicosia::CairoOperationRecorder::fillRect):
        (Nicosia::CairoOperationRecorder::fillRoundedRect):
        (Nicosia::CairoOperationRecorder::fillRectWithRoundedHole):
        (Nicosia::CairoOperationRecorder::fillPath):
        (Nicosia::CairoOperationRecorder::fillEllipse):
        (Nicosia::CairoOperationRecorder::strokeRect):
        (Nicosia::CairoOperationRecorder::strokePath):
        (Nicosia::CairoOperationRecorder::strokeEllipse):
        (Nicosia::CairoOperationRecorder::clearRect):
        (Nicosia::CairoOperationRecorder::drawGlyphs):
        (Nicosia::CairoOperationRecorder::drawImage):
        (Nicosia::CairoOperationRecorder::drawTiledImage):
        (Nicosia::CairoOperationRecorder::drawNativeImage):
        (Nicosia::CairoOperationRecorder::drawPattern):
        (Nicosia::CairoOperationRecorder::drawRect):
        (Nicosia::CairoOperationRecorder::drawLine):
        (Nicosia::CairoOperationRecorder::drawLinesForText):
        (Nicosia::CairoOperationRecorder::drawLineForDocumentMarker):
        (Nicosia::CairoOperationRecorder::drawEllipse):
        (Nicosia::CairoOperationRecorder::drawPath):
        (Nicosia::CairoOperationRecorder::drawFocusRing):
        (Nicosia::CairoOperationRecorder::save):
        (Nicosia::CairoOperationRecorder::restore):
        (Nicosia::CairoOperationRecorder::translate):
        (Nicosia::CairoOperationRecorder::rotate):
        (Nicosia::CairoOperationRecorder::scale):
        (Nicosia::CairoOperationRecorder::concatCTM):
        (Nicosia::CairoOperationRecorder::setCTM):
        (Nicosia::CairoOperationRecorder::getCTM):
        (Nicosia::CairoOperationRecorder::beginTransparencyLayer):
        (Nicosia::CairoOperationRecorder::endTransparencyLayer):
        (Nicosia::CairoOperationRecorder::clip):
        (Nicosia::CairoOperationRecorder::clipOut):
        (Nicosia::CairoOperationRecorder::clipPath):
        (Nicosia::CairoOperationRecorder::clipBounds):
        (Nicosia::CairoOperationRecorder::applyDeviceScaleFactor):
        (Nicosia::CairoOperationRecorder::roundToDevicePixels):
        (Nicosia::CairoOperationRecorder::append):
        * platform/graphics/nicosia/cairo/NicosiaCairoOperationRecorder.h: Added.
        * platform/graphics/nicosia/cairo/NicosiaPaintingContextCairo.cpp:
        (Nicosia::PaintingContextCairo::ForRecording::ForRecording):

2018-03-16  Zan Dobersek  <zdobersek@igalia.com>

        [TexMap] Clean up TextureMapperLayer constructor
        https://bugs.webkit.org/show_bug.cgi?id=183634

        Reviewed by Michael Catanzaro.

        In the TextureMapperLayer header, only declare the constructor, and move
        all the previous member initialization to the point of declaration of
        these member variables.

        In the TextureMapperLayer implementation file, the constructor and
        destructor are moved into proper order at the top of the file. The
        former is defaulted, and the latter remains unchanged.

        No change in behavior.

        * platform/graphics/texmap/TextureMapperLayer.cpp:
        (WebCore::TextureMapperLayer::~TextureMapperLayer):
        * platform/graphics/texmap/TextureMapperLayer.h:

2018-03-16  Miguel Gomez  <magomez@igalia.com>

        [GTK] When using EGL, request an OpenGL core profile when possible
        https://bugs.webkit.org/show_bug.cgi?id=178719

        Reviewed by Carlos Garcia Campos.

        When using EGL and OpenGL, try to request a context with version >= 3.2 with a core profile
        whenever possible. In order to to this, we require EGL version 1.5 or version 1.4 with the
        extension EGL_KHR_create_context. If EGL requirements are not met, or we cannot get a
        context with version >= 3.2 then use whatever EGL gives us.

        Covered by existent tests.

        * platform/graphics/egl/GLContextEGL.cpp:
        (WebCore::GLContextEGL::createWindowContext):
        (WebCore::GLContextEGL::createPbufferContext):
        (WebCore::GLContextEGL::createSurfacelessContext):
        (WebCore::GLContextEGL::createContextForEGLVersion):
        * platform/graphics/egl/GLContextEGL.h:
        * platform/graphics/egl/GLContextEGLWPE.cpp:
        (WebCore::GLContextEGL::createWPEContext):
        * platform/graphics/egl/GLContextEGLWayland.cpp:
        (WebCore::GLContextEGL::createWaylandContext):
        * platform/graphics/egl/GLContextEGLX11.cpp:
        (WebCore::GLContextEGL::createPixmapContext):

2018-03-16  Zan Dobersek  <zdobersek@igalia.com>

        [TexMap] Don't use the TextureMapperAnimation::Client interface to apply animation
        https://bugs.webkit.org/show_bug.cgi?id=183656

        Reviewed by Carlos Garcia Campos.

        Don't have the TextureMapperLayer class inherit from the
        TextureMapperAnimation::Client interface just for the purposes of
        synchronization of animation-affected attributes in syncAnimations().
        For that purpose it's enough to provide a struct that is passed to that
        method, and with the TextureMapperAnimation class filling out any of the
        animated attributes that need to be updated.

        TextureMapperAnimation::ApplicationResult struct is introducted for that
        purpose. std::optional<> members in it are assigned values during the
        application process, if an appropriate animation affects them. The
        relevant member values in TextureMapperLayer are then updated, or value
        from the default state is used.

        TextureMapperAnimation::Client is removed.

        No new tests -- no change in behavior.

        * platform/graphics/texmap/TextureMapperAnimation.cpp:
        (WebCore::TextureMapperAnimation::apply):
        (WebCore::TextureMapperAnimation::applyInternal):
        (WebCore::TextureMapperAnimations::apply):
        * platform/graphics/texmap/TextureMapperAnimation.h:
        * platform/graphics/texmap/TextureMapperLayer.cpp:
        (WebCore::TextureMapperLayer::syncAnimations):
        (WebCore::TextureMapperLayer::setAnimatedTransform): Deleted.
        (WebCore::TextureMapperLayer::setAnimatedOpacity): Deleted.
        (WebCore::TextureMapperLayer::setAnimatedFilters): Deleted.
        * platform/graphics/texmap/TextureMapperLayer.h:

2018-03-16  Devin Rousso  <webkit@devinrousso.com>

        Web Inspector: Canvas Tab: main WebGL canvas on acko.net has no reported size
        https://bugs.webkit.org/show_bug.cgi?id=178798
        <rdar://problem/35175740>

        Reviewed by Brian Burg.

        When the main frame navigates, the DOMAgent would recieve two InspectorInstrumentation calls,
        one when the frame begins its navigation and the other when the document for that frame has
        loaded. Both of these would discard the DOMAgent's bindings, which included the map of
        `nodeId`s. This was an issue for canvases, as the frontend would be notified whenever any
        canvas is created, which would usually occur before the `DOMContentLoaded` event is fired.
        As a result, the canvases would attempt to retrieve their associated node, only to have the
        DOMAgent discard those bindings quickly thereafter.

        This patch removes DOMAgent's and DOMDebuggerAgent's (parity) instrumentation hooks for the
        latter event, ensuring that the bindings are only discarded once.

        * inspector/agents/InspectorDOMAgent.h:
        * inspector/agents/InspectorDOMAgent.cpp:
        (WebCore::InspectorDOMAgent::mainFrameDOMContentLoaded): Deleted.

        * inspector/agents/InspectorDOMDebuggerAgent.h:
        * inspector/agents/InspectorDOMDebuggerAgent.cpp:
        (WebCore::InspectorDOMDebuggerAgent::frameDocumentUpdated): Added.
        (WebCore::InspectorDOMDebuggerAgent::mainFrameDOMContentLoaded): Deleted.

        * inspector/InspectorInstrumentation.cpp:
        (WebCore::InspectorInstrumentation::domContentLoadedEventFiredImpl):
        (WebCore::InspectorInstrumentation::frameDocumentUpdatedImpl):

2018-03-15  Tim Horton  <timothy_horton@apple.com>

        Include CADisplayLink explicitly where needed, instead of all of CA
        https://bugs.webkit.org/show_bug.cgi?id=183689
        <rdar://problem/38528719>

        Reviewed by Wenson Hsieh.

        * platform/graphics/ios/DisplayRefreshMonitorIOS.mm:

2018-03-15  Tim Horton  <timothy_horton@apple.com>

        Include MobileCoreServices in the WebCore prefix header
        https://bugs.webkit.org/show_bug.cgi?id=183688
        <rdar://problem/38527621>

        Reviewed by Dan Bernstein.

        * WebCorePrefix.h:

2018-03-15  Megan Gardner  <megan_gardner@apple.com>

        Create MediaQueryParserContext to provide additional context for the evaluation of media queries
        https://bugs.webkit.org/show_bug.cgi?id=183677

        Reviewed by Tim Horton.

        We need additional context for parsing media queries to make sure they are parsed correctly and valid.

        Not currently testable, will add tests in a later patch.

        * WebCore.xcodeproj/project.pbxproj:
        * css/MediaList.cpp:
        (WebCore::MediaQuerySet::create):
        (WebCore::MediaQuerySet::set):
        (WebCore::MediaQuerySet::add):
        (WebCore::MediaQuerySet::remove):
        * css/MediaList.h:
        * css/MediaQueryEvaluator.cpp:
        (WebCore::MediaQueryEvaluator::mediaAttributeMatches):
        * css/MediaQueryExpression.cpp:
        (WebCore::featureWithValidIdent):
        (WebCore::featureWithValidDensity):
        (WebCore::featureWithValidPositiveLength):
        (WebCore::featureWithPositiveInteger):
        (WebCore::featureWithPositiveNumber):
        (WebCore::featureWithZeroOrOne):
        (WebCore::isFeatureValidWithoutValue):
        (WebCore::MediaQueryExpression::MediaQueryExpression):
        * css/MediaQueryExpression.h:
        * css/MediaQueryMatcher.cpp:
        (WebCore::MediaQueryMatcher::matchMedia):
        * css/MediaQueryParserContext.cpp: Added.
        (WebCore::MediaQueryParserContext::MediaQueryParserContext):
        * css/MediaQueryParserContext.h: Added.
        (WebCore::MediaQueryParserContext::MediaQueryParserContext):
        * css/StyleMedia.cpp:
        (WebCore::StyleMedia::matchMedium const):
        * css/StyleRuleImport.cpp:
        (WebCore::StyleRuleImport::StyleRuleImport):
        (WebCore::StyleRuleImport::setCSSStyleSheet):
        * css/parser/CSSParser.cpp:
        (WebCore::CSSParserContext::CSSParserContext):
        (WebCore::operator==):
        * css/parser/CSSParserImpl.cpp:
        (WebCore::CSSParserImpl::consumeImportRule):
        (WebCore::CSSParserImpl::consumeMediaRule):
        * css/parser/MediaQueryParser.cpp:
        (WebCore::MediaQueryParser::parseMediaQuerySet):
        (WebCore::MediaQueryParser::parseMediaCondition):
        (WebCore::MediaQueryParser::MediaQueryParser):
        (WebCore::MediaQueryData::addExpression):
        * css/parser/MediaQueryParser.h:
        (WebCore::MediaQueryData::setMediaQueryParserContext):
        * css/parser/SizesAttributeParser.cpp:
        (WebCore::SizesAttributeParser::parse):
        * dom/DOMImplementation.cpp:
        (WebCore::DOMImplementation::createCSSStyleSheet):
        * dom/InlineStyleSheetOwner.cpp:
        (WebCore::InlineStyleSheetOwner::createSheet):
        * dom/ProcessingInstruction.cpp:
        (WebCore::ProcessingInstruction::setCSSStyleSheet):
        * html/HTMLImageElement.cpp:
        (WebCore::HTMLImageElement::bestFitSourceFromPictureElement):
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::process):
        (WebCore::HTMLLinkElement::initializeStyleSheet):
        (WebCore::HTMLLinkElement::setCSSStyleSheet):
        * html/HTMLLinkElement.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::selectNextSourceChild):
        * html/HTMLSourceElement.cpp:
        (WebCore::HTMLSourceElement::parsedMediaAttribute const):
        * html/HTMLSourceElement.h:
        * html/HTMLStyleElement.cpp:
        (WebCore::HTMLStyleElement::parseAttribute):
        * html/parser/HTMLPreloadScanner.cpp:
        (WebCore::TokenPreloadScanner::StartTagScanner::processAttribute):

2018-03-15  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r229639.
        https://bugs.webkit.org/show_bug.cgi?id=183683

        it is causing a crash in API tests (Requested by youenn on
        #webkit).

        Reverted changeset:

        "ActiveDOMObject should assert that they are destroyed in the
        thread they are created"
        https://bugs.webkit.org/show_bug.cgi?id=183671
        https://trac.webkit.org/changeset/229639

2018-03-15  Youenn Fablet  <youenn@apple.com>

        Bad configuration parameters should make RTCPeerConnection constructor throw
        https://bugs.webkit.org/show_bug.cgi?id=183615

        Reviewed by Eric Carlson.

        Implement more of https://w3c.github.io/webrtc-pc/#set-pc-configuration.
        Throw an error whenever underlying libwebrtc set configuration fails.

        Covered by rebased test.

        * Modules/mediastream/PeerConnectionBackend.h:
        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::iceServersFromConfiguration):
        (WebCore::RTCPeerConnection::initializeConfiguration):
        (WebCore::RTCPeerConnection::setConfiguration):
        * Modules/mediastream/RTCPeerConnection.js:
        (initializeRTCPeerConnection):
        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.h:

2018-03-15  Youenn Fablet  <youenn@apple.com>

        replaceTrack triggers negotiationneeded
        https://bugs.webkit.org/show_bug.cgi?id=180342
        <rdar://problem/35822426>

        Reviewed by Eric Carlson.

        Covered by updated test.
        Fix the case of replacing a track for which data is already flowing.
        We should probably do the same for null tracks when fully implementing transceivers.

        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::RTCPeerConnection::enqueueReplaceTrackTask):

2018-03-15  Keith Rollin  <krollin@apple.com>

        Telemetry for stalled webpage loads
        https://bugs.webkit.org/show_bug.cgi?id=183221
        <rdar://problem/36549013>

        Reviewed by Chris Dumez.

        Add telemetry for page loads, tracking the pages that succeed, fail,
        or are canceled. This information will be used to track the overall
        health of our page loading as time goes on.

        No new tests -- no new/changed user-level functionality.

        * page/DiagnosticLoggingKeys.cpp:
        (WebCore::DiagnosticLoggingKeys::telemetryPageLoadKey):
        (WebCore::DiagnosticLoggingKeys::timedOutKey):
        (WebCore::DiagnosticLoggingKeys::canceledLessThan2SecondsKey):
        (WebCore::DiagnosticLoggingKeys::canceledLessThan5SecondsKey):
        (WebCore::DiagnosticLoggingKeys::canceledLessThan20SecondsKey):
        (WebCore::DiagnosticLoggingKeys::canceledMoreThan20SecondsKey):
        (WebCore::DiagnosticLoggingKeys::failedLessThan2SecondsKey):
        (WebCore::DiagnosticLoggingKeys::failedLessThan5SecondsKey):
        (WebCore::DiagnosticLoggingKeys::failedLessThan20SecondsKey):
        (WebCore::DiagnosticLoggingKeys::failedMoreThan20SecondsKey):
        (WebCore::DiagnosticLoggingKeys::occurredKey):
        (WebCore::DiagnosticLoggingKeys::succeededLessThan2SecondsKey):
        (WebCore::DiagnosticLoggingKeys::succeededLessThan5SecondsKey):
        (WebCore::DiagnosticLoggingKeys::succeededLessThan20SecondsKey):
        (WebCore::DiagnosticLoggingKeys::succeededMoreThan20SecondsKey):
        * page/DiagnosticLoggingKeys.h:
        * platform/network/cf/ResourceError.h:
        (WebCore::ResourceError::ResourceError):
        * platform/network/mac/ResourceErrorMac.mm:
        (WebCore::ResourceError::ResourceError):
        (WebCore::ResourceError::getNSURLErrorDomain const):
        (WebCore::ResourceError::getCFErrorDomainCFNetwork const):
        (WebCore::ResourceError::mapPlatformError):

2018-03-15  Youenn Fablet  <youenn@apple.com>

        ActiveDOMObject should assert that they are destroyed in the thread they are created
        https://bugs.webkit.org/show_bug.cgi?id=183671

        Reviewed by Chris Dumez.

        No change of behavior.
        Moved MessagePort assertion to ActiveDOMObject.

        * dom/ActiveDOMObject.cpp:
        (WebCore::ActiveDOMObject::~ActiveDOMObject):
        * dom/ActiveDOMObject.h:
        * dom/MessagePort.cpp:
        (WebCore::MessagePort::~MessagePort):
        * dom/MessagePort.h:

2018-03-15  Youenn Fablet  <youenn@apple.com>

        MessagePort is not always destroyed on the right thread
        https://bugs.webkit.org/show_bug.cgi?id=183619
        <rdar://problem/38204711>

        Reviewed by Chris Dumez.

        Add assertion to ensure MessagePort is destroyed in the right thread.
        Modify methods taking a ref in a lambda to rely on weak pointers and refing the WorkerThread if in a worker context.
        It is safe to ref the WorkerThread since it is thread safe ref counted and we are passing the ref to the main thread
        where the WorkerThread is expected to be destroyed.

        Test: http/tests/workers/worker-messageport-2.html

        * dom/MessagePort.cpp:
        (WebCore::MessagePort::~MessagePort):
        (WebCore::MessagePort::dispatchMessages):
        (WebCore::MessagePort::updateActivity):
        (WebCore::MessagePort::hasPendingActivity const):
        * dom/MessagePort.h:

2018-03-15  Jer Noble  <jer.noble@apple.com>

        Adopt new AVURLAssetUseClientURLLoadingExclusively AVURLAsset creation option.
        https://bugs.webkit.org/show_bug.cgi?id=183660

        Reviewed by Jon Lee.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL):

2018-03-15  Chris Dumez  <cdumez@apple.com>

        Unreviewed, fix tiny mistake in r229615 that caused API tests failures.

        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::addRegistrationFromStore):

2018-03-15  Zan Dobersek  <zdobersek@igalia.com>

        [TexMap] Remove TextureMapperLayer::texture()
        https://bugs.webkit.org/show_bug.cgi?id=183635

        Reviewed by Michael Catanzaro.

        Remove the unused TextureMapperLayer::texture() method. This enables
        removing the virtual TextureMapperBackingStore::texture() method, as
        well as the implementations of it in TextureMapperTiledBackingStore and
        CoordinatedBackingStore classes.

        No change in behavior.

        * platform/graphics/texmap/TextureMapperBackingStore.h:
        * platform/graphics/texmap/TextureMapperLayer.h:
        * platform/graphics/texmap/TextureMapperTiledBackingStore.cpp:
        (WebCore::TextureMapperTiledBackingStore::texture const): Deleted.
        * platform/graphics/texmap/TextureMapperTiledBackingStore.h:

2018-03-15  Zan Dobersek  <zdobersek@igalia.com>

        [TexMap] Don't bother caching pattern transform matrix
        https://bugs.webkit.org/show_bug.cgi?id=183633

        Reviewed by Michael Catanzaro.

        Remove the m_patternTransform and m_patternTransformDirty member
        variables from the TextureMapperLayer class. These unnecessarily
        complicate the state update methods that need to compare the given
        attribute against the current state, and only update it if it has
        changed.

        Instead, compute the pattern TransformationMatrix value on-the-fly in
        the paintSelf() method, if at all necessary.

        No change in functionality.

        * platform/graphics/texmap/TextureMapperLayer.cpp:
        (WebCore::TextureMapperLayer::paintSelf):
        (WebCore::TextureMapperLayer::setContentsRect):
        (WebCore::TextureMapperLayer::setContentsTileSize):
        (WebCore::TextureMapperLayer::setContentsTilePhase):
        (WebCore::TextureMapperLayer::computePatternTransformIfNeeded): Deleted.
        * platform/graphics/texmap/TextureMapperLayer.h:

2018-03-14  John Wilander  <wilander@apple.com>

        Resource Load Statistics: Add clearing of storage access to WebResourceLoadStatisticsStore::clearInMemory()
        https://bugs.webkit.org/show_bug.cgi?id=183641
        <rdar://problem/38469497>

        Reviewed by Brent Fulgham and Chris Dumez.

        No new tests. This change is to stabilize existing layout tests.
        See Ryan Haddad's comment in https://bugs.webkit.org/show_bug.cgi?id=183620.

        * platform/network/NetworkStorageSession.h:
        * platform/network/cf/NetworkStorageSessionCFNet.cpp:
        (WebCore::NetworkStorageSession::removeAllStorageAccess):
            New function to clear out all storage access entries.

2018-03-14  Youenn Fablet  <youenn@apple.com>

        imported/w3c/web-platform-tests/WebCryptoAPI/wrapKey_unwrapKey/wrapKey_unwrapKey.worker.html is crashing
        https://bugs.webkit.org/show_bug.cgi?id=183602

        Reviewed by Chris Dumez.

        Introduce a map of ScriptExecutionContext that is read/write protected using a Lock.
        This allows introducing postTaskTo taking a ScriptExecutionContext identifier and callable from any thread.
        Use that method in Crypto instead of refing/unrefing  the context.
        Lock only happens if context does some postTask activity. This is governed by calling or not the new contextIdentifier() getter.

        Covered by crypto tests no longer failing m_workerGlobalScope->hasOneRef() assertion.

        * crypto/CryptoAlgorithm.cpp:
        (WebCore::dispatchAlgorithmOperation):
        * crypto/algorithms/CryptoAlgorithmECDH.cpp:
        (WebCore::CryptoAlgorithmECDH::deriveBits):
        * crypto/algorithms/CryptoAlgorithmSHA1.cpp:
        (WebCore::CryptoAlgorithmSHA1::digest):
        * crypto/algorithms/CryptoAlgorithmSHA224.cpp:
        (WebCore::CryptoAlgorithmSHA224::digest):
        * crypto/algorithms/CryptoAlgorithmSHA256.cpp:
        (WebCore::CryptoAlgorithmSHA256::digest):
        * crypto/algorithms/CryptoAlgorithmSHA384.cpp:
        (WebCore::CryptoAlgorithmSHA384::digest):
        * crypto/algorithms/CryptoAlgorithmSHA512.cpp:
        (WebCore::CryptoAlgorithmSHA512::digest):
        * crypto/gcrypt/CryptoKeyRSAGCrypt.cpp:
        (WebCore::CryptoKeyRSA::generatePair):
        * crypto/mac/CryptoKeyRSAMac.cpp:
        (WebCore::CryptoKeyRSA::generatePair):
        * dom/Document.cpp:
        (WebCore::Document::~Document):
        * dom/ScriptExecutionContext.cpp:
        (WebCore::allScriptExecutionContextsMapLock):
        (WebCore::ScriptExecutionContext::ScriptExecutionContext):
        (WebCore::ScriptExecutionContext::removeFromContextsMap):
        (WebCore::ScriptExecutionContext::checkConsistency const):
        (WebCore::ScriptExecutionContext::postTaskTo):
        * dom/ScriptExecutionContext.h:
        (WebCore::ScriptExecutionContext::contextIdentifier const):
        * workers/WorkerGlobalScope.cpp:
        (WebCore::WorkerGlobalScope::~WorkerGlobalScope):

2018-03-14  Chris Dumez  <cdumez@apple.com>

        Reduce use of SWServerToContextConnection::globalServerToContextConnection()
        https://bugs.webkit.org/show_bug.cgi?id=183626

        Reviewed by Youenn Fablet.

        Reduce use of SWServerToContextConnection::globalServerToContextConnection() as we are moving towards
        having multiple context connections.

        No new tests, no expected behavior change.

        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::matchAll):
        (WebCore::SWServer::serverToContextConnectionCreated):
        (WebCore::SWServer::runServiceWorkerIfNecessary):
        (WebCore::SWServer::runServiceWorker):
        (WebCore::SWServer::terminateWorkerInternal):
        (WebCore::SWServer::markAllWorkersAsTerminated):
        (WebCore::SWServer::workerContextTerminated):
        (WebCore::SWServer::fireInstallEvent):
        (WebCore::SWServer::fireActivateEvent):
        * workers/service/server/SWServer.h:
        * workers/service/server/SWServerToContextConnection.cpp:
        (WebCore::SWServerToContextConnection::findClientByIdentifier):
        (WebCore::SWServerToContextConnection::matchAll):
        (WebCore::SWServerToContextConnection::claim):
        * workers/service/server/SWServerWorker.cpp:
        (WebCore::SWServerWorker::contextConnection):
        (WebCore::SWServerWorker::matchAll):
        * workers/service/server/SWServerWorker.h:

2018-03-14  Youenn Fablet  <youenn@apple.com>

        MessagePort should remove its listeners when being closed
        https://bugs.webkit.org/show_bug.cgi?id=183644

        Reviewed by Chris Dumez.

        Test: http/tests/workers/worker-messageport.html

        * dom/MessagePort.cpp:
        (WebCore::MessagePort::close):
        (WebCore::MessagePort::contextDestroyed):

2018-03-14  Chris Dumez  <cdumez@apple.com>

        Drop unnecessary StorageToWebProcessConnection::workerContextProcessConnectionCreated()
        https://bugs.webkit.org/show_bug.cgi?id=183624

        Reviewed by Youenn Fablet.

        Pass in context connection to SWServer::serverToContextConnectionCreated() to avoid
        relying on the deprecated globalServerToContextConnection().

        No new tests, no expected behavior change.

        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::serverToContextConnectionCreated):
        * workers/service/server/SWServer.h:

2018-03-14  Mark Lam  <mark.lam@apple.com>

        Enhance the MacroAssembler and LinkBuffer to support pointer profiling.
        https://bugs.webkit.org/show_bug.cgi?id=183623
        <rdar://problem/38443314>

        Reviewed by Michael Saboff.

        No new tests.  Just adding PtrTags required by new MacroAssembler API.

        * cssjit/FunctionCall.h:
        (WebCore::FunctionCall::prepareAndCall):
        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::SelectorCodeGenerator::compile):

2018-03-14  Chris Fleizach  <cfleizach@apple.com>

        AX: Implement accessible dismiss action on iOS
        https://bugs.webkit.org/show_bug.cgi?id=183352
        <rdar://problem/38161500>

        Reviewed by Zalan Bujtas.

        Test: accessibility/ios-simulator/AOM-dismiss-event.html

        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper accessibilityPerformEscape]):

2018-03-14  Youenn Fablet  <youenn@apple.com>

        Update libwebrtc up to 36af4e9614f707f733eb2340fae66d6325aaac5b
        https://bugs.webkit.org/show_bug.cgi?id=183481

        Reviewed by Eric Carlson.

        Covered by existing tests.
        Updated libwebrtc binding code.

        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::fillEncodingParameters):
        * platform/mediastream/libwebrtc/LibWebRTCAudioModule.h:

2018-03-14  Tim Horton  <timothy_horton@apple.com>

        Fix the build after r229567

        * Configurations/FeatureDefines.xcconfig:

2018-03-13  John Wilander  <wilander@apple.com>

        Resource Load Statistics: Immediately forward cookie access for domains with previous user interaction when there's an opener document
        https://bugs.webkit.org/show_bug.cgi?id=183620
        <rdar://problem/38431469>

        Reviewed by Brent Fulgham.

        Tests: http/tests/storageAccess/deny-storage-access-under-opener.html
               http/tests/storageAccess/grant-storage-access-under-opener.html

        It turns out the fix in https://bugs.webkit.org/show_bug.cgi?id=183577
        wasn't enough to address the compatibility issues with popups. Some of
        them just detect their unpartitioned cookies, auto-dismiss themselves,
        and expect their unpartitioned cookies to be available under the opener
        afterwards. We should grant them access if the popup's domain has had
        user interaction _previously_.

        Note that we still need https://bugs.webkit.org/show_bug.cgi?id=183577
        because if the popup's domain has not received user interaction
        previously, we will not grant it storage access on just the window open.

        * dom/Document.cpp:
        (WebCore::Document::hasRequestedPageSpecificStorageAccessWithUserInteraction):
        (WebCore::Document::setHasRequestedPageSpecificStorageAccessWithUserInteraction):
        (WebCore::Document::hasGrantedPageSpecificStorageAccess): Deleted.
        (WebCore::Document::setHasGrantedPageSpecificStorageAccess): Deleted.
            Renamed from *Granted* to *Requested* since there is now a case
            where access will not be granted, i.e. when the popup domain has
            not had user interaction previously.
        * dom/Document.h:
        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::setRequestStorageAccessUnderOpenerCallback):
            Renamed *Grant* to *Request*.
        (WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution):
        (WebCore::ResourceLoadObserver::logWindowCreation):
            New function called from DOMWindow::createWindow().
        (WebCore::ResourceLoadObserver::requestStorageAccessUnderOpener):
            New convenience function.
        (WebCore::ResourceLoadObserver::setGrantStorageAccessUnderOpenerCallback): Deleted.
            Renamed *Grant* to *Request*.
        * loader/ResourceLoadObserver.h:
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::createWindow):
            Now calls ResourceLoadObserver::logWindowCreation() if a window
            was created and the opener has a document and a page ID.

2018-03-13  Chris Dumez  <cdumez@apple.com>

        fast/loader/javascript-url-iframe-remove-on-navigate.html is a flaky crash on iOS with async delegates
        https://bugs.webkit.org/show_bug.cgi?id=183610

        Reviewed by Youenn Fablet.

        The issue was that in DocumentLoader::loadMainResource(), the call to requestMainResource() which
        return null due to the load getting cancelled synchronously. If this load is the parent frame's last
        pending load, then the 'load' event gets fired in the parent frame. In the test, the parent frame's
        load event handler does a document.write() call which blows away the iframe. As a result, when
        we return from the requestMainResource(), m_frame is null and we crash later on dereferencing it.

        No new tests, covered by fast/loader/javascript-url-iframe-remove-on-navigate-async-delegate.html
        which was crashing flakily.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::loadMainResource):

2018-03-13  Jer Noble  <jer.noble@apple.com>

        [iOS] Muted media playback can interrupt out-of-process audio
        https://bugs.webkit.org/show_bug.cgi?id=183606
        <rdar://problem/37466253>

        Reviewed by Eric Carlson.

        Test: Updated TestWebKitAPI test to verify the correct AVAudioSession category is set.

        A non-playing, non-muted media element will cause the AVAudioSession category to be set to
        "playing" when a muted media element begins playback. Ignore these non-playing elements for
        the purposes of determining the AVAudioSession category.

        * platform/audio/cocoa/MediaSessionManagerCocoa.cpp:
        (PlatformMediaSessionManager::updateSessionState):

2018-03-13  Youenn Fablet  <youenn@apple.com>

        Calling removeTrack with RTCRtpSender does not set SenderTrack to null
        https://bugs.webkit.org/show_bug.cgi?id=183308

        Reviewed by Eric Carlson.

        Covered by updated test.

        * Modules/mediastream/RTCRtpSender.cpp:
        (WebCore::RTCRtpSender::stop): Set track to null when being stopped i.e. removed.
        * Modules/mediastream/RTCRtpSender.h:

2018-03-13  Youenn Fablet  <youenn@apple.com>

        Changing link element rel attribute from preload to stylesheet should succeed loading the stylesheet
        https://bugs.webkit.org/show_bug.cgi?id=183601
        <rdar://problem/38309441>

        Reviewed by Antti Koivisto.

        Test: http/wpt/preload/change-link-rel-attribute.html

        * loader/LinkPreloadResourceClients.h:
        (WebCore::LinkPreloadResourceClient::clearResource): Remove the call to CachedResource::cancelLoad.
        This call is expected to be called by ResourceLoader when cancelling the load from below CachedResource.
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::allClientsRemoved): In case of preload,
        cancel the load if not finished when there is no more client attached to it.
        * loader/cache/CachedResource.h:

2018-03-12  John Wilander  <wilander@apple.com>

        Resource Load Statistics: Immediately forward cookie access at user interaction when there's an opener document
        https://bugs.webkit.org/show_bug.cgi?id=183577
        <rdar://problem/38266987>

        Reviewed by Brent Fulgham.

        Tested manually on live websites.
        No new automated tests because of a bug in WebKitTestRunner:
        https://bugs.webkit.org/show_bug.cgi?id=183578
        The event sender triggers gestures in the opener rather than
        in the popup.

        * dom/Document.cpp:
        (WebCore::Document::removedLastRef):
            Clears the new m_primaryDomainsGrantedPageSpecificStorageAccess.
        (WebCore::Document::hasGrantedPageSpecificStorageAccess):
        (WebCore::Document::setHasGrantedPageSpecificStorageAccess):
        * dom/Document.h:
            Added member m_primaryDomainsGrantedPageSpecificStorageAccess
            where we store domains that have been granted access.
        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::setGrantStorageAccessUnderOpenerCallback):
        (WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution):
            Now checks if there is a cross-origin opener and if so, immediately
            grants cookie access to the popup's domain if it is partitioned or
            blocked. 
        * loader/ResourceLoadObserver.h:
        * platform/network/NetworkStorageSession.h:
            Added member m_pagesGrantedStorageAccess.
        * platform/network/cf/NetworkStorageSessionCFNet.cpp:
        (WebCore::NetworkStorageSession::cookieStoragePartition const):
        (WebCore::NetworkStorageSession::hasStorageAccess const):
            Renamed from hasStorageAccessForFrame since the frameID now is optional.
        (WebCore::NetworkStorageSession::grantStorageAccess):
            Renamed from grantStorageAccessForFrame since the frameID now is optional.
        (WebCore::NetworkStorageSession::removeStorageAccessForAllFramesOnPage):
            Now removes the pageID entry in m_pagesGrantedStorageAccess.
        (WebCore::NetworkStorageSession::hasStorageAccessForFrame const): Deleted.
            Renamed since the frameID now is optional.
        (WebCore::NetworkStorageSession::grantStorageAccessForFrame): Deleted.
            Renamed since the frameID now is optional.

2018-03-12  Tim Horton  <timothy_horton@apple.com>

        Stop using SDK conditionals to control feature definitions
        https://bugs.webkit.org/show_bug.cgi?id=183430
        <rdar://problem/38251619>

        Reviewed by Dan Bernstein.

        * Configurations/FeatureDefines.xcconfig:
        * Configurations/WebKitTargetConditionals.xcconfig: Renamed.

2018-03-12  Chris Dumez  <cdumez@apple.com>

        Return boolean from DOMTokenList's replace() method
        https://bugs.webkit.org/show_bug.cgi?id=183567

        Reviewed by Youenn Fablet.

        Have DOMTokenList's replace() method return a boolean indicating if the
        token was replaced, as per:
        - https://dom.spec.whatwg.org/#dom-domtokenlist-replace

        This is a recent addition to the DOM specification:
        - https://github.com/whatwg/dom/pull/582

        No new tests, rebaselined existing test.

        * html/DOMTokenList.cpp:
        (WebCore::replaceInOrderedSet):
        (WebCore::DOMTokenList::replace):
        * html/DOMTokenList.h:
        * html/DOMTokenList.idl:

2018-03-12  Brian Burg  <bburg@apple.com>

        Ignore some deprecation warnings encountered when compiling with newer versions of ICU
        https://bugs.webkit.org/show_bug.cgi?id=183584
        <rdar://problem/38395317>

        Reviewed by Daniel Bates.

        Ignore new deprecation warnings. Where a function has more than one
        deprecation warning, mark out the entire function so it remains readable.

        * editing/TextIterator.cpp:
        * platform/graphics/SurrogatePairAwareTextIterator.cpp:
        (WebCore::SurrogatePairAwareTextIterator::normalizeVoicingMarks):
        * platform/text/TextEncoding.cpp:

2018-03-12  Yoav Weiss  <yoav@yoav.ws>

        Runtime flag for link prefetch and remove link subresource.
        https://bugs.webkit.org/show_bug.cgi?id=183540

        Reviewed by Chris Dumez.

        This patch removes the LINK_PREFETCH build time flag, removes
        link subresource, adds an off-by-default runtime flag for link
        prefetch and makes sure link prefetch only works when this flag is on.

        Subresource is removed as it's not a part of any spec, nor supported by any
        other browser. It was replaced by link preload.

        No new tests as this is not adding any new functionality.

        * Configurations/FeatureDefines.xcconfig: Remove the LINK_PREFETCH flag.
        * html/LinkRelAttribute.cpp:
        (WebCore::LinkRelAttribute::LinkRelAttribute): Put prefetch support behind the runtime flag.
        (WebCore::LinkRelAttribute::isSupported): Add prefetch.
        * html/LinkRelAttribute.h: Remove the LINK_PREFETCH flag.
        * loader/LinkLoader.cpp:
        (WebCore::createLinkPreloadResourceClient): Remove the LINK_PREFETCH flag.
        (WebCore::LinkLoader::prefetchIfNeeded): Move the prefetch code to `prefetchIfNeeded()`. Remove subresource bits.
        (WebCore::LinkLoader::loadLink): Call `prefetchIfNeeded()`.
        * loader/LinkLoader.h:
        * loader/ResourceLoadInfo.cpp:
        (WebCore::toResourceType): Remove the LINK_PREFETCH flag as well as subresource.
        * loader/SubresourceLoader.cpp:
        (WebCore::logResourceLoaded): Remove the LINK_PREFETCH flag as well as subresource.
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::defaultPriorityForResourceType): Remove the LINK_PREFETCH flag as well as subresource.
        (WebCore::CachedResource::load): Remove the LINK_PREFETCH flag.
        * loader/cache/CachedResource.h:
        (WebCore::CachedResource::ignoreForRequestCount const): Remove the LINK_PREFETCH flag as well as subresource.
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::createResource): Remove the LINK_PREFETCH flag as well as subresource.
        (WebCore::CachedResourceLoader::requestLinkResource): Remove subresource.
        (WebCore::contentTypeFromResourceType): Remove the LINK_PREFETCH flag as well as subresource.
        (WebCore::CachedResourceLoader::checkInsecureContent const): Remove the LINK_PREFETCH flag as well as subresource.
        (WebCore::CachedResourceLoader::shouldUpdateCachedResourceWithCurrentRequest): Remove the LINK_PREFETCH flag as well as subresource.
        * loader/cache/CachedResourceLoader.h:
        * page/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::setLinkPrefetchEnabled): Set the prefetch flag.
        (WebCore::RuntimeEnabledFeatures::linkPrefetchEnabled const): Get the prefetch flag.

2018-03-12  Youenn Fablet  <youenn@apple.com>

        RTCPeerConnection's close method should update signalingState
        https://bugs.webkit.org/show_bug.cgi?id=174314
        <rdar://problem/33267977>

        Reviewed by Eric Carlson.

        Covered by rebased test.
        Add closed as signalingState enum value.
        Set peer connection signaling state to closed once close is called.

        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::RTCPeerConnection::doClose):
        * Modules/mediastream/RTCSignalingState.idl:
        * platform/mediastream/RTCSignalingState.h:

2018-03-12  Mark Lam  <mark.lam@apple.com>

        Make a NativeFunction into a class to support pointer profiling.
        https://bugs.webkit.org/show_bug.cgi?id=183573
        <rdar://problem/38384697>

        Reviewed by Filip Pizlo.

        No new tests because there's no new behavior.  Only updating bindings.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHashTableValueArray):
        * bindings/scripts/test/JS/JSMapLike.cpp:
        * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        * bindings/scripts/test/JS/JSTestCEReactions.cpp:
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
        * bindings/scripts/test/JS/JSTestCallTracer.cpp:
        * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
        * bindings/scripts/test/JS/JSTestEnabledBySetting.cpp:
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
        * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        * bindings/scripts/test/JS/JSTestIterable.cpp:
        * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp:
        * bindings/scripts/test/JS/JSTestNode.cpp:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
        * bindings/scripts/test/JS/JSTestSerialization.cpp:
        * bindings/scripts/test/JS/JSTestSerializationInherit.cpp:
        * bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp:
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
        * bindings/scripts/test/JS/JSTestStringifier.cpp:
        * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp:
        * bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp:
        * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp:
        * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp:
        * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp:
        * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp:
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:

2018-03-12  Tim Horton  <timothy_horton@apple.com>

        Use a different SPI header for some AudioToolbox enums
        https://bugs.webkit.org/show_bug.cgi?id=183574
        <rdar://problem/38385889>

        Reviewed by Anders Carlsson.

        * platform/audio/ios/AudioDestinationIOS.cpp:
        * platform/mediastream/mac/AudioTrackPrivateMediaStreamCocoa.cpp:
        Adjust SPI imports.

2018-03-12  Danyao Wang  <danyao@chromium.org>

        Add a query and fragment exception to history API's unique origin restriction.
        https://bugs.webkit.org/show_bug.cgi?id=183028

        Reviewed by Brent Fulgham.

        Tests: http/tests/navigation/pushstate-at-unique-origin-denied.php
               Tools/TestWebKitAPI/Tests/WebCore/URL.cpp

        * page/History.cpp:
        (WebCore::History::stateObjectAdded):

2018-03-12  Antti Koivisto  <antti@apple.com>

        Don't invalidate descendants for nth pseudo classes unless needed
        https://bugs.webkit.org/show_bug.cgi?id=183566

        Reviewed by Zalan Bujtas.

        We currently invalidate the whole subtrees that may match :nth-child and similar. In many common
        cases we know that only the direct siblings may be affected.

        * css/SelectorChecker.cpp:
        (WebCore::localContextForParent):
        (WebCore::SelectorChecker::matchRecursively const):

            Track if the context matches the subject element if the selector or its siblings only.

        (WebCore::SelectorChecker::checkOne const):

            Use different bits of descendant and child invalidation cases.

        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::fragmentMatchesRightmostOrAdjacentElement):
        (WebCore::SelectorCompiler::constructFragmentsInternal):

            Track if the context matches the subject element if the selector or its siblings only.

        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsNthChild):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsNthChildOf):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsNthLastChild):

            Use different bits of descendant and child invalidation cases.

        * dom/Element.cpp:
        (WebCore::invalidateForForwardPositionalRules):
        (WebCore::invalidateForBackwardPositionalRules):

            Invalidate more precisely based on the new bits.

        (WebCore::checkForSiblingStyleChanges):
        (WebCore::Element::setDescendantsAffectedByForwardPositionalRules):
        (WebCore::Element::setDescendantsAffectedByBackwardPositionalRules):
        (WebCore::Element::hasFlagsSetDuringStylingOfChildren const):
        (WebCore::Element::rareDataDescendantsAffectedByForwardPositionalRules const):
        (WebCore::Element::rareDataDescendantsAffectedByBackwardPositionalRules const):

            New bits.

        * dom/Element.h:
        (WebCore::Element::descendantsAffectedByForwardPositionalRules const):
        (WebCore::Element::descendantsAffectedByBackwardPositionalRules const):
        * dom/ElementRareData.h:
        (WebCore::ElementRareData::descendantsAffectedByForwardPositionalRules const):
        (WebCore::ElementRareData::setDescendantsAffectedByForwardPositionalRules):
        (WebCore::ElementRareData::descendantsAffectedByBackwardPositionalRules const):
        (WebCore::ElementRareData::setDescendantsAffectedByBackwardPositionalRules):
        (WebCore::ElementRareData::ElementRareData):
        (WebCore::ElementRareData::resetStyleRelations):
        * style/StyleRelations.cpp:
        (WebCore::Style::commitRelationsToRenderStyle):
        (WebCore::Style::commitRelations):
        * style/StyleRelations.h:

2018-03-12  Javier Fernandez  <jfernandez@igalia.com>

        Remove GridLayout runtime flag
        https://bugs.webkit.org/show_bug.cgi?id=183484

        Reviewed by Myles C. Maxfield.

        The Grid Layout feature has been enabled by default for almost a
        year, so I think it's time to remove the runtime flag and the
        codepath run when the feature is disabled.

        No new tests, because there are no changes in functionality.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::valueForContentPositionAndDistributionWithOverflowAlignment):
        (WebCore::ComputedStyleExtractor::valueForPropertyinStyle):
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertContentAlignmentData):
        * css/parser/CSSParser.cpp:
        (WebCore::CSSParserContext::CSSParserContext):
        (WebCore::operator==):
        * css/parser/CSSParserFastPaths.cpp:
        (WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue):
        (WebCore::CSSParserFastPaths::isKeywordPropertyID):
        * css/parser/CSSParserMode.h:
        (WebCore::CSSParserContextHash::hash):
        * css/parser/CSSPropertyParser.cpp:
        (WebCore::CSSPropertyParser::parseSingleValue):
        * dom/Document.cpp:
        * dom/Document.h:
        * page/RuntimeEnabledFeatures.h:
        * rendering/RenderFlexibleBox.cpp:
        (WebCore::alignmentOffset):
        * rendering/style/RenderStyle.cpp:
        * rendering/style/RenderStyle.h:
        (WebCore::RenderStyle::initialDefaultAlignment):
        * testing/InternalSettings.cpp:
        (WebCore::InternalSettings::Backup::Backup):
        (WebCore::InternalSettings::Backup::restoreTo):
        * testing/InternalSettings.h:
        * testing/InternalSettings.idl:

2018-03-12  Antoine Quint  <graouts@apple.com>

        [Web Animations] Implement CSS Animations and CSS Transitions as Web Animations
        https://bugs.webkit.org/show_bug.cgi?id=183504
        <rdar://problem/38372965>

        Reviewed by Dean Jackson and Jon Lee.

        Tests: webanimations/css-animations.html
               webanimations/css-transitions.html

        This patch implements CSS Animations and CSS Transitions as Web Animations. The main changes are:

        * StyleTreeResolver: StyleTreeResolver now has a code path to add CSSAnimation and CSSTransition objects onto the DocumentTimeline
        to be picked up by the Web Animations engine. The previous CSSAnimationController code path is preserved if the runtime flag is disabled.

        * AnimationTimeline: we add two new methods, updateCSSAnimationsForElement() and updateCSSTransitionsForElement() which are called from
        TreeResolver::createAnimatedElementUpdate(). These look at the AnimationList for the old and new RenderStyle objects and create, update
        and remove matching CSSAnimation and CSSTransition instances.

        * DeclarativeAnimation: a new superclass to both CSSAnimation and CSSTransition which introduces the concept of a backingAnimation(),
        which is an Animation held by the RenderStyle objects, and two virtual methods with base implementations, initialize() which is called
        upon creating by create() methods in subclasses, and syncPropertiesWithBackingAnimation() which ensures that properties on the
        DeclarativeAnimation objects (Web Animations side) match the backing animation (CSS side).

        * KeyframeEffectReadOnly: two new important methods to create blending keyframes (KeyframeList) based on backing Animation objects,
        computeCSSAnimationBlendingKeyframes() and computeCSSTransitionBlendingKeyframes().

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * animation/AnimationEffectReadOnly.h:
        (WebCore::AnimationEffectReadOnly::isKeyframeEffectReadOnly const): We fix this method such that calling it on a KeyframeEffect, which
        is a subclass of KeyframeEffectReadOnly, returns true.
        * animation/AnimationEffectTimingReadOnly.cpp: In order for DeclarativeAnimation::syncPropertiesWithBackingAnimation() to set the timing
        function for a declarative animation's effect, we need a public method to set an effect's timing function outside of just the "easing"
        property setter exposed via the JS API. So we introduce a setTimingFunction() method and call it from setEasing().
        (WebCore::AnimationEffectTimingReadOnly::setEasing):
        (WebCore::AnimationEffectTimingReadOnly::setTimingFunction):
        * animation/AnimationEffectTimingReadOnly.h:
        * animation/AnimationTimeline.cpp:
        (WebCore::AnimationTimeline::~AnimationTimeline): Clear all maps and sets containing WebAnimation references to ensure these get destructed
        when the AnimationTimeline is being destructed and should no longer hold a reference to them.
        (WebCore::AnimationTimeline::relevantMapForAnimation): We store various subclasses of WebAnimation in dedicated maps so we can composite
        animations in the correct order when animating. This function returns the correct map for a given animation such that animationWasAddedToElement()
        and animationWasRemovedFromElement() mutate the right map.
        (WebCore::AnimationTimeline::animationWasAddedToElement):
        (WebCore::AnimationTimeline::animationWasRemovedFromElement):
        (WebCore::AnimationTimeline::animationsForElement): Make sure to look for animations in the lists of CSS Animations and CSS Transitions as well
        as Web Animations.
        (WebCore::AnimationTimeline::updateCSSAnimationsForElement): This method is called by TreeResolver::createAnimatedElementUpdate() during style
        resolution. It compares the AnimationList of the previous style and the new style for a given element, checks that animations with a given name
        that were not present in the old AnimationList have a new matching CSSAnimation object for them added to the AnimationTimeline, that animations
        with a given name that are no longer present in the new AnimationList have their matching CSSAnimation object removed from the AnimationTimeline,
        and that animations with a given name that are present in both the old and new AnimationList have their matching CSSAnimation updated to match
        the current state of the animation in the AnimationList.
        (WebCore::AnimationTimeline::updateCSSTransitionsForElement): Similarly to updateCSSAnimationsForElement(), this method is called during style
        resolution by TreeResolver::createAnimatedElementUpdate(). Its role is to create or remove CSSTransition objects based on the AnimationList found
        in the old and new styles for a given element. It follows a slightly different logic than updateCSSAnimationsForElement() since for CSS Transitions,
        there is no need to update CSSTransition objects for a CSS property existing in both the old and new AnimationList, since when a CSS transitions
        property is changed, a whole new transition is initiated. However, it's important to check that different Animation objects and styles would actually
        result in different timing properties and blending keyframes, so check for this as well before creating new CSSTransition objects.
        * animation/AnimationTimeline.h:
        (WebCore::AnimationTimeline::animations const): Change the m_animations type from HashSet to ListHashSet to guarantee we preserve the insertion order which is
        required by getAnimations().
        (WebCore::AnimationTimeline::hasElementAnimations const): Indicates to DocumentTimeline::updateAnimations() that there are animations targeting the provided element.
        (WebCore::AnimationTimeline::elementToAnimationsMap):
        (WebCore::AnimationTimeline::elementToCSSAnimationsMap):
        (WebCore::AnimationTimeline::elementToCSSTransitionsMap):
        * animation/CSSAnimation.cpp: CSSAnimation is now a subclass of DeclarativeAnimation and subclasses initialize() and syncPropertiesWithBackingAnimation()
        to perform work specific to CSS Animations.
        (WebCore::CSSAnimation::create): Set the animationName property based on the provided backing animation.
        (WebCore::CSSAnimation::CSSAnimation):
        (WebCore::CSSAnimation::initialize): Create the blending keyframes for this CSSAnimation.
        (WebCore::CSSAnimation::syncPropertiesWithBackingAnimation): Reflect the animation-fill-mode, animation-direction, animation-iteration-count and
        animation-play-state CSS properties on the AnimationEffectTimingReadOnly object associated with this CSSAnimation.
        * animation/CSSAnimation.h:
        * animation/CSSTransition.cpp: CSSTransition is now a subclass of DeclarativeAnimation.
        (WebCore::CSSTransition::create): Set the transitionProperty property based on the provided backing animation.
        (WebCore::CSSTransition::CSSTransition):
        (WebCore::CSSTransition::matchesBackingAnimationAndStyles const):
        (WebCore::CSSTransition::canBeListed const): Subclass this method such that we also check that we have blending keyframes for a CSSTransition to be
        listed by calls to getAnimations().
        * animation/CSSTransition.h:
        * animation/DeclarativeAnimation.cpp: Added. This new WebAnimation subclass now is the common base class for both CSSAnimation and CSSTransition.
        It establishes a relationship with a "backing animation", which is an Animation obtained from a style's AnimationList while resolving styles.
        These backing animations contain all of the parsed CSS styles related to CSS Animations and CSS Transitions and we use those to set matching properties
        of the Web Animations timing model in the new syncPropertiesWithBackingAnimation() virtual method, which subclasses can override to perform further
        work that is specific to a given declarative animation type. The initialize() method is called during create() methods to perform common animation
        setup work. Note that while both initialize() and syncPropertiesWithBackingAnimation() are called, we suspend invalidation to that animation's effect
        since these methods are meant to be called during style invalidation and we would hit an assertion if we followed the usual route of calling
        updateStyleIfNeeded() on the target's document during invalidation.
        (WebCore::DeclarativeAnimation::DeclarativeAnimation):
        (WebCore::DeclarativeAnimation::setBackingAnimation):
        (WebCore::DeclarativeAnimation::initialize): Create a KeyframeEffectReadOnly for this animation and set the provided element as its target, set that
        element's document's timeline and play the animation if the backing animation's play state is playing.
        (WebCore::DeclarativeAnimation::syncPropertiesWithBackingAnimation): Reflect the {animation|transition}-delay, {animation|transition}-duration and
        {animation|transition}-timing-function properties as set on the backing animation.
        * animation/DeclarativeAnimation.h: Added.
        (WebCore::DeclarativeAnimation::backingAnimation const):
        * animation/DocumentTimeline.cpp:
        (WebCore::DocumentTimeline::updateAnimations): Trigger style invalidation for elements targeted not just by WebAnimation instances, but also by any
        of the DeclarativeAnimation subclasses. We also remove the call to updateFinishedState() which should have been removed when we implemented correct
        support for asynchronous WebAnimation operations.
        (WebCore::DocumentTimeline::animatedStyleForRenderer): Declarative animations are backed by KeyframeEffectReadOnly effects, so make sure we check
        for KeyframeEffectReadOnly or one of its subclasses and not just KeyframeEffect since there now are animation types that use the ReadOnly variant.
        (WebCore::DocumentTimeline::runningAnimationsForElementAreAllAccelerated): Same as for animatedStyleForRenderer, check for KeyframeEffectReadOnly
        and not simply KeyframeEffect.
        * animation/KeyframeEffectReadOnly.cpp:
        (WebCore::invalidateElement): Stop forcing a style resolution as we invalidate element, marking them as dirty is sufficient. Calls to getAnimations()
        already force a style resolution as needed.
        (WebCore::KeyframeEffectReadOnly::create): Add a new create() method that only provides a target and which is used by DeclarativeAnimation::initialize().
        (WebCore::KeyframeEffectReadOnly::getKeyframes): The previous implementation of getKeyframes() used the ParsedKeyframe list held as m_parsedKeyframes
        to compute keyframes. In the case of declarative animations, there are no ParsedKeyframe since the JS API was not involved, so we use the blending keyframes
        to look for keyframe data.
        (WebCore::KeyframeEffectReadOnly::computeCSSAnimationBlendingKeyframes): Called by CSSAnimation::initialize(), this function creates blending keyframes by
        looking up the keyframes date obtained from the @keyframes rule with this backing animation's name.
        (WebCore::KeyframeEffectReadOnly::computeCSSTransitionBlendingKeyframes): Called by CSSTransition::create(), this function creates blending keyframes by
        creating a 0-offset keyframe with the old style and a 1-offset keyframe with the new style as provided during TreeResolver::createAnimatedElementUpdate().
        (WebCore::KeyframeEffectReadOnly::stylesWouldYieldNewCSSTransitionsBlendingKeyframes const): Called by AnimationTimeline::updateCSSTransitionsForElement()
        to check that a provided backing Animation and a pair of old and new RenderStyles that may be different objects actually would yield different timing
        properties and keyframe CSS values for a given CSS transition to avoid the deletion and creation of CSSTransition objects.
        (WebCore::KeyframeEffectReadOnly::shouldRunAccelerated): We mistakenly assumed we always had blending keyframes, which is not always the case with a
        CSSTransition where the transition style itself might be set first, but the target value after. So we should only run accelerated provided there are blending
        keyframes at least, the function already returning false if it finds a blending keyframe animating a non-accelerated CSS property.
        (WebCore::KeyframeEffectReadOnly::setAnimatedPropertiesInStyle): Check that there actually is a matching ParsedKeyframe to read the timing function from.
        * animation/KeyframeEffectReadOnly.h:
        (WebCore::KeyframeEffectReadOnly::hasBlendingKeyframes const):
        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::~WebAnimation): We used to do something very wrong when a WebAnimation was destroyed which uncovered crashes when dealing with
        declarative animations. In AnimationTimeline's updateCSSAnimationsForElement() and updateCSSTransitionsForElement(), when we identify that a DeclarativeAnimation
        no longer matches an Animation from the current style's AnimationList, we set that DeclarativeAnimation's effect to null and call removeAnimation() on
        the timeline. This removes all references from AnimationTimeline to this DeclarativeAnimation and leads to ~WebAnimation being called. Calling removeAnimation()
        again in the destructor means that we'd hit ASSERT_WITH_SECURITY_IMPLICATION(!m_deletionHasBegun) in ref(). It was also meaningless to perform this work in
        the WebAnimation destructor since an animation could never be destroyed if it were still registered on a timeline.
        (WebCore::WebAnimation::suspendEffectInvalidation): DeclarativeAnimation instances have their timing model properties set during style invalidation, so we need
        a mechanism to allow the usual effect invalidation to be suspended in this case. We now maintain a simple m_suspendCount count that increases and decreases with
        calls to this method and unsuspendEffectInvalidation() and a isEffectInvalidationSuspended() method returning true whenever that count is positive.
        (WebCore::WebAnimation::unsuspendEffectInvalidation):
        (WebCore::WebAnimation::timingModelDidChange): Check that effect invalidation is not suspended before proceeding with invalidating the effect.
        (WebCore::WebAnimation::setEffect): Check for KeyframeEffectReadOnly and not just KeyframeEffect since declarative animations have ReadOnly effects.
        (WebCore::WebAnimation::setTimeline): Check for KeyframeEffectReadOnly and not just KeyframeEffect since declarative animations have ReadOnly effects.
        (WebCore::WebAnimation::scheduleMicrotaskIfNeeded): Ensure that the WebAnimation's lifecycle is extended at least to the completion of the scheduled microtask.
        This would otherwise cause crashes after declarative animations were destroyed when they were no longer applied.
        (WebCore::WebAnimation::runPendingPlayTask): Only fulfill the "ready" promise if it hasn't already been, which might have been the case if multiple calls to play()
        are made as a result of updating the animation play state in CSSAnimation::syncPropertiesWithBackingAnimation().
        (WebCore::WebAnimation::runPendingPauseTask): Same as above but with multiple pause() calls.
        (WebCore::WebAnimation::startOrStopAccelerated): Check for KeyframeEffectReadOnly and not just KeyframeEffect since declarative animations have ReadOnly effects.
        (WebCore::WebAnimation::canBeListed const): This new method is called by {Document|Element}::getAnimations() to check that an animation is in the correct state to
        be listed. The Web Animations spec explains that only animations "that have an associated target effect which is current or in effect" can be listed. We implement
        this behavior as specified.
        * animation/WebAnimation.h:
        (WebCore::WebAnimation::isDeclarativeAnimation const):
        (WebCore::WebAnimation::isEffectInvalidationSuspended):
        * dom/Document.cpp:
        (WebCore::Document::getAnimations): Ensure that the document's pending styles are resolved before returning animations to ensure that any pending declarative
        animations are created. Additionally, we ensure that we only list qualifying animations that have effects targeting elements that are children of thi document.
        * dom/Element.cpp:
        (WebCore::Element::getAnimations): Same as Document::getAnimations().
        * style/StyleTreeResolver.cpp:
        (WebCore::Style::TreeResolver::createAnimatedElementUpdate): When resolving styles, call into the AnimationTimeline if the runtime flag to enable CSS Animations and
        CSS Transitions as Web Animations is on. Otherwise, use CSSAnimationController.

2018-03-12  Michael Catanzaro  <mcatanzaro@igalia.com>

        [GTK] Crash in WebCore::PlatformDisplayWayland::~PlatformDisplayWayland
        https://bugs.webkit.org/show_bug.cgi?id=176490

        Reviewed by Žan Doberšek.

        Destroy the wl_display with wl_display_disconnect() (client process API), not
        wl_display_destroy() (server process API). It has to be destroyed last, so explicitly
        destroy the wl_registry and wl_compositor first.

        * platform/graphics/wayland/PlatformDisplayWayland.cpp:
        (WebCore::PlatformDisplayWayland::~PlatformDisplayWayland):

2018-03-10  Megan Gardner  <megan_gardner@apple.com>

        Media query for default appearance
        https://bugs.webkit.org/show_bug.cgi?id=183539
        <rdar://problem/38326388>

        Reviewed by Tim Horton.

        Not currently testable, will add tests in a later patch.

        Write a media query to evaluate appearance.

        * css/CSSValueKeywords.in:
        * css/MediaFeatureNames.h:
        * css/MediaQueryEvaluator.cpp:
        (WebCore::defaultAppearanceEvaluate):
        * css/MediaQueryExpression.cpp:
        (WebCore::featureWithValidIdent):
        (WebCore::isFeatureValidWithoutValue):
        * page/Page.h:
        (WebCore::Page::defaultAppearance const):
        (WebCore::Page::setDefaultAppearance):

2018-03-10  Daniel Bates  <dabates@apple.com>

        InlineTextBox should own shadow data
        https://bugs.webkit.org/show_bug.cgi?id=183359
        <rdar://problem/38171343>

        Reviewed by Darin Adler.

        Following r229147 we recompute the selection style, including any shadow data, whenever we
        paint the inline text box. Therefore, InlineTextBox needs to take ownership of the shadow
        data or it may be deallocated before it can be used.

        Covered by existing tests.

        * rendering/InlineTextBox.cpp: Changed data type of InlineTextBox::MarkedTextStyle::textShadow
        from const ShadowData* to std::optional<ShadowData>. Also removed explicitly deleted equality
        and inequality operators as they are unnecessary. Layout tests should catch if these are ever
        implemented and used when painting because the painted results will be wrong.
        (WebCore::InlineTextBox::computeStyleForUnmarkedMarkedText const): Clone ShadowData.
        (WebCore::InlineTextBox::resolveStyleForMarkedText): Simplified logic.
        (WebCore::InlineTextBox::paintMarkedTextForeground): Modified code now that MarkedTextStyle
        holds a std::optional<ShadowData>.
        (WebCore::InlineTextBox::paintMarkedTextDecoration): Ditto.
        * rendering/TextPaintStyle.cpp:
        (WebCore::computeTextSelectionPaintStyle): Changed the out parameter type from const ShadowData*
        to std::optional<ShadowData>& and modified code as needed.
        * rendering/TextPaintStyle.h:
        * rendering/style/ShadowData.cpp: Removed unncessary #include of header LayoutRect.h.
        This header will be included via ShadowData.h.
        (WebCore::ShadowData::clone): Convenience method that returns an std::optional to a
        cloned ShadowData object.
        * rendering/style/ShadowData.h:

2018-03-09  Zalan Bujtas  <zalan@apple.com>

        Turn off offset*/scroll* optimization for input elements with shadow content
        https://bugs.webkit.org/show_bug.cgi?id=182383
        <rdar://problem/37114190>

        Reviewed by Antti Koivisto.

        We normally ensure clean tree before calling offsetHeight/Width, scrollHeight/Width.
        In certain cases (see updateLayoutIfDimensionsOutOfDate() for details), it's okay to return
        the previously computed values even when some part of the tree is dirty.
        In case of shadow content, updateLayoutIfDimensionsOutOfDate() might return false (no need to layout)
        for the root, while true (needs layout) for the shadow content.
        This could confuse the caller (Element::scrollWidth/Height etc) and lead to incorrect result.

        Test: fast/forms/scrollheight-with-mutation-crash.html

        * dom/Document.cpp:
        (WebCore::Document::updateLayoutIfDimensionsOutOfDate):

2018-03-10  Wenson Hsieh  <wenson_hsieh@apple.com>

        [macOS] Copying a table from the Numbers app and pasting into iCloud Numbers fails
        https://bugs.webkit.org/show_bug.cgi?id=183485
        <rdar://problem/38041984>

        Reviewed by Ryosuke Niwa.

        After r222656, WebKit now treats raw image data on the pasteboard as files for the purposes of computing
        DataTransfer.files and DataTransfer.types. However, this is combined with existing policies that suppress
        DataTransfer.getData and DataTransfer.setData when the pasteboard contains files (generalized to copy/paste in
        r222688). This means we now don't allow web pages to access "text/plain" in the case where the user copies part
        of a table from the native Numbers app since Numbers additionally writes a snapshot of the table to the platform
        pasteboard.

        This restriction on getData/setData was intended to prevent web pages from extracting users' file paths when
        pasting or dropping, so it doesn't make sense to enforce this restriction even when there is only in-memory
        image data on the pasteboard. To fix this bug, we make Pasteboard::fileContentState() differentiate between
        cases where there are (real) files on the pasteboard, and cases where we've fallen back to treating image data
        as files.

        Rebaselined existing LayoutTests to match new behavior.
        Also covered by 4 new API tests:
            - PasteMixedContent.ImageDataAndPlainText
            - PasteMixedContent.ImageDataAndPlainTextAndURL
            - PasteMixedContent.ImageDataAndPlainTextAndURLAndHTML
            - UIPasteboardTests.DataTransferGetDataWhenPastingImageAndText

        * dom/DataTransfer.cpp:
        (WebCore::DataTransfer::shouldSuppressGetAndSetDataToAvoidExposingFilePaths const):

        If custom pasteboard data is enabled, suppress getData and setData if and only if we might actually expose file
        paths (see Pasteboard::fileContentState).

        (WebCore::DataTransfer::types const):

        Only allow "text/html" or "text/uri-list" in the case where there are actual files in the pasteboard. If there's
        only image data, add all of the DOM-safe types back into the list of types.

        * platform/Pasteboard.h:
        * platform/StaticPasteboard.h:

        Add an enum type to represent the result of Pasteboard::fileContentState.
        -   NoFileOrImageData indicates that there was nothing on the pasteboard that could be considered a file
            from the point of view of the page.
        -   InMemoryImage indicates that there are no files on the pasteboard, but there is image data that we consider
            to be files, exposed via DataTransfer API.
        -   MayContainFilePaths indicates that there might be file paths on the pasteboard. This means that the source
            has either written file paths to the pasteboard (for example, through NSFilenamesPboardType) or the source
            has written image data along with a URL type of some sort that does not match one of the allowed URL schemes
            that are safe to expose (currently, these are http-family, data, or blob).

        * platform/cocoa/PasteboardCocoa.mm:
        (WebCore::Pasteboard::fileContentState):

        Refactor to return one of the three enum types described above.

        (WebCore::Pasteboard::containsFiles): Deleted.
        * platform/gtk/PasteboardGtk.cpp:
        (WebCore::Pasteboard::fileContentState):
        (WebCore::Pasteboard::containsFiles): Deleted.
        * platform/win/PasteboardWin.cpp:
        (WebCore::Pasteboard::fileContentState):
        (WebCore::Pasteboard::containsFiles): Deleted.
        * platform/wpe/PasteboardWPE.cpp:
        (WebCore::Pasteboard::fileContentState):
        (WebCore::Pasteboard::containsFiles): Deleted.

        Adjust for Pasteboard::fileContentState() tweaks.

2018-03-09  Chris Fleizach  <cfleizach@apple.com>

        AX: WebKit seems to be running spell checker even on non-editable content text
        https://bugs.webkit.org/show_bug.cgi?id=183456
        <rdar://problem/38076042>

        Reviewed by Joanmarie Diggs.

        Test: accessibility/mac/attributed-string/attributed-string-does-not-includes-misspelled-for-non-editable.html

        Only apply misspelled attributes if it's for editable text. It's not useful or performant to do this for static text.

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (AXAttributeStringSetSpelling):

2018-03-09  Nan Wang  <n_wang@apple.com>

        AX: AOM: More accessibility events support
        https://bugs.webkit.org/show_bug.cgi?id=183023
        <rdar://problem/37764380>

        Reviewed by Chris Fleizach.

        The test is crashing when we call updateBackingStore when 
        the AXObjectCache object is gone. Added a check to fix that.

        Modified the test by using the right format of setTimeout and extended the delay.

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::updateBackingStore):

2018-03-09  Ross Kirsling  <ross.kirsling@sony.com>

        Unreviewed. Fix WinCairo build after r229497.

        * platform/MIMETypeRegistry.cpp:
        (WebCore::MIMETypeRegistry::getNormalizedMIMEType):

2018-03-09  Ross Kirsling  <ross.kirsling@sony.com>

        Clean up MIMETypeRegistry::mimeTypeAssociationMap for Curl
        https://bugs.webkit.org/show_bug.cgi?id=170529

        Reviewed by Alex Christensen.

        * platform/MIMETypeRegistry.cpp:
        (WebCore::MIMETypeRegistry::getNormalizedMIMEType):
        (WebCore::mimeTypeAssociationMap): Deleted.
        Create map with makeNeverDestroyed and a loop instead.

2018-03-09  Brian Burg  <bburg@apple.com>

        Web Inspector: there should only be one way for async backend commands to send failure
        https://bugs.webkit.org/show_bug.cgi?id=183524

        Reviewed by Timothy Hatcher.

        Remove some useless ErrorString arguments. Fix some bugs where we
        may never call the callback in an early exit situation.

        Covered by existing Inspector and protocol generator tests.

        * inspector/agents/InspectorDatabaseAgent.cpp:
        (WebCore::InspectorDatabaseAgent::executeSQL):
        * inspector/agents/InspectorDatabaseAgent.h:
        * inspector/agents/InspectorIndexedDBAgent.h:
        * inspector/agents/InspectorIndexedDBAgent.cpp:
        (WebCore::getDocumentAndIDBFactoryFromFrameOrSendFailure):
        (WebCore::InspectorIndexedDBAgent::requestDatabaseNames):
        (WebCore::InspectorIndexedDBAgent::requestDatabase):
        (WebCore::InspectorIndexedDBAgent::requestData):
        (WebCore::InspectorIndexedDBAgent::clearObjectStore):
        (WebCore::assertDocument): Deleted.
        (WebCore::assertIDBFactory): Deleted.
        Modernize this code a little bit to share the document/idbFactory extraction code.

        * inspector/agents/InspectorNetworkAgent.cpp:
        (WebCore::InspectorNetworkAgent::loadResource):
        * inspector/agents/InspectorNetworkAgent.h:

2018-03-09  Youenn Fablet  <youenn@apple.com>

        Crash in ServiceWorkerContainer::ready
        https://bugs.webkit.org/show_bug.cgi?id=183380

        Reviewed by Chris Dumez.

        Not using 'this' through lambdas.
        Instead rely on the last lambda that is passed a ScriptExecutionContext& to get back 'this' which is a ServiceWorkerContainer.

        Should be covered by imported/w3c/web-platform-tests/service-workers/service-worker/register-default-scope.https.html no longer crashing.
        Although it should probably be LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/ready.https.html that should crash
        since this is the main test using ready.

        * workers/service/ServiceWorkerContainer.cpp:
        (WebCore::ServiceWorkerContainer::ready):

2018-03-09  Youenn Fablet  <youenn@apple.com>

        RealtimeOutgoingAudioSource and RealtimeOutgoingVideoSource should be destroyed on the main thread
        https://bugs.webkit.org/show_bug.cgi?id=183483
        <rdar://problem/38214152>

        Reviewed by Eric Carlson.

        When dereferencing from libwebrtc code path, schedule a call to deref on main thread.
        WebCore dereferencing is happening in the main thread so this guarantees destruction on the main thread.

        Covered by updated mock libwebrtc peer connection backend.
        We make mock senders to keep a reference to their source which are RealtimeOutgoingXXSource.
        We then make mock peer connection backend to free the mock senders in a background thread.

        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
        (WebCore::LibWebRTCPeerConnectionBackend::doStop):
        * platform/mediastream/RealtimeOutgoingAudioSource.cpp:
        (WebCore::RealtimeOutgoingAudioSource::stop):
        * platform/mediastream/RealtimeOutgoingAudioSource.h:
        * platform/mediastream/RealtimeOutgoingVideoSource.cpp:
        (WebCore::RealtimeOutgoingVideoSource::stop):
        * platform/mediastream/RealtimeOutgoingVideoSource.h:
        * testing/MockLibWebRTCPeerConnection.cpp:
        (WebCore::ThreadKeeper::create):
        (WebCore::ThreadKeeper::setThread):
        (WebCore::MockLibWebRTCPeerConnection::~MockLibWebRTCPeerConnection):
        * testing/MockLibWebRTCPeerConnection.h:

2018-03-09  Jer Noble  <jer.noble@apple.com>

        Unconditionalize more methods in VideoFullscreenInterface (and related classes)
        https://bugs.webkit.org/show_bug.cgi?id=183501

        Reviewed by Eric Carlson.

        No need for these methods to be PLATFORM(MAC) only.

        * platform/cocoa/PlaybackSessionModel.h:
        (WebCore::PlaybackSessionModelClient::ensureControlsManager):
        * platform/ios/VideoFullscreenInterfaceAVKit.h:
        * platform/ios/VideoFullscreenInterfaceAVKit.mm:
        (VideoFullscreenInterfaceAVKit::isPlayingVideoInEnhancedFullscreen const):
        * platform/mac/VideoFullscreenInterfaceMac.h:

2018-03-09  Youenn Fablet  <youenn@apple.com>

        ServiceWorker should respect IDB and DOMCache partitioning
        https://bugs.webkit.org/show_bug.cgi?id=183496

        Reviewed by Brady Eidson.

        Test: http/wpt/service-workers/third-party-registration.html

        Set the correct top origin of service worker ScriptExecutionContext.

        * workers/service/context/ServiceWorkerThread.cpp:
        (WebCore::ServiceWorkerThread::ServiceWorkerThread):

2018-03-09  Youenn Fablet  <youenn@apple.com>

        Cannot change audio input source device
        https://bugs.webkit.org/show_bug.cgi?id=175975
        <rdar://problem/34073589>

        Reviewed by Eric Carlson.

        Covered by manually testing https://webrtc.github.io/samples/src/content/devices/input-output/ with a USB web cam.

        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioSharedUnit::setCaptureDeviceID):
        (WebCore::CoreAudioCaptureSource::CoreAudioCaptureSource):

2018-03-09  Jer Noble  <jer.noble@apple.com>

        Add new CSS env constants for use with fullscreen
        https://bugs.webkit.org/show_bug.cgi?id=183498

        Reviewed by Dean Jackson.

        Tests: fullscreen/fullscreen-auto-hide-delay.html
               fullscreen/fullscreen-inset-top.html

        * dom/ConstantPropertyMap.cpp:
        (WebCore::ConstantPropertyMap::nameForProperty const):
        (WebCore::variableDataForPositiveDuration):
        (WebCore::ConstantPropertyMap::setFullscreenInsetTop):
        (WebCore::ConstantPropertyMap::setFullscreenAutoHideDelay):
        * dom/ConstantPropertyMap.h:
        * page/Page.cpp:
        (WebCore::Page::setFullscreenInsetTop):
        (WebCore::Page::setFullscreenAutoHideDelay):
        * page/Page.h:
        * testing/Internals.cpp:
        (WebCore::Internals::resetToConsistentState):
        (WebCore::Internals::setFullscreenInsetTop):
        (WebCore::Internals::setFullscreenAutoHideDelay):
        * testing/Internals.h:
        * testing/Internals.idl:

2018-03-09  Zalan Bujtas  <zalan@apple.com>

        RenderTreeBuilder::splitAnonymousBoxesAroundChild should take multicolumn spanners into account.
        https://bugs.webkit.org/show_bug.cgi?id=183493
        <rdar://problem/38030461>

        Reviewed by Antti Koivisto.

        Multicolumn spanners are taken out of their original position and placed next
        to a RenderMultiColumnSet. splitAnonymousBoxesAroundChild needs to know the original parent (in the render tree context).

        Test: fast/multicol/adjust-beforeChild-for-spanner-crash.html

        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::splitAnonymousBoxesAroundChild):
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderBlock.cpp:
        (WebCore::RenderTreeBuilder::Block::attachIgnoringContinuation):
        * rendering/updating/RenderTreeBuilderMultiColumn.cpp:
        (WebCore::RenderTreeBuilder::MultiColumn::adjustBeforeChildForMultiColumnSpannerIfNeeded):
        * rendering/updating/RenderTreeBuilderMultiColumn.h:
        * rendering/updating/RenderTreeBuilderRuby.cpp:
        (WebCore::RenderTreeBuilder::Ruby::moveChildrenInternal):
        * rendering/updating/RenderTreeBuilderTable.cpp:
        (WebCore::RenderTreeBuilder::Table::attach):

2018-03-09  Jer Noble  <jer.noble@apple.com>

        Add isPictureInPictureActive messaging across WebKit process boundary
        https://bugs.webkit.org/show_bug.cgi?id=183499

        Reviewed by Eric Carlson.

        * platform/cocoa/PlaybackSessionModel.h:
        (WebCore::PlaybackSessionModelClient::pictureInPictureActiveChanged):
        * platform/cocoa/PlaybackSessionModelMediaElement.h:
        * platform/cocoa/PlaybackSessionModelMediaElement.mm:
        (WebCore::PlaybackSessionModelMediaElement::updateForEventName):
        (WebCore::PlaybackSessionModelMediaElement::isPictureInPictureActive const):
        * platform/ios/WebVideoFullscreenControllerAVKit.mm:
        (VideoFullscreenControllerContext::isPictureInPictureActive const):

2018-03-09  Basuke Suzuki  <Basuke.Suzuki@sony.com>

        [Curl] Implement connection limit.
        https://bugs.webkit.org/show_bug.cgi?id=183016

        Implement both connection limit per host and total
        connection limit on curl network layer.

        Reviewed by Youenn Fablet.

        No new tests because there's no behavior change.

        * platform/network/curl/CurlContext.cpp:
        (WebCore::EnvironmentVariableReader::sscanTemplate<signed>):
        (WebCore::CurlContext::CurlContext):
        (WebCore::CurlMultiHandle::setMaxConnects):
        (WebCore::CurlMultiHandle::setMaxTotalConnections):
        (WebCore::CurlMultiHandle::setMaxHostConnections):
        * platform/network/curl/CurlContext.h:
        (WebCore::CurlContext::scheduler):
        * platform/network/curl/CurlRequest.cpp:
        (WebCore::CurlRequest::startWithJobManager):
        (WebCore::CurlRequest::cancel):
        (WebCore::CurlRequest::invokeDidReceiveResponseForFile):
        (WebCore::CurlRequest::completeDidReceiveResponse):
        (WebCore::CurlRequest::pausedStatusChanged):
        * platform/network/curl/CurlRequestScheduler.cpp:
        (WebCore::CurlRequestScheduler::CurlRequestScheduler):
        (WebCore::CurlRequestScheduler::workerThread):
        (WebCore::CurlRequestScheduler::singleton): Deleted.
        * platform/network/curl/CurlRequestScheduler.h:

2018-03-09  Jer Noble  <jer.noble@apple.com>

        webkitfullscreenchange event not fired at the same time as :-webkit-full-screen pseudo selector changes; causes glitchiness
        https://bugs.webkit.org/show_bug.cgi?id=183383

        Reviewed by Eric Carlson.

        Fire the webkitfullscreenchange event at the same time as the pseudo class selector changes, during the handling
        of webkitDidEnterFullScreenForElement. For WebKit2 clients, this is guaranteed to be asynchronous, since the
        calling method originates in the UIProcess. For WebKit1 clients (and WKTR and DRT), there's the possibility that
        webkitWillEnterFullScreenForElement will be called synchronously from within
        Document::requestFullScreenForElement(), so break that synchronousness by starting the
        ChromeClient::enterFullScreenForElement(...) process in a async task.

        Previously, the firing of the fullscreenchange event was done through a zero-length timer. Use a
        GenericTaskQueue instead.

        A number of layout tests depend on the behavior that the element will be in fullscreen when the 'playing' event
        fires. This was true for DRT (but not WKTR), since its fullscreen implementations were deliberately synchronous, but
        won't necessarily be true for all ports. Fix this in a subsequent patch.

        * dom/Document.cpp:
        (WebCore::Document::requestFullScreenForElement):
        (WebCore::Document::webkitExitFullscreen):
        (WebCore::Document::webkitWillEnterFullScreenForElement):
        (WebCore::Document::webkitDidEnterFullScreenForElement):
        (WebCore::Document::webkitDidExitFullScreenForElement):
        (WebCore::Document::dispatchFullScreenChangeEvents):
        * dom/Document.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::setReadyState):
        (WebCore::HTMLMediaElement::playInternal):
        (WebCore::HTMLMediaElement::mediaPlayerTimeChanged):
        (WebCore::HTMLMediaElement::updatePlayState):
        (WebCore::HTMLMediaElement::setPlaying):

2018-03-09  Zan Dobersek  <zdobersek@igalia.com>

        [Nicosia] Add threaded PaintingEngine implementation
        https://bugs.webkit.org/show_bug.cgi?id=183511

        Reviewed by Carlos Garcia Campos.

        Add Nicosia::PaintingEngineThreaded, class that internally uses a thread
        pool in which painting tasks are executed.

        Implementation for now defaults to using GLib's GThreadPool, defaulting
        to 4 threads that are exclusive to this pool. These parameters should be
        fine-tuned in the future, or even made configurable, but are a solid
        basis for testing.

        In PaintingEngineThreaded::paint(), PaintingContext implementation is
        used to record all the operations, and the gathered Vector is combined
        with the Buffer object and dispatched into the thread pool. In the
        thread function, the provided buffer and painting operations are run
        through the PaintingContext implementation, replaying all the operations
        on a painting context that draws into the given buffer.

        The recorded operation objects implement the PaintingOperation interface
        contain all the data necessary to replay a given operation. They can be
        executed against a PaintingOperationReplay object, as is the case during
        PaintingContext::replay(), or they can be dumped into a TextStream
        object for debugging purposes.

        PaintingContext now also provides the record() and replay() static
        functions. PaintingContext objects now differ per purpose, which can be
        either for painting or for recording. paint() and replay() use a
        for-painting PaintingContext, and record() uses a for-recording one.
        The for-painting PaintingContext receives a Buffer object, i.e. a memory
        area on which it can draw, while the for-recording PaintingContext uses
        the passed-in PaintingOperations Vector that should store all the
        recorded operations.

        The current Cairo implementation of PaintingContext is moved into
        PaintingContextCairo::ForPainting. PaintingContextCairo::ForRecording is
        added but is currently no-op until a Cairo-specific GraphicsContextImpl
        with recording capabilities is added, allowing any call on the
        GraphicsContext object used in PaintingContext::record() to be recorded
        for later replay. PaintingOperationReplayCairo, inheriting from
        PaintingOperationReplay, will be used for replay purposes, providing
        only reference to the PlatformContextCairo object that is constructed in
        PaintingContextCairo::ForPainting.

        The Cairo-specific GraphicsContextImpl implementation will be added in
        a separate patch. After that, PaintingEngine::create() will be modified
        so that the Nicosia::PaintingEngineThreaded implementation can be used
        for testing purposes, probably by setting an environment variable.

        * platform/TextureMapper.cmake:
        * platform/graphics/nicosia/NicosiaPaintingContext.cpp:
        (Nicosia::PaintingContext::createForPainting):
        (Nicosia::PaintingContext::createForRecording):
        (Nicosia::PaintingContext::create): Deleted.
        * platform/graphics/nicosia/NicosiaPaintingContext.h:
        (Nicosia::PaintingContext::paint):
        (Nicosia::PaintingContext::record):
        (Nicosia::PaintingContext::replay):
        * platform/graphics/nicosia/NicosiaPaintingEngineThreaded.cpp: Added.
        (Nicosia::s_threadFunc):
        (Nicosia::paintLayer):
        (Nicosia::PaintingEngineThreaded::PaintingEngineThreaded):
        (Nicosia::PaintingEngineThreaded::~PaintingEngineThreaded):
        (Nicosia::PaintingEngineThreaded::paint):
        * platform/graphics/nicosia/NicosiaPaintingEngineThreaded.h: Copied from Source/WebCore/platform/graphics/nicosia/NicosiaPaintingContext.cpp.
        * platform/graphics/nicosia/NicosiaPaintingOperation.h: Copied from Source/WebCore/platform/graphics/nicosia/NicosiaPaintingContext.cpp.
        * platform/graphics/nicosia/cairo/NicosiaPaintingContextCairo.cpp:
        (Nicosia::PaintingContextCairo::ForPainting::ForPainting):
        (Nicosia::PaintingContextCairo::ForPainting::~ForPainting):
        (Nicosia::PaintingContextCairo::ForPainting::graphicsContext):
        (Nicosia::PaintingContextCairo::ForPainting::replay):
        (Nicosia::PaintingContextCairo::ForRecording::ForRecording):
        (Nicosia::PaintingContextCairo::ForRecording::graphicsContext):
        (Nicosia::PaintingContextCairo::ForRecording::replay):
        (Nicosia::PaintingContextCairo::PaintingContextCairo): Deleted.
        (Nicosia::PaintingContextCairo::~PaintingContextCairo): Deleted.
        (Nicosia::PaintingContextCairo::graphicsContext): Deleted.
        * platform/graphics/nicosia/cairo/NicosiaPaintingContextCairo.h:
        * platform/graphics/nicosia/cairo/NicosiaPaintingOperationReplayCairo.h: Copied from Source/WebCore/platform/graphics/nicosia/NicosiaPaintingContext.cpp.
        (Nicosia::PaintingOperationReplayCairo::PaintingOperationReplayCairo):

2018-03-09  Zan Dobersek  <zdobersek@igalia.com>

        Remove some unused cruft in TextureMapperLayer.

        The ScrollingClient class is not used anymore since r229318.
        findScrollableContentsLayerAt() is similarly unused, but also lacking
        an actual definition. ContentsLayerCount enum can also be purged.

        Rubber-stamped by Carlos Garcia Campos.

        * platform/graphics/texmap/TextureMapperLayer.h:

2018-03-08  Zan Dobersek  <zdobersek@igalia.com>

        Add basic synchronization capability to Nicosia::Buffer
        https://bugs.webkit.org/show_bug.cgi?id=183500

        Reviewed by Carlos Garcia Campos.

        Have Nicosia::Buffer track a painting state, and allow that state to be
        modified and accessed from different threads. The PaintingState enum
        value is protected by a Lock object, and can be modified via the
        beginPainting() and completePainting() methods. Additionally, the
        waitUntilPaintingComplete() method allows the caller to wait until the
        painting is complete for the given Nicosia::Buffer object.

        This added state doesn't affect a Nicosia::Buffer object internally, and
        doesn't have any effect on  existing usages of Nicosia::Buffer (which
        are not multi-threaded).

        * platform/graphics/nicosia/NicosiaBuffer.cpp:
        (Nicosia::Buffer::beginPainting):
        (Nicosia::Buffer::completePainting):
        (Nicosia::Buffer::waitUntilPaintingComplete):
        * platform/graphics/nicosia/NicosiaBuffer.h:

2018-03-08  Zan Dobersek  <zdobersek@igalia.com>

        Move NicosiaPaintingContextCairo files under Cairo-specific directory
        https://bugs.webkit.org/show_bug.cgi?id=183497

        Reviewed by Carlos Garcia Campos.

        Pack Cairo-specific files in the Nicosia subsystem under cairo/.

        * platform/TextureMapper.cmake:
        * platform/graphics/nicosia/cairo/NicosiaPaintingContextCairo.cpp: Renamed from Source/WebCore/platform/graphics/nicosia/NicosiaPaintingContextCairo.cpp.
        * platform/graphics/nicosia/cairo/NicosiaPaintingContextCairo.h: Renamed from Source/WebCore/platform/graphics/nicosia/NicosiaPaintingContextCairo.h.

2018-03-08  Nan Wang  <n_wang@apple.com>

        AX: AOM: More accessibility events support
        https://bugs.webkit.org/show_bug.cgi?id=183023
        <rdar://problem/37764380>

        Reviewed by Chris Fleizach.

        Fixed the crash that we shouldn't dispatch the accessibility events if the
        event path is empty.

        Also added a check to not dispatch events if the runtime flag is not enabled.

        Test: accessibility/mac/AOM-events-webarea-crash.html

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::shouldDispatchAccessibilityEvent const):
        (WebCore::AccessibilityObject::dispatchAccessibilityEvent const):
        * accessibility/AccessibilityObject.h:

2018-03-08  Megan Gardner  <megan_gardner@apple.com>

        Allow WebViews to disable system appearance
        https://bugs.webkit.org/show_bug.cgi?id=183418
        <rdar://problem/36975642>

        Reviewed by Tim Horton.

        Not currently testable, tests will be added in a later patch.

        Allow webviews to choose whether or not to follow the default system appearance.

        * css/StyleColor.cpp:
        (WebCore::StyleColor::colorFromKeyword):
        * css/StyleColor.h:
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::colorFromPrimitiveValue const):
        * css/parser/CSSParser.cpp:
        (WebCore::CSSParser::parseSystemColor):
        * css/parser/CSSParser.h:
        * css/parser/CSSParserMode.h:
        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::drawFocusIfNeededInternal):
        * html/canvas/CanvasRenderingContext2DBase.cpp:
        (WebCore::CanvasRenderingContext2DBase::setStrokeColor):
        (WebCore::CanvasRenderingContext2DBase::setFillColor):
        * html/canvas/CanvasStyle.cpp:
        (WebCore::parseColor):
        (WebCore::parseColorOrCurrentColor):
        (WebCore::CanvasStyle::createFromString):
        (WebCore::CanvasStyle::createFromStringWithOverrideAlpha):
        * html/canvas/CanvasStyle.h:
        * page/Page.h:
        (WebCore::Page::useSystemAppearance const):
        (WebCore::Page::setUseSystemAppearance):
        * platform/Theme.cpp:
        (WebCore::Theme::paint):
        * platform/Theme.h:
        * platform/mac/LocalDefaultSystemAppearance.h:
        * platform/mac/LocalDefaultSystemAppearance.mm:
        (WebCore::LocalDefaultSystemAppearance::LocalDefaultSystemAppearance):
        (WebCore::LocalDefaultSystemAppearance::~LocalDefaultSystemAppearance):
        * platform/mac/ThemeMac.h:
        * platform/mac/ThemeMac.mm:
        (-[WebCoreThemeView initWithUseSystemAppearance:]):
        (WebCore::paintToggleButton):
        (WebCore::paintButton):
        (WebCore::ThemeMac::ensuredView):
        (WebCore::ThemeMac::drawCellOrFocusRingWithViewIntoContext):
        (WebCore::ThemeMac::paint):
        (-[WebCoreThemeView init]): Deleted.
        * rendering/RenderTheme.cpp:
        (WebCore::RenderTheme::paint):
        (WebCore::RenderTheme::systemColor const):
        (WebCore::RenderTheme::focusRingColor):
        * rendering/RenderTheme.h:
        (WebCore::RenderTheme::platformFocusRingColor const):
        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::systemColor const):
        * rendering/RenderThemeMac.h:
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::documentViewFor const):
        (WebCore::RenderThemeMac::platformFocusRingColor const):
        (WebCore::RenderThemeMac::systemColor const):
        (WebCore::RenderThemeMac::paintCellAndSetFocusedElementNeedsRepaintIfNecessary):
        (WebCore::RenderThemeMac::paintSliderThumb):
        * rendering/TextPaintStyle.cpp:
        (WebCore::computeTextPaintStyle):

2018-03-08  Megan Gardner  <megan_gardner@apple.com>

        Ensure default appearance for selection form control
        https://bugs.webkit.org/show_bug.cgi?id=183482
        <rdar://problem/38274894>

        Reviewed by Tim Horton.
  
        The appearance for selection form controls was not set to default.

        Not currently testable, will add tests in a later patch.

        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::platformInactiveListBoxSelectionBackgroundColor const):

2018-03-08  Per Arne Vollan  <pvollan@apple.com>

        [Win] Compile error: pal/ExportMacros.h not found.
        https://bugs.webkit.org/show_bug.cgi?id=183467

        Reviewed by Brent Fulgham.

        PAL header files are no longer located under the WebCore folder in forwarding headers. An additional
        build step is required to copy the PAL header files to the internal include folder.

        No new tests, no change in functionality. 

        * PlatformWin.cmake:
        * WebCore.vcxproj/WebCore.proj:

2018-03-08  Megan Gardner  <megan_gardner@apple.com>

        Ensure system appearance is default for legacy webkit
        https://bugs.webkit.org/show_bug.cgi?id=183473
        <rdar://problem/38210306>

        Reviewed by Tim Horton.

        Need to set the appearance on the window for legacy webkit due to differences in drawing.

        Not currently testable, will add tests in a later patch.

        * platform/mac/ThemeMac.mm:
        (WebCore::paintButton):

2018-03-08  Youenn Fablet  <youenn@apple.com>

        libwebrtc update broke internal builds
        https://bugs.webkit.org/show_bug.cgi?id=183454

        Reviewed by Eric Carlson.

        No change of behavior.
        Fixed header search paths.
        Removed deleted file from XCode project as an additional clean-up.

        * Configurations/WebCore.xcconfig:
        * WebCore.xcodeproj/project.pbxproj:

2018-03-08  Per Arne Vollan  <pvollan@apple.com>

        NSAnimation is not working in the WebContent process when WindowServer access is blocked.
        https://bugs.webkit.org/show_bug.cgi?id=183291

        Reviewed by Dean Jackson.

        The animation can be implemented by using an NSTimer instead. Use the existing Bezier timing
        function to create a smooth animation.

        No new tests. This code is used to fade scrollbars in and out by animating the alpha value.
        This scrollbar setting is not the default in macOS, which makes it non trivial to create
        layout tests for this.

        * platform/mac/ScrollAnimatorMac.mm:
        (-[WebScrollbarPartAnimation initWithScrollbar:featureToAnimate:animateFrom:animateTo:duration:]):
        (-[WebScrollbarPartAnimation startAnimation]):
        (-[WebScrollbarPartAnimation setCurrentProgress:setCurrentProgress:]):
        (-[WebScrollbarPartAnimation invalidate]):
        (-[WebScrollbarPartAnimation setDuration:]):
        (-[WebScrollbarPartAnimation stopAnimation]):
        (-[WebScrollbarPartAnimation setCurrentProgress:]): Deleted.

2018-03-08  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Templatize SVGAnimatedType
        https://bugs.webkit.org/show_bug.cgi?id=183017

        Reviewed by Dean Jackson.

        This is a work toward https://bugs.webkit.org/show_bug.cgi?id=168586. The
        goal to have SVGAnimatedType be type independent. The appropriate method
        of this template will be implicitly instantiated based to the type of the
        animated attribute(s).

        * Sources.txt: Delete SVGAnimatedType.cpp since its function became template
        functions or short enough to be inline functions.
        * WebCore.xcodeproj/project.pbxproj:
        * svg/SVGAnimatedAngle.cpp:
        (WebCore::SVGAnimatedAngleAnimator::constructFromString):
        (WebCore::SVGAnimatedAngleAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedAngleAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedAngleAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedAngleAnimator::calculateAnimatedValue):
        Use the template functions SVGAnimatedType::create<>() and SVGAnimatedType::as<>().

        * svg/SVGAnimatedBoolean.cpp:
        (WebCore::SVGAnimatedBooleanAnimator::constructFromString):
        (WebCore::SVGAnimatedBooleanAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedBooleanAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedBooleanAnimator::calculateAnimatedValue):
        Ditto.

        * svg/SVGAnimatedColor.cpp:
        (WebCore::SVGAnimatedColorAnimator::constructFromString):
        (WebCore::SVGAnimatedColorAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedColorAnimator::calculateAnimatedValue):
        Ditto.

        * svg/SVGAnimatedEnumeration.cpp:
        (WebCore::SVGAnimatedEnumerationAnimator::constructFromString):
        (WebCore::SVGAnimatedEnumerationAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedEnumerationAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedEnumerationAnimator::calculateAnimatedValue):
        Ditto.

        * svg/SVGAnimatedInteger.cpp:
        (WebCore::SVGAnimatedIntegerAnimator::constructFromString):
        (WebCore::SVGAnimatedIntegerAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedIntegerAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedIntegerAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedIntegerAnimator::calculateAnimatedValue):
        Ditto.

        * svg/SVGAnimatedIntegerOptionalInteger.cpp:
        (WebCore::SVGAnimatedIntegerOptionalIntegerAnimator::constructFromString):
        (WebCore::SVGAnimatedIntegerOptionalIntegerAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedIntegerOptionalIntegerAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedIntegerOptionalIntegerAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedIntegerOptionalIntegerAnimator::calculateAnimatedValue):
        Ditto.

        * svg/SVGAnimatedLength.cpp:
        (WebCore::SVGAnimatedLengthAnimator::constructFromString):
        (WebCore::SVGAnimatedLengthAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedLengthAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedLengthAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedLengthAnimator::calculateAnimatedValue):
        Ditto.

        * svg/SVGAnimatedLengthList.cpp:
        (WebCore::SVGAnimatedLengthListAnimator::constructFromString):
        (WebCore::SVGAnimatedLengthListAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedLengthListAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedLengthListAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedLengthListAnimator::calculateAnimatedValue):
        Ditto.

        * svg/SVGAnimatedNumber.cpp:
        (WebCore::SVGAnimatedNumberAnimator::constructFromString):
        (WebCore::SVGAnimatedNumberAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedNumberAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedNumberAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedNumberAnimator::calculateAnimatedValue):
        Ditto.

        * svg/SVGAnimatedNumberList.cpp:
        (WebCore::SVGAnimatedNumberListAnimator::constructFromString):
        (WebCore::SVGAnimatedNumberListAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedNumberListAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedNumberListAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedNumberListAnimator::calculateAnimatedValue):
        Ditto.

        * svg/SVGAnimatedNumberOptionalNumber.cpp:
        (WebCore::SVGAnimatedNumberOptionalNumberAnimator::constructFromString):
        (WebCore::SVGAnimatedNumberOptionalNumberAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedNumberOptionalNumberAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedNumberOptionalNumberAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedNumberOptionalNumberAnimator::calculateAnimatedValue):
        Ditto.

        * svg/SVGAnimatedPath.cpp:
        (WebCore::SVGAnimatedPathAnimator::constructFromString):
        (WebCore::SVGAnimatedPathAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedPathAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedPathAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedPathAnimator::calculateAnimatedValue):
        Ditto.

        * svg/SVGAnimatedPointList.cpp:
        (WebCore::SVGAnimatedPointListAnimator::constructFromString):
        (WebCore::SVGAnimatedPointListAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedPointListAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedPointListAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedPointListAnimator::calculateAnimatedValue):
        Ditto.

        * svg/SVGAnimatedPreserveAspectRatio.cpp:
        (WebCore::SVGAnimatedPreserveAspectRatioAnimator::constructFromString):
        (WebCore::SVGAnimatedPreserveAspectRatioAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedPreserveAspectRatioAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedPreserveAspectRatioAnimator::calculateAnimatedValue):
        Ditto.

        * svg/SVGAnimatedRect.cpp:
        (WebCore::SVGAnimatedRectAnimator::constructFromString):
        (WebCore::SVGAnimatedRectAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedRectAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedRectAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedRectAnimator::calculateAnimatedValue):
        Ditto.

        * svg/SVGAnimatedString.cpp:
        (WebCore::SVGAnimatedStringAnimator::constructFromString):
        (WebCore::SVGAnimatedStringAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedStringAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedStringAnimator::calculateAnimatedValue):
        Ditto.

        * svg/SVGAnimatedTransformList.cpp:
        (WebCore::SVGAnimatedTransformListAnimator::constructFromString):
        (WebCore::SVGAnimatedTransformListAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedTransformListAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedTransformListAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedTransformListAnimator::calculateAnimatedValue):
        (WebCore::SVGAnimatedTransformListAnimator::calculateDistance):
        Ditto.

        * svg/SVGAnimatedType.cpp: Removed.
        * svg/SVGAnimatedType.h:
        (WebCore::SVGAnimatedType::create):
        (WebCore::SVGAnimatedType::SVGAnimatedType):
        (WebCore::SVGAnimatedType::~SVGAnimatedType):
        (WebCore::SVGAnimatedType::as const):
        (WebCore::SVGAnimatedType::as):
        (WebCore::SVGAnimatedType::type const):
        (WebCore::SVGAnimatedType::valueAsString const):
        (WebCore::SVGAnimatedType::setValueAsString):
        (WebCore::SVGAnimatedType::supportsAnimVal):
        (WebCore::SVGAnimatedType::angleAndEnumeration const): Deleted.
        (WebCore::SVGAnimatedType::boolean const): Deleted.
        (WebCore::SVGAnimatedType::color const): Deleted.
        (WebCore::SVGAnimatedType::enumeration const): Deleted.
        (WebCore::SVGAnimatedType::integer const): Deleted.
        (WebCore::SVGAnimatedType::integerOptionalInteger const): Deleted.
        (WebCore::SVGAnimatedType::length const): Deleted.
        (WebCore::SVGAnimatedType::lengthList const): Deleted.
        (WebCore::SVGAnimatedType::number const): Deleted.
        (WebCore::SVGAnimatedType::numberList const): Deleted.
        (WebCore::SVGAnimatedType::numberOptionalNumber const): Deleted.
        (WebCore::SVGAnimatedType::path const): Deleted.
        (WebCore::SVGAnimatedType::pointList const): Deleted.
        (WebCore::SVGAnimatedType::preserveAspectRatio const): Deleted.
        (WebCore::SVGAnimatedType::rect const): Deleted.
        (WebCore::SVGAnimatedType::string const): Deleted.
        (WebCore::SVGAnimatedType::transformList const): Deleted.
        (WebCore::SVGAnimatedType::angleAndEnumeration): Deleted.
        (WebCore::SVGAnimatedType::boolean): Deleted.
        (WebCore::SVGAnimatedType::color): Deleted.
        (WebCore::SVGAnimatedType::enumeration): Deleted.
        (WebCore::SVGAnimatedType::integer): Deleted.
        (WebCore::SVGAnimatedType::integerOptionalInteger): Deleted.
        (WebCore::SVGAnimatedType::length): Deleted.
        (WebCore::SVGAnimatedType::lengthList): Deleted.
        (WebCore::SVGAnimatedType::number): Deleted.
        (WebCore::SVGAnimatedType::numberList): Deleted.
        (WebCore::SVGAnimatedType::numberOptionalNumber): Deleted.
        (WebCore::SVGAnimatedType::path): Deleted.
        (WebCore::SVGAnimatedType::pointList): Deleted.
        (WebCore::SVGAnimatedType::preserveAspectRatio): Deleted.
        (WebCore::SVGAnimatedType::rect): Deleted.
        (WebCore::SVGAnimatedType::string): Deleted.
        (WebCore::SVGAnimatedType::transformList): Deleted.
        Replace the union by a Variant. Replace all the type specific functions
        by the template functions create() and as(). Use WTF::visit to get the
        value stored in the variant. Use the SVGPropertyTraits to perform the
        required operation.

        * svg/SVGAnimatedTypeAnimator.h:
        (WebCore::SVGAnimatedTypeAnimator::constructFromBaseValue):
        (WebCore::SVGAnimatedTypeAnimator::resetFromBaseValue):
        (WebCore::SVGAnimatedTypeAnimator::stopAnimValAnimationForType):
        (WebCore::SVGAnimatedTypeAnimator::animValDidChangeForType):
        (WebCore::SVGAnimatedTypeAnimator::animValWillChangeForType):
        (WebCore::SVGAnimatedTypeAnimator::constructFromBaseValues):
        (WebCore::SVGAnimatedTypeAnimator::resetFromBaseValues):
        (WebCore::SVGAnimatedTypeAnimator::stopAnimValAnimationForTypes):
        (WebCore::SVGAnimatedTypeAnimator::animValDidChangeForTypes):
        (WebCore::SVGAnimatedTypeAnimator::animValWillChangeForTypes):
        (WebCore::SVGAnimatedTypeAnimator::executeAction):
        Rename the parameters and the local variables to match their types. Use
        the SVGAnimatedType template functions create() and as().

        * svg/SVGLengthValue.h:
        (WebCore::SVGPropertyTraits<SVGLengthValue>::parse): This was moved from
        SVGAnimatedType::setValueAsString()
        (WebCore::SVGPropertyTraits<SVGLengthValue>::toString): This was moved from
        SVGAnimatedType::valueAsString().

        * svg/SVGMarkerTypes.h: Add placeholders for parse() and toString() so
        SVGAnimatedType::valueAsString() and setValueAsString() can compile for 
        all types.

        * svg/SVGNumberListValues.h:
        (WebCore::SVGPropertyTraits<SVGNumberListValues>::parse):
        * svg/SVGPathByteStream.h:
        (WebCore::SVGPropertyTraits<SVGPathByteStream>::parse):
        (WebCore::SVGPropertyTraits<SVGPathByteStream>::toString):
        * svg/SVGPointListValues.h:
        (WebCore::SVGPropertyTraits<SVGPointListValues>::parse):
        (WebCore::SVGPropertyTraits<SVGPointListValues>::toString):
        * svg/SVGPreserveAspectRatioValue.h:
        (WebCore::SVGPropertyTraits<SVGPreserveAspectRatioValue>::fromString):
        (WebCore::SVGPropertyTraits<SVGPreserveAspectRatioValue>::parse):
        (WebCore::SVGPropertyTraits<SVGPreserveAspectRatioValue>::toString):
        Ditto.

        * svg/SVGTransformListValues.h:
        (WebCore::SVGPropertyTraits<SVGTransformListValues>::parse):
        Ditto.

        * svg/SVGValue.h: Added. SVGValueVariant is the replacement of the union
        SVGAnimatedType::DataUnion.

        * svg/properties/SVGPropertyInfo.h:
        Add a minimum and maximum AnimatedPropertyType so, SVGAnimatedType::type()
        can assert that the index of the variant is in the range of this enum.

        * svg/properties/SVGPropertyTraits.h:
        (WebCore::SVGPropertyTraits<bool>::parse):
        (WebCore::SVGPropertyTraits<unsigned>::parse):
        (WebCore::SVGPropertyTraits<int>::parse):
        Ditto.

2018-03-08  Yusuke Suzuki  <utatane.tea@gmail.com>

        [JSC][WebCore] Extend jsDynamicCast for WebCore types in WebCore and remove jsDynamicDowncast
        https://bugs.webkit.org/show_bug.cgi?id=183449

        Reviewed by Mark Lam.

        This patch removes jsDynamicDowncast. Our JSC::jsDynamicCast can have a way to inject a fast
        path that is similar to jsDynamicDowncast. WebCore can leverage this functionality to add
        a fast path for WebCore's extended JS object types (JSEvent, JSElement, JSNode, and JSDocument).

        No behavior change.

        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/CommonVM.cpp:
        (WebCore::lexicalFrameFromCommonVM):
        * bindings/js/JSDOMConvertBufferSource.h:
        (WebCore::toPossiblySharedArrayBufferView):
        * bindings/js/JSDOMConvertPromise.h:
        (WebCore::Converter<IDLPromise<T>>::convert):
        * bindings/js/JSDOMExceptionHandling.cpp:
        (WebCore::reportException):
        (WebCore::retrieveErrorMessage):
        * bindings/js/JSDOMIterator.h:
        (WebCore::IteratorTraits>::next):
        * bindings/js/JSDOMWindowProxy.cpp:
        (WebCore::JSDOMWindowProxy::toWrapped):
        * bindings/js/JSDOMWrapperCache.h:
        * bindings/js/JSDocumentCustom.h:
        (JSC::JSCastingHelpers::InheritsTraits<WebCore::JSDocument>::inherits):
        (WebCore::jsDocumentCast): Deleted.
        * bindings/js/JSDynamicDowncast.h: Removed.
        * bindings/js/JSElementCustom.h:
        (JSC::JSCastingHelpers::InheritsTraits<WebCore::JSElement>::inherits):
        (WebCore::jsElementCast): Deleted.
        * bindings/js/JSEventCustom.h:
        (JSC::JSCastingHelpers::InheritsTraits<WebCore::JSEvent>::inherits):
        (WebCore::jsEventCast): Deleted.
        * bindings/js/JSEventTargetCustom.cpp:
        (WebCore::jsEventTargetCast):
        * bindings/js/JSNodeCustom.h:
        (JSC::JSCastingHelpers::InheritsTraits<WebCore::JSNode>::inherits):
        (WebCore::jsNodeCast): Deleted.
        * bindings/js/JSPluginElementFunctions.cpp:
        (WebCore::pluginElementPropertyGetter):
        * bindings/js/JSReadableStreamSourceCustom.cpp:
        (WebCore::JSReadableStreamSource::start):
        * bindings/js/JSWorkerGlobalScopeBase.cpp:
        (WebCore::toJSDedicatedWorkerGlobalScope):
        (WebCore::toJSWorkerGlobalScope):
        (WebCore::toJSServiceWorkerGlobalScope):
        * bindings/js/ReadableStream.cpp:
        (WebCore::ReadableStream::create):
        (WebCore::ReadableStream::isDisturbed):
        * bindings/js/ReadableStream.h:
        (WebCore::JSReadableStreamWrapperConverter::toWrapped):
        * bindings/js/ScriptModuleLoader.cpp:
        (WebCore::ScriptModuleLoader::evaluate):
        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneSerializer::dumpIfTerminal):
        (WebCore::CloneSerializer::serialize):
        * bindings/js/StructuredClone.cpp:
        (WebCore::structuredCloneArrayBufferView):
        * bindings/scripts/CodeGeneratorJS.pm:
        (GetCastingHelperForThisObject):
        (GenerateImplementation):
        * bindings/scripts/test/JS/JSInterfaceName.cpp:
        (WebCore::jsInterfaceNameConstructor):
        (WebCore::setJSInterfaceNameConstructor):
        (WebCore::JSInterfaceName::toWrapped):
        * bindings/scripts/test/JS/JSMapLike.cpp:
        (WebCore::IDLAttribute<JSMapLike>::cast):
        (WebCore::IDLOperation<JSMapLike>::cast):
        (WebCore::jsMapLikeConstructor):
        (WebCore::setJSMapLikeConstructor):
        (WebCore::JSMapLike::toWrapped):
        * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
        (WebCore::IDLAttribute<JSReadOnlyMapLike>::cast):
        (WebCore::IDLOperation<JSReadOnlyMapLike>::cast):
        (WebCore::jsReadOnlyMapLikeConstructor):
        (WebCore::setJSReadOnlyMapLikeConstructor):
        (WebCore::JSReadOnlyMapLike::toWrapped):
        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        (WebCore::IDLAttribute<JSTestActiveDOMObject>::cast):
        (WebCore::IDLOperation<JSTestActiveDOMObject>::cast):
        (WebCore::jsTestActiveDOMObjectConstructor):
        (WebCore::setJSTestActiveDOMObjectConstructor):
        (WebCore::JSTestActiveDOMObject::toWrapped):
        * bindings/scripts/test/JS/JSTestCEReactions.cpp:
        (WebCore::IDLAttribute<JSTestCEReactions>::cast):
        (WebCore::IDLOperation<JSTestCEReactions>::cast):
        (WebCore::jsTestCEReactionsConstructor):
        (WebCore::setJSTestCEReactionsConstructor):
        (WebCore::JSTestCEReactions::toWrapped):
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
        (WebCore::IDLAttribute<JSTestCEReactionsStringifier>::cast):
        (WebCore::IDLOperation<JSTestCEReactionsStringifier>::cast):
        (WebCore::jsTestCEReactionsStringifierConstructor):
        (WebCore::setJSTestCEReactionsStringifierConstructor):
        (WebCore::JSTestCEReactionsStringifier::toWrapped):
        * bindings/scripts/test/JS/JSTestCallTracer.cpp:
        (WebCore::IDLAttribute<JSTestCallTracer>::cast):
        (WebCore::IDLOperation<JSTestCallTracer>::cast):
        (WebCore::jsTestCallTracerConstructor):
        (WebCore::setJSTestCallTracerConstructor):
        (WebCore::JSTestCallTracer::toWrapped):
        * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
        (WebCore::jsTestClassWithJSBuiltinConstructorConstructor):
        (WebCore::setJSTestClassWithJSBuiltinConstructorConstructor):
        (WebCore::JSTestClassWithJSBuiltinConstructor::toWrapped):
        * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
        (WebCore::jsTestCustomConstructorWithNoInterfaceObjectConstructor):
        (WebCore::setJSTestCustomConstructorWithNoInterfaceObjectConstructor):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObject::toWrapped):
        * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
        (WebCore::IDLAttribute<JSTestDOMJIT>::cast):
        (WebCore::IDLOperation<JSTestDOMJIT>::cast):
        (WebCore::jsTestDOMJITConstructor):
        (WebCore::setJSTestDOMJITConstructor):
        * bindings/scripts/test/JS/JSTestEnabledBySetting.cpp:
        (WebCore::IDLAttribute<JSTestEnabledBySetting>::cast):
        (WebCore::IDLOperation<JSTestEnabledBySetting>::cast):
        (WebCore::jsTestEnabledBySettingConstructor):
        (WebCore::setJSTestEnabledBySettingConstructor):
        (WebCore::JSTestEnabledBySetting::toWrapped):
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        (WebCore::IDLAttribute<JSTestEventConstructor>::cast):
        (WebCore::jsTestEventConstructorConstructor):
        (WebCore::setJSTestEventConstructorConstructor):
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        (WebCore::IDLOperation<JSTestEventTarget>::cast):
        (WebCore::jsTestEventTargetConstructor):
        (WebCore::setJSTestEventTargetConstructor):
        (WebCore::JSTestEventTarget::toWrapped):
        * bindings/scripts/test/JS/JSTestException.cpp:
        (WebCore::IDLAttribute<JSTestException>::cast):
        (WebCore::jsTestExceptionConstructor):
        (WebCore::setJSTestExceptionConstructor):
        (WebCore::JSTestException::toWrapped):
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
        (WebCore::IDLAttribute<JSTestGenerateIsReachable>::cast):
        (WebCore::jsTestGenerateIsReachableConstructor):
        (WebCore::setJSTestGenerateIsReachableConstructor):
        (WebCore::JSTestGenerateIsReachable::toWrapped):
        * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
        (WebCore::IDLAttribute<JSTestGlobalObject>::cast):
        (WebCore::IDLOperation<JSTestGlobalObject>::cast):
        (WebCore::jsTestGlobalObjectConstructor):
        (WebCore::setJSTestGlobalObjectConstructor):
        (WebCore::JSTestGlobalObject::toWrapped):
        * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp:
        (WebCore::jsTestIndexedSetterNoIdentifierConstructor):
        (WebCore::setJSTestIndexedSetterNoIdentifierConstructor):
        (WebCore::JSTestIndexedSetterNoIdentifier::toWrapped):
        * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp:
        (WebCore::jsTestIndexedSetterThrowingExceptionConstructor):
        (WebCore::setJSTestIndexedSetterThrowingExceptionConstructor):
        (WebCore::JSTestIndexedSetterThrowingException::toWrapped):
        * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp:
        (WebCore::IDLOperation<JSTestIndexedSetterWithIdentifier>::cast):
        (WebCore::jsTestIndexedSetterWithIdentifierConstructor):
        (WebCore::setJSTestIndexedSetterWithIdentifierConstructor):
        (WebCore::JSTestIndexedSetterWithIdentifier::toWrapped):
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        (WebCore::IDLAttribute<JSTestInterface>::cast):
        (WebCore::IDLOperation<JSTestInterface>::cast):
        (WebCore::jsTestInterfaceConstructor):
        (WebCore::setJSTestInterfaceConstructor):
        (WebCore::JSTestInterface::toWrapped):
        * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp:
        (WebCore::IDLAttribute<JSTestInterfaceLeadingUnderscore>::cast):
        (WebCore::jsTestInterfaceLeadingUnderscoreConstructor):
        (WebCore::setJSTestInterfaceLeadingUnderscoreConstructor):
        (WebCore::JSTestInterfaceLeadingUnderscore::toWrapped):
        * bindings/scripts/test/JS/JSTestIterable.cpp:
        (WebCore::IDLOperation<JSTestIterable>::cast):
        (WebCore::jsTestIterableConstructor):
        (WebCore::setJSTestIterableConstructor):
        (WebCore::JSTestIterable::toWrapped):
        * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
        (WebCore::IDLAttribute<JSTestJSBuiltinConstructor>::cast):
        (WebCore::IDLOperation<JSTestJSBuiltinConstructor>::cast):
        (WebCore::jsTestJSBuiltinConstructorConstructor):
        (WebCore::setJSTestJSBuiltinConstructorConstructor):
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
        (WebCore::IDLOperation<JSTestMediaQueryListListener>::cast):
        (WebCore::jsTestMediaQueryListListenerConstructor):
        (WebCore::setJSTestMediaQueryListListenerConstructor):
        (WebCore::JSTestMediaQueryListListener::toWrapped):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp:
        (WebCore::jsTestNamedAndIndexedSetterNoIdentifierConstructor):
        (WebCore::setJSTestNamedAndIndexedSetterNoIdentifierConstructor):
        (WebCore::JSTestNamedAndIndexedSetterNoIdentifier::toWrapped):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp:
        (WebCore::jsTestNamedAndIndexedSetterThrowingExceptionConstructor):
        (WebCore::setJSTestNamedAndIndexedSetterThrowingExceptionConstructor):
        (WebCore::JSTestNamedAndIndexedSetterThrowingException::toWrapped):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp:
        (WebCore::IDLOperation<JSTestNamedAndIndexedSetterWithIdentifier>::cast):
        (WebCore::jsTestNamedAndIndexedSetterWithIdentifierConstructor):
        (WebCore::setJSTestNamedAndIndexedSetterWithIdentifierConstructor):
        (WebCore::JSTestNamedAndIndexedSetterWithIdentifier::toWrapped):
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
        (WebCore::jsTestNamedConstructorConstructor):
        (WebCore::setJSTestNamedConstructorConstructor):
        (WebCore::JSTestNamedConstructor::toWrapped):
        * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp:
        (WebCore::jsTestNamedDeleterNoIdentifierConstructor):
        (WebCore::setJSTestNamedDeleterNoIdentifierConstructor):
        (WebCore::JSTestNamedDeleterNoIdentifier::toWrapped):
        * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp:
        (WebCore::jsTestNamedDeleterThrowingExceptionConstructor):
        (WebCore::setJSTestNamedDeleterThrowingExceptionConstructor):
        (WebCore::JSTestNamedDeleterThrowingException::toWrapped):
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp:
        (WebCore::IDLOperation<JSTestNamedDeleterWithIdentifier>::cast):
        (WebCore::jsTestNamedDeleterWithIdentifierConstructor):
        (WebCore::setJSTestNamedDeleterWithIdentifierConstructor):
        (WebCore::JSTestNamedDeleterWithIdentifier::toWrapped):
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp:
        (WebCore::jsTestNamedDeleterWithIndexedGetterConstructor):
        (WebCore::setJSTestNamedDeleterWithIndexedGetterConstructor):
        (WebCore::JSTestNamedDeleterWithIndexedGetter::toWrapped):
        * bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp:
        (WebCore::jsTestNamedGetterCallWithConstructor):
        (WebCore::setJSTestNamedGetterCallWithConstructor):
        (WebCore::JSTestNamedGetterCallWith::toWrapped):
        * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp:
        (WebCore::jsTestNamedGetterNoIdentifierConstructor):
        (WebCore::setJSTestNamedGetterNoIdentifierConstructor):
        (WebCore::JSTestNamedGetterNoIdentifier::toWrapped):
        * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp:
        (WebCore::IDLOperation<JSTestNamedGetterWithIdentifier>::cast):
        (WebCore::jsTestNamedGetterWithIdentifierConstructor):
        (WebCore::setJSTestNamedGetterWithIdentifierConstructor):
        (WebCore::JSTestNamedGetterWithIdentifier::toWrapped):
        * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp:
        (WebCore::jsTestNamedSetterNoIdentifierConstructor):
        (WebCore::setJSTestNamedSetterNoIdentifierConstructor):
        (WebCore::JSTestNamedSetterNoIdentifier::toWrapped):
        * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp:
        (WebCore::jsTestNamedSetterThrowingExceptionConstructor):
        (WebCore::setJSTestNamedSetterThrowingExceptionConstructor):
        (WebCore::JSTestNamedSetterThrowingException::toWrapped):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp:
        (WebCore::IDLOperation<JSTestNamedSetterWithIdentifier>::cast):
        (WebCore::jsTestNamedSetterWithIdentifierConstructor):
        (WebCore::setJSTestNamedSetterWithIdentifierConstructor):
        (WebCore::JSTestNamedSetterWithIdentifier::toWrapped):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp:
        (WebCore::IDLOperation<JSTestNamedSetterWithIndexedGetter>::cast):
        (WebCore::jsTestNamedSetterWithIndexedGetterConstructor):
        (WebCore::setJSTestNamedSetterWithIndexedGetterConstructor):
        (WebCore::JSTestNamedSetterWithIndexedGetter::toWrapped):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp:
        (WebCore::IDLOperation<JSTestNamedSetterWithIndexedGetterAndSetter>::cast):
        (WebCore::jsTestNamedSetterWithIndexedGetterAndSetterConstructor):
        (WebCore::setJSTestNamedSetterWithIndexedGetterAndSetterConstructor):
        (WebCore::JSTestNamedSetterWithIndexedGetterAndSetter::toWrapped):
        * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp:
        (WebCore::jsTestNamedSetterWithOverrideBuiltinsConstructor):
        (WebCore::setJSTestNamedSetterWithOverrideBuiltinsConstructor):
        (WebCore::JSTestNamedSetterWithOverrideBuiltins::toWrapped):
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp:
        (WebCore::IDLAttribute<JSTestNamedSetterWithUnforgableProperties>::cast):
        (WebCore::IDLOperation<JSTestNamedSetterWithUnforgableProperties>::cast):
        (WebCore::jsTestNamedSetterWithUnforgablePropertiesConstructor):
        (WebCore::setJSTestNamedSetterWithUnforgablePropertiesConstructor):
        (WebCore::JSTestNamedSetterWithUnforgableProperties::toWrapped):
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp:
        (WebCore::IDLAttribute<JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins>::cast):
        (WebCore::IDLOperation<JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins>::cast):
        (WebCore::jsTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltinsConstructor):
        (WebCore::setJSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltinsConstructor):
        (WebCore::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins::toWrapped):
        * bindings/scripts/test/JS/JSTestNode.cpp:
        (WebCore::IDLAttribute<JSTestNode>::cast):
        (WebCore::IDLOperation<JSTestNode>::cast):
        (WebCore::jsTestNodeConstructor):
        (WebCore::setJSTestNodeConstructor):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::IDLAttribute<JSTestObj>::cast):
        (WebCore::IDLOperation<JSTestObj>::cast):
        (WebCore::jsTestObjConstructor):
        (WebCore::setJSTestObjConstructor):
        (WebCore::JSTestObj::toWrapped):
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        (WebCore::jsTestOverloadedConstructorsConstructor):
        (WebCore::setJSTestOverloadedConstructorsConstructor):
        (WebCore::JSTestOverloadedConstructors::toWrapped):
        * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
        (WebCore::jsTestOverloadedConstructorsWithSequenceConstructor):
        (WebCore::setJSTestOverloadedConstructorsWithSequenceConstructor):
        (WebCore::JSTestOverloadedConstructorsWithSequence::toWrapped):
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
        (WebCore::IDLOperation<JSTestOverrideBuiltins>::cast):
        (WebCore::jsTestOverrideBuiltinsConstructor):
        (WebCore::setJSTestOverrideBuiltinsConstructor):
        (WebCore::JSTestOverrideBuiltins::toWrapped):
        * bindings/scripts/test/JS/JSTestPluginInterface.cpp:
        (WebCore::jsTestPluginInterfaceConstructor):
        (WebCore::setJSTestPluginInterfaceConstructor):
        (WebCore::JSTestPluginInterface::toWrapped):
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:
        (WebCore::IDLAttribute<JSTestPromiseRejectionEvent>::cast):
        (WebCore::jsTestPromiseRejectionEventConstructor):
        (WebCore::setJSTestPromiseRejectionEventConstructor):
        * bindings/scripts/test/JS/JSTestSerialization.cpp:
        (WebCore::IDLAttribute<JSTestSerialization>::cast):
        (WebCore::IDLOperation<JSTestSerialization>::cast):
        (WebCore::jsTestSerializationConstructor):
        (WebCore::setJSTestSerializationConstructor):
        (WebCore::JSTestSerialization::toWrapped):
        * bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.cpp:
        (WebCore::jsTestSerializationIndirectInheritanceConstructor):
        (WebCore::setJSTestSerializationIndirectInheritanceConstructor):
        * bindings/scripts/test/JS/JSTestSerializationInherit.cpp:
        (WebCore::IDLAttribute<JSTestSerializationInherit>::cast):
        (WebCore::IDLOperation<JSTestSerializationInherit>::cast):
        (WebCore::jsTestSerializationInheritConstructor):
        (WebCore::setJSTestSerializationInheritConstructor):
        * bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp:
        (WebCore::IDLAttribute<JSTestSerializationInheritFinal>::cast):
        (WebCore::IDLOperation<JSTestSerializationInheritFinal>::cast):
        (WebCore::jsTestSerializationInheritFinalConstructor):
        (WebCore::setJSTestSerializationInheritFinalConstructor):
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
        (WebCore::IDLAttribute<JSTestSerializedScriptValueInterface>::cast):
        (WebCore::IDLOperation<JSTestSerializedScriptValueInterface>::cast):
        (WebCore::jsTestSerializedScriptValueInterfaceConstructor):
        (WebCore::setJSTestSerializedScriptValueInterfaceConstructor):
        (WebCore::JSTestSerializedScriptValueInterface::toWrapped):
        * bindings/scripts/test/JS/JSTestStringifier.cpp:
        (WebCore::IDLOperation<JSTestStringifier>::cast):
        (WebCore::jsTestStringifierConstructor):
        (WebCore::setJSTestStringifierConstructor):
        (WebCore::JSTestStringifier::toWrapped):
        * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp:
        (WebCore::IDLOperation<JSTestStringifierAnonymousOperation>::cast):
        (WebCore::jsTestStringifierAnonymousOperationConstructor):
        (WebCore::setJSTestStringifierAnonymousOperationConstructor):
        (WebCore::JSTestStringifierAnonymousOperation::toWrapped):
        * bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp:
        (WebCore::IDLOperation<JSTestStringifierNamedOperation>::cast):
        (WebCore::jsTestStringifierNamedOperationConstructor):
        (WebCore::setJSTestStringifierNamedOperationConstructor):
        (WebCore::JSTestStringifierNamedOperation::toWrapped):
        * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp:
        (WebCore::IDLOperation<JSTestStringifierOperationImplementedAs>::cast):
        (WebCore::jsTestStringifierOperationImplementedAsConstructor):
        (WebCore::setJSTestStringifierOperationImplementedAsConstructor):
        (WebCore::JSTestStringifierOperationImplementedAs::toWrapped):
        * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp:
        (WebCore::IDLOperation<JSTestStringifierOperationNamedToString>::cast):
        (WebCore::jsTestStringifierOperationNamedToStringConstructor):
        (WebCore::setJSTestStringifierOperationNamedToStringConstructor):
        (WebCore::JSTestStringifierOperationNamedToString::toWrapped):
        * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp:
        (WebCore::IDLAttribute<JSTestStringifierReadOnlyAttribute>::cast):
        (WebCore::IDLOperation<JSTestStringifierReadOnlyAttribute>::cast):
        (WebCore::jsTestStringifierReadOnlyAttributeConstructor):
        (WebCore::setJSTestStringifierReadOnlyAttributeConstructor):
        (WebCore::JSTestStringifierReadOnlyAttribute::toWrapped):
        * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp:
        (WebCore::IDLAttribute<JSTestStringifierReadWriteAttribute>::cast):
        (WebCore::IDLOperation<JSTestStringifierReadWriteAttribute>::cast):
        (WebCore::jsTestStringifierReadWriteAttributeConstructor):
        (WebCore::setJSTestStringifierReadWriteAttributeConstructor):
        (WebCore::JSTestStringifierReadWriteAttribute::toWrapped):
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        (WebCore::IDLAttribute<JSTestTypedefs>::cast):
        (WebCore::IDLOperation<JSTestTypedefs>::cast):
        (WebCore::jsTestTypedefsConstructor):
        (WebCore::setJSTestTypedefsConstructor):
        (WebCore::JSTestTypedefs::toWrapped):
        * bridge/objc/WebScriptObject.mm:
        (-[WebScriptObject setValue:forKey:]):
        * bridge/runtime_array.cpp:
        (JSC::RuntimeArray::lengthGetter):
        * bridge/runtime_method.cpp:
        (JSC::RuntimeMethod::lengthGetter):
        * html/HTMLMediaElement.cpp:
        (WebCore::controllerJSValue):
        (WebCore::HTMLMediaElement::updateCaptionContainer):
        (WebCore::HTMLMediaElement::didAddUserAgentShadowRoot):
        * inspector/agents/InspectorDOMAgent.cpp:
        (WebCore::InspectorDOMAgent::buildObjectForEventListener):

2018-03-08  Yusuke Suzuki  <utatane.tea@gmail.com>

        [JSC] Add inherits<T>(VM&) leveraging JSCast fast path
        https://bugs.webkit.org/show_bug.cgi?id=183429

        Reviewed by Mark Lam.

        * bindings/js/IDBBindingUtilities.cpp:
        (WebCore::createIDBKeyFromValue):
        * bindings/js/JSDOMConvertDate.cpp:
        (WebCore::valueToDate):
        * bindings/js/JSDOMGlobalObject.cpp:
        (WebCore::JSDOMGlobalObject::scriptExecutionContext const):
        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::JSDOMWindow::toWrapped):
        * bindings/js/JSEventTargetCustom.cpp:
        * bindings/js/JSNodeCustom.cpp:
        (WebCore::JSNode::pushEventHandlerScope const):
        * bindings/js/JSXPathNSResolverCustom.cpp:
        (WebCore::JSXPathNSResolver::toWrapped):
        * bindings/js/ScriptState.cpp:
        (WebCore::domWindowFromExecState):
        (WebCore::scriptExecutionContextFromExecState):
        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneSerializer::isArray):
        (WebCore::CloneSerializer::isMap):
        (WebCore::CloneSerializer::isSet):
        (WebCore::CloneSerializer::dumpArrayBufferView):
        (WebCore::CloneSerializer::dumpDOMPoint):
        (WebCore::CloneSerializer::dumpDOMRect):
        (WebCore::CloneSerializer::dumpDOMMatrix):
        (WebCore::CloneSerializer::dumpIfTerminal):
        (WebCore::CloneDeserializer::CloneDeserializer):
        (WebCore::CloneDeserializer::readArrayBufferView):
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateOverloadDispatcher):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethodOverloadDispatcher):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethodWithOptionalParameterOverloadDispatcher):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethodWithDistinguishingUnionOverloadDispatcher):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethodWith2DistinguishingUnionsOverloadDispatcher):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethodWithNonDistinguishingUnionOverloadDispatcher):
        (WebCore::jsTestObjPrototypeFunctionOverloadWithNullableUnionOverloadDispatcher):
        (WebCore::jsTestObjPrototypeFunctionOverloadWithNullableNonDistinguishingParameterOverloadDispatcher):
        (WebCore::jsTestObjPrototypeFunctionTestPromiseOverloadedFunctionOverloadDispatcher):
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        (WebCore::JSTestOverloadedConstructorsConstructor::construct):
        * bridge/c/c_instance.cpp:
        (JSC::Bindings::CInstance::invokeMethod):
        * bridge/objc/WebScriptObject.mm:
        (+[WebScriptObject _convertValueToObjcValue:originRootObject:rootObject:]):
        * bridge/objc/objc_instance.mm:
        (ObjcInstance::invokeMethod):
        * bridge/objc/objc_runtime.mm:
        (JSC::Bindings::callObjCFallbackObject):
        * bridge/runtime_method.cpp:
        (JSC::callRuntimeMethod):
        * bridge/runtime_object.cpp:
        (JSC::Bindings::callRuntimeObject):
        (JSC::Bindings::callRuntimeConstructor):
        * inspector/WebInjectedScriptHost.cpp:
        (WebCore::WebInjectedScriptHost::subtype):
        (WebCore::WebInjectedScriptHost::isHTMLAllCollection):

2018-03-08  Tim Horton  <timothy_horton@apple.com>

        Stop linking ApplicationServices directly
        https://bugs.webkit.org/show_bug.cgi?id=182867
        <rdar://problem/38252142>

        Reviewed by Alex Christensen.

        The frameworks that we use that live inside ApplicationServices
        have mostly moved out, so import them directly.

        * Configurations/WebCore.xcconfig:
        * html/canvas/CanvasRenderingContext2D.cpp:
        * html/canvas/CanvasRenderingContext2DBase.cpp:
        * platform/MIMETypeRegistry.cpp:
        * platform/graphics/ComplexTextController.cpp:
        * platform/graphics/cg/ColorCG.cpp:
        * platform/graphics/cg/ImageDecoderCG.cpp:
        * platform/graphics/cg/UTIRegistry.cpp:
        * platform/graphics/cocoa/FontCocoa.mm:
        * platform/graphics/mac/ComplexTextControllerCoreText.mm:
        * platform/graphics/mac/GlyphPageMac.cpp:
        * platform/graphics/mac/PDFDocumentImageMac.mm:
        * platform/graphics/mac/SimpleFontDataCoreText.cpp:
        * platform/graphics/win/FontCGWin.cpp:
        * platform/graphics/win/FontCacheWin.cpp:
        * platform/graphics/win/FontCustomPlatformData.cpp:
        * platform/graphics/win/FontPlatformDataCGWin.cpp:
        * platform/graphics/win/ImageCGWin.cpp:
        * platform/graphics/win/SimpleFontDataCGWin.cpp:

2018-03-07  Tim Horton  <timothy_horton@apple.com>

        Sort and separate FeatureDefines.xcconfig
        https://bugs.webkit.org/show_bug.cgi?id=183427

        Reviewed by Dan Bernstein.

        * Configurations/FeatureDefines.xcconfig:
        Sort and split FeatureDefines into paragraphs
        (to make it easier to sort later).

2018-03-07  Zalan Bujtas  <zalan@apple.com>

        Invalid innerTextRenderer in RenderTextControlSingleLine::styleDidChange()
        https://bugs.webkit.org/show_bug.cgi?id=183385
        <rdar://problem/38085397>

        Reviewed by Antti Koivisto.

        When HTMLInputElement::updateType() is called with a dirty value, we eagerly change the m_inputType first
        and then we take care of the dirty value by calling setAttributeWithoutSynchronization().
        With a DOMSubtreeModified event listener attached, setAttributeWithoutSynchronization() can end up running some
        layout code (offsetHeight) with a renderer - m_inputType mismatch.

        This patch ensures that we don't change the m_inputType until after we finished setting the new value.

        Test: fast/DOM/HTMLInputElement/input-value-and-type-change-crash.html

        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::updateType):

2018-03-07  Chris Dumez  <cdumez@apple.com>

        Get rid of custom bindings for History's replaceState() / pushState()
        https://bugs.webkit.org/show_bug.cgi?id=183372

        Reviewed by Youenn Fablet.

        Get rid of custom bindings for History's replaceState() / pushState() by
        moving the cached state from the wrapper to the History implementation
        object.

        No new tests, no web-facing behavior change.

        * bindings/js/JSHistoryCustom.cpp:
        (WebCore::JSHistory::state const):
        (WebCore::JSHistory::visitAdditionalChildren):
        * page/History.cpp:
        (WebCore::History::cachedState):
        (WebCore::History::stateObjectAdded):
        * page/History.h:
        (WebCore::History::pushState):
        (WebCore::History::replaceState):
        * page/History.idl:

2018-03-07  Youenn Fablet  <youenn@apple.com>

        Match unsupported plugins based on domains and not origin
        https://bugs.webkit.org/show_bug.cgi?id=183384

        Reviewed by Chris Dumez.

        Move from an origin-keyed map to a vector of plugins.
        We iterate through the vector and a match happens if the page host name ends with the provided matching domain.
        This allows supporting rules for *.mydomain.com by passing 'mydomain.com'.
        Covered by existing tests.
        We are not testing subdomains like www.localhost since there is no support in our CI but this is tested through Unit tests.

        * loader/EmptyClients.cpp:
        * platform/URL.cpp:
        (WebCore::URL::isMatchingDomain const):
        * platform/URL.h:
        * plugins/PluginData.h:
        (WebCore::isSupportedPlugin):
        (WebCore::SupportedPluginName::decode):
        (WebCore::SupportedPluginName::encode const):
        * plugins/PluginInfoProvider.h:

2017-12-18  Youenn Fablet  <youenn@apple.com>

        Update to libwebrtc revision 4e70a72571dd26b85c2385e9c618e343428df5d3
        https://bugs.webkit.org/show_bug.cgi?id=180843

        Reviewed by Eric Carlson.

        Covered by existing tests.

        Moving H264 codecs and factories to libwebrtc.
        Updating LibWebRTCProvider according new libwebrtc API.
        Updating ref counting according new libwebrtc API.

        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.h:
        (WebCore::LibWebRTCMediaEndpoint::AddRef const):
        (WebCore::LibWebRTCMediaEndpoint::Release const):
        (WTF::LogArgument<webrtc::RTCStats>::toString):
        * WebCore.xcodeproj/project.pbxproj:
        * platform/mediastream/RealtimeOutgoingAudioSource.h:
        * platform/mediastream/RealtimeOutgoingVideoSource.h:
        * platform/mediastream/libwebrtc/LibWebRTCAudioModule.h:
        * platform/mediastream/libwebrtc/LibWebRTCProvider.cpp:
        (WebCore::LibWebRTCProvider::createPeerConnectionFactory):
        * platform/mediastream/libwebrtc/LibWebRTCProvider.h:
        * platform/mediastream/libwebrtc/LibWebRTCProviderCocoa.cpp:
        (WebCore::LibWebRTCProviderCocoa::~LibWebRTCProviderCocoa):
        (WebCore::LibWebRTCProviderCocoa::createDecoderFactory):
        (WebCore::LibWebRTCProviderCocoa::createEncoderFactory):
        (WebCore::LibWebRTCProviderCocoa::setActive):
        * platform/mediastream/libwebrtc/LibWebRTCProviderCocoa.h:
        * platform/mediastream/libwebrtc/VideoToolBoxDecoderFactory.cpp: Removed.
        * platform/mediastream/libwebrtc/VideoToolBoxEncoderFactory.cpp: Removed.
        * platform/mediastream/mac/RealtimeOutgoingVideoSourceCocoa.cpp:
        (WebCore::ConvertToI420):
        (WebCore::RealtimeOutgoingVideoSourceCocoa::sampleBufferUpdated):
        * testing/Internals.cpp:
        (WebCore::Internals::setH264HardwareEncoderAllowed):
        * testing/MockLibWebRTCPeerConnection.h:

2018-03-07  Sihui Liu  <sihui_liu@apple.com>

        replaceState cause back/forward malfunction on html page with <base href="/"> tag
        https://bugs.webkit.org/show_bug.cgi?id=182678
        <rdar://problem/37517821>

        Reviewed by Chris Dumez.

        replaceState should not change URL when the URL argument is NULL, but should change URL when the URL argument is an empty string.

        Test: http/tests/history/replacestate-no-url.html

        * page/History.cpp:
        (WebCore::History::urlForState):

2018-03-07  Antti Koivisto  <antti@apple.com>

        Don't invalidate descendants for sibling combinators unless needed
        https://bugs.webkit.org/show_bug.cgi?id=183410
        <rdar://problem/38227297>

        Reviewed by Zalan Bujtas.

        If we know the matched sibling combinator doesn't affect descendants we shouldn't invalidate them.

        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::matchRecursively const):

            Use different bit for the descendant case.

        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::fragmentMatchesTheRightmostElement):

            Remove unneeded context assert.

        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateSelectorChecker):

            Use different bit for the descendant case.

        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateSelectorCheckerExcludingPseudoElements):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementHasPseudoElement):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateRequestedPseudoElementEqualsToSelectorPseudoElement):
        * dom/Element.cpp:
        (WebCore::invalidateForSiblingCombinators):

            Invalidate the target sibling or all descendants based on the bits.

        * dom/Element.h:
        (WebCore::Element::descendantsAffectedByPreviousSibling const):
        (WebCore::Element::setDescendantsAffectedByPreviousSibling const):
        * dom/Node.h:
        * style/StyleRelations.cpp:
        (WebCore::Style::commitRelationsToRenderStyle):
        (WebCore::Style::commitRelations):
        * style/StyleRelations.h:

            Add DescendantsAffectedByPreviousSibling bit. AffectedByPreviousSibling is now just about the target element.

2018-03-07  Antti Koivisto  <antti@apple.com>

        checkForSiblingStyleChanges should use internal versions of the invalidation functions
        https://bugs.webkit.org/show_bug.cgi?id=183405
        <rdar://problem/38218310>

        Reviewed by Zalan Bujtas.

        Non-internal invalidateStyleForElement/Subtree() implement sibling combinator invalidation. Checking this
        is only needed if the element in question changed somehow. In checkForSiblingStyleChanges we know that
        another element changed and we really just want to invalidate.

        * css/SelectorChecker.cpp:
        (WebCore::isFirstOfType):
        (WebCore::SelectorChecker::checkOne const):

        Also make :first-of-type use ChildrenAffectedByForwardPositionalRules for invalidation similar to :last-of-type
        for more correct invalidation.

        * dom/Element.cpp:
        (WebCore::checkForSiblingStyleChanges):

2018-03-07  Yusuke Suzuki  <utatane.tea@gmail.com>

        HTML `pattern` attribute should set `u` flag for regular expressions
        https://bugs.webkit.org/show_bug.cgi?id=151598

        Reviewed by Chris Dumez.

        This patch attaches "u" flag to the RegExp compiled for HTML "pattern" attribute[1].

        [1]: https://html.spec.whatwg.org/multipage/forms.html#the-pattern-attribute

        * html/BaseTextInputType.cpp:
        (WebCore::BaseTextInputType::patternMismatch const):

2018-03-07  Frederic Wang  <fwang@igalia.com>

        Relayout frames after AsyncFrameScrolling or FrameFlattening option is changed
        https://bugs.webkit.org/show_bug.cgi?id=183081

        Reviewed by Antonio Gomes.

        The frames may be resized when the FrameFlattening option is modified and hence this patch
        forces a relayout. It also does that when AsyncFrameScrolling is modified too, since that
        may imply changes in frame flattening after bug 173704. Forcing a relayout will also be
        enough to trigger other updates for async frame scrolling in the future (see bug 149264 and
        bug 171667).

        Test: platform/ios/fast/frames/flattening/iframe-flattening-async-frame-scrolling-dynamic.html

        * page/Settings.yaml: Call setNeedsRelayoutAllFrames when one of the AsyncFrameScrolling or
        FrameFlattening options is changed.
        * page/SettingsBase.cpp: Include RenderWidget to make call on frame->ownerRenderer().
        (WebCore::SettingsBase::setNeedsRelayoutAllFrames):  Make layout and preferred widths dirty
        on all frames in the page and schedule a relayout.
        * page/SettingsBase.h: Declare setNeedsRelayoutAllFrames().

2018-03-07  Alejandro G. Castro  <alex@igalia.com>

        Make NetworkRTCResolver port agnostic
        https://bugs.webkit.org/show_bug.cgi?id=178855

        Reviewed by Youenn Fablet.

        Add new API in the DNSResolveQueue allowing to revolve hostnames and get the result. Add platform
        specific code for soup platform and refactor the other platforms. Added new API to the DNS API header
        and move the general code to the DNS.cpp file, that way we can reuse that code in all the platforms
        and leave the ResolveQueue class of the platforms in a file.

        No new tests because this is a refactor.

        * PlatformAppleWin.cmake: Move the DNSCFNet class to DNSResolveQueueCFNet.
        * PlatformMac.cmake: Ditto.
        * Sources.txt: Add the DNS.cpp for compilation.
        * SourcesCocoa.txt: Move the DNSCFNet class to DNSResolveQueueCFNet.
        * WebCore.xcodeproj/project.pbxproj: Move the DNSCFNet class to DNSResolveQueueCFNet, add the DNS.cpp
        for compilation. Add the new DNSResolveQueueCFNet class.
        * platform/Curl.cmake: Move the DNSCFNet class to DNSResolveQueueCurl.
        * platform/network/DNS.cpp: Add this file with the default implementation of the DNS functions for
        all the platforms.
        (WebCore::prefetchDNS): Copied from every platform implementation.
        (WebCore::resolveDNS): Add the function, resolves a hostname, receives the identifier of the operation
        and the completion handler.
        (WebCore::stopResolveDNS): Add the function, stops a resolution operation, receives the identifier
        of the operation.
        * platform/network/DNS.h: Add the new APIs resolveDNS and stopResolveDNS with the classes used for the
        implementation.
        (WebCore::IPAddress::IPAddress): Add this class used to send the resolved address information, it does
        not depend on libwebrtc rtc classes.
        (WebCore::IPAddress::get): Get a reference to the struct sockaddr_in in the IPAddress class.
        (WebCore::DNSCompletionHandler): Add this CompletionHandler type to be used when resolving the DNS
        address.
        * platform/network/DNSResolveQueue.cpp: Add the DNSResolveQueue platform instantiation in the singleton.
        (WebCore::DNSResolveQueue::singleton): Use DNSResolveQueue platform classes when creating the singleton..
        (WebCore::DNSResolveQueue::resolve): Add this method to get the address of a hostname, it sends the
        identifier and the completion handler to use when returning the result.
        (WebCore::DNSResolveQueue::stopResolve): Add this method to stop the resolve operation when required.
        * platform/network/DNSResolveQueue.h: Add the new methods and make the class abstract, so that every
        platform can implement the functions.
        * platform/network/cf/DNSResolveQueueCFNet.cpp: Renamed from Source/WebCore/platform/network/cf/DNSCFNet.cpp.
        Add the methods to the new class DNSResolveQueueCFNet, move the prefetchDNS to the DNS.cpp general
        implementation.
        * platform/network/cf/DNSResolveQueueCFNet.h: Add the new class inheriting from the DNSResolveQueue. Add the
        new methods, we have to implement these methods and move the NetworkRTCResolver for COCOA code here.
        (WebCore::DNSResolveQueueCF::resolve): Dummy method, not implemented.
        (WebCore::DNSResolveQueueCF::stopResolve): Ditto.
        * platform/network/curl/DNSResolveQueueCurl.cpp: Renamed from Source/WebCore/platform/network/curl/DNSCurl.cpp.
        * platform/network/curl/DNSResolveQueueCurl.h: Add the new class inheriting from the DNSResolveQueue.
        (WebCore::DNSResolveQueueCurl::resolve): Ditto.
        (WebCore::DNSResolveQueueCurl::stopResolve): Ditto.
        * platform/network/soup/DNSResolveQueueSoup.h: New class inheriting from the DNSResolveQueue class, adding
        a HasMap with the active operations, it allows stopping them.
        * platform/network/soup/DNSResolveQueueSoup.cpp: Renamed from Source/WebCore/platform/network/curl/DNSSoup.cpp.
        (WebCore::resolvedWithObserverCallback): Called when the result address from the soup platform is ready,
        sends the address to the completion handler.
        (WebCore::DNSResolveQueueSoup::resolve): Launch the resolve operation with the soup library.
        (WebCore::DNSResolveQueueSoup::stopResolve): Stop the resolve operation on process with a GCancellable.

2018-03-06  Brian Burg  <bburg@apple.com>

        [Cocoa] Stop copying ForwardingHeaders directory that no longer exists
        https://bugs.webkit.org/show_bug.cgi?id=183396

        Reviewed by Dan Bernstein.

        * WebCore.xcodeproj/project.pbxproj:
        Rename the phase to "Copy ICU Headers". ForwardingHeaders are no longer a thing.

2018-03-06  Youenn Fablet  <youenn@apple.com>

        didReceiveServerRedirectForProvisionalNavigation is not called in case of document redirection with service worker registration change
        https://bugs.webkit.org/show_bug.cgi?id=183299
        <rdar://problem/37547029>

        Reviewed by Alex Christensen.

        In case of redirection with service worker registration change, we cancel the load and create a new one.
        This prevent ResourceLoader::willSendRequestInternal to call the didReceiveServerRedirectForProvisionalNavigation
        callback. We thus explictly call this callback after restarting the load with the new service worker step.
        We only call this callback if the main resource is there as we do not want to call it if it was blocked by content extension.

        Test: http/wpt/service-workers/navigation-redirect-main-frame.https.html

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::restartLoadingDueToServiceWorkerRegistrationChange):

2018-03-06  Basuke Suzuki  <Basuke.Suzuki@sony.com>

        [Curl] Remove unnecessary copied ResourceRequest member variable.
        https://bugs.webkit.org/show_bug.cgi?id=183010

        Reviewed by Youenn Fablet.

        * platform/network/ResourceHandle.h:
        * platform/network/ResourceHandleInternal.h:
        (WebCore::ResourceHandleInternal::ResourceHandleInternal):
        * platform/network/curl/CurlRequest.h:
        (WebCore::CurlRequest::resourceRequest const):
        * platform/network/curl/ResourceHandleCurl.cpp:
        (WebCore::ResourceHandle::start):
        (WebCore::ResourceHandle::addCacheValidationHeaders):
        (WebCore::ResourceHandle::createCurlRequest):
        (WebCore::ResourceHandle::restartRequestWithCredential):
        (WebCore::ResourceHandle::continueAfterWillSendRequest):

2018-03-06  Nan Wang  <n_wang@apple.com>

        AX: Flaky test after r229310
        https://bugs.webkit.org/show_bug.cgi?id=183376
        <rdar://problem/38188685>

        Reviewed by Chris Fleizach.

        The test that forces the context menu to show sometimes locks up 
        the test runner. Also, we missed a case where calling AXShowMenu
        action on a combobox is not dispatching the accessibility event.

        Using the combobox example to test the event dispatching in order to
        avoid the test hang.

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper accessibilityPerformShowMenuAction]):
        (-[WebAccessibilityObjectWrapper accessibilityShowContextMenu]):

2018-03-06  Chris Dumez  <cdumez@apple.com>

        fast/loader/redirect-to-invalid-url-using-meta-refresh-disallowed.html fails with async policy delegates
        https://bugs.webkit.org/show_bug.cgi?id=183345

        Reviewed by Alex Christensen.

        FrameLoader::loadURL() was calling loadWithNavigationAction() and then resetting the
        m_quickRedirectComing flag right after. This works if the navigation policy decision
        triggered by loadWithNavigationAction() is made synchronously. However, when it is
        made asynchronously, the flag gets reset too early, before the policy decision
        handler has been called. This is an issue because the policy decision handler
        relies on the m_quickRedirectComing flag.

        Similarly, FrameLoader::loadFrameRequest() was calling loadPostRequest() / loadURL()
        and then focusing a frame right after. This does not work as intended when the navigation
        policy decision is made asynchronously.

        To address the issue, we now pass a completion handler that gets called when the operation
        has actually completion, after the policy decision has been made. This maintains the
        behavior in place with synchronous policy delegates.

        Test: fast/loader/redirect-to-invalid-url-using-meta-refresh-disallowed-async-delegates.html

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadURLIntoChildFrame):
        (WebCore::FrameLoader::loadFrameRequest):
        (WebCore::FrameLoader::loadURL):
        (WebCore::FrameLoader::loadWithNavigationAction):
        (WebCore::FrameLoader::load):
        (WebCore::FrameLoader::loadWithDocumentLoader):
        (WebCore::FrameLoader::reloadWithOverrideEncoding):
        (WebCore::FrameLoader::reload):
        (WebCore::FrameLoader::loadPostRequest):
        (WebCore::FrameLoader::continueLoadAfterNewWindowPolicy):
        (WebCore::FrameLoader::loadDifferentDocumentItem):
        * loader/FrameLoader.h:

2018-03-06  Antoine Quint  <graouts@apple.com>

        [Web Animations] Add a new CSSTransition subclass of WebAnimation
        https://bugs.webkit.org/show_bug.cgi?id=183373
        <rdar://problem/38181985>

        Reviewed by Dean Jackson.

        Adding a new CSSAnimation subclass which we will create in a later patch while resolving styles
        upon identifying that a new CSS Animation has been added to an element.

        * CMakeLists.txt:
        * DerivedSources.make:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * animation/CSSTransition.cpp: Added.
        (WebCore::CSSTransition::create):
        (WebCore::CSSTransition::CSSTransition):
        * animation/CSSTransition.h: Added.
        * animation/CSSTransition.idl: Added.
        * animation/KeyframeEffect.cpp:
        * animation/WebAnimation.h:
        (WebCore::WebAnimation::isCSSTransition const):
        * bindings/js/JSWebAnimationCustom.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/js/WebCoreBuiltinNames.h:

2018-03-06  Megan Gardner  <megan_gardner@apple.com>

        Ensure system appearance is default for web content
        https://bugs.webkit.org/show_bug.cgi?id=183354
        <rdar://problem/36975571>
        <rdar://problem/38162381>

        Make sure the the system appearance for web content is default, and
        consolidate that code to a single class.

        Reviewed by Tim Horton.

        Not currently testable, will add tests in a future patch.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/mac/LocalDefaultSystemAppearance.h: Added.
        * platform/mac/LocalDefaultSystemAppearance.mm: Added.
        (WebCore::LocalDefaultSystemAppearance::LocalDefaultSystemAppearance):
        (WebCore::LocalDefaultSystemAppearance::~LocalDefaultSystemAppearance):
        * platform/mac/ThemeMac.mm:
        (-[WebCoreThemeView init]):
        (WebCore::ThemeMac::drawCellOrFocusRingWithViewIntoContext):
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::systemColor const):

2018-03-06  Antoine Quint  <graouts@apple.com>

        [Web Animations] Add a new runtime flag to control whether CSS Animations and CSS Transitions should run using the Web Animations timeline
        https://bugs.webkit.org/show_bug.cgi?id=183370
        <rdar://problem/38180729>

        Reviewed by Dean Jackson.

        Before we start creating WebAnimation objects to perform CSS Animations and CSS Transitions, which will replace the existing codepath
        involving CSSAnimationController and CompositeAnimation, we need a runtime flag that will allow all the new code to be turned off by
        default while we bring this feature up.

        * page/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::setCSSAnimationsAndCSSTransitionsBackedByWebAnimationsEnabled):
        (WebCore::RuntimeEnabledFeatures::cssAnimationsAndCSSTransitionsBackedByWebAnimationsEnabled const):

2018-03-06  Daniel Bates  <dabates@apple.com>

        Make more use of USE(OPENGL_ES) and replace typedefs with C++11 using statements
        in TextureCacheCV.h

        Rubber-stamped by Tim Horton.

        * platform/graphics/cv/TextureCacheCV.h:

2018-03-06  Antti Koivisto  <antti@apple.com>

        Cache hasComplexSelectorsForStyleAttribute bit
        https://bugs.webkit.org/show_bug.cgi?id=183363

        Reviewed by Andreas Kling.

        * css/DocumentRuleSets.cpp:
        (WebCore::DocumentRuleSets::collectFeatures const):
        (WebCore::DocumentRuleSets::hasComplexSelectorsForStyleAttribute const):

        Cache the bit to avoid hash lookups.

        * css/DocumentRuleSets.h:
        * dom/StyledElement.cpp:
        (WebCore::StyledElement::invalidateStyleAttribute):
        (WebCore::shouldSynchronizeStyleAttributeImmediatelyForInvalidation): Deleted.

        Move code to DocumentRuleSets.

2018-03-06  Myles C. Maxfield  <mmaxfield@apple.com>

        Change the type of SVGToOTFFontConverter::m_weight to be not a char
        https://bugs.webkit.org/show_bug.cgi?id=183339

        Reviewed by Alex Christensen.

        No new tests because there is no behavior change.

        * svg/SVGToOTFFontConversion.cpp:
        (WebCore::SVGToOTFFontConverter::appendOS2Table):
        (WebCore::SVGToOTFFontConverter::SVGToOTFFontConverter):

2018-03-06  Antoine Quint  <graouts@apple.com>

        [Web Animations] Add a new CSSAnimation subclass of WebAnimation
        https://bugs.webkit.org/show_bug.cgi?id=183371
        <rdar://problem/38181724>

        Reviewed by Dean Jackson.

        Adding a new CSSAnimation subclass which we will create in a later patch while resolving styles
        upon identifying that a new CSS Animation has been added to an element.

        * CMakeLists.txt:
        * DerivedSources.make:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * animation/CSSAnimation.cpp: Added.
        (WebCore::CSSAnimation::create):
        (WebCore::CSSAnimation::CSSAnimation):
        * animation/CSSAnimation.h: Added.
        * animation/CSSAnimation.idl: Added.
        * animation/KeyframeEffectReadOnly.cpp
        * animation/WebAnimation.h:
        (WebCore::WebAnimation::isCSSAnimation const):
        * animation/WebAnimation.idl:
        * bindings/js/JSWebAnimationCustom.cpp:
        (WebCore::toJSNewlyCreated):
        (WebCore::toJS):
        * bindings/js/WebCoreBuiltinNames.h:

2018-03-06  Ms2ger  <Ms2ger@igalia.com>

        Explicitly qualify some method calls on this in lambdas in Service Worker code.
        https://bugs.webkit.org/show_bug.cgi?id=183367

        Reviewed by Chris Dumez.

        No new tests -- no change in behavior.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::startLoadingMainResource):
        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::matchAll):

2018-03-06  Zan Dobersek  <zdobersek@igalia.com>

        [CoordGraphics] Remove unused scrolling-related code in TextureMapperLayer, CoordinatedGraphics stack
        https://bugs.webkit.org/show_bug.cgi?id=183340

        Reviewed by Michael Catanzaro.

        TextureMapperLayer::scrollBy() method is completely unused and can be
        removed. This opens the gates on removing majority of scrolling-related
        code in TextureMapperLayer, CoordinatedGraphicsLayer and
        CoordinatedGraphicsScene classes, along with smaller bits in other
        closely-associated classes.

        We're able to remove two virtual method overrides in the
        ScrollingCoordinatorCoordinatedGraphics class.

        TextureMapperLayer can drop the ScrollingClient member variable, along
        with multiple others. Various unused methods in that class are removed
        as well.

        CoordinatedGraphicsLayer and GraphicsLayerTextureMapper can both remove
        the custom scrolling state tracking.

        No new tests -- no change in behavior.

        * page/scrolling/coordinatedgraphics/ScrollingCoordinatorCoordinatedGraphics.cpp:
        (WebCore::ScrollingCoordinatorCoordinatedGraphics::scrollableAreaScrollLayerDidChange): Deleted.
        (WebCore::ScrollingCoordinatorCoordinatedGraphics::willDestroyScrollableArea): Deleted.
        * page/scrolling/coordinatedgraphics/ScrollingCoordinatorCoordinatedGraphics.h:
        * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
        (WebCore::GraphicsLayerTextureMapper::GraphicsLayerTextureMapper):
        (WebCore::GraphicsLayerTextureMapper::commitLayerChanges):
        (WebCore::GraphicsLayerTextureMapper::didCommitScrollOffset): Deleted.
        (WebCore::GraphicsLayerTextureMapper::setIsScrollable): Deleted.
        * platform/graphics/texmap/GraphicsLayerTextureMapper.h:
        * platform/graphics/texmap/TextureMapperLayer.cpp:
        (WebCore::TextureMapperLayer::hitTest): Deleted.
        (WebCore::TextureMapperLayer::scrollableLayerHitTestCondition): Deleted.
        (WebCore::TextureMapperLayer::findScrollableContentsLayerAt): Deleted.
        (WebCore::TextureMapperLayer::mapScrollOffset): Deleted.
        (WebCore::TextureMapperLayer::commitScrollOffset): Deleted.
        (WebCore::TextureMapperLayer::scrollBy): Deleted.
        (WebCore::TextureMapperLayer::didCommitScrollOffset): Deleted.
        * platform/graphics/texmap/TextureMapperLayer.h:
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::CoordinatedGraphicsLayer::CoordinatedGraphicsLayer):
        (WebCore::CoordinatedGraphicsLayer::syncLayerState):
        (WebCore::CoordinatedGraphicsLayer::resetLayerState):
        (WebCore::CoordinatedGraphicsLayer::setScrollableArea): Deleted.
        (WebCore::CoordinatedGraphicsLayer::commitScrollOffset): Deleted.
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsState.h:

2018-03-06  Zan Dobersek  <zdobersek@igalia.com>

        [CoordGraphics] Apply TextureMapperLayer animations with a single MonotonicTime value
        https://bugs.webkit.org/show_bug.cgi?id=183360

        Reviewed by Sergio Villar Senin.

        When animations are being applied on the TextureMapperLayer tree, the
        monotonic time value is retrieved repeatedly in TextureMapperAnimation
        class. Instead of spawning repeated syscalls that are required to obtain
        the time value, TextureMapperLayer::applyAnimationsRecursively() now
        accepts a MonotonicTime value that should be used for all animation
        updates.

        No new tests -- no change in behavior.

        * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
        (WebCore::GraphicsLayerTextureMapper::flushCompositingStateForThisLayerOnly):
        * platform/graphics/texmap/TextureMapperAnimation.cpp:
        (WebCore::TextureMapperAnimation::apply):
        (WebCore::TextureMapperAnimation::computeTotalRunningTime):
        (WebCore::TextureMapperAnimations::apply):
        * platform/graphics/texmap/TextureMapperAnimation.h:
        (WebCore::TextureMapperAnimation::keyframes const):
        (WebCore::TextureMapperAnimation::animation const):
        (WebCore::TextureMapperAnimation::boxSize const): Deleted.
        (WebCore::TextureMapperAnimation::listsMatch const): Deleted.
        (WebCore::TextureMapperAnimation::startTime const): Deleted.
        (WebCore::TextureMapperAnimation::pauseTime const): Deleted.
        * platform/graphics/texmap/TextureMapperLayer.cpp:
        (WebCore::TextureMapperLayer::applyAnimationsRecursively):
        (WebCore::TextureMapperLayer::syncAnimations):
        * platform/graphics/texmap/TextureMapperLayer.h:

2018-03-06  Zan Dobersek  <zdobersek@igalia.com>

        [CoordGraphics] Clean up CoordinatedImageBacking
        https://bugs.webkit.org/show_bug.cgi?id=183332

        Reviewed by Carlos Garcia Campos.

        Clean up the CoordinatedImageBacking class. Prefer reference values in
        class functions, methods and member variables, where possible. Move
        member variables into a more sensible order. Initialize a few member
        variables at the place of declaration.

        Drop releaseSurfaceIfNeeded() and updateVisibilityIfNeeded() methods,
        integrating them into the update() method, which was the only place
        where they were called from.

        We don't have to keep a reference to the buffer object, since we're
        not using it internally after it's been passed to the client's
        updateImageBacking() implementation.

        No new tests -- no change in behavior.

        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::CoordinatedGraphicsLayer::syncImageBacking):
        (WebCore::CoordinatedGraphicsLayer::releaseImageBackingIfNeeded):
        * platform/graphics/texmap/coordinated/CoordinatedImageBacking.cpp:
        (WebCore::CoordinatedImageBacking::getCoordinatedImageBackingID):
        (WebCore::CoordinatedImageBacking::CoordinatedImageBacking):
        (WebCore::CoordinatedImageBacking::addHost):
        (WebCore::CoordinatedImageBacking::removeHost):
        (WebCore::CoordinatedImageBacking::update):
        (WebCore::CoordinatedImageBacking::clearContentsTimerFired):
        (WebCore::CoordinatedImageBacking::create): Deleted.
        (WebCore::CoordinatedImageBacking::markDirty): Deleted.
        (WebCore::CoordinatedImageBacking::releaseSurfaceIfNeeded): Deleted.
        (WebCore::CoordinatedImageBacking::updateVisibilityIfNeeded): Deleted.
        * platform/graphics/texmap/coordinated/CoordinatedImageBacking.h:

2018-03-06  Zan Dobersek  <zdobersek@igalia.com>

        GraphicsLayerTextureMapper: remove the setAnimations() method
        https://bugs.webkit.org/show_bug.cgi?id=183358

        Reviewed by Carlos Garcia Campos.

        Remove the GraphicsLayerTextureMapper::setAnimations() method. This was
        not called from anywhere, and is not the way animations are generated
        for a given GraphicsLayer object (that would be addAnimation() method).

        * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
        (WebCore::GraphicsLayerTextureMapper::setAnimations): Deleted.
        * platform/graphics/texmap/GraphicsLayerTextureMapper.h:

2018-03-06  Nan Wang  <n_wang@apple.com>

        AX: AOM: More accessibility events support
        https://bugs.webkit.org/show_bug.cgi?id=183023
        <rdar://problem/37764380>

        Reviewed by Chris Fleizach.

        Accessibility events.
        Spec: https://wicg.github.io/aom/spec/phase2.html

        This change adds support for these new events:
          accessiblecontextmenu
          accessibledecrement
          accessibledismiss
          accessiblefocus
          accessibleincrement
          accessiblescrollintoview
          accessibleselect

        Note: The show context menu action is only supported on macOS now.
        The dismiss action is not implemented for all the platforms yet.

        Test: accessibility/mac/AOM-events-all.html

        * accessibility/AccessibilityListBoxOption.cpp:
        (WebCore::AccessibilityListBoxOption::setSelected):
        * accessibility/AccessibilityMediaObject.cpp:
        (WebCore::AccessibilityMediaObject::increment):
        (WebCore::AccessibilityMediaObject::decrement):
        * accessibility/AccessibilityMenuListOption.cpp:
        (WebCore::AccessibilityMenuListOption::setSelected):
        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::AccessibilityNodeObject::increment):
        (WebCore::AccessibilityNodeObject::decrement):
        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::press):
        (WebCore::AccessibilityObject::dispatchAccessibilityEvent const):
        (WebCore::AccessibilityObject::dispatchAccessibilityEventWithType const):
        (WebCore::AccessibilityObject::dispatchAccessibleSetValueEvent const):
        (WebCore::AccessibilityObject::scrollToMakeVisible const):
        (WebCore::AccessibilityObject::dispatchAccessibilityEvent): Deleted.
        (WebCore::AccessibilityObject::dispatchAccessibleSetValueEvent): Deleted.
        * accessibility/AccessibilityObject.h:
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::setFocused):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper accessibilityShowContextMenu]):
        * dom/Element.idl:
        * dom/EventNames.h:

2018-03-05  Yusuke Suzuki  <utatane.tea@gmail.com>

        Fix std::make_unique / new[] using system malloc
        https://bugs.webkit.org/show_bug.cgi?id=182975

        Reviewed by JF Bastien.

        Use Vector, FAST_ALLOCATED, or UniqueArray instead.

        * Modules/webaudio/AudioBufferSourceNode.cpp:
        (WebCore::AudioBufferSourceNode::setBuffer):
        * Modules/webaudio/AudioBufferSourceNode.h:
        * css/StyleRule.h:
        * cssjit/CompiledSelector.h:
        * html/HTMLFrameSetElement.h:
        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::copyTexSubImage2D):
        (WebCore::WebGLRenderingContextBase::simulateVertexAttrib0):
        (WebCore::WebGLRenderingContextBase::LRUImageBufferCache::LRUImageBufferCache):
        (WebCore::WebGLRenderingContextBase::LRUImageBufferCache::imageBuffer):
        (WebCore::WebGLRenderingContextBase::LRUImageBufferCache::bubbleToFront):
        * html/canvas/WebGLRenderingContextBase.h:
        * platform/Length.cpp:
        (WebCore::newCoordsArray):
        (WebCore::newLengthArray):
        (): Deleted.
        * platform/Length.h:
        * platform/audio/DynamicsCompressor.cpp:
        (WebCore::DynamicsCompressor::setNumberOfChannels):
        * platform/audio/DynamicsCompressor.h:
        * platform/audio/FFTFrame.h:
        * platform/audio/gstreamer/FFTFrameGStreamer.cpp:
        (WebCore::FFTFrame::FFTFrame):
        * platform/graphics/FormatConverter.h:
        (WebCore::FormatConverter::FormatConverter):
        * platform/graphics/GraphicsContext3D.cpp:
        (WebCore::GraphicsContext3D::texImage2DResourceSafe):
        * platform/graphics/GraphicsContext3D.h:
        * platform/graphics/ca/win/CACFLayerTreeHost.cpp:
        (WebCore::getDirtyRects):
        * platform/graphics/cairo/CairoUtilities.cpp:
        (WebCore::flipImageSurfaceVertically):
        * platform/graphics/cg/GraphicsContext3DCG.cpp:
        (WebCore::GraphicsContext3D::ImageExtractor::extractImage):
        * platform/graphics/gpu/Texture.cpp:
        (WebCore::Texture::updateSubRect):
        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
        (WebCore::GraphicsContext3D::paintRenderingResultsToCanvas):
        (WebCore::GraphicsContext3D::compileShader):
        (WebCore::GraphicsContext3D::getActiveAttribImpl):
        (WebCore::GraphicsContext3D::getActiveUniformImpl):
        (WebCore::GraphicsContext3D::getProgramInfoLog):
        (WebCore::GraphicsContext3D::getShaderInfoLog):
        * platform/graphics/texmap/TextureMapperShaderProgram.cpp:
        (WebCore::getShaderLog):
        (WebCore::getProgramLog):
        * platform/graphics/win/ImageBufferDataDirect2D.cpp:
        (WebCore::ImageBufferData::putData):
        * platform/image-decoders/png/PNGImageDecoder.cpp:
        (WebCore::PNGImageReader::PNGImageReader):
        (WebCore::PNGImageReader::close):
        (WebCore::PNGImageReader::interlaceBuffer const):
        (WebCore::PNGImageReader::createInterlaceBuffer):
        * platform/image-decoders/webp/WEBPImageDecoder.cpp:
        (WebCore::WEBPImageDecoder::decodeFrame):
        * platform/network/curl/SocketStreamHandleImpl.h:
        (WebCore::SocketStreamHandleImpl::SocketData::SocketData):
        * platform/network/curl/SocketStreamHandleImplCurl.cpp:
        (WebCore::createCopy):
        (WebCore::SocketStreamHandleImpl::readData):
        (): Deleted.
        * platform/network/soup/SocketStreamHandleImpl.h:
        * platform/network/soup/SocketStreamHandleImplSoup.cpp:
        (WebCore::SocketStreamHandleImpl::connected):
        * platform/win/LoggingWin.cpp:
        (WebCore::logLevelString):

2018-03-05  Yoav Weiss  <yoav@yoav.ws>

        Support for preconnect Link headers
        https://bugs.webkit.org/show_bug.cgi?id=181657

        Reviewed by Darin Adler.

        Move the preconnect functionality into its own function, and
        also call this function when Link headers are processed.

        Test: http/tests/preconnect/link-header-rel-preconnect-http.php

        * loader/LinkLoader.cpp:
        (WebCore::LinkLoader::loadLinksFromHeader): Call preconnectIfNeeded.
        (WebCore::LinkLoader::preconnectIfNeeded): Preconnect to a host functionality moved here.
        (WebCore::LinkLoader::loadLink): Call preconnectIfNeeded.
        * loader/LinkLoader.h:

2018-03-05  Antti Koivisto  <antti@apple.com>

        Add ChildrenAffectedByForwardPositionalRules bit for nth-child pseudo class marking
        https://bugs.webkit.org/show_bug.cgi?id=183341
        <rdar://problem/38151470>

        Reviewed by Zalan Bujtas.

        Use it instead of AffectsNextSibling/AffectedByPreviousSibling bits, similar to ChildrenAffectedByBackwardPositionalRules bit.
        This is more efficient and requires way less marking.

        * css/SelectorChecker.cpp:
        (WebCore::countElementsBefore):
        (WebCore::countElementsOfTypeBefore):
        (WebCore::SelectorChecker::checkOne const):

            Mark with ChildrenAffectedByForwardPositionalRules.

        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsNthChild):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsNthChildOf):

             Mark with ChildrenAffectedByForwardPositionalRules.

        * dom/Element.cpp:
        (WebCore::checkForSiblingStyleChanges):

            Invalidate siblings after added/removed element.

        (WebCore::Element::setChildrenAffectedByForwardPositionalRules):
        (WebCore::Element::hasFlagsSetDuringStylingOfChildren const):
        (WebCore::Element::rareDataChildrenAffectedByForwardPositionalRules const):

            Add the new marking bit.

        * dom/Element.h:
        (WebCore::Element::childrenAffectedByForwardPositionalRules const):
        (WebCore::Element::attributeWithoutSynchronization const):

            Remove assert so we can use this to get the current unresolved lazy value of style attrbute.

        * dom/ElementRareData.h:
        (WebCore::ElementRareData::childrenAffectedByForwardPositionalRules const):
        (WebCore::ElementRareData::setChildrenAffectedByForwardPositionalRules):
        (WebCore::ElementRareData::ElementRareData):
        (WebCore::ElementRareData::resetStyleRelations):

             Add the new marking bit.

        * dom/StyledElement.cpp:
        (WebCore::StyledElement::invalidateStyleAttribute):

            In special case where we have attribute selectors for style attribute, synchronize the attribute immediately so we get invalidation right.
            Tested by fast/css/style-attribute-invalidation-propagates-to-counted-siblings.html    

        * style/StyleRelations.cpp:
        (WebCore::Style::commitRelationsToRenderStyle):
        (WebCore::Style::commitRelations):

            Commit the new bit.

        * style/StyleRelations.h:

2018-03-05  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed build fix, remove unused variables.

        * css/parser/CSSPropertyParser.cpp:
        (WebCore::consumeSpeakAs):
        (WebCore::consumeHangingPunctuation):

2018-03-05  Chris Dumez  <cdumez@apple.com>

        fast/loader/onload-policy-ignore-for-frame.html is timing out with async policy delegates
        https://bugs.webkit.org/show_bug.cgi?id=183337

        Reviewed by Ryosuke Niwa.

        Make sure we call checkCompleted() before calling checkLoadComplete() in
        FrameLoader::continueLoadAfterNavigationPolicy() when the client tells us
        to ignore the navigation, so that we properly recognize that the load is
        done. This matches what is already done in FrameLoader::receivedMainResourceError().

        Test: fast/loader/onload-policy-ignore-for-frame-async-delegates.html

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::continueLoadAfterNavigationPolicy):

2018-03-05  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] Allow user-installed fonts to be disabled
        https://bugs.webkit.org/show_bug.cgi?id=183349

        Rubber stamped by Brent Fulgham.

        Tests: fast/text/user-installed-font.html
               fast/text/user-installed-fonts/disable.html
               fast/text/user-installed-fonts/shadow-disable.html
               fast/text/user-installed-fonts/shadow-family-disable.html
               fast/text/user-installed-fonts/shadow-family.html
               fast/text/user-installed-fonts/shadow-postscript-disable.html
               fast/text/user-installed-fonts/shadow-postscript-family-disable.html
               fast/text/user-installed-fonts/shadow-postscript-family.html
               fast/text/user-installed-fonts/shadow-postscript.html
               fast/text/user-installed-fonts/shadow.html
               fast/text/user-installed-fonts/system-ui.html

        * platform/graphics/cocoa/FontCacheCoreText.cpp:

2018-03-05  Myles C. Maxfield  <mmaxfield@apple.com>

        Silence OpenGL and OpenGL ES deprecation warnings in newer SDKs
        https://bugs.webkit.org/show_bug.cgi?id=183350

        Unreviewed.

        * Configurations/WebCore.xcconfig:

2018-03-05  Andy Estes  <aestes@apple.com>

        [Mac] Teach WebCore::Pasteboard about file promise drags
        https://bugs.webkit.org/show_bug.cgi?id=183314
        <rdar://problem/38105493>

        Reviewed by Darin Adler.

        While WebKit does support receiving file promise drags (since r210360), WebCore::Pasteboard
        has not been instructed on how to read their file paths. When the various pasteboard readers
        ask for file paths after a file promise drop, they receive an empty vector. This impacts
        various features, most notably the DataTransfer API.

        Pasteboard actually cannot learn about promised file paths from the pasteboard itself, as
        the pasteboard only contains the dragged files' UTIs. Promised file paths aren't known until
        the WebKits call -[NSFilePromiseReceiver receivePromisedFilesAtDestination:...], at which
        point the file paths are passed to WebCore as part of WebCore::DragData.

        When we construct new Pasteboards for drag and drop, we need to store any promised file
        paths from the DragData. Then, when the various pasteboard readers ask for file paths and
        NSFilesPromisePboardType is on the pasteboard, we can return these promised file paths.

        Tests: editing/pasteboard/data-transfer-items-drag-drop-file-promise.html
               editing/pasteboard/data-transfer-items-drop-file-promise.html
               editing/pasteboard/datatransfer-items-drop-plaintext-file-promise.html
               editing/pasteboard/datatransfer-types-dropping-text-file-promise.html
               editing/pasteboard/drag-file-promises-to-editable-element-as-URLs.html
               editing/pasteboard/drag-file-promises-to-editable-element-as-attachment.html
               editing/pasteboard/file-input-files-access-promise.html

        * platform/FileSystem.h:
        * platform/Pasteboard.h:
        (WebCore::Pasteboard::Pasteboard):
        * platform/mac/DragDataMac.mm:
        (WebCore::DragData::containsPromise const):
        * platform/mac/PasteboardMac.mm:
        (WebCore::Pasteboard::Pasteboard):
        (WebCore::Pasteboard::createForDragAndDrop):
        (WebCore::toString):
        (WebCore::Pasteboard::read):
        (WebCore::Pasteboard::readFilePaths):
        (WebCore::absoluteURLsFromPasteboardFilenames): Deleted.
        * platform/mac/PlatformPasteboardMac.mm:
        (WebCore::PlatformPasteboard::numberOfFiles const):

2018-03-05  Andy Estes  <aestes@apple.com>

        [Mac] Fix the build

        * Modules/applepay/ApplePaySession.cpp:
        (WebCore::convertAndValidate): Removed unused variables.

2018-03-05  Antti Koivisto  <antti@apple.com>

        Don't invalidate all children when doing insertion/deletion in presence of backward positional selectors
        https://bugs.webkit.org/show_bug.cgi?id=183325
        <rdar://problem/38134480>

        Reviewed by Zalan Bujtas.

        It is sufficient to invalidate siblings before the mutation point.

        * dom/Element.cpp:
        (WebCore::checkForSiblingStyleChanges):

        We already do sibling walk in the case of forwards positional rules and sibling combinators. The work
        done here is insignifant compared to cost of overinvalidating.

2018-03-05  Ali Juma  <ajuma@chromium.org>

        imported/w3c/web-platform-tests/html/semantics/text-level-semantics/the-a-element/a-download-click-404.html times out with async policy delegates
        https://bugs.webkit.org/show_bug.cgi?id=183297

        Reviewed by Chris Dumez.

        When a FrameLoader's policy document loader is cleared after receiving a navigation policy decision
        to not continue loading, we still need to trigger a check for load completion, since this loader or
        an ancestor loader may have been in state isLoadingInAPISense only because of the existence of
        the just-cleared policy document loader. Without triggering this check, these loaders may never
        call WebFrameLoaderClient::dispatchDidFinishLoad.

        Test: http/wpt/html/semantics/text-level-semantics/the-a-element/a-download-click-404.html

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::continueLoadAfterNavigationPolicy):

2018-03-04  Yusuke Suzuki  <utatane.tea@gmail.com>

        [WTF] Move currentCPUTime and sleep(Seconds) to CPUTime.h and Seconds.h respectively
        https://bugs.webkit.org/show_bug.cgi?id=183312

        Reviewed by Mark Lam.

        Remove wtf/CurrentTime.h include pragma.

        * Modules/geolocation/Geolocation.cpp:
        * Modules/mediasource/SourceBuffer.cpp:
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        * Modules/speech/SpeechSynthesis.cpp:
        * contentextensions/ContentExtensionCompiler.cpp:
        * contentextensions/ContentExtensionParser.cpp:
        * dom/Document.cpp:
        * dom/Element.cpp:
        * dom/Event.cpp:
        * dom/ScriptedAnimationController.cpp:
        * dom/SimulatedClick.cpp:
        * fileapi/File.cpp:
        * fileapi/FileReader.cpp:
        * history/CachedPage.cpp:
        * html/BaseDateAndTimeInputType.cpp:
        * html/DateTimeInputType.cpp:
        * html/HTMLMediaElement.cpp:
        * html/MediaController.cpp:
        * html/MediaElementSession.cpp:
        * html/MonthInputType.cpp:
        * html/TimeInputType.cpp:
        * html/parser/HTMLParserScheduler.h:
        * inspector/InspectorCanvas.cpp:
        * loader/FrameLoader.cpp:
        * loader/LoadTiming.cpp:
        * loader/NavigationScheduler.cpp:
        * loader/ProgressTracker.cpp:
        * loader/cache/CachedCSSStyleSheet.cpp:
        * loader/cache/CachedImage.cpp:
        * loader/cache/CachedResource.cpp:
        * loader/cache/MemoryCache.cpp:
        * page/DOMTimer.cpp:
        * page/DOMWindow.cpp:
        * page/DragController.cpp:
        * page/EventHandler.cpp:
        * page/FocusController.cpp:
        * page/FrameView.cpp:
        * page/Page.cpp:
        * page/Performance.cpp:
        * page/PerformanceTiming.cpp:
        * page/animation/AnimationBase.cpp:
        * page/animation/CSSAnimationController.cpp:
        * page/mac/WheelEventDeltaFilterMac.mm:
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
        * platform/ScrollAnimationKinetic.cpp:
        * platform/ScrollAnimationSmooth.cpp:
        * platform/ThreadTimers.cpp:
        * platform/Timer.cpp:
        * platform/audio/mac/AudioSampleDataSource.mm:
        * platform/cocoa/ScrollController.mm:
        * platform/gamepad/cocoa/GameControllerGamepad.mm:
        * platform/gamepad/mac/HIDGamepad.cpp:
        * platform/graphics/BitmapImage.cpp:
        * platform/graphics/DisplayRefreshMonitorManager.cpp:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        * platform/graphics/ca/LayerPool.cpp:
        * platform/graphics/ca/PlatformCALayer.h:
        * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:
        * platform/graphics/ca/win/CACFLayerTreeHost.cpp:
        * platform/graphics/ca/win/PlatformCALayerWin.cpp:
        * platform/graphics/ca/win/WKCACFViewLayerTreeHost.cpp:
        * platform/graphics/cg/GraphicsContextCG.cpp:
        * platform/graphics/cocoa/WebCoreDecompressionSession.mm:
        * platform/graphics/ios/DisplayRefreshMonitorIOS.mm:
        * platform/graphics/mac/DisplayRefreshMonitorMac.cpp:
        * platform/graphics/texmap/BitmapTexturePool.h:
        * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
        * platform/graphics/texmap/TextureMapper.cpp:
        * platform/graphics/texmap/TextureMapperAnimation.cpp:
        * platform/graphics/texmap/TextureMapperFPSCounter.cpp:
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        * platform/graphics/win/GraphicsContextDirect2D.cpp:
        * platform/graphics/win/GraphicsLayerDirect2D.cpp:
        * platform/gtk/PlatformKeyboardEventGtk.cpp:
        * platform/gtk/ScrollAnimatorGtk.cpp:
        * platform/ios/LegacyTileCache.mm:
        * platform/ios/LegacyTileLayerPool.mm:
        * platform/ios/ScrollViewIOS.mm:
        * platform/mediastream/RealtimeOutgoingVideoSource.cpp:
        * platform/mediastream/mac/DisplayCaptureSourceCocoa.cpp:
        * platform/mediastream/mac/ScreenDisplayCaptureSourceMac.mm:
        * platform/mock/MockRealtimeMediaSource.cpp:
        * platform/mock/MockRealtimeVideoSource.cpp:
        * platform/network/CacheValidation.cpp:
        * platform/network/DNSResolveQueue.cpp:
        * platform/network/ResourceResponseBase.cpp:
        * platform/network/curl/CurlCacheEntry.cpp:
        * platform/network/soup/ResourceHandleSoup.cpp:
        * platform/text/TextEncodingRegistry.cpp:
        * platform/text/win/LocaleWin.cpp:
        * platform/win/MainThreadSharedTimerWin.cpp:
        * platform/win/PlatformMouseEventWin.cpp:
        * rendering/RenderLayerCompositor.cpp:
        * rendering/RenderProgress.cpp:
        * svg/animation/SMILTimeContainer.cpp:
        * testing/MockGamepad.cpp:
        * workers/WorkerRunLoop.cpp:

2018-03-04  Tim Horton  <timothy_horton@apple.com>

        Make !ENABLE(DATA_DETECTION) iOS build actually succeed
        https://bugs.webkit.org/show_bug.cgi?id=183283
        <rdar://problem/38062148>

        Reviewed by Sam Weinig.

        * Configurations/FeatureDefines.xcconfig:

2018-03-03  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Delete incorrect version of clampTo() function from SVGToOTFFontConversion.cpp
        https://bugs.webkit.org/show_bug.cgi?id=183165

        Reviewed by Darin Adler.

        Some of the calls in SVGToOTFFontConversion.cpp were directed to the function
        in MathExtras.h while the rest were directed to this local static function.
        There should not be two versions with the same name while they are supposed
        to do the same thing. Besides, the local version does not work correctly
        if the type of the argument's max limit is less the max limit of the returned
        type, e.g. char -> uint16_t.

        * svg/SVGToOTFFontConversion.cpp:
        (WebCore::clampTo): Deleted.

2018-03-03  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move styleDidChange mutation logic to RenderTreeUpdater
        https://bugs.webkit.org/show_bug.cgi?id=183273
        <rdar://problem/38054892>

        Reviewed by Antti Koivisto.

        Covered by existing tests.

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::styleDidChange):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::styleDidChange):
        (WebCore::RenderElement::noLongerAffectsParentBlock const): Deleted.
        * rendering/RenderElement.h:
        * rendering/updating/RenderTreeUpdater.cpp:
        (WebCore::RenderTreeUpdater::updateElementRenderer):

2018-03-03  Yoav Weiss  <yoav@yoav.ws>

        Link headers for subresources are not being processes
        https://bugs.webkit.org/show_bug.cgi?id=181789

        Reviewed by Youenn Fablet.

        Triggers Link header processing when the Link headers arrive on a subresource.

        Test: http/tests/preload/link-header-on-subresource.html

        * loader/LinkLoader.cpp:
        (WebCore::LinkLoader::loadLinksFromHeader): Change the media check conditions.
        * loader/LinkLoader.h: Add a third state for media checks.
        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::didReceiveResponse): Preload links from headers for subresources.

2018-03-02  Yusuke Suzuki  <utatane.tea@gmail.com>

        [WTF] Remove RunLoop and RunLoop::Timer's interface using double as seconds
        https://bugs.webkit.org/show_bug.cgi?id=183293

        Reviewed by Alex Christensen.

        * platform/graphics/texmap/TextureMapperPlatformLayerProxy.cpp:
        (WebCore::TextureMapperPlatformLayerProxy::dropCurrentBufferWhilePreservingTexture):

2018-03-02  Dean Jackson  <dino@apple.com>

        Remove NP_GLContext since it is unsupported
        https://bugs.webkit.org/show_bug.cgi?id=183305
        <rdar://problem/36875555>

        Reviewed by Simon Fraser.

        * plugins/npapi.h: Remove NP_GLContext and mention that
        it is not supported.

2018-03-02  Chris Dumez  <cdumez@apple.com>

        imported/w3c/web-platform-tests/html/browsers/history/the-location-interface/location-protocol-setter-non-broken.html crashes with async policy delegates
        https://bugs.webkit.org/show_bug.cgi?id=183294
        <rdar://problem/38073596>

        Reviewed by Youenn Fablet.

        Drop code that was added to SubresourceLoader::willCancel() in r228852. The purpose of this code
        was to make sure that SubresourceLoader::m_policyForResponseCompletionHandler always gets called,
        even when the load is cancelled. However, this code is not needed (since m_policyForResponseCompletionHandler
        is a CompletionHandler, an assertion will be hit if we fail to call it and we'll know). Calling
        the completionHandler inside SubresourceLoader::willCancel() is too early and leads to crashes.

        The completionHandler currently gets called DocumentLoader::responseReceived() via a call to
        mainResourceLoader->didReceiveResponsePolicy(). Note that in r229177, we made sure that the
        call to didReceiveResponsePolicy() happens *after* the call to continueAfterContentPolicy()
        to maintain our non-async policy delegate behavior. However, continueAfterContentPolicy()
        would end up calling willCancel() and call the completionHandler when shouldContinue was
        false.

        Test: http/wpt/html/browsers/history/the-location-interface/location-protocol-setter-non-broken-async-delegate.html

        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::willCancel):

2018-03-02  Tim Horton  <timothy_horton@apple.com>

        Fix the build after r229185 and r229184

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::exernalDeviceDisplayNameForPlayer):
        * platform/ios/DeviceOrientationClientIOS.h:
        * platform/ios/DeviceOrientationClientIOS.mm:

2018-03-02  Tim Horton  <timothy_horton@apple.com>

        Make the !ENABLE(DEVICE_ORIENTATION) iOS build succeed
        https://bugs.webkit.org/show_bug.cgi?id=183296

        Reviewed by Dan Bernstein.

        * platform/ios/DeviceMotionClientIOS.h:
        * platform/ios/DeviceMotionClientIOS.mm:
        * platform/ios/WebCoreMotionManager.h:
        * platform/ios/WebCoreMotionManager.mm:

2018-03-02  Tim Horton  <timothy_horton@apple.com>

        Make it possible to build for iOS without Celestial
        https://bugs.webkit.org/show_bug.cgi?id=183295
        <rdar://problem/38074468>

        Reviewed by Dan Bernstein.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::exernalDeviceDisplayNameForPlayer):

2018-03-02  Youenn Fablet  <youenn@apple.com>

        Clients should register to StorageProcess with their service worker registration identifier
        https://bugs.webkit.org/show_bug.cgi?id=182313
        <rdar://problem/38044403>

        Reviewed by Chris Dumez.

        Relanding with fixing matchAll for uncontrolled clients.

        No observable change of behavior in regular conditions.
        When service worker process crashes, the service worker identifiers sent by the WebProcess might be wrong
        and we will not be able to retrieve the registration from these identifiers.
        The storage process will be able to still process correctly messages coming from the WebProcess to register clients of the registration.
        Otherwise, there is a chance that WebProcess clients will not be added to the SWServerRegistration.m_clientsUsingRegistration maps.

        * dom/Document.cpp:
        (WebCore::Document::setServiceWorkerConnection):
        * workers/service/SWClientConnection.h:
        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::matchAll):
        (WebCore::SWServer::claim):
        (WebCore::SWServer::registerServiceWorkerClient):
        (WebCore::SWServer::unregisterServiceWorkerClient):
        (WebCore::SWServer::setClientActiveWorker): Deleted.
        * workers/service/server/SWServer.h:
        * workers/service/server/SWServerRegistration.cpp:
        (WebCore::SWServerRegistration::activate):

2018-03-02  Youenn Fablet  <youenn@apple.com>

        Loads for a Document controlled by a Service Worker should not use AppCache
        https://bugs.webkit.org/show_bug.cgi?id=183148

        Reviewed by Chris Dumez.

        Covered by updated test.

        Postponing document loading through app cache after matching service worker registration.
        Trying to load through app cache only if there is no service worker registration.

        Disabling app cache for any load that has a service worker registration identifier.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::redirectReceived):
        (WebCore::DocumentLoader::willSendRequest):
        (WebCore::DocumentLoader::tryLoadingRequestFromApplicationCache):
        (WebCore::DocumentLoader::tryLoadingRedirectRequestFromApplicationCache):
        (WebCore::DocumentLoader::restartLoadingDueToServiceWorkerRegistrationChange):
        (WebCore::DocumentLoader::scheduleSubstituteResourceLoad):
        (WebCore::DocumentLoader::startLoadingMainResource):
        * loader/DocumentLoader.h:
        * loader/appcache/ApplicationCacheHost.cpp:
        (WebCore::ApplicationCacheHost::maybeLoadMainResource):
        (WebCore::ApplicationCacheHost::maybeLoadMainResourceForRedirect):
        (WebCore::ApplicationCacheHost::maybeLoadResource):
        (WebCore::ApplicationCacheHost::scheduleLoadFallbackResourceFromApplicationCache):
        * loader/appcache/ApplicationCacheHost.h:

2018-03-02  Chris Dumez  <cdumez@apple.com>

        fast/events/before-unload-remove-itself.html crashes with async policy delegates
        https://bugs.webkit.org/show_bug.cgi?id=183290
        <rdar://problem/38069045>

        Reviewed by Alex Christensen.

        When the navigation policy happens asynchronously, it is now possible for the
        Frame / FrameLoader to get destroyed between the point that policyChecker().checkNavigationPolicy()
        is called and when continueLoadAfterNavigationPolicy() is called.

        To address the issue, we now protect the Frame and capture it in the lambda passed
        to policyChecker().checkNavigationPolicy().

        Test: fast/events/before-unload-remove-itself-async-delegate.html

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadURL):
        (WebCore::FrameLoader::loadWithDocumentLoader):

2018-03-02  Chris Dumez  <cdumez@apple.com>

        Converting a load to a download does not work with async policy delegates
        https://bugs.webkit.org/show_bug.cgi?id=183254
        <rdar://problem/38035334>

        Reviewed by Youenn Fablet.

        Update DocumentLoader::responseReceived() to call didReceiveResponsePolicy()
        on the mainResourceLoader *after* calling continueAfterContentPolicy(),
        not *before*. This makes sure that the WebResourceLoader sends the
        NetworkResourceLoader::ContinueDidReceiveResponse IPC back to the Network
        Process *after* the policy decision has been processed, which restores the
        pre-r228852 order.

        Test: fast/dom/HTMLAnchorElement/anchor-file-blob-convert-to-download-async-delegate.html

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::responseReceived):

2018-03-02  Youenn Fablet  <youenn@apple.com>

        Some RealtimeMediaSource methods do not need to be marked as virtual
        https://bugs.webkit.org/show_bug.cgi?id=183272

        Reviewed by Eric Carlson.

        No change of behavior.

        * platform/mediastream/RealtimeMediaSource.h:

2018-03-01  Yusuke Suzuki  <utatane.tea@gmail.com>

        Remove monotonicallyIncreasingTime
        https://bugs.webkit.org/show_bug.cgi?id=182911

        Reviewed by Michael Catanzaro.

        While generic code uses MonotonicTime, CAAnimation uses media time (CFTimeInterval).
        At this boundary, we convert MonotonicTime to media time, this is the same logic to
        the code before this patch.

        * Modules/gamepad/Gamepad.h:
        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::SourceBuffer):
        (WebCore::SourceBuffer::monitorBufferingRate):
        * Modules/mediasource/SourceBuffer.h:
        * Modules/speech/SpeechSynthesis.cpp:
        (WebCore::SpeechSynthesis::startSpeakingImmediately):
        (WebCore::SpeechSynthesis::fireEvent):
        * Modules/speech/SpeechSynthesisUtterance.h:
        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        * contentextensions/ContentExtensionParser.cpp:
        (WebCore::ContentExtensions::parseRuleList):
        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::actionsForResourceLoad const):
        * dom/Element.cpp:
        (WebCore::Element::setActive):
        * history/CachedPage.cpp:
        (WebCore::CachedPage::CachedPage):
        (WebCore::CachedPage::hasExpired const):
        * history/CachedPage.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::startProgressEventTimer):
        (WebCore::HTMLMediaElement::progressEventTimerFired):
        (WebCore::HTMLMediaElement::refreshCachedTime const):
        (WebCore::HTMLMediaElement::invalidateCachedTime const):
        (WebCore::HTMLMediaElement::currentMediaTime const):
        (WebCore::HTMLMediaElement::startPlaybackProgressTimer):
        * html/HTMLMediaElement.h:
        * html/MediaElementSession.cpp:
        (WebCore::MediaElementSession::removeBehaviorRestriction):
        (WebCore::MediaElementSession::mostRecentUserInteractionTime const):
        (WebCore::MediaElementSession::resetPlaybackSessionState):
        * html/MediaElementSession.h:
        * html/parser/HTMLParserScheduler.cpp:
        (WebCore::PumpSession::PumpSession):
        (WebCore::HTMLParserScheduler::HTMLParserScheduler):
        * html/parser/HTMLParserScheduler.h:
        (WebCore::HTMLParserScheduler::checkForYield):
        * inspector/InspectorCanvas.cpp:
        (WebCore::InspectorCanvas::recordAction):
        (WebCore::InspectorCanvas::finalizeFrame):
        * inspector/InspectorCanvas.h:
        * inspector/agents/InspectorMemoryAgent.cpp:
        (WebCore::InspectorMemoryAgent::startTracking):
        (WebCore::InspectorMemoryAgent::didHandleMemoryPressure):
        (WebCore::InspectorMemoryAgent::collectSample):
        * inspector/agents/InspectorNetworkAgent.cpp:
        (WebCore::InspectorNetworkAgent::buildObjectForTiming):
        (WebCore::InspectorNetworkAgent::timestamp):
        (WebCore::InspectorNetworkAgent::didFinishLoading):
        * inspector/agents/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::timestamp):
        * inspector/agents/InspectorTimelineAgent.cpp:
        (WebCore::InspectorTimelineAgent::timestamp):
        * inspector/agents/WebHeapAgent.cpp:
        (WebCore::WebHeapAgent::dispatchGarbageCollectedEvent):
        * inspector/agents/WebHeapAgent.h:
        * loader/cache/CachedCSSStyleSheet.cpp:
        (WebCore::CachedCSSStyleSheet::restoreParsedStyleSheet):
        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::didDraw):
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::didAccessDecodedData):
        * loader/cache/CachedResource.h:
        * loader/cache/MemoryCache.cpp:
        (WebCore::MemoryCache::pruneLiveResourcesToSize):
        * page/EventHandler.cpp:
        (WebCore::MaximumDurationTracker::MaximumDurationTracker):
        (WebCore::MaximumDurationTracker::~MaximumDurationTracker):
        * page/FocusController.cpp:
        (WebCore::FocusController::setFocusedElement):
        (WebCore::FocusController::timeSinceFocusWasSet const):
        * page/FocusController.h:
        * page/FrameView.cpp:
        (WebCore::FrameView::reset):
        (WebCore::FrameView::willPaintContents):
        (WebCore::FrameView::didPaintContents):
        * page/FrameView.h:
        * page/animation/AnimationBase.cpp:
        (WebCore::AnimationBase::freezeAtTime):
        (WebCore::AnimationBase::beginAnimationUpdateTime const):
        * page/animation/AnimationBase.h:
        (WebCore::AnimationBase::onAnimationStartResponse):
        * page/animation/CSSAnimationController.cpp:
        (WebCore::CSSAnimationControllerPrivate::beginAnimationUpdateTime):
        (WebCore::CSSAnimationControllerPrivate::receivedStartTimeResponse):
        (WebCore::CSSAnimationControllerPrivate::startTimeResponse):
        (WebCore::CSSAnimationController::notifyAnimationStarted):
        * page/animation/CSSAnimationController.h:
        * page/animation/CSSAnimationControllerPrivate.h:
        * page/mac/WheelEventDeltaFilterMac.h:
        * page/mac/WheelEventDeltaFilterMac.mm:
        (WebCore::WheelEventDeltaFilterMac::beginFilteringDeltas):
        (WebCore::WheelEventDeltaFilterMac::updateFromDelta):
        (WebCore::WheelEventDeltaFilterMac::endFilteringDeltas):
        * platform/ControlStates.h:
        (WebCore::ControlStates::timeSinceControlWasFocused const):
        (WebCore::ControlStates::setTimeSinceControlWasFocused):
        * platform/PlatformSpeechSynthesisUtterance.h:
        (WebCore::PlatformSpeechSynthesisUtterance::startTime const):
        (WebCore::PlatformSpeechSynthesisUtterance::setStartTime):
        * platform/gamepad/PlatformGamepad.h:
        (WebCore::PlatformGamepad::lastUpdateTime const):
        (WebCore::PlatformGamepad::connectTime const):
        (WebCore::PlatformGamepad::PlatformGamepad):
        * platform/gamepad/cocoa/GameControllerGamepad.mm:
        (WebCore::GameControllerGamepad::setupAsExtendedGamepad):
        (WebCore::GameControllerGamepad::setupAsGamepad):
        * platform/gamepad/mac/HIDGamepad.cpp:
        (WebCore::HIDGamepad::HIDGamepad):
        (WebCore::HIDGamepad::valueChanged):
        * platform/graphics/GraphicsLayer.cpp:
        (WebCore::GraphicsLayer::suspendAnimations):
        * platform/graphics/GraphicsLayer.h:
        * platform/graphics/GraphicsLayerClient.h:
        (WebCore::GraphicsLayerClient::notifyAnimationStarted):
        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
        (WebCore::LayerClient::platformCALayerAnimationStarted):
        (WebCore::AVFWrapper::createImageForTimeInRect):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createImageForTimeInRect):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::updateLastImage):
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::addAnimation):
        (WebCore::GraphicsLayerCA::pauseAnimation):
        (WebCore::GraphicsLayerCA::platformCALayerAnimationStarted):
        (WebCore::GraphicsLayerCA::setAnimationOnLayer):
        (WebCore::GraphicsLayerCA::pauseCAAnimationOnLayer):
        (WebCore::GraphicsLayerCA::createAnimationFromKeyframes):
        (WebCore::GraphicsLayerCA::appendToUncommittedAnimations):
        (WebCore::GraphicsLayerCA::createTransformAnimationsFromKeyframes):
        * platform/graphics/ca/GraphicsLayerCA.h:
        (WebCore::GraphicsLayerCA::LayerPropertyAnimation::LayerPropertyAnimation):
        (WebCore::GraphicsLayerCA::AnimationProcessingAction::AnimationProcessingAction):
        * platform/graphics/ca/LayerPool.cpp:
        (WebCore::LayerPool::LayerPool):
        (WebCore::LayerPool::addLayer):
        (WebCore::LayerPool::decayedCapacity const):
        (WebCore::LayerPool::pruneTimerFired):
        * platform/graphics/ca/LayerPool.h:
        * platform/graphics/ca/PlatformCAAnimation.h:
        * platform/graphics/ca/PlatformCALayer.h:
        * platform/graphics/ca/PlatformCALayerClient.h:
        (WebCore::PlatformCALayerClient::platformCALayerAnimationStarted):
        * platform/graphics/ca/TileGrid.cpp:
        (WebCore::TileGrid::revalidateTiles):
        (WebCore::TileGrid::startedNewCohort):
        (WebCore::TileGrid::TileCohortInfo::timeUntilExpiration):
        (WebCore::TileGrid::cohortRemovalTimerFired):
        * platform/graphics/ca/TileGrid.h:
        (WebCore::TileGrid::TileCohortInfo::TileCohortInfo):
        * platform/graphics/ca/cocoa/PlatformCALayerCocoa.h:
        * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:
        (mediaTimeToCurrentTime):
        (-[WebAnimationDelegate animationDidStart:]):
        (PlatformCALayerCocoa::animationStarted):
        * platform/graphics/ca/win/CACFLayerTreeHost.cpp:
        (WebCore::CACFLayerTreeHost::notifyAnimationsStarted):
        * platform/graphics/ca/win/PlatformCALayerWin.cpp:
        (PlatformCALayerWin::animationStarted):
        (PlatformCALayerWin::layerTreeAsString const):
        * platform/graphics/ca/win/PlatformCALayerWin.h:
        * platform/graphics/cocoa/WebCoreDecompressionSession.mm:
        (WebCore::WebCoreDecompressionSession::decodeSample):
        * platform/graphics/texmap/BitmapTexturePool.cpp:
        (WebCore::BitmapTexturePool::releaseUnusedTexturesTimerFired):
        * platform/graphics/texmap/BitmapTexturePool.h:
        (WebCore::BitmapTexturePool::Entry::markIsInUse):
        (WebCore::BitmapTexturePool::Entry::canBeReleased const):
        (): Deleted.
        * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
        (WebCore::GraphicsLayerTextureMapper::GraphicsLayerTextureMapper):
        (WebCore::GraphicsLayerTextureMapper::addAnimation):
        (WebCore::GraphicsLayerTextureMapper::pauseAnimation):
        * platform/graphics/texmap/GraphicsLayerTextureMapper.h:
        * platform/graphics/texmap/TextureMapperAnimation.cpp:
        (WebCore::TextureMapperAnimation::TextureMapperAnimation):
        (WebCore::TextureMapperAnimation::apply):
        (WebCore::TextureMapperAnimation::pause):
        (WebCore::TextureMapperAnimation::resume):
        (WebCore::TextureMapperAnimation::computeTotalRunningTime):
        (WebCore::TextureMapperAnimations::pause):
        (WebCore::TextureMapperAnimations::suspend):
        * platform/graphics/texmap/TextureMapperAnimation.h:
        (WebCore::TextureMapperAnimation::startTime const):
        (WebCore::TextureMapperAnimation::pauseTime const):
        * platform/graphics/texmap/TextureMapperFPSCounter.cpp:
        (WebCore::TextureMapperFPSCounter::TextureMapperFPSCounter):
        (WebCore::TextureMapperFPSCounter::updateFPSAndDisplay):
        * platform/graphics/texmap/TextureMapperFPSCounter.h:
        * platform/graphics/texmap/TextureMapperPlatformLayerBuffer.h:
        (WebCore::TextureMapperPlatformLayerBuffer::markUsed):
        (WebCore::TextureMapperPlatformLayerBuffer::lastUsedTime const):
        (): Deleted.
        * platform/graphics/texmap/TextureMapperPlatformLayerProxy.cpp:
        (WebCore::TextureMapperPlatformLayerProxy::releaseUnusedBuffersTimerFired):
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::CoordinatedGraphicsLayer::addAnimation):
        (WebCore::CoordinatedGraphicsLayer::pauseAnimation):
        (WebCore::CoordinatedGraphicsLayer::suspendAnimations):
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
        * platform/mediastream/RealtimeMediaSource.h:
        * platform/mediastream/RealtimeOutgoingVideoSource.cpp:
        (WebCore::RealtimeOutgoingVideoSource::sendFrame):
        * platform/mediastream/libwebrtc/LibWebRTCAudioModule.cpp:
        (WebCore::LibWebRTCAudioModule::StartPlayoutOnAudioThread):
        * platform/mediastream/mac/DisplayCaptureSourceCocoa.cpp:
        (WebCore::DisplayCaptureSourceCocoa::startProducingData):
        (WebCore::DisplayCaptureSourceCocoa::stopProducingData):
        (WebCore::DisplayCaptureSourceCocoa::elapsedTime):
        * platform/mediastream/mac/DisplayCaptureSourceCocoa.h:
        * platform/mediastream/mac/MockRealtimeAudioSourceMac.h:
        * platform/mediastream/mac/MockRealtimeAudioSourceMac.mm:
        (WebCore::MockRealtimeAudioSourceMac::render):
        * platform/mediastream/mac/MockRealtimeVideoSourceMac.mm:
        (WebCore::MockRealtimeVideoSourceMac::CMSampleBufferFromPixelBuffer):
        * platform/mediastream/mac/ScreenDisplayCaptureSourceMac.h:
        * platform/mediastream/mac/ScreenDisplayCaptureSourceMac.mm:
        (WebCore::ScreenDisplayCaptureSourceMac::sampleBufferFromPixelBuffer):
        (WebCore::ScreenDisplayCaptureSourceMac::frameAvailable):
        * platform/mock/MockRealtimeAudioSource.cpp:
        (WebCore::MockRealtimeAudioSource::startProducingData):
        (WebCore::MockRealtimeAudioSource::stopProducingData):
        (WebCore::MockRealtimeAudioSource::elapsedTime):
        (WebCore::MockRealtimeAudioSource::tick):
        (WebCore::MockRealtimeAudioSource::delaySamples):
        * platform/mock/MockRealtimeAudioSource.h:
        (WebCore::MockRealtimeAudioSource::render):
        * platform/mock/MockRealtimeVideoSource.cpp:
        (WebCore::MockRealtimeVideoSource::startProducingData):
        (WebCore::MockRealtimeVideoSource::stopProducingData):
        (WebCore::MockRealtimeVideoSource::elapsedTime):
        (WebCore::MockRealtimeVideoSource::drawText):
        (WebCore::MockRealtimeVideoSource::delaySamples):
        (WebCore::MockRealtimeVideoSource::generateFrame):
        * platform/mock/MockRealtimeVideoSource.h:
        * platform/network/DNSResolveQueue.cpp:
        (WebCore::DNSResolveQueue::DNSResolveQueue):
        (WebCore::DNSResolveQueue::isUsingProxy):
        * platform/network/DNSResolveQueue.h:
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::suspendAnimations):
        * rendering/RenderBoxModelObject.h:
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::paintFocusRing):
        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::paintAreaElementFocusRing):
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::notifyAnimationStarted):
        (WebCore::RenderLayerBacking::suspendAnimations):
        * rendering/RenderLayerBacking.h:
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::didPaintBacking):
        * rendering/RenderProgress.cpp:
        (WebCore::RenderProgress::RenderProgress):
        (WebCore::RenderProgress::animationProgress const):
        (WebCore::RenderProgress::updateAnimationState):
        * rendering/RenderProgress.h:
        * rendering/RenderTheme.cpp:
        (WebCore::RenderTheme::animationDurationForProgressBar const):
        * rendering/RenderTheme.h:
        * rendering/RenderThemeGtk.cpp:
        (WebCore::RenderThemeGtk::animationDurationForProgressBar const):
        * rendering/RenderThemeGtk.h:
        * rendering/RenderThemeIOS.h:
        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::animationDurationForProgressBar const):
        * rendering/RenderThemeMac.h:
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::animationDurationForProgressBar const):
        * svg/animation/SMILTimeContainer.cpp:
        (WebCore::SMILTimeContainer::SMILTimeContainer):
        (WebCore::SMILTimeContainer::elapsed const):
        (WebCore::SMILTimeContainer::isActive const):
        (WebCore::SMILTimeContainer::isPaused const):
        (WebCore::SMILTimeContainer::isStarted const):
        (WebCore::SMILTimeContainer::begin):
        (WebCore::SMILTimeContainer::pause):
        (WebCore::SMILTimeContainer::resume):
        (WebCore::SMILTimeContainer::setElapsed):
        (WebCore::SMILTimeContainer::timerFired):
        * svg/animation/SMILTimeContainer.h:
        * testing/Internals.cpp:
        (WebCore::Internals::delayMediaStreamTrackSamples):
        * testing/MockGamepad.cpp:
        (WebCore::MockGamepad::MockGamepad):
        (WebCore::MockGamepad::updateDetails):
        (WebCore::MockGamepad::setAxisValue):
        (WebCore::MockGamepad::setButtonValue):

2018-03-02  Alejandro G. Castro  <alex@igalia.com>

        Make LibWebRTCProvider port agnostic again after r215424
        https://bugs.webkit.org/show_bug.cgi?id=183080

        Reviewed by Youenn Fablet.

        In the r215424 commit the webRTCAvailable function started to use a function from the DARWIN platform,
        we have moved that code to the cocoa class and created a glib implementation that will be used in the future
        to implement the LibWebRTCProviderGlib class.

        No new tests, this is a refactor.

        * Sources.txt: Add the compilation of the new file.
        * platform/mediastream/libwebrtc/LibWebRTCProvider.cpp: Remove the webRTCAvailable function from this file.
        (WebCore::LibWebRTCProvider::create): We want to use this even when LIBWEBRTC is not used.
        * platform/mediastream/libwebrtc/LibWebRTCProviderCocoa.cpp:
        (WebCore::LibWebRTCProvider::webRTCAvailable): Moved the code from the LibWebRTCProvider class.
        * platform/mediastream/libwebrtc/LibWebRTCProviderGlib.cpp:
        (WebCore::LibWebRTCProvider::webRTCAvailable): Add the glib implementation, basically true, we are always
        linking libwebrtc for the moment in these situations.

2018-03-01  Carlos Garcia Campos  <cgarcia@igalia.com>

        REGRESSION(r222843): [HarfBuzz] Combining enclosed keycap not correctly handled
        https://bugs.webkit.org/show_bug.cgi?id=183246

        Reviewed by Michael Catanzaro.

        We are not correctly handling the combining enclosed keycap since we switched to use
        ComplexTextController. This is because fontForCombiningCharacterSequence() always returns the font of the first
        character, without checking if that font can render the whole sequence or not. Before 222843, the shaper did
        that check when creating the text runs. In this case the sequence was split and a different font was used for the
        text and the mark. This patch makes fontForCombiningCharacterSequence() try to find a suitable font for the
        whole sequence, first looking at the CSS fallbacks and finally at system ones. The result is much better than
        the old one, because we use the same font for both the text and the mark. If there isn't any font to render the
        mark, then we fallback to use the first character font, since we will end up rendering the missing glyph
        character, it's better to use the same font than the first character one.

        Test: fast/text/combining-enclosing-keycap.html

        * platform/graphics/cairo/FontCairoHarfbuzzNG.cpp:
        (WebCore::FontCascade::fontForCombiningCharacterSequence const): Check if the first charatcer font can render
        the whole sequence, trying with fallbacks otherwise.
        * platform/graphics/freetype/SimpleFontDataFreeType.cpp:
        (WebCore::Font::canRenderCombiningCharacterSequence const): Check if the font face has glyphs for the whole
        sequence not just the first character.

2018-03-01  Carlos Garcia Campos  <cgarcia@igalia.com>

        [FreeType] Remove FontPlatformData fallbacks
        https://bugs.webkit.org/show_bug.cgi?id=183210

        Reviewed by Michael Catanzaro.

        They are only used by FontCache::systemFallbackForCharacters() where a direct FcFontMatch provides the same
        or better results.

        * platform/graphics/FontPlatformData.h: Remove fallbacks.
        * platform/graphics/freetype/FontCacheFreeType.cpp:
        (WebCore::FontCache::systemFallbackForCharacters): Use FcFontMatch() only.
        * platform/graphics/freetype/FontPlatformDataFreeType.cpp:
        (WebCore::FontPlatformData::fallbacks): Removed.

2018-03-01  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r229153.
        https://bugs.webkit.org/show_bug.cgi?id=183274

        it is breaking imported/w3c/web-platform-tests/service-workers
        /service-worker/clients-matchall-exact-controller.https.html
        (Requested by youenn on #webkit).

        Reverted changeset:

        "Clients should register to StorageProcess with their service
        worker registration identifier"
        https://bugs.webkit.org/show_bug.cgi?id=182313
        https://trac.webkit.org/changeset/229153

2018-03-01  Youenn Fablet  <youenn@apple.com>

        Clients should register to StorageProcess with their service worker registration identifier
        https://bugs.webkit.org/show_bug.cgi?id=182313

        Reviewed by Chris Dumez.

        No observable change of behavior in regular conditions.
        When service worker process crashes, the service worker identifiers sent by the WebProcess might be wrong
        and we will not be able to retrieve the registration from these identifiers.
        The storage process will be able to still process correctly messages coming from the WebProcess to register clients of the registration.
        Otherwise, there is a chance that WebProcess clients will not be added to the SWServerRegistration.m_clientsUsingRegistration maps.

        * dom/Document.cpp:
        (WebCore::Document::setServiceWorkerConnection):
        * workers/service/SWClientConnection.h:
        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::registerServiceWorkerClient):
        * workers/service/server/SWServer.h:

2018-03-01  Youenn Fablet  <youenn@apple.com>

        Add API test to validate setting of service worker and cache storage directories
        https://bugs.webkit.org/show_bug.cgi?id=182543

        Reviewed by Chris Dumez.

        Covered by API tests.

        Add getters to service worker registration directory.

        * testing/Internals.cpp:
        (WebCore::Internals::serviceWorkerRegistrationDirectory):
        * testing/Internals.h:
        * testing/Internals.idl:
        * workers/service/SWClientConnection.h:
        * workers/service/server/RegistrationDatabase.h:
        (WebCore::RegistrationDatabase::serviceWorkerRegistrationDirectory const):
        * workers/service/server/RegistrationStore.h:
        (WebCore::RegistrationStore::serviceWorkerRegistrationDirectory const):
        * workers/service/server/SWServer.h:
        (WebCore::SWServer::serviceWorkerRegistrationDirectory const):

2018-03-01  Youenn Fablet  <youenn@apple.com>

        SWServer::removeClientServiceWorkerRegistration should not log an error if there is no registration
        https://bugs.webkit.org/show_bug.cgi?id=183248

        Reviewed by Chris Dumez.

        No change of behavior.
        Removed the error logging.
        As can be seen from running api and layout tests, a web process can ask a registration to be unregistered
        and by the time it goes to the StorageProcess, the registration is already cleared.

        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::removeClientServiceWorkerRegistration):

2018-03-01  Daniel Bates  <dabates@apple.com>

        CSS ::selection stroke-color and stroke-width are not applied to selected text in text fields
        and ::selection:window-inactive stroke-color and stroke-width are never applied
        https://bugs.webkit.org/show_bug.cgi?id=183178

        Reviewed by David Hyatt.

        This change fixes the following two issues:
            1. Properties stroke-color and stroke-width are not applied to the ::selection pseudo-
               element of text fields.
            2. Properties stroke-color and stroke-width are never applied to ::selection:window-inactive
               pseudo elements.

        Currently when computing the paint styles for selected text we query the cached styles for
        the ::selection pseudo element on the renderer. Text fields are implemented using a User Agent
        shadow DOM. With regards to issue (1) the renderer queried was the inner most renderer for
        the text in the text field. But it should have been the shadow host renderer (i.e. the renderer
        for the <input>). With regards to issue (2) we cannot retrieve cached styles for the
        ::selection pseudo element because it can be effected by a pseudo class, :window-inactive,
        which matches when the page is deactivated (i.e. the window is in the background as the user
        made another window the frontmost window). Both of these issues are fixed by making use
        of RenderElement::selectionPseudoStyle().

        Tests: fast/selectors/selection-window-inactive-stroke-color.html
               fast/selectors/selection-window-inactive-text-shadow.html
               fast/selectors/text-field-selection-stroke-color.html
               fast/selectors/text-field-selection-text-shadow.html
               fast/selectors/text-field-selection-window-inactive-stroke-color.html
               fast/selectors/text-field-selection-window-inactive-text-shadow.html

        * rendering/RenderText.h:
        (WebCore::RenderText::selectionPseudoStyle const): Add a convenience function that turns
        around and calls the function of the same name on its parent.
        * rendering/TextPaintStyle.cpp:
        (WebCore::computeTextSelectionPaintStyle): Modified to use RenderText::selectionPseudoStyle()
        instead of directly querying for the cached styles for the ::selection pseudo element.

2018-03-01  Per Arne Vollan  <pvollan@apple.com>

        Scrollbar preferences are ignored when the WebContent process doesn't have access to the WindowServer.
        https://bugs.webkit.org/show_bug.cgi?id=183231
        <rdar://problem/37793457>

        Reviewed by Brent Fulgham.

        When the WebContent process doesn't have access to the WindowServer, the scrollbars are always of the overlay type.
        The notification about scrollbar preferences is never received by the WebContent process when there is no
        WindowServer access. This can be fixed by adding an observer of scrollbar preferences in the UI process, and
        notifying the WebProcess about this by sending it a message. This message should also contain the preferred
        scrollbar type, since the call '[NSScroller preferredScrollerStyle]' will always return the overlay style when
        there is no WindowServer access.

        No new tests, covered by existing tests.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/mac/NSScrollerImpDetails.h:
        * platform/mac/NSScrollerImpDetails.mm:
        (WebCore::ScrollerStyle::recommendedScrollerStyle):
        (WebCore::ScrollerStyle::setUseOverlayScrollbars):
        (WebCore::recommendedScrollerStyle): Deleted.
        * platform/mac/ScrollAnimatorMac.mm:
        (WebCore::ScrollAnimatorMac::ScrollAnimatorMac):
        (WebCore::ScrollAnimatorMac::mouseEnteredScrollbar const):
        (WebCore::ScrollAnimatorMac::mouseExitedScrollbar const):
        (WebCore::ScrollAnimatorMac::shouldScrollbarParticipateInHitTesting):
        * platform/mac/ScrollbarThemeMac.mm:
        (WebCore::ScrollbarThemeMac::registerScrollbar):
        (WebCore::ScrollbarThemeMac::scrollbarThickness):
        (WebCore::ScrollbarThemeMac::usesOverlayScrollbarsChanged):

2018-03-01  Myles C. Maxfield  <mmaxfield@apple.com>

        Temporarily enable user-installed-fonts everywhere until we can stop crashing on launch
        https://bugs.webkit.org/show_bug.cgi?id=183255

        Unreviewed.

        Tests are already disabled.

        * platform/graphics/cocoa/FontCacheCoreText.cpp:

2018-03-01  Basuke Suzuki  <Basuke.Suzuki@sony.com>

        [Curl] Split DNS cache expiration and connection timeout setting.
        https://bugs.webkit.org/show_bug.cgi?id=182979

        It was mis-implemented and was named ambiguous name 'enableTimeout'.
        Implement each feature correctly.

        Reviewed by Per Arne Vollan.

        * platform/network/curl/CurlContext.cpp:
        (WebCore::EnvironmentVariableReader::read):
        (WebCore::EnvironmentVariableReader::defined):
        (WebCore::EnvironmentVariableReader::readAs):
        (WebCore::EnvironmentVariableReader::sscanTemplate):
        (WebCore::EnvironmentVariableReader::sscanTemplate<unsigned>):
        (WebCore::CurlContext::CurlContext):
        (WebCore::safeTimeValue):
        (WebCore::CurlHandle::setDnsCacheTimeout):
        (WebCore::CurlHandle::setConnectTimeout):
        (WebCore::CurlHandle::setTimeout):
        (WebCore::CurlHandle::enableTimeout): Deleted.
        * platform/network/curl/CurlContext.h:
        (WebCore::CurlContext::dnsCacheTimeout const):
        (WebCore::CurlContext::connectTimeout const):
        * platform/network/curl/CurlRequest.cpp:
        (WebCore::CurlRequest::setupTransfer):

2018-03-01  Zalan Bujtas  <zalan@apple.com>

        Remove RenderElement::s_noLongerAffectsParentBlock
        https://bugs.webkit.org/show_bug.cgi?id=183196
        <rdar://problem/38030797>

        Reviewed by Antti Koivisto.

        Remove the hack to track floating/out-of-flow changes between styleWillChange and styleDidChange.

        Covered by existing tests.

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::styleDidChange):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::styleWillChange):
        (WebCore::RenderElement::noLongerAffectsParentBlock const):
        (WebCore::RenderElement::styleDidChange):
        * rendering/RenderElement.h:
        (WebCore::RenderElement::noLongerAffectsParentBlock const): Deleted.

2018-03-01  Chris Dumez  <cdumez@apple.com>

        imported/w3c/web-platform-tests/html/browsers/windows/browsing-context.html fails with async policy delegates
        https://bugs.webkit.org/show_bug.cgi?id=183225
        <rdar://problem/38003828>

        Reviewed by Alex Christensen.

        Bypass navigation policy check when loading about:blank. This does not seem necessary and it would not
        be Web-compatible for such policy check to happen synchronously. This is because an iframe without src
        or src="about:blank" should load synchronously as per HTML specification.

        Test: http/wpt/html/browsers/windows/browsing-context.html

        * loader/PolicyChecker.cpp:
        (WebCore::PolicyChecker::checkNavigationPolicy):

2018-03-01  Christopher Reid  <chris.reid@sony.com>

        [Curl] Linker errors in some curl files due to missing exports
        https://bugs.webkit.org/show_bug.cgi?id=183238

        Reviewed by Alex Christensen.

        No new tests, no change in behavior.

        Adding WEBCORE_EXPORT to functions now used in WebKit.

        * platform/network/NetworkStorageSession.h:
        * platform/network/curl/CookieJarDB.h:
        * platform/network/curl/CurlContext.h:

2018-03-01  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r229130.
        https://bugs.webkit.org/show_bug.cgi?id=183244

        It breaks AppleWin compilation (Requested by alexg__ on
        #webkit).

        Reverted changeset:

        "Make LibWebRTCProvider port agnostic again after r215424"
        https://bugs.webkit.org/show_bug.cgi?id=183080
        https://trac.webkit.org/changeset/229130

2018-03-01  Alejandro G. Castro  <alex@igalia.com>

        Make LibWebRTCProvider port agnostic again after r215424
        https://bugs.webkit.org/show_bug.cgi?id=183080

        Reviewed by Youenn Fablet.

        In the r215424 commit the webRTCAvailable function started to use a function from the DARWIN platform,
        we have moved that code to the cocoa class and created a glib implementation that will be used in the future
        to implement the LibWebRTCProviderGlib class.

        No new tests, this is a refactor.

        * Sources.txt: Add the compilation of the new file.
        * platform/mediastream/libwebrtc/LibWebRTCProvider.cpp: Remove the webRTCAvailable function from this file.
        (WebCore::LibWebRTCProvider::create): We want to use this even when LIBWEBRTC is not used.
        * platform/mediastream/libwebrtc/LibWebRTCProviderCocoa.cpp:
        (WebCore::LibWebRTCProvider::webRTCAvailable): Moved the code from the LibWebRTCProvider class.
        * platform/mediastream/libwebrtc/LibWebRTCProviderGlib.cpp:
        (WebCore::LibWebRTCProvider::webRTCAvailable): Add the glib implementation, basically true, we are always
        linking libwebrtc for the moment in these situations.

2018-03-01  Carlos Garcia Campos  <cgarcia@igalia.com>

        [FreeType] Color emojis in WebKitGTK+ for great justice
        https://bugs.webkit.org/show_bug.cgi?id=183155

        Reviewed by Michael Catanzaro.

        Emojis are actually rendered if there's an emoji font installed in the system, but the size is so tiny that we
        don't see them. This is because for some reason the matrix we are getting from fontconfig contains a scale,
        which we don't expect. We only get the fontconfig matrix to apply rotations in case of oblique fonts, and then we
        always apply the scale for the computed pixel font size. Ignoring the fontconfig matrix scale fixes the issue.

        * platform/graphics/freetype/FontCacheFreeType.cpp:
        (WebCore::fontWeightToFontconfigWeight): Moved here since it's now used by configurePatternForFontDescription().
        (WebCore::configurePatternForFontDescription): Helper function to apply the same options for fallback pattern.
        (WebCore::createFontConfigPatternForCharacters): Use configurePatternForFontDescription().
        (WebCore::findBestFontGivenFallbacks): Adopt the returned reference.
        (WebCore::FontCache::systemFallbackForCharacters): Clean it up.
        (WebCore::FontCache::createFontPlatformData): Use configurePatternForFontDescription().
        * platform/graphics/freetype/FontPlatformDataFreeType.cpp:
        (WebCore::FontPlatformData::buildScaledFont): Ignore the scale returned by fontconfig matrix.

2018-02-28  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] text samples no longer processed
        https://bugs.webkit.org/show_bug.cgi?id=183212

        Reviewed by Xabier Rodriguez-Calvar.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::newTextSample): Refer to
        track stream ID instead of (potentially) manually generated track
        ID stored as hashmap keys.

2018-02-28  Tim Horton  <timothy_horton@apple.com>

        Push WTF_PLATFORM_IOS down into preprocessor.pm instead of trying to determine it inside
        https://bugs.webkit.org/show_bug.cgi?id=183193

        Reviewed by Andy Estes.

        * DerivedSources.make:
        * bindings/scripts/preprocessor.pm:
        (applyPreprocessor):
        Instead of trying to discern WTF_PLATFORM_IOS inside preprocessor.pm,
        push it down from DerivedSources.make. Also clean up DerivedSources.make
        a tiny bit by adding a variable, FEATURE_AND_PLATFORM_DEFINES, which
        contains both FEATURE_DEFINES and WTF_PLATFORM macros if needed.

2018-02-28  Nan Wang  <n_wang@apple.com>

        AX: AOM: Dispatch accessiblesetvalue event
        https://bugs.webkit.org/show_bug.cgi?id=183021
        <rdar://problem/37764242>

        Reviewed by Chris Fleizach.

        Accessibility events.
        Spec: https://wicg.github.io/aom/spec/phase2.html

        Added a new event type AccessibleSetValueEvent. 

        Test: accessibility/mac/AOM-event-accessiblesetvalue.html

        * CMakeLists.txt:
        * DerivedSources.make:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * accessibility/AccessibilityAllInOne.cpp:
        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::AccessibilityNodeObject::canSetValueAttribute const):
        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::press):
        (WebCore::AccessibilityObject::dispatchAccessibilityEvent):
        (WebCore::AccessibilityObject::dispatchAccessibleSetValueEvent):
        * accessibility/AccessibilityObject.h:
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::setValue):
        * accessibility/AccessibilityScrollbar.cpp:
        (WebCore::AccessibilityScrollbar::setValue):
        * accessibility/AccessibilitySlider.cpp:
        (WebCore::AccessibilitySlider::setValue):
        * accessibility/AccessibleSetValueEvent.cpp: Added.
        (WebCore::AccessibleSetValueEvent::AccessibleSetValueEvent):
        * accessibility/AccessibleSetValueEvent.h: Added.
        (WebCore::AccessibleSetValueEvent::create):
        (WebCore::AccessibleSetValueEvent::value const):
        * accessibility/AccessibleSetValueEvent.idl: Added.
        * dom/Element.idl:
        * dom/EventNames.h:
        * dom/EventNames.in:

2018-02-28  Chris Dumez  <cdumez@apple.com>

        html/browsers/browsing-the-web/navigating-across-documents/006.html fails with async policy delegates
        https://bugs.webkit.org/show_bug.cgi?id=183168
        <rdar://problem/37951341>

        Reviewed by Alex Christensen.

        The test has an anchor element with both a 'click' event handler which submits a form
        and an href attribute. When clicking the link, as per specification, things happen in
        this order:
        1. We fire the click event at the anchor, which will execute the event handler and submit the form.
           Submitting the form *schedules* a navigation to 'click.html'.
        2. We execute the anchor activation code which *navigates* to 'href.html'. The navigation to
           'href' is supposed to cancel the pending navigation to 'click.html' and we should navigate
           to 'href.html', which is what the test asserts.

        The issue for us is that we do not cancel pending navigations until after the navigation
        policy decision is made, when the provisional loads actually starts, in FrameLoader::provisionalLoadStarted().
        Because the policy decision for the navigation can now be made asynchronously, the NavigationScheduler
        timer can now fire while the decision is made and we'll submit the form, thus navigating to
        'click.html'.

        To address the issue, we now cancel any pending navigations in FrameLoader::loadWithDocumentLoader(),
        *before* doing the policy check for the navigation.

        Test: http/wpt/html/browsers/browsing-the-web/navigating-across-documents/006.html

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadWithDocumentLoader):

2018-02-28  John Wilander  <wilander@apple.com>

        Add a second tier of prevalence to facilitate telemetry on very prevalent domains
        https://bugs.webkit.org/show_bug.cgi?id=183218
        <rdar://problem/37992388>

        Reviewed by Brent Fulgham.

        Test: http/tests/resourceLoadStatistics/classify-as-very-prevalent-based-on-mixed-statistics.html

        * loader/ResourceLoadStatistics.cpp:
        (WebCore::ResourceLoadStatistics::encode const):
        (WebCore::ResourceLoadStatistics::decode):
        (WebCore::ResourceLoadStatistics::toString const):
        (WebCore::ResourceLoadStatistics::merge):
            Handling of the new boolean field isVeryPrevalentResource.
        * loader/ResourceLoadStatistics.h:
            Added the new boolean field isVeryPrevalentResource.

2018-02-28  Alex Christensen  <achristensen@webkit.org>

        Reduce use of NetworkingContext in WebKit
        https://bugs.webkit.org/show_bug.cgi?id=183213

        Reviewed by Brady Eidson.

        NetworkingContext is intended to be used only with ResourceHandle, which is now only used in WebKitLegacy.
        Now that we don't use ResourceHandle in the WebProcess, everything that was done through the NetworkingContext
        can now be done a cleaner way with no change in behavior.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadResourceSynchronously):
        * loader/LinkLoader.cpp:
        (WebCore::LinkLoader::loadLink):
        * loader/LoaderStrategy.h:
        * platform/network/ProxyServer.h:
        * platform/network/cf/ProxyServerCFNet.cpp:
        (WebCore::proxyServersForURL):
        * platform/network/curl/ProxyServerCurl.cpp:
        (WebCore::proxyServersForURL):
        * platform/network/soup/ProxyServerSoup.cpp:
        (WebCore::proxyServersForURL):

2018-02-28  Zalan Bujtas  <zalan@apple.com>

        Remove RenderElement::s_affectsParentBlock
        https://bugs.webkit.org/show_bug.cgi?id=183187
        <rdar://problem/37961079>

        Reviewed by Antti Koivisto.

        Remove the hack to track floating/out-of-flow changes between styleWillChange and styleDidChange.

        Covered by existing tests.

        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::styleWillChange):
        (WebCore::RenderElement::styleDidChange):
        * rendering/RenderElement.h:

2018-02-28  Antti Koivisto  <antti@apple.com>

        Filter attribute selectors with selector filter
        https://bugs.webkit.org/show_bug.cgi?id=183200

        Reviewed by Zalan Bujtas.

        Currently selector filtering is done based on tags, classes and ids. We should include attributes too.

        This patch adds filtering based on attribute name (but not content).

        * css/SelectorFilter.cpp:
        (WebCore::isExcludedAttribute):

            Ignore id, class and style attributes. First two are already handled and the last is common but is rarely
            used in selectors.

        (WebCore::collectElementIdentifierHashes):

            Collect attributes.
            Remove the unnecessary StyledElement casting.

        (WebCore::collectSimpleSelectorHash):

            Collect attribute selectors.

        (WebCore::chooseSelectorHashesForFilter):

            Pick attributes with high priority for the filter as it is likely a good signal.

2018-02-27  Sergio Villar Senin  <svillar@igalia.com>

        [WebVR] Convert VRPlatformDisplayInfo into a class
        https://bugs.webkit.org/show_bug.cgi?id=183162

        Reviewed by Žan Doberšek.

        In preparation for further changes we're transforming the
        VRPlatformDisplayInfo into a class. All the members are now private
        and the class provides the needed getters/setters.

        Apart from that VRDisplayCapabilityFlags is now just an unsigned and
        the different flags are defined in VRDisplayCapabilityFlag enum.
        Another cleanup was the removal of VRDisplayCapabilities.cpp as
        everything can be implemented in the header.

        * Modules/webvr/VRDisplay.cpp:
        (WebCore::VRDisplay::VRDisplay):
        (WebCore::VRDisplay::isConnected const):
        (WebCore::VRDisplay::stageParameters const):
        * Modules/webvr/VRDisplayCapabilities.cpp: Removed.
        * Modules/webvr/VRDisplayCapabilities.h:
        (WebCore::VRDisplayCapabilities::hasPosition const):
        (WebCore::VRDisplayCapabilities::hasOrientation const):
        (WebCore::VRDisplayCapabilities::hasExternalDisplay const):
        (WebCore::VRDisplayCapabilities::canPresent const):
        (WebCore::VRDisplayCapabilities::maxLayer const):
        (WebCore::VRDisplayCapabilities::VRDisplayCapabilities):
        * Sources.txt:
        * platform/vr/VRPlatformDisplay.h:
        (WebCore::VRPlatformDisplayInfo::displayName const):
        (WebCore::VRPlatformDisplayInfo::setDisplayName):
        (WebCore::VRPlatformDisplayInfo::isConnected const):
        (WebCore::VRPlatformDisplayInfo::setIsConnected):
        (WebCore::VRPlatformDisplayInfo::isMounted const):
        (WebCore::VRPlatformDisplayInfo::setIsMounted):
        (WebCore::VRPlatformDisplayInfo::capabilityFlags const):
        (WebCore::VRPlatformDisplayInfo::setCapabilityFlags):
        (WebCore::VRPlatformDisplayInfo::displayIdentifier const):
        (WebCore::VRPlatformDisplayInfo::setDisplayIdentifier):
        (WebCore::VRPlatformDisplayInfo::eyeTranslation const):
        (WebCore::VRPlatformDisplayInfo::setEyeTranslation):
        (WebCore::VRPlatformDisplayInfo::eyeFieldOfView const):
        (WebCore::VRPlatformDisplayInfo::setEyeFieldOfView):
        (WebCore::VRPlatformDisplayInfo::renderSize const):
        (WebCore::VRPlatformDisplayInfo::setRenderSize):
        (WebCore::VRPlatformDisplayInfo::setPlayAreaBounds):
        (WebCore::VRPlatformDisplayInfo::playAreaBounds const):
        (WebCore::VRPlatformDisplayInfo::setSittingToStandingTransform):
        (WebCore::VRPlatformDisplayInfo::sittingToStandingTransform const):
        * platform/vr/openvr/VRPlatformDisplayOpenVR.cpp:
        (WebCore::VRPlatformDisplayOpenVR::VRPlatformDisplayOpenVR):
        (WebCore::VRPlatformDisplayOpenVR::updateEyeParameters):
        (WebCore::VRPlatformDisplayOpenVR::updateStageParameters):

2018-02-27  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r229060.
        https://bugs.webkit.org/show_bug.cgi?id=183198

        This patch causes crashes on two SVG tests (Requested by fredw
        on #webkit).

        Reverted changeset:

        "Relayout frames after AsyncFrameScrolling or FrameFlattening
        option is changed"
        https://bugs.webkit.org/show_bug.cgi?id=183081
        https://trac.webkit.org/changeset/229060

2018-02-27  Youenn Fablet  <youenn@apple.com>

        Do not trigger a service worker match in case of document redirection if it will be already served by AppCache
        https://bugs.webkit.org/show_bug.cgi?id=183185
        <rdar://problem/37693796>

        Reviewed by Chris Dumez.

        Disabling service worker matching in case there is a substitute data.
        Otherwise there is a risk for a double load, substitute data first and the new load
        triggered if matching a new registration.
        A future fix should first do service worker registration matching and if there is no registration query appcache.

        Test: http/tests/appcache/main-resource-redirect-with-sw.html

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::redirectReceived):

2018-02-27  Tim Horton  <timothy_horton@apple.com>

        Ensure target triple is propagated correctly to DerivedSources.make
        https://bugs.webkit.org/show_bug.cgi?id=183189
        <rdar://problem/37959694>

        Reviewed by Dan Bernstein.

        If we don't propagate the target triple, we can sometimes build with
        the wrong options enabled.

        * Configurations/Base.xcconfig:
        Mentioning LLVM_TARGET_TRIPLE_SUFFIX here is required to get it to be available to scripts.

        * DerivedSources.make:
        Propagate the target triple into our compiler invocations.

2018-02-27  Doug Russell  <doug@getitdownonpaper.com>

        AX: Spell check and style attributes should be optional when fetching attributed string
        https://bugs.webkit.org/show_bug.cgi?id=160744

        Reviewed by Chris Fleizach.

        The overhead of fetching a spell checked attributed string via AX API is substantial. 
        In some cases on the order of 7/8 of the total time spent fetching the string.

        This change introduces the new attribute AXAttributedStringForTextMarkerRangeWithOptions which accepts an NSDictionary as it's parameter with keys "AXTextMarkerRange" (AXTextMarkerRangeRef) and "AXSpellCheck" (NSNumber(BOOL)).

        AXAttributedStringForTextMarkerRange will remain unchanged.

        Tests: accessibility/mac/attributed-string/attributed-string-for-range-with-options.html
               accessibility/mac/attributed-string/attributed-string-for-range.html

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (AXAttributedStringAppendText):
        (-[WebAccessibilityObjectWrapper doAXAttributedStringForTextMarkerRange:spellCheck:]):
        (-[WebAccessibilityObjectWrapper accessibilityParameterizedAttributeNames]):
        (-[WebAccessibilityObjectWrapper doAXAttributedStringForRange:]):
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):
        (-[WebAccessibilityObjectWrapper doAXAttributedStringForTextMarkerRange:]): Deleted.

2018-02-27  Daniel Bates  <dabates@apple.com>

        Standardize terminology for marked text
        https://bugs.webkit.org/show_bug.cgi?id=180999

        Reviewed by Zalan Bujtas.

        The name MarkerSubrange is a misnomer for a data structure that associates a text subrange with a type
        and optional document marker. In particular, a MarkerSubrange may not always correspond to a document
        marker. For instance, selected text is represented using a MarkerSubrange that does not have a
        corresponding document marker. Let's standardize on the phrase "marked text" as the canonical way to
        describe these tagged text subranges.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::localSelectionRect const):
        (WebCore::InlineTextBox::MarkedTextStyle::areBackgroundMarkedTextStylesEqual):
        (WebCore::InlineTextBox::MarkedTextStyle::areForegroundMarkedTextStylesEqual):
        (WebCore::InlineTextBox::MarkedTextStyle::areDecorationMarkedTextStylesEqual):
        (WebCore::InlineTextBox::StyledMarkedText::StyledMarkedText):
        (WebCore::createMarkedTextFromSelectionInBox):
        (WebCore::InlineTextBox::paint):
        (WebCore::InlineTextBox::paintPlatformDocumentMarkers):
        (WebCore::InlineTextBox::paintPlatformDocumentMarker):
        (WebCore::InlineTextBox::computeStyleForUnmarkedMarkedText const):
        (WebCore::InlineTextBox::resolveStyleForMarkedText):
        (WebCore::InlineTextBox::subdivideAndResolveStyle):
        (WebCore::InlineTextBox::coalesceAdjacentMarkedTexts):
        (WebCore::InlineTextBox::collectMarkedTextsForDraggedContent):
        (WebCore::InlineTextBox::collectMarkedTextsForDocumentMarkers):
        (WebCore::InlineTextBox::paintMarkedTexts):
        (WebCore::InlineTextBox::paintMarkedTextBackground):
        (WebCore::InlineTextBox::paintMarkedTextForeground):
        (WebCore::InlineTextBox::paintMarkedTextDecoration):
        (WebCore::InlineTextBox::paintCompositionBackground):
        (WebCore::InlineTextBox::MarkerSubrangeStyle::areBackgroundMarkerSubrangeStylesEqual): Deleted.
        (WebCore::InlineTextBox::MarkerSubrangeStyle::areForegroundMarkerSubrangeStylesEqual): Deleted.
        (WebCore::InlineTextBox::MarkerSubrangeStyle::areDecorationMarkerSubrangeStylesEqual): Deleted.
        (WebCore::InlineTextBox::StyledMarkerSubrange::StyledMarkerSubrange): Deleted.
        (WebCore::createMarkerSubrangeFromSelectionInBox): Deleted.
        (WebCore::InlineTextBox::computeStyleForUnmarkedMarkerSubrange const): Deleted.
        (WebCore::InlineTextBox::resolveStyleForSubrange): Deleted.
        (WebCore::InlineTextBox::coalesceAdjacentSubranges): Deleted.
        (WebCore::InlineTextBox::collectSubrangesForDraggedContent): Deleted.
        (WebCore::InlineTextBox::collectSubrangesForDocumentMarkers): Deleted.
        (WebCore::InlineTextBox::paintMarkerSubranges): Deleted.
        (WebCore::InlineTextBox::paintTextSubrangeBackground): Deleted.
        (WebCore::InlineTextBox::paintTextSubrangeForeground): Deleted.
        (WebCore::InlineTextBox::paintTextSubrangeDecoration): Deleted.
        * rendering/InlineTextBox.h:
        (WebCore::InlineTextBox::paintMarkedTexts):
        (WebCore::InlineTextBox::paintMarkerSubranges): Deleted.
        * rendering/MarkedText.cpp: Renamed from Source/WebCore/rendering/MarkerSubrange.cpp.
        (WebCore::subdivide):
        * rendering/MarkedText.h: Renamed from Source/WebCore/rendering/MarkerSubrange.h.
        (WebCore::MarkedText::MarkedText):
        (WebCore::MarkedText::isEmpty const):
        (WebCore::MarkedText::operator!= const):
        (WebCore::MarkedText::operator== const):

2018-02-27  Chris Dumez  <cdumez@apple.com>

        Unreviewed, roll out r228430.

        Roll out r228430 now that it is no longer needed after r228852.

        No new tests, initial fix is still covered by WebKit.RespondToPolicyForNavigationResponseAsynchronously
        API test.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::stopLoading):
        * loader/NavigationScheduler.cpp:
        (WebCore::NavigationScheduler::schedule):

2018-02-27  Antoine Quint  <graouts@apple.com>

        [Web Animations] Correct implementation of pending tasks and promises
        https://bugs.webkit.org/show_bug.cgi?id=183161

        Reviewed by Dean Jackson.

        We had an incorrect implementation of the spec due to two misinterpretations.

        The first one is about pending tasks (play and pause) which the spec says should
        be performed by "scheduling a task". In WebCore, this means using postTask() on a
        ScriptExecutionContext, such as Document. One of the big practical changes is that
        calling play() on an animation correctly sets its startTime to null (unresolved)
        immediately after the call to play() returns before setting it to a resolved value
        when the task is performed asynchronously. As a result, the playState is now always
        accurate.

        The second one is about promises where new promises need to be created in certain
        situations called out by the spec. We used to call clear() on them, but this merely
        resets the fulfillment or rejection state of the promise, while the spec requires
        a different object to be returned for the promise. We now create our promises using
        makeUniqueRef<> when new promise objects are expected to be created.

        This patch also corrects a few smaller bugs and spec compliant issues, called out
        below, related to pending tasks and promises uncovered while looking at relevant
        WPT tests.

        * animation/DocumentTimeline.h: Expose the Document used to create this timeline such
        that it may be used by WebAnimation objects registered for this timeline when scheduling
        a task is required via postTask().
        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::WebAnimation):
        (WebCore::WebAnimation::setBindingsStartTime):
        (WebCore::WebAnimation::setCurrentTime):
        (WebCore::WebAnimation::cancel): Ensure the finished promise has not already been fulfilled
        before rejecting it. While the spec does not specifically call this out, a promise may not
        be rejected after being fulfilled, and we would hit an ASSERT if we didn't also check that
        it was in the correct pending state before attemping to reject it.
        (WebCore::WebAnimation::resetPendingTasks):
        (WebCore::WebAnimation::finish):
        (WebCore::WebAnimation::updateFinishedState):
        (WebCore::WebAnimation::finishNotificationSteps):
        (WebCore::WebAnimation::play): We used to only check for a pending pause task before canceling
        that task, but the spec says to check for either a pending pause or play task (ie. pending())
        and to cancel whichever is scheduled.
        (WebCore::WebAnimation::runPendingPlayTask): We were missing an assertion called out by the
        spec when running a pending task.
        (WebCore::WebAnimation::pause):
        (WebCore::WebAnimation::runPendingPauseTask):
        (WebCore::WebAnimation::updatePendingTasks): We now use postTask() on the animation's associated
        timeline's document to schedule pending tasks for which the criteria to run are met, ie. there
        is an associated timeline.
        * animation/WebAnimation.h:

2018-02-27  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Extra zoom mode] Implement additional SPI for adjusting viewport shrink-to-fit behavior
        https://bugs.webkit.org/show_bug.cgi?id=183100
        <rdar://problem/37840987>

        Reviewed by Tim Horton.

        Introduce new customization options to ViewportConfiguration. The first is m_forceHorizontalShrinkToFit, which
        (when set to true) forces the viewport to scale using shrink-to-fit heuristics, regardless of whether
        "shrink-to-fit=no" is specified via viewport parameters or if content width did not exceed minimum layout size.
        The second is m_viewSize, which reflects the true size of the viewport. See WebKit ChangeLog for more details.

        Tests: ViewportSizingTests.ForceShrinkToFitViewportOverridesViewportParameters
               ViewportSizingTests.ShrinkToFitViewportWithMinimumAllowedLayoutWidth

        * page/ViewportConfiguration.cpp:
        (WebCore::ViewportConfiguration::ViewportConfiguration):
        (WebCore::ViewportConfiguration::setMinimumLayoutSize):

        Plumb the real size of the view alongside the minimum layout size when updating the minimum layout size.

        (WebCore::ViewportConfiguration::setForceHorizontalShrinkToFit):
        (WebCore::ViewportConfiguration::shouldIgnoreHorizontalScalingConstraints const):

        Bail early and return true if forceHorizontalShrinkToFit is set. This forces shrink-to-fit even in cases where
        "shrink-to-fit" is set to "no", or content dimensions don't exceed layout dimensions.

        (WebCore::ViewportConfiguration::initialScaleFromSize const):

        Use view dimensions rather than minimum layout dimensions when computing the initial scale. Minimum layout size
        is no longer always equal to the size of the view if the client has specified a minimum allowed layout width. As
        such, when computing the initial scale, to ensure that the content (which was laid out using the minimum layout
        size) fits within the real viewport, we need to divide real viewport dimensions by content dimensions.

        (WebCore::ViewportConfiguration::minimumScale const):

        Similarly, use view size instead of minimum layout size to compute minimum scale.

        (WebCore::ViewportConfiguration::description const):
        * page/ViewportConfiguration.h:

2018-02-27  Wenson Hsieh  <wenson_hsieh@apple.com>

        Unreviewed, fix the debug build after r228877.

        In the case where CAN_DISALLOW_USER_INSTALLED_FONTS is enabled, this function doesn't return anything when
        allowUserInstalledFonts != AllowUserInstalledFonts::No. Fix the build by moving `return nullptr;` back out of
        the `#else`.

        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::installedFontMandatoryAttributes):

2018-02-27  Milan Crha  <mcrha@redhat.com>

        Potential privacy issue: DNS prefetching can be re-enabled
        https://bugs.webkit.org/show_bug.cgi?id=182924

        Reviewed by Michael Catanzaro.

        * dom/Document.cpp:
        (WebCore::Document::parseDNSPrefetchControlHeader):

2018-02-26  Antoine Quint  <graouts@apple.com>

        [Web Animations] Implement the procedure to set the target effect of an animation
        https://bugs.webkit.org/show_bug.cgi?id=183146

        Reviewed by Dean Jackson.

        We only had a partial implementation of setEffect() and we now update it to cover the entire
        implementation as mandated by the spec. While this doesn't yield any WPT results changes, this
        patch will help getting a significant number of new PASS results when we get around to implement
        correct support for async procedures (pending pause/play tasks and promises) in the next patch.

        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::setEffect):

2018-02-26  Antoine Quint  <graouts@apple.com>

        [Web Animations] Update the playState implementation
        https://bugs.webkit.org/show_bug.cgi?id=183145

        Reviewed by Dean Jackson.

        The Web Animations spec has changed since we first implemented the playState property and the "pending"
        enum value has been dropped since then (there is a separate "pending" property which we also implement).
        We update our implementation to match the latest spec text. This does not change WPT test results a lot,
        but this patch will help getting a significant number of new PASS results when we get around to implementing
        correct support for async procedures (pending pause/play tasks and promises) in a couple of patches.
  
        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::playState const):
        * animation/WebAnimation.h:
        * animation/WebAnimation.idl:

2018-02-27  Wenson Hsieh  <wenson_hsieh@apple.com>

        Address post-review comment after r229049.
        https://bugs.webkit.org/show_bug.cgi?id=183142

        Reviewed by Tim Horton.

        Wrap a newly added string literal with ASCIILiteral.

        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::extraDefaultStyleSheet):

2018-02-26  Mark Lam  <mark.lam@apple.com>

        Modernize FINALIZE_CODE and peer macros to use __VA_ARGS__ arguments.
        https://bugs.webkit.org/show_bug.cgi?id=183159
        <rdar://problem/37930837>

        Reviewed by Keith Miller.

        No new tests needed because this is just a refactoring patch.

        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::SelectorCodeGenerator::compile):

2018-02-26  Dan Bernstein  <mitz@apple.com>

        Removed references to files that were removed in r228912.

        * WebCore.xcodeproj/project.pbxproj: Removed references to SourcesIOS.txt and SourcesMac.txt.

2018-02-26  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Extra zoom mode] Tweak UA stylesheet to improve legibility of rendered text
        https://bugs.webkit.org/show_bug.cgi?id=183142
        <rdar://problem/37912966>

        Reviewed by Tim Horton.

        Force text-size-adjust and hyphens to be always on in EXTRA_ZOOM_MODE. To accomplish this, we override the extra
        style sheet in RenderTheme to include these two style rules.

        * rendering/RenderThemeIOS.h:
        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::extraDefaultStyleSheet):

2018-02-26  Don Olmstead  <don.olmstead@sony.com>

        Fix WebCore includes within WebKitLegacy
        https://bugs.webkit.org/show_bug.cgi?id=183147

        Reviewed by Tim Horton.

        No new tests. No change in behavior.

        * PlatformWin.cmake:
        * platform/win/GDIUtilities.h:

2018-02-26  Youenn Fablet  <youenn@apple.com>

        Add some more release logging related to DocumentWriter::addData crash
        https://bugs.webkit.org/show_bug.cgi?id=183141

        Reviewed by Chris Dumez.

        No change of behavior.
        Add some additional release logging to verify whether DocumentWriter::begin was called and exited before updating its state.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::commitData):
        * loader/DocumentWriter.cpp:
        (WebCore::DocumentWriter::begin):
        * loader/DocumentWriter.h:

2018-02-26  Antoine Quint  <graouts@apple.com>

        [Web Animations] Implement the procedure to set the start time
        https://bugs.webkit.org/show_bug.cgi?id=183137

        Reviewed by Dean Jackson.

        Implement the procedure to set the start time as setBindingsStartTime() and use the setStartTime() method as
        an internal method to set the m_startTime instance variable and invalidate the timing model rather than run
        the entire procedure which should only be called when setting the "startTime" property through the JS API.

        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::setTimeline):
        (WebCore::WebAnimation::setBindingsStartTime):
        (WebCore::WebAnimation::setStartTime):
        (WebCore::WebAnimation::silentlySetCurrentTime):
        (WebCore::WebAnimation::finish):
        (WebCore::WebAnimation::updateFinishedState):
        (WebCore::WebAnimation::runPendingPlayTask):
        (WebCore::WebAnimation::runPendingPauseTask):

2018-02-26  Christopher Reid  <chris.reid@sony.com>

        [Curl] Cookies are not being added to the Cookie field in Request Headers
        https://bugs.webkit.org/show_bug.cgi?id=183095

        Reviewed by Alex Christensen.

        Populating the Cookie request header field now that cookies are no longer handled in libcurl.

        * platform/network/curl/CookieJarCurlDatabase.cpp: Renaming the httpOnly variable as its actual use wasn't clear
        * platform/network/curl/ResourceHandleCurl.cpp:

2018-02-26  Antoine Quint  <graouts@apple.com>

        [Web Animations] Ensure setting the hold time invalidates the timing model
        https://bugs.webkit.org/show_bug.cgi?id=183136

        Reviewed by Dean Jackson.

        We used to always set the m_holdTime member variable directly, but the computation of the currentTime
        depends on the value of m_holdTime, so setting the hold time should invalidate the timing model as well
        as setting the m_holdTime member variable. In this patch we add a new setHoldTime() private method that
        sets the member variable and invalidates the timing model.

        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::setTimeline):
        (WebCore::WebAnimation::setHoldTime):
        (WebCore::WebAnimation::silentlySetCurrentTime):
        (WebCore::WebAnimation::setCurrentTime):
        (WebCore::WebAnimation::cancel):
        (WebCore::WebAnimation::finish):
        (WebCore::WebAnimation::updateFinishedState):
        (WebCore::WebAnimation::play):
        (WebCore::WebAnimation::runPendingPlayTask):
        (WebCore::WebAnimation::pause):
        (WebCore::WebAnimation::runPendingPauseTask):
        * animation/WebAnimation.h:

2018-02-26  Youenn Fablet  <youenn@apple.com>

        MessagePort is not always destroyed in the right thread
        https://bugs.webkit.org/show_bug.cgi?id=183053

        Reviewed by Chris Dumez.

        Make existingMessagePortForIdentifier take a lambda so that we hold the lock until there
        is no longer a need to keep the MessagePort around.
        This is very time sensitive and does not happen a lot when running WPT tests.

        Update existing call sites to pass a lambda.

        * dom/MessagePort.cpp:
        (WebCore::MessagePort::existingMessagePortForIdentifier):
        * dom/MessagePort.h:
        * dom/messageports/MessagePortChannelProviderImpl.cpp:
        (WebCore::MessagePortChannelProviderImpl::postMessageToRemote):
        (WebCore::MessagePortChannelProviderImpl::checkProcessLocalPortForActivity):

2018-02-26  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r226745.
        https://bugs.webkit.org/show_bug.cgi?id=183132

        This is breaking some websites (Requested by youenn on
        #webkit).

        Reverted changeset:

        "Use no-cache fetch mode when loading main documents with
        location.reload()"
        https://bugs.webkit.org/show_bug.cgi?id=181285
        https://trac.webkit.org/changeset/226745

2018-02-26  Philippe Normand  <pnormand@igalia.com>

        Unreviewed, USE_GSTREAMER_PLAYBIN3 build fix.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
        There is no such ENABLE_GSTREAMER_PLAYBIN3.

2018-02-26  Philippe Normand  <pnormand@igalia.com>

        Unreviewed, manual rollout of r228866 causing EGL_BAD_CONTEXT errors

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::ensureGstGLContext):
        Create an EGL display, even in Wayland.

2018-02-21  Sergio Villar Senin  <svillar@igalia.com>

        [WebVR][OpenVR] Retrieve displayId and the z-depth of eye view frustum
        https://bugs.webkit.org/show_bug.cgi?id=182999

        Reviewed by Žan Doberšek.

        Retrieve the z-depth of the eye view frustum and the HMD unique id.
        The unique identifier is generated by the VRPlatormManager whereas
        we use the default values from the spec for the z-depth (those can
        be changed by applications later via JavaScript).

        Once this lands the only remaining data to be retrieved from VR
        backends for VRDisplay is the pose (getPose() call) and the frame
        data (getFrameData() call).

        * Modules/webvr/VRDisplay.cpp:
        (WebCore::VRDisplay::VRDisplay):
        (WebCore::VRDisplay::displayId const): Deleted.
        (WebCore::VRDisplay::displayName const): Deleted.
        (WebCore::VRDisplay::depthNear const): Deleted.
        (WebCore::VRDisplay::setDepthNear): Deleted.
        (WebCore::VRDisplay::depthFar const): Deleted.
        (WebCore::VRDisplay::setDepthFar): Deleted.
        * Modules/webvr/VRDisplay.h:
        (WebCore::VRDisplay::displayId const): Moved implementation from
        source file.
        (WebCore::VRDisplay::displayName const): Ditto.
        (WebCore::VRDisplay::depthNear const):
        (WebCore::VRDisplay::setDepthNear):
        (WebCore::VRDisplay::depthFar const):
        (WebCore::VRDisplay::setDepthFar):
        * platform/vr/VRManager.cpp:
        (WebCore::VRManager::generateUniqueDisplayIdentifier):
        * platform/vr/VRManager.h:
        * platform/vr/VRPlatformDisplay.h:
        * platform/vr/openvr/VRPlatformDisplayOpenVR.cpp:
        (WebCore::VRPlatformDisplayOpenVR::VRPlatformDisplayOpenVR):

2018-02-26  Charlie Turner  <cturner@igalia.com>

        Fix build error with !LOG_DISABLED
        https://bugs.webkit.org/show_bug.cgi?id=183049

        Reviewed by Philippe Normand.

        The following error message was being reported when doing a
        release build with -DLOG_DISABLED=0:

        ../../Source/WebCore/dom/messageports/MessagePortChannel.cpp: In member function ‘void WebCore::MessagePortChannel::entanglePortWithProcess(const WebCore::MessagePortIdentifier&, WebCore::ProcessIdentifier)’:
../../Source/WebCore/dom/messageports/MessagePortChannel.cpp:85:111: error: ‘logString’ was not declared in this scope
     LOG(MessagePorts, "MessagePortChannel %s (%p) entangling port %s (that port has %zu messages available)", logString().utf8().data(), this, port.logString().utf8().data(), m_pendingMessages[i].size());

        Other uses of logString are guarded by !LOG_DISABLED rather than
        NDEBUG, which was the cause of this issue.

        * dom/messageports/MessagePortChannel.h: Guard using !LOG_DISABLED
        rather than NDEBUG.

2018-02-26  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GStreamer] User current executable name instead of g_get_prgname() for gst_init
        https://bugs.webkit.org/show_bug.cgi?id=183119

        Reviewed by Philippe Normand.

        g_get_prgname() is only set for programs using GOptionContext, calling gtk_init or explicitly calling
        g_set_prgname(). Use WTF::getCurrentExecutableName() instead.

        * platform/graphics/gstreamer/GStreamerUtilities.cpp:
        (WebCore::initializeGStreamer):

2018-02-25  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Extra zoom mode] Disable downloadable binary fonts by default
        https://bugs.webkit.org/show_bug.cgi?id=183102
        <rdar://problem/37860699>

        Reviewed by Tim Horton.

        Disable downloadable binary fonts by default in extra zoom mode by making the initial value of
        `downloadableBinaryFontsEnabled` conditional. Layout tests are not possible at this time; test to be added once
        layout test support is in place.

        * page/Settings.yaml:
        * page/SettingsBase.cpp:
        (WebCore::SettingsBase::defaultDownloadableBinaryFontsEnabled):
        * page/SettingsBase.h:

2018-02-25  Chris Dumez  <cdumez@apple.com>

        Service workers do not work well inside Web.app
        https://bugs.webkit.org/show_bug.cgi?id=183105
        <rdar://problem/37864140>

        Reviewed by Youenn Fablet.

        SessionID::defaultSessionID() was hardcoded in the ServiceWorkerThread constructor
        instead of using the sessionID of the SWServer that created the service worker thread.
        As a result, when the Service Worker would establish a SWClientConnection to the
        server, it would use the wrong sessionID and would end up using a different SWServer
        (Since we have a different SWServer instance per sessionID). As a result,
        ServiceWorkerRegistration / ServiceWorker objects inside the service worker would not
        be kept in sync with the server (since they registered themselves with the wrong
        SWServer).

        Covered by new API test.

        * workers/service/ServiceWorkerContextData.cpp:
        (WebCore::ServiceWorkerContextData::isolatedCopy const):
        * workers/service/ServiceWorkerContextData.h:
        (WebCore::ServiceWorkerContextData::encode const):
        (WebCore::ServiceWorkerContextData::decode):
        * workers/service/context/ServiceWorkerThread.cpp:
        (WebCore::ServiceWorkerThread::ServiceWorkerThread):
        * workers/service/context/ServiceWorkerThreadProxy.cpp:
        (WebCore::createPageForServiceWorker):
        (WebCore::ServiceWorkerThreadProxy::ServiceWorkerThreadProxy):
        * workers/service/server/RegistrationDatabase.cpp:
        (WebCore::RegistrationDatabase::importRecords):
        * workers/service/server/RegistrationStore.h:
        (WebCore::RegistrationStore::server):
        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::updateWorker):
        * workers/service/server/SWServerWorker.cpp:
        (WebCore::SWServerWorker::contextData const):

2018-02-24  Fujii Hironori  <Hironori.Fujii@sony.com>

        Null-dereference of the second argument `resource` of DocumentLoader::scheduleSubstituteResourceLoad
        https://bugs.webkit.org/show_bug.cgi?id=182920

        Reviewed by Darin Adler.

        A test case
        imported/w3c/web-platform-tests/html/browsers/offline/appcache/workers/appcache-worker.html
        always crashes due to a null-dereference if compiled and optimized
        by GCC 7.2. The second argument `resource` of
        DocumentLoader::scheduleSubstituteResourceLoad can be null if the
        resource can't be found in cache. I guess GCC optimizes inline
        HashMap::add based on assuming the `resource` never becomes null
        because its type is SubstituteResource&.

        This changes introduces a new method
        DocumentLoader::scheduleCannotShowURLError because it looks tricky
        to pass a nullptr to the second argument of
        scheduleSubstituteResourceLoad.

        No new tests (Covered by existing tests).

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::scheduleCannotShowURLError): Added a new method.
        * loader/DocumentLoader.h:
        * loader/appcache/ApplicationCacheHost.cpp:
        (WebCore::ApplicationCacheHost::maybeLoadResource):
        Call scheduleCannotShowURLError if the resource not found in the appcache.

2018-02-17  Darin Adler  <darin@apple.com>

        Prepare for ExtendedColor changes (first step)
        https://bugs.webkit.org/show_bug.cgi?id=182904

        Reviewed by Sam Weinig.

        * css/CSSValuePool.cpp:
        (WebCore::CSSValuePool::createColorValue): Use HashMap::ensure.
        (WebCore::CSSValuePool::createFontFamilyValue): Ditto.
        (WebCore::CSSValuePool::createFontFaceValue): Ditto.

        * css/parser/CSSParserFastPaths.cpp:
        (WebCore::CSSParserFastPaths::maybeParseValue): Tightened up
        the logic a bit.

        * html/canvas/CanvasRenderingContext2D.cpp: Removed many unneeded includes.

        * inspector/InspectorCanvas.cpp:
        (WebCore::InspectorCanvas::recordAction): Updated for Ref instead of
        RefPtr and to use move semantics.
        (WebCore::buildArrayForAffineTransform): Return Ref instead of RefPtr.
        (WebCore::buildArrayForVector): Ditto.
        (WebCore::InspectorCanvas::buildInitialState): Ditto. Also use auto more.
        (WebCore::InspectorCanvas::buildAction): Ditto.
        (WebCore::InspectorCanvas::buildArrayForCanvasGradient): Ditto.
        (WebCore::InspectorCanvas::buildArrayForCanvasPattern): Ditto.
        (WebCore::InspectorCanvas::buildArrayForImageData): Ditto.
        * inspector/InspectorCanvas.h: Updated for the above. Also us "using" instead
        of typedef and removed unneeded ErrorString typedef and some includes.

        * page/DragController.cpp:
        (WebCore::DragController::concludeEditDrag): Use auto and Ref.

        * platform/DragData.h: Used pragma once and reorganized includes a bit.

        * platform/graphics/ImageFrame.h:
        (WebCore::ImageFrame::frameBytes const): Use uint32_t instead of RGBA32 to
        prepare for removal of the RGBA32 type coming in a future patch.
        * platform/graphics/ImageSource.cpp:
        (WebCore::ImageSource::cacheNativeImageAtIndex): Ditto.
        (WebCore::ImageSource::canUseAsyncDecoding): Ditto.

        * platform/graphics/cocoa/GraphicsContextCocoa.mm: Tweaked #if for Mac-only
        code to use PLATFORM(MAC) to be easier to read.
        (WebCore::GraphicsContext::focusRingColor): Use sRGBColorSpaceRef instead of
        calling CGColorSpaceCreateWithName each time.

        * platform/graphics/texmap/TextureMapperFPSCounter.cpp: Added include needed
        now that it was removed from some header.

        * platform/graphics/win/GraphicsContextPlatformPrivateDirect2D.h: Use uint32_t
        instead of RGBA32 to prepare for removal of the RGBA32 type coming in a future patch.
        * platform/image-decoders/ScalableImageDecoder.cpp:
        (WebCore::ScalableImageDecoder::frameBytesAtIndex const): Ditto.
        * platform/image-decoders/cairo/ImageBackingStoreCairo.cpp:
        (WebCore::ImageBackingStore::image const): Ditto.
        * platform/image-decoders/gif/GIFImageDecoder.cpp:
        (WebCore::GIFImageDecoder::haveDecodedRow): Ditto.
        * platform/image-decoders/jpeg/JPEGImageDecoder.cpp:
        (WebCore::setPixel): Ditto.
        (WebCore::JPEGImageDecoder::outputScanlines): Ditto.
        * platform/image-decoders/png/PNGImageDecoder.cpp:
        (WebCore::PNGImageDecoder::rowAvailable): Ditto.
        (WebCore::PNGImageDecoder::frameComplete): Ditto.
        * platform/image-decoders/webp/WEBPImageDecoder.cpp:
        (WebCore::WEBPImageDecoder::decodeFrame): Ditto.
        (WebCore::WEBPImageDecoder::applyPostProcessing): Ditto.

        * platform/mac/PlatformPasteboardMac.mm:
        (WebCore::PlatformPasteboard::color): Added comments.

        * rendering/EllipsisBox.cpp:
        (WebCore::EllipsisBox::paintSelection): Use Color::isVisible.

2018-02-23  Chris Dumez  <cdumez@apple.com>

        Crash under SchemeRegistry::shouldTreatURLSchemeAsLocal(WTF::String const&)
        https://bugs.webkit.org/show_bug.cgi?id=183066
        <rdar://problem/37804111>

        Reviewed by Ryosuke Niwa.

        SecurityOrigin objects are constructed on various threads. However, someone added a
        shouldTreatAsPotentiallyTrustworthy() call to the SecurityOrigin constructor which
        was not thread safe. This is because this function relies on SchemeRegistry::shouldTreatURLSchemeAsSecure()
        and SchemeRegistry::shouldTreatURLSchemeAsLocal() which were relying on global static HashMaps without
        locks.

        Update SecurityOrigin to initialize m_isPotentiallyTrustworthy lazily, to avoid paying
        initialization cost in the constructor. This is only queries by SecurityContext::isSecureContext().

        Make SchemeRegistry::shouldTreatURLSchemeAsLocal() and SchemeRegistry::shouldTreatURLSchemeAsSecure()
        thread-safe, since they are needed to initialize SecurityOrigin::m_isPotentiallyTrustworthy from
        various threads.

        SchemeRegistry::shouldTreatURLSchemeAsSecure() is only called from SecurityOrigin (which requires
        thread-safety), and getUserMedia() which is not hot code so the extra locking there should not
        be an issue.

        SchemeRegistry::shouldTreatURLSchemeAsLocal() is called from SecurityOrigin (which requires thread-
        safety). It is also called from isQuickLookPreviewURL(), MHTMLArchive::create(), Page::userStyleSheetLocationChanged(),
        isRemoteWebArchive() and HTMLPlugInImageElement. All these are not hot code so I do not think
        we need a fast path.

        * page/SecurityOrigin.cpp:
        (WebCore::isLoopbackIPAddress):
        (WebCore::shouldTreatAsPotentiallyTrustworthy):
        (WebCore::SecurityOrigin::isPotentiallyTrustworthy const):
        (WebCore::SecurityOrigin::isLocalHostOrLoopbackIPAddress):
        * page/SecurityOrigin.h:
        * platform/SchemeRegistry.cpp:
        (WebCore::localURLSchemesLock):
        (WebCore::localURLSchemes):
        (WebCore::secureSchemesLock):
        (WebCore::secureSchemes):
        (WebCore::SchemeRegistry::registerURLSchemeAsLocal):
        (WebCore::SchemeRegistry::removeURLSchemeRegisteredAsLocal):
        (WebCore::SchemeRegistry::shouldTreatURLSchemeAsLocal):
        (WebCore::SchemeRegistry::registerURLSchemeAsSecure):
        (WebCore::SchemeRegistry::shouldTreatURLSchemeAsSecure):
        * platform/SchemeRegistry.h:

2018-02-23  Christopher Reid  <chris.reid@sony.com>

        [Curl] Cookie Database files are wrongfully getting deleted when the database is opened
        https://bugs.webkit.org/show_bug.cgi?id=183051

        Reviewed by Per Arne Vollan.

        The file stat logic was backwards causing a wrongful detection of database corruption.
        Fixed the logic and abstracted these calls to use FileSystem.

        * platform/network/curl/CookieJarDB.cpp:

2018-02-23  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Make RenderTreeBuilder::* classes WTF_MAKE_FAST_ALLOCATED
        https://bugs.webkit.org/show_bug.cgi?id=183084
        <rdar://problem/37828706>

        Reviewed by Antti Koivisto.

        * rendering/updating/RenderTreeBuilderBlock.h:
        * rendering/updating/RenderTreeBuilderBlockFlow.h:
        * rendering/updating/RenderTreeBuilderContinuation.h:
        * rendering/updating/RenderTreeBuilderFirstLetter.h:
        * rendering/updating/RenderTreeBuilderFormControls.h:
        * rendering/updating/RenderTreeBuilderFullScreen.h:
        * rendering/updating/RenderTreeBuilderInline.h:
        * rendering/updating/RenderTreeBuilderList.h:
        * rendering/updating/RenderTreeBuilderMathML.h:
        * rendering/updating/RenderTreeBuilderMultiColumn.h:
        * rendering/updating/RenderTreeBuilderRuby.h:
        * rendering/updating/RenderTreeBuilderSVG.h:
        * rendering/updating/RenderTreeBuilderTable.h:
        * rendering/updating/RenderTreeUpdaterGeneratedContent.h:

2018-02-23  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderFullScreen::createPlaceholder to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=183027
        <rdar://problem/37773058>

        Reviewed by Antti Koivisto.

        No change in functionality.

        * dom/Document.cpp:
        (WebCore::Document::setFullScreenRenderer):
        * dom/Document.h:
        * rendering/RenderFullScreen.cpp:
        (WebCore::RenderFullScreenPlaceholder::RenderFullScreenPlaceholder):
        (WebCore::RenderFullScreenPlaceholder::isRenderFullScreenPlaceholder const):
        (WebCore::RenderFullScreen::wrapNewRenderer):
        (WebCore::RenderFullScreen::wrapExistingRenderer):
        (): Deleted.
        (WebCore::RenderFullScreen::createPlaceholder): Deleted.
        * rendering/RenderFullScreen.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::createPlaceholderForFullScreen):
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderFullScreen.cpp:
        (WebCore::RenderTreeBuilder::FullScreen::createPlaceholder):
        * rendering/updating/RenderTreeBuilderFullScreen.h:

2018-02-23  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Add WARN_UNUSED_RETURN to detach()
        https://bugs.webkit.org/show_bug.cgi?id=183073
        <rdar://problem/37814585>

        Reviewed by Antti Koivisto.

        So that we don't destroy a renderer accidentally.

        * rendering/updating/RenderTreeBuilderBlock.h:
        * rendering/updating/RenderTreeBuilderRuby.h:
        * rendering/updating/RenderTreeBuilderSVG.h:

2018-02-22  Antoine Quint  <graouts@apple.com>

        REGRESSION (r228445): A big pause button shows over YouTube videos if you tap "Tap To Unmute" on iOS
        https://bugs.webkit.org/show_bug.cgi?id=183074
        <rdar://problem/37747028>

        Reviewed by Eric Carlson.

        Test: media/modern-media-controls/start-support/start-support-disable-controls-and-re-enable-post-play.html

        In the fix for webkit.org/b/182668, we made it so that when the "controls" attribute is absent from a media
        element we stop listening to the bulk of media events and prevent controls from updating any DOM properties
        so as to minimize the amount of CPU usage by the Web process.

        An unfortunate side effect was that, if the media controls were disabled at the time the video starts playing,
        the StartSupport class would thus not catch the "play" event and would not be able to set the "hasPlayed"
        property to "true" on the MediaController, which would then prevent the _shouldShowStartButton() from returning
        "false". As a result, if the "controls" attribute was turned back on after the media started playing, they
        would default to showing the start button, which would be then in the play state, ie. showing the pause icon.

        We now set the "hasPlayed" property in the "play" event handler on MediaController, which is always registered
        regardless of the "controls" attribute setting. We also ensure we invalidate the "showStartButton" property on
        the media controls when StartSupport is enabled, which is the case when the "controls" attribute is toggled back
        to "true" from a previous "false" value.

        * Modules/modern-media-controls/media/media-controller.js:
        (MediaController.prototype.handleEvent):
        * Modules/modern-media-controls/media/start-support.js:
        (StartSupport):
        (StartSupport.prototype.enable):
        (StartSupport.prototype.handleEvent):
        (StartSupport.prototype._updateShowsStartButton):

2018-02-23  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GStreamer][MiniBrowser] Honor GStreamer command line parameters in MiniBrowser
        https://bugs.webkit.org/show_bug.cgi?id=173655
        <rdar://problem/37706341>

        Reviewed by Philippe Normand.

        Do not assume gst is only used in the WebProcess, the MIMETypeRegistry also uses gst to get the list of
        supported media types. Move the code to extract gst options from the process command line to a helper function
        and use it in the UI process to pass the options to the WebProcess, but also in the current process when gst is
        initialized without providing options.

        Fixes several unit tests that use MIMETypeRegistry in the UI process.

        * platform/graphics/gstreamer/GStreamerUtilities.cpp:
        (WebCore::extractGStreamerOptionsFromCommandLine): Helper to get the gst options from the current process
        command line.
        (WebCore::initializeGStreamer): Ensure this is called once. Get the gst options from the given vector or extract
        it from the command line if not provided.
        * platform/graphics/gstreamer/GStreamerUtilities.h:
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::initializeGStreamerAndRegisterWebKitElements): Bring back the gst
        initialization here.

2018-02-23  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] HTTP totalBytes query returns 0 after seeking (sometimes)
        https://bugs.webkit.org/show_bug.cgi?id=183002

        Reviewed by Xabier Rodriguez-Calvar.

        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (webkit_web_src_init): Initialize member variables. Also no need
        to set the appsrc size at that point.
        (webKitWebSrcStop): There is no need to reset the size when
        seeking. Size should in most cases represent the Content-Length
        response attribute, even when seeking.
        (webKitWebSrcStart): No need to reset the size attribute.
        (webKitWebSrcQueryWithParent): Let appsrc handle DURATION queries.
        (CachedResourceStreamingClient::responseReceived): Emit duration notification one time only.

2018-02-23  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] media/video-src-blob-using-open-panel.html crashes in Debug
        https://bugs.webkit.org/show_bug.cgi?id=183005

        Reviewed by Xabier Rodriguez-Calvar.

        Test: media/video-src-blob-using-open-panel.html

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::convertToInternalProtocol): Also convert blob URIs
        because they're handled by our httpsrc element.
        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (webKitWebSrcGetProtocols): Prefix blob URIs too, for consistency purpose.

2018-02-22  Yusuke Suzuki  <utatane.tea@gmail.com>

        Remove currentTime() / currentTimeMS()
        https://bugs.webkit.org/show_bug.cgi?id=183052

        Reviewed by Mark Lam.

        * Modules/geolocation/Geolocation.cpp:
        (WebCore::Geolocation::haveSuitableCachedPosition):
        * dom/DOMTimeStamp.h:
        (WebCore::convertSecondsToDOMTimeStamp):
        * fileapi/File.cpp:
        (WebCore::File::File):
        (WebCore::File::lastModified const):
        * history/HistoryItem.cpp:
        (WebCore::generateSequenceNumber):
        * html/BaseDateAndTimeInputType.cpp:
        (WebCore::BaseDateAndTimeInputType::defaultValueForStepUp const):
        * html/DateTimeInputType.cpp:
        (WebCore::DateTimeInputType::defaultValueForStepUp const):
        * html/MonthInputType.cpp:
        (WebCore::MonthInputType::defaultValueForStepUp const):
        * html/TimeInputType.cpp:
        (WebCore::TimeInputType::defaultValueForStepUp const):
        * inspector/agents/InspectorNetworkAgent.cpp:
        (WebCore::InspectorNetworkAgent::willSendRequest):
        (WebCore::InspectorNetworkAgent::willSendWebSocketHandshakeRequest):
        * loader/EmptyFrameLoaderClient.h:
        * loader/FormSubmission.cpp:
        (WebCore::generateFormDataIdentifier):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::clientRedirected):
        * loader/FrameLoader.h:
        * loader/FrameLoaderClient.h:
        * loader/NavigationScheduler.cpp:
        * page/History.cpp:
        (WebCore::History::stateObjectAdded):
        * page/History.h:
        * page/PageOverlay.cpp:
        (WebCore::PageOverlay::startFadeAnimation):
        (WebCore::PageOverlay::fadeAnimationTimerFired):
        * page/PageOverlay.h:
        * platform/graphics/cg/GraphicsContextCG.cpp:
        (WebCore::GraphicsContext::drawNativeImage):
        * platform/ios/LegacyTileLayerPool.h:
        * platform/ios/LegacyTileLayerPool.mm:
        (WebCore::LegacyTileLayerPool::LegacyTileLayerPool):
        (WebCore::LegacyTileLayerPool::addLayer):
        (WebCore::LegacyTileLayerPool::decayedCapacity const):
        (WebCore::LegacyTileLayerPool::prune):
        * platform/ios/SystemMemoryIOS.cpp:
        (WebCore::systemMemoryLevel):
        * platform/mediastream/mac/DisplayCaptureSourceCocoa.cpp:
        * platform/mediastream/mac/ScreenDisplayCaptureSourceMac.mm:

2018-02-22  Per Arne Vollan  <pvollan@apple.com>

        The WebContent process should not use NSScreen in the screenDepth implementation.
        https://bugs.webkit.org/show_bug.cgi?id=183048

        Reviewed by Brent Fulgham.

        NSScreen method calls should be done in the UIProcess, since these calls will communicate with
        the WindowServer. The screen depth property can be retrieved in the UIProcess, and sent to the
        WebContent process, where it is cached. Whenever screen properties change, the UIProcess will
        send the new screen properties to the WebProcess.

        No new tests, covered by existing tests.

        * platform/ScreenProperties.h:
        (WebCore::ScreenProperties::encode const):
        (WebCore::ScreenProperties::decode):
        * platform/mac/PlatformScreenMac.mm:
        (WebCore::getScreenProperties):
        (WebCore::screenDepth):
        (WebCore::screenDepthPerComponent):
        (WebCore::screenRect):
        (WebCore::screenAvailableRect):

2018-02-22  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Rename insertChild() -> attach(), takeChild() -> detach() and removeAndDestroy() -> destroy()
        https://bugs.webkit.org/show_bug.cgi?id=183061
        <rdar://problem/37800269>

        Reviewed by Ryosuke Niwa.

        ...and moveChildTo() -> move() (moveChildrenTo() -> moveChildren()),
        removeFromParentAndDestroyCleaningUpAnonymousWrappers() -> destroyAndCleanUpAnonymousWrappers()

        No change in functionality.

        * dom/Document.cpp:
        (WebCore::Document::destroyRenderTree):
        (WebCore::Document::setFullScreenRenderer):
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::styleDidChange):
        * rendering/RenderButton.cpp:
        (WebCore::RenderButton::setText):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::didAttachChild):
        (WebCore::RenderElement::didInsertChild): Deleted.
        * rendering/RenderElement.h:
        * rendering/RenderFullScreen.cpp:
        (WebCore::RenderFullScreen::wrapNewRenderer):
        (WebCore::RenderFullScreen::wrapExistingRenderer):
        (WebCore::RenderFullScreen::unwrapRenderer):
        (WebCore::RenderFullScreen::createPlaceholder):
        * rendering/RenderMenuList.cpp:
        (RenderMenuList::didAttachChild):
        (RenderMenuList::setText):
        (RenderMenuList::didInsertChild): Deleted.
        * rendering/RenderMenuList.h:
        * rendering/RenderQuote.cpp:
        (WebCore::RenderQuote::updateTextRenderer):
        * rendering/RenderTextFragment.cpp:
        (WebCore::RenderTextFragment::setText):
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::destroy):
        (WebCore::RenderTreeBuilder::attach):
        (WebCore::RenderTreeBuilder::attachIgnoringContinuation):
        (WebCore::RenderTreeBuilder::detach):
        (WebCore::RenderTreeBuilder::attachToRenderElement):
        (WebCore::RenderTreeBuilder::attachToRenderElementInternal):
        (WebCore::RenderTreeBuilder::move):
        (WebCore::RenderTreeBuilder::moveAllChildren):
        (WebCore::RenderTreeBuilder::moveChildren):
        (WebCore::RenderTreeBuilder::moveAllChildrenIncludingFloats):
        (WebCore::RenderTreeBuilder::makeChildrenNonInline):
        (WebCore::RenderTreeBuilder::splitAnonymousBoxesAroundChild):
        (WebCore::RenderTreeBuilder::childFlowStateChangesAndAffectsParentBlock):
        (WebCore::RenderTreeBuilder::destroyAndCleanUpAnonymousWrappers):
        (WebCore::RenderTreeBuilder::detachFromRenderGrid):
        (WebCore::RenderTreeBuilder::detachFromRenderElement):
        (WebCore::RenderTreeBuilder::attachToRenderGrid):
        (WebCore::RenderTreeBuilder::removeAndDestroy): Deleted.
        (WebCore::RenderTreeBuilder::insertChild): Deleted.
        (WebCore::RenderTreeBuilder::insertChildIgnoringContinuation): Deleted.
        (WebCore::RenderTreeBuilder::takeChild): Deleted.
        (WebCore::RenderTreeBuilder::insertChildToRenderElement): Deleted.
        (WebCore::RenderTreeBuilder::insertChildToRenderElementInternal): Deleted.
        (WebCore::RenderTreeBuilder::moveChildTo): Deleted.
        (WebCore::RenderTreeBuilder::moveAllChildrenTo): Deleted.
        (WebCore::RenderTreeBuilder::moveChildrenTo): Deleted.
        (WebCore::RenderTreeBuilder::moveAllChildrenIncludingFloatsTo): Deleted.
        (WebCore::RenderTreeBuilder::removeFromParentAndDestroyCleaningUpAnonymousWrappers): Deleted.
        (WebCore::RenderTreeBuilder::takeChildFromRenderGrid): Deleted.
        (WebCore::RenderTreeBuilder::takeChildFromRenderElement): Deleted.
        (WebCore::RenderTreeBuilder::insertChildToRenderGrid): Deleted.
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderBlock.cpp:
        (WebCore::RenderTreeBuilder::Block::attach):
        (WebCore::RenderTreeBuilder::Block::insertChildToContinuation):
        (WebCore::RenderTreeBuilder::Block::attachIgnoringContinuation):
        (WebCore::RenderTreeBuilder::Block::removeLeftoverAnonymousBlock):
        (WebCore::RenderTreeBuilder::Block::detach):
        (WebCore::RenderTreeBuilder::Block::dropAnonymousBoxChild):
        (WebCore::RenderTreeBuilder::Block::insertChild): Deleted.
        (WebCore::RenderTreeBuilder::Block::insertChildIgnoringContinuation): Deleted.
        (WebCore::RenderTreeBuilder::Block::takeChild): Deleted.
        * rendering/updating/RenderTreeBuilderBlock.h:
        * rendering/updating/RenderTreeBuilderBlockFlow.cpp:
        (WebCore::RenderTreeBuilder::BlockFlow::attach):
        (WebCore::RenderTreeBuilder::BlockFlow::moveAllChildrenIncludingFloats):
        (WebCore::RenderTreeBuilder::BlockFlow::insertChild): Deleted.
        (WebCore::RenderTreeBuilder::BlockFlow::moveAllChildrenIncludingFloatsTo): Deleted.
        * rendering/updating/RenderTreeBuilderBlockFlow.h:
        * rendering/updating/RenderTreeBuilderContinuation.cpp:
        (WebCore::RenderTreeBuilder::Continuation::cleanupOnDestroy):
        * rendering/updating/RenderTreeBuilderFirstLetter.cpp:
        (WebCore::RenderTreeBuilder::FirstLetter::cleanupOnDestroy):
        (WebCore::RenderTreeBuilder::FirstLetter::updateStyle):
        (WebCore::RenderTreeBuilder::FirstLetter::createRenderers):
        * rendering/updating/RenderTreeBuilderFormControls.cpp:
        (WebCore::RenderTreeBuilder::FormControls::attach):
        (WebCore::RenderTreeBuilder::FormControls::detach):
        (WebCore::RenderTreeBuilder::FormControls::findOrCreateParentForChild):
        (WebCore::RenderTreeBuilder::FormControls::insertChild): Deleted.
        (WebCore::RenderTreeBuilder::FormControls::takeChild): Deleted.
        * rendering/updating/RenderTreeBuilderFormControls.h:
        * rendering/updating/RenderTreeBuilderFullScreen.cpp:
        (WebCore::RenderTreeBuilder::FullScreen::cleanupOnDestroy):
        * rendering/updating/RenderTreeBuilderInline.cpp:
        (WebCore::RenderTreeBuilder::Inline::attach):
        (WebCore::RenderTreeBuilder::Inline::insertChildToContinuation):
        (WebCore::RenderTreeBuilder::Inline::attachIgnoringContinuation):
        (WebCore::RenderTreeBuilder::Inline::splitFlow):
        (WebCore::RenderTreeBuilder::Inline::splitInlines):
        (WebCore::RenderTreeBuilder::Inline::childBecameNonInline):
        (WebCore::RenderTreeBuilder::Inline::insertChild): Deleted.
        (WebCore::RenderTreeBuilder::Inline::insertChildIgnoringContinuation): Deleted.
        * rendering/updating/RenderTreeBuilderInline.h:
        * rendering/updating/RenderTreeBuilderList.cpp:
        (WebCore::RenderTreeBuilder::List::updateItemMarker):
        * rendering/updating/RenderTreeBuilderMathML.cpp:
        (WebCore::RenderTreeBuilder::MathML::makeFences):
        (WebCore::RenderTreeBuilder::MathML::attach):
        (WebCore::RenderTreeBuilder::MathML::insertChild): Deleted.
        * rendering/updating/RenderTreeBuilderMathML.h:
        * rendering/updating/RenderTreeBuilderMultiColumn.cpp:
        (WebCore::RenderTreeBuilder::MultiColumn::createFragmentedFlow):
        (WebCore::RenderTreeBuilder::MultiColumn::destroyFragmentedFlow):
        (WebCore::RenderTreeBuilder::MultiColumn::processPossibleSpannerDescendant):
        (WebCore::RenderTreeBuilder::MultiColumn::handleSpannerRemoval):
        * rendering/updating/RenderTreeBuilderRuby.cpp:
        (WebCore::RenderTreeBuilder::Ruby::moveInlineChildren):
        (WebCore::RenderTreeBuilder::Ruby::moveBlockChildren):
        (WebCore::RenderTreeBuilder::Ruby::attach):
        (WebCore::RenderTreeBuilder::Ruby::findOrCreateParentForChild):
        (WebCore::RenderTreeBuilder::Ruby::rubyBaseSafe):
        (WebCore::RenderTreeBuilder::Ruby::detach):
        (WebCore::RenderTreeBuilder::Ruby::insertChild): Deleted.
        (WebCore::RenderTreeBuilder::Ruby::takeChild): Deleted.
        * rendering/updating/RenderTreeBuilderRuby.h:
        * rendering/updating/RenderTreeBuilderSVG.cpp:
        (WebCore::RenderTreeBuilder::SVG::attach):
        (WebCore::RenderTreeBuilder::SVG::detach):
        (WebCore::RenderTreeBuilder::SVG::insertChild): Deleted.
        (WebCore::RenderTreeBuilder::SVG::takeChild): Deleted.
        * rendering/updating/RenderTreeBuilderSVG.h:
        * rendering/updating/RenderTreeBuilderTable.cpp:
        (WebCore::RenderTreeBuilder::Table::findOrCreateParentForChild):
        (WebCore::RenderTreeBuilder::Table::attach):
        (WebCore::RenderTreeBuilder::Table::collapseAndDestroyAnonymousSiblingRows):
        (WebCore::RenderTreeBuilder::Table::insertChild): Deleted.
        * rendering/updating/RenderTreeBuilderTable.h:
        * rendering/updating/RenderTreeUpdater.cpp:
        (WebCore::RenderTreeUpdater::createRenderer):
        (WebCore::RenderTreeUpdater::createTextRenderer):
        (WebCore::RenderTreeUpdater::tearDownRenderers):
        (WebCore::RenderTreeUpdater::tearDownTextRenderer):
        (WebCore::RenderTreeUpdater::tearDownLeftoverPaginationRenderersIfNeeded):
        * rendering/updating/RenderTreeUpdaterGeneratedContent.cpp:
        (WebCore::createContentRenderers):

2018-02-22  Chris Dumez  <cdumez@apple.com>

        ResourceRequestBase::isolatedCopy() fails to isolate copy the cachePartition
        https://bugs.webkit.org/show_bug.cgi?id=183059
        <rdar://problem/37800202>

        Reviewed by Youenn Fablet.

        Update ResourceRequestBase::setAsIsolatedCopy() to call isolatedCopy() on the cachePartition as well,
        given that it is a String and it would not be safe to send it to another thread otherwise.

        * platform/network/ResourceRequestBase.cpp:
        (WebCore::ResourceRequestBase::setAsIsolatedCopy):

2018-02-22  Chris Dumez  <cdumez@apple.com>

        ServiceWorkerContainer::startScriptFetchForJob() fails to isolate copy the registrationKey before passing it to the main thread
        https://bugs.webkit.org/show_bug.cgi?id=183050
        <rdar://problem/37796881>

        Reviewed by Youenn Fablet.

        Create an isolated copy of the registrationKey before passing it to the main thread in ServiceWorkerContainer's
        startScriptFetchForJob() / jobFinishedLoadingScript() / jobFailedLoadingScript().

        * workers/service/ServiceWorkerContainer.cpp:
        (WebCore::ServiceWorkerContainer::startScriptFetchForJob):
        (WebCore::ServiceWorkerContainer::jobFinishedLoadingScript):
        (WebCore::ServiceWorkerContainer::jobFailedLoadingScript):

2018-02-22  Chris Dumez  <cdumez@apple.com>

        ServiceWorkerContainer::scheduleJob() fails to isolate copy the jobData before passing it to the main thread
        https://bugs.webkit.org/show_bug.cgi?id=183046
        <rdar://problem/37793395>

        Reviewed by Youenn Fablet.

        Make sure we isolate copy the jobData before passing it to the main thread in ServiceWorkerContainer::scheduleJob().
        The jobData contains Strings / URLs so it is not safe to have non-isolated copies of it on various threads.

        * workers/service/ServiceWorkerContainer.cpp:
        (WebCore::ServiceWorkerContainer::scheduleJob):

2018-02-22  Basuke Suzuki  <Basuke.Suzuki@sony.com>

        [Curl] Fix warning on clang.
        https://bugs.webkit.org/show_bug.cgi?id=182986

        Reviewed by Konstantin Tokarev.

        No new tests because there's no behaviro changes.

        * platform/network/curl/CurlResourceHandleDelegate.cpp:
        (WebCore::CurlResourceHandleDelegate::curlDidSendData):
        (WebCore::CurlResourceHandleDelegate::curlDidReceiveBuffer):
        (WebCore::CurlResourceHandleDelegate::curlDidFailWithError):
        * platform/network/curl/CurlResourceHandleDelegate.h:

2018-02-22  Youenn Fablet  <youenn@apple.com>

        WorkerCacheStorageConnection::doRemove can assert in case two frames try to delete the same cache at the same time
        https://bugs.webkit.org/show_bug.cgi?id=183041

        Reviewed by Chris Dumez.

        * Modules/cache/WorkerCacheStorageConnection.cpp:
        (WebCore::WorkerCacheStorageConnection::doRemove): Update the assertion to accept the
        case of an already deleted cache, i.e. returned identifer is 0.

2018-02-22  Alejandro G. Castro  <alex@igalia.com>

        Remove some code leftovers in LibWebRTCMediaEndpoint and RealtimeOutgoingVideoSource classes
        https://bugs.webkit.org/show_bug.cgi?id=183031

        Reviewed by Youenn Fablet.

        This include and namespace are not required in the file.

        Just removing unused code, no tests required.

        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:

2018-02-22  Chris Dumez  <cdumez@apple.com>

        Document.open() cancels existing provisional load but not navigation policy check
        https://bugs.webkit.org/show_bug.cgi?id=183012
        <rdar://problem/37755831>

        Reviewed by Alex Christensen.

        Test: fast/dom/Document/open-with-pending-load-async-policy.html

        * dom/Document.cpp:
        (WebCore::Document::open):
        The existing code was calling FrameLoader::stopAllLoaders() when the loader's state
        is FrameStateProvisional. The issue is that the FrameLoader's state only gets set
        to FrameStateProvisional after the policy decision for the navigation is made.
        This means that we fail to cancel a pending load if is still in the policy decision
        stage, which can happen when the policy decision is made asynchronously. We now
        also cancel such pending navigation policy checks as well.

        * loader/PolicyChecker.cpp:
        (WebCore::PolicyChecker::checkNavigationPolicy):
        Make sure the m_delegateIsDecidingNavigationPolicy flag gets reset inside the
        lambda. Otherwise, it gets reset too early when the policy decision is made
        asynchronously.

2018-02-22  Youenn Fablet  <youenn@apple.com>

        Add release asserts for service worker fetch and postMessage events
        https://bugs.webkit.org/show_bug.cgi?id=183025
        rdar://problem/37765052

        Reviewed by Daniel Bates.

        Add release assertion so that a service worker will only dispatch a message event
        for clients and service workers with the same origin.
        No change of behavior.

        * platform/network/ResourceRequestBase.h:
        * workers/service/context/ServiceWorkerThread.cpp:
        (WebCore::ServiceWorkerThread::postMessageToServiceWorker):
        * workers/service/context/ServiceWorkerThreadProxy.h:

2018-02-22  Miguel Gomez  <magomez@igalia.com>

        including both gl3.h and gl2.h when USE_OPENGL_ES is enabled
        https://bugs.webkit.org/show_bug.cgi?id=183008

        Reviewed by Michael Catanzaro.

        Don't include GLES3 headers as we stick to GLES2 API resources.

        No new tests, no behavior change.

        * platform/graphics/GLContext.cpp:

2018-02-22  Ms2ger  <Ms2ger@igalia.com>

        [GTK][WPE] Fix some build errors in service workers code
        https://bugs.webkit.org/show_bug.cgi?id=182966

        Reviewed by Žan Doberšek.

        No new tests: no change in behavior.

        * workers/service/ServiceWorkerProvider.h: add missing forward declaration.

2018-02-21  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderObject::insertedInto() mutation logic to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=183022
        <rdar://problem/37764326>

        Reviewed by Antti Koivisto.

        No change in functionality.

        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::insertedIntoTree):
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::insertChildToRenderElementInternal):
        (WebCore::RenderTreeBuilder::moveChildrenTo):
        (WebCore::RenderTreeBuilder::multiColumnDescendantInserted): Deleted.
        * rendering/updating/RenderTreeBuilder.h:

2018-02-21  Tim Horton  <timothy_horton@apple.com>

        Include all Cocoa sources in all Cocoa platform builds
        https://bugs.webkit.org/show_bug.cgi?id=183026
        <rdar://problem/37513101>

        Reviewed by Dan Bernstein.

        Similar to r228571, don't have separate Sources files for iOS and Mac.
        All sources now have #ifdefs that ensure that only the right ones
        build on the right platforms. This makes it much easier to reason
        about what builds where by just looking at the sources.

        * SourcesCocoa.txt:
        * SourcesIOS.txt: Removed.
        * SourcesMac.txt: Removed.
        * WebCore.xcodeproj/project.pbxproj:
        * editing/WebContentReader.h:
        * platform/mediastream/mac/ScreenDisplayCaptureSourceMac.h:

2018-02-21  Youenn Fablet  <youenn@apple.com>

        Make SubstituteResource take a ResourceResponse r-value
        https://bugs.webkit.org/show_bug.cgi?id=183020

        Reviewed by Alex Christensen.

        No change of behavior.
        Make SubstituteResource take a ResourceResponse r-value.
        Update ArchiveResource accordingly.
        Take benefit of that in ApplicationCacheResource to set the response source to ApplicationCache
        before passing it to SubstituteResource constructor.

        * loader/SubstituteResource.h:
        (WebCore::SubstituteResource::SubstituteResource):
        (WebCore::SubstituteResource::resourceResponse): Deleted.
        * loader/appcache/ApplicationCacheResource.cpp:
        (WebCore::ApplicationCacheResource::create):
        (WebCore::ApplicationCacheResource::ApplicationCacheResource):
        * loader/appcache/ApplicationCacheResource.h:
        (WebCore::ApplicationCacheResource::create): Deleted.
        * loader/archive/ArchiveResource.cpp:
        (WebCore::ArchiveResource::ArchiveResource):

2018-02-21  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] ::willBeRemoved() does not need RenderTreeBuilder anymore.
        https://bugs.webkit.org/show_bug.cgi?id=183019
        <rdar://problem/37761421>

        Reviewed by Antti Koivisto.

        All the willBeDestroyed() mutations have been moved over to RenderTreeBuilder. 

        No change in functionality.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::willBeDestroyed):
        * rendering/RenderBlock.h:
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::willBeDestroyed):
        * rendering/RenderBlockFlow.h:
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::willBeDestroyed):
        * rendering/RenderBox.h:
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::willBeDestroyed):
        * rendering/RenderBoxModelObject.h:
        * rendering/RenderCounter.cpp:
        (WebCore::RenderCounter::willBeDestroyed):
        * rendering/RenderCounter.h:
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::willBeDestroyed):
        * rendering/RenderElement.h:
        * rendering/RenderEmbeddedObject.cpp:
        (WebCore::RenderEmbeddedObject::willBeDestroyed):
        * rendering/RenderEmbeddedObject.h:
        * rendering/RenderFragmentedFlow.cpp:
        (WebCore::RenderFragmentedFlow::willBeDestroyed):
        * rendering/RenderFragmentedFlow.h:
        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::willBeDestroyed):
        * rendering/RenderImage.h:
        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::willBeDestroyed):
        * rendering/RenderInline.h:
        * rendering/RenderLayerModelObject.cpp:
        (WebCore::RenderLayerModelObject::willBeDestroyed):
        * rendering/RenderLayerModelObject.h:
        * rendering/RenderListBox.cpp:
        (WebCore::RenderListBox::willBeDestroyed):
        * rendering/RenderListBox.h:
        * rendering/RenderListMarker.cpp:
        (WebCore::RenderListMarker::willBeDestroyed):
        * rendering/RenderListMarker.h:
        * rendering/RenderMenuList.cpp:
        (WebCore::RenderMenuList::willBeDestroyed):
        * rendering/RenderMenuList.h:
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::willBeDestroyed):
        (WebCore::RenderObject::destroy):
        * rendering/RenderObject.h:
        * rendering/RenderReplaced.cpp:
        (WebCore::RenderReplaced::willBeDestroyed):
        * rendering/RenderReplaced.h:
        * rendering/RenderSearchField.cpp:
        (WebCore::RenderSearchField::willBeDestroyed):
        * rendering/RenderSearchField.h:
        * rendering/RenderSnapshottedPlugIn.cpp:
        (WebCore::RenderSnapshottedPlugIn::willBeDestroyed):
        * rendering/RenderSnapshottedPlugIn.h:
        * rendering/RenderText.cpp:
        (WebCore::RenderText::willBeDestroyed):
        * rendering/RenderText.h:
        * rendering/RenderTextControlMultiLine.cpp:
        (WebCore::RenderTextControlMultiLine::willBeDestroyed):
        * rendering/RenderTextControlMultiLine.h:
        * rendering/RenderVideo.cpp:
        (WebCore::RenderVideo::willBeDestroyed):
        * rendering/RenderVideo.h:
        * rendering/RenderWidget.cpp:
        (WebCore::RenderWidget::willBeDestroyed):
        * rendering/RenderWidget.h:
        * rendering/svg/RenderSVGBlock.cpp:
        (WebCore::RenderSVGBlock::willBeDestroyed):
        * rendering/svg/RenderSVGBlock.h:
        * rendering/svg/RenderSVGImage.cpp:
        (WebCore::RenderSVGImage::willBeDestroyed):
        * rendering/svg/RenderSVGImage.h:
        * rendering/svg/RenderSVGInline.cpp:
        (WebCore::RenderSVGInline::willBeDestroyed):
        * rendering/svg/RenderSVGInline.h:
        * rendering/svg/RenderSVGModelObject.cpp:
        (WebCore::RenderSVGModelObject::willBeDestroyed):
        * rendering/svg/RenderSVGModelObject.h:
        * rendering/svg/RenderSVGResourceContainer.cpp:
        (WebCore::RenderSVGResourceContainer::willBeDestroyed):
        * rendering/svg/RenderSVGResourceContainer.h:
        * rendering/svg/RenderSVGRoot.cpp:
        (WebCore::RenderSVGRoot::willBeDestroyed):
        * rendering/svg/RenderSVGRoot.h:
        * rendering/svg/RenderSVGText.cpp:
        (WebCore::RenderSVGText::willBeDestroyed):
        * rendering/svg/RenderSVGText.h:

2018-02-21  Per Arne Vollan  <pvollan@apple.com>

        The WebContent process should not use NSScreen in the screenAvailableRect/screenRect implementations.
        https://bugs.webkit.org/show_bug.cgi?id=182855

        Reviewed by Brent Fulgham.

        On macOS, the functions screenAvailableRect and screenRect is implemented using NSScreen, which is communicating
        with the WindowServer. To avoid this WindowServer communication from the WebContent process when calling
        screenAvailableRect and screenRect, it is possible to let the UIProcess send a message to the WebContent
        process whenever there is a change in the display properties, and have the WebContent process cache these
        display properties. This message should also be sent to a newly started WebContent process.

        No new tests, covered by existing tests.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/PlatformScreen.h:
        * platform/mac/PlatformScreenMac.mm:
        (WebCore::getScreenProperties):
        (WebCore::screenProperties):
        (WebCore::setScreenProperties):
        (WebCore::screenRect):
        (WebCore::screenAvailableRect):
        * platform/ScreenProperties.h: Added.
        (WebCore::ScreenProperties::encode const):
        (WebCore::ScreenProperties::decode):

2018-02-21  Christopher Reid  <chris.reid@sony.com>

        [Curl] Curl Cookie Database File should be configurable using NetworkProcessCreationParameters
        https://bugs.webkit.org/show_bug.cgi?id=182751

        Reviewed by Youenn Fablet.

        No change in behavior.

        Adding support to set a custom CookieJar Database.
        Took CookieJarDB::open() out of its constructor because both the Network and Web process
        were trying to open the journal files but one process was failing due to a lack of permission.
        Now the database file is lazily opened and only the Network process will try to open the database.
        Some cleanup was done to CookieJarDB too.

        * platform/network/NetworkStorageSession.h:
        * platform/network/curl/CookieJarDB.cpp:
        * platform/network/curl/CookieJarDB.h:
        * platform/network/curl/NetworkStorageSessionCurl.cpp:

2018-02-21  Chris Dumez  <cdumez@apple.com>

        Regression(r228708): Crash under WebCore::MediaResource::responseReceived(WebCore::CachedResource&, WebCore::ResourceResponse const&)
        https://bugs.webkit.org/show_bug.cgi?id=183018
        <rdar://problem/37754154>

        Reviewed by Eric Carlson.

        The fix at r228708 was trying to address the fact that avplayer sometimes
        deallocates WebCoreNSURLSessionDataTask objects on a non-main thread, which
        was not safe because its _resource data member needs to be deallocated on
        the main thread.

        The issue is that r228708 caused _resource to outlive its WebCoreNSURLSessionDataTask.
        This is an issue because _resource has a client data member (of type WebCoreNSURLSessionDataTaskClient)
        which has a raw pointer to the WebCoreNSURLSessionDataTask. This means that the main thread could
        call methods like responseReceived() on the resource, which would call responseReceived() on the
        client, which would try to call [WebCoreNSURLSessionDataTask receivedResponse:] with an invalid
        m_task pointer.

        To address the issue, I introduced a clearTask() method on WebCoreNSURLSessionDataTaskClient, which
        gets called from a non-main thread to clear the client's m_task pointer when the task is destroyed
        on a non-main thread. So that this is safe, every time the client tries to use m_task, we now
        acquire a lock for thread-safety and do a null-check on m_task.

        No new tests, no known reproduction case.

        * platform/graphics/PlatformMediaResourceLoader.h:
        (WebCore::PlatformMediaResource::client):
        * platform/network/cocoa/WebCoreNSURLSession.mm:
        (WebCore::WebCoreNSURLSessionDataTaskClient::clearTask):
        (WebCore::WebCoreNSURLSessionDataTaskClient::dataSent):
        (WebCore::WebCoreNSURLSessionDataTaskClient::responseReceived):
        (WebCore::WebCoreNSURLSessionDataTaskClient::shouldCacheResponse):
        (WebCore::WebCoreNSURLSessionDataTaskClient::dataReceived):
        (WebCore::WebCoreNSURLSessionDataTaskClient::redirectReceived):
        (WebCore::WebCoreNSURLSessionDataTaskClient::accessControlCheckFailed):
        (WebCore::WebCoreNSURLSessionDataTaskClient::loadFailed):
        (WebCore::WebCoreNSURLSessionDataTaskClient::loadFinished):
        (-[WebCoreNSURLSessionDataTask dealloc]):

2018-02-21  Youenn Fablet  <youenn@apple.com>

        Move AppCache loading to the NetworkProcess
        https://bugs.webkit.org/show_bug.cgi?id=178540
        <rdar://problem/37119346>

        Reviewed by Alex Christensen.

        Covered by existing tests.

        Use ApplicationResourceLoader for cache entry loading.
        Remove all ResourceHandle use from ApplicationCacheGroup.
        Renamed m_loader in m_manifestLoader and added a new m_entryLoader to load cache entries.

        Updated ApplicationCacheResourceLoader to handle different types of CachedResource.
        This allows in particular to handle redirections based on the resource type and create the ApplicationCacheResource with the right type.
        Use Include as credentials mode as per specification.

        Add a new ApplicationCache ResourceResonse::Source.
        This allows fixing an assertion and should allow better inspector support if needs be.

        * inspector/agents/InspectorNetworkAgent.cpp:
        (WebCore::responseSource):
        * loader/ResourceLoader.cpp:
        (WebCore::logResourceResponseSource):
        * loader/SubstituteResource.h:
        (WebCore::SubstituteResource::resourceResponse):
        * loader/appcache/ApplicationCacheGroup.cpp:
        (WebCore::ApplicationCacheGroup::stopLoading):
        (WebCore::ApplicationCacheGroup::update):
        (WebCore::ApplicationCacheGroup::didFinishLoading):
        (WebCore::ApplicationCacheGroup::didFinishLoadingEntry):
        (WebCore::ApplicationCacheGroup::didFail):
        (WebCore::ApplicationCacheGroup::didFailLoadingEntry):
        (WebCore::ApplicationCacheGroup::checkIfLoadIsComplete):
        (WebCore::ApplicationCacheGroup::startLoadingEntry):
        * loader/appcache/ApplicationCacheGroup.h:
        * loader/appcache/ApplicationCacheResource.cpp:
        (WebCore::ApplicationCacheResource::ApplicationCacheResource):
        * loader/appcache/ApplicationCacheResourceLoader.cpp:
        (WebCore::ApplicationCacheResourceLoader::create):
        (WebCore::ApplicationCacheResourceLoader::ApplicationCacheResourceLoader):
        (WebCore::ApplicationCacheResourceLoader::responseReceived):
        (WebCore::ApplicationCacheResourceLoader::redirectReceived):
        * loader/appcache/ApplicationCacheResourceLoader.h:
        * platform/network/ResourceResponseBase.h:
        * platform/network/cocoa/ResourceResponseCocoa.mm:
        (WebCore::ResourceResponse::platformCertificateInfo const):
        * testing/Internals.cpp:
        (WebCore::responseSourceToString):

2018-02-21  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderBoxModelObject::willBeRemoved() mutation logic to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=183014
        <rdar://problem/37757428>

        Reviewed by Antti Koivisto.

        No change in functionality.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::~RenderBoxModelObject):
        (WebCore::RenderBoxModelObject::willBeDestroyed):
        (WebCore::RenderBoxModelObject::continuationChainNode const):
        (): Deleted.
        (WebCore::RenderBoxModelObject::removeAndDestroyAllContinuations): Deleted.
        * rendering/RenderBoxModelObject.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::RenderTreeBuilder):
        (WebCore::RenderTreeBuilder::removeAndDestroy):
        * rendering/updating/RenderTreeBuilder.h:
        (WebCore::RenderTreeBuilder::continuationBuilder):
        * rendering/updating/RenderTreeBuilderContinuation.cpp: Added.
        (WebCore::RenderTreeBuilder::Continuation::Continuation):
        (WebCore::RenderTreeBuilder::Continuation::cleanupOnDestroy):
        * rendering/updating/RenderTreeBuilderContinuation.h: Added.

2018-02-21  Youenn Fablet  <youenn@apple.com>

        ServiceWorkerJob::m_lastResponse is unneeded
        https://bugs.webkit.org/show_bug.cgi?id=183013

        Reviewed by Chris Dumez.

        Remove this field since not used anywhere.

        * workers/service/ServiceWorkerJob.cpp:
        (WebCore::ServiceWorkerJob::didReceiveResponse):
        * workers/service/ServiceWorkerJob.h:

2018-02-21  Youenn Fablet  <youenn@apple.com>

        Use ResourceLoader to load appcache manifest
        https://bugs.webkit.org/show_bug.cgi?id=182861

        Reviewed by Alex Christensen.

        Covered by updated tests.

        Add ApplicationCacheResourceLoader to load an ApplicationCacheResource from a ResourceLoader.
        Make use of it to load the app cache manifest.
        Future work should load entries using the same loader.

        Remove manifest handle.
        Ensure that DocumentLoader does not register the manifest resource loader as its lifetime
        is handled by its ApplicationCacheGroup.

        Add a ResourceLoader option to bypass the application cache.
        Use it for manifest loading.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::addSubresourceLoader):
        * loader/ResourceLoaderOptions.h:
        * loader/appcache/ApplicationCacheGroup.cpp:
        (WebCore::ApplicationCacheGroup::stopLoading):
        (WebCore::ApplicationCacheGroup::update):
        (WebCore::ApplicationCacheGroup::createRequest):
        (WebCore::ApplicationCacheGroup::didReceiveResponseAsync):
        (WebCore::ApplicationCacheGroup::didReceiveData):
        (WebCore::ApplicationCacheGroup::didFinishLoading):
        (WebCore::ApplicationCacheGroup::didFail):
        (WebCore::ApplicationCacheGroup::didFinishLoadingManifest):
        (WebCore::ApplicationCacheGroup::checkIfLoadIsComplete):
        * loader/appcache/ApplicationCacheGroup.h:
        * loader/appcache/ApplicationCacheHost.cpp:
        (WebCore::ApplicationCacheHost::maybeLoadResource):
        (WebCore::ApplicationCacheHost::maybeLoadFallbackForRedirect):
        (WebCore::ApplicationCacheHost::maybeLoadFallbackForResponse):
        (WebCore::ApplicationCacheHost::maybeLoadFallbackForError):
        * loader/appcache/ApplicationCacheResourceLoader.cpp: Added.
        * loader/appcache/ApplicationCacheResourceLoader.h: Added.

2018-02-21  Don Olmstead  <don.olmstead@sony.com>

        [CMake][Win] Use cmakeconfig.h rather than config.h and Platform.h
        https://bugs.webkit.org/show_bug.cgi?id=182883

        Reviewed by Per Arne Vollan.

        No new tests. No change in behavior.

        * WebCorePrefix.h:
        * config.h:
        * testing/js/WebCoreTestSupportPrefix.h:

2018-02-21  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderView::willBeRemoved() mutation logic to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=183009

        Reviewed by Antti Koivisto.

        No change in functionality.

        * dom/Document.cpp:
        (WebCore::Document::destroyRenderTree):
        * rendering/RenderView.cpp:
        (WebCore::RenderView::~RenderView):
        (WebCore::RenderView::willBeDestroyed): Deleted.
        * rendering/RenderView.h:

2018-02-21  Michael Catanzaro  <mcatanzaro@igalia.com>

        [GTK] USE_UPOWER causes crashes inside a chroot or on systems with broken dbus/upower
        https://bugs.webkit.org/show_bug.cgi?id=181825

        Reviewed by Carlos Garcia Campos.

        We could fix this crash, but that would not be good enough, because upower-glib is a
        synchronous API that wraps D-Bus calls. That's not acceptable for use in the web process.
        Rewrite LowPowerModeNotifierGLib to use upower's D-Bus API directly, instead.

        Note that this also enables LowPowerModeNotifier for WPE, since the USE(UPOWER) build
        flag is no longer needed.

        * platform/LowPowerModeNotifier.cpp:
        * platform/LowPowerModeNotifier.h:
        * platform/glib/LowPowerModeNotifierGLib.cpp:
        (WebCore::LowPowerModeNotifier::LowPowerModeNotifier):
        (WebCore::LowPowerModeNotifier::updateWarningLevel):
        (WebCore::LowPowerModeNotifier::warningLevelChanged):
        (WebCore::LowPowerModeNotifier::gPropertiesChangedCallback):
        (WebCore::LowPowerModeNotifier::~LowPowerModeNotifier):
        (WebCore::LowPowerModeNotifier::updateState): Deleted.
        (WebCore::LowPowerModeNotifier::warningLevelCallback): Deleted.

2018-02-21  Chris Dumez  <cdumez@apple.com>

        VTTCue constructor should use 'double' type for startTime / endTime
        https://bugs.webkit.org/show_bug.cgi?id=182988

        Reviewed by Eric Carlson.

        VTTCue constructor should use 'double' type for startTime / endTime, not
        'unrestricted double':
        - https://w3c.github.io/webvtt/#the-vttcue-interface

        Otherwise, we end up potentially returning NaN for TextTrackCue.startTime / endTime,
        even though those correctly use type 'double':
        - https://html.spec.whatwg.org/multipage/media.html#texttrackcue

        The new behavior is consistent with Firefox and Chrome.

        No new tests, updated existing test.

        * bindings/js/JSDOMConvertNumbers.h:
        (WebCore::JSConverter<IDLDouble>::convert):
        Add assertion to make sure our implementation never tries to return NaN
        for an IDL attribute of type 'double'. This would be invalid as per Web
        IDL spec and would crash if the NaN being returned was impure as JSValue
        could not store it as a double.

        * html/track/VTTCue.idl:
        Update constructor parameters to use 'double' type instead of 'unrestricted
        double', as per:
        - https://w3c.github.io/webvtt/#the-vttcue-interface

2018-02-21  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderTextFragment::willBeRemoved() mutation logic to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182946
        <rdar://problem/37690039>

        Reviewed by Antti Koivisto.

        No change in functionality.

        * rendering/RenderTextFragment.cpp:
        (WebCore::RenderTextFragment::willBeDestroyed):
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::takeChild):
        * rendering/updating/RenderTreeBuilderFirstLetter.cpp:
        (WebCore::RenderTreeBuilder::FirstLetter::cleanupOnRemoval):
        * rendering/updating/RenderTreeBuilderFirstLetter.h:

2018-02-21  Ms2ger  <Ms2ger@igalia.com>

        [GCrypt] Remove unsound assertion from CryptoKeyRSA::exportData().
        https://bugs.webkit.org/show_bug.cgi?id=183001

        Reviewed by Philippe Normand.

        This function is called from structured cloning, in particular when storing
        a key in IndexedDB. This would trip the assertion if the key in question is
        non-exportable.

        The assertion was copied from the macOS implementation in r172389; it was
        subsequently removed there in r172898 to handle this case.

        Test: crypto/subtle/rsa-indexeddb-non-exportable.html

        * crypto/gcrypt/CryptoKeyRSAGCrypt.cpp:
        (WebCore::CryptoKeyRSA::exportData const): remove assertion.

2018-02-21  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] Make system-ui obey the user-installed-font policy
        https://bugs.webkit.org/show_bug.cgi?id=182860
        <rdar://problem/36158249>

        Reviewed by Antti Koivisto.

        We have a completely different codepath for system-ui which makes it follow the system's
        font cascade list. This codepath (along with all the other relevant places which create
        system fonts) needs to obey the AllowUserInstalledFonts enum. This patch is fairly
        mechanical; we simply are hooking up the flag across SystemFontDatabase.

        There are a few places which creates system fonts which this patch doesn't touch. This is
        not a problem because all the remaining places either:
        1) Simply pull out some attributes of the font (name, weight, size, etc.) and then throw
        away the font object itself, or
        2) Use the font in an environment where script cannot access the characters rendered (such
        as DragImages or the fullscreen placeholder view or the inside of the attachment element).

        Test: fast/text/user-installed-fonts/system-ui.html

        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::FontDatabase::collectionForFamily):
        (WebCore::FontDatabase::fontForPostScriptName):
        (WebCore::fontWithFamily):
        (WebCore::installedFontMandatoryAttributes):
        (WebCore::createSpecificFontForInstalledFonts):
        * platform/graphics/cocoa/FontCacheCoreText.h:
        * platform/graphics/cocoa/FontDescriptionCocoa.cpp:
        (WebCore::SystemFontDatabase::CoreTextCascadeListParameters::operator== const):
        (WebCore::SystemFontDatabase::CoreTextCascadeListParameters::hash const):
        (WebCore::SystemFontDatabase::systemFontCascadeList):
        (WebCore::SystemFontDatabase::removeCascadeList):
        (WebCore::SystemFontDatabase::computeCascadeList):
        (WebCore::systemFontParameters):
        (WebCore::systemFontCascadeList):
        (WebCore::FontCascadeDescription::effectiveFamilyCount const):
        (WebCore::FontCascadeDescription::effectiveFamilyAt const):
        * platform/graphics/ios/FontCacheIOS.mm:
        (WebCore::platformFontWithFamilySpecialCase):
        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::platformFontWithFamilySpecialCase):

2018-02-21  Chris Dumez  <cdumez@apple.com>

        Unreviewed attempt to fix build after r228867.

        * Modules/webvr/VRStageParameters.cpp:

2018-02-21  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] Rewrite purgeInvalid*Tracks methods
        https://bugs.webkit.org/show_bug.cgi?id=183004

        Reviewed by Carlos Garcia Campos.

        Removing items from a hashmap while iterating is bad.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::purgeInvalidAudioTracks):
        Safely remove items from the hashmap using removeIf().
        (WebCore::MediaPlayerPrivateGStreamer::purgeInvalidVideoTracks): Ditto.
        (WebCore::MediaPlayerPrivateGStreamer::purgeInvalidTextTracks): Ditto.

2018-02-21  Chris Dumez  <cdumez@apple.com>

        Unreviewed attempt to fix build after r228867.

        * Modules/webvr/VRStageParameters.cpp:

2018-02-21  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] Crash in Debug build when purging invalid tracks
        https://bugs.webkit.org/show_bug.cgi?id=182997

        Reviewed by Xabier Rodriguez-Calvar.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::purgeInvalidAudioTracks): Clear the hashmap when there is no valid track left.
        (WebCore::MediaPlayerPrivateGStreamer::purgeInvalidVideoTracks): Ditto.
        (WebCore::MediaPlayerPrivateGStreamer::purgeInvalidTextTracks): Ditto.
        * platform/graphics/gstreamer/TrackPrivateBaseGStreamer.cpp:
        (WebCore::TrackPrivateBaseGStreamer::getLanguageCode): Demote debugging, this appears too much at least with playbin2.
        (WebCore::TrackPrivateBaseGStreamer::getTag): Ditto.

2018-02-21  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] We need to adopt GstGlDisplays after GStreamer 1.13.1
        https://bugs.webkit.org/show_bug.cgi?id=182996

        Reviewed by Xabier Rodriguez-Calvar.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::ensureGstGLContext):
        Adopt references when running with GStreamer 1.13.1 to avoid
        memory leaks.

2018-02-20  Philippe Normand  <pnormand@igalia.com>

        [GTK] Layout test media/track/track-in-band-duplicate-tracks-when-source-changes.html failing since r228617
        https://bugs.webkit.org/show_bug.cgi?id=160131
        <rdar://problem/35873985>

        Reviewed by Michael Catanzaro.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfText): We
        can't assume the pad has a sticky event here like implemented in
        InbandTextTrackPrivateGStreamer because it might be emitted after
        the track was created. So fallback to a dummy stream ID like in
        the Audio and Video tracks.

2018-02-20  Sergio Villar Senin  <svillar@igalia.com>

        [WebVR][OpenVR] Retrieve stage parameters
        https://bugs.webkit.org/show_bug.cgi?id=182976

        Reviewed by Žan Doberšek.

        Use OpenVR to retrieve stage parameters, i.e., play area size and
        the transformation from sitting to standing position. It includes
        the same fallback used by Firefox to provide sensible values in case
        we cannot get the required information from the VR SDK (it's quite
        common not to have defined a play area).

        * Modules/webvr/VRDisplay.cpp:
        (WebCore::VRDisplay::stageParameters const):
        * Modules/webvr/VRDisplay.h:
        * Modules/webvr/VRStageParameters.cpp:
        (WebCore::VRStageParameters::VRStageParameters):
        (WebCore::VRStageParameters::sittingToStandingTransform const):
        (WebCore::VRStageParameters::sizeX const):
        (WebCore::VRStageParameters::sizeZ const):
        * Modules/webvr/VRStageParameters.h:
        (WebCore::VRStageParameters::create):
        * platform/vr/VRPlatformDisplay.h:
        * platform/vr/openvr/VRPlatformDisplayOpenVR.cpp:
        (WebCore::VRPlatformDisplayOpenVR::VRPlatformDisplayOpenVR):
        (WebCore::VRPlatformDisplayOpenVR::updateStageParameters):
        * platform/vr/openvr/VRPlatformDisplayOpenVR.h:

2018-02-21  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] Create a Wayland GL display instead of EGL
        https://bugs.webkit.org/show_bug.cgi?id=182968

        Reviewed by Xabier Rodriguez-Calvar.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::ensureGstGLContext):
        Add logging and instantiate a GstDisplayWayland display instead of
        an EGL display when running under a Wayland compositor.

2018-02-21  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderFullScreen::willBeRemoved() mutation logic to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182947
        <rdar://problem/37690848>

        Reviewed by Antti Koivisto.

        No change in functionality.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * rendering/RenderFullScreen.cpp:
        (WebCore::RenderFullScreen::willBeDestroyed):
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::takeChild):
        * rendering/updating/RenderTreeBuilder.h:
        (WebCore::RenderTreeBuilder::fullScreenBuilder):
        * rendering/updating/RenderTreeBuilderFullScreen.cpp: Added.
        (WebCore::RenderTreeBuilder::FullScreen::FullScreen):
        (WebCore::RenderTreeBuilder::FullScreen::cleanupOnRemoval):
        * rendering/updating/RenderTreeBuilderFullScreen.h: Added.
        * rendering/updating/RenderTreeBuilderMathML.cpp:

2018-02-20  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderListItem::willBeRemoved() mutation logic to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182943
        <rdar://problem/37689029>

        Reviewed by Antti Koivisto.

        We don't need to destroy the marker in RenderListItem::willBeRemoved(), because it gets deleted
        in RenderTreeBuilder::removeAndDestroy() together with RenderListItem (as long as the marker is
        the RenderListItem's descendent). 

        Covered by existing tests.

        * rendering/RenderListItem.cpp:
        (WebCore::RenderListItem::~RenderListItem):
        (WebCore::RenderListItem::willBeDestroyed): Deleted.
        * rendering/RenderListItem.h:

2018-02-20  Nan Wang  <n_wang@apple.com>

        AX: Keyboard focus not following VoiceOver cursor into web content or within web content.
        https://bugs.webkit.org/show_bug.cgi?id=182752
        <rdar://problem/37518233>

        Reviewed by Ryosuke Niwa.

        Call the assistive technology specific method for becoming first responder.

        Test: accessibility/mac/accessibility-make-first-responder.html

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper _accessibilitySetValue:forAttribute:]):
        * page/ChromeClient.h:

2018-02-20  Tim Horton  <timothy_horton@apple.com>

        Introduce HAVE(IOSURFACE_ACCELERATOR)
        https://bugs.webkit.org/show_bug.cgi?id=182955
        <rdar://problem/37699510>

        Reviewed by Sam Weinig.

        No new tests, no change in behavior.

        Introduce HAVE(IOSURFACE_ACCELERATOR) and guard all uses of
        IOSurfaceAccelerator behind it.

        Rename USE(IOSURFACE) to HAVE(IOSURFACE) for accuracy.

        * page/cocoa/MemoryReleaseCocoa.mm:
        * platform/graphics/ca/TileController.cpp:
        * platform/graphics/cg/IOSurfacePool.cpp:
        * platform/graphics/cg/IOSurfacePool.h:
        * platform/graphics/cg/ImageBufferCG.cpp:
        * platform/graphics/cocoa/IOSurface.h:
        * platform/graphics/cocoa/IOSurface.mm:
        * platform/graphics/cocoa/IOSurfacePoolCocoa.mm:
        * platform/graphics/cv/VideoTextureCopierCV.cpp:
        * platform/graphics/cv/VideoTextureCopierCV.h:

2018-02-20  Chris Dumez  <cdumez@apple.com>

        Provisional load may get committed before receiving the decidePolicyForNavigationResponse response
        https://bugs.webkit.org/show_bug.cgi?id=182720
        <rdar://problem/37515204>

        Reviewed by Alex Christensen.

        Wait for the policy response from the client after receiving a resource response,
        before sending the NetworkResourceLoader::ContinueDidReceiveResponse IPC back to
        the NetworkProcess. Otherwise, the network process may start sending us data and
        we may end up committing the provisional load before receiving the policy decision
        fron the client.

        Change is covered by new API test.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::responseReceived):
        * loader/NetscapePlugInStreamLoader.cpp:
        (WebCore::NetscapePlugInStreamLoader::didReceiveResponse):
        * loader/NetscapePlugInStreamLoader.h:
        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::deliverResponseAndData):
        (WebCore::ResourceLoader::loadDataURL):
        (WebCore::ResourceLoader::didReceiveResponse):
        (WebCore::ResourceLoader::didReceiveResponseAsync):
        * loader/ResourceLoader.h:
        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::didReceiveResponse):
        (WebCore::SubresourceLoader::didReceiveResponsePolicy):
        (WebCore::SubresourceLoader::willCancel):
        * loader/SubresourceLoader.h:
        * loader/ios/PreviewLoader.mm:
        (-[WebPreviewLoader _sendDidReceiveResponseIfNecessary]):

2018-02-20  Chris Dumez  <cdumez@apple.com>

        Crash under JSC::JSCell::toNumber(JSC::ExecState*)
        https://bugs.webkit.org/show_bug.cgi?id=182984
        <rdar://problem/37694346>

        Reviewed by Mark Lam.

        The issue was caused by DOMMatrix attributes potentially returning "impure"
        NaN values. We would call JSC::jsNumber(double) to construct the JSValue
        but this is only safe for pure NaN values. Make sure we purify the double
        returned by the implementation for IDL attributes of type 'unrestricted double'
        before calling JSC::jsNumber(double).

        No new tests, extended existing test.

        * bindings/js/JSDOMConvertNumbers.h:
        (WebCore::JSConverter<IDLUnrestrictedDouble>::convert):
        * testing/TypeConversions.h:
        (WebCore::TypeConversions::testImpureNaNUnrestrictedDouble const):
        (WebCore::TypeConversions::testImpureNaN2UnrestrictedDouble const):
        (WebCore::TypeConversions::testQuietNaNUnrestrictedDouble const):
        * testing/TypeConversions.idl:

2018-02-20  Tim Horton  <timothy_horton@apple.com>

        Make more use of USE(OPENGL_ES) where it makes sense
        https://bugs.webkit.org/show_bug.cgi?id=182957
        <rdar://problem/37699443>

        Reviewed by Dan Bernstein.

        No new tests, no behavior change.

        Make use of USE(OPENGL_ES) for CoreVideo functions that differ based
        on GL availability. Also adjust GraphicsContext3D in the same way.

        * platform/cocoa/CoreVideoSoftLink.cpp:
        * platform/cocoa/CoreVideoSoftLink.h:
        * platform/graphics/GraphicsContext3D.h:
        * platform/graphics/cv/TextureCacheCV.mm:
        (WebCore::TextureCacheCV::create):
        (WebCore::TextureCacheCV::textureFromImage):
        * platform/graphics/cv/VideoTextureCopierCV.cpp:
        (WebCore::enumToStringMap):
        (WebCore::VideoTextureCopierCV::initializeContextObjects):
        (WebCore::VideoTextureCopierCV::initializeUVContextObjects):
        (WebCore::VideoTextureCopierCV::copyImageToPlatformTexture):
        (WebCore::VideoTextureCopierCV::copyVideoTextureToPlatformTexture):

2018-02-20  Nan Wang  <n_wang@apple.com>

        AX: AOM: Dispatch accessibleclick event
        https://bugs.webkit.org/show_bug.cgi?id=180898
        <rdar://problem/36086710>

        Reviewed by Ryosuke Niwa.

        Accessibility events.
        Spec: https://wicg.github.io/aom/spec/phase2.html

        This patch allows developers to register event handlers on Elements
        for custom accessibility events.

        Accessibility events go through a capturing and bubbling phase just
        like DOM events, but in the accessibility tree.

        Implemented "accessibleclick" event.

        Test: accessibility/mac/AOM-events.html

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::press):
        (WebCore::AccessibilityObject::dispatchAccessibilityEvent):
        * accessibility/AccessibilityObject.h:
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper accessibilityPerformAction:]):
        * dom/Element.idl:
        * dom/EventDispatcher.cpp:
        (WebCore::dispatchEventWithType):
        (WebCore::EventDispatcher::dispatchEvent):
        * dom/EventDispatcher.h:
        * dom/EventNames.h:
        * dom/EventPath.cpp:
        (WebCore::EventPath::EventPath):
        * dom/EventPath.h:

2018-02-20  Wenson Hsieh  <wenson_hsieh@apple.com>

        [iOS 11.3 Beta] Can't copy a URL from Safari and paste it into the Gmail app
        https://bugs.webkit.org/show_bug.cgi?id=182952
        <rdar://problem/37636190>

        Reviewed by Tim Horton.

        After r220865 refactored the iOS copy codepaths to use NSItemProviders, we stopped writing the URL as plain text
        to the pasteboard. However, this means clients that only check for "text/plain" (or one of its aliases) on the
        pasteboard won't read any data on paste.

        To fix this, we restore the pre-iOS 11.3 behavior of writing both the URL and plain text to the pasteboard.
        Since we're using item providers, we also ensure that the NSURL is at a higher fidelity than the string to make
        it clear that the data should be consumed as a URL.

        This patch also rebaselines an existing drag and drop test to cover this change, and adds a new API test,
        ActionSheetTests.CopyLinkWritesURLAndPlainText, which simulates copying a link using the share sheet and pasting
        into a DataTransfer-dumping test harness.

        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::write):

2018-02-20  Eric Carlson  <eric.carlson@apple.com>

        [iOS] Returning from Auto-PiP causes Safari to be unresponsive
        https://bugs.webkit.org/show_bug.cgi?id=182977
        <rdar://problem/37685981>

        Reviewed by Jer Noble.

        Remove the error handling added in r228115, it breaks auto-pip.

        * platform/ios/VideoFullscreenInterfaceAVKit.mm:
        (VideoFullscreenInterfaceAVKit::applicationDidBecomeActive):
        (VideoFullscreenInterfaceAVKit::enterFullscreenStandard):
        (VideoFullscreenInterfaceAVKit::exitFullscreen):
        (VideoFullscreenInterfaceAVKit::cleanupFullscreen):
        (VideoFullscreenInterfaceAVKit::didStartPictureInPicture):
        (VideoFullscreenInterfaceAVKit::prepareForPictureInPictureStopWithCompletionHandler):
        (VideoFullscreenInterfaceAVKit::exitFullscreenHandler):
        (VideoFullscreenInterfaceAVKit::enterFullscreenHandler):

2018-02-20  Jer Noble  <jer.noble@apple.com>

        [EME] Adopt new AVContentKeySession success delegate callback
        https://bugs.webkit.org/show_bug.cgi?id=182974
        <rdar://problem/36079035>

        Reviewed by Eric Carlson.

        Store the updateLicenseCallback if the new protocol method is present and supported.

        * platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.h:
        * platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.mm:
        (-[WebCoreFPSContentKeySessionDelegate contentKeySession:contentKeyRequestDidSucceed:]):
        (WebCore::CDMInstanceFairPlayStreamingAVFObjC::updateLicense):
        (WebCore::CDMInstanceFairPlayStreamingAVFObjC::didFailToProvideRequest):
        (WebCore::CDMInstanceFairPlayStreamingAVFObjC::requestDidSucceed):

2018-02-19  Dean Jackson  <dino@apple.com>

        Handle all writing-modes in downcast
        https://bugs.webkit.org/show_bug.cgi?id=182949
        <rdar://problem/37710687>

        Reviewed by Myles Maxfield.

        It appears we forgot to handle the deprecated "lr"
        writing-mode value.

        Test: fast/writing-mode/svg-writing-modes.html

        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::operator WritingMode const):

2018-02-20  Zan Dobersek  <zdobersek@igalia.com>

        [Cairo] Drop target GraphicsContext usage in Cairo operations
        https://bugs.webkit.org/show_bug.cgi?id=182964

        Reviewed by Carlos Garcia Campos.

        The GraphicsContext parameters in various Cairo operations are not used
        anymore, so they can be removed. Callsites are updated to reflect this.

        * platform/graphics/cairo/CairoOperations.cpp:
        (WebCore::Cairo::drawShadowLayerBuffer):
        (WebCore::Cairo::fillShadowBuffer):
        (WebCore::Cairo::drawPathShadow):
        (WebCore::Cairo::drawGlyphsShadow):
        (WebCore::Cairo::fillRect):
        (WebCore::Cairo::fillRoundedRect):
        (WebCore::Cairo::fillRectWithRoundedHole):
        (WebCore::Cairo::fillPath):
        (WebCore::Cairo::strokeRect):
        (WebCore::Cairo::strokePath):
        (WebCore::Cairo::drawGlyphs):
        (WebCore::Cairo::drawNativeImage):
        (WebCore::Cairo::drawSurface):
        * platform/graphics/cairo/CairoOperations.h:
        * platform/graphics/cairo/FontCairo.cpp:
        (WebCore::FontCascade::drawGlyphs):
        * platform/graphics/cairo/GraphicsContextCairo.cpp:
        (WebCore::GraphicsContext::drawNativeImage):
        (WebCore::GraphicsContext::fillPath):
        (WebCore::GraphicsContext::strokePath):
        (WebCore::GraphicsContext::fillRect):
        (WebCore::GraphicsContext::strokeRect):
        (WebCore::GraphicsContext::platformFillRoundedRect):
        (WebCore::GraphicsContext::fillRectWithRoundedHole):
        * platform/graphics/cairo/GraphicsContextImplCairo.cpp:
        (WebCore::GraphicsContextImplCairo::fillRect):
        (WebCore::GraphicsContextImplCairo::fillRoundedRect):
        (WebCore::GraphicsContextImplCairo::fillRectWithRoundedHole):
        (WebCore::GraphicsContextImplCairo::fillPath):
        (WebCore::GraphicsContextImplCairo::strokeRect):
        (WebCore::GraphicsContextImplCairo::strokePath):
        (WebCore::GraphicsContextImplCairo::drawGlyphs):
        (WebCore::GraphicsContextImplCairo::drawNativeImage):
        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:
        (WebCore::MediaPlayerPrivateMediaFoundation::Direct3DPresenter::paintCurrentFrame):

2018-02-20  Sergio Villar Senin  <svillar@igalia.com>

        [WebVR][OpenVR] Retrieve eye parameters and field of view
        https://bugs.webkit.org/show_bug.cgi?id=182962

        Reviewed by Žan Doberšek.

        Get the required data from OpenVR to fill in the VREyeParameters and
        the VRFieldOfView objects.

        * Modules/webvr/VRDisplay.cpp: Create some attributes in the
        body of the constructor instead in the member initialization list to
        avoid calling getDisplayInfo() multiple times.
        (WebCore::VRDisplay::VRDisplay):
        (WebCore::VRDisplay::capabilities const):
        (WebCore::VRDisplay::getEyeParameters const):
        * Modules/webvr/VRDisplay.h:
        * Modules/webvr/VREyeParameters.cpp:
        (WebCore::VREyeParameters::VREyeParameters): Added new attributes to
        the constructor.
        (WebCore::VREyeParameters::offset const): Return a Ref instead of
        a raw pointer.
        (WebCore::VREyeParameters::renderWidth const):
        (WebCore::VREyeParameters::renderHeight const):
        * Modules/webvr/VREyeParameters.h:
        (WebCore::VREyeParameters::create):
        * Modules/webvr/VRFieldOfView.cpp: Removed. All the impletementation
        fits perfectly in the header file.
        * Modules/webvr/VRFieldOfView.h:
        (WebCore::VRFieldOfView::create):
        (WebCore::VRFieldOfView::upDegrees const):
        (WebCore::VRFieldOfView::rightDegrees const):
        (WebCore::VRFieldOfView::downDegrees const):
        (WebCore::VRFieldOfView::leftDegrees const):
        (WebCore::VRFieldOfView::VRFieldOfView):
        * Sources.txt:
        * platform/vr/VRPlatformDisplay.h: Added some more data to the
        VRPlatformDisplayInfo struct.
        * platform/vr/openvr/VRPlatformDisplayOpenVR.cpp:
        (WebCore::VRPlatformDisplayOpenVR::VRPlatformDisplayOpenVR):
        (WebCore::VRPlatformDisplayOpenVR::computeFieldOfView): Computes the
        up/down/left/right FOV angles in degrees from the raw project
        values returned by OpenVR.
        (WebCore::VRPlatformDisplayOpenVR::updateEyeParameters): Fills in
        the eye parameter info.
        (WebCore::VRPlatformDisplayOpenVR::~VRPlatformDisplayOpenVR):
        * platform/vr/openvr/VRPlatformDisplayOpenVR.h:

2018-02-20  Philippe Normand  <pnormand@igalia.com>

        [GStreamer][MiniBrowser] Honor GStreamer command line parameters in MiniBrowser
        https://bugs.webkit.org/show_bug.cgi?id=173655

        Reviewed by Xabier Rodriguez-Calvar.

        The FIXME in GStreamerUtilities.cpp asks to pass the command line
        parameters to the GStreamer initialization function.

        Based on initial patch by: Vanessa Chipirrás Navalón  <vchipirras@igalia.com>

        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::constructCommon): Removes the call to the method
        that GStreamer initializes. It is no longer necessary.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::initializeGStreamerAndRegisterWebKitElements): Ditto
        * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
        (WebCore::initializeGStreamerAndRegisterWebKitMSEElement): Ditto
        * platform/graphics/gstreamer/GStreamerUtilities.cpp:
        (WebCore::initializeGStreamer): Receive the GStreamer options and initialize GStreamer.
        * platform/graphics/gstreamer/GStreamerUtilities.h: Add vector which contains
        GStreamer options as the input parameter of the initializeGStreamer() method.

2018-02-20  Miguel Gomez  <magomez@igalia.com>

        [GTK] whatsapp web blurry in some parts, sharp on others
        https://bugs.webkit.org/show_bug.cgi?id=182673

        Reviewed by Carlos Garcia Campos.

        CoordinatedGraphicsLayer::createBackingStore() uses the scale factor returned by effectiveContentsScale(),
        which is always 1 if selfOrAncestorHaveNonAffineTransforms() returns true. But this fuction always returns
        true if the layer has an AnimatedPropertyTransform animation, which means that layers with those animations
        won't use the appropriate scale factor, causing blurry renderings.

        This patch removes the animations check, so animated layers properly use the required scale factor.

        No new tests, no behavior change.

        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::CoordinatedGraphicsLayer::selfOrAncestorHaveNonAffineTransforms):

2018-02-20  Zan Dobersek  <zdobersek@igalia.com>

        [Cairo] Leverage ShadowBlur without using scratch buffer, target GraphicsContext
        https://bugs.webkit.org/show_bug.cgi?id=182958

        Reviewed by Carlos Garcia Campos.

        To allow ShadowBlur usage in different threads, avoid the ShadowBlur
        class using the scratch buffer internally. The current implementation of
        that scratch buffer is not thread-safe and its usage in such conditions
        can lead to crashes.

        Instead, the new methods use a temporary ImageBuffer object for drawing.
        This does negate the efficiency of possibly reusing the scratch buffer,
        but at this point that is not yet the priority. This only affects ports
        using Cairo for drawing.

        The added methods don't require a target GraphicsContext object to be
        passed in, instead they accept buffer draw callbacks that are invoked
        with the temporary ImageBuffer object containing the rasterized shadow,
        as well as position and size parameters. The CTM and clip bounds values
        also have to be passed in manually. In CairoOperations.cpp, the provided
        callbacks invoke commands that are equivalent in effect to those that
        would otherwise be invoked on the target GraphicsContext object in the
        ShadowBlur class.

        For now, this approach has to avoid the tiling-based drawing of the
        rectangular shadows in drawRectShadow() and inset shadows in
        drawInsetShadow(), and instead stick to the non-tiling fallback. While
        only affecting Cairo-using ports, with some refactoring it should be
        possible to again leverage the tiling-based approach as well.

        The beginShadowLayer() and endShadowLayer() functions, which are only
        used in CairoOperations.cpp, are replaced with the drawShadowLayer()
        method. This one accepts an additional callback that allows the caller
        to explicitly draw the shadow shape using the provided shadowing
        GraphicsContext object. As with the other two new methods, a temporary
        ImageBuffer object is used, and the buffer draw callback is invoked to
        allow caller to properly handle the shadowing output.

        In CairoOperations.cpp, the new ShadowBlur methods are exercised, with
        direct Cairo operation invocation replacing the GraphicsContext calls
        otherwise done through ShadowBlur. ShadowState object now also has to
        track the global alpha and the global composite operator values so that
        it can properly rasterize the resulting shadow into the final image.

        No new tests -- no change in behavior.

        * platform/graphics/ShadowBlur.cpp:
        (WebCore::ShadowBlur::adjustBlurRadius):
        (WebCore::ShadowBlur::calculateLayerBoundingRect):
        (WebCore::ShadowBlur::drawRectShadow):
        (WebCore::ShadowBlur::drawInsetShadow):
        (WebCore::ShadowBlur::drawShadowLayer):
        (WebCore::ShadowBlur::beginShadowLayer): Deleted.
        (WebCore::ShadowBlur::endShadowLayer): Deleted.
        * platform/graphics/ShadowBlur.h:
        * platform/graphics/cairo/CairoOperations.cpp:
        (WebCore::Cairo::drawShadowLayerBuffer):
        (WebCore::Cairo::fillShadowBuffer):
        (WebCore::Cairo::drawPathShadow):
        (WebCore::Cairo::drawGlyphsShadow):
        (WebCore::Cairo::ShadowState::ShadowState):
        (WebCore::Cairo::fillRect):
        (WebCore::Cairo::fillRoundedRect):
        (WebCore::Cairo::fillRectWithRoundedHole):
        (WebCore::Cairo::drawSurface):
        * platform/graphics/cairo/CairoOperations.h:
        Default-initialize FillSource::fillRule to RULE_NONZERO.
        * platform/graphics/cairo/PlatformContextCairo.h:
        Drop the ShadowBlur.h include, it's moved to CairoOperations.cpp.
        * rendering/RenderThemeGtk.cpp:
        Explicitly include the FloatRoundedRect.h header now that it's not
        included through the ShadowBlur.h header via PlatformContextCairo.h.

2018-02-20  Sergio Villar Senin  <svillar@igalia.com>

        [WebVR] Use RuntimeEnabledFeatures to enable/disable WebVR
        https://bugs.webkit.org/show_bug.cgi?id=182961

        Reviewed by Xabier Rodriguez-Calvar.

        The shared feature was properly added to RuntimeEnabledFeatures some
        time ago but the code was instead using a private method in
        NavigatorWebVR to temporarily disable it. WebVR is enabled in
        WebPreferences.yaml for GTK+ & WPE as default experimental feature.

        * Modules/webvr/NavigatorWebVR.cpp:
        (WebCore::NavigatorWebVR::getVRDisplays):
        (WebCore::NavigatorWebVR::vrEnabled): Deleted.

2018-02-19  Antti Koivisto  <antti@apple.com>

        Use selector filter when invalidating descendants
        https://bugs.webkit.org/show_bug.cgi?id=182839
        <rdar://problem/37581072>

        Reviewed by Zalan Bujtas.

        We can make descendant invalidation faster by enabling filtering.

        * css/SelectorFilter.cpp:
        (WebCore::SelectorFilter::initializeParentStack):

            Traverse and reverse the ancestor chain, and push it.

        (WebCore::SelectorFilter::pushParent):
        (WebCore::SelectorFilter::pushParentInitializingIfNeeded):

            Add a version of pushParent that can initialize the stack.

        (WebCore::SelectorFilter::popParent):
        (WebCore::SelectorFilter::popParentsUntil):

            Pop until a given parent element.

        (WebCore::SelectorFilter::pushParentStackFrame): Deleted.
        (WebCore::SelectorFilter::popParentStackFrame): Deleted.

            These were the same as push/popParent.

        * css/SelectorFilter.h:
        (WebCore::SelectorFilter::popParent): Deleted.
        * style/StyleInvalidator.cpp:
        (WebCore::Style::Invalidator::invalidateStyleForDescendants):

            Use pushParentInitializingIfNeeded.

        (WebCore::Style::Invalidator::invalidateStyleWithMatchElement):

            Use selector filter when doing descendant tree invalidation.
            Make sure to pop it until the parent when reusing.

2018-02-19  Fujii Hironori  <Hironori.Fujii@sony.com>

        null m_lastNodeInserted dereference at ReplaceSelectionCommand::InsertedNodes::lastLeafInserted
        https://bugs.webkit.org/show_bug.cgi?id=161947

        Reviewed by Ryosuke Niwa.

        InsertedNodes happened to be empty if the inserted nodes were
        removed. Add more checks if InsertedNodes is empty.

        No new tests (Covered by existing tests).

        * editing/ReplaceSelectionCommand.cpp:
        (WebCore::ReplaceSelectionCommand::doApply): Return early if InsertedNodes becomes empty.
        * editing/ReplaceSelectionCommand.h:
        (WebCore::ReplaceSelectionCommand::InsertedNodes::isEmpty): New method.
        (WebCore::ReplaceSelectionCommand::InsertedNodes::lastLeafInserted const):
        Assert m_lastNodeInserted is not null.
        (WebCore::ReplaceSelectionCommand::InsertedNodes::pastLastLeaf const): Ditto.

2018-02-19  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Add SVGPropertyTraits::fromString() to all the SVG animated types
        https://bugs.webkit.org/show_bug.cgi?id=182901

        Reviewed by Dean Jackson.

        This is a work toward https://bugs.webkit.org/show_bug.cgi?id=168586. The
        goal is is to templatize the SVGAnimatedType class and to use SVGPropertyTraits
        methods inside the template functions.

        * WebCore.xcodeproj/project.pbxproj: Move the enum and the SVGPropertyTraits
        from SVGMarkerElement.h to SVGMarkerTypes.h.
        * svg/SVGAngle.h:
        (WebCore::SVGAngle::SVGAngle): Delete unused constructor and create() method.
        * svg/SVGAngleValue.h:
        * svg/SVGAnimateMotionElement.cpp:
        (WebCore::parsePoint): Deleted. Move this function to SVGParserUtilities.cpp
        * svg/SVGAnimatedAngle.cpp:
        (WebCore::SVGAnimatedAngleAnimator::constructFromString): Use SVGPropertyTraits::fromString().
        * svg/SVGAnimatedBoolean.cpp:
        (WebCore::SVGAnimatedBooleanAnimator::constructFromString): Ditto.
        * svg/SVGAnimatedColor.cpp:
        (WebCore::SVGAnimatedColorAnimator::constructFromString): Ditto.
        (WebCore::SVGAnimatedColorAnimator::addAnimatedTypes): Use const.
        (WebCore::SVGAnimatedColorAnimator::calculateAnimatedValue): Ditto.
        * svg/SVGAnimatedEnumeration.cpp:
        (WebCore::SVGAnimatedEnumerationAnimator::constructFromString): Ditto.
        * svg/SVGAnimatedInteger.cpp:
        (WebCore::SVGAnimatedIntegerAnimator::constructFromString): Ditto.
        * svg/SVGAnimatedIntegerOptionalInteger.cpp:
        (WebCore::SVGAnimatedIntegerOptionalIntegerAnimator::constructFromString): Ditto.
        * svg/SVGAnimatedLength.cpp:
        * svg/SVGAnimatedLengthList.cpp:
        (WebCore::SVGAnimatedLengthListAnimator::constructFromString): Ditto.
        * svg/SVGAnimatedNumber.cpp:
        (WebCore::SVGAnimatedNumberAnimator::constructFromString): Ditto
        (WebCore::parseNumberFromString):
        * svg/SVGAnimatedNumberList.cpp:
        (WebCore::SVGAnimatedNumberListAnimator::constructFromString): Ditto.
        * svg/SVGAnimatedNumberOptionalNumber.cpp:
        (WebCore::SVGAnimatedNumberOptionalNumberAnimator::constructFromString): Ditto.
        * svg/SVGAnimatedPath.cpp:
        (WebCore::SVGAnimatedPathAnimator::constructFromString): Ditto.
        * svg/SVGAnimatedPointList.cpp:
        (WebCore::SVGAnimatedPointListAnimator::constructFromString): Ditto.
        * svg/SVGAnimatedPreserveAspectRatio.cpp:
        (WebCore::SVGAnimatedPreserveAspectRatioAnimator::constructFromString): Ditto.
        * svg/SVGAnimatedRect.cpp:
        (WebCore::SVGAnimatedRectAnimator::constructFromString): Ditto.
        * svg/SVGAnimatedString.cpp:
        (WebCore::SVGAnimatedStringAnimator::constructFromString): Ditto.
        * svg/SVGAnimatedTransformList.cpp:
        (WebCore::SVGAnimatedTransformListAnimator::constructFromString): Ditto.
        * svg/SVGLength.h:
        (WebCore::SVGLength::SVGLength): Delete unused constructor and create() method.
        * svg/SVGLengthListValues.h:
        (WebCore::SVGPropertyTraits<SVGLengthListValues>::fromString): New SVGPropertyTraits method.
        (WebCore::SVGPropertyTraits<SVGLengthListValues>::parse): Ditto.
        * svg/SVGMarkerElement.h:
        (WebCore::SVGPropertyTraits<SVGMarkerUnitsType>::highestEnumValue): Deleted.
        (WebCore::SVGPropertyTraits<SVGMarkerUnitsType>::toString): Deleted.
        (WebCore::SVGPropertyTraits<SVGMarkerUnitsType>::fromString): Deleted.
        (WebCore::SVGIDLEnumLimits<SVGMarkerOrientType>::highestExposedEnumValue): Deleted.
        (WebCore::SVGPropertyTraits<SVGMarkerOrientType>::highestEnumValue): Deleted.
        (WebCore::SVGPropertyTraits<SVGMarkerOrientType>::fromString): Deleted.
        * svg/SVGMarkerTypes.h: Added.
        (WebCore::SVGPropertyTraits<SVGMarkerUnitsType>::highestEnumValue):
        (WebCore::SVGPropertyTraits<SVGMarkerUnitsType>::toString):
        (WebCore::SVGPropertyTraits<SVGMarkerUnitsType>::fromString):
        (WebCore::SVGPropertyTraits<SVGMarkerOrientType>::highestEnumValue):
        (WebCore::SVGPropertyTraits<SVGMarkerOrientType>::fromString):
        (WebCore::SVGIDLEnumLimits<SVGMarkerOrientType>::highestExposedEnumValue):
        * svg/SVGMatrix.h: Delete unused constructor and create method.
        * svg/SVGNumber.h:
        (WebCore::SVGNumber::SVGNumber): Ditto.
        * svg/SVGNumberListValues.h:
        (WebCore::SVGPropertyTraits<SVGNumberListValues>::fromString): New SVGPropertyTraits method.
        * svg/SVGParserUtilities.cpp:
        (WebCore::parsePoint): This is moved from SVGAnimateMotionElement.cpp
        * svg/SVGParserUtilities.h:
        * svg/SVGPathByteStream.h:
        (WebCore::SVGPathByteStream::SVGPathByteStream):
        (WebCore::SVGPathByteStream::operator=): Add copy and move assignment operators.
        (WebCore::SVGPathByteStream::copy const): Use the copy assignment.
        (WebCore::SVGPathByteStream::isEmpty const): Use Data.isEmpty().
        (WebCore::SVGPropertyTraits<SVGPathByteStream>::initialValue): New SVGPropertyTraits method.
        (WebCore::SVGPropertyTraits<SVGPathByteStream>::fromString): Ditto.
        * svg/SVGPathUtilities.cpp:
        (WebCore::addToSVGPathByteStream): Answer Simon's questions which were added in r190844.
        * svg/SVGPoint.h:
        (WebCore::SVGPoint::SVGPoint): Delete unused constructor and create method.
        * svg/SVGPointListValues.h:
        (WebCore::SVGPropertyTraits<SVGPointListValues>::fromString): New SVGPropertyTraits method.
        * svg/SVGPolyElement.cpp:
        (WebCore::SVGPolyElement::parseAttribute): Use the move assignment operator.
        * svg/SVGPreserveAspectRatio.h:
        (WebCore::SVGPreserveAspectRatio::SVGPreserveAspectRatio): Delete unused constructor and create method.
        * svg/SVGPreserveAspectRatioValue.cpp:
        (WebCore::SVGPreserveAspectRatioValue::SVGPreserveAspectRatioValue): Add new constructor.
        * svg/SVGPreserveAspectRatioValue.h:
        (WebCore::SVGPropertyTraits<SVGPreserveAspectRatioValue>::fromString): New SVGPropertyTraits method.
        (WebCore::SVGPropertyTraits<SVGPreserveAspectRatioValue>::toString): Ditto.
        * svg/SVGRect.h:
        (WebCore::SVGRect::SVGRect): Delete unused constructor and create method.
        * svg/SVGRectTraits.h: Removed.
        * svg/SVGTransform.h:
        (WebCore::SVGTransform::SVGTransform): Delete unused constructor and create method.
        * svg/SVGTransformListValues.h:
        (WebCore::SVGPropertyTraits<SVGTransformListValues>::fromString): New SVGPropertyTraits method.
        * svg/properties/SVGPropertyTearOff.h: Delete unused create method.
        * svg/properties/SVGPropertyTraits.h: New SVGPropertyTraits methods.
        (WebCore::SVGPropertyTraits<bool>::fromString): 
        (WebCore::SVGPropertyTraits<Color>::initialValue):
        (WebCore::SVGPropertyTraits<Color>::fromString):
        (WebCore::SVGPropertyTraits<Color>::parse):
        (WebCore::SVGPropertyTraits<Color>::toString):
        (WebCore::SVGPropertyTraits<int>::fromString):
        (WebCore::SVGPropertyTraits<float>::fromString):
        (WebCore::SVGPropertyTraits<float>::parse):
        (WebCore::SVGPropertyTraits<FloatPoint>::initialValue):
        (WebCore::SVGPropertyTraits<FloatPoint>::fromString):
        (WebCore::SVGPropertyTraits<FloatPoint>::parse):
        (WebCore::SVGPropertyTraits<FloatPoint>::toString):
        (WebCore::SVGPropertyTraits<FloatRect>::initialValue):
        (WebCore::SVGPropertyTraits<FloatRect>::fromString):
        (WebCore::SVGPropertyTraits<FloatRect>::parse):
        (WebCore::SVGPropertyTraits<FloatRect>::toString):
        (WebCore::SVGPropertyTraits<String>::fromString):
        (WebCore::SVGPropertyTraits<String>::parse):
        (WebCore::SVGPropertyTraits<String>::toString):

2018-02-19  Antoine Quint  <graouts@apple.com>

        [Modern Media Controls] Implement a compact set of media controls
        https://bugs.webkit.org/show_bug.cgi?id=182937
        <rdar://problem/37682257>

        Reviewed by Eric Carlson.

        We add a new type of media controls used when we need stripped down and compact controls. The new
        CompactMediaControls only show a play/pause button and an invalid placard and disregard all media
        events that are not relevant to the display of these controls.

        To distinguish cases where we need to show compact media controls, we expose a new property on
        MediaControlsHost called "compactMode".

        Tests: media/modern-media-controls/compact-media-controls/compact-media-controls-constructor.html
               media/modern-media-controls/compact-media-controls/compact-media-controls-layout.html

        * Modules/mediacontrols/MediaControlsHost.cpp:
        (WebCore::MediaControlsHost::base64StringForIconNameAndType const):
        (WebCore::MediaControlsHost::compactMode const):
        * Modules/mediacontrols/MediaControlsHost.h:
        (WebCore::MediaControlsHost::setSimulateCompactMode):
        * Modules/mediacontrols/MediaControlsHost.idl:
        * Modules/modern-media-controls/controls/compact-media-controls.js: Added.
        (CompactMediaControls.prototype.get scaleFactor):
        (CompactMediaControls.prototype.set scaleFactor):
        (CompactMediaControls.prototype.get shouldCenterControlsVertically):
        (CompactMediaControls.prototype.set shouldCenterControlsVertically):
        (CompactMediaControls.prototype.get placard):
        (CompactMediaControls.prototype.set placard):
        (CompactMediaControls.prototype.layout):
        (CompactMediaControls.prototype.commitProperty):
        * Modules/modern-media-controls/controls/icon-service.js:
        (const.iconService.new.IconService.prototype._fileNameAndPlatformForIconAndLayoutTraits):
        (const.iconService.new.IconService):
        * Modules/modern-media-controls/controls/inline-media-controls.js:
        * Modules/modern-media-controls/controls/layout-item.js:
        * Modules/modern-media-controls/js-files:
        * Modules/modern-media-controls/main.js:
        * Modules/modern-media-controls/media/media-controller.js:
        (MediaController.prototype.get layoutTraits):
        (MediaController.prototype._supportingObjectClasses): Compute the set of MediaControllerSupport classes based
        on the layout traits such that in compact mode we only return PlacardSupport and PlaybackSupport.
        (MediaController.prototype._updateControlsIfNeeded):
        (MediaController.prototype._controlsClassForLayoutTraits):
        (MediaController.prototype._shouldControlsBeAvailable):
        * Modules/modern-media-controls/media/placard-support.js:
        (PlacardSupport.prototype.get mediaEvents): Only track the "error" event in compact mode since this is the only
        relevant placard.
        * Modules/modern-media-controls/media/playback-support.js:
        (PlaybackSupport.prototype.syncControl): Only show or hide the play/pause button based on the playback state
        when in compact mode.
        (PlaybackSupport):
        * WebCore.xcodeproj/project.pbxproj:

2018-02-19  Antoine Quint  <graouts@apple.com>

        [Web Animations] Make KeyframeEffect target nullable and read-write
        https://bugs.webkit.org/show_bug.cgi?id=182741

        Reviewed by Dean Jackson.

        We used to completely disregard null targets, for instance not parsing keyframes, but targets
        can be null and are also supposed to be read-write for KeyframeEffect. We now update the IDL
        for KeyframeEffect to mark the target property as read-write and update the implementation
        to correctly handle null targets.

        This revealed a few issues in our implementation by allowing more WPT tests to run. So we also
        ensure that:
        
        - we don't crash when parsing font-related properties by calling update() on the generated
        RenderStyle's FontCascade when parsing keyframes.

        - CSS properties are provided as camel-case and not as hyphenated form

        - values provided in keyframes dictionaries are only read for valid properties

        - styles for effect targets are invalidated as soon as the timing model for that animation
        is changed

        * animation/KeyframeEffect.idl:
        * animation/KeyframeEffectReadOnly.cpp:
        (WebCore::invalidateElement): Add a new utility method to invalidate a given element since
        we may want to invalidate not only the current target (m_target) but also a previous target.
        (WebCore::IDLAttributeNameToAnimationPropertyName): Move this function below CSSPropertyIDToIDLAttributeName
        so that it can call that function. We also check that we reject CSS properties that are not provided in
        camel-case form (eg. "font-size" vs. "fontSize").
        (WebCore::processIterableKeyframes): Only read the JS values if we know that the provided JS property name
        maps to a valid CSS property.
        (WebCore::KeyframeEffectReadOnly::processKeyframes): Allow keyframes to be processed even if the effect's
        target is null.
        (WebCore::KeyframeEffectReadOnly::setTarget): Notify the animation that the effect target has changed and
        invalidate the style of the new target and the old targets, if any. We also update the blending keyframes
        since this task may not have been completed in a previous call to processKeyframes() due to the target being
        null at that time.
        (WebCore::KeyframeEffectReadOnly::invalidate): Use the invalidateElement() utility.
        * animation/KeyframeEffectReadOnly.h:
        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::effectTargetDidChange): This method is called in KeyframeEffectReadOnly::setTarget()
        to inform the animation of the previous effect target and the new one upon a target change. This allows us to
        forward this information onto the timeline so that we correctly add or remove the targets from the list of
        animated elements.
        * animation/WebAnimation.h:

2018-02-19  Chris Dumez  <cdumez@apple.com>

        Crash under MIMETypeRegistry::isSupportedJavaScriptMIMEType()
        https://bugs.webkit.org/show_bug.cgi?id=182927
        <rdar://problem/37675748>

        Reviewed by Antti Koivisto.

        Make it safe to call MIMETypeRegistry::isSupportedJavaScriptMIMEType() from the non-main thread.
        It is currently being called from a background thread in the following places:
        - ServiceWorkerJob::didReceiveResponse()
        - WorkerGlobalScope::importScripts()

        These call sites on non-main threads were added recently with the support for service workers.

        No new tests, already covered by existing tests that flakily experience service worker
        process crashes.

        * platform/MIMETypeRegistry.cpp:
        (WebCore::MIMETypeRegistry::isSupportedJavaScriptMIMEType):

2018-02-19  Dean Jackson  <dino@apple.com>

        SIGFPE @ int WebCore::SVGToOTFFontConverter::scaleUnitsPerEm<int> const + 45
        https://bugs.webkit.org/show_bug.cgi?id=182944
        <rdar://problem/35369984>

        Reviewed by Myles Maxfield.

        Avoid a divide-by-zero.

        Test: svg/text/font-bad-unitsperem.html

        * svg/SVGFontFaceElement.cpp:
        (WebCore::SVGFontFaceElement::unitsPerEm const):

2018-02-19  Tim Horton  <timothy_horton@apple.com>

        REGRESSION (r219342): Touch event coordinates and elementFromPoint coordinates differ
        https://bugs.webkit.org/show_bug.cgi?id=182910
        <rdar://problem/37533950>

        Reviewed by Simon Fraser.

        We reverted other changes to the definition of client coordinates
        in r219829 due to compatibility concerns. However, we failed to revert
        r219342 on trunk, leaving elementFromPoint() using coordinates relative
        to the layout viewport.

        Add a currently off-by-default setting to switch on layout-viewport-relative
        client coordinates and guard the elementFromPoint changes behind it.
        A future patch should roll r219829 back in also behind this setting, so
        that everything remains consistent regardless of which coordinate space we choose.

        * dom/TreeScope.cpp:
        (WebCore::absolutePointIfNotClipped):
        * page/Settings.yaml:
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::hitTest):

2018-02-19  Eric Carlson  <eric.carlson@apple.com>

        [Extra zoom mode] Don't allow PiP media playback
        https://bugs.webkit.org/show_bug.cgi?id=182930
        <rdar://problem/37676259>

        Reviewed by Andy Estes.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerLayer): Don't call setPIPModeEnabled:
        if it isn't implemented.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenMode): Ditto.

2018-02-19  Antoine Quint  <graouts@apple.com>

        [Web Animations] Decouple parsing JS keyframes and computing blending keyframes
        https://bugs.webkit.org/show_bug.cgi?id=182939
        <rdar://problem/37678364>

        Reviewed by Dean Jackson.

        Move all the code used to create the KeyframeList into a dedicated updateBlendingKeyframes() method.

        No new tests since this code change has no user-visible impact.

        * animation/KeyframeEffectReadOnly.cpp:
        (WebCore::KeyframeEffectReadOnly::processKeyframes):
        (WebCore::KeyframeEffectReadOnly::updateBlendingKeyframes):
        * animation/KeyframeEffectReadOnly.h:

2018-02-19  Jer Noble  <jer.noble@apple.com>

        [EME] Add mechanism for MediaKeySession to react to HDCP changes
        https://bugs.webkit.org/show_bug.cgi?id=182935

        Reviewed by Eric Carlson.

        Add a client callback interface to CDMInterface to allow subclasses to communicate up to
        MediaKeySEssion. Add a virtual method to CDMInterface to allow it to be notified of HDCP
        status changes. Override this method in CDMInstanceFairPlayStreamingAVFObjC. Hook up the
        outputObscuredDueToInsufficientExternalProtectionChanged() methods in both
        MediaPlayerPrivateAVFoundationObjC and MediaPlayerPrivateMediaSourceAVFObjC to this new
        CDMInstance method. Add an Internals method to simulate an HDCP error for testing purposes.

        * Modules/encryptedmedia/MediaKeySession.cpp:
        (WebCore::MediaKeySession::MediaKeySession):
        (WebCore::MediaKeySession::~MediaKeySession):
        (WebCore::MediaKeySession::updateKeyStatuses):
        * Modules/encryptedmedia/MediaKeySession.h:
        * platform/encryptedmedia/CDMInstance.h:
        (WebCore::CDMInstance::setHDCPStatus):
        (WebCore::CDMInstance::setClient):
        (WebCore::CDMInstance::clearClient):
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::beginSimulatedHDCPError):
        (WebCore::MediaPlayer::endSimulatedHDCPError):
        * platform/graphics/MediaPlayer.h:
        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::beginSimulatedHDCPError):
        (WebCore::MediaPlayerPrivateInterface::endSimulatedHDCPError):
        * platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.h:
        * platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.mm:
        (WebCore::CDMInstanceFairPlayStreamingAVFObjC::setClient):
        (WebCore::CDMInstanceFairPlayStreamingAVFObjC::clearClient):
        (WebCore::CDMInstanceFairPlayStreamingAVFObjC::sessionIdentifierChanged):
        (WebCore::CDMInstanceFairPlayStreamingAVFObjC::outputObscuredDueToInsufficientExternalProtectionChanged):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::outputObscuredDueToInsufficientExternalProtectionChanged):
        (WebCore::playerKVOProperties):
        (-[WebCoreAVFMovieObserver observeValueForKeyPath:ofObject:change:context:]):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::outputObscuredDueToInsufficientExternalProtectionChanged):
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        (-[WebAVSampleBufferErrorListener observeValueForKeyPath:ofObject:change:context:]):
        (WebCore::SourceBufferPrivateAVFObjC::outputObscuredDueToInsufficientExternalProtectionChanged):
        * testing/Internals.cpp:
        (WebCore::Internals::beginSimulatedHDCPError):
        (WebCore::Internals::endSimulatedHDCPError):
        * testing/Internals.h:
        * testing/Internals.idl:

2018-02-19  Chris Dumez  <cdumez@apple.com>

        CrashTracer: com.apple.WebKit.WebContent at WebCore: WebCore::TimerBase::~TimerBase
        https://bugs.webkit.org/show_bug.cgi?id=182931
        <rdar://problem/37602962>

        Reviewed by Antti Koivisto.

        Make sure PlatformMediaResource is ThreadSafeRefCounted since it is being
        used from several threads in WebCoreNSURLSession. Also make sure it is
        always destroyed on the main thread since it ends up destroying a
        CachedRawResource object.

        No new tests, no known reproduction case.

        * platform/graphics/PlatformMediaResourceLoader.h:
        * platform/network/cocoa/WebCoreNSURLSession.mm:
        (-[WebCoreNSURLSessionDataTask dealloc]):

2018-02-19  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Rename RenderTreeBuilder::removeAndDestroyChild() -> removeAndDestroy()
        https://bugs.webkit.org/show_bug.cgi?id=182934
        <rdar://problem/37678241>

        Reviewed by Antti Koivisto.

        No change in functionality.

        * dom/Document.cpp:
        (WebCore::Document::setFullScreenRenderer):
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::removeAndDestroyAllContinuations):
        * rendering/RenderButton.cpp:
        (WebCore::RenderButton::setText):
        * rendering/RenderFullScreen.cpp:
        (WebCore::RenderFullScreen::willBeDestroyed):
        (WebCore::RenderFullScreen::unwrapRenderer):
        * rendering/RenderListItem.cpp:
        (WebCore::RenderListItem::willBeDestroyed):
        * rendering/RenderTextFragment.cpp:
        (WebCore::RenderTextFragment::willBeDestroyed):
        (WebCore::RenderTextFragment::setText):
        * rendering/RenderView.cpp:
        (WebCore::RenderView::willBeDestroyed):
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::removeAndDestroy):
        (WebCore::RenderTreeBuilder::removeFromParentAndDestroyCleaningUpAnonymousWrappers):
        (WebCore::RenderTreeBuilder::removeAndDestroyChild): Deleted.
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderBlock.cpp:
        (WebCore::RenderTreeBuilder::Block::takeChild):
        * rendering/updating/RenderTreeBuilderFirstLetter.cpp:
        (WebCore::RenderTreeBuilder::FirstLetter::updateStyle):
        (WebCore::RenderTreeBuilder::FirstLetter::createRenderers):
        * rendering/updating/RenderTreeBuilderList.cpp:
        (WebCore::RenderTreeBuilder::List::updateItemMarker):
        * rendering/updating/RenderTreeBuilderMultiColumn.cpp:
        (WebCore::RenderTreeBuilder::MultiColumn::destroyFragmentedFlow):
        (WebCore::RenderTreeBuilder::MultiColumn::handleSpannerRemoval):
        * rendering/updating/RenderTreeBuilderRuby.cpp:
        (WebCore::RenderTreeBuilder::Ruby::moveBlockChildren):
        (WebCore::RenderTreeBuilder::Ruby::takeChild):

2018-02-19  Daniel Bates  <dabates@apple.com>

        Do not block authentication challenge to navigated resources
        https://bugs.webkit.org/show_bug.cgi?id=182807
        <rdar://problem/37481619>

        Reviewed by Brent Fulgham.

        Blocking the main resource from asking for credentials depending on how it was
        navigated to could be confusing to a person and breaks web compatibility. Restore
        the behavior before r224134.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::receivedFirstData):
        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::init):
        (WebCore::ResourceLoader::willSendRequestInternal):
        (WebCore::ResourceLoader::didBlockAuthenticationChallenge):
        (WebCore::ResourceLoader::isAllowedToAskUserForCredentials const):
        (WebCore::ResourceLoader::isMixedContent const): Deleted.
        * loader/ResourceLoader.h:
        (WebCore::ResourceLoader::wasAuthenticationChallengeBlocked const):
        (WebCore::ResourceLoader::wasInsecureRequestSeen const): Deleted.

2018-02-17  Antoine Quint  <graouts@apple.com>

        [Web Animations] Store all parsed keyframe input information in a single structure
        https://bugs.webkit.org/show_bug.cgi?id=182903

        Reviewed by Dean Jackson.

        When parsing keyframe input provided through the JS API, we used to create several data structures.
        During parsing we would create a Vector<ProcessedKeyframe> where we would store the validated values
        for "offset", "easing" and "composite" as well as CSS properties and CSS values as strings. 

        Then we would create a KeyframeList, a class that pre-dates the work on Web Animations and is used
        for hardware animations, with RenderStyle objects that are used for CSS property blending at runtime.
        Once the KeyframeList was created, the Vector<ProcessedKeyframe> was discarded.

        Since KeyframeList did not know about nullable offsets, timing functions and composite operations, and
        because we do not with to modify a legacy class that we will eventually remove once all the Web Animations
        work is complete, we also stored the parsed offsets as m_offsets, the timing functions as m_timingFunctions
        and the composite operations as m_compositeOperations.

        In this patch we rename the ProcessedKeyframe structure used temporarily during parsing to ParsedKeyframe and
        store both the input and processed data related to a given keyframe in that single structure which we keep
        around as m_parsedKeyframes when we finished processing the keyframes input. This update ParsedKeyframe structure
        allows to keep around the original nullable offsets, the original CSS properties and CSS values as strings as
        a HashMap<CSSPropertyID, String>, as well as the CSS properties and CSS values as CSSValue objects using a
        MutableStyleProperties object. 

        This has the benefit of reducing the number of members, but also pave the way for supporting read-write targets
        where we will be able to decouple parsing keyframes and creating a KeyframeList, which requires a valid target
        to create RenderStyle objects used for blending, since the original parsing-time information is now stored.

        Finally, this allowed getKeyframes() to be more compliant by returning the CSS values as originally provided in
        the keyframe input with shorthand properties when provided, rather than the long-hands we used to read back
        through RenderStyle objects.

        The generated KeyframeList is now stored as m_blendingKeyframes and is only used for the purpose of interfacing
        with hardware animations and CSS property blending.

        While ProcessedKeyframe was copyable due to holding only simple types, ParsedKeyframe is not since it uses a Ref
        to hold the MutableStyleProperties. This uncovered some cases where we copied ProcessedKeyframe objects, we now
        ensure that the ParsedKeyframe objects are moved instead, which was the correct thing to do all along.

        * animation/KeyframeEffectReadOnly.cpp:
        (WebCore::computeMissingKeyframeOffsets): While we used to store std::optional<double> for the computed offset,
        we now store a simple double, which makes more sense since the computed offset is eventually a fully resolved
        value after calling computeMissingKeyframeOffsets(). So we now compute the final computed offset without resorting
        to intermediate nullable computed offsets.
        (WebCore::processIterableKeyframes):
        (WebCore::processPropertyIndexedKeyframes):
        (WebCore::KeyframeEffectReadOnly::KeyframeEffectReadOnly):
        (WebCore::KeyframeEffectReadOnly::copyPropertiesFromSource):
        (WebCore::KeyframeEffectReadOnly::getKeyframes):
        (WebCore::KeyframeEffectReadOnly::processKeyframes):
        (WebCore::KeyframeEffectReadOnly::computeStackingContextImpact):
        (WebCore::KeyframeEffectReadOnly::shouldRunAccelerated):
        (WebCore::KeyframeEffectReadOnly::getAnimatedStyle):
        (WebCore::KeyframeEffectReadOnly::setAnimatedPropertiesInStyle):
        (WebCore::KeyframeEffectReadOnly::startOrStopAccelerated):
        * animation/KeyframeEffectReadOnly.h:
        (WebCore::KeyframeEffectReadOnly::ParsedKeyframe::ParsedKeyframe):

2018-02-19  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Remove redundant RenderObject::removeFromParentAndDestroy
        https://bugs.webkit.org/show_bug.cgi?id=182926
        <rdar://problem/37674997>

        Reviewed by Antti Koivisto.

        Call RenderTreeBuilder::removeAndDestroyChild() directly instead. 

        No change in functionality.

        * dom/Document.cpp:
        (WebCore::Document::setFullScreenRenderer):
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::removeAndDestroyAllContinuations):
        * rendering/RenderButton.cpp:
        (WebCore::RenderButton::setText):
        * rendering/RenderFullScreen.cpp:
        (WebCore::RenderFullScreen::willBeDestroyed):
        (WebCore::RenderFullScreen::unwrapRenderer):
        * rendering/RenderListItem.cpp:
        (WebCore::RenderListItem::willBeDestroyed):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::removeFromParentAndDestroy): Deleted.
        * rendering/RenderObject.h:
        * rendering/RenderTextFragment.cpp:
        (WebCore::RenderTextFragment::willBeDestroyed):
        (WebCore::RenderTextFragment::setText):
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::removeFromParentAndDestroyCleaningUpAnonymousWrappers):
        * rendering/updating/RenderTreeBuilderBlock.cpp:
        (WebCore::RenderTreeBuilder::Block::takeChild):
        * rendering/updating/RenderTreeBuilderList.cpp:
        (WebCore::RenderTreeBuilder::List::updateItemMarker):
        * rendering/updating/RenderTreeBuilderMultiColumn.cpp:
        (WebCore::RenderTreeBuilder::MultiColumn::destroyFragmentedFlow):
        (WebCore::RenderTreeBuilder::MultiColumn::handleSpannerRemoval):
        * rendering/updating/RenderTreeBuilderRuby.cpp:
        (WebCore::RenderTreeBuilder::Ruby::moveBlockChildren):
        (WebCore::RenderTreeBuilder::Ruby::takeChild):

2018-02-19  Tim Horton  <timothy_horton@apple.com>

        Increase text autosizing constants for extra zoom mode
        https://bugs.webkit.org/show_bug.cgi?id=182919
        <rdar://problem/37671259>

        Reviewed by Wenson Hsieh.

        * page/Settings.yaml:
        * page/SettingsBase.cpp:
        (WebCore::SettingsBase::defaultMinimumZoomFontSize):
        (WebCore::SettingsBase::defaultOneLineTextMultiplierCoefficient):
        (WebCore::SettingsBase::defaultMultiLineTextMultiplierCoefficient):
        (WebCore::SettingsBase::defaultMaxTextAutosizingScaleIncrease):
        * page/SettingsBase.h:
        * rendering/RenderBlockFlow.cpp:
        (WebCore::oneLineTextMultiplier):
        (WebCore::textMultiplier):
        (WebCore::RenderBlockFlow::adjustComputedFontSizes):
        * rendering/TextAutoSizing.cpp:
        (WebCore::TextAutoSizingValue::adjustTextNodeSizes):
        Make autosizing constants settings, and change their default values.

2018-02-17  Antoine Quint  <graouts@apple.com>

        [Web Animations] Accept null composite modes in keyframes
        https://bugs.webkit.org/show_bug.cgi?id=182902

        Reviewed by Dean Jackson.

        The Web Animations spec used to specify that that composite modes should be non-null and instead not be
        provided when specifying keyframes, but now null values are accepted. We update the IDL input types used
        when parsing keyframes to allow for null values.

        We had already updated the getKeyframes() output in webkit.org/b/182600.

        * animation/KeyframeEffectReadOnly.cpp:
        (WebCore::processIterableKeyframes):
        (WebCore::processKeyframeLikeObject):
        (WebCore::processPropertyIndexedKeyframes):
        * animation/KeyframeEffectReadOnly.h:
        * animation/KeyframeEffectReadOnly.idl:

2018-02-19  Ms2ger  <Ms2ger@igalia.com>

        Explicitly qualify some method calls on this in lamdas in Service Worker code.
        https://bugs.webkit.org/show_bug.cgi?id=182875

        Reviewed by Chris Dumez.

        This is necessary for the code to build with GCC 5. Other code already
        appears to have been adapted similarly.

        No change in functionality.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::redirectReceived):
        (WebCore::DocumentLoader::startLoadingMainResource):
        * workers/service/ServiceWorkerContainer.cpp:
        (WebCore::ServiceWorkerContainer::ready):
        (WebCore::ServiceWorkerContainer::getRegistration):
        (WebCore::ServiceWorkerContainer::getRegistrations):
        (WebCore::ServiceWorkerContainer::didFinishGetRegistrationsRequest):
        * workers/service/ServiceWorkerGlobalScope.cpp:
        (WebCore::ServiceWorkerGlobalScope::updateExtendedEventsSet):
        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::claim):
        (WebCore::SWServer::Connection::resolveRegistrationReadyRequests):
        * workers/service/server/SWServerRegistration.cpp:
        (WebCore::SWServerRegistration::updateRegistrationState):
        (WebCore::SWServerRegistration::setUpdateViaCache):
        (WebCore::SWServerRegistration::setLastUpdateTime):
        (WebCore::SWServerRegistration::fireUpdateFoundEvent):
        * workers/service/server/SWServerWorker.cpp:
        (WebCore::SWServerWorker::setState):

2018-02-19  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderElement::removeAndDestroyChild() to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182915
        <rdar://problem/37658123>

        Reviewed by Antti Koivisto.

        No change in functionality.

        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::removeAndDestroyChild): Deleted.
        * rendering/RenderElement.h:
        (WebCore::RenderElement::isChildAllowed const):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::removeFromParentAndDestroy):
        * rendering/RenderView.cpp:
        (WebCore::RenderView::willBeDestroyed):
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::removeAndDestroyChild):
        (WebCore::RenderTreeBuilder::removeFromParentAndDestroyCleaningUpAnonymousWrappers):
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderFirstLetter.cpp:
        (WebCore::RenderTreeBuilder::FirstLetter::updateStyle):
        (WebCore::RenderTreeBuilder::FirstLetter::createRenderers):

2018-02-12  Sergio Villar Senin  <svillar@igalia.com>

        [WebVR][OpenVR] Implement getVRDisplays()
        https://bugs.webkit.org/show_bug.cgi?id=182692

        Reviewed by Žan Doberšek.

        This provides an implementation of Navigator's getVRDisplays()
        method using OpenVR as backend. It queues several promises in
        a queue and resolves them all just once. The information retrieved
        is very minimal for the time being, but this change lays the ground
        for all the changes that are about to land.

        The VR code uses a VRManager which is the interface with the
        platform code and the responsible for instantiating the right
        platform code. This platform code is currently being implemented
        using OpenVR but could we also ported in the future to OpenXR or any
        other VR SDK.

        * CMakeLists.txt:
        * Modules/webvr/NavigatorWebVR.cpp:
        (WebCore::NavigatorWebVR::getVRDisplays):
        (WebCore::NavigatorWebVR::vrEnabled):
        * Modules/webvr/NavigatorWebVR.h:
        * Modules/webvr/VRDisplay.cpp:
        (WebCore::VRDisplay::create):
        (WebCore::VRDisplay::VRDisplay):
        (WebCore::VRDisplay::isConnected const):
        (WebCore::VRDisplay::displayName const):
        * Modules/webvr/VRDisplay.h:
        * Modules/webvr/VRDisplayCapabilities.cpp:
        (WebCore::VRDisplayCapabilities::VRDisplayCapabilities):
        (WebCore::VRDisplayCapabilities::hasPosition const):
        (WebCore::VRDisplayCapabilities::hasOrientation const):
        (WebCore::VRDisplayCapabilities::hasExternalDisplay const):
        (WebCore::VRDisplayCapabilities::canPresent const):
        (WebCore::VRDisplayCapabilities::maxLayer const):
        * Modules/webvr/VRDisplayCapabilities.h:
        (WebCore::VRDisplayCapabilities::create):
        * Sources.txt:
        * platform/vr/VRManager.cpp: Added. This is the main interface used by bindings code to
        access VR devices data provided by platform code.
        (WebCore::VRManager::singleton):
        (WebCore::VRManager::VRManager):
        (WebCore::VRManager::~VRManager):
        (WebCore::VRManager::refreshVRDevices):
        * platform/vr/VRManager.h: Added.
        * platform/vr/VRPlatformDisplay.h: Added. Abstraction of a VR display system. To be
        implemented by backends like OpenVR, OpenXR...
        * platform/vr/VRPlatformManager.h: Added. Abstraction of the platform specific class which
        retrieves data from VR devices. To be implemented by backends like OpenVR, OpenXR...
        * platform/vr/openvr/VRPlatformDisplayOpenVR.cpp: Added.
        (WebCore::VRPlatformDisplayOpenVR::VRPlatformDisplayOpenVR):
        * platform/vr/openvr/VRPlatformDisplayOpenVR.h: Added.
        * platform/vr/openvr/VRPlatformManagerOpenVR.cpp: Added.
        (WebCore::VRPlatformManagerOpenVR::create):
        (WebCore::VRPlatformManagerOpenVR::VRPlatformManagerOpenVR):
        (WebCore::VRPlatformManagerOpenVR::~VRPlatformManagerOpenVR):
        (WebCore::VRPlatformManagerOpenVR::initOpenVR):
        * platform/vr/openvr/VRPlatformManagerOpenVR.h: Added.
        * WebCore.xcodeproj/project.pbxproj:

2018-02-19  Manuel Rego Casasnovas  <rego@igalia.com>

        [css-grid] Apply automatic minimum size clamping to spanning items too
        https://bugs.webkit.org/show_bug.cgi?id=182684

        Reviewed by Javier Fernandez.

        In r225776 we added the conditions from the spec to apply
        the automatic minimum size clamping when required
        but only to non-spanning items.
        See: https://drafts.csswg.org/css-grid/#min-size-auto

        This patch moves the code from GridTrackSizingAlgorithm::sizeTrackToFitNonSpanningItem()
        to GridTrackSizingAlgorithmStrategy::minSizeForChild()
        that way the clamping is applied for both spanning and non-spanning items.

        This somehow reverts r225776, as it was adding some duplicated code.
        All the checks to know if we should use that part of the spec
        were already present in GridTrackSizingAlgorithmStrategy::minSizeForChild().

        Apart from using the previous code, there's a new loop to verify
        that the max track sizing function is fixed for all the tracks of the item.

        Tests: imported/w3c/web-platform-tests/css/css-grid/grid-items/grid-minimum-size-grid-items-024.html
               imported/w3c/web-platform-tests/css/css-grid/grid-items/grid-minimum-size-grid-items-025.html

        * rendering/GridTrackSizingAlgorithm.cpp:
        (WebCore::GridTrackSizingAlgorithm::sizeTrackToFitNonSpanningItem):
        (WebCore::GridTrackSizingAlgorithmStrategy::minSizeForChild const):

2018-02-19  Philippe Normand  <pnormand@igalia.com>

        [GTK][GStreamer] Replaying a webm video twice causes the video to stop getting rendered
        https://bugs.webkit.org/show_bug.cgi?id=176789

        Reviewed by Xabier Rodriguez-Calvar.

        Ensure the wrapped GstGLContext is set when the pipeline goes from
        READY to PAUSED state. This is a workaround for
        https://bugzilla.gnome.org/show_bug.cgi?id=757933.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::~MediaPlayerPrivateGStreamer): Add debug statement.
        (WebCore::MediaPlayerPrivateGStreamer::readyTimerFired): Ditto.
        (WebCore::MediaPlayerPrivateGStreamer::changePipelineState):
        Ensure the wrapped GstGLContext is set when the pipeline goes from
        READY to PAUSED state.
        (WebCore::MediaPlayerPrivateGStreamer::didEnd): Add debug statement.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        Change the requestGLContext to be a method instead of a static
        function. Being a static function was a requirement for the now-removed OpenWebRTC player.
        (WebCore::MediaPlayerPrivateGStreamerBase::handleSyncMessage): Add
        debug statement, fix requestGLContext usage.
        (WebCore::MediaPlayerPrivateGStreamerBase::requestGLContext): Refactor as method.
        (WebCore::MediaPlayerPrivateGStreamerBase::flushCurrentBuffer): Fix requestGLContext usage.
        (WebCore::MediaPlayerPrivateGStreamerBase::createVideoSinkGL): Remove fixed FIXME.
        (WebCore::MediaPlayerPrivateGStreamerBase::ensureGLVideoSinkContext):
        Set display and app wrapped contexts on the video sink.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:

2018-02-19  Xabier Rodriguez Calvar  <calvaris@igalia.com>

        [GStreamer] Crash in WebCore::MediaPlayerRequestInstallMissingPluginsCallback::complete
        https://bugs.webkit.org/show_bug.cgi?id=166733

        Reviewed by Philippe Normand.

        There are a couple of issues to tackle here.

        First is handling getting more than one missing plugin
        installation request at the same time. For this we add the request
        to a Vector and handle them there.

        Second is that if the player is dead and we still get the result,
        bad things happen. For that we "weaked" the pointer capture by the
        lambda.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::~MediaPlayerPrivateGStreamer):
        Handle Vector of callbacks.
        (WebCore::MediaPlayerPrivateGStreamer::handleMessage): Weak
        private player pointer and put the callback in the Vector.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
        Callback becomes Vector.
        * platform/graphics/gstreamer/MediaPlayerRequestInstallMissingPluginsCallback.h:
        (WebCore::MediaPlayerRequestInstallMissingPluginsCallback::create):
        (WebCore::MediaPlayerRequestInstallMissingPluginsCallback::complete):
        (WebCore::MediaPlayerRequestInstallMissingPluginsCallback::MediaPlayerRequestInstallMissingPluginsCallback):
        Callback function is refactored into a "using" type and added self
        as parameter to the function.

2018-02-19  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] Playbin3 support
        https://bugs.webkit.org/show_bug.cgi?id=182530

        Reviewed by Xabier Rodriguez-Calvar.

        This patch introduces opt-in support for the playbin3 GStreamer
        element. This new playback element is still considered
        experimental but it can still be very useful for media assets
        containing multiple tracks of the same type. In such scenario
        audio/video decoders would be created only for the selected tracks
        whereas playbin2 creates decoder for each track.

        * platform/graphics/gstreamer/AudioTrackPrivateGStreamer.cpp: Take
        a weak pointer of the media player instead of playbin and call the
        player when enabling tracks. Also use the GstStream API instead of
        inspecting the pad when playbin3 is used.
        (WebCore::AudioTrackPrivateGStreamer::AudioTrackPrivateGStreamer):
        (WebCore::AudioTrackPrivateGStreamer::disconnect):
        (WebCore::AudioTrackPrivateGStreamer::markAsActive):
        (WebCore::AudioTrackPrivateGStreamer::setEnabled):
        * platform/graphics/gstreamer/AudioTrackPrivateGStreamer.h:
        * platform/graphics/gstreamer/GRefPtrGStreamer.cpp: GstStream and
        GstStreamCollection smart pointer support.
        (WTF::adoptGRef):
        (WTF::refGPtr<GstStream>):
        (WTF::derefGPtr<GstStream>):
        (WTF::refGPtr<GstStreamCollection>):
        (WTF::derefGPtr<GstStreamCollection>):
        * platform/graphics/gstreamer/GRefPtrGStreamer.h:
        * platform/graphics/gstreamer/InbandTextTrackPrivateGStreamer.cpp:
        Use the GstStream API instead of inspecting the pad when playbin3
        is used.
        (WebCore::InbandTextTrackPrivateGStreamer::InbandTextTrackPrivateGStreamer):
        (WebCore::InbandTextTrackPrivateGStreamer::disconnect):
        * platform/graphics/gstreamer/InbandTextTrackPrivateGStreamer.h:
        (WebCore::InbandTextTrackPrivateGStreamer::create):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::~MediaPlayerPrivateGStreamer):
        m_{audio,video,text}Tracks are now hashmaps, which is a bit more
        convenient to use than Vectors.
        (WebCore::MediaPlayerPrivateGStreamer::updateTracks): Update our
        tracks implementations depending on the streams stored in the
        collection.
        (WebCore::MediaPlayerPrivateGStreamer::enableTrack): Activate the
        given track. This method is called by the TrackPrivate
        implementations.
        (WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfVideo):
        Refactored legacy (playbin2) support for track hashmap storage.
        (WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfAudio): Ditto.
        (WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfText): Ditto.
        (WebCore::MediaPlayerPrivateGStreamer::newTextSample): Use track hashmap storage.
        (WebCore::MediaPlayerPrivateGStreamer::handleMessage): React on
        playbin3 GstStream messages, store the collection provided and
        activate the given selected streams accordingly.
        (WebCore::MediaPlayerPrivateGStreamer::purgeInvalidAudioTracks): Invalidate tracks no longer needed.
        (WebCore::MediaPlayerPrivateGStreamer::purgeInvalidVideoTracks): Ditto.
        (WebCore::MediaPlayerPrivateGStreamer::purgeInvalidTextTracks): Ditto.
        (WebCore::MediaPlayerPrivateGStreamer::sourceSetupCallback):
        Refactoring, use source-setup signal instead of the source
        property which is not supported in playbin3.
        (WebCore::MediaPlayerPrivateGStreamer::uriDecodeBinElementAddedCallback):
        Promoted logging messages, GST_TRACE should be used for very
        frequent and less interesting messages.
        (WebCore::MediaPlayerPrivateGStreamer::downloadBufferFileCreatedCallback): Ditto.
        (WebCore::MediaPlayerPrivateGStreamer::sourceSetup): Called by the source-setup signal handler.
        (WebCore::MediaPlayerPrivateGStreamer::setDownloadBuffering): Debugging message added.
        (WebCore::MediaPlayerPrivateGStreamer::setPreload): Ditto.
        (WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin): Create a
        playbin3 element if USE(GSTREAMER_PLAYBIN3) was enabled and
        connect to playbin2 signals otherwise.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
        (WebCore::MediaPlayerPrivateGStreamer::createWeakPtr): Promoted to public.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
        New StreamCollectionChanged notification type, used the sub-class.
        * platform/graphics/gstreamer/TrackPrivateBaseGStreamer.cpp:
        (WebCore::TrackPrivateBaseGStreamer::TrackPrivateBaseGStreamer): Support for GstStream API.
        (WebCore::TrackPrivateBaseGStreamer::disconnect): Clear GstStream too.
        (WebCore::TrackPrivateBaseGStreamer::tagsChanged): Get tags from GstStream.
        (WebCore::TrackPrivateBaseGStreamer::notifyTrackOfActiveChanged): No need to check m_pad twice.
        (WebCore::TrackPrivateBaseGStreamer::notifyTrackOfTagsChanged): Ditto.
        * platform/graphics/gstreamer/TrackPrivateBaseGStreamer.h:
        * platform/graphics/gstreamer/VideoTrackPrivateGStreamer.cpp: Take
        a weak pointer of the media player instead of playbin and call the
        player when enabling tracks. Also use the GstStream API instead of
        inspecting the pad when playbin3 is used.
        (WebCore::VideoTrackPrivateGStreamer::VideoTrackPrivateGStreamer):
        (WebCore::VideoTrackPrivateGStreamer::disconnect):
        (WebCore::VideoTrackPrivateGStreamer::markAsActive):
        (WebCore::VideoTrackPrivateGStreamer::setSelected):
        * platform/graphics/gstreamer/VideoTrackPrivateGStreamer.h:
        * platform/graphics/gstreamer/mse/AppendPipeline.cpp: Pass player pointer to track constructor.
        (WebCore::AppendPipeline::connectDemuxerSrcPadToAppsink):
        * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp: Source-setup signal handler.
        (WebCore::MediaPlayerPrivateGStreamerMSE::sourceSetup):
        * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.h:

2018-02-19  Fujii Hironori  <Hironori.Fujii@sony.com>

        REGRESSION(r219298): RELEASE_ASSERT(!m_owningPointerForClose) fails in WebCore::IDBServer::UniqueIDBDatabase::scheduleShutdownForClose
        https://bugs.webkit.org/show_bug.cgi?id=174354
        <rdar://problem/33294987>

        Reviewed by Michael Catanzaro.

        UniqueIDBDatabase::invokeOperationAndTransactionTimer was called
        even after m_owningPointerForClose was set in
        UniqueIDBDatabase::didDeleteBackingStore.

        No new tests (Covered by existing tests).

        * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
        (WebCore::IDBServer::UniqueIDBDatabase::didDeleteBackingStore):
        Do not start deleting the UniqueIDBDatabase. Just call invokeOperationAndTransactionTimer.
        (WebCore::IDBServer::UniqueIDBDatabase::invokeOperationAndTransactionTimer):
        Assert m_owningPointerForClose is null.

2018-02-18  Yoshiaki Jitsukawa  <Yoshiaki.Jitsukawa@sony.com>

        Fix build error after r228417 without ACCESSIBILITY
        https://bugs.webkit.org/show_bug.cgi?id=182914

        Reviewed by Chris Fleizach.

        An inline empty version of AXObjectCache::deferFocusdUIElementChangeIfNeeded()
        needs to be defined if not HAVE(ACCESSIBILITY). 

        * accessibility/AXObjectCache.h:
        (WebCore::AXObjectCache::deferFocusedUIElementChangeIfNeeded):

2018-02-18  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] REGRESSION(r228238) Detach renderer before destroying its subtree.
        https://bugs.webkit.org/show_bug.cgi?id=182908
        <rdar://problem/37619394>

        Reviewed by Antti Koivisto.

        Prior to r228238 we first detached the to-be-destroyed renderer and then
        started nuking its descendants. r228238 changed the order and now the descendants are
        destroyed while they are still attached to the tree. Apparently some of the takeChild()
        normalization logic gets triggered now that the renderers still have access to their previous/next
        siblings. This is unexpected and it shouldn't matter whether the subtree is still attached.
        Let's revert it to the original order for now (see webkit.org/b/182909).

        Test: fast/block/crash-when-subtree-is-still-attached.html

        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::removeAndDestroyChild):

2018-02-18  Charlie Turner  <cturner@igalia.com>

        [GStreamer] Push smaller buffers from HTTP source
        https://bugs.webkit.org/show_bug.cgi?id=182829

        Reviewed by Philippe Normand.

        Split the received buffer into smaller buffers of a size consistent
        with the basesrc (4KiB). It is important not to push large buffers
        into the appsrc (where large is relative to the appsrc's configured
        byte size). If large buffers are pushed, then when they are internally
        dequeued by the appsrc, the buffering percentage can dramatically
        plummet due to a large amount of bytes being removed after a push. This
        can in turn trick the media player into thinking it needs to buffer,
        and then issuing a spurious set of playing->paused then
        paused->playing transitions, which by the time the buffering logic
        completes, data are already available.

        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (CachedResourceStreamingClient::dataReceived):

2018-02-17  Darin Adler  <darin@apple.com>

        Web Inspector: get rid of remaining uses of OptOutput<T>
        https://bugs.webkit.org/show_bug.cgi?id=180607

        Reviewed by Brian Burg.

        * inspector/InspectorStyleSheet.cpp:
        (WebCore::buildSourceRangeObject): Take a const Vector& instead of a Vector*.
        (WebCore::InspectorStyle::buildObjectForStyle const): Pass lineEndings() instead
        of lineEndings().get().
        (WebCore::InspectorStyle::styleWithProperties const): Ditto.
        (WebCore::InspectorStyleSheet::buildObjectForSelectorList): Ditto.
        (WebCore::InspectorStyleSheet::lineEndings const): Return a Vector instead of
        a std::unique_ptr<Vector>.
        (WebCore::InspectorStyleSheetForInlineStyle::lineEndings const): Ditto.
        * inspector/InspectorStyleSheet.h: Updated for the above.

        * inspector/agents/InspectorCSSAgent.h: Removed some bogus const.
        * inspector/agents/InspectorCanvasAgent.cpp: Ditto.
        * inspector/agents/InspectorCanvasAgent.h: Ditto.

        * inspector/agents/InspectorDOMDebuggerAgent.cpp: Improved type of global strings
        so we don't waste space with a pointer to the string.
        (WebCore::InspectorDOMDebuggerAgent::setEventListenerBreakpoint): Removed
        explicit creation of String, which was wasteful and unnecessary.
        (WebCore::InspectorDOMDebuggerAgent::setInstrumentationBreakpoint): Ditto.
        (WebCore::InspectorDOMDebuggerAgent::removeEventListenerBreakpoint): Ditto.
        (WebCore::InspectorDOMDebuggerAgent::removeInstrumentationBreakpoint): Ditto.
        (WebCore::InspectorDOMDebuggerAgent::setXHRBreakpoint): Removed bogus const.

        * inspector/agents/InspectorDOMDebuggerAgent.h: Removed bogus const and use
        final instead of override.
        * inspector/agents/InspectorPageAgent.cpp: Ditto.
        * inspector/agents/InspectorPageAgent.h: Ditto.

2018-02-16  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Cleanup RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182899
        <rdar://problem/37627888>

        Reviewed by Antti Koivisto.

        No change in functionality.

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::styleDidChange):
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::takeChild):
        (WebCore::RenderTreeBuilder::moveChildTo):
        (WebCore::RenderTreeBuilder::moveAllChildrenTo):
        (WebCore::RenderTreeBuilder::moveChildrenTo):
        (WebCore::RenderTreeBuilder::moveAllChildrenIncludingFloatsTo):
        (WebCore::RenderTreeBuilder::makeChildrenNonInline):
        (WebCore::RenderTreeBuilder::splitAnonymousBoxesAroundChild):
        (WebCore::RenderTreeBuilder::takeChildFromRenderMenuList): Deleted.
        (WebCore::RenderTreeBuilder::takeChildFromRenderButton): Deleted.
        * rendering/updating/RenderTreeBuilder.h:
        (WebCore::RenderTreeBuilder::current):
        * rendering/updating/RenderTreeBuilderBlock.cpp:
        (WebCore::RenderTreeBuilder::Block::dropAnonymousBoxChild):
        * rendering/updating/RenderTreeBuilderBlockFlow.cpp:
        (WebCore::RenderTreeBuilder::BlockFlow::moveAllChildrenIncludingFloatsTo):
        * rendering/updating/RenderTreeBuilderFormControls.cpp:
        (WebCore::RenderTreeBuilder::FormControls::takeChild):
        * rendering/updating/RenderTreeBuilderFormControls.h:
        * rendering/updating/RenderTreeBuilderMultiColumn.cpp:
        (WebCore::RenderTreeBuilder::MultiColumn::createFragmentedFlow):
        (WebCore::RenderTreeBuilder::MultiColumn::destroyFragmentedFlow):
        * rendering/updating/RenderTreeBuilderRuby.cpp:
        (WebCore::RenderTreeBuilder::Ruby::moveInlineChildren):
        (WebCore::RenderTreeBuilder::Ruby::moveBlockChildren):
        (WebCore::RenderTreeBuilder::Ruby::takeChild):
        * rendering/updating/RenderTreeBuilderTable.cpp:
        (WebCore::RenderTreeBuilder::Table::collapseAndDestroyAnonymousSiblingRows):

2018-02-16  Daniel Bates  <dabates@apple.com>

        Remove UTF-32 BOM parsing code
        https://bugs.webkit.org/show_bug.cgi?id=182900
        <rdar://problem/37238717>

        Reviewed by Alexey Proskuryakov.

        The UTF-32 encodings were removed from the text codec registry in r224747. So,
        we no longer need code to parse UTF-32{BE, LE} BOM or encode and decode these
        variants.

        * dom/TextDecoder.cpp:
        (WebCore::codeUnitByteSize):
        * loader/TextResourceDecoder.cpp:
        (WebCore::TextResourceDecoder::checkForBOM):
        (WebCore::TextResourceDecoder::checkForHeadCharset):
        * platform/text/TextEncoding.cpp:
        (WebCore::TextEncoding::isNonByteBasedEncoding const):
        (WebCore::UTF32BigEndianEncoding): Deleted.
        (WebCore::UTF32LittleEndianEncoding): Deleted.
        * platform/text/TextEncoding.h:

2018-02-16  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderBoxModelObject::moveChild*() to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182896
        <rdar://problem/37623051>

        Reviewed by Antti Koivisto.

        No change in functionality.

        * rendering/RenderBlock.h:
        (WebCore::RenderBlock::moveAllChildrenIncludingFloatsTo): Deleted.
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::styleDidChange):
        (WebCore::RenderBlockFlow::moveAllChildrenIncludingFloatsTo): Deleted.
        * rendering/RenderBlockFlow.h:
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::moveChildTo): Deleted.
        (WebCore::RenderBoxModelObject::moveChildrenTo): Deleted.
        (WebCore::RenderBoxModelObject::moveAllChildrenToInternal): Deleted.
        * rendering/RenderBoxModelObject.h:
        (WebCore::RenderBoxModelObject::moveChildTo): Deleted.
        (WebCore::RenderBoxModelObject::moveAllChildrenTo): Deleted.
        (WebCore::RenderBoxModelObject::moveChildrenTo): Deleted.
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::moveChildTo):
        (WebCore::RenderTreeBuilder::moveAllChildrenTo):
        (WebCore::RenderTreeBuilder::moveChildrenTo):
        (WebCore::RenderTreeBuilder::moveAllChildrenIncludingFloatsTo):
        (WebCore::RenderTreeBuilder::makeChildrenNonInline):
        (WebCore::RenderTreeBuilder::splitAnonymousBoxesAroundChild):
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderBlock.cpp:
        (WebCore::moveAllChildrenToInternal):
        (WebCore::RenderTreeBuilder::Block::removeLeftoverAnonymousBlock):
        (WebCore::RenderTreeBuilder::Block::takeChild):
        (WebCore::RenderTreeBuilder::Block::dropAnonymousBoxChild):
        * rendering/updating/RenderTreeBuilderBlockFlow.cpp:
        (WebCore::RenderTreeBuilder::BlockFlow::moveAllChildrenIncludingFloatsTo):
        * rendering/updating/RenderTreeBuilderBlockFlow.h:
        * rendering/updating/RenderTreeBuilderMultiColumn.cpp:
        (WebCore::RenderTreeBuilder::MultiColumn::createFragmentedFlow):
        (WebCore::RenderTreeBuilder::MultiColumn::destroyFragmentedFlow):
        * rendering/updating/RenderTreeBuilderRuby.cpp:
        (WebCore::RenderTreeBuilder::Ruby::moveInlineChildren):
        (WebCore::RenderTreeBuilder::Ruby::moveBlockChildren):
        (WebCore::RenderTreeBuilder::Ruby::takeChild):
        * rendering/updating/RenderTreeBuilderTable.cpp:
        (WebCore::RenderTreeBuilder::Table::collapseAndDestroyAnonymousSiblingRows):

2018-02-16  Andy Estes  <aestes@apple.com>

        [Cocoa] Stop using non-prefixed vDSP functions in 32-bit builds
        https://bugs.webkit.org/show_bug.cgi?id=182898
        <rdar://problem/37195079>

        Reviewed by Tim Horton.

        There's no need to use non-prefixed vDSP function aliases on 32-bit builds.
        The vDSP-prefixed versions are available on all Cocoa platforms we currently support.

        * platform/audio/DirectConvolver.cpp:
        (WebCore::DirectConvolver::process):
        * platform/audio/VectorMath.cpp:
        (WebCore::VectorMath::vsmul):
        (WebCore::VectorMath::vadd):
        (WebCore::VectorMath::vmul):
        (WebCore::VectorMath::zvmul):

2018-02-16  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r228575.

        Introduced LayoutTest crashes under GuardMalloc.

        Reverted changeset:

        "Use ResourceLoader to load appcache manifest"
        https://bugs.webkit.org/show_bug.cgi?id=182861
        https://trac.webkit.org/changeset/228575

2018-02-16  Dean Jackson  <dino@apple.com>

        Use OPENGL macros to be more clear about which OpenGL/ES WebGL uses on Cocoa
        https://bugs.webkit.org/show_bug.cgi?id=182894

        Reviewed by Tim Horton.

        Adjust the places where we check for PLATFORM(MAC) or
        PLATFORM(IOS) related to WebGL, and instead rely
        on USE(OPENGL) USE(OPENGL_ES).

        * CMakeLists.txt:
        * PlatformGTK.cmake:
        * platform/graphics/GLContext.cpp:
        (WebCore::initializeOpenGLShimsIfNeeded):
        * platform/graphics/GraphicsContext3DPrivate.cpp:
        * platform/graphics/OpenGLESShims.h:
        * platform/graphics/cairo/ImageBufferCairo.cpp:
        * platform/graphics/egl/GLContextEGL.cpp:
        (WebCore::GLContextEGL::getEGLConfig):
        (WebCore::GLContextEGL::createContext):
        (WebCore::GLContextEGL::createSharingContext):
        * platform/graphics/egl/GLContextEGLWPE.cpp:
        (WebCore::GLContextEGL::createWPEContext):
        * platform/graphics/egl/GLContextEGLWayland.cpp:
        (WebCore::GLContextEGL::createWaylandContext):
        * platform/graphics/egl/GLContextEGLX11.cpp:
        (WebCore::GLContextEGL::createPixmapContext):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::ensureGstGLContext):
        * platform/graphics/gstreamer/VideoTextureCopierGStreamer.cpp:
        (WebCore::VideoTextureCopierGStreamer::VideoTextureCopierGStreamer):
        (WebCore::VideoTextureCopierGStreamer::~VideoTextureCopierGStreamer):
        (WebCore::VideoTextureCopierGStreamer::copyVideoTextureToPlatformTexture):
        * platform/graphics/gstreamer/VideoTextureCopierGStreamer.h:
        * platform/graphics/opengl/Extensions3DOpenGLES.cpp:
        * platform/graphics/opengl/Extensions3DOpenGLES.h:
        * platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:
        (WebCore::GraphicsContext3D::create):
        (WebCore::GraphicsContext3D::GraphicsContext3D):
        (WebCore::GraphicsContext3D::isGLES2Compliant const):
        * platform/graphics/texmap/GraphicsContext3DTextureMapper.cpp:
        (WebCore::GraphicsContext3D::create):
        (WebCore::GraphicsContext3D::GraphicsContext3D):
        (WebCore::GraphicsContext3D::~GraphicsContext3D):
        (WebCore::GraphicsContext3D::isGLES2Compliant const):
        (WebCore::GraphicsContext3D::getExtensions):
        * platform/graphics/texmap/TextureMapperContextAttributes.cpp:
        (WebCore::TextureMapperContextAttributes::initialize):
        * platform/graphics/texmap/TextureMapperGL.cpp:
        (WebCore::TextureMapperGLData::~TextureMapperGLData):
        (WebCore::TextureMapperGLData::getVAO):
        (WebCore::TextureMapperGL::beginPainting):
        (WebCore::TextureMapperGL::endPainting):
        * platform/graphics/texmap/TextureMapperGLHeaders.h:
        * platform/graphics/texmap/TextureMapperShaderProgram.cpp:
        (WebCore::TextureMapperShaderProgram::create):

2018-02-16  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderElement::insertChildInternal() to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182885
        <rdar://problem/37617371>

        Reviewed by Antti Koivisto.

        No change in functionality.

        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::insertChildInternal): Deleted.
        * rendering/RenderObject.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::insertChildToRenderElement):

2018-02-16  Youenn Fablet  <youenn@apple.com>

        Allow specifying which plug-ins are supported
        https://bugs.webkit.org/show_bug.cgi?id=182748

        Reviewed by Chris Dumez.

        Tests: http/tests/plugins/nounsupported-plugin.html
               http/tests/plugins/supported-plugin-all-origin-visibility.html
               http/tests/plugins/supported-plugin-on-specific-origin.html
               http/tests/plugins/supported-plugin-origin-specific-visibility.html
               http/tests/plugins/unsupported-plugin-on-specific-origin.html
               plugins/unsupported-plugin.html

        Added support for computing plugin web visibility with the added knowledge of supported plugins.
        In case of a plugin failing to be created due to being unsupported, update the UI
        to use mark the plugin as "Unexpected plug in".

        Added internal API to retrieve the plug-in error description message.

        * English.lproj/Localizable.strings:
        * WebCore.xcodeproj/project.pbxproj:
        * html/HTMLPlugInElement.cpp:
        (WebCore::HTMLPlugInElement::setReplacement):
        * html/HTMLPlugInElement.h:
        * loader/EmptyClients.cpp:
        * platform/LocalizedStrings.cpp:
        (WebCore::unsupportedPluginText):
        * platform/LocalizedStrings.h:
        * plugins/PluginData.cpp:
        (WebCore::PluginData::initPlugins):
        * plugins/PluginData.h:
        (WebCore::decodePluginNames):
        (WebCore::encodePluginNames):
        (WebCore::SupportedPluginNames::decode):
        (WebCore::SupportedPluginNames::encode const):
        * plugins/PluginInfoProvider.h:
        * rendering/RenderEmbeddedObject.cpp:
        (WebCore::unavailablePluginReplacementText):
        * rendering/RenderEmbeddedObject.h:
        (WebCore::RenderEmbeddedObject::pluginReplacementTextIfUnavailable const):
        * testing/Internals.cpp:
        (WebCore::Internals::unavailablePluginReplacementText):
        * testing/Internals.h:
        * testing/Internals.idl:

2018-02-16  Chris Dumez  <cdumez@apple.com>

        http/tests/security/http-0.9/xhr-blocked.html is flaky
        https://bugs.webkit.org/show_bug.cgi?id=182857
        <rdar://problem/37616958>

        Reviewed by Antti Koivisto.

        WebCoreResourceHandleAsOperationQueueDelegate does not own the messageQueue and
        the detachHandle function was failing to nullout m_messageQueue when the resourceHandle
        gets destroyed. This means that callFunctionOnMainThread would sometimes try to append
        to a dead messageQueue.

        No new tests, already covered by:
        http/tests/security/http-0.9/xhr-blocked.html is flaky

        * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
        (-[WebCoreResourceHandleAsOperationQueueDelegate detachHandle]):

2018-02-16  Antti Koivisto  <antti@apple.com>

        Assert in mixed blend animation
        https://bugs.webkit.org/show_bug.cgi?id=182887
        <rdar://problem/37598140>

        Reviewed by Zalan Bujtas.

        Test: fast/css/calc-mixed-blend-crash.html

        * platform/CalculationValue.cpp:
        (WebCore::CalcExpressionBlendLength::CalcExpressionBlendLength):

        Fix mismatch between the type test and the value used.

2018-02-16  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderBlock/RenderInline::addChildIgnoringContinuation() to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182876
        <rdar://problem/37607604>

        Reviewed by Antti Koivisto.

        No change in functionality.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::addChildIgnoringContinuation): Deleted.
        * rendering/RenderBlock.h:
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::addChildIgnoringContinuation): Deleted.
        * rendering/RenderElement.h:
        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::addChildIgnoringContinuation): Deleted.
        * rendering/RenderInline.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::insertChildIgnoringContinuation):
        (WebCore::RenderTreeBuilder::insertChildToRenderBlockIgnoringContinuation): Deleted.
        (WebCore::RenderTreeBuilder::insertChildToRenderInlineIgnoringContinuation): Deleted.
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderBlock.cpp:
        (WebCore::RenderTreeBuilder::Block::insertChildToContinuation):
        * rendering/updating/RenderTreeBuilderInline.cpp:
        (WebCore::RenderTreeBuilder::Inline::insertChildToContinuation):
        (WebCore::RenderTreeBuilder::Inline::splitInlines):

2018-02-16  Basuke Suzuki  <Basuke.Suzuki@sony.com>

        [Curl] Unify logic of ResourceHandleCurlDelegate into ResourceHandle
        https://bugs.webkit.org/show_bug.cgi?id=182578

        Reconstruct the classes to match Curl port network layer more similar
        structure with other ports. Move CurlRequest handling into ResourceHandle
        and makes CurlResourceHandleDelegate simple life cycle. Also its duty is
        for most of incoming data and event handling from CurRequest.

        Reviewed by Alex Christensen.

        No new tests because there's no new behavior.

        * platform/Curl.cmake:
        * platform/network/ResourceHandle.h:
        * platform/network/ResourceHandleInternal.h:
        (WebCore::ResourceHandleInternal::ResourceHandleInternal):
        * platform/network/curl/CurlCacheManager.cpp:
        (WebCore::CurlCacheManager::didReceiveResponse):
        * platform/network/curl/CurlDownload.cpp:
        (WebCore::CurlDownload::~CurlDownload):
        (WebCore::CurlDownload::createCurlRequest):
        (WebCore::CurlDownload::curlDidReceiveResponse):
        (WebCore::CurlDownload::curlDidReceiveBuffer):
        (WebCore::CurlDownload::curlDidComplete):
        (WebCore::CurlDownload::curlDidFailWithError):
        (WebCore::CurlDownload::willSendRequest):
        * platform/network/curl/CurlDownload.h:
        * platform/network/curl/CurlRequest.cpp:
        (WebCore::CurlRequest::CurlRequest):
        (WebCore::CurlRequest::cancel):
        (WebCore::CurlRequest::callClient):
        (WebCore::CurlRequest::willSendData):
        (WebCore::CurlRequest::didReceiveData):
        (WebCore::CurlRequest::didReceiveDataFromMultipart):
        (WebCore::CurlRequest::didCompleteTransfer):
        (WebCore::CurlRequest::invokeDidReceiveResponse):
        * platform/network/curl/CurlRequest.h:
        (WebCore::CurlRequest::create):
        (WebCore::CurlRequest::invalidateClient):
        (WebCore::CurlRequest::setClient): Deleted.
        * platform/network/curl/CurlRequestClient.h:
        * platform/network/curl/CurlResourceHandleDelegate.cpp: Added.
        (WebCore::CurlResourceHandleDelegate::CurlResourceHandleDelegate):
        (WebCore::CurlResourceHandleDelegate::ref):
        (WebCore::CurlResourceHandleDelegate::deref):
        (WebCore::CurlResourceHandleDelegate::cancelledOrClientless):
        (WebCore::CurlResourceHandleDelegate::client const):
        (WebCore::CurlResourceHandleDelegate::d):
        (WebCore::CurlResourceHandleDelegate::curlDidSendData):
        (WebCore::handleCookieHeaders):
        (WebCore::CurlResourceHandleDelegate::curlDidReceiveResponse):
        (WebCore::CurlResourceHandleDelegate::curlDidReceiveBuffer):
        (WebCore::CurlResourceHandleDelegate::curlDidComplete):
        (WebCore::CurlResourceHandleDelegate::curlDidFailWithError):
        * platform/network/curl/CurlResourceHandleDelegate.h: Added.
        (WebCore::CurlResourceHandleDelegate::response const):
        * platform/network/curl/ResourceHandleCurl.cpp:
        (WebCore::ResourceHandleInternal::~ResourceHandleInternal):
        (WebCore::ResourceHandle::start):
        (WebCore::ResourceHandle::cancel):
        (WebCore::ResourceHandle::cancelledOrClientless):
        (WebCore::ResourceHandle::createCurlRequest):
        (WebCore::ResourceHandle::delegate):
        (WebCore::ResourceHandle::platformSetDefersLoading):
        (WebCore::ResourceHandle::didReceiveAuthenticationChallenge):
        (WebCore::ResourceHandle::receivedCredential):
        (WebCore::ResourceHandle::receivedRequestToContinueWithoutCredential):
        (WebCore::ResourceHandle::getCredential):
        (WebCore::ResourceHandle::restartRequestWithCredential):
        (WebCore::ResourceHandle::platformLoadResourceSynchronously):
        (WebCore::ResourceHandle::platformContinueSynchronousDidReceiveResponse):
        (WebCore::ResourceHandle::continueAfterDidReceiveResponse):
        (WebCore::ResourceHandle::shouldRedirectAsGET):
        (WebCore::ResourceHandle::willSendRequest):
        (WebCore::ResourceHandle::continueAfterWillSendRequest):
        (WebCore::ResourceHandle::handleDataURL):
        * platform/network/curl/ResourceHandleCurlDelegate.cpp: Removed.
        * platform/network/curl/ResourceHandleCurlDelegate.h: Removed.

2018-02-16  Youenn Fablet  <youenn@apple.com>

        Use ResourceLoader to load appcache manifest
        https://bugs.webkit.org/show_bug.cgi?id=182861

        Reviewed by Alex Christensen.

        Covered by updated tests.

        Add ApplicationCacheResourceLoader to load an ApplicationCacheResource from a ResourceLoader.
        Make use of it to load the app cache manifest.
        Future work should load entries using the same loader.

        Remove manifest handle.
        Ensure that DocumentLoader does not register the manifest resource loader as its lifetime
        is handled by its ApplicationCacheGroup.

        Add a ResourceLoader option to bypass the application cache.
        Use it for manifest loading.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::addSubresourceLoader):
        * loader/ResourceLoaderOptions.h:
        * loader/appcache/ApplicationCacheGroup.cpp:
        (WebCore::ApplicationCacheGroup::stopLoading):
        (WebCore::ApplicationCacheGroup::update):
        (WebCore::ApplicationCacheGroup::createRequest):
        (WebCore::ApplicationCacheGroup::didReceiveResponseAsync):
        (WebCore::ApplicationCacheGroup::didReceiveData):
        (WebCore::ApplicationCacheGroup::didFinishLoading):
        (WebCore::ApplicationCacheGroup::didFail):
        (WebCore::ApplicationCacheGroup::didFinishLoadingManifest):
        (WebCore::ApplicationCacheGroup::checkIfLoadIsComplete):
        * loader/appcache/ApplicationCacheGroup.h:
        * loader/appcache/ApplicationCacheHost.cpp:
        (WebCore::ApplicationCacheHost::maybeLoadResource):
        (WebCore::ApplicationCacheHost::maybeLoadFallbackForRedirect):
        (WebCore::ApplicationCacheHost::maybeLoadFallbackForResponse):
        (WebCore::ApplicationCacheHost::maybeLoadFallbackForError):
        * loader/appcache/ApplicationCacheResourceLoader.cpp: Added.
        * loader/appcache/ApplicationCacheResourceLoader.h: Added.

2018-02-16  Chris Dumez  <cdumez@apple.com>

        Crash under WebCore::EventTarget::fireEventListeners
        https://bugs.webkit.org/show_bug.cgi?id=182880
        <rdar://problem/20788804>

        Reviewed by Youenn Fablet.

        Make sure the 'ended' event does not get dispatched on a
        AudioScheduledSourceNode after ActiveDOMObjects have been stopped.

        Test: webaudio/audiobuffersource-ended-detached-frame.html

        * Modules/webaudio/AudioScheduledSourceNode.cpp:
        (WebCore::AudioScheduledSourceNode::finish):

2018-02-16  Jiewen Tan  <jiewen_tan@apple.com>

        [WebAuthN] Implement PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable()
        https://bugs.webkit.org/show_bug.cgi?id=182771
        <rdar://problem/36459988>

        Reviewed by Brent Fulgham.

        This patch implements PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable()
        per https://www.w3.org/TR/webauthn/#isUserVerifyingPlatformAuthenticatorAvailable with some
        limitations.

        In addition, it changes DeferredPromise to DOMPromiseDeferred<> for all CredentialsManagement
        and WebAuthN API.

        Test: http/wpt/webauthn/public-key-is-user-verifying-platform-authenticator-available.html

        * Modules/credentialmanagement/CredentialsContainer.cpp:
        (WebCore::CredentialsContainer::get):
        (WebCore::CredentialsContainer::store):
        (WebCore::CredentialsContainer::isCreate):
        (WebCore::CredentialsContainer::preventSilentAccess const):
        * Modules/credentialmanagement/CredentialsContainer.h:
        * Modules/credentialmanagement/CredentialsMessenger.cpp:
        (WebCore::CredentialsMessenger::addCreationCompletionHandler):
        Remove a redundant assertion.
        (WebCore::CredentialsMessenger::addRequestCompletionHandler):
        Remove a redundant assertion.
        (WebCore::CredentialsMessenger::addQueryCompletionHandler):
        (WebCore::CredentialsMessenger::takeQueryCompletionHandler):
        * Modules/credentialmanagement/CredentialsMessenger.h:
        * Modules/webauthn/AuthenticatorManager.cpp:
        (WebCore::AuthenticatorManagerInternal::initTimeoutTimer):
        (WebCore::AuthenticatorManager::create const):
        (WebCore::AuthenticatorManager::discoverFromExternalSource const):
        (WebCore::AuthenticatorManager::isUserVerifyingPlatformAuthenticatorAvailable const):
        * Modules/webauthn/AuthenticatorManager.h:
        * Modules/webauthn/PublicKeyCredential.cpp:
        (WebCore::PublicKeyCredential::isUserVerifyingPlatformAuthenticatorAvailable):
        * Modules/webauthn/PublicKeyCredential.h:
        * testing/MockCredentialsMessenger.cpp:
        (WebCore::MockCredentialsMessenger::isUserVerifyingPlatformAuthenticatorAvailable):
        (WebCore::MockCredentialsMessenger::isUserVerifyingPlatformAuthenticatorAvailableReply):
        * testing/MockCredentialsMessenger.h:
        * testing/MockCredentialsMessenger.idl:

2018-02-16  Tim Horton  <timothy_horton@apple.com>

        Stop using EXCLUDED_SOURCE_FILE_NAMES for touch and gesture files in WebCore
        https://bugs.webkit.org/show_bug.cgi?id=182866

        Reviewed by Daniel Bates.

        * Configurations/WebCore.xcconfig:
        These generated files already have ENABLE() flags around them,
        so there's no reason to exclude them explicitly.

2018-02-16  Chris Dumez  <cdumez@apple.com>

        Unreviewed, fix iOS build after r228562.

        * workers/service/server/RegistrationDatabase.cpp:
        (WebCore::RegistrationDatabase::openSQLiteDatabase):

2018-02-16  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderElement::addChild() to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182878
        <rdar://problem/37608349>

        Reviewed by Antti Koivisto.

        This patch removes the last addChild() related mutation logic from the renderers.

        No change in functionality.

        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::didInsertChild):
        (WebCore::RenderElement::addChild): Deleted.
        * rendering/RenderElement.h:
        (WebCore::RenderElement::isChildAllowed const):
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::insertChild):
        (WebCore::RenderTreeBuilder::insertChildToRenderElement):
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderBlock.cpp:
        (WebCore::RenderTreeBuilder::Block::insertChildIgnoringContinuation):
        * rendering/updating/RenderTreeBuilderInline.cpp:
        (WebCore::RenderTreeBuilder::Inline::insertChildIgnoringContinuation):
        * rendering/updating/RenderTreeBuilderSVG.cpp:
        (WebCore::RenderTreeBuilder::SVG::insertChild):
        * rendering/updating/RenderTreeBuilderTable.cpp:
        (WebCore::RenderTreeBuilder::Table::insertChild):

2018-02-16  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r228546.

        This caused a consistent crash on all macOS WK2 platforms.

        Reverted changeset:

        "Web Inspector: get rid of remaining uses of OptOutput<T>"
        https://bugs.webkit.org/show_bug.cgi?id=180607
        https://trac.webkit.org/changeset/228546

2018-02-16  Youenn Fablet  <youenn@apple.com>

        Log the error message when failing to open the database
        https://bugs.webkit.org/show_bug.cgi?id=182795
        <rdar://problem/37592399>

        Unreviewed.
        Fixing iOS simulator debug build.

        * workers/service/server/RegistrationDatabase.cpp:
        (WebCore::RegistrationDatabase::openSQLiteDatabase):

2018-02-16  Fujii Hironori  <Hironori.Fujii@sony.com>

        IndexedDB: Several test crash in when destroying a IDBKeyData
        https://bugs.webkit.org/show_bug.cgi?id=167576

        Reviewed by Michael Catanzaro.

        IDBKeyDataHashTraits::constructDeletedValue is using operator= to
        assign deletedValue. But, the value is destructed just before
        calling constructDeletedValue. You can't use operator= for a
        destructed value.

        No new tests (Covered by existing tests).

        * Modules/indexeddb/IDBKeyData.h:
        (WebCore::IDBKeyDataHashTraits::constructDeletedValue):
        Construct null value before assigning deletedValue.

2018-02-16  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderBlock/RenderBlockFlow::addChild() to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182862
        <rdar://problem/37595464>

        Reviewed by Antti Koivisto.

        No change in functionality.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::addChild): Deleted.
        * rendering/RenderBlock.h:
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::addChild): Deleted.
        * rendering/RenderBlockFlow.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::insertChild):
        (WebCore::RenderTreeBuilder::insertChildToRenderBlock): Deleted.
        (WebCore::RenderTreeBuilder::insertChildToRenderBlockFlow): Deleted.
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderBlockFlow.cpp:
        (WebCore::RenderTreeBuilder::BlockFlow::insertChild):
        * rendering/updating/RenderTreeBuilderFormControls.cpp:
        (WebCore::RenderTreeBuilder::FormControls::findOrCreateParentForChild):
        * rendering/updating/RenderTreeBuilderMathML.cpp:
        (WebCore::RenderTreeBuilder::MathML::makeFences):
        (WebCore::RenderTreeBuilder::MathML::insertChild):
        * rendering/updating/RenderTreeBuilderMultiColumn.cpp:
        (WebCore::RenderTreeBuilder::MultiColumn::createFragmentedFlow):
        (WebCore::RenderTreeBuilder::MultiColumn::processPossibleSpannerDescendant):
        * rendering/updating/RenderTreeBuilderRuby.cpp:
        (WebCore::RenderTreeBuilder::Ruby::insertChild):
        (WebCore::RenderTreeBuilder::Ruby::findOrCreateParentForChild):
        (WebCore::RenderTreeBuilder::Ruby::rubyBaseSafe):
        * rendering/updating/RenderTreeBuilderSVG.cpp:
        (WebCore::RenderTreeBuilder::SVG::insertChild):

2018-02-16  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Extra zoom mode] Add basic support for <input type='date'> using date picker UI
        https://bugs.webkit.org/show_bug.cgi?id=182847
        <rdar://problem/35143111>

        Reviewed by Tim Horton.

        Add new localized strings for "month", "day" and "year" as they appear in the date picker.

        * English.lproj/Localizable.strings:
        * platform/LocalizedStrings.cpp:
        (WebCore::textInputModeWriteButtonTitle):
        (WebCore::textInputModeSpeechButtonTitle):
        (WebCore::datePickerDayLabelTitle):
        (WebCore::datePickerMonthLabelTitle):
        (WebCore::datePickerYearLabelTitle):
        (WebCore::textInputModeWriteButton): Deleted.
        (WebCore::textInputModeSpeechButton): Deleted.
        * platform/LocalizedStrings.h:

2018-02-16  Zan Dobersek  <zdobersek@igalia.com>

        HarfBuzzFace should operate with a FontPlatformData reference
        https://bugs.webkit.org/show_bug.cgi?id=182863

        Reviewed by Carlos Garcia Campos.

        Instead of keeping a never-null pointer to FontPlatformData,
        HarfBuzzFace should operate with a FontPlatformData reference.

        * platform/graphics/freetype/FontPlatformDataFreeType.cpp:
        (WebCore::FontPlatformData::harfBuzzFace const):
        * platform/graphics/harfbuzz/HarfBuzzFace.cpp:
        (WebCore::HarfBuzzFace::HarfBuzzFace):
        * platform/graphics/harfbuzz/HarfBuzzFace.h:
        * platform/graphics/harfbuzz/HarfBuzzFaceCairo.cpp:
        (WebCore::HarfBuzzFace::createFace):
        (WebCore::HarfBuzzFace::createFont):

2018-02-15  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] parent.Render*::addChild() cleanup
        https://bugs.webkit.org/show_bug.cgi?id=182842
        <rdar://problem/37585524>

        Reviewed by Antti Koivisto.

        No change in functionality.

        * rendering/updating/RenderTreeBuilderBlock.cpp:
        (WebCore::RenderTreeBuilder::Block::insertChildIgnoringContinuation):
        * rendering/updating/RenderTreeBuilderFormControls.cpp:
        (WebCore::RenderTreeBuilder::FormControls::createInnerRendererIfNeeded):
        * rendering/updating/RenderTreeBuilderInline.cpp:
        (WebCore::RenderTreeBuilder::Inline::insertChildIgnoringContinuation):
        * rendering/updating/RenderTreeBuilderMathML.cpp:
        (WebCore::RenderTreeBuilder::MathML::makeFences):
        (WebCore::RenderTreeBuilder::MathML::insertChild):
        * rendering/updating/RenderTreeBuilderSVG.cpp:
        (WebCore::RenderTreeBuilder::SVG::insertChild):
        * rendering/updating/RenderTreeBuilderTable.cpp:
        (WebCore::RenderTreeBuilder::Table::insertChild):

2018-02-15  Megan Gardner  <megan_gardner@apple.com>

        Support scrolling for non-editable web-selection and start autoscroll when near screen edges
        https://bugs.webkit.org/show_bug.cgi?id=182815

        Reviewed by Tim Horton.

        Adjust the position we are autoscrolling to so that when we are close to an edge, we will start autoscrolling
        while we are still inside the view. Autoscrolling still happens when you drag past the edge of a view.

        No new tests (This is difficult to test in this state, but when we switch assistants, test will also be added).

        * page/EventHandler.h:
        * page/ios/EventHandlerIOS.mm:
        (WebCore::EventHandler::startSelectionAutoscroll):
        (WebCore::EventHandler::cancelSelectionAutoscroll):
        (WebCore::autoscrollAdjustmentFactorForScreenBoundaries):
        (WebCore::EventHandler::targetPositionInWindowForSelectionAutoscroll const):
        (WebCore::EventHandler::startTextAutoscroll): Deleted.
        (WebCore::EventHandler::cancelTextAutoscroll): Deleted.

2018-02-15  Youenn Fablet  <youenn@apple.com>

        Log the error message when failing to open the database
        https://bugs.webkit.org/show_bug.cgi?id=182795

        Reviewed by Chris Dumez.

        No change of behavior.
        Print the error message as it does not contain any user private information.

        * workers/service/server/RegistrationDatabase.cpp:
        (WebCore::RegistrationDatabase::openSQLiteDatabase):

2018-02-15  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderMenuList::addChild() to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182840
        <rdar://problem/37583638>

        Reviewed by Antti Koivisto.

        No change in functionality.

        * rendering/RenderMenuList.cpp:
        (RenderMenuList::didInsertChild):
        (RenderMenuList::addChild): Deleted.
        * rendering/RenderMenuList.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::insertChild):
        * rendering/updating/RenderTreeBuilderFormControls.cpp:
        (WebCore::RenderTreeBuilder::FormControls::findOrCreateParentForChild):
        (WebCore::RenderTreeBuilder::FormControls::insertChild):
        (WebCore::RenderTreeBuilder::FormControls::createInnerRendererIfNeeded): Deleted.
        * rendering/updating/RenderTreeBuilderFormControls.h:

2018-02-15  Darin Adler  <darin@apple.com>

        Web Inspector: get rid of remaining uses of OptOutput<T>
        https://bugs.webkit.org/show_bug.cgi?id=180607

        Reviewed by Brian Burg.

        * inspector/InspectorStyleSheet.cpp:
        (WebCore::buildSourceRangeObject): Take a const Vector& instead of a Vector*.
        (WebCore::InspectorStyle::buildObjectForStyle const): Pass lineEndings() instead
        of lineEndings().get().
        (WebCore::InspectorStyle::styleWithProperties const): Ditto.
        (WebCore::InspectorStyleSheet::buildObjectForSelectorList): Ditto.
        (WebCore::InspectorStyleSheet::lineEndings const): Return a Vector instead of
        a std::unique_ptr<Vector>.
        (WebCore::InspectorStyleSheetForInlineStyle::lineEndings const): Ditto.
        * inspector/InspectorStyleSheet.h: Updated for the above.

        * inspector/agents/InspectorCSSAgent.h: Removed some bogus const.
        * inspector/agents/InspectorCanvasAgent.cpp: Ditto.
        * inspector/agents/InspectorCanvasAgent.h: Ditto.

        * inspector/agents/InspectorDOMDebuggerAgent.cpp: Improved type of global strings
        so we don't waste space with a pointer to the string.
        (WebCore::InspectorDOMDebuggerAgent::setEventListenerBreakpoint): Removed
        explicit creation of String, which was wasteful and unnecessary.
        (WebCore::InspectorDOMDebuggerAgent::setInstrumentationBreakpoint): Ditto.
        (WebCore::InspectorDOMDebuggerAgent::removeEventListenerBreakpoint): Ditto.
        (WebCore::InspectorDOMDebuggerAgent::removeInstrumentationBreakpoint): Ditto.
        (WebCore::InspectorDOMDebuggerAgent::setXHRBreakpoint): Removed bogus const.

        * inspector/agents/InspectorDOMDebuggerAgent.h: Removed bogus const and use
        final instead of override.
        * inspector/agents/InspectorPageAgent.cpp: Ditto.
        * inspector/agents/InspectorPageAgent.h: Ditto.

2018-02-15  Chris Dumez  <cdumez@apple.com>

        Flaky Test: imported/w3c/web-platform-tests/fetch/api/redirect/redirect-to-dataurl-worker.html
        https://bugs.webkit.org/show_bug.cgi?id=182270
        <rdar://problem/36904314>

        Reviewed by Antti Koivisto.

        No new tests, already covered by existing tests that crash flakily on the bots.

        * loader/ThreadableLoaderClientWrapper.h:
        (WebCore::ThreadableLoaderClientWrapper::ThreadableLoaderClientWrapper):
        isolate copy the initiator string as this object can be destroyed on a different thread. This was
        causing the test to flakily crash as well when destroying ThreadLocalData.

        * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.h:
        * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
        (scheduledWithCustomRunLoopMode):
        (-[WebCoreResourceHandleAsOperationQueueDelegate callFunctionOnMainThread:]):
        Fix thread safety issue in callFunctionOnMainThread. This function is called from a background thread
        to get to the main thread. However, it relied on m_handle which would get nullified on the main thread
        by detachHandle when the ResourceHandle is destroyed. Fix the issue by not relying on m_handle anymore.

        (-[WebCoreResourceHandleAsOperationQueueDelegate initWithHandle:messageQueue:]):
        (-[WebCoreResourceHandleAsOperationQueueDelegate connection:willSendRequest:redirectResponse:]):
        (-[WebCoreResourceHandleAsOperationQueueDelegate connection:canAuthenticateAgainstProtectionSpace:]):
        (-[WebCoreResourceHandleAsOperationQueueDelegate connection:didReceiveResponse:]):
        (-[WebCoreResourceHandleAsOperationQueueDelegate connection:willCacheResponse:]):
        - Go back to using autorelease() instead of get() for the returned objects to match the code pre-r224522.
        - Dispatch the protectedSelf variables that were added in r227073 to the main thread to make sure we do
          not get destroyed on the background thread when protectedSelf is the last strong reference to self.
          Destroying the WebCoreResourceHandleAsOperationQueueDelegate on the background safe is unsafe due to
          its m_messageQueue data member which contains lambdas that may capture anything.
        - Add a Lock to protect against detachHandle getting called on the main thread and nulling out
          m_handle / m_requestResult / m_cachedResponseResult while the background thread may be accessing
          them.

2018-02-15  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderTableRow::addChild() to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182838
        <rdar://problem/37580762>

        Reviewed by Antti Koivisto.

        No change in functionality.

        * rendering/RenderTableRow.cpp:
        (WebCore::RenderTableRow::didInsertTableCell):
        (WebCore::RenderTableRow::addChild): Deleted.
        * rendering/RenderTableRow.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::insertChild):
        (WebCore::RenderTreeBuilder::insertChildToRenderTableRow): Deleted.
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderTable.cpp:
        (WebCore::RenderTreeBuilder::Table::insertChild):

2018-02-15  Antoine Quint  <graouts@apple.com>

        [Web Animations] Ensure that changing the timing model updates styles synchronously
        https://bugs.webkit.org/show_bug.cgi?id=182836

        Reviewed by Dean Jackson.

        We did not invalidate the timing model when properties of an effect's timing object changed
        and even when we did invalidate the timing model, we did not update styles on effect targets
        synchronously, only scheduling such updates for the next animation frame.

        In this patch we expose the effect on the timing object such that changing timing properties
        can notify the effect of a change in the timing model, which can then be forwarded to the
        animation (which already informs its timeline, if any).

        Additionally, when an animation's timing model has changed, we now invalidate the effect, which
        will update styles synchronously.

        This produces a number of progressions in WPT tests.

        * animation/AnimationEffectReadOnly.cpp:
        (WebCore::AnimationEffectReadOnly::AnimationEffectReadOnly): Set the timing object's effect upon
        effect construction.
        (WebCore::AnimationEffectReadOnly::~AnimationEffectReadOnly): Set the timing object's effect to
        null upon effect destruction.
        (WebCore::AnimationEffectReadOnly::timingDidChange): Notify the animation (if any) that its timing
        model changed following a change in the timing properties.
        * animation/AnimationEffectReadOnly.h: Add a new virtual invalidate() method that subclasses can
        override to implement invalidation behavior when the animation finds out its timing model changed.
        * animation/AnimationEffectTimingReadOnly.cpp: Notify the effect when a property changes such
        that it may notify its animation of a timing model change.
        (WebCore::AnimationEffectTimingReadOnly::propertyDidChange):
        (WebCore::AnimationEffectTimingReadOnly::setIterationStart):
        (WebCore::AnimationEffectTimingReadOnly::setIterations):
        (WebCore::AnimationEffectTimingReadOnly::setBindingsDuration):
        (WebCore::AnimationEffectTimingReadOnly::setEasing):
        (WebCore::AnimationEffectTimingReadOnly::setDelay):
        (WebCore::AnimationEffectTimingReadOnly::setEndDelay):
        (WebCore::AnimationEffectTimingReadOnly::setFill):
        (WebCore::AnimationEffectTimingReadOnly::setIterationDuration):
        (WebCore::AnimationEffectTimingReadOnly::setDirection):
        * animation/AnimationEffectTimingReadOnly.h:
        (WebCore::AnimationEffectTimingReadOnly::setEffect):
        (WebCore::AnimationEffectTimingReadOnly::setBindingsDelay):
        (WebCore::AnimationEffectTimingReadOnly::setBindingsEndDelay):
        (WebCore::AnimationEffectTimingReadOnly::setDelay): Deleted.
        (WebCore::AnimationEffectTimingReadOnly::setEndDelay): Deleted.
        (WebCore::AnimationEffectTimingReadOnly::setFill): Deleted.
        (WebCore::AnimationEffectTimingReadOnly::setIterationDuration): Deleted.
        (WebCore::AnimationEffectTimingReadOnly::setDirection): Deleted.
        * animation/AnimationTimeline.cpp: Rename animationTimingModelDidChange() to timingModelDidChange()
        to align it with the new WebAnimation::timingModelDidChange() method.
        (WebCore::AnimationTimeline::addAnimation):
        (WebCore::AnimationTimeline::removeAnimation):
        (WebCore::AnimationTimeline::setCurrentTime):
        * animation/AnimationTimeline.h:
        (WebCore::AnimationTimeline::timingModelDidChange):
        (WebCore::AnimationTimeline::animationTimingModelDidChange): Deleted.
        * animation/DocumentTimeline.cpp:
        (WebCore::DocumentTimeline::timingModelDidChange):
        (WebCore::DocumentTimeline::updateAnimations):
        (WebCore::DocumentTimeline::animationTimingModelDidChange): Deleted.
        * animation/DocumentTimeline.h:
        * animation/KeyframeEffectReadOnly.cpp:
        (WebCore::KeyframeEffectReadOnly::invalidate): Override the invalidate() method to perform a synchronous
        style update in order to ensure that timing properties are accounted for right as they change.
        * animation/KeyframeEffectReadOnly.h:
        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::timingModelDidChange): Invalidate the effect and notify the timeline of a timing
        model change when an animation is notified that its timing model has changed.
        (WebCore::WebAnimation::setStartTime):
        * animation/WebAnimation.h:

2018-02-15  Timothy Horton  <timothy_horton@apple.com>

        Fix the build.

        * platform/ios/KeyEventCodesIOS.h:

2018-02-15  John Wilander  <wilander@apple.com>

        Resource Load Statistics: Make sure WebResourceLoadStatisticsStore::mergeWithDataFromDecoder() can ingest older plist versions and not reset the database
        https://bugs.webkit.org/show_bug.cgi?id=182812
        <rdar://problem/37511406>

        Reviewed by Brent Fulgham.

        No new tests. Tested manually between versions of Safari.

        * loader/ResourceLoadStatistics.cpp:
        (WebCore::ResourceLoadStatistics::decode):
            Now only expects these fields for model version 11 or higher:
            - topFrameUniqueRedirectsTo
            - topFrameUniqueRedirectsFrom
            - subresourceUniqueRedirectsFrom
            - timesAccessedAsFirstPartyDueToUserInteraction
            - timesAccessedAsFirstPartyDueToStorageAccessAPI
        * loader/ResourceLoadStatistics.h:

2018-02-15  Tim Horton  <timothy_horton@apple.com>

        Stop using EXCLUDED_SOURCE_FILE_NAMES for actual source files in WebCore
        https://bugs.webkit.org/show_bug.cgi?id=182822

        Reviewed by Dan Bernstein.

        It's much easier to reason about things if xcconfigs don't apply extra
        constraints to which source files actually build on a per-platform basis.
        We should use #ifs instead like we usually do.

        * Configurations/WebCore.xcconfig:
        * Modules/geolocation/ios/GeolocationPositionIOS.mm:
        * accessibility/ios/AccessibilityObjectIOS.mm:
        * accessibility/mac/AXObjectCacheMac.mm:
        * accessibility/mac/AccessibilityObjectMac.mm:
        * accessibility/mac/WebAccessibilityObjectWrapperMac.h:
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        * dom/DataTransferMac.mm:
        * editing/ios/DictationCommandIOS.cpp:
        * editing/ios/DictationCommandIOS.h:
        * editing/ios/EditorIOS.mm:
        * editing/ios/WebContentReaderIOS.mm:
        * editing/mac/EditorMac.mm:
        * editing/mac/WebContentReaderMac.mm:
        * page/ios/EventHandlerIOS.mm:
        * page/ios/FrameIOS.mm:
        * page/mac/EventHandlerMac.mm:
        * page/scrolling/ios/ScrollingCoordinatorIOS.h:
        * page/scrolling/ios/ScrollingCoordinatorIOS.mm:
        * page/scrolling/ios/ScrollingTreeFrameScrollingNodeIOS.mm:
        * platform/ThreadCheck.h:
        * platform/audio/ios/AudioDestinationIOS.h:
        * platform/audio/ios/AudioFileReaderIOS.h:
        * platform/audio/ios/MediaSessionManagerIOS.h:
        * platform/graphics/ios/DisplayRefreshMonitorIOS.h:
        * platform/graphics/ios/DisplayRefreshMonitorIOS.mm:
        * platform/graphics/ios/FontCacheIOS.mm:
        * platform/graphics/ios/GraphicsContext3DIOS.h:
        * platform/graphics/ios/IconIOS.mm:
        * platform/graphics/mac/ColorMac.h:
        * platform/graphics/mac/ColorMac.mm:
        * platform/graphics/mac/DisplayRefreshMonitorMac.cpp:
        * platform/graphics/mac/DisplayRefreshMonitorMac.h:
        * platform/graphics/mac/IconMac.mm:
        * platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:
        * platform/ios/CursorIOS.cpp:
        * platform/ios/DeviceMotionClientIOS.h:
        * platform/ios/DeviceOrientationClientIOS.h:
        * platform/ios/EventLoopIOS.mm:
        * platform/ios/KeyEventCodesIOS.h:
        * platform/ios/LowPowerModeNotifierIOS.mm:
        * platform/ios/PasteboardIOS.mm:
        * platform/ios/PlatformEventFactoryIOS.h:
        * platform/ios/PlatformEventFactoryIOS.mm:
        * platform/ios/PlatformPasteboardIOS.mm:
        * platform/ios/PlatformScreenIOS.mm:
        * platform/ios/PlatformSpeechSynthesizerIOS.mm:
        * platform/ios/RemoteCommandListenerIOS.h:
        * platform/ios/RemoteCommandListenerIOS.mm:
        * platform/ios/SSLKeyGeneratorIOS.cpp:
        * platform/ios/ScrollAnimatorIOS.h:
        * platform/ios/ScrollAnimatorIOS.mm:
        * platform/ios/ScrollViewIOS.mm:
        * platform/ios/ScrollbarThemeIOS.h:
        * platform/ios/ScrollbarThemeIOS.mm:
        * platform/ios/SystemMemoryIOS.cpp:
        * platform/ios/ThemeIOS.h:
        * platform/ios/ThemeIOS.mm:
        * platform/ios/TileControllerMemoryHandlerIOS.cpp:
        * platform/ios/TileControllerMemoryHandlerIOS.h:
        * platform/ios/UserAgentIOS.mm:
        * platform/ios/ValidationBubbleIOS.mm:
        * platform/ios/WidgetIOS.mm:
        * platform/mac/CursorMac.mm:
        * platform/mac/EventLoopMac.mm:
        * platform/mac/LocalCurrentGraphicsContext.h:
        * platform/mac/LocalCurrentGraphicsContext.mm:
        * platform/mac/NSScrollerImpDetails.h:
        * platform/mac/NSScrollerImpDetails.mm:
        * platform/mac/PasteboardMac.mm:
        * platform/mac/PlatformEventFactoryMac.h:
        * platform/mac/PlatformEventFactoryMac.mm:
        * platform/mac/PlatformPasteboardMac.mm:
        * platform/mac/PlatformScreenMac.mm:
        * platform/mac/PlatformSpeechSynthesizerMac.mm:
        * platform/mac/SSLKeyGeneratorMac.mm:
        * platform/mac/ScrollViewMac.mm:
        * platform/mac/ScrollbarThemeMac.h:
        * platform/mac/ScrollbarThemeMac.mm:
        * platform/mac/ThemeMac.h:
        * platform/mac/ThemeMac.mm:
        * platform/mac/ThreadCheck.mm:
        * platform/mac/UserAgentMac.mm:
        * platform/mac/WebCoreView.h:
        * platform/mac/WebCoreView.m:
        * platform/mac/WidgetMac.mm:
        * platform/mediastream/ios/CoreAudioCaptureSourceIOS.h:
        * platform/network/ios/NetworkStateNotifierIOS.mm:
        * platform/network/ios/WebCoreURLResponseIOS.h:
        * platform/network/ios/WebCoreURLResponseIOS.mm:
        * platform/network/mac/NetworkStateNotifierMac.cpp:

2018-02-15  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderTableSection::addChild() to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182835
        <rdar://problem/37579191>

        Reviewed by Antti Koivisto.

        No change in functionality.

        * rendering/RenderTableSection.cpp:
        (WebCore::RenderTableSection::willInsertTableRow):
        (WebCore::RenderTableSection::addChild): Deleted.
        * rendering/RenderTableSection.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::insertChild): Leftover from r228529.
        (WebCore::RenderTreeBuilder::insertChildToRenderTable): Deleted. Leftover from r228529.
        (WebCore::RenderTreeBuilder::insertChildToRenderTableSection): Deleted.
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderTable.cpp:
        (WebCore::RenderTreeBuilder::Table::insertChild):

2018-02-15  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderTable::addChild() to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182832
        <rdar://problem/37576362>

        Reviewed by Antti Koivisto.

        No change in functionality.

        * rendering/RenderTable.cpp:
        (WebCore::RenderTable::willInsertTableColumn):
        (WebCore::RenderTable::willInsertTableSection):
        (WebCore::RenderTable::addChild): Deleted.
        * rendering/RenderTable.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::insertChild):
        * rendering/updating/RenderTreeBuilderTable.cpp:
        (WebCore::RenderTreeBuilder::Table::insertChild):

2018-02-14  Darin Adler  <darin@apple.com>

        Use std::make_unique instead of explicit calls to new and instead of writing create functions
        https://bugs.webkit.org/show_bug.cgi?id=182821

        Reviewed by Anders Carlsson.

        * loader/LinkLoader.cpp:
        (WebCore::createLinkPreloadResourceClient): Use std::make_unique insteadof create functions.

        * loader/LinkPreloadResourceClients.h: Make constructors public, get rid of create functions,
        make overrides be private and final, get rid of unnecessary public default virtual destructors
        that the compiler will generate correctly without anything explicit.

        * platform/encryptedmedia/clearkey/CDMClearKey.cpp:
        (WebCore::CDMFactoryClearKey::createCDM): Use std::make_unique instead of std::unique_ptr/new.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::MediaPlayerPrivateAVFoundationObjC): Use
        std::make_unique instead of calling a create function.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::MediaPlayerPrivateMediaSourceAVFObjC): Ditto.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::MediaPlayerPrivateMediaStreamAVFObjC): Ditto.

        * platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.h: Made the constructor
        public and got rid of the create function.
        * platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.mm:
        (WebCore::VideoFullscreenLayerManager::create): Deleted.

        * rendering/GridTrackSizingAlgorithm.cpp:
        (WebCore::GridTrackSizingAlgorithm::computeFlexFactorUnitSize const):
        Use std::make_unique instead of std::unique_ptr/new.

2018-02-15  Andy Estes  <aestes@apple.com>

        Finish unifying Apple Pay and Payment Request sources
        https://bugs.webkit.org/show_bug.cgi?id=182831

        Reviewed by Keith Miller.

        * Sources.txt:
        * SourcesCocoa.txt:
        * WebCore.xcodeproj/project.pbxproj:

2018-02-15  Zan Dobersek  <zdobersek@igalia.com>

        HarfBuzzFace: rework cache entry reference holding
        https://bugs.webkit.org/show_bug.cgi?id=182828

        Reviewed by Michael Catanzaro.

        Move the FaceCacheEntry and HarfBuzzFaceCache types into the
        HarfBuzzFace class as CacheEntry and Cache, respectively. The Cache
        singleton is also moved there.

        In the HarfBuzzFace constructor, we now don't increase the CacheEntry
        reference, but instead just keep a reference to that object through
        a RefPtr<CacheEntry> object. We don't need to retrieve the hb_face_t
        object and the glyph cache HashMap in the constructor anymore, we just
        retrieve them when necessary through that CacheEntry reference.

        In the destructor, that RefPtr<CacheEntry> object is nulled out before
        the object in Cache is removed if that's where the final reference is
        kept.

        * platform/graphics/harfbuzz/HarfBuzzFace.cpp:
        (WebCore::HarfBuzzFace::CacheEntry::CacheEntry):
        (WebCore::HarfBuzzFace::CacheEntry::~CacheEntry):
        (WebCore::HarfBuzzFace::cache):
        (WebCore::HarfBuzzFace::HarfBuzzFace):
        (WebCore::HarfBuzzFace::~HarfBuzzFace):
        (WebCore::HarfBuzzFace::setScriptForVerticalGlyphSubstitution):
        (WebCore::FaceCacheEntry::create): Deleted.
        (WebCore::FaceCacheEntry::~FaceCacheEntry): Deleted.
        (WebCore::FaceCacheEntry::face): Deleted.
        (WebCore::FaceCacheEntry::glyphCache): Deleted.
        (WebCore::FaceCacheEntry::FaceCacheEntry): Deleted.
        (WebCore::harfBuzzFaceCache): Deleted.
        * platform/graphics/harfbuzz/HarfBuzzFace.h:
        (WebCore::HarfBuzzFace::CacheEntry::create):
        (WebCore::HarfBuzzFace::CacheEntry::face):
        (WebCore::HarfBuzzFace::CacheEntry::glyphCache):
        * platform/graphics/harfbuzz/HarfBuzzFaceCairo.cpp:
        (WebCore::harfBuzzGetGlyph):
        (WebCore::HarfBuzzFace::createFont):

2018-02-15  Zan Dobersek  <zdobersek@igalia.com>

        FontPlatformData::harfBuzzFace() should return a reference
        https://bugs.webkit.org/show_bug.cgi?id=182825

        Reviewed by Carlos Garcia Campos.

        Have FontPlatformData::harfBuzzFace() return a reference instead of a
        pointer, given that the returned HarfBuzzFace object cannot be null.

        Call-sites of FontPlatformData::harfBuzzFace() are adjusted.
        OpenTypeMathData constructors are also changed to not rely on
        preprocessor to correctly position the closing brace.

        * platform/graphics/FontPlatformData.h:
        * platform/graphics/freetype/FontPlatformDataFreeType.cpp:
        (WebCore::FontPlatformData::harfBuzzFace const):
        * platform/graphics/harfbuzz/ComplexTextControllerHarfBuzz.cpp:
        (WebCore::ComplexTextController::collectComplexTextRunsForCharacters):
        * platform/graphics/opentype/OpenTypeMathData.cpp:
        (WebCore::OpenTypeMathData::OpenTypeMathData):

2018-02-15  Jiewen Tan  <jiewen_tan@apple.com>

        [WebAuthN] Revisit the whole async model of task dispatching, timeout and aborting
        https://bugs.webkit.org/show_bug.cgi?id=181946
        <rdar://problem/37258262>

        Reviewed by Chris Dumez.

        This patch changes the original async model from a work queue to IPC between WebProcess
        and UIProcess. Since all authenticator operations must be handled in the UIProcess due
        to sandboxing, this message passing IPC async model then surpasses the original multi
        threading model. To cooperate that, a CredentialsMessenger class is then created and
        all task dispatching code is moved thre.

        As an improvement over existing code, static functions from PublicKeyCredential are
        moved to AuthenticatorManager. AuthenticatorManager is made as a singleton such that
        when static functions are called, they could reach the CredentialsMessenger to interact
        with UIProccess. CredentialsMessenger and AuthenticatorManager are separated so later
        on when other Credential types are created, they can reuse the same IPC messenger.

        What's more, a mock CredentialsMessenger is then created to mock behaviors of UIProcess
        for testing purpose.

        Covered by existing tests.

        * DerivedSources.make:
        * Modules/credentialmanagement/BasicCredential.h:
        * Modules/credentialmanagement/CredentialsContainer.cpp:
        (WebCore::CredentialsContainer::CredentialsContainer):
        (WebCore::CredentialsContainer::doesHaveSameOriginAsItsAncestors):
        (WebCore::CredentialsContainer::get):
        (WebCore::CredentialsContainer::isCreate):
        (WebCore::CredentialsContainer::PendingPromise::PendingPromise): Deleted.
        (WebCore::CredentialsContainer::dispatchTask): Deleted.
        * Modules/credentialmanagement/CredentialsContainer.h:
        (WebCore::CredentialsContainer::PendingPromise::create): Deleted.
        * Modules/credentialmanagement/CredentialsMessenger.cpp: Added.
        (WebCore::CredentialsMessenger::exceptionReply):
        (WebCore::CredentialsMessenger::addCreationCompletionHandler):
        (WebCore::CredentialsMessenger::takeCreationCompletionHandler):
        (WebCore::CredentialsMessenger::addRequestCompletionHandler):
        (WebCore::CredentialsMessenger::takeRequestCompletionHandler):
        (WebCore::CredentialsMessenger::addQueryCompletionHandler):
        (WebCore::CredentialsMessenger::takeQueryCompletionHandler):
        (WebCore::getIdFromAttestationObject):
        * Modules/credentialmanagement/CredentialsMessenger.h: Added.
        (WebCore::CreationReturnBundle::CreationReturnBundle):
        (WebCore::AssertionReturnBundle::AssertionReturnBundle):
        (WebCore::CredentialsMessenger::weakPtrFactory const):
        * Modules/webauthn/Authenticator.cpp: Removed.
        * Modules/webauthn/Authenticator.h: Removed.
        * Modules/webauthn/AuthenticatorManager.cpp: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.cpp.
        (WebCore::AuthenticatorManagerInternal::produceClientDataJson):
        (WebCore::AuthenticatorManagerInternal::produceClientDataJsonHash):
        (WebCore::AuthenticatorManagerInternal::initTimer):
        (WebCore::AuthenticatorManagerInternal::didTimerFire):
        (WebCore::AuthenticatorManager::singleton):
        (WebCore::AuthenticatorManager::setMessenger):
        (WebCore::AuthenticatorManager::create const):
        (WebCore::AuthenticatorManager::discoverFromExternalSource const):
        * Modules/webauthn/AuthenticatorManager.h: Copied from Source/WebCore/Modules/webauthn/AuthenticatorResponse.h.
        * Modules/webauthn/AuthenticatorResponse.h:
        * Modules/webauthn/PublicKeyCredential.cpp:
        (WebCore::PublicKeyCredentialInternal::produceClientDataJson): Deleted.
        (WebCore::PublicKeyCredentialInternal::produceClientDataJsonHash): Deleted.
        (WebCore::PublicKeyCredentialInternal::getIdFromAttestationObject): Deleted.
        (WebCore::PublicKeyCredential::collectFromCredentialStore): Deleted.
        (WebCore::PublicKeyCredential::discoverFromExternalSource): Deleted.
        (WebCore::PublicKeyCredential::store): Deleted.
        (WebCore::PublicKeyCredential::create): Deleted.
        (WebCore::PublicKeyCredential::rawId const): Deleted.
        (WebCore::PublicKeyCredential::response const): Deleted.
        * Modules/webauthn/PublicKeyCredential.h:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * testing/Internals.cpp:
        (WebCore::Internals::Internals):
        (WebCore::Internals::mockCredentialsMessenger const):
        * testing/Internals.h:
        * testing/Internals.idl:
        * testing/MockCredentialsMessenger.cpp: Added.
        (WebCore::MockCredentialsMessenger::MockCredentialsMessenger):
        (WebCore::MockCredentialsMessenger::~MockCredentialsMessenger):
        (WebCore::MockCredentialsMessenger::setAttestationObject):
        (WebCore::MockCredentialsMessenger::setAssertionReturnBundle):
        (WebCore::MockCredentialsMessenger::makeCredential):
        (WebCore::MockCredentialsMessenger::getAssertion):
        (WebCore::MockCredentialsMessenger::makeCredentialReply):
        (WebCore::MockCredentialsMessenger::getAssertionReply):
        * testing/MockCredentialsMessenger.h: Copied from Source/WebCore/Modules/webauthn/AuthenticatorResponse.h.
        * testing/MockCredentialsMessenger.idl: Copied from Source/WebCore/Modules/webauthn/AuthenticatorResponse.h.

2018-02-15  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderInline/RenderGrid::addChild() to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182819
        <rdar://problem/37558187>

        Reviewed by Antti Koivisto.

        No change in functionality.

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::addChild): Deleted.
        * rendering/RenderGrid.h:
        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::addChild): Deleted.
        * rendering/RenderInline.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::insertChild):
        (WebCore::RenderTreeBuilder::takeChild): Deleted.
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderRuby.cpp:
        (WebCore::RenderTreeBuilder::Ruby::findOrCreateParentForChild):
        * rendering/updating/RenderTreeBuilderSVG.cpp:
        (WebCore::RenderTreeBuilder::SVG::insertChild):

2018-02-15  Antoine Quint  <graouts@apple.com>

        [Modern Media Controls] REGRESSION: Inline media controls are not disabled while in fullscreen on iOS
        https://bugs.webkit.org/show_bug.cgi?id=182830
        <rdar://problem/37537909>

        Reviewed by Eric Carlson.

        The test media/modern-media-controls/media-controller/ios/media-controller-stop-updates-in-fullscreen.html
        regressed when fixing webkit.org/b/182668 since we now started only caring about the presence of the "controls"
        attribute to identify that WebKit media controls should be available.

        We now have a dedicated _shouldControlsBeAvailable() method which more clearly establishes the conditions under
        which controls should be available and correctly disables them while in fullscreen on iOS, regardless of the
        "controls" attribute value.

        * Modules/modern-media-controls/media/media-controller.js:
        (MediaController.prototype._shouldControlsBeAvailable):
        (MediaController.prototype._updateControlsAvailability):

2018-02-15  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r228495.

        This caused mulitple perf tests to fail consistently.

        Reverted changeset:

        "Resource Load Statistics: Make sure
        WebResourceLoadStatisticsStore::mergeWithDataFromDecoder() can
        ingest older plist versions and not reset the database"
        https://bugs.webkit.org/show_bug.cgi?id=182812
        https://trac.webkit.org/changeset/228495

2018-02-15  Zan Dobersek  <zdobersek@igalia.com>

        Clean up HarfBuzzFaceCairo
        https://bugs.webkit.org/show_bug.cgi?id=182824

        Reviewed by Carlos Garcia Campos.

        Clean up Cairo-specific bits of HarfBuzzFace implementation.

        HarfBuzzFontData is simplified, removing the constructor and turning the
        cairo_scaled_font_t member into a RefPtr<>, tying the Cairo object's
        lifetime to the lifetime of the HarfBuzzFontData instance.

        HarfBuzz font callbacks have the HarfBuzzFontData casting cleaned up,
        casting the user data pointer straight into a HarfBuzzFontData reference
        that's then used in the functions. HarfBuzzFontData member access is
        also adjusted.

        HarfBuzzFace::createFace() now references the cairo_scaled_font_t object
        that is then set as the user data pointer, with the destroy callback
        that dereferences that object also specified. With hb_face_t being a
        reference-counted object itself, this ensures the cairo_scaled_font_t
        object doesn't get destroyed while hb_face_t is still alive.

        In HarfBuzzFace::createFont(), the hb_font_t creation is cleaned up,
        with a C++ lambda used as the destroy callback.

        * platform/graphics/harfbuzz/HarfBuzzFaceCairo.cpp:
        (WebCore::harfBuzzGetGlyph):
        (WebCore::harfBuzzGetGlyphHorizontalAdvance):
        (WebCore::harfBuzzGetGlyphExtents):
        (WebCore::harfBuzzCairoGetTable):
        (WebCore::HarfBuzzFace::createFace):
        (WebCore::HarfBuzzFace::createFont):
        (WebCore::HarfBuzzFontData::HarfBuzzFontData): Deleted.
        (WebCore::destroyHarfBuzzFontData): Deleted.

2018-02-15  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] WebVTT caps changed in GStreamer 1.14
        https://bugs.webkit.org/show_bug.cgi?id=182690

        Reviewed by Xabier Rodriguez-Calvar.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin): Use
        text/vtt caps only for GStreamer versions inferior or equal to
        1.12. In 1.13 (current git master) the VTT caps format changed to
        application/x-subtitle-vtt.

2018-02-15  Zan Dobersek  <zdobersek@igalia.com>

        HarfBuzzFace should not be ref-counted
        https://bugs.webkit.org/show_bug.cgi?id=182823

        Reviewed by Carlos Garcia Campos.

        The HarfBuzzFace objects shouldn't be copied along in FontPlatformData
        copy assignment operator, which made it a requirement for that class to
        be ref-counted. Cairo-based HarfBuzzFace implementation uses the
        cairo_scaled_font_t object from FontPlatformData internally, but upon
        FontPlatformData cloning that scaled font object could change, meaning
        HarfBuzzFace object that's shared with another FontPlatformData object
        would end up using a different cairo_scaled_font_t object from the one
        that's been regenerated in the newly-cloned FontPlatformData object.

        Instead of ref-counting the HarfBuzzFace objects, they should be handled
        in FontPlatformData through std::unique_ptr<>. In the FontPlatformData
        copy assignment operator, the copy target's m_harfBuzzFace object is
        nulled out, allowing the next harfBuzzFace() call to construct an
        object that properly leverages the cairo_scaled_font_t object that could
        have changed during cloning.

        * platform/graphics/FontPlatformData.h:
        * platform/graphics/freetype/FontPlatformDataFreeType.cpp:
        (WebCore::FontPlatformData::operator=):
        (WebCore::FontPlatformData::harfBuzzFace const):
        * platform/graphics/harfbuzz/HarfBuzzFace.h:
        (WebCore::HarfBuzzFace::create): Deleted.

2018-02-14  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderMathMLFenced::addChild() to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182817
        <rdar://problem/37556761>

        Reviewed by Antti Koivisto.

        No change in functionality.

        * rendering/mathml/RenderMathMLFenced.cpp:
        (WebCore::RenderMathMLFenced::addChild): Deleted.
        * rendering/mathml/RenderMathMLFenced.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::insertChild):
        (WebCore::RenderTreeBuilder::insertChildToRenderMathMLFenced): Deleted.
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderMathML.cpp:
        (WebCore::RenderTreeBuilder::MathML::insertChild):

2018-02-14  Antti Koivisto  <antti@apple.com>

        Do sibling invalidation on mutation
        https://bugs.webkit.org/show_bug.cgi?id=182809

        Reviewed by Zalan Bujtas.

        We used to invalidate siblings for sibling combinators and nth-pseudo classes during style resolution tree walk.
        This would consider any element with invalid style a reason to invalidate siblings too. However we now do
        accurate invalidation on class and attribute changes and this approach ends up invalidating too much.

        This patch sibling style invalidation to mutation time and removes invalidation code from style resolution tree walk.

        * dom/Element.cpp:
        (WebCore::invalidateSiblingsIfNeeded):

            Helper to invalidate siblings.

        (WebCore::Element::invalidateStyle):
        (WebCore::Element::invalidateStyleAndLayerComposition):
        (WebCore::Element::invalidateStyleForSubtree):
        (WebCore::Element::invalidateStyleAndRenderersForSubtree):

            Invalidate siblings if needed based on affectsNextSibling/affectedByPreviousSibling bits.

        (WebCore::Element::invalidateStyleInternal):
        (WebCore::Element::invalidateStyleForSubtreeInternal):

            Add "internal" versions that don't invalidate siblings. These are used by StyleInvalidator for accurate invalidation.

        * dom/Element.h:
        * style/StyleInvalidator.cpp:
        (WebCore::Style::Invalidator::invalidateIfNeeded):
        (WebCore::Style::Invalidator::invalidateStyle):

            Use internal invalidation functions.

        * style/StyleTreeResolver.cpp:
        (WebCore::Style::resetStyleForNonRenderedDescendants):
        (WebCore::Style::TreeResolver::resolveComposedTree):

            Remove sibling invalidation.

        * style/StyleTreeResolver.h:

2018-02-14  John Wilander  <wilander@apple.com>

        Resource Load Statistics: Make sure WebResourceLoadStatisticsStore::mergeWithDataFromDecoder() can ingest older plist versions and not reset the database
        https://bugs.webkit.org/show_bug.cgi?id=182812
        <rdar://problem/37511406>

        Reviewed by Brent Fulgham.

        No new tests. Tested manually between versions of Safari.

        * loader/ResourceLoadStatistics.cpp:
        (WebCore::ResourceLoadStatistics::decode):
            Now only expects these fields for model version 11 or higher:
            - topFrameUniqueRedirectsTo
            - topFrameUniqueRedirectsFrom
            - subresourceUniqueRedirectsFrom
            - timesAccessedAsFirstPartyDueToUserInteraction
            - timesAccessedAsFirstPartyDueToStorageAccessAPI
        * loader/ResourceLoadStatistics.h:

2018-02-14  Basuke Suzuki  <Basuke.Suzuki@sony.com>

        [WinCairo] Fix several build warnings under WebCore/platform
        https://bugs.webkit.org/show_bug.cgi?id=182802

        Reviewed by Konstantin Tokarev.

        Warning C4101 'fileModificationDate': unreferenced local variable
                Source\WebCore\platform\network\curl\CurlCacheEntry.cpp:279

        Warning C4239 nonstandard extension used: 'argument': conversion from 'WTF::String'
        to 'WTF::String &'
                Source\WebCore\platform\text\win\LocaleWin.cpp:75
                Source\WebCore\platform\text\win\LocaleWin.cpp:77

        Warning C4838 conversion from 'UINT' to 'CLIPFORMAT' requires a narrowing conversion
                Source\WebCore\platform\win\ClipboardUtilitiesWin.cpp:170
                Source\WebCore\platform\win\ClipboardUtilitiesWin.cpp:325
                Source\WebCore\platform\win\ClipboardUtilitiesWin.cpp:332
                Source\WebCore\platform\win\ClipboardUtilitiesWin.cpp:351
                Source\WebCore\platform\win\ClipboardUtilitiesWin.cpp:358
                Source\WebCore\platform\win\ClipboardUtilitiesWin.cpp:366
                Source\WebCore\platform\win\ClipboardUtilitiesWin.cpp:373
                Source\WebCore\platform\win\ClipboardUtilitiesWin.cpp:380
                Source\WebCore\platform\win\ClipboardUtilitiesWin.cpp:387

        * platform/network/curl/CurlCacheEntry.cpp:
        (WebCore::CurlCacheEntry::parseResponseHeaders):
        * platform/text/win/LocaleWin.cpp:
        (WebCore::LCIDFromLocaleInternal):
        * platform/win/ClipboardUtilitiesWin.cpp:
        (WebCore::registerClipboardFormat):
        (WebCore::texthtmlFormat):
        (WebCore::urlWFormat):
        (WebCore::urlFormat):
        (WebCore::filenameWFormat):
        (WebCore::filenameFormat):
        (WebCore::htmlFormat):
        (WebCore::smartPasteFormat):
        (WebCore::fileDescriptorFormat):
        (WebCore::fileContentFormatZero):

2018-02-14  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderSVG*::addChild() to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182811
        <rdar://problem/37549714>

        Reviewed by Antti Koivisto.

        No change in functionality.

        * rendering/svg/RenderSVGContainer.cpp:
        (WebCore::RenderSVGContainer::addChild): Deleted.
        * rendering/svg/RenderSVGContainer.h:
        * rendering/svg/RenderSVGInline.cpp:
        (WebCore::RenderSVGInline::addChild): Deleted.
        * rendering/svg/RenderSVGInline.h:
        * rendering/svg/RenderSVGRoot.cpp:
        (WebCore::RenderSVGRoot::addChild): Deleted.
        * rendering/svg/RenderSVGRoot.h:
        * rendering/svg/RenderSVGText.cpp:
        (WebCore::RenderSVGText::addChild): Deleted.
        * rendering/svg/RenderSVGText.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::insertChild):
        (WebCore::RenderTreeBuilder::insertChildToSVGContainer): Deleted.
        (WebCore::RenderTreeBuilder::insertChildToSVGInline): Deleted.
        (WebCore::RenderTreeBuilder::insertChildToSVGRoot): Deleted.
        (WebCore::RenderTreeBuilder::insertChildToSVGText): Deleted.
        * rendering/updating/RenderTreeBuilder.h:

2018-02-14  Daniel Bates  <dabates@apple.com>

        Disallow cross-origin subresources from asking for credentials
        https://bugs.webkit.org/show_bug.cgi?id=182579
        <rdar://problem/36162271>

        Reviewed by Andy Estes.

        Prompts for credentials to load cross-origin subresources are typically seen as unexpected
        by a person that navigates to- or interacts with- a web page. The cross-origin and implicit
        loading nature of these subresources makes asking for credentials questionable because they
        are not being served by the same origin of the page a person explicitly loaded and are not
        guaranteed to correspond to an explicit user interaction other than the initial load of the
        page. We know that subresources that ask for credentials can be abused as part of a phishing
        attack. It seems reasonable to disallow cross-origin subresources from asking for credentials
        due to their questionable nature and the risk for abuse. This will also make the behavior
        of WebKit match the behavior of Chrome.

        Tests: http/tests/media/video-auth-with-allowCrossOriginSubresourcesToAskForCredentials.html
               http/tests/security/basic-auth-subresource.html
               http/tests/security/mixedContent/insecure-basic-auth-image-allowCrossOriginSubresourcesToAskForCredentials.https.html
               http/tests/security/mixedContent/insecure-image-redirects-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.html
               http/tests/security/mixedContent/secure-redirect-to-insecure-redirect-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.https.html
               http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image-allowCrossOriginSubresourcesToAskForCredentials.https.html
               http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.https.html

        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::isSubresourceLoader const): Formerly non-const.
        (WebCore::ResourceLoader::shouldAllowResourceToAskForCredentials const): Added.
        (WebCore::ResourceLoader::didBlockAuthenticationChallenge): Emit Web Inspector console message if
        the authentication challenge was blocked because the request is cross origin.
        (WebCore::ResourceLoader::isAllowedToAskUserForCredentials const): Disallow a cross-origin
        request from prompting for credentials.
        (WebCore::ResourceLoader::isSubresourceLoader): Deleted; made const.
        * loader/ResourceLoader.h:
        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::SubresourceLoader): Update ResourceLoader state so that block cross-origin
        subresources from prompting for credentials, if applicable.
        (WebCore::SubresourceLoader::isSubresourceLoader const): Formerly non-const.
        (WebCore::SubresourceLoader::isSubresourceLoader): Deleted; made const.
        * loader/SubresourceLoader.h:
        * page/Settings.yaml: Add setting allowCrossOriginSubresourcesToAskForCredentials (defaults: false -
        do not allow cross origin subresources to ask for credentials).

2018-02-14  Don Olmstead  <don.olmstead@sony.com>

        WebCore headers should not include config.h or PlatformExportMacros.h
        https://bugs.webkit.org/show_bug.cgi?id=182799

        Reviewed by Darin Adler.

        No new tests. No change in behavior.

        * Modules/speech/SpeechSynthesis.h:
        * bindings/js/JSDOMGlobalObject.h:
        * contentextensions/ContentExtensionError.h:
        * contentextensions/DFA.h:
        * dom/ContextDestructionObserver.h:
        * dom/DeviceOrientationClient.h:
        * dom/DeviceOrientationData.h:
        * editing/cocoa/HTMLConverter.h:
        * loader/FrameLoaderStateMachine.h:
        * loader/cache/CachedResourceHandle.h:
        * page/FrameDestructionObserver.h:
        * page/RuntimeEnabledFeatures.h:
        * platform/URL.h:
        * platform/audio/AudioHardwareListener.h:
        * platform/audio/AudioSession.h:
        * platform/graphics/Color.h:
        * platform/graphics/IntSize.h:
        * platform/graphics/transforms/AffineTransform.h:
        * platform/graphics/win/LocalWindowsContext.h:
        * platform/network/CacheValidation.h:
        * platform/network/CredentialBase.h:
        * platform/network/ResourceHandleClient.h:
        * platform/network/cf/CertificateInfo.h:

2018-02-12  Ryosuke Niwa  <rniwa@webkit.org>

        REGRESSION (r223440): Copying & pasting a list from Microsoft Word to TinyMCE fails
        https://bugs.webkit.org/show_bug.cgi?id=182564

        Reviewed by Wenson Hsieh.

        Unfortunately, r228352 was inadaquate to fix copying & pasting of a list item from Microsoft Word into TinyMCE
        in older verions of TinyMCE. This patch amends the approach taken by r228352 to make it work across the board
        as well as unbreak GMail.

        Turns out older versions of TinyMCE can't handle list items when computed styles are added as inline style
        declarations by WebKit. To make this work, avoid adding any computed styles as inline styles within mso-list
        conditionals as well as any p elements whose style attribute contains "mso-list" property. We would instead
        preserve these styles by keeping Microsoft Word's CSS style rules in addition to special @list rules.

        In addition, not keeping the style element of Microsoft Word in a head element as done in r228352 causes some
        versions of TinyMCE to treat it as regular text, and inserting a bunch of @list rules as user visible text.
        To work around this problem, we serialize the style rules as a comment (<!-- ~ -->) within a head element.

        Furthermore, when Microsoft Word is in the compatibility mode, it does not generate xmlns:o as the first xmlns
        declaration. Generalized the code to detect Microsoft Word's HTML declaration by looking for xmlns:o and xmlns:w
        xmls declarations. 

        Finally, it turns out that Gmail has its own handling of list items copy & pasted from Microsoft Word, and also
        needs this quirks but in the pasted HTML, not the one exposed in getData. As such, this patch also enables the
        MSO list quirks in the pasted content as well as the one exposed in getData.

        Tests: PasteHTML.PreservesMSOList
               PasteHTML.PreservesMSOListInCompatibilityMode
               PasteHTML.StripsMSOListWhenMissingMSOHTMLElement
               PasteWebArchive.PreservesMSOList
               PasteWebArchive.PreservesMSOListInCompatibilityMode
               PasteWebArchive.StripsMSOListWhenMissingMSOHTMLElement

        * editing/HTMLInterchange.h:
        * editing/ReplaceSelectionCommand.cpp:
        (WebCore::removeHeadContents): Don't remove the special style element needed for the MSO list quirks since we
        don't keep the computed style as inline styles in this case.
        * editing/cocoa/WebContentReaderCocoa.mm:
        (WebCore::WebContentReader::readWebArchive): Enable the quirks in the pasted content as well as opposed to
        just in DataTransfer API exposed to the JavaScript.
        (WebCore::WebContentReader::readHTML): Ditto.
        * editing/markup.cpp:
        (WebCore::shouldPreserveMSOLists): Added. Generalized the logic to detect a Microsoft Word document.
        more xmlns declarations.
        (WebCore::StyledMarkupAccumulator::shouldPreserveMSOListStyleForElement): Added.
        (WebCore::StyledMarkupAccumulator::appendElement): Don't generate the second style element here for elements
        with most-list properties. Instead, avoid overriding inline styles with computed styles altogether.
        (WebCore::StyledMarkupAccumulator::appendNodeToPreserveMSOList): Include the style rules as well as list rules
        and wrap the "style" element in a "head" element to make it compatible with older versions of TinyMCE.

2018-02-14  Dean Jackson  <dino@apple.com>

        CrashTracer: com.apple.WebKit.WebContent at com.apple.WebCore: WebCore::HTMLPlugInImageElement::didAddUserAgentShadowRoot + 618
        https://bugs.webkit.org/show_bug.cgi?id=182798
        <rdar://problem/23337253>

        Reviewed by Eric Carlson.

        Speculative fix for a crash in HTMLPlugInImageElement::didAddUserAgentShadowRoot.
        The guess is that the m_swapRendererTimer is set, and the display state changes to
        something that does not require a shadow root, but before the timer fires.
        Fix this by ensuring that the timer is reset on every display state change.

        * html/HTMLPlugInElement.cpp:
        (WebCore::HTMLPlugInElement::setDisplayState): Guard for sets that wouldn't
        actually change value, and make sure we always reset the timer.

2018-02-14  Antoine Quint  <graouts@apple.com>

        [Modern Media Controls] Don't use arrays as values for localisable strings
        https://bugs.webkit.org/show_bug.cgi?id=182791
        <rdar://problem/36007262>

        Reviewed by Dean Jackson.

        Localization tools expect localizable strings to be specified as key-value pairs where both the key and the pair
        are plain strings. For the skip buttons, we used an array value to specify a replacement string. We now perform
        this task in code with a centralized SkipSeconds constant defining the skip amount.

        * English.lproj/modern-media-controls-localized-strings.js:
        * Modules/modern-media-controls/controls/icon-service.js:
        * Modules/modern-media-controls/main.js:
        (UIString):
        * Modules/modern-media-controls/media/skip-back-support.js:
        (SkipBackSupport.prototype.buttonWasPressed):
        * Modules/modern-media-controls/media/skip-forward-support.js:
        (SkipForwardSupport.prototype.buttonWasPressed):

2018-02-14  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r228444.

        Introduced API and Layout test failures.

        Reverted changeset:

        "[WebAuthN] Revisit the whole async model of task dispatching,
        timeout and aborting"
        https://bugs.webkit.org/show_bug.cgi?id=181946
        https://trac.webkit.org/changeset/228444

2018-02-14  Brent Fulgham  <bfulgham@apple.com>

        Confirm proper thread in UserGestureIndicator constructor
        https://bugs.webkit.org/show_bug.cgi?id=175980

        Reviewed by Daniel Bates.

        Document is a main-thread object. If we enter the UserGestureIndicator constructor
        on a non-main thread, we should ASSERT, not return silently.

        * dom/UserGestureIndicator.cpp:
        (WebCore::UserGestureIndicator::UserGestureIndicator):

2018-02-14  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Remove redundant RenderTreeBuilder methods
        https://bugs.webkit.org/show_bug.cgi?id=182770
        <rdar://problem/37525627>

        Reviewed by Daniel Bates.

        No change in functionality.

        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::dropAnonymousBoxChild): Deleted.
        (WebCore::RenderTreeBuilder::moveRubyChildren): Deleted.
        (WebCore::RenderTreeBuilder::resolveMovedChildForMultiColumnFlow): Deleted.
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderBlockFlow.cpp:
        (WebCore::RenderTreeBuilder::BlockFlow::insertChild):
        * rendering/updating/RenderTreeBuilderInline.cpp:
        (WebCore::RenderTreeBuilder::Inline::insertChild):
        * rendering/updating/RenderTreeBuilderRuby.cpp:
        (WebCore::RenderTreeBuilder::Ruby::takeChild):

2018-02-14  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderElement::takeChild() to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182762
        <rdar://problem/37523756>

        Reviewed by Daniel Bates.

        This patch removes the remaining takeChild() related mutation logic from the renderers.

        No change in functionality.

        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::moveChildTo):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::takeChild): Deleted.
        (WebCore::RenderElement::takeChildInternal): Deleted.
        * rendering/RenderElement.h:
        * rendering/RenderObject.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::takeChild):
        (WebCore::RenderTreeBuilder::childFlowStateChangesAndAffectsParentBlock):
        (WebCore::RenderTreeBuilder::takeChildFromRenderElement):
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderBlock.cpp:
        (WebCore::RenderTreeBuilder::Block::removeLeftoverAnonymousBlock):
        (WebCore::RenderTreeBuilder::Block::takeChild):
        (WebCore::RenderTreeBuilder::Block::dropAnonymousBoxChild):
        * rendering/updating/RenderTreeBuilderInline.cpp:
        (WebCore::RenderTreeBuilder::Inline::splitFlow):
        (WebCore::RenderTreeBuilder::Inline::splitInlines):
        (WebCore::RenderTreeBuilder::Inline::childBecameNonInline):
        * rendering/updating/RenderTreeBuilderRuby.cpp:
        (WebCore::RenderTreeBuilder::Ruby::takeChild):
        * rendering/updating/RenderTreeBuilderSVG.cpp:
        (WebCore::RenderTreeBuilder::SVG::takeChild): Leftover from the previous patch.

2018-02-13  Antti Koivisto  <antti@apple.com>

        REGRESSION(r228313): Membuster | macOS | All Devices | 1.5 MB
        https://bugs.webkit.org/show_bug.cgi?id=182744
        <rdar://problem/37463770>

        Reviewed by Zalan Bujtas.

        We need to respect low memory notifications explicitly now that the compiled selectors are not part of RuleData.

        * css/StyleRule.cpp:
        (WebCore::StyleRule::StyleRule):
        * css/StyleRule.h:

        Switch to std::unique_ptr<[]> from Vector to avoid unnecessary bloat.

        * css/StyleSheetContents.cpp:
        (WebCore::traverseRulesInVector):
        (WebCore::StyleSheetContents::traverseRules const):

        Add a rule traversal function, similar to the existing traverseSubresources.

        (WebCore::StyleSheetContents::traverseSubresources const):

        Use traverseRules to implement traverseSubresources.

        (WebCore::traverseSubresourcesInRules): Deleted.
        * css/StyleSheetContents.h:
        * page/MemoryRelease.cpp:
        (WebCore::releaseCriticalMemory):
        * style/StyleScope.cpp:
        (WebCore::Style::Scope::releaseMemory):

        Release memory for compiled selectors on memory notification.

        * style/StyleScope.h:

2018-02-13  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r228431.
        https://bugs.webkit.org/show_bug.cgi?id=182766

        Regressed CMake build stability (Requested by dolmstead on
        #webkit).

        Reverted changeset:

        "[CMake] Make WebCore headers copies"
        https://bugs.webkit.org/show_bug.cgi?id=182512
        https://trac.webkit.org/changeset/228431

2018-02-13  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r228437, r228439, and r228440.
        https://bugs.webkit.org/show_bug.cgi?id=182756

        Introduced LayoutTest failures (Requested by ryanhadd_ on
        #webkit).

        Reverted changesets:

        "[Web Animations] Make KeyframeEffect target nullable and
        read-write"
        https://bugs.webkit.org/show_bug.cgi?id=182741
        https://trac.webkit.org/changeset/228437

        "Unreviewed attempt to fix build after r228437."
        https://trac.webkit.org/changeset/228439

        "[Web Animations] Make KeyframeEffect target nullable and
        read-write"
        https://bugs.webkit.org/show_bug.cgi?id=182741
        https://trac.webkit.org/changeset/228440

2018-02-13  Antoine Quint  <graouts@apple.com>

        Removing the controls attribute from a <video> element does not tear down the controls shadow DOM nor cancel event listeners.
        https://bugs.webkit.org/show_bug.cgi?id=182668
        <rdar://problem/33793004>

        Reviewed by Jer Noble.

        When controls were turned off for inline media players, we would remove all media controls elements from the shadow root,
        but we would nevertheless continue to listen to media events and, as a result, update properties of the media controls
        which would lead to requestAnimationFrame() calls that would update the detached DOM nodes.

        We now only listent to media events if controls are turned on.

        * Modules/modern-media-controls/media/controls-visibility-support.js:
        (ControlsVisibilitySupport.prototype.enable): Remove the mutation observer from ControlsVisibilitySupport since observing
        changes to the controls attribute is now performed directly in MediaController. We need to make sure that we update the
        controls however since fadesWhileIdle is turned off in the disable() call to ensure that the auto-hide behavior is disabled
        as well.
        (ControlsVisibilitySupport.prototype.disable): Disable the auto-hide controller as well.
        (ControlsVisibilitySupport.prototype._updateControls): Remove code that has now been moved into MediaController._updateControlsAvailability().
        * Modules/modern-media-controls/media/media-controller.js:
        (MediaController): Listen to the "play" event on the media so that we call _updateControlsAvailability() in this situation to account for
        shouldForceControlsDisplay on MediaControlsHost. We also register for a mutation observer to track when the controls attribute availability
        changes in which case we want to call _updateControlsAvailability() as well.
        (MediaController.prototype.handleEvent): Call _updateControlsAvailability() instead of _updateiOSFullscreenProperties() which has been renamed
        and expanded.
        (MediaController.prototype._updateControlsIfNeeded): Call _updateControlsAvailability() after controls have been updated.
        (MediaController.prototype._updateControlsAvailability): We now disable supporting media controller objects when we know that controls should
        be hidden in all cases except when in fullscreen on macOS.
        (MediaController.prototype._updateiOSFullscreenProperties): Deleted.
        * Modules/modern-media-controls/media/placard-support.js:
        (PlacardSupport.prototype.disable): Only allow the media events required to track when to show placards when in fullscreen since inline media
        players need to show the AirPlay and picture-in-picture placards even when controls are disabled.

2018-02-13  Jiewen Tan  <jiewen_tan@apple.com>

        [WebAuthN] Revisit the whole async model of task dispatching, timeout and aborting
        https://bugs.webkit.org/show_bug.cgi?id=181946
        <rdar://problem/37258262>

        Reviewed by Chris Dumez.

        This patch changes the original async model from a work queue to IPC between WebProcess
        and UIProcess. Since all authenticator operations must be handled in the UIProcess due
        to sandboxing, this message passing IPC async model then surpasses the original multi
        threading model. To cooperate that, a CredentialsMessenger class is then created and
        all task dispatching code is moved thre.

        As an improvement over existing code, static functions from PublicKeyCredential are
        moved to AuthenticatorManager. AuthenticatorManager is made as a singleton such that
        when static functions are called, they could reach the CredentialsMessenger to interact
        with UIProccess. CredentialsMessenger and AuthenticatorManager are separated so later
        on when other Credential types are created, they can reuse the same IPC messenger.

        What's more, a mock CredentialsMessenger is then created to mock behaviors of UIProcess
        for testing purpose.

        Covered by existing tests.

        * DerivedSources.make:
        * Modules/credentialmanagement/BasicCredential.h:
        * Modules/credentialmanagement/CredentialsContainer.cpp:
        (WebCore::CredentialsContainer::CredentialsContainer):
        (WebCore::CredentialsContainer::doesHaveSameOriginAsItsAncestors):
        (WebCore::CredentialsContainer::get):
        (WebCore::CredentialsContainer::isCreate):
        (WebCore::CredentialsContainer::PendingPromise::PendingPromise): Deleted.
        (WebCore::CredentialsContainer::dispatchTask): Deleted.
        * Modules/credentialmanagement/CredentialsContainer.h:
        (WebCore::CredentialsContainer::PendingPromise::create): Deleted.
        * Modules/credentialmanagement/CredentialsMessenger.cpp: Added.
        (WebCore::CredentialsMessenger::exceptionReply):
        (WebCore::CredentialsMessenger::addCreationCompletionHandler):
        (WebCore::CredentialsMessenger::takeCreationCompletionHandler):
        (WebCore::CredentialsMessenger::addRequestCompletionHandler):
        (WebCore::CredentialsMessenger::takeRequestCompletionHandler):
        (WebCore::CredentialsMessenger::addQueryCompletionHandler):
        (WebCore::CredentialsMessenger::takeQueryCompletionHandler):
        (WebCore::getIdFromAttestationObject):
        * Modules/credentialmanagement/CredentialsMessenger.h: Added.
        (WebCore::CreationReturnBundle::CreationReturnBundle):
        (WebCore::AssertionReturnBundle::AssertionReturnBundle):
        (WebCore::CredentialsMessenger::weakPtrFactory const):
        * Modules/webauthn/Authenticator.cpp: Removed.
        * Modules/webauthn/Authenticator.h: Removed.
        * Modules/webauthn/AuthenticatorManager.cpp: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.cpp.
        (WebCore::AuthenticatorManagerInternal::produceClientDataJson):
        (WebCore::AuthenticatorManagerInternal::produceClientDataJsonHash):
        (WebCore::AuthenticatorManagerInternal::initTimer):
        (WebCore::AuthenticatorManagerInternal::didTimerFire):
        (WebCore::AuthenticatorManager::singleton):
        (WebCore::AuthenticatorManager::setMessenger):
        (WebCore::AuthenticatorManager::create const):
        (WebCore::AuthenticatorManager::discoverFromExternalSource const):
        * Modules/webauthn/AuthenticatorManager.h: Copied from Source/WebCore/Modules/webauthn/AuthenticatorResponse.h.
        * Modules/webauthn/AuthenticatorResponse.h:
        * Modules/webauthn/PublicKeyCredential.cpp:
        (WebCore::PublicKeyCredentialInternal::produceClientDataJson): Deleted.
        (WebCore::PublicKeyCredentialInternal::produceClientDataJsonHash): Deleted.
        (WebCore::PublicKeyCredentialInternal::getIdFromAttestationObject): Deleted.
        (WebCore::PublicKeyCredential::collectFromCredentialStore): Deleted.
        (WebCore::PublicKeyCredential::discoverFromExternalSource): Deleted.
        (WebCore::PublicKeyCredential::store): Deleted.
        (WebCore::PublicKeyCredential::create): Deleted.
        (WebCore::PublicKeyCredential::rawId const): Deleted.
        (WebCore::PublicKeyCredential::response const): Deleted.
        * Modules/webauthn/PublicKeyCredential.h:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * testing/Internals.cpp:
        (WebCore::Internals::Internals):
        (WebCore::Internals::mockCredentialsMessenger const):
        * testing/Internals.h:
        * testing/Internals.idl:
        * testing/MockCredentialsMessenger.cpp: Added.
        (WebCore::MockCredentialsMessenger::setAttestationObject):
        (WebCore::MockCredentialsMessenger::setAssertionReturnBundle):
        (WebCore::MockCredentialsMessenger::makeCredential):
        (WebCore::MockCredentialsMessenger::getAssertion):
        (WebCore::MockCredentialsMessenger::makeCredentialReply):
        (WebCore::MockCredentialsMessenger::getAssertionReply):
        * testing/MockCredentialsMessenger.h: Copied from Source/WebCore/Modules/webauthn/AuthenticatorResponse.h.
        * testing/MockCredentialsMessenger.idl: Copied from Source/WebCore/Modules/webauthn/AuthenticatorResponse.h.

2018-02-13  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderBlock::takeChild() to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182746
        <rdar://problem/37512871>

        Reviewed by Antti Koivisto.

        No change in functionality.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::takeChild): Deleted.
        * rendering/RenderBlock.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::takeChild):
        (WebCore::RenderTreeBuilder::takeChildFromRenderMenuList):
        (WebCore::RenderTreeBuilder::takeChildFromRenderButton):
        (WebCore::RenderTreeBuilder::takeChildFromRenderGrid):
        (WebCore::RenderTreeBuilder::takeChildFromRenderBlock): Deleted.
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderBlock.cpp:
        (WebCore::RenderTreeBuilder::Block::takeChild):

2018-02-13  Antoine Quint  <graouts@apple.com>

        [Web Animations] Make KeyframeEffect target nullable and read-write
        https://bugs.webkit.org/show_bug.cgi?id=182741

        Additional unreviewed attempt to fix build after r228437.

        * dom/Element.h:

2018-02-13  Chris Dumez  <cdumez@apple.com>

        Unreviewed attempt to fix build after r228437.

        * dom/Element.h:

2018-02-13  Antoine Quint  <graouts@apple.com>

        [Web Animations] Make KeyframeEffect target nullable and read-write
        https://bugs.webkit.org/show_bug.cgi?id=182741

        Reviewed by Dean Jackson.

        We used to completely disregard null targets, for instance not parsing keyframes, but targets
        can be null and are also supposed to be read-write for KeyframeEffect. We now update the IDL
        for KeyframeEffect to mark the target property as read-write and update the implementation
        to correctly handle null targets by creating a StyleResolver based on the ScriptExecutionContext's
        document's document element (the <html> element in practice) and not the target itself, since it
        can be null.

        This revealed a few issues in our implementation by allowing more WPT tests to run. So we also
        ensure that:
        
        - we don't crash when parsing font-related properties by calling update() on the generated
        RenderStyle's FontCascade when parsing keyframes.

        - CSS properties are provided as camel-case and not as hyphenated form

        - values provided in keyframes dictionaries are only read for valid properties

        - styles for effect targets are invalidated as soon as the timing model for that animation
        is changed

        We also rename AnimationTimeline::animationTimingModelDidChange() to AnimationTimeline::timingModelDidChange()
        since the previous name didn't add useful information and we're adding a new WebAnimation::timingModelDidChange()
        method, so having the two methods have a similar name made more sense.

        * animation/Animatable.idl: Call animate() with a ScriptExecutionContext rather than a ScriptState
        so that the ScriptExecutionContext can be passed to the KeyframeEffectReadOnly constructor.
        * animation/AnimationEffectReadOnly.h: Add a new invalidate() method, designed to be subclassed, that
        is called when the timing model for this effect or owning animation has changed.
        * animation/AnimationTimeline.cpp: Rename animationTimingModelDidChange() to timingModelDidChange().
        (WebCore::AnimationTimeline::addAnimation):
        (WebCore::AnimationTimeline::removeAnimation):
        (WebCore::AnimationTimeline::setCurrentTime):
        * animation/AnimationTimeline.h: Rename animationTimingModelDidChange() to timingModelDidChange().
        (WebCore::AnimationTimeline::timingModelDidChange):
        (WebCore::AnimationTimeline::animationTimingModelDidChange): Deleted.
        * animation/DocumentTimeline.cpp: Rename animationTimingModelDidChange() to timingModelDidChange().
        (WebCore::DocumentTimeline::timingModelDidChange):
        (WebCore::DocumentTimeline::updateAnimations):
        (WebCore::DocumentTimeline::animationTimingModelDidChange): Deleted.
        * animation/DocumentTimeline.h: Rename animationTimingModelDidChange() to timingModelDidChange().
        * animation/KeyframeEffect.cpp: Expect a ScriptExecutionContext rather than a ScriptState.
        (WebCore::KeyframeEffect::create):
        (WebCore::KeyframeEffect::setKeyframes):
        * animation/KeyframeEffect.h: Expect a ScriptExecutionContext rather than a ScriptState.
        * animation/KeyframeEffect.idl: Expect a ScriptExecutionContext rather than a ScriptState and make the
        target property read-write.
        * animation/KeyframeEffectReadOnly.cpp:
        (WebCore::IDLAttributeNameToAnimationPropertyName): Move this function below CSSPropertyIDToIDLAttributeName
        so that it can call that function. We also check that we reject CSS properties that are not provided in
        camel-case form (eg. "font-size" vs. "fontSize").
        (WebCore::processIterableKeyframes): Only read the JS values if we know that the provided JS property name
        maps to a valid CSS property.
        (WebCore::KeyframeEffectReadOnly::create): Expect a ScriptExecutionContext rather than a ScriptState.
        (WebCore::KeyframeEffectReadOnly::processKeyframes): Expect a ScriptExecutionContext rather than a ScriptState
        and use the context's document to get an HTML element to create a StyleResolver. We also call update() on the
        generated RenderStyle's FontCascade since otherwise we would hit an ASSERT in FontCascade when parsing font-related
        CSS properties.
        (WebCore::KeyframeEffectReadOnly::setTarget): Notify the animation that the effect target has changed and invalidate
        the style of the new target and the old targets, if any.
        (WebCore::KeyframeEffectReadOnly::invalidate): Invalidate the target's style. This method is called by setTarget()
        and WebAnimation::timingModelDidChange().
        * animation/KeyframeEffectReadOnly.h: Expect a ScriptExecutionContext rather than a ScriptState.
        * animation/KeyframeEffectReadOnly.idl: Expect a ScriptExecutionContext rather than a ScriptState.
        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::timingModelDidChange): We add this new method such that any place in WebAnimation where we
        know the animation's timing model has changed we can invalidate the associated effect, if any, as well as notify
        the timeline, if any. We used to only notify the timeline and, as a result, only invalidate the associated effect
        in the next display monitor refresh. 
        (WebCore::WebAnimation::effectTargetDidChange): This method is called in KeyframeEffectReadOnly::setTarget() to inform
        the animation of the previous effect target and the new one upon a target change. This allows us to forward this information
        onto the timeline so that we correctly add or remove the targets from the list of animated elements.
        (WebCore::WebAnimation::setStartTime):
        * animation/WebAnimation.h: Expose the new effectTargetDidChange() and timingModelDidChange() methods.
        * dom/Element.cpp: Expect a ScriptExecutionContext rather than a ScriptState.
        (WebCore::Element::animate):
        * dom/Element.h: Expect a ScriptExecutionContext rather than a ScriptState.

2018-02-13  Antti Koivisto  <antti@apple.com>

        Crash when breakpoint hit in unload handler
        https://bugs.webkit.org/show_bug.cgi?id=169855
        <rdar://problem/28683567>

        Reviewed by Daniel Bates.

        Test: inspector/debugger/reload-paused.html

        CachedRawResource::updateBuffer may generate unload event in client notify callback. If Inspector was
        paused, this even would spawn a nested runloop. CachedRawResource::finishLoading would get called in
        the nested loop, confusing the DocumentLoader state machine and resulting in crashes later.

        * loader/cache/CachedRawResource.cpp:
        (WebCore::CachedRawResource::updateBuffer):

        - Set a bit when entering the client callback.
        - Ensure we don't re-enter updateBuffer.
        - If finishLoading got delayed during client callback, do it at the end.

        (WebCore::CachedRawResource::finishLoading):

        If we are in updateBuffer client callback, save the buffer and bail out.

        * loader/cache/CachedRawResource.h:

2018-02-13  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderBlockFlow::takeChild() to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182739
        <rdar://problem/37506542>

        Reviewed by Antti Koivisto.

        No change in functionality.

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::takeChild): Deleted.
        * rendering/RenderBlockFlow.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::takeChild):
        (WebCore::RenderTreeBuilder::multiColumnRelativeWillBeRemoved): Deleted.
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderBlock.cpp:
        (WebCore::RenderTreeBuilder::Block::takeChild):
        * rendering/updating/RenderTreeBuilderBlock.h:

2018-02-13  Don Olmstead  <don.olmstead@sony.com>

        [CMake] Make WebCore headers copies
        https://bugs.webkit.org/show_bug.cgi?id=182512

        Reviewed by Keith Miller.

        No new tests. No change in behavior.

        * CMakeLists.txt:
        * PlatformAppleWin.cmake:
        * PlatformGTK.cmake:
        * PlatformMac.cmake:
        * PlatformWPE.cmake:
        * PlatformWin.cmake:
        * PlatformWinCairo.cmake:
        * platform/Cairo.cmake:
        * platform/Curl.cmake:
        * platform/FreeType.cmake:
        * platform/GStreamer.cmake:
        * platform/ImageDecoders.cmake:
        * platform/TextureMapper.cmake:
        * platform/graphics/win/LocalWindowsContext.h:

2018-02-13  Chris Dumez  <cdumez@apple.com>

        REGRESSION (r228299): Broke reader mode in Safari
        https://bugs.webkit.org/show_bug.cgi?id=182697
        <rdar://problem/37399012>

        Reviewed by Ryosuke Niwa.

        Rework the fix for r228299 to be more targeted. I moved the policy check
        cencelation from FrameLoader::stopLoading() to NavigationScheduler::schedule()
        when a pending load is cancelled by another load. I have verified that the
        sites fixed by r228299 still work with this more limited change. However,
        reader mode is now working again.

        The issue seems to be that we tell CFNetwork to continue with the load after
        receiving the response, even if the client has not responded to the
        decidePolicyForNavigationResponse delegate yet. As a result, CFNetwork sends
        us the resource data and we may commit the provisional load before receiving
        the policy response from the client. When the provisional load is committed,
        we call FrameLoader::stopLoading() which after r228299 cancelled pending
        policy checks. Because we did not wait for the policy check response to
        commit the load, we would cancel it which would make the load fail.

        The real fix here would be to make not tell CFNetwork to continue until after
        we've received the policy delegate response. However, this is a larger and
        riskier change at this point. I will follow-up on this issue.

        Covered by new API test.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::stopLoading):
        * loader/NavigationScheduler.cpp:
        (WebCore::NavigationScheduler::schedule):

2018-02-13  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderSVG*::takeChild() to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182736
        <rdar://problem/37503107>

        Reviewed by Antti Koivisto.

        No change in functionality.

        * rendering/svg/RenderSVGContainer.cpp:
        (WebCore::RenderSVGContainer::takeChild): Deleted.
        * rendering/svg/RenderSVGContainer.h:
        * rendering/svg/RenderSVGInline.cpp:
        (WebCore::RenderSVGInline::takeChild): Deleted.
        * rendering/svg/RenderSVGInline.h:
        * rendering/svg/RenderSVGRoot.cpp:
        (WebCore::RenderSVGRoot::takeChild): Deleted.
        * rendering/svg/RenderSVGRoot.h:
        * rendering/svg/RenderSVGText.cpp:
        (WebCore::RenderSVGText::takeChild): Deleted.
        * rendering/svg/RenderSVGText.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::takeChild):
        * rendering/updating/RenderTreeBuilderSVG.cpp:
        (WebCore::RenderTreeBuilder::SVG::takeChild):
        * rendering/updating/RenderTreeBuilderSVG.h:

2018-02-13  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderGrid::takeChild() to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182734
        <rdar://problem/37500876>

        Reviewed by Antti Koivisto.

        No change in functionality.

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::takeChild): Deleted.
        * rendering/RenderGrid.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::takeChildFromRenderGrid):
        * rendering/updating/RenderTreeBuilder.h:

2018-02-13  Nan Wang  <n_wang@apple.com>

        AX: Remove AccessibleNode class
        https://bugs.webkit.org/show_bug.cgi?id=182724
        <rdar://problem/37486024>

        Reviewed by Chris Fleizach.

        Removed all the AccessibleNode related code since AOM has
        an alternate direction now. 

        No new tests. Made sure existing tests don't break.

        * CMakeLists.txt:
        * DerivedSources.make:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::findModalNodes):
        (WebCore::nodeHasRole):
        (WebCore::AXObjectCache::handleLiveRegionCreated):
        (WebCore::AXObjectCache::handleMenuItemSelected):
        (WebCore::AXObjectCache::handleModalChange):
        (WebCore::isNodeAriaVisible):
        * accessibility/AccessibilityARIAGrid.cpp:
        (WebCore::AccessibilityARIAGrid::isMultiSelectable const):
        * accessibility/AccessibilityARIAGridCell.cpp:
        (WebCore::AccessibilityARIAGridCell::readOnlyValue const):
        * accessibility/AccessibilityAllInOne.cpp:
        * accessibility/AccessibilityImageMapLink.cpp:
        (WebCore::AccessibilityImageMapLink::roleValue const):
        (WebCore::AccessibilityImageMapLink::accessibilityDescription const):
        * accessibility/AccessibilityListBoxOption.cpp:
        (WebCore::AccessibilityListBoxOption::isEnabled const):
        (WebCore::AccessibilityListBoxOption::stringValue const):
        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::AccessibilityNodeObject::isEnabled const):
        (WebCore::AccessibilityNodeObject::isPressed const):
        (WebCore::AccessibilityNodeObject::isChecked const):
        (WebCore::AccessibilityNodeObject::isMultiSelectable const):
        (WebCore::AccessibilityNodeObject::isRequired const):
        (WebCore::AccessibilityNodeObject::headingLevel const):
        (WebCore::AccessibilityNodeObject::valueDescription const):
        (WebCore::AccessibilityNodeObject::valueForRange const):
        (WebCore::AccessibilityNodeObject::maxValueForRange const):
        (WebCore::AccessibilityNodeObject::minValueForRange const):
        (WebCore::AccessibilityNodeObject::ariaAccessibilityDescription const):
        (WebCore::siblingWithAriaRole):
        (WebCore::AccessibilityNodeObject::textForLabelElement const):
        (WebCore::AccessibilityNodeObject::alternativeText const):
        (WebCore::AccessibilityNodeObject::alternativeTextForWebArea const):
        (WebCore::AccessibilityNodeObject::hierarchicalLevel const):
        (WebCore::shouldUseAccessibilityObjectInnerText):
        (WebCore::AccessibilityNodeObject::stringValue const):
        (WebCore::accessibleNameForNode):
        (WebCore::AccessibilityNodeObject::determineAriaRoleAttribute const):
        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::readOnlyValue const):
        (WebCore::AccessibilityObject::supportsAutoComplete const):
        (WebCore::AccessibilityObject::autoCompleteValue const):
        (WebCore::AccessibilityObject::ariaIsMultiline const):
        (WebCore::AccessibilityObject::invalidStatus const):
        (WebCore::AccessibilityObject::supportsCurrent const):
        (WebCore::AccessibilityObject::currentState const):
        (WebCore::AccessibilityObject::roleDescription const):
        (WebCore::AccessibilityObject::keyShortcutsValue const):
        (WebCore::AccessibilityObject::placeholderValue const):
        (WebCore::AccessibilityObject::supportsARIAAttributes const):
        (WebCore::AccessibilityObject::sortDirection const):
        (WebCore::AccessibilityObject::supportsHasPopup const):
        (WebCore::AccessibilityObject::hasPopupValue const):
        (WebCore::AccessibilityObject::supportsSetSize const):
        (WebCore::AccessibilityObject::supportsPosInSet const):
        (WebCore::AccessibilityObject::setSize const):
        (WebCore::AccessibilityObject::posInSet const):
        (WebCore::AccessibilityObject::supportsPressed const):
        (WebCore::AccessibilityObject::supportsExpanded const):
        (WebCore::AccessibilityObject::isExpanded const):
        (WebCore::AccessibilityObject::checkboxOrRadioValue const):
        (WebCore::AccessibilityObject::pressedIsPresent const):
        (WebCore::AccessibilityObject::isAXHidden const):
        (WebCore::AccessibilityObject::ariaActiveDescendantReferencingElements const):
        (WebCore::AccessibilityObject::ariaDetailsElements const):
        (WebCore::AccessibilityObject::ariaDetailsReferencingElements const):
        (WebCore::AccessibilityObject::ariaErrorMessageElements const):
        (WebCore::AccessibilityObject::ariaErrorMessageReferencingElements const):
        (WebCore::AccessibilityObject::setIsIgnoredFromParentDataForChild):
        (WebCore::AccessibilityObject::hasProperty const): Deleted.
        (WebCore::AccessibilityObject::stringValueForProperty const): Deleted.
        (WebCore::AccessibilityObject::boolValueForProperty const): Deleted.
        (WebCore::AccessibilityObject::intValueForProperty const): Deleted.
        (WebCore::AccessibilityObject::unsignedValueForProperty const): Deleted.
        (WebCore::AccessibilityObject::doubleValueForProperty const): Deleted.
        (WebCore::AccessibilityObject::elementValueForProperty const): Deleted.
        (WebCore::AccessibilityObject::elementsFromProperty const): Deleted.
        (WebCore::AccessibilityObject::elementsReferencedByProperty const): Deleted.
        * accessibility/AccessibilityObject.h:
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::stringValue const):
        (WebCore::AccessibilityRenderObject::exposesTitleUIElement const):
        (WebCore::AccessibilityRenderObject::defaultObjectInclusion const):
        (WebCore::AccessibilityRenderObject::isSelected const):
        (WebCore::AccessibilityRenderObject::activeDescendant const):
        (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
        (WebCore::AccessibilityRenderObject::orientation const):
        (WebCore::AccessibilityRenderObject::canSetExpandedAttribute const):
        (WebCore::AccessibilityRenderObject::liveRegionStatus const):
        (WebCore::AccessibilityRenderObject::liveRegionRelevant const):
        (WebCore::AccessibilityRenderObject::liveRegionAtomic const):
        (WebCore::AccessibilityRenderObject::isBusy const):
        * accessibility/AccessibilityTable.cpp:
        (WebCore::AccessibilityTable::isDataTable const):
        (WebCore::AccessibilityTable::axColumnCount const):
        (WebCore::AccessibilityTable::axRowCount const):
        * accessibility/AccessibilityTableCell.cpp:
        (WebCore::AccessibilityTableCell::axColumnIndex const):
        (WebCore::AccessibilityTableCell::axRowIndex const):
        (WebCore::AccessibilityTableCell::axColumnSpan const):
        (WebCore::AccessibilityTableCell::axRowSpan const):
        * accessibility/AccessibilityTableRow.cpp:
        (WebCore::AccessibilityTableRow::axColumnIndex const):
        (WebCore::AccessibilityTableRow::axRowIndex const):
        * accessibility/AccessibleNode.cpp: Removed.
        * accessibility/AccessibleNode.h: Removed.
        * accessibility/AccessibleNode.idl: Removed.
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):
        * bindings/js/WebCoreBuiltinNames.h:
        * dom/Element.cpp:
        (WebCore::Element::canContainRangeEndPoint const):
        (WebCore::Element::accessibleNode): Deleted.
        (WebCore::Element::existingAccessibleNode const): Deleted.
        * dom/Element.h:
        * dom/Element.idl:
        * dom/ElementRareData.cpp:
        * dom/ElementRareData.h:
        (WebCore::ElementRareData::accessibleNode const): Deleted.
        (WebCore::ElementRareData::setAccessibleNode): Deleted.
        * editing/TextIterator.cpp:
        (WebCore::isRendererReplacedElement):
        * rendering/RenderMenuList.cpp:
        (RenderMenuList::itemAccessibilityText const):

2018-02-13  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderButton::takeChild() to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182732
        <rdar://problem/37500564>

        Reviewed by Antti Koivisto.

        No change of functionality.

        * rendering/RenderButton.cpp:
        (WebCore::RenderButton::setInnerRenderer):
        (WebCore::RenderButton::takeChild): Deleted.
        * rendering/RenderButton.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::takeChildFromRenderButton):
        * rendering/updating/RenderTreeBuilder.h:

2018-02-13  Alicia Boya García  <aboya@igalia.com>

        [Gstreamer][MSE] Add string representation for GStreamerMediaSample
        https://bugs.webkit.org/show_bug.cgi?id=180262

        Reviewed by Xabier Rodriguez-Calvar.

        * platform/graphics/gstreamer/mse/GStreamerMediaSample.cpp:
        (WebCore::GStreamerMediaSample::offsetTimestampsBy):
        * platform/graphics/gstreamer/mse/GStreamerMediaSample.h:

2018-02-12  Chris Fleizach  <cfleizach@apple.com>

        AX: defer focusedUIElement notifications
        https://bugs.webkit.org/show_bug.cgi?id=182643
        <rdar://problem/37394310>

        Reviewed by Zalan Bujtas.

        Deferring focus changes for accessibility has a number of benefits.
            1) Reduces the chance of calling into layout during layout.
            2) Coalesces multiple focus notifications that would be needlessly sent.
            3) Improves performance by not calling out to the accessibility notification machinery during layout.

        In this patch, I also started making more AXObjectCache calls private. This will reduce the chance that clients
        will call into AXObjectCache during unexpected times.

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::deferFocusedUIElementChangeIfNeeded):
        (WebCore::conditionallyAddNodeToFilterList):
        (WebCore::filterVectorPairForRemoval):
        (WebCore::filterMapForRemoval):
        (WebCore::filterListForRemoval):
        (WebCore::AXObjectCache::prepareForDocumentDestruction):
        (WebCore::AXObjectCache::performDeferredCacheUpdate):
        * accessibility/AXObjectCache.h:
        * dom/Document.cpp:
        (WebCore::Document::setFocusedElement):

2018-02-12  John Wilander  <wilander@apple.com>

        Resource Load Statistics: Classify resources as prevalent based on redirects to other prevalent resources
        https://bugs.webkit.org/show_bug.cgi?id=182664
        <rdar://problem/37372572>

        Reviewed by Brent Fulgham.

        Tests: http/tests/resourceLoadStatistics/classify-as-prevalent-based-on-subresource-redirect-collusion.html
               http/tests/resourceLoadStatistics/classify-as-prevalent-based-on-top-frame-redirect-collusion.html
               http/tests/resourceLoadStatistics/classify-as-prevalent-based-on-top-frame-unique-redirects-to.html

        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::logFrameNavigation):
            We now collect statistics on top frame navigational redirects too, both to and from.
        (WebCore::ResourceLoadObserver::logSubresourceLoading):
            We now collect statistics on redirects from in addition to the existing redirects to.
        * loader/ResourceLoadStatistics.cpp:
        (WebCore::ResourceLoadStatistics::encode const):
        (WebCore::ResourceLoadStatistics::decode):
        (WebCore::ResourceLoadStatistics::toString const):
        (WebCore::ResourceLoadStatistics::merge):
        * loader/ResourceLoadStatistics.h:
            Three new fields:
            - topFrameUniqueRedirectsTo
            - topFrameUniqueRedirectsFrom
            - subresourceUniqueRedirectsFrom

2018-02-12  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderMenuList::takeChild() to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182715
        <rdar://problem/37477050>

        Reviewed by Antti Koivisto.

        No change in functionality.

        * rendering/RenderMenuList.cpp:
        (RenderMenuList::takeChild): Deleted.
        * rendering/RenderMenuList.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::takeChild):
        (WebCore::RenderTreeBuilder::takeChildFromRenderMenuList):
        * rendering/updating/RenderTreeBuilder.h:

2018-02-12  Ross Kirsling  <ross.kirsling@sony.com>

        Unify UserAgent into WebCore/platform.
        https://bugs.webkit.org/show_bug.cgi?id=182716

        Reviewed by Michael Catanzaro.

        No change in functionality.

        * SourcesCocoa.txt:
        * SourcesIOS.txt:
        * SourcesMac.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * page/cocoa/UserAgent.h: Removed.
        * platform/UserAgent.h:
        * platform/cocoa/UserAgentCocoa.mm: Renamed from Source/WebCore/page/cocoa/UserAgent.mm.
        * platform/ios/UserAgentIOS.mm: Renamed from Source/WebCore/page/ios/UserAgentIOS.mm.
        * platform/mac/UserAgentMac.mm: Renamed from Source/WebCore/page/mac/UserAgentMac.mm.

2018-02-12  Antoine Quint  <graouts@apple.com>

        [Web Animations] Support the copy constructors for KeyframeEffectReadOnly and KeyframeEffect
        https://bugs.webkit.org/show_bug.cgi?id=182712

        Reviewed by Dean Jackson.

        We now support the variants for the KeyframeEffectReadOnly and KeyframeEffect constructors where
        another KeyframeEffectReadOnly is provided as a source. All timing, keyframe and target properties
        of that source are copied on the newly-constructed KeyframeEffect.

        To support copying properties, we add new copyPropertiesFromSource() methods to
        AnimationEffectTimingReadOnly and KeyframeEffectReadOnly to encapsulate copying various
        member variables in the relevant classes. Copying properties of the backing KeyframeList
        is performed in KeyframeEffectReadOnly::copyPropertiesFromSource() via public KeyframeList
        methods.

        * animation/AnimationEffectTimingReadOnly.cpp:
        (WebCore::AnimationEffectTimingReadOnly::copyPropertiesFromSource):
        * animation/AnimationEffectTimingReadOnly.h:
        * animation/KeyframeEffect.cpp:
        (WebCore::KeyframeEffect::create):
        * animation/KeyframeEffect.h:
        * animation/KeyframeEffect.idl:
        * animation/KeyframeEffectOptions.idl:
        * animation/KeyframeEffectReadOnly.cpp:
        (WebCore::KeyframeEffectReadOnly::create):
        (WebCore::KeyframeEffectReadOnly::copyPropertiesFromSource):
        * animation/KeyframeEffectReadOnly.h:
        * animation/KeyframeEffectReadOnly.idl:

2018-02-12  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Introduce RenderTreebuilder::takeChild
        https://bugs.webkit.org/show_bug.cgi?id=182707
        <rdar://problem/37473433>

        Reviewed by Antti Koivisto.

        All takeChild calls should go through RenderTreeBuilder::takeChild from now on.
        This patch also moves the Ruby related takeChild calls to RenderTreeBuilder.

        No change in functionality.

        * rendering/RenderButton.cpp:
        (WebCore::RenderButton::takeChild):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::removeAndDestroyChild):
        * rendering/RenderFullScreen.cpp:
        (WebCore::RenderFullScreen::wrapExistingRenderer):
        (WebCore::RenderFullScreen::unwrapRenderer):
        * rendering/RenderMenuList.cpp:
        (RenderMenuList::takeChild):
        * rendering/RenderRuby.cpp:
        (WebCore::RenderRubyAsInline::takeChild): Deleted.
        (WebCore::RenderRubyAsBlock::takeChild): Deleted.
        * rendering/RenderRuby.h:
        * rendering/RenderRubyRun.cpp:
        (WebCore::RenderRubyRun::takeChild): Deleted.
        * rendering/RenderRubyRun.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::takeChild):
        (WebCore::RenderTreeBuilder::takeChildFromRenderRubyAsInline): Deleted.
        (WebCore::RenderTreeBuilder::takeChildFromRenderRubyAsBlock): Deleted.
        (WebCore::RenderTreeBuilder::takeChildFromRenderRubyRun): Deleted.
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderFirstLetter.cpp:
        (WebCore::RenderTreeBuilder::FirstLetter::updateStyle):
        * rendering/updating/RenderTreeBuilderList.cpp:
        (WebCore::RenderTreeBuilder::List::updateItemMarker):
        * rendering/updating/RenderTreeBuilderMultiColumn.cpp:
        (WebCore::RenderTreeBuilder::MultiColumn::createFragmentedFlow):
        (WebCore::RenderTreeBuilder::MultiColumn::destroyFragmentedFlow):
        (WebCore::RenderTreeBuilder::MultiColumn::processPossibleSpannerDescendant):
        * rendering/updating/RenderTreeBuilderRuby.cpp:
        (WebCore::RenderTreeBuilder::Ruby::takeChild):
        * rendering/updating/RenderTreeBuilderTable.cpp:
        (WebCore::RenderTreeBuilder::Table::collapseAndDestroyAnonymousSiblingRows):

2018-02-12  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderBlock::dropAnonymousBoxChild to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182704
        <rdar://problem/37469469>

        Reviewed by Antti Koivisto.

        All the callsites are now in RenderTreeBuilder.

        No change in functionality.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::dropAnonymousBoxChild): Deleted.
        * rendering/RenderBlock.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::removeAnonymousWrappersForInlineChildrenIfNeeded):
        (WebCore::RenderTreeBuilder::dropAnonymousBoxChild):
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderBlock.cpp:
        (WebCore::RenderTreeBuilder::Block::takeChild):
        (WebCore::RenderTreeBuilder::Block::dropAnonymousBoxChild):
        * rendering/updating/RenderTreeBuilderBlock.h:

2018-02-12  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r228376.

        This caused accessibility/mac/selection-notification-focus-
        change.html to become flaky on macOS.

        Reverted changeset:

        "AX: defer focusedUIElement notifications"
        https://bugs.webkit.org/show_bug.cgi?id=182643
        https://trac.webkit.org/changeset/228376

2018-02-12  Ryan Haddad  <ryanhaddad@apple.com>

        [iOS] media tests failing ASSERT_NOT_REACHED() in WebCore::VideoFullscreenInterfaceAVKit::cleanupFullscreen()
        https://bugs.webkit.org/show_bug.cgi?id=182527

        Reviewed by Alexey Proskuryakov.

        Temporarily remove an assertion from VideoFullscreenInterfaceAVKit to stop tests from crashing on iOS
        while the root cause is being investigated.

        * platform/ios/VideoFullscreenInterfaceAVKit.mm:
        (VideoFullscreenInterfaceAVKit::exitFullscreenHandler):

2018-02-12  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Remove redundant RenderTreeBuilder instance
        https://bugs.webkit.org/show_bug.cgi?id=182700
        <rdar://problem/37463958>

        Reviewed by Antti Koivisto.

        * rendering/RenderView.cpp:
        (WebCore::RenderView::willBeDestroyed):

2018-02-12  Chris Fleizach  <cfleizach@apple.com>

        AX: defer focusedUIElement notifications
        https://bugs.webkit.org/show_bug.cgi?id=182643
        <rdar://problem/37394310>

        Reviewed by Zalan Bujtas.

        Deferring focus changes for accessibility has a number of benefits.
            1) Reduces the chance of calling into layout during layout.
            2) Coalesces multiple focus notifications that would be needlessly sent.
            3) Improves performance by not calling out to the accessibility notification machinery during layout.

        In this patch, I also started making more AXObjectCache calls private. This will reduce the chance that clients
        will call into AXObjectCache during unexpected times.

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::deferFocusedUIElementChangeIfNeeded):
        (WebCore::conditionallyAddNodeToFilterList):
        (WebCore::filterVectorPairForRemoval):
        (WebCore::filterMapForRemoval):
        (WebCore::filterListForRemoval):
        (WebCore::AXObjectCache::prepareForDocumentDestruction):
        (WebCore::AXObjectCache::performDeferredCacheUpdate):
        * accessibility/AXObjectCache.h:
        * dom/Document.cpp:
        (WebCore::Document::setFocusedElement):

2018-02-11  Gustavo Noronha Silva  <gustavo.noronha@collabora.co.uk>

        [GTK] Scrolling sometimes jumps around
        https://bugs.webkit.org/show_bug.cgi?id=178519

        Reviewed by Michael Catanzaro.

        * platform/gtk/ScrollAnimatorGtk.cpp:
        (WebCore::ScrollAnimatorGtk::computeVelocity): use -1 as the multiplier for the accumulated deltas,
        since all we need is to make them negative. Multiplying by -1000 leads to very high velocities being
        returned, causing the viewport to scroll to the end of the page.

2018-02-10  Wenson Hsieh  <wenson_hsieh@apple.com>

        Remove an unused static variable in DeprecatedGlobalSettings.h
        https://bugs.webkit.org/show_bug.cgi?id=182672

        Reviewed by Joseph Pecoraro.

        After r227282, this flag is no longer used anywhere. No change in behavior.

        * page/DeprecatedGlobalSettings.h:

2018-02-10  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderBlock::takeChild mutation to a RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182662
        <rdar://problem/37408571>

        Reviewed by Simon Fraser.

        No change in functionality.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::takeChild):
        (WebCore::canDropAnonymousBlock): Deleted.
        (WebCore::canMergeContiguousAnonymousBlocks): Deleted.
        * rendering/RenderBlock.h:
        (WebCore::RenderBlock::moveAllChildrenIncludingFloatsTo):
        * rendering/RenderBlockFlow.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::takenChildFromRenderBlock):
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderBlock.cpp:
        (WebCore::canDropAnonymousBlock):
        (WebCore::canMergeContiguousAnonymousBlocks):
        (WebCore::RenderTreeBuilder::Block::takeChild):
        * rendering/updating/RenderTreeBuilderBlock.h:

2018-02-08  Ryosuke Niwa  <rniwa@webkit.org>

        REGRESSION (r223440): Copying & pasting a list from Microsoft Word to TinyMCE fails
        https://bugs.webkit.org/show_bug.cgi?id=182564

        Reviewed by Wenson Hsieh.

        Turns out that Microsoft Word generates p and span elements with special styles instead of standard
        ul and ol elements when copying a list items, and TinyMCE has a specialized code path to process
        this proprietary format of Microsoft Word. The regression was caused by WebKit's sanitization code
        stripping away these non-standard CSS rules and inline styles.

        To preseve pre-r223440 behavior in TinyMCE, we preserve the following in a HTML markup:

        1. The "html" element at the beginning with xmlns content attributes
        2. @list rules in a style element starting with "/* List Definitions */" comment
        3. inline style content attribute with "mso-list" property
        4. comments conditional sections with "[if !supportLists]" and "[endif]"

        (1) is needed for TinyMCE to trigger the specialized code path for Microsoft Word. (2) contains
        the information about the structure of list items. (3) is needed to associate each p element with
        a rule in (2). (4) is needed to strip away the content generated as list markers (e.g. dots).

        We enable this "MSO list quirks" when the content comes from a non-WebKit client or a WebKit client
        that doesn't enable custom pasteboard data (detected by the content origin being null), and the HTML
        markup starts with a specific sequence of characters generated by Microsoft Word.

        Test: http/tests/security/clipboard/copy-paste-html-across-origin-strips-mso-list.html
              PasteHTML.PreservesMSOList
              PasteHTML.StripsMSOListWhenMissingMSOHTMLElement
              PasteWebArchive.PreservesMSOList
              PasteWebArchive.StripsMSOListWhenMissingMSOHTMLElement

        * editing/MarkupAccumulator.cpp:
        (WebCore::MarkupAccumulator::appendTextSubstring): Added.
        * editing/MarkupAccumulator.h:
        * editing/WebContentReader.cpp:
        (WebCore::FrameWebContentReader::msoListQuirksForMarkup const): Added. Enables the MSO list quirks
        if the content origin is null. The content origin specifies the pasteboard content's origin if it's
        copied in WebKit with custom pasteboard data types enabled. In all other applications, it would be
        set to null.
        * editing/WebContentReader.h:
        * editing/cocoa/WebContentReaderCocoa.mm:
        (WebCore::markupForFragmentInDocument): Moved to markup.cpp as sanitizedMarkupForFragmentInDocument.
        (WebCore::sanitizeMarkupWithArchive):
        (WebCore::WebContentReader::readWebArchive): Always disables MSO list quirks since this code path is
        only used by WebKit's native code to paste content.
        (WebCore::WebContentMarkupReader::readWebArchive): Calls msoListQuirksForMarkup since this is the code
        path used by DataTransfer.
        (WebCore::WebContentReader::readHTML): Always disables MSO list quirks since this code path is only
        used by WebKit's native code to paste content.
        (WebCore::WebContentMarkupReader::readHTML): Calls msoListQuirksForMarkup since this is the code path
        used by DataTransfer.
        * editing/markup.cpp:
        (WebCore::sanitizeMarkup): Use sanitizedMarkupForFragmentInDocument to share code.
        (WebCore::MSOListMode): Added. Set to Preserve if the sanitized markup is the one generated by
        Microsoft Word, and MSO list quirks should actually kick in. This is unlike MSOListQuirks, which is
        set to Enable whenever the content COULD be the one generated by Microsoft Word.
        (WebCore::StyledMarkupAccumulator): Added a special MSO list preservation mode enabled by MSOListMode.
        (WebCore::StyledMarkupAccumulator::StyledMarkupAccumulator):
        (WebCore::StyledMarkupAccumulator::appendElement): Preseve (3). Unfortunately, TinyMCE only recognizes
        mso-list and related properties only if they appear on their own. But we also need to preserve
        the inline style generated using the computed style since we would lose the inline styles of the text
        otherwise (e.g. red text and bold font). To workaround this, we generate two style content attributes,
        one containing computed styles and another one containing mso-list. Luckily, the HTML parsing algorithm
        dictates that the first attribute always wins when more than one attributes of the same name appears,
        so we place the computed style's style attribute first so that the pasted content in non-TinyMCE
        environment will continue to work.
        (WebCore::StyledMarkupAccumulator::traverseNodesForSerialization):
        (WebCore::StyledMarkupAccumulator::appendNodeToPreserveMSOList): Added. Generates special markup for
        the conditional statements and the special style element with @list rules.
        (WebCore::createMarkupInternal):
        (WebCore::createMarkup):
        (WebCore::sanitizedMarkupForFragmentInDocument): Moved from WebContentReaderCocoa.mm. If MSOListQuirks
        is set to Enable, and the markup starts with a specific sequence of characters, generate the markup
        with the newly added quirks code in StyledMarkupAccumulator, and wrap it in a special "html" element
        TinyMCE recognizes.
        * editing/markup.h:
        (WebCore::MSOListQuirks): Added. Set to CheckIfNeeded if the content COULD require MSO list quirks.

2018-02-09  Dean Jackson  <dino@apple.com>

        ImageBitmapRenderingContext should be Runtime guarded
        https://bugs.webkit.org/show_bug.cgi?id=182665
        <rdar://problem/37411410>

        Reviewed by Sam Weinig.

        Add a flag to ensure the ImageBitmapRenderingContext interface is only
        visible when the runtime feature is enabled.

        * bindings/js/WebCoreBuiltinNames.h:
        * html/canvas/ImageBitmapRenderingContext.idl:

2018-02-09  Don Olmstead  <don.olmstead@sony.com>

        [CMake] Make PAL headers copies
        https://bugs.webkit.org/show_bug.cgi?id=182645

        Reviewed by Alex Christensen.

        No new tests. No change in behavior.

        * CMakeLists.txt:

2018-02-09  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderRubyRun::takeChild mutation to a RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182655
        <rdar://problem/37406801>

        Reviewed by Simon Fraser.

        No change in functionality.

        * rendering/RenderRubyRun.cpp:
        (WebCore::RenderRubyRun::takeChild):
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::takeChildFromRenderRubyRun):
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderRuby.cpp:
        (WebCore::RenderTreeBuilder::Ruby::takeChild):
        * rendering/updating/RenderTreeBuilderRuby.h:

2018-02-09  Andy Estes  <aestes@apple.com>

        [Payment Request] Apple Pay sheet does not dismiss when calling complete() with result "unknown" or "fail"
        https://bugs.webkit.org/show_bug.cgi?id=182658
        <rdar://problem/37293917>

        Reviewed by Brady Eidson.

        When PaymentResponse::complete() is called with a result of "unknown" or "fail", we should
        treat this as a fatal error and dismiss the Apple Pay sheet. However, we were adding an
        error with code "unknown" to the authorization result, which PassKit interprets as a
        non-fatal error. Instead, we should not set any errors and just use a status code of
        PaymentAuthorizationStatus::Failure, which PassKit interprets as a fatal error, dismissing
        the sheet.

        No test possible.

        * Modules/applepay/paymentrequest/ApplePayPaymentHandler.cpp:
        (WebCore::ApplePayPaymentHandler::complete):

2018-02-09  Wenson Hsieh  <wenson_hsieh@apple.com>

        Pasting from Excel no longer provides text/html data
        https://bugs.webkit.org/show_bug.cgi?id=182636
        <rdar://problem/37087060>

        Reviewed by Ryosuke Niwa.

        After r222656, we treat images on the pasteboard as files. However, we also have an existing policy which hides
        text data ("text/uri-list", "text/html", "text/plain") from the page when files are present on the pasteboard.
        When copying a table, Microsoft Excel writes a rendering of the table to the pasteboard as an image. This means
        that we'll hide other data types (importantly, 'text/html') upon pasting, even though important clients (such as
        Google Docs and Confluence) depend on the 'text/html' data in order to correctly handle the paste (rather than
        paste as an image of a table).

        To fix this, we add an exception to the DataTransfer.getData codepath when the pasteboard contains files.
        Instead of always returning the empty string for text/html, we still allow pasteboard access, but only read
        from a limited set of rich text types, i.e. web archive, RTF(D), and HTML markup. Importantly, this prevents
        us from exposing any file paths that appear as plain text or URLs on the pasteboard. Just as in the regular
        codepath for getData(), if the pasteboard data comes from the same origin, we allow unsanitized access;
        otherwise, we use WebContentMarkupReader to extract markup from the pasteboard.

        Tests:  PasteMixedContent.ImageFileAndPlainText
                PasteMixedContent.ImageFileAndWebArchive
                PasteMixedContent.ImageFileAndHTML
                PasteMixedContent.ImageFileAndRTF
                PasteMixedContent.ImageFileAndURL
                PasteMixedContent.ImageFileWithHTMLAndURL
                DataInteractionTests.DataTransferGetDataWhenDroppingImageAndMarkup

        Also rebaselined some layout tests, which cover changes in behavior when dropping on macOS and pasting on iOS.

        * dom/DataTransfer.cpp:
        (WebCore::DataTransfer::getDataForItem const):

        Augment the codepath handling the case where the pasteboard contains files, such that we allow reading
        "text/html", but only from rich text types.

        (WebCore::DataTransfer::readStringFromPasteboard const):

        Factor out logic for reading from the pasteboard into a private helper. This is called in two places from
        getDataForItem: in the normal (existing) path, and in the case where we allow 'text/html' to be read despite
        files appearing in the pasteboard.

        One important difference here is that this helper now takes a WebContentReadingPolicy, whose purpose is to
        prevent reading from non-rich-text types when files appear in the pasteboard.

        Another tweak here is that we now use `lowercaseType` instead of the original (unadjusted) `type` when reading
        from the pasteboard. This doesn't seem to be intended in the first place.

        (WebCore::DataTransfer::types const):

        Tweak the implementation of DataTransfer.types() in the case where files exist on the pasteboard, such that we
        also add "text/html" if it is present in the list of DOM-safe types.

        * dom/DataTransfer.h:
        * platform/Pasteboard.h:

        Introduce WebContentReadingPolicy, which indicates whether or not we should limit web content reading from the
        pasteboard to only rich text types upon paste or drop. Normally, we allow all types to be read as web content
        (::AnyType), but when files appear on the pasteboard, we force OnlyRichTextTypes to ensure that no other types
        can unintentionally be read back as web content.

        * platform/StaticPasteboard.h:
        * platform/gtk/PasteboardGtk.cpp:
        (WebCore::Pasteboard::read):
        * platform/ios/PasteboardIOS.mm:

        Teach Pasteboard (on iOS) to respect WebContentReadingPolicy.

        (WebCore::isTypeAllowedByReadingPolicy):
        (WebCore::Pasteboard::read):
        (WebCore::Pasteboard::readRespectingUTIFidelities):
        * platform/mac/PasteboardMac.mm:

        Teach Pasteboard (on macOS) to respect WebContentReadingPolicy.

        (WebCore::Pasteboard::read):
        * platform/win/PasteboardWin.cpp:
        (WebCore::Pasteboard::read):
        * platform/wpe/PasteboardWPE.cpp:
        (WebCore::Pasteboard::read):

        Adjust non-Cocoa Pasteboard implementations for an interface change.

2018-02-09  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderRubyAsInline/AsBlock::takeChild mutation to a RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182651
        <rdar://problem/37405042>

        Reviewed by Antti Koivisto.

        No change in functionality.

        * rendering/RenderRuby.cpp:
        (WebCore::RenderRubyAsInline::takeChild):
        (WebCore::RenderRubyAsBlock::takeChild):
        (WebCore::isAnonymousRubyInlineBlock): Deleted.
        (WebCore::isRubyChildForNormalRemoval): Deleted.
        (WebCore::findRubyRunParent): Deleted.
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::takeChildFromRenderRubyAsInline):
        (WebCore::RenderTreeBuilder::takeChildFromRenderRubyAsBlock):
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderRuby.cpp:
        (WebCore::findRubyRunParent):
        (WebCore::RenderTreeBuilder::Ruby::takeChild):
        * rendering/updating/RenderTreeBuilderRuby.h:

2018-02-09  Per Arne Vollan  <pvollan@apple.com>

        Assert that NSApp is not running in the WebProcess.
        https://bugs.webkit.org/show_bug.cgi?id=182553

        Reviewed by Simon Fraser.

        In WebCore, there are a few places where NSApp is referenced. Since the WebContent process
        is no longer using the NSApplication run loop, and NSApp is no longer guaranteed to be
        valid, we should make sure that the NSApp is not referenced by the WebContent process or
        the Network process, by asserting that the NSApplication event loop is running when NSApp
        is referenced. It is still ok for the UIProcess to reference NSApp. Adding these assert
        will help catch NSApp references when the NSApplication run loop is not used.

        Also, do not post a fake mouse event in PasteBoard::setDragImage when the NSApplication
        run loop is not running, since this is only relevant in WK1.

        No new tests, covered by existing tests. 

        * page/mac/EventHandlerMac.mm:
        (WebCore::lastEventIsMouseUp):
        (WebCore::EventHandler::sendFakeEventsAfterWidgetTracking):
        * platform/mac/PasteboardMac.mm:
        (WebCore::Pasteboard::setDragImage):

2018-02-09  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Introduce RenderTreeBuilder to willBeDestoryed/removeFromParentAndDestroy
        https://bugs.webkit.org/show_bug.cgi?id=182635
        <rdar://problem/37377489>

        Reviewed by Antti Koivisto.

        This patch helps finding callsites where we don't have a RenderTreeBuilder instance.

        No change in functionality.

        * dom/Document.cpp:
        (WebCore::Document::setFullScreenRenderer):
        * dom/Document.h:
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::willBeDestroyed):
        (WebCore::RenderBlock::takeChild):
        * rendering/RenderBlock.h:
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::willBeDestroyed):
        * rendering/RenderBlockFlow.h:
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::willBeDestroyed):
        * rendering/RenderBox.h:
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::willBeDestroyed):
        (WebCore::RenderBoxModelObject::removeAndDestroyAllContinuations):
        * rendering/RenderBoxModelObject.h:
        * rendering/RenderButton.cpp:
        (WebCore::RenderButton::setText):
        * rendering/RenderCounter.cpp:
        (WebCore::RenderCounter::willBeDestroyed):
        * rendering/RenderCounter.h:
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::willBeDestroyed):
        * rendering/RenderElement.h:
        * rendering/RenderEmbeddedObject.cpp:
        (WebCore::RenderEmbeddedObject::willBeDestroyed):
        * rendering/RenderEmbeddedObject.h:
        * rendering/RenderFragmentedFlow.cpp:
        (WebCore::RenderFragmentedFlow::willBeDestroyed):
        * rendering/RenderFragmentedFlow.h:
        * rendering/RenderFullScreen.cpp:
        (WebCore::RenderFullScreen::willBeDestroyed):
        (WebCore::RenderFullScreen::wrapNewRenderer):
        (WebCore::RenderFullScreen::wrapExistingRenderer):
        (WebCore::RenderFullScreen::unwrapRenderer):
        * rendering/RenderFullScreen.h:
        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::willBeDestroyed):
        * rendering/RenderImage.h:
        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::willBeDestroyed):
        * rendering/RenderInline.h:
        * rendering/RenderLayerModelObject.cpp:
        (WebCore::RenderLayerModelObject::willBeDestroyed):
        * rendering/RenderLayerModelObject.h:
        * rendering/RenderListBox.cpp:
        (WebCore::RenderListBox::willBeDestroyed):
        * rendering/RenderListBox.h:
        * rendering/RenderListItem.cpp:
        (WebCore::RenderListItem::willBeDestroyed):
        * rendering/RenderListItem.h:
        * rendering/RenderListMarker.cpp:
        (WebCore::RenderListMarker::willBeDestroyed):
        * rendering/RenderListMarker.h:
        * rendering/RenderMenuList.cpp:
        (WebCore::RenderMenuList::willBeDestroyed):
        * rendering/RenderMenuList.h:
        * rendering/RenderMultiColumnFlow.cpp:
        (WebCore::RenderMultiColumnFlow::handleSpannerRemoval):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::removeFromParentAndDestroy):
        (WebCore::RenderObject::willBeDestroyed):
        (WebCore::RenderObject::destroy):
        * rendering/RenderObject.h:
        * rendering/RenderReplaced.cpp:
        (WebCore::RenderReplaced::willBeDestroyed):
        * rendering/RenderReplaced.h:
        * rendering/RenderRuby.cpp:
        (WebCore::RenderRubyAsInline::takeChild):
        (WebCore::RenderRubyAsBlock::takeChild):
        * rendering/RenderSearchField.cpp:
        (WebCore::RenderSearchField::willBeDestroyed):
        * rendering/RenderSearchField.h:
        * rendering/RenderSnapshottedPlugIn.cpp:
        (WebCore::RenderSnapshottedPlugIn::willBeDestroyed):
        * rendering/RenderSnapshottedPlugIn.h:
        * rendering/RenderText.cpp:
        (WebCore::RenderText::willBeDestroyed):
        * rendering/RenderText.h:
        * rendering/RenderTextControlMultiLine.cpp:
        (WebCore::RenderTextControlMultiLine::willBeDestroyed):
        * rendering/RenderTextControlMultiLine.h:
        * rendering/RenderTextFragment.cpp:
        (WebCore::RenderTextFragment::willBeDestroyed):
        (WebCore::RenderTextFragment::setText):
        * rendering/RenderTextFragment.h:
        * rendering/RenderVideo.cpp:
        (WebCore::RenderVideo::willBeDestroyed):
        * rendering/RenderVideo.h:
        * rendering/RenderView.cpp:
        (WebCore::RenderView::willBeDestroyed):
        * rendering/RenderView.h:
        * rendering/RenderWidget.cpp:
        (WebCore::RenderWidget::willBeDestroyed):
        * rendering/RenderWidget.h:
        * rendering/svg/RenderSVGBlock.cpp:
        (WebCore::RenderSVGBlock::willBeDestroyed):
        * rendering/svg/RenderSVGBlock.h:
        * rendering/svg/RenderSVGImage.cpp:
        (WebCore::RenderSVGImage::willBeDestroyed):
        * rendering/svg/RenderSVGImage.h:
        * rendering/svg/RenderSVGInline.cpp:
        (WebCore::RenderSVGInline::willBeDestroyed):
        * rendering/svg/RenderSVGInline.h:
        * rendering/svg/RenderSVGModelObject.cpp:
        (WebCore::RenderSVGModelObject::willBeDestroyed):
        * rendering/svg/RenderSVGModelObject.h:
        * rendering/svg/RenderSVGResourceContainer.cpp:
        (WebCore::RenderSVGResourceContainer::willBeDestroyed):
        * rendering/svg/RenderSVGResourceContainer.h:
        * rendering/svg/RenderSVGRoot.cpp:
        (WebCore::RenderSVGRoot::willBeDestroyed):
        * rendering/svg/RenderSVGRoot.h:
        * rendering/svg/RenderSVGText.cpp:
        (WebCore::RenderSVGText::willBeDestroyed):
        * rendering/svg/RenderSVGText.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::removeFromParentAndDestroyCleaningUpAnonymousWrappers):
        * rendering/updating/RenderTreeBuilderList.cpp:
        (WebCore::RenderTreeBuilder::List::updateItemMarker):
        * rendering/updating/RenderTreeBuilderMultiColumn.cpp:
        (WebCore::RenderTreeBuilder::MultiColumn::destroyFragmentedFlow):
        * rendering/updating/RenderTreeBuilderRuby.cpp:
        (WebCore::RenderTreeBuilder::Ruby::moveBlockChildren):

2018-02-09  Brent Fulgham  <bfulgham@apple.com>

        [macOS, iOS] Expose OS marketing version in UserAgent
        https://bugs.webkit.org/show_bug.cgi?id=182629
        <rdar://problem/37370975>

        Reviewed by Daniel Bates.

        Revert back to dynamically reading the operating system marketing version
        rather than using a hard-coded version.

        * page/cocoa/UserAgent.mm:
        (WebCore::systemMarketingVersionForUserAgentString):

2018-02-08  Antoine Quint  <graouts@apple.com>

        [Web Animations] Refactor AnimationEffect and KeyframeEffect into AnimationEffectReadOnly, KeyframeEffectReadOnly and KeyframeEffect
        https://bugs.webkit.org/show_bug.cgi?id=182608

        Reviewed by Dean Jackson.

        Currently, we have an AnimationEffect class with read-write members and a KeyframeEffect subclass with read-write
        members. The spec has an AnimationEffectReadOnly class, with read-only members, a KeyframeEffectReadOnly subclass,
        with read-only members, and then the KeyframeEffect subclass (of KeyframeEffectReadOnly) with read-write members.

        Likewise, currently we have an AnimationEffectTiming class with read-write members. While the spec has this class
        as well, it also specifies a read-only AnimationEffectTimingReadOnly superclass.

        In this patch we refactor the code to match the spec, which gives us a big boost in our WPT pass rate. The vast
        majority of the code is just copied from one class to another verbatim. The limited actual code changes, all related
        to the new subclassing, are:

        - AnimationEffectTimingReadOnly is not actually read-only as far as WebCore is concerned, it actually exposes setters
        for all of its properties, but the IDL for this class specifies all properties as read-only, so we match the spec. The
        reason for this is that it is necessary to be able to set members of an AnimationEffectTimingReadOnly object based on
        a Variant<double, KeyframeEffectOptions> provided to Element.animate() or the KeyframeEffectReadOnly and KeyframeEffect
        constructors, and the logic to handle properties in such dictionaries is the same as the logic required to set individual
        members in AnimationEffectTiming. So in essence, the sole role of AnimationTimingEffect is to provide an IDL interface
        with read-write members, but the parent class is itself read-write as far as WebCore is concerned.

        - AnimationEffectTimingReadOnly exposes a new setProperties() method which takes in a nullable Variant<double, KeyframeEffectOptions>
        so that code that was previously specific to KeyframeEffect can be factored into this method and both the constructors of
        KeyframeEffectReadOnly and KeyframeEffect can make use of it without code duplication.

        - The AnimationEffectReadOnly constructor now takes an AnimationEffectTimingReadOnly as input since that class and
        KeyframeEffectReadOnly expose an AnimationEffectTimingReadOnly object, while KeyframeEffect exposes an
        AnimationEffectTiming read-write object. This allows the KeyframeEffect constructor to provide the right object type. 

        * CMakeLists.txt:
        * DerivedSources.make:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * animation/AnimationEffectReadOnly.cpp: Renamed from Source/WebCore/animation/AnimationEffect.cpp.
        (WebCore::AnimationEffectReadOnly::AnimationEffectReadOnly):
        (WebCore::AnimationEffectReadOnly::localTime const):
        (WebCore::AnimationEffectReadOnly::phase const):
        (WebCore::AnimationEffectReadOnly::activeTime const):
        (WebCore::AnimationEffectReadOnly::overallProgress const):
        (WebCore::AnimationEffectReadOnly::simpleIterationProgress const):
        (WebCore::AnimationEffectReadOnly::currentIteration const):
        (WebCore::AnimationEffectReadOnly::currentDirection const):
        (WebCore::AnimationEffectReadOnly::directedProgress const):
        (WebCore::AnimationEffectReadOnly::transformedProgress const):
        (WebCore::AnimationEffectReadOnly::iterationProgress const):
        (WebCore::AnimationEffectReadOnly::getComputedTiming):
        * animation/AnimationEffectReadOnly.h: Renamed from Source/WebCore/animation/AnimationEffect.h.
        (WebCore::AnimationEffectReadOnly::isKeyframeEffectReadOnly const):
        (WebCore::AnimationEffectReadOnly::timing const):
        * animation/AnimationEffectReadOnly.idl: Copied from Source/WebCore/animation/AnimationEffect.idl.
        * animation/AnimationEffectTiming.cpp:
        (WebCore::AnimationEffectTiming::AnimationEffectTiming):
        (WebCore::AnimationEffectTiming::setIterationStart): Deleted.
        (WebCore::AnimationEffectTiming::setIterations): Deleted.
        (WebCore::AnimationEffectTiming::bindingsDuration const): Deleted.
        (WebCore::AnimationEffectTiming::setBindingsDuration): Deleted.
        (WebCore::AnimationEffectTiming::endTime const): Deleted.
        (WebCore::AnimationEffectTiming::activeDuration const): Deleted.
        (WebCore::AnimationEffectTiming::setEasing): Deleted.
        * animation/AnimationEffectTiming.h:
        (): Deleted.
        * animation/AnimationEffectTiming.idl:
        * animation/AnimationEffectTimingReadOnly.cpp: Copied from Source/WebCore/animation/AnimationEffectTiming.cpp.
        (WebCore::AnimationEffectTimingReadOnly::create):
        (WebCore::AnimationEffectTimingReadOnly::AnimationEffectTimingReadOnly):
        (WebCore::AnimationEffectTimingReadOnly::~AnimationEffectTimingReadOnly):
        (WebCore::AnimationEffectTimingReadOnly::setProperties):
        (WebCore::AnimationEffectTimingReadOnly::setIterationStart):
        (WebCore::AnimationEffectTimingReadOnly::setIterations):
        (WebCore::AnimationEffectTimingReadOnly::bindingsDuration const):
        (WebCore::AnimationEffectTimingReadOnly::setBindingsDuration):
        (WebCore::AnimationEffectTimingReadOnly::setEasing):
        (WebCore::AnimationEffectTimingReadOnly::endTime const):
        (WebCore::AnimationEffectTimingReadOnly::activeDuration const):
        * animation/AnimationEffectTimingReadOnly.h: Copied from Source/WebCore/animation/AnimationEffectTiming.h.
        (WebCore::AnimationEffectTimingReadOnly::isAnimationEffectTiming const):
        (WebCore::AnimationEffectTimingReadOnly::bindingsDelay const):
        (WebCore::AnimationEffectTimingReadOnly::setBindingsDelay):
        (WebCore::AnimationEffectTimingReadOnly::bindingsEndDelay const):
        (WebCore::AnimationEffectTimingReadOnly::setBindingsEndDelay):
        (WebCore::AnimationEffectTimingReadOnly::delay const):
        (WebCore::AnimationEffectTimingReadOnly::setDelay):
        (WebCore::AnimationEffectTimingReadOnly::endDelay const):
        (WebCore::AnimationEffectTimingReadOnly::setEndDelay):
        (WebCore::AnimationEffectTimingReadOnly::fill const):
        (WebCore::AnimationEffectTimingReadOnly::setFill):
        (WebCore::AnimationEffectTimingReadOnly::iterationStart const):
        (WebCore::AnimationEffectTimingReadOnly::iterations const):
        (WebCore::AnimationEffectTimingReadOnly::iterationDuration const):
        (WebCore::AnimationEffectTimingReadOnly::setIterationDuration):
        (WebCore::AnimationEffectTimingReadOnly::direction const):
        (WebCore::AnimationEffectTimingReadOnly::setDirection):
        (WebCore::AnimationEffectTimingReadOnly::easing const):
        (WebCore::AnimationEffectTimingReadOnly::timingFunction const):
        (WebCore::AnimationEffectTimingReadOnly::classType const):
        * animation/AnimationEffectTimingReadOnly.idl: Renamed from Source/WebCore/animation/AnimationEffect.idl.
        * animation/AnimationTimeline.h:
        * animation/KeyframeEffect.cpp:
        (WebCore::KeyframeEffect::create):
        (WebCore::KeyframeEffect::KeyframeEffect):
        (WebCore::IDLAttributeNameToAnimationPropertyName): Deleted.
        (WebCore::CSSPropertyIDToIDLAttributeName): Deleted.
        (WebCore::computeMissingKeyframeOffsets): Deleted.
        (WebCore::processIterableKeyframes): Deleted.
        (WebCore::processKeyframeLikeObject): Deleted.
        (WebCore::processPropertyIndexedKeyframes): Deleted.
        (WebCore::KeyframeEffect::getKeyframes): Deleted.
        (WebCore::KeyframeEffect::processKeyframes): Deleted.
        (WebCore::KeyframeEffect::computeStackingContextImpact): Deleted.
        (WebCore::KeyframeEffect::apply): Deleted.
        (WebCore::KeyframeEffect::shouldRunAccelerated): Deleted.
        (WebCore::KeyframeEffect::getAnimatedStyle): Deleted.
        (WebCore::KeyframeEffect::setAnimatedPropertiesInStyle): Deleted.
        (WebCore::KeyframeEffect::startOrStopAccelerated): Deleted.
        (WebCore::KeyframeEffect::renderer const): Deleted.
        (WebCore::KeyframeEffect::currentStyle const): Deleted.
        * animation/KeyframeEffect.h:
        * animation/KeyframeEffect.idl:
        * animation/KeyframeEffectReadOnly.cpp: Copied from Source/WebCore/animation/KeyframeEffect.cpp.
        (WebCore::IDLAttributeNameToAnimationPropertyName):
        (WebCore::CSSPropertyIDToIDLAttributeName):
        (WebCore::computeMissingKeyframeOffsets):
        (WebCore::processIterableKeyframes):
        (WebCore::processKeyframeLikeObject):
        (WebCore::processPropertyIndexedKeyframes):
        (WebCore::KeyframeEffectReadOnly::create):
        (WebCore::KeyframeEffectReadOnly::KeyframeEffectReadOnly):
        (WebCore::KeyframeEffectReadOnly::getKeyframes):
        (WebCore::KeyframeEffectReadOnly::processKeyframes):
        (WebCore::KeyframeEffectReadOnly::computeStackingContextImpact):
        (WebCore::KeyframeEffectReadOnly::apply):
        (WebCore::KeyframeEffectReadOnly::shouldRunAccelerated):
        (WebCore::KeyframeEffectReadOnly::getAnimatedStyle):
        (WebCore::KeyframeEffectReadOnly::setAnimatedPropertiesInStyle):
        (WebCore::KeyframeEffectReadOnly::startOrStopAccelerated):
        (WebCore::KeyframeEffectReadOnly::renderer const):
        (WebCore::KeyframeEffectReadOnly::currentStyle const):
        * animation/KeyframeEffectReadOnly.h: Copied from Source/WebCore/animation/KeyframeEffect.h.
        (WebCore::KeyframeEffectReadOnly::~KeyframeEffectReadOnly):
        (WebCore::KeyframeEffectReadOnly::target const):
        (WebCore::KeyframeEffectReadOnly::iterationComposite const):
        (WebCore::KeyframeEffectReadOnly::composite const):
        (WebCore::KeyframeEffectReadOnly::isRunningAccelerated const):
        * animation/KeyframeEffectReadOnly.idl: Copied from Source/WebCore/animation/KeyframeEffect.idl.
        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::create):
        (WebCore::WebAnimation::setEffect):
        * animation/WebAnimation.h:
        * animation/WebAnimation.idl:
        * bindings/js/JSAnimationEffectReadOnlyCustom.cpp: Copied from Source/WebCore/bindings/js/JSAnimationEffectCustom.cpp.
        (WebCore::toJSNewlyCreated):
        (WebCore::toJS):
        * bindings/js/JSAnimationEffectTimingReadOnlyCustom.cpp: Renamed from Source/WebCore/bindings/js/JSAnimationEffectCustom.cpp.
        (WebCore::toJSNewlyCreated):
        (WebCore::toJS):
        * bindings/js/JSCustomEventCustom.cpp:
        (WebCore::JSCustomEvent::detail const): Fix an error introduced in webkit.org/b/179591.
        * bindings/js/JSWebAnimationCustom.cpp:
        (WebCore::constructJSWebAnimation):
        * bindings/js/WebCoreBuiltinNames.h:

2018-02-09  Andy Estes  <aestes@apple.com>

        [Payment Request] Crash in PaymentRequest::canMakePayment() when Apple Pay payment method data is missing required fields
        https://bugs.webkit.org/show_bug.cgi?id=182631

        Reviewed by Mark Lam.

        PaymentRequest::canMakePayment() needs to parse each payment method's serialized data to
        determine if it is a supported payment method. If parsing fails by raising an exception, we
        intend to skip over that payment method and try the next one. If all payment method data
        fail to parse, we resolve the returned promise with false. At no point do we intend to
        propagate the parsing exception up to the calling script, however.

        Even though we intend to swallow any exceptions from parsing, we failed to clear the
        JavaScript VM's exception state. The next time WebCore tries to execute JavaScript, a
        release assertion is raised due to seeing an unexpected exception in the VM.

        Fix this by using a CatchScope in PaymentRequest::canMakePayment(), and calling
        CatchScope::clearException() in the places we intend to swallow exceptions.

        Added a test case to http/tests/paymentrequest/payment-request-canmakepayment-method.https.html.

        * Modules/paymentrequest/PaymentRequest.cpp:
        (WebCore::PaymentRequest::canMakePayment):

2018-02-09  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move multicolumn descendant/sibling removal logic to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182628
        <rdar://problem/37369528>

        Reviewed by Antti Koivisto.

        No change in functionality

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::takeChild):
        * rendering/RenderFragmentedFlow.h:
        * rendering/RenderMultiColumnFlow.cpp:
        (WebCore::RenderMultiColumnFlow::handleSpannerRemoval): Deleted.
        (WebCore::RenderMultiColumnFlow::fragmentedFlowRelativeWillBeRemoved): Deleted.
        * rendering/RenderMultiColumnFlow.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::multiColumnRelativeWillBeRemoved):
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderMultiColumn.cpp:
        (WebCore::RenderTreeBuilder::MultiColumn::handleSpannerRemoval):
        (WebCore::RenderTreeBuilder::MultiColumn::multiColumnRelativeWillBeRemoved):
        * rendering/updating/RenderTreeBuilderMultiColumn.h:

2018-02-09  Youenn Fablet  <youenn@apple.com>

        Add support for cache storage of blob response
        https://bugs.webkit.org/show_bug.cgi?id=182637

        Reviewed by Brady Eidson.

        Covered by updated WPT test.
        When putting a blob response in cache, create a readable stream to easily get the body.
        Make clear that caching form data is not supported.

        * Modules/cache/DOMCache.cpp:
        (WebCore::DOMCache::put):
        * Modules/fetch/FetchBody.h:
        (WebCore::FetchBody::isBlob const):
        (WebCore::FetchBody::isFormData const):
        * Modules/fetch/FetchResponse.h:

2018-02-09  Youenn Fablet  <youenn@apple.com>

        Make CoreAudioCaptureSource error logging be release logging
        https://bugs.webkit.org/show_bug.cgi?id=182614

        Reviewed by Eric Carlson.

        No change of behavior.

        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioSharedUnit::addEchoCancellationSource):
        (WebCore::CoreAudioSharedUnit::setupAudioUnit):
        (WebCore::CoreAudioSharedUnit::configureMicrophoneProc):
        (WebCore::CoreAudioSharedUnit::configureSpeakerProc):
        (WebCore::CoreAudioSharedUnit::checkTimestamps):
        (WebCore::CoreAudioSharedUnit::provideSpeakerData):
        (WebCore::CoreAudioSharedUnit::processMicrophoneSamples):
        (WebCore::CoreAudioSharedUnit::cleanupAudioUnit):
        (WebCore::CoreAudioSharedUnit::reconfigureAudioUnit):
        (WebCore::CoreAudioSharedUnit::startInternal):
        (WebCore::CoreAudioSharedUnit::verifyIsCapturing):
        (WebCore::CoreAudioSharedUnit::stopInternal):
        (WebCore::CoreAudioSharedUnit::defaultInputDevice):

2018-02-09  Carlos Garcia Campos  <cgarcia@igalia.com>

        Add a way to check if a host is an IP address
        https://bugs.webkit.org/show_bug.cgi?id=182427

        Reviewed by Alex Christensen.

        There are several places where this is needed. We currently just assume that any host ending in a digit is an IP
        address, except in PublicSuffix where platform specific code is used. This patch adds URL::hostIsIPAddress()
        platform specific implementations, falling back to current assumption if there isn't an implementation for the
        platform.

        * page/OriginAccessEntry.cpp:
        (WebCore::OriginAccessEntry::OriginAccessEntry): Use URL::hostIsIPAddress().
        * platform/URL.cpp:
        (WebCore::URL::hostIsIPAddress): Fallback implementation.
        * platform/URL.h:
        * platform/mac/PublicSuffixMac.mm:
        (WebCore::topPrivatelyControlledDomain): Use URL::hostIsIPAddress().
        * platform/mac/URLMac.mm:
        (WebCore::URL::hostIsIPAddress): Move implementation from PublicSuffixMac.mm.
        * platform/network/curl/CookieUtil.cpp:
        (WebCore::CookieUtil::isIPAddress): Use URL::hostIsIPAddress().
        * platform/soup/URLSoup.cpp:
        (WebCore::URL::hostIsIPAddress): Use g_hostname_is_ip_address().

2018-02-08  Philippe Normand  <pnormand@igalia.com>

        [GStreamer][WebAudio] Winamp2-js woes
        https://bugs.webkit.org/show_bug.cgi?id=182612

        Reviewed by Xabier Rodriguez Calvar and Carlos Alberto Lopez Perez.

        Test: webaudio/silence-after-playback.html

        * platform/audio/gstreamer/AudioSourceProviderGStreamer.cpp:
        (WebCore::copyGStreamerBuffersToAudioChannel): Clear the bus if
        the adapter can't provide enough data. This prevents a nasty noise
        after playing songs in Winamp.
        (WebCore::AudioSourceProviderGStreamer::setClient): No need to set
        the client more than once, this fixes runtime warnings.

2018-02-09  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move multicolumn spanner mutation logic to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182627
        <rdar://problem/37367284>

        Reviewed by Antti Koivisto.

        Move spanner triggered mutation logic to RenderTreeBuilder.

        No change in functionality.

        * rendering/RenderFragmentedFlow.h:
        * rendering/RenderMultiColumnFlow.cpp:
        (WebCore::RenderMultiColumnFlow::isColumnSpanningDescendant const):
        (WebCore::findSetRendering): Deleted.
        (WebCore::isValidColumnSpanner): Deleted.
        (WebCore::spannerPlacehoderCandidate): Deleted.
        (WebCore::RenderMultiColumnFlow::processPossibleSpannerDescendant): Deleted.
        (WebCore::RenderMultiColumnFlow::fragmentedFlowDescendantInserted): Deleted.
        * rendering/RenderMultiColumnFlow.h:
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::insertedIntoTree):
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::multiColumnDescendantInserted):
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderMultiColumn.cpp:
        (WebCore::findSetRendering):
        (WebCore::spannerPlacehoderCandidate):
        (WebCore::isValidColumnSpanner):
        (WebCore::RenderTreeBuilder::MultiColumn::multiColumnDescendantInserted):
        (WebCore::RenderTreeBuilder::MultiColumn::processPossibleSpannerDescendant):
        * rendering/updating/RenderTreeBuilderMultiColumn.h:

2018-02-09  Javier Fernandez  <jfernandez@igalia.com>

        [css-align] Implement the new behavior of 'legacy' for justify-items
        https://bugs.webkit.org/show_bug.cgi?id=172712

        Reviewed by Antti Koivisto.

        The syntax of the 'justify-items' property accepts a new 'legacy' value,
        replacing the 'auto' value which is now parsed as invalid.

        https://github.com/w3c/csswg-drafts/issues/1318

        This change affects also to the 'place-items' shorthand, which doesn't
        accept 'auto' and, for the time being, neither 'legacy'.

        Since the new value 'legacy' is also the default value, I don't expect
        this change to break content of sites currently using the 'justify-items'
        property.

        No new tests, rebaselined existing test.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::valueForItemPositionWithOverflowAlignment):
        (WebCore::ComputedStyleExtractor::valueForPropertyinStyle):
        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
        (WebCore::CSSPrimitiveValue::operator ItemPosition const):
        * css/CSSProperties.json:
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::adjustRenderStyle):
        * css/parser/CSSPropertyParser.cpp:
        (WebCore::isAuto):
        (WebCore::isNormalOrStretch):
        (WebCore::consumeSelfPositionOverflowPosition):
        (WebCore::consumeJustifyItems):
        (WebCore::consumeSimplifiedDefaultPosition):
        (WebCore::consumeSimplifiedSelfPosition):
        (WebCore::CSSPropertyParser::consumePlaceItemsShorthand):
        (WebCore::CSSPropertyParser::consumePlaceSelfShorthand):
        * rendering/RenderFlexibleBox.cpp:
        (WebCore::alignmentOffset):
        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::columnAxisPositionForChild const):
        (WebCore::RenderGrid::rowAxisPositionForChild const):
        * rendering/style/RenderStyle.cpp:
        (WebCore::resolvedSelfAlignment):
        (WebCore::RenderStyle::resolvedJustifyItems const):
        * rendering/style/RenderStyle.h:
        (WebCore::RenderStyle::initialJustifyItems):
        * rendering/style/RenderStyleConstants.h:
        * rendering/style/StyleRareNonInheritedData.cpp:
        (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):

2018-02-09  Yacine Bandou  <yacine.bandou_ext@softathome.com>

        [EME][GStreamer] Add support for encrypted caps in GStreamerUtilities
        https://bugs.webkit.org/show_bug.cgi?id=181990

        Reviewed by Xabier Rodriguez-Calvar.

        Add the support of encrypted caps in GStreamerUtilities.
        Refactor the manner that the caps are handled, such as how to extract the resolution
        from the video caps or how to check if the caps are encrypted.

        The attachTrack function in PlaybackPipeline doesn't need the "structure" parameter,
        it is already included in the "caps" parameter.

        Replace the "mediaType" parameter by the "caps" parameter in reattachTrack function,
        it allows to use the new functions that handle the caps in GStreamerUtilities.

        Tests:
            media/encrypted-media/clearKey/clearKey-cenc-audio-playback-mse.html
            media/encrypted-media/clearKey/clearKey-cenc-video-playback-mse.html

        * platform/graphics/gstreamer/GStreamerUtilities.cpp:
        (WebCore::getVideoSizeAndFormatFromCaps): Add the support of video encrypted caps.
        (WebCore::getVideoResolutionFromCaps):
        (WebCore::capsMediaType):
        (WebCore::doCapsHaveType):
        (WebCore::areEncryptedCaps): Add a new functions in order to handle the caps properly.
        * platform/graphics/gstreamer/GStreamerUtilities.h:
        * platform/graphics/gstreamer/mse/AppendPipeline.cpp:
        (WebCore::AppendPipeline::parseDemuxerSrcPadCaps):
        * platform/graphics/gstreamer/mse/GStreamerMediaDescription.cpp:
        (WebCore::GStreamerMediaDescription::codec const):
        (WebCore::GStreamerMediaDescription::isVideo const):
        (WebCore::GStreamerMediaDescription::isAudio const):
        * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
        (WebCore::MediaPlayerPrivateGStreamerMSE::trackDetected):
        * platform/graphics/gstreamer/mse/PlaybackPipeline.cpp:
        (WebCore::PlaybackPipeline::attachTrack):
        (WebCore::PlaybackPipeline::reattachTrack):
        * platform/graphics/gstreamer/mse/PlaybackPipeline.h:
        * platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp:
        (webKitMediaSrcUpdatePresentationSize): Refactor some parts by using the new added functions.

2018-02-09  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] Layout test fast/replaced/border-radius-clip.html crashes with GStreamer-CRITICAL **: gst_segment_to_stream_time: assertion 'segment->format == format' failed in gst_segment_to_stream_time()
        https://bugs.webkit.org/show_bug.cgi?id=176802

        Reviewed by Xabier Rodriguez Calvar.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::load): Prevent the player from loading animated gifs.

2018-02-09  Antti Koivisto  <antti@apple.com>

        Move compiled selectors to StyleRule
        https://bugs.webkit.org/show_bug.cgi?id=182602

        Reviewed by Zalan Bujtas.

        Currently they are owned by RuleData. Several RuleData objects can refer to the same StyleRule, requiring recompilation.
        Compiled selectors are context-independent so they can be shared between all clients.

        * WebCore.xcodeproj/project.pbxproj:
        * css/CSSSelectorList.cpp:
        (WebCore::CSSSelectorList::listSize const):

        Compute the number of complex selectors on the list.

        * css/CSSSelectorList.h:
        * css/DocumentRuleSets.cpp:
        (WebCore::makeRuleSet):
        (WebCore::DocumentRuleSets::classInvalidationRuleSets const):

        Pass around list index along with the selector index (compiled selectors are found by list index).

        * css/ElementRuleCollector.cpp:
        (WebCore::ElementRuleCollector::ruleMatches):
        * css/RuleSet.cpp:
        (WebCore::RuleData::RuleData):
        * css/RuleSet.h:
        (WebCore::RuleData::compilationStatus const): Deleted.
        (WebCore::RuleData::compiledSelectorCodeRef const): Deleted.
        (WebCore::RuleData::setCompiledSelector const): Deleted.
        (WebCore::RuleData::~RuleData): Deleted.
        (WebCore::RuleData::compiledSelectorUsed const): Deleted.
        * css/StyleRule.cpp:
        (WebCore::StyleRule::StyleRule):
        * css/StyleRule.h:

            Add CompiledSelector member.

        * cssjit/CompiledSelector.h: Added.

            Move to a header of its own to keeps dependencies simple.

        (WebCore::SelectorCompilationStatus::SelectorCompilationStatus):
        (WebCore::SelectorCompilationStatus::operator Status const):
        * cssjit/SelectorCompiler.h:
        (): Deleted.
        (WebCore::SelectorCompilationStatus::SelectorCompilationStatus): Deleted.
        (WebCore::SelectorCompilationStatus::operator Status const): Deleted.

2018-02-08  Antoine Quint  <graouts@apple.com>

        [Web Animations] Always expose "composite" in output of getKeyframes()
        https://bugs.webkit.org/show_bug.cgi?id=182600

        Reviewed by Dean Jackson.

        The Web Animations spec has changed and whereas the output of getKeyframes() would not feature the "composite" property
        for "null" values, it now lists "composite" in all cases.

        To support this, we needed to fix an issue in the code generator such that a "null" default value for an optional enum
        type was supported.

        * animation/KeyframeEffect.cpp:
        (WebCore::KeyframeEffect::getKeyframes):
        * animation/KeyframeEffect.h:
        * animation/KeyframeEffect.idl:
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateDefaultValue):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::convertDictionary<TestObj::Dictionary>):
        (WebCore::convertDictionaryToJS):
        * bindings/scripts/test/TestObj.idl:

2018-02-08  Youenn Fablet  <youenn@apple.com>

        CoreAudioCaptureSourceIOSListener should be a WebProcess singleton
        https://bugs.webkit.org/show_bug.cgi?id=182606
        <rdar://problem/37355283>

        Reviewed by Eric Carlson.

        Not testable right now as this relies on iOS specific Core Audio stack.
        Efforts should be made to somehow mock that part and mock interruptions.

        Made CoreAudioCaptureSourceFactoryIOS responsible to receive iOS interruption messages.
        Before the patch, individual capture sources were receiving these messages.
        When there is only one capture source per process this is fine but with more capture sources,
        this is messing up things as they all share the same shared unit and we would try to interrupt it or resume it several times.

        Also, if we are suspended and there is no more capture source, the shared unit will remain suspended indefinitely, as we will
        not process the interruption messages.
        With the patch, we always process the messages.
        We still go through the active source as done now to limit the changes.
        In case of no source, we go to the shared unit.
        In the future, we should directly go to the shared unit and clients of the shared unit should see their state being updated.

        As a way to prevent staying suspended on iOS, we unsuspend ourselves in CoreAudioCaptureSource constructor.
        This is fine as this constructor is only called when getUserMedia grants access to the camera which always goes to the UIProcess.
        And the UIProcess is only processing getUserMedia calls if the WebProcess is foregrounded.

        * platform/mediastream/ios/CoreAudioCaptureSourceIOS.h:
        * platform/mediastream/ios/CoreAudioCaptureSourceIOS.mm:
        (-[WebCoreAudioCaptureSourceIOSListener initWithCallback:]):
        (WebCore::CoreAudioCaptureSourceFactoryIOS::CoreAudioCaptureSourceFactoryIOS):
        (WebCore::CoreAudioCaptureSourceFactoryIOS::~CoreAudioCaptureSourceFactoryIOS):
        (WebCore::CoreAudioCaptureSourceFactory::singleton):
        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioCaptureSourceFactory::singleton):
        (WebCore::CoreAudioCaptureSource::create):
        (WebCore::CoreAudioCaptureSourceFactory::beginInterruption):
        (WebCore::CoreAudioCaptureSourceFactory::endInterruption):
        (WebCore::CoreAudioCaptureSourceFactory::scheduleReconfiguration):
        (WebCore::CoreAudioCaptureSource::factory):
        (WebCore::CoreAudioCaptureSource::CoreAudioCaptureSource):
        (WebCore::CoreAudioCaptureSource::~CoreAudioCaptureSource):
        (WebCore::CoreAudioCaptureSource::startProducingData):
        (WebCore::CoreAudioCaptureSource::scheduleReconfiguration):
        (WebCore::CoreAudioCaptureSource::beginInterruption):
        (WebCore::CoreAudioCaptureSource::endInterruption):
        * platform/mediastream/mac/CoreAudioCaptureSource.h:
        (WebCore::CoreAudioCaptureSourceFactory::setCoreAudioActiveSource):
        (WebCore::CoreAudioCaptureSourceFactory::unsetCoreAudioActiveSource):
        (WebCore::CoreAudioCaptureSourceFactory::coreAudioActiveSource):

2018-02-08  Chris Dumez  <cdumez@apple.com>

        There should be a way to disable [OverrideBuiltins] behavior in a given DOMWrapperWorld
        https://bugs.webkit.org/show_bug.cgi?id=182524
        <rdar://problem/9057327>

        Reviewed by Ryosuke Niwa.

        Add new flag on DOMWrapperWorld indicating if the [OverrideBuiltins] behavior should
        be enabled in this world or not. The behavior is enabled by default for Web-compatibility.
        This flag is queried in accessVisibleNamedProperty() when doing the named property
        lookup.

        Covered by new API test.

        * bindings/js/DOMWrapperWorld.h:
        (WebCore::DOMWrapperWorld::disableOverrideBuiltinsBehavior):
        (WebCore::DOMWrapperWorld::shouldDisableOverrideBuiltinsBehavior const):
        * bindings/js/JSDOMAbstractOperations.h:
        (WebCore::accessVisibleNamedProperty):

2018-02-08  Per Arne Vollan  <pvollan@apple.com>

        Move WebVideoFullscreenController from WebCore to WebKitLegacy.
        https://bugs.webkit.org/show_bug.cgi?id=182615

        Reviewed by Eric Carlson.

        It is only used by WK1. Also there are a few references to NSApp in WebVideoFullscreenController.mm.
        Ideally, we should not reference NSApp in WebCore.

        No new tests. No change in behavior.

        * SourcesMac.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * html/HTMLMediaElement.h:
        * platform/mac/WebVideoFullscreenController.h: Removed.
        * platform/mac/WebVideoFullscreenController.mm: Removed.
        * platform/mac/WebVideoFullscreenHUDWindowController.h: Removed.
        * platform/mac/WebVideoFullscreenHUDWindowController.mm: Removed.
        * platform/mac/WebWindowAnimation.h: Removed.
        * platform/mac/WebWindowAnimation.mm: Removed.

2018-02-08  Chris Dumez  <cdumez@apple.com>

        Form submission after navigation fails when decidePolicyForNavigationAction is async
        https://bugs.webkit.org/show_bug.cgi?id=182412
        <rdar://problem/35181099>

        Reviewed by Alex Christensen.

        When the form is submitted and schedules the load in an iframe that is already loading,
        FrameLoader::stopLoading() is called as expected. However, because policy checks can
        now be asynchronous, stopLoading() also needs to stop pending policy checks. Otherwise,
        continueLoadAfterNavigationPolicy() gets called for a cancelled load and we're in trouble
        because the FrameLoader was reused for another load since then.

        Test: http/tests/navigation/sync-form-submit-iframe.html

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::stopLoading):

2018-02-08  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Do not use RenderTreeBuilder::current() in RenderRubyRun::takeChild
        https://bugs.webkit.org/show_bug.cgi?id=182607
        <rdar://problem/37355944>

        Reviewed by Sam Weinig.

        No change in functionality.

        * rendering/RenderRubyRun.cpp:
        (WebCore::RenderRubyRun::takeChild):

2018-02-08  Antti Koivisto  <antti@apple.com>

        Use invalidation rulesets for attribute selectors
        https://bugs.webkit.org/show_bug.cgi?id=182569

        Reviewed by Zalan Bujtas.

        Attribute change style invalidation should use invalidation rulesets, similarly how class change invalidation already does.
        We'll invalidate fewer unnecessary elements immediately and enable more significant future gains.

        * css/DocumentRuleSets.cpp:
        (WebCore::DocumentRuleSets::collectFeatures const):
        (WebCore::DocumentRuleSets::classInvalidationRuleSets const):
        (WebCore::DocumentRuleSets::attributeInvalidationRuleSets const):

        Make and cache invalidation RuleSets for an attribute.

        (WebCore::DocumentRuleSets::ancestorAttributeRulesForHTML const): Deleted.
        * css/DocumentRuleSets.h:
        * css/RuleFeature.cpp:
        (WebCore::RuleFeatureSet::recursivelyCollectFeaturesFromSelector):

        Collect attribute selectors along with match elements.

        (WebCore::RuleFeatureSet::collectFeatures):
        (WebCore::RuleFeatureSet::add):
        (WebCore::RuleFeatureSet::registerContentAttribute):

        Separate hash to deal with invalidation of content:attr(foo) special case.

        (WebCore::RuleFeatureSet::clear):
        (WebCore::RuleFeatureSet::shrinkToFit):
        (WebCore::makeAttributeSelectorKey): Deleted.
        * css/RuleFeature.h:
        (WebCore::RuleFeature::RuleFeature):
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyValueContent):
        (WebCore::StyleBuilderCustom::applyValueAlt):

        Use registerContentAttribute()

        * html/HTMLEmbedElement.cpp:
        (WebCore::hasTypeOrSrc):
        (WebCore::HTMLEmbedElement::parseAttribute):

            Invalidate style if both type and src attributes go missing as this changes result of rendererIsNeeded().
            This was previously relying on any attribute change invalidating style.

        (WebCore::HTMLEmbedElement::rendererIsNeeded):
        * style/AttributeChangeInvalidation.cpp:
        (WebCore::Style::AttributeChangeInvalidation::invalidateStyle):

        Collect the invalidation rulesets for this attribute change.
        Also check if any attribute selector actually changes state, unlike with classes attribute changes may
        often not lead to a selector becoming non-matching.

        (WebCore::Style::AttributeChangeInvalidation::invalidateStyleWithRuleSets):
        (WebCore::Style::AttributeChangeInvalidation::invalidateDescendants): Deleted.
        * style/AttributeChangeInvalidation.h:
        (WebCore::Style::AttributeChangeInvalidation::AttributeChangeInvalidation):
        (WebCore::Style::AttributeChangeInvalidation::~AttributeChangeInvalidation):
        * style/ClassChangeInvalidation.cpp:
        (WebCore::Style::ClassChangeInvalidation::computeInvalidation):

        Should not bail on shadow tree invalidation as we may also need to invalidate siblings.

2018-02-08  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Introduce RenderTreeBuilder to moveChild(ren)To() functions
        https://bugs.webkit.org/show_bug.cgi?id=182596
        <rdar://problem/37340553>

        Reviewed by Sam Weinig.

        This is in preparation for moving mutation code out of moveChildTo/moveChildrenTo. 

        No change in functionality.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::dropAnonymousBoxChild):
        (WebCore::RenderBlock::takeChild):
        * rendering/RenderBlock.h:
        (WebCore::RenderBlock::moveAllChildrenIncludingFloatsTo):
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::styleDidChange):
        (WebCore::RenderBlockFlow::moveAllChildrenIncludingFloatsTo):
        * rendering/RenderBlockFlow.h:
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::moveChildTo):
        (WebCore::RenderBoxModelObject::moveChildrenTo):
        * rendering/RenderBoxModelObject.h:
        (WebCore::RenderBoxModelObject::moveChildTo):
        (WebCore::RenderBoxModelObject::moveAllChildrenTo):
        (WebCore::RenderBoxModelObject::moveChildrenTo):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::styleDidChange):
        (WebCore::RenderElement::removeAnonymousWrappersForInlinesIfNecessary): Deleted.
        * rendering/RenderElement.h:
        * rendering/RenderRubyRun.cpp:
        (WebCore::RenderRubyRun::takeChild):
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::makeChildrenNonInline):
        (WebCore::RenderTreeBuilder::splitAnonymousBoxesAroundChild):
        (WebCore::RenderTreeBuilder::removeAnonymousWrappersForInlineChildrenIfNeeded):
        (WebCore::RenderTreeBuilder::childFlowStateChangesAndNoLongerAffectsParentBlock):
        (WebCore::RenderTreeBuilder::removeFromParentAndDestroyCleaningUpAnonymousWrappers):
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderMultiColumn.cpp:
        (WebCore::RenderTreeBuilder::MultiColumn::createFragmentedFlow):
        (WebCore::RenderTreeBuilder::MultiColumn::destroyFragmentedFlow):
        * rendering/updating/RenderTreeBuilderRuby.cpp:
        (WebCore::RenderTreeBuilder::Ruby::moveInlineChildren):
        (WebCore::RenderTreeBuilder::Ruby::moveBlockChildren):
        * rendering/updating/RenderTreeBuilderTable.cpp:
        (WebCore::RenderTreeBuilder::Table::collapseAndDestroyAnonymousSiblingRows):

2018-02-08  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r228261.

        This broke an internal build

        Reverted changeset:

        "Add a way to check if a host is an IP address"
        https://bugs.webkit.org/show_bug.cgi?id=182427
        https://trac.webkit.org/changeset/228261

2018-02-08  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] WebKit improperly handles missing GStreamer elements
        https://bugs.webkit.org/show_bug.cgi?id=171205

        Reviewed by Michael Catanzaro.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin): Add a
        test checking the videoflip element was correctly created. It
        might not be available on some exotic distros such as Gentoo.

2018-02-08  Chris Fleizach  <cfleizach@apple.com>

        AX: Defer attribute computation until needed.
        https://bugs.webkit.org/show_bug.cgi?id=182386
        <rdar://problem/37115277>

        Reviewed by Zalan Bujtas.

        Accessibility is doing too much work when handling attribute changes. Here's how we can improve this:
           1) Defer attribute changes while the tree is dirty (and coalesce them). 
           2) Don't create AXObjects when an attribute changes unnecessarily. If no client has requested an ax object, it's likely no work needs to be done
                 (with the exception of a few attributes like aria-modal)
           3) Stop calculating the entire accessible ARIA label when trying to decide if an element should be ignored. That's generally wasteful and the
                 consequence of including more AX elements in the tree is very minimal.

        * accessibility/AXObjectCache.cpp:
        (WebCore::rendererNeedsDeferredUpdate):
        (WebCore::nodeAndRendererAreValid):
        (WebCore::AXObjectCache::remove):
        (WebCore::AXObjectCache::handleAriaExpandedChange):
        (WebCore::AXObjectCache::handleAriaRoleChanged):
        (WebCore::AXObjectCache::deferAttributeChangeIfNeeded):
        (WebCore::AXObjectCache::shouldProcessAttributeChange):
        (WebCore::AXObjectCache::handleAttributeChange):
        (WebCore::AXObjectCache::prepareForDocumentDestruction):
        (WebCore::AXObjectCache::performDeferredCacheUpdate):
        (WebCore::AXObjectCache::deferRecomputeIsIgnoredIfNeeded):
        (WebCore::AXObjectCache::deferRecomputeIsIgnored):
        (WebCore::AXObjectCache::deferTextChangedIfNeeded):
        (WebCore::AXObjectCache::deferSelectedChildrenChangedIfNeeded):
        (WebCore::AXObjectCache::handleAttributeChanged): Deleted.
        * accessibility/AXObjectCache.h:
        (WebCore::AXObjectCache::deferAttributeChangeIfNeeded):
        (WebCore::AXObjectCache::handleAttributeChanged): Deleted.
        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::AccessibilityNodeObject::hasAttributesRequiredForInclusion const):
        * accessibility/AccessibleNode.cpp:
        (WebCore::AccessibleNode::notifyAttributeChanged):
        * dom/Element.cpp:
        (WebCore::Element::attributeChanged): 

2018-02-08  Chris Dumez  <cdumez@apple.com>

        Unreviewed, tiny partial rollout of r228260 as it caused some worker failures

        * bindings/js/JSDOMGlobalObject.cpp:
        (WebCore::toJSDOMGlobalObject):
        * bindings/js/JSDOMGlobalObject.h:
        * bindings/js/JSErrorHandler.cpp:
        (WebCore::JSErrorHandler::handleEvent):
        * bindings/js/JSEventListener.cpp:
        (WebCore::toJSDOMGlobalObject): Deleted.

2018-02-08  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderElement::removeAnonymousWrappersForInlinesIfNecessary to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182582
        <rdar://problem/37327890>

        Reviewed by Antti Koivisto.

        Tree mutation -> RenderTreeBuilder.

        No change in functionality

        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::styleDidChange):
        (WebCore::RenderElement::removeAnonymousWrappersForInlinesIfNecessary): Deleted.
        * rendering/RenderElement.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::removeAnonymousWrappersForInlinesIfNecessary):
        (WebCore::RenderTreeBuilder::childFlowStateChangesAndNoLongerAffectsParentBlock):
        (WebCore::RenderTreeBuilder::removeFromParentAndDestroyCleaningUpAnonymousWrappers):
        * rendering/updating/RenderTreeBuilder.h:

2018-02-08  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] LayoutTest webaudio/silent-audio-interrupted-in-background.html makes its subsequent test flaky crash
        https://bugs.webkit.org/show_bug.cgi?id=173916

        Reviewed by Xabier Rodriguez Calvar.

        This patch fixes two crashes and a runtime warning:

        - The provider client configuration should be done from the main
        thread but the no-more-pads signal of deinterleave was fired from
        a non-main thread.

        - The deinterleave pad-removed signal can be fired for a not fully
        configured pipeline if the audio context is interrupted. So the
        peer quark of the removed pad needs to be checked, it might be a
        null pointer.

        - The provider connects to the deinterleave signals only when a
        client is provided, so the signal disconnection needs to check
        that to avoid runtime warnings.

        * platform/audio/gstreamer/AudioSourceProviderGStreamer.cpp:
        (WebCore::AudioSourceProviderGStreamer::AudioSourceProviderGStreamer):
        Create a main thread notifier.
        (WebCore::AudioSourceProviderGStreamer::~AudioSourceProviderGStreamer):
        Invalidate notifier and check a client was set before
        disconnecting from deinterleave signals.
        (WebCore::AudioSourceProviderGStreamer::handleRemovedDeinterleavePad):
        Check validity of the pad peer.
        (WebCore::AudioSourceProviderGStreamer::deinterleavePadsConfigured):
        Set client from main thread.
        * platform/audio/gstreamer/AudioSourceProviderGStreamer.h:

2018-02-08  Philippe Normand  <pnormand@igalia.com>

        [GStreamer][WebAudio] No need for version check in each loop iteration
        https://bugs.webkit.org/show_bug.cgi?id=182577

        Reviewed by Xabier Rodriguez Calvar.

        * platform/audio/gstreamer/WebKitWebAudioSourceGStreamer.cpp:
        (webkit_web_audio_src_init): Detect version once only, when creating the element.
        (webKitWebAudioSrcLoop): Use boolean variable instead of checking the version every time.

2018-02-08  Frederic Wang  <fwang@igalia.com>

        Add scrolling node types to distinguish main frames and subframes.
        https://bugs.webkit.org/show_bug.cgi?id=182533

        Reviewed by Simon Fraser.

        This patch splits FrameScrollingNode type into two types: MainFrameScrollingNode and
        SubframeScrollingNode. This is needed because new places in the code are likely to
        distinguish them e.g. in ScrollingTreeScrollingNodeDelegateIOS::updateChildNodesAfterScroll
        or when iOS frame scrolling is introduced (see bug 173833).

        No new tests, behavior unchanged.

        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::ensureRootStateNodeForFrameView): This is only called
        for main frames, so pass MainFrameScrollingNode.
        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::operator<<): Distinguish subframe and main frame when dumping.
        * page/scrolling/ScrollingCoordinator.h: Split FrameScrollingNode into two cases.
        * page/scrolling/ScrollingStateFrameScrollingNode.cpp: Add node type to constructor and
        ASSERT it remains of type FrameScrollingNode.
        (WebCore::ScrollingStateFrameScrollingNode::create):
        (WebCore::ScrollingStateFrameScrollingNode::ScrollingStateFrameScrollingNode):
        * page/scrolling/ScrollingStateFrameScrollingNode.h: Add node type to constructor.
        * page/scrolling/ScrollingStateNode.h:
        (WebCore::ScrollingStateNode::isFrameScrollingNode const): Includes the two cases.
        * page/scrolling/ScrollingStateTree.cpp:
        (WebCore::ScrollingStateTree::createNode): Split FrameScrollingNode into two cases and pass
        the node type.
        (WebCore::ScrollingStateTree::attachNode): The first case only happens for main frames while
        the second case only happens with subframes. Use the appriate node type.
        * page/scrolling/ScrollingTreeFrameScrollingNode.cpp: Add node type to constructor and
        ASSERT it remains of type FrameScrollingNode.
        (WebCore::ScrollingTreeFrameScrollingNode::ScrollingTreeFrameScrollingNode):
        * page/scrolling/ScrollingTreeFrameScrollingNode.h: Add node type to constructor.
        * page/scrolling/ScrollingTreeNode.h: Includes the two cases.
        (WebCore::ScrollingTreeNode::isFrameScrollingNode const):
        * page/scrolling/ios/ScrollingTreeFrameScrollingNodeIOS.h: Add node type to constructor.
        * page/scrolling/ios/ScrollingTreeFrameScrollingNodeIOS.mm: Ditto.
        (WebCore::ScrollingTreeFrameScrollingNodeIOS::create):
        (WebCore::ScrollingTreeFrameScrollingNodeIOS::ScrollingTreeFrameScrollingNodeIOS):
        * page/scrolling/ios/ScrollingTreeIOS.cpp: Split FrameScrollingNode into two cases.
        (WebCore::ScrollingTreeIOS::createScrollingTreeNode):
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h: Add node type to constructor.
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm: Ditto.
        (WebCore::ScrollingTreeFrameScrollingNodeMac::create):
        (WebCore::ScrollingTreeFrameScrollingNodeMac::ScrollingTreeFrameScrollingNodeMac):
        * page/scrolling/mac/ScrollingTreeMac.cpp: Split FrameScrollingNode into two cases.
        (ScrollingTreeMac::createScrollingTreeNode):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::reattachSubframeScrollLayers): Distinguish the cases of
        main frames and subframes.
        (WebCore::scrollCoordinationRoleForNodeType): Split FrameScrollingNode into two cases.
        (WebCore::RenderLayerCompositor::updateScrollCoordinationForThisFrame): Distinguish the cases
        of main frames and subframes.
        (WebCore::RenderLayerCompositor::updateScrollCoordinatedLayer): Split FrameScrollingNode into
        two cases.

2018-02-07  Darin Adler  <darin@apple.com>

        Try to fix ErrorEvent tests seen failing on buildbot after fix for bug 179591.

        * bindings/js/JSErrorHandler.cpp:
        (WebCore::JSErrorHandler::handleEvent): Add back line of code accidentally removed.

2018-02-05  Carlos Garcia Campos  <cgarcia@igalia.com>

        Add a way to check if a host is an IP address
        https://bugs.webkit.org/show_bug.cgi?id=182427

        Reviewed by Alex Christensen.

        There are several places where this is needed. We currently just assume that any host ending in a digit is an IP
        address, except in PublicSuffix where platform specific code is used. This patch adds URL::hostIsIPAddress()
        platform specific implementations, falling back to current assumption if there isn't an implementation for the
        platform.

        * page/OriginAccessEntry.cpp:
        (WebCore::OriginAccessEntry::OriginAccessEntry): Use URL::hostIsIPAddress().
        * platform/URL.cpp:
        (WebCore::URL::hostIsIPAddress): Fallback implementation.
        * platform/URL.h:
        * platform/mac/PublicSuffixMac.mm:
        (WebCore::topPrivatelyControlledDomain): Use URL::hostIsIPAddress().
        * platform/mac/URLMac.mm:
        (WebCore::URL::hostIsIPAddress): Move implementation from PublicSuffixMac.mm.
        * platform/network/curl/CookieUtil.cpp:
        (WebCore::CookieUtil::isIPAddress): Use URL::hostIsIPAddress().
        * platform/soup/URLSoup.cpp:
        (WebCore::URL::hostIsIPAddress): Use g_hostname_is_ip_address().

2018-01-13  Darin Adler  <darin@apple.com>

        Event improvements
        https://bugs.webkit.org/show_bug.cgi?id=179591

        Reviewed by Chris Dumez.

        - removed all use of Deprecated::ScriptValue

        - fixed uses of JSC::Strong that can lead to reference cycles in CustomEvent,
          MessageEvent, and PopStateEvent, refactoring to share more code

        - removed incorrect use of CachedAttribute on attributes that can change values
          (should have fixed a bug; can we find a way to test this?)

        - did a more thorough job of clearing state from events, including clearing
          certain things before dispatching, and clearing more in initKeyboardEvent
          (may have fixed some obscure low-severity bugs; can we find a way to test this?)

        - removed "dummy" keyboard events

        - reworked code that omits details from error events for security reasons;
          old approach was "sanitizing" the error by removing the details if not
          allowed, new approach is adding the details only if allowed

        * Modules/encryptedmedia/NavigatorEME.h: Added forward declaration needed
        to compile.

        * Modules/indexeddb/IDBCursor.h: Added comment about incorrect use of JSC::Strong.
        * Modules/indexeddb/IDBRequest.h: Ditto.
        * Modules/paymentrequest/PaymentResponse.h: Ditto.

        * WebCore.xcodeproj/project.pbxproj: Added JSValueInWrappedObject.h.

        * bindings/js/CommonVM.cpp:
        (WebCore::commonVMSlow): Use VM::create instead of VM::createLeaked. Also use
        local variable instead of the global.

        * bindings/js/DOMWrapperWorld.h: Put the inline bodies of the currentWorld and
        worldForDOMObject functions separate from the declarations; long term goal is
        that the declarations serve as documentation, and are not interspersed with the
        implementations. Changed currentWorld to take a reference instead of a pointer
        to ExecState. Added isWorldCompatible function.

        * bindings/js/JSCustomElementInterface.cpp:
        (WebCore::JSCustomElementInterface::upgradeElement): Use toJSDOMWindow instead
        of toJSDOMGlobalObject and added check for null.
        (WebCore::JSCustomElementInterface::invokeCallback): Ditto.

        * bindings/js/JSCustomEventCustom.cpp:
        (WebCore::JSCustomEvent::detail const): Use cachedPropertyValue.
        (WebCore::JSCustomEvent::visitAdditionalChildren): Added. Needed now that we are
        using JSValueInWrappedObject instead of JSC::Strong.

        * bindings/js/JSDOMConvertEventListener.h:
        (WebCore::Converter<IDLEventListener<T>>::convert): Pass a reference.
        * bindings/js/JSDOMGlobalObject.cpp:
        (WebCore::toJSDOMGlobalObject): Ditto.

        * bindings/js/JSDOMGlobalObject.cpp:
        (WebCore::JSDOMGlobalObject::JSDOMGlobalObject): Moved initialization to nullptr
        to the header.
        (WebCore::toJSDOMGlobalObject): Deleted.
        * bindings/js/JSDOMGlobalObject.h: Updated for the above.

        * bindings/js/JSDOMWindowBase.h: Updated includes. Added "DOMWindow.h" but also
        expanded the deprecated "JSDOMBinding.h" into all the things it includes.

        * bindings/js/JSDOMWindowProxy.cpp:
        (WebCore::JSDOMWindowProxy::finishCreation): Tweak argument type to match usage.
        (WebCore::JSDOMWindowProxy::create): Moved here from header, rolled in the code
        that creates the structure.
        (WebCore::JSDOMWindowProxy::setWindow): Take a reference instead of a pointer
        or a RefPtr&&.
        (WebCore::JSDOMWindowProxy::toWrapped): Use ? : instead of if.
        (WebCore::toJS): Pass a reference.
        * bindings/js/JSDOMWindowProxy.h: Updated for abvoe changes.

        * bindings/js/JSDOMWrapper.cpp:
        (WebCore::cloneAcrossWorlds): Added.
        * bindings/js/JSDOMWrapper.h: Ditto.

        * bindings/js/JSErrorHandler.cpp:
        (WebCore::JSErrorHandler::JSErrorHandler): Changed to take a reference.
        Marked inline.
        (WebCore::JSErrorHandler::create): Moved here from header. No longer inline, but
        the constructor is now inline, so same number of levels of function calls, and
        less code compiled at the call site and less to compile in the header.
        (WebCore::JSErrorHandler::handleEvent): Use toJSDOMWindow instead
        of toJSDOMGlobalObject.
        * bindings/js/JSErrorHandler.h: Ditto. Also made createJSErrorHandler take
        references instead of pointers.

        * bindings/js/JSEventListener.cpp:
        (WebCore::JSEventListener::create): Moved here from the header.
        (WebCore::createEventListenerForEventHandlerAttribute): Updated for change to
        currentWorld.
        (WebCore::toJSDOMGlobalObject): Moved here from JSDOMGlobalObject.cpp because
        this is the only place this function is used now. Also, this was one of four
        different overrides and so it was good to delete the other three. Also updated
        to take a reference rather than a "must not be null" pointer.
        (WebCore::JSEventListener::handleEvent): Coding style tweaks.
        (WebCore::JSEventListener::virtualisAttribute const): Deleted. Now isAttribute
        is virtual and uses final as needed to remain inline-able and efficient.
        (WebCore::JSEventListener::operator== const): Use is<> and downcast<> instead
        of JSEventListener::cast.
        (WebCore::eventHandlerAttribute):  Updated for change to currentWorld.
        (WebCore::setEventHandlerAttribute): Ditto.
        (WebCore::setWindowEventHandlerAttribute): Ditto.
        (WebCore::setDocumentEventHandlerAttribute): Ditto.

        * bindings/js/JSEventListener.h: Moved create functions into the cpp file.
        Removed the cast function, since callers can use is<> and downcast<> instead.
        Use final rather than override and made isAttribute override the virtual
        function in the base class, eliminating virtualIsAttribute.

        * bindings/js/JSExtendableMessageEventCustom.cpp:
        (WebCore::JSExtendableMessageEvent::data const): Use isWorldCompatible.
        Still need to return here and fix the reference cycle for this class.

        * bindings/js/JSLazyEventListener.cpp:
        (WebCore::eventParameterName): Moved up so it can be used by the constructor.
        (WebCore::convertZeroToOne): Added, so that the constructor can fix up text
        positions passed in to it as part of initializing a data member.
        (WebCore::JSLazyEventListener::JSLazyEventListener): Changed to take
        a CreationArguments object instead of lots of separate arguments.
        (WebCore::JSLazyEventListener::initializeJSFunction const): Removed unneeded
        checks of m_code and m_eventParameterName, both guaranteed not to be null
        by the constructor. Tweaked coding style a bit.
        (WebCore::JSLazyEventListener::create): Pass CreationArguments object.
        * bindings/js/JSLazyEventListener.h: Updated for above changes. Changed the
        m_eventParameterName to be a reference since it's always a global string
        that is never destroyed.

        * bindings/js/JSMessageEventCustom.cpp:
        (WebCore::JSMessageEvent::data const): Use cachedPropertyValue and also
        updated for the new version of MessageEvent that uses a Variant instead
        of a type plus separate functions for each type.
        (WebCore::JSMessageEvent::visitAdditionalChildren): Added. Needed now that we are
        using JSValueInWrappedObject instead of JSC::Strong.

        * bindings/js/JSPopStateEventCustom.cpp:
        (WebCore::JSPopStateEvent::state const): Use isWorldCompatible and also updated
        to use JSValueInWrappedObject instead of JSC::Strong. Would be nice to share more
        code with CustomEvent and MessageEvent, but at the moment they are subtly different.
        Changed cacheState from a function to a lambda.
        (WebCore::JSPopStateEvent::visitAdditionalChildren): Added. Needed now that we are
        using JSValueInWrappedObject instead of JSC::Strong.

        * bindings/js/JSValueInWrappedObject.h: Added.

        * bindings/js/ScriptCachedFrameData.cpp:
        (WebCore::ScriptCachedFrameData::restore): Updated for changes to JSDOMWindowProxy.
        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::createWindowProxy): Ditto.
        (WebCore::ScriptController::setDOMWindowForWindowProxy): Ditto.

        * bindings/js/WorkerScriptController.cpp: Removed include of ScriptValue.h.
        (WebCore::WorkerScriptController::evaluate): Reworked to use the new
        canIncludeErrorDetails instead of sanitizeScriptError. Added a FIXME about the
        strange handling of the error message out argument.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateRuntimeEnableConditionalString): Pass a reference to worldForDOMObject.
        (GenerateImplementation): Removed an incorrect comment about a removed error
        check that is truly unneeded.
        (GenerateAttributeGetterBodyDefinition): Pass a reference to worldForDOMObject.
        (GenerateAttributeSetterBodyDefinition): Pass references to createJSErrorHandler
        and worldForDOMObject.
        (GenerateCallWith): Pass a reference to worldForDOMObject.

        * bindings/scripts/test/JS/JSTestGlobalObject.cpp: Updated for above changes.
        * bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestObj.cpp: Ditto.

        * dom/CustomEvent.cpp:
        (WebCore::CustomEvent::CustomEvent): Marked inline. Removed now unneeded
        ExecState argument.
        (WebCore::CustomEvent::create): Moved here from header. No longer inline, but
        the constructor is now inline, so same number of levels of function calls, and
        less code compiled at the call site and less to compile in the header.
        (WebCore::CustomEvent::initCustomEvent): Updated to use JSValueInWrappedObject.
        (WebCore::CustomEvent::trySerializeDetail): Deleted. Now handled by bindings.
        * dom/CustomEvent.h: Updated for the above.
        * dom/CustomEvent.idl: Added JSCustomMarkFunction and removed
        CallWith=ScriptState.

        * dom/Document.cpp:
        (WebCore::Document::shouldBypassMainWorldContentSecurityPolicy const):
        Updated to pass reference to currentWorld but also rewrote to be more direct.

        * dom/Element.cpp:
        (WebCore::Element::isKeyboardFocusable const): Take a pointer instead of a
        reference to the keyboard event. This function can be called with no event;
        before this patch we were using a "dummy event".
        * dom/Element.h: Ditto.

        * dom/ErrorEvent.cpp:
        (WebCore::ErrorEvent::error): Use isWorldCompatible.

        * dom/Event.cpp:
        (WebCore::Event::create): Moved here from header.
        (WebCore::Event::createForBindings): Ditto.
        (WebCore::Event::initEvent): Updated to use the name m_canceled instead of
        the name m_defaultPrevented.
        (WebCore::Event::resetBeforeDispatch): Added. Clears m_defaultHandled so
        a value left over from a previous dispatch doesn't affect the next dispatch.

        * dom/Event.h: Renamed m_defaultPrevented to m_canceled to match specification
        terminology and be slightly clearer. Added resetBeforeDispatch. Removed the
        setDefaultPrevented function.

        * dom/EventDispatcher.cpp:
        (WebCore::EventDispatcher::dispatchEvent): Added call to resetBeforeDispatch.

        * dom/EventListener.h: Made isAttribute virtual and got rid of virtualIsAttribute,
        which was an alternative to using "final" before we had that in the language.

        * dom/EventTarget.cpp:
        (WebCore::EventTarget::dispatchEvent): Added call to resetBeforeDispatch.

        * dom/KeyboardEvent.cpp:
        (WebCore::KeyboardEvent::KeyboardEvent): Removed unneeded code that initializes
        m_handledByInputMethod to false; we do that in the class definition now.
        (WebCore::KeyboardEvent::create): Moved here from header.
        (WebCore::KeyboardEvent::createForBindings): Ditto.
        (WebCore::KeyboardEvent::initKeyboardEvent): Added code to reset m_charCode,
        m_isComposing, m_keyCode, m_repeat, m_underlyingPlatformEvent, m_which, m_code,
        and m_key. These are needed now that we can reuse an existing event; we don't
        want them getting out of sync with the other data members.
        (WebCore::KeyboardEvent::keyCode const): Updated for name change from m_keyEvent
        to m_underlyingPlatformEvent.
        (WebCore::KeyboardEvent::charCode const): Ditto.
        (WebCore::findKeyboardEvent): Deleted. Was unused.
        * dom/KeyboardEvent.h: Updated for the above. Removed KeyboardEvent::createForDummy.

        * dom/MessageEvent.cpp:
        (WebCore::MessageEvent::MessageEvent): Removed unnneded ExecState argument.
        Simplified since m_data is now a Variant.
        (WebCore::MessageEvent::create): More of the same.
        (WebCore::MessageEvent::initMessageEvent): Ditto.
        (WebCore::MessageEvent::trySerializeData): Deleted.
        (WebCore::MessageEvent::data const): Deleted.
        * dom/MessageEvent.h: Use a Variant.
        * dom/MessageEvent.idl: Added JSCustomMarkFunction and removed
        CallWith=ScriptState and CachedAttribute.

        * dom/MouseEvent.h: Removed obsolete comment.
        * dom/MouseEvent.idl: Wrap line differently.

        * dom/PopStateEvent.cpp:
        (WebCore::PopStateEvent::PopStateEvent): Removed unneeded ExecState argument.
        Updated to use JSValueInWrappedObject.
        (WebCore::PopStateEvent::create): Ditto.
        (WebCore::PopStateEvent::trySerializeState): Ditto.
        * dom/PopStateEvent.h: Ditto.
        * dom/PopStateEvent.idl: Use JSCustomMarkFunction, and don't use
        ConstructorCallWith=ScriptState.

        * dom/ScriptExecutionContext.cpp:
        (WebCore::ScriptExecutionContext::sanitizeScriptError): Deleted.
        (WebCore::ScriptExecutionContext::canIncludeErrorDetails): Added.
        (WebCore::ScriptExecutionContext::dispatchErrorEvent): Clarify by
        using canIncludeErrorDetails instead of sanitizeScriptError.
        * dom/ScriptExecutionContext.h: Ditto.

        * dom/WheelEvent.cpp:
        (WebCore::WheelEvent::WheelEvent): Updated for name change and also to
        eliminate m_initializedWithPlatformWheelEvent.
        (WebCore::WheelEvent::create): Moved here from header.
        (WebCore::WheelEvent::createForBindings): Ditto.
        (WebCore::WheelEvent::initWebKitWheelEvent): Renamed from initWheelEvent.
        * dom/WheelEvent.h: Renamed initWheelEvent to initWebKitWheelEvent since
        there is no standard init function for wheel events and we have this only
        for backward compatibility. Got rid of the separate boolean
        m_initializedWithPlatformWheelEvent and instead made the renamed
        m_wheelEvent, m_underlyingPlatformEvent, optional for when there is no
        underlying platform event.

        * html/BaseDateAndTimeInputType.cpp:
        (WebCore::BaseDateAndTimeInputType::isKeyboardFocusable const): Take a
        pointer to the event so we can handle the case where there is no event.
        * html/BaseDateAndTimeInputType.h: Ditto.
        * html/HTMLAnchorElement.cpp:
        (WebCore::HTMLAnchorElement::isKeyboardFocusable const): Ditto.
        * html/HTMLAnchorElement.h: Ditto.
        * html/HTMLAreaElement.cpp:
        (WebCore::HTMLAreaElement::isKeyboardFocusable const): Ditto.
        * html/HTMLAreaElement.h: Ditto.
        * html/HTMLDocument.cpp: Added include of "DOMWindow.h".
        * html/HTMLFormControlElement.cpp:
        (WebCore::HTMLFormControlElement::isKeyboardFocusable const): Take
        pointer to the event.
        * html/HTMLFormControlElement.h: Ditto.
        * html/HTMLFrameOwnerElement.cpp:
        (WebCore::HTMLFrameOwnerElement::isKeyboardFocusable const): Ditto.
        * html/HTMLFrameOwnerElement.h: Ditto.
        * html/HTMLIFrameElement.h: Ditto.
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::isKeyboardFocusable const): Ditto.
        (WebCore::HTMLInputElement::isTextFormControlKeyboardFocusable const): Ditto.
        * html/HTMLInputElement.h: Ditto.
        * html/HTMLPlugInElement.cpp:
        (WebCore::HTMLPlugInElement::isKeyboardFocusable const): Ditto.
        * html/HTMLPlugInElement.h: Ditto.
        * html/HTMLSelectElement.cpp:
        (WebCore::HTMLSelectElement::isKeyboardFocusable const): Ditto.
        * html/HTMLSelectElement.h: Ditto.
        * html/HTMLTextAreaElement.cpp:
        (WebCore::HTMLTextAreaElement::isKeyboardFocusable const): Ditto.
        * html/HTMLTextAreaElement.h: Ditto.
        * html/InputType.cpp:
        (WebCore::InputType::isKeyboardFocusable const): Ditto.
        * html/InputType.h: Ditto.
        * html/RadioInputType.cpp:
        (WebCore::RadioInputType::isKeyboardFocusable const): Ditto.
        * html/RadioInputType.h: Ditto.
        * html/TextFieldInputType.cpp:
        (WebCore::TextFieldInputType::isKeyboardFocusable const): Ditto.
        * html/TextFieldInputType.h: Ditto.

        * inspector/CommandLineAPIHost.cpp:
        (WebCore::listenerEntriesFromListenerInfo): Pass reference to currentWorld.
        Use is<> and downcast<> instead of JSEventListener::cast.
        * inspector/PageScriptDebugServer.cpp:
        (WebCore::PageScriptDebugServer::isContentScript const): Pass reference to
        currentWorld.
        * inspector/agents/InspectorDOMAgent.cpp:
        (WebCore::InspectorDOMAgent::buildObjectForEventListener):
        Use is<> and downcast<> instead of JSEventListener::cast.

        * mathml/MathMLElement.cpp:
        (WebCore::MathMLElement::isKeyboardFocusable const): Take a
        pointer to the event so we can handle the case where there is no event.
        * mathml/MathMLElement.h: Ditto.

        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::dispatchEvent): Added call to resetBeforeDispatch.
        All event dispatching paths now need to do this; there are 3.

        * page/EventHandler.cpp:
        (WebCore::handleWheelEventInAppropriateEnclosingBox): Use the new
        underlyingPlatformEvent function, less confusing than calling a function
        named wheelEvent() on an object of type WheelEvent. Also, it returns
        a const& to std::optional instead of a pointer, so updated for that.
        (WebCore::EventHandler::defaultWheelEventHandler): Ditto.
        (WebCore::EventHandler::internalKeyEvent): Use preventDefault instead
        of setDefaultPrevented(true).
        (WebCore::EventHandler::tabsToLinks const): Take a pointer.
        (WebCore::EventHandler::defaultArrowEventHandler): Pass a pointer.
        (WebCore::EventHandler::defaultTabEventHandler): Ditto.
        * page/EventHandler.h: Updated for the above.

        * page/EventSource.cpp:
        (WebCore::EventSource::dispatchMessageEvent): Pass a reference rather
        than a pointer when creating a message event.

        * page/FocusController.cpp:
        (WebCore::isFocusableElementOrScopeOwner): Use a pointer instead of reference
        for keyboard event.
        (WebCore::isNonFocusableScopeOwner): Ditto.
        (WebCore::isFocusableScopeOwner): Ditto.
        (WebCore::shadowAdjustedTabIndex): Ditto.
        (WebCore::FocusController::findFocusableElementDescendingIntoSubframes):
        Renamed to use simpler terminology than "descending down into frame document".
        Changed to take a pointer instead of reference.
        (WebCore::FocusController::setInitialFocus): Pass nullptr instead of
        using KeyboardEvent::createForDummy.
        (WebCore::FocusController::advanceFocus): Pointer instead of reference.
        (WebCore::FocusController::advanceFocusInDocumentOrder): Ditto.
        (WebCore::FocusController::findFocusableElementAcrossFocusScope): Ditto.
        (WebCore::FocusController::findFocusableElementWithinScope): Ditto.
        (WebCore::FocusController::nextFocusableElementWithinScope): Ditto.
        (WebCore::FocusController::previousFocusableElementWithinScope): Ditto.
        (WebCore::FocusController::findFocusableElementOrScopeOwner): Ditto.
        (WebCore::FocusController::findElementWithExactTabIndex): Ditto.
        (WebCore::nextElementWithGreaterTabIndex): Ditto.
        (WebCore::previousElementWithLowerTabIndex): Ditto.
        (WebCore::FocusController::nextFocusableElement): Ditto.
        (WebCore::FocusController::previousFocusableElement): Ditto.
        (WebCore::FocusController::nextFocusableElementOrScopeOwner): Ditto.
        (WebCore::FocusController::previousFocusableElementOrScopeOwner): Ditto.
        (WebCore::FocusController::findFocusCandidateInContainer): Ditto.
        (WebCore::FocusController::advanceFocusDirectionallyInContainer): Ditto.
        (WebCore::FocusController::advanceFocusDirectionally): Ditto.
        * page/FocusController.h: Updated for the above.

        * page/PageConsoleClient.cpp:
        (WebCore::objectArgumentAt): Added. Helper to make functions below simpler.
        (WebCore::canvasRenderingContext): Factored out logic to get the context
        from either a canvas or a canvas rendering context from the functions below.
        Also updated to not use ScriptValue and to use auto quite a bit more.
        (WebCore::PageConsoleClient::record): Updated to use the functions above.
        (WebCore::PageConsoleClient::recordEnd): Ditto.

        * page/ios/EventHandlerIOS.mm:
        (WebCore::EventHandler::tabsToAllFormControls const): Take a pointer
        instead of a reference.
        * page/mac/EventHandlerMac.mm:
        (WebCore::EventHandler::tabsToAllFormControls const): Ditto.
        * page/win/EventHandlerWin.cpp:
        (WebCore::EventHandler::tabsToAllFormControls const): Ditto.
        * platform/glib/EventHandlerGLib.cpp:
        (WebCore::EventHandler::tabsToAllFormControls const): Ditto.
        * svg/SVGAElement.cpp:
        (WebCore::SVGAElement::isKeyboardFocusable const): Ditto.
        * svg/SVGAElement.h: Ditto.

        * testing/Internals.cpp:
        (WebCore::Internals::isFromCurrentWorld const): Use isWorldCompatible.

2018-02-07  Andy Estes  <aestes@apple.com>

        ASSERTION FAILED: vm->currentThreadIsHoldingAPILock() seen with http/tests/paymentrequest/payment-request-show-method.https.html
        https://bugs.webkit.org/show_bug.cgi?id=182591

        Reviewed by Youenn Fablet.

        Fixes assertion failures in http/tests/paymentrequest/payment-request-show-method.https.html.

        DOMPromise::whenSettled() calls the JSC API without first aquiring the API lock, and
        r228195 added a call to whenSettled() where the lock is not guaranteed to be already
        acquired.

        Fix this by creating a JSLockHolder in DOMPromise::whenSettled().

        * bindings/js/JSDOMPromise.cpp:
        (WebCore::DOMPromise::whenSettled):

2018-02-07  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r228243.

        Introduced an assertion failure with API test
        FullscreenZoomInitialFrame.WebKit

        Reverted changeset:

        "Assert that NSApp is not running in the WebProcess."
        https://bugs.webkit.org/show_bug.cgi?id=182553
        https://trac.webkit.org/changeset/228243

2018-02-07  Christopher Reid  <chris.reid@sony.com>

        [Curl] Cookie Database has some warnings when compiled in clang
        https://bugs.webkit.org/show_bug.cgi?id=182583

        Reviewed by Alex Christensen.

        No new tests, no change in behavior.

        Fixing unused-parameter, missing-field-initializers, reorder, and pragma-once-outside-header warnings.

        * platform/network/NetworkStorageSession.h:
        * platform/network/curl/CookieJarCurlDatabase.cpp:
        * platform/network/curl/CookieJarDB.cpp:
        * platform/network/curl/NetworkStorageSessionCurl.cpp:

2018-02-07  Ryosuke Niwa  <rniwa@webkit.org>

        Remove unused CSSParserContext in CSSParser::parseInlineStyleDeclaration
        https://bugs.webkit.org/show_bug.cgi?id=182587

        Reviewed by Simon Fraser.

        Removed the code. There is no need to create an unused CSSParserContext in CSSParser.

        * css/parser/CSSParser.cpp:
        (WebCore::CSSParser::parseInlineStyleDeclaration):
        * css/parser/CSSParser.h:
        * css/parser/CSSParserImpl.cpp:
        (WebCore::CSSParserImpl::parseInlineStyleDeclaration):
        * css/parser/CSSParserImpl.h:

2018-02-07  Ross Kirsling  <ross.kirsling@sony.com>

        Add missing #if ENABLE(VIDEO_TRACK) after r228201.
        https://bugs.webkit.org/show_bug.cgi?id=182585

        Reviewed by Chris Dumez.

        * loader/LinkPreloadResourceClients.h:

2018-02-07  Per Arne Vollan  <pvollan@apple.com>

        Assert that NSApp is not running in the WebProcess.
        https://bugs.webkit.org/show_bug.cgi?id=182553
        <rdar://problem/37316144>
        
        Reviewed by Simon Fraser.

        In WebCore, there are a few places where NSApp is referenced. Since the WebContent process
        is no longer using the NSApplication run loop, and NSApp is no longer guaranteed to be
        valid, we should make sure that the NSApp is not referenced by the WebContent process or
        the Network process, by asserting that the NSApplication event loop is running when NSApp
        is referenced. It is still ok for the UIProcess to reference NSApp. Adding these assert
        will help catch references to NSApp when the NSApplication run loop is not used.
        Also, do not post a fake mouse event in PasteBoard::setDragImage when the NSApplication
        run loop is not running, since this is only relevant in WK1.

        No new tests, covered by existing tests. 

        * page/mac/EventHandlerMac.mm:
        (WebCore::lastEventIsMouseUp):
        (WebCore::EventHandler::sendFakeEventsAfterWidgetTracking):
        * platform/mac/PasteboardMac.mm:
        (WebCore::Pasteboard::setDragImage):
        * platform/mac/WebVideoFullscreenController.mm:
        (-[WebVideoFullscreenController windowDidLoad]):
        (-[WebVideoFullscreenController updateMenuAndDockForFullscreen]):
        * platform/mac/WebWindowAnimation.mm:
        (WebCore::WebWindowAnimationDurationFromDuration):

2018-02-07  Youenn Fablet  <youenn@apple.com>

        ASSERTION FAILED: m_timeOrigin in Performance::Performance()
        https://bugs.webkit.org/show_bug.cgi?id=182558
        <rdar://problem/37297551>

        Reviewed by Chris Dumez.

        Test: http/wpt/fetch/cors-preflight-star.any.serviceworker.html

        * loader/CrossOriginPreflightChecker.cpp:
        (WebCore::CrossOriginPreflightChecker::startPreflight):

2018-02-07  Wenson Hsieh  <wenson_hsieh@apple.com>

        REGRESSION(r226396): File paths are inserted when dropping image files
        https://bugs.webkit.org/show_bug.cgi?id=182557
        <rdar://problem/37294120>

        Reviewed by Ryosuke Niwa.

        Reverts unintended changes in <http://trac.webkit.org/r226396>. Before r226396, WebContentReader::readFilenames
        (a helper function in macOS-specific code) contained logic to create and insert attachment elements if
        ENABLE(ATTACHMENT_ELEMENT); otherwise, it would fall back to inserting the visible URL as a text node. Since we
        enable the attachment element on all Cocoa platforms via xcconfig files, this was effectively dead code.

        However, when r226396 (which moved this out from macOS to Cocoa platform code) refactored this helper function,
        it also moved this chunk of code out of the !ENABLE(ATTACHMENT) conditional and into a PLATFORM(MAC) guard,
        which means that we now fall back to inserting file paths as text when attachment elements are disabled. To fix
        this, we simply remove the (previously) dead code.

        A more subtle difference is that we no longer always return true from WebContentReader::readFilePaths. This
        means that when we drop files, we no longer skip over the early return in documentFragmentFromDragData when
        we've made a fragment, so we read the file path as a URL. To address this, we just restore the pre-macOS 10.13.4
        behavior of initializing the document fragment.

        Test: modified editing/pasteboard/drag-files-to-editable-element-as-URLs.html.

        * editing/WebContentReader.cpp:
        (WebCore::WebContentReader::ensureFragment): Deleted.

        Remove this helper, as it was only used in WebContentReader::readFilePaths.

        * editing/WebContentReader.h:
        * editing/cocoa/WebContentReaderCocoa.mm:
        (WebCore::WebContentReader::readFilePaths):

2018-02-07  John Wilander  <wilander@apple.com>

        Restrict Referer to just the origin for third parties in private mode and third parties ITP blocks cookies for in regular mode
        https://bugs.webkit.org/show_bug.cgi?id=182559
        <rdar://problem/36990337>

        Reviewed by Andy Estes.

        Tests: http/tests/resourceLoadStatistics/strip-referrer-to-origin-for-prevalent-subresource-redirects.html
               http/tests/resourceLoadStatistics/strip-referrer-to-origin-for-prevalent-subresource-requests.html
               http/tests/security/strip-referrer-to-origin-for-third-party-redirects-in-private-mode.html
               http/tests/security/strip-referrer-to-origin-for-third-party-requests-in-private-mode.html

        * page/SecurityPolicy.cpp:
        (WebCore::SecurityPolicy::referrerToOriginString):
            Now exposed within WebCore. This is to make sure we create a proper referrer
            string in WebCore::ResourceRequestBase::setExistingHTTPReferrerToOriginString().
        (WebCore::referrerToOriginString): Deleted.
            Used to be internal.
        * page/SecurityPolicy.h:
        * platform/network/ResourceRequestBase.cpp:
        (WebCore::ResourceRequestBase::setExistingHTTPReferrerToOriginString):
            New, exported function used in WebKit. Note that this function does not
            set the referrer if the request has none since before.
        * platform/network/ResourceRequestBase.h:


2018-02-07  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Remove RenderElement::destroyLeftoverChildren.
        https://bugs.webkit.org/show_bug.cgi?id=182518
        <rdar://problem/37256035>

        Reviewed by Antti Koivisto.

        Remove leftover children before we call takeChild() on the parent (as opposed to when
        we finally call destroy() on the parent).
        This patch also explicitly destroys the top level pagination renderers.

        Covered by existing tests.

        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::removeAndDestroyChild):
        (WebCore::RenderElement::destroyLeftoverChildren): Deleted.
        * rendering/RenderElement.h:
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::destroy):
        * rendering/updating/RenderTreeUpdater.cpp:
        (WebCore::RenderTreeUpdater::tearDownRenderers):
        (WebCore::RenderTreeUpdater::tearDownLeftoverPaginationRenderersIfNeeded):
        * rendering/updating/RenderTreeUpdater.h:

2018-02-07  Daniel Bates  <dabates@apple.com>

        Log error when authentication challenge is blocked due to an insecure request
        https://bugs.webkit.org/show_bug.cgi?id=182358

        Reviewed by Andy Estes.

        Emit an error message to Web Inspector console that explains why an authentication
        challenge was blocked so that a developer can fix up their site.

        Tests: http/tests/security/mixedContent/insecure-basic-auth-image.https.html
               http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-insecure-page.https.html
               http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-secure-page-via-insecure-redirect.https.html

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::receivedFirstData): Log to the console an error message
        if the document we are loading was forbidden from prompting for credentials.
        Also removed duplicate assertion to ensure document is non-null and update
        call to LinkLoader::loadLinksFromHeader() to use local variable to access
        the document we are loading instead of asking the frame for it, again.
        (WebCore::FrameLoader::reportAuthenticationChallengeBlocked): Added.
        * loader/FrameLoader.h:

        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::init):
        (WebCore::ResourceLoader::willSendRequestInternal):
        Track the decision to forbid asking for credentials due to Fetch spec. requirements (m_canAskClientForCredentials)
        independently from the decision to forbid them due to making an insecure request (m_wasInsecureRequestSeen)
        so that we know the reason why we blocked asking for credentials when we receive an authentication challenge.

        (WebCore::ResourceLoader::didBlockAuthenticationChallenge): Added.
        (WebCore::ResourceLoader::isAllowedToAskUserForCredentials const): Modified code now that we track
        whether we have seen an insecure request so far independently from decision to forbid prompting for
        credentials due to a Fetch spec. requirement.

        (WebCore::ResourceLoader::didReceiveAuthenticationChallenge):
        Store a bit whether we have seen an insecure request when loading the resource so far. Disallow
        asking for credentials if we have seen an insecure request so far. Once we receive a response

        * loader/ResourceLoader.h:
        (WebCore::ResourceLoader::wasAuthenticationChallengeBlocked const): Added.
        (WebCore::ResourceLoader::wasInsecureRequestSeen const): Added.

2018-02-06  Matt Lewis  <jlewis3@apple.com>

        Removed the assertions from VideoFullscreenInterfaceAVKit.mm temporarily to stop the resulting crashes during debugging.
        https://bugs.webkit.org/show_bug.cgi?id=182527

        Unreviewed build fix.

        * platform/ios/VideoFullscreenInterfaceAVKit.mm:
        (VideoFullscreenInterfaceAVKit::exitFullscreen):
        (VideoFullscreenInterfaceAVKit::cleanupFullscreen):

2018-02-07  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderBlock::removeLeftoverAnonymousBlock to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182510
        <rdar://problem/37250037>

        Reviewed by Antti Koivisto.

        Do not reinvent subtree reparenting.

        Covered by existing tests.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::removeLeftoverAnonymousBlock): Deleted.
        * rendering/RenderBlock.h:
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::moveAllChildrenToInternal):
        * rendering/RenderBoxModelObject.h:
        * rendering/RenderButton.h:
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::detachRendererInternal):
        (WebCore::RenderElement::attachRendererInternal):
        (WebCore::RenderElement::insertChildInternal):
        (WebCore::RenderElement::takeChildInternal):
        * rendering/RenderElement.h:
        * rendering/RenderRuby.h:
        * rendering/RenderRubyRun.h:
        * rendering/RenderTextControl.h:
        * rendering/updating/RenderTreeBuilderBlock.cpp:
        (WebCore::RenderTreeBuilder::Block::insertChildIgnoringContinuation):
        (WebCore::RenderTreeBuilder::Block::childBecameNonInline):
        (WebCore::RenderTreeBuilder::Block::removeLeftoverAnonymousBlock):
        * rendering/updating/RenderTreeBuilderBlock.h:

2018-02-06  Don Olmstead  <don.olmstead@sony.com>

        Remove WebCore/ForwardingHeaders directory
        https://bugs.webkit.org/show_bug.cgi?id=182347

        Reviewed by Keith Miller.

        No new tests. No change in behavior.

        * CMakeLists.txt:
        * ForwardingHeaders/bindings/ScriptFunctionCall.h: Removed.
        * ForwardingHeaders/bindings/ScriptObject.h: Removed.
        * ForwardingHeaders/bindings/ScriptValue.h: Removed.
        * ForwardingHeaders/builtins/BuiltinNames.h: Removed.
        * ForwardingHeaders/builtins/BuiltinUtils.h: Removed.
        * ForwardingHeaders/builtins/JSCBuiltins.h: Removed.
        * ForwardingHeaders/bytecode/CodeBlock.h: Removed.
        * ForwardingHeaders/bytecode/SpeculatedType.h: Removed.
        * ForwardingHeaders/bytecode/UnlinkedFunctionExecutable.h: Removed.
        * ForwardingHeaders/debugger/Debugger.h: Removed.
        * ForwardingHeaders/domjit/DOMJITAbstractHeap.h: Removed.
        * ForwardingHeaders/domjit/DOMJITEffect.h: Removed.
        * ForwardingHeaders/domjit/DOMJITGetterSetter.h: Removed.
        * ForwardingHeaders/domjit/DOMJITHeapRange.h: Removed.
        * ForwardingHeaders/domjit/DOMJITSignature.h: Removed.
        * ForwardingHeaders/heap/BlockDirectoryInlines.h: Removed.
        * ForwardingHeaders/heap/DeleteAllCodeEffort.h: Removed.
        * ForwardingHeaders/heap/FastMallocAlignedMemoryAllocator.h: Removed.
        * ForwardingHeaders/heap/GCActivityCallback.h: Removed.
        * ForwardingHeaders/heap/GCFinalizationCallback.h: Removed.
        * ForwardingHeaders/heap/HandleTypes.h: Removed.
        * ForwardingHeaders/heap/Heap.h: Removed.
        * ForwardingHeaders/heap/HeapInlines.h: Removed.
        * ForwardingHeaders/heap/HeapObserver.h: Removed.
        * ForwardingHeaders/heap/IncrementalSweeper.h: Removed.
        * ForwardingHeaders/heap/LockDuringMarking.h: Removed.
        * ForwardingHeaders/heap/MachineStackMarker.h: Removed.
        * ForwardingHeaders/heap/MarkedBlockInlines.h: Removed.
        * ForwardingHeaders/heap/MarkingConstraint.h: Removed.
        * ForwardingHeaders/heap/RunningScope.h: Removed.
        * ForwardingHeaders/heap/SimpleMarkingConstraint.h: Removed.
        * ForwardingHeaders/heap/SlotVisitor.h: Removed.
        * ForwardingHeaders/heap/SlotVisitorInlines.h: Removed.
        * ForwardingHeaders/heap/Strong.h: Removed.
        * ForwardingHeaders/heap/StrongInlines.h: Removed.
        * ForwardingHeaders/heap/SubspaceInlines.h: Removed.
        * ForwardingHeaders/heap/ThreadLocalCache.h: Removed.
        * ForwardingHeaders/heap/Weak.h: Removed.
        * ForwardingHeaders/heap/WeakInlines.h: Removed.
        * ForwardingHeaders/inspector/ConsoleMessage.h: Removed.
        * ForwardingHeaders/inspector/ContentSearchUtilities.h: Removed.
        * ForwardingHeaders/inspector/IdentifiersFactory.h: Removed.
        * ForwardingHeaders/inspector/InjectedScript.h: Removed.
        * ForwardingHeaders/inspector/InjectedScriptBase.h: Removed.
        * ForwardingHeaders/inspector/InjectedScriptHost.h: Removed.
        * ForwardingHeaders/inspector/InjectedScriptManager.h: Removed.
        * ForwardingHeaders/inspector/InjectedScriptModule.h: Removed.
        * ForwardingHeaders/inspector/InspectorAgentBase.h: Removed.
        * ForwardingHeaders/inspector/InspectorAgentRegistry.h: Removed.
        * ForwardingHeaders/inspector/InspectorBackendDispatcher.h: Removed.
        * ForwardingHeaders/inspector/InspectorBackendDispatchers.h: Removed.
        * ForwardingHeaders/inspector/InspectorEnvironment.h: Removed.
        * ForwardingHeaders/inspector/InspectorFrontendChannel.h: Removed.
        * ForwardingHeaders/inspector/InspectorFrontendDispatchers.h: Removed.
        * ForwardingHeaders/inspector/InspectorFrontendRouter.h: Removed.
        * ForwardingHeaders/inspector/InspectorProtocolObjects.h: Removed.
        * ForwardingHeaders/inspector/InspectorProtocolTypes.h: Removed.
        * ForwardingHeaders/inspector/PerGlobalObjectWrapperWorld.h: Removed.
        * ForwardingHeaders/inspector/ScriptArguments.h: Removed.
        * ForwardingHeaders/inspector/ScriptBreakpoint.h: Removed.
        * ForwardingHeaders/inspector/ScriptCallFrame.h: Removed.
        * ForwardingHeaders/inspector/ScriptCallStack.h: Removed.
        * ForwardingHeaders/inspector/ScriptCallStackFactory.h: Removed.
        * ForwardingHeaders/inspector/ScriptDebugListener.h: Removed.
        * ForwardingHeaders/inspector/ScriptDebugServer.h: Removed.
        * ForwardingHeaders/inspector/agents/InspectorAgent.h: Removed.
        * ForwardingHeaders/inspector/agents/InspectorConsoleAgent.h: Removed.
        * ForwardingHeaders/inspector/agents/InspectorDebuggerAgent.h: Removed.
        * ForwardingHeaders/inspector/agents/InspectorHeapAgent.h: Removed.
        * ForwardingHeaders/inspector/agents/InspectorRuntimeAgent.h: Removed.
        * ForwardingHeaders/inspector/agents/InspectorScriptProfilerAgent.h: Removed.
        * ForwardingHeaders/interpreter/CallFrame.h: Removed.
        * ForwardingHeaders/interpreter/FrameTracers.h: Removed.
        * ForwardingHeaders/interpreter/ShadowChicken.h: Removed.
        * ForwardingHeaders/interpreter/StackVisitor.h: Removed.
        * ForwardingHeaders/jit/JITCode.h: Removed.
        * ForwardingHeaders/jit/JITMathICForwards.h: Removed.
        * ForwardingHeaders/jit/Snippet.h: Removed.
        * ForwardingHeaders/jit/SnippetParams.h: Removed.
        * ForwardingHeaders/jit/SpillRegistersMode.h: Removed.
        * ForwardingHeaders/masm/X86Assembler.h: Removed.
        * ForwardingHeaders/parser/ParserError.h: Removed.
        * ForwardingHeaders/parser/SourceCode.h: Removed.
        * ForwardingHeaders/parser/SourceProvider.h: Removed.
        * ForwardingHeaders/parser/SourceProviderCache.h: Removed.
        * ForwardingHeaders/profiler/ProfilerDatabase.h: Removed.
        * ForwardingHeaders/runtime/ArgList.h: Removed.
        * ForwardingHeaders/runtime/ArrayBuffer.h: Removed.
        * ForwardingHeaders/runtime/ArrayBufferView.h: Removed.
        * ForwardingHeaders/runtime/ArrayPrototype.h: Removed.
        * ForwardingHeaders/runtime/AuxiliaryBarrierInlines.h: Removed.
        * ForwardingHeaders/runtime/BooleanObject.h: Removed.
        * ForwardingHeaders/runtime/CallData.h: Removed.
        * ForwardingHeaders/runtime/CatchScope.h: Removed.
        * ForwardingHeaders/runtime/CommonIdentifiers.h: Removed.
        * ForwardingHeaders/runtime/Completion.h: Removed.
        * ForwardingHeaders/runtime/ConfigFile.h: Removed.
        * ForwardingHeaders/runtime/ConsoleClient.h: Removed.
        * ForwardingHeaders/runtime/ConsoleTypes.h: Removed.
        * ForwardingHeaders/runtime/ConstructAbility.h: Removed.
        * ForwardingHeaders/runtime/ConstructData.h: Removed.
        * ForwardingHeaders/runtime/DataView.h: Removed.
        * ForwardingHeaders/runtime/DateInstance.h: Removed.
        * ForwardingHeaders/runtime/Error.h: Removed.
        * ForwardingHeaders/runtime/ErrorHandlingScope.h: Removed.
        * ForwardingHeaders/runtime/ErrorInstance.h: Removed.
        * ForwardingHeaders/runtime/ErrorPrototype.h: Removed.
        * ForwardingHeaders/runtime/Exception.h: Removed.
        * ForwardingHeaders/runtime/ExceptionHelpers.h: Removed.
        * ForwardingHeaders/runtime/Float32Array.h: Removed.
        * ForwardingHeaders/runtime/Float64Array.h: Removed.
        * ForwardingHeaders/runtime/FunctionConstructor.h: Removed.
        * ForwardingHeaders/runtime/FunctionExecutable.h: Removed.
        * ForwardingHeaders/runtime/FunctionPrototype.h: Removed.
        * ForwardingHeaders/runtime/HashMapImpl.h: Removed.
        * ForwardingHeaders/runtime/Identifier.h: Removed.
        * ForwardingHeaders/runtime/IdentifierInlines.h: Removed.
        * ForwardingHeaders/runtime/InitializeThreading.h: Removed.
        * ForwardingHeaders/runtime/Int16Array.h: Removed.
        * ForwardingHeaders/runtime/Int32Array.h: Removed.
        * ForwardingHeaders/runtime/Int8Array.h: Removed.
        * ForwardingHeaders/runtime/InternalFunction.h: Removed.
        * ForwardingHeaders/runtime/Intrinsic.h: Removed.
        * ForwardingHeaders/runtime/IterationKind.h: Removed.
        * ForwardingHeaders/runtime/IteratorOperations.h: Removed.
        * ForwardingHeaders/runtime/IteratorPrototype.h: Removed.
        * ForwardingHeaders/runtime/JSAPIValueWrapper.h: Removed.
        * ForwardingHeaders/runtime/JSArray.h: Removed.
        * ForwardingHeaders/runtime/JSArrayBuffer.h: Removed.
        * ForwardingHeaders/runtime/JSArrayBufferView.h: Removed.
        * ForwardingHeaders/runtime/JSCInlines.h: Removed.
        * ForwardingHeaders/runtime/JSCJSValue.h: Removed.
        * ForwardingHeaders/runtime/JSCJSValueInlines.h: Removed.
        * ForwardingHeaders/runtime/JSCallee.h: Removed.
        * ForwardingHeaders/runtime/JSCell.h: Removed.
        * ForwardingHeaders/runtime/JSCellInlines.h: Removed.
        * ForwardingHeaders/runtime/JSDataView.h: Removed.
        * ForwardingHeaders/runtime/JSDestructibleObject.h: Removed.
        * ForwardingHeaders/runtime/JSDestructibleObjectHeapCellType.h: Removed.
        * ForwardingHeaders/runtime/JSExportMacros.h: Removed.
        * ForwardingHeaders/runtime/JSFunction.h: Removed.
        * ForwardingHeaders/runtime/JSGlobalObject.h: Removed.
        * ForwardingHeaders/runtime/JSGlobalObjectInlines.h: Removed.
        * ForwardingHeaders/runtime/JSInternalPromise.h: Removed.
        * ForwardingHeaders/runtime/JSInternalPromiseDeferred.h: Removed.
        * ForwardingHeaders/runtime/JSLock.h: Removed.
        * ForwardingHeaders/runtime/JSMap.h: Removed.
        * ForwardingHeaders/runtime/JSMapIterator.h: Removed.
        * ForwardingHeaders/runtime/JSModuleLoader.h: Removed.
        * ForwardingHeaders/runtime/JSModuleRecord.h: Removed.
        * ForwardingHeaders/runtime/JSNativeStdFunction.h: Removed.
        * ForwardingHeaders/runtime/JSONObject.h: Removed.
        * ForwardingHeaders/runtime/JSObject.h: Removed.
        * ForwardingHeaders/runtime/JSObjectInlines.h: Removed.
        * ForwardingHeaders/runtime/JSPromise.h: Removed.
        * ForwardingHeaders/runtime/JSPromiseConstructor.h: Removed.
        * ForwardingHeaders/runtime/JSPromiseDeferred.h: Removed.
        * ForwardingHeaders/runtime/JSProxy.h: Removed.
        * ForwardingHeaders/runtime/JSRunLoopTimer.h: Removed.
        * ForwardingHeaders/runtime/JSScriptFetchParameters.h: Removed.
        * ForwardingHeaders/runtime/JSScriptFetcher.h: Removed.
        * ForwardingHeaders/runtime/JSSegmentedVariableObjectHeapCellType.h: Removed.
        * ForwardingHeaders/runtime/JSSet.h: Removed.
        * ForwardingHeaders/runtime/JSSetIterator.h: Removed.
        * ForwardingHeaders/runtime/JSSourceCode.h: Removed.
        * ForwardingHeaders/runtime/JSString.h: Removed.
        * ForwardingHeaders/runtime/JSTypedArrays.h: Removed.
        * ForwardingHeaders/runtime/JSWithScope.h: Removed.
        * ForwardingHeaders/runtime/Lookup.h: Removed.
        * ForwardingHeaders/runtime/MapBase.h: Removed.
        * ForwardingHeaders/runtime/MapData.h: Removed.
        * ForwardingHeaders/runtime/MapDataInlines.h: Removed.
        * ForwardingHeaders/runtime/MatchResult.h: Removed.
        * ForwardingHeaders/runtime/Microtask.h: Removed.
        * ForwardingHeaders/runtime/ObjectConstructor.h: Removed.
        * ForwardingHeaders/runtime/ObjectPrototype.h: Removed.
        * ForwardingHeaders/runtime/Operations.h: Removed.
        * ForwardingHeaders/runtime/PrivateName.h: Removed.
        * ForwardingHeaders/runtime/PromiseDeferredTimer.h: Removed.
        * ForwardingHeaders/runtime/PropertyNameArray.h: Removed.
        * ForwardingHeaders/runtime/Protect.h: Removed.
        * ForwardingHeaders/runtime/RegExp.h: Removed.
        * ForwardingHeaders/runtime/RegExpObject.h: Removed.
        * ForwardingHeaders/runtime/RuntimeFlags.h: Removed.
        * ForwardingHeaders/runtime/SamplingProfiler.h: Removed.
        * ForwardingHeaders/runtime/ScriptFetchParameters.h: Removed.
        * ForwardingHeaders/runtime/ScriptFetcher.h: Removed.
        * ForwardingHeaders/runtime/StringObject.h: Removed.
        * ForwardingHeaders/runtime/StringPrototype.h: Removed.
        * ForwardingHeaders/runtime/Structure.h: Removed.
        * ForwardingHeaders/runtime/StructureChain.h: Removed.
        * ForwardingHeaders/runtime/StructureInlines.h: Removed.
        * ForwardingHeaders/runtime/Symbol.h: Removed.
        * ForwardingHeaders/runtime/SymbolTable.h: Removed.
        * ForwardingHeaders/runtime/ThrowScope.h: Removed.
        * ForwardingHeaders/runtime/TypedArrayController.h: Removed.
        * ForwardingHeaders/runtime/TypedArrayInlines.h: Removed.
        * ForwardingHeaders/runtime/TypedArrays.h: Removed.
        * ForwardingHeaders/runtime/Uint16Array.h: Removed.
        * ForwardingHeaders/runtime/Uint32Array.h: Removed.
        * ForwardingHeaders/runtime/Uint8Array.h: Removed.
        * ForwardingHeaders/runtime/Uint8ClampedArray.h: Removed.
        * ForwardingHeaders/runtime/VM.h: Removed.
        * ForwardingHeaders/runtime/VMEntryScope.h: Removed.
        * ForwardingHeaders/runtime/Watchdog.h: Removed.
        * ForwardingHeaders/runtime/WeakGCMap.h: Removed.
        * ForwardingHeaders/runtime/WeakGCMapInlines.h: Removed.
        * ForwardingHeaders/runtime/WriteBarrier.h: Removed.
        * ForwardingHeaders/wasm/WasmModule.h: Removed.
        * ForwardingHeaders/wasm/js/JSWebAssemblyModule.h: Removed.
        * ForwardingHeaders/yarr/RegularExpression.h: Removed.
        * ForwardingHeaders/yarr/Yarr.h: Removed.
        * ForwardingHeaders/yarr/YarrInterpreter.h: Removed.
        * ForwardingHeaders/yarr/YarrJIT.h: Removed.
        * ForwardingHeaders/yarr/YarrPattern.h: Removed.
        * Modules/applepay/cocoa/PaymentMerchantSessionCocoa.mm:
        * Modules/encryptedmedia/MediaKeyMessageEvent.h:
        * Modules/encryptedmedia/MediaKeyMessageEventInit.h:
        * Modules/encryptedmedia/MediaKeyStatusMap.h:
        * Modules/encryptedmedia/legacy/LegacyCDM.h:
        * Modules/encryptedmedia/legacy/LegacyCDMSessionClearKey.cpp:
        * Modules/encryptedmedia/legacy/WebKitMediaKeyMessageEvent.cpp:
        * Modules/encryptedmedia/legacy/WebKitMediaKeyNeededEvent.cpp:
        * Modules/encryptedmedia/legacy/WebKitMediaKeySession.h:
        * Modules/encryptedmedia/legacy/WebKitMediaKeys.h:
        * Modules/fetch/FetchBody.cpp:
        * Modules/fetch/FetchRequestInit.h:
        * Modules/fetch/FetchResponse.h:
        * Modules/indexeddb/IDBCursor.cpp:
        * Modules/indexeddb/IDBCursor.h:
        * Modules/indexeddb/IDBCursorWithValue.cpp:
        * Modules/indexeddb/IDBDatabase.cpp:
        * Modules/indexeddb/IDBIndex.cpp:
        * Modules/indexeddb/IDBKey.cpp:
        * Modules/indexeddb/IDBKeyRange.cpp:
        * Modules/indexeddb/IDBObjectStore.cpp:
        * Modules/indexeddb/IDBRequest.cpp:
        * Modules/indexeddb/IDBRequest.h:
        * Modules/indexeddb/client/TransactionOperation.cpp:
        * Modules/indexeddb/server/MemoryObjectStore.cpp:
        * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
        * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
        * Modules/mediacontrols/MediaControlsHost.cpp:
        * Modules/mediasource/SourceBuffer.cpp:
        * Modules/mediastream/RTCDataChannel.cpp:
        * Modules/plugins/QuickTimePluginReplacement.mm:
        * Modules/webaudio/AsyncAudioDecoder.cpp:
        * Modules/webaudio/AudioBuffer.cpp:
        * Modules/webaudio/AudioBuffer.h:
        * Modules/webaudio/AudioContext.cpp:
        * Modules/webaudio/AudioContext.h:
        * Modules/webaudio/AudioParam.h:
        * Modules/webaudio/AudioParamTimeline.h:
        * Modules/webaudio/PeriodicWave.h:
        * Modules/webaudio/RealtimeAnalyser.cpp:
        * Modules/webaudio/RealtimeAnalyser.h:
        * Modules/webaudio/ScriptProcessorNode.cpp:
        * Modules/webaudio/WaveShaperProcessor.h:
        * Modules/webauthn/AuthenticatorResponse.h:
        * Modules/webauthn/PublicKeyCredential.h:
        * Modules/websockets/WebSocket.cpp:
        * Modules/websockets/WebSocketChannel.cpp:
        * Modules/websockets/WorkerThreadableWebSocketChannel.cpp:
        * Modules/webvr/VREyeParameters.h:
        * Modules/webvr/VRFrameData.h:
        * Modules/webvr/VRPose.h:
        * Modules/webvr/VRStageParameters.h:
        * PlatformWin.cmake:
        * bindings/IDLTypes.h:
        * bindings/js/BufferSource.h:
        * bindings/js/CachedScriptFetcher.h:
        * bindings/js/CachedScriptSourceProvider.h:
        * bindings/js/CallTracerTypes.h:
        * bindings/js/CommonVM.cpp:
        * bindings/js/DOMGCOutputConstraint.cpp:
        * bindings/js/DOMGCOutputConstraint.h:
        * bindings/js/GCController.cpp:
        * bindings/js/GCController.h:
        * bindings/js/IDBBindingUtilities.cpp:
        * bindings/js/JSCallbackData.cpp:
        * bindings/js/JSCallbackData.h:
        * bindings/js/JSCustomElementInterface.cpp:
        * bindings/js/JSCustomElementInterface.h:
        * bindings/js/JSCustomEventCustom.cpp:
        * bindings/js/JSCustomXPathNSResolver.cpp:
        * bindings/js/JSCustomXPathNSResolver.h:
        * bindings/js/JSDOMBinding.h:
        * bindings/js/JSDOMBuiltinConstructorBase.cpp:
        * bindings/js/JSDOMConstructorBase.cpp:
        * bindings/js/JSDOMConvertBase.h:
        * bindings/js/JSDOMConvertBufferSource.h:
        * bindings/js/JSDOMConvertDate.cpp:
        * bindings/js/JSDOMConvertInterface.h:
        * bindings/js/JSDOMConvertJSON.h:
        * bindings/js/JSDOMConvertNumbers.cpp:
        * bindings/js/JSDOMConvertNumbers.h:
        * bindings/js/JSDOMConvertObject.h:
        * bindings/js/JSDOMConvertRecord.h:
        * bindings/js/JSDOMConvertSequences.h:
        * bindings/js/JSDOMConvertStrings.cpp:
        * bindings/js/JSDOMConvertUnion.h:
        * bindings/js/JSDOMExceptionHandling.cpp:
        * bindings/js/JSDOMExceptionHandling.h:
        * bindings/js/JSDOMGlobalObject.cpp:
        * bindings/js/JSDOMGlobalObject.h:
        * bindings/js/JSDOMGlobalObjectTask.cpp:
        * bindings/js/JSDOMGuardedObject.h:
        * bindings/js/JSDOMIterator.cpp:
        * bindings/js/JSDOMIterator.h:
        * bindings/js/JSDOMMapLike.cpp:
        * bindings/js/JSDOMMapLike.h:
        * bindings/js/JSDOMPromise.cpp:
        * bindings/js/JSDOMPromise.h:
        * bindings/js/JSDOMPromiseDeferred.cpp:
        * bindings/js/JSDOMPromiseDeferred.h:
        * bindings/js/JSDOMWindowBase.cpp:
        * bindings/js/JSDOMWindowCustom.cpp:
        * bindings/js/JSDOMWindowProxy.cpp:
        * bindings/js/JSDOMWindowProxy.h:
        * bindings/js/JSDOMWrapper.cpp:
        * bindings/js/JSDOMWrapper.h:
        * bindings/js/JSDOMWrapperCache.cpp:
        * bindings/js/JSDOMWrapperCache.h:
        * bindings/js/JSDynamicDowncast.h:
        * bindings/js/JSErrorHandler.cpp:
        * bindings/js/JSEventCustom.cpp:
        * bindings/js/JSEventListener.cpp:
        * bindings/js/JSEventListener.h:
        * bindings/js/JSHTMLElementCustom.cpp:
        * bindings/js/JSHistoryCustom.cpp:
        * bindings/js/JSIDBCursorWithValueCustom.cpp:
        * bindings/js/JSIDBIndexCustom.cpp:
        * bindings/js/JSImageDataCustom.cpp:
        * bindings/js/JSLazyEventListener.cpp:
        * bindings/js/JSLocationCustom.cpp:
        * bindings/js/JSMainThreadExecState.h:
        * bindings/js/JSMainThreadExecStateInstrumentation.h:
        * bindings/js/JSMessageChannelCustom.cpp:
        * bindings/js/JSMessageEventCustom.cpp:
        * bindings/js/JSNodeIteratorCustom.cpp:
        * bindings/js/JSPopStateEventCustom.cpp:
        * bindings/js/JSReadableStreamPrivateConstructors.cpp:
        * bindings/js/JSTreeWalkerCustom.cpp:
        * bindings/js/JSWebGL2RenderingContextCustom.cpp:
        * bindings/js/JSWorkerGlobalScopeBase.cpp:
        * bindings/js/ReadableStreamDefaultController.cpp:
        * bindings/js/ReadableStreamDefaultController.h:
        * bindings/js/ScheduledAction.cpp:
        * bindings/js/ScheduledAction.h:
        * bindings/js/ScriptCachedFrameData.cpp:
        * bindings/js/ScriptCachedFrameData.h:
        * bindings/js/ScriptController.cpp:
        * bindings/js/ScriptController.h:
        * bindings/js/ScriptControllerMac.mm:
        * bindings/js/ScriptModuleLoader.cpp:
        * bindings/js/ScriptModuleLoader.h:
        * bindings/js/ScriptSourceCode.h:
        * bindings/js/ScriptState.cpp:
        * bindings/js/ScriptWrappable.h:
        * bindings/js/ScriptWrappableInlines.h:
        * bindings/js/SerializedScriptValue.cpp:
        * bindings/js/SerializedScriptValue.h:
        * bindings/js/StructuredClone.cpp:
        * bindings/js/WebCoreBuiltinNames.h:
        * bindings/js/WebCoreJSClientData.cpp:
        * bindings/js/WebCoreTypedArrayController.cpp:
        * bindings/js/WebCoreTypedArrayController.h:
        * bindings/js/WorkerScriptController.cpp:
        * bindings/js/WorkerScriptController.h:
        * bridge/NP_jsobject.cpp:
        * bridge/c/CRuntimeObject.cpp:
        * bridge/c/c_class.cpp:
        * bridge/c/c_instance.cpp:
        * bridge/c/c_runtime.cpp:
        * bridge/c/c_utility.cpp:
        * bridge/c/c_utility.h:
        * bridge/jsc/BridgeJSC.cpp:
        * bridge/jsc/BridgeJSC.h:
        * bridge/npruntime.cpp:
        * bridge/objc/ObjCRuntimeObject.mm:
        * bridge/objc/WebScriptObject.mm:
        * bridge/objc/WebScriptObjectPrivate.h:
        * bridge/objc/objc_instance.mm:
        * bridge/objc/objc_runtime.h:
        * bridge/objc/objc_runtime.mm:
        * bridge/objc/objc_utility.h:
        * bridge/objc/objc_utility.mm:
        * bridge/runtime_array.cpp:
        * bridge/runtime_array.h:
        * bridge/runtime_method.cpp:
        * bridge/runtime_method.h:
        * bridge/runtime_object.cpp:
        * bridge/runtime_object.h:
        * bridge/runtime_root.cpp:
        * bridge/runtime_root.h:
        * crypto/SubtleCrypto.cpp:
        * crypto/SubtleCrypto.h:
        * crypto/gcrypt/CryptoKeyRSAGCrypt.cpp:
        * crypto/keys/CryptoRsaKeyAlgorithm.h:
        * crypto/mac/CryptoKeyRSAMac.cpp:
        * crypto/parameters/CryptoAlgorithmEcdsaParams.h:
        * crypto/parameters/CryptoAlgorithmHkdfParams.h:
        * crypto/parameters/CryptoAlgorithmHmacKeyParams.h:
        * crypto/parameters/CryptoAlgorithmPbkdf2Params.h:
        * crypto/parameters/CryptoAlgorithmRsaHashedImportParams.h:
        * crypto/parameters/CryptoAlgorithmRsaHashedKeyGenParams.h:
        * crypto/parameters/CryptoAlgorithmRsaKeyGenParams.h:
        * css/CSSFontFaceSource.h:
        * css/DOMMatrixReadOnly.cpp:
        * css/DOMMatrixReadOnly.h:
        * css/FontFace.cpp:
        * dom/CustomElementReactionQueue.cpp:
        * dom/CustomElementRegistry.cpp:
        * dom/CustomEvent.cpp:
        * dom/CustomEvent.h:
        * dom/Document.cpp:
        * dom/Document.h:
        * dom/ErrorEvent.cpp:
        * dom/ErrorEvent.h:
        * dom/LoadableScript.h:
        * dom/MessageEvent.cpp:
        * dom/MessageEvent.h:
        * dom/ModuleFetchParameters.h:
        * dom/PopStateEvent.cpp:
        * dom/PopStateEvent.h:
        * dom/PromiseRejectionEvent.cpp:
        * dom/PromiseRejectionEvent.h:
        * dom/RejectedPromiseTracker.cpp:
        * dom/RejectedPromiseTracker.h:
        * dom/ScriptExecutionContext.cpp:
        * dom/ScriptExecutionContext.h:
        * dom/TextEncoder.cpp:
        * dom/TextEncoder.h:
        * domjit/DOMJITHelpers.h:
        * domjit/DOMJITIDLTypeFilter.h:
        * domjit/JSDocumentDOMJIT.cpp:
        * domjit/JSNodeDOMJIT.cpp:
        * fileapi/BlobBuilder.cpp:
        * fileapi/FileReader.cpp:
        * fileapi/FileReaderLoader.cpp:
        * fileapi/FileReaderSync.cpp:
        * html/BaseTextInputType.cpp:
        * html/EmailInputType.cpp:
        * html/HTMLAllCollection.cpp:
        * html/HTMLCanvasElement.cpp:
        * html/HTMLImageLoader.cpp:
        * html/HTMLMediaElement.cpp:
        * html/HTMLPlugInImageElement.cpp:
        * html/ImageData.cpp:
        * html/ImageData.h:
        * html/MediaEncryptedEventInit.h:
        * html/WebKitMediaKeyError.h:
        * html/canvas/WebGLAny.h:
        * html/canvas/WebGLRenderingContext.cpp:
        * html/canvas/WebGLRenderingContextBase.cpp:
        * html/canvas/WebGLRenderingContextBase.h:
        * html/canvas/WebGPUBuffer.cpp:
        * html/canvas/WebGPURenderingContext.cpp:
        * html/canvas/WebGPURenderingContext.h:
        * html/track/DataCue.cpp:
        * html/track/DataCue.h:
        * inspector/CommandLineAPIHost.cpp:
        * inspector/CommandLineAPIHost.h:
        * inspector/CommandLineAPIModule.cpp:
        * inspector/CommandLineAPIModule.h:
        * inspector/InspectorCanvas.cpp:
        * inspector/InspectorCanvas.h:
        * inspector/InspectorClient.cpp:
        * inspector/InspectorController.cpp:
        * inspector/InspectorController.h:
        * inspector/InspectorDatabaseResource.h:
        * inspector/InspectorFrontendClientLocal.cpp:
        * inspector/InspectorFrontendHost.cpp:
        * inspector/InspectorInstrumentation.cpp:
        * inspector/InspectorInstrumentation.h:
        * inspector/InspectorOverlay.cpp:
        * inspector/InspectorOverlay.h:
        * inspector/InspectorShaderProgram.cpp:
        * inspector/InspectorShaderProgram.h:
        * inspector/InspectorStyleSheet.cpp:
        * inspector/InspectorStyleSheet.h:
        * inspector/InspectorWebAgentBase.h:
        * inspector/InstrumentingAgents.h:
        * inspector/PageScriptDebugServer.cpp:
        * inspector/PageScriptDebugServer.h:
        * inspector/TimelineRecordFactory.cpp:
        * inspector/WebInjectedScriptHost.h:
        * inspector/WebInjectedScriptManager.h:
        * inspector/WorkerInspectorController.cpp:
        * inspector/WorkerInspectorController.h:
        * inspector/WorkerScriptDebugServer.cpp:
        * inspector/WorkerScriptDebugServer.h:
        * inspector/WorkerToPageFrontendChannel.h:
        * inspector/agents/InspectorApplicationCacheAgent.h:
        * inspector/agents/InspectorCSSAgent.cpp:
        * inspector/agents/InspectorCSSAgent.h:
        * inspector/agents/InspectorCanvasAgent.cpp:
        * inspector/agents/InspectorCanvasAgent.h:
        * inspector/agents/InspectorDOMAgent.cpp:
        * inspector/agents/InspectorDOMAgent.h:
        * inspector/agents/InspectorDOMDebuggerAgent.cpp:
        * inspector/agents/InspectorDOMDebuggerAgent.h:
        * inspector/agents/InspectorDOMStorageAgent.cpp:
        * inspector/agents/InspectorDOMStorageAgent.h:
        * inspector/agents/InspectorDatabaseAgent.cpp:
        * inspector/agents/InspectorDatabaseAgent.h:
        * inspector/agents/InspectorIndexedDBAgent.cpp:
        * inspector/agents/InspectorIndexedDBAgent.h:
        * inspector/agents/InspectorLayerTreeAgent.cpp:
        * inspector/agents/InspectorLayerTreeAgent.h:
        * inspector/agents/InspectorMemoryAgent.cpp:
        * inspector/agents/InspectorMemoryAgent.h:
        * inspector/agents/InspectorNetworkAgent.cpp:
        * inspector/agents/InspectorNetworkAgent.h:
        * inspector/agents/InspectorPageAgent.cpp:
        * inspector/agents/InspectorPageAgent.h:
        * inspector/agents/InspectorTimelineAgent.cpp:
        * inspector/agents/InspectorTimelineAgent.h:
        * inspector/agents/InspectorWorkerAgent.h:
        * inspector/agents/WebConsoleAgent.cpp:
        * inspector/agents/WebConsoleAgent.h:
        * inspector/agents/WebDebuggerAgent.h:
        * inspector/agents/WebHeapAgent.h:
        * inspector/agents/page/PageDebuggerAgent.cpp:
        * inspector/agents/page/PageRuntimeAgent.cpp:
        * inspector/agents/page/PageRuntimeAgent.h:
        * inspector/agents/worker/ServiceWorkerAgent.h:
        * inspector/agents/worker/WorkerDebuggerAgent.cpp:
        * inspector/agents/worker/WorkerRuntimeAgent.cpp:
        * inspector/agents/worker/WorkerRuntimeAgent.h:
        * loader/EmptyClients.cpp:
        * page/CaptionUserPreferences.cpp:
        * page/Chrome.cpp:
        * page/ChromeClient.h:
        * page/Crypto.cpp:
        * page/DOMWindow.cpp:
        * page/DOMWindow.h:
        * page/Frame.cpp:
        * page/OriginThreadLocalCache.h:
        * page/PageConsoleClient.cpp:
        * page/PageConsoleClient.h:
        * page/PageDebuggable.cpp:
        * page/PageGroup.cpp:
        * page/SettingsBase.h:
        * page/UserContentController.cpp:
        * page/cocoa/ResourceUsageThreadCocoa.mm:
        * page/csp/ContentSecurityPolicy.cpp:
        * page/ios/FrameIOS.mm:
        * page/linux/ResourceUsageOverlayLinux.cpp:
        * page/linux/ResourceUsageThreadLinux.cpp:
        * platform/MediaSample.h:
        * platform/SerializedPlatformRepresentation.h:
        * platform/SharedBuffer.h:
        * platform/audio/mac/CARingBuffer.h:
        * platform/cocoa/SharedBufferCocoa.mm:
        * platform/graphics/ImageBuffer.h:
        * platform/graphics/LegacyCDMSession.h:
        * platform/graphics/MediaPlayer.h:
        * platform/graphics/avfoundation/CDMFairPlayStreaming.cpp:
        * platform/graphics/avfoundation/CDMPrivateMediaSourceAVFObjC.mm:
        * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
        * platform/graphics/avfoundation/MediaSampleAVFObjC.h:
        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
        * platform/graphics/avfoundation/objc/CDMSessionAVContentKeySession.mm:
        * platform/graphics/avfoundation/objc/CDMSessionAVFoundationObjC.mm:
        * platform/graphics/avfoundation/objc/CDMSessionAVStreamSession.mm:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        * platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm:
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        * platform/graphics/cairo/ImageBufferCairo.cpp:
        * platform/graphics/cg/ImageBufferDataCG.cpp:
        * platform/graphics/cg/ImageBufferDataCG.h:
        * platform/graphics/cocoa/GPUDeviceMetal.mm:
        * platform/graphics/filters/FEBlend.cpp:
        * platform/graphics/filters/FEColorMatrix.cpp:
        * platform/graphics/filters/FEComponentTransfer.cpp:
        * platform/graphics/filters/FEComposite.cpp:
        * platform/graphics/filters/FEConvolveMatrix.cpp:
        * platform/graphics/filters/FEDisplacementMap.cpp:
        * platform/graphics/filters/FEDropShadow.cpp:
        * platform/graphics/filters/FEGaussianBlur.cpp:
        * platform/graphics/filters/FELighting.h:
        * platform/graphics/filters/FEMorphology.cpp:
        * platform/graphics/filters/FETurbulence.cpp:
        * platform/graphics/filters/FilterEffect.cpp:
        * platform/graphics/filters/FilterEffect.h:
        * platform/graphics/gpu/GPUBuffer.h:
        * platform/graphics/gpu/GPUDevice.h:
        * platform/graphics/iso/ISOBox.cpp:
        * platform/graphics/iso/ISOOriginalFormatBox.cpp:
        * platform/graphics/iso/ISOProtectionSchemeInfoBox.cpp:
        * platform/graphics/iso/ISOSchemeInformationBox.cpp:
        * platform/graphics/iso/ISOSchemeTypeBox.cpp:
        * platform/graphics/iso/ISOTrackEncryptionBox.cpp:
        * platform/graphics/iso/ISOVTTCue.cpp:
        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
        * platform/graphics/win/ImageBufferDataDirect2D.cpp:
        * platform/graphics/win/ImageBufferDataDirect2D.h:
        * platform/ios/wak/WebCoreThread.mm:
        * platform/mac/SerializedPlatformRepresentationMac.mm:
        * platform/mac/StringUtilities.mm:
        * platform/mock/mediasource/MockBox.cpp:
        * platform/mock/mediasource/MockSourceBufferPrivate.cpp:
        * svg/graphics/SVGImage.cpp:
        * testing/GCObservation.cpp:
        * testing/GCObservation.h:
        * testing/Internals.cpp:
        * testing/Internals.h:
        * testing/LegacyMockCDM.cpp:
        * testing/MockCDMFactory.cpp:
        * testing/js/WebCoreTestSupport.cpp:
        * workers/Worker.cpp:
        * workers/Worker.h:
        * workers/WorkerConsoleClient.cpp:
        * workers/WorkerConsoleClient.h:
        * workers/WorkerGlobalScope.cpp:
        * workers/WorkerGlobalScope.h:
        * workers/WorkerGlobalScopeProxy.h:
        * workers/WorkerInspectorProxy.cpp:
        * workers/WorkerMessagingProxy.cpp:
        * workers/WorkerThread.h:
        * workers/service/ExtendableEvent.cpp:
        * workers/service/ServiceWorker.cpp:
        * workers/service/ServiceWorker.h:
        * workers/service/ServiceWorkerClient.h:
        * workers/service/context/ServiceWorkerInspectorProxy.cpp:
        * workers/service/context/ServiceWorkerThread.cpp:
        * xml/XMLHttpRequest.cpp:

2018-02-06  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Rendering SVG images with same size as WebGL texture doesn't work correctly
        https://bugs.webkit.org/show_bug.cgi?id=182367

        Reviewed by Dean Jackson.

        If am image buffer is created for a webgl texture and then it is reused 
        for another texture, it has to be cleared before drawing.

        Test: webgl/webgl-texture-image-buffer-reuse.html

        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::LRUImageBufferCache::imageBuffer):

2018-02-06  Youenn Fablet  <youenn@apple.com>

        Use downcast in createLinkPreloadResourceClient
        https://bugs.webkit.org/show_bug.cgi?id=182488

        Reviewed by Antti Koivisto.

        No observable change of behavior.
        Add a new link preloader client for text track.

        * loader/LinkLoader.cpp:
        (WebCore::createLinkPreloadResourceClient):
        * loader/LinkPreloadResourceClients.h:

2018-02-06  Youenn Fablet  <youenn@apple.com>

        imported/w3c/web-platform-tests/service-workers/service-worker/fetch-event-respond-with-response-body-with-invalid-chunk.https.html is flaky
        https://bugs.webkit.org/show_bug.cgi?id=182541

        Reviewed by Chris Dumez.

        Covered by test being no longer flaky.
        In case of loading error when getting the response body, we were only reporting
        the error if there was a callback set or a ReadableStream already created.
        Otherwise, we were just stopping loading and if creating a ReadableStream, we were just returning an empty body.

        FetchBodyOwner now stores a loading error.
        In case a readable stream is created, it will error it if there is a loading error.
        If there is not and the loading failed later on, the stream will be errored using the current code path.

        * Modules/cache/DOMCache.cpp:
        (WebCore::DOMCache::put):
        * Modules/fetch/FetchResponse.cpp:
        (WebCore::FetchResponse::clone):
        (WebCore::FetchResponse::BodyLoader::didFail):
        * Modules/fetch/FetchResponse.h:
        * workers/service/context/ServiceWorkerFetch.cpp:
        (WebCore::ServiceWorkerFetch::processResponse):

2018-02-06  Andy Estes  <aestes@apple.com>

        [Payment Request] show() should take an optional PaymentDetailsUpdate promise
        https://bugs.webkit.org/show_bug.cgi?id=182538
        <rdar://problem/36754552>

        Reviewed by Tim Horton.

        Taught show() to take an optional promise for a PaymentDetailsUpdate.

        Added test cases to http/tests/paymentrequest/payment-request-show-method.https.html.

        * Modules/applepay/paymentrequest/ApplePayPaymentHandler.cpp:
        (WebCore::ApplePayPaymentHandler::detailsUpdated):

        Changed to take a PaymentRequest::UpdateReason instead of a eventType string.

        (WebCore::ApplePayPaymentHandler::shippingAddressUpdated):
        (WebCore::ApplePayPaymentHandler::shippingOptionUpdated):
        (WebCore::ApplePayPaymentHandler::paymentMethodUpdated):
        (WebCore::ApplePayPaymentHandler::didAuthorizePayment):
        (WebCore::ApplePayPaymentHandler::didSelectShippingMethod):
        (WebCore::ApplePayPaymentHandler::didSelectShippingContact):
        (WebCore::ApplePayPaymentHandler::didSelectPaymentMethod):

        Asserted that only one of the PaymentSession delegates is executing at a time.

        * Modules/applepay/paymentrequest/ApplePayPaymentHandler.h:
        * Modules/paymentrequest/PaymentHandler.h:

        Changed detailsUpdated to take a PaymentRequest::UpdateReason instead of a eventType string.

        * Modules/paymentrequest/PaymentRequest.cpp:
        (WebCore::PaymentRequest::show):

        If there is a details promise, call updateWith() with UpdateReason::ShowDetailsResolved.

        (WebCore::PaymentRequest::shippingAddressChanged):
        (WebCore::PaymentRequest::shippingOptionChanged):
        (WebCore::PaymentRequest::paymentMethodChanged):

        Used whenDetailsSettled() to ensure that update events do not start before the show()
        details promise settles.

        (WebCore::PaymentRequest::updateWith):
        (WebCore::PaymentRequest::settleDetailsPromise):

        Changed to use a PaymentRequest::UpdateReason instead of a eventType string.

        (WebCore::PaymentRequest::whenDetailsSettled):

        If there is a details promise, wait for it to settle before executing the callback.

        * Modules/paymentrequest/PaymentRequest.h:

        Defined enum class UpdateReason.

        * Modules/paymentrequest/PaymentRequest.idl:

        Updated show() to take an optional Promise<PaymentDetailsUpdate>.

        * Modules/paymentrequest/PaymentRequestUpdateEvent.cpp:
        (WebCore::PaymentRequestUpdateEvent::updateWith):

        Map the event type to a PaymentRequest::UpdateReason.

2018-02-06  Dean Jackson  <dino@apple.com>

        REGRESSION: WebGL no longer producing a transparent canvas on iOS
        https://bugs.webkit.org/show_bug.cgi?id=182550
        <rdar://problem/37234491>

        Reviewed by Eric Carlson.

        Due to some weirdness GL_RGBA8 is sometimes different between iOS and
        other platforms. Only tell the WebGLLayer that it is opaque when it really
        is not transparent.

        Covered by existing test: fast/canvas/webgl/context-attributes-alpha

        * platform/graphics/cocoa/GraphicsContext3DCocoa.mm:
        (WebCore::GraphicsContext3D::setRenderbufferStorageFromDrawable): Look at the context
        attributes to decide if we should use an opaque layer.
        * platform/graphics/cocoa/WebGLLayer.mm: Ditto.
        (-[WebGLLayer initWithGraphicsContext3D:]):

2018-02-06  Andy Estes  <aestes@apple.com>

        [WebIDL] Support optional Promise arguments
        https://bugs.webkit.org/show_bug.cgi?id=182399
        <rdar://problem/36754552>

        Reviewed by Sam Weinig and Chris Dumez.

        Previously, declaring a Promise argument as optional would result in a native type of
        std::optional<RefPtr<DOMPromise>>. This is wasteful, since RefPtr can represent an optional
        argument by storing nullptr. Further, PassArgumentExpression() assumed Promises were never
        optional and tried to pass the argument as a Ref by calling RefPtr::releaseNonNull().

        This patch removes the std::optional wrapper around optional Promises and simply passes the
        promise as a RefPtr to native code.

        * bindings/scripts/CodeGeneratorJS.pm:
        (PassArgumentExpression):
        (GenerateParametersCheck):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalPromiseBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalPromise):
        * bindings/scripts/test/TestObj.idl:

2018-02-06  Youenn Fablet  <youenn@apple.com>

        HasServiceWorkerRegistration bit should be sent when creating a new page
        https://bugs.webkit.org/show_bug.cgi?id=182410

        Reviewed by Chris Dumez.

        Covered by new API test.

        Changed the default value of service workers being registered to false.
        Every page created in the process will be responsible to change the value to true,
        at which time the value will be kept to true for the lifetime of the process.

        * workers/service/ServiceWorkerProvider.h:

2018-02-06  Ross Kirsling  <ross.kirsling@sony.com>

        Add missing #if ENABLE(VIDEO) after r228092.
        https://bugs.webkit.org/show_bug.cgi?id=182539

        Reviewed by Michael Catanzaro.

        * html/ImageBitmap.cpp:

2018-02-06  Antoine Quint  <graouts@apple.com>

        [Modern Media Controls] Test at media/modern-media-controls/tracks-panel/tracks-panel-controls-bar-remains-visible-after-clicking-over-it.html fails
        https://bugs.webkit.org/show_bug.cgi?id=182425

        Reviewed by Dean Jackson.

        This test failed because the controls bar would not hit test at the moment we synthesized a mousemove over the controls bar as the first step towards
        synthesizing a click on the controls bar to dismiss the tracks panel. Indeed, it would have "pointer-events" set to "none" until the tracks panel was
        dismissed, which would only happen after the click event had been propagated. All we need to do is to ensure that none of the controls within the controls
        bar get activated as a result of clicking over them when the tracks panel is visible, so we instead set "pointer-events" to "none" on all children of a
        controls bar rather than the controls bar itself, which can thus still hit test.

        * Modules/modern-media-controls/controls/media-controls.css:
        (.media-controls.shows-tracks-panel > .controls-bar > *,):
        (.media-controls.shows-tracks-panel > .controls-bar,): Deleted.

2018-02-06  Chris Dumez  <cdumez@apple.com>

        Service workers registrations are saved to disk before the install / activation succeeds
        https://bugs.webkit.org/show_bug.cgi?id=182535
        <rdar://problem/36591485>

        Reviewed by Youenn Fablet.

        Service workers registrations are saved to disk before the install / activation succeeds.
        This means if the browser exits before the install / activation succeeds, we may restore
        from disk a registration with an “active” worker which may have never been installed /
        activated.

        To address the issue, we now delay saving the registration to disk until after the service
        worker has been activated.

        No new tests, restoration from disk is covered by API tests that still pass.

        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::didFinishActivation):
        (WebCore::SWServer::installContextData):

2018-02-06  Ms2ger  <Ms2ger@igalia.com>

        Initialize ImageBitmap::m_bitmapData in the constructor.
        https://bugs.webkit.org/show_bug.cgi?id=182487

        Reviewed by Sam Weinig.

        This removes the span of time where an ImageBitmap object would exist
        with a null m_bitmapData during its construction.

        No new tests: no behavior changes.

        * html/ImageBitmap.cpp:
        (WebCore::ImageBitmap::create): update signature
        (WebCore::ImageBitmap::createPromise): update callers
        (WebCore::ImageBitmap::ImageBitmap): update signature
        * html/ImageBitmap.h: update signatures

2018-02-05  Ryosuke Niwa  <rniwa@webkit.org>

        Release assertion in inlineVideoFrame
        https://bugs.webkit.org/show_bug.cgi?id=182513
        <rdar://problem/37159363>

        Reviewed by Zalan Bujtas.

        The bug was caused by the fact it's not always safe to invoke updateLayout even when isSafeToUpdateStyleOrLayout
        on a document of a flattened frame on iOS. isSafeToUpdateStyleOrLayout returns true when the frame view is in
        the frame-flattening mode to avoid hitting a release asssertion in updateLayout of the frame. However, it's still
        not safe to invoke updateLayout on a parent frame in this case.

        As a result, inlineVideoFrame (in Source/WebKit/WebProcess/cocoa/VideoFullscreenManager.mm) invokes updateLayout
        even when the top-level document is not safe to update when the video element is in a frame-flattened document.

        Fixed this bug by explicitly checking that we still have a live render tree and document hasn't been stopped.
        Also replaced other uses of isSafeToUpdateStyleOrLayout by more explicit checks.

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::updateBackingStore): Made the early exit condition added in r227006 more explicit.
        Namely, InspectorDOMAgent::pseudoElementCreated is invoked during style recalc.
        * dom/Document.cpp:
        (WebCore::isSafeToUpdateStyleOrLayout): Made this local to the file.
        (WebCore::Document::updateStyleIfNeeded):
        (WebCore::Document::updateLayout):
        * dom/Document.h:
        * html/MediaElementSession.cpp:
        (WebCore::isMainContentForPurposesOfAutoplay): Made the early exit condition added in r227529 more explicit. Don't
        update the layout when the render tree had been destroyed or the active DOM objects had been stopped.

2018-02-05  Youenn Fablet  <youenn@apple.com>

        Crash in imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-origin.sub.html
        https://bugs.webkit.org/show_bug.cgi?id=182422
        <rdar://problem/37182665>

        Reviewed by Alex Christensen.

        Covered by test no longer crashing in Debug mode.
        Make sure completionHandler is called on the main thread.

        * platform/network/cocoa/WebCoreNSURLSession.mm:
        (-[WebCoreNSURLSessionDataTask resource:receivedRedirect:request:completionHandler:]):

2018-02-05  Filip Pizlo  <fpizlo@apple.com>

        Global objects should be able to use TLCs to allocate from different blocks from each other
        https://bugs.webkit.org/show_bug.cgi?id=182227

        Reviewed by Daniel Bates and Chris Dumez.

        No new tests because no change in behavior.
        
        Adopt JSC TLC API to put distance between objects from different security origins. WebCore has
        a subclass of ThreadLocalCache that supports hash-consing based on the relevant origin data
        using the existing SecurityOriginHash. It's Document's job to initiate this, but all of the
        logic is in WebCore::OriginThreadLocalCache.
        
        Workers don't opt into this. They just get the VM's default TLC all the time.

        * ForwardingHeaders/heap/ThreadLocalCache.h: Added.
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSDOMGlobalObject.cpp:
        (WebCore::JSDOMGlobalObject::JSDOMGlobalObject):
        * bindings/js/JSDOMGlobalObject.h:
        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::JSDOMWindowBase::JSDOMWindowBase):
        * dom/Document.cpp:
        (WebCore::Document::initSecurityContext):
        (WebCore::Document::threadLocalCache):
        * dom/Document.h:
        * page/OriginThreadLocalCache.cpp: Added.
        (WebCore::threadLocalCacheMap):
        (WebCore::OriginThreadLocalCache::create):
        (WebCore::OriginThreadLocalCache::~OriginThreadLocalCache):
        (WebCore::OriginThreadLocalCache::OriginThreadLocalCache):
        * page/OriginThreadLocalCache.h: Added.
        * page/SecurityOrigin.cpp:
        (WebCore::SecurityOrigin::passesFileCheck const):
        (WebCore::SecurityOrigin::setEnforcesFilePathSeparation):
        (WebCore::SecurityOrigin::toString const):
        (WebCore::SecurityOrigin::enforceFilePathSeparation): Deleted.
        * page/SecurityOrigin.h:
        (WebCore::SecurityOrigin::enforcesFilePathSeparation const):

2018-02-05  Per Arne Vollan  <pvollan@apple.com>

        [Win] Release assert failed under NetworkStateNotifier::singleton.
        https://bugs.webkit.org/show_bug.cgi?id=182516

        Reviewed by Brent Fulgham.

        The callback NetworkStateNotifier::addressChangeCallback will always be called on a
        worker thread on Windows. Since the method NetworkStateNotifier::singleton() is
        called by NetworkStateNotifier::addressChangeCallback, but has to be called on the
        on the main thread, the call has to be moved there.

        No new tests. I have not been able to reproduce the crash.

        * platform/network/win/NetworkStateNotifierWin.cpp:
        (WebCore::NetworkStateNotifier::addressChangeCallback):

2018-02-05  Don Olmstead  <don.olmstead@sony.com>

        Abstract heap generator should include JavaScriptCore headers directly
        https://bugs.webkit.org/show_bug.cgi?id=182501

        Reviewed by Alex Christensen.

        No new tests. No change in behavior.

        * domjit/generate-abstract-heap.rb:

2018-02-05  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Extra zoom mode] Implement number pad UI when editing `tel` and `number` inputs
        https://bugs.webkit.org/show_bug.cgi?id=182472
        <rdar://problem/35143057>

        Reviewed by Tim Horton.

        Adds a localized string for the "Done" button text in extra zoomed form controls.

        * English.lproj/Localizable.strings:
        * platform/LocalizedStrings.cpp:
        (WebCore::formControlDoneButtonTitle):
        * platform/LocalizedStrings.h:

2018-02-05  John Wilander  <wilander@apple.com>

        Build fix for r228115, simple naming issue succeeded —> success.
        https://bugs.webkit.org/show_bug.cgi?id=182507
        <rdar://problem/37248566>

        Reviewed by Eric Carlson.

        No new tests. Build fix.

        * platform/ios/VideoFullscreenInterfaceAVKit.mm:
        (VideoFullscreenInterfaceAVKit::enterFullscreenHandler):
            succeeded —> success

2018-02-05  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r228086.

        This introduced a failure with API test
        URLTest.HostIsIPAddress.

        Reverted changeset:

        "Add a way to check if a host is an IP address"
        https://bugs.webkit.org/show_bug.cgi?id=182427
        https://trac.webkit.org/changeset/228086

2018-02-05  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r228103.

        This caused multiple tests to crash.

        Reverted changeset:

        "Use downcast in createLinkPreloadResourceClient"
        https://bugs.webkit.org/show_bug.cgi?id=182488
        https://trac.webkit.org/changeset/228103

2018-02-05  Eric Carlson  <eric.carlson@apple.com>

        [iOS] VideoFullscreenInterfaceAVKit should not ignore errors
        https://bugs.webkit.org/show_bug.cgi?id=182497
        <rdar://problem/36986898>

        Reviewed by Jer Noble.
        
        Always call layoutIfNeeded before calling -[AVPlayerViewController enterFullScreenAnimated:completionHandler]
        or -[AVPlayerViewController exitFullScreenAnimated:completionHandler] because they both fail
        if the view needs layout. Also don't ignore errors returned by those calls.

        No new tests, the failure is non deterministic and I was not able to reproduce in a test.

        * platform/ios/VideoFullscreenInterfaceAVKit.mm:
        (VideoFullscreenInterfaceAVKit::applicationDidBecomeActive):
        (VideoFullscreenInterfaceAVKit::enterFullscreenStandard):
        (VideoFullscreenInterfaceAVKit::exitFullscreen):
        (VideoFullscreenInterfaceAVKit::cleanupFullscreen):
        (VideoFullscreenInterfaceAVKit::didStartPictureInPicture):
        (VideoFullscreenInterfaceAVKit::prepareForPictureInPictureStopWithCompletionHandler):
        (VideoFullscreenInterfaceAVKit::doEnterFullscreen):
        (VideoFullscreenInterfaceAVKit::exitFullscreenHandler):
        (VideoFullscreenInterfaceAVKit::enterFullscreenHandler):

2018-02-05  Daniel Bates  <dabates@apple.com>

        REGRESSION (r222795): Nike app "Refused to set unsafe header" when adding and viewing cart
        https://bugs.webkit.org/show_bug.cgi?id=182491
        <rdar://problem/36533447>

        Reviewed by Brent Fulgham.

        Exempt Nike from the XHR header restrictions in r222795.

        Following r222795 only Dashboard widgets are allowed to set arbitrary XHR headers.
        However Nike also depends on such functionality.

        * platform/RuntimeApplicationChecks.h:
        * platform/cocoa/RuntimeApplicationChecksCocoa.mm:
        (WebCore::IOSApplication::isNike):

2018-02-02  Brent Fulgham  <bfulgham@apple.com>

        Improve NetworkResourceLoader logging so it can be used for 'setCookiesFromDOM'
        https://bugs.webkit.org/show_bug.cgi?id=182455
        <rdar://problem/36626601>

        Reviewed by Chris Dumez.

        After this refactoring, a convenience method I added in r227860 is no longer needed.
        This patch removes this dead code.

        * platform/network/NetworkStorageSession.h: Export 'cookieStoragePartition' so it can
        be used in WebKit.
        * platform/network/cf/NetworkStorageSessionCFNet.cpp: 
        (WebCore::NetworkStorageSession::hasStorageAccessForFrame): Deleted unused method.

2018-02-05  Antti Koivisto  <antti@apple.com>

        Make ASSERT_WITH_SECURITY_IMPLICATION in CachedResourceClientWalker::next a release assert
        https://bugs.webkit.org/show_bug.cgi?id=182492

        Reviewed by Youenn Fablet.

        * loader/cache/CachedResourceClientWalker.h:
        (WebCore::CachedResourceClientWalker::next):

2018-02-05  John Wilander  <wilander@apple.com>

        Storage Access API: Add testRunner.getAllStorageAccessEntries() to make testing easier and more explicit
        https://bugs.webkit.org/show_bug.cgi?id=181601
        <rdar://problem/36475837>

        Reviewed by Alex Christensen.

        No new tests. Existing test updated.

        http/tests/storageAccess/request-and-grant-access-then-detach-should-not-have-access.html
        was found to be flaky. With the testRunner.hasStorageAccessEntry() getter
        it's possible to check access even if a frame doesn't respond timely to
        postMessage after detach and attach.

        * platform/network/NetworkStorageSession.h:
        * platform/network/cf/NetworkStorageSessionCFNet.cpp:
        (WebCore::NetworkStorageSession::getAllStorageAccessEntries const):

2018-02-05  Youenn Fablet  <youenn@apple.com>

        Use downcast in createLinkPreloadResourceClient
        https://bugs.webkit.org/show_bug.cgi?id=182488

        Reviewed by Antti Koivisto.

        No observable change of behavior.

        * loader/LinkLoader.cpp:
        (WebCore::createLinkPreloadResourceClient):

2018-02-05  Chris Dumez  <cdumez@apple.com>

        Layout Test imported/w3c/web-platform-tests/service-workers/service-worker/register-same-scope-different-script-url.https.html is flaky
        https://bugs.webkit.org/show_bug.cgi?id=181166
        <rdar://problem/37169508>

        Reviewed by Youenn Fablet.

        I found out that this test was flakily timing out because our jobQueues would sometimes get stuck
        when their current job's connection or service worker (when scheduled by a service worker) would
        go away before the job is complete.

        This patch makes our job queues operation more robust by:
        1. Cancelling all jobs from a given connection when a SWServerConnection goes away
        2. Cancelling all jobs from a given service worker when a service worker gets terminated

        We also make sure service workers created by a job get properly terminated when a job
        is canceled to avoid leaving service workers in limbo.

        No new tests, unskipped existing flaky test.

        * workers/service/ServiceWorkerContainer.cpp:
        (WebCore::ServiceWorkerContainer::addRegistration):
        (WebCore::ServiceWorkerContainer::removeRegistration):
        (WebCore::ServiceWorkerContainer::updateRegistration):
        * workers/service/ServiceWorkerJobData.cpp:
        (WebCore::ServiceWorkerJobData::ServiceWorkerJobData):
        (WebCore::ServiceWorkerJobData::isolatedCopy const):
        * workers/service/ServiceWorkerJobData.h:
        (WebCore::ServiceWorkerJobData::encode const):
        (WebCore::ServiceWorkerJobData::decode):
        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::startScriptFetch):
        (WebCore::SWServer::scriptContextFailedToStart):
        (WebCore::SWServer::scriptContextStarted):
        (WebCore::SWServer::terminatePreinstallationWorker):
        (WebCore::SWServer::installContextData):
        (WebCore::SWServer::workerContextTerminated):
        (WebCore::SWServer::unregisterConnection):
        * workers/service/server/SWServer.h:
        * workers/service/server/SWServerJobQueue.cpp:
        (WebCore::SWServerJobQueue::removeAllJobsMatching):
        (WebCore::SWServerJobQueue::cancelJobsFromConnection):
        (WebCore::SWServerJobQueue::cancelJobsFromServiceWorker):
        * workers/service/server/SWServerJobQueue.h:
        * workers/service/server/SWServerRegistration.cpp:
        (WebCore::SWServerRegistration::setPreInstallationWorker):

2018-02-05  Antti Koivisto  <antti@apple.com>

        Crash on sfgate.com because mismatching link preload types
        https://bugs.webkit.org/show_bug.cgi?id=182483
        <rdar://problem/37065331>

        Reviewed by Daniel Bates.

        Preloading the same URL with different 'as' types causes some confusion.

        Test: http/tests/preload/link-preload-type-mismatch.html

        * loader/LinkLoader.cpp:
        (WebCore::createLinkPreloadResourceClient):

            Ensure we use the actual resource type when creating the client.

        (WebCore::LinkLoader::preloadIfNeeded):

            Don't construct client if the types don't match. This can happen if there is an existing
            preload for the same resource with different type.

2018-02-05  Manuel Rego Casasnovas  <rego@igalia.com>

        [css-grid] Rename gutter properties to remove "grid-" prefix
        https://bugs.webkit.org/show_bug.cgi?id=180290

        Reviewed by Javier Fernandez.

        This patch applies the resoultion of the CSS WG to unprefix
        the CSS Grid Layout gutter properties:
        https://github.com/w3c/csswg-drafts/issues/1696

        column-gap already existed before, as it's part of Multicol.
        The patch adds the new properties row-gap and gap, and keep the legacy ones
        as aliases:
        - grid-column-gap => column-gap
        - grid-row-gap => row-gap
        - grid-gap => gap

        As column-gap was already animatable, this change takes advantage
        to make animatable row-gap too.

        Tests: imported/w3c/web-platform-tests/css/css-align/gaps/

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::valueForPropertyinStyle):
        * css/CSSProperties.json:
        * css/StyleProperties.cpp:
        * css/parser/CSSParserFastPaths.cpp:
        (WebCore::isSimpleLengthPropertyID):
        * css/parser/CSSPropertyParser.cpp:
        (WebCore::CSSPropertyParser::parseSingleValue):
        (WebCore::CSSPropertyParser::parseShorthand):
        * page/animation/CSSPropertyAnimation.cpp:
        (WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):
        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::availableSpaceForGutters const):
        (WebCore::RenderGrid::gridGap const):
        * rendering/style/RenderStyle.h:
        (WebCore::RenderStyle::gridAutoRows const):
        (WebCore::RenderStyle::columnGap const):
        (WebCore::RenderStyle::rowGap const):
        (WebCore::RenderStyle::setGridItemRowEnd):
        (WebCore::RenderStyle::setColumnGap):
        (WebCore::RenderStyle::setRowGap):
        (WebCore::RenderStyle::initialRowGap):
        * rendering/style/StyleGridData.cpp:
        (WebCore::StyleGridData::StyleGridData):
        * rendering/style/StyleGridData.h:
        (WebCore::StyleGridData::operator== const):
        * rendering/style/StyleMultiColData.cpp:
        (WebCore::StyleMultiColData::StyleMultiColData):
        (WebCore::StyleMultiColData::operator== const):
        * rendering/style/StyleMultiColData.h:
        * rendering/style/StyleRareNonInheritedData.cpp:
        (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):
        (WebCore::StyleRareNonInheritedData::operator== const):
        * rendering/style/StyleRareNonInheritedData.h:

2018-02-05  Ms2ger  <Ms2ger@igalia.com>

        Implement createImageBitmap(HTMLVideoElement)
        https://bugs.webkit.org/show_bug.cgi?id=182388

        Reviewed by Žan Doberšek.

        The implementation is inspired by CanvasRenderingContext2DBase::drawImage().

        Tests:

        - web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage.html
        - web-platform-tests/2dcontext/imagebitmap/createImageBitmap-invalid-args.html


        * html/ImageBitmap.cpp:
        (WebCore::taintsOrigin): Add function to help with the implementation.
        (WebCore::ImageBitmap::createPromise): Fill in implementation.

2018-02-05  Zan Dobersek  <zdobersek@igalia.com>

        Unreviewed, rolling out r228085.

        Pixel data stride is imposed by OpenGL and shouldn't be
        adjusted for Cairo

        Reverted changeset:

        "[Cairo] Correctly calculate stride in
        GraphicsContext3D::paintToCanvas()"
        https://bugs.webkit.org/show_bug.cgi?id=182466
        https://trac.webkit.org/changeset/228085

2018-02-05  Carlos Garcia Campos  <cgarcia@igalia.com>

        [SOUP] WebSockets must use system proxy settings
        https://bugs.webkit.org/show_bug.cgi?id=126384

        Reviewed by Michael Catanzaro.

        Use soup_session_connect_async() when available to create the WebSockets connection instead of GSocketClient
        directly.

        * platform/network/soup/SocketStreamHandleImpl.h:
        * platform/network/soup/SocketStreamHandleImplSoup.cpp:
        (WebCore::wssSocketClientEventCallback):
        (WebCore::SocketStreamHandleImpl::create):
        (WebCore::SocketStreamHandleImpl::connected):
        (WebCore::SocketStreamHandleImpl::connectedCallback):
        (WebCore::SocketStreamHandleImpl::platformClose):

2018-02-05  Carlos Garcia Campos  <cgarcia@igalia.com>

        Add a way to check if a host is an IP address
        https://bugs.webkit.org/show_bug.cgi?id=182427

        Reviewed by Alex Christensen.

        There are several places where this is needed. We currently just assume that any host ending in a digit is an IP
        address, except in PublicSuffix where platform specific code is used. This patch adds URL::hostIsIPAddress()
        platform specific implementations, falling back to current assumption if there isn't an implementation for the
        platform.

        * page/OriginAccessEntry.cpp:
        (WebCore::OriginAccessEntry::OriginAccessEntry): Use URL::hostIsIPAddress().
        * platform/URL.cpp:
        (WebCore::URL::hostIsIPAddress): Fallback implementation.
        * platform/URL.h:
        * platform/mac/PublicSuffixMac.mm:
        (WebCore::topPrivatelyControlledDomain): Use URL::hostIsIPAddress().
        * platform/mac/URLMac.mm:
        (WebCore::URL::hostIsIPAddress): Move implementation from PublicSuffixMac.mm.
        * platform/network/curl/CookieUtil.cpp:
        (WebCore::CookieUtil::isIPAddress): Use URL::hostIsIPAddress().
        * platform/soup/URLSoup.cpp:
        (WebCore::URL::hostIsIPAddress): Use g_hostname_is_ip_address().

2018-02-04  Zan Dobersek  <zdobersek@igalia.com>

        [Cairo] Correctly calculate stride in GraphicsContext3D::paintToCanvas()
        https://bugs.webkit.org/show_bug.cgi?id=182466

        Reviewed by Michael Catanzaro.

        * platform/graphics/cairo/GraphicsContext3DCairo.cpp:
        (WebCore::GraphicsContext3D::paintToCanvas):
        Use cairo_format_stride_for_width() to obtain stride that Cairo thinks
        is appropriate for the given width, taking into account internal
        alignment requirements.

2018-02-04  Zan Dobersek  <zdobersek@igalia.com>

        [Cairo] Split TexMap functionality out of GraphicsContext3DCairo
        https://bugs.webkit.org/show_bug.cgi?id=182465

        Reviewed by Michael Catanzaro.

        Take the Non-Cairo GraphicsContext3D functionality that's stashed in
        GraphicsContext3DCairo and move it into the GraphicsContext3DTextureMapper
        file.

        In GraphicsContext3DCairo.cpp, only the Cairo-specific GraphicsContext3D
        functionality remains, specifically ImageExtractor and paintToCanvas().

        Everything else is moved into GraphicsContext3DTextureMapper.cpp. This
        filename and its location under platform/graphics/texmap/ was chosen
        since all the ports using this file (GTK, WPE, WinCairo) are also using
        the TextureMapper module. Various #if-guards are simplified in the
        moved-over code to reflect this.

        GraphicsContext3DCairo.cpp now better reflects GraphicsContext3DCG.cpp,
        with both implementing functionality specific to a 2D painting library,
        whereas GraphicsContext3DTextureMapper.cpp reflects
        GraphicsContext3DCocoa.cpp in covering functionality needed to integrate
        the GraphicsContext3D output into the platform-specific composition
        system.

        No new tests -- no change in behavior.

        * platform/TextureMapper.cmake:
        * platform/graphics/cairo/GraphicsContext3DCairo.cpp:
        (WebCore::activeContexts): Deleted.
        (WebCore::GraphicsContext3D::create): Deleted.
        (WebCore::GraphicsContext3D::GraphicsContext3D): Deleted.
        (WebCore::GraphicsContext3D::~GraphicsContext3D): Deleted.
        (WebCore::GraphicsContext3D::setContextLostCallback): Deleted.
        (WebCore::GraphicsContext3D::setErrorMessageCallback): Deleted.
        (WebCore::GraphicsContext3D::makeContextCurrent): Deleted.
        (WebCore::GraphicsContext3D::checkGPUStatus): Deleted.
        (WebCore::GraphicsContext3D::platformGraphicsContext3D): Deleted.
        (WebCore::GraphicsContext3D::platformTexture const): Deleted.
        (WebCore::GraphicsContext3D::isGLES2Compliant const): Deleted.
        (WebCore::GraphicsContext3D::platformLayer const): Deleted.
        (WebCore::GraphicsContext3D::getExtensions): Deleted.
        * platform/graphics/texmap/GraphicsContext3DTextureMapper.cpp: Copied from Source/WebCore/platform/graphics/cairo/GraphicsContext3DCairo.cpp.
        (WebCore::activeContexts):
        (WebCore::GraphicsContext3D::create):
        (WebCore::GraphicsContext3D::GraphicsContext3D):
        (WebCore::GraphicsContext3D::~GraphicsContext3D):
        (WebCore::GraphicsContext3D::setContextLostCallback):
        (WebCore::GraphicsContext3D::setErrorMessageCallback):
        (WebCore::GraphicsContext3D::makeContextCurrent):
        (WebCore::GraphicsContext3D::checkGPUStatus):
        (WebCore::GraphicsContext3D::platformGraphicsContext3D):
        (WebCore::GraphicsContext3D::platformTexture const):
        (WebCore::GraphicsContext3D::isGLES2Compliant const):
        (WebCore::GraphicsContext3D::platformLayer const):
        (WebCore::GraphicsContext3D::getExtensions):

2018-02-04  Zan Dobersek  <zdobersek@igalia.com>

        Simplify GraphicsContext3D::paintToCanvas()
        https://bugs.webkit.org/show_bug.cgi?id=182459

        Reviewed by Michael Catanzaro.

        Cairo-specific paintToCanvas() method is dropped in favor of the more
        common one that operates on a GraphicsContext object. The platform
        context object is then retrieved inside the Cairo-speficic
        paintToCanvas() implementation, and not at the call site in
        GraphicsContext3D::paintRenderingResultsToCanvas().

        GraphicsContext3D::paintToCanvas() is also modified so that the image
        and canvas sizes are passed through IntSize objects, and not through
        a width-and-height pair of integer values.

        No new tests -- no change in behavior.

        * platform/graphics/GraphicsContext3D.h:
        * platform/graphics/cairo/GraphicsContext3DCairo.cpp:
        (WebCore::GraphicsContext3D::paintToCanvas):
        * platform/graphics/cg/GraphicsContext3DCG.cpp:
        (WebCore::GraphicsContext3D::paintToCanvas):
        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
        (WebCore::GraphicsContext3D::paintRenderingResultsToCanvas):

2018-02-03  Alexey Proskuryakov  <ap@apple.com>

        Tweak availability macros for CAN_DISALLOW_USER_INSTALLED_FONTS

        Rubber-stamped by Maciej Stachowiak.

        * platform/graphics/cocoa/FontCacheCoreText.cpp:

2018-02-02  Daniel Bates  <dabates@apple.com>

        Clean up FrameLoader::receivedFirstData()
        https://bugs.webkit.org/show_bug.cgi?id=182361

        Reviewed by Andy Estes.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::receivedFirstData):

2018-02-02  Myles C. Maxfield  <mmaxfield@apple.com>

        Test fix after r227995
        https://bugs.webkit.org/show_bug.cgi?id=180951

        Unreviewed.

        Webfonts shouldn't be run through CTFontDescriptorCreateMatchingFontDescriptor().
        Also, unify macOS's and iOS's implementation of FontCache::lastResortFallbackFont().

        Covered by existing tests.

        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::FontDatabase::collectionForFamily):
        (WebCore::FontDatabase::fontForPostScriptName):
        (WebCore::addAttributesForInstalledFonts):
        (WebCore::addAttributesForWebFonts):
        (WebCore::installedFontMandatoryAttributes):
        (WebCore::FontCache::lastResortFallbackFont):
        (WebCore::addAttributesForUserInstalledFonts): Deleted.
        (WebCore::mandatoryAttributesForUserInstalledFonts): Deleted.
        * platform/graphics/cocoa/FontCacheCoreText.h:
        * platform/graphics/ios/FontCacheIOS.mm:
        (WebCore::FontCache::lastResortFallbackFont): Deleted.
        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::FontCache::lastResortFallbackFont): Deleted.
        * platform/graphics/mac/FontCustomPlatformData.cpp:
        (WebCore::FontCustomPlatformData::fontPlatformData):

2018-02-02  Basuke Suzuki  <Basuke.Suzuki@sony.com>

        Fix build error after r 227457 with VIDEO and WEB_AUDIO disabled
        https://bugs.webkit.org/show_bug.cgi?id=182395

        Reviewed by Eric Carlson

        * platform/audio/PlatformMediaSessionManager.cpp:
        (WebCore::PlatformMediaSessionManager::updateNowPlayingInfoIfNecessary):

2018-02-02  Don Olmstead  <don.olmstead@sony.com>

        Remove WebCore/ForwardingHeaders directory
        https://bugs.webkit.org/show_bug.cgi?id=182347

        Reviewed by Alex Christensen.

        Baseline tests updated.

        * bindings/scripts/CodeGeneratorJS.pm:
        (AddToIncludesForIDLType):
        (GenerateEnumerationImplementationContent):
        (GenerateDictionaryImplementationContent):
        (GenerateHeader):
        (GenerateOverloadDispatcher):
        (addUnscopableProperties):
        (GenerateImplementation):
        (GenerateOperationDefinition):
        (GenerateSerializerDefinition):
        (GenerateConstructorHelperMethods):
        * bindings/scripts/test/JS/JSInterfaceName.cpp:
        * bindings/scripts/test/JS/JSMapLike.cpp:
        * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        * bindings/scripts/test/JS/JSTestCEReactions.cpp:
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
        * bindings/scripts/test/JS/JSTestCallTracer.cpp:
        * bindings/scripts/test/JS/JSTestCallbackFunctionRethrow.cpp:
        * bindings/scripts/test/JS/JSTestCallbackFunctionWithThisObject.cpp:
        * bindings/scripts/test/JS/JSTestCallbackFunctionWithTypedefs.cpp:
        * bindings/scripts/test/JS/JSTestCallbackInterface.cpp:
        * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
        * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
        * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
        * bindings/scripts/test/JS/JSTestDOMJIT.h:
        * bindings/scripts/test/JS/JSTestEnabledBySetting.cpp:
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        * bindings/scripts/test/JS/JSTestException.cpp:
        * bindings/scripts/test/JS/JSTestException.h:
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
        * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
        * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp:
        * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp:
        * bindings/scripts/test/JS/JSTestIterable.cpp:
        * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp:
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp:
        * bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp:
        * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp:
        * bindings/scripts/test/JS/JSTestNode.cpp:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        * bindings/scripts/test/JS/JSTestObj.h:
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
        * bindings/scripts/test/JS/JSTestPluginInterface.cpp:
        * bindings/scripts/test/JS/JSTestPluginInterface.h:
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:
        * bindings/scripts/test/JS/JSTestSerialization.cpp:
        * bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.cpp:
        * bindings/scripts/test/JS/JSTestSerializationInherit.cpp:
        * bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp:
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
        * bindings/scripts/test/JS/JSTestStandaloneDictionary.cpp:
        * bindings/scripts/test/JS/JSTestStandaloneEnumeration.cpp:
        * bindings/scripts/test/JS/JSTestStringifier.cpp:
        * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp:
        * bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp:
        * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp:
        * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp:
        * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp:
        * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp:
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        * dom/make_event_factory.pl:
        (generateImplementation):

2018-02-02  David Quesada  <david_quesada@apple.com>

        WebAppManifest scope should default to the containing directory of start_url if 'scope' is not specified
        https://bugs.webkit.org/show_bug.cgi?id=182363
        rdar://problem/37093498

        Reviewed by Ryosuke Niwa.

        If an app manifest doesn't specify a scope, we should default to the "parent directory" of
        the start URL, rather than leaving the app unbounded. This is more reasonable than using the
        entire internet as the app scope.

        No new tests, updates to the existing tests verify the new behavior.

        * Modules/applicationmanifest/ApplicationManifestParser.cpp:
        (WebCore::ApplicationManifestParser::parseScope):

2018-02-02  Youenn Fablet  <youenn@apple.com>

        Clearing all service worker registrations should wait for importing service worker registration to finish
        https://bugs.webkit.org/show_bug.cgi?id=182407
        <rdar://problem/37167523>

        Reviewed by Chris Dumez.

        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::clear): ensure completion handler is called on early exit case.

2018-02-02  Youenn Fablet  <youenn@apple.com>

        Clearing all service worker registrations should wait for importing service worker registration to finish
        https://bugs.webkit.org/show_bug.cgi?id=182407

        Reviewed by Chris Dumez.

        Covered by existing tests and the service worker API test being no longer flaky.

        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::registrationStoreImportComplete):
        (WebCore::SWServer::clearAll):
        (WebCore::SWServer::clear):
        (WebCore::SWServer::getOriginsWithRegistrations):
        * workers/service/server/SWServer.h:

2018-02-02  Chris Dumez  <cdumez@apple.com>

        Clearing a registration should null out its workers before setting their state to "redundant"
        https://bugs.webkit.org/show_bug.cgi?id=182418
        <rdar://problem/37142874>

        Reviewed by Youenn Fablet.

        Clearing a registration should null out its workers before setting their state to "redundant".
        This seems to match Firefox and Chrome.

        No new tests, rebaselined existing test.

        * workers/service/server/SWServerRegistration.cpp:
        (WebCore::SWServerRegistration::clear):
        (WebCore::clearRegistrationWorker): Deleted.

2018-02-02  Antoine Quint  <graouts@apple.com>

        [Modern Media Controls] Turn media/modern-media-controls/tracks-panel and media/modern-media-controls/tracks-support back on
        https://bugs.webkit.org/show_bug.cgi?id=182426

        Reviewed by Dean Jackson.

        Ensure that the tracks panel isn't dismissed by updating the layout.

        * Modules/modern-media-controls/controls/inline-media-controls.js:
        (InlineMediaControls.prototype.layout):

2018-02-02  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r227964.
        https://bugs.webkit.org/show_bug.cgi?id=182423

        It broke several unit tests (Requested by KaL on #webkit).

        Reverted changeset:

        "[SOUP] Ensure domain is valid when converting a WebCore
        Cookie to Soup"
        https://bugs.webkit.org/show_bug.cgi?id=182328
        https://trac.webkit.org/changeset/227964

2018-02-01  Chris Dumez  <cdumez@apple.com>

        When SW install fails, null out registration.installing before setting worker state to "redundant"
        https://bugs.webkit.org/show_bug.cgi?id=182416
        <rdar://problem/37141997>

        Reviewed by Youenn Fablet.

        When SW install fails, null out registration.installing before setting worker state to "redundant".
        This does not match the spec but this is what Firefox and Chrome do. This is also what the
        web-platform-tests expect.

        Test: http/tests/workers/service/install-fails.html

        * workers/service/server/SWServerJobQueue.cpp:
        (WebCore::SWServerJobQueue::didFinishInstall):

2018-02-01  Myles C. Maxfield  <mmaxfield@apple.com>

        Test fix after r227848.
        https://bugs.webkit.org/show_bug.cgi?id=180951

        Unreviewed.

        Using kCTFontNameAttribute on an in-memory font causes CTFontDescriptorCreateMatchingFontDescriptor()
        to return nullptr. Luckily, we weren't using that attribute anyway.

        Covered by existing tests.

        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::mandatoryAttributesForUserInstalledFonts):

2018-02-01  Youenn Fablet  <youenn@apple.com>

        Delay service worker process creation until actually needed by SWServer
        https://bugs.webkit.org/show_bug.cgi?id=182301

        Reviewed by Chris Dumez.

        Rename SWServer::Connection::scheduleJobInServer to scheduleJob.
        Add sessionID getter from an SWServer.

        * workers/service/server/SWServer.h:
        (WebCore::SWServer::sessionID const):

2018-02-01  Fujii Hironori  <Hironori.Fujii@sony.com>

        REGRESSION(r227594) [WinCairo] NULL pointer crash in GraphicsContext::getWindowsContext
        https://bugs.webkit.org/show_bug.cgi?id=182282

        Reviewed by Žan Doberšek.

        ImageBufferCairo has been changed to use GraphicsContextImplCairo
        in r227594. But, GraphicsContext::getWindowsContext doesn't care
        the case of using GraphicsContextImpl and crashes due to null
        dereference of GraphicsContext::m_data.

        GraphicsContext::getWindowsContext should create a HDC in that case.

        Remove the argument mayCreateBitmap because it is always
        true at the moment.

        No new tests (Covered by the existing tests)

        * platform/graphics/GraphicsContext.h:
        Removed a argument mayCreateBitmap of getWindowsContext and releaseWindowsContext.
        * platform/graphics/win/GraphicsContextCGWin.cpp:
        (WebCore::GraphicsContext::releaseWindowsContext): Ditto.
        * platform/graphics/win/GraphicsContextCairoWin.cpp:
        (WebCore::GraphicsContext::releaseWindowsContext): Ditto.
        * platform/graphics/win/GraphicsContextDirect2D.cpp:
        (WebCore::GraphicsContext::releaseWindowsContext): Ditto.
        * platform/graphics/win/GraphicsContextWin.cpp:
        (WebCore::GraphicsContext::getWindowsContext):
        Create a HDC if m_impl is null. Removed a argument mayCreateBitmap.
        * platform/graphics/win/LocalWindowsContext.h:
        (WebCore::LocalWindowsContext::LocalWindowsContext):
        Removed m_mayCreateBitmap.
        (WebCore::LocalWindowsContext::~LocalWindowsContext): Ditto.

2018-02-01  Christopher Reid  <chris.reid@sony.com>

        [Curl] Use SQLite database in cookie jar implementation for Curl port
        https://bugs.webkit.org/show_bug.cgi?id=174942

        Reviewed by Alex Christensen.

        No new tests, Set-Cookie is already tested in Layout tests.

        Adding an initial SQLite CookieJar implementation to the curl network layer.
        WebCore will now parse and handle both HTTP and DOM cookies instead of using libcurl.
        This currently supports cookie storage and retrieval.
        Cookie deletion is not yet implemented.

        * platform/Curl.cmake:
        * platform/network/NetworkStorageSession.h: Added cookieDB storage in curl.
        * platform/network/curl/CookieJarCurl.cpp: Removed the old curl cookie handling.
        * platform/network/curl/CookieJarCurl.h:
        * platform/network/curl/CookieJarCurlDatabase.cpp: Added.
        * platform/network/curl/CookieJarCurlDatabase.h: Added.
        * platform/network/curl/CookieJarDB.cpp: Added.
        * platform/network/curl/CookieJarDB.h: Added.
        * platform/network/curl/CookieUtil.cpp: Added.
        * platform/network/curl/CookieUtil.h: Added.
        * platform/network/curl/CurlContext.cpp: Removed the old curl cookie handling.
        * platform/network/curl/CurlContext.h:
        * platform/network/curl/CurlRequest.cpp: Added handlers for HTTP response cookies.
        * platform/network/curl/NetworkStorageSessionCurl.cpp:
        * platform/network/curl/ResourceHandleCurlDelegate.cpp:

2018-02-01  Chris Dumez  <cdumez@apple.com>

        Add missing RETURN_IF_EXCEPTION() after object->get() calls in convertDictionary<>()
        https://bugs.webkit.org/show_bug.cgi?id=182392
        <rdar://problem/37119215>

        Reviewed by Geoffrey Garen.

        Add missing RETURN_IF_EXCEPTION() after object->get() calls in convertDictionary<>(),
        given that getting the property from the object can throw an exception.

        No new tests, rebaselined existing test.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateDictionaryImplementationContent):
        * bindings/scripts/test/JS/JSTestCallbackInterface.cpp:
        (WebCore::convertDictionary<TestCallbackInterface::Dictionary>):
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        (WebCore::convertDictionary<TestEventConstructor::Init>):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::convertDictionary<TestObj::Dictionary>):
        (WebCore::convertDictionary<TestObj::DictionaryThatShouldNotTolerateNull>):
        (WebCore::convertDictionary<TestObj::DictionaryThatShouldTolerateNull>):
        (WebCore::convertDictionary<AlternateDictionaryName>):
        (WebCore::convertDictionary<TestObj::ParentDictionary>):
        (WebCore::convertDictionary<TestObj::ChildDictionary>):
        (WebCore::convertDictionary<TestObj::ConditionalDictionaryA>):
        (WebCore::convertDictionary<TestObj::ConditionalDictionaryB>):
        (WebCore::convertDictionary<TestObj::ConditionalDictionaryC>):
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:
        (WebCore::convertDictionary<TestPromiseRejectionEvent::Init>):
        * bindings/scripts/test/JS/JSTestStandaloneDictionary.cpp:
        (WebCore::convertDictionary<DictionaryImplName>):

2018-02-01  Ryosuke Niwa  <rniwa@webkit.org>

        Some test cases in accessibility/mac/selection-notification-focus-change.html fail
        https://bugs.webkit.org/show_bug.cgi?id=182212
        <rdar://problem/36937147>

        Reviewed by Antti Koivisto and Wenson Hsieh.

        The failure was caused by the async update of the selection appearance not preserving selection reveal intent.
        Fixed the bug by storing the intent in a member variable and using it later.

        * dom/Element.cpp:
        (WebCore::Element::focus): Removed an unnecessary synchronous layout update.
        * editing/FrameSelection.cpp:
        (WebCore::FrameSelection::setNeedsSelectionUpdate): Use the default intent to preserve the old behavior.
        (WebCore::FrameSelection::respondToNodeModification): Ditto.
        (WebCore::FrameSelection::setSelection): Save the selection reveal intent.
        (WebCore::FrameSelection::updateAppearanceAfterLayoutOrStyleChange): Use the saved intent.
        * editing/FrameSelection.h:
        * page/FocusController.cpp:
        (WebCore::FocusController::advanceFocusDirectionally): Always update the layout before invoking
        nodeRectInAbsoluteCoordinates.

2018-02-01  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderRubyRun::rubyBaseSafe to RenderTreeBuilder::Ruby
        https://bugs.webkit.org/show_bug.cgi?id=182306
        <rdar://problem/37041440>

        Reviewed by Darin Adler.

        Addressing post-review comment.

        * rendering/updating/RenderTreeBuilderRuby.cpp:
        (WebCore::RenderTreeBuilder::Ruby::insertChild):
        (WebCore::RenderTreeBuilder::Ruby::rubyBaseSafe):
        * rendering/updating/RenderTreeBuilderRuby.h:

2018-02-01  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Introduce RenderTreeBuilder to takeChild()
        https://bugs.webkit.org/show_bug.cgi?id=182373
        <rdar://problem/37101484>

        Reviewed by Antti Koivisto.
        
        This is in preparation for moving mutation code out of takeChild. 

        No change in functionality.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::takeChild):
        * rendering/RenderBlock.h:
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::takeChild):
        * rendering/RenderBlockFlow.h:
        * rendering/RenderButton.cpp:
        (WebCore::RenderButton::takeChild):
        * rendering/RenderButton.h:
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::takeChild):
        (WebCore::RenderElement::removeAndDestroyChild):
        (WebCore::RenderElement::destroyLeftoverChildren):
        * rendering/RenderElement.h:
        * rendering/RenderFullScreen.cpp:
        (WebCore::RenderFullScreen::wrapExistingRenderer):
        (WebCore::RenderFullScreen::unwrapRenderer):
        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::takeChild):
        * rendering/RenderGrid.h:
        * rendering/RenderMenuList.cpp:
        (RenderMenuList::takeChild):
        * rendering/RenderMenuList.h:
        * rendering/RenderMultiColumnFlow.cpp:
        (WebCore::RenderMultiColumnFlow::processPossibleSpannerDescendant):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::removeFromParentAndDestroy):
        * rendering/RenderRuby.cpp:
        (WebCore::RenderRubyAsInline::takeChild):
        (WebCore::RenderRubyAsBlock::takeChild):
        * rendering/RenderRuby.h:
        * rendering/RenderRubyRun.cpp:
        (WebCore::RenderRubyRun::takeChild):
        * rendering/RenderRubyRun.h:
        * rendering/RenderTableRow.cpp:
        (WebCore::RenderTableRow::collapseAndDestroyAnonymousSiblingRows): Deleted.
        * rendering/RenderTableRow.h:
        * rendering/svg/RenderSVGContainer.cpp:
        (WebCore::RenderSVGContainer::takeChild):
        * rendering/svg/RenderSVGContainer.h:
        * rendering/svg/RenderSVGInline.cpp:
        (WebCore::RenderSVGInline::takeChild):
        * rendering/svg/RenderSVGInline.h:
        * rendering/svg/RenderSVGRoot.cpp:
        (WebCore::RenderSVGRoot::takeChild):
        * rendering/svg/RenderSVGRoot.h:
        * rendering/svg/RenderSVGText.cpp:
        (WebCore::RenderSVGText::takeChild):
        * rendering/svg/RenderSVGText.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::collapseAndDestroyAnonymousSiblingRows):
        (WebCore::RenderTreeBuilder::removeFromParentAndDestroyCleaningUpAnonymousWrappers):
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderFirstLetter.cpp:
        (WebCore::RenderTreeBuilder::FirstLetter::updateStyle):
        (WebCore::RenderTreeBuilder::FirstLetter::createRenderers):
        * rendering/updating/RenderTreeBuilderList.cpp:
        (WebCore::RenderTreeBuilder::List::updateItemMarker):
        * rendering/updating/RenderTreeBuilderMultiColumn.cpp:
        (WebCore::RenderTreeBuilder::MultiColumn::createFragmentedFlow):
        (WebCore::RenderTreeBuilder::MultiColumn::destroyFragmentedFlow):
        * rendering/updating/RenderTreeBuilderRuby.cpp:
        (WebCore::RenderTreeBuilder::Ruby::insertChild):

2018-02-01  Dean Jackson  <dino@apple.com>

        REGRESSION (r219342): Scaled HTML widget is not responding to a clicks outside the body
        https://bugs.webkit.org/show_bug.cgi?id=182394
        <rdar://problem/34840816>

        Reviewed by Simon Fraser.

        If a scale < 1 is applied to the page, then the visual viewport will be bigger
        than the layout viewport. Our hit testing code would then ignore any hits
        that were outside the layout viewport.

        The fix is to only apply a hit testing clip if the page is scaling up, not down.

        Update the existing fast/dom/elementFromPoint-scaled-scrolled.html test.

        * page/FrameView.cpp:
        (WebCore::FrameView::layoutViewportToAbsoluteRect const): Deleted. This helper is
        no longer used, and it would have probably been more confusing to have it accept
        a flag to ignore the scale if it is less than 1.
        * page/FrameView.h:
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::hitTest): No need to take the layout rect, remove the origin,
        and pass it to a helper that added the origin back. The only thing the helper was
        doing for us was applying a scale factor, which we only want to do if it was
        scaling up.

2018-02-01  Yusuke Suzuki  <utatane.tea@gmail.com>

        Structured cloning a Symbol should throw
        https://bugs.webkit.org/show_bug.cgi?id=182380

        Reviewed by Darin Adler.

        Test: js/dom/post-message-symbol.html

        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneSerializer::dumpIfTerminal):
        Structured cloning should throw "DataCloneError" DOMException if it finds Symbol.
        Remove unused `isNumber()` case. It is done in dumpImmediate.
        (WebCore::CloneSerializer::serializeUndefined): Deleted.
        (WebCore::CloneSerializer::serializeBoolean): Deleted.
        (WebCore::CloneSerializer::serializeNumber): Deleted.
        Remove unused functions.

2018-02-01  Chris Dumez  <cdumez@apple.com>

        We no longer need to queue service worker jobs until the connection to the service worker process has been established
        https://bugs.webkit.org/show_bug.cgi?id=182375

        Reviewed by Youenn Fablet.

        We no longer need to queue service worker jobs until the connection to the service worker process
        has been established. We initially did this to work around the fact that registrations restored
        from disk would not have an active worker until the service worker process had been established. 
        However, this issue has been fixed in r227696.

        This is basically a revert of r227220, which is no longer needed after r227696.

        No new tests, initial fix was covered by an API test that still passes.

        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::clearAll):
        (WebCore::SWServer::clear):
        (WebCore::SWServer::scheduleJob):
        (WebCore::SWServer::serverToContextConnectionCreated):
        * workers/service/server/SWServer.h:

2018-02-01  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Shift + mouse scroll should scroll horizontally
        https://bugs.webkit.org/show_bug.cgi?id=181629

        Reviewed by Michael Catanzaro.

        We currently turn vertical scroll into horizontal when scrolling over the horizontal scrollbar. When Shift key is
        pressed, we still want to scroll in the scrollbar direction when scrolling over a scrollbar, so we need to swap
        directions in both scrollbars depending on whther the Shift key is pressed or not.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::shouldSwapScrollDirection const): Renamed.
        (WebCore::EventHandler::handleWheelEvent): Use the new name.
        (WebCore::EventHandler::shouldTurnVerticalTicksIntoHorizontal const): Deleted.
        * page/EventHandler.h:
        * platform/PlatformWheelEvent.h:
        (WebCore::PlatformWheelEvent::copySwappingDirection const): Swap the direction of the event.
        (WebCore::PlatformWheelEvent::copyTurningVerticalTicksIntoHorizontalTicks const): Deleted.
        * platform/glib/EventHandlerGLib.cpp:
        (WebCore::EventHandler::shouldSwapScrollDirection const): Take into account whether the Shift key is present.
        (WebCore::EventHandler::shouldTurnVerticalTicksIntoHorizontal const): Deleted.

2018-02-01  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Problem with Washington Post images
        https://bugs.webkit.org/show_bug.cgi?id=181421

        Reviewed by Carlos Alberto Lopez Perez.

        This is because Washington Post is using the user agent to decide the image formats it serves. In the case of
        chromium the images are served as webp, for firefox jpeg is used and in our case it's assuming we are safari and
        it's providing jp2 images that we don't support. Add a user agent quirk to pretend to be chromium for
        washingtonpost.com.

        * platform/UserAgentQuirks.cpp:
        (WebCore::urlRequiresChromeBrowser):

2018-02-01  Carlos Garcia Campos  <cgarcia@igalia.com>

        [SOUP] Ensure domain is valid when converting a WebCore Cookie to Soup
        https://bugs.webkit.org/show_bug.cgi?id=182328

        Reviewed by Michael Catanzaro.

        soup_cookie_parse() adds the initial '.' to the domain if missing before creating the SoupCookie, but
        soup_cookie_new() allows for domain to be a hostname that needs to match exactly. When converting a WebCore
        Cookie into a SoupCookie we always want the domain to be considered as such and not as a hostname, so we need to
        prepend the '.' if missing.

        Fixes: imported/w3c/webdriver/tests/cookies/add_cookie.py::test_add_domain_cookie

        * platform/network/soup/CookieSoup.cpp:
        (WebCore::Cookie::toSoupCookie const):

2018-02-01  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderTableRow::collapseAndDestroyAnonymousSiblingRows to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182374
        <rdar://problem/37102005>

        Reviewed by Antti Koivisto.

        It's only called from RenderTreeBuilder.

        No change in functionality.

        * rendering/RenderTableRow.cpp:
        (WebCore::RenderTableRow::collapseAndDestroyAnonymousSiblingRows): Deleted.
        * rendering/RenderTableRow.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::removeFromParentAndDestroyCleaningUpAnonymousWrappers):
        * rendering/updating/RenderTreeBuilderTable.cpp:
        (WebCore::RenderTreeBuilder::Table::collapseAndDestroyAnonymousSiblingRows):
        * rendering/updating/RenderTreeBuilderTable.h:

2018-02-01  Chris Dumez  <cdumez@apple.com>

        Queue a microtask when a waitUntil() promise is settled
        https://bugs.webkit.org/show_bug.cgi?id=182372
        <rdar://problem/37101019>

        Reviewed by Mark Lam.

        Queue a microtask when a waitUntil() promise is settled, as per:
        - https://w3c.github.io/ServiceWorker/#dom-extendableevent-waituntil (step 5)

        Otherwise, we decrement m_pendingPromiseCount too quickly and it may cause
        following calls to waitUntil() to throw when they shouldn't.

        No new tests, rebaselined existing test.

        * workers/service/ExtendableEvent.cpp:
        (WebCore::ExtendableEvent::addExtendLifetimePromise):

2018-02-01  Antti Koivisto  <antti@apple.com>

        Invalidate style for sibling combinators accurately on class change
        https://bugs.webkit.org/show_bug.cgi?id=182336

        Reviewed by Zalan Bujtas.

        Use Style::Invalidator to invalidate only those elements that may be affected by a class
        change for sibling combinators and nth pseudo classes.

        * css/RuleFeature.cpp:

        Add new AllSiblings MatchElement to use for nth pseudo classes with subselectors.

        (WebCore::isSiblingOrSubject):

        Add a helper.

        (WebCore::RuleFeatureSet::computeNextMatchElement):
        (WebCore::RuleFeatureSet::computeSubSelectorMatchElement):

        Compute and propage MatchElement::AllSiblings.

        * css/RuleFeature.h:
        * dom/Node.cpp:
        (WebCore::Node::updateAncestorsForStyleRecalc):

        Don't need to test for childrenAffectedByPropertyBasedBackwardPositionalRules anymore (an oddly named bit for nth pseudo classes).

        * style/StyleInvalidator.cpp:
        (WebCore::Style::Invalidator::invalidateStyleWithMatchElement):

        Invalidate only the potentially affected elements.
        The old code would just unconditionally invalidate the current element. This would propagate to descedants of siblings via
        affectedByPreviousSibling bits. That mechanism can be removed when everything has been switched to accurate invalidation.

2018-01-31  Simon Fraser  <simon.fraser@apple.com>

        Use different debug red colors for different contexts
        https://bugs.webkit.org/show_bug.cgi?id=182362

        Reviewed by Tim Horton.

        Pure red is used elsehwere in the system as a debug color indicator, so use different
        shades of red for WebKit in the two places where we paint a reddish wash in debug builds,
        so they are identifiable.

        * page/FrameView.cpp:
        (WebCore::FrameView::paintContents):

2018-01-31  Don Olmstead  <don.olmstead@sony.com>

        [CMake] Make JavaScriptCore headers copies
        https://bugs.webkit.org/show_bug.cgi?id=182303

        Reviewed by Alex Christensen.

        No new tests. No change in behavior.

        * CMakeLists.txt:
        * PlatformMac.cmake:
        * PlatformWPE.cmake:
        * PlatformWin.cmake:
        * PlatformWinCairo.cmake:

2018-01-31  Per Arne Vollan  <pvollan@apple.com>

        Layout Test fast/events/beforeunload-dom-manipulation-crash.html is crashing
        https://bugs.webkit.org/show_bug.cgi?id=181204
        <rdar://problem/36256274>

        Reviewed by Ryosuke Niwa.

        When a frame element is moved in the DOM tree during the execution of a beforeunload handler,
        the frame will be detached when removed from its previous position in the DOM tree. When being
        detached, an attempt will also be made to stop the load by calling FrameLoader::stopAllLoaders().
        However, this method will return early when executed in a beforeunload handler, since navigation
        is not allowed then. The end result is a detached frame which will continue to load, and hitting
        asserts in DocumentLoader::dataReceived(), and DocumentLoader::notifyFinished(). It should be
        possible to stop a frame load, even when executing a beforeunload handler.

        No new tests. Covered by the existing test fast/events/beforeunload-dom-manipulation-crash.html.

        * history/PageCache.cpp:
        (WebCore::PageCache::addIfCacheable): Fix a failing API test by allowing scripts to be executed
        under the PageCache::prune method.
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::isStopLoadingAllowed const):
        (WebCore::FrameLoader::stopAllLoaders):
        * loader/FrameLoader.h:
        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::~SVGImage): Disable scripts disallowed assertions in this scope, since it is
        safe in this context.

2018-01-31  Javier Fernandez  <jfernandez@igalia.com>

        inline-block baseline not computed correctly for vertical-lr
        https://bugs.webkit.org/show_bug.cgi?id=170176

        Reviewed by Manuel Rego Casasnovas.

        When computing the baseline position of inline-block elements we use the
        InlineFlow logicalTop and the FontMetrics ascent. The issue comes from
        the fact that these units are incompatible. The logicalTop of a
        vertical-lr element is offset to the left edge, while the ascent is the
        distance from the right edge.

        We need to either use logical value for the FontMetrics ascent so we can
        compute the correctly the baselines of vertical-lr elements, or just using
        the logicalBottom for these cases.

        The approach based on a logicalAscent API for FontMetrics would require
        a lot of work because inline-block logic assumes everything is vertical-rl
        and at some point, flips the elements along the block-axis in case of
        vertical-lr mode.

        While it'd be desirable to get rid of this flipping logic, this patch tries
        first the simpler approach of using logicalBottom, which aligns with the
        currently implemented logic.

        Tests: fast/inline-block/baseline-vertical-01.html
               fast/inline-block/baseline-vertical-02.html
               fast/inline-block/baseline-vertical-03.html
               fast/inline-block/baseline-vertical-04.html
               fast/inline-block/baseline-vertical-05.html
               fast/inline-block/baseline-vertical-06.html
               fast/inline-block/baseline-vertical-07.html
               fast/inline-block/baseline-vertical-08.html

        * rendering/InlineFlowBox.cpp:
        (WebCore::InlineFlowBox::placeBoxesInBlockDirection):
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::inlineBlockBaseline const):

2018-01-31  Said Abou-Hallawa  <sabouhallawa@apple.com>

        BitmapImage::drawPattern() may not draw a complete frame even after all the data is received
        https://bugs.webkit.org/show_bug.cgi?id=182277

        Reviewed by Simon Fraser.

        BitmapImage::drawPattern() needs to destroy the incomplete decoded frame
        before trying to draw it as a pattern.

        Test: http/tests/images/draw-pattern-slow-load-large-image.html

        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::updateBufferInternal): We need to disable CachedImage
        data buffering for testing. This simulates slow network where intervals
        between data chunks can last for seconds.
        * loader/cache/CachedImage.h:
        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::drawPattern): Destroy the incomplete decoded frame
        before drawing this frame as a pattern. We do not destroy incomplete decoded
        frame once new data is received because it may be drawn by async image
        drawing while waiting for the newer frame to finish decoding.
        * testing/Internals.cpp:
        (WebCore::Internals::setForceUpdateImageDataEnabledForTesting):
        * testing/Internals.h:
        * testing/Internals.idl:

2018-01-31  Ryosuke Niwa  <rniwa@webkit.org>

        Add a release assertion to ensure timers are deleted in the right thread
        https://bugs.webkit.org/show_bug.cgi?id=182351

        Reviewed by David Kilzer.

        Added a relese assertion in ~TimerBase that the current thread is the one in which the timer was created.

        We use canAccessThreadLocalDataForThread for this purpose since the condition is more complicated
        when WebThread is being used.

        * platform/Timer.cpp:
        (WebCore::TimerBase::~TimerBase): Added the assertion.
        * platform/Timer.h:
        (WebCore::TimerBase::m_thread): Always store the current thread in a timer.

2018-01-31  Youenn Fablet  <youenn@apple.com>

        Change SWServer::claim to set the iterator value as soon as possible
        https://bugs.webkit.org/show_bug.cgi?id=182337

        Reviewed by Chris Dumez.

        No change of behavior, this is a "let's go safe way" fix.

        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::claim):

2018-01-31  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderObject::removeFromParentAndDestroyCleaningUpAnonymousWrappers to RenderTreeBuilder.
        https://bugs.webkit.org/show_bug.cgi?id=182348
        <rdar://problem/37082837>

        Reviewed by Antti Koivisto.

        All the callsites are in the RenderTreeUpdater by now.

        No change in functionality.

        * rendering/RenderObject.cpp:
        (WebCore::isAnonymousAndSafeToDelete): Deleted.
        (WebCore::findDestroyRootIncludingAnonymous): Deleted.
        (WebCore::RenderObject::removeFromParentAndDestroyCleaningUpAnonymousWrappers): Deleted.
        * rendering/RenderObject.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::isAnonymousAndSafeToDelete):
        (WebCore::findDestroyRootIncludingAnonymous):
        (WebCore::RenderTreeBuilder::removeFromParentAndDestroyCleaningUpAnonymousWrappers):
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeUpdater.cpp:
        (WebCore::RenderTreeUpdater::tearDownRenderers):
        (WebCore::RenderTreeUpdater::tearDownTextRenderer):

2018-01-31  Ryosuke Niwa  <rniwa@webkit.org>

        Release assertion in Performance::resourceTimingBufferFullTimerFired when the resource timing buffer is shrunk
        https://bugs.webkit.org/show_bug.cgi?id=182319
        <rdar://problem/36904312>

        Reviewed by Chris Dumez.

        The crash was caused by a wrong release assertion. Handle author scripts shrinking the resource timing buffer
        while resourcetimingbufferfull event is being dispatched.

        Also fixed a bug that a superflous resourcetimingbufferfull event will be fired when new resource timing entries
        are queued while resourcetimingbufferfull event is being dispatched.

        Test: http/tests/performance/performance-resource-timing-resourcetimingbufferfull-queue-resource-entry.html
              http/tests/performance/performance-resource-timing-resourcetimingbufferfull-shrinking-buffer-crash.html

        * page/Performance.cpp:
        (WebCore::Performance::resourceTimingBufferFullTimerFired): 

2018-01-31  Youenn Fablet  <youenn@apple.com>

        com.apple.WebKit.Storage crashing at com.apple.WebCore: WebCore::SWServerRegistration::removeClientUsingRegistration
        https://bugs.webkit.org/show_bug.cgi?id=182316
        <rdar://problem/37025976>

        Reviewed by Chris Dumez.

        SWServer.m_clientToControllingWorker and SWServerRegistration.m_clientsUsingRegistration might currently get out of sync.
        This is a defensive fix to ensure storage process will not crash in Release.
        We keep the ASSERT as this probably means there is an abnormal situation that other patches might fix.

        * workers/service/server/SWServerRegistration.cpp:
        (WebCore::SWServerRegistration::removeClientUsingRegistration):

2018-01-31  Antoine Quint  <graouts@apple.com>

        [Modern Media Controls] Turn media/modern-media-controls/start-support tests back on
        https://bugs.webkit.org/show_bug.cgi?id=182297

        Reviewed by Jon Lee and Eric Carlson.

        We identified one cause of flakiness when turning those tests back on and fix it in this patch. There would be
        cases where the play/pause button would never actually become visible because we would first set it as one of
        the buttons in the left container in the bottom controls bar before we would identify that we should show the
        prominent play/pause button, and then once we did, we would add it as a child to the InlineMediaControls. But,
        because the actual layout of the ButtonsContainer would happen in a rAF due to being a layout() method, we would
        remove the play/pause button from the InlineMediaControls and set it as a child of the left container even
        though it wasn't visible.

        Performing the layout of a ButtonsContainer should really happen immediately when we set the buttons, so in this
        patch we remove the "buttons" property and clients of ButtonsContainer can simply add or remove children which
        will be laid out in a row. To support this, we've added two notification methods to LayoutNode, one that indicates
        when children have changed, didChangeChildren(), which we override in ButtonsContainer to perform a synchronous
        layout. The other method is willRemoveChild() which we also override in ButtonsContainer, this time to reset
        the "x" and "visible" properties which we set while performing layout.
        
        This fixes flakiness for media/modern-media-controls/start-support/start-support-click-to-start.html, and maybe
        other modern-media-controls tests that could have been affected by this unexpected behavior.

        * Modules/modern-media-controls/controls/buttons-container.js:
        (ButtonsContainer.prototype.willRemoveChild):
        (ButtonsContainer.prototype.didChangeChildren):
        (ButtonsContainer.prototype.layout):
        (ButtonsContainer.prototype.get buttons): Deleted.
        (ButtonsContainer.prototype.set buttons): Deleted.
        * Modules/modern-media-controls/controls/inline-media-controls.js:
        (InlineMediaControls.prototype.layout):
        (InlineMediaControls.prototype._updateBottomControlsBarLabel):
        (InlineMediaControls.prototype._addTopRightBarWithMuteButtonToChildren):
        (InlineMediaControls):
        * Modules/modern-media-controls/controls/layout-node.js:
        (LayoutNode.prototype.set children):
        (LayoutNode.prototype.addChild):
        (LayoutNode.prototype.removeChild):
        (LayoutNode.prototype.willRemoveChild):
        (LayoutNode.prototype.didChangeChildren):
        * Modules/modern-media-controls/controls/macos-fullscreen-media-controls.js:
        (MacOSFullscreenMediaControls.prototype.layout):
        * Modules/modern-media-controls/media/media-controller.js: Drive-by fix to correctly set the value passed as
        data-auto-hide-delay on a <video> element.

2018-01-31  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderMultiColumnFlow::resolveMovedChild to RenderTreeBuilder.
        https://bugs.webkit.org/show_bug.cgi?id=182315
        <rdar://problem/37048160>

        Reviewed by Antti Koivisto.

        resolveMovedChild() is only called from RenderTreeBuilder.

        No change in functionality.

        * rendering/RenderFragmentedFlow.h:
        * rendering/RenderMultiColumnFlow.cpp:
        (WebCore::RenderMultiColumnFlow::resolveMovedChild const): Deleted.
        * rendering/RenderMultiColumnFlow.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::resolveMovedChildForMultiColumnFlow):
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderBlockFlow.cpp:
        (WebCore::RenderTreeBuilder::BlockFlow::insertChild):
        * rendering/updating/RenderTreeBuilderInline.cpp:
        (WebCore::RenderTreeBuilder::Inline::insertChild):
        * rendering/updating/RenderTreeBuilderMultiColumn.cpp:
        (WebCore::RenderTreeBuilder::MultiColumn::resolveMovedChild):
        * rendering/updating/RenderTreeBuilderMultiColumn.h:

2018-01-31  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] Silent WebAudio buffers support
        https://bugs.webkit.org/show_bug.cgi?id=143869

        Reviewed by Carlos Garcia Campos.

        * platform/audio/gstreamer/WebKitWebAudioSourceGStreamer.cpp:
        (webKitWebAudioSrcLoop): Flag silent buffers as GAP buffers. This
        enables downstream elements to optimize the buffer processing.

2018-01-31  Xabier Rodriguez Calvar  <calvaris@igalia.com>

        [EME] Fix NavigatorEME::tryNextSupportedConfiguration typo
        https://bugs.webkit.org/show_bug.cgi?id=182324

        Reviewed by Žan Doberšek.

        * Modules/encryptedmedia/NavigatorEME.cpp:
        (WebCore::tryNextSupportedConfiguration): Fix
        candidateCofiguration typo.

2018-01-30  Fujii Hironori  <Hironori.Fujii@sony.com>

        [WinCairo] syntheticBoldOffset makes a font with embedded bitmap fonts shown as double strike in HiDPI
        https://bugs.webkit.org/show_bug.cgi?id=182093

        Reviewed by Alex Christensen.

        WebKit draws texts doubly by shifting 1px for fonts without bold
        fonts but bold font is desired. This synthetic bold method draws
        fonts with embedded bitmap fonts look like double strike in HiDPI.

        No new tests (Covered by the existing tests).

        * platform/graphics/win/FontCacheWin.cpp:
        (WebCore::createGDIFont): Overwrite lfWeight if the desired weight
        is bold and matched font weight is't bold and in WinCairo port.
        Fix wrong indentation.

2018-01-30  Youenn Fablet  <youenn@apple.com> and Oleksandr Skachkov  <gskachkov@gmail.com>

        FetchResponse should support ConsumeData callback on chunk data is received
        https://bugs.webkit.org/show_bug.cgi?id=181600
        <rdar://problem/36932547>

        Reviewed by Alex Christensen.

        Test: imported/w3c/web-platform-tests/service-workers/service-worker/fetch-event-respond-with-body-loaded-in-chunk.https.html

        Apply same read-by-chunk strategy for body coming from network as for body coming from ReadableStream.
        Refactor to have one consumeBodyReceivedByChunk method for both cases.
        This allows streaming data from a service worker to WebProcess as would be done by NetworkProcess.

        * Modules/cache/DOMCache.cpp:
        (WebCore::DOMCache::addAll):
        (WebCore::DOMCache::put):
        * Modules/fetch/FetchResponse.cpp:
        (WebCore::FetchResponse::BodyLoader::didSucceed):
        (WebCore::FetchResponse::BodyLoader::didReceiveData):
        (WebCore::FetchResponse::BodyLoader::consumeDataByChunk):
        (WebCore::FetchResponse::consumeBody):
        (WebCore::FetchResponse::consumeBodyReceivedByChunk):
        * Modules/fetch/FetchResponse.h:
        * workers/service/context/ServiceWorkerFetch.cpp:
        (WebCore::ServiceWorkerFetch::processResponse):

2018-01-30  Don Olmstead  <don.olmstead@sony.com>

        JSExports.h should be included as <JavaScriptCore/JSExportMacros.h>
        https://bugs.webkit.org/show_bug.cgi?id=182312

        Reviewed by Michael Catanzaro.

        No new tests. No change in behavior.

        * config.h:

2018-01-30  Chris Nardi  <cnardi@chromium.org>

        Use double-quotes when serializing font-feature-settings
        https://bugs.webkit.org/show_bug.cgi?id=182201

        According to the CSSOM spec, all strings should be serialized with double-quotes. The feature
        tag value was previously serialized with single-quotes; change this to double-quotes to match
        the spec and non-WebKit browsers.

        Reviewed by Myles C. Maxfield.

        Updated css3/font-feature-settings-parsing.html, fast/css/inherited-properties-rare-text.html,
        and fast/text/font-face-javascript.html.

        * css/CSSFontFeatureValue.cpp:
        (WebCore::CSSFontFeatureValue::customCSSText const):

2018-01-30  Brent Fulgham  <bfulgham@apple.com>

        Add telemetry to track storage access API adoption
        https://bugs.webkit.org/show_bug.cgi?id=182197
        <rdar://problem/35803309>

        Reviewed by Chris Dumez.

        Part 2: Add telemetry for the Storage Access API case

        Adds a new convenience method to identify origin/page/frame combinations that
        have been granted access to the Storage Access API. This is used for debug
        logging in the NetworkProcess. It is not used in production builds.

        * platform/network/NetworkStorageSession.h:
        * platform/network/cf/NetworkStorageSessionCFNet.cpp:
        (WebCore::NetworkStorageSession::hasStorageAccessForFrame const): Added.

2018-01-30  Ryosuke Niwa  <rniwa@webkit.org>

        Release assert in updateLayout() via AXObjectCache::childrenChanged
        https://bugs.webkit.org/show_bug.cgi?id=182279
        <rdar://problem/36994456>

        Reviewed by Antti Koivisto.

        Disable the assertion in Document::updateLayout and Document::updateStyle* in this particular circumstance as fixing it
        would require a large architectural refactoring of the accessibility code.

        Test: accessibility/accessibility-object-update-during-style-resolution-crash.html

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::childrenChanged): Disabled the release assertion here.
        * dom/Document.cpp:
        (WebCore::Document::isSafeToUpdateStyleOrLayout const): Check LayoutAssertionDisableScope::shouldDisable.
        * dom/ScriptDisallowedScope.h:
        (WebCore::ScriptDisallowedScope::LayoutAssertionDisableScope): Added.
        (WebCore::ScriptDisallowedScope::LayoutAssertionDisableScope::LayoutAssertionDisableScope): Added.
        (WebCore::ScriptDisallowedScope::LayoutAssertionDisableScope::~LayoutAssertionDisableScope): Added.
        (WebCore::ScriptDisallowedScope::LayoutAssertionDisableScope::shouldDisable): Added.
        * page/LayoutContext.cpp:
        (WebCore::LayoutContext::layout): Check LayoutAssertionDisableScope::shouldDisable.

2018-01-30  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderRubyRun::rubyBaseSafe to RenderTreeBuilder::Ruby
        https://bugs.webkit.org/show_bug.cgi?id=182306
        <rdar://problem/37041440>

        Reviewed by Antti Koivisto.

        With all the ruby mutation code moving, only RenderTreeBuilder calls RenderRubyRun::rubyBaseSafe.

        No change in functionality.

        * rendering/RenderRubyRun.cpp:
        (WebCore::RenderRubyRun::rubyText const):
        (WebCore::RenderRubyRun::rubyBase const):
        (WebCore::RenderRubyRun::firstLineBlock const):
        (WebCore::RenderRubyRun::takeChild):
        (WebCore::RenderRubyRun::rubyBaseSafe): Deleted.
        * rendering/RenderRubyRun.h:
        * rendering/updating/RenderTreeBuilderRuby.cpp:
        (WebCore::RenderTreeBuilder::Ruby::insertChild):
        (WebCore::RenderTreeBuilder::Ruby::rubyBaseSafe):
        * rendering/updating/RenderTreeBuilderRuby.h:

2018-01-30  Fujii Hironori  <Hironori.Fujii@sony.com>

        Unified sources for FEMorphology.cpp seems to break the windows build.
        https://bugs.webkit.org/show_bug.cgi?id=178847

        Reviewed by Yusuke Suzuki.

        Fix a compilation error.
        platform/graphics/filters/SpotLightSource.cpp(45): error C2027: use of undefined type 'WebCore::FilterEffect'

        No new tests (No behavior change)

        * Sources.txt: Removed @no-unify for FEMorphology.cpp.
        * platform/graphics/filters/SpotLightSource.cpp: Added #include "FilterEffect.h".

2018-01-30  Myles C. Maxfield  <mmaxfield@apple.com>

        Test fix after r227776
        https://bugs.webkit.org/show_bug.cgi?id=180951

        Unreviewed.

        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::mandatoryAttributesForUserInstalledFonts):

2018-01-30  Dean Jackson  <dino@apple.com>

        CrashTracer: com.apple.WebKit.WebContent at WebCore: WebCore::Document::updateStyleIfNeeded
        https://bugs.webkit.org/show_bug.cgi?id=182299
        <rdar://problem/36853088>

        Removing a misleading comment based on Zalan Bujtas's feedback.

        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::repaintForPausedImageAnimationsIfNeeded):

2018-01-30  Dean Jackson  <dino@apple.com>

        CrashTracer: com.apple.WebKit.WebContent at WebCore: WebCore::Document::updateStyleIfNeeded
        https://bugs.webkit.org/show_bug.cgi?id=182299
        <rdar://problem/36853088>

        Reviewed by Simon Fraser.

        Mostly speculative fix for the case where a scrollTo moves an
        animated SVG image into view, causing its animation to restart during
        a paint operation. This was causing a release ASSERT, so we now defer
        the resumption of the animation into a timer.

        Test: svg/animated-svgImage-scroll.html

        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::repaintForPausedImageAnimationsIfNeeded): Enqueue the
        animation if it is an SVGImage.
        * svg/graphics/SVGImage.cpp: Add a timer to enqueue animation starts.
        (WebCore::SVGImage::SVGImage):
        (WebCore::SVGImage::startAnimationTimerFired):
        (WebCore::SVGImage::enqueueStartAnimation):
        (WebCore::SVGImage::stopAnimation):
        * svg/graphics/SVGImage.h:

2018-01-30  Chris Dumez  <cdumez@apple.com>

        Service worker registration soft updates happen too frequently
        https://bugs.webkit.org/show_bug.cgi?id=182296
        <rdar://problem/37031862>

        Reviewed by Youenn Fablet.

        Move code that updates the registration's last update check time from after
        the script bytecheck to before, as per:
        - https://w3c.github.io/ServiceWorker/#update (step 7.19)

        This way, the last update check time gets updated even if the newly fetched
        script is identical to the previous one, which is the common case.

        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::updateWorker):
        * workers/service/server/SWServerJobQueue.cpp:
        (WebCore::SWServerJobQueue::scriptFetchFinished):

2018-01-30  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move childBecameNonInline to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=182265
        <rdar://problem/37004459>

        Reviewed by Antti Koivisto.

        Move the mutation code that wraps/unwraps a child element when its flow state changes
        from(to) in-flow to(from) floating/out-of-flow.

        No change in functionality.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::childBecameNonInline): Deleted.
        * rendering/RenderBlock.h:
        * rendering/RenderBoxModelObject.h:
        (WebCore::RenderBoxModelObject::childBecameNonInline): Deleted.
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::styleDidChange):
        (WebCore::RenderElement::handleDynamicFloatPositionChange): Deleted.
        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::childBecameNonInline): Deleted.
        * rendering/RenderInline.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::childFlowStateChangesAndAffectsParentBlock):
        (WebCore::RenderTreeBuilder::splitFlow): Deleted.
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderBlock.cpp:
        (WebCore::RenderTreeBuilder::Block::childBecameNonInline):
        * rendering/updating/RenderTreeBuilderBlock.h:
        * rendering/updating/RenderTreeBuilderInline.cpp:
        (WebCore::RenderTreeBuilder::Inline::childBecameNonInline):
        * rendering/updating/RenderTreeBuilderInline.h:

2018-01-30  Brent Fulgham  <bfulgham@apple.com>

        Add telemetry to track storage access API adoption
        https://bugs.webkit.org/show_bug.cgi?id=182197
        <rdar://problem/35803309>

        Reviewed by Chris Dumez.
        
        Partial roll-out of r227755.

        The original patch assumed the WebContent process kept track of user interaction. This is
        only tracked in the UIProcess, so we can get rid of some of the logging code adding in
        r227755.

        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::logFrameNavigation):
        (WebCore::ResourceLoadObserver::logSubresourceLoading):
        (WebCore::ResourceLoadObserver::setTimeToLivePartitionFree): Deleted.
        (WebCore::ResourceLoadObserver::wasAccessedWithinInteractionWindow const): Deleted.
        * loader/ResourceLoadObserver.h:

2018-01-30  Chris Dumez  <cdumez@apple.com>

        Make sure we never create a WebSWClientConnection with an invalid sessionID
        https://bugs.webkit.org/show_bug.cgi?id=182276
        <rdar://problem/36582633>

        Reviewed by Alex Christensen.

        Make sure we never create a WebSWClientConnection with an invalid sessionID as this
        could corrupt our hash tables.

        * dom/Document.cpp:
        (WebCore::Document::privateBrowsingStateDidChange):
        * workers/service/ServiceWorker.cpp:
        (WebCore::ServiceWorker::postMessage):
        * workers/service/ServiceWorkerContainer.cpp:
        (WebCore::ServiceWorkerContainer::ready):
        (WebCore::ServiceWorkerContainer::getRegistration):
        (WebCore::ServiceWorkerContainer::didFinishGetRegistrationRequest):
        (WebCore::ServiceWorkerContainer::getRegistrations):
        (WebCore::ServiceWorkerContainer::didFinishGetRegistrationsRequest):
        (WebCore::ServiceWorkerContainer::jobResolvedWithRegistration):
        (WebCore::ServiceWorkerContainer::ensureSWClientConnection):

2018-01-30  Antti Koivisto  <antti@apple.com>

        Avoid traversing too much when doing class change invalidation
        https://bugs.webkit.org/show_bug.cgi?id=181604

        Reviewed by Zalan Bujtas.

        We are now collecting information about which part of the tree a change in class can potentially affect.
        Use the information to traverse only the required elements in Style::Invalidator.

        The same mechanism can be later used for attribute and id change invalidation.

        * css/DocumentRuleSets.cpp:
        (WebCore::DocumentRuleSets::collectFeatures const):
        (WebCore::DocumentRuleSets::classInvalidationRuleSets const):
        (WebCore::DocumentRuleSets::subjectClassRules const): Deleted.
        (WebCore::DocumentRuleSets::ancestorClassRules const): Deleted.

            Remove separate subject and ancestor invalidation RuleSets. Instead collect all invalidation rulesets
            to a vector along with their MatchElements.

        * css/DocumentRuleSets.h:
        * css/RuleFeature.cpp:
        (WebCore::RuleFeatureSet::computeNextMatchElement):
        (WebCore::RuleFeatureSet::computeSubSelectorMatchElement):
        (WebCore::RuleFeatureSet::collectFeatures):

            Similarly collect all class invalidation RuleFeatures to a general HashMap along with the MatchElement.

        (WebCore::RuleFeatureSet::add):
        (WebCore::RuleFeatureSet::clear):
        (WebCore::RuleFeatureSet::shrinkToFit):
        * css/RuleFeature.h:
        (WebCore::RuleFeature::RuleFeature):
        * style/ClassChangeInvalidation.cpp:
        (WebCore::Style::ClassChangeInvalidation::computeInvalidation):

            Find out InvalidationRuleSets to use.

        (WebCore::Style::ClassChangeInvalidation::invalidateStyleWithRuleSets):

            Pass them to Style::Invalidator.

        * style/ClassChangeInvalidation.h:
        * style/StyleInvalidator.cpp:
        (WebCore::Style::Invalidator::invalidateStyleForTree):
        (WebCore::Style::Invalidator::invalidateStyleForDescendants):
        (WebCore::Style::Invalidator::invalidateStyleWithMatchElement):

            Traverse only the part of the tree needed by the given MatchElement.

        * style/StyleInvalidator.h:
        * style/StyleSharingResolver.cpp:
        (WebCore::Style::SharingResolver::classNamesAffectedByRules const):

2018-01-30  Javier Fernandez  <jfernandez@igalia.com>

        [css-align] The 'baseline' value must be invalid for the 'justify-content' property
        https://bugs.webkit.org/show_bug.cgi?id=181794

        Reviewed by Antti Koivisto.

        The CSS WG has resolved that it doesn't make sense to define Baseline
        Content-Alignment in the inline/main axis.

        https://github.com/w3c/csswg-drafts/issues/1184

        The spec has been updated so that <baseline-postion> is not valid for
        the 'justify-content' property's syntax. This CL updates our parsing
        logic to match the new spec, including the parsing logic of the
        place-content shorthand.

        Additionally, this CL updates the computed value of the
        <baseline-position> values to match other browsers.

        We don't implement support for <baseline-position> values in the
        Content Distribution properties (align-content and justify-content),
        so I don't expect this change to break content of sites using the CSS
        Box Alignment feature.

        No new tests, just adapt the Web Platform Tests we already have to the new CSS syntax.

        * css/parser/CSSPropertyParser.cpp:
        (WebCore::getBaselineKeyword):
        (WebCore::consumeBaselineKeyword):
        (WebCore::consumeContentDistributionOverflowPosition):
        (WebCore::consumeSelfPositionOverflowPosition):
        (WebCore::CSSPropertyParser::parseSingleValue):
        (WebCore::consumeSimplifiedContentPosition):
        (WebCore::CSSPropertyParser::consumePlaceContentShorthand):
        (WebCore::consumeSimplifiedItemPosition):

2018-01-30  Basuke Suzuki  <Basuke.Suzuki@sony.com>

        [WinCairo] Fix forwarding header conflict of WebKit on WinCairo
        https://bugs.webkit.org/show_bug.cgi?id=177202

        Reviewed by Alex Christensen.

        * PlatformWin.cmake:

2018-01-30  Myles C. Maxfield  <mmaxfield@apple.com>

        A disallowed user-installed font may be used if its PostScript name is specified
        https://bugs.webkit.org/show_bug.cgi?id=180951

        Reviewed by Brent Fulgham.

        This patch adds a new CoreText font attribute, kCTFontFallbackOptionAttribute, to the
        fonts which WebKit creates. It also adds this attribute to web fonts, so that font
        fallback will happen according to our rules about user-installed fonts. It also marks
        these font attributes as "mandatory" so CoreText will be guaranteed to follow the
        policy.

        Test: fast/text/user-installed-fonts/disable.html

        * platform/graphics/FontCache.h:
        (WebCore::FontDescriptionKey::makeFlagsKey):
        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::FontDatabase::collectionForFamily):
        (WebCore::FontDatabase::fontForPostScriptName):
        (WebCore::addAttributesForUserInstalledFonts):
        (WebCore::mandatoryAttributesForUserInstalledFonts):
        * platform/graphics/mac/FontCustomPlatformData.cpp:
        (WebCore::FontCustomPlatformData::fontPlatformData):

2018-01-29  Youenn Fablet  <youenn@apple.com>

        Cache API should make sure to resolve caches.open promises in the same order as called
        https://bugs.webkit.org/show_bug.cgi?id=182193
        <rdar://problem/36930363>

        Reviewed by Chris Dumez.

        Covered by LayoutTests/http/wpt/cache-storage/cache-open-delete-in-parallel.https.html.

        * Modules/cache/DOMCacheStorage.cpp:
        (WebCore::DOMCacheStorage::doRemove): Removed optimization consisting in removing the cache from DOMCacheStorage object synchronously.
        This optimization prevents going to the network process to try deleting the cache.

2018-01-29  Jiewen Tan  <jiewen_tan@apple.com>

        [WebAuthN] Add a compile-time feature flag
        https://bugs.webkit.org/show_bug.cgi?id=182211
        <rdar://problem/36936365>

        Reviewed by Brent Fulgham.

        Add a compile-time feature flag for WebAuthN as most of the functionality is platform
        dependent.

        No tests.

        * Configurations/FeatureDefines.xcconfig:
        * Modules/credentialmanagement/BasicCredential.cpp:
        * Modules/credentialmanagement/BasicCredential.h:
        * Modules/credentialmanagement/BasicCredential.idl:
        * Modules/credentialmanagement/CredentialCreationOptions.h:
        * Modules/credentialmanagement/CredentialCreationOptions.idl:
        * Modules/credentialmanagement/CredentialRequestOptions.h:
        * Modules/credentialmanagement/CredentialRequestOptions.idl:
        * Modules/credentialmanagement/CredentialsContainer.cpp:
        * Modules/credentialmanagement/CredentialsContainer.h:
        * Modules/credentialmanagement/CredentialsContainer.idl:
        * Modules/credentialmanagement/NavigatorCredentials.cpp:
        * Modules/credentialmanagement/NavigatorCredentials.h:
        * Modules/credentialmanagement/NavigatorCredentials.idl:
        * Modules/webauthn/Authenticator.cpp:
        * Modules/webauthn/Authenticator.h:
        * Modules/webauthn/AuthenticatorAssertionResponse.cpp:
        * Modules/webauthn/AuthenticatorAssertionResponse.h:
        * Modules/webauthn/AuthenticatorAssertionResponse.idl:
        * Modules/webauthn/AuthenticatorAttestationResponse.cpp:
        * Modules/webauthn/AuthenticatorAttestationResponse.h:
        * Modules/webauthn/AuthenticatorAttestationResponse.idl:
        * Modules/webauthn/AuthenticatorResponse.cpp:
        * Modules/webauthn/AuthenticatorResponse.h:
        * Modules/webauthn/AuthenticatorResponse.idl:
        * Modules/webauthn/PublicKeyCredential.cpp:
        * Modules/webauthn/PublicKeyCredential.h:
        * Modules/webauthn/PublicKeyCredential.idl:
        * Modules/webauthn/PublicKeyCredentialCreationOptions.h:
        * Modules/webauthn/PublicKeyCredentialCreationOptions.idl:
        * Modules/webauthn/PublicKeyCredentialDescriptor.h:
        * Modules/webauthn/PublicKeyCredentialDescriptor.idl:
        * Modules/webauthn/PublicKeyCredentialRequestOptions.h:
        * Modules/webauthn/PublicKeyCredentialRequestOptions.idl:
        * Modules/webauthn/PublicKeyCredentialType.h:
        * Modules/webauthn/PublicKeyCredentialType.idl:
        * bindings/js/JSAuthenticatorResponseCustom.cpp:
        * bindings/js/JSBasicCredentialCustom.cpp:

2018-01-29  John Wilander  <wilander@apple.com>

        Resource Load Statistics: Introduce debug mode as experimental feature
        https://bugs.webkit.org/show_bug.cgi?id=182199
        <rdar://problem/36930364>

        Reviewed by Alex Christensen.

        No new tests. This adds an experimental feature.

        The only changes to default behavior are:
        - Increased resolution on timestamps which is needed to be able to set shorter
          timeouts in debug mode.
        - Only update partitioning and blocking table when needed. This is an optimization
          which pays off in less XPC with shorter timeouts.

        * loader/ResourceLoadObserver.cpp:
        (WebCore::reduceTimeResolution):
        (WebCore::ResourceLoadObserver::logFrameNavigation):
        (WebCore::ResourceLoadObserver::logSubresourceLoading):
        (WebCore::ResourceLoadObserver::logWebSocketLoading):
        (WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution):
        (WebCore::reduceToHourlyTimeResolution): Deleted.
        * page/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::setResourceLoadStatisticsDebugMode):
        (WebCore::RuntimeEnabledFeatures::resourceLoadStatisticsDebugMode const):
        * page/Settings.yaml:

2018-01-29  Oleksandr Skachkov  <gskachkov@gmail.com>

        FetchResponse should support ConsumeData callback on chunk data is received: handling ReadableStream bodies
        https://bugs.webkit.org/show_bug.cgi?id=182008

        Reviewed by Youenn Fablet.

        Modify FetchResponse to support ConsumeData callback with 
        handling of ReadableStream by chunks

        * Modules/cache/DOMCache.cpp:
        (WebCore::DOMCache::put):
        * Modules/fetch/FetchBodyConsumer.cpp:
        (WebCore::FetchBodyConsumer::resolve):
        * Modules/fetch/FetchResponse.cpp:
        (WebCore::FetchResponse::consumeBodyFromReadableStream):
        * Modules/fetch/FetchResponse.h:
        * Modules/streams/ReadableStreamChunk.h: Added.
        * Modules/streams/ReadableStreamSink.cpp:
        (WebCore::ReadableStreamToSharedBufferSink::enqueue):
        (WebCore::ReadableStreamToSharedBufferSink::close):
        * Modules/streams/ReadableStreamSink.h:
        * WebCore.xcodeproj/project.pbxproj:
        * workers/service/context/ServiceWorkerFetch.cpp:
        (WebCore::ServiceWorkerFetch::processResponse):

2018-01-29  Andy Estes  <aestes@apple.com>

        [iOS] Restrict synthetic clicks to the origin that handled the underlying touch event
        https://bugs.webkit.org/show_bug.cgi?id=182252
        <rdar://problem/21555881>

        Reviewed by Tim Horton.

        Test: http/tests/events/touch/ios/cross-frame-single-tap-same-origin.https.html

        * dom/Document.h:
        (WebCore::Document::handlingTouchEvent const):
        * page/EventHandler.h:
        (WebCore::EventHandler::touchEventTargetSubframe const):
        (WebCore::EventHandler::touches const):

        Exposed some information needed by WebPage::updatePotentialTapSecurityOrigin().

        * page/Frame.h:
        * page/ios/FrameIOS.mm:
        (WebCore::Frame::betterApproximateNode):
        (WebCore::Frame::qualifyingNodeAtViewportLocation):

        Changed NodeQualifier from a function pointer to a WTF::Function.

        (WebCore::Frame::nodeRespondingToClickEvents):

        Turned ancestorRespondingToClickEvents() into a lambda that captures originRestriction. In
        the lambda, if there is an origin restriction, return nullptr if the hit test result's inner
        Node is not in the restricted origin.

        (WebCore::Frame::nodeRespondingToScrollWheelEvents):

        Turned ancestorRespondingToScrollWheelEvents() into a lambda.

        (WebCore::ancestorRespondingToScrollWheelEvents):

        Moved to lambda in nodeRespondingToScrollWheelEvents().

        (WebCore::ancestorRespondingToClickEvents):

        Moved to lambda in nodeRespondingToClickEvents().

2018-01-29  Emilio Cobos Álvarez  <emilio@crisal.io>

        Trivially cleanup std::optional usage in RenderBlockFlow.
        https://bugs.webkit.org/show_bug.cgi?id=182142

        Reviewed by Antti Koivisto.

        No new tests, no behavior change.

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::firstLineBaseline const):
        (WebCore::RenderBlockFlow::inlineBlockBaseline const):

2018-01-29  Brent Fulgham  <bfulgham@apple.com>

        Add telemetry to track storage access API adoption
        https://bugs.webkit.org/show_bug.cgi?id=182197
        <rdar://problem/35803309>

        Reviewed by Chris Dumez.
        
        Part 1: Add telemetry for the user interaction case
        
        This patch adds telemetry to track how frequently third-party cookies are
        used in a first party context due to user interaction. This will help
        understand cases where the new Storage Access API can help, and to help
        us understand if we have considered relevant use cases in its design.

        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::setTimeToLivePartitionFree): Let the observer
        know the first party interaction duration.
        (WebCore::ResourceLoadObserver::wasAccessedWithinInteractionWindow const): Added.
        (WebCore::ResourceLoadObserver::logFrameNavigation): Note when a third party 
        resource is accessed as a first party due to user interaction. 
        (WebCore::ResourceLoadObserver::logSubresourceLoading): Ditto.
        * loader/ResourceLoadObserver.h:
        * loader/ResourceLoadStatistics.cpp:
        (WebCore::ResourceLoadStatistics::encode const): Handle new fields.
        (WebCore::ResourceLoadStatistics::decode): Ditto.
        * loader/ResourceLoadStatistics.h:

2018-01-29  Antti Koivisto  <antti@apple.com>

        CalcExpressionBlendLength::evaluate hits stack limit
        https://bugs.webkit.org/show_bug.cgi?id=182243

        Reviewed by Zalan Bujtas.

        Speculative fix to prevent nesting of CalcExpressionBlendLength.

        No test, don't know how to make one.

        * platform/CalculationValue.cpp:
        (WebCore::CalcExpressionBlendLength::CalcExpressionBlendLength):

        CalcExpressionBlendLength is only used in Length values of animated style. Normally such styles are not used
        as input for further blending but there are some paths where this could in principle happen. Repeated
        application (for each animation frame) could construct CalcExpressionBlendLength expression that blows
        the stack when evaluated.

        Speculatively fix by flattening any nesting.

        * platform/CalculationValue.h:
        (WebCore::CalcExpressionBlendLength::CalcExpressionBlendLength): Deleted.

2018-01-29  Chris Dumez  <cdumez@apple.com>

        Drop unnecessary "ServiceWorker Task Thread" in SWServer
        https://bugs.webkit.org/show_bug.cgi?id=182253

        Reviewed by Youenn Fablet.

        Drop unnecessary "ServiceWorker Task Thread" in SWServer. We're spinning a thread for
        each SWServer that is never used.

        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::~SWServer):
        (WebCore::SWServer::SWServer):
        (WebCore::SWServer::taskThreadEntryPoint): Deleted.
        (WebCore::SWServer::postTask): Deleted.
        (WebCore::SWServer::postTaskReply): Deleted.
        (WebCore::SWServer::handleTaskRepliesOnMainThread): Deleted.
        * workers/service/server/SWServer.h:

2018-01-29  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r227731.

        This caused and assertion failure in API tests.

        Reverted changeset:

        "Layout Test fast/events/beforeunload-dom-manipulation-
        crash.html is crashing"
        https://bugs.webkit.org/show_bug.cgi?id=181204
        https://trac.webkit.org/changeset/227731

2018-01-29  Brady Eidson  <beidson@apple.com>

        Make it possible for apps that use both WK1 and WK2 to use MessagePorts.
        https://bugs.webkit.org/show_bug.cgi?id=182229

        Reviewed by Chris Dumez.

        Covered by existing LayoutTests and a new API test.

        * dom/messageports/MessagePortChannel.cpp:
        (WebCore::MessagePortChannel::checkRemotePortForActivity): Don't use the global singleton
          provider. Instead use the provider that belongs to the owning registry.

        * dom/messageports/MessagePortChannelProviderImpl.cpp:
        (WebCore::MessagePortChannelProviderImpl::MessagePortChannelProviderImpl): Pass a reference
          to *this to the Registry.
        * dom/messageports/MessagePortChannelProviderImpl.h:

        * dom/messageports/MessagePortChannelRegistry.cpp:
        (WebCore::MessagePortChannelRegistry::MessagePortChannelRegistry): Keep a Provider member so
          MessagePortChannels can get to it instead of relying on the global singleton provider.
        * dom/messageports/MessagePortChannelRegistry.h:
        (WebCore::MessagePortChannelRegistry::provider):

2018-01-29  Per Arne Vollan  <pvollan@apple.com>

        Layout Test fast/events/beforeunload-dom-manipulation-crash.html is crashing
        https://bugs.webkit.org/show_bug.cgi?id=181204
        <rdar://problem/36256274>

        Reviewed by Ryosuke Niwa.

        When a frame element is moved in the DOM tree during the execution of a beforeunload handler,
        the frame will be detached when removed from its previous position in the DOM tree. When being
        detached, an attempt will also be made to stop the load by calling FrameLoader::stopAllLoaders().
        However, this method will return early when executed in a beforeunload handler, since navigation
        is not allowed then. The end result is a detached frame which will continue to load, and hitting
        asserts in DocumentLoader::dataReceived(), and DocumentLoader::notifyFinished(). It should be
        possible to stop a frame load, even when executing a beforeunload handler.

        No new tests. Covered by the existing test fast/events/beforeunload-dom-manipulation-crash.html.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::isStopLoadingAllowed const):
        (WebCore::FrameLoader::stopAllLoaders):
        * loader/FrameLoader.h:

2018-01-29  Miguel Gomez  <magomez@igalia.com>

        [CoordnatedGraphics] A child layer of a semitransparent layer isn't clipped properly
        https://bugs.webkit.org/show_bug.cgi?id=181080

        Reviewed by Žan Doberšek.

        Check whether the applied clipping area is empty before drawing the children of a TextureMapperLayer. If
        the area is empty no children will be drawn, so we can avoid drawing them.

        No new tests -- no change in behavior.

        * platform/graphics/texmap/TextureMapperLayer.cpp:
        (WebCore::TextureMapperLayer::paintSelfAndChildren):

2018-01-29  Zan Dobersek  <zdobersek@igalia.com>

        [Cairo] Add GraphicsContextImplCairo::createFactory() helpers
        https://bugs.webkit.org/show_bug.cgi?id=182238

        Reviewed by Carlos Garcia Campos.

        Instead of duplicating lambdas that return a newly-created
        GraphicsContextImplCairo object, provide static createFactory() helpers
        on that class that produce GraphicsContextImplFactory wrappers which are
        then invoked in the GraphicsContext constructor. The static functions
        accept either the PlatformContextCairo reference or the cairo_t pointer,
        invoking the proper GraphicsContextImplCairo constructor in the returned
        lambda wrapper.

        No new tests -- no change in functionality.

        * platform/graphics/cairo/GraphicsContextImplCairo.cpp:
        (WebCore::GraphicsContextImplCairo::createFactory):
        * platform/graphics/cairo/GraphicsContextImplCairo.h:
        * platform/graphics/cairo/ImageBufferCairo.cpp:
        (WebCore::ImageBuffer::ImageBuffer):
        * platform/graphics/cairo/PathCairo.cpp:
        (WebCore::Path::strokeBoundingRect const):
        (WebCore::Path::strokeContains const):
        * platform/graphics/nicosia/NicosiaPaintingContextCairo.cpp:
        (Nicosia::PaintingContextCairo::PaintingContextCairo):
        * platform/graphics/win/ImageCairoWin.cpp:
        (WebCore::BitmapImage::getHBITMAPOfSize):

2018-01-29  Zan Dobersek  <zdobersek@igalia.com>

        Construct GraphicsContext with NonPaintingReasons::NoReason in FrameView::adjustPageHeightDeprecated()
        https://bugs.webkit.org/show_bug.cgi?id=182235

        Reviewed by Carlos Garcia Campos.

        Pass the NonPaintingReasons::NoReason value to the GraphicsContext
        constructor in FrameView::adjustPageHeightDeprecated(). This has the
        same effect as when passing a null PlatformGraphicsContext to the
        constructor, which effectively disables any painting through that
        GraphicsContext, but doesn't have a platform-specific connotation.

        No new tests -- no change in functionality.

        * page/FrameView.cpp:
        (WebCore::FrameView::adjustPageHeightDeprecated):

2018-01-29  Zan Dobersek  <zdobersek@igalia.com>

        [Cairo] Remove the GraphicsContext(cairo_t*) constructor
        https://bugs.webkit.org/show_bug.cgi?id=182234

        Reviewed by Carlos Garcia Campos.

        Instead of using the GraphicsContext(cairo_t*) constructor, leverage the
        GraphicsContextImplCairo class and work with an existing Cairo context
        through that GraphicsContextImpl implementation.

        A new GraphicsContextImplCairo constructor is added, expecting pointer
        to the cairo_t object. With that, a PlatformContextCairo object is
        created, with ownership of that object now being handled by the
        GraphicsContextImplCairo class.

        Call sites of the GraphicsContext(cairo_t*) constructor are adjusted to
        instead provide a factory function that returns a fresh
        GraphicsContextImplCairo object, passing that cairo_t object to its
        constructor.

        No new tests -- no change in behavior.

        * platform/graphics/GraphicsContext.h:
        * platform/graphics/cairo/GraphicsContextCairo.cpp:
        (WebCore::GraphicsContext::GraphicsContext): Deleted.
        * platform/graphics/cairo/GraphicsContextImplCairo.cpp:
        (WebCore::GraphicsContextImplCairo::GraphicsContextImplCairo):
        (WebCore::m_private):
        * platform/graphics/cairo/GraphicsContextImplCairo.h:
        * platform/graphics/cairo/PathCairo.cpp:
        (WebCore::Path::strokeBoundingRect const):
        (WebCore::Path::strokeContains const):
        * platform/graphics/win/ImageCairoWin.cpp:
        (WebCore::BitmapImage::getHBITMAPOfSize):

2018-01-28  Minsheng Liu  <lambda@liu.ms>

        Overflow of formulas is hidden for display mathematics
        https://bugs.webkit.org/show_bug.cgi?id=160547

        Reviewed by Frédéric Wang.

        Previously, <math> with display="block" uses its container's logical width as logical width.
        However, that behavior will truncate overflowed contents. The patch fixes it by setting
        the logical width as its content width rather than its container's logical width
        if the former is wider than the latter.

        Test: mathml/presentation/display-math-horizontal-overflow.html

        * rendering/mathml/RenderMathMLRow.cpp:
        (WebCore::RenderMathMLRow::layoutBlock):

2018-01-26  Antoine Quint  <graouts@apple.com>

        [Web Animations] Distinguish between an omitted and a null timeline argument to the Animation constructor
        https://bugs.webkit.org/show_bug.cgi?id=179065
        <rdar://problem/36869046>

        Reviewed by Dean Jackson.

        The Web Animations specification requires that a missing or undefined "timeline" parameter means that the
        document's timeline should be used, but a null value should be supported. To support this, we need to provide
        a custom Animation constructor where we can check on the ExecState whether the second argument passed is
        undefined, which is true if an explicit "undefined" value is passed or if the argument does not exist.

        * Sources.txt: Add the new JSWebAnimationCustom.cpp file.
        * WebCore.xcodeproj/project.pbxproj: Add the new JSWebAnimationCustom.cpp file.
        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::create): Add a create() variant that doesn't provide an AnimationTimeline parameter
        to clearly indicate that the provided Document's timeline should be used.
        * animation/WebAnimation.h:
        * animation/WebAnimation.idl:
        * bindings/js/JSWebAnimationCustom.cpp: Added.
        (WebCore::constructJSWebAnimation): Provide a custom Animation constructor where we check whether the second
        argument, the timeline, is undefined.
        * dom/Element.cpp:
        (WebCore::Element::animate): Use the new create() variant since passing "nullptr" now means a null timeline.

2018-01-26  Ricky Mondello  <rmondello@apple.com>

        Use the standard -webkit-autofill color on iOS
        https://bugs.webkit.org/show_bug.cgi?id=182182

        Reviewed by Tim Horton.

        * css/html.css:
        (input:-webkit-autofill, input:-webkit-autofill-strong-password):

2018-01-26  Dean Jackson  <dino@apple.com>

        REGRESSION (r222961): Clear function not clearing whole screen when antialias is set to false
        https://bugs.webkit.org/show_bug.cgi?id=179368
        <rdar://problem/36111549>

        Reviewed by Sam Weinig.

        When we changed from using a CAOpenGLLayer to a regular CALayer, we should
        have also swapped the "opaque" property to "contentsOpaque".

        Covered by the existing test: fast/canvas/webgl/context-attributes-alpha.html
        (when run on some hardware!)

        * platform/graphics/cocoa/WebGLLayer.mm:
        (-[WebGLLayer initWithGraphicsContext3D:]):

2018-01-26  Mark Lam  <mark.lam@apple.com>

        Add infrastructure for pointer preparation.
        https://bugs.webkit.org/show_bug.cgi?id=182191
        <rdar://problem/36889194>

        Reviewed by JF Bastien.

        No new tests because this patch does not introduce any behavior change.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation):
        * bindings/scripts/test/JS/JSInterfaceName.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSMapLike.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestCEReactions.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestCallTracer.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
        * bindings/scripts/test/JS/JSTestEnabledBySetting.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestException.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp:
        * bindings/scripts/test/JS/JSTestIterable.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestNode.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestPluginInterface.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestSerialization.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.cpp:
        * bindings/scripts/test/JS/JSTestSerializationInherit.cpp:
        * bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp:
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestStringifier.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp:
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        (WebCore::toJSNewlyCreated):

2018-01-26  Simon Fraser  <simon.fraser@apple.com>

        REGRESSiON (r226492): Crash under Element::absoluteEventBounds() on a SVGPathElement which has not been laid out yet
        https://bugs.webkit.org/show_bug.cgi?id=182185
        rdar://problem/36836262

        Reviewed by Zalan Bujtas.

        Document::absoluteRegionForEventTargets() can fire when layout is dirty, and SVGPathElement's path() can be null if it
        hasn't been laid out yet. So protect against a null path in getBBox().

        Not easily testable because internals.nonFastScrollableRects() forces layout, and the crash depends on the timing of
        absoluteRegionForEventTargets().

        * svg/SVGPathElement.cpp:
        (WebCore::SVGPathElement::getBBox):

2018-01-26  Chris Dumez  <cdumez@apple.com>

        Offlined content does not work for apps on home screen
        https://bugs.webkit.org/show_bug.cgi?id=182070
        <rdar://problem/36843906>

        Reviewed by Youenn Fablet.

        Already registered service workers were unable to intercept the very first
        load because registration matching was happening after the registration
        was loaded from disk, but *before* its active worker was populated.

        We now initialize the registrations' active worker as soon as we load
        them from disk. We do not necessarily have a SW Context process connection
        identifier yet at this point so I made it optional on the SWServerWorker.
        This identifier gets set on the SWServerWorker when the worker is actually
        launched and gets cleared when the SWServerWorker gets terminated.

        Covered by new API test.

        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::addRegistrationFromStore):
        (WebCore::SWServer::installContextData):
        (WebCore::SWServer::terminateWorkerInternal):
        (WebCore::SWServer::workerContextTerminated):
        (WebCore::SWServer::fireInstallEvent):
        (WebCore::SWServer::fireActivateEvent):
        * workers/service/server/SWServerWorker.cpp:
        (WebCore::SWServerWorker::SWServerWorker):
        * workers/service/server/SWServerWorker.h:
        (WebCore::SWServerWorker::contextConnectionIdentifier const):
        (WebCore::SWServerWorker::setContextConnectionIdentifier):

2018-01-26  Chris Nardi  <cnardi@chromium.org>

        Addressing post-review comments after r226614
        https://bugs.webkit.org/show_bug.cgi?id=182151

        Reviewed by Myles C. Maxfield.

        * html/HTMLTextAreaElement.cpp:
        (WebCore::HTMLTextAreaElement::sanitizeUserInputValue):
        * html/TextFieldInputType.cpp:
        (WebCore::limitLength):
        * platform/LocalizedStrings.cpp:
        (WebCore::truncatedStringForLookupMenuItem):
        * rendering/updating/RenderTreeBuilderFirstLetter.cpp:
        (WebCore::RenderTreeBuilder::FirstLetter::createRenderers):

2018-01-26  Antoine Quint  <graouts@apple.com>

        [iOS] prefers-reduced-motion media query is not working
        https://bugs.webkit.org/show_bug.cgi?id=182169
        <rdar://problem/36801631>

        Reviewed by Dean Jackson.

        The code that would eventually query UIKit for the system setting was not run since USE(NEW_THEME) is off on iOS.
        Adding a PLATFORM(IOS) flag here allows the code to run.

        * css/MediaQueryEvaluator.cpp:
        (WebCore::prefersReducedMotionEvaluate):

2018-01-26  Youenn Fablet  <youenn@apple.com>

        CSP post checks should be done for service worker responses
        https://bugs.webkit.org/show_bug.cgi?id=182160

        Reviewed by Daniel Bates.

        Covered by updated test.

        Add security checks when receiving a service worker response.

        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::didReceiveResponse):
        * loader/cache/CachedResourceLoader.h:

2018-01-26  Manuel Rego Casasnovas  <rego@igalia.com>

        [css-multicol] Support percentages in column-gap
        https://bugs.webkit.org/show_bug.cgi?id=182004

        Reviewed by Javier Fernandez.

        This patch adds percentage support to column-gap property.

        Most of the changes are related to the parsing logic,
        the column-gap property now accepts both length and percentages,
        on top of the "normal" initial value.
        A new utility class GapLength has been added, as it'll be useful
        to implement row-gap in the future.

        Apart from that the muticolumn layout code has been modified
        to resolve the percentage gaps (treating them as zero while computing
        preferred widths) and resolving them during layout.
        This doesn't follow the current text on the spec, but there is an
        ongoing discussion that might cause the text is changed:
        https://github.com/w3c/csswg-drafts/issues/509#issuecomment-355242101
        We could update the implementation once we have a definitive answer
        from the CSS WG.

        Test: web-platform-tests/css/css-multicol/multicol-gap-percentage-001.html

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::valueForPropertyinStyle):
        * css/CSSProperties.json:
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertGapLength):
        * css/StyleBuilderCustom.h:
        (WebCore::forwardInheritedValue):
        * css/parser/CSSPropertyParser.cpp:
        (WebCore::consumeGapLength):
        (WebCore::CSSPropertyParser::parseSingleValue):
        * page/FrameView.cpp:
        (WebCore::FrameView::applyPaginationToViewport):
        * page/animation/CSSPropertyAnimation.cpp:
        (WebCore::blendFunc):
        (WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::columnGap const):
        * rendering/RenderMultiColumnSet.cpp:
        (WebCore::RenderMultiColumnSet::columnGap const):
        * rendering/style/GapLength.cpp: Added.
        (WebCore::operator<<):
        * rendering/style/GapLength.h: Added.
        (WebCore::GapLength::GapLength):
        (WebCore::GapLength::isNormal const):
        (WebCore::GapLength::length const):
        (WebCore::GapLength::operator== const):
        * rendering/style/RenderStyle.h:
        (WebCore::RenderStyle::columnGap const):
        (WebCore::RenderStyle::setColumnGap):
        (WebCore::RenderStyle::initialColumnGap):
        * rendering/style/StyleMultiColData.cpp:
        (WebCore::StyleMultiColData::StyleMultiColData):
        (WebCore::StyleMultiColData::operator== const):
        * rendering/style/StyleMultiColData.h:
        * style/StyleResolveForDocument.cpp:
        (WebCore::Style::resolveForDocument):

2018-01-26  Emilio Cobos Álvarez  <emilio@crisal.io>

        Remove unused RenderFragmentedFlow::createFragmentedFlowStyle.
        https://bugs.webkit.org/show_bug.cgi?id=182138

        Reviewed by Manuel Rego Casasnovas.

        Has no callers.

        No new tests, just removes unused code so no behavior change.

        * rendering/RenderFragmentedFlow.cpp:
        * rendering/RenderFragmentedFlow.h:

2018-01-26  Emilio Cobos Álvarez  <emilio@crisal.io>

        Remove useless RenderBlockFlow overrides.
        https://bugs.webkit.org/show_bug.cgi?id=182139

        Reviewed by Manuel Rego Casasnovas.

        I think these are leftovers from the CSS regions removal, looking at
        blame.

        No new tests, no behavior change.

        * rendering/RenderBlockFlow.cpp:
        * rendering/RenderBlockFlow.h:

2018-01-25  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Add InspectorShaderProgram to Unified Sources build
        https://bugs.webkit.org/show_bug.cgi?id=182084

        Reviewed by Dan Bernstein.

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * Sources.txt:
        Move to Sources.txt always.

        * inspector/InspectorShaderProgram.cpp:
        Add ENABLE(WEBGL) guard to contents.

2018-01-25  Ryosuke Niwa  <rniwa@webkit.org>

        Make scrolling to the focused element async
        https://bugs.webkit.org/show_bug.cgi?id=181575
        <rdar://problem/36459767>

        Reviewed by Simon Fraser.

        Made the revealing of the focused element asynchronous in Element::focus. Like selection, schedule a timer when
        a new element is focused, and only scroll to the focused element when the timer fires. If any other scrolling
        happens meanwhile, we cancel this timer.

        There are two Web exposed behavioral changes:
        1. The scrolling position doesn't change immediately when calling Element::focus.
        2. Only the last focused element will be revealed.

        Both behavioral changes pose its own compatibility risks but we're making a conscious decision here since
        the scrolling asynchronous has a clear performance benefit.

        There is one edge case to cosnider: when the history controller restores the scrolling position, canceling the
        timer results in a focused element in an overflow: hidden element to be never revealed. Expediate revealing of
        the focused element in this one case instead of canceling.

        Tests: fast/scrolling/scroll-to-focused-element-asynchronously.html
               fast/scrolling/scroll-to-focused-element-canceled-by-fragment-navigation.html

        * dom/Element.cpp:
        (WebCore::Element::focus): Call updateFocusAppearance on focusAppearanceUpdateTarget to handle HTMLAreaElement
        which delegates the focus appearance update to its image element.
        (WebCore::Element::focusAppearanceUpdateTarget): Extracted. Returns "this" element for all but HTMLAreaElement.
        (WebCore::Element::updateFocusAppearance): Schedule the revealing of the focused element in FrameView instead of
        synchronously scrolling to the focused element.
        * dom/Element.h:
        (WebCore::Element::defaultFocusTextStateChangeIntent):
        * html/HTMLAreaElement.cpp:
        (WebCore::HTMLAreaElement::focusAppearanceUpdateTarget): Extracted from updateFocusAppearance.
        (WebCore::HTMLAreaElement::updateFocusAppearance): Deleted.
        * html/HTMLAreaElement.h:
        * loader/HistoryController.cpp:
        (WebCore::HistoryController::restoreScrollPositionAndViewState): Reveal the focused element
        prior to restoring the scrolling location of the fragment navigation. This is needed to reveal a focused element
        inside overflow: hidden element which got focused.
        * page/FrameView.cpp:
        (WebCore::FrameView::FrameView): Added a boolean flag and a timer for scrolling to the focused element.
        (WebCore::FrameView::reset): Stop the timer and clear the flag.
        (WebCore::FrameView::maintainScrollPositionAtAnchor): Ditto when scrolling to an anchor.
        (WebCore::FrameView::setScrollPosition): Ditto when some other programatic scroll or the user scrolls the view.
        (WebCore::FrameView::scheduleScrollToFocusedElement): Added.
        (WebCore::FrameView::scrollToFocusedElementImmediatelyIfNeeded): Added.
        (WebCore::FrameView::scrollToFocusedElementTimerFired): Added.
        (WebCore::FrameView::scrollToAnchor): Stop the timer and clear the flag when scrolling to an achor.
        (WebCore::FrameView::setWasScrolledByUser): Ditto when the user scrolls.
        * page/FrameView.h:

2018-01-25  Said Abou-Hallawa  <sabouhallawa@apple.com>

        REGRESSION(r217236): [iOS] PDFDocumentImage does not update its cached ImageBuffer if it has a sub-rectangle of the image
        https://bugs.webkit.org/show_bug.cgi?id=182083

        Reviewed by Simon Fraser.

        Test: fast/images/pdf-as-image-dest-rect-change.html

        Revert the change r217236 back. Fix the issue of throwing out the cached
        ImageBuffer of the PDF document image when moving its rectangle.

        * platform/graphics/cg/PDFDocumentImage.cpp:
        (WebCore::PDFDocumentImage::cacheParametersMatch): Return the if-statement
        which was deleted in r217236 back but intersect it with dstRect. The context
        clipping rectangle can be more than the dstRect.
        (WebCore::PDFDocumentImage::updateCachedImageIfNeeded):
        -- Remove a wrong optimization which used to work for Mac only if the context
           interpolation quality is not set to low or none quality. This optimization
           does not consider the case when srcRect or destRect change after caching
           the ImageBuffer. Or even if m_cachedImageRect does not include the
           whole clipping rectangle.
        -- Move back the call to cacheParametersMatch() before changing the
           m_cachedImageRect.
        -- Always intersect the clipping rectangle with the dstRect to ensure we
           only look at the dirty rectangle inside the image boundary.
        -- If cacheParametersMatch() returns true, set m_cachedDestinationRect to
           dstRect and move m_cachedImageRect by the difference between the new
           and the old dstRects since no re-caching will happen.
        * platform/graphics/cg/PDFDocumentImage.h:
        * testing/Internals.cpp:
        (WebCore::pdfDocumentImageFromImageElement):
        (WebCore::Internals::pdfDocumentCachingCount):
        * testing/Internals.h:
        * testing/Internals.idl:
        Add an internal API which returns the number of drawing the PDF into an
        ImageBuffer.

2018-01-25  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Remove unnecessary developerExtrasEnabled checks
        https://bugs.webkit.org/show_bug.cgi?id=182156

        Reviewed by Matt Baker.

        * inspector/InspectorInstrumentation.cpp:
        (WebCore::InspectorInstrumentation::didLoadResourceFromMemoryCacheImpl):
        (WebCore::InspectorInstrumentation::frameDocumentUpdatedImpl):
        (WebCore::InspectorInstrumentation::didCreateWebSocketImpl):
        These checks should not be needed. The step above bails if there is
        no inspector frontend, and there can be no inspector frontend unless
        developer extras enabled are enabled.

2018-01-25  Wenson Hsieh  <wenson_hsieh@apple.com>

        Add localizable strings for extra-zoomed form controls
        https://bugs.webkit.org/show_bug.cgi?id=182080

        Reviewed by Tim Horton.

        Add new localizable strings. Additionally, run `update-webkit-localizable-strings` to re-sort
        Localizable.strings.

        * English.lproj/Localizable.strings:
        * platform/LocalizedStrings.cpp:
        (WebCore::formControlCancelButtonTitle):
        (WebCore::formControlHideButtonTitle):
        (WebCore::formControlGoButtonTitle):
        (WebCore::formControlSearchButtonTitle):
        (WebCore::textInputModeWriteButton):
        (WebCore::textInputModeSpeechButton):
        * platform/LocalizedStrings.h:

2018-01-25  Chris Dumez  <cdumez@apple.com>

        Access to service workers / Cache API should be disabled in sandboxed frames without allow-same-origin flag
        https://bugs.webkit.org/show_bug.cgi?id=182140
        <rdar://problem/36879952>

        Reviewed by Youenn Fablet.

        Throw a SecurityError when accessing navigator.serviceWorker or window.caches inside a sandboxed iframe
        without the allow-same-origin flag. This behavior is consistent with Chrome. Firefox, however, seems
        to return these objects but have their API reject promises with a SecurityError instead.

        No new tests, rebaselined existing tests.

        * Modules/cache/DOMWindowCaches.cpp:
        (WebCore::DOMWindowCaches::caches): Deleted.
        * Modules/cache/DOMWindowCaches.h:
        * Modules/cache/DOMWindowCaches.idl:
        * page/NavigatorBase.cpp:
        * page/NavigatorBase.h:
        * page/NavigatorServiceWorker.idl:

2018-01-25  Chris Dumez  <cdumez@apple.com>

        Clients.get(id) should only returns clients in the service worker's origin
        https://bugs.webkit.org/show_bug.cgi?id=182149
        <rdar://problem/36882310>

        Reviewed by Youenn Fablet.

        When looking for SW clients with a given identifier, only look in the list of
        clients that have the same origin as the service worker.

        No new tests, rebaselined existing test.

        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::serviceWorkerClientWithOriginByID const):
        (WebCore::SWServer::serviceWorkerClientByID const): Deleted.
        * workers/service/server/SWServer.h:
        * workers/service/server/SWServerWorker.cpp:
        (WebCore::SWServerWorker::findClientByIdentifier const):
        * workers/service/server/SWServerWorker.h:

2018-01-25  Youenn Fablet  <youenn@apple.com>

        WebPluginInfoProvider should handle null host queries
        https://bugs.webkit.org/show_bug.cgi?id=182112

        Reviewed by Chris Dumez.

        No change of behavior.

        Removed assertion that is not always true, as shown by API tests.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::responseReceived):

2018-01-25  Youenn Fablet  <youenn@apple.com>

        ShapeOutside should use same origin credentials mode
        https://bugs.webkit.org/show_bug.cgi?id=182141

        Reviewed by Chris Dumez.

        Covered by updated test.
        As per https://drafts.csswg.org/css-shapes/#shape-outside-property, ShapeOutside images
        should be fetched with anonymous cors mode, meaning credentials should be set to same-origin.

        * style/StylePendingResources.cpp:
        (WebCore::Style::loadPendingImage):

2018-01-25  John Wilander  <wilander@apple.com>

        Make sure we have a frame as we iterate in ResourceLoadObserver::nonNullOwnerURL()
        https://bugs.webkit.org/show_bug.cgi?id=182116
        <rdar://problem/36210134>

        Reviewed by Alex Christensen.

        No new tests. No known repro case, just crash logs.

        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::nonNullOwnerURL const):

2018-01-25  Jer Noble  <jer.noble@apple.com>

        Move ImageDecoderAVFObjC from using AVSampleBufferGenerator to AVAssetReaderOutput for parsing
        https://bugs.webkit.org/show_bug.cgi?id=182091

        Reviewed by Eric Carlson.

        No new tests; should be covered by existing tests.

        AVSampleBufferGenerator is not available on iOS, so in order to enable ImageDecoderAVFObjC there,
        we must adopt a similar API which is available both on iOS and macOS: AVAssetReaderOutput. Unlike
        the generator, AVAssetReaderOutput doesn't necessarily generate samples in decode order, so we'll
        repurpose the SampleMap from EME to hold the decoded samples as well as their generated images.

        * Modules/mediasource/SampleMap.cpp:
        * Modules/mediasource/SampleMap.h:
        (WebCore::SampleMap::size const):
        * platform/MIMETypeRegistry.cpp:
        (WebCore::MIMETypeRegistry::isSupportedImageVideoOrSVGMIMEType):
        * platform/MediaSample.h:
        (WebCore::MediaSample::hasAlpha const):
        * platform/graphics/ImageDecoder.cpp:
        (WebCore::ImageDecoder::create):
        (WebCore::ImageDecoder::supportsMediaType):
        * platform/graphics/avfoundation/MediaSampleAVFObjC.h: Make non-final.
        (WebCore::MediaSampleAVFObjC::sampleBuffer const):
        (WebCore::MediaSampleAVFObjC::MediaSampleAVFObjC):
        * platform/graphics/avfoundation/objc/ImageDecoderAVFObjC.h:
        * platform/graphics/avfoundation/objc/ImageDecoderAVFObjC.mm:
        (WebCore::ImageDecoderAVFObjCSample::create):
        (WebCore::ImageDecoderAVFObjCSample::sampleBuffer const):
        (WebCore::ImageDecoderAVFObjCSample::image const):
        (WebCore::ImageDecoderAVFObjCSample::setImage):
        (WebCore::ImageDecoderAVFObjCSample::ImageDecoderAVFObjCSample):
        (WebCore::ImageDecoderAVFObjCSample::cacheMetadata):
        (WebCore::toSample):
        (WebCore::ImageDecoderAVFObjC::readSamples):
        (WebCore::ImageDecoderAVFObjC::storeSampleBuffer):
        (WebCore::ImageDecoderAVFObjC::advanceCursor):
        (WebCore::ImageDecoderAVFObjC::setTrack):
        (WebCore::ImageDecoderAVFObjC::encodedDataStatus const):
        (WebCore::ImageDecoderAVFObjC::repetitionCount const):
        (WebCore::ImageDecoderAVFObjC::frameIsCompleteAtIndex const):
        (WebCore::ImageDecoderAVFObjC::frameDurationAtIndex const):
        (WebCore::ImageDecoderAVFObjC::frameHasAlphaAtIndex const):
        (WebCore::ImageDecoderAVFObjC::createFrameImageAtIndex):
        (WebCore::ImageDecoderAVFObjC::setData):
        (WebCore::ImageDecoderAVFObjC::clearFrameBufferCache):
        (WebCore::ImageDecoderAVFObjC::sampleAtIndex const):
        (WebCore::ImageDecoderAVFObjC::readSampleMetadata): Deleted.

2018-01-25  Youenn Fablet  <youenn@apple.com>

        DocumentThreadableLoader should ensure service worker is not reused if redirection comes from the network
        https://bugs.webkit.org/show_bug.cgi?id=182137

        Reviewed by Chris Dumez.

        Covered by rebased test.
        In case redirection does not come from memory cache or service worker, disable service worker interception when following the redirection.

        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::redirectReceived):

2018-01-25  Youenn Fablet  <youenn@apple.com>

        DocumentLoader should interrupt ongoing load when getting a redirection from network that matches a service worker
        https://bugs.webkit.org/show_bug.cgi?id=182115

        Reviewed by Alex Christensen.

        Covered by rebased test.

        In case a navigation load is going to the network process,
        we need to interrupt it if having a redirection that leads to a new request going to a service worker.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::redirectReceived):

2018-01-25  Chris Dumez  <cdumez@apple.com>

        Registering same scope as the script directory without the last slash should fail
        https://bugs.webkit.org/show_bug.cgi?id=182122
        <rdar://problem/36877167>

        Reviewed by Youenn Fablet.

        This aligns our behavior with Firefox and Chrome.

        No new tests, rebaselined existing test.

        * workers/service/ServiceWorkerJob.cpp:
        (WebCore::ServiceWorkerJob::didReceiveResponse):

2018-01-25  Antoine Quint  <graouts@apple.com>

        [Web Animations] Expose the reverse() method
        https://bugs.webkit.org/show_bug.cgi?id=182100
        <rdar://problem/36867117>

        Reviewed by Dean Jackson.

        We expose and implement the reverse() method on Animation as specified.

        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::setPlaybackRate):
        (WebCore::WebAnimation::reverse):
        * animation/WebAnimation.h:
        * animation/WebAnimation.idl:

2018-01-25  Antoine Quint  <graouts@apple.com>

        [Web Animations] Account for provided easings when computing progress and resolving keyframe effect values
        https://bugs.webkit.org/show_bug.cgi?id=182098
        <rdar://problem/36866149>

        Reviewed by Dean Jackson.

        We now account for the timing functions provided through the "easing" propreties on whole animation effects
        and individual keyframes. Exposing those exposed shortcomings of our keyframe resolution in general through
        WPT tests so we now implement the "effect value of a keyframe effect" procedure from the spec to correctly
        resolve keyframes in KeyframeEffect::setAnimatedPropertiesInStyle(). The tests also showed some shortcomings
        in our TimingFunction code where our step() function resolution wasn't fully compliant and our cubic-bezier()
        resolution not accurate enough. We now have microsecond accuracy when resolving cubic-bezier() timing functions
        and identify cubic-bezier(0, 0, 0, 0), cubic-bezier(0, 0, 1, 1) and cubic-bezier(1, 1, 1, 1) as linear timing
        functions, as called out by the WPT tests.

        * animation/AnimationEffect.cpp:
        (WebCore::AnimationEffect::transformedProgress const): Account for the effect-wide timing function when computing
        the progress.
        (WebCore::AnimationEffect::iterationProgress const): Use the transformed progress now that we support this procedure.
        * animation/AnimationEffect.h:
        * animation/KeyframeEffect.cpp:
        (WebCore::KeyframeEffect::apply): We now use the computed progress from AnimationEffect rather than compute based
        on the provided time, which we've dropped as an argument.
        (WebCore::KeyframeEffect::getAnimatedStyle):
        (WebCore::KeyframeEffect::setAnimatedPropertiesInStyle): Implement the "effect value of a keyframe effect" procedure
        in full as specified (save for composite operations).
        (WebCore::KeyframeEffect::applyAtLocalTime): Deleted.
        * animation/KeyframeEffect.h:
        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::resolve):
        * css/CSSTimingFunctionValue.h: Fix a small error made in a previous patch where we used "int" instead of "unsigned".
        * platform/animation/TimingFunction.cpp:
        (WebCore::TimingFunction::transformTime const):
        * platform/animation/TimingFunction.h:

2018-01-25  Antoine Quint  <graouts@apple.com>

        [Web Animations] Avoid querying the current time multiple time when resolving the play state
        https://bugs.webkit.org/show_bug.cgi?id=182099

        Reviewed by Dean Jackson.

        No test change since this shouldn't cause any change in behavior.

        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::playState const):

2018-01-25  Youenn Fablet  <youenn@apple.com>

        Set integrity fetch options for loading scripts and CSS
        https://bugs.webkit.org/show_bug.cgi?id=182077

        Reviewed by Chris Dumez.

        Covered by updated test.

        Set integrity fetch option in script and CSS loading.

        * bindings/js/CachedModuleScriptLoader.cpp:
        (WebCore::CachedModuleScriptLoader::load):
        * bindings/js/CachedScriptFetcher.cpp:
        (WebCore::CachedScriptFetcher::requestModuleScript const):
        (WebCore::CachedScriptFetcher::requestScriptWithCache const):
        * bindings/js/CachedScriptFetcher.h:
        * dom/LoadableClassicScript.cpp:
        (WebCore::LoadableClassicScript::load):
        * dom/ScriptElementCachedScriptFetcher.cpp:
        (WebCore::ScriptElementCachedScriptFetcher::requestModuleScript const):
        * dom/ScriptElementCachedScriptFetcher.h:
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::process):

2018-01-25  Zan Dobersek  <zdobersek@igalia.com>

        [Cairo] Use GraphicsContextImplCairo in Nicosia::PaintingContextCairo
        https://bugs.webkit.org/show_bug.cgi?id=182094

        Reviewed by Carlos Garcia Campos.

        Have Nicosia::PaintingContextCairo create a GraphicsContext object that
        utilizes a factory function which returns a freshly-allocated
        GraphicsContextImplCairo through which all the painting is then done.
        This moves GraphicsLayer painting over to using the GraphicsContextImpl
        infrastructure.

        No new tests -- no changes in behavior.

        * platform/graphics/nicosia/NicosiaPaintingContextCairo.cpp:
        (Nicosia::PaintingContextCairo::PaintingContextCairo):

2018-01-24  Frederic Wang  <fwang@igalia.com>

        ScrollingStateNode::reconcileLayerPositionForViewportRect is only called on direct children of the root
        https://bugs.webkit.org/show_bug.cgi?id=179946

        Reviewed by Simon Fraser.

        ScrollingStateNode::reconcileLayerPositionForViewportRect is currently only called on the
        direct children of root of the scrolling tree. Hence nodes like "position: fixed" will not
        update their layers after scrolling when they are deeper in the tree. This is already
        possible on iOS with overflow nodes and will happen with subframes when async scrolling is
        implemented. This commit fixes that issue by recursively calling the function
        ScrollingStateNode::reconcileLayerPositionForViewportRect on the scrolling tree.

        Test: fast/scrolling/ios/reconcile-layer-position-recursive.html

        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::reconcileViewportConstrainedLayerPositions): Just call
        reconcileLayerPositionForViewportRect on the root node.
        * page/scrolling/ScrollingStateNode.cpp:
        (WebCore::ScrollingStateNode::reconcileLayerPositionForViewportRect): By default, this
        function now recursively calls reconcileLayerPositionForViewportRect on the children.
        * page/scrolling/ScrollingStateNode.h:
        * page/scrolling/ScrollingStateFixedNode.cpp:
        (WebCore::ScrollingStateFixedNode::reconcileLayerPositionForViewportRect): Call the function
        on children.
        * page/scrolling/ScrollingStateStickyNode.cpp:
        (WebCore::ScrollingStateStickyNode::reconcileLayerPositionForViewportRect): Ditto.

2018-01-24  Zan Dobersek  <zdobersek@igalia.com>

        [Cairo] Use GraphicsContextImplCairo for ImageBuffer context
        https://bugs.webkit.org/show_bug.cgi?id=181977

        Reviewed by Carlos Garcia Campos.

        Enhance the GraphicsContextImpl interface to the point of enabling the
        Cairo-based implementation to be used for GraphicsContext construction
        in ImageBufferCairo.cpp.

        In order to enable GraphicsContextImpl implementations to properly
        manage PlatformGraphicsContext objects, the hasPlatformContext() and
        platformContext() methods are added. Cairo implementation returns true
        in the first method, and returns pointer to the PlatformContextCairo
        object in the second. The DisplayList::Recorder, due to its recording
        nature, doesn't manage such an object, so it returns false and nullptr,
        respectively.

        GraphicsContextImpl also gains the setCTM(), getCTM(), clipBounds() and
        roundToDevicePixels() methods, corresponding to the GraphicsContext
        methods that now invoke these new methods on any existing m_impl object.
        GraphicsContextImplCairo implementations mimic the existing behavior in
        the Cairo-specific GraphicsContext methods, but DisplayList::Recorder
        implementations remain no-op, logging the invocation but doing nothing
        otherwise.

        drawImage() and drawTiledImage() methods on the GraphicsContextImpl
        interface are changed to return the ImageDrawResult value, corresponding
        to what's been done in the method. In DisplayList::Recorder, the methods
        return ImageDrawResult::DidRecord, while in GraphicsContextImplCairo the
        methods return the return result of Image::draw() or Image::drawTiled()
        call.

        To make the protected Image::draw() and Image::drawTiled() methods
        accessible, invocations of those are packed into static drawImageImpl()
        and drawTiledImageImpl() functions on the GraphicsContextImpl class.
        This makes it possible to simply declare GraphicsContextImpl class as a
        friend class of Image, and not every specific GraphicsContextImpl
        derivation. Implementations of these functions mirror behavior of the
        drawImage() and drawTiledImage() methods on the GraphicsContext class,
        when an m_impl object isn't present, constructing a scope-tied
        InterpolationQualityMaintainer object and invoking the relevant Image
        method.

        To make immediate use of the new GraphicsContextImplCairo functionality,
        the GraphicsContext construction in Cairo-specific ImageBuffer
        implementation now uses a factory function that returns a new
        GraphicsContextImplCairo object through which the given
        PlatformContextCairo is used for painting.

        No new tests -- no change in functionality.

        * platform/graphics/GraphicsContext.cpp:
        (WebCore::GraphicsContext::hasPlatformContext const):
        (WebCore::GraphicsContext::drawImage):
        (WebCore::GraphicsContext::drawTiledImage):
        * platform/graphics/GraphicsContext.h:
        (WebCore::GraphicsContext::hasPlatformContext const): Deleted.
        * platform/graphics/GraphicsContextImpl.cpp:
        (WebCore::GraphicsContextImpl::drawImageImpl):
        (WebCore::GraphicsContextImpl::drawTiledImageImpl):
        * platform/graphics/GraphicsContextImpl.h:
        * platform/graphics/Image.h:
        * platform/graphics/cairo/GraphicsContextCairo.cpp:
        (WebCore::GraphicsContext::getCTM const):
        (WebCore::GraphicsContext::platformContext const):
        (WebCore::GraphicsContext::clipBounds const):
        (WebCore::GraphicsContext::roundToDevicePixels):
        (WebCore::GraphicsContext::setCTM):
        * platform/graphics/cairo/GraphicsContextImplCairo.cpp:
        (WebCore::m_private):
        (WebCore::GraphicsContextImplCairo::~GraphicsContextImplCairo):
        (WebCore::GraphicsContextImplCairo::hasPlatformContext const):
        (WebCore::GraphicsContextImplCairo::platformContext const):
        (WebCore::GraphicsContextImplCairo::updateState):
        (WebCore::GraphicsContextImplCairo::setLineCap):
        (WebCore::GraphicsContextImplCairo::setLineDash):
        (WebCore::GraphicsContextImplCairo::setLineJoin):
        (WebCore::GraphicsContextImplCairo::setMiterLimit):
        (WebCore::GraphicsContextImplCairo::fillRect):
        (WebCore::GraphicsContextImplCairo::fillRoundedRect):
        (WebCore::GraphicsContextImplCairo::fillRectWithRoundedHole):
        (WebCore::GraphicsContextImplCairo::fillPath):
        (WebCore::GraphicsContextImplCairo::fillEllipse):
        (WebCore::GraphicsContextImplCairo::strokeRect):
        (WebCore::GraphicsContextImplCairo::strokePath):
        (WebCore::GraphicsContextImplCairo::strokeEllipse):
        (WebCore::GraphicsContextImplCairo::clearRect):
        (WebCore::GraphicsContextImplCairo::drawGlyphs):
        (WebCore::GraphicsContextImplCairo::drawImage):
        (WebCore::GraphicsContextImplCairo::drawTiledImage):
        (WebCore::GraphicsContextImplCairo::drawNativeImage):
        (WebCore::GraphicsContextImplCairo::drawPattern):
        (WebCore::GraphicsContextImplCairo::drawRect):
        (WebCore::GraphicsContextImplCairo::drawLine):
        (WebCore::GraphicsContextImplCairo::drawLinesForText):
        (WebCore::GraphicsContextImplCairo::drawLineForDocumentMarker):
        (WebCore::GraphicsContextImplCairo::drawEllipse):
        (WebCore::GraphicsContextImplCairo::drawFocusRing):
        (WebCore::GraphicsContextImplCairo::save):
        (WebCore::GraphicsContextImplCairo::restore):
        (WebCore::GraphicsContextImplCairo::translate):
        (WebCore::GraphicsContextImplCairo::rotate):
        (WebCore::GraphicsContextImplCairo::scale):
        (WebCore::GraphicsContextImplCairo::concatCTM):
        (WebCore::GraphicsContextImplCairo::setCTM):
        (WebCore::GraphicsContextImplCairo::getCTM):
        (WebCore::GraphicsContextImplCairo::beginTransparencyLayer):
        (WebCore::GraphicsContextImplCairo::endTransparencyLayer):
        (WebCore::GraphicsContextImplCairo::clip):
        (WebCore::GraphicsContextImplCairo::clipOut):
        (WebCore::GraphicsContextImplCairo::clipPath):
        (WebCore::GraphicsContextImplCairo::clipBounds):
        (WebCore::GraphicsContextImplCairo::roundToDevicePixels):
        (WebCore::m_platformContext): Deleted.
        * platform/graphics/cairo/GraphicsContextImplCairo.h:
        * platform/graphics/cairo/ImageBufferCairo.cpp:
        (WebCore::ImageBuffer::ImageBuffer):
        * platform/graphics/cg/GraphicsContextCG.cpp:
        (WebCore::GraphicsContext::clipBounds const):
        (WebCore::GraphicsContext::setCTM):
        (WebCore::GraphicsContext::getCTM const):
        (WebCore::GraphicsContext::roundToDevicePixels):
        * platform/graphics/displaylists/DisplayListRecorder.cpp:
        (WebCore::DisplayList::Recorder::drawImage):
        (WebCore::DisplayList::Recorder::drawTiledImage):
        (WebCore::DisplayList::Recorder::drawNativeImage):
        (WebCore::DisplayList::Recorder::setCTM):
        (WebCore::DisplayList::Recorder::getCTM):
        (WebCore::DisplayList::Recorder::clipBounds):
        (WebCore::DisplayList::Recorder::roundToDevicePixels):
        * platform/graphics/displaylists/DisplayListRecorder.h:

2018-01-24  Christopher Reid  <chris.reid@sony.com>

        Linker error in ShareableBitmapCairo.cpp  undefined reference to WebCore::Cairo::ShadowState::ShadowState
        https://bugs.webkit.org/show_bug.cgi?id=182060

        Reviewed by Žan Doberšek.

        No new tests, no change in behavior.

        Added exports to WebCore::Cairo::ShadowState::ShadowState.

        * platform/graphics/cairo/CairoOperations.h:

2018-01-24  Basuke Suzuki  <Basuke.Suzuki@sony.com>

        [Curl] Implement didSendData client callback.
        https://bugs.webkit.org/show_bug.cgi?id=182063

        Reviewed by Alex Christensen.

        No new tests (covered by existing tests).

        * platform/network/curl/CurlDownload.h:
        * platform/network/curl/CurlRequest.cpp:
        (WebCore::CurlRequest::willSendData):
        * platform/network/curl/CurlRequestClient.h:
        * platform/network/curl/ResourceHandleCurlDelegate.cpp:
        (WebCore::ResourceHandleCurlDelegate::curlDidSendData):
        * platform/network/curl/ResourceHandleCurlDelegate.h:

2018-01-24  Jiewen Tan  <jiewen_tan@apple.com>

        [WebAuthN] Implement PublicKeyCredential’s [[DiscoverFromExternalSource]] with a dummy authenticator
        https://bugs.webkit.org/show_bug.cgi?id=182032
        <rdar://problem/36459922>

        Reviewed by Brent Fulgham.

        This patch implements PublicKeyCredential's [[DiscoverFromExternalSource]] from
        https://www.w3.org/TR/webauthn/#getAssertion as of 5 December 2017. In order to
        do testing, a dummy authenticator is implemented to exercise a failure and a
        pass path. A number of dependencies need to be resolved later in order to comply
        with the spec, which are marked by FIXME in the patch and tracked by proper
        bugs. Those dependencies will be addressed once the first prototype is finshed.

        Tests: http/tests/webauthn/public-key-credential-get-with-invalid-parameters.https.html
               http/wpt/credential-management/credentialscontainer-store-basics.https.html
               http/wpt/webauthn/public-key-credential-get-failure.https.html
               http/wpt/webauthn/public-key-credential-get-success.https.html

        * Modules/credentialmanagement/CredentialsContainer.cpp:
        (WebCore::CredentialsContainer::get):
        (WebCore::CredentialsContainer::isCreate):
        Fixes some minor issues.
        * Modules/webauthn/Authenticator.cpp:
        (WebCore::Authenticator::getAssertion const):
        * Modules/webauthn/Authenticator.h:
        (WebCore::Authenticator::AssertionReturnBundle::AssertionReturnBundle):
        * Modules/webauthn/PublicKeyCredential.cpp:
        (WebCore::PublicKeyCredential::collectFromCredentialStore):
        Changed a parameter type.
        (WebCore::PublicKeyCredential::discoverFromExternalSource):
        (WebCore::PublicKeyCredential::create):
        Improved some comments.
        * Modules/webauthn/PublicKeyCredential.h:
        * Modules/webauthn/PublicKeyCredentialRequestOptions.h:
        (): Deleted.
        * bindings/js/JSAuthenticatorResponseCustom.cpp:
        (WebCore::toJSNewlyCreated):

2018-01-24  Dean Jackson  <dino@apple.com>

        Move WebGL's colorspace code into IOSurface
        https://bugs.webkit.org/show_bug.cgi?id=182076
        <rdar://problem/36846863>

        Reviewed by Simon Fraser, with assistance from Tim Horton.

        Rather than have WebGLLayer talk directly to an IOSurfaceRef,
        use a helper function on WebCore::IOSurface.

        No behaviour change.

        * platform/graphics/cocoa/IOSurface.h:
        * platform/graphics/cocoa/IOSurface.mm:
        (WebCore::IOSurface::migrateColorSpaceToProperties): Add new helper.
        * platform/graphics/cocoa/WebGLLayer.mm:
        (-[WebGLLayer allocateIOSurfaceBackingStoreWithSize:usingAlpha:]): The
        newly created IOSurfaces call the helper to set up their colorspace.

2018-01-24  Dean Jackson  <dino@apple.com>

        Add a note about not implementing these functions without discussion.
        <rdar://problem/36666458>

        * html/canvas/WebGL2RenderingContext.cpp:
        (WebCore::WebGL2RenderingContext::clientWaitSync):
        (WebCore::WebGL2RenderingContext::getSyncParameter):

2018-01-24  Youenn Fablet  <youenn@apple.com>

        Opaque being-loaded responses should clone their body
        https://bugs.webkit.org/show_bug.cgi?id=182056

        Reviewed by Brady Eidson.

        Test: http/wpt/service-workers/clone-opaque-being-loaded-response.https.html

        When cloning a being-loaded response, make sure we create a ReadableStream.
        Before the patch, the readableStream was not created in that case for opaque responses.

        * Modules/fetch/FetchBodyOwner.cpp:
        (WebCore::FetchBodyOwner::readableStream):
        (WebCore::FetchBodyOwner::createReadableStream):
        * Modules/fetch/FetchBodyOwner.h:
        * Modules/fetch/FetchResponse.cpp:
        (WebCore::FetchResponse::clone):

2018-01-24  Chris Dumez  <cdumez@apple.com>

        close() operation should not be exposed inside a ServiceWorkerGlobalScope
        https://bugs.webkit.org/show_bug.cgi?id=182057

        Reviewed by Youenn Fablet.

        Move close() from WorkerGlobalScope to DedicatedWorkerGlobalScope as per:
        - https://html.spec.whatwg.org/multipage/workers.html#dedicatedworkerglobalscope

        This change to the specification was made to avoid exposing this deprecated
        features to service workers (which are new).

        No new tests, rebaselined existing test.

        * workers/DedicatedWorkerGlobalScope.idl:
        * workers/WorkerGlobalScope.idl:

2018-01-24  David Hyatt  <hyatt@apple.com>

        Implement line clamp for mail.
        https://bugs.webkit.org/show_bug.cgi?id=180818

        Reviewed by Dean Jackson.

        This patch implements a form of clamping that can clamp lines at both the top
        and the bottom, and the interior can be replaced with a DOM element (identified
        by id) that replaces the middle section.

        The implementation derives from the multicolumn classes, but ultimately the
        clamp should derive from the fragmentset classes instead (with most of the current
        multicolumn code moving into base classes).

        The virtualization of many of the multicolumn functions is something that would happen
        once we move pages/printing over to this pagination model anyway.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        Add the new clamp classes.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::valueForPropertyinStyle):
        * css/CSSProperties.json:
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyValueWebkitLinesClamp):
        * css/parser/CSSParser.cpp:
        (WebCore::CSSParserContext::CSSParserContext):
        * css/parser/CSSParserMode.h:
        (WebCore::CSSParserContextHash::hash):
        * css/parser/CSSPropertyParser.cpp:
        (WebCore::consumeLinesClamp):
        (WebCore::CSSPropertyParser::parseSingleValue):
        Implement the new CSS property, webkit-lines-clamp. This is only exposed if a preference
        is set, so it is not exposed to the Web.

        * page/Settings.yaml:
        Add a new setting to control allowing access to the new CSS property.

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::willCreateColumns const):
        Make sure columns are created when lines clamp is set.

        (WebCore::getHeightForLineCount):
        (WebCore::RenderBlockFlow::logicalHeightForLineCount):
        (WebCore::RenderBlockFlow::logicalHeightExcludingLineCount):
        (WebCore::RenderBlockFlow::layoutExcludedChildren):
        (WebCore::RenderBlockFlow::heightForLineCount): Deleted.
        * rendering/RenderBlockFlow.h:
        Re-use the same clamping logic as the old line clamp code, but modernize it to work
        with writing modes and to be able to go backwards from the end of the block.

        * rendering/RenderDeprecatedFlexibleBox.cpp:
        (WebCore::RenderDeprecatedFlexibleBox::applyLineClamp):
        The line count method got renamed to have the word "logical" in it, since it now
        works with vertical writing.

        * rendering/RenderFragmentContainer.cpp:
        (WebCore::RenderFragmentContainer::pageLogicalHeightForOffset const):
        * rendering/RenderFragmentContainer.h:
        Since line clamp sets have variable page heights, this new method takes the offset
        as an argument so that it can return the appropriate page for the given offset.
        This method will eventually be used by printing/page sets as well, since pages
        can have variable heights.

        * rendering/RenderFragmentedFlow.cpp:
        (WebCore::RenderFragmentedFlow::validateFragments):
        (WebCore::RenderFragmentedFlow::pageLogicalHeightForOffset const):
        (WebCore::RenderFragmentedFlow::pageRemainingLogicalHeightForOffset const):
        * rendering/RenderFragmentedFlow.h:
        Support for variable page heights in a fragment set.

        * rendering/RenderLinesClampFlow.cpp: Added.
        (WebCore::RenderLinesClampFlow::RenderLinesClampFlow):
        (WebCore::RenderLinesClampFlow::renderName const):
        (WebCore::RenderLinesClampFlow::layout):
        (WebCore::RenderLinesClampFlow::createMultiColumnSet):
        (WebCore::RenderLinesClampFlow::isChildAllowedInFragmentedFlow const):
        (WebCore::RenderLinesClampFlow::layoutFlowExcludedObjects):
        * rendering/RenderLinesClampFlow.h: Added.
        * rendering/RenderLinesClampSet.cpp: Added.
        (WebCore::RenderLinesClampSet::RenderLinesClampSet):
        (WebCore::RenderLinesClampSet::recalculateColumnHeight):
        (WebCore::RenderLinesClampSet::computeLogicalHeight const):
        (WebCore::RenderLinesClampSet::columnCount const):
        (WebCore::RenderLinesClampSet::columnRectAt const):
        (WebCore::RenderLinesClampSet::columnIndexAtOffset const):
        (WebCore::RenderLinesClampSet::pageLogicalTopForOffset const):
        (WebCore::RenderLinesClampSet::pageLogicalHeightForOffset const):
        (WebCore::RenderLinesClampSet::fragmentedFlowPortionRectAt const):
        (WebCore::RenderLinesClampSet::fragmentedFlowPortionOverflowRect):
        (WebCore::RenderLinesClampSet::customBlockProgressionAdjustmentForColumn const):
        (WebCore::RenderLinesClampSet::renderName const):
        * rendering/RenderLinesClampSet.h: Added.
        The new classes. They subclass all the methods necessary to do multi-pass layout,
        and to determine the page heights of each section.

        * rendering/RenderMultiColumnFlow.cpp:
        (WebCore::RenderMultiColumnFlow::isColumnSpanningDescendant const):
        (WebCore::isValidColumnSpanner):
        (WebCore::RenderMultiColumnFlow::processPossibleSpannerDescendant):
        (WebCore::RenderMultiColumnFlow::createMultiColumnSet):
        * rendering/RenderMultiColumnFlow.h:
        * rendering/RenderMultiColumnSet.cpp:
        (WebCore::RenderMultiColumnSet::collectLayerFragments):
        (WebCore::RenderMultiColumnSet::columnTranslationForOffset const):
        * rendering/RenderMultiColumnSet.h:
        (WebCore::RenderMultiColumnSet::skipLayerFragmentCollectionForColumn const):
        (WebCore::RenderMultiColumnSet::customBlockProgressionAdjustmentForColumn const):
        Virtualized methods so that lines clamp can subclass and change behavior.

        * rendering/RenderObject.h:
        (WebCore::RenderObject::isRenderLinesClampFlow const):
        (WebCore::RenderObject::isRenderLinesClampSet const):
        Add new functions for type checking.

        * rendering/RenderRubyText.cpp:
        Include adjustment.

        * rendering/style/LineClampValue.h:
        (WebCore::LinesClampValue::LinesClampValue):
        (WebCore::LinesClampValue::isNone const):
        (WebCore::LinesClampValue::operator== const):
        (WebCore::LinesClampValue::operator!= const):
        (WebCore::LinesClampValue::start const):
        (WebCore::LinesClampValue::end const):
        (WebCore::LinesClampValue::center const):
        * rendering/style/RenderStyle.h:
        (WebCore::RenderStyle::linesClamp const):
        (WebCore::RenderStyle::hasLinesClamp const):
        (WebCore::RenderStyle::setLinesClamp):
        (WebCore::RenderStyle::initialLinesClamp):
        (WebCore::RenderStyle::hasInlineColumnAxis const):
        * rendering/style/StyleRareNonInheritedData.cpp:
        (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):
        (WebCore::StyleRareNonInheritedData::operator== const):
        * rendering/style/StyleRareNonInheritedData.h:
        The front end style implementation of the new property.

        * rendering/updating/RenderTreeBuilderMultiColumn.cpp:
        (WebCore::RenderTreeBuilder::MultiColumn::createFragmentedFlow):
        Make sure to build the correct renderer when lines clamp is set.

2018-01-24  Basuke Suzuki  <Basuke.Suzuki@sony.com>

        [Curl] Allocate CurlSSLVerifier only when it is required.
        https://bugs.webkit.org/show_bug.cgi?id=182061

        CurlSSLVerifier was a member function of CurlRequest. This patch do
        lazy initialization of it only when actually it is required.
        Also configuration method is not required by moving those stuff to
        constructor of SSLVerifier which makes much safer because there's
        no change to change its behavior from outside.

        Reviewed by Alex Christensen.

        * platform/network/curl/CurlRequest.cpp:
        (WebCore::CurlRequest::willSetupSslCtx):
        (WebCore::CurlRequest::didCompleteTransfer):
        (WebCore::CurlRequest::finalizeTransfer):
        * platform/network/curl/CurlRequest.h:
        * platform/network/curl/CurlSSLVerifier.cpp:
        (WebCore::CurlSSLVerifier::CurlSSLVerifier):
        (WebCore::CurlSSLVerifier::setSslCtx): Deleted.
        * platform/network/curl/CurlSSLVerifier.h:
        (WebCore::CurlSSLVerifier::setCurlHandle): Deleted.
        (WebCore::CurlSSLVerifier::setHostName): Deleted.

2018-01-24  Antti Koivisto  <antti@apple.com>

        Assertion failure in RenderMultiColumnSet::requiresBalancing() on fast/multicol/spanner-crash-when-adding-summary.html
        https://bugs.webkit.org/show_bug.cgi?id=179308
        <rdar://problem/34592771>

        Reviewed by Zalan Bujtas.

        The issue here is that we fail to tear down render tree for a summary element because adding another summary element
        takes it out of the composed tree. This leaves behind renderers that break some multicolumn assumptions.

        * rendering/updating/RenderTreeUpdater.cpp:
        (WebCore::RenderTreeUpdater::tearDownRenderers):
        (WebCore::RenderTreeUpdater::tearDownLeftoverShadowHostChildren):

        When tearing down renderers go through the real children of the shadow hosts at the end and see if we left any renderers behind.
        If so, tear them down too.

        * rendering/updating/RenderTreeUpdater.h:

2018-01-24  Daniel Bates  <dabates@apple.com>

        [CSP] Check policy for targeted windows when navigating to a JavaScript URL
        https://bugs.webkit.org/show_bug.cgi?id=182018
        <rdar://problem/36795781>

        Reviewed by Brent Fulgham.

        Move the CSP check to be earlier in the function.

        Test: http/tests/security/contentSecurityPolicy/window-open-javascript-url-with-target-blocked.html

        * loader/FrameLoader.cpp:
        (WebCore::createWindow):

2018-01-24  Chris Dumez  <cdumez@apple.com>

        Add a IPC::SendSyncOption indicating we should not process incoming IPC while waiting for the sync reply
        https://bugs.webkit.org/show_bug.cgi?id=182021
        <rdar://problem/21629943>

        Reviewed by Ryosuke Niwa.

        Add layout testing infrastructure for the new flag.

        Test: fast/misc/testIncomingSyncIPCMessageWhileWaitingForSyncReply.html

        * page/ChromeClient.h:
        * testing/Internals.cpp:
        (WebCore::Internals::testIncomingSyncIPCMessageWhileWaitingForSyncReply):
        * testing/Internals.h:
        * testing/Internals.idl:

2018-01-24  Alex Christensen  <achristensen@webkit.org>

        Remove pre-Sierra-OS-specific code in WebCore
        https://bugs.webkit.org/show_bug.cgi?id=182026

        Reviewed by Tim Horton.

        * page/cocoa/UserAgent.mm:
        (WebCore::systemMarketingVersionForUserAgentString):
        * page/scrolling/mac/ScrollingMomentumCalculatorMac.mm:
        (WebCore::ScrollingMomentumCalculatorMac::retargetedScrollOffsetDidChange):
        * platform/cocoa/PasteboardCocoa.mm:
        (WebCore::bitmapPNGFileType):
        * platform/graphics/FontPlatformData.cpp:
        * platform/graphics/FontPlatformData.h:
        * platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.mm:
        (WebCore::VideoFullscreenLayerManager::setVideoFullscreenLayer):
        * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:
        (layerContentsFormat):
        (PlatformCALayerCocoa::updateContentsFormat):
        (PlatformCALayerCocoa::backingStoreBytesPerPixel const):
        * platform/graphics/cg/GraphicsContextCG.cpp:
        (WebCore::linearRGBColorSpaceRef):
        (WebCore::extendedSRGBColorSpaceRef):
        * platform/graphics/cg/PDFDocumentImage.cpp:
        (WebCore::PDFDocumentImage::drawPDFPage):
        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::getCSSAttribute):
        (WebCore::capabilitiesForFontDescriptor):
        (WebCore::findClosestFont):
        (WebCore::platformFontLookupWithFamily):
        (WebCore::lookupFallbackFont):
        (WebCore::fontWeightFromCoreText): Deleted.
        * platform/graphics/cocoa/FontCocoa.mm:
        (WebCore::Font::variantCapsSupportsCharacterForSynthesis const):
        (WebCore::Font::platformWidthForGlyph const):
        (WebCore::advanceForColorBitmapFont): Deleted.
        (WebCore::canUseFastGlyphAdvanceGetter): Deleted.
        * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
        (WebCore::FontPlatformData::FontPlatformData):
        (WebCore::FontPlatformData::hash const):
        (WebCore::FontPlatformData::platformIsEqual const):
        (WebCore::FontPlatformData::ctFont const):
        * platform/graphics/cocoa/GraphicsContextCocoa.mm:
        (WebCore::linearRGBColorSpaceRef): Deleted.
        * platform/graphics/cocoa/WebCoreDecompressionSession.mm:
        (WebCore::WebCoreDecompressionSession::setTimebase):
        * platform/graphics/mac/FontCustomPlatformData.cpp:
        (WebCore::FontCustomPlatformData::supportsFormat):
        * platform/mac/PlatformScreenMac.mm:
        (WebCore::screenSupportsExtendedColor):
        * platform/mac/ScrollbarThemeMac.mm:
        (WebCore::ScrollbarThemeMac::didCreateScrollerImp):
        (WebCore::ScrollbarThemeMac::isLayoutDirectionRTL):
        * platform/mac/ThemeMac.mm:
        (WebCore::ThemeMac::userPrefersReducedMotion const):
        * platform/network/cocoa/ResourceRequestCocoa.mm:
        (WebCore::ResourceRequest::doUpdatePlatformRequest):
        * platform/text/mac/TextBoundaries.mm:
        (WebCore::findNextWordFromIndex):
        * rendering/RenderLayerModelObject.cpp:
        (WebCore::RenderLayerModelObject::shouldPlaceBlockDirectionScrollbarOnLeft const):
        * testing/Internals.mm:
        (WebCore::Internals::userPrefersReducedMotion const):

2018-01-24  Alex Christensen  <achristensen@webkit.org>

        Remove WebProcess authentication code
        https://bugs.webkit.org/show_bug.cgi?id=182020

        Reviewed by Brady Eidson.

        We were keeping it around for pre-NetworkSession media loading, which is gone now.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaPlayerShouldWaitForResponseToAuthenticationChallenge): Deleted.
        * html/HTMLMediaElement.h:
        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::didReceiveAuthenticationChallenge):
        * loader/ResourceLoader.h:
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::shouldWaitForResponseToAuthenticationChallenge): Deleted.
        * platform/graphics/MediaPlayer.h:
        (WebCore::MediaPlayerClient::mediaPlayerShouldWaitForResponseToAuthenticationChallenge): Deleted.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (-[WebCoreAVFLoaderDelegate resourceLoader:shouldWaitForResponseToAuthenticationChallenge:]):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::shouldWaitForResponseToAuthenticationChallenge): Deleted.

2018-01-24  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: SVG AAM mapping trumps ARIA role attribute in the case of SVG root
        https://bugs.webkit.org/show_bug.cgi?id=181994

        Reviewed by Chris Fleizach.

        Only return AccessibilityRole::Group if we have no author-provided
        ARIA role attribute value.

        Test: accessibility/svg-element-with-aria-role.html

        * accessibility/AccessibilitySVGRoot.cpp:
        (WebCore::AccessibilitySVGRoot::roleValue const):
        * accessibility/AccessibilitySVGRoot.h:

2018-01-24  Alex Christensen  <achristensen@webkit.org>

        Remove unused QTKit preference
        https://bugs.webkit.org/show_bug.cgi?id=181968

        Reviewed by Alexey Proskuryakov.

        They weren't used and didn't do anything.

        * page/DeprecatedGlobalSettings.cpp:
        (WebCore::DeprecatedGlobalSettings::setQTKitEnabled): Deleted.
        * page/DeprecatedGlobalSettings.h:
        (WebCore::DeprecatedGlobalSettings::isQTKitEnabled): Deleted.

2018-01-24  Antoine Quint  <graouts@apple.com>

        [Web Animations] Compute the progress and currentIteration properties on getComputedTiming()
        https://bugs.webkit.org/show_bug.cgi?id=182039
        <rdar://problem/36813568>

        Reviewed by Dean Jackson.

        Compute the "progress" and "currentIteration" properties on the dictionary returned by getComputedTiming().
        To support this we implement several procedures from the specification implemented separately with links
        and steps copied from the specification. There is one last procedure we don't implement, which is to obtain
        the transformed time following the application of the provided easing, which will be the next patch.

        * animation/AnimationEffect.cpp:
        (WebCore::AnimationEffect::phase const):
        (WebCore::AnimationEffect::activeTime const):
        (WebCore::AnimationEffect::overallProgress const):
        (WebCore::AnimationEffect::simpleIterationProgress const):
        (WebCore::AnimationEffect::currentIteration const):
        (WebCore::AnimationEffect::currentDirection const):
        (WebCore::AnimationEffect::directedProgress const):
        (WebCore::AnimationEffect::iterationProgress const):
        (WebCore::AnimationEffect::getComputedTiming):
        * animation/AnimationEffect.h:

2018-01-24  Daniel Bates  <dabates@apple.com>

        REGRESSION (r226138): Selecting a line that ends with zero-width joiner (ZWJ) may cause text transformation
        https://bugs.webkit.org/show_bug.cgi?id=181993
        <rdar://problem/36421080>

        Reviewed by David Hyatt.

        Re-implement paint optimization that was inadvertently removed in r226138. This optimization
        works around an issue where selecting the last printable character in a line that is followed
        followed by a zero-width joiner transforms the selected character.

        We need to fix <https://bugs.webkit.org/show_bug.cgi?id=181964> to improve the interaction
        of selection and zero-width joiner characters. For now, re-implement a paint optimization
        to perform a single paint operation when the style of the non-selected text is identical
        to the style of the selected text.

        Test: fast/text/mac/select-character-before-zero-width-joiner.html

        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::MarkerSubrangeStyle::areBackgroundMarkerSubrangeStylesEqual):
        (WebCore::InlineTextBox::MarkerSubrangeStyle::areForegroundMarkerSubrangeStylesEqual):
        (WebCore::InlineTextBox::MarkerSubrangeStyle::areDecorationMarkerSubrangeStylesEqual):
        Add helper functions to determine when marker styles are identical. We make use of these
        equality functions to coalesce adjacent subranges that have the same visual style and
        hence reduce the number of drawing commands to paint all the subranges in a line.
 
        (WebCore::InlineTextBox::paint): Coalesce subranges before painting.

        (WebCore::InlineTextBox::subdivideAndResolveStyle): Split out the logic to coalesce
        subranges with the same style into its own function InlineTextBox::coalesceAdjacentSubranges()
        and kept this function focused on subdivision and style resolution. Manually compute
        the frontmost subranges so that we can resolve style for each subrange with respect to
        the correct base style. Formerly we always resolved style with respect the specified
        base style. Now we resolve style with respect the previous frontmost subrange to ensure
        styles cascade as expected. This change causes no visual difference now. Once we implement
        <https://bugs.webkit.org/show_bug.cgi?id=175784> we will be able to test this change
        with respect to selection of ::spelling-error/::grammar-error pseudo elements.

        (WebCore::InlineTextBox::coalesceAdjacentSubranges): Extracted logic from InlineTextBox::subdivideAndResolveStyle().

        (WebCore::InlineTextBox::MarkerSubrangeStyle::operator== const): Deleted.
        (WebCore::InlineTextBox::MarkerSubrangeStyle::operator!= const): Deleted.
        Comparing MarkerSubrangeStyle objects should be performed using the appropriate
        are*MarkerSubrangeStylesEqual() non-member function.

        * rendering/InlineTextBox.h:
        * rendering/MarkerSubrange.cpp:
        (WebCore::subdivide): Remove overlap strategy FrontmostWithLongestEffectiveRange
        as this strategy is now implemented by InlineTextBox::subdivideAndResolveStyle() and
        InlineTextBox::coalesceAdjacentSubranges() that compute the set of frontmost subranges and
        coalesces adjacent subranges with the same style into the longest effective subrange,
        respectively. Unlike WebCore::subdivide(), InlineTextBox knows what the base style should
        be for the subranges and can more aggressively coalesce adjacent subranges of different
        types that have the same visual style.
        * rendering/MarkerSubrange.h:

2018-01-24  Youenn Fablet  <youenn@apple.com>

        Fetch response should copy its url from the request if null
        https://bugs.webkit.org/show_bug.cgi?id=182048

        Reviewed by Chris Dumez.

        No change of behavior.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::responseReceived): Add assertion to check that the response URL is not null.

2018-01-24  Youenn Fablet  <youenn@apple.com>

        Account for memory cache in DocumentThreadableLoader::didReceiveResponse assertion
        https://bugs.webkit.org/show_bug.cgi?id=182049

        Reviewed by Chris Dumez.

        No change of behavior.
        A response served from Service Worker may be cached in Memory Cache and reused later on.
        Update DTL assertion to handle that case.

        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::didReceiveResponse):

2018-01-24  Eric Carlson  <eric.carlson@apple.com>

        REGRESSION(r227457): Release assert in updateLayout while destructing a media element
        https://bugs.webkit.org/show_bug.cgi?id=182038
        <rdar://problem/36812083>

        Reviewed by Jer Noble.

        * html/MediaElementSession.cpp:
        (WebCore::isMainContentForPurposesOfAutoplay): Early return if element.isSuspended().
        * platform/audio/mac/MediaSessionManagerMac.mm:
        (WebCore::MediaSessionManagerMac::clientCharacteristicsChanged): Call scheduleUpdateNowPlayingInfo
        instead of updateNowPlayingInfo.

2018-01-24  Chris Fleizach  <cfleizach@apple.com>

        AX: Provide a way for VoiceOver to uniquely identify a web session
        https://bugs.webkit.org/show_bug.cgi?id=181894

        Reviewed by Joanmarie Diggs.

        Add a way for VoiceOver to uniquely track a web page session.

        Test: accessibility/mac/session-id.html

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper accessibilityAttributeNames]):
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):

2018-01-24  Antti Koivisto  <antti@apple.com>

        RenderBlockRareData::m_enclosingFragmentedFlow should be WeakPtr
        https://bugs.webkit.org/show_bug.cgi?id=182045
        <rdar://problem/36334787>

        Reviewed by Zalan Bujtas.

        For safety.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::cachedEnclosingFragmentedFlow const):
        (WebCore::RenderBlock::updateCachedEnclosingFragmentedFlow const):
        (WebCore::RenderBlock::locateEnclosingFragmentedFlow const):

2018-01-23  Dean Jackson  <dino@apple.com>

        REGRESSION (r222961?): sRGB images shown in WebGL are over-saturated on a wide gamut monitor
        https://bugs.webkit.org/show_bug.cgi?id=182033
        <rdar://problem/36377780>

        Reviewed by Antoine Quint.

        My fix for YouTube360 changed the way we composite WebGL on macOS. Unfortunately it dropped
        a flag telling the compositor the colorspace of the content should be sRGB. Reinstate this
        by explicitly setting the colorspace on the IOSurface we use for WebGL back buffers.

        This *should* be covered by the test in:
        fast/canvas/webgl/match-page-color-space.html
        ... however, it shows a problem with our testing infrastructure. As long as it is not
        testing on a Wide Gamut display, and explicitly setting the color profile, an automated
        test won't pick up this regression. I could add an Internals helper to query the colorspace
        of the WebGL content, but that doesn't actually verify the composited result, which is
        all that matters.

        * platform/graphics/cocoa/WebGLLayer.mm:
        (-[WebGLLayer allocateIOSurfaceBackingStoreWithSize:usingAlpha:]):

2018-01-24  Ms2ger  <Ms2ger@igalia.com>

        [GTK] Fix some test failures in ATK selection handling.
        https://bugs.webkit.org/show_bug.cgi?id=168369
        <rdar://problem/30534881>

        Reviewed by Joanmarie Diggs.

        In r208479, selectionBelongsToObject was changed to return false if the
        intersectsNode call returns an exception.

        In particular, this caused accessibility/gtk/text-at-offset-textarea.html
        to fail. In this test, the selection is situated in the shadow DOM of the
        textarea, while the node that is checked for intersection is the textarea
        itself. In line with the standard, intersectsNode returns an exception in
        this case.

        This caused webkitAccessibleText{Word, Line, Sentence}ForBoundary to stop
        returning the expected text in the tested case. Removing this check fixes
        the test, along with some others.

        Tests: accessibility/gtk/text-at-offset-textarea.html
               accessibility/gtk/text-at-offset-textinput.html
               accessibility/selected-text-range-aria-elements.html
               accessibility/textarea-selected-text-range.html

        * accessibility/atk/WebKitAccessibleInterfaceText.cpp:
        (getSelectionOffsetsForObject): Remove the selectionBelongsToObject() call.

2018-01-18  Sergio Villar Senin  <svillar@igalia.com>

        [WebVR] Add OpenVR to the tree and to the build
        https://bugs.webkit.org/show_bug.cgi?id=177298

        Reviewed by Žan Doberšek.

        Added build dependencies with the OpenVR library.

        * CMakeLists.txt:

2018-01-23  Wenson Hsieh  <wenson_hsieh@apple.com>

        Harden against layout passes triggered when iterating through HTMLFormElement::associatedElements
        https://bugs.webkit.org/show_bug.cgi?id=182037
        <rdar://problem/36747812>

        Reviewed by Ryosuke Niwa.

        Observe that HTMLFormElement::associatedElements returns a const reference to a Vector of raw
        FormAssociatedElement pointers. In various call sites that iterate through these associated elements using this
        function, some require synchronous layout updates per iteration, which can lead to a bad time when combined with
        the first observation.

        To address this, we introduce HTMLFormElement::copyAssociatedElementsVector. This returns a new vector
        containing strong Refs to each associated element. From each call site that may trigger synchronous layout and
        execute arbitrary script while iterating over associated form elements, we instead use iterate over protected
        FormAssociatedElements.

        From each call site that currently doesn't (and shouldn't) require a layout update, we use the old version that
        returns a list of raw FormAssociatedElement pointers, but add ScriptDisallowedScopes to ensure that we never
        execute script there in the future.

        Test: fast/forms/form-data-associated-element-iteration.html

        * html/DOMFormData.cpp:
        (WebCore::DOMFormData::DOMFormData):

        Change to use copyAssociatedElementsVector().

        * html/FormController.cpp:
        (WebCore::recordFormStructure):
        (WebCore::FormController::restoreControlStateIn):

        Change to use copyAssociatedElementsVector().

        * html/HTMLFieldSetElement.cpp:
        (WebCore::HTMLFieldSetElement::copyAssociatedElementsVector const):
        (WebCore:: const):
        (WebCore::HTMLFieldSetElement::length const):

        Refactor to use unsafeAssociatedElements().

        * html/HTMLFieldSetElement.h:
        * html/HTMLFormControlsCollection.cpp:
        (WebCore:: const):
        (WebCore::HTMLFormControlsCollection::copyFormControlElementsVector const):
        (WebCore::HTMLFormControlsCollection::customElementAfter const):
        (WebCore::HTMLFormControlsCollection::updateNamedElementCache const):

        Refactor these to use unsafeAssociatedElements().

        * html/HTMLFormControlsCollection.h:
        * html/HTMLFormElement.cpp:
        (WebCore::HTMLFormElement::unsafeAssociatedElements const):
        (WebCore::HTMLFormElement::copyAssociatedElementsVector const):
        * html/HTMLFormElement.h:
        * loader/FormSubmission.cpp:
        (WebCore::FormSubmission::create):

        Refactor to use copyAssociatedElementsVector().

2018-01-23  Basuke Suzuki  <Basuke.Suzuki@sony.com>

        [Curl] Fix wrong redirection with relative url when it happens from
        different host than original host.
        https://bugs.webkit.org/show_bug.cgi?id=181873

        Reviewed by Alex Christensen.

        * platform/network/curl/CurlDownload.cpp:
        (WebCore::CurlDownload::willSendRequest):
        * platform/network/curl/ResourceHandleCurlDelegate.cpp:
        (WebCore::ResourceHandleCurlDelegate::willSendRequest):

2018-01-23  Eric Carlson  <eric.carlson@apple.com>

        Resign NowPlaying status when no media element is eligible
        https://bugs.webkit.org/show_bug.cgi?id=181914
        <rdar://problem/35294116>

        Reviewed by Jer Noble.

        Updated API test.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::removedFromAncestor): Call mediaSession->clientCharacteristicsChanged
        so NowPlaying status will be updated.

        * html/MediaElementSession.cpp:
        (WebCore::MediaElementSession::playbackPermitted const): Return early when the media 
        element has been suspended.
        (WebCore::MediaElementSession::canShowControlsManager const): Return false when being queried
        for NowPlaying status in an inactive document or when element has been suspended.
        (WebCore::isMainContentForPurposesOfAutoplay): Return early if it isn't safe to update
        style because HitTest can force a layout.
        (WebCore::MediaElementSession::updateIsMainContent const): Ditto.

        * platform/audio/PlatformMediaSessionManager.cpp:
        (WebCore::PlatformMediaSessionManager::updateNowPlayingInfoIfNecessary): Implement in for all
        ports.
        * platform/audio/PlatformMediaSessionManager.h:
        (WebCore::PlatformMediaSessionManager::registeredAsNowPlayingApplication const):
        * platform/audio/ios/MediaSessionManagerIOS.h:
        * platform/audio/mac/MediaSessionManagerMac.h:
        * platform/audio/mac/MediaSessionManagerMac.mm:
        (WebCore::MediaSessionManagerMac::updateNowPlayingInfo): Call MRMediaRemoteSetCanBeNowPlayingApplication
        whenever status changes.
        (WebCore::PlatformMediaSessionManager::updateNowPlayingInfoIfNecessary): Deleted, implemented
        in the base class.

2018-01-23  Alex Christensen  <achristensen@webkit.org>

        Use CompletionHandlers for ResourceHandleClient::didReceiveResponseAsync
        https://bugs.webkit.org/show_bug.cgi?id=181961

        Reviewed by Michael Catanzaro.

        No change in behavior.

        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::didReceiveResponseAsync):
        * loader/ResourceLoader.h:
        * loader/appcache/ApplicationCacheGroup.cpp:
        (WebCore::ApplicationCacheGroup::didReceiveResponseAsync):
        * loader/appcache/ApplicationCacheGroup.h:
        * platform/network/BlobResourceHandle.cpp:
        (WebCore::BlobResourceHandle::notifyResponseOnSuccess):
        (WebCore::BlobResourceHandle::notifyResponseOnError):
        (WebCore::BlobResourceHandle::continueDidReceiveResponse): Deleted.
        * platform/network/BlobResourceHandle.h:
        * platform/network/PingHandle.h:
        * platform/network/ResourceHandle.cpp:
        (WebCore::ResourceHandle::didReceiveResponse):
        * platform/network/ResourceHandle.h:
        * platform/network/ResourceHandleClient.h:
        * platform/network/SynchronousLoaderClient.cpp:
        (WebCore::SynchronousLoaderClient::didReceiveResponseAsync):
        * platform/network/SynchronousLoaderClient.h:
        * platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.cpp:
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveResponse):
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::continueDidReceiveResponse): Deleted.
        * platform/network/curl/ResourceHandleCurlDelegate.cpp:
        (WebCore::ResourceHandleCurlDelegate::curlDidReceiveResponse):
        (WebCore::ResourceHandleCurlDelegate::handleDataURL):
        (WebCore::ResourceHandleCurlDelegate::continueDidReceiveResponse): Deleted.
        * platform/network/mac/ResourceHandleMac.mm:
        (WebCore::ResourceHandle::continueDidReceiveResponse): Deleted.
        * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.h:
        * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
        (-[WebCoreResourceHandleAsOperationQueueDelegate connection:didReceiveResponse:]):
        (-[WebCoreResourceHandleAsOperationQueueDelegate continueDidReceiveResponse]): Deleted.
        * platform/network/soup/ResourceHandleSoup.cpp:
        (WebCore::nextMultipartResponsePartCallback):
        (WebCore::sendRequestCallback):
        (WebCore::ResourceHandle::continueDidReceiveResponse): Deleted.

2018-01-23  Chris Dumez  <cdumez@apple.com>

        Unreviewed, rollout r227216 as it seems to be causing deadlocks
        https://bugs.webkit.org/show_bug.cgi?id=182013

        * page/ChromeClient.h:
        * testing/Internals.cpp:
        (WebCore::Internals::testIncomingSyncIPCMessageWhileWaitingForSyncReply): Deleted.
        * testing/Internals.h:
        * testing/Internals.idl:

2018-01-23  Ali Juma  <ajuma@chromium.org>

        REGRESSION (r226622): ASSERTION FAILED: !m_frame in WebCore::DOMWindowProperty::willDestroyGlobalObjectInCachedFrame()
        https://bugs.webkit.org/show_bug.cgi?id=181756

        Reviewed by Simon Fraser.

        Don't create a VisualViewport for a suspended DOMWindow. When a DOMWindow is suspended
        for document suspension, all DOMWindowProperties are disconnected from their frame.
        Creating a new VisualViewport while in this state means unexpectedly having a DOMWindowProperty
        that's connected to a frame, and this leads to an assertion failure.

        Test: http/tests/navigation/https-in-page-cache.html

        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::visualViewport const):
        Don't create a VisualViewport while suspended.
        * page/FrameView.cpp:
        (WebCore::FrameView::updateLayoutViewport):
        Handle null DOMWindow::visualViewport.

2018-01-23  Basuke Suzuki  <Basuke.Suzuki@sony.com>

        [Curl] CurlRequest must protect its client from disposal while it's on duty.
        https://bugs.webkit.org/show_bug.cgi?id=181875

        Reviewed by Alex Christensen.

        No new tests. It's covered by existing tests.

        * platform/network/curl/CurlDownload.h:
        * platform/network/curl/CurlRequest.cpp:
        (WebCore::CurlRequest::callClient):
        (WebCore::CurlRequest::didReceiveData):
        (WebCore::CurlRequest::didReceiveDataFromMultipart):
        (WebCore::CurlRequest::didCompleteTransfer):
        (WebCore::CurlRequest::invokeDidReceiveResponse):
        * platform/network/curl/CurlRequest.h:
        * platform/network/curl/CurlRequestClient.h:
        * platform/network/curl/ResourceHandleCurlDelegate.h:

2018-01-23  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r227437.
        https://bugs.webkit.org/show_bug.cgi?id=182011

        broke build (Requested by alexchristensen on #webkit).

        Reverted changeset:

        "Remove unused QTKit preference"
        https://bugs.webkit.org/show_bug.cgi?id=181968
        https://trac.webkit.org/changeset/227437

2018-01-23  Antoine Quint  <graouts@apple.com>

        [Web Animations] Expose getKeyframes() and parsing of remaining keyframe properties
        https://bugs.webkit.org/show_bug.cgi?id=181978

        Not reviewed.

        Fix failures for http/wpt/web-animations/interfaces/AnimationEffectTiming/easing.html introduced in the previous patch.
        Those keyword values are not expected.

        * platform/animation/TimingFunction.cpp:
        (WebCore::TimingFunction::cssText const):

2018-01-23  Simon Fraser  <simon.fraser@apple.com>

        feMorphology stops applying if either x or y radius is 0 but should not.
        https://bugs.webkit.org/show_bug.cgi?id=181903

        Reviewed by Dean Jackson.
        
        feMorphology should allow the radius on one axis to be zero but still apply the effect
        (it's akin to a blur on just one axis). Also, any negative radius, or zero on both axes
        should act like a pass-through, rather than outputting transparent blank (this is a spec
        change from SVG 1.1 to SVG 2).

        Tests: svg/filters/feMorphology-zero-radius-one-axis-expected.svg
               svg/filters/feMorphology-zero-radius-one-axis.svg

        * platform/graphics/filters/FEMorphology.cpp:
        (WebCore::FEMorphology::platformApplyDegenerate):
        * platform/graphics/filters/FilterEffect.cpp:
        (WebCore::FilterEffect::createImageBufferResult):

2018-01-23  Alex Christensen  <achristensen@webkit.org>

        Remove unused MediaPlayerSupportsTypeClient
        https://bugs.webkit.org/show_bug.cgi?id=182003

        Reviewed by Sam Weinig.

        This was used for a QTKit-specific hack I removed in r227372.

        * Modules/encryptedmedia/CDM.cpp:
        (WebCore::CDM::getSupportedCapabilitiesForAudioVideoType):
        * Modules/mediasource/MediaSource.cpp:
        (WebCore::MediaSource::isTypeSupported):
        * dom/DOMImplementation.cpp:
        (WebCore::DOMImplementation::createDocument):
        (WebCore::DOMImplementationSupportsTypeClient::DOMImplementationSupportsTypeClient): Deleted.
        (): Deleted.
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::canPlayType const):
        (WebCore::HTMLMediaElement::selectNextSourceChild):
        (WebCore::HTMLMediaElement::mediaPlayerNeedsSiteSpecificHacks const): Deleted.
        (WebCore::HTMLMediaElement::mediaPlayerDocumentHost const): Deleted.
        * html/HTMLMediaElement.h:
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::supportsType):
        * platform/graphics/MediaPlayer.h:
        (WebCore::MediaPlayerSupportsTypeClient::mediaPlayerNeedsSiteSpecificHacks const): Deleted.
        (WebCore::MediaPlayerSupportsTypeClient::mediaPlayerDocumentHost const): Deleted.

2018-01-23  Alex Christensen  <achristensen@webkit.org>

        Remove unused QTKit preference
        https://bugs.webkit.org/show_bug.cgi?id=181968

        Reviewed by Alexey Proskuryakov.

        They weren't used and didn't do anything.

        * page/DeprecatedGlobalSettings.cpp:
        (WebCore::DeprecatedGlobalSettings::setQTKitEnabled): Deleted.
        * page/DeprecatedGlobalSettings.h:
        (WebCore::DeprecatedGlobalSettings::isQTKitEnabled): Deleted.

2018-01-23  Javier Fernandez  <jfernandez@igalia.com>

        [css-align] 'left' and 'right' should parse as invalid in block/cross-axis alignment
        https://bugs.webkit.org/show_bug.cgi?id=181792

        Reviewed by Antti Koivisto.

        The CSS WG resolved to remove the 'left' and 'right' values from the
        block/cross axis alignment properties.

        https://github.com/w3c/csswg-drafts/issues/1403

        This patch changes the CSS parsing logic of all the CSS Box Alignment
        properties, both block-axis (align-{self, items, content} and
        inline-axis (justify-{self, items, content}).

        Additionally, the alignment shorthands (place-{self, items, content})
        have been also changed to respect the new syntax.

        Despite the number of layout tests changed, I don't think this
        change will break any content in current sites. The CSS values
        'left' and 'right' were introduced by the new CSS Box Alignment
        spec and only implemented by the CSS Grid Layout feature, shipped
        last year. Additionally, the removed values have no effect on the
        layout result when they are applied to the block/cross-axis CSS
        Alignment properties.

        Tests: imported/w3c/web-platform-tests/css/css-align/content-distribution/parse-align-content-001.html
               imported/w3c/web-platform-tests/css/css-align/content-distribution/parse-align-content-002.html
               imported/w3c/web-platform-tests/css/css-align/content-distribution/parse-align-content-003.html
               imported/w3c/web-platform-tests/css/css-align/content-distribution/parse-align-content-004.html
               imported/w3c/web-platform-tests/css/css-align/content-distribution/parse-align-content-005.html
               imported/w3c/web-platform-tests/css/css-align/content-distribution/parse-justify-content-001.html
               imported/w3c/web-platform-tests/css/css-align/content-distribution/parse-justify-content-002.html
               imported/w3c/web-platform-tests/css/css-align/content-distribution/parse-justify-content-003.html
               imported/w3c/web-platform-tests/css/css-align/content-distribution/parse-justify-content-004.html
               imported/w3c/web-platform-tests/css/css-align/content-distribution/parse-justify-content-005.html
               imported/w3c/web-platform-tests/css/css-align/content-distribution/place-content-shorthand-001.html
               imported/w3c/web-platform-tests/css/css-align/content-distribution/place-content-shorthand-002.html
               imported/w3c/web-platform-tests/css/css-align/content-distribution/place-content-shorthand-003.html
               imported/w3c/web-platform-tests/css/css-align/content-distribution/place-content-shorthand-004.html
               imported/w3c/web-platform-tests/css/css-align/content-distribution/place-content-shorthand-005.html
               imported/w3c/web-platform-tests/css/css-align/content-distribution/place-content-shorthand-006.html
               imported/w3c/web-platform-tests/css/css-align/default-alignment/justify-items-legacy-001.html
               imported/w3c/web-platform-tests/css/css-align/default-alignment/parse-align-items-001.html
               imported/w3c/web-platform-tests/css/css-align/default-alignment/parse-align-items-002.html
               imported/w3c/web-platform-tests/css/css-align/default-alignment/parse-align-items-003.html
               imported/w3c/web-platform-tests/css/css-align/default-alignment/parse-align-items-004.html
               imported/w3c/web-platform-tests/css/css-align/default-alignment/parse-align-items-005.html
               imported/w3c/web-platform-tests/css/css-align/default-alignment/parse-justify-items-001.html
               imported/w3c/web-platform-tests/css/css-align/default-alignment/parse-justify-items-002.html
               imported/w3c/web-platform-tests/css/css-align/default-alignment/parse-justify-items-003.html
               imported/w3c/web-platform-tests/css/css-align/default-alignment/parse-justify-items-004.html
               imported/w3c/web-platform-tests/css/css-align/default-alignment/parse-justify-items-005.html
               imported/w3c/web-platform-tests/css/css-align/default-alignment/parse-justify-items-006.html
               imported/w3c/web-platform-tests/css/css-align/default-alignment/place-items-shorthand-001.html
               imported/w3c/web-platform-tests/css/css-align/default-alignment/place-items-shorthand-002.html
               imported/w3c/web-platform-tests/css/css-align/default-alignment/place-items-shorthand-003.html
               imported/w3c/web-platform-tests/css/css-align/default-alignment/place-items-shorthand-004.html
               imported/w3c/web-platform-tests/css/css-align/default-alignment/place-items-shorthand-005.html
               imported/w3c/web-platform-tests/css/css-align/default-alignment/place-items-shorthand-006.html
               imported/w3c/web-platform-tests/css/css-align/distribution-values/space-evenly-001.html
               imported/w3c/web-platform-tests/css/css-align/self-alignment/parse-align-self-001.html
               imported/w3c/web-platform-tests/css/css-align/self-alignment/parse-align-self-002.html
               imported/w3c/web-platform-tests/css/css-align/self-alignment/parse-align-self-003.html
               imported/w3c/web-platform-tests/css/css-align/self-alignment/parse-align-self-004.html
               imported/w3c/web-platform-tests/css/css-align/self-alignment/parse-align-self-005.html
               imported/w3c/web-platform-tests/css/css-align/self-alignment/parse-justify-self-001.html
               imported/w3c/web-platform-tests/css/css-align/self-alignment/parse-justify-self-002.html
               imported/w3c/web-platform-tests/css/css-align/self-alignment/parse-justify-self-003.html
               imported/w3c/web-platform-tests/css/css-align/self-alignment/parse-justify-self-004.html
               imported/w3c/web-platform-tests/css/css-align/self-alignment/parse-justify-self-005.html
               imported/w3c/web-platform-tests/css/css-align/self-alignment/place-self-shorthand-001.html
               imported/w3c/web-platform-tests/css/css-align/self-alignment/place-self-shorthand-002.html
               imported/w3c/web-platform-tests/css/css-align/self-alignment/place-self-shorthand-003.html
               imported/w3c/web-platform-tests/css/css-align/self-alignment/place-self-shorthand-004.html
               imported/w3c/web-platform-tests/css/css-align/self-alignment/place-self-shorthand-005.html
               imported/w3c/web-platform-tests/css/css-align/self-alignment/place-self-shorthand-006.html

        * css/parser/CSSPropertyParser.cpp:
        (WebCore::isLeftOrRightKeyword):
        (WebCore::isContentPositionKeyword):
        (WebCore::isContentPositionOrLeftOrRightKeyword):
        (WebCore::consumeContentDistributionOverflowPosition):
        (WebCore::isSelfPositionKeyword):
        (WebCore::isSelfPositionOrLeftOrRightKeyword):
        (WebCore::consumeSelfPositionOverflowPosition):
        (WebCore::consumeAlignItems):
        (WebCore::consumeJustifyItems):
        (WebCore::CSSPropertyParser::parseSingleValue):
        (WebCore::consumeSimplifiedContentPosition):
        (WebCore::CSSPropertyParser::consumePlaceContentShorthand):
        (WebCore::consumeSimplifiedItemPosition):
        (WebCore::CSSPropertyParser::consumePlaceItemsShorthand):
        (WebCore::CSSPropertyParser::consumePlaceSelfShorthand):

2018-01-23  Simon Fraser  <simon.fraser@apple.com>

        Element with position:fixed stops scrolling at the bottom of the page, but is painted in the right place on Chacos.com.
        https://bugs.webkit.org/show_bug.cgi?id=181741
        rdar://problem/36593581

        Reviewed by Tim Horton.

        The #ifdef for iOS was wrong; on iOS, visibleSize() is in content coordinates and matches
        unscaledDocumentRect, so there's no need to scale it. Doing so computed the wrong unscaledMaximumScrollPosition
        which broke hit-testing when the document minimum scale was > 1.

        Test: fast/visual-viewport/ios/min-scale-greater-than-one.html

        * page/FrameView.cpp:
        (WebCore::FrameView::unscaledMaximumScrollPosition const):

2018-01-23  Antoine Quint  <graouts@apple.com>

        [Web Animations] Expose getKeyframes() and parsing of remaining keyframe properties
        https://bugs.webkit.org/show_bug.cgi?id=181978
        <rdar://problem/36772586>

        Reviewed by Dean Jackson.

        We finish our implementation of multiple keyframes by exposing the getKeyframes() method on KeyframeEffect and
        parsing the remaining properties that can be exposed on keyframes: "easing" and "composite". And since we parse
        those properties on keyframes, we also parse "easing" on AnimationEffectTiming and "composite" and "iterationComposite"
        on KeyframeEffect. 

        To support this, we implement a new TimingFunction::createFromCSSText() method which takes in a string that is
        a value provided directly via the JS API. As its converse, we expose a TimingFunction::cssText() method which
        provides a string that can be sent back to JS to represent a timing function, using keywords when the timing
        function matches one and ommitting default values.

        We now also keep track of the original "offset" value provided through the JS API since that value is required
        when calling getKeyframes() and distinct from the "computedOffset". These original offsets, composite operations
        and timing functions are kept as separate Vectors from the KeyframeList since this type does not support exposing
        those. We may consider improving that in a future patch.

        Finally, we make some adjustments in the keyframe parsing to comply with the specification and correctly parse
        all provided timing functions, regardless of the number of keyframes and timing functions provided.

        Note that this patch is only about parsing, storing and returning provided easing and composite operations but
        that such values will only be used for the resolution of animation effects in future patches.

        * animation/AnimationEffect.cpp:
        (WebCore::AnimationEffect::getComputedTiming): Set the "easing" property on the getComputedTiming() return value
        now that we expose "easing" on AnimationEffectTiming.
        * animation/AnimationEffectTiming.cpp:
        (WebCore::AnimationEffectTiming::AnimationEffectTiming): Create a linear TimingFunction by default.
        (WebCore::AnimationEffectTiming::setEasing): Parse the "easing" value and propagate an exception for invalid values.
        * animation/AnimationEffectTiming.h: Expose the new "easing" property and backing TimingFunction.
        * animation/AnimationEffectTiming.idl: Expose the new "easing" property.
        * animation/KeyframeEffect.cpp:
        (WebCore::CSSPropertyIDToIDLAttributeName): Provide a way to convert the name of a CSS property to a string that can
        be used to generate a JS property name for use by getKeyframes().
        (WebCore::computeMissingKeyframeOffsets): Implement the full steps of the spec.
        (WebCore::processIterableKeyframes): Fix a problematic declaration for the easing variable.
        (WebCore::processPropertyIndexedKeyframes): Now that ProcessedKeyframe has both an offset and a computedOffset, use
        computed offsets. We also fix a couple of loops to fix compliance issues revealed by WPT tests.
        (WebCore::KeyframeEffect::create): Parse the provided "easing" property on the KeyframeEffectOptions object.
        (WebCore::KeyframeEffect::getKeyframes): Implement the getKeyframes() method as mandated by the spec.
        (WebCore::KeyframeEffect::processKeyframes): Keep a list of unused easings so these might be parsed as well, and
        potentially throw exceptions, as mandated by the spec. For valid easings, store their matching TimingFunction in
        m_timingFunctions, original offset values in m_offsets and CompositeOperation values in m_compositeOperations.
        * animation/KeyframeEffect.h: Switch the order in which we specify some of the Variant types so that default values
        are correctly used.
        * animation/KeyframeEffect.idl: Switch the order in which we specify some of the Variant types so that default values
        are correctly used.
        * platform/animation/TimingFunction.cpp:
        (WebCore::TimingFunction::createFromCSSText):
        (WebCore::TimingFunction::cssText const):
        * platform/animation/TimingFunction.h:

2018-01-23  Brady Eidson  <beidson@apple.com>

        Allow passing MessagePorts across processes (e.g. ServiceWorkers).
        https://bugs.webkit.org/show_bug.cgi?id=181178

        Reviewed by Andy Estes.

        Test: http/tests/workers/service/basic-messageport.html

        * dom/MessagePort.cpp:
        (WebCore::MessagePort::MessagePort):
        (WebCore::MessagePort::~MessagePort):

        * dom/messageports/MessagePortChannel.cpp:
        (WebCore::MessagePortChannel::entanglePortWithProcess):
        * dom/messageports/MessagePortChannel.h:

        * workers/service/SWClientConnection.cpp:
        (WebCore::SWClientConnection::postMessageToServiceWorkerClient):
        * workers/service/SWClientConnection.h:

        * workers/service/ServiceWorker.cpp:
        (WebCore::ServiceWorker::postMessage):

        * workers/service/ServiceWorkerClient.cpp:
        (WebCore::ServiceWorkerClient::postMessage):

        * workers/service/context/SWContextManager.cpp:
        (WebCore::SWContextManager::postMessageToServiceWorker):
        * workers/service/context/SWContextManager.h:

2018-01-23  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r227279 and r227373.
        https://bugs.webkit.org/show_bug.cgi?id=181988

        The LayoutTest crash fix introduced an API test failure.
        (Requested by ryanhaddad on #webkit).

        Reverted changesets:

        "Resign NowPlaying status when no media element is eligible"
        https://bugs.webkit.org/show_bug.cgi?id=181914
        https://trac.webkit.org/changeset/227279

        "Resign NowPlaying status when no media element is eligible"
        https://bugs.webkit.org/show_bug.cgi?id=181914
        https://trac.webkit.org/changeset/227373

2018-01-23  Michael Catanzaro  <mcatanzaro@igalia.com>

        Unreviewed, fix some format specifiers added in r227190
        https://bugs.webkit.org/show_bug.cgi?id=181454

        * dom/messageports/MessagePortChannel.cpp:
        (WebCore::MessagePortChannel::takeAllMessagesForPort):

2018-01-23  Ting-Wei Lan  <lantw44@gmail.com>

        [GTK] Add user agent quirk for Microsoft Outlook Web App
        https://bugs.webkit.org/show_bug.cgi?id=181982

        Reviewed by Michael Catanzaro.

        Microsoft Outlook Web App forces users to switch to the lite version on
        the login page with our standard user agent on all non-macOS systems.
        Since it is an application that can be installed by different companies,
        schools and organizations, it is not possible to fix the issue unless
        we keep a big list of host names that are known to run it. We check the
        host name instead of the base domain name here because it is not
        expected to run all sites under a base domain on this webmail and
        calendar application.

        https://mail.ntu.edu.tw is a site that is known to run Microsoft Outlook
        Web App for several years, and it is not likely to change. When there
        are other sites found to run it and having the same user agent problem,
        we can expand the list to include them.

        * platform/UserAgentQuirks.cpp:
        (WebCore::urlRequiresMacintoshPlatform):

2018-01-23  Yacine Bandou  <yacine.bandou_ext@softathome.com>

        [EME] Add support of multi keys from different sessions in CDMinstanceClearKey
        https://bugs.webkit.org/show_bug.cgi?id=180083

        Reviewed by Xabier Rodriguez-Calvar.

        Add support of multi keys from different MediaKeySession in CDMInstanceClearKey.

        Currently the CDMInstanceClearKey manages two "m_keys", one is a WTF::Vector
        where it stores the list of last added keys, an other which is defined in the
        ClearKeyState::singleton it is a WTF::HashMap, in this last one, it stores the
        keys lists of each created session.

        The method "keys()" of CDMInstanceClearKey returns the first "m_keys" which
        contains just the list of last keys.

        The goal of this commit is to return all keys lists of all sessions, thus
        we remove the "m_keys" which is WTF::Vector and we modify the method
        "keys()" to return all keys lists, which is stored in "m_keys" WTF::HashMap,
        in one Vector instead of return just the list of last keys.

        * platform/encryptedmedia/clearkey/CDMClearKey.cpp:
        (WebCore::CDMInstanceClearKey::keys const):
        (WebCore::CDMInstanceClearKey::updateLicense):
        * platform/encryptedmedia/clearkey/CDMClearKey.h:

2018-01-22  Simon Fraser  <simon.fraser@apple.com>

        Optimize building the non-fast scrollable region with multiple iframes
        https://bugs.webkit.org/show_bug.cgi?id=181971

        Reviewed by Zalan Bujtas.

        AsyncScrollingCoordinator::frameViewLayoutUpdated() is called every time a subframe lays out.
        We don't need to eagerly update the non-fast scrollable region at this time; we can just mark
        it dirty, and rely on the existing scrolling tree commit code to recompute it.

        On my machine this makes fast/frames/lots-of-objects.html no longer a timeout.

        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::frameViewLayoutUpdated):

2018-01-22  Jiewen Tan  <jiewen_tan@apple.com>

        [WebAuthN] Implement PublicKeyCredential's [[Create]] with a dummy authenticator
        https://bugs.webkit.org/show_bug.cgi?id=181928
        <rdar://problem/36459893>

        Reviewed by Brent Fulgham.

        This patch implements PublicKeyCredential's [[Create]] from https://www.w3.org/TR/webauthn/#createCredential
        as of 5 December 2017. In order to do testing, a dummy authenticator is implemented to exercise a failure
        and a pass path. A number of dependencies need to be resolved later in order to comply with the spec.
        Also, the current architecture of handling async WebAuthN operations including dispatching, timeout, and aborting
        might need a redesign once the underlying authenticator is clear. Since this is our first attempt to implement
        a prototype, all those limitations, in my opinion, can be marked as non-blocking to accelerate the whole
        process. Those limitations will then be addressed once the first prototype is finshed.

        Tests: http/tests/webauthn/public-key-credential-create-with-invalid-parameters.https.html
               http/tests/webauthn/public-key-credential-same-origin-with-ancestors-2.https.html
               http/tests/webauthn/public-key-credential-same-origin-with-ancestors.https.html
               http/wpt/webauthn/idl.https.html
               http/wpt/webauthn/public-key-credential-create-failure.https.html
               http/wpt/webauthn/public-key-credential-create-success.https.html

        * Modules/credentialmanagement/BasicCredential.h:
        * Modules/credentialmanagement/BasicCredential.idl:
        * Modules/credentialmanagement/CredentialsContainer.cpp:
        (WebCore::CredentialsContainer::PendingPromise::PendingPromise):
        (WebCore::CredentialsContainer::dispatchTask):
        (WebCore::CredentialsContainer::get):
        (WebCore::CredentialsContainer::isCreate):
        (WebCore::CredentialsContainer::preventSilentAccess const):
        (WebCore::CredentialsContainer::preventSilentAccess): Deleted.
        * Modules/credentialmanagement/CredentialsContainer.h:
        (WebCore::CredentialsContainer::PendingPromise::create):
        * Modules/webauthn/Authenticator.cpp: Copied from Source/WebCore/Modules/webauthn/AuthenticatorResponse.cpp.
        (WebCore::Authenticator::singleton):
        (WebCore::Authenticator::makeCredential const):
        * Modules/webauthn/Authenticator.h: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredentialCreationOptions.h.
        * Modules/webauthn/AuthenticatorAssertionResponse.cpp:
        (WebCore::AuthenticatorAssertionResponse::authenticatorData const):
        (WebCore::AuthenticatorAssertionResponse::signature const):
        (WebCore::AuthenticatorAssertionResponse::userHandle const):
        (WebCore::AuthenticatorAssertionResponse::~AuthenticatorAssertionResponse): Deleted.
        (WebCore::AuthenticatorAssertionResponse::authenticatorData): Deleted.
        (WebCore::AuthenticatorAssertionResponse::signature): Deleted.
        (WebCore::AuthenticatorAssertionResponse::userHandle): Deleted.
        * Modules/webauthn/AuthenticatorAssertionResponse.h:
        (WebCore::AuthenticatorAssertionResponse::create):
        * Modules/webauthn/AuthenticatorAttestationResponse.cpp:
        (WebCore::AuthenticatorAttestationResponse::attestationObject const):
        (WebCore::AuthenticatorAttestationResponse::~AuthenticatorAttestationResponse): Deleted.
        (WebCore::AuthenticatorAttestationResponse::attestationObject): Deleted.
        * Modules/webauthn/AuthenticatorAttestationResponse.h:
        (WebCore::AuthenticatorAttestationResponse::create):
        * Modules/webauthn/AuthenticatorResponse.cpp:
        (WebCore::AuthenticatorResponse::clientDataJSON const):
        (WebCore::AuthenticatorResponse::~AuthenticatorResponse): Deleted.
        (WebCore::AuthenticatorResponse::clientDataJSON): Deleted.
        * Modules/webauthn/AuthenticatorResponse.h:
        * Modules/webauthn/AuthenticatorResponse.idl:
        * Modules/webauthn/PublicKeyCredential.cpp:
        (WebCore::PublicKeyCredentialInternal::produceClientDataJson):
        (WebCore::PublicKeyCredentialInternal::produceClientDataJsonHash):
        (WebCore::PublicKeyCredentialInternal::getIdFromAttestationObject):
        (WebCore::PublicKeyCredential::PublicKeyCredential):
        (WebCore::PublicKeyCredential::discoverFromExternalSource):
        (WebCore::PublicKeyCredential::create):
        (WebCore::PublicKeyCredential::rawId const):
        (WebCore::PublicKeyCredential::response const):
        (WebCore::PublicKeyCredential::getClientExtensionResults const):
        (WebCore::PublicKeyCredential::rawId): Deleted.
        (WebCore::PublicKeyCredential::response): Deleted.
        (WebCore::PublicKeyCredential::getClientExtensionResults): Deleted.
        * Modules/webauthn/PublicKeyCredential.h:
        * Modules/webauthn/PublicKeyCredential.idl:
        * Modules/webauthn/PublicKeyCredentialCreationOptions.h:
        (): Deleted.
        * Modules/webauthn/PublicKeyCredentialDescriptor.h:
        * Modules/webauthn/PublicKeyCredentialDescriptor.idl:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSAuthenticatorResponseCustom.cpp: Copied from Source/WebCore/Modules/webauthn/AuthenticatorAttestationResponse.cpp.
        (WebCore::toJSNewlyCreated):
        (WebCore::toJS):
        * bindings/js/JSBasicCredentialCustom.cpp: Copied from Source/WebCore/Modules/webauthn/AuthenticatorResponse.cpp.
        (WebCore::toJSNewlyCreated):
        (WebCore::toJS):
        * bindings/js/JSBindingsAllInOne.cpp:

2018-01-22  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] Support font collections
        https://bugs.webkit.org/show_bug.cgi?id=181826
        <rdar://problem/36455137>

        Reviewed by Dean Jackson.

        Use the CoreText call CTFontManagerCreateFontDescriptorsFromData() to get all the descriptors inside
        the collection file. We select which one by using the fragment identifier at the end of the url linking
        to the remote font. For example, to select the 4th font inside a TTC file, the @font-face block would
        look like:

        @font-face {
            font-family: "MyFont";
            src: url("path/to/font.ttc#4");
        }

        Note that these numbers are 1-indexed.

        The CSS Fonts spec states:
        > Fragment identifiers are used to indicate which font to load. If a container format lacks a defined
        > fragment identifier scheme, implementations should use a simple 1-based indexing scheme (e.g.
        > "font-collection#1" for the first font, "font-collection#2" for the second font).

        Not only are TTC font collections supported, but WOFF2 font collections are also supported, which is
        increasingly important web standard.

        No new tests because I don't have a font collection file with the appropriate license for the
        WebKit repository. I tested manually.

        * css/CSSFontFaceSource.cpp:
        (WebCore::CSSFontFaceSource::load):
        * loader/cache/CachedFont.cpp:
        (WebCore::CachedFont::calculateIndex const):
        (WebCore::CachedFont::ensureCustomFontData):
        (WebCore::CachedFont::createCustomFontData):
        * loader/cache/CachedFont.h:
        * platform/graphics/cairo/FontCustomPlatformData.h:
        * platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp:
        (WebCore::createFontCustomPlatformData):
        * platform/graphics/mac/FontCustomPlatformData.cpp:
        (WebCore::createFontCustomPlatformData):
        * platform/graphics/mac/FontCustomPlatformData.h:
        * platform/graphics/win/FontCustomPlatformData.cpp:
        (WebCore::createFontCustomPlatformData):
        * platform/graphics/win/FontCustomPlatformData.h:
        * platform/graphics/win/FontCustomPlatformDataCairo.cpp:
        (WebCore::createFontCustomPlatformData):

2018-01-22  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r227011): fast/frames/hidpi-position-iframe-on-device-pixel.html times out
        https://bugs.webkit.org/show_bug.cgi?id=181959

        Reviewed by Zalan Bujtas.

        This test creates 300 iframes, which became slow after r227011 because they all became part
        of the non-fast scrollable region, slowing down ScrollingCoordinator::absoluteEventTrackingRegionsForFrame().

        Fix by not adding non-scrollable iframes, and making FrameView::isScrollable() more efficient for frames
        that have not done layout yet.

        * page/FrameView.cpp:
        (WebCore::FrameView::isScrollable):
        (WebCore::FrameView::addChild):

2018-01-22  Dan Bernstein  <mitz@apple.com>

        Fixed building for macOS 10.12 with the macOS 10.13 SDK after r227156.

        * Configurations/WebCore.xcconfig:

2018-01-22  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r226981): ASSERTION FAILED: startY >= 0 && endY <= height && startY < endY in WebCore::FEMorphology::platformApplyGeneric
        https://bugs.webkit.org/show_bug.cgi?id=181836

        Reviewed by Tim Horton.
        
        All the filters that use ParallelJobs<> has the same type of bug where very wide but not tall
        filter regions could result in computing an optimalThreadNumber that was greater than the
        number of rows to process, which resulted in jobs with zero rows to process.

        Since we split the work by rows, cap the maximum number of threads to height/8 so that each job
        has at least 8 rows of pixels to process. Add some assertions to detect jobs with zero rows.

        FEMorphology was also using implicit float -> int conversion to detect integer overflow of radius,
        so change that to use explicit clamping.
        
        Tests: svg/filters/feLighting-parallel-jobs.svg
               svg/filters/feTurbulence-parallel-jobs-wide.svg

        * platform/graphics/filters/FELighting.cpp:
        (WebCore::FELighting::platformApplyGenericPaint):
        (WebCore::FELighting::platformApplyGeneric):
        * platform/graphics/filters/FEMorphology.cpp:
        (WebCore::FEMorphology::platformApplyGeneric):
        (WebCore::FEMorphology::platformApply):
        (WebCore::FEMorphology::platformApplyDegenerate):
        (WebCore::FEMorphology::platformApplySoftware):
        * platform/graphics/filters/FETurbulence.cpp:
        (WebCore::FETurbulence::fillRegion const):
        (WebCore::FETurbulence::platformApplySoftware):

2018-01-22  Eric Carlson  <eric.carlson@apple.com>

        Resign NowPlaying status when no media element is eligible
        https://bugs.webkit.org/show_bug.cgi?id=181914
        <rdar://problem/35294116>

        Reviewed by Jer Noble.

        No new tests, these changes prevent existing tests from crashing.

        * html/HTMLMediaElement.h:
        * html/MediaElementSession.cpp:
        (WebCore::MediaElementSession::playbackPermitted const): Return early when the media 
        element has been suspended.
        (WebCore::MediaElementSession::canShowControlsManager const): Return false when the
        media element has been suspended.
        (WebCore::isMainContentForPurposesOfAutoplay): Return early if it isn't safe to update
        style because HitTest can force a layout.
        (WebCore::MediaElementSession::updateIsMainContent const): Ditto.

2018-01-22  Alex Christensen  <achristensen@webkit.org>

        Begin removing QTKit code
        https://bugs.webkit.org/show_bug.cgi?id=181951

        Reviewed by Jer Noble.

        QTKit was being used on El Capitan and before.

        * Configurations/WebCore.xcconfig:
        * SourcesMac.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::buildMediaEnginesVector):
        (WebCore::MediaPlayer::supportsType):
        * platform/graphics/mac/MediaPlayerPrivateQTKit.h: Removed.
        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm: Removed.
        * platform/graphics/mac/MediaTimeQTKit.h: Removed.
        * platform/graphics/mac/MediaTimeQTKit.mm: Removed.
        * platform/mac/WebVideoFullscreenController.mm:
        (-[WebVideoFullscreenController setVideoElement:]):
        (-[WebVideoFullscreenController updatePowerAssertions]):

2018-01-22  Per Arne Vollan  <pvollan@apple.com>

        [Win] Null pointer crash under WebCore::RenderStyle::colorIncludingFallback.
        https://bugs.webkit.org/show_bug.cgi?id=181801
        <rdar://problem/35614900>

        Reviewed by Brent Fulgham.

        Do not paint synchronously when popup items have been added or changed while the popup is visible.
        If new popup items have been added after the popup was shown, a synchronous paint operation will
        possibly access their style before it is ready, leading to a null pointer crash. The invalidated
        area will be painted asynchronously.

        No new tests. To reproduce this crash, it is necessary to open a popup with JavaScript, add new
        popup items, and then end the test. Opening the popup can be done by sending a mousedown event
        with the eventsender. However, on Windows the mousedown event is sent synchronously, and will
        block as long as the popup is open and running the popup event loop. This means no JS can be
        executed until the popup is closed, causing the test to always time out before new popup items
        can be added. I have verified the fix with a manual test case.

        * platform/win/PopupMenuWin.cpp:
        (WebCore::PopupMenuWin::updateFromElement):

2018-01-22  Chris Dumez  <cdumez@apple.com>

        RELEASE_ASSERT(registration) hit in SWServer::installContextData(const ServiceWorkerContextData&)
        https://bugs.webkit.org/show_bug.cgi?id=181941
        <rdar://problem/36744892>

        Reviewed by Youenn Fablet.

        Make sure we clear SWServer::m_pendingContextDatas & SWServer::m_pendingJobs as needed
        when clearing Website data. Otherwise, we will hit assertion when those gets processed
        after the connection to the SW process has been established (not to mentioned we failed
        to clear some in-memory data even though the user asked us to).

        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::clearAll):
        (WebCore::SWServer::clear):

2018-01-22  Ryosuke Niwa  <rniwa@webkit.org>

        Blob conversion and sanitization doesn't work with Microsoft Word for Mac 2011
        https://bugs.webkit.org/show_bug.cgi?id=181616
        <rdar://problem/36484908>

        Reviewed by Wenson Hsieh.

        The bug was caused by WebContentReader::readHTML and WebContentMarkupReader::readHTML not sanitizing plain HTML string
        as done for web archives even when custom pasteboard data is enabled. Fixed the bug by doing the sanitization.

        Unfortunately, we can't make file URLs available in this case because WebContent process doesn't have sandbox extensions
        to access local files referenced by the HTML source in the clipboard, and we can't make WebContent process request for
        a sandbox extension¸on an arbitrary local file, as it would defeat the whole point of sandboxing.

        Instead, we strip away all HTML attributes referencing a URL whose scheme is not HTTP, HTTPS, or data when sanitizing
        text/html from the clipboard to avoid exposing local file paths, which can reveal privacy & security sensitive data
        such as the user's full name, and the location of private containers of other applications in the system.

        Tests: PasteHTML.DoesNotSanitizeHTMLWhenCustomPasteboardDataIsDisabled
               PasteHTML.DoesNotStripFileURLsWhenCustomPasteboardDataIsDisabled
               PasteHTML.ExposesHTMLTypeInDataTransfer
               PasteHTML.KeepsHTTPURLs
               PasteHTML.SanitizesHTML
               PasteHTML.StripsFileURLs

        * editing/cocoa/WebContentReaderCocoa.mm:
        (WebCore::WebContentReader::readHTML): Fixed the bug by sanitizing the markup, and stripping away file URLs.
        (WebCore::WebContentMarkupReader::readHTML): Ditto.
        * editing/markup.cpp:
        (WebCore::removeSubresourceURLAttributes): Added.
        (WebCore::sanitizeMarkup): Added.
        * editing/markup.h:

2018-01-22  Chris Dumez  <cdumez@apple.com>

        Add release logging to help debug issues related to service workers
        https://bugs.webkit.org/show_bug.cgi?id=181935
        <rdar://problem/36735900>

        Reviewed by Brady Eidson.

        * workers/service/ServiceWorker.cpp:
        (WebCore::ServiceWorker::ServiceWorker):
        (WebCore::ServiceWorker::scheduleTaskToUpdateState):
        (WebCore::ServiceWorker::postMessage):
        (WebCore::ServiceWorker::isAlwaysOnLoggingAllowed const):
        * workers/service/ServiceWorker.h:
        * workers/service/ServiceWorkerContainer.cpp:
        (WebCore::ServiceWorkerContainer::addRegistration):
        (WebCore::ServiceWorkerContainer::removeRegistration):
        (WebCore::ServiceWorkerContainer::updateRegistration):
        (WebCore::ServiceWorkerContainer::jobFailedWithException):
        (WebCore::ServiceWorkerContainer::jobResolvedWithRegistration):
        (WebCore::ServiceWorkerContainer::jobResolvedWithUnregistrationResult):
        (WebCore::ServiceWorkerContainer::startScriptFetchForJob):
        (WebCore::ServiceWorkerContainer::jobFinishedLoadingScript):
        (WebCore::ServiceWorkerContainer::jobFailedLoadingScript):
        (WebCore::ServiceWorkerContainer::isAlwaysOnLoggingAllowed const):
        * workers/service/ServiceWorkerContainer.h:
        * workers/service/ServiceWorkerRegistration.cpp:
        (WebCore::ServiceWorkerRegistration::ServiceWorkerRegistration):
        (WebCore::ServiceWorkerRegistration::updateStateFromServer):
        (WebCore::ServiceWorkerRegistration::scheduleTaskToFireUpdateFoundEvent):
        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::scriptContextFailedToStart):
        (WebCore::SWServer::didFinishInstall):
        (WebCore::SWServer::didFinishActivation):
        (WebCore::SWServer::terminateWorkerInternal):
        * workers/service/server/SWServerJobQueue.cpp:
        (WebCore::SWServerJobQueue::didResolveRegistrationPromise):
        (WebCore::SWServerJobQueue::runRegisterJob):

2018-01-22  Youenn Fablet  <youenn@apple.com>

        Safari Tech Preview can't use GitHub login at forums.swift.org
        https://bugs.webkit.org/show_bug.cgi?id=181908
        <rdar://problem/36715111>

        Reviewed by Chris Dumez.

        Test: http/wpt/service-workers/navigation-redirect.https.html

        For subresource loads, redirections will not change who is in charge of continuing the load (service worker or network process).
        For navigation loads, we need to match the registration for every redirection since this is using the Manual redirect mode.
        This allows starting the load with a service worker and finishing the load with another service worker, which will become the controller.

        Implement this by wrapping the registration matching of an URL within DocumentLoader::matchRegistration.
        Use that method in DocumentLoader::redirectReceived.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::matchRegistration):
        (WebCore::doRegistrationsMatch):
        (WebCore::DocumentLoader::redirectReceived):
        (WebCore::DocumentLoader::startLoadingMainResource):
        * loader/DocumentLoader.h:

2018-01-22  Antti Koivisto  <antti@apple.com>

        REGRESSION (Safari 11): Buttons inside a fieldset legend cannot be clicked on in Safari 11
        https://bugs.webkit.org/show_bug.cgi?id=179666
        <rdar://problem/35534292>

        Reviewed by Zalan Bujtas.

        The legend element of a fieldset is in the border area, outside the clip rect.
        With overflow:hidden mouse events won't reach it.

        Test case by Dhaya Benmessaoud.

        Test: fast/forms/legend-overflow-hidden-hit-test.html

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::nodeAtPoint):
        (WebCore::RenderBlock::hitTestExcludedChildrenInBorder):

        Add a special case to hit testing to handle legend, similarly to what is done for painting.

        * rendering/RenderBlock.h:

2018-01-22  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: Implement support for Graphics ARIA roles
        https://bugs.webkit.org/show_bug.cgi?id=181796

        Reviewed by Chris Fleizach.

        Add mappings for the three new roles (graphics-document, graphics-object,
        and graphics-symbol) as per the Graphics Accessibility API Mappings spec.

        No new tests; instead, new test cases added to roles-computedRoleString.html
        and roles-exposed.html.

        * accessibility/AccessibilityObject.cpp:
        (WebCore::initializeRoleMap):
        (WebCore::AccessibilityObject::computedRoleString const):
        * accessibility/AccessibilityObject.h:
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (atkRole):
        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper determineIsAccessibilityElement]):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (createAccessibilityRoleMap):
        (-[WebAccessibilityObjectWrapper subrole]):
        (-[WebAccessibilityObjectWrapper roleDescription]):

2018-01-22  Antti Koivisto  <antti@apple.com>

        REGRESSION(r224535): Can't write reviews in the App Store
        https://bugs.webkit.org/show_bug.cgi?id=181936
        <rdar://problem/36670246>

        Reviewed by Zalan Bujtas.

        * page/LayoutContext.cpp:
        (WebCore::LayoutContext::updateStyleForLayout):

        r224535 was about media queries but it also removed a seemingly spurious call to SyleScope::didChangeStyleSheetEnvironment
        from the path that does not involve media queries.
        Turns out UITextContentView somehow depended on it, so revert this specific change.

2018-01-22  Brady Eidson  <beidson@apple.com>

        In WebKit2, make the MessagePortChannelRegistry live in the UI process.
        https://bugs.webkit.org/show_bug.cgi?id=181922

        Reviewed by Andy Estes.

        No new tests (Refactor, no behavior change)

        Add encoder/decoders and EXPORT a whole bunch of stuff.
        
        * WebCore.xcodeproj/project.pbxproj:

        * dom/MessagePort.h:

        * dom/messageports/MessagePortChannel.cpp:
        (WebCore::MessagePortChannel::processForPort):
        * dom/messageports/MessagePortChannel.h:

        * dom/messageports/MessagePortChannelProvider.h:
        * dom/messageports/MessagePortChannelRegistry.h:

        * dom/messageports/MessageWithMessagePorts.h:
        (WebCore::MessageWithMessagePorts::encode const):
        (WebCore::MessageWithMessagePorts::decode):

2018-01-22  Youenn Fablet  <youenn@apple.com>

        Fetch Headers from an Opaque response should be filtered out
        https://bugs.webkit.org/show_bug.cgi?id=181926

        Reviewed by Chris Dumez.

        Covered by updated test.

        Refactor to use the same FetchResponse::create for Cache API and cloning.
        In this method, ensure that response and headers are filtered correctly according response tainting.
        Make also sure that synthetic responses do not get filtered (not needed since created by JavaScript).

        Introduce helper routine to set the header map of a resource response.
        Use this routine when cloning a synthetic response as in that case, m_internalResponse has no header at all.

        * Modules/cache/DOMCache.cpp:
        (WebCore::DOMCache::updateRecords):
        * Modules/fetch/FetchResponse.cpp:
        (WebCore::FetchResponse::create):
        (WebCore::FetchResponse::clone):
        * Modules/fetch/FetchResponse.h:
        * platform/network/ResourceResponseBase.cpp:
        (WebCore::ResourceResponseBase::setHTTPHeaderFields):
        * platform/network/ResourceResponseBase.h:
        * testing/ServiceWorkerInternals.cpp:
        (WebCore::ServiceWorkerInternals::createOpaqueWithBlobBodyResponse):

2018-01-22  Javier Fernandez  <jfernandez@igalia.com>

        [css-align] 'overflow' keyword must precede the self-position and content-position value
        https://bugs.webkit.org/show_bug.cgi?id=181793

        Reviewed by Antti Koivisto.

        There were several discussions to avoid ambiguities with the complex
        values, specially when it comes to define the place-xxx shorthands.

        One of the sources of problems is the 'overflow-position' keyword. The
        CSS WG has decided to change the syntax of all the CSS Box Alignment
        properties so that the 'overflow-position' keyword always precede the
        'self-position' or the 'content-position' keywords.

        https://github.com/w3c/csswg-drafts/issues/1446#event-1125715434

        In order to apply this change to the Content Distribution properties'
        (align-content and justify-content) syntax I had to completely
        re-implement their parsing function. Thanks to this I addressed also
        the issue with the content-distribution fallback, which cannot be
        specified explicitly now.

        https://github.com/w3c/csswg-drafts/issues/1002#ref-commit-c38cac4

        No new tests, just rebaselined the expected results of the test cases affected.

        Despite the so many layout tests affected by this change, it's
        unlikely that it might break any content in current web
        sites. This patch changes the new CSS syntax, obviously backward
        compatible, defined by the new CSS Box Alignment. The
        'overflow-position' keyword is only used by the layout models
        implementing the new spec, so far only CSS Grid Layout.
        Considering that CSS Grid has been shipped last year, it's unlikely
        that many sites are using the new CSS values.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::valueForItemPositionWithOverflowAlignment):
        (WebCore::valueForContentPositionAndDistributionWithOverflowAlignment):
        * css/CSSContentDistributionValue.cpp:
        (WebCore::CSSContentDistributionValue::customCSSText const):
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertSelfOrDefaultAlignmentData):
        * css/parser/CSSPropertyParser.cpp:
        (WebCore::consumeOverflowPositionKeyword):
        (WebCore::consumeContentPositionKeyword):
        (WebCore::consumeContentDistributionOverflowPosition):
        (WebCore::consumeSelfPositionOverflowPosition):

2018-01-22  Chris Nardi  <csnardi1@gmail.com>

        Parse calc() in CSS media queries
        https://bugs.webkit.org/show_bug.cgi?id=181716

        calc() was previously unsupported inside of media queries. This change
        adds in support for parsing calc inside of media queries.

        Reviewed by Antti Koivisto.

        Tests: Imported web-platform-tests/css/mediaqueries

        * css/MediaQueryExpression.cpp:
        (WebCore::featureWithValidIdent): Updated function to take a CSSPrimitiveValue.
        (WebCore::featureWithValidDensity): Updated function to take a CSSPrimitiveValue instead of a CSSParserToken.
        (WebCore::featureWithValidPositiveLength): Ditto.
        (WebCore::featureExpectingPositiveInteger): Ditto.
        (WebCore::featureWithPositiveInteger): Ditto.
        (WebCore::featureWithPositiveNumber): Ditto.
        (WebCore::featureWithZeroOrOne): Ditto.
        (WebCore::MediaQueryExpression::MediaQueryExpression): Use CSSPropertyParserHelpers for consuming.
        * css/MediaQueryExpression.h:
        * css/parser/CSSPropertyParserHelpers.cpp:
        (WebCore::CSSPropertyParserHelpers::consumeResolution): Added function for use in media query expression parsing.
        * css/parser/CSSPropertyParserHelpers.h:
        * css/parser/MediaQueryParser.cpp:
        (WebCore::MediaQueryParser::readRestrictor): Updated functions to take a CSSParserTokenRange in order to use CSSPropertyParserHelpers.
        (WebCore::MediaQueryParser::readMediaNot): Ditto.
        (WebCore::MediaQueryParser::readMediaType): Ditto.
        (WebCore::MediaQueryParser::readAnd): Ditto.
        (WebCore::MediaQueryParser::readFeatureStart): Ditto.
        (WebCore::MediaQueryParser::readFeature): Ditto.
        (WebCore::MediaQueryParser::readFeatureColon): Ditto.
        (WebCore::MediaQueryParser::readFeatureValue): Ditto.
        (WebCore::MediaQueryParser::readFeatureEnd): Ditto.
        (WebCore::MediaQueryParser::skipUntilComma): Ditto.
        (WebCore::MediaQueryParser::skipUntilBlockEnd): Ditto.
        (WebCore::MediaQueryParser::processToken): Ditto.
        (WebCore::MediaQueryParser::parseInternal): Ditto.
        (WebCore::MediaQueryData::clear): Removed reference to m_valueList
        (WebCore::MediaQueryData::addExpression): Use CSSParserTokenRange.
        (WebCore::MediaQueryData::lastExpressionValid): New helper function.
        (WebCore::MediaQueryData::removeLastExpression): New helper function.
        * css/parser/MediaQueryParser.h:

2018-01-22  Zan Dobersek  <zdobersek@igalia.com>

        [Cairo] Refactor PlatformContextCairo::drawSurfaceToContext() into a Cairo operation
        https://bugs.webkit.org/show_bug.cgi?id=181930

        Reviewed by Carlos Garcia Campos.

        Move the PlatformContextCairo::drawSurfaceToContext() code into the
        Cairo namespace as an operation, renaming it to drawSurface(). Mirroring
        other operations, the PlatformContextCairo object is now passed through
        a reference as the first argument to the function, and cairo_t context
        object is retrieved from that.

        Call sites of the PlatformContextCairo::drawSurfaceToContext() method
        are adjusted to now call Cairo::drawSurface() and properly pass the
        PlatformContextCairo object to the function.

        No new tests -- no change in functionality.

        * platform/graphics/cairo/CairoOperations.cpp:
        (WebCore::Cairo::prepareForStroking): Make this static.
        (WebCore::Cairo::drawPatternToCairoContext):
        (WebCore::Cairo::drawNativeImage):
        (WebCore::Cairo::drawSurface):
        * platform/graphics/cairo/CairoOperations.h:
        * platform/graphics/cairo/PlatformContextCairo.cpp:
        (WebCore::drawPatternToCairoContext): Deleted.
        (WebCore::PlatformContextCairo::drawSurfaceToContext): Deleted.
        * platform/graphics/cairo/PlatformContextCairo.h:
        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:
        (WebCore::MediaPlayerPrivateMediaFoundation::Direct3DPresenter::paintCurrentFrame):

2018-01-22  Manuel Rego Casasnovas  <rego@igalia.com>

        [css-grid] Spanning Grid item has too much space at the bottom / is too high
        https://bugs.webkit.org/show_bug.cgi?id=181677

        Reviewed by Javier Fernandez.

        In IndefiniteSizeStrategy::findUsedFlexFraction() we were not
        subtracting the size of the gutters when we call findFrUnitSize().
        If an item spans several tracks, we cannot pass the maxContentForChild()
        directly, we need to subtract the gutters as they are treated
        as fixed size tracks in the algorithm.

        The spec text is pretty clear regarding this
        (https://drafts.csswg.org/css-grid/#algo-find-fr-size):
        "Let leftover space be the space to fill minus the base sizes
         of the non-flexible grid tracks."

        Gutters are treated as fixed-size tracks for the purpose
        of the track sizing algorithm, so we need to subtract them from the
        leftover space while finding the size of an "fr".

        Tests: imported/w3c/web-platform-tests/css/css-grid/layout-algorithm/grid-find-fr-size-gutters-001.html
               imported/w3c/web-platform-tests/css/css-grid/layout-algorithm/grid-find-fr-size-gutters-002.html

        * rendering/GridTrackSizingAlgorithm.cpp:
        (WebCore::GridTrackSizingAlgorithm::findFrUnitSize const):
        (WebCore::IndefiniteSizeStrategy::findUsedFlexFraction const):

2018-01-21  Ryosuke Niwa  <rniwa@webkit.org>

        Turning off custom pasteboard data doesn't actually turn it off in WK2
        https://bugs.webkit.org/show_bug.cgi?id=181920
        <rdar://problem/36686429>

        Reviewed by Wenson Hsieh.

        Replaced the global settings for custom pasteboard data by regular runtime enabled flags.

        * dom/DataTransfer.cpp:
        (WebCore::DataTransfer::getDataForItem const):
        (WebCore::DataTransfer::shouldSuppressGetAndSetDataToAvoidExposingFilePaths const):
        (WebCore::DataTransfer::setDataFromItemList):
        (WebCore::DataTransfer::types const):
        (WebCore::DataTransfer::commitToPasteboard):
        * dom/DataTransferItemList.cpp:
        (WebCore::shouldExposeTypeInItemList):
        * editing/Editor.cpp:
        (WebCore::createDataTransferForClipboardEvent):
        * editing/cocoa/WebContentReaderCocoa.mm:
        (WebCore::createFragmentAndAddResources):
        (WebCore::WebContentReader::readWebArchive):
        * page/DeprecatedGlobalSettings.cpp:
        (WebCore::DeprecatedGlobalSettings::defaultCustomPasteboardDataEnabled): Deleted.
        * page/DeprecatedGlobalSettings.h:
        (WebCore::DeprecatedGlobalSettings::setCustomPasteboardDataEnabled): Deleted.
        (WebCore::DeprecatedGlobalSettings::customPasteboardDataEnabled): Deleted.
        * page/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::setCustomPasteboardDataEnabled):
        (WebCore::RuntimeEnabledFeatures::customPasteboardDataEnabled const):
        * testing/InternalSettings.cpp:
        (WebCore::InternalSettings::Backup::Backup):
        (WebCore::InternalSettings::Backup::restoreTo):
        (WebCore::InternalSettings::setCustomPasteboardDataEnabled):

2018-01-21  Wenson Hsieh  <wenson_hsieh@apple.com>

        Add a new feature flag for EXTRA_ZOOM_MODE and reintroduce AdditionalFeatureDefines.h
        https://bugs.webkit.org/show_bug.cgi?id=181918

        Reviewed by Tim Horton.

        Add EXTRA_ZOOM_MODE to FeatureDefines.xconfig (off by default). No change in behavior.

        * Configurations/FeatureDefines.xcconfig:

2018-01-19  Ryosuke Niwa  <rniwa@webkit.org>

        Release assertion in canExecuteScript when executing scripts during page cache restore
        https://bugs.webkit.org/show_bug.cgi?id=181902

        Reviewed by Antti Koivisto.

        The crash was caused by an erroneous instantiation of ScriptDisallowedScope::InMainThread in CachedPage::restore.
        It can execute arbitrary scripts since CachedFrame::open can update style, layout, and evaluate media queries.

        This is fine because there is no way to put this page back into a page cache until the load is commited via
        FrameLoader::commitProvisionalLoad is invoked later which only happens after CachedPage::restore had exited.

        Also added a release assert to make sure this condition holds.

        Tests: fast/history/page-cache-execute-script-during-restore.html
               fast/history/page-cache-navigate-during-restore.html

        * history/CachedPage.cpp:
        (WebCore::CachedPageRestorationScope::CachedPageRestorationScope): Added.
        (WebCore::CachedPageRestorationScope::~CachedPageRestorationScope): Added.
        (WebCore::CachedPage::restore): Don't instantiate ScriptDisallowedScope::InMainThread. Set isRestoringCachedPage
        on the cached pate to release-assert that there won't be any attempt to put this very page back into the cache.
        * history/PageCache.cpp:
        (WebCore::canCachePage): Added a release assert to make sure the page which is in the process of being restored
        from the page cache is not put into the page cache.
        * page/Page.h:
        (WebCore::Page::setIsRestoringCachedPage): Added.
        (WebCore::Page::isRestoringCachedPage const): Added.

2018-01-21  Eric Carlson  <eric.carlson@apple.com>

        Resign NowPlaying status when no media element is eligible
        https://bugs.webkit.org/show_bug.cgi?id=181914
        <rdar://problem/35294116>

        Reviewed by Jer Noble.

        Updated API test.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::removedFromAncestor): Call mediaSession->clientCharacteristicsChanged
        so NowPlaying status will be updated.

        * html/MediaElementSession.cpp:
        (WebCore::MediaElementSession::canShowControlsManager const): Return false when being queried
        for NowPlaying status in an inactive document.

        * platform/audio/PlatformMediaSessionManager.cpp:
        (WebCore::PlatformMediaSessionManager::updateNowPlayingInfoIfNecessary): Implement in for all
        ports.
        * platform/audio/PlatformMediaSessionManager.h:
        (WebCore::PlatformMediaSessionManager::registeredAsNowPlayingApplication const):
        * platform/audio/ios/MediaSessionManagerIOS.h:
        * platform/audio/mac/MediaSessionManagerMac.h:
        * platform/audio/mac/MediaSessionManagerMac.mm:
        (WebCore::MediaSessionManagerMac::updateNowPlayingInfo): Call MRMediaRemoteSetCanBeNowPlayingApplication
        whenever status changes.
        (WebCore::PlatformMediaSessionManager::updateNowPlayingInfoIfNecessary): Deleted, implemented
        in the base class.

2018-01-21  Jer Noble  <jer.noble@apple.com>

        REGRESSION (macOS 10.13.2): imported/w3c/web-platform-tests/media-source/mediasource-* LayoutTests failing
        https://bugs.webkit.org/show_bug.cgi?id=181891

        Reviewed by Eric Carlson.

        In macOS 10.13.2, CoreMedia changed the definition of CMSampleBufferGetDuration() to return
        the presentation duration rather than the decode duration. For media streams where those two
        durations are identical (or at least, closely similar), this isn't a problem. But the media
        file used in the WPT tests have an unusual frame cadence: decode durations go {3000, 1, 5999,
        1, 5999,...} and presentation durations go {3000, 2999, 3000, 2999}. This caused one check in
        the "Coded Frame Processing" algorithm to begin failing, where it checks that the delta
        between the last sample's decode time and the new decode time is no more than 2x as far as
        the last sample's duration. That's not a problem as long as the "duration" is the "decode
        duration" and the samples are all adjacent. Once the "duration" is "presentation duration",
        all the assumptions in the algorithm are invalidated. In the WPT test case, the delta between
        decode times is 5999, and 2 * the presentation duration is 5998, causing all samples up to
        the next sync sample to be dropped.

        To work around this change in behavior, we'll adopt the same technique used by Mozilla's MSE
        implementation, which was done for similar reasons. Rather than track the "last frame duration",
        we'll record the "greatest frame duration", and use actual decode timestamps to derive this
        duration. The "greatest frame duration" field will be reset at the same times as "last frame
        duration", and will be used only in the part of the algorithm that checks for large decode
        timestamp gaps.

        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::TrackBuffer::TrackBuffer):
        (WebCore::SourceBuffer::resetParserState):
        (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample):

2018-01-21  Andy Estes  <aestes@apple.com>

        [ios] LayoutTest imported/w3c/web-platform-tests/payment-request/rejects_if_not_active.https.html is crashing in JSC::JSONParse
        https://bugs.webkit.org/show_bug.cgi?id=177832
        <rdar://problem/34805315>

        Reviewed by Tim Horton.

        Test: http/tests/paymentrequest/rejects_if_not_active.https.html

        * Modules/paymentrequest/PaymentRequest.cpp:
        (WebCore::PaymentRequest::show): Rejected promise if the document is not active.

2018-01-20  Brady Eidson  <beidson@apple.com>

        Make garbage collection of MessagePort objects be asynchronous.
        https://bugs.webkit.org/show_bug.cgi?id=181910

        Reviewed by Andy Estes.

        No new tests (Covered by existing tests, including GC-specific ones).

        The basic premise here is as follows:
        - You can *always* GC a MessagePort that is closed
        - You can *always* GC a MessagePort that has no onmessage handler, as incoming messages cannot 
          possibly revive it.
        - You can GC a MessagePort, even if it has a message handler, as long as there are no messages 
          in flight between it and the remote port, and as long as the remote port is "maybe eligible for GC."
          
        A MessagePort is considered "maybe eligible for GC" once hasPendingActivity is asked once.
        
        A MessagePort loses "maybe eligible for GC" status once it is used for sending or receiving a message.
        
        The changes to MessagePort.cpp implement the above with a tiny little bool-driven state machine.
        * dom/MessagePort.cpp:
        (WebCore::MessagePort::postMessage):
        (WebCore::MessagePort::disentangle):
        (WebCore::MessagePort::registerLocalActivity):
        (WebCore::MessagePort::start):
        (WebCore::MessagePort::close):
        (WebCore::MessagePort::contextDestroyed):
        (WebCore::MessagePort::dispatchMessages):
        (WebCore::MessagePort::hasPendingActivity const):
        (WebCore::MessagePort::isLocallyReachable const):
        (WebCore::MessagePort::addEventListener):
        (WebCore::MessagePort::removeEventListener):
        * dom/MessagePort.h:

        - Remove the lock and any background-thread code paths
        - Add ASSERT(isMainThread())s throughout
        * dom/messageports/MessagePortChannel.cpp:
        (WebCore::MessagePortChannel::MessagePortChannel):
        (WebCore::MessagePortChannel::includesPort):
        (WebCore::MessagePortChannel::entanglePortWithProcess):
        (WebCore::MessagePortChannel::disentanglePort):
        (WebCore::MessagePortChannel::closePort):
        (WebCore::MessagePortChannel::postMessageToRemote):
        (WebCore::MessagePortChannel::takeAllMessagesForPort):
        (WebCore::MessagePortChannel::checkRemotePortForActivity):
        (WebCore::MessagePortChannel::hasAnyMessagesPendingOrInFlight const):
        * dom/messageports/MessagePortChannel.h:
        
        Add a callback for a MessagePortChannel to go ask the remote MessagePort object about local activity:
        * dom/messageports/MessagePortChannelProvider.h:
        * dom/messageports/MessagePortChannelProviderImpl.cpp:
        (WebCore::MessagePortChannelProviderImpl::checkRemotePortForActivity):
        (WebCore::MessagePortChannelProviderImpl::checkProcessLocalPortForActivity):
        (WebCore::MessagePortChannelProviderImpl::hasMessagesForPorts_temporarySync): Deleted.
        * dom/messageports/MessagePortChannelProviderImpl.h:
        
        - Remove the lock and any background-thread code paths
        - Add ASSERT(isMainThread())s throughout
        * dom/messageports/MessagePortChannelRegistry.cpp:
        (WebCore::MessagePortChannelRegistry::messagePortChannelCreated):
        (WebCore::MessagePortChannelRegistry::messagePortChannelDestroyed):
        (WebCore::MessagePortChannelRegistry::didEntangleLocalToRemote):
        (WebCore::MessagePortChannelRegistry::didDisentangleMessagePort):
        (WebCore::MessagePortChannelRegistry::didCloseMessagePort):
        (WebCore::MessagePortChannelRegistry::didPostMessageToRemote):
        (WebCore::MessagePortChannelRegistry::takeAllMessagesForPort):
        (WebCore::MessagePortChannelRegistry::checkRemotePortForActivity):
        (WebCore::MessagePortChannelRegistry::existingChannelContainingPort):
        (WebCore::MessagePortChannelRegistry::hasMessagesForPorts_temporarySync): Deleted.
        * dom/messageports/MessagePortChannelRegistry.h:

2018-01-20  Andy Estes  <aestes@apple.com>

        [Apple Pay] Stop eagerly loading PassKit.framework
        https://bugs.webkit.org/show_bug.cgi?id=181911
        <rdar://problem/36555369>

        Reviewed by Tim Horton.

        r226458 and r226123 added code that caused PassKit.framework to be eagerly loaded when
        initializing a WKWebView. This is costly and should only be done when Apple Pay is first used.

        To avoid eagerly loading PassKit, this patch does two things:

        1. Instead of sending the available payment networks as part of WebPageCreationParameters,
        PaymentCoordinator asks for them using a syncrhonous message the first time they are needed.
        2. Instead of setting the Apple Pay preference to false when PassKit can't be loaded,
        the following API entry points check for a missing PassKit and return false, or throw
        exceptions, or reject promises:
            - ApplePaySession.canMakePayments()
            - ApplePaySession.canMakePaymentsWithActiveCard()
            - ApplePaySession.openPaymentSetup()
            - ApplePaySession.begin()

        No new tests for (1), which causes no change in behavior. (2) was manually verified by
        locally moving aside PassKit.framework, but that's not possible to do in an automated test.

        * Modules/applepay/PaymentCoordinator.cpp:
        (WebCore::PaymentCoordinator::PaymentCoordinator):
        (WebCore::PaymentCoordinator::validatedPaymentNetwork const):
        (WebCore::toHashSet): Deleted.
        * Modules/applepay/PaymentCoordinator.h:
        * Modules/applepay/PaymentCoordinatorClient.h:
        * loader/EmptyClients.cpp:
        * page/MainFrame.cpp:
        (WebCore::MainFrame::MainFrame):

        Removed PaymentCoordinator::m_availablePaymentNetworks and made
        PaymentCoordinator::validatedPaymentNetwork() call
        PaymentCoordinatorClient::validatedPaymentNetwork() instead.

        * page/PageConfiguration.h:

        Removed availablePaymentNetworks from PageConfiguration.

        * testing/Internals.cpp:
        (WebCore::Internals::Internals):
        * testing/MockPaymentCoordinator.cpp:
        (WebCore::MockPaymentCoordinator::validatedPaymentNetwork):
        * testing/MockPaymentCoordinator.h:

        Implemented PaymentCoordinatorClient::validatedPaymentNetwork().

2018-01-20  Jer Noble  <jer.noble@apple.com>

        Release ASSERT when reloading Vimeo page @ WebCore: WebCore::Document::updateLayout
        https://bugs.webkit.org/show_bug.cgi?id=181840
        <rdar://problem/36186214>

        Reviewed by Simon Fraser.

        Test: media/video-fullscreen-reload-crash.html

        Short circuit play() or pause() operations if the document is suspended or stopped.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::playInternal):
        (WebCore::HTMLMediaElement::pauseInternal):

2018-01-20  Youenn Fablet  <youenn@apple.com>

        fetch redirect is incompatible with "no-cors" mode
        https://bugs.webkit.org/show_bug.cgi?id=181866
        <rdar://problem/35827140>

        Reviewed by Chris Dumez.

        Covered by updated tests.

        Return a network error when no-cors mode and redirect mode is manual or error.
        Update preflight implementation to no longer use manual redirect mode to simulate https://fetch.spec.whatwg.org/#http-network-or-cache-fetch.
        Instead implement redirectReceived callback to treat any redirect response as the preflight response.

        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::canRequest):
        * loader/CrossOriginPreflightChecker.cpp:
        (WebCore::CrossOriginPreflightChecker::redirectReceived):
        (WebCore::CrossOriginPreflightChecker::startPreflight):
        * loader/CrossOriginPreflightChecker.h:

2018-01-19  Wenson Hsieh  <wenson_hsieh@apple.com>

        [macOS] [WK2] Drag location is computed incorrectly when dragging content from subframes
        https://bugs.webkit.org/show_bug.cgi?id=181896
        <rdar://problem/35479043>

        Reviewed by Tim Horton.

        In r218837, I packaged most of the information needed to start a drag into DragItem, which is propagated to the client layer
        via the startDrag codepath. However, this introduced a bug in computing the event position and drag location in window
        coordinates. Consider the case where we're determining the drag image offset for a dragged element in a subframe:

        Before the patch, the drag location (which starts out in the subframe's content coordinates) would be converted to root view
        coordinates, which would then be converted to mainframe content coordinates, which would then be converted to window coordinates
        using the mainframe's view. After the patch, we carry out the same math until the last step, where we erroneously use the
        _subframe's_ view to convert to window coordinates from content coordinates. This results in the position of the iframe relative
        to the mainframe being accounted for twice.

        To fix this, we simply use the main frame's view to convert from mainframe content coordinates to window coordinates while
        computing the drag location. As for the event position in window coordinates, this is currently unused by any codepath in WebKit,
        so we can just remove it altogether.

        Since this bug only affects drag and drop in the macOS WebKit2 port, there's currently no way to test this. I'll be using
        <https://bugs.webkit.org/show_bug.cgi?id=181898> to track adding test support for drag and drop on macOS WebKit2. Manually tested
        dragging in both WebKit1 and WebKit2 on macOS. dragLocationInWindowCoordinates isn't used at all for iOS drag and drop.

        * page/DragController.cpp:
        (WebCore::DragController::doSystemDrag):
        * platform/DragItem.h:
        (WebCore::DragItem::encode const):
        (WebCore::DragItem::decode):

2018-01-19  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r227235.

        The test for this change consistently times out on High
        Sierra.

        Reverted changeset:

        "Support for preconnect Link headers"
        https://bugs.webkit.org/show_bug.cgi?id=181657
        https://trac.webkit.org/changeset/227235

2018-01-19  Youenn Fablet  <youenn@apple.com>

        Cache storage errors like Quota should trigger console messages
        https://bugs.webkit.org/show_bug.cgi?id=181879
        <rdar://problem/36669048>

        Reviewed by Chris Dumez.

        Covered by rebased test.

        * Modules/cache/DOMCache.cpp:
        (WebCore::DOMCache::retrieveRecords):
        (WebCore::DOMCache::batchDeleteOperation):
        (WebCore::DOMCache::batchPutOperation):
        * Modules/cache/DOMCacheEngine.cpp:
        (WebCore::DOMCacheEngine::errorToException):
        (WebCore::DOMCacheEngine::logErrorAndConvertToException):
        * Modules/cache/DOMCacheEngine.h:
        * Modules/cache/DOMCacheStorage.cpp:
        (WebCore::DOMCacheStorage::retrieveCaches):
        (WebCore::DOMCacheStorage::doOpen):
        (WebCore::DOMCacheStorage::doRemove):

2018-01-19  Youenn Fablet  <youenn@apple.com>

        Do not go to the storage process when registering a service worker client if there is no service worker registered
        https://bugs.webkit.org/show_bug.cgi?id=181740
        <rdar://problem/36650400>

        Reviewed by Chris Dumez.

        Register a document as service worker client only if there is an existing service worker connection.
        This allows not creating any connection if no service worker is registered.

        Add internals API to test whether a service worker connection was created or not.
        This is used by API tests that cover the changes.

        * dom/Document.cpp:
        (WebCore::Document::privateBrowsingStateDidChange): No need to create a service worker connection if client is not registered yet.
        (WebCore::Document::setServiceWorkerConnection): No need to unregister/register if service worker connection is the same.
        Similarly, if Document is to be destroyed or suspended, we should not register it.
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::commitData):
        * testing/Internals.cpp:
        (WebCore::Internals::hasServiceWorkerConnection):
        * testing/Internals.h:
        * testing/Internals.idl:
        * workers/service/ServiceWorkerProvider.cpp:
        (WebCore::ServiceWorkerProvider::registerServiceWorkerClients):
        * workers/service/ServiceWorkerProvider.h:

2018-01-19  Dean Jackson  <dino@apple.com>

        REGRESSION (r221092): Swipe actions are hard to perform in FastMail app
        https://bugs.webkit.org/show_bug.cgi?id=181817
        <rdar://problem/35274055>

        Add a setting for controlling whether touch listeners are passive
        by default on document/window/body.

        Updated existing test.

        * dom/EventTarget.cpp:
        (WebCore::EventTarget::addEventListener):
        * page/Settings.yaml:

2018-01-19  Daniel Bates  <dabates@apple.com>

        Update frame-ancestor directive to match Content Security Policy Level 3
        https://bugs.webkit.org/show_bug.cgi?id=178891
        <rdar://problem/35209458>

        Reviewed by Alex Christensen.

        Derived from Blink e667cc2e501fabab3605b838e4ee0d642a9c4a59:
        <https://chromium.googlesource.com/chromium/src.git/+/e667cc2e501fabab3605b838e4ee0d642a9c4a59>

        Update frame-ancestor directive to match against the origin of the ancestor document per the
        Content Security Policy Level 3 spec.: <https://w3c.github.io/webappsec-csp/> (15 January 2018).
        Specifically this change in behavior was made to CSP 3 in <https://github.com/w3c/webappsec/issues/311>.
        In earlier versions of the spec, the frame-ancestor directive matched against the URL of the
        ancestor document.

        Disregarding allow-same-origin sandboxed iframes, a document with policy "frame-ancestor 'self'"
        will be blocked from loading in a sandboxed iframe as a result of this change.

        Tests: http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-allow-same-origin-sandboxed-cross-url-allow.html
               http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-sandboxed-cross-url-block.html

        * page/csp/ContentSecurityPolicyDirectiveList.cpp:
        (WebCore::checkFrameAncestors):

2018-01-19  Basuke Suzuki  <Basuke.Suzuki@sony.com>

        [Curl] Add timeout support to XMLHttpRequest
        https://bugs.webkit.org/show_bug.cgi?id=181876

        Reviewed by Alex Christensen 

        * platform/network/ResourceRequestBase.cpp:
        * platform/network/curl/CurlContext.cpp:
        (WebCore::CurlHandle::setTimeout):
        * platform/network/curl/CurlContext.h:
        * platform/network/curl/CurlRequest.cpp:
        (WebCore::CurlRequest::setupTransfer):
        (WebCore::CurlRequest::didCompleteTransfer):
        * platform/network/curl/ResourceError.h:
        * platform/network/curl/ResourceErrorCurl.cpp:
        (WebCore::ResourceError::httpError):

2018-01-19  Yoav Weiss  <yoav@yoav.ws>

        Support for preconnect Link headers
        https://bugs.webkit.org/show_bug.cgi?id=181657

        Reviewed by Darin Adler.

        Move the preconnect functionality into its own function, and
        also call this function when Link headers are processed.

        Test: http/tests/preconnect/link-header-rel-preconnect-http.php

        * loader/LinkLoader.cpp:
        (WebCore::LinkLoader::loadLinksFromHeader): Call preconnectIfNeeded.
        (WebCore::LinkLoader::preconnectIfNeeded): Preconnect to a host functionality moved here.
        (WebCore::LinkLoader::loadLink): Call preconnectIfNeeded.
        * loader/LinkLoader.h:

2018-01-19  Joseph Pecoraro  <pecoraro@apple.com>

        AppCache: Log a Deprecation warning to the Console when AppCache is used
        https://bugs.webkit.org/show_bug.cgi?id=181778

        Reviewed by Alex Christensen.

        * html/HTMLHtmlElement.cpp:
        (WebCore::HTMLHtmlElement::insertedByParser):

2018-01-19  Chris Dumez  <cdumez@apple.com>

        ASSERT(registration || isTerminating()) hit in SWServerWorker::skipWaiting()
        https://bugs.webkit.org/show_bug.cgi?id=181761
        <rdar://problem/36594564>

        Reviewed by Youenn Fablet.

        There is a short period of time, early in the registration process where a
        SWServerWorker object exists for a registration but is not in the registration's
        installing/waiting/active slots yet. As a result, if a registration is cleared
        during this period (for e.g. due to the user clearing all website data), that
        SWServerWorker will not be terminated. We then hit assertion later on when this
        worker is trying to do things (like call skipWaiting).

        To address the issue, we now keep a reference this SWServerWorker on the
        registration, via a new SWServerRegistration::m_preInstallationWorker data member.
        When the registration is cleared, we now take care of terminating this worker.

        No new tests, covered by existing tests that crash flakily in debug builds.

        * workers/WorkerThread.cpp:
        (WebCore::WorkerThread::stop):
        if the mutex is locked, then the worker thread is still starting. We spin the
        runloop and try to stop again later. This avoids the deadlock shown in
        Bug 181763 as the worker thread may need to interact with the main thread
        during startup.

        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::installContextData):
        * workers/service/server/SWServerJobQueue.cpp:
        (WebCore::SWServerJobQueue::scriptContextFailedToStart):
        (WebCore::SWServerJobQueue::install):
        * workers/service/server/SWServerRegistration.cpp:
        (WebCore::SWServerRegistration::~SWServerRegistration):
        (WebCore::SWServerRegistration::setPreInstallationWorker):
        (WebCore::SWServerRegistration::clear):
        * workers/service/server/SWServerRegistration.h:
        (WebCore::SWServerRegistration::preInstallationWorker const):

2018-01-19  Chris Dumez  <cdumez@apple.com>

        Service worker registrations restored from disk may not be reused when the JS calls register() again
        https://bugs.webkit.org/show_bug.cgi?id=181810
        <rdar://problem/36591711>

        Reviewed by Youenn Fablet.

        The issue was that when restoring a registration from disk, we would not set its active worker right
        away. We only set it later in installContextData(). installContextData() is only called after we’ve
        launched the service worker process and established a connection to it.

        However, we would start processing jobs (such as registrations) before we’ve established the connection
        to the service worker process. SWServerJobQueue::runRegisterJob(), in order to reuse an existing
        registration checks the registration’s active worker has the right script URL. The issue was that when
        this code would execute, we may not have set the registration’s active service worker yet, in which case,
        we would update the existing registration instead of reusing it as-is.

        To address the issue, we now delay the processing of jobs until the connection to the service worker
        process has been established and we've installed all pending contexts via installContextData().

        Changed is covered by new API test.

        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::Connection::scheduleJobInServer):
        (WebCore::SWServer::scheduleJob):
        (WebCore::SWServer::serverToContextConnectionCreated):
        * workers/service/server/SWServer.h:

2018-01-19  James Craig  <jcraig@apple.com>

        AX: when invert colors is on, double-invert image and picture elements in UserAgentStyleSheet
        https://bugs.webkit.org/show_bug.cgi?id=181281
        <rdar://problem/36291776>

        Reviewed by Simon Fraser.

        Updated "Smart Invert" to include img and picture element inversion and tests.

        Tests: accessibility/smart-invert-reference.html
               accessibility/smart-invert.html

        * css/html.css:
        (@media (inverted-colors)):
        (img:not(picture>img), picture, video):

2018-01-19  Chris Dumez  <cdumez@apple.com>

        The WebContent process should not process incoming IPC while waiting for a sync IPC reply
        https://bugs.webkit.org/show_bug.cgi?id=181560

        Reviewed by Ryosuke Niwa.

        Add internals API for testing purposes.

        Test: fast/misc/testIncomingSyncIPCMessageWhileWaitingForSyncReply.html

        * page/ChromeClient.h:
        * testing/Internals.cpp:
        (WebCore::Internals::testIncomingSyncIPCMessageWhileWaitingForSyncReply):
        * testing/Internals.h:
        * testing/Internals.idl:

2018-01-19  Keith Miller  <keith_miller@apple.com>

        HaveInternalSDK includes should be "#include?"
        https://bugs.webkit.org/show_bug.cgi?id=179670

        Reviewed by Dan Bernstein.

        * Configurations/Base.xcconfig:

2018-01-19  Daniel Bates  <dabates@apple.com>

        Fix misspelling; substitute willDetachRenderer for willDetatchRenderer.

        * html/HTMLPlugInImageElement.cpp:
        (WebCore::HTMLPlugInImageElement::willDetachRenderers):
        * plugins/PluginViewBase.h:
        (WebCore::PluginViewBase::willDetachRenderer):
        (WebCore::PluginViewBase::willDetatchRenderer): Deleted.

2018-01-19  Jonathan Bedard  <jbedard@apple.com>

        Unreviewed build fix, remove unused lambda captures.

        * dom/messageports/MessagePortChannel.cpp:
        (WebCore::MessagePortChannel::takeAllMessagesForPort):
        * dom/messageports/MessagePortChannelRegistry.cpp:
        (WebCore::MessagePortChannelRegistry::messagePortChannelCreated):

2018-01-19  Antoine Quint  <graouts@apple.com>

        [Web Animations] Expose timing properties (delay, endDelay, fill, iterationStart, iterations, direction) and getComputedTiming()
        https://bugs.webkit.org/show_bug.cgi?id=181857
        <rdar://problem/36660081>

        Reviewed by Dean Jackson.

        We start the work to implement the rest of the Web Animations timing and animation model by exposing more properties on
        AnimationEffectTiming to control delay (delay, endDelay), looping (iterationStart, iterations), fill and direction.
        Additionally, we expose the getComputedTiming() method on AnimationEffect, although it currently lacks some computed
        properties that will come in later patch as we implement various processes defined by the spec. We also update the
        existing duration() method on AnimationEffectTiming to be called iterationDuration() to match the terms used in the
        specification.

        Finally, we make all new properties, and update existing ones, that expose a time value go through the new utility
        function secondsToWebAnimationsAPITime() to guarantee rounded values with microseconds precision, as advised by
        the Web Animations specification.

        * CMakeLists.txt:
        * DerivedSources.make:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * animation/AnimationEffect.cpp:
        (WebCore::AnimationEffect::localTime const):
        (WebCore::AnimationEffect::getComputedTiming):
        * animation/AnimationEffect.h:
        * animation/AnimationEffect.idl:
        * animation/AnimationEffectTiming.cpp:
        (WebCore::AnimationEffectTiming::AnimationEffectTiming):
        (WebCore::AnimationEffectTiming::setIterationStart):
        (WebCore::AnimationEffectTiming::setIterations):
        (WebCore::AnimationEffectTiming::bindingsDuration const):
        (WebCore::AnimationEffectTiming::setBindingsDuration):
        (WebCore::AnimationEffectTiming::endTime const):
        (WebCore::AnimationEffectTiming::activeDuration const):
        * animation/AnimationEffectTiming.h:
        * animation/AnimationEffectTiming.idl:
        * animation/AnimationPlaybackEvent.cpp:
        (WebCore::AnimationPlaybackEvent::bindingsCurrentTime const):
        (WebCore::AnimationPlaybackEvent::bindingsTimelineTime const):
        * animation/AnimationTimeline.cpp:
        (WebCore::AnimationTimeline::bindingsCurrentTime):
        * animation/ComputedTimingProperties.h: Added.
        * animation/ComputedTimingProperties.idl: Added. We set nullable double values to a default value of "null" since
        otherwise setting those properties to a null value would not set the properties in the converted JS dictionary.
        * animation/KeyframeEffect.cpp:
        (WebCore::KeyframeEffect::create): Handle new timing properties passed in the KeyframeEffectOptions dictionary.
        (WebCore::KeyframeEffect::applyAtLocalTime):
        (WebCore::KeyframeEffect::getAnimatedStyle):
        (WebCore::KeyframeEffect::startOrStopAccelerated):
        * animation/WebAnimation.cpp:
        (WebCore::WebAnimation::bindingsStartTime const):
        (WebCore::WebAnimation::bindingsCurrentTime const):
        (WebCore::WebAnimation::effectEndTime const):
        (WebCore::WebAnimation::timeToNextRequiredTick const):
        * animation/WebAnimationUtilities.h: Added.
        (WebCore::secondsToWebAnimationsAPITime):

2018-01-19  Alex Christensen  <achristensen@webkit.org>

        Remove dead networking code
        https://bugs.webkit.org/show_bug.cgi?id=181813

        Reviewed by Tim Horton.

        CFURLConnection is only used on Windows.

        * platform/network/cf/ResourceError.h:
        * platform/network/cf/ResourceRequest.h:
        (WebCore::ResourceRequest::encodingRequiresPlatformData const):
        * platform/network/cf/ResourceRequestCFNet.cpp:
        (WebCore::findCFURLRequestCopyContentDispositionEncodingFallbackArrayFunction):
        (WebCore::ResourceRequest::doUpdatePlatformRequest):
        (WebCore::ResourceRequest::doUpdatePlatformHTTPBody):
        (WebCore::ResourceRequest::doUpdateResourceRequest):
        (WebCore::ResourceRequest::setStorageSession):
        * platform/network/cf/ResourceResponse.h:
        (WebCore::ResourceResponse::ResourceResponse):

2018-01-19  Alex Christensen  <achristensen@webkit.org>

        Remove unused WebViewPrivate _allowCookies
        https://bugs.webkit.org/show_bug.cgi?id=181812

        Reviewed by Tim Horton.

        This SPI was in the original iOS upstreaming and has not been used in many years.

        * platform/network/ResourceRequestBase.cpp:
        (WebCore::ResourceRequestBase::setDefaultAllowCookies): Deleted.
        (WebCore::ResourceRequestBase::defaultAllowCookies): Deleted.
        * platform/network/ResourceRequestBase.h:
        (WebCore::ResourceRequestBase::ResourceRequestBase):

2018-01-18  Brady Eidson  <beidson@apple.com>

        Make in-process MessagePorts be (mostly) asynchronous
        https://bugs.webkit.org/show_bug.cgi?id=181454

        Reviewed by Alex Christensen.

        No new tests (Covered *brutally* by existing tests)

        Part of making MessagePorts be a thing we can pass across processes is making them work async.
        
        The existing "MessagePortChannel" method of abstraction was not cut out for this.
        This patch gets rid of MessagePortChannel and adds a new MessagePortChannelProvider abstraction.
        It then gets the new machinery working in-process (with some pieces of out-of-process in place)

        One synchronous behavior this patch maintains is the hasPendingActivity() check used to support GC.
        That will (creatively) be made async in the next followup.
        
        More generally from MessagePorts, this patch also adds a "MessageWithMessagePorts" object to be used
        with all forms of postMessage(). Much better.
        
        * CMakeLists.txt:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:

        * dom/InProcessMessagePortChannel.cpp: Removed.
        * dom/InProcessMessagePortChannel.h: Removed.
        * dom/MessagePortChannel.cpp: Removed.
        * dom/MessagePortChannel.h: Removed.

        * dom/MessageChannel.cpp:
        (WebCore::MessageChannel::create):
        (WebCore::MessageChannel::MessageChannel):
        (WebCore::m_port2): Deleted.
        * dom/MessageChannel.h:
        (WebCore::MessageChannel::create): Deleted.

        * dom/MessagePort.cpp:
        (WebCore::MessagePort::create):
        (WebCore::MessagePort::MessagePort):
        (WebCore::MessagePort::~MessagePort):
        (WebCore::MessagePort::entangle):
        (WebCore::MessagePort::postMessage):
        (WebCore::MessagePort::disentangle):
        (WebCore::MessagePort::messageAvailable):
        (WebCore::MessagePort::start):
        (WebCore::MessagePort::close):
        (WebCore::MessagePort::contextDestroyed):
        (WebCore::MessagePort::dispatchMessages):
        (WebCore::MessagePort::hasPendingActivity const):
        (WebCore::MessagePort::locallyEntangledPort const):
        (WebCore::MessagePort::disentanglePorts):
        (WebCore::MessagePort::entanglePorts):
        (WebCore::MessagePort::entangleWithRemote): Deleted.
        * dom/MessagePort.h:

        * dom/MessagePortIdentifier.h:
        (WebCore::MessagePortIdentifier::logString const):

        * dom/ScriptExecutionContext.cpp:
        (WebCore::ScriptExecutionContext::processMessageWithMessagePortsSoon):
        (WebCore::ScriptExecutionContext::dispatchMessagePortEvents):
        (WebCore::ScriptExecutionContext::processMessagePortMessagesSoon): Deleted.
        * dom/ScriptExecutionContext.h:

        Add a single object that represents two intertwined ports, tracks their pending
        messages, tracks which process they're in, etc etc:
        * dom/messageports/MessagePortChannel.cpp: Added.
        (WebCore::MessagePortChannel::create):
        (WebCore::MessagePortChannel::MessagePortChannel):
        (WebCore::MessagePortChannel::~MessagePortChannel):
        (WebCore::MessagePortChannel::includesPort):
        (WebCore::MessagePortChannel::entanglePortWithProcess):
        (WebCore::MessagePortChannel::disentanglePort):
        (WebCore::MessagePortChannel::closePort):
        (WebCore::MessagePortChannel::postMessageToRemote):
        (WebCore::MessagePortChannel::takeAllMessagesForPort):
        (WebCore::MessagePortChannel::hasAnyMessagesPendingOrInFlight const):
        * dom/messageports/MessagePortChannel.h: Added.
        (WebCore::MessagePortChannel::port1 const):
        (WebCore::MessagePortChannel::port2 const):
        (WebCore::MessagePortChannel::logString const):

        Abstraction for creating and operating on MessagePorts in a potentially cross-process way:
        * dom/messageports/MessagePortChannelProvider.cpp: Added.
        (WebCore::MessagePortChannelProvider::singleton):
        (WebCore::MessagePortChannelProvider::setSharedProvider):
        * dom/messageports/MessagePortChannelProvider.h: Added.
        (WebCore::MessagePortChannelProvider::~MessagePortChannelProvider):

        Adds a concrete implementation of that provider to be used in-process (e.g. WK1):
        * dom/messageports/MessagePortChannelProviderImpl.cpp: Added.
        (WebCore::MessagePortChannelProviderImpl::~MessagePortChannelProviderImpl):
        (WebCore::MessagePortChannelProviderImpl::performActionOnAppropriateThread):
        (WebCore::MessagePortChannelProviderImpl::createNewMessagePortChannel):
        (WebCore::MessagePortChannelProviderImpl::entangleLocalPortInThisProcessToRemote):
        (WebCore::MessagePortChannelProviderImpl::messagePortDisentangled):
        (WebCore::MessagePortChannelProviderImpl::messagePortClosed):
        (WebCore::MessagePortChannelProviderImpl::postMessageToRemote):
        (WebCore::MessagePortChannelProviderImpl::takeAllMessagesForPort):
        (WebCore::MessagePortChannelProviderImpl::hasMessagesForPorts_temporarySync):
        * dom/messageports/MessagePortChannelProviderImpl.h: Added.

        Adds a main thread object to handle the set of all MessagePortChannels that are open.
        For now it lives in the WebProcess, but for out-of-process it will live in the UIProcess:
        * dom/messageports/MessagePortChannelRegistry.cpp: Added.
        (WebCore::MessagePortChannelRegistry::~MessagePortChannelRegistry):
        (WebCore::MessagePortChannelRegistry::didCreateMessagePortChannel):
        (WebCore::MessagePortChannelRegistry::messagePortChannelCreated):
        (WebCore::MessagePortChannelRegistry::messagePortChannelDestroyed):
        (WebCore::MessagePortChannelRegistry::didEntangleLocalToRemote):
        (WebCore::MessagePortChannelRegistry::didDisentangleMessagePort):
        (WebCore::MessagePortChannelRegistry::didCloseMessagePort):
        (WebCore::MessagePortChannelRegistry::didPostMessageToRemote):
        (WebCore::MessagePortChannelRegistry::takeAllMessagesForPort):
        (WebCore::MessagePortChannelRegistry::hasMessagesForPorts_temporarySync): This is named against style
          and weird on purpose - to call attention to how bad it is and how it's temporary.
        (WebCore::MessagePortChannelRegistry::existingChannelContainingPort):
        * dom/messageports/MessagePortChannelRegistry.h: Added.

        Add an object that represents a "SerializedScriptValue for the message payload and the ports
        that are being transferred along with that payload". This is used in all forms of postMessage():
        * dom/messageports/MessageWithMessagePorts.cpp: Added.
        * dom/messageports/MessageWithMessagePorts.h: Added.

        * page/DOMWindow.cpp:
        (WebCore::PostMessageTimer::PostMessageTimer):
        (WebCore::PostMessageTimer::event):
        (WebCore::DOMWindow::postMessage):

        * platform/Logging.h:

        * workers/DedicatedWorkerGlobalScope.cpp:
        (WebCore::DedicatedWorkerGlobalScope::postMessage):

        * workers/Worker.cpp:
        (WebCore::Worker::postMessage):

        * workers/WorkerGlobalScopeProxy.h:

        * workers/WorkerMessagingProxy.cpp:
        (WebCore::WorkerMessagingProxy::postMessageToWorkerObject):
        (WebCore::WorkerMessagingProxy::postMessageToWorkerGlobalScope):
        * workers/WorkerMessagingProxy.h:

        * workers/WorkerObjectProxy.h:

        * workers/service/ServiceWorker.cpp:
        (WebCore::ServiceWorker::postMessage):

        * workers/service/ServiceWorkerClient.cpp:
        (WebCore::ServiceWorkerClient::postMessage):

        * workers/service/context/SWContextManager.cpp:
        (WebCore::SWContextManager::postMessageToServiceWorker):

        * workers/service/context/ServiceWorkerThread.cpp:
        (WebCore::fireMessageEvent):
        (WebCore::ServiceWorkerThread::postMessageToServiceWorker):
        * workers/service/context/ServiceWorkerThread.h:

2018-01-18  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed build fix, removed unused lambda capture.

        * workers/service/context/SWContextManager.cpp:
        (WebCore::SWContextManager::ServiceWorkerTerminationRequest::ServiceWorkerTerminationRequest):

2018-01-18  Chris Dumez  <cdumez@apple.com>

        We should be able to terminate service workers that are unresponsive
        https://bugs.webkit.org/show_bug.cgi?id=181563
        <rdar://problem/35280031>

        Reviewed by Alex Christensen.

        Test: http/tests/workers/service/postmessage-after-terminating-hung-worker.html

        * workers/service/context/SWContextManager.cpp:
        (WebCore::SWContextManager::terminateWorker):
        Before calling WorkerThread::stop(), set a timer with the given timeout parameter.
        If the worker thread has not stopped when the timer fires, forcefully exit the
        service worker process. The StorageProcess will take care of relaunching the
        service worker process if it exits abruptly.

        (WebCore::SWContextManager::serviceWorkerFailedToTerminate):
        Log error message if we failed to terminate a service worker and call exit().

        (WebCore::SWContextManager::ServiceWorkerTerminationRequest::ServiceWorkerTerminationRequest):

        * workers/service/context/SWContextManager.h:

2018-01-18  Youenn Fablet  <youenn@apple.com>

        Do not go to the storage process when loading a main resource if there is no service worker registered
        https://bugs.webkit.org/show_bug.cgi?id=181395

        Reviewed by Chris Dumez.

        No observable behavior change.
        Instead of creating a connection to know whether there is a potential service worker,
        Ask the service worker provider that will use the connection if needed.
        Otherwise, it will use a default value provided by the UIProcess.

        Tested by cleaning all service workers and checking the computed value of the default value,
        then observing whether pages registering service workers work well.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::startLoadingMainResource):
        * workers/service/ServiceWorkerProvider.cpp:
        (WebCore::ServiceWorkerProvider::mayHaveServiceWorkerRegisteredForOrigin):
        * workers/service/ServiceWorkerProvider.h:

2018-01-18  Dan Bernstein  <mitz@apple.com>

        [Xcode] Streamline and future-proof target-macOS-version-dependent build setting definitions
        https://bugs.webkit.org/show_bug.cgi?id=181803

        Reviewed by Tim Horton.

        * Configurations/Base.xcconfig: Updated.
        * Configurations/DebugRelease.xcconfig: Ditto.
        * Configurations/FeatureDefines.xcconfig: Adopted macOSTargetConditionals helpers.
        * Configurations/Version.xcconfig: Updated.
        * Configurations/macOSTargetConditionals.xcconfig: Added. Defines helper build settings
          useful for defining settings that depend on the target macOS version.

2018-01-18  Chris Dumez  <cdumez@apple.com>

        Service Workers restored from persistent storage have 'redundant' state
        https://bugs.webkit.org/show_bug.cgi?id=181749
        <rdar://problem/36556486>

        Reviewed by Youenn Fablet.

        Tested by new API test.

        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::installContextData):
        Make sure the SWServerWorker's state is set to "activated" after it is assigned to
        the registrations' active slot. Otherwise, it stays in its default state (redundant).

2018-01-18  Antti Koivisto  <antti@apple.com>

        REGRESSION(r225650): The scores of MotionMark tests Multiply and Leaves dropped by 8%
        https://bugs.webkit.org/show_bug.cgi?id=181460
        <rdar://problem/36379776>

        Reviewed by Ryosuke Niwa.

        * css/parser/CSSParser.cpp:
        (WebCore::CSSParserContext::CSSParserContext):

        Don't do the expensive security origin test if the supplied sheet base URL is null. This
        is true for rules coming from the same document.

2018-01-18  Antti Koivisto  <antti@apple.com>

        REGRESSION (r223604): Setting :before/after pseudo element on <noscript> asserts
        https://bugs.webkit.org/show_bug.cgi?id=181795
        <rdar://problem/36334524>

        Reviewed by David Kilzer.

        <noscript> disallows renderer generation outside CSS mechanisms, however we would still construct
        PseudoElements for them during style resolution. These were never removed properly because the
        pseudo element removal was tied to render tree teardown. Without proper removal the associated
        animations were also not canceled.

        Test: fast/css-generated-content/noscript-pseudo-anim-crash.html

        * dom/Element.cpp:
        (WebCore::Element::removedFromAncestor):

        Take care to get rid of PseudoElements when the element is removed from the tree.
        This also cancels any associated animations.

2018-01-18  Chris Fleizach  <cfleizach@apple.com>

        AX: Aria-activedescendant not supported
        https://bugs.webkit.org/show_bug.cgi?id=161734
        <rdar://problem/28202679>

        Reviewed by Joanmarie Diggs.

        When a combo-box owns/controls a list/listbox/grid/tree, the owned element needs to check the active-descendant of the combobox when
        checking if it has selected children. 
        The target of the selection change notification should also be the owned element in these cases.

        Test: accessibility/aria-combobox-controlling-list.html

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::selectedListItem):
        * accessibility/AccessibilityObject.h:
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::targetElementForActiveDescendant const):
        (WebCore::AccessibilityRenderObject::handleActiveDescendantChanged):
        (WebCore::AccessibilityRenderObject::canHaveSelectedChildren const):
        (WebCore::AccessibilityRenderObject::selectedChildren):
        * accessibility/AccessibilityRenderObject.h:
        * accessibility/mac/AXObjectCacheMac.mm:
        (WebCore::AXObjectCache::postPlatformNotification):

2018-01-17  Per Arne Vollan  <pvollan@apple.com>

        REGRESSION (r224780): Text stroke not applied to video captions.
        https://bugs.webkit.org/show_bug.cgi?id=181743
        <rdar://problem/35874338>

        Reviewed by Simon Fraser.

        Tests: media/track/track-css-visible-stroke-expected.html
               media/track/track-css-visible-stroke.html

        After r224780, it is no longer possible to mix text stroke styles with webkit
        legacy text stroke styles.

        * css/StyleResolver.cpp:
        (WebCore::isValidCueStyleProperty):
        * page/CaptionUserPreferencesMediaAF.cpp:
        (WebCore::CaptionUserPreferencesMediaAF::captionsTextEdgeCSS const):

2018-01-18  Andy Estes  <aestes@apple.com>

        [Payment Request] Support a default shipping address for Apple Pay
        https://bugs.webkit.org/show_bug.cgi?id=181754
        <rdar://problem/36009733>

        Reviewed by Brady Eidson.

        Move shippingContact from ApplePayPaymentRequest to ApplePayRequestBase. This allows
        merchants to specify a default shipping address when using Apple Pay with Payment Request.

        This also fixes a bug found during testing where
        +[NSPersonNameComponentsFormatter localizedStringFromPersonNameComponents:style:options:]
        would throw an exception when passed a nil NSPersonNameComponents.

        Test: http/tests/ssl/applepay/ApplePayRequestShippingContact.https.html

        * Modules/applepay/ApplePayPaymentRequest.h:
        * Modules/applepay/ApplePayPaymentRequest.idl:
        * Modules/applepay/ApplePayRequestBase.cpp:
        (WebCore::convertAndValidate):
        * Modules/applepay/ApplePayRequestBase.h:
        * Modules/applepay/ApplePayRequestBase.idl:
        * Modules/applepay/ApplePaySession.cpp:
        (WebCore::convertAndValidate):
        * Modules/applepay/ApplePaySessionPaymentRequest.h:
        (WebCore::ApplePaySessionPaymentRequest::version const):
        (WebCore::ApplePaySessionPaymentRequest::setVersion):
        * Modules/applepay/cocoa/PaymentContactCocoa.mm:
        (WebCore::convert):
        * Modules/applepay/paymentrequest/ApplePayRequest.idl:
        * testing/MockPaymentCoordinator.cpp:
        (WebCore::MockPaymentCoordinator::showPaymentUI):
        (WebCore::MockPaymentCoordinator::completeMerchantValidation):
        * testing/MockPaymentCoordinator.h:

2018-01-18  Wenson Hsieh  <wenson_hsieh@apple.com>

        [iOS] Specify -[NSURL _title] for the associated URL when copying an image element
        https://bugs.webkit.org/show_bug.cgi?id=181783
        <rdar://problem/35785445>

        Reviewed by Ryosuke Niwa.

        Always specify the -[NSURL _title] to be either the title specified in a PasteboardImage's inner PasteboardURL,
        or if no title is specified, fall back to the user-visible URL string. This is because at least one internal
        client always tries to use the -_title property to determine the title of a pasted URL, or if none is specified,
        the -suggestedName. Since we need to set suggestedName to the preferred file name of the copied image and we
        don't want the suggested name to become the title of the link, we need to explicitly set the link title.

        In doing so, this patch also fixes a bug wherein we forget to set the _title of the NSURL we're registering to
        an NSItemProvider.

        Tests:  ActionSheetTests.CopyImageElementWithHREFAndTitle (new)
                ActionSheetTests.CopyImageElementWithHREF (modified)

        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::write):

2018-01-17  Jer Noble  <jer.noble@apple.com>

        WebVTT served via HLS never results in cues
        https://bugs.webkit.org/show_bug.cgi?id=181773

        Reviewed by Eric Carlson.

        Test: http/tests/media/hls/hls-webvtt-tracks.html

        Three independant errors conspired to keep in-band WebVTT samples from parsing:

        - The definition of ISOWebVTTCue::boxTypeName() was incorrect.
        - ISOWebVTTCue::parse() didn't call it's superclass's parse() method (leading to an incorrect size and offset).
        - Use String::fromUTF8() rather than String.adopt(StringVector&&).

        * platform/graphics/iso/ISOVTTCue.cpp:
        (WebCore::ISOWebVTTCue::parse):
        * platform/graphics/iso/ISOVTTCue.h:
        (WebCore::ISOWebVTTCue::boxTypeName):

2018-01-17  John Wilander  <wilander@apple.com>

        Resource Load Statistics: Block cookies for prevalent resources without user interaction
        https://bugs.webkit.org/show_bug.cgi?id=177394
        <rdar://problem/34613960>

        Reviewed by Alex Christensen.

        Tests: http/tests/resourceLoadStatistics/add-blocking-to-redirect.html
               http/tests/resourceLoadStatistics/non-prevalent-resources-can-access-cookies-in-a-third-party-context.html
               http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html
               http/tests/resourceLoadStatistics/remove-partitioning-in-redirect.html

        * platform/network/NetworkStorageSession.h:
            Now exports NetworkStorageSession::nsCookieStorage().
        * platform/network/cf/NetworkStorageSessionCFNet.cpp:
        (WebCore::NetworkStorageSession::setPrevalentDomainsToPartitionOrBlockCookies):
            Fixes the FIXME.

2018-01-17  Dean Jackson  <dino@apple.com>

        Remove linked-on test for Snow Leopard
        https://bugs.webkit.org/show_bug.cgi?id=181770

        Reviewed by Eric Carlson.

        Remove a very old linked-on-or-after test.

        * platform/graphics/ca/GraphicsLayerCA.cpp:

2018-01-17  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r227098.

        This broke the build.

        Reverted changeset:

        "Remove linked-on test for Snow Leopard"
        https://bugs.webkit.org/show_bug.cgi?id=181770
        https://trac.webkit.org/changeset/227098

2018-01-17  Dean Jackson  <dino@apple.com>

        Remove linked-on test for Snow Leopard
        https://bugs.webkit.org/show_bug.cgi?id=181770

        Reviewed by Eric Carlson.

        Remove a very old linked-on-or-after test.

        * platform/graphics/ca/GraphicsLayerCA.cpp:

2018-01-17  Stephan Szabo  <stephan.szabo@sony.com>

        [Curl] Use ResourceRequest::encodeWithPlatformData()
        https://bugs.webkit.org/show_bug.cgi?id=181768

        Reviewed by Alex Christensen.

        No new tests, assertion hit in downstream port, should be covered by
        existing tests.

        * platform/network/curl/ResourceRequest.h:
        (WebCore::ResourceRequest::encodeWithPlatformData const):
        (WebCore::ResourceRequest::decodeWithPlatformData):

2018-01-17  Eric Carlson  <eric.carlson@apple.com>

        Use existing RGB colorspace instead of creating a new one
        https://bugs.webkit.org/show_bug.cgi?id=181765
        <rdar://problem/36595753>

        Reviewed by Dean Jackson.

        * platform/mediastream/mac/ScreenDisplayCaptureSourceMac.mm:
        (WebCore::ScreenDisplayCaptureSourceMac::createDisplayStream): Use sRGBColorSpaceRef instead
        of creating a new static colorspace.

2018-01-17  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r227076.

        This breaks internal builds

        Reverted changeset:

        "Resource Load Statistics: Block cookies for prevalent
        resources without user interaction"
        https://bugs.webkit.org/show_bug.cgi?id=177394
        https://trac.webkit.org/changeset/227076

2018-01-17  Ryosuke Niwa  <rniwa@webkit.org>

        input and textarea elements should reveal selection in setSelection when focused
        https://bugs.webkit.org/show_bug.cgi?id=181715
        <rdar://problem/36570546>

        Reviewed by Zalan Bujtas.

        Made input and textarea elements reveal selection in FrameSelection::setSelection instead of by directly
        invoking FrameSelection::revealSelection in their respective updateFocusAppearance to unify code paths.

        Also added options to reveal selection up to the main frame to SetSelectionOption to be used in iOS.

        * editing/FrameSelection.cpp:
        (WebCore::FrameSelection::FrameSelection):
        (WebCore::FrameSelection::moveWithoutValidationTo): Takes SelectionRevealMode as an argument and converts
        sets appropriate selection options.
        (WebCore::FrameSelection::setSelection): Reconstruct SelectionRevealMode out of selection option sets.
        (WebCore::FrameSelection::updateAndRevealSelection):
        * editing/FrameSelection.h:
        (WebCore::FrameSelection): Added RevealSelectionUpToMainFrame as a SelectionRevealMode and replaced
        m_shouldRevealSelection by m_selectionRevealMode.
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::updateFocusAppearance): Pass SelectionRevealMode to HTMLTextFormControlElement's
        select and restoreCachedSelection instead of directly invoking FrameSelection::revealSelection.
        * html/HTMLTextAreaElement.cpp:
        (WebCore::HTMLTextAreaElement::updateFocusAppearance): Ditto.
        * html/HTMLTextFormControlElement.cpp:
        (WebCore::HTMLTextFormControlElement::select):
        (WebCore::HTMLTextFormControlElement::setSelectionRange):
        (WebCore::HTMLTextFormControlElement::restoreCachedSelection):
        * html/HTMLTextFormControlElement.h:

2018-01-17  Michael Catanzaro  <mcatanzaro@igalia.com>

        WEBKIT_FRAMEWORK should not modify file-global include directories
        https://bugs.webkit.org/show_bug.cgi?id=181656

        Reviewed by Konstantin Tokarev.

        * CMakeLists.txt:
        * PlatformWPE.cmake:

2018-01-17  Michael Catanzaro  <mcatanzaro@igalia.com>

        [GTK] Try even harder not to static link WTF into libwebkit2gtk
        https://bugs.webkit.org/show_bug.cgi?id=181751

        Reviewed by Alex Christensen.

        We don't want two copies of WTF. It should only be in libjavascriptcoregtk.

        * PlatformGTK.cmake:

2018-01-17  Zalan Bujtas  <zalan@apple.com>

        Multicol: RenderMultiColumnFlow should not inherit the flow state
        https://bugs.webkit.org/show_bug.cgi?id=181762
        <rdar://problem/35448565>

        Reviewed by Simon Fraser.

        Do not compute the inherited flow state flag for RenderMultiColumnFlow.
        It is (by definition) always inside a fragmented flow.

        Test: fast/multicol/crash-when-out-of-flow-positioned-becomes-in-flow.html

        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::computedFragmentedFlowState):

2018-01-17  Alex Christensen  <achristensen@webkit.org>

        Deprecate Application Cache
        https://bugs.webkit.org/show_bug.cgi?id=181764

        Reviewed by Geoffrey Garen.

        * features.json:

2018-01-17  Wenson Hsieh  <wenson_hsieh@apple.com>

        [iOS simulator] API test WKAttachmentTests.InjectedBundleReplaceURLWhenPastingImage is failing
        https://bugs.webkit.org/show_bug.cgi?id=181758

        Reviewed by Tim Horton.

        This test is failing because Editor::clientReplacementURLForResource expects a MIME type, but on iOS, the type
        paramter passed into WebContentReader::readImage is a UTI; subsequently, the bundle editing delegate receives
        a MIME type that's actually a UTI, which is incorrect. To address this, ensure that a MIME type is passed to
        bundle SPI by converting the type in WebContentReader::readImage to a MIME type.

        * editing/cocoa/WebContentReaderCocoa.mm:
        (WebCore::WebContentReader::readImage):

2018-01-17  Antti Koivisto  <antti@apple.com>

        REGRESSION (r226385?): Crash in com.apple.WebCore: WebCore::MediaQueryEvaluator::evaluate const + 32
        https://bugs.webkit.org/show_bug.cgi?id=181742
        <rdar://problem/36334726>

        Reviewed by David Kilzer.

        Test: fast/media/mediaqueryevaluator-crash.html

        * css/MediaQueryEvaluator.cpp:
        (WebCore::MediaQueryEvaluator::MediaQueryEvaluator):

        Use WeakPtr<Document> instead of a plain Frame pointer.

        (WebCore::MediaQueryEvaluator::evaluate const):

        Get the frame via document.

        * css/MediaQueryEvaluator.h:
        * dom/Document.cpp:
        (WebCore::Document::prepareForDestruction):

        Take care to clear style resolver.

2018-01-17  Youenn Fablet  <youenn@apple.com>

        Put fetch request keepAlive behind a runtime flag
        https://bugs.webkit.org/show_bug.cgi?id=181592

        Reviewed by Chris Dumez.

        No change of behavior.

        * Modules/fetch/FetchRequest.idl:
        * page/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::fetchAPIKeepAliveEnabled const):
        (WebCore::RuntimeEnabledFeatures::setFetchAPIKeepAliveEnabled):

2018-01-17  Per Arne Vollan  <pvollan@apple.com>

        [Win] Use switch when converting from ResourceRequestCachePolicy to platform cache policy.
        https://bugs.webkit.org/show_bug.cgi?id=181686

        Reviewed by Alex Christensen.

        No new tests, covered by existing tests.

        A switch will make the function easier on the eyes. Also, use the function in places where the ResourceRequestCachePolicy
        is just casted to a platform cache policy.

        * platform/network/cf/ResourceRequestCFNet.cpp:
        (WebCore::toPlatformRequestCachePolicy):

2018-01-17  John Wilander  <wilander@apple.com>

        Resource Load Statistics: Block cookies for prevalent resources without user interaction
        https://bugs.webkit.org/show_bug.cgi?id=177394
        <rdar://problem/34613960>

        Reviewed by Alex Christensen.

        Tests: http/tests/resourceLoadStatistics/add-blocking-to-redirect.html
               http/tests/resourceLoadStatistics/non-prevalent-resources-can-access-cookies-in-a-third-party-context.html
               http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html
               http/tests/resourceLoadStatistics/remove-partitioning-in-redirect.html

        * platform/network/NetworkStorageSession.h:
            Now exports NetworkStorageSession::nsCookieStorage().
        * platform/network/cf/NetworkStorageSessionCFNet.cpp:
        (WebCore::NetworkStorageSession::setPrevalentDomainsToPartitionOrBlockCookies):
            Fixes the FIXME.

2018-01-17  Daniel Bates  <dabates@apple.com>

        REGRESSION (r222795): Cardiogram never signs in
        https://bugs.webkit.org/show_bug.cgi?id=181693
        <rdar://problem/36286293>

        Reviewed by Ryosuke Niwa.

        Exempt Cardiogram from the XHR header restrictions in r222795.

        Following r222795 only Dashboard widgets are allowed to set arbitrary XHR headers.
        However Cardiogram also depends on such functionality.

        Test: fast/xmlhttprequest/set-dangerous-headers-from-file-when-setting-enabled.html

        * page/Settings.yaml:
        * platform/RuntimeApplicationChecks.h:
        * platform/cocoa/RuntimeApplicationChecksCocoa.mm:
        (WebCore::IOSApplication::isCardiogram):
        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::setRequestHeader):

2018-01-17  Daniel Bates  <dabates@apple.com>

        ASSERTION FAILED: !m_completionHandler in PingHandle::~PingHandle()
        https://bugs.webkit.org/show_bug.cgi?id=181746
        <rdar://problem/36586248>

        Reviewed by Chris Dumez.

        Call PingHandle::pingLoadComplete() with an error when NSURLConnection queries
        whether the ping is able to respond to an authentication request. (Pings do not
        respond to authenticate requests.) It will call the completion handler, nullify
        the completion handler, and deallocate the PingHandle. Nullifying the completion
        handler is necessary to avoid the assertion failure in ~PingHandle().

        Test: http/tests/misc/before-unload-load-image.html

        * platform/network/PingHandle.h:

2018-01-17  Daniel Bates  <dabates@apple.com>

        WebCoreResourceHandleAsOperationQueueDelegate/ResourceHandleCFURLConnectionDelegateWithOperationQueue may
        be deleted in main thread callback
        https://bugs.webkit.org/show_bug.cgi?id=181747
        <rdar://problem/36588120>

        Reviewed by Alex Christensen.

        Retain the delegate (e.g. WebCoreResourceHandleAsOperationQueueDelegate) before scheduling
        a main thread callback and blocking on a semaphore for its reply because the main thread
        callback can do anything, including deleting the delegate, before the non-main thread
        has a chance to execute. For instance, a PingHandle will delete itself (and hence delete
        its resource handle delegate) in most of the code paths invoked by the delegate.

        * platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.cpp:
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::willSendRequest):
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveResponse):
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::willCacheResponse):
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::canRespondToProtectionSpace):
        * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
        (-[WebCoreResourceHandleAsOperationQueueDelegate connection:willSendRequest:redirectResponse:]):
        (-[WebCoreResourceHandleAsOperationQueueDelegate connection:canAuthenticateAgainstProtectionSpace:]):
        (-[WebCoreResourceHandleAsOperationQueueDelegate connection:didReceiveResponse:]):
        (-[WebCoreResourceHandleAsOperationQueueDelegate connection:willCacheResponse:]):

2018-01-17  Chris Dumez  <cdumez@apple.com>

        'fetch' event may be sent to a service worker before its state is set to 'activated'
        https://bugs.webkit.org/show_bug.cgi?id=181698
        <rdar://problem/36554856>

        Reviewed by Youenn Fablet.

        'fetch' event may be sent to a service worker before its state is set to 'activated'.
        When the registration's active worker needs to intercept a load, and its state is 'activating',
        we queue the request to send the fetch event in SWServerWorker::m_whenActivatedHandlers.
        Once the SWServerWorker::setState() is called with 'activated' state, we then call the
        handlers in m_whenActivatedHandlers to make send the fetch event now that the worker is
        activated. The issue is that even though the worker is activated and its state was set to
        'activated' on Storage process side, we had not yet notified the ServiceWorker process
        of the service worker's new state yet.

        To address the issue, we now make sure that SWServerWorker::m_whenActivatedHandlers are
        called *after* we've sent the IPC to the ServiceWorker process to update the worker's
        state to 'activated'. Also, we now call ServiceWorkerFetch::dispatchFetchEvent()
        asynchronously in a postTask() as the service worker's state is also updated asynchronously
        in a postTask. This is as per specification [1], which says to "queue a task" to fire
        the fetch event.

        [1] https://w3c.github.io/ServiceWorker/#on-fetch-request-algorithm (step 18)

        No new tests, covered by imported/w3c/web-platform-tests/service-workers/service-worker/fetch-waits-for-activate.https.html
        which hits the new assertion without the fix.

        * workers/service/context/ServiceWorkerFetch.cpp:
        (WebCore::ServiceWorkerFetch::dispatchFetchEvent):
        Add assertions to make sure that we dispatch the fetch event on the right worker and
        that the worker is in 'activated' state.

        * workers/service/context/ServiceWorkerThread.cpp:
        (WebCore::ServiceWorkerThread::postFetchTask):
        Queue a task to fire the fetch event as per:
        - https://w3c.github.io/ServiceWorker/#on-fetch-request-algorithm (step 18)
        We need to match the specification exactly here or things will happen in the wrong
        order. In particular, things like "update registration state" and "update worker state"
        might happen *after* firing the fetch event, even though the IPC for "update registration/worker
        state" was sent before the "fire fetch event" one, because the code for updating a registration/
        worker state already queues a task, as per the specification.

        * workers/service/server/SWServerRegistration.cpp:
        (WebCore::SWServerRegistration::updateWorkerState):
        * workers/service/server/SWServerRegistration.h:
        * workers/service/server/SWServerWorker.cpp:
        (WebCore::SWServerWorker::setState):
        Move code to send the IPC to the Service Worker process whenever the service worker's state
        needs to be updated from SWServerRegistration::updateWorkerState() to SWServerWorker::setState().
        This way, we can make sure the IPC is sent *before* we call the m_whenActivatedHandlers handlers,
        as they may also send IPC to the Service Worker process, and we need to make sure this IPC happens
        after so that the service worker is in the right state.

2018-01-17  Stephan Szabo  <stephan.szabo@sony.com>

        Page.cpp only sees forward declaration of ApplicationStateChangeListener when ENABLE(VIDEO) is off
        https://bugs.webkit.org/show_bug.cgi?id=181713

        Reviewed by Darin Adler.

        No new tests (build fix).

        * page/Page.cpp: Add include for ApplicationStateChangeListener

2018-01-17  Wenson Hsieh  <wenson_hsieh@apple.com>

        Add injected bundle SPI to replace subresource URLs when dropping or pasting rich content
        https://bugs.webkit.org/show_bug.cgi?id=181637
        <rdar://problem/36508471>

        Reviewed by Tim Horton.

        Before carrying out blob URL conversion for pasted or dropped rich content, let the editor client replace
        subresource URLs in WebKit2 by calling out to new injected bundle SPI. See comments below for more detail.

        Tests:  WKAttachmentTests.InjectedBundleReplaceURLsWhenPastingAttributedString
                WKAttachmentTests.InjectedBundleReplaceURLWhenPastingImage

        * editing/Editor.cpp:
        (WebCore::Editor::clientReplacementURLForResource):
        * editing/Editor.h:

        Add a new helper to call out to the editor client for a URL string to replace a given ArchiveResource. In
        WebKit2, this calls out to the injected bundle's new `replacementURLForResource` SPI hook.

        * editing/cocoa/WebContentReaderCocoa.mm:
        (WebCore::shouldReplaceSubresourceURL):
        (WebCore::replaceRichContentWithAttachments):
        (WebCore::replaceSubresourceURLsWithURLsFromClient):

        Add a new static helper to replace subresource URLs in the given DocumentFragment with URLs supplied by the
        editor client. Additionally builds a list of ArchiveResources that have not been replaced, for use at call sites
        so that we don't unnecessarily create more Blobs for ArchiveResources that have already been replaced.

        (WebCore::createFragmentAndAddResources):
        (WebCore::sanitizeMarkupWithArchive):

        Tweak web content reading codepaths to first replace subresource URLs with editor-client-supplied URLs.

        (WebCore::WebContentReader::readImage):
        (WebCore::shouldConvertToBlob): Deleted.

        Rename this helper to shouldReplaceSubresourceURL, blob URL replacement is no longer the only scenario in which
        we replace resource URLs, but in both cases, we still want to ignore `http:`-family and `data:` URLs.

        * loader/EmptyClients.cpp:
        * page/EditorClient.h:

2018-01-17  Yacine Bandou  <yacine.bandou_ext@softathome.com>
        [EME][GStreamer] Add the full-sample encryption support in the GStreamer ClearKey decryptor
        https://bugs.webkit.org/show_bug.cgi?id=180080

        Reviewed by Xabier Rodriguez-Calvar.

        Currently the GStreamer clearKey decryptor doesn't support the full-sample encryption,
        where the buffer is entirely encrypted, it supports only the sub-sample encryption.

        Test: media/encrypted-media/clearKey/clearKey-cenc-audio-playback-mse.html

        * platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.cpp:
        (webKitMediaClearKeyDecryptorDecrypt):

2018-01-17  Zan Dobersek  <zdobersek@igalia.com>

        Unreviewed follow-up to r227051.

        * platform/graphics/cairo/CairoOperations.h: Fix declaration of the
        fillRoundedRect() function by removing the bool parameter that's not
        used at all in the definition. This went unspotted due to the unified
        source build including the implementation file before fillRoundedRect()
        usage in GrapihcsContextCairo.cpp, leaving the declaration undefined
        and instead using the definition directly.

2018-01-17  Zan Dobersek  <zdobersek@igalia.com>

        [Cairo] Don't mirror global alpha and image interpolation quality state values in PlatformContextCairo
        https://bugs.webkit.org/show_bug.cgi?id=181725

        Reviewed by Carlos Garcia Campos.

        Don't duplicate global alpha and image interpolation quality state
        values on the PlatformContextCairo. Instead, retrieve them from
        the managing GraphicsContextState when necessary.

        For Cairo operations, the FillSource and StrokeSource containers now
        store the global alpha value, using it during the operation executions.
        For drawNativeImage(), the global alpha and interpolation quality values
        are passed through arguments.

        In PlatformContextCairo, the two values are no longer stored on the
        internally-managed stack, and the getter-setter pairs for the two values
        are removed. In drawSurfaceToContext(), the two values are now expected
        to be passed through the method arguments.

        No new tests -- no change in behavior.

        * platform/graphics/cairo/CairoOperations.cpp:
        (WebCore::Cairo::prepareForFilling):
        (WebCore::Cairo::prepareForStroking):
        (WebCore::Cairo::drawPathShadow):
        (WebCore::Cairo::fillCurrentCairoPath):
        (WebCore::Cairo::FillSource::FillSource):
        (WebCore::Cairo::StrokeSource::StrokeSource):
        (WebCore::Cairo::strokeRect):
        (WebCore::Cairo::strokePath):
        (WebCore::Cairo::drawGlyphs):
        (WebCore::Cairo::drawNativeImage):
        (WebCore::Cairo::State::setGlobalAlpha): Deleted.
        (WebCore::Cairo::State::setImageInterpolationQuality): Deleted.
        * platform/graphics/cairo/CairoOperations.h:
        * platform/graphics/cairo/GraphicsContextCairo.cpp:
        (WebCore::GraphicsContext::drawNativeImage):
        (WebCore::GraphicsContext::setPlatformAlpha):
        (WebCore::GraphicsContext::setPlatformImageInterpolationQuality):
        * platform/graphics/cairo/PlatformContextCairo.cpp:
        (WebCore::PlatformContextCairo::save):
        (WebCore::PlatformContextCairo::drawSurfaceToContext):
        (WebCore::PlatformContextCairo::State::State): Deleted.
        (WebCore::PlatformContextCairo::setImageInterpolationQuality): Deleted.
        (WebCore::PlatformContextCairo::imageInterpolationQuality const): Deleted.
        (WebCore::PlatformContextCairo::globalAlpha const): Deleted.
        (WebCore::PlatformContextCairo::setGlobalAlpha): Deleted.
        * platform/graphics/cairo/PlatformContextCairo.h:
        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:
        (WebCore::MediaPlayerPrivateMediaFoundation::Direct3DPresenter::paintCurrentFrame):

2018-01-17  Philippe Normand  <pnormand@igalia.com>

        REGRESSION(r226973/r226974): Four multimedia tests failing
        https://bugs.webkit.org/show_bug.cgi?id=181696

        Reviewed by Carlos Garcia Campos.

        This patch reverts some of the changes of the above revisions so as to fix layout test failures.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::handleMessage): Properly
        prepare stalled event when an error was detected.
        (WebCore::MediaPlayerPrivateGStreamer::processBufferingStats): Revert to previous version.
        (WebCore::MediaPlayerPrivateGStreamer::fillTimerFired): Ditto.
        (WebCore::MediaPlayerPrivateGStreamer::didLoadingProgress const):
        Emit progress event also when streaming but not when an error was
        detected.
        (WebCore::MediaPlayerPrivateGStreamer::totalBytes const): use isLiveStream like everywhere else.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (webkit_web_src_init): Revert to keep-alive FALSE by default.

2018-01-17  Zan Dobersek  <zdobersek@igalia.com>

        [Cairo] Move prepareForFilling(), prepareForStroking() code to CairoOperations
        https://bugs.webkit.org/show_bug.cgi?id=181721

        Reviewed by Carlos Garcia Campos.

        Move the prepareForFilling() and prepareForStroking() code off of the
        PlatformContextCairo class and into static functions inside the
        CairoOperations implementation files. The original methods weren't
        called from any place other than the Cairo operations, and they only
        operated with the cairo_t object that's stored in and retrievable from
        the PlatformContextCairo object.

        No new tests -- no change in behavior.

        * platform/graphics/cairo/CairoOperations.cpp:
        (WebCore::Cairo::reduceSourceByAlpha):
        (WebCore::Cairo::prepareCairoContextSource):
        (WebCore::Cairo::clipForPatternFilling):
        (WebCore::Cairo::prepareForFilling):
        (WebCore::Cairo::prepareForStroking):
        (WebCore::Cairo::drawPathShadow):
        (WebCore::Cairo::fillCurrentCairoPath):
        (WebCore::Cairo::strokeRect):
        (WebCore::Cairo::strokePath):
        (WebCore::Cairo::drawGlyphs):
        * platform/graphics/cairo/PlatformContextCairo.cpp:
        (WebCore::reduceSourceByAlpha): Deleted.
        (WebCore::prepareCairoContextSource): Deleted.
        (WebCore::PlatformContextCairo::prepareForFilling): Deleted.
        (WebCore::PlatformContextCairo::prepareForStroking): Deleted.
        (WebCore::PlatformContextCairo::clipForPatternFilling): Deleted.
        * platform/graphics/cairo/PlatformContextCairo.h:

2018-01-17  Zan Dobersek  <zdobersek@igalia.com>

        [Cairo] Use one-time ShadowBlur objects when performing shadowing
        https://bugs.webkit.org/show_bug.cgi?id=181720

        Reviewed by Carlos Garcia Campos.

        Don't maintain a ShadowBlur object in the PlatformContextCairo class.
        Instead, use temporary ShadowBlur objects whenever shadowing is needed,
        providing all the shadow state information to it and drawing shadow into
        the given GraphicsContext object.

        ShadowBlur constructors are cleaned up. The 'shadows ignored' argument
        can now also be provided to the variant that accepts explicit shadow
        attributes, but the argument is false by default.

        In CairoOperations, the ShadowBlurUsage functionality is rolled into the
        new ShadowState class. ShadowState parameter is now used for operations
        that might need to perform shadow painting. Call sites are modified
        accordingly.

        Cairo::State::setShadowValues() and Cairo::State::clearShadow() are
        removed, since the ShadowBlur object that was modified through those is
        being removed from the PlatformContextCairo class. We still have to flip
        the Y-axis of the shadow offset in GraphicsContext::setPlatformShadow()
        when shadows are ignoring transformations.

        No new tests -- no change in behavior.

        * platform/graphics/ShadowBlur.cpp:
        (WebCore::ShadowBlur::ShadowBlur):
        * platform/graphics/ShadowBlur.h:
        * platform/graphics/cairo/CairoOperations.cpp:
        (WebCore::Cairo::drawPathShadow):
        (WebCore::Cairo::drawGlyphsShadow):
        (WebCore::Cairo::ShadowState::ShadowState):
        (WebCore::Cairo::ShadowState::isVisible const):
        (WebCore::Cairo::ShadowState::isRequired const):
        (WebCore::Cairo::fillRect):
        (WebCore::Cairo::fillRoundedRect):
        (WebCore::Cairo::fillRectWithRoundedHole):
        (WebCore::Cairo::fillPath):
        (WebCore::Cairo::strokeRect):
        (WebCore::Cairo::strokePath):
        (WebCore::Cairo::drawGlyphs):
        (WebCore::Cairo::drawNativeImage):
        (WebCore::Cairo::State::setShadowValues): Deleted.
        (WebCore::Cairo::State::clearShadow): Deleted.
        (WebCore::Cairo::ShadowBlurUsage::ShadowBlurUsage): Deleted.
        (WebCore::Cairo::ShadowBlurUsage::required const): Deleted.
        * platform/graphics/cairo/CairoOperations.h:
        * platform/graphics/cairo/FontCairo.cpp:
        (WebCore::FontCascade::drawGlyphs):
        * platform/graphics/cairo/GraphicsContextCairo.cpp:
        (WebCore::GraphicsContext::restorePlatformState):
        (WebCore::GraphicsContext::drawNativeImage):
        (WebCore::GraphicsContext::fillPath):
        (WebCore::GraphicsContext::strokePath):
        (WebCore::GraphicsContext::fillRect):
        (WebCore::GraphicsContext::setPlatformShadow):
        (WebCore::GraphicsContext::clearPlatformShadow):
        (WebCore::GraphicsContext::strokeRect):
        (WebCore::GraphicsContext::platformFillRoundedRect):
        (WebCore::GraphicsContext::fillRectWithRoundedHole):
        * platform/graphics/cairo/PlatformContextCairo.cpp:
        (WebCore::PlatformContextCairo::drawSurfaceToContext):
        * platform/graphics/cairo/PlatformContextCairo.h:
        (WebCore::PlatformContextCairo::shadowBlur): Deleted.
        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:
        (WebCore::MediaPlayerPrivateMediaFoundation::Direct3DPresenter::paintCurrentFrame):

2018-01-17  Zan Dobersek  <zdobersek@igalia.com>

        CanvasImageData: createImageData() parameter should not be nullable
        https://bugs.webkit.org/show_bug.cgi?id=181670

        Reviewed by Sam Weinig.

        createImageData() method on the CanvasImageData interface should not
        treat the ImageData parameter as nullable, but should instead reject any
        null values with a TypeError, as demanded by the specification.

        No new tests -- current tests covering createImageData(null) are updated
        to properly cover new behavior of throwing a TypeError exception.

        * html/canvas/CanvasImageData.idl:
        * html/canvas/CanvasRenderingContext2DBase.cpp:
        (WebCore::CanvasRenderingContext2DBase::createImageData const):
        * html/canvas/CanvasRenderingContext2DBase.h:

2018-01-16  Fujii Hironori  <Hironori.Fujii@sony.com>

        [CMake] Remove WebCoreDerivedSources library target
        https://bugs.webkit.org/show_bug.cgi?id=181664

        Reviewed by Carlos Garcia Campos.

        After unified source build has been introduced, CMake Visual
        Studio build suffers complicated unnecessary recompilation issues
        because Visual Studio invokes scripts twice in both WebCore and
        WebCoreDerivedSources projects (Bug 181117).

        WebCoreDerivedSources library has been introduced in r198766 to
        avoid command line length limit of CMake Ninja build on macOS.
        Fortunately, unified source build has reduced the number of source
        files to compile, WebCore doesn't need to be split anymore.

        No new tests (No behavior change)

        * CMakeLists.txt: Replaced WebCore_DERIVED_SOURCES with WebCore_SOURCES. Removed WebCoreDerivedSources library target.
        Do not compile each JavaScript Builtins.cpp files because the unified source WebCoreJSBuiltins.cpp is already included.
        * PlatformGTK.cmake: Replaced WebCore_DERIVED_SOURCES with WebCore_SOURCES.
        * PlatformWin.cmake: Ditto.

2018-01-16  Simon Fraser  <simon.fraser@apple.com>

        Can't scroll iframe after toggling it to display:none and back
        https://bugs.webkit.org/show_bug.cgi?id=181708
        rdar://problem/13234778

        Reviewed by Tim Horton.

        Nothing updated the FrameView's set of scrollable areas when a subframe came back from display:none.
        Mirror the existing virtual removeChild() by making addChild() virtual, and using it to mark
        the FrameView's scrollable area set as dirty.

        Test: tiled-drawing/scrolling/non-fast-region/non-fast-scrollable-region-hide-show-iframe.html

        * page/FrameView.cpp:
        (WebCore::FrameView::addChild):
        * page/FrameView.h:
        * platform/ScrollView.h:

2018-01-16  Chris Dumez  <cdumez@apple.com>

        SWServerWorker::m_contextConnectionIdentifier may get out of date
        https://bugs.webkit.org/show_bug.cgi?id=181687
        <rdar://problem/36548111>

        Reviewed by Brady Eidson.

        SWServerWorker::m_contextConnectionIdentifier may get out of date. This happens when the
        context process crashes and is relaunched.

        No new tests, added assertion in terminateWorkerInternal() that hits without this fix.

        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::runServiceWorker):
        (WebCore::SWServer::terminateWorkerInternal):
        (WebCore::SWServer::unregisterServiceWorkerClient):
        * workers/service/server/SWServerWorker.h:
        (WebCore::SWServerWorker::setContextConnectionIdentifier):

2018-01-16  Jer Noble  <jer.noble@apple.com>

        Reset MediaSourcePrivateAVFObjC's m_sourceBufferWithSelectedVideo when the underlying SourceBufferPrivate is removed.
        https://bugs.webkit.org/show_bug.cgi?id=181707
        <rdar://problem/34809474>

        Reviewed by Eric Carlson.

        Test: media/media-source/media-source-remove-unload-crash.html

        * platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.mm:
        (WebCore::MediaSourcePrivateAVFObjC::removeSourceBuffer):

2018-01-12  Jiewen Tan  <jiewen_tan@apple.com>

        [WebAuthN] Implement dummy WebAuthN IDLs
        https://bugs.webkit.org/show_bug.cgi?id=181627
        <rdar://problem/36459864>

        Reviewed by Alex Christensen.

        This patch implements dummy WebAuthN IDLs and connect them with Credential Management as well.
        All implementations in this patch are subject to change when real implementations land. The
        purpose here on the other hand is to have IDLs, bindings and implementations connected. This
        patch should handle all IDLs that we need.

        No tests.

        * CMakeLists.txt:
        * DerivedSources.make:
        * Modules/credentialmanagement/CredentialCreationOptions.h:
        * Modules/credentialmanagement/CredentialCreationOptions.idl:
        * Modules/credentialmanagement/CredentialRequestOptions.h:
        * Modules/credentialmanagement/CredentialRequestOptions.idl:
        * Modules/webauthn/AuthenticatorAssertionResponse.cpp: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.cpp.
        (WebCore::AuthenticatorAssertionResponse::AuthenticatorAssertionResponse):
        (WebCore::AuthenticatorAssertionResponse::~AuthenticatorAssertionResponse):
        (WebCore::AuthenticatorAssertionResponse::authenticatorData):
        (WebCore::AuthenticatorAssertionResponse::signature):
        (WebCore::AuthenticatorAssertionResponse::userHandle):
        * Modules/webauthn/AuthenticatorAssertionResponse.h: Copied from Source/WebCore/Modules/credentialmanagement/CredentialRequestOptions.h.
        * Modules/webauthn/AuthenticatorAssertionResponse.idl: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.idl.
        * Modules/webauthn/AuthenticatorAttestationResponse.cpp: Copied from Source/WebCore/Modules/credentialmanagement/CredentialCreationOptions.h.
        (WebCore::AuthenticatorAttestationResponse::AuthenticatorAttestationResponse):
        (WebCore::AuthenticatorAttestationResponse::~AuthenticatorAttestationResponse):
        (WebCore::AuthenticatorAttestationResponse::attestationObject):
        * Modules/webauthn/AuthenticatorAttestationResponse.h: Copied from Source/WebCore/Modules/credentialmanagement/CredentialRequestOptions.h.
        * Modules/webauthn/AuthenticatorAttestationResponse.idl: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.idl.
        * Modules/webauthn/AuthenticatorResponse.cpp: Copied from Source/WebCore/Modules/credentialmanagement/CredentialCreationOptions.h.
        (WebCore::AuthenticatorResponse::AuthenticatorResponse):
        (WebCore::AuthenticatorResponse::~AuthenticatorResponse):
        (WebCore::AuthenticatorResponse::clientDataJSON):
        * Modules/webauthn/AuthenticatorResponse.h: Copied from Source/WebCore/Modules/credentialmanagement/CredentialRequestOptions.h.
        * Modules/webauthn/AuthenticatorResponse.idl: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.idl.
        * Modules/webauthn/PublicKeyCredential.cpp:
        (WebCore::PublicKeyCredential::rawId):
        (WebCore::PublicKeyCredential::response):
        (WebCore::PublicKeyCredential::getClientExtensionResults):
        (WebCore::PublicKeyCredential::isUserVerifyingPlatformAuthenticatorAvailable):
        * Modules/webauthn/PublicKeyCredential.h:
        * Modules/webauthn/PublicKeyCredential.idl:
        * Modules/webauthn/PublicKeyCredentialCreationOptions.h: Copied from Source/WebCore/Modules/credentialmanagement/CredentialRequestOptions.h.
        * Modules/webauthn/PublicKeyCredentialCreationOptions.idl: Added.
        * Modules/webauthn/PublicKeyCredentialDescriptor.h: Copied from Source/WebCore/Modules/credentialmanagement/CredentialCreationOptions.h.
        * Modules/webauthn/PublicKeyCredentialDescriptor.idl: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.idl.
        * Modules/webauthn/PublicKeyCredentialRequestOptions.h: Copied from Source/WebCore/Modules/credentialmanagement/CredentialCreationOptions.h.
        * Modules/webauthn/PublicKeyCredentialRequestOptions.idl: Copied from Source/WebCore/Modules/credentialmanagement/CredentialRequestOptions.h.
        * Modules/webauthn/PublicKeyCredentialType.h: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.idl.
        * Modules/webauthn/PublicKeyCredentialType.idl: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.idl.
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/WebCoreBuiltinNames.h:

2018-01-16  Zalan Bujtas  <zalan@apple.com>

        AX: Do not trigger layout in updateBackingStore() unless it is safe to do so
        https://bugs.webkit.org/show_bug.cgi?id=181703
        <rdar://problem/36365706>

        Reviewed by Ryosuke Niwa.

        Document::isSafeToUpdateStyleOrLayout() can tell whether it is safe to run layout.

        Unable to create test with WebInspector involved. 

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::updateBackingStore):
        * dom/Document.cpp:
        (WebCore::Document::isSafeToUpdateStyleOrLayout const):
        (WebCore::Document::updateStyleIfNeeded):
        (WebCore::Document::updateLayout):
        (WebCore::isSafeToUpdateStyleOrLayout): Deleted.
        * dom/Document.h:

2018-01-16  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r226962.

        The LayoutTest added with this change is a flaky timeout.

        Reverted changeset:

        "Support for preconnect Link headers"
        https://bugs.webkit.org/show_bug.cgi?id=181657
        https://trac.webkit.org/changeset/226962

2018-01-16  Simon Fraser  <simon.fraser@apple.com>

        Text looks bad on some CSS spec pages
        https://bugs.webkit.org/show_bug.cgi?id=181700
        rdar://problem/36552107

        Reviewed by Tim Horton.

        When making new tiles in a TileController, we failed to set their "supports antialiased layer text"
        setting, so tile caches could end up with a mixture of layers that do and do not support
        antialiased layer text.

        No tests because the tiled drawing tests don't dump out tiles inside of tile caches.

        * platform/graphics/ca/TileController.cpp:
        (WebCore::TileController::createTileLayer):

2018-01-16  Said Abou-Hallawa  <sabouhallawa@apple.com>

        REGRESSION(r221292): svg/animations/animateTransform-pattern-transform.html crashes with security assertion
        https://bugs.webkit.org/show_bug.cgi?id=179986

        Reviewed by Simon Fraser.

        This patch reverts all or parts of the following changes-sets
            <http://trac.webkit.org/changeset/221292>
            <http://trac.webkit.org/changeset/197967>
            <http://trac.webkit.org/changeset/196670>

        A JS statement like this:
            var item = text.x.animVal.getItem(0);

        Creates the following C++ objects:
            SVGAnimatedListPropertyTearOff<SVGLengthListValues> for 'text.x'
            SVGListPropertyTearOff<SVGLengthListValues> for 'text.x.animVal'
            SVGPropertyTearOff<SVGLengthValue> for 'text.x.animVal.getItem(0)'

        If 'item' changes, the attribute 'x' of the element '<text>' will change
        as well. But this binding works only in one direction. If the attribute
        'x' of the element '<text>' changes, e.g.:

            text.setAttribute('x', '10,20,30');

        This will detach 'item' from the element <text> and any further changes 
        in 'item' won't affect the attribute 'x' of element <text>.

        The one direction binding can only work if this chain of tear-off objects
        is kept connected. This is implemented by RefCounted back pointers from
        SVGPropertyTearOff and SVGListPropertyTearOff to SVGAnimatedListPropertyTearOff.

        The security crashes and the memory leaks are happening because of the
        raw forward pointers:
            -- SVGAnimatedListPropertyTearOff maintains raw pointers of type
               SVGListPropertyTearOff for m_baseVal and m_animVal
            -- The m_wrappers and m_animatedWrappers of SVGAnimatedListPropertyTearOff
               are vectors of raw pointer Vector<SVGLength*>

        To control the life cycle of the raw pointers, SVGListPropertyTearOff and
        SVGPropertyTearOff call SVGAnimatedListPropertyTearOff::propertyWillBeDeleted()
        to notify it they are going to be deleted. In propertyWillBeDeleted(), we
        clear the pointers so they are not used after being freed. This mechanism
        has been error-prone and we've never got it 100% right.

        The solution we need to adopt with SVG tear-off objects is the following:
            -- All the forward pointers should be weak pointers.
            -- All the back pointers should be ref pointers.

        This solution may not look intuitive but it solves the bugs and keeps the
        one direction binding. The forward weak pointers allows the tear-off
        objects to go aways if no reference from JS exists. The back ref pointers
        maintains the chain of objects and guarantees the correct binding.

        * svg/SVGPathSegList.h:
        * svg/SVGTransformList.h:
        * svg/properties/SVGAnimatedListPropertyTearOff.h:
        (WebCore::SVGAnimatedListPropertyTearOff::baseVal):
        (WebCore::SVGAnimatedListPropertyTearOff::animVal):
        * svg/properties/SVGAnimatedPathSegListPropertyTearOff.h:
        * svg/properties/SVGAnimatedProperty.h:
        (WebCore::SVGAnimatedProperty::isAnimatedListTearOff const):
        (WebCore::SVGAnimatedProperty::propertyWillBeDeleted): Deleted.
        * svg/properties/SVGAnimatedPropertyTearOff.h:
        * svg/properties/SVGAnimatedTransformListPropertyTearOff.h:
        * svg/properties/SVGListProperty.h:
        (WebCore::SVGListProperty::initializeValuesAndWrappers):
        (WebCore::SVGListProperty::getItemValuesAndWrappers):
        (WebCore::SVGListProperty::insertItemBeforeValuesAndWrappers):
        (WebCore::SVGListProperty::replaceItemValuesAndWrappers):
        (WebCore::SVGListProperty::removeItemValuesAndWrappers):
        (WebCore::SVGListProperty::appendItemValuesAndWrappers):
        (WebCore::SVGListProperty::createWeakPtr const):
        * svg/properties/SVGListPropertyTearOff.h:
        (WebCore::SVGListPropertyTearOff::removeItemFromList):
        (WebCore::SVGListPropertyTearOff::~SVGListPropertyTearOff): Deleted.
        * svg/properties/SVGPropertyTearOff.h:
        (WebCore::SVGPropertyTearOff::createWeakPtr const):
        (WebCore::SVGPropertyTearOff::~SVGPropertyTearOff):

2018-01-16  Eric Carlson  <eric.carlson@apple.com>

        AVSampleBufferDisplayLayer should be flushed when application activates
        https://bugs.webkit.org/show_bug.cgi?id=181623
        <rdar://problem/36487738>

        Reviewed by Darin Adler.

        No new tests, I wasn't able to reproduce it in a test.

        * WebCore.xcodeproj/project.pbxproj:
        * dom/Document.cpp:
        (WebCore::Document::addApplicationStateChangeListener): New.
        (WebCore::Document::removeApplicationStateChangeListener): Ditto.
        (WebCore::Document::forEachApplicationStateChangeListener): Ditto.
        * dom/Document.h:

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::registerWithDocument): Register for application state changes.
        (WebCore::HTMLMediaElement::unregisterWithDocument): Unregister.
        (WebCore::HTMLMediaElement::applicationWillResignActive): Pass through to the player.
        (WebCore::HTMLMediaElement::applicationDidBecomeActive): Ditto.
        * html/HTMLMediaElement.h:

        * page/ApplicationStateChangeListener.h: Added.
        (WebCore::ApplicationStateChangeListener::applicationWillResignActive):
        (WebCore::ApplicationStateChangeListener::applicationDidBecomeActive):
        * page/Page.cpp:
        (WebCore::Page::forEachDocument):
        (WebCore::Page::applicationWillResignActive):
        (WebCore::Page::applicationDidEnterBackground):
        (WebCore::Page::applicationWillEnterForeground):
        (WebCore::Page::applicationDidBecomeActive):
        * page/Page.h:
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::applicationWillResignActive):
        (WebCore::MediaPlayer::applicationDidBecomeActive):
        * platform/graphics/MediaPlayer.h:
        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::applicationWillResignActive):
        (WebCore::MediaPlayerPrivateInterface::applicationDidBecomeActive):

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::MediaPlayerPrivateMediaStreamAVFObjC): Switch
        to release logging.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::~MediaPlayerPrivateMediaStreamAVFObjC): Ditto.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueCorrectedVideoSample): Split out of enqueueVideoSample.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueVideoSample): Move code that updates
        the display later to enqueueCorrectedVideoSample. Rearrange logic to the image painter sample
        buffer has the correct timestamp.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::layerErrorDidChange): Switch to release logging.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::layerStatusDidChange): Ditto.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::applicationDidBecomeActive): f the display
        layer is in the "failed" state, flush the renderer and update the display mode.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayers): Switch to release logging.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::load): Ditto.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::cancelLoad): Ditto.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::prepareToPlay): Ditto.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateDisplayMode): Ditto.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::play): Ditto.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::pause): Ditto.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setVolume): Ditto.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setMuted): Ditto.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateReadyState) Ditto.:
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::logChannel const): Ditto.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateSampleTimes): Deleted.

2018-01-16  Michael Catanzaro  <mcatanzaro@igalia.com>

        PAL should link to JavaScriptCore rather than WTF
        https://bugs.webkit.org/show_bug.cgi?id=181683

        Reviewed by Konstantin Tokarev.

        Do not link directly to JavaScriptCore. Get it via PAL.

        * CMakeLists.txt:

2018-01-16  Zach Li  <zachli@apple.com>

        Add pop-up policy support in website policies.
        https://bugs.webkit.org/show_bug.cgi?id=181544.
        rdar://problem/30521400.

        Reviewed by Alex Christensen.

        * loader/DocumentLoader.h:
        Introduce pop-up policy getter and setter. Initialize
        the policy as Default.
        (WebCore::DocumentLoader::popUpPolicy const):
        (WebCore::DocumentLoader::setPopUpPolicy):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::allowPopUp):
        Pop-up policy specified on a per-page basis holds
        precedence over the global policy. If no pop-up policy
        is specified during navigation, global policy is used.

2018-01-16  Jer Noble  <jer.noble@apple.com>

        Crash playing audio-only HLS stream via hls.js (MSE)
        https://bugs.webkit.org/show_bug.cgi?id=181691
        <rdar://problem/32967295>

        Reviewed by Eric Carlson.

        Add a weak-link check to the block called by -[AVSampleBufferDisplayLayer requestMediaDataWhenReadyOnQueue:usingBlock:].

        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        (WebCore::SourceBufferPrivateAVFObjC::trackDidChangeEnabled):
        (WebCore::SourceBufferPrivateAVFObjC::notifyClientWhenReadyForMoreSamples):
        (WebCore::SourceBufferPrivateAVFObjC::setVideoLayer):

2018-01-16  Simon Fraser  <simon.fraser@apple.com>

        Rename applyHorizontalScale/applyVerticalScale in SVG filters, and related cleanup
        https://bugs.webkit.org/show_bug.cgi?id=181684

        Reviewed by Alex Christensen.

        Rename the confusing applyHorizontalScale/applyVerticalScale to scaledByFilterResolution(),
        and have it take and return a FloatSize. Change callers to do math in terms of FloatSizes.

        Add inflate(size) to each of the rect classes.

        * platform/graphics/FloatRect.h:
        (WebCore::FloatRect::inflate):
        * platform/graphics/IntRect.h:
        (WebCore::IntRect::inflate):
        * platform/graphics/LayoutRect.h:
        (WebCore::LayoutRect::inflate):
        * platform/graphics/filters/FEDisplacementMap.cpp:
        (WebCore::FEDisplacementMap::platformApplySoftware):
        * platform/graphics/filters/FEDropShadow.cpp:
        (WebCore::FEDropShadow::determineAbsolutePaintRect):
        (WebCore::FEDropShadow::platformApplySoftware):
        * platform/graphics/filters/FEGaussianBlur.cpp:
        (WebCore::FEGaussianBlur::calculateUnscaledKernelSize):
        (WebCore::FEGaussianBlur::calculateKernelSize):
        (WebCore::FEGaussianBlur::determineAbsolutePaintRect):
        (WebCore::FEGaussianBlur::platformApplySoftware):
        * platform/graphics/filters/FEGaussianBlur.h:
        * platform/graphics/filters/FEMorphology.cpp:
        (WebCore::FEMorphology::determineAbsolutePaintRect):
        (WebCore::FEMorphology::platformApplySoftware):
        * platform/graphics/filters/FEOffset.cpp:
        (WebCore::FEOffset::determineAbsolutePaintRect):
        (WebCore::FEOffset::platformApplySoftware):
        * platform/graphics/filters/Filter.h:
        (WebCore::Filter::setSourceImage):
        (WebCore::Filter::scaledByFilterResolution const):
        (WebCore::Filter::applyHorizontalScale const): Deleted.
        (WebCore::Filter::applyVerticalScale const): Deleted.
        * platform/graphics/filters/FilterOperations.cpp:
        (WebCore::outsetSizeForBlur):
        * rendering/FilterEffectRenderer.h:
        * svg/graphics/filters/SVGFilter.cpp:
        (WebCore::SVGFilter::scaledByFilterResolution const):
        (WebCore::SVGFilter::applyHorizontalScale const): Deleted.
        (WebCore::SVGFilter::applyVerticalScale const): Deleted.
        * svg/graphics/filters/SVGFilter.h:

2018-01-16  Fujii Hironori  <Hironori.Fujii@sony.com>

        [CMake][Mac] Fix the build errors
        https://bugs.webkit.org/show_bug.cgi?id=181665

        Reviewed by Alex Christensen.

        No new tests (No behavior change)

        * CMakeLists.txt: Added Modules/paymentrequest/MerchantValidationEvent.idl to compile.
        * PlatformMac.cmake: Added Modules/paymentrequest/MerchantValidationEvent.cpp to compile.
        Added workers/service/context and Modules/applicationmanifest as forwarding header paths.

2018-01-16  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Attachment Support] Provide the `src` of an attachment to the UI delegate when an attachment is inserted
        https://bugs.webkit.org/show_bug.cgi?id=181638
        <rdar://problem/36508702>

        Reviewed by Dan Bernstein.

        Adjust the `didInsertAttachment` codepath to additionally propagate the attachment element's `src`.
        Additionally, fix an issue with insertion and removal client notifications wherein the client can receive
        insertion calls without corresponding removal calls, or vice versa. This is an existing issue, but matters more
        now because we actually need to access the attachment element for its `src` when propagating changes to the
        client. See below for details.

        Test: WKAttachmentTests.AttachmentUpdatesWhenInsertingRichMarkup

        * dom/Document.h:
        (WebCore::Document::attachmentElementsByIdentifier const):
        * editing/Editor.cpp:
        (WebCore::Editor::notifyClientOfAttachmentUpdates):
        * page/EditorClient.h:
        (WebCore::EditorClient::didInsertAttachment):
        * page/Frame.cpp:
        (WebCore::Frame::setDocument):

        When a Frame's document changes, inform the client that the attachments in the previous document are going away.
        For each attachment currently connected to the document, we have either (1) already informed the client that it
        was inserted, or (2) the attachment is pending an insertion call to the client. If (1) is the case, then we'll
        tell the client that the attachment is removed, which will balance out the earlier insertion call. If (2) is the
        case, then we'll remove the previously inserted attachment identifier from the set of attachment identifiers
        pending insertion, and the client won't be informed of insertions or removals.

2018-01-16  Antoine Quint  <graouts@apple.com>

        Use traits for animation timing functions
        https://bugs.webkit.org/show_bug.cgi?id=181651

        Reviewed by Dean Jackson.

        Cleaning up Dean's previous patch as suggested by Darin's post-commit review comments. The
        downcast function can match const automatically and it's a better style to put the * inside
        the downcast call rather than outside.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::createTimingFunctionValue):
        * platform/animation/TimingFunction.cpp:
        (WebCore::operator<<):
        (WebCore::TimingFunction::transformTime const):
        * platform/animation/TimingFunction.h:
        * platform/graphics/ca/cocoa/PlatformCAAnimationCocoa.mm:
        (WebCore::toCAMediaTimingFunction):

2018-01-16  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] Live streaming cleanups
        https://bugs.webkit.org/show_bug.cgi?id=181672

        Reviewed by Michael Catanzaro.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::handleMessage): Switch to
        streaming code path when no content-length was reported by the
        http source element.
        (WebCore::MediaPlayerPrivateGStreamer::totalBytes const): Return early when streaming.
        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (CachedResourceStreamingClient::responseReceived): Emit headers as
        an element message, like souphttpsrc.

2018-01-15  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] misc fixes and cleanups
        https://bugs.webkit.org/show_bug.cgi?id=181647

        Reviewed by Michael Catanzaro.

        * platform/graphics/MediaPlayer.cpp:
        (WebCore::convertEnumerationToString): New utility function to convert preload enum to string.
        * platform/graphics/MediaPlayerEnums.h: Ditto.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::load): Debug tweak
        (WebCore::MediaPlayerPrivateGStreamer::prepareToPlay): Ditto
        (WebCore::MediaPlayerPrivateGStreamer::play): Ditto
        (WebCore::MediaPlayerPrivateGStreamer::paused const): Ditto
        (WebCore::MediaPlayerPrivateGStreamer::processBufferingStats): Prevent useless state update.
        (WebCore::MediaPlayerPrivateGStreamer::fillTimerFired): Ditto.
        (WebCore::MediaPlayerPrivateGStreamer::updateStates): Debug tweak.
        (WebCore::MediaPlayerPrivateGStreamer::setDownloadBuffering): Ditto.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
        Remove useless handlesSyncMessage method.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::setMuted): Prevent useless state update.
        (WebCore::MediaPlayerPrivateGStreamerBase::muted const): Debug tweak.
        (WebCore::MediaPlayerPrivateGStreamerBase::setStreamVolumeElement): Ditto.
        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (webkit_web_src_init): Enable keepAlive by default like in souphttpsrc.
        (webKitWebSrcStart): Debug tweak.
        (webKitWebSrcQueryWithParent): Ditto.
        (webKitWebSrcNeedData): Ditto.
        (CachedResourceStreamingClient::responseReceived): Change appsrc
        stream-type when we wan't seek. Also update caps like souphttpsrc
        does.
        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.h: Add forward declaration of MediaPlayer.
        * platform/graphics/gstreamer/mse/MediaSourceClientGStreamerMSE.cpp:
        (WebCore::MediaSourceClientGStreamerMSE::append): Fix compilation warning.

2018-01-16  Yacine Bandou  <yacine.bandou_ext@softathome.com>

        [WPE] Two clearkey tests failing since r226621
        https://bugs.webkit.org/show_bug.cgi?id=181532

        Reviewed by Xabier Rodriguez-Calvar.

        Whith a fake initData, we can have a pssh size nul, thus we should check it.
        We saw this issue in the subtest "initData longer than 64Kb characters" in
        the clearkey-generate-request-disallowed-input layout test.

        * platform/encryptedmedia/clearkey/CDMClearKey.cpp:
        (WebCore::extractKeyidsLocationFromCencInitData):

2018-01-15  Yoav Weiss  <yoav@yoav.ws>

        Support for preconnect Link headers
        https://bugs.webkit.org/show_bug.cgi?id=181657

        Reviewed by Darin Adler.

        Move the preconnect functionality into its own function, and
        also call this function when Link headers are processed.

        Test: http/tests/preconnect/link-header-rel-preconnect-http.php

        * loader/LinkLoader.cpp:
        (WebCore::LinkLoader::loadLinksFromHeader): Call preconnect.
        (WebCore::LinkLoader::preconnect): Preconnect to a host functionality moved here.
        (WebCore::LinkLoader::preload): Renamed `preloadIfNeeded` to `preload`.
        (WebCore::LinkLoader::loadLink): Call preconnect.
        * loader/LinkLoader.h:

2018-01-15  Michael Catanzaro  <mcatanzaro@igalia.com>

        Improve use of ExportMacros
        https://bugs.webkit.org/show_bug.cgi?id=181652

        Reviewed by Konstantin Tokarev.

        Remove a comment.

        * platform/PlatformExportMacros.h:

2018-01-15  Konstantin Tokarev  <annulen@yandex.ru>

        image-rendering should affect scaling of border-image
        https://bugs.webkit.org/show_bug.cgi?id=169440

        Reviewed by Michael Catanzaro.

        Test: fast/borders/border-image-pixelated.html

        * rendering/style/NinePieceImage.cpp:
        (WebCore::NinePieceImage::paint):

2018-01-15  Tomas Popela  <tpopela@redhat.com>

        2.19.3 ACCELERATED_2D_CANVAS support is broken
        https://bugs.webkit.org/show_bug.cgi?id=180799

        Reviewed by Michael Catanzaro.

        * html/canvas/CanvasRenderingContext2DBase.cpp:
        (WebCore::CanvasRenderingContext2DBase::didDraw):

2018-01-15  Basuke Suzuki  <Basuke.Suzuki@sony.com>

        [Curl] Enable HTTP/2
        https://bugs.webkit.org/show_bug.cgi?id=181551

        Reviewed by Michael Catanzaro.

        Start supporting HTTP/2 protocol. The first step is just enabling the HTTP/2 on Curl backend.
        Next step will be to enable multiplexing feature.

        No new tests because we don't have HTTP/2 test backend yet.

        * platform/network/curl/CurlContext.cpp:
        (WebCore::CurlContext::isHttp2Enabled const):
        (WebCore::CurlHandle::enableHttp):
        (WebCore::CurlHandle::enableHttpGetRequest):
        (WebCore::CurlHandle::enableHttpHeadRequest):
        (WebCore::CurlHandle::enableHttpPostRequest):
        (WebCore::CurlHandle::enableHttpPutRequest):
        (WebCore::CurlHandle::setHttpCustomRequest):
        * platform/network/curl/CurlContext.h:

2018-01-15  Dean Jackson  <dino@apple.com>

        Use a helper function for checked arithmetic in WebGL validation
        https://bugs.webkit.org/show_bug.cgi?id=181620
        <rdar://problem/36485879>

        Reviewed by Eric Carlson.

        Eric recommended using a templated helper function to do
        a common arithmetic check in WebGL validation.

        * html/canvas/WebGL2RenderingContext.cpp:
        (WebCore::WebGL2RenderingContext::validateIndexArrayConservative):
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::validateIndexArrayConservative):
        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::validateIndexArrayPrecise):
        (WebCore::WebGLRenderingContextBase::validateDrawArrays):
        (WebCore::WebGLRenderingContextBase::validateSimulatedVertexAttrib0):
        (WebCore::WebGLRenderingContextBase::simulateVertexAttrib0):
        * html/canvas/WebGLRenderingContextBase.h:
        (WebCore::WebGLRenderingContextBase::checkedAddAndMultiply): New helper.

2018-01-15  Dean Jackson  <dino@apple.com>

        Use traits for animation timing functions
        https://bugs.webkit.org/show_bug.cgi?id=181651
        <rdar://problem/36525328>

        Reviewed by Antoine Quint.

        Use the type traits for TimingFunction classes, so
        we can is<> and downcast<>.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::createTimingFunctionValue):
        * platform/animation/TimingFunction.cpp:
        (WebCore::TimingFunction::transformTime const):
        * platform/animation/TimingFunction.h:
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::animationHasStepsTimingFunction):
        (WebCore::animationHasFramesTimingFunction):
        * platform/graphics/ca/cocoa/PlatformCAAnimationCocoa.mm:
        (WebCore::toCAMediaTimingFunction):

2018-01-15  Youenn Fablet  <youenn@apple.com>

        RealtimeMediaSource should be ThreadSafeRefCounted
        https://bugs.webkit.org/show_bug.cgi?id=181649

        Reviewed by Eric Carlson.

        Difficult to write a test as this is really racy.
        RealtimeIncomingVideoSourceCocoa::OnFrame is taking a reference on a background thread
        to send a task to the main thread.
        This requires it to be thread safe ref counted.

        * platform/mediastream/RealtimeMediaSource.h:

2018-01-15  Philippe Normand  <pnormand@igalia.com>

        Prevent useless MediaPlayer mute state notifications
        https://bugs.webkit.org/show_bug.cgi?id=181646

        Reviewed by Carlos Garcia Campos.

        On GTK port the mute change notification was triggering the test
        runner to think the whole page mute state had changed and that
        media elements were muted. The simplest solution is to propagate
        the notification only if the state actually changed.

        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::muteChanged): Propagate mute notification
        only if the mute state actually changed.

2018-01-15  Sebastian Dröge  <sebastian@centricular.com>

        [GStreamer] Don't wait for draw condition variable when shutting down.
        https://bugs.webkit.org/show_bug.cgi?id=180978

        Reviewed by Carlos Garcia Campos.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint):
        (WebCore::MediaPlayerPrivateGStreamerBase::cancelRepaint):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
        By also waiting for the draw condition variable while shutting down,
        it is possible that the GStreamer video sink is waiting for the main
        thread to actually render the current frame, while at the same time
        the main thread is waiting for the GStreamer video sink to shut down,
        resulting in a deadlock.

2018-01-13  Minsheng Liu  <lambda@liu.ms>

        MathML Lengths should take zoom level into account
        https://bugs.webkit.org/show_bug.cgi?id=180029

        Reviewed by Frédéric Wang.

        The patch applies the effective zoom factor to physical units in toUserUnits().

        Test: mathml/presentation/mspace-units-with-zoom.html

        * rendering/mathml/RenderMathMLBlock.cpp:
        (WebCore::toUserUnits):

2018-01-12  Chris Dumez  <cdumez@apple.com>

        ASSERTION FAILED: registration || isTerminating() in WebCore::SWServerWorker::skipWaiting()
        https://bugs.webkit.org/show_bug.cgi?id=181603
        <rdar://problem/36476050>

        Reviewed by Youenn Fablet.

        No new tests, covered by existing tests that crash flakily.

        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::terminateWorkerInternal):
        If the connection to the context process is gone, make sure we make the worker as terminated
        so that it does not stay in Running state and in SWServer::m_runningOrTerminatingWorkers.

        * workers/service/server/SWServerRegistration.cpp:
        (WebCore::SWServerRegistration::~SWServerRegistration):
        Add assertions to make sure none of the registration's workers are still running when
        the registration is destroyed.

        (WebCore::SWServerRegistration::updateRegistrationState):
        Make sure registration workers that are overwritten are not still running.

        * workers/service/server/SWServerWorker.cpp:
        (WebCore::SWServerWorker::setState):
        If a worker's state is set to redundant, make sure we also terminate it.

2018-01-12  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r226927.
        https://bugs.webkit.org/show_bug.cgi?id=181621

        Breaks 32-bit and iOS release for some reason that i don't
        understand yet (Requested by dino on #webkit).

        Reverted changeset:

        "Use a helper function for checked arithmetic in WebGL
        validation"
        https://bugs.webkit.org/show_bug.cgi?id=181620
        https://trac.webkit.org/changeset/226927

2018-01-12  Myles C. Maxfield  <mmaxfield@apple.com>

        Data URL fonts split in the middle of an alphabet cause random letters to disappear
        https://bugs.webkit.org/show_bug.cgi?id=175845
        <rdar://problem/33996578>

        Reviewed by Brent Fulgham.

        It is fairly common practice for a font foundry to split a font up into two files such that a semi-random
        half of the alphabet is present in one of the files, and the other half is present in the other file. This
        practice involves representing the files as data URLs, so as to minimize the time it takes to load them.

        Because resource loading is asynchronous (even for data URLs), it is possible today to get a paint after
        the first file is loaded but before the second file is loaded. Indeed, because of the way font fallback
        works, we will never start loading the second file until a layout has occurred with the first font.

        Because a site usually only uses this pattern for a handful of fonts, and I've never seen this pattern
        being used for CJK fonts, it isn't very expensive to opportunistically decode these data URLs eagerly.
        Using this method doesn't actually guarantee that the two fonts will load in between successive paints,
        but it at least makes this much more likely. This patch implements this strategy, along with a size
        threshold to make sure that we won't decode any super large data URLs when it isn't necessary.

        Test: fast/text/font-load-data-partitioned-alphabet.html

        * css/CSSFontFace.cpp:
        (WebCore::CSSFontFace::opportunisticallyStartFontDataURLLoading):
        * css/CSSFontFace.h:
        * css/CSSFontFaceSource.cpp:
        (WebCore::CSSFontFaceSource::opportunisticallyStartFontDataURLLoading):
        * css/CSSFontFaceSource.h:
        * css/CSSFontSelector.cpp:
        (WebCore::CSSFontSelector::opportunisticallyStartFontDataURLLoading):
        * css/CSSFontSelector.h:
        * platform/graphics/FontCascadeFonts.cpp:
        (WebCore::opportunisticallyStartFontDataURLLoading):
        (WebCore::FontCascadeFonts::glyphDataForVariant):
        * platform/graphics/FontSelector.h:

2018-01-12  Alex Christensen  <achristensen@webkit.org>

        History state should be updated during client redirects with asynchronous policy decisions
        https://bugs.webkit.org/show_bug.cgi?id=181358
        <rdar://problem/35547689>

        Reviewed by Andy Estes.

        When decidePolicyForNavigationAction is responded to asynchronously during a client redirect, 
        HistoryController::updateForRedirectWithLockedBackForwardList does not update the history because
        the document loader has not been marked as a client redirect because the FrameLoader only looks
        at its provisional document loader to mark it as a client redirect.  When decidePolicyForNavigationAction
        is responded to asynchronously, though, the FrameLoader's provisional document loader has moved to 
        its policy document loader.  To get both asynchronous and synchronous cases, let's just mark the document
        loader as a client redirect whether it's the provisional or policy document loader.

        Covered by a new API test.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadURL):
        (WebCore::FrameLoader::loadPostRequest):

2018-01-12  Dean Jackson  <dino@apple.com>

        Use a helper function for checked arithmetic in WebGL validation
        https://bugs.webkit.org/show_bug.cgi?id=181620
        <rdar://problem/36485879>

        Reviewed by Eric Carlson.

        Eric recommended using a templated helper function to do
        a common arithmetic check in WebGL validation.

        * html/canvas/WebGL2RenderingContext.cpp:
        (WebCore::WebGL2RenderingContext::validateIndexArrayConservative):
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::validateIndexArrayConservative):
        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::checkedAddAndMultiply): New helper.
        (WebCore::WebGLRenderingContextBase::validateIndexArrayPrecise):
        (WebCore::WebGLRenderingContextBase::validateDrawArrays):
        (WebCore::WebGLRenderingContextBase::validateSimulatedVertexAttrib0):
        (WebCore::WebGLRenderingContextBase::simulateVertexAttrib0):
        * html/canvas/WebGLRenderingContextBase.h:

2018-01-12  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] CTFontCopyDefaultCascadeListForLanguages() can return nullptr
        https://bugs.webkit.org/show_bug.cgi?id=181615
        <rdar://problem/36334637>

        Reviewed by Jon Lee.

        Speculative fix. We are getting crash reports saying that this call can return nullptr, and we
        don't check for it.

        No new tests because I couldn't find the specific input that causes it to return nullptr. (I
        tried running this code with every 0, 1, and 2 length locale string, every weight value, and
        every italic value, and couldn't get it to crash. I also inspected the code to figure out what
        values would cause it to return nullptr, and I couldn't find anything other than if the system
        has a totally busted font setup.)

        * platform/graphics/cocoa/FontDescriptionCocoa.cpp:
        (WebCore::SystemFontDatabase::computeCascadeList):

2018-01-11  Dean Jackson  <dino@apple.com>

        [WebGL] Simulated vertexAttrib0 can sometimes cause OUT_OF_MEMORY errors
        https://bugs.webkit.org/show_bug.cgi?id=181558
        <rdar://problem/36189833>

        Reviewed by Eric Carlson.

        Very large element indices in the ELEMENT_ARRAY_BUFFER meant that
        our simulated vertexAttrib0 buffer might be too large. We need
        to check for out-of-memory, but we can also detect some of the issues
        earlier in our validation code. Additionally, make sure that we don't
        accidentally cast an unsigned to a signed.

        Test: fast/canvas/webgl/simulated-vertexAttrib0-invalid-indicies.html

        * html/canvas/WebGL2RenderingContext.cpp:
        (WebCore::WebGL2RenderingContext::validateIndexArrayConservative): Update validation
        code to look for overflow, rather than relying on looking for sign changes.
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::validateIndexArrayConservative): Ditto.
        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::validateIndexArrayPrecise):
        (WebCore::WebGLRenderingContextBase::drawArrays): Check that we were able to simulate.
        (WebCore::WebGLRenderingContextBase::drawElements):
        (WebCore::WebGLRenderingContextBase::validateSimulatedVertexAttrib0): Update validation code, and
        use GC3Duint, since that's what the indicies are.
        (WebCore::WebGLRenderingContextBase::simulateVertexAttrib0): Ditto.
        (WebCore::WebGLRenderingContextBase::drawArraysInstanced): Check that we were able to simulate.
        (WebCore::WebGLRenderingContextBase::drawElementsInstanced):
        * html/canvas/WebGLRenderingContextBase.h:

2018-01-12  Wenson Hsieh  <wenson_hsieh@apple.com>

        Large in-place attachment elements cause the document width to expand when inserted
        https://bugs.webkit.org/show_bug.cgi?id=181614

        Reviewed by Dan Bernstein.

        Make in-place images and videos have a max-width of 100%, so that large attachments aren't inserted with full
        display size, causing the document and viewport width to expand.

        * html/HTMLAttachmentElement.cpp:
        (WebCore::HTMLAttachmentElement::populateShadowRootIfNecessary):

2018-01-12  Keith Rollin  <krollin@apple.com>

        Logged JSON should escape "'s and \'s in strings.
        https://bugs.webkit.org/show_bug.cgi?id=181608

        Reviewed by Brent Fulgham.

        No new tests -- no new functionality, just changed logging. The
        efficacy of the logging was verified by inspecting its output.

        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution):

2018-01-12  Dean Jackson  <dino@apple.com>

        drawElements should be invalid if vertexAttrib0 doesn't have data
        https://bugs.webkit.org/show_bug.cgi?id=181609
        <rdar://problem/36392883>

        Reviewed by Antoine Quint.

        If a vertex attribute has been enabled, but no data provided, then
        draw validation should fail.

        Test: fast/canvas/webgl/drawElements-empty-vertex-data.html

        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::validateVertexAttributes): If there were
        never any data in the vertex buffer, then we incorrectly compared with 0.

2018-01-12  Youenn Fablet  <youenn@apple.com>

        FormDataElement::lengthInBytes should use ThreadableBlobRegistry
        https://bugs.webkit.org/show_bug.cgi?id=181554

        Reviewed by Chris Dumez.

        Covered by updated test.

        Fix blobRegistry() use and add support for creating a response that may trigger the issue.


        * platform/network/FormData.cpp:
        (WebCore::FormDataElement::lengthInBytes const): Was using directly blobRegistry() while ThreadableBlobRegistry is more appropriate
        in case this is called from workers.
        * Modules/fetch/FetchBody.h:
        * Modules/fetch/FetchResponse.h:
        * fileapi/Blob.h:
        * testing/ServiceWorkerInternals.cpp:
        (WebCore::ServiceWorkerInternals::createOpaqueWithBlobBodyResponse):
        * testing/ServiceWorkerInternals.h:
        * testing/ServiceWorkerInternals.idl:

2018-01-12  Jer Noble  <jer.noble@apple.com>

        Wrap CDMFairPlayStreaming and related classes in ENABLE(ENCRYPTED_MEDIA) checks
        https://bugs.webkit.org/show_bug.cgi?id=181602

        Reviewed by Maciej Stachowiak.

        * platform/graphics/avfoundation/CDMFairPlayStreaming.h:
        * platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.h:
        * platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.mm:

2018-01-12  Youenn Fablet  <youenn@apple.com>

        WebProcess should pass the registration identifier and not the worker identifier for fetch events
        https://bugs.webkit.org/show_bug.cgi?id=181591

        Reviewed by Chris Dumez.

        Test: http/wpt/service-workers/update-service-worker.https.html

        Store service worker registration identifier in ResourceLoaderOptions instead of service worker identifier.

        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::DocumentThreadableLoader):
        (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest):
        * loader/ResourceLoaderOptions.h:
        * loader/WorkerThreadableLoader.cpp:
        (WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge):
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::prepareFetch):
        (WebCore::CachedResourceLoader::determineRevalidationPolicy const):
        * loader/cache/CachedResourceRequest.cpp:
        (WebCore::CachedResourceRequest::setSelectedServiceWorkerRegistrationIdentifierIfNeeded):
        (WebCore::CachedResourceRequest::setNavigationServiceWorkerRegistrationData):
        (WebCore::CachedResourceRequest::setSelectedServiceWorkerIdentifierIfNeeded): Deleted.
        * loader/cache/CachedResourceRequest.h:
        * workers/WorkerScriptLoader.cpp:
        (WebCore::WorkerScriptLoader::loadSynchronously):
        (WebCore::WorkerScriptLoader::loadAsynchronously):
        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::activeWorkerFromRegistrationID):
        * workers/service/server/SWServer.h:

2018-01-12  Fujii Hironori  <Hironori.Fujii@sony.com>

        [Win][CMake] Remove all-in-one file for WebCore DerivedSources
        https://bugs.webkit.org/show_bug.cgi?id=181582

        Reviewed by Alex Christensen.

        Those source files are compiled in unified source build nowadays.

        No new tests (No behavior change)

        * CMakeLists.txt: Removed calling PROCESS_ALLINONE_FILE.
        * DerivedSources.cpp: Removed.
        * WebCoreMacros.cmake: Removed a macro PROCESS_ALLINONE_FILE.

2018-01-12  Fujii Hironori  <Hironori.Fujii@sony.com>

        [WinCairo][CMake] Use ${CURL_LIBRARY} instead of specifying the library name libcurl_imp explicitly
        https://bugs.webkit.org/show_bug.cgi?id=181578

        Reviewed by Alex Christensen.

        vcpkg has libcurl.lib, not libcurl_imp.lib.

        No new tests because no behavior change.

        * PlatformWinCairo.cmake: Link ${CURL_LIBRARY} instead of libcurl_imp.

2018-01-12  Jer Noble  <jer.noble@apple.com>

        WebGL video texture black in Safari 11.0.2 and wrong colored in Safari Preview 11.1
        https://bugs.webkit.org/show_bug.cgi?id=181445
        <rdar://problem/36383183>

        Reviewed by Dean Jackson.

        Tests: added compile-time correctness tests for YCbCrMatrix values.

        Perform the derivation from YCbCr coefficients into matrices in constexpr expressions
        at compile-time. This allows us to also perform compile-time correctness checks to catch
        regressions which may cause incorrect color conversions.

        Since we now have general-purpose derivation of matrix values from coefficients,
        adding missing specificed matrices is trivial, so add support for SMPTE 240M and BT.2020
        matrices.

        * platform/graphics/cv/VideoTextureCopierCV.cpp:
        (WebCore::GLfloatColor::GLfloatColor):
        (WebCore::GLfloatColor::abs):
        (WebCore::GLfloatColor::isApproximatelyEqualTo const):
        (WebCore::YCbCrMatrix::operator Vector<GLfloat> const):
        (WebCore::YCbCrMatrix::YCbCrMatrix):
        (WebCore::YCbCrMatrix::operator* const):
        (WebCore::YCbCrToRGBMatrixForRangeAndTransferFunction):

2018-01-12  Antoine Quint  <graouts@apple.com>

        Add support for the frames() timing function
        https://bugs.webkit.org/show_bug.cgi?id=181585
        <rdar://problem/36463317>

        Reviewed by Dean.

        Implement the frames() timing function as specified in the CSS Timing Functions Level 1
        specification, specifically https://www.w3.org/TR/css-timing-1/#frames-timing-functions.
        A frames timing function is a type of timing function that divides the input time into a
        specified number of intervals of equal length.

        Test: transitions/frames-timing-function.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::createTimingFunctionValue):
        * css/CSSTimingFunctionValue.cpp:
        (WebCore::CSSFramesTimingFunctionValue::customCSSText const):
        (WebCore::CSSFramesTimingFunctionValue::equals const):
        * css/CSSTimingFunctionValue.h:
        * css/CSSToStyleMap.cpp:
        (WebCore::CSSToStyleMap::mapAnimationTimingFunction):
        * css/CSSValue.cpp:
        (WebCore::CSSValue::equals const):
        (WebCore::CSSValue::cssText const):
        (WebCore::CSSValue::destroy):
        * css/CSSValue.h:
        (WebCore::CSSValue::isFramesTimingFunctionValue const):
        * css/CSSValueKeywords.in:
        * css/parser/CSSPropertyParser.cpp:
        (WebCore::consumeSteps):
        (WebCore::consumeFrames):
        (WebCore::consumeAnimationTimingFunction):
        * platform/animation/TimingFunction.cpp:
        (WebCore::operator<<):
        (WebCore::TimingFunction::transformTime const):
        * platform/animation/TimingFunction.h:
        (WebCore::TimingFunction::isFramesTimingFunction const):
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::animationHasFramesTimingFunction):
        (WebCore::GraphicsLayerCA::animationCanBeAccelerated const):

2018-01-12  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r226721.
        https://bugs.webkit.org/show_bug.cgi?id=181583

        Lets do a slightly different fix (Requested by anttik on
        #webkit).

        Reverted changeset:

        "REGRESSION(r225650): The scores of MotionMark tests Multiply
        and Leaves dropped by 8%"
        https://bugs.webkit.org/show_bug.cgi?id=181460
        https://trac.webkit.org/changeset/226721

2018-01-11  Keith Miller  <keith_miller@apple.com>

        Rename ENABLE_ASYNC_ITERATION to ENABLE_JS_ASYNC_ITERATION
        https://bugs.webkit.org/show_bug.cgi?id=181573

        Reviewed by Simon Fraser.

        * Configurations/FeatureDefines.xcconfig:

2018-01-11  Jiewen Tan  <jiewen_tan@apple.com>

        [WebAuthN] Import a CBOR coder from Chromium
        https://bugs.webkit.org/show_bug.cgi?id=181522
        <rdar://problem/36055729>

        Reviewed by Brent Fulgham.

        This patch imports a CBOR coder including encoder and decoder from Chromium. CBOR encoder
        is needed for WebAuthN to encode attestation object into binaries. When supporting extensions
        in the future, CBOR encoder/decoder will be needed as well. Implementating and maintaining
        a fully-fledged CBOR coder doesn't seem to align with WebKit's best interests. Therefore,
        importing a most suitable third party implementation will be wise.

        In this patch, it fully integrate the whole coder into our codebase. Those changes includes:
            1. Substitute data structures that enjoy a better WTF version.
            2. Replacing marcos.
            3. Implementating workarounds for some functionalities that we lack fundamental types' support.
            4. Changing the coding style to match ours.

        This patch doesn't intend to improve the logic of the original codebase. Hence some of the
        coding logic might not match what WebKit ususally has.

        Here is a full list of Chromium changes that constructed this CBOR coder in chronological order:
        6efcf495521d18d060027762f48bb292d6979136,
        9eb43fd347890b4c6cf54c4bd7ec1bbb88e381e1,
        31c85e74fd567772f18e0a41be468d04af721f21,
        68672fdcad280a8ff69b91927d38d0eabf2c87f2,
        0ca8667c0584fb21c0748ebd7468d32889759a07,
        df763d790d7e45d70116bdefacbfd4f9faa8995e,
        6d30c4a621c65314db63eb56e87c19ab75627b26,
        50fe92953f4739f17a62303fedbf8db9234317c8,
        47be22c3603424d1832d046a348ff3f982500288,
        98a59e46948b2c71608926004fac8192b0ff2208,
        07540c6d850ed6e0fa508d63c20a8ce96d751de6,
        06ae32d640c8e4b86ea8914a80ee419ea16e56d8.

        Covered by API tests.

        * Modules/webauthn/cbor/CBORBinary.h: Added.
        * Modules/webauthn/cbor/CBORReader.cpp: Added.
        (cbor::CBORReader::CBORReader):
        (cbor::CBORReader::~CBORReader):
        (cbor::CBORReader::read):
        (cbor::CBORReader::decodeCBOR):
        (cbor::CBORReader::readVariadicLengthInteger):
        (cbor::CBORReader::decodeValueToNegative):
        (cbor::CBORReader::decodeValueToUnsigned):
        (cbor::CBORReader::readSimpleValue):
        (cbor::CBORReader::readString):
        Workarounds applied.
        (cbor::CBORReader::readBytes):
        (cbor::CBORReader::readCBORArray):
        (cbor::CBORReader::readCBORMap):
        (cbor::CBORReader::canConsume):
        (cbor::CBORReader::checkMinimalEncoding):
        (cbor::CBORReader::checkExtraneousData):
        (cbor::CBORReader::checkDuplicateKey):
        (cbor::CBORReader::hasValidUTF8Format):
        Workarounds applied.
        (cbor::CBORReader::checkOutOfOrderKey):
        (cbor::CBORReader::getErrorCode):
        (cbor::CBORReader::errorCodeToString):
        * Modules/webauthn/cbor/CBORReader.h: Added.
        * Modules/webauthn/cbor/CBORValue.cpp: Added.
        (cbor::CBORValue::CBORValue):
        (cbor::CBORValue::operator=):
        (cbor::CBORValue::~CBORValue):
        (cbor::CBORValue::clone const):
        (cbor::CBORValue::getInteger const):
        (cbor::CBORValue::getUnsigned const):
        (cbor::CBORValue::getNegative const):
        (cbor::CBORValue::getString const):
        (cbor::CBORValue::getByteString const):
        (cbor::CBORValue::getArray const):
        (cbor::CBORValue::getMap const):
        (cbor::CBORValue::getSimpleValue const):
        (cbor::CBORValue::internalMoveConstructFrom):
        (cbor::CBORValue::internalCleanup):
        * Modules/webauthn/cbor/CBORValue.h: Added.
        * Modules/webauthn/cbor/CBORWriter.cpp: Added.
        (cbor::CBORWriter::~CBORWriter):
        (cbor::CBORWriter::write):
        (cbor::CBORWriter::CBORWriter):
        (cbor::CBORWriter::encodeCBOR):
        Workarounds applied.
        (cbor::CBORWriter::startItem):
        (cbor::CBORWriter::setAdditionalInformation):
        (cbor::CBORWriter::setUint):
        (cbor::CBORWriter::getNumUintBytes):
        * Modules/webauthn/cbor/CBORWriter.h: Added.
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:

2018-01-11  Chris Dumez  <cdumez@apple.com>

        Setting Window.opener to null should disown its opener
        https://bugs.webkit.org/show_bug.cgi?id=181505
        <rdar://problem/36443151>

        Reviewed by Ryosuke Niwa.

        Setting Window.opener to null should disown its opener as per:
        - https://html.spec.whatwg.org/#dom-opener

        With this change, tabs opened by clicking link inside Gmail no
        longer have the Gmail window as opener.

        Tests: fast/dom/Window/window-opener-set-to-null.html
               fast/dom/Window/window-opener-shadowing.html

        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::JSDOMWindow::setOpener):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::disownOpener):
        * page/DOMWindow.h:
        * page/DOMWindow.idl:

2018-01-11  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] Star character disappears when bolded
        https://bugs.webkit.org/show_bug.cgi?id=181568
        <rdar://problem/18755569>

        Reviewed by Simon Fraser.

        We had some code in ComplexTextController to ask the FontCache for a font, given the name
        of a particular font CoreText used inside a CTRun. This is wrong for two reasons: fonts
        are not identifiable by PostScript name (in the general case), and because the lookup
        procedure requires a FontDescription, the result may yield a font that is not the one
        looked up. The goal of this code was simply to preserve the rendering mode of the font,
        but we removed support for these rendering modes years ago. So the solution is to skip
        that lookup and use the CoreText font directly.

        Test: fast/text/unknown-font.html

        * platform/graphics/mac/ComplexTextControllerCoreText.mm:
        (WebCore::ComplexTextController::collectComplexTextRunsForCharacters):

2018-01-11  Keith Rollin  <krollin@apple.com>

        Add optional logging of ITP-related user interaction information
        https://bugs.webkit.org/show_bug.cgi?id=181556

        Reviewed by Brent Fulgham.

        In order to support the tracking of the efficacy of Intelligent
        Tracking Protection, add some logging indicating when the user
        interacts with a page in a way that affects cookie partitioning. This
        logging is off by default, and is enabled with `defaults write -g
        WebKitLogCookieInformation -bool true`.

        No new tests -- no changed functionality.

        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution):
        * loader/ResourceLoadObserver.h:
        (WebCore::ResourceLoadObserver::shouldLogUserInteraction const):
        (WebCore::ResourceLoadObserver::setShouldLogUserInteraction):

2018-01-11  James Craig  <jcraig@apple.com>

        AX: when invert colors is on, double-invert video elements in UserAgentStyleSheet
        https://bugs.webkit.org/show_bug.cgi?id=168447
        <rdar://problem/30559874>

        Reviewed by Simon Fraser.

        Double-invert video when platform "invert colors" setting is enabled. Behavior matches 
        current "Smart Invert" feature of Safari Reader on macOS/iOS and other iOS native apps.

        Tests: accessibility/smart-invert-reference.html
               accessibility/smart-invert.html

        * Modules/modern-media-controls/controls/media-controls.css:
        (@media (inverted-colors)):
        (:host):
        (picture):
        * css/html.css:
        (@media (inverted-colors)):
        (video):

2018-01-11  Wenson Hsieh  <wenson_hsieh@apple.com>

        Don't load inline data when requesting info for an attachment element backed by a file path
        https://bugs.webkit.org/show_bug.cgi?id=181550

        Reviewed by Tim Horton.

        When requesting data for an attachment element that is backed by a file path, we currently trigger a load in the
        web process to fetch contents of the attachment data as inline data in the AttachmentInfo. This is unnecessary,
        since the file path of the attachment element must have come from the UI process anyways, so it is sufficient to
        simply send the file path to the UI process and have the UI process read the contents of the path as a memory-
        mapped NSData.

        This patch lets HTMLAttachmentElement skip over resource loading codepaths when creating an AttachmentInfo for
        the client, and also teaches _WKAttachment to read a AttachmentInfo's filepath as memory-mapped data if a file
        path is present, and no inline data was specified.

        Covered by existing API tests.

        * html/HTMLAttachmentElement.cpp:
        (WebCore::HTMLAttachmentElement::requestInfo):

2018-01-10  Ryosuke Niwa  <rniwa@webkit.org>

        Make elements of zero width or height focusable
        https://bugs.webkit.org/show_bug.cgi?id=181516

        Reviewed by Chris Dumez.

        Don't check render box's size or bounding rect when deciding whether an element is focusable.
        New behavior matches that of Firefox and Chrome.

        Test: fast/events/focus-zero-size-element.html

        * dom/Element.cpp:
        (WebCore::Element::isFocusable): Only update the style.
        * html/HTMLFormControlElement.cpp:
        (WebCore::HTMLFormControlElement::isFocusable const): Deleted.
        * html/HTMLFormControlElement.h:
        * mathml/MathMLElement.cpp:
        (WebCore::MathMLElement::isFocusable const): Deleted. As far as I can tell, no math ml element is focusable.
        * mathml/MathMLElement.h:
        * svg/SVGAElement.cpp:
        (WebCore::SVGAElement::isFocusable const): Deleted.
        * svg/SVGAElement.h:

2018-01-11  Filip Pizlo  <fpizlo@apple.com>

        Rename MarkedAllocator to BlockDirectory and AllocatorAttributes to CellAttributes
        https://bugs.webkit.org/show_bug.cgi?id=181543

        Rubber stamped by Michael Saboff.

        No new tests because I'm just renaming things.

        * ForwardingHeaders/heap/BlockDirectoryInlines.h: Copied from Source/WebCore/ForwardingHeaders/heap/MarkedAllocatorInlines.h.
        * ForwardingHeaders/heap/MarkedAllocatorInlines.h: Removed.
        * bindings/js/DOMGCOutputConstraint.cpp:

2018-01-11  Alex Christensen  <achristensen@webkit.org>

        REGRESSION(r225003): Loading hangs in environments where dispatch_async does not work
        https://bugs.webkit.org/show_bug.cgi?id=181553
        <rdar://problem/35733938>

        Reviewed by Eric Carlson.

        There is an environment where dispatch_async does not work, but performSelectorOnMainThread works.
        r225003 broke loading in this environment.  This fixes it and updates the test that r225003 fixed.
        It failed sometimes because loading was happening in a different order than html parsing, so I made
        the test not depend on html parsing timing by updating media/video-src-remove.html.

        * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
        (-[WebCoreResourceHandleAsOperationQueueDelegate callFunctionOnMainThread:]):

2018-01-11  Dean Jackson  <dino@apple.com>

        Rolling out 226814. It crashes on some bots.

2018-01-11  Dean Jackson  <dino@apple.com>

        [WebGL] Simulated vertexAttrib0 can sometimes cause OUT_OF_MEMORY errors
        https://bugs.webkit.org/show_bug.cgi?id=181558
        <rdar://problem/36189833>

        Reviewed by Eric Carlson.

        Very large element indices in the ELEMENT_ARRAY_BUFFER meant that
        our simulated vertexAttrib0 buffer might be too large. We need
        to check for out-of-memory, but we can also detect some of the issues
        earlier in our validation code. Additionally, make sure that we don't
        accidentally cast an unsigned to a signed.

        Test: fast/canvas/webgl/simulated-vertexAttrib0-invalid-indicies.html

        * html/canvas/WebGL2RenderingContext.cpp:
        (WebCore::WebGL2RenderingContext::validateIndexArrayConservative): Update validation
        code to look for overflow, rather than relying on looking for sign changes.
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::validateIndexArrayConservative): Ditto.
        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::validateIndexArrayPrecise):
        (WebCore::WebGLRenderingContextBase::drawArrays): Check that we were able to simulate.
        (WebCore::WebGLRenderingContextBase::drawElements):
        (WebCore::WebGLRenderingContextBase::validateSimulatedVertexAttrib0): Update validation code, and
        use GC3Duint, since that's what the indicies are.
        (WebCore::WebGLRenderingContextBase::simulateVertexAttrib0): Ditto.
        (WebCore::WebGLRenderingContextBase::drawArraysInstanced): Check that we were able to simulate.
        (WebCore::WebGLRenderingContextBase::drawElementsInstanced):
        * html/canvas/WebGLRenderingContextBase.h:

2018-01-11  Chris Dumez  <cdumez@apple.com>

        ASSERTION FAILED: registration in WebCore::SWServerWorker::skipWaiting()
        https://bugs.webkit.org/show_bug.cgi?id=181222
        <rdar://problem/36332686>

        Reviewed by Youenn Fablet.

        Replace assertion in SWServerWorker::skipWaiting() that assumes the worker
        has a registration. Nowadays, a SWServerWorker can stay alive for a short
        period without having a registration, while it is terminating.

        No new tests, unskipped existing test.

        * workers/service/server/SWServerWorker.cpp:
        (WebCore::SWServerWorker::skipWaiting):

2018-01-11  Antti Koivisto  <antti@apple.com>

        Don't call RenderElement::setStyle when nothing changes
        https://bugs.webkit.org/show_bug.cgi?id=181530

        Reviewed by Zalan Bujtas.

        * style/StyleChange.h:

        Remove 'Force' value. This essentially meant 'compute style for all descendants and call setStyle unconditionally'.
        Using this value lost information about whether anything actually changed in a particular style as it was automatically
        inherited by all descendants. The 'compute all descendants' part of the behavior is what is actually needed.

        Instead add separate DescendantsToResolve enum for communicating what else to compute.

        * style/StyleTreeResolver.cpp:
        (WebCore::Style::TreeResolver::Parent::Parent):
        (WebCore::Style::computeDescendantsToResolve):

            Figure out which descendants will need resolving based on how the current elements style changed.

        (WebCore::Style::TreeResolver::resolveElement):
        (WebCore::Style::TreeResolver::createAnimatedElementUpdate):
        (WebCore::Style::TreeResolver::pushParent):
        (WebCore::Style::shouldResolveElement):

            Use DescendantsToResolve as input.

        (WebCore::Style::TreeResolver::resolveComposedTree):
        * style/StyleTreeResolver.h:
        * style/StyleUpdate.h:
        (WebCore::Style::ElementUpdates::ElementUpdates):

            Add DescendantsToResolve.

2018-01-11  Wenson Hsieh  <wenson_hsieh@apple.com>

        Send PromisedBlobInfo to the client through DragItem instead of DragClient::prepareToDragPromisedBlob
        https://bugs.webkit.org/show_bug.cgi?id=181497

        Reviewed by Tim Horton.

        Refactor drag initiation with DOMFile-backed attachment elements. See WebKit ChangeLog for more information. No
        change in behavior; promised blob dragging covered by WKAttachment API tests.

        * loader/EmptyClients.cpp:
        * page/DragClient.h:
        (WebCore::DragClient::prepareToDragPromisedBlob): Deleted.
        * page/DragController.cpp:
        (WebCore::DragController::startDrag):
        (WebCore::DragController::doImageDrag):
        (WebCore::DragController::doSystemDrag):
        (WebCore::DragController::promisedBlobInfo):
        (WebCore::DragController::dragAttachmentElement): Deleted.
        * page/DragController.h:
        * platform/DragItem.h:
        (WebCore::DragItem::encode const):
        (WebCore::DragItem::decode):

2018-01-11  Youenn Fablet  <youenn@apple.com>

        RTCController should disable ICE candidate filtering in case of getUserMedia based on the RTCPerrConnection origin
        https://bugs.webkit.org/show_bug.cgi?id=180851

        Reviewed by Eric Carlson.

        Test: http/wpt/webrtc/third-party-frame-ice-candidate-filtering.html

        RTCController now stores all the client origins (top+frame origins) of frames that got access to camera/microphone access.
        For any such client origin, PeerConnection objects ICE candidate filtering is disabled.
        ICE candidate filtering is reset whenever navigating/reloading the page.

        * Modules/mediastream/RTCController.cpp:
        (WebCore::RTCController::reset):
        (WebCore::matchDocumentOrigin):
        (WebCore::RTCController::shouldDisableICECandidateFiltering):
        (WebCore::RTCController::add):
        (WebCore::RTCController::disableICECandidateFilteringForAllOrigins):
        (WebCore::RTCController::disableICECandidateFiltering):
        (WebCore::RTCController::enableICECandidateFiltering):
        * Modules/mediastream/RTCController.h:
        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::RTCPeerConnection::create):
        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::UserMediaRequest::allow):
        * page/Page.cpp:
        (WebCore::Page::disableICECandidateFiltering):
        * testing/Internals.cpp:
        (WebCore::Internals::setICECandidateFiltering):

2018-01-11  Ali Juma  <ajuma@chromium.org>

        window.visualViewport should behave as [SameObject]
        https://bugs.webkit.org/show_bug.cgi?id=181548

        Reviewed by Chris Dumez.

        Add 'GenerateIsReachable' to VisualViewport so that window.visualViewport's
        JS wrapper object doesn't get garbage collected too soon.

        Test: fast/visual-viewport/visual-viewport-same-object.html

        * page/VisualViewport.idl:

2018-01-11  Basuke Suzuki  <Basuke.Suzuki@sony.com>

        [Curl] Extract multipart handling from ResourceHandle to CurlRequest.
        https://bugs.webkit.org/show_bug.cgi?id=181506

        Reviewed by Alex Christensen.

        Rename old MultipartHandle class to CurlMultipartHandle and modernize it. Also move the responsibility 
        of handling multi part from ResourceHandle to CurlRequest. This is required for upcoming NetworkLoadTask.

        No new tests because no new behavior.

        * platform/Curl.cmake:
        * platform/network/curl/CurlMultipartHandle.cpp: Renamed from Source/WebCore/platform/network/curl/MultipartHandle.cpp.
        (WebCore::CurlMultipartHandle::createIfNeeded):
        (WebCore::CurlMultipartHandle::extractBoundary):
        (WebCore::CurlMultipartHandle::extractBoundaryFromContentType):
        (WebCore::CurlMultipartHandle::CurlMultipartHandle):
        (WebCore::CurlMultipartHandle::didReceiveData):
        (WebCore::CurlMultipartHandle::didComplete):
        (WebCore::CurlMultipartHandle::processContent):
        (WebCore::CurlMultipartHandle::checkForBoundary):
        (WebCore::CurlMultipartHandle::matchedLength):
        (WebCore::CurlMultipartHandle::parseHeadersIfPossible):
        * platform/network/curl/CurlMultipartHandle.h: Renamed from Source/WebCore/platform/network/curl/MultipartHandle.h.
        (WebCore::CurlMultipartHandle::~CurlMultipartHandle):
        * platform/network/curl/CurlMultipartHandleClient.h: Added.
        (WebCore::CurlMultipartHandleClient::~CurlMultipartHandleClient):
        * platform/network/curl/CurlRequest.cpp:
        (WebCore::CurlRequest::CurlRequest):
        (WebCore::CurlRequest::didReceiveHeader):
        (WebCore::CurlRequest::didReceiveData):
        (WebCore::CurlRequest::didReceiveHeaderFromMultipart):
        (WebCore::CurlRequest::didReceiveDataFromMultipart):
        (WebCore::CurlRequest::didCompleteTransfer):
        (WebCore::CurlRequest::finalizeTransfer):
        (WebCore::CurlRequest::invokeDidReceiveResponseForFile):
        (WebCore::CurlRequest::invokeDidReceiveResponse):
        (WebCore::CurlRequest::completeDidReceiveResponse):
        * platform/network/curl/CurlRequest.h:
        (WebCore::CurlRequest::create):
        * platform/network/curl/ResourceHandleCurlDelegate.cpp:
        (WebCore::ResourceHandleCurlDelegate::createCurlRequest):
        (WebCore::ResourceHandleCurlDelegate::curlDidReceiveResponse):
        (WebCore::ResourceHandleCurlDelegate::curlDidReceiveBuffer):
        (WebCore::ResourceHandleCurlDelegate::curlDidComplete):
        * platform/network/curl/ResourceHandleCurlDelegate.h:

2018-01-11  Zalan Bujtas  <zalan@apple.com>

        RenderTreeUpdater::current() returns null_ptr when mutation is done through Document::resolveStyle.
        https://bugs.webkit.org/show_bug.cgi?id=181513
        <rdar://problem/36367085>

        Reviewed by Antti Koivisto.

        This patch ensures that we use a valid RenderTreeBuilder even when
        Document::resolveStyle (incorrectly) triggers tree mutation.
        It can be reverted soon after the incorrect mutations are taken care of.

        Test: fast/forms/button-set-text-crash.html

        * rendering/RenderButton.cpp:
        (WebCore::RenderButton::setText):
        * rendering/RenderMenuList.cpp:
        (RenderMenuList::setText):

2018-01-11  Antoine Quint  <graouts@apple.com>

        Only listen to webkitplaybacktargetavailabilitychanged when media controls are visible to the user
        https://bugs.webkit.org/show_bug.cgi?id=181547
        <rdar://problem/35947650>

        Reviewed by Eric Carlson.

        Because listening to "webkitplaybacktargetavailabilitychanged" events incurs some higher power usage on iOS,
        we only listen to such events when controls are visible to the user. In other words, the MediaControls need to
        have both "visible" set to "true" and "faded" set to "false". To support this, we add a delegate method on
        MediaControls such that it can tell the MediaController that the "visible" property changed. With this message,
        MediaController can inform its MediaControllerSupport objects that user visibility of the controls changed, which
        lets AirplaySupport disable itself when controls are no longer visible.

        Test: media/modern-media-controls/airplay-support/airplay-support-disable-event-listeners-with-hidden-controls.html

        * Modules/modern-media-controls/controls/media-controls.js:
        (MediaControls.prototype.set visible):
        * Modules/modern-media-controls/media/airplay-support.js:
        (AirplaySupport.prototype.controlsUserVisibilityDidChange):
        * Modules/modern-media-controls/media/media-controller-support.js:
        (MediaControllerSupport.prototype.controlsUserVisibilityDidChange):
        * Modules/modern-media-controls/media/media-controller.js:
        (MediaController.prototype.mediaControlsVisibilityDidChange):
        (MediaController.prototype.mediaControlsFadedStateDidChange):
        (MediaController.prototype._controlsUserVisibilityDidChange):

2018-01-11  Antoine Quint  <graouts@apple.com>

        [iOS] There should be no controls markup generated in fullscreen
        https://bugs.webkit.org/show_bug.cgi?id=181540
        <rdar://problem/35060379>

        Reviewed by Eric Carlson.

        We completely forgo the display of any content when fullscreen on iOS by setting the
        "visible" flag to "false" on the MediaControls, which will prevent any DOM content from
        being added.

        * Modules/modern-media-controls/media/media-controller.js:
        (MediaController.prototype.handleEvent):
        (MediaController.prototype._updateiOSFullscreenProperties):
        (MediaController):
        (MediaController.prototype._updateSupportingObjectsEnabledState): Deleted.

2018-01-11  Alex Christensen  <achristensen@webkit.org>

        Revert changes accidentally committed with r226789.
        https://bugs.webkit.org/show_bug.cgi?id=181423

        I had some local changes I did not mean to commit.

        * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
        (scheduledWithCustomRunLoopMode):
        (-[WebCoreResourceHandleAsOperationQueueDelegate callFunctionOnMainThread:]):
        (WebCore::if): Deleted.
        (WebCore::>::fromCallable): Deleted.

2018-01-10  Simon Fraser  <simon.fraser@apple.com>

        On macOS, getBoundingClientRect gives incorrect values when pinch-zoomed
        https://bugs.webkit.org/show_bug.cgi?id=181511
        rdar://problem/33741427

        Reviewed by Zalan Bujtas.
        
        When reverting "client coordinates are relative to layout viewport" in r219829
        I broke documentToClientOffset() on macOS by failing to take pinch zoom scale into
        account (frameScaleFactor() is always 1 on iOs, so this bug doesn't manifest there).

        Covered by existing tests.

        * page/FrameView.cpp:
        (WebCore::FrameView::documentToClientOffset const):

2018-01-11  Youenn Fablet  <youenn@apple.com>

        Replace WebRTCLegacyAPIDisabled by WebRTCLegacyAPIEnabled and switch off WebRTC legacy flag by default
        https://bugs.webkit.org/show_bug.cgi?id=181480

        Reviewed by Eric Carlson.

        No change of behavior.

        * page/RuntimeEnabledFeatures.h: Set default value to false.

2018-01-11  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Attachment Support] Support moving attachment elements in editable areas using drag and drop
        https://bugs.webkit.org/show_bug.cgi?id=181337
        <rdar://problem/36324813>

        Reviewed by Tim Horton.

        Makes slight adjustments to attachment-specific drag and drop logic to ensure that moving attachments via drag
        and drop behaves correctly. See per-change comments for more detail.

        Tests:  WKAttachmentTests.DragInPlaceVideoAttachmentElement
                WKAttachmentTests.MoveAttachmentElementAsIconByDragging
                WKAttachmentTests.MoveInPlaceAttachmentElementByDragging

        * editing/cocoa/EditorCocoa.mm:
        (WebCore::Editor::getPasteboardTypesAndDataForAttachment):

        Stop vending the private web archive pasteboard type for attachments, for now. This works around issues where an
        attachment element that is dragged and dropped within the same page may lose its blob backing data if we try to
        remove and insert it as a fragment from the archive. Providing a web archive would allow us to avoid destroying
        and recreating an attachment element when dragging within the same page, but this is a nice-to-have optimization
        we can re-enable after investigation in a subsequent patch.

        * html/HTMLAttachmentElement.cpp:
        (WebCore::HTMLAttachmentElement::populateShadowRootIfNecessary):

        Add `draggable=false` to the image element of an in-place attachment element.

        * page/DragController.cpp:
        (WebCore::enclosingAttachmentElement):
        (WebCore::DragController::draggableElement const):

        Tweak single-selected-attachment handling to account for in-place attachments. Since the hit-tested node is
        inside the shadow subtree of the attachment element, the condition needs to check for the startElement as well
        as the startElement's shadow host.

        (WebCore::DragController::startDrag):

        Make two tweaks here. First, don't require a RenderAttachment to drag an attachment element (this is required
        for dragging in-place attachments). This was added in r217083 to address <rdar://problem/32282831>, but is no
        longer correct, since attachments may now be displayed in-place.

        Secondly, only restore the previous selection if the attachment is in a richly contenteditable area. This was
        added to prevent the selection highlight from appearing in when dragging non-editable attachment elements in the
        Mail viewer. However, to allow drag moves to occur, we need the selection to persist after drag start.

2018-01-04  Filip Pizlo  <fpizlo@apple.com>

        CodeBlocks should be in IsoSubspaces
        https://bugs.webkit.org/show_bug.cgi?id=180884

        Reviewed by Saam Barati.

        No new tests because no new behavior.
        
        Adopting new parallel constraint API, so that more of the logic of doing parallel
        constraint solving is shared between the DOM's output constraints and JSC's output
        constraints.

        * bindings/js/DOMGCOutputConstraint.cpp:
        (WebCore::DOMGCOutputConstraint::executeImpl):
        (WebCore::DOMGCOutputConstraint::doParallelWorkImpl): Deleted.
        (WebCore::DOMGCOutputConstraint::finishParallelWorkImpl): Deleted.
        * bindings/js/DOMGCOutputConstraint.h:

2018-01-11  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Attachment Support] Support dragging attachment elements out as files on iOS
        https://bugs.webkit.org/show_bug.cgi?id=181199
        <rdar://problem/36299316>

        Reviewed by Tim Horton, Andy Estes and Joseph Pecoraro.

        Adds support for dragging "files" (i.e. creating item providers with preferred attachment presentation styles)
        from attachment elements on iOS for Mail. See below for more detail.

        Tests:  WKAttachmentTestsIOS.DragAttachmentInsertedAsData
                WKAttachmentTestsIOS.DragAttachmentInsertedAsFile

        * page/DragController.cpp:
        (WebCore::DragController::platformContentTypeForBlobType const):
        (WebCore::DragController::dragAttachmentElement):
        * page/DragController.h:
        * page/mac/DragControllerMac.mm:
        (WebCore::DragController::platformContentTypeForBlobType const):

        Add a private method to convert the type of a promised blob to a platform type. For Cocoa platforms, this
        converts the blob type (either a UTI or a MIME type) to a UTI for the platform to consume.

        * platform/ios/WebItemProviderPasteboard.h:
        * platform/ios/WebItemProviderPasteboard.mm:

        Refactor WebItemProviderRegistrationInfo. WebItemProviderRegistrationInfo currently encapsulates a single item
        provider registration call, and contains either a type identifier and data buffer, or an NSItemProviderWriting-
        conformant object. To register an item provider using a WebItemProviderRegistrationInfo, the item provider
        pasteboard currently checks to see whether the info contains an object or a type and data.

        This patch removes WebItemProviderRegistrationInfo and replaces it with WebItemProviderDataRegistrar. Objects
        that implement this protocol know how to take an NSItemProvider and register data to it. So far, there are
        three implementations below.

        (-[WebItemProviderDataRegistrar initWithData:type:]):
        (-[WebItemProviderDataRegistrar typeIdentifier]):
        (-[WebItemProviderDataRegistrar data]):
        (-[WebItemProviderDataRegistrar typeIdentifierForClient]):
        (-[WebItemProviderDataRegistrar dataForClient]):
        (-[WebItemProviderDataRegistrar registerItemProvider:]):
        (-[WebItemProviderDataRegistrar description]):

        A data registrar takes a UTI and data buffer, and registers the UTI to the data. This replaces a
        WebItemProviderRegistrationInfo with both a type and data, but no representing object.

        (-[WebItemProviderWritableObjectRegistrar initWithObject:]):
        (-[WebItemProviderWritableObjectRegistrar representingObjectForClient]):
        (-[WebItemProviderWritableObjectRegistrar registerItemProvider:]):
        (-[WebItemProviderWritableObjectRegistrar description]):

        The writable object registrar writes an NSItemProviderWriting-conformant object to an item provider. This
        replaces a WebItemProviderRegistrationInfo with only a representing object.

        (-[WebItemProviderPromisedFileRegistrar initWithType:callback:]):
        (-[WebItemProviderPromisedFileRegistrar registerItemProvider:]):
        (-[WebItemProviderPromisedFileRegistrar description]):
        (-[WebItemProviderRegistrationInfoList addData:forType:]):
        (-[WebItemProviderRegistrationInfoList addRepresentingObject:]):
        (-[WebItemProviderRegistrationInfoList addPromisedType:fileCallback:]):

        Helper methods to add new registrars to a registration info list.

        (-[WebItemProviderRegistrationInfoList itemAtIndex:]):
        (-[WebItemProviderRegistrationInfoList enumerateItems:]):
        (-[WebItemProviderRegistrationInfoList itemProvider]):
        (-[WebItemProviderRegistrationInfoList description]):
        (-[WebItemProviderRegistrationInfo initWithRepresentingObject:typeIdentifier:data:]): Deleted.
        (-[WebItemProviderRegistrationInfo representingObject]): Deleted.
        (-[WebItemProviderRegistrationInfo typeIdentifier]): Deleted.

2018-01-11  Michael Saboff  <msaboff@apple.com>

        Add a DOM gadget for Spectre testing
        https://bugs.webkit.org/show_bug.cgi?id=181351

        Reviewed by Ryosuke Niwa.

        This change is used to test Spectre mitigations.

        Added a new DOM class to test for Spectre issues in the DOM layer.
        This additional functionality is disabled by default and must be enabled
        through the JSC option "enableSpectreGadgets".

        * CMakeLists.txt:
        * DerivedSources.make:
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/WebCoreBuiltinNames.h:
        * dom/SpectreGadget.cpp: Added.
        (WebCore::SpectreGadget::SpectreGadget):
        (WebCore::SpectreGadget::create):
        (WebCore::SpectreGadget::setReadLength):
        (WebCore::SpectreGadget::charCodeAt):
        (WebCore::SpectreGadget::clflushReadLength):
        * dom/SpectreGadget.h: Added.
        * dom/SpectreGadget.idl: Added.
        * page/RuntimeEnabledFeatures.cpp:
        (WebCore::RuntimeEnabledFeatures::spectreGadgetsEnabled const):
        * page/RuntimeEnabledFeatures.h:

2018-01-11  Philippe Normand  <pnormand@igalia.com>

        [GTK] media/muted-video-is-playing-audio.html is timing out
        https://bugs.webkit.org/show_bug.cgi?id=163781

        Reviewed by Carlos Garcia Campos.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfVideo): Sprinkle some debugging.
        (WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfAudio): Ditto.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::setMuted): Ditto.

2018-01-10  Andy Estes  <aestes@apple.com>

        [Payment Request] Rename ApplePayMerchantValidationEvent to MerchantValidationEvent
        https://bugs.webkit.org/show_bug.cgi?id=181437
        <rdar://problem/36376481>

        Reviewed by Tim Horton.
        
        Renamed ApplePayMerchantValidationEvent to MerchantValidationEvent and changed complete() to accept a Promise.

        Test: http/tests/paymentrequest/payment-request-merchant-validation.https.html

        * DerivedSources.make:
        * Modules/applepay/paymentrequest/ApplePayPaymentHandler.cpp:
        (WebCore::ApplePayPaymentHandler::merchantValidationCompleted):
        (WebCore::ApplePayPaymentHandler::validateMerchant):
        * Modules/applepay/paymentrequest/ApplePayPaymentHandler.h:
        * Modules/paymentrequest/MerchantValidationEvent.cpp: Renamed from Source/WebCore/Modules/applepay/paymentrequest/ApplePayMerchantValidationEvent.cpp.
        (WebCore::MerchantValidationEvent::create):
        (WebCore::MerchantValidationEvent::MerchantValidationEvent):
        (WebCore::MerchantValidationEvent::eventInterface const):
        (WebCore::MerchantValidationEvent::complete):
        * Modules/paymentrequest/MerchantValidationEvent.h: Renamed from Source/WebCore/Modules/applepay/paymentrequest/ApplePayMerchantValidationEvent.h.
        * Modules/paymentrequest/MerchantValidationEvent.idl: Renamed from Source/WebCore/Modules/applepay/paymentrequest/ApplePayMerchantValidationEvent.idl.
        * Modules/paymentrequest/PaymentHandler.h:
        * Modules/paymentrequest/PaymentRequest.cpp:
        (WebCore::PaymentRequest::completeMerchantValidation):
        * Modules/paymentrequest/PaymentRequest.h:
        * Modules/paymentrequest/PaymentRequest.idl:
        * WebCore.xcodeproj/project.pbxproj:
        * dom/EventNames.h:
        * dom/EventNames.in:

2018-01-10  Basuke Suzuki  <Basuke.Suzuki@sony.com>

        [Curl] Cross-protocol, cross-site scripting (XPXSS) using HTML forms
        Nhttps://bugs.webkit.org/show_bug.cgi?id=153088

        Reviewed by Alex Christensen.

        No new tests because it's covered by existing tests.

        * platform/network/curl/CurlContext.cpp:
        (WebCore::CurlHandle::getHttpVersion):
        * platform/network/curl/CurlContext.h:
        * platform/network/curl/CurlRequest.cpp:
        (WebCore::CurlRequest::didReceiveHeader):
        * platform/network/curl/CurlResponse.h:
        (WebCore::CurlResponse::isolatedCopy const):
        * platform/network/curl/ResourceResponseCurl.cpp:
        (WebCore::ResourceResponse::ResourceResponse):
        (WebCore::ResourceResponse::setStatusLine):

2018-01-10  Wenson Hsieh  <wenson_hsieh@apple.com>

        REGRESSION(r222507): Composition highlight doesn't render when using IME
        https://bugs.webkit.org/show_bug.cgi?id=181485
        <rdar://problem/35896516>

        Reviewed by Ryosuke Niwa.

        Fixes the order of arguments passed to paintTextSubrangeBackground from paintCompositionBackground.

        Test: editing/marked-text-appearance.html

        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::paintCompositionBackground):

2018-01-10  Youenn Fablet  <youenn@apple.com>

        Use no-cache fetch mode when loading main documents with location.reload()
        https://bugs.webkit.org/show_bug.cgi?id=181285

        Reviewed by Alex Christensen.

        Covered by rebased tests.

        Start to translate cache policy used for navigation as FetchOptions::Cache.
        This allows ensuring service workers receive the right cache mode when intercepting navigation loads.
        To not change current navigation behavior, ReturnCacheDataElseLoad and ReturnCacheDataDontLoad still trigger default fetch cache mode.

        For Reload and ReloadExpiredOnly frame load types, using no-cache mode is more efficient than reload mode,
        as a conditional request will be sent if possible. This applies to location.reload which is consistent with other browsers.
        Keep reload mode for ReloadFromOrigin.

        * loader/DocumentLoader.cpp:
        (WebCore::toFetchOptionsCache):
        (WebCore::DocumentLoader::loadMainResource):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadFrameRequest):
        (WebCore::FrameLoader::loadURL):
        (WebCore::FrameLoader::load):
        (WebCore::FrameLoader::reload):
        (WebCore::FrameLoader::defaultRequestCachingPolicy):
        (WebCore::FrameLoader::loadDifferentDocumentItem):
        * loader/NavigationScheduler.cpp:

2018-01-10  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r226667 and r226673.
        https://bugs.webkit.org/show_bug.cgi?id=181488

        This caused a flaky crash. (Requested by mlewis13 on #webkit).

        Reverted changesets:

        "CodeBlocks should be in IsoSubspaces"
        https://bugs.webkit.org/show_bug.cgi?id=180884
        https://trac.webkit.org/changeset/226667

        "REGRESSION (r226667): CodeBlocks should be in IsoSubspaces"
        https://bugs.webkit.org/show_bug.cgi?id=180884
        https://trac.webkit.org/changeset/226673

2018-01-10  Antti Koivisto  <antti@apple.com>

        REGRESSION(r225650): The scores of MotionMark tests Multiply and Leaves dropped by 8%
        https://bugs.webkit.org/show_bug.cgi?id=181460
        <rdar://problem/36379776>

        Reviewed by Ryosuke Niwa.

        * css/parser/CSSParser.cpp:
        (WebCore::CSSParserContext::CSSParserContext):

        Don't do the expensive security origin test if the sheet base URL and document URL are identical.
        This is true for inline style and inline stylesheets.

2018-01-10  Antti Koivisto  <antti@apple.com>

        Try to fix windows build.

        * css/RuleFeature.cpp:
        (WebCore::RuleFeatureSet::computeNextMatchElement):

2018-01-10  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderRuby's moveChildren logic to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=181470
        <rdar://problem/36397683>

        Reviewed by Antti Koivisto.

        This is about moving code, no cleanup and/or normalization (unfortunately it also means
        some temporary changes).  

        No change in functionality.

        * rendering/RenderBlockFlow.h:
        * rendering/RenderRubyBase.cpp:
        (WebCore::RenderRubyBase::moveChildren): Deleted.
        (WebCore::RenderRubyBase::mergeChildrenWithBase): Deleted.
        (WebCore::RenderRubyBase::moveInlineChildren): Deleted.
        (WebCore::RenderRubyBase::moveBlockChildren): Deleted.
        * rendering/RenderRubyBase.h:
        * rendering/RenderRubyRun.cpp:
        (WebCore::RenderRubyRun::takeChild):
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::moveRubyChildren):
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderRuby.cpp:
        (WebCore::RenderTreeBuilder::Ruby::moveInlineChildren):
        (WebCore::RenderTreeBuilder::Ruby::moveBlockChildren):
        (WebCore::RenderTreeBuilder::Ruby::moveChildren):
        (WebCore::RenderTreeBuilder::Ruby::moveChildrenInternal):
        (WebCore::RenderTreeBuilder::Ruby::insertChild):
        * rendering/updating/RenderTreeBuilderRuby.h:

2018-01-10  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] fix critical GObject warning

        Rubber-stamped by Carlos Garcia Campos.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::handleMessage): No need to
        resort to complicated things to get the element name...

2018-01-10  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] REGRESSION(r226629): broke media/video-interruption-with-resume-allowing-play.html
        https://bugs.webkit.org/show_bug.cgi?id=181471
        <rdar://problem/36402323>

        Reviewed by Carlos Garcia Campos.

        This patch mainly reduces the amount of playback state changes
        emitted by the GStreamer player to its client. Emitting those
        notifications too often has bad side effects.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::paused const): Add debug messages.
        (WebCore::MediaPlayerPrivateGStreamer::handleMessage): This debug message appears too much. Demote.
        (WebCore::MediaPlayerPrivateGStreamer::maxTimeLoaded const): Ditto.
        (WebCore::MediaPlayerPrivateGStreamer::didLoadingProgress const): Ditto.
        (WebCore::MediaPlayerPrivateGStreamer::updateStates): Try to emit
        playback state change notification only when going to PLAYING.
        (WebCore::MediaPlayerPrivateGStreamer::loadingFailed): Add warning message.

2018-01-10  Youenn Fablet  <youenn@apple.com>

        Add Service Worker CSP persistency
        https://bugs.webkit.org/show_bug.cgi?id=181434

        Reviewed by Alex Christensen.

        Covered by manual testing.
        Future work on service worker test infrastructure should allow automating such tests.

        Add support for service worker CSP data persistency.
        Add a version parameter to increment each time the schema is changing.
        This allows the same store to be used by multiple WebKits.

        * workers/service/server/RegistrationDatabase.cpp:
        (WebCore::v1RecordsTableSchema):
        (WebCore::RegistrationDatabase::openSQLiteDatabase):
        (WebCore::RegistrationDatabase::doPushChanges):
        (WebCore::RegistrationDatabase::importRecords):

2018-01-10  Antti Koivisto  <antti@apple.com>

        Invalidate current element style on class change accurately
        https://bugs.webkit.org/show_bug.cgi?id=181210

        Reviewed by Zalan Bujtas.

        * css/DocumentRuleSets.cpp:
        (WebCore::DocumentRuleSets::collectFeatures const):
        (WebCore::DocumentRuleSets::subjectClassRules const):

            New rule set containing class rules affecting the subject element.

        (WebCore::DocumentRuleSets::ancestorClassRules const):
        * css/DocumentRuleSets.h:
        * css/RuleFeature.cpp:
        (WebCore::RuleFeatureSet::recursivelyCollectFeaturesFromSelector):

            Classify selector components into various buckets based on the elements they match relative to
            the subject element. There are more categories than this patch strictly needs, for future use.

        (WebCore::RuleFeatureSet::collectFeatures):
        (WebCore::RuleFeatureSet::add):
        (WebCore::RuleFeatureSet::clear):
        (WebCore::RuleFeatureSet::shrinkToFit):
        * css/RuleFeature.h:
        * css/StyleResolver.h:
        (WebCore::StyleResolver::hasSelectorForClass const): Deleted.
        * style/ClassChangeInvalidation.cpp:
        (WebCore::Style::elementNeedsInvalidation):
        (WebCore::Style::ClassChangeInvalidation::computeInvalidation):

            Don't invalidate current element unconditionally on class change. Instead find the subject rulesets
            that might affect it use them to perform invalidation.

        (WebCore::Style::ClassChangeInvalidation::invalidateStyleWithRuleSets):
        (WebCore::Style::ClassChangeInvalidation::invalidateStyle): Deleted.
        (WebCore::Style::ClassChangeInvalidation::invalidateDescendantStyle): Deleted.
        * style/ClassChangeInvalidation.h:
        (WebCore::Style::ClassChangeInvalidation::ClassChangeInvalidation):
        (WebCore::Style::ClassChangeInvalidation::~ClassChangeInvalidation):
        * style/StyleSharingResolver.cpp:
        (WebCore::Style::SharingResolver::classNamesAffectedByRules const):

2018-01-09  Antoine Quint  <graouts@apple.com>

        [Web Animations] Expose the id property on Animation
        https://bugs.webkit.org/show_bug.cgi?id=181450
        <rdar://problem/36383600>

        Reviewed by Dean Jackson.

        Expose the "id" property on Animation and handle the "id" property on the optional KeyframeAnimationOptions object
        passed to Element.animate(). All of the WPT tests related to this property are now passing.

        * animation/WebAnimation.h:
        * animation/WebAnimation.idl:
        * dom/Element.cpp:
        (WebCore::Element::animate):

2018-01-09  Chris Dumez  <cdumez@apple.com>

        Make service workers behave correctly with regards to Page Cache
        https://bugs.webkit.org/show_bug.cgi?id=181446
        <rdar://problem/36164291>

        Reviewed by Youenn Fablet.

        Make service workers behave correctly with regards to Page Cache:
        1. If a document has an active service worker, do not let it go into PageCache
        2. When a document goes into page cache, unregister it from the list of service worker clients
        3. When a document is restored from page cache, add it nack to the list of service worker clients

        Tests: http/tests/workers/service/client-added-to-clients-when-restored-from-page-cache.html
               http/tests/workers/service/client-removed-from-clients-while-in-page-cache.html
               http/tests/workers/service/no-page-cache-when-controlled.html
               http/tests/workers/service/other_resources/test.html

        * dom/Document.cpp:
        (WebCore::Document::suspend):
        (WebCore::Document::resume):
        * history/PageCache.cpp:
        (WebCore::canCacheFrame):
        * page/DiagnosticLoggingKeys.cpp:
        (WebCore::DiagnosticLoggingKeys::serviceWorkerKey):
        * page/DiagnosticLoggingKeys.h:

2018-01-09  Chris Dumez  <cdumez@apple.com>

        We should not return undefined for most properties of a detached Window
        https://bugs.webkit.org/show_bug.cgi?id=181416
        <rdar://problem/36162489>

        Reviewed by Ryosuke Niwa.

        We should not return undefined for most properties on a detached Window. WebKit previously only exposed "closed"
        and "close" properties on detached / frameless windows. However, this does not match the HTML specification [1]
        or the behavior of Firefox and Chrome.

        Note that Chrome does not seem to fully follow the HTML specification either, it seems to treat detached windows
        the same way as cross-origin ones. As a result, it only exposed properties that are visible cross-origin when
        a window is detached / frameless.

        [1] https://html.spec.whatwg.org/#windowproxy-get

        No new tests, updated existingt tests.

        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::jsDOMWindowGetOwnPropertySlotRestrictedAccess):
        (WebCore::JSDOMWindow::getOwnPropertySlot):
        (WebCore::JSDOMWindow::getOwnPropertySlotByIndex):

2018-01-09  Darin Adler  <darin@apple.com>

        Further refinement to list item and counter code after "list-item" counter fix
        https://bugs.webkit.org/show_bug.cgi?id=181426

        Reviewed by Zalan Bujtas.

        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyInheritCounter): Use auto.
        (WebCore::StyleBuilderCustom::applyValueCounter): Use auto, removed unneeded
        null checks for things that can never be null, moved the saturated addition
        here and got rid of the addIncrementValue function from CounterDirectives.
        Use the saturatedAddition function from SaturatedArithmetic.h instead of the
        much less efficient one that did the same thing, CounterDirectives::addClamped.

        * rendering/RenderCounter.cpp:
        (WebCore::listItemCounterDirectives): Use aggregate syntax for the return
        statements.
        (WebCore::planCounter): Changed to use a struct return value instead of two
        out arguments. Use the saturatedAddition function from SaturatedArithmetic.h
        instead of the much less efficient one that did the same thing,
        CounterDirectives::addClamped.
        (WebCore::findPlaceForCounter): Changed to use a struct return value instead
        of two out arguments.
        (WebCore::makeCounterNode): Updated for the above changes. Changed code to
        use add instead of both get and set. Updated to keep the counter maps inside
        the values of the "map of maps" instead of using a unique_ptr and allocating
        each one on the heap.
        (WebCore::destroyCounterNodeWithoutMapRemoval): Changed argument to a reference
        instead of a pointer. Updated for changes to the map. Use RefPtr more
        consistently.
        (WebCore::RenderCounter::destroyCounterNodes): Use iterators less.
        (WebCore::RenderCounter::destroyCounterNode): Ditto.
        (WebCore::RenderCounter::rendererRemovedFromTree): Add a check of
        hasCounterNodeMap here before calling destroyCounterNodes, so that function
        can assume the flag is true (both other callers already check it).
        (WebCore::updateCounters): Use auto and update for changes above.
        (WebCore::RenderCounter::rendererStyleChanged): Use modern for loops instead
        of iterators.
        (showCounterRendererTree): Use auto and udpate for changes above.

        * rendering/RenderListItem.cpp:
        (WebCore::enclosingList): Stop referring to elements as "nodes". Changed
        the local variable names for clarity.
        (WebCore::nextListItemHelper): Renamed from nextListItem since it's not
        intended to be called directly and we want to use a function pointer to
        nextListItem. Fixed the algorithm to correctly handle ad hoc "lists" that
        are not actually HTML list elements, using the definition in the enclosingList
        function as the previousListItem function already did.
        (WebCore::nextListItem): Updated for name changes.
        (WebCore::firstListItem): Renamed from nextListItem for clarity.
        (WebCore::previousListItem): Rewrote loop so it doesn't have to do things
        so strangely when we find another list.
        (WebCore::RenderListItem::updateItemValuesForOrderedList): Use auto and
        update local variable names.
        (WebCore::RenderListItem::itemCountForOrderedList): Ditto.
        (WebCore::RenderListItem::updateValueNow const): Rewrote to use an iterative
        algorithm instead of a recursive one. Fixes the FIXME here.
        (WebCore::RenderListItem::updateValue): Use m_valueWasSetExplicitly
        instead of m_explicitValue.
        (WebCore::RenderListItem::explicitValueChanged): Use auto and simplified
        the loop a bit.
        (WebCore::RenderListItem::setExplicitValue): Set m_valueWasSetExplicitly
        instead of m_explicitValue.
        (WebCore::previousOrNextItem): Deleted.
        (WebCore::RenderListItem::updateListMarkerNumbers): Streamlined the loop
        a bit and used a fucntion pointer to handle the two different directions.
        (WebCore::RenderListItem::isInReversedOrderedList const): Simplified by
        getting rid of an unneeded use of pointers and local variables.

        * rendering/RenderListItem.h: Use a boolean, m_valueWasSetExplicitly,
        instead of a separate optional m_explicitValue.

        * rendering/style/CounterDirectives.h: Since all the code in this file was
        rewritten, removed old copyrights. Deleted the addIncrementValue function,
        since it is clear enough in the one call site in the style builder.
        Deleted the addClamped function because it was just a much slower
        version of the saturatedAddition function. Made == and != into constexpr
        functions since they are simple enough to be.

        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::getCounterDirectives const): Deleted. Caller can
        handle this just fine without a helper function.
        * rendering/style/RenderStyle.h: Ditto.

2018-01-09  Myles C. Maxfield  <mmaxfield@apple.com>

        font-display:fallback can cause a visual flash (which is supposed to be impossible)
        https://bugs.webkit.org/show_bug.cgi?id=181374

        Reviewed by Simon Fraser.

        A FontCascade represents an entire font-family fallback list, but sometimes we need to pull out a single
        representative font from the list to calculate things like line height. Previously, if the first item in
        the font-family list was in the middle of being downloaded, this representative font was hardcoded to be
        Times. However, when actually laying out and drawing the glyphs, we have logic to skip the interstitial
        Times if there are any installed fonts present in the font-family list (so you wouldn't ever actually
        see Times). This means that line height (among other things) was being calculated as if Times was used,
        but in reality, some other font from the font-family list was being used.

        Alone, this isn't a huge problem, but font-display:fallback makes a font transition between "timed out"
        and "failed," and when the font hits the failed state, the representative font skips over the cancelled
        item and hits the next item in the fallback list. This means that line heights will change, which causes
        a visual flash, even when font-display:fallback is specified.

        The solution is simply to educate the logic which identifies this representative font so that it
        understands what to do for currently-loading fonts.

        Tests: fast/text/font-display/swap-flash.html

        * platform/graphics/FontCascadeFonts.h:
        (WebCore::FontCascadeFonts::primaryFont):
        * rendering/line/BreakingContext.h:
        (WebCore::textWidth):

2018-01-04  Filip Pizlo  <fpizlo@apple.com>

        CodeBlocks should be in IsoSubspaces
        https://bugs.webkit.org/show_bug.cgi?id=180884

        Reviewed by Saam Barati.

        No new tests because no new behavior.
        
        Adopting new parallel constraint API, so that more of the logic of doing parallel
        constraint solving is shared between the DOM's output constraints and JSC's output
        constraints.

        * bindings/js/DOMGCOutputConstraint.cpp:
        (WebCore::DOMGCOutputConstraint::executeImpl):
        (WebCore::DOMGCOutputConstraint::doParallelWorkImpl): Deleted.
        (WebCore::DOMGCOutputConstraint::finishParallelWorkImpl): Deleted.
        * bindings/js/DOMGCOutputConstraint.h:

2018-01-08  Simon Fraser  <simon.fraser@apple.com>

        Clean up Marquee-related enums
        https://bugs.webkit.org/show_bug.cgi?id=181347

        Reviewed by Anders Carlsson.

        Modernize EMarqueeBehavior and EMarqueeDirection enums. Stop using the weird negative
        values in the MarqueeDirection and do manual reverse direction mapping.

        Make some member functions of RenderMarquee private.

        Stop using bitfields in RenderMarquee because the memory saving is not worth it, and doing so
        allows us to use modern initialization.

        No behavior change.

        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
        (WebCore::CSSPrimitiveValue::operator MarqueeBehavior const):
        (WebCore::CSSPrimitiveValue::operator MarqueeDirection const):
        (WebCore::CSSPrimitiveValue::operator EMarqueeBehavior const): Deleted.
        (WebCore::CSSPrimitiveValue::operator EMarqueeDirection const): Deleted.
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::adjustRenderStyle):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::sizesLogicalWidthToFitContent const):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::calculateClipRects const):
        * rendering/RenderMarquee.cpp:
        (WebCore::RenderMarquee::RenderMarquee):
        (WebCore::reverseDirection):
        (WebCore::RenderMarquee::direction const):
        (WebCore::RenderMarquee::isHorizontal const):
        (WebCore::RenderMarquee::computePosition):
        (WebCore::RenderMarquee::start):
        (WebCore::RenderMarquee::updateMarqueePosition):
        (WebCore::RenderMarquee::updateMarqueeStyle):
        (WebCore::RenderMarquee::timerFired):
        * rendering/RenderMarquee.h:
        * rendering/style/RenderStyle.h:
        (WebCore::RenderStyle::marqueeBehavior const):
        (WebCore::RenderStyle::marqueeDirection const):
        (WebCore::RenderStyle::setMarqueeDirection):
        (WebCore::RenderStyle::setMarqueeBehavior):
        (WebCore::RenderStyle::initialMarqueeBehavior):
        (WebCore::RenderStyle::initialMarqueeDirection):
        * rendering/style/RenderStyleConstants.h:
        * rendering/style/StyleMarqueeData.cpp:
        (WebCore::StyleMarqueeData::StyleMarqueeData):
        * rendering/style/StyleMarqueeData.h:

2018-01-09  Jer Noble  <jer.noble@apple.com>

        Many CVDisplayLink threads created and destroyed while watching a YouTube video
        https://bugs.webkit.org/show_bug.cgi?id=181396

        Reviewed by Simon Fraser.

        When watching some YouTube videos (or any video with default controls), event handlers for
        the "timeupdate" event which use rAF will cause the underlying platform objects to be
        destroyed in between "timeupdate" events being fired, since they occur every 250ms, and rAF
        objects are destroyed every 166ms (or 10/60hz). Update this constant to destroy the
        underlying objects every 333ms (or 20/60hz) so that this common pattern doesn't lead to
        excessive rAF platform object turnover.

        * platform/Logging.h:
        * platform/graphics/DisplayRefreshMonitor.h:
        (WebCore::DisplayRefreshMonitor::shouldBeTerminated const):
        * platform/graphics/DisplayRefreshMonitor.cpp:
        (WebCore::DisplayRefreshMonitor::displayDidRefresh):
        * platform/graphics/DisplayRefreshMonitorManager.cpp:
        (WebCore::DisplayRefreshMonitorManager::createMonitorForClient):
        (WebCore::DisplayRefreshMonitorManager::displayDidRefresh):

2018-01-09  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderElement addChild mutation logic to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=181451
        <rdar://problem/36385562>

        Reviewed by Antti Koivisto.

        This is about moving code, no cleanup and/or normalization (unfortunately it also means
        some temporary changes).  

        No change in functionality.

        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::addChild):
        (WebCore::RenderElement::childRequiresTable const): Deleted.
        * rendering/RenderElement.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::insertChildToRenderElement):
        (WebCore::RenderTreeBuilder::childRequiresTable):
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderInline.cpp:
        (WebCore::RenderTreeBuilder::Inline::insertChildToContinuation):
        (WebCore::RenderTreeBuilder::Inline::insertChildIgnoringContinuation):
        (WebCore::RenderTreeBuilder::Inline::newChildIsInline):
        (WebCore::newChildIsInline): Deleted.
        * rendering/updating/RenderTreeBuilderInline.h:

2018-01-09  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r226531.

        This caused test failures on macOS WK2.

        Reverted changeset:

        "Use no-cache fetch mode when loading main documents with
        location.reload()"
        https://bugs.webkit.org/show_bug.cgi?id=181285
        https://trac.webkit.org/changeset/226531

2018-01-09  Michael Saboff  <msaboff@apple.com>

        Unreviewed, rolling out r226600 and r226603
        https://bugs.webkit.org/show_bug.cgi?id=181351

        Add a DOM gadget for Spectre testing

        * dom/Comment.cpp:
        (WebCore::Comment::Comment):
        (WebCore::Comment::setReadLength): Deleted.
        (WebCore::Comment::charCodeAt): Deleted.
        (WebCore::Comment::clflushReadLength): Deleted.
        * dom/Comment.h:
        * dom/Comment.idl:
        * page/RuntimeEnabledFeatures.cpp:
        (WebCore::RuntimeEnabledFeatures::spectreGadgetsEnabled const): Deleted.
        * page/RuntimeEnabledFeatures.h:

2018-01-09  Don Olmstead  <don.olmstead@sony.com>

        Add additional WEBCORE_EXPORTs
        https://bugs.webkit.org/show_bug.cgi?id=181414

        Reviewed by Alex Christensen.

        No new tests. No change in behavior.

        * dom/Document.h:
        * dom/ViewportArguments.h:
        * page/DOMWindow.h:
        * page/FrameView.h:
        * page/PageOverlayController.h:
        * platform/ContextMenuItem.h:
        * platform/Pasteboard.h:
        * platform/SharedBuffer.h:
        * platform/UserAgent.h:
        * platform/graphics/GLContext.h:
        * platform/graphics/GraphicsContext.h:
        * platform/graphics/GraphicsLayerTransform.h:
        * platform/graphics/PlatformDisplay.h:
        * platform/graphics/cairo/BackingStoreBackendCairoImpl.h:
        * platform/graphics/cairo/PlatformContextCairo.h:
        * platform/graphics/cairo/RefPtrCairo.h:
        * platform/graphics/nicosia/NicosiaBuffer.h:
        * platform/graphics/nicosia/NicosiaPaintingEngine.h:
        * platform/graphics/texmap/TextureMapper.h:
        * platform/graphics/texmap/TextureMapperAnimation.h:
        * platform/graphics/texmap/TextureMapperBackingStore.h:
        * platform/graphics/texmap/TextureMapperFPSCounter.h:
        * platform/graphics/texmap/TextureMapperLayer.h:
        (WebCore::TextureMapperLayer::TextureMapperLayer): Deleted.
        (WebCore::TextureMapperLayer::setID): Deleted.
        (WebCore::TextureMapperLayer::id): Deleted.
        (WebCore::TextureMapperLayer:: const): Deleted.
        (WebCore::TextureMapperLayer::setScrollClient): Deleted.
        (WebCore::TextureMapperLayer::setIsScrollable): Deleted.
        (WebCore::TextureMapperLayer::isScrollable const): Deleted.
        (WebCore::TextureMapperLayer::textureMapper const): Deleted.
        (WebCore::TextureMapperLayer::setTextureMapper): Deleted.
        (WebCore::TextureMapperLayer::drawsContent const): Deleted.
        (WebCore::TextureMapperLayer::contentsAreVisible const): Deleted.
        (WebCore::TextureMapperLayer::size const): Deleted.
        (WebCore::TextureMapperLayer::opacity const): Deleted.
        (WebCore::TextureMapperLayer::transform const): Deleted.
        (WebCore::TextureMapperLayer::hasFilters const): Deleted.
        (WebCore::TextureMapperLayer::isShowingRepaintCounter const): Deleted.
        (WebCore::TextureMapperLayer::fixedToViewport const): Deleted.
        (WebCore::TextureMapperLayer::rootLayer const): Deleted.
        (WebCore::TextureMapperLayer::texture): Deleted.
        (WebCore::TextureMapperLayer::adjustedPosition const): Deleted.
        (WebCore::TextureMapperLayer::layerRect const): Deleted.
        (WebCore::TextureMapperLayer::State::State): Deleted.
        * platform/graphics/texmap/TextureMapperPlatformLayerProxy.h:
        * platform/graphics/texmap/TextureMapperTile.h:
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
        (WebCore::CoordinatedGraphicsLayer::isScrollable const): Deleted.
        (WebCore::CoordinatedGraphicsLayer::id const): Deleted.
        (WebCore::CoordinatedGraphicsLayer::coverRect const): Deleted.
        (WebCore::CoordinatedGraphicsLayer::fixedToViewport const): Deleted.
        * platform/graphics/texmap/coordinated/CoordinatedImageBacking.h:
        (WebCore::CoordinatedImageBacking::id const): Deleted.
        * platform/graphics/texmap/coordinated/TiledBackingStore.h:
        * platform/graphics/texmap/coordinated/UpdateAtlas.h:
        * platform/network/AuthenticationChallengeBase.h:
        * platform/network/CredentialBase.h:
        * platform/network/ProtectionSpaceBase.h:
        * platform/network/curl/SocketStreamHandleImpl.h:
        * replay/UserInputBridge.h:

2018-01-09  Basuke Suzuki  <Basuke.Suzuki@sony.com>

        [Curl] Move FormData related tasks into new CurlFormDataStream class.
        https://bugs.webkit.org/show_bug.cgi?id=181106

        Reviewed by Alex Christensen.

        No new tests because no behavior change.

        * platform/Curl.cmake:
        * platform/network/curl/CurlFormDataStream.cpp: Added.
        (WebCore::CurlFormDataStream::CurlFormDataStream):
        (WebCore::CurlFormDataStream::~CurlFormDataStream):
        (WebCore::CurlFormDataStream::clean):
        (WebCore::CurlFormDataStream::shouldUseChunkTransfer):
        (WebCore::CurlFormDataStream::totalSize):
        (WebCore::CurlFormDataStream::computeContentLength):
        (WebCore::CurlFormDataStream::read):
        (WebCore::CurlFormDataStream::readFromFile):
        (WebCore::CurlFormDataStream::readFromData):
        * platform/network/curl/CurlFormDataStream.h: Renamed from Source/WebCore/platform/network/curl/FormDataStreamCurl.h.
        (WebCore::CurlFormDataStream::elementSize):
        (WebCore::CurlFormDataStream::totalReadSize):
        * platform/network/curl/CurlRequest.cpp:
        (WebCore::CurlRequest::CurlRequest):
        (WebCore::CurlRequest::willSendData):
        (WebCore::CurlRequest::finalizeTransfer):
        (WebCore::CurlRequest::setupPUT):
        (WebCore::CurlRequest::setupPOST):
        (WebCore::CurlRequest::setupSendData):
        (WebCore::CurlRequest::resolveBlobReferences): Deleted.
        (WebCore::CurlRequest::setupFormData): Deleted.
        * platform/network/curl/CurlRequest.h:
        * platform/network/curl/FormDataStreamCurl.cpp: Removed.

2018-01-09  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move MathML addChild logic to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=181443
        <rdar://problem/36380228>

        Reviewed by Antti Koivisto.

        This is about moving code, no cleanup and/or normalization (unfortunately it also means
        some temporary changes).  

        No change in functionality.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * rendering/mathml/RenderMathMLFenced.cpp:
        (WebCore::RenderMathMLFenced::addChild):
        (WebCore::RenderMathMLFenced::createMathMLOperator): Deleted.
        (WebCore::RenderMathMLFenced::makeFences): Deleted.
        * rendering/mathml/RenderMathMLFenced.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::RenderTreeBuilder):
        (WebCore::RenderTreeBuilder::insertChildToRenderMathMLFenced):
        * rendering/updating/RenderTreeBuilder.h:
        (WebCore::RenderTreeBuilder::mathMLBuilder):

2018-01-09  Antti Koivisto  <antti@apple.com>

        Blank page except for inner iframes because pending stylesheets cause style.isNotFinal() to be true
        https://bugs.webkit.org/show_bug.cgi?id=180940
        <rdar://problem/36116507>

        Reviewed by Darin Adler.

        Test: http/tests/local/loading-stylesheet-import-remove.html

        If a <link> referencing a stylesheet containing an @import that was still loading was removed
        from the document, the loading state was never cleared. For head stylesheets this blocked
        rendering permanently.

        Test reduction by Justin Ridgewell.

        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::removedFromAncestor):

        Test if the stylesheet it loading before clearing the pointer.

2018-01-09  Dan Bernstein  <mitz@apple.com>

        Removed some empty directories that were left behind

        * Modules/indieui: Removed.
        * Modules/vibration: Removed.
        * platform/graphics/ca/mac: Removed.
        * platform/mediastream/gstreamer: Removed.

2018-01-09  Antoine Quint  <graouts@apple.com>

        Refactor timing function solving code
        https://bugs.webkit.org/show_bug.cgi?id=181428

        Reviewed by Dean Jackson.

        We have duplicated code to solve "cubic" and "steps" timing functions in AnimationBase and TextureMapperAnimation,
        and we will soon need similar code to deal with timing functions in Web Animations. We move this code into TimingFunction
        with a single transformTime() function that can be called directly on the timing function rather than having callers
        figure out what type timing functions are to solve them.

        No test as there shouldn't be any behavior change.

        * page/animation/AnimationBase.cpp:
        (WebCore::AnimationBase::progress const):
        (WebCore::solveEpsilon): Deleted.
        (WebCore::solveCubicBezierFunction): Deleted.
        (WebCore::solveStepsFunction): Deleted.
        (WebCore::solveSpringFunction): Deleted.
        * platform/animation/TimingFunction.cpp:
        (WebCore::TimingFunction::transformTime const):
        * platform/animation/TimingFunction.h:
        * platform/graphics/texmap/TextureMapperAnimation.cpp:
        (WebCore::TextureMapperAnimation::apply):
        (WebCore::solveEpsilon): Deleted.
        (WebCore::solveCubicBezierFunction): Deleted.
        (WebCore::solveStepsFunction): Deleted.
        (WebCore::applyTimingFunction): Deleted.

2018-01-09  Michael Catanzaro  <mcatanzaro@igalia.com>

        Unreviewed, silence -Wunused-parameter warning

        * testing/js/WebCoreTestSupport.cpp:
        (WebCoreTestSupport::setupNewlyCreatedServiceWorker):

2018-01-09  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Check Image::m_image is not null in ImageLoader::decode()
        https://bugs.webkit.org/show_bug.cgi?id=180386
        <rdar://problem/34634483>

        Reviewed by Tim Horton.

        Ensure ImageLoader::m_image is not null before referencing it.

        * loader/ImageLoader.cpp:
        (WebCore::ImageLoader::decode):

2018-01-09  Yusuke Suzuki  <utatane.tea@gmail.com>

        [FreeType] Use FastMalloc for FreeType
        https://bugs.webkit.org/show_bug.cgi?id=181387

        Reviewed by Michael Catanzaro.

        Add custom memory allocator for FreeType to use FastMalloc.

        * platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp:
        (WebCore::initializeFreeTypeLibrary):
        (WebCore::createFontCustomPlatformData):

2018-01-09  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderTable* addChild mutation logic to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=181424
        <rdar://problem/36368628>

        Reviewed by Antti Koivisto.

        This is about moving code, no cleanup and/or normalization (unfortunately it also means
        some temporary changes).  

        Covered by existing tests.

        * rendering/RenderTable.cpp:
        (WebCore::RenderTable::addChild):
        * rendering/RenderTableRow.cpp:
        (WebCore::RenderTableRow::addChild):
        * rendering/RenderTableSection.cpp:
        (WebCore::RenderTableSection::addChild):
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::insertChildToRenderTable):
        (WebCore::RenderTreeBuilder::insertChildToRenderTableSection):
        (WebCore::RenderTreeBuilder::insertChildToRenderTableRow):
        * rendering/updating/RenderTreeBuilder.h:
        * rendering/updating/RenderTreeBuilderTable.cpp:
        (WebCore::RenderTreeBuilder::Table::insertChild):
        * rendering/updating/RenderTreeBuilderTable.h:

2018-01-09  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Transition Render*::addChild() calls to RenderTreeBuilder::insertChildToRender*()
        https://bugs.webkit.org/show_bug.cgi?id=181407
        <rdar://problem/36361176>

        Reviewed by Antti Koivisto.

        Eventually all mutation will be going through the RenderTreeBuilder.

        No change in functionality.

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::addChild):
        * rendering/RenderMultiColumnFlow.cpp:
        (WebCore::RenderMultiColumnFlow::processPossibleSpannerDescendant):
        * rendering/RenderRubyRun.cpp:
        (WebCore::RenderRubyRun::rubyBaseSafe):
        * rendering/updating/RenderTreeBuilderBlockFlow.cpp:
        (WebCore::RenderTreeBuilder::BlockFlow::insertChild):
        * rendering/updating/RenderTreeBuilderMultiColumn.cpp:
        (WebCore::RenderTreeBuilder::MultiColumn::createFragmentedFlow):
        * rendering/updating/RenderTreeBuilderRuby.cpp:
        (WebCore::RenderTreeBuilder::Ruby::findOrCreateParentForChild):

2018-01-09  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] Ensure SleepDisabler is not held by pages in page cache
        https://bugs.webkit.org/show_bug.cgi?id=180197

        Reviewed by Eric Carlson.

        The sleep disabler is now checked again whenever the media player
        playback state or other characteristic has changed in the media
        engine.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaPlayerPlaybackStateChanged):
        Check if the sleep disabler state needs to be updated or not.
        (WebCore::HTMLMediaElement::mediaPlayerCharacteristicChanged): Ditto.
        (WebCore::HTMLMediaElement::shouldDisableSleep const): Enable
        sleep disabler for GTK and WPE ports.

2018-01-09  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] Missing notifications to player client
        https://bugs.webkit.org/show_bug.cgi?id=181432

        Reviewed by Carlos Garcia Campos.

        We now properly emit playback state changes and characteristic
        updates to the client when the pipeline state changes and when
        audio/video tracks changes are detected.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::playbackPosition const):
        This debug message appears too often in logs. Demote.
        (WebCore::MediaPlayerPrivateGStreamer::durationMediaTime const): Ditto.
        (WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfVideo): Emit
        charasteristicChanged notification.
        (WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfAudio): Ditto.
        (WebCore::MediaPlayerPrivateGStreamer::updateStates): Keep track
        of old and current pipeline state.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:


2018-01-09  Youenn Fablet  <youenn@apple.com>

        Add CSP support to service workers
        https://bugs.webkit.org/show_bug.cgi?id=181385

        Reviewed by Chris Dumez.

        Covered by rebased tests.

        Added recovery of CSP information from WorkerScriptLoader.
        Added plumbing to pass the CSP information to Service Workers.
        Did not add persistency support for the CSP information as this requires changing the SQL database schema.
        This will be done in a follow-up.

        * workers/WorkerScriptLoader.cpp:
        (WebCore::WorkerScriptLoader::loadAsynchronously):
        (WebCore::WorkerScriptLoader::didReceiveResponse):
        * workers/WorkerScriptLoader.h:
        (WebCore::WorkerScriptLoader::contentSecurityPolicy const):
        * workers/service/SWClientConnection.cpp:
        (WebCore::SWClientConnection::finishedFetchingScript):
        (WebCore::SWClientConnection::failedFetchingScript):
        * workers/service/SWClientConnection.h:
        * workers/service/ServiceWorkerContainer.cpp:
        (WebCore::ServiceWorkerContainer::addRegistration):
        (WebCore::ServiceWorkerContainer::jobFailedWithException):
        (WebCore::ServiceWorkerContainer::jobResolvedWithRegistration):
        (WebCore::ServiceWorkerContainer::jobFinishedLoadingScript):
        * workers/service/ServiceWorkerContainer.h:
        * workers/service/ServiceWorkerContextData.cpp:
        (WebCore::ServiceWorkerContextData::isolatedCopy const):
        * workers/service/ServiceWorkerContextData.h:
        (WebCore::ServiceWorkerContextData::encode const):
        (WebCore::ServiceWorkerContextData::decode):
        * workers/service/ServiceWorkerFetchResult.h:
        (WebCore::ServiceWorkerFetchResult::encode const):
        (WebCore::ServiceWorkerFetchResult::decode):
        * workers/service/ServiceWorkerGlobalScope.cpp:
        (WebCore::ServiceWorkerGlobalScope::create):
        * workers/service/ServiceWorkerGlobalScope.h:
        * workers/service/ServiceWorkerJob.cpp:
        (WebCore::ServiceWorkerJob::notifyFinished):
        * workers/service/ServiceWorkerJobClient.h:
        * workers/service/context/ServiceWorkerThread.cpp:
        (WebCore::ServiceWorkerThread::ServiceWorkerThread):
        (WebCore::ServiceWorkerThread::createWorkerGlobalScope):
        * workers/service/server/RegistrationDatabase.cpp:
        (WebCore::v1RecordsTableSchema):
        (WebCore::RegistrationDatabase::importRecords):
        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::updateWorker):
        (WebCore::SWServer::installContextData):
        * workers/service/server/SWServer.h:
        * workers/service/server/SWServerJobQueue.cpp:
        (WebCore::SWServerJobQueue::scriptFetchFinished):
        * workers/service/server/SWServerWorker.cpp:
        (WebCore::SWServerWorker::SWServerWorker):
        (WebCore::m_contentSecurityPolicy):
        (WebCore::SWServerWorker::contextData const):
        * workers/service/server/SWServerWorker.h:

2018-01-09  Antoine Quint  <graouts@apple.com>

        Provide a method to obtain a CSS value from a RenderStyle by CSSPropertyID
        https://bugs.webkit.org/show_bug.cgi?id=181429

        Reviewed by Antti Koivisto.

        The KeyframeEffect.getKeyframes() method from Web Animations requires that we return all styles applied at a given
        animation effect keyframe. When we parse keyframes, we create RenderStyle objects that are stored in a KeyframeList,
        as well as a list of CSSPropertyIDs that are animated. In order to provide the list of animated properties and their
        values when calling getKeyframes(), we need to be able to read back from the RenderStyle we create. As a first step
        towards this goal, we factor some code in ComputedStyleExtractor::propertyValue() out into a new method
        ComputedStyleExtractor::valueForPropertyinStyle() which takes in an explicit RenderStyle.

        No test as this is simply refactoring that doesn't change or add behavior.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::propertyValue):
        (WebCore::ComputedStyleExtractor::valueForPropertyinStyle):
        * css/CSSComputedStyleDeclaration.h:

2018-01-09  Youenn Fablet  <youenn@apple.com>

        SWClientConnection should not keep references to service worker jobs
        https://bugs.webkit.org/show_bug.cgi?id=181381

        Reviewed by Chris Dumez.

        Difficult to test determiniscally but corresponding crash log should no longer happen in debug builds.

        Stopped passing ServiceWorkerJob references from ServiceWorkerContainer (potentially in service worker thread) to SWClientConnection (main thread).
        Instead pass job identifiers and related data to the main thread.

        Minor refactoring to use ServiceWorkerJobIdentifier instead of ServiceWorkerJobDataIdentifier which contains more data than needed.

        * workers/service/SWClientConnection.cpp:
        (WebCore::SWClientConnection::scheduleJob):
        (WebCore::SWClientConnection::failedFetchingScript):
        (WebCore::SWClientConnection::postTaskForJob):
        (WebCore::SWClientConnection::jobRejectedInServer):
        (WebCore::SWClientConnection::registrationJobResolvedInServer):
        (WebCore::SWClientConnection::unregistrationJobResolvedInServer):
        (WebCore::SWClientConnection::startScriptFetchForServer):
        (WebCore::SWClientConnection::clearPendingJobs):
        (WebCore::SWClientConnection::finishedFetchingScript): Deleted.
        * workers/service/SWClientConnection.h:
        * workers/service/ServiceWorkerContainer.cpp:
        (WebCore::ServiceWorkerContainer::scheduleJob):
        (WebCore::ServiceWorkerContainer::startScriptFetchForJob):
        (WebCore::ServiceWorkerContainer::jobFinishedLoadingScript):
        (WebCore::ServiceWorkerContainer::jobFailedLoadingScript):
        * workers/service/ServiceWorkerContainer.h:
        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::rejectJob):
        (WebCore::SWServer::resolveRegistrationJob):
        (WebCore::SWServer::resolveUnregistrationJob):
        (WebCore::SWServer::startScriptFetch):
        * workers/service/server/SWServer.h:

2018-01-09  Carlos Garcia Campos  <cgarcia@igalia.com>

        REGRESSION(r224460): Text fields sometimes get "messed up"
        https://bugs.webkit.org/show_bug.cgi?id=181115

        Reviewed by Zalan Bujtas.

        Add the scroll position to paint offset before computing the clip rectangle. Before r224460, scroll position was
        substracted after the clip rectangle was computed.

        * rendering/LayoutState.cpp:
        (WebCore::LayoutState::computeClipRect):

2018-01-09  Ali Juma  <ajuma@chromium.org>

        Implement VisualViewport API events
        https://bugs.webkit.org/show_bug.cgi?id=179386

        Reviewed by Frédéric Wang.

        Implement the events (resize and scroll) defined by the Visual Viewport API
        (https://wicg.github.io/visual-viewport/#events).

        This is behind the VisualViewportAPI experimental feature flag.

        In order to detect when events need to be fired, change the computation of
        Visual Viewport attributes to happen whenever the layout viewport is updated
        rather than only on-demand.

        Tests: fast/visual-viewport/resize-event-fired-window-resized.html
               fast/visual-viewport/resize-event-fired.html
               fast/visual-viewport/scroll-event-fired.html

        * dom/Document.cpp:
        (WebCore::Document::addListenerTypeIfNeeded):
        Add support for tracking resize event listeners.
        * dom/Document.h:
        * dom/DocumentEventQueue.cpp:
        (WebCore::DocumentEventQueue::enqueueOrDispatchScrollEvent):
        (WebCore::DocumentEventQueue::enqueueScrollEvent):
        Factored out of enqueueOrDispatchScrollEvent so that this logic can be reused
        for Visual Viewport scroll events.
        (WebCore::DocumentEventQueue::enqueueResizeEvent):
        (WebCore::DocumentEventQueue::pendingEventTimerFired):
        * dom/DocumentEventQueue.h:
        * page/FrameView.cpp:
        (WebCore::FrameView::updateLayoutViewport):
        * page/VisualViewport.cpp:
        (WebCore::VisualViewport::addEventListener):
        (WebCore::layoutIfNonNull):
        (WebCore::VisualViewport::offsetLeft const):
        Remove attribute computation logic since this now happens during update().
        (WebCore::VisualViewport::offsetTop const): Ditto.
        (WebCore::VisualViewport::pageLeft const): Ditto.
        (WebCore::VisualViewport::pageTop const): Ditto.
        (WebCore::VisualViewport::width const): Ditto.
        (WebCore::VisualViewport::height const): Ditto.
        (WebCore::VisualViewport::scale const):
        (WebCore::VisualViewport::update):
        Added. Computes all of the Visual Viewport attributes and determines
        whether events need to be fired.
        (WebCore::VisualViewport::enqueueResizeEvent):
        (WebCore::VisualViewport::enqueueScrollEvent):
        (WebCore::getFrameViewAndLayoutIfNonNull): Deleted.
        * page/VisualViewport.h:

2018-01-09  Yacine Bandou  <yacine.bandou_ext@softathome.com>

        [EME] Add the CENC initData support in ClearKey CDM
        https://bugs.webkit.org/show_bug.cgi?id=180081

        Reviewed by Xabier Rodriguez-Calvar.

        Add the "cenc" initDataType support in ClearKey CDM.
        Parse the CENC initData and extract the KIDs by following the W3C spec
        https://www.w3.org/TR/eme-initdata-cenc/#common-system

        Tests: media/encrypted-media/clearKey/clearKey-message-cenc-event.html
               media/encrypted-media/clearKey/clearKey-message-cenc-event-mse.html

        * platform/encryptedmedia/clearkey/CDMClearKey.cpp:
        (WebCore::extractKeyidsLocationFromCencInitData):
        (WebCore::isCencInitData):
        (WebCore::extractKeyidsFromCencInitData):
        (WebCore::CDMPrivateClearKey::supportsInitDataType const):
        (WebCore::CDMPrivateClearKey::supportsInitData const):
        (WebCore::CDMInstanceClearKey::requestLicense):

2018-01-09  Zan Dobersek  <zdobersek@igalia.com>

        [Cairo] Pass state values directly to Cairo operations
        https://bugs.webkit.org/show_bug.cgi?id=181389

        Reviewed by Carlos Garcia Campos.

        Instead of passing reference to the GraphicsContextState object to
        various Cairo operations, only pass the required state values. This
        makes it explicit what state values are used in these operations, at the
        expense of some long parameter lists, but this will be better addressed
        by future refactoring of this code into more concise functions.

        No new tests -- no change in functionality.

        * platform/graphics/cairo/CairoOperations.cpp:
        (WebCore::Cairo::drawGlyphsShadow):
        (WebCore::Cairo::dashedLineCornerWidthForStrokeWidth):
        (WebCore::Cairo::dashedLinePatternWidthForStrokeWidth):
        (WebCore::Cairo::drawGlyphs):
        (WebCore::Cairo::drawRect):
        (WebCore::Cairo::drawLine):
        (WebCore::Cairo::drawEllipse):
        * platform/graphics/cairo/CairoOperations.h:
        * platform/graphics/cairo/FontCairo.cpp:
        (WebCore::FontCascade::drawGlyphs):
        * platform/graphics/cairo/GraphicsContextCairo.cpp:
        (WebCore::GraphicsContext::drawRect):
        (WebCore::GraphicsContext::drawLine):
        (WebCore::GraphicsContext::drawEllipse):

2018-01-09  Ryosuke Niwa  <rniwa@webkit.org>

        Release assert in addResourceTiming when a cache resource is requested during style recalc
        https://bugs.webkit.org/show_bug.cgi?id=181137
        <rdar://problem/35666574>

        Reviewed by Simon Fraser.

        Make the dispatching of resourcetimingbufferfull event asynchronous to avoid dispatching it
        synchronously during a style resolution when CachedResourceLoader::requestImage requests
        a previously loaded image.

        We now schedule a timer when the resource timing buffer becomes full, and dispatch the event
        when the timer fires. Meanwhile, we have a backup buffer to which additional resource timing
        entries would be added. Once the event is dispatched, we refill the buffer exposed to author
        scripts. When refilling the buffer results in it becoming full again, we keep repeating the
        process of firing resourcetimingbufferfull and re-filling the buffer until either we stop
        making progress (i.e. the script didn't increase the number of empty entires in the buffer)
        or the backup buffer (at the time we started this process) becomes empty.

        Also fixed a bug that we were firing resourcetimingbufferfull event when the last entry that
        fits within the buffer size was added instead of when an entry is being added to an already
        full buffer. To make this work, the patch introduces m_resourceTimingBufferFullFlag,
        representing the concept "resource timing buffer full" flag in the resource timing specification.

        Test: http/tests/performance/performance-resource-timing-resourcetimingbufferfull-crash.html

        * page/Performance.cpp:
        (WebCore::Performance::Performance):
        (WebCore::Performance::clearResourceTimings):
        (WebCore::Performance::setResourceTimingBufferSize):
        (WebCore::Performance::addResourceTiming):
        (WebCore::Performance::resourceTimingBufferFullTimerFired):
        * page/Performance.h:

2018-01-08  Chris Nardi  <csnardi1@gmail.com>

        ::first-letter incorrectly selects grapheme pairs
        https://bugs.webkit.org/show_bug.cgi?id=181315

        Reviewed by Darin Adler.

        Grapheme pairs were incorrectly selected by ::first-letter. This
        change fixes their selection.

        Tests: Updated fast/css/first-letter-punctuation.html and imported
        LayoutTests/imported/w3c/web-platform-tests/css/css-pseudo-4/first-letter-004.html

        * rendering/updating/RenderTreeBuilderFirstLetter.cpp:
        (WebCore::isPunctuationForFirstLetter):
        (WebCore::shouldSkipForFirstLetter):
        (WebCore::RenderTreeBuilder::FirstLetter::createRenderers):

2018-01-08  Darin Adler  <darin@apple.com>

        Special list-item counter starts from an incorrect number for ::before and ::after
        https://bugs.webkit.org/show_bug.cgi?id=181084

        Reviewed by Zalan Bujtas.

        Test: fast/css/counters/counter-list-item.html

        * Sources.txt: Removed CounterDirectives.cpp.
        * WebCore.xcodeproj/project.pbxproj: Ditto.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::counterToCSSValue): Updated for changes to the CounterDirectives struct.
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyInheritCounter): Ditto.
        (WebCore::StyleBuilderCustom::applyValueCounter): Ditto.

        * html/HTMLLIElement.cpp:
        (WebCore::HTMLLIElement::parseValue): Call setExplicitValue(std::nullopt) instead
        of clearExplicitValue since we are using std::optional now.

        * rendering/RenderCounter.cpp:
        (WebCore::listItemCounterDirectives): Added. Computes the counter directives that
        express the effects on the list-item counter from list item and list elements.
        Used something as close to what the CSS 3 draft says as possible. This uses a
        negative increment when creating a list to counteract the positive increment done
        by a list element, except in the case of an unordered list. This is where the bug
        fix actually lies. Also fixed handling of reversed ordered lists at the same time.
        (WebCore::planCounter): Refactored to use the function above. Also changed the
        code to pay attention to both the counter directives and the implicit ones from
        list item and list elements, getting as close as possible to what the specification
        seems to call for.

        * rendering/RenderListItem.cpp:
        (WebCore::RenderListItem::RenderListItem): Since we are using std::optional and no
        longer using bit fields, simplified the constructor for each list item.
        (WebCore::RenderListItem::calcValue const): Deleted.
        (WebCore::RenderListItem::updateValueNow const): Merged in all the code from the
        old calcValue function, but it is also simpler now since m_value is std::optional.
        (WebCore::RenderListItem::updateValue): Updated to use std::optional.
        (WebCore::RenderListItem::setExplicitValue): Ditto.
        (WebCore::RenderListItem::clearExplicitValue): Deleted.
        (WebCore::RenderListItem::updateListMarkerNumbers): Updated to use std::optional.
        (WebCore::RenderListItem::isInReversedOrderedList const): Added. This is used by
        the counter code so it can decrement instead of incrementing.

        * rendering/RenderListItem.h: Updated to use std::optional. Also marked functions
        final instead of override and initialized m_notInList after making it not be a
        bitfield any more.

        * rendering/style/CounterDirectives.cpp: Removed.
        * rendering/style/CounterDirectives.h: Removed most of the CounterDirectives
        class and replaced it with a struct with two std::optional. Added an addClamped
        function so the counter code can share it with the addIncrementValue function.
        If we want to make a faster version that doesn't use double, we can come back
        and do that. Also moved the == function to the header since the implementation
        is so trivial.

        * rendering/style/StyleAllInOne.cpp: Removed CounterDirectives.cpp.

        * rendering/style/StyleRareNonInheritedData.cpp:
        (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData): Updated to
        use std::make_unique directly instead of using a clone function.

2018-01-08  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Attachment Support] Expose HTMLAttachmentElement.uniqueIdentifier to bindings
        https://bugs.webkit.org/show_bug.cgi?id=181420
        <rdar://problem/36365827>

        Reviewed by Alex Christensen.

        Add a new IDL definition for uniqueIdentifier on HTMLAttachmentElement. This allows clients to relate attachment
        elements in the DOM to _WKAttachments delivered via Objective-C SPI.

        Adjusted existing tests in WKAttachmentTests.

        * html/HTMLAttachmentElement.idl:

2018-01-08  Don Olmstead  <don.olmstead@sony.com>

        AccessibilityARIAGrid does not compile when accessibility is disabled
        https://bugs.webkit.org/show_bug.cgi?id=181418
        <rdar://problem/36365398>

        Reviewed by Chris Fleizach.

        No new tests. No change in behavior.

        * accessibility/AccessibilityARIAGrid.cpp:

2018-01-08  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r226532 and r226540.
        https://bugs.webkit.org/show_bug.cgi?id=181422

        jessie says basic browsing does not seem to work (Requested by
        alexchristensen on #webkit).

        Reverted changesets:

        "Add CSP support to service workers"
        https://bugs.webkit.org/show_bug.cgi?id=181385
        https://trac.webkit.org/changeset/226532

        "SWClientConnection should not keep references to service
        worker jobs"
        https://bugs.webkit.org/show_bug.cgi?id=181381
        https://trac.webkit.org/changeset/226540

2018-01-08  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Attachment Support] Expose file name and content type of WKAttachment
        https://bugs.webkit.org/show_bug.cgi?id=181390
        <rdar://problem/36336837>

        Reviewed by Tim Horton.

        Add new structs in AttachmentTypes.h and refactor HTMLAttachmentElement::requestData to requestInfo. See below
        for more details. Augmented existing API tests in WKAttachmentTests.

        * html/AttachmentTypes.h:

        Add a struct to represent a snapshot of information about an attachment element.

        * html/HTMLAttachmentElement.cpp:
        (WebCore::HTMLAttachmentElement::requestInfo):
        (WebCore::HTMLAttachmentElement::requestData): Deleted.
        * html/HTMLAttachmentElement.h:

        Change requestData to requestInfo. Instead of fetching and delivering data via callback, requestInfo returns an
        AttachmentInfo.

        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderAttachmentInfo::addLine):
        (WebCore::RenderAttachmentInfo::buildWrappedLines):
        (WebCore::RenderAttachmentInfo::buildSingleLine):
        (WebCore::RenderAttachmentInfo::RenderAttachmentInfo):
        (WebCore::RenderThemeIOS::attachmentBaseline const):
        (WebCore::paintAttachmentIcon):
        (WebCore::paintAttachmentText):
        (WebCore::paintAttachmentProgress):
        (WebCore::attachmentBorderPath):
        (WebCore::RenderThemeIOS::paintAttachment):
        (WebCore::AttachmentInfo::addLine): Deleted.
        (WebCore::AttachmentInfo::buildWrappedLines): Deleted.
        (WebCore::AttachmentInfo::buildSingleLine): Deleted.
        (WebCore::AttachmentInfo::AttachmentInfo): Deleted.

        Rename AttachmentInfo to RenderAttachmentInfo to resolve a name conflict with the new AttachmentInfo struct.

2018-01-08  Saam Barati  <sbarati@apple.com>

        Speculative build fix after r226600. We only use clflush on x86 and the `asm volatile` syntax is not available in the Windows build.

        No new tests because this is a build fix.

        * dom/Comment.cpp:
        (WebCore::Comment::clflushReadLength):

2018-01-08  Michael Saboff  <msaboff@apple.com>

        Add a DOM gadget for Spectre testing
        https://bugs.webkit.org/show_bug.cgi?id=181351

        Reviewed by Saam Barati.

        This change is used to test Spectre mitigations.

        Added a side data array to the Comment DOM node to test for Spectre issues in
        the DOM layer.  This additional functionality is disabled by default and must
        be enabled through the JSC option "enableSpectreGadgets".

        * dom/Comment.cpp:
        (WebCore::Comment::Comment):
        (WebCore::Comment::setReadLength):
        (WebCore::Comment::charCodeAt):
        (WebCore::Comment::clflushReadLength):
        * dom/Comment.h:
        * dom/Comment.idl:
        * page/RuntimeEnabledFeatures.cpp:
        (WebCore::RuntimeEnabledFeatures::spectreGadgetsEnabled const):
        * page/RuntimeEnabledFeatures.h:

2018-01-08  Said Abou-Hallawa  <sabouhallawa@apple.com>

        A canvas should not be tainted if it draws a data URL SVGImage with a <foreignObject>
        https://bugs.webkit.org/show_bug.cgi?id=180301

        Reviewed by Dean Jackson.

        Don't taint the canvas if it draws a data URL SVGImage with a <foreignObject>.
        There should not be a cross-origin data leak in this case.

        Tests: svg/as-image/svg-canvas-data-url-svg-with-feimage-not-tainted.html
               svg/as-image/svg-canvas-data-url-svg-with-foreign-object-not-tainted.html
               svg/as-image/svg-canvas-data-url-svg-with-image-not-tainted.html

        * html/ImageBitmap.cpp:
        (WebCore::taintsOrigin):
        * html/canvas/CanvasRenderingContext.cpp:
        (WebCore::CanvasRenderingContext::wouldTaintOrigin):

2018-01-08  Don Olmstead  <don.olmstead@sony.com>

        Simplify platform checks in Graphics Context
        https://bugs.webkit.org/show_bug.cgi?id=181344

        Reviewed by Alex Christensen.

        No new tests. No change in behavior.

        * platform/graphics/ANGLEWebKitBridge.h:
        * platform/graphics/GLContext.h:
        * platform/graphics/GraphicsContext3D.h:
        * platform/graphics/OpenGLESShims.h:
        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
        (WebCore::GraphicsContext3D::checkVaryingsPacking const):

2018-01-08  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move SVG addChild logic to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=181405
        <rdar://problem/36360476>

        Reviewed by Antti Koivisto.

        This is about moving the code, no cleanup and/or normalization (unfortunately it also means
        some temporary changes).  

        No change in functionality.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * rendering/svg/RenderSVGContainer.cpp:
        (WebCore::RenderSVGContainer::addChild):
        * rendering/svg/RenderSVGInline.cpp:
        (WebCore::RenderSVGInline::addChild):
        * rendering/svg/RenderSVGRoot.cpp:
        (WebCore::RenderSVGRoot::addChild):
        * rendering/svg/RenderSVGText.cpp:
        (WebCore::RenderSVGText::addChild):
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::RenderTreeBuilder):
        (WebCore::RenderTreeBuilder::insertChildToSVGContainer):
        (WebCore::RenderTreeBuilder::insertChildToSVGInline):
        (WebCore::RenderTreeBuilder::insertChildToSVGRoot):
        (WebCore::RenderTreeBuilder::insertChildToSVGText):
        * rendering/updating/RenderTreeBuilder.h:
        (WebCore::RenderTreeBuilder::SVGBuilder):
        * rendering/updating/RenderTreeBuilderSVG.cpp: Added.
        (WebCore::RenderTreeBuilder::SVG::SVG):
        (WebCore::RenderTreeBuilder::SVG::insertChild):
        * rendering/updating/RenderTreeBuilderSVG.h: Added.

2018-01-08  John Wilander  <wilander@apple.com>

        Storage Access API: Remove access for all frames under a page when the page is closed
        https://bugs.webkit.org/show_bug.cgi?id=181398
        <rdar://problem/36357879>

        Reviewed by Alex Christensen.

        No new tests. Discussed with Alex Christensen and we concluded that
        both a layout test and an API test would require a lot of work and
        we have existing tests for clearing out storage access for frames.

        * platform/network/NetworkStorageSession.h:
        * platform/network/cf/NetworkStorageSessionCFNet.cpp:
        (WebCore::NetworkStorageSession::removeStorageAccessForAllFramesOnPage):

2018-01-08  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r226385.

        The test introduced with this was a flaky since being added.

        Reverted changeset:

        "AX: when invert colors is on, double-invert certain media
        elements in UserAgentStyleSheet"
        https://bugs.webkit.org/show_bug.cgi?id=168447
        https://trac.webkit.org/changeset/226385

2018-01-08  Youenn Fablet  <youenn@apple.com>

        SWClientConnection should not keep references to service worker jobs
        https://bugs.webkit.org/show_bug.cgi?id=181381

        Reviewed by Chris Dumez.

        Difficult to test determiniscally but corresponding crash log should no longer happen in debug builds.

        Stopped passing ServiceWorkerJob references from ServiceWorkerContainer (potentially in service worker thread) to SWClientConnection (main thread).
        Instead pass job identifiers and related data to the main thread.

        Minor refactoring to use ServiceWorkerJobIdentifier instead of ServiceWorkerJobDataIdentifier which contains more data than needed.

        * workers/service/SWClientConnection.cpp:
        (WebCore::SWClientConnection::scheduleJob):
        (WebCore::SWClientConnection::failedFetchingScript):
        (WebCore::SWClientConnection::postTaskForJob):
        (WebCore::SWClientConnection::jobRejectedInServer):
        (WebCore::SWClientConnection::registrationJobResolvedInServer):
        (WebCore::SWClientConnection::unregistrationJobResolvedInServer):
        (WebCore::SWClientConnection::startScriptFetchForServer):
        (WebCore::SWClientConnection::clearPendingJobs):
        (WebCore::SWClientConnection::finishedFetchingScript): Deleted.
        * workers/service/SWClientConnection.h:
        * workers/service/ServiceWorkerContainer.cpp:
        (WebCore::ServiceWorkerContainer::scheduleJob):
        (WebCore::ServiceWorkerContainer::startScriptFetchForJob):
        (WebCore::ServiceWorkerContainer::jobFinishedLoadingScript):
        (WebCore::ServiceWorkerContainer::jobFailedLoadingScript):
        * workers/service/ServiceWorkerContainer.h:
        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::rejectJob):
        (WebCore::SWServer::resolveRegistrationJob):
        (WebCore::SWServer::resolveUnregistrationJob):
        (WebCore::SWServer::startScriptFetch):
        * workers/service/server/SWServer.h:

2018-01-08  Wenson Hsieh  <wenson_hsieh@apple.com>

        Copying, pasting, and then deleting an attachment element breaks attachment data requests
        https://bugs.webkit.org/show_bug.cgi?id=181365
        <rdar://problem/36340647>

        Reviewed by Tim Horton.

        Currently, copying and pasting an attachment element within the same document and then deleting backwards to
        remove the pasted attachment element causes the original attachment element to be inaccessible via SPI. This is
        because there are now two different attachment elements with the same unique identifier, such that Document,
        which keeps a map of all unique attachment identifiers to attachment elements, will lose track of the original
        attachment element.

        To fix this, we ensure that attachment elements should always have unique identifiers when they are inserted
        into the document. We make several small adjustments to accomplish this:

        1.  First, refactor HTMLAttachmentElement's unique identifier so that it no longer depends on the value of the
            "webkitattachmentid" attribute, and is instead just a member of HTMLAttachmentElement that is not exposed to
            DOM bindings. This means setting and querying an attachment element's uniqueIdentifier can be done without
            triggering any side effects, such as layout or mutation events.

        2.  Next, make "webkitattachmentid" a temporary attribute similar to "webkitattachmentpath" and
            "webkitattachmentbloburl", so that it is added only when generating a markup fragment for editing, and
            removed upon deserialization.

        3.  Lastly, shift the responsibility of assigning a unique identifier to an attachment away from places where we
            create attachment elements, and instead have Document enforce this when an attachment element is inserted.

        Tests:  WKAttachmentTests.InsertAndRemoveDuplicateAttachment
                WKAttachmentTests.InsertDuplicateAttachmentAndUpdateData

        * dom/Document.cpp:
        (WebCore::Document::didInsertAttachmentElement):

        Assign the unique identifier of an attachment element that has been inserted. If the identifier already tracks
        an existing attachment element in the document or is missing, reassign the identifier to a new value.

        * editing/cocoa/WebContentReaderCocoa.mm:
        (WebCore::createFragmentForImageAttachment):
        (WebCore::replaceRichContentWithAttachments):
        (WebCore::WebContentReader::readFilePaths):

        Remove calls to setUniqueIdentifier here, since Document will assign a unique identifier upon insertion.

        * editing/markup.cpp:
        (WebCore::StyledMarkupAccumulator::appendCustomAttributes):
        (WebCore::createFragmentFromMarkup):

        Set the attachment's unique identifier to the value of the "webkitattachmentid" attribute. When moving existing
        attachments around in the DOM without duplication, this ensures that the attachment will be removed and
        reinserted in the document without triggering removal and insertion client delegate methods.

        When pasting an attachment element that has the same identifier as an existing attachment, we let Document
        realize that the attachment identifier already exists, and reassign it to a unique value.

        * html/HTMLAttachmentElement.cpp:
        (WebCore::HTMLAttachmentElement::uniqueIdentifier const): Deleted.
        (WebCore::HTMLAttachmentElement::setUniqueIdentifier): Deleted.
        * html/HTMLAttachmentElement.h:

2018-01-08  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderBlockFlow addChild logic to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=181348
        <rdar://problem/36328117>

        Reviewed by Antti Koivisto.

        This is about moving the code, no cleanup and/or normalization (unfortunately it also means
        some temporary changes).  

        No change in functionality.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::addChild):
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::RenderTreeBuilder):
        (WebCore::RenderTreeBuilder::insertChildToRenderBlockFlow):
        * rendering/updating/RenderTreeBuilder.h:
        (WebCore::RenderTreeBuilder::blockFlowBuilder):
        * rendering/updating/RenderTreeBuilderBlockFlow.cpp: Added.
        (WebCore::RenderTreeBuilder::BlockFlow::BlockFlow):
        (WebCore::RenderTreeBuilder::BlockFlow::insertChild):
        * rendering/updating/RenderTreeBuilderBlockFlow.h: Added.

2018-01-08  Youenn Fablet  <youenn@apple.com>

        Add CSP support to service workers
        https://bugs.webkit.org/show_bug.cgi?id=181385

        Reviewed by Chris Dumez.

        Covered by rebased tests.

        Added recovery of CSP information from WorkerScriptLoader.
        Added plumbing to pass the CSP information to Service Workers.
        Added persistency support for the CSP information.

        * workers/WorkerScriptLoader.cpp:
        (WebCore::WorkerScriptLoader::loadAsynchronously):
        (WebCore::WorkerScriptLoader::didReceiveResponse):
        * workers/WorkerScriptLoader.h:
        (WebCore::WorkerScriptLoader::contentSecurityPolicy const):
        * workers/service/SWClientConnection.cpp:
        (WebCore::SWClientConnection::finishedFetchingScript):
        (WebCore::SWClientConnection::failedFetchingScript):
        * workers/service/SWClientConnection.h:
        * workers/service/ServiceWorkerContainer.cpp:
        (WebCore::ServiceWorkerContainer::addRegistration):
        (WebCore::ServiceWorkerContainer::jobFailedWithException):
        (WebCore::ServiceWorkerContainer::jobResolvedWithRegistration):
        (WebCore::ServiceWorkerContainer::jobFinishedLoadingScript):
        * workers/service/ServiceWorkerContainer.h:
        * workers/service/ServiceWorkerContextData.cpp:
        (WebCore::ServiceWorkerContextData::isolatedCopy const):
        * workers/service/ServiceWorkerContextData.h:
        (WebCore::ServiceWorkerContextData::encode const):
        (WebCore::ServiceWorkerContextData::decode):
        * workers/service/ServiceWorkerFetchResult.h:
        (WebCore::ServiceWorkerFetchResult::encode const):
        (WebCore::ServiceWorkerFetchResult::decode):
        * workers/service/ServiceWorkerGlobalScope.cpp:
        (WebCore::ServiceWorkerGlobalScope::create):
        * workers/service/ServiceWorkerGlobalScope.h:
        * workers/service/ServiceWorkerJob.cpp:
        (WebCore::ServiceWorkerJob::notifyFinished):
        * workers/service/ServiceWorkerJobClient.h:
        * workers/service/context/ServiceWorkerThread.cpp:
        (WebCore::ServiceWorkerThread::ServiceWorkerThread):
        (WebCore::ServiceWorkerThread::createWorkerGlobalScope):
        * workers/service/server/RegistrationDatabase.cpp:
        (WebCore::v1RecordsTableSchema):
        (WebCore::RegistrationDatabase::openSQLiteDatabase):
        (WebCore::RegistrationDatabase::doPushChanges):
        (WebCore::RegistrationDatabase::importRecords):
        * workers/service/server/SWServer.cpp:
        (WebCore::SWServer::updateWorker):
        (WebCore::SWServer::installContextData):
        * workers/service/server/SWServer.h:
        * workers/service/server/SWServerJobQueue.cpp:
        (WebCore::SWServerJobQueue::scriptFetchFinished):
        * workers/service/server/SWServerWorker.cpp:
        (WebCore::SWServerWorker::SWServerWorker):
        (WebCore::m_contentSecurityPolicy):
        (WebCore::SWServerWorker::contextData const):
        * workers/service/server/SWServerWorker.h:

2018-01-08  Youenn Fablet  <youenn@apple.com>

        Use no-cache fetch mode when loading main documents with location.reload()
        https://bugs.webkit.org/show_bug.cgi?id=181285

        Reviewed by Alex Christensen.

        Covered by rebased tests.

        Start to translate cache policy used for navigation as FetchOptions::Cache.
        This allows ensuring service workers receive the right cache mode when intercepting navigation loads.
        To not change current navigation behavior, ReturnCacheDataElseLoad and ReturnCacheDataDontLoad still trigger default fetch cache mode.

        For Reload and ReloadExpiredOnly frame load types, using no-cache mode is more efficient than reload mode,
        as a conditional request will be sent if possible. This applies to location.reload which is consistent with other browsers.
        Keep reload mode for ReloadFromOrigin.

        * loader/DocumentLoader.cpp:
        (WebCore::toFetchOptionsCache):
        (WebCore::DocumentLoader::loadMainResource):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadFrameRequest):
        (WebCore::FrameLoader::loadURL):
        (WebCore::FrameLoader::load):
        (WebCore::FrameLoader::reload):
        (WebCore::FrameLoader::defaultRequestCachingPolicy):
        (WebCore::FrameLoader::loadDifferentDocumentItem):
        * loader/NavigationScheduler.cpp:

2018-01-08  Youenn Fablet  <youenn@apple.com>

        Stop exposing fetch and extendable events to window
        https://bugs.webkit.org/show_bug.cgi?id=181325

        Reviewed by Chris Dumez.

        Covered by updated tests.

        Marked FetchEvent and ExtendableEvent as visible in ServiceWorker environments only.
        Moved related Internals testing routines to ServiceWorkerInternals.

        * testing/Internals.cpp:
        (WebCore::Internals::waitForFetchEventToFinish): Deleted.
        (WebCore::Internals::createBeingDispatchedFetchEvent): Deleted.
        * testing/Internals.h:
        * testing/Internals.idl:
        * testing/ServiceWorkerInternals.cpp:
        (WebCore::ServiceWorkerInternals::waitForFetchEventToFinish):
        (WebCore::ServiceWorkerInternals::createBeingDispatchedFetchEvent):
        * testing/ServiceWorkerInternals.h:
        * testing/ServiceWorkerInternals.idl:
        * workers/service/ExtendableEvent.idl:
        * workers/service/FetchEvent.idl:

2018-01-08  Antti Koivisto  <antti@apple.com>

        REGRESSION (r219145): Toggling layer borders on a static document no longer works immediately
        https://bugs.webkit.org/show_bug.cgi?id=176260
        <rdar://problem/34219966>

        Reviewed by Simon Fraser.

        Optimization reveled bugs in debug indicator painting.

        Test: compositing/debug-borders-dynamic.html

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers):
        (WebCore::GraphicsLayerCA::updateDebugIndicators):
        (WebCore::GraphicsLayerCA::updateDebugBorder): Deleted.

        - Rename to indicate this is not just about debug borders.
        - Trigger display so repaint counters get painted. This helper is only called when the indicators change.

        * platform/graphics/ca/GraphicsLayerCA.h:
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::cacheAcceleratedCompositingFlags):

        Ensure we do compositing update on debug border change even when there is no layout.

2018-01-08  Zalan Bujtas <zalan@apple.com>

        [RenderTreeBuilder] Move RenderInline addChild logic to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=181336
        <rdar://problem/36324693>

        Reviewed by Antti Koivisto.

        This is about moving the code, no cleanup and/or normalization (unfortunately it also means
        some temporary changes).  

        No change in functionality.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::addChild):
        (WebCore::RenderInline::addChildIgnoringContinuation):
        (WebCore::RenderInline::childBecameNonInline):
        (WebCore::nextContinuation): Deleted.
        (WebCore::RenderInline::continuationBefore): Deleted.
        (WebCore::newChildIsInline): Deleted.
        (WebCore::RenderInline::cloneAsContinuation const): Deleted.
        (WebCore::RenderInline::splitInlines): Deleted.
        (WebCore::RenderInline::splitFlow): Deleted.
        (WebCore::canUseAsParentForContinuation): Deleted.
        (WebCore::RenderInline::addChildToContinuation): Deleted.
        * rendering/RenderInline.h:
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::RenderTreeBuilder::RenderTreeBuilder):
        (WebCore::RenderTreeBuilder::insertChildToRenderInline):
        (WebCore::RenderTreeBuilder::insertChildToRenderInlineIgnoringContinuation):
        (WebCore::RenderTreeBuilder::splitFlow):
        * rendering/updating/RenderTreeBuilder.h:
        (WebCore::RenderTreeBuilder::inlineBuilder):
        * rendering/updating/RenderTreeBuilderInline.cpp: Added.
        (WebCore::canUseAsParentForContinuation):
        (WebCore::nextContinuation):
        (WebCore::continuationBefore):
        (WebCore::cloneAsContinuation):
        (WebCore::newChildIsInline):
        (WebCore::inFlowPositionedInlineAncestor):
        (WebCore::RenderTreeBuilder::Inline::Inline):
        (WebCore::RenderTreeBuilder::Inline::insertChild):
        (WebCore::RenderTreeBuilder::Inline::insertChildToContinuation):
        (WebCore::RenderTreeBuilder::Inline::insertChildIgnoringContinuation):
        (WebCore::RenderTreeBuilder::Inline::splitFlow):
        (WebCore::RenderTreeBuilder::Inline::splitInlines):
        * rendering/updating/RenderTreeBuilderInline.h: Added.

2018-01-08  Zalan Bujtas  <zalan@apple.com>

        [RenderTreeBuilder] Move RenderBlock addChild logic to RenderTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=181319
        <rdar://problem/36313464>

        Reviewed by Antti Koivisto.

        This is about moving the code, no cleanup and/or normalization (unfortunately it also means
        some temporary changes).  

        No change in functionality.

        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::addChild):
        (WebCore::RenderBlock::addChildIgnoringContinuation):
        (WebCore::RenderBlock::childBecameNonInline):
        (WebCore::RenderBlock::continuationBefore): Deleted.
        (WebCore::RenderBlock::addChildToContinuation): Deleted.
        (WebCore::getInlineRun): Deleted.
        (WebCore::RenderBlock::makeChildrenNonInline): Deleted.
        * rendering/RenderBlock.h:
        * rendering/RenderBox.cpp:
        (WebCore::markBoxForRelayoutAfterSplit): Deleted.
        (WebCore::RenderBox::splitAnonymousBoxesAroundChild): Deleted.
        * rendering/RenderBox.h:
        * rendering/RenderRubyBase.cpp:
        (WebCore::RenderRubyBase::moveChildren):
        (WebCore::RenderRubyBase::moveBlockChildren):
        * rendering/RenderTable.cpp:
        (WebCore::RenderTable::addChild):
        * rendering/RenderTableRow.cpp:
        (WebCore::RenderTableRow::addChild):
        * rendering/RenderTableSection.cpp:
        (WebCore::RenderTableSection::addChild):
        * rendering/updating/RenderTreeBuilder.cpp:
        (WebCore::markBoxForRelayoutAfterSplit):
        (WebCore::getInlineRun):
        (WebCore::RenderTreeBuilder::RenderTreeBuilder):
        (WebCore::RenderTreeBuilder::insertChildToRenderBlock):
        (WebCore::RenderTreeBuilder::insertChildToRenderBlockIgnoringContinuation):
        (WebCore::RenderTreeBuilder::makeChildrenNonInline):
        (WebCore::RenderTreeBuilder::splitAnonymousBoxesAroundChild):
        * rendering/updating/RenderTreeBuilder.h:
        (WebCore::RenderTreeBuilder::blockBuilder):
        * rendering/updating/RenderTreeBuilderBlock.cpp: Added.
        (WebCore::continuationBefore):
        (WebCore::RenderTreeBuilder::Block::Block):
        (WebCore::RenderTreeBuilder::Block::insertChild):
        (WebCore::RenderTreeBuilder::Block::insertChildToContinuation):
        (WebCore::RenderTreeBuilder::Block::insertChildIgnoringContinuation):
        * rendering/updating/RenderTreeBuilderBlock.h: Added.
        
2018-01-08  Jeremy Jones  <jeremyj@apple.com>

        Standard controls sometimes say video is in pip when it isnt.
        https://bugs.webkit.org/show_bug.cgi?id=181095
        rdar://problem/36182687

        Reviewed by Eric Carlson.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::exitFullscreen):

2018-01-08  Jer Noble  <jer.noble@apple.com>

        REGRESSION: [iOS] ASSERTION FAILED: !node.isConnected() in WebCore::notifyNodeInsertedIntoDocument
        https://bugs.webkit.org/show_bug.cgi?id=181091

        Reviewed by Darin Adler.

        Move the work previously performed in insertedIntoAncestor() into didFinishInsertingNode().

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::prepareForLoad):

2018-01-08  Zan Dobersek  <zdobersek@igalia.com>

        [Cairo] Use isolated fill and stroke source containers
        https://bugs.webkit.org/show_bug.cgi?id=181386

        Reviewed by Carlos Garcia Campos.

        Generate fill and stroke source objects upon invocation of various Cairo
        operations, initializing necessary data from the GraphicsContextState
        object.

        Cairo::FillSource and Cairo::StrokeSource structs are introduced, both
        being default-constructible as well as providing a constructor that
        accepts a GraphicsContextState object from which the appropriate
        resources are created.

        The FillSource and StrokeSource objects are then passed to
        PlatformContextCairo's prepareForFilling() and prepareForStroking()
        methods. Here the helper prepareCairoContextSource() function is now
        invoked with cairo_pattern_t objects as pattern or gradient sources, or
        the source color if neither cairo_pattern_t object is specified.

        The FillSource and StrokeSource constructors mimic the previous behavior
        of prepareCairoContextSource(). In case the source is a Pattern object,
        a cairo_pattern_t object is created from that. In case of FillSource,
        we also retrieve pattern size, transform and repetition information. In
        case the source os a Gradient object, we create a 'base' cairo_pattern_t
        object for a completely opaque alpha channel. Additionally, if the alpha
        value on the state is not 1, we create an alpha-adjusted cairo_pattern_t
        that is potentially used for any filling or stroking operation that has
        to preserve transparency. If neither Pattern or Gradient objects are set
        on the GraphicsContextState, we default to the current fill or stroke
        color.

        Overall, there's no change in behavior, this is simply a refactoring
        that enables us to construct Cairo objects for filling and stroking
        sources at the time of Cairo operation dispatch, instead of pulling down
        GraphicsContextState deeper into the Cairo-specific code.

        No new tests -- no change in functionality.

        * platform/graphics/cairo/CairoOperations.cpp:
        (WebCore::Cairo::drawPathShadow):
        (WebCore::Cairo::fillCurrentCairoPath):
        (WebCore::Cairo::FillSource::FillSource):
        (WebCore::Cairo::StrokeSource::StrokeSource):
        (WebCore::Cairo::fillRect):
        (WebCore::Cairo::fillRectWithRoundedHole):
        (WebCore::Cairo::fillPath):
        (WebCore::Cairo::strokeRect):
        (WebCore::Cairo::strokePath):
        (WebCore::Cairo::drawGlyphs):
        * platform/graphics/cairo/CairoOperations.h:
        * platform/graphics/cairo/FontCairo.cpp:
        (WebCore::FontCascade::drawGlyphs):
        * platform/graphics/cairo/GraphicsContextCairo.cpp:
        (WebCore::GraphicsContext::fillPath):
        (WebCore::GraphicsContext::strokePath):
        (WebCore::GraphicsContext::fillRect):
        (WebCore::GraphicsContext::strokeRect):
        (WebCore::GraphicsContext::fillRectWithRoundedHole):
        * platform/graphics/cairo/PlatformContextCairo.cpp:
        (WebCore::prepareCairoContextSource):
        (WebCore::PlatformContextCairo::prepareForFilling):
        (WebCore::PlatformContextCairo::prepareForStroking):
        (WebCore::PlatformContextCairo::clipForPatternFilling):
        * platform/graphics/cairo/PlatformContextCairo.h:

2018-01-08  Youenn Fablet  <youenn@apple.com>

        navigator.onLine does not work inside service workers
        https://bugs.webkit.org/show_bug.cgi?id=181079
        <rdar://problem/36178606>

        Reviewed by Darin Adler.

        Test: http/wpt/service-workers/online.https.html

        Added support for onLine by reusing a similar implementation as regular workers.
        Added ServiceWorkerInternals as an interface for an object exposed as self.internals in WTR.
        This object has currently one method to trigger change in the online/offline status.
        This allows writing a test for the onLine feature.

        Note that self.internals is inserted asynchronously after the script was evaluated.
        When writing a worker script using self.internals, one must make sure to use self.internals when initialized.
        online-worker.js for instance makes use of self.internals in a postMessage callback.

        * CMakeLists.txt:
        * DerivedSources.make:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/WorkerScriptController.h:
        * dom/ScriptExecutionContext.h:
        * testing/ServiceWorkerInternals.cpp: Added.
        (WebCore::ServiceWorkerInternals::ServiceWorkerInternals):
        (WebCore::ServiceWorkerInternals::setOnline):
        * testing/ServiceWorkerInternals.h: Added.
        * testing/ServiceWorkerInternals.idl: Added.
        * testing/js/WebCoreTestSupport.cpp:
        (WebCoreTestSupport::setupNewlyCreateServiceWorker):
        * testing/js/WebCoreTestSupport.h:
        * workers/service/context/SWContextManager.cpp:
        (WebCore::SWContextManager::registerServiceWorkerThreadForInstall):
        (WebCore::SWContextManager::startedServiceWorker):
        * workers/service/context/SWContextManager.h:
        (WebCore::SWContextManager::setServiceWorkerCreationCallback):
        (WebCore::SWContextManager::workerByID):
        * workers/service/context/ServiceWorkerThread.cpp:
        (WebCore::ServiceWorkerThread::ServiceWorkerThread):
        * workers/service/context/ServiceWorkerThreadProxy.cpp:
        (WebCore::ServiceWorkerThreadProxy::ServiceWorkerThreadProxy):
        (WebCore::ServiceWorkerThreadProxy::~ServiceWorkerThreadProxy):
        (WebCore::ServiceWorkerThreadProxy::networkStateChanged):
        (WebCore::ServiceWorkerThreadProxy::notifyNetworkStateChange):
        * workers/service/context/ServiceWorkerThreadProxy.h:

2018-01-08  Zan Dobersek  <zdobersek@igalia.com>

        [Cairo] Contain shadow blur requirement state in a separate object
        https://bugs.webkit.org/show_bug.cgi?id=181380

        Reviewed by Carlos Garcia Campos.

        Instead of picking up the necessary state parameters from a
        GraphicsContextState object, store the necessary parameters in a helper
        ShadowBlurUsage struct. Mimicking the mustUseShadowBlur() function that
        is being removed, values of the shadow color, shadow blur, and shadow
        transform ignorance are stored there. Additionally, the required()
        method accepts a PlatformContextCairo object through which it can
        retrieve the current CTM and determine whether it's an identity, finally
        deciding whether shadow blur can or cannot be ignored.

        Goal of this change is to limit usage of GraphicsContextState directly
        in operations implemented inside the Cairo namespace. Instead, the
        state parameters should be passed directly, or an equivalent but limited
        state object should be constructed for invocation of such operations.

        This is likely only an intermediate solution. It's possible it will be
        replaced by a more complete shadow state struct that would be used for
        any operation that is required to draw shadows, if necessary.

        No new tests -- no change in functionality.

        * platform/graphics/cairo/CairoOperations.cpp:
        (WebCore::Cairo::drawGlyphsShadow):
        (WebCore::Cairo::ShadowBlurUsage::ShadowBlurUsage):
        (WebCore::Cairo::ShadowBlurUsage::required const):
        (WebCore::Cairo::fillRectWithRoundedHole):
        (WebCore::Cairo::drawGlyphs):
        (WebCore::Cairo::mustUseShadowBlur): Deleted.
        * platform/graphics/cairo/CairoOperations.h:
        * platform/graphics/cairo/FontCairo.cpp:
        (WebCore::FontCascade::drawGlyphs):
        * platform/graphics/cairo/GraphicsContextCairo.cpp:
        (WebCore::GraphicsContext::fillRectWithRoundedHole):

2018-01-08  Philippe Normand  <pnormand@igalia.com>

        [GStreamer][Soup] Remove dead getCreateOrReadBuffer code path
        https://bugs.webkit.org/show_bug.cgi?id=181376

        Reviewed by Carlos Garcia Campos.

        This code path is no longer used now that the GStreamer HTTP
        source element uses data coming directly from the network process.

        * SourcesGTK.txt:
        * SourcesWPE.txt:
        * loader/MediaResourceLoader.cpp:
        (WebCore::MediaResource::getOrCreateReadBuffer): Deleted.
        * loader/MediaResourceLoader.h:
        * loader/SubresourceLoader.h:
        * loader/cache/CachedRawResource.h:
        * loader/cache/CachedRawResourceClient.h:
        (WebCore::CachedRawResourceClient::finishedTimingForWorkerLoad):
        (WebCore::CachedRawResourceClient::getOrCreateReadBuffer): Deleted.
        * loader/cache/CachedResource.h:
        (WebCore::CachedResource::getOrCreateReadBuffer): Deleted.
        * loader/soup/CachedRawResourceSoup.cpp: Removed.
        * loader/soup/SubresourceLoaderSoup.cpp: Removed.
        * platform/graphics/PlatformMediaResourceLoader.h:
        (WebCore::PlatformMediaResourceClient::loadFinished):
        (WebCore::PlatformMediaResourceClient::getOrCreateReadBuffer): Deleted.
        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (CachedResourceStreamingClient::getOrCreateReadBuffer): Deleted.
        * platform/network/ResourceHandleClient.h:
        (WebCore::ResourceHandleClient::getOrCreateReadBuffer): Deleted.
        * platform/network/soup/ResourceHandleSoup.cpp:
        (WebCore::ResourceHandle::ensureReadBuffer):

2018-01-08  Zan Dobersek  <zdobersek@igalia.com> and Carlos Garcia Campos  <cgarcia@igalia.com>

        [GStreamer] use FastMalloc-based GstAllocator
        https://bugs.webkit.org/show_bug.cgi?id=165793

        Reviewed by Philippe Normand.

        Add GstAllocatorFastMalloc, a GstAllocator implementation using fast malloc. It's only used when fast malloc is
        enabled and can be disabled using an environment variable for debugging purposes.

        * platform/GStreamer.cmake:
        * platform/graphics/gstreamer/GStreamerUtilities.cpp:
        (WebCore::initializeGStreamer):
        * platform/graphics/gstreamer/GstAllocatorFastMalloc.cpp: Added.
        (gstMemoryFastMallocNew):
        (gstAllocatorFastMallocAlloc):
        (gstAllocatorFastMallocFree):
        (gstAllocatorFastMallocMemMap):
        (gstAllocatorFastMallocMemUnmap):
        (gstAllocatorFastMallocMemCopy):
        (gstAllocatorFastMallocMemShare):
        (gstAllocatorFastMallocMemIsSpan):
        (gst_allocator_fast_malloc_class_init):
        (gst_allocator_fast_malloc_init):
        * platform/graphics/gstreamer/GstAllocatorFastMalloc.h: Added.

2018-01-07  Ms2ger  <Ms2ger@igalia.com>

        Implement createImageBitmap(ImageBitmap)
        https://bugs.webkit.org/show_bug.cgi?id=181287

        Reviewed by Darin Adler.

        Tests: imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage.html
               imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-invalid-args.html

        * html/ImageBitmap.cpp:
        (WebCore::ImageBitmap::createPromise):

2018-01-07  Ryosuke Niwa  <rniwa@webkit.org>

        Reduce the precision of "high" resolution time to 1ms
        https://bugs.webkit.org/show_bug.cgi?id=180910
        <rdar://problem/36085943>

        Reviewed by Saam Barati.

        Reduced the high prevision time's resolution to 1ms, the same precision as Date.now().

        Also fixed the bug in fillRTCStats that we weren't reducing the time resolution in RTCStats dictionaries.

        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::fillRTCStats):
        * page/Performance.cpp:
        (WebCore::Performance::reduceTimeResolution):

2018-01-06  Simon Fraser  <simon.fraser@apple.com>

        Possible crash computing event regions
        https://bugs.webkit.org/show_bug.cgi?id=181368
        rdar://problem/34847081

        Reviewed by Zalan Bujtas.

        Don't trigger layout in Element::absoluteEventHandlerBounds(), since this can run arbirary script
        which might delete elements or re-enter Document::absoluteRegionForEventTargets().

        It's OK to not trigger layout, because if layout is dirty, the next layout will update event regions again.

        Add a LayoutDisallowedScope to check that Document::absoluteRegionForEventTargets() doesn't
        trigger layout, and move the check for LayoutDisallowedScope::isLayoutAllowed() from Document::updateLayout()
        to LayoutContext::layout(), since some layouts don't happen via the former (e.g. the one being removed here).

        The test checks that the assertion does not fire. I was not able to get a reliable test for any crash.

        Test: fast/events/event-handler-regions-layout.html

        * dom/Document.cpp:
        (WebCore::Document::updateLayout):
        (WebCore::Document::absoluteRegionForEventTargets):
        * dom/Element.cpp:
        (WebCore::Element::absoluteEventHandlerBounds):
        * page/LayoutContext.cpp:
        (WebCore::LayoutContext::layout):
        * rendering/LayoutDisallowedScope.h: Move the #ifdefs around to avoid defining the enum twice.
        (WebCore::LayoutDisallowedScope::LayoutDisallowedScope):
        (WebCore::LayoutDisallowedScope::isLayoutAllowed):

2018-01-06  Simon Fraser  <simon.fraser@apple.com>

        Crash under RenderLayer::scrollTo() with marquee
        https://bugs.webkit.org/show_bug.cgi?id=181349
        rdar://problem/36190168

        Reviewed by Zalan Bujtas.

        Don't call updateWidgetPositions() synchonously during RenderLayer scrolling, because it
        can run arbitrary script which may trigger destruction of this RenderLayer.

        Instead, queue up updateWidgetPositions() on a zero-delay timer.

        Under some circumstances this may allow a paint to occur before the widgets have been
        updated (which could be fixed with a more invasive change), but in practice I saw no
        painting issues with plug-ins or iframes inside overflow scroll, in WebKit or LegacyWebKit.

        Test: fast/scrolling/marquee-scroll-crash.html

        * page/FrameView.cpp:
        (WebCore::FrameView::FrameView):
        (WebCore::FrameView::updateWidgetPositions):
        (WebCore::FrameView::scheduleUpdateWidgetPositions):
        (WebCore::FrameView::updateWidgetPositionsTimerFired):
        * page/FrameView.h:
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::scrollTo):

2018-01-05  Dean Jackson  <dino@apple.com>

        Accurately clip copyTexImage2D and copyTexSubImage2D
        https://bugs.webkit.org/show_bug.cgi?id=181356
        <rdar://problem/35083877>

        Reviewed by Eric Carlson.

        The code to make sure copyTexSubImage2D and copyTexImage2D will not try to read
        out of bounds had a bad bug introduced here:
        https://bugs.webkit.org/show_bug.cgi?id=51421

        With appropriate parameters, it would produce a rectangle with
        negative dimensions. Most GL drivers just ignored this, but some
        are not happy.

        Test: fast/canvas/webgl/copy-tex-image-and-sub-image-2d-bad-input.html

        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::clip2D): Reimplement this in a more sane manner, and use
        checked arithmetic while here.
        * html/canvas/WebGLRenderingContextBase.h:
        (WebCore::clip1D): Deleted.
        (WebCore::clip2D): Deleted.

2018-01-06  Antti Koivisto  <antti@apple.com>

        Use WeakPtr for RenderTreePosition::m_nextSibling
        https://bugs.webkit.org/show_bug.cgi?id=181363

        Reviewed by Zalan Bujtas.

        For safety. In most cases it is null and won't cause us to instantiate WeakReferences for
        many new objects.

        * rendering/updating/RenderTreePosition.cpp:
        (WebCore::RenderTreePosition::computeNextSibling):
        * rendering/updating/RenderTreePosition.h:
        (WebCore::RenderTreePosition::RenderTreePosition):
        (WebCore::RenderTreePosition::nextSibling const):

2018-01-05  David Kilzer  <ddkilzer@apple.com>

        Re-enable -Wcast-qual in WebCore for Apple ports
        <https://webkit.org/b/177895>
        <rdar://problem/34960830>

        Reviewed by Joseph Pecoraro.

        * Configurations/Base.xcconfig:
        (WARNING_CFLAGS): Remove FIXME and add -Wcast-qual back to
        arguments.

        * crypto/mac/SerializedCryptoKeyWrapMac.mm:
        (WebCore::createAndStoreMasterKey):
        - Use checked_cf_cast<SecACLRef>().

        * editing/cocoa/DataDetection.mm:
        (WebCore::detectItemAtPositionWithRange):
        - Manually cast CFTypeRef to DDResultRef until
          DDResultGetTypeID() is available as SPI.

        * platform/gamepad/mac/HIDGamepad.cpp:
        (WebCore::HIDGamepad::initElementsFromArray):
        - Use checked_cf_cast<IOHIDElementRef>().

        * platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm:
        (WebCore::MediaSampleAVFObjC::createImageSample):
        (WebCore::CMSampleBufferIsRandomAccess):
        (WebCore::CMSampleBufferIsNonDisplaying):
        (WebCore::MediaSampleAVFObjC::createNonDisplayingCopy const):
        - Use checked_cf_cast<CFMutableDictionaryRef>() and
          checked_cf_cast<CFDictionaryRef>().

        * platform/graphics/cocoa/IOSurface.h:
        (WebCore::IOSurface::asLayerContents):
        - Use reinterpret_cast<id>() to cast from IOSurfaceRef to id.

        * platform/graphics/cocoa/WebCoreDecompressionSession.mm:
        (WebCore::WebCoreDecompressionSession::getFirstVideoFrame):
        (WebCore::WebCoreDecompressionSession::automaticDequeue):
        (WebCore::WebCoreDecompressionSession::imageForTime):
        (WebCore::WebCoreDecompressionSession::getDecodeTime):
        (WebCore::WebCoreDecompressionSession::getPresentationTime):
        (WebCore::WebCoreDecompressionSession::getDuration):
        - Use checked_cf_cast<CMSampleBufferRef>().

        * platform/graphics/Font.h:
        (WebCore::Font::m_kernedCFStringAttributes):
        (WebCore::Font::m_nonKernedCFStringAttributes):
        - Change type from RetainPtr<CFDictionaryRef> to
          RetainPtr<CFMutableDictionaryRef> since that's what they are.
        * platform/graphics/mac/SimpleFontDataCoreText.cpp:
        (WebCore::Font::getCFStringAttributes const):
        - Replace local `mutableAttributes` variable with
          `attributesDictionary.get()` since it returns the correct type
          now.

        * platform/ios/wak/WAKView.mm:
        (-[WAKView _initWithViewRef:]):
        (_WAKCopyWrapper):
        * platform/ios/wak/WKView.mm:
        (_WKViewClearSuperview):
        (WKViewFirstChild):
        (WKViewNextSibling):
        - Use static_cast<WKViewRef>(const_cast<void*>()) to convert
          const void* variable to WKViewRef.

        * platform/mac/PasteboardMac.mm:
        (WebCore::flipImageSpec):
        (WebCore::setDragImageImpl):
        - Use const_cast<> to remove 'const' modifier from
          unsigned char pointers.  This regressed while -Wcast-qual was
          disabled for WebCore.

        * platform/mac/SSLKeyGeneratorMac.mm:
        (WebCore::signedPublicKeyAndChallengeString):
        - Use checked_cf_cast<SecACLRef>().

        * platform/mediastream/mac/RealtimeIncomingVideoSourceCocoa.cpp:
        (WebCore::RealtimeIncomingVideoSourceCocoa::OnFrame):
        - Use checked_cf_cast<CFMutableDictionaryRef>().

        * platform/network/cf/SocketStreamHandleImplCFNet.cpp:
        (WebCore::copyCONNECTProxyResponse):
        - Use checked_cf_cast<CFHTTPMessageRef>().

        * platform/network/cocoa/ResourceResponseCocoa.mm:
        (WebCore::ResourceResponse::platformCertificateInfo const):
        - Use checked_cf_cast<SecTrustRef>().

        * platform/network/mac/CertificateInfoMac.mm:
        (WebCore::CertificateInfo::containsNonRootSHA1SignedCertificate const):
        (WebCore::CertificateInfo::dump const):
        - Use checked_cf_cast<SecCertificateRef>().

        * testing/cocoa/WebArchiveDumpSupport.mm:
        (WebCoreTestSupport::createCFURLResponseFromResponseData):
        - Use checked_cf_cast<>() for CFMutable* types.

2018-01-05  John Wilander  <wilander@apple.com>

        Storage Access API: Refactor to make naming accurate and explicit, simplify access table, and prepare for access removal for page
        https://bugs.webkit.org/show_bug.cgi?id=181357
        <rdar://problem/36331031>

        Reviewed by Alex Christensen.

        No new tests. The only changed functionality that isn't covered
        by existing tests is cross-origin iframes in the same partition
        should be handled as already having access. This cannot be
        tested in layout tests since they don't support subdomains.

        This change does the following:
        - Changes function and message names to reflect how this feature
          was eventually implemented, i.e. access per frame.
        - Makes it explicit that the UI process is only involved in
          granting storage access and not removing storage access.
          The latter is done directly by the web process.
        - Simplifies the network process' entry map since only needs to
          be able to give access to one domain in one frame at a time.
          Access goes away on frame navigation so there can only be one
          domain at a time per frame. Also, the map now uses pageIDs as
          main keys to prepare for efficient access removal for all
          frames under a page.
        - Fixes a bug in so that a cross-origin iframe with the same
          partition as the top frame correctly is handled as already
          having access.

        * platform/network/NetworkStorageSession.h:
        * platform/network/cf/NetworkStorageSessionCFNet.cpp:
        (WebCore::NetworkStorageSession::cookieStoragePartition const):
            The only change here is the changed named of the call to
            NetworkStorageSession::hasStorageAccessForFrame().
        (WebCore::NetworkStorageSession::hasStorageAccessForFrame const):
        (WebCore::NetworkStorageSession::grantStorageAccessForFrame):
        (WebCore::NetworkStorageSession::removeStorageAccessForFrame):
        (WebCore::NetworkStorageSession::isStorageAccessGranted const): Deleted.
        (WebCore::NetworkStorageSession::setStorageAccessGranted): Deleted.
        (WebCore::NetworkStorageSession::removeStorageAccess): Deleted.

2018-01-05  Youenn Fablet  <youenn@apple.com>

        Implement Cache API partitioning based on ClientOrigin
        https://bugs.webkit.org/show_bug.cgi?id=181240

        Reviewed by Alex Christensen.

        Covered by updated tests.

        Previously, cache storage was partitioned according the origin of the client, represented as a String.
        We now partition according both client and top origins, represented as a ClientOrigin

        Minor refactoring to use more makePendingActivity.
        Added support for IPC serialization of ClientOrigin.
        Added SecurityOriginData::toString which is used by WebKit2 Cache Storage implementation.

        * Modules/cache/CacheStorageConnection.cpp:
        (WebCore::CacheStorageConnection::open):
        (WebCore::CacheStorageConnection::retrieveCaches):
        * Modules/cache/CacheStorageConnection.h:
        (WebCore::CacheStorageConnection::clearMemoryRepresentation):
        (WebCore::CacheStorageConnection::doOpen):
        (WebCore::CacheStorageConnection::doRetrieveCaches):
        * Modules/cache/DOMCacheStorage.cpp:
        (WebCore::DOMCacheStorage::origin const):
        (WebCore::DOMCacheStorage::retrieveCaches):
        (WebCore::DOMCacheStorage::open):
        (WebCore::DOMCacheStorage::remove):
        * Modules/cache/DOMCacheStorage.h:
        * Modules/cache/WorkerCacheStorageConnection.cpp:
        (WebCore::WorkerCacheStorageConnection::doOpen):
        (WebCore::WorkerCacheStorageConnection::doRetrieveCaches):
        * Modules/cache/WorkerCacheStorageConnection.h:
        * page/ClientOrigin.h:
        (WebCore::ClientOrigin::isolatedCopy const):
        (WebCore::ClientOrigin::encode const):
        (WebCore::ClientOrigin::decode):
        * page/SecurityOriginData.cpp:
        (WebCore::SecurityOriginData::toString const):
        (WebCore::SecurityOriginData::debugString const): Deleted.
        * page/SecurityOriginData.h:
        (WebCore::SecurityOriginData::debugString const):
        * testing/Internals.cpp:
        (WebCore::Internals::clearCacheStorageMemoryRepresentation):

2018-01-05  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Attachment Support] Add a way to write blob data to a file URL from the UI process
        https://bugs.webkit.org/show_bug.cgi?id=181236

        Reviewed by Brady Eidson.

        Add support for writing a blob to a designated file path. See comments below for more detail. No new tests, as
        there change in behavior yet. See part 2: https://bugs.webkit.org/show_bug.cgi?id=181199.

        * page/DragController.cpp:
        (WebCore::DragController::dragAttachmentElement):
        * platform/PromisedBlobInfo.h:

        Remove PromisedBlobData entirely. This was added with the premise of having the web process deliver blob data to
        the UI process. However, the new approach I'm taking just has the UI process tell the network process to write
        a blob to a given location, so a data structure to deliver blob data over IPC is no longer necessary.

        (WebCore::PromisedBlobData::hasData const): Deleted.
        (WebCore::PromisedBlobData::hasFile const): Deleted.
        (WebCore::PromisedBlobData::operator bool const): Deleted.
        (WebCore::PromisedBlobData::fulfills const): Deleted.
        * platform/network/BlobRegistryImpl.cpp:
        (WebCore::BlobRegistryImpl::populateBlobsForFileWriting):

        Introduce a new helper to build a list of blob data for file writing.

        (WebCore::writeFilePathsOrDataBuffersToFile):

        Introduce a new static helper to write blob data (a list of file paths and data buffers) to a given file handle.
        Automatically closes the given file handle upon exit.

        (WebCore::BlobRegistryImpl::writeBlobsToTemporaryFiles):
        (WebCore::BlobRegistryImpl::writeBlobToFilePath):

        Pull out common logic in writeBlobsToTemporaryFiles and writeBlobToFilePath into helper methods (see above), and
        refactor both methods to use the helpers.

        * platform/network/BlobRegistryImpl.h:

2018-01-05  Alex Christensen  <achristensen@webkit.org>

        Forbid < and > in URL hosts
        https://bugs.webkit.org/show_bug.cgi?id=181308
        <rdar://problem/36012757>

        Reviewed by Tim Horton.

        https://url.spec.whatwg.org/#forbidden-host-code-point does not include these characters yet, but I think it should.
        Firefox fails to parse URLs with < or > in the host.  Chrome percent encodes them.  Safari needs to do something.
        The web platform tests are unclear on this case, and they will need to be updated with the specification.
        They do show a change in behavior, though.

        * platform/URLParser.cpp:
        Add < and > to the list of forbidden host code points.

2018-01-05  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] Add Mac screen capture source
        https://bugs.webkit.org/show_bug.cgi?id=181333
        <rdar://problem/36323219>

        Reviewed by Dean Jackson.

        * SourcesCocoa.txt: Add ScreenDisplayCaptureSourceMac.mm.

        * WebCore.xcodeproj/project.pbxproj: Ditto.

        * platform/cocoa/CoreVideoSoftLink.cpp: Declare new constants used.
        * platform/cocoa/CoreVideoSoftLink.h:

        * platform/mediastream/mac/DisplayCaptureManagerCocoa.cpp:
        (WebCore::displayReconfigurationCallBack): Call refreshCaptureDevices.
        (WebCore::DisplayCaptureManagerCocoa::~DisplayCaptureManagerCocoa): Unregister for display
        reconfiguration callbacks.
        (WebCore::DisplayCaptureManagerCocoa::captureDevices): Register for display reconfigrations.
        (WebCore::DisplayCaptureManagerCocoa::refreshCaptureDevices): Use CGActiveDisplayList to
        get list of active screens.
        (WebCore::DisplayCaptureManagerCocoa::screenCaptureDeviceWithPersistentID): Validate screen
        ID, return CaptureDevice.
        * platform/mediastream/mac/DisplayCaptureManagerCocoa.h:

        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
        (WebCore::VideoCaptureSourceFactoryMac::createVideoCaptureSource): Deal with screen capture
        on macOS.

        Implement Mac screen capture with CGDisplayStream.
        * platform/mediastream/mac/ScreenDisplayCaptureSourceMac.h: Added.
        (WebCore::ScreenDisplayCaptureSourceMac::DisplaySurface::~DisplaySurface):
        (WebCore::ScreenDisplayCaptureSourceMac::DisplaySurface::operator=):
        (WebCore::ScreenDisplayCaptureSourceMac::DisplaySurface::ioSurface const):
        * platform/mediastream/mac/ScreenDisplayCaptureSourceMac.mm: Added.
        (WebCore::roundUpToMacroblockMultiple):
        (WebCore::ScreenDisplayCaptureSourceMac::updateDisplayID):
        (WebCore::ScreenDisplayCaptureSourceMac::create):
        (WebCore::ScreenDisplayCaptureSourceMac::ScreenDisplayCaptureSourceMac):
        (WebCore::ScreenDisplayCaptureSourceMac::~ScreenDisplayCaptureSourceMac):
        (WebCore::ScreenDisplayCaptureSourceMac::createDisplayStream):
        (WebCore::ScreenDisplayCaptureSourceMac::startProducingData):
        (WebCore::ScreenDisplayCaptureSourceMac::stopProducingData):
        (WebCore::ScreenDisplayCaptureSourceMac::sampleBufferFromPixelBuffer):
        (WebCore::ScreenDisplayCaptureSourceMac::pixelBufferFromIOSurface):
        (WebCore::ScreenDisplayCaptureSourceMac::generateFrame):
        (WebCore::ScreenDisplayCaptureSourceMac::startDisplayStream):
        (WebCore::ScreenDisplayCaptureSourceMac::applySize):
        (WebCore::ScreenDisplayCaptureSourceMac::applyFrameRate):
        (WebCore::ScreenDisplayCaptureSourceMac::commitConfiguration):
        (WebCore::ScreenDisplayCaptureSourceMac::displayWasReconfigured):
        (WebCore::ScreenDisplayCaptureSourceMac::displayReconfigurationCallBack):
        (WebCore::ScreenDisplayCaptureSourceMac::frameAvailable):

2018-01-05  Don Olmstead  <don.olmstead@sony.com>

        [curl] Can't load file:// URL with a URL fragment identifier
        https://bugs.webkit.org/show_bug.cgi?id=181170

        Reviewed by Alex Christensen.

        No new tests. No change in behavior.

        * platform/network/curl/CurlRequest.cpp:
        (WebCore::CurlRequest::invokeDidReceiveResponseForFile):

2018-01-05  Don Olmstead  <don.olmstead@sony.com>

        TextCodec uses std::array but does not include it
        https://bugs.webkit.org/show_bug.cgi?id=181340

        Reviewed by Alex Christensen.

        No new tests. No change in behavior.

        * platform/text/TextCodec.h:

2018-01-05  Said Abou-Hallawa  <sabouhallawa@apple.com>

        SVGAnimatedListPropertyTearOff::synchronizeWrappersIfNeeded() should do nothing if the property is not animating
        https://bugs.webkit.org/show_bug.cgi?id=181316
        <rdar://problem/36147545>

        Reviewed by Simon Fraser.

        This is a speculative change to fix a crash which appeared after r226065.
        The crash is very intermittent and sometimes very hard to reproduce. The
        basic code analysis did not show how this crash can even happen.

        * svg/SVGAnimatedTypeAnimator.h:
        (WebCore::SVGAnimatedTypeAnimator::resetFromBaseValues): For SVG property
        with two values, e.g. <SVGAngleValue, SVGMarkerOrientType>,  we need to
        detach the wrappers of the animated property if the animated values are
        going to change. This is similar to what we did in resetFromBaseValue().

        * svg/properties/SVGAnimatedListPropertyTearOff.h:
        (WebCore::SVGAnimatedListPropertyTearOff::synchronizeWrappersIfNeeded):

2018-01-05  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r226401.

        This caused timeouts on multiple platforms.

        Reverted changeset:

        "Implement Cache API partitioning based on ClientOrigin"
        https://bugs.webkit.org/show_bug.cgi?id=181240
        https://trac.webkit.org/changeset/226401

2018-01-05  Dan Bernstein  <mitz@apple.com>

        Fixed the build following AppKit API deprecations in a recent SDKs

        * platform/mac/PasteboardMac.mm:
        (WebCore::setDragImageImpl): Suppressed deprecation warnings.
        * platform/mac/WidgetMac.mm:
        (WebCore::Widget::paint): Ditto.

2018-01-05  Joseph Pecoraro  <pecoraro@apple.com>

        ServiceWorkers: Enable UserTiming / ResourceTiming
        https://bugs.webkit.org/show_bug.cgi?id=181297
        <rdar://problem/36307306>

        Reviewed by Youenn Fablet.

        Tests: http/tests/workers/service/service-worker-resource-timing.https.html
               http/tests/workers/service/service-worker-user-timing.https.html

        * loader/ResourceTiming.cpp:
        (WebCore::ResourceTiming::ResourceTiming):
        We used to clear extra NetworkLoadMetrics data early on. However,
        for Workers we want to pass the complete NetworkLoadMetrics to
        the Worker so that a Worker inspector has access to it.

        * page/PerformanceResourceTiming.cpp:
        (WebCore::PerformanceResourceTiming::PerformanceResourceTiming):
        Instead move the clearing of extra data to here, when the NetworkLoadMetrics
        have finally settled into being used only for a performance entry.

2018-01-04  Philippe Normand  <pnormand@igalia.com>

        [EME][GStreamer] Fix wrong ifdef
        https://bugs.webkit.org/show_bug.cgi?id=181289

        Reviewed by Alex Christensen.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::handleMessage): Remove the
        ENCRYPTED_MEDIA ifdef from the VIDEO_TRACK ifdef block. Both have
        nothing to do together.

2018-01-05  Fujii Hironori  <Hironori.Fujii@sony.com>

        [Cairo] Canvas: Path::clear should clear its transform
        https://bugs.webkit.org/show_bug.cgi?id=181320

        Reviewed by Carlos Garcia Campos.

        Path of Cairo port has its cairo context. Path::clear() didn't
        clear the transform matrix of the context.

        Test: fast/canvas/reset-scaling-by-height-change.html

        * platform/graphics/cairo/PathCairo.cpp:
        (WebCore::Path::clear): Reset the transform matrix of Path.

2018-01-04  Devin Rousso  <webkit@devinrousso.com>

        Web Inspector: replace HTMLCanvasElement with CanvasRenderingContext for instrumentation logic
        https://bugs.webkit.org/show_bug.cgi?id=180770

        Reviewed by Joseph Pecoraro.

        No change in functionality.

        * html/HTMLCanvasElement.h:
        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::createContext2d):
        (WebCore::HTMLCanvasElement::createContextWebGL):
        (WebCore::HTMLCanvasElement::createContextWebGPU):
        (WebCore::HTMLCanvasElement::createContextBitmapRenderer):
        (WebCore::HTMLCanvasElement::reset):
        (WebCore::HTMLCanvasElement::paint):
        (WebCore::HTMLCanvasElement::setImageBuffer const):
        (WebCore::HTMLCanvasElement::addObserver): Deleted.
        (WebCore::HTMLCanvasElement::removeObserver): Deleted.
        (WebCore::HTMLCanvasElement::cssCanvasClients): Deleted.
        (WebCore::HTMLCanvasElement::notifyObserversCanvasChanged): Deleted.
        * html/OffscreenCanvas.h:
        * html/canvas/CanvasRenderingContext.h:
        * html/canvas/CanvasRenderingContext.cpp:
        * html/canvas/CanvasRenderingContext2D.h:
        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::create):
        * html/canvas/CanvasRenderingContext2DBase.h:
        * html/canvas/ImageBitmapRenderingContext.h:
        * html/canvas/ImageBitmapRenderingContext.cpp:
        (WebCore::ImageBitmapRenderingContext::create):
        * html/canvas/WebGL2RenderingContext.h:
        * html/canvas/WebGL2RenderingContext.cpp:
        (WebCore::WebGL2RenderingContext::create):
        * html/canvas/WebGLRenderingContext.h:
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::create):
        * html/canvas/WebGLRenderingContextBase.h:
        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::create):
        * html/canvas/WebGPURenderingContext.cpp:
        (WebCore::WebGPURenderingContext::create):
        Instead of adding didCreateCanvasRenderingContext calls at the construction sites of each
        context, we can make the constructors private and force the usage of static `create` functions.
        This way, we have access to the fully constructed object and have a guaranteed path for creation.

        * html/CanvasBase.h:
        * html/CanvasBase.cpp:
        (WebCore::CanvasBase::~CanvasBase):
        (WebCore::CanvasBase::renderingContext const):
        (WebCore::CanvasBase::addObserver):
        (WebCore::CanvasBase::removeObserver):
        (WebCore::CanvasBase::notifyObserversCanvasChanged):
        (WebCore::CanvasBase::notifyObserversCanvasResized):
        (WebCore::CanvasBase::notifyObserversCanvasDestroyed):
        (WebCore::CanvasBase::cssCanvasClients const):
        * Modules/mediastream/CanvasCaptureMediaStreamTrack.h:
        * Modules/mediastream/CanvasCaptureMediaStreamTrack.cpp:
        (WebCore::CanvasCaptureMediaStreamTrack::Source::canvasDestroyed):
        (WebCore::CanvasCaptureMediaStreamTrack::Source::canvasResized):
        (WebCore::CanvasCaptureMediaStreamTrack::Source::canvasChanged):
        * css/CSSCanvasValue.h:
        Move the CanvasObserver class to CanvasBase so that it can also be used for OffscreenCanvas.

        * inspector/InspectorInstrumentation.h:
        (WebCore::InspectorInstrumentation::didChangeCSSCanvasClientNodes):
        (WebCore::InspectorInstrumentation::didCreateCanvasRenderingContext):
        (WebCore::InspectorInstrumentation::didChangeCanvasMemory):
        (WebCore::InspectorInstrumentation::recordCanvasAction):
        (WebCore::InspectorInstrumentation::didFinishRecordingCanvasFrame):
        (WebCore::InspectorInstrumentation::didEnableExtension):
        (WebCore::InspectorInstrumentation::didCreateProgram):
        (WebCore::InspectorInstrumentation::willDeleteProgram):
        (WebCore::InspectorInstrumentation::isShaderProgramDisabled):
        (WebCore::InspectorInstrumentation::consoleStartRecordingCanvas):
        (WebCore::InspectorInstrumentation::didCreateCSSCanvas): Deleted.
        * inspector/InspectorInstrumentation.cpp:
        (WebCore::InspectorInstrumentation::consoleStartRecordingCanvasImpl):
        (WebCore::InspectorInstrumentation::didChangeCSSCanvasClientNodesImpl):
        (WebCore::InspectorInstrumentation::didCreateCanvasRenderingContextImpl):
        (WebCore::InspectorInstrumentation::didChangeCanvasMemoryImpl):
        (WebCore::InspectorInstrumentation::didFinishRecordingCanvasFrameImpl):
        (WebCore::InspectorInstrumentation::didEnableExtensionImpl):
        (WebCore::InspectorInstrumentation::didCreateProgramImpl):
        (WebCore::InspectorInstrumentation::didCreateCSSCanvasImpl): Deleted.

        * inspector/agents/InspectorCanvasAgent.h:
        * inspector/agents/InspectorCanvasAgent.cpp:
        (WebCore::InspectorCanvasAgent::enable):
        (WebCore::InspectorCanvasAgent::requestNode):
        (WebCore::InspectorCanvasAgent::requestContent):
        (WebCore::InspectorCanvasAgent::requestCSSCanvasClientNodes):
        (WebCore::contextAsScriptValue):
        (WebCore::InspectorCanvasAgent::resolveCanvasContext):
        (WebCore::InspectorCanvasAgent::startRecording):
        (WebCore::InspectorCanvasAgent::stopRecording):
        (WebCore::InspectorCanvasAgent::updateShader):
        (WebCore::InspectorCanvasAgent::frameNavigated):
        (WebCore::InspectorCanvasAgent::didChangeCSSCanvasClientNodes):
        (WebCore::InspectorCanvasAgent::didCreateCanvasRenderingContext):
        (WebCore::InspectorCanvasAgent::didChangeCanvasMemory):
        (WebCore::InspectorCanvasAgent::recordCanvasAction):
        (WebCore::InspectorCanvasAgent::canvasDestroyed):
        (WebCore::InspectorCanvasAgent::didFinishRecordingCanvasFrame):
        (WebCore::InspectorCanvasAgent::consoleStartRecordingCanvas):
        (WebCore::InspectorCanvasAgent::didEnableExtension):
        (WebCore::InspectorCanvasAgent::didCreateProgram):
        (WebCore::InspectorCanvasAgent::canvasRecordingTimerFired):
        (WebCore::InspectorCanvasAgent::clearCanvasData):
        (WebCore::InspectorCanvasAgent::unbindCanvas):
        (WebCore::InspectorCanvasAgent::findInspectorCanvas):
        (WebCore::InspectorCanvasAgent::unbindProgram):
        (WebCore::InspectorCanvasAgent::didCreateCSSCanvas): Deleted.

        * inspector/InspectorCanvas.h:
        * inspector/InspectorCanvas.cpp:
        (WebCore::InspectorCanvas::create):
        (WebCore::InspectorCanvas::InspectorCanvas):
        (WebCore::InspectorCanvas::canvasElement):
        (WebCore::InspectorCanvas::resetRecordingData):
        (WebCore::InspectorCanvas::recordAction):
        (WebCore::InspectorCanvas::buildObjectForCanvas):
        (WebCore::InspectorCanvas::getCanvasContentAsDataURL):
        (WebCore::InspectorCanvas::buildInitialState):
        (WebCore::InspectorCanvas::~InspectorCanvas): Deleted.

        * inspector/InspectorShaderProgram.h:
        * inspector/InspectorShaderProgram.cpp:
        (WebCore::InspectorShaderProgram::context const):

        * page/PageConsoleClient.cpp:
        (WebCore::PageConsoleClient::record):
        (WebCore::PageConsoleClient::recordEnd):

        * dom/Document.h:
        * dom/Document.cpp:
        (WebCore::Document::getCSSCanvasElement):
        (WebCore::Document::nameForCSSCanvasElement const):
        We have no reason to save the CSS canvas name for each InspectorCanvas object, so instead we
        can just query for the name based on the CanvasRenderingContext's HTMLCanvasElement (assuming
        it is not an OffscreenCanvas) when we need it.

2018-01-04  Chris Fleizach  <cfleizach@apple.com>

        AX: Implement updated CSS3 Speech for 'speak' and 'speak-as' properties
        https://bugs.webkit.org/show_bug.cgi?id=180361

        Reviewed by Zalan Bujtas.

        Change speak -> speakAs, and allow a combination of properties.

        Tests: Updated accessibility/mac/css-speech-speak.html

        * accessibility/AccessibilityObject.h:
        (WebCore::AccessibilityObject::speakAsProperty const):
        (WebCore::AccessibilityObject::speakProperty const): Deleted.
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::speakAsProperty const):
        (WebCore::AccessibilityRenderObject::speakProperty const): Deleted.
        * accessibility/AccessibilityRenderObject.h:
        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper accessibilitySpeechHint]):
        * accessibility/mac/WebAccessibilityObjectWrapperBase.h:
        * accessibility/mac/WebAccessibilityObjectWrapperBase.mm:
        (-[WebAccessibilityObjectWrapperBase baseAccessibilitySpeechHint]):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::speakAsToCSSValue):
        (WebCore::ComputedStyleExtractor::propertyValue):
        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
        (WebCore::CSSPrimitiveValue::operator ESpeakAs const):
        (WebCore::CSSPrimitiveValue::operator ESpeak const): Deleted.
        * css/CSSProperties.json:
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertSpeakAs):
        * css/parser/CSSParserFastPaths.cpp:
        (WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue):
        (WebCore::CSSParserFastPaths::isKeywordPropertyID):
        * css/parser/CSSPropertyParser.cpp:
        (WebCore::consumeSpeakAs):
        (WebCore::CSSPropertyParser::parseSingleValue):
        * rendering/style/RenderStyle.h:
        (WebCore::RenderStyle::speakAs const):
        (WebCore::RenderStyle::setSpeakAs):
        (WebCore::RenderStyle::initialSpeakAs):
        (WebCore::RenderStyle::speak const): Deleted.
        (WebCore::RenderStyle::setSpeak): Deleted.
        (WebCore::RenderStyle::initialSpeak): Deleted.
        * rendering/style/RenderStyleConstants.h:
        (WebCore::operator| ):
        (WebCore::operator|= ):
        * rendering/style/StyleRareInheritedData.cpp:
        (WebCore::StyleRareInheritedData::StyleRareInheritedData):
        (WebCore::StyleRareInheritedData::operator== const):
        * rendering/style/StyleRareInheritedData.h:

2018-01-04  Brian Burg  <bburg@apple.com>

        Web Inspector: Capture Element Screenshot looks fuzzy
        https://bugs.webkit.org/show_bug.cgi?id=175734
        <rdar://problem/33803377>

        Reviewed by Joseph Pecoraro and Simon Fraser.

        Screenshots taken by Web Inspector were being downscaled from the
        internal size to the logical size, causing them to be blurry when
        later upscaled to the internal size.

        Replace ScaleBehavior { Scaled, Unscaled } with PreserveResolution { No, Yes }.
        This is a lot less confusing to read both inside ImageBuffer and at its use sites.

        Remove unused CoordinateSystem argument for ImageBuffer::toDataURL,
        and replace it with PreserveResolution. Plumb PreserveResolution into toCFData
        so that PreserveResolution::Yes will preserve the internal size of
        the image buffer, just as it does in other methods that take PreserveResolution.

        At the use site in InspectorPageAgent, always request PreserveResolution::Yes snapshots
        when taking an element screenshot. For now, keep using downscaled (smaller)
        snapshots when capturing canvas previews, as the previews are not full-size.

        Test: inspector/page/hidpi-snapshot-size.html

        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::makePresentationCopy):
        (WebCore::HTMLCanvasElement::copiedImage const):
        * html/canvas/CanvasRenderingContext2DBase.cpp:
        (WebCore::CanvasRenderingContext2DBase::createPattern):
        * inspector/agents/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::snapshotNode):
        (WebCore::InspectorPageAgent::snapshotRect):
        * page/TextIndicator.cpp:
        (WebCore::takeSnapshot):
        * platform/DragImage.cpp:
        (WebCore::createDragImageFromSnapshot):
        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::drawPattern):
        * platform/graphics/ImageBuffer.h:
        * platform/graphics/cairo/ImageBufferCairo.cpp:
        (WebCore::ImageBuffer::sinkIntoImage):
        (WebCore::ImageBuffer::copyImage const):
        (WebCore::ImageBuffer::toDataURL const):
        * platform/graphics/cg/ImageBufferCG.cpp:
        (WebCore::createBitmapImageAfterScalingIfNeeded):
        (WebCore::ImageBuffer::copyImage const):
        (WebCore::ImageBuffer::sinkIntoImage):
        (WebCore::ImageBuffer::toDataURL const):
        (WebCore::ImageBuffer::toData const):
        (WebCore::ImageBuffer::toCFData const):
        * platform/graphics/gtk/ImageBufferGtk.cpp:
        (WebCore::ImageBuffer::toDataURL const):
        * platform/graphics/win/ImageBufferDirect2D.cpp:
        (WebCore::ImageBuffer::copyImage const):
        (WebCore::ImageBuffer::sinkIntoImage):
        (WebCore::ImageBuffer::toDataURL const):
        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::drawPatternForContainer):

2018-01-04  John Wilander  <wilander@apple.com>

        Storage Access API: Turn feature on by default in Settings.yaml
        https://bugs.webkit.org/show_bug.cgi?id=181298
        <rdar://problem/36302506>

        Reviewed by Brent Fulgham.

        No new tests. This is just a feature settings change.

        * page/Settings.yaml:

2018-01-04  Zalan Bujtas  <zalan@apple.com>

        WebContent process crashes while loading https://www.classicspecs.com
        https://bugs.webkit.org/show_bug.cgi?id=181290
        <rdar://problem/36225906>

        Reviewed by Simon Fraser.

        Floats can overhang multiple blocks (they are called intruding floats).
        Each block keeps track of such intruding floats. When an overhanging float box is destroyed,
        we need to deregister it from all those blocks. We do it by walking up the ancestor block chain
        and check if the parent (grandparent etc) block still contains this float. Once we find the topmost block, 
        we start deregistering it by traversing back on the descendant blocks.
        Normally we do it in RenderElement::takeChildInternal right before the box is getting detached.
        However in certain cases (like when the float's parent happens to be an anonymous wrapper)
        by the time we get to ::takeChildInternal the subtree is already detached and we can't access all the
        ancestors.
        This patch ensure that the floating box is still attached during de-registration. 

        Test: fast/block/float/crash-when-intruding-float-has-anonymous-parent-and-detach.html

        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::removeFromParentAndDestroyCleaningUpAnonymousWrappers):

2018-01-04  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] Add Mock screen capture source
        https://bugs.webkit.org/show_bug.cgi?id=181291
        <rdar://problem/36298164>

        Reviewed by Dean Jackson.

        Tests:  http/tests/media/media-stream/get-display-media-prompt.html
                GetDisplayMediaTest.BasicPrompt
                GetDisplayMediaTest.Constraints

        * Modules/mediastream/MediaDevices.cpp:
        (WebCore::MediaDevices::MediaDevices): Add static_assert to ensure MediaDevices::DisplayCaptureSurfaceType
        and RealtimeMediaSourceSettings::DisplaySurfaceType values are equivalent.
        (WebCore::MediaDevices::getSupportedConstraints): Remove bogus code.
        * Modules/mediastream/MediaDevices.h: Add DisplayCaptureSurfaceType.
        * Modules/mediastream/MediaDevices.idl: Ditto.

        * Modules/mediastream/MediaStreamTrack.cpp:
        (WebCore::MediaStreamTrack::getSettings const): Add a FIXME.
        * Modules/mediastream/MediaStreamTrack.h: Add displaySurface and logicalSurface.

        * Modules/mediastream/MediaTrackSupportedConstraints.h: Remove displaySurface and logicalSurface.
        * Modules/mediastream/MediaTrackSupportedConstraints.idl:

        * SourcesCocoa.txt: Add DisplayCaptureManagerCocoa.cpp and DisplayCaptureSourceCocoa.cpp.

        * WebCore.xcodeproj/project.pbxproj: Ditto.

        * platform/mediastream/CaptureDevice.h:
        (WebCore::CaptureDevice::encode const): Add.
        (WebCore::CaptureDevice::decode):

        * platform/mediastream/RealtimeMediaSourceCenter.cpp:
        (WebCore::RealtimeMediaSourceCenter::getMediaStreamDevices): Include display capture "devices".
        (WebCore::RealtimeMediaSourceCenter::validateRequestConstraints): Deal with display capture devices.
        (WebCore::RealtimeMediaSourceCenter::captureDeviceWithPersistentID): Ditto.
        * platform/mediastream/RealtimeMediaSourceCenter.h:

        * platform/mediastream/RealtimeMediaSourceSettings.h:
        (WebCore::RealtimeMediaSourceSettings::displaySurface const): Return a DisplaySurfaceType.
        (WebCore::RealtimeMediaSourceSettings::setDisplaySurface): Take a DisplaySurfaceType.

        * platform/mediastream/mac/DisplayCaptureManagerCocoa.cpp:
        (WebCore::DisplayCaptureManagerCocoa::singleton):
        (WebCore::DisplayCaptureManagerCocoa::~DisplayCaptureManagerCocoa):
        (WebCore::DisplayCaptureManagerCocoa::captureDevices):
        (WebCore::DisplayCaptureManagerCocoa::screenCaptureDeviceWithPersistentID):
        (WebCore::DisplayCaptureManagerCocoa::captureDeviceWithPersistentID):
        * platform/mediastream/mac/DisplayCaptureManagerCocoa.h:

        * platform/mediastream/mac/DisplayCaptureSourceCocoa.cpp: Added.
        (WebCore::DisplayCaptureSourceCocoa::DisplayCaptureSourceCocoa):
        (WebCore::DisplayCaptureSourceCocoa::~DisplayCaptureSourceCocoa):
        (WebCore::DisplayCaptureSourceCocoa::capabilities const):
        (WebCore::DisplayCaptureSourceCocoa::settings const):
        (WebCore::DisplayCaptureSourceCocoa::settingsDidChange):
        (WebCore::DisplayCaptureSourceCocoa::startProducingData):
        (WebCore::DisplayCaptureSourceCocoa::stopProducingData):
        (WebCore::DisplayCaptureSourceCocoa::elapsedTime):
        (WebCore::DisplayCaptureSourceCocoa::applyFrameRate):
        (WebCore::DisplayCaptureSourceCocoa::emitFrame):
        * platform/mediastream/mac/DisplayCaptureSourceCocoa.h:

        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
        (WebCore::RealtimeMediaSourceCenterMac::displayCaptureDeviceManager): New.
        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.h:

        * platform/mock/MockRealtimeMediaSource.cpp:
        (WebCore::deviceMap): Add screen capture "devices".
        (WebCore::MockRealtimeMediaSource::displayDevices): New.
        * platform/mock/MockRealtimeMediaSource.h:

        * platform/mock/MockRealtimeMediaSourceCenter.cpp: Clean up includes.
        * platform/mock/MockRealtimeMediaSourceCenter.h:

        * platform/mock/MockRealtimeVideoSource.cpp:
        (WebCore::MockRealtimeVideoSource::MockRealtimeVideoSource): Mock two screen devices.
        (WebCore::MockRealtimeVideoSource::updateSettings): Deal with mock screens.
        (WebCore::MockRealtimeVideoSource::initializeCapabilities): Ditto.
        (WebCore::MockRealtimeVideoSource::initializeSupportedConstraints): Ditto.
        (WebCore::MockRealtimeVideoSource::drawText): Ditto.
        (WebCore::MockRealtimeVideoSource::generateFrame): Ditto.
        * platform/mock/MockRealtimeVideoSource.h:
        (WebCore::MockRealtimeVideoSource::mockCamera const):
        (WebCore::MockRealtimeVideoSource::mockScreen const):

2018-01-04  Youenn Fablet  <youenn@apple.com>

        FetchResponse should set its internal response text encoding name
        https://bugs.webkit.org/show_bug.cgi?id=181284

        Reviewed by Alex Christensen.

        Covered by rebased test.

        * Modules/fetch/FetchResponse.cpp:
        (WebCore::FetchResponse::create): Set response text encoding based on content type charset.

2018-01-04  John Wilander  <wilander@apple.com>

        Storage Access API: Remove JavaScript confirm() prompt from Document::requestStorageAccess()
        https://bugs.webkit.org/show_bug.cgi?id=181276
        <rdar://problem/36290463>

        Reviewed by Alex Christensen.

        No new tests. Existing test expectations updated.

        * dom/Document.cpp:
        (WebCore::Document::requestStorageAccess):

2018-01-04  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Issues with Ahem's ex / x-height
        https://bugs.webkit.org/show_bug.cgi?id=180581

        Reviewed by Michael Catanzaro.

        Get the x-height value from the TT_OS2 table if available.

        Fixes: fast/text/break-word-pre-wrap.html
               imported/w3c/web-platform-tests/css/css-shapes-1/shape-outside/values/shape-outside-shape-arguments-000.html

        * platform/graphics/freetype/SimpleFontDataFreeType.cpp:
        (WebCore::Font::platformInit):

2018-01-04  Philippe Normand  <pnormand@igalia.com>

        Unreviewed, GTK build fix attempt after r226357

        * platform/graphics/gstreamer/GStreamerUtilities.h: The
        GST_BUFFER_DTS_OR_PTS macro was added in GStreamer 1.8 but old
        versions of Debian might not have this release yet.

2018-01-04  Youenn Fablet  <youenn@apple.com>

        Implement Cache API partitioning based on ClientOrigin
        https://bugs.webkit.org/show_bug.cgi?id=181240

        Reviewed by Alex Christensen.

        Covered by updated tests.

        Previously, cache storage was partitioned according the origin of the client, represented as a String.
        We now partition according both client and top origins, represented as a ClientOrigin

        Minor refactoring to use more makePendingActivity.
        Added support for IPC serialization of ClientOrigin.
        Added SecurityOriginData::toString which is used by WebKit2 Cache Storage implementation.

        * Modules/cache/CacheStorageConnection.cpp:
        (WebCore::CacheStorageConnection::open):
        (WebCore::CacheStorageConnection::retrieveCaches):
        * Modules/cache/CacheStorageConnection.h:
        (WebCore::CacheStorageConnection::clearMemoryRepresentation):
        (WebCore::CacheStorageConnection::doOpen):
        (WebCore::CacheStorageConnection::doRetrieveCaches):
        * Modules/cache/DOMCacheStorage.cpp:
        (WebCore::DOMCacheStorage::origin const):
        (WebCore::DOMCacheStorage::retrieveCaches):
        (WebCore::DOMCacheStorage::open):
        (WebCore::DOMCacheStorage::remove):
        * Modules/cache/DOMCacheStorage.h:
        * Modules/cache/WorkerCacheStorageConnection.cpp:
        (WebCore::WorkerCacheStorageConnection::doOpen):
        (WebCore::WorkerCacheStorageConnection::doRetrieveCaches):
        * Modules/cache/WorkerCacheStorageConnection.h:
        * page/ClientOrigin.h:
        (WebCore::ClientOrigin::isolatedCopy const):
        (WebCore::ClientOrigin::encode const):
        (WebCore::ClientOrigin::decode):
        * page/SecurityOriginData.cpp:
        (WebCore::SecurityOriginData::toString const):
        (WebCore::SecurityOriginData::debugString const): Deleted.
        * page/SecurityOriginData.h:
        (WebCore::SecurityOriginData::debugString const):
        * testing/Internals.cpp:
        (WebCore::Internals::clearCacheStorageMemoryRepresentation):

2018-01-04  Youenn Fablet  <youenn@apple.com>

        Service Worker should expose redirect mode for navigation loads as manual
        https://bugs.webkit.org/show_bug.cgi?id=181067

        Reviewed by Alex Christensen.

        Covered by rebased tests.

        * loader/CrossOriginAccessControl.cpp: Removing ContentType header only if affecting CORS checks.
        This allows extending header filtering in service worker to all modes, including Navigate.
        * workers/service/context/ServiceWorkerFetch.cpp:
        (WebCore::ServiceWorkerFetch::dispatchFetchEvent): Ideally, document loading code should set redirect to manual.
        Since it is not the case yet and that would require changes to various places, manual is set before exposing the corresponding fetch event.

2018-01-04  Youenn Fablet  <youenn@apple.com>

        ServiceWorkerThreadProxy::postTaskForModeToWorkerGlobalScope should be a no-op if worker is being terminated
        https://bugs.webkit.org/show_bug.cgi?id=181245

        Reviewed by Alex Christensen.

        Stop appending tasks to a terminating worker and returning false in that case.
        This mirrors what is done for regular workers.

        * workers/service/context/SWContextManager.cpp:
        (WebCore::SWContextManager::terminateWorker):
        * workers/service/context/ServiceWorkerThreadProxy.cpp:
        (WebCore::ServiceWorkerThreadProxy::postTaskForModeToWorkerGlobalScope):
        * workers/service/context/ServiceWorkerThreadProxy.h:

2018-01-04  Youenn Fablet  <youenn@apple.com>

        Cancel pending script loads when service worker is being terminated
        https://bugs.webkit.org/show_bug.cgi?id=181250

        Reviewed by Alex Christensen.

        Covered by service worker tests no longer crashing in ASAN builds.

        * workers/WorkerScriptLoader.cpp:
        (WebCore::WorkerScriptLoader::notifyFinished): Clearing loader when finished.
        (WebCore::WorkerScriptLoader::cancel): Implementing cancel of a script loader by cancelling the underlying threadable loader.
        * workers/WorkerScriptLoader.h:
        * workers/service/ServiceWorkerContainer.cpp: Canceling loads of all pending jobs.
        (WebCore::ServiceWorkerContainer::stop):
        * workers/service/ServiceWorkerJob.cpp:
        (WebCore::ServiceWorkerJob::cancelPendingLoad):
        * workers/service/ServiceWorkerJob.h:

2018-01-04  Youenn Fablet  <youenn@apple.com>

        Implement  https://fetch.spec.whatwg.org/#main-fetch default referrer policy setting
        https://bugs.webkit.org/show_bug.cgi?id=181239

        Reviewed by Alex Christensen.

        Covered by updated and rebased test.

        Setting the request referrer policy to the Document referrer policy if no one is set.
        If Document has no referrer policy, use no-referrer-when-downgrade as per the spec.

        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::updateHTTPRequestHeaders):
        (WebCore::CachedResourceLoader::requestResource):
        * loader/cache/CachedResourceLoader.h:
        * loader/cache/CachedResourceRequest.cpp:
        (WebCore::CachedResourceRequest::updateReferrerPolicy):
        (WebCore::CachedResourceRequest::updateReferrerOriginAndUserAgentHeaders):
        * loader/cache/CachedResourceRequest.h:

2018-01-03  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Attachment Support] Create attachment elements when dropping files on iOS
        https://bugs.webkit.org/show_bug.cgi?id=181192
        <rdar://problem/36280945>

        Reviewed by Tim Horton.

        Implements support for dropping data as attachment elements on iOS. See comments below for more detail.

        Tests:  WKAttachmentTests.InsertDroppedRichAndPlainTextFilesAsAttachments
                WKAttachmentTests.InsertDroppedZipArchiveAsAttachment
                WKAttachmentTests.InsertDroppedItemProvidersInOrder

        * WebCore.xcodeproj/project.pbxproj:
        * editing/WebContentReader.cpp:
        (WebCore::WebContentReader::ensureFragment):

        Add a new helper to create the WebContentReader's fragment, if it hasn't already been created.

        * editing/WebContentReader.h:
        * editing/cocoa/WebContentReaderCocoa.mm:
        (WebCore::WebContentReader::readFilePaths):

        Rename readFilenames to readFilePaths (which better reflects its parameters, which are file paths). Also, move
        the implementation of readFilePaths to shared iOS/macOS code in WebContentReaderCocoa, and remove the stub
        implementation on iOS.

        There's a bit of code here that I kept macOS-only which deals with inserting file paths as plain text in
        editable areas, but it's unclear to me why and if WebKit clients currently find this useful, so I left a FIXME
        to investigate removing this altogether. Code for handling this plain text insertion of file paths on Mac was
        introduced in r67403.

        * editing/ios/WebContentReaderIOS.mm:
        (WebCore::WebContentReader::readFilenames): Deleted.
        * editing/mac/WebContentReaderMac.mm:
        (WebCore::WebContentReader::readFilenames): Deleted.
        * page/mac/DragControllerMac.mm:
        (WebCore::DragController::updateSupportedTypeIdentifiersForDragHandlingMethod const):

        Teach DragController to accept all types conforming to "public.item" and "public.content" on iOS, only when
        attachment elements are enabled. This allows us to load content from item providers that we otherwise would not
        have loaded, since we now have the ability to fall back to attachment element insertion if the type is not have
        a default representation using standard web content.

        * platform/Pasteboard.h:
        * platform/PasteboardItemInfo.h: Added.
        (WebCore::PasteboardItemInfo::encode const):
        (WebCore::PasteboardItemInfo::decode):

        Add PasteboardItemInfo, a struct that describes an item on the pasteboard. Also, implement encoding and decoding
        support for PasteboardItemInfo. So far, the item info only describes file information about the pasteboard item,
        and flags indicating whether the item prefers attachment or inline presentation.

        * platform/PasteboardStrategy.h:

        Replace getFilenamesForDataInteraction with informationForItemAtIndex. Instead of returning all of the file
        paths associated with any item on the pasteboard, fetch a PasteboardItemInfo at a given item index, which
        includes information about the file path as well as some other metadata we'll need when deciding how to read
        pasteboard contents as a document fragment.

        * platform/PlatformPasteboard.h:
        * platform/cocoa/PasteboardCocoa.mm:
        (WebCore::Pasteboard::read):
        * platform/ios/AbstractPasteboard.h:
        * platform/ios/PasteboardIOS.mm:
        (WebCore::Pasteboard::read):
        (WebCore::Pasteboard::readRespectingUTIFidelities):

        Teach the iOS Pasteboard to read web content using attachment elements, if enabled. There are two scenarios in
        which we would want to insert an attachment element:
        (1) The item provider uses a preferred presentation style of attachment, in which case we bail out of trying to
            handle the drop using the default mechanisms, and simply insert it as an attachment. We need this to deal
            with the case where we drop text or HTML files from the Files app, so that we don't try and insert the
            contents of the text or HTML as inline web content.
        (2) The item provider doesn't have a preferred attachment presentation style, but there's nothing WebKit would
            otherwise do with the dropped content, so insert an attachment element as a fallback. Examples where this is
            relevant are dropping a PDF or ZIP archive without attachment presentation style explicitly set.
        We first check if we fall into case (1). If so, we can bail early by inserting an attachment; otherwise, we
        proceed normally and see if we can read the contents of the drop as web content. If, at the end of default drop
        handling, we don't still have a way to represent the dropped content, enter case (2).

        (WebCore::Pasteboard::readFilePaths):
        (WebCore::Pasteboard::readFilenames): Deleted.

        Rename readFilenames to readFilePaths, and reimplement it using informationForItemAtIndex.

        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::pasteboardItemPresentationStyle):
        (WebCore::PlatformPasteboard::informationForItemAtIndex):
        (WebCore::PlatformPasteboard::filenamesForDataInteraction): Deleted.

        Implement informationForItemAtIndex and remove filenamesForDataInteraction. As before, we ask the pasteboard
        (i.e. WebItemProviderPasteboard) for information about dropped file URLs. This time, we limit this to a single
        file, so we don't end up creating multiple attachment elements for each representation of a single item
        provider. See below for -preferredFileUploadURLAtIndex:fileType: for more detail.

        * platform/ios/WebItemProviderPasteboard.h:
        * platform/ios/WebItemProviderPasteboard.mm:
        (-[WebItemProviderLoadResult initWithItemProvider:typesToLoad:]):
        (-[WebItemProviderLoadResult canBeRepresentedAsFileUpload]):

        Remove this synthesized instance variable and instead just check the item provider's preferredPresentationStyle.

        (-[WebItemProviderLoadResult description]):

        Add a verbose -description to the load result object. Useful for debugging what was content was loaded from an
        item provider on drop.

        (-[WebItemProviderPasteboard preferredFileUploadURLAtIndex:fileType:]):

        Return the highest fidelity loaded type identifier for a given item.

        (-[WebItemProviderPasteboard allDroppedFileURLs]):
        (-[WebItemProviderPasteboard typeIdentifiersToLoadForRegisteredTypeIdentfiers:]):

        Prefer flat RTFD to RTFD. In the case where attachments are enabled and we're accepting all types of content
        using attachment elements as a fallback representation, if the source writes attributed strings to the
        pasteboard with com.apple.rtfd at a higher fidelity than com.apple.flat-rtfd, we'll end up loading only
        com.apple.rtfd and dropping the text as an attachment element because we cannot convert the dropped content to
        markup. Instead, if flat RTFD is present in the item provider, always prefer that over RTFD so that dropping as
        regular web content isn't overridden when attachment elements are enabled.

        (-[WebItemProviderPasteboard doAfterLoadingProvidedContentIntoFileURLs:synchronousTimeout:]):
        (-[WebItemProviderPasteboard droppedFileURLs]): Deleted.
        * platform/mac/DragDataMac.mm:
        (WebCore::DragData::containsCompatibleContent const):

        DragData::containsCompatibleContent should be true when attachment elements are enabled, and there are files we
        can drop as attachment elements.

        * platform/mac/PasteboardMac.mm:
        (WebCore::Pasteboard::read):
        (WebCore::Pasteboard::readFilePaths):
        (WebCore::Pasteboard::readFilenames): Deleted.

2018-01-03  Ting-Wei Lan  <lantw44@gmail.com>

        Replace hard-coded paths in shebangs with #!/usr/bin/env
        https://bugs.webkit.org/show_bug.cgi?id=181040

        Reviewed by Alex Christensen.

        * bindings/scripts/InFilesCompiler.pm:
        * bindings/scripts/InFilesParser.pm:
        * bindings/scripts/generate-bindings-all.pl:
        * bindings/scripts/generate-bindings.pl:
        * bindings/scripts/preprocess-idls.pl:
        * css/make-css-file-arrays.pl:
        * css/makeprop.pl:
        * css/makevalues.pl:
        * dom/make_event_factory.pl:
        * dom/make_names.pl:
        * extract-localizable-strings.pl:
        * make-hash-tools.pl:

2018-01-03  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Attachment Support] Add plumbing for starting a drag with promised blob data
        https://bugs.webkit.org/show_bug.cgi?id=181201

        Reviewed by Tim Horton.

        Adds logic to allow dragging an attachment element as a file by sending promised blob information to the UI
        process. See comments below for more detail.

        The only change in behavior is that dragging an attachment element will no longer write web content and injected
        bundle data to the pasteboard if the attachment element's file attribute is nonnull. This will cause one
        existing WK1 layout test to fail, but will otherwise not affect any attachment editing clients. On iOS,
        attachment elements in the Mail viewer can be dragged, but each attachment's file is null, so we fall back to
        current behavior; on macOS, Mail currently overrides the drag completely, beginning at -mouseDown:, so this
        doesn't make a difference to macOS Mail either.

        * editing/Editor.h:
        * editing/cocoa/EditorCocoa.mm:
        (WebCore::Editor::getPasteboardTypesAndDataForAttachment):

        Add a helper method to retrieve an attachment element as web archive data, for moving attachments within the
        same document. Also gives the injected editor bundle a chance to supply custom pasteboard types.

        * loader/EmptyClients.cpp:
        * page/DragClient.h:
        (WebCore::DragClient::prepareToDragPromisedBlob):

        Add new DragClient methods to send information about a promised blob to the UI process.

        * page/DragController.cpp:
        (WebCore::DragController::startDrag):

        Call dragAttachmentElement when starting a drag on an attachment element.

        (WebCore::DragController::dragAttachmentElement):

        Try to begin dragging a given attachment element, propagating promised blob information to the client layers.
        Returns true iff the attachment is backed by blob data (i.e. the file is nonnull).

        * platform/PromisedBlobInfo.h:

        Add a list of additional types and data to PromisedBlobInfo. In addition to the promised blob info, this would
        allow injected bundle data and other private types alongside the main attachment data on the pasteboard.

2018-01-03  Simon Fraser  <simon.fraser@apple.com>

        Remove the 'resolutionScale' parameter from ImageBufferDataCG get/putBytes
        https://bugs.webkit.org/show_bug.cgi?id=181268

        Reviewed by Alex Christensen.

        These functions were always called with resolutionScale=1.

        * platform/graphics/cg/ImageBufferCG.cpp:
        (WebCore::ImageBuffer::getUnmultipliedImageData const):
        (WebCore::ImageBuffer::getPremultipliedImageData const):
        (WebCore::ImageBuffer::putByteArray):
        * platform/graphics/cg/ImageBufferDataCG.cpp:
        (WebCore::ImageBufferData::getData const):
        (WebCore::ImageBufferData::putData):
        (WebCore::affineWarpBufferData): Deleted.
        * platform/graphics/cg/ImageBufferDataCG.h:

2018-01-03  John Wilander  <wilander@apple.com>

        Storage Access API: Refactor XPC for access removal to go straight from the web process to the network process
        https://bugs.webkit.org/show_bug.cgi?id=181270
        <rdar://problem/36289544>

        Reviewed by Alex Christensen.

        No new tests. Existing test re-enabled.

        This change refactors how the web process tells the network process
        to remove storage access. Previously, this was done over the UI process
        just like requests for storage access. But since no further reasoning
        is needed, the message should go straight from the web process to the
        network process for performance reasons and to minimize the risk of a
        race.

        As a consequence, the XPC code for storage access removal in the UI
        process is deleted.

        * platform/network/cf/NetworkStorageSessionCFNet.cpp:
        (WebCore::NetworkStorageSession::cookieStoragePartition const):
            Removes the storageAccessAPIEnabled check since the flag
            doesn't get propagated when the network process is created.
            Figuring this out will take some work which is unnecessary
            when we already gate access to the feature in Document.idl.

2018-01-03  James Craig  <jcraig@apple.com>

        AX: when invert colors is on, double-invert certain media elements in UserAgentStyleSheet
        https://bugs.webkit.org/show_bug.cgi?id=168447
        <rdar://problem/30559874>

        Reviewed by Simon Fraser.

        Double-invert video when platform 'invert colors' setting is enabled. Behavior matches 
        current 'Smart Invert' feature of Safari Reader on macOS/iOS and other iOS native apps.

        Tests: accessibility/smart-invert-reference.html
               accessibility/smart-invert.html

        * Modules/modern-media-controls/controls/media-controls.css:
        (@media (inverted-colors)):
        (:host):
        (picture):
        * css/html.css:
        (@media (inverted-colors)):
        (video):

2018-01-03  Youenn Fablet  <youenn@apple.com>

        LayoutTest http/tests/media/media-stream/disconnected-frame.html to consistently fail an assertion: !m_adoptionIsRequired
        https://bugs.webkit.org/show_bug.cgi?id=181264

        Reviewed by Eric Carlson.

        Covered by http/tests/media/media-stream/disconnected-frame.html not crashing anymore in Debug builds.
        Calling suspendIfNeeded in create method instead of constructor.

        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::UserMediaRequest::create):
        (WebCore::UserMediaRequest::UserMediaRequest):

2018-01-03  Antti Koivisto  <antti@apple.com>

        Remove DeprecatedCSSOMValue::equals
        https://bugs.webkit.org/show_bug.cgi?id=181241

        Reviewed by Zalan Bujtas.

        This is dead code.

        * css/DeprecatedCSSOMValue.cpp:
        (WebCore::compareCSSOMValues): Deleted.
        (WebCore::DeprecatedCSSOMValue::equals const): Deleted.
        * css/DeprecatedCSSOMValue.h:
        (WebCore::DeprecatedCSSOMValue::operator== const): Deleted.
        (WebCore::DeprecatedCSSOMComplexValue::equals const): Deleted.
        * css/DeprecatedCSSOMValueList.cpp:
        (WebCore::DeprecatedCSSOMValueList::equals const): Deleted.
        * css/DeprecatedCSSOMValueList.h:

2018-01-03  Simon Fraser  <simon.fraser@apple.com>

        feLighting is broken with primitiveUnits="objectBoundingBox"
        https://bugs.webkit.org/show_bug.cgi?id=181197

        Reviewed by Tim Horton.

        With <filter primitiveUnits="objectBoundingBox"> we need to convert the coordinates
        of fePointLights and feSpotLights into user space coordinates. Following
        https://www.w3.org/TR/SVG/filters.html#FilterElementPrimitiveUnitsAttribute
        this is done by treating them as fractions of the bounding box on the referencing
        element, with treatment for z following https://www.w3.org/TR/SVG/coords.html#Units_viewport_percentage
        
        To do this, store the bounds of the referencing elemenet on SVGFilterBuilder as
        targetBoundingBox, and store the primitiveUnits type. Then do the conversion of lighting
        coordinates in SVGFESpecularLightingElement::build() and SVGFEDiffuseLightingElement::build().

        Remove SVGFELightElement::findLightSource(), since we need to be able to pass the SVGFilterBuilder
        to the lightSource() function so hoist the code up.

        Tests: svg/filters/feDiffuseLighting-fePointLight-primitiveUnits-objectBoundingBox-expected.svg
               svg/filters/feDiffuseLighting-fePointLight-primitiveUnits-objectBoundingBox.svg
               svg/filters/feDiffuseLighting-feSpotLight-primitiveUnits-objectBoundingBox-expected.svg
               svg/filters/feDiffuseLighting-feSpotLight-primitiveUnits-objectBoundingBox.svg
               svg/filters/feSpecularLighting-fePointLight-primitiveUnits-objectBoundingBox-expected.svg
               svg/filters/feSpecularLighting-fePointLight-primitiveUnits-objectBoundingBox.svg

        * rendering/svg/RenderSVGResourceFilter.cpp:
        (WebCore::RenderSVGResourceFilter::buildPrimitives const):
        * svg/SVGFEDiffuseLightingElement.cpp:
        (WebCore::SVGFEDiffuseLightingElement::build):
        * svg/SVGFEDistantLightElement.cpp:
        (WebCore::SVGFEDistantLightElement::lightSource const):
        * svg/SVGFEDistantLightElement.h:
        * svg/SVGFELightElement.cpp:
        (WebCore::SVGFELightElement::findLightSource): Deleted.
        * svg/SVGFELightElement.h:
        * svg/SVGFEPointLightElement.cpp:
        (WebCore::SVGFEPointLightElement::lightSource const):
        * svg/SVGFEPointLightElement.h:
        * svg/SVGFESpecularLightingElement.cpp:
        (WebCore::SVGFESpecularLightingElement::build):
        * svg/SVGFESpotLightElement.cpp:
        (WebCore::SVGFESpotLightElement::lightSource const):
        * svg/SVGFESpotLightElement.h:
        * svg/graphics/filters/SVGFilterBuilder.h:
        (WebCore::SVGFilterBuilder::setTargetBoundingBox):
        (WebCore::SVGFilterBuilder::targetBoundingBox const):
        (WebCore::SVGFilterBuilder::primitiveUnits const):
        (WebCore::SVGFilterBuilder::setPrimitiveUnits):

2018-01-03  Antti Koivisto  <antti@apple.com>

        Crash beneath CSSValue::equals @ csas.cz
        https://bugs.webkit.org/show_bug.cgi?id=181243
        <rdar://problem/35990826>

        Reviewed by Alex Christensen.

        Test: fast/text/oblique-degree-equals-crash.html

        * css/CSSFontStyleValue.cpp:
        (WebCore::CSSFontStyleValue::equals const):

        Null check both oblique pointers.

2018-01-03  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Slow open time enumerating system fonts (FontCache::systemFontFamilies)
        https://bugs.webkit.org/show_bug.cgi?id=180979
        <rdar://problem/36146670>

        Reviewed by Matt Baker.

        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (fontNameIsSystemFont):
        (WebCore::FontCache::systemFontFamilies):
        Switch to the original Mac algorithm before r180979 that uses
        CTFontManagerCopyAvailableFontFamilyNames. Previously this wasn't
        available on iOS but now it is. This is a performance improvement on
        both platforms, but significantly so on macOS. It also finds more,
        valid, family names.

2018-01-03  Michael Catanzaro  <mcatanzaro@igalia.com>

        ASSERTION FAILED: !source || is<Target>(*source) in CoordinatedGraphicsLayer::removeFromParent
        https://bugs.webkit.org/show_bug.cgi?id=166568

        Reviewed by Simon Fraser.

        When a GraphicsLayer has a mask layer, it fails to properly unparent the mask layer before
        it is destroyed. This leaves the mask layer with a dangling parent pointer. Fix it, while
        taking care not to introduce yet another virtual function call during the execution of the
        destructor.

        * platform/graphics/GraphicsLayer.cpp:
        (WebCore::GraphicsLayer::willBeDestroyed):

2018-01-03  Simon Fraser  <simon.fraser@apple.com>

        SVG lighting filter lights are in the wrong coordinate system
        https://bugs.webkit.org/show_bug.cgi?id=181147

        Reviewed by Zalan Bujtas.

        Point and spot light coordinates weren't being converted into buffer-relative
        coordinates before being fed into the lighting math, resulting in incorrect light
        rendering on Retina devices, and when the filter primitive region was clipped.

        Fix by storing absoluteUnclippedSubregion on FilterEffect, which allows us to map
        lighting points from user space coordinates into the coordinates of the buffer being
        used for rendering. Also scale the light z coordinate by doing a dummy point mapping in x.

        Rename members of PointLightSource and SpotLightSource to make it clear which coordinate
        system they are in.

        Tests include HiDPI tests.

        Tests: svg/filters/fePointLight-coordinates-expected.svg
               svg/filters/fePointLight-coordinates.svg
               svg/filters/feSpotLight-coordinates-expected.svg
               svg/filters/feSpotLight-coordinates.svg
               svg/filters/hidpi/fePointLight-coordinates-expected.svg
               svg/filters/hidpi/fePointLight-coordinates.svg
               svg/filters/hidpi/feSpotLight-coordinates-expected.svg
               svg/filters/hidpi/feSpotLight-coordinates.svg

        * platform/graphics/FloatPoint3D.h: Make it easy to get and set the X and Y coords as a FloatPoint.
        (WebCore::FloatPoint3D::xy const):
        (WebCore::FloatPoint3D::setXY):
        * platform/graphics/GeometryUtilities.cpp:
        (WebCore::mapPoint):
        (WebCore::mapRect):
        * platform/graphics/GeometryUtilities.h: Helper to make a point between rects.
        * platform/graphics/filters/DistantLightSource.cpp:
        (WebCore::DistantLightSource::initPaintingData):
        * platform/graphics/filters/DistantLightSource.h:
        * platform/graphics/filters/FELighting.cpp:
        (WebCore::FELighting::drawLighting):
        * platform/graphics/filters/FilterEffect.cpp:
        (WebCore::FilterEffect::mapPointFromUserSpaceToBuffer const):
        * platform/graphics/filters/FilterEffect.h:
        (WebCore::FilterEffect::setUnclippedAbsoluteSubregion):
        * platform/graphics/filters/LightSource.h:
        * platform/graphics/filters/PointLightSource.cpp:
        (WebCore::PointLightSource::initPaintingData):
        (WebCore::PointLightSource::computePixelLightingData const):
        (WebCore::PointLightSource::setX):
        (WebCore::PointLightSource::setY):
        (WebCore::PointLightSource::setZ):
        * platform/graphics/filters/PointLightSource.h:
        (WebCore::PointLightSource::position const):
        (WebCore::PointLightSource::PointLightSource):
        * platform/graphics/filters/SpotLightSource.cpp:
        (WebCore::SpotLightSource::initPaintingData):
        (WebCore::SpotLightSource::computePixelLightingData const):
        (WebCore::SpotLightSource::setX):
        (WebCore::SpotLightSource::setY):
        (WebCore::SpotLightSource::setZ):
        (WebCore::SpotLightSource::setPointsAtX):
        (WebCore::SpotLightSource::setPointsAtY):
        (WebCore::SpotLightSource::setPointsAtZ):
        * platform/graphics/filters/SpotLightSource.h:
        (WebCore::SpotLightSource::position const):
        (WebCore::SpotLightSource::direction const):
        (WebCore::SpotLightSource::SpotLightSource):
        * rendering/svg/RenderSVGResourceFilter.cpp:
        (WebCore::RenderSVGResourceFilter::buildPrimitives const):
        * rendering/svg/RenderSVGResourceFilterPrimitive.cpp:
        (WebCore::RenderSVGResourceFilterPrimitive::determineFilterPrimitiveSubregion):

2018-01-03  Youenn Fablet  <youenn@apple.com>

        Select service worker for documents with data/blob URLS
        https://bugs.webkit.org/show_bug.cgi?id=181213

        Reviewed by Alex Christensen.

        Covered by updated test.

        Reusing the service worker of the parent for blob/data URL documents.

        * loader/DocumentLoader.cpp:
        (WebCore::isLocalURL):
        (WebCore::DocumentLoader::commitData):

2018-01-03  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r226352.

        Breaks Sierra and El Capitan builds.

        Reverted changeset:

        "Web Inspector: Slow open time enumerating system fonts
        (FontCache::systemFontFamilies)"
        https://bugs.webkit.org/show_bug.cgi?id=180979
        https://trac.webkit.org/changeset/226352

2018-01-03  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] The bus synchronous handler should be in the base player class
        https://bugs.webkit.org/show_bug.cgi?id=181237

        Reviewed by Carlos Garcia Campos.

        Because this is where video rendering is handled.

        No new tests, this is only a refactoring.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::setPipeline):

2018-01-03  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] move MediaSample implementation out of mse/
        https://bugs.webkit.org/show_bug.cgi?id=179165

        Reviewed by Carlos Garcia Campos.

        This module isn't specific to MSE and can potentially be reused
        elsewhere, for WebRTC for instance. Additionally the
        ::platformSample() method was implemented and the code was cleaned up.

        * platform/GStreamer.cmake:
        * platform/MediaSample.h:
        * platform/graphics/gstreamer/GStreamerMediaSample.cpp: Renamed from Source/WebCore/platform/graphics/gstreamer/mse/GStreamerMediaSample.cpp.
        (WebCore::GStreamerMediaSample::platformSample):
        * platform/graphics/gstreamer/GStreamerMediaSample.h: Renamed from Source/WebCore/platform/graphics/gstreamer/mse/GStreamerMediaSample.h.
        * platform/graphics/gstreamer/mse/PlaybackPipeline.cpp:
        (WebCore::PlaybackPipeline::enqueueSample):

2018-01-03  Carlos Garcia Campos  <cgarcia@igalia.com>

        Unreviewed. Fix resource load stats tests on GLib based ports after r226355.

        The monitor can be created in the work queue thread too.

        * platform/glib/FileMonitorGLib.cpp:
        (WebCore::FileMonitor::FileMonitor):

2018-01-03  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Crash destroying WebCore::FileMonitor
        https://bugs.webkit.org/show_bug.cgi?id=181138

        Reviewed by Michael Catanzaro.

        Ensure that platform file monitor is always created and destroyed in the work queue thread synchronously.

        * platform/FileMonitor.h:
        * platform/glib/FileMonitorGLib.cpp:
        (WebCore::FileMonitor::FileMonitor):
        (WebCore::FileMonitor::~FileMonitor):
        (WebCore::FileMonitor::didChange):

2018-01-02  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Slow open time enumerating system fonts (FontCache::systemFontFamilies)
        https://bugs.webkit.org/show_bug.cgi?id=180979
        <rdar://problem/36146670>

        Reviewed by Matt Baker.

        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::FontCache::systemFontFamilies):
        Switch to the original Mac algorithm before r180979 that uses
        CTFontManagerCopyAvailableFontFamilyNames. Previously this wasn't
        available on iOS but now it is. This is a performance improvement on
        both platforms, but significantly so on macOS. It also finds more,
        valid, family names.

2018-01-02  Yusuke Suzuki  <utatane.tea@gmail.com>

        Unreviewed, fix GCC warning by using #include
        https://bugs.webkit.org/show_bug.cgi?id=181189

        This file is included in C++ files. Use #include instead of #import to suppress warning in GCC.

        * platform/PromisedBlobInfo.h:

2017-12-28  Yusuke Suzuki  <utatane.tea@gmail.com>

        Remove std::chrono completely
        https://bugs.webkit.org/show_bug.cgi?id=181186

        Reviewed by Alex Christensen.

        Use MonotonicTime, WallTime, and Seconds instead.
        Changes are mechanical ones. But persistent network cache data is changed.
        So we bump the version number of the cache storage.

        * Modules/indexeddb/server/IDBServer.cpp:
        (WebCore::IDBServer::IDBServer::closeAndDeleteDatabasesModifiedSince):
        (WebCore::IDBServer::removeAllDatabasesForOriginPath):
        (WebCore::IDBServer::IDBServer::performCloseAndDeleteDatabasesModifiedSince):
        (WebCore::IDBServer::IDBServer::performCloseAndDeleteDatabasesForOrigins):
        * Modules/indexeddb/server/IDBServer.h:
        * Modules/webdatabase/DatabaseTracker.cpp:
        (WebCore::DatabaseTracker::deleteDatabasesModifiedSince):
        * Modules/webdatabase/DatabaseTracker.h:
        * dom/Document.cpp:
        (WebCore::Document::lastModified):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::clearMediaCache):
        * html/HTMLMediaElement.h:
        (WebCore::HTMLMediaElement::clearMediaCache):
        * loader/CrossOriginPreflightResultCache.cpp:
        (WebCore::parseAccessControlMaxAge):
        (WebCore::CrossOriginPreflightResultCacheItem::parse):
        (WebCore::CrossOriginPreflightResultCacheItem::allowsRequest const):
        * loader/CrossOriginPreflightResultCache.h:
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::CachedResource):
        (WebCore::CachedResource::freshnessLifetime const):
        (WebCore::CachedResource::responseReceived):
        (WebCore::CachedResource::updateResponseAfterRevalidation):
        * loader/cache/CachedResource.h:
        * platform/FileSystem.cpp:
        (WebCore::FileSystem::getFileModificationTime):
        * platform/FileSystem.h:
        * platform/SearchPopupMenu.h:
        * platform/cocoa/SearchPopupMenuCocoa.h:
        * platform/cocoa/SearchPopupMenuCocoa.mm:
        (WebCore::toSystemClockTime):
        (WebCore::toNSDateFromSystemClock):
        (WebCore::removeRecentlyModifiedRecentSearches):
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::clearMediaCache):
        * platform/graphics/MediaPlayer.h:
        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::clearMediaCache):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::toSystemClockTime):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::clearMediaCache):
        * platform/graphics/mac/MediaPlayerPrivateQTKit.h:
        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
        (WebCore::MediaPlayerPrivateQTKit::clearMediaCache):
        * platform/network/CacheValidation.cpp:
        (WebCore::computeCurrentAge):
        (WebCore::computeFreshnessLifetimeForHTTPFamily):
        (WebCore::updateRedirectChainStatus):
        (WebCore::redirectChainAllowsReuse):
        (WebCore::parseCacheControlDirectives):
        * platform/network/CacheValidation.h:
        (WebCore::RedirectChainCacheStatus::RedirectChainCacheStatus):
        * platform/network/HTTPParsers.cpp:
        (WebCore::parseHTTPDate):
        * platform/network/HTTPParsers.h:
        * platform/network/PlatformCookieJar.h:
        * platform/network/ResourceResponseBase.cpp:
        (WebCore::ResourceResponseBase::cacheControlMaxAge const):
        (WebCore::parseDateValueInHeader):
        (WebCore::ResourceResponseBase::date const):
        (WebCore::ResourceResponseBase::age const):
        (WebCore::ResourceResponseBase::expires const):
        (WebCore::ResourceResponseBase::lastModified const):
        * platform/network/ResourceResponseBase.h:
        * platform/network/cf/CookieJarCFNet.cpp:
        (WebCore::deleteAllCookiesModifiedSince):
        * platform/network/curl/CookieJarCurl.cpp:
        (WebCore::CookieJarCurlFileSystem::deleteAllCookiesModifiedSince):
        (WebCore::deleteAllCookiesModifiedSince):
        * platform/network/curl/CookieJarCurl.h:
        * platform/network/curl/CurlCacheEntry.cpp:
        (WebCore::CurlCacheEntry::CurlCacheEntry):
        (WebCore::CurlCacheEntry::isCached):
        (WebCore::CurlCacheEntry::parseResponseHeaders):
        * platform/network/curl/CurlCacheEntry.h:
        * platform/network/mac/CookieJarMac.mm:
        (WebCore::deleteAllCookiesModifiedSince):
        * platform/network/soup/CookieJarSoup.cpp:
        (WebCore::deleteAllCookiesModifiedSince):
        * platform/win/SearchPopupMenuWin.cpp:
        (WebCore::SearchPopupMenuWin::loadRecentSearches):
        * rendering/RenderSearchField.cpp:
        (WebCore::RenderSearchField::addSearchResult):

2018-01-02  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Attachment Support] Introduce data structures and IPC support for writing promised blobs
        https://bugs.webkit.org/show_bug.cgi?id=181189

        Reviewed by Tim Horton.

        Introduces a new header containing structs to be used for writing blob data when dragging. PromisedBlobInfo
        represents information needed to declare data on the pasteboard that will eventually be provided via a Blob.
        This includes the type and filename of the Blob-backed content. PromisedBlobData represents information needed
        to actually deliver the Blob's content to the platform, and is sent some time after its corresponding
        PromisedBlobInfo. The content may either be in the form of a file path (as is the case using the previous
        declareAndWriteAttachment codepath) or a data buffer (which we would use if the Blob is not already backed by a
        file on disk).

        No new tests, since there is no observable change in functionality yet.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/PromisedBlobInfo.h: Added.
        (WebCore::PromisedBlobInfo::operator bool const):
        (WebCore::PromisedBlobData::hasData const):
        (WebCore::PromisedBlobData::hasFile const):
        (WebCore::PromisedBlobData::operator bool const):
        (WebCore::PromisedBlobData::fulfills const):

2018-01-02  Brady Eidson  <beidson@apple.com>

        Make MessagePortChannel::takeAllMessagesFromRemote asynchronous.
        https://bugs.webkit.org/show_bug.cgi?id=181205

        Reviewed by Alex Christensen.

        No new tests (No behavior change)

        This is needed for the ongoing WK2 MessagePort work.

        For WK1 in-process MessagePorts it is still synchronous; no behavior change.

        * dom/InProcessMessagePortChannel.cpp:
        (WebCore::InProcessMessagePortChannel::takeAllMessagesFromRemote):
        * dom/InProcessMessagePortChannel.h:

        * dom/MessagePort.cpp:
        (WebCore::MessagePort::dispatchMessages):
        * dom/MessagePortChannel.h:

2018-01-02  Jiewen Tan  <jiewen_tan@apple.com>

        Add a WebAuthentication runtime feature flag
        https://bugs.webkit.org/show_bug.cgi?id=181220
        <rdar://problem/36055305>

        Reviewed by Brent Fulgham.

        This patch basically renames the CredentialManagement runtime feature flag into
        WebAuthentication runtime feature flag.

        No tests.

        * Modules/credentialmanagement/BasicCredential.idl:
        * Modules/credentialmanagement/CredentialsContainer.idl:
        * Modules/credentialmanagement/NavigatorCredentials.idl:
        * Modules/webauthn/PublicKeyCredential.idl:
        * page/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::setWebAuthenticationEnabled):
        (WebCore::RuntimeEnabledFeatures::webAuthenticationEnabled const):
        (WebCore::RuntimeEnabledFeatures::setCredentialManagementEnabled): Deleted.
        (WebCore::RuntimeEnabledFeatures::credentialManagementEnabled const): Deleted.

2018-01-02  Wenson Hsieh  <wenson_hsieh@apple.com>

        [Attachment Support] Don't Blob-convert images and attachments with https:, http: or data: urls
        https://bugs.webkit.org/show_bug.cgi?id=181143
        <rdar://problem/36200381>

        Reviewed by Tim Horton.

        Clients such as Mail would expect pasting or dropping an image with src="https://..." to result in the source
        URL being preserved (i.e. staying as remote images) instead of creating image attachments out of them. This
        patch hooks into the shouldConvertToBlob() check added in r226272 so that it applies to attachment element
        replacement as well.

        Test: WKAttachmentTests.DoNotInsertDataURLImagesAsAttachments

        * editing/cocoa/WebContentReaderCocoa.mm:
        (WebCore::shouldConvertToBlob):
        (WebCore::replaceRichContentWithAttachments):

2018-01-02  Brady Eidson  <beidson@apple.com>

        Identify MessagePorts by a globally unique MessagePortIdentifier.
        https://bugs.webkit.org/show_bug.cgi?id=181172

        Reviewed by Alex Christensen.

        No new tests (Behavior change covered by all existing tests).

        This cleans up the abstract MessagePortChannel interface to be in terms of identifiers
        instead of actual MessagePort objects.
        
        The identifiers are compounded with the current ProcessIdentifier meaning they are global
        across all processes for the running UI process, enabling easy cross-process communication.
        
        (Actual cross-process communication comes in a followup)
        
        * WebCore.xcodeproj/project.pbxproj:
        
        * dom/InProcessMessagePortChannel.cpp:
        (WebCore::InProcessMessagePortChannel::createChannelBetweenPorts):
        (WebCore::InProcessMessagePortChannel::isConnectedTo):
        (WebCore::InProcessMessagePortChannel::entangleWithRemoteIfOpen):
        (WebCore::InProcessMessagePortChannel::entangleIfOpen): Deleted.
        * dom/InProcessMessagePortChannel.h:
        
        * dom/MessageChannel.cpp:
        (WebCore::MessageChannel::MessageChannel):
        (WebCore::m_port2):
        
        * dom/MessagePort.cpp:
        (WebCore::allMessagePortsLock):
        (WebCore::MessagePort::ref const):
        (WebCore::MessagePort::deref const):
        (WebCore::MessagePort::existingMessagePortForIdentifier):
        (WebCore::MessagePort::MessagePort):
        (WebCore::MessagePort::~MessagePort):
        (WebCore::MessagePort::postMessage):
        (WebCore::MessagePort::entangleWithRemote):
        (WebCore::MessagePort::entanglePorts):
        (WebCore::MessagePort::entangle): Deleted.
        * dom/MessagePort.h:
        
        * dom/MessagePortChannel.h:
        
        * dom/MessagePortIdentifier.h: Added.
        (WebCore::operator==):
        (WebCore::MessagePortIdentifier::encode const):
        (WebCore::MessagePortIdentifier::decode):
        (WebCore::MessagePortIdentifier::hash const):
        (WTF::MessagePortIdentifierHash::hash):
        (WTF::MessagePortIdentifierHash::equal):
        (WTF::HashTraits<WebCore::MessagePortIdentifier>::emptyValue):
        (WTF::HashTraits<WebCore::MessagePortIdentifier>::constructDeletedValue):
        (WTF::HashTraits<WebCore::MessagePortIdentifier>::isDeletedValue):

2018-01-02  Youenn Fablet  <youenn@apple.com>

        Memory cache should not reuse resources with different credential fetch option
        https://bugs.webkit.org/show_bug.cgi?id=181212

        Reviewed by Alex Christensen.

        Covered by rebased test.

        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::determineRevalidationPolicy const):

2018-01-02  Jiewen Tan  <jiewen_tan@apple.com>

        Update Credential Management API for WebAuthentication
        https://bugs.webkit.org/show_bug.cgi?id=181082
        <rdar://problem/36055239>

        Reviewed by Brent Fulgham.

        Part 2/2

        This patch implements Core API from Credential Management API: https://www.w3.org/TR/credential-management-1/#core.
        which is required by WebAuthN. It also sets the CredentialManagement runtime flag to enable testing. Note that it
        introduces a dummy PublicKeyCredential interface for testing functionalities of the Credential interface, which
        cannot be instantiated.

        Tests: http/wpt/credential-management/credentialscontainer-create-basics.https.html
               http/wpt/credential-management/credentialscontainer-get-basics.https.html
               http/wpt/credential-management/credentialscontainer-preventSilentAccess-basics.https.html
               http/wpt/credential-management/idl.https.html

        * CMakeLists.txt:
        * DerivedSources.make:
        * Modules/credentialmanagement/BasicCredential.cpp:
        (WebCore::BasicCredential::BasicCredential):
        (WebCore::BasicCredential::type const):
        * Modules/credentialmanagement/BasicCredential.h:
        (WebCore::BasicCredential::discovery const):
        * Modules/credentialmanagement/BasicCredential.idl:
        * Modules/credentialmanagement/CredentialCreationOptions.h:
        * Modules/credentialmanagement/CredentialCreationOptions.idl:
        * Modules/credentialmanagement/CredentialRequestOptions.h:
        * Modules/credentialmanagement/CredentialRequestOptions.idl:
        * Modules/credentialmanagement/CredentialsContainer.cpp:
        (WebCore::CredentialsContainer::CredentialsContainer):
        (WebCore::CredentialsContainer::isSameOriginWithItsAncestors):
        (WebCore::CredentialsContainer::dispatchTask):
        (WebCore::CredentialsContainer::get):
        (WebCore::CredentialsContainer::store):
        (WebCore::CredentialsContainer::isCreate):
        (WebCore::CredentialsContainer::preventSilentAccess):
        * Modules/credentialmanagement/CredentialsContainer.h:
        (WebCore::CredentialsContainer::create):
        (WebCore::CredentialsContainer::CredentialsContainer): Deleted.
        * Modules/credentialmanagement/CredentialsContainer.idl:
        * Modules/credentialmanagement/NavigatorCredentials.cpp:
        (WebCore::NavigatorCredentials::credentials):
        * Modules/credentialmanagement/NavigatorCredentials.h:
        * Modules/credentialmanagement/NavigatorCredentials.idl:
        * Modules/webauthn/PublicKeyCredential.cpp: Copied from Source/WebCore/Modules/credentialmanagement/BasicCredential.cpp.
        (WebCore::PublicKeyCredential::PublicKeyCredential):
        (WebCore::PublicKeyCredential::collectFromCredentialStore):
        (WebCore::PublicKeyCredential::discoverFromExternalSource):
        (WebCore::PublicKeyCredential::store):
        (WebCore::PublicKeyCredential::create):
        * Modules/webauthn/PublicKeyCredential.h: Copied from Source/WebCore/Modules/credentialmanagement/BasicCredential.cpp.
        * Modules/webauthn/PublicKeyCredential.idl: Copied from Source/WebCore/Modules/credentialmanagement/BasicCredential.idl.
        * Sources.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/WebCoreBuiltinNames.h:
        * page/RuntimeEnabledFeatures.h:

2018-01-02  Oleksandr Skachkov  <gskachkov@gmail.com>

        WebAssembly: sending module to iframe fails
        https://bugs.webkit.org/show_bug.cgi?id=179263

        Reviewed by JF Bastien.

        Allow use WebAssembly.Module as input parameters for postMessage 
        in window and iframe object. To prevent sending message to iframe
        that is not ready, in iframe-* test we are waiting message from
        iframe only after that we send message to it.   

        Tests: wasm/iframe-parent-postmessage.html
               wasm/iframe-postmessage.html
               wasm/window-postmessage.html

        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneSerializer::dumpIfTerminal):
        * bindings/js/SerializedScriptValue.h:
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::postMessage):

== Rolled over to ChangeLog-2018-01-01 ==
