2011-06-10 Darin Adler <darin@apple.com>
[webkit:qtwebkit.git] / Source / WebCore / ChangeLog
1 2011-06-10  Darin Adler  <darin@apple.com>
2
3         Reviewed by Eric Carlson.
4
5         REGRESSION: Fullscreen video controller can't be dragged
6         https://bugs.webkit.org/show_bug.cgi?id=62462
7
8         No regression test because we don't have machinery for testing the fullscreen
9         mode. We may find a way to add this in the future.
10
11         * html/shadow/MediaControlElements.cpp:
12         (WebCore::MediaControlPanelElement::MediaControlPanelElement): Initialize new
13         booleans related to dragging.
14         (WebCore::MediaControlPanelElement::startDrag): Added. Starts drag if dragging
15         is allowed and a drag isn't already in progress.
16         (WebCore::MediaControlPanelElement::continueDrag): Added. Moves the window if
17         dragging is already in progress.
18         (WebCore::MediaControlPanelElement::endDrag): Added. Ends the capture that is
19         done during the dragging process.
20         (WebCore::MediaControlPanelElement::setPosition): Added. Positions the panel
21         using explicit top/left.
22         (WebCore::MediaControlPanelElement::resetPosition): Added. Removes the positioning
23         done by setPosition.
24         (WebCore::MediaControlPanelElement::defaultEventHandler): Added. Calls startDrag,
25         continueDrag, and endDrag in response to mouse events.
26         (WebCore::MediaControlPanelElement::setCanBeDragged): Added.
27         * html/shadow/MediaControlElements.h: Added new function and data members
28         as mentioned above.
29
30         * html/shadow/MediaControlRootElement.cpp:
31         (WebCore::MediaControlRootElement::enteredFullscreen): Call setCanBeDragged(true)
32         so you can drag the panel while in fullscreen.
33         (WebCore::MediaControlRootElement::exitedFullscreen): Call setCanBeDragged(false)
34         so you can't drag the panel while not in fullscreen. Also call resetPosition so
35         position changes from dragging don't affect the panel in other contexts.
36
37 2011-06-24  Dimitri Glazkov  <dglazkov@chromium.org>
38
39         Reviewed by Darin Adler.
40
41         REGRESSION (r77740): Shadow DOM pseudo elements aren't matching when combined with descendant selectors
42         https://bugs.webkit.org/show_bug.cgi?id=63373
43
44         * css/CSSStyleSelector.cpp:
45         (WebCore::CSSStyleSelector::pushParentStackFrame): Changed to use parentOrHostElement.
46         (WebCore::CSSStyleSelector::pushParent): Ditto.
47         * dom/Node.cpp:
48         (WebCore::Node::parentOrHostElement): Added.
49         * dom/Node.h:
50
51 2011-06-24  Alexey Proskuryakov  <ap@apple.com>
52
53         Rubber-stamped by Maciej Stachowiak.
54
55         REGRESSION (r88984): Infinite recursion in DocumentLoader::detachFromFrame/stopLoading
56
57         No new tests, as there is no known way to reproduce this (but we'll keep investigating, as
58         the rollout will re-introduce the older less frequent crash).
59
60         * loader/DocumentLoader.cpp: (WebCore::DocumentLoader::detachFromFrame): Rollout the fix
61         for bug 62764.
62
63 2011-06-24  Alexis Menard  <alexis.menard@openbossa.org>
64
65         Unreviewed build fix.
66
67         Build fix on Linux when using the GStreamer backend.
68
69         No new tests, just a build fix.
70
71         * platform/graphics/gstreamer/PlatformVideoWindowQt.cpp:
72         (FullScreenVideoWindow::keyPressEvent):
73
74 2011-06-23  Abhishek Arya  <inferno@chromium.org>
75
76         Reviewed by Adam Barth.
77
78         RefPtr m_style in MediaQueryEvaluator in case of callers like
79         MediaQueryMatcher::prepareEvaluator that do not retain its reference.
80         https://bugs.webkit.org/show_bug.cgi?id=63264
81
82         Test: fast/css/media-query-evaluator-crash.html
83
84         * css/MediaQueryEvaluator.cpp:
85         (WebCore::MediaQueryEvaluator::eval):
86         * css/MediaQueryEvaluator.h:
87
88 2011-06-22  Annie Sullivan  <sullivan@chromium.org>
89
90         Reviewed by Ryosuke Niwa.
91
92         REGRESSION: Hitting enter in the middle of this span causes the cursor to go to the end of the span
93         https://bugs.webkit.org/show_bug.cgi?id=61594
94
95         When the tree is split at the cursor in InsertParagraphSeparatorCommand, it is possible for the position
96         split at to be at the end of a text node. The code assumes the position is at the start of the node, so
97         pass the correct node into splitTreeToNode() in that case.
98
99         Tests: editing/inserting/return-key-before-br-in-span.html
100                editing/inserting/return-key-middle-of-span.html
101
102         * editing/InsertParagraphSeparatorCommand.cpp:
103         (WebCore::InsertParagraphSeparatorCommand::doApply):
104
105 2011-05-24  Matthew Delaney  <mdelaney@apple.com>
106
107         Reviewed by Simon Fraser.
108
109         Clamp coordinates to integers for canvas create/getImageData routines
110         https://bugs.webkit.org/show_bug.cgi?id=61135
111
112         Test: fast/canvas/canvas-getImageData-largeNonintegralDimensions.html
113
114         * html/HTMLCanvasElement.cpp:
115         (WebCore::HTMLCanvasElement::convertLogicalToDevice): clamp to ints
116         * html/canvas/CanvasRenderingContext2D.cpp:
117         (WebCore::CanvasRenderingContext2D::createImageData):
118         (WebCore::CanvasRenderingContext2D::getImageData):
119         * platform/graphics/cg/ImageBufferDataCG.cpp:
120         (WebCore::ImageBufferData::getData):
121
122 2011-06-09  Adam Barth  <abarth@webkit.org>
123
124         Reviewed by Eric Seidel.
125
126         Running script from attach can remove elements from the stack of open elements
127         https://bugs.webkit.org/show_bug.cgi?id=62160
128
129         When the tree build runs script synchronously, that script can remove
130         arbitrary elements from the stack of open elements.  We need to hold a
131         reference to |parent| in attach instead of rely upon the reference in
132         the stack of open elements.
133
134         Test: fast/parser/document-write-onload-clear.html
135
136         * html/parser/HTMLConstructionSite.cpp:
137         (WebCore::HTMLConstructionSite::attach):
138
139 2011-06-09  Mike Lawther  <mikelawther@chromium.org>
140
141         Reviewed by Kent Tamura.
142
143         Parsing issue with -webkit-calc
144         https://bugs.webkit.org/show_bug.cgi?id=62276
145
146         Set the CSSParserString for the calc functions.
147
148         Test: css3/calc/regression-62276.html
149
150         * css/CSSParser.cpp:
151         (WebCore::CSSParser::lex):
152
153 2011-06-20  Adam Barth  <abarth@webkit.org>
154
155         Reviewed by Alexey Proskuryakov.
156
157         ASSERT in WebCore::HTMLToken::appendToAttributeName when visiting www.nba.com
158         https://bugs.webkit.org/show_bug.cgi?id=61774
159
160         This ASSERT triggers for the same underlying issue that causes
161         Bug 62971: When we tokenize a </script> tag, we don't realize that
162         we've already consumed the "</script>" from the input stream when we
163         extracted the previous token.  That causes the source tracker to be
164         out-of-sync, triggering the incorrect view-source highlighting and this
165         ASSERT.
166
167         For now, let's just silence the assert while we work on Bug 62971.
168
169         Test: fast/parser/attributes-on-close-script.html
170
171         * html/parser/HTMLToken.h:
172         (WebCore::HTMLToken::appendToAttributeName):
173         (WebCore::AtomicHTMLToken::initializeAttributes):
174
175 2011-06-16  Abhishek Arya  <inferno@chromium.org>
176
177         Reviewed by Adam Barth.
178
179         RefPtr frame since it can get removed in
180         FrameLoader::finishedParsing.
181         https://bugs.webkit.org/show_bug.cgi?id=62812
182
183         Tests: already tested by fast/parser/document-write-into-initial-document.html.
184
185         * dom/Document.cpp:
186         (WebCore::Document::finishedParsing):
187
188 2011-06-07  Abhishek Arya  <inferno@chromium.org>
189
190         Reviewed by Dan Bernstein.
191
192         Replicate WidthIterator.cpp fix from r88139.
193         https://bugs.webkit.org/show_bug.cgi?id=62238
194
195         No new tests. Covered by existing layout tests on XP debug bots.
196
197         * platform/graphics/win/UniscribeController.cpp:
198         (WebCore::UniscribeController::advance):
199
200 2011-06-01  Abhishek Arya  <inferno@chromium.org>
201
202         Unreviewed.
203
204         Coding style nit. Move ec=0 initialization, change
205         recommended by Alexey in bug.
206         https://bugs.webkit.org/show_bug.cgi?id=60831
207
208         * dom/Document.cpp:
209         (WebCore::Document::setBody):
210
211 2011-06-01  Abhishek Arya  <inferno@chromium.org>
212
213         Reviewed by Alexey Proskuryakov.
214
215         Fix setting of document.body
216         https://bugs.webkit.org/show_bug.cgi?id=60831
217
218         1. Only allowing setting to an element if it has a body tag.
219         2. If element is from another document, import it.
220
221         Test: fast/dom/document-set-body.html
222
223         * dom/Document.cpp:
224         (WebCore::Document::setBody):
225
226 2011-06-01  Abhishek Arya  <inferno@chromium.org>
227
228         Reviewed by Antti Koivisto.
229
230         Do not use the pushed style selector if it is not equal to the
231         parent document's style selector. It usually means that it is
232         in a bad state, e.g. already cleared.
233         https://bugs.webkit.org/show_bug.cgi?id=61737
234
235         * dom/Element.cpp:
236         (WebCore::StyleSelectorParentPusher::~StyleSelectorParentPusher):
237
238 2011-06-17  Abhishek Arya  <inferno@chromium.org>
239
240         Reviewed by Dave Hyatt.
241
242         When we lose ability to propagate floats, need to find topmost
243         parent with that overhanging float, and then iterate over its
244         sibling blocks to remove the float.
245         https://bugs.webkit.org/show_bug.cgi?id=62875
246
247         Test: fast/block/float/float-not-removed-from-next-sibling5.html
248
249         * rendering/RenderBlock.cpp:
250         (WebCore::RenderBlock::styleDidChange):
251         (WebCore::RenderBlock::hasOverhangingFloat):
252         * rendering/RenderBlock.h:
253
254 2011-05-10  Abhishek Arya  <inferno@chromium.org>
255
256         Reviewed by Simon Fraser.
257
258         Add containsFloats call to hasOverhangingFloats.
259         https://bugs.webkit.org/show_bug.cgi?id=60537
260
261         Test: fast/block/float/no-overhanging-float-crash.html
262
263         * rendering/RenderBlock.cpp:
264         (WebCore::RenderBlock::repaintOverhangingFloats):
265         * rendering/RenderBlock.h:
266         (WebCore::RenderBlock::hasOverhangingFloats):
267
268 2011-05-05  Abhishek Arya  <inferno@chromium.org>
269
270         Reviewed by Dave Hyatt.
271
272         When style changes for a RenderBlock and we lose our ability to intrude into
273         floats in the next siblings block (e.g a position change), make sure to mark
274         our childs with floats for layout and iterate through our next sibling block
275         chain to see which ones contain the float that also exists in our floating
276         objects list and clear those using markAllDescendantsWithFloatsForLayout.
277         https://bugs.webkit.org/show_bug.cgi?id=56299
278
279         Tests: fast/block/float/float-not-removed-from-next-sibling-crash.html
280                fast/block/float/float-not-removed-from-next-sibling.html
281                fast/block/float/float-not-removed-from-next-sibling2.html
282                fast/block/float/float-not-removed-from-next-sibling3.html
283                fast/block/float/float-not-removed-from-next-sibling4.html
284
285         * rendering/RenderBlock.cpp:
286         (WebCore::RenderBlock::styleWillChange):
287         (WebCore::RenderBlock::styleDidChange):
288         (WebCore::RenderBlock::markSiblingsWithFloatsForLayout):
289         * rendering/RenderBlock.h:
290
291 2011-06-16  Gabor Loki  <loki@webkit.org>
292
293         [Qt] Unreviewed, build fix after r89118.
294
295         * dom/XMLDocumentParserQt.cpp:
296         (WebCore::XMLDocumentParser::initializeParserContext):
297
298 2011-06-16  Jeffrey Pfau  <jpfau@apple.com>
299
300         Reviewed by Alexey Proskuryakov.
301
302         Using null bytes when setting innerHTML in XTHML results in assertion and a crash due to null-pointer dereference
303         https://bugs.webkit.org/show_bug.cgi?id=61053
304
305         XML parsing in-memory XML chunks now passes around a string object instead of a C string, ensuring null characters are properly handled.
306
307         Tests: fast/parser/xhtml-innerhtml-null-byte-first.xhtml
308                fast/parser/xhtml-innerhtml-null-byte.xhtml
309
310         * dom/XMLDocumentParser.h:
311         * dom/XMLDocumentParserLibxml2.cpp:
312         (WebCore::XMLParserContext::createMemoryParser):
313         (WebCore::XMLDocumentParser::initializeParserContext):
314         (WebCore::XMLDocumentParser::appendFragmentSource):
315
316 2011-06-15  Abhishek Arya  <inferno@chromium.org>
317
318         Reviewed by Antti Koivisto.
319
320         Revert speculative fix in r84151. It caused some issues with
321         stylesheet lifetimes.
322         https://bugs.webkit.org/show_bug.cgi?id=62586
323
324         Tests: fast/dom/body-clone-link-decl-parent-crash.html
325                fast/dom/styled-clone-inline-style-decl-parent-crash.html
326                fast/dom/styled-not-in-document-clone-inline-style-decl-parent-crash.html
327
328         * dom/Document.cpp:
329         (WebCore::Document::removedLastRef):
330
331 2011-06-15  Sam Weinig  <sam@webkit.org>
332
333         Reviewed by Alexey Proskuryakov.
334
335         Frequent crashes due to null frame below ApplicationCacheHost::scheduleLoadFallbackResourceFromApplicationCache
336         https://bugs.webkit.org/show_bug.cgi?id=62764
337
338         This is an non-reproducible high volume crash, so no test :(. 
339
340         * loader/DocumentLoader.cpp:
341         (WebCore::DocumentLoader::detachFromFrame):
342         Be conservative and stop loading when we detach a document loader from a frame.
343
344 2011-06-14  Jeffrey Pfau  <jpfau@apple.com>
345
346         Reviewed by David Hyatt.
347
348         Null dereference in WebCore::RenderBlock::splitFlow regarding use of multicol, inline-block, and spanning elements
349         https://bugs.webkit.org/show_bug.cgi?id=60028
350
351         Ensure that the parent block of a spanning element, if it is not itself
352         a multicol element, is not inline.
353
354         Test: fast/multicol/span/span-as-nested-inline-block-child.html
355
356         * rendering/RenderBlock.cpp:
357         (WebCore::RenderBlock::columnsBlockForSpanningElement):
358
359 2011-06-14  Viatcheslav Ostapenko  <ostapenko.viatcheslav@nokia.com>
360
361         Reviewed by Laszlo Gombos.
362
363         [Qt] [Symbian] GraphicsLayer: support plugins on symbian
364         https://bugs.webkit.org/show_bug.cgi?id=57418
365
366         Implement graphics layer for plugins on Symbian.
367
368         * plugins/PluginView.h:
369         * plugins/qt/PluginViewQt.cpp:
370         (WebCore::PluginView::shouldUseAcceleratedCompositing):
371         (WebCore::PluginView::platformStart):
372         * plugins/symbian/PluginViewSymbian.cpp:
373         (WebCore::PluginGraphicsLayerQt::PluginGraphicsLayerQt):
374         (WebCore::PluginGraphicsLayerQt::~PluginGraphicsLayerQt):
375         (WebCore::PluginGraphicsLayerQt::paint):
376         (WebCore::PluginView::shouldUseAcceleratedCompositing):
377         (WebCore::PluginView::paint):
378         (WebCore::PluginView::invalidateRect):
379         (WebCore::PluginView::platformStart):
380         (WebCore::PluginView::platformLayer):
381
382 2011-06-16  Sheriff Bot  <webkit.review.bot@gmail.com>
383
384         Unreviewed, rolling out r88796.
385         http://trac.webkit.org/changeset/88796
386         https://bugs.webkit.org/show_bug.cgi?id=62790
387
388         It made fast/dom/nodesFromRect-basic.html time out on Qt,
389         64-bit, debug mode (Requested by Ossy on #webkit).
390
391         * bridge/qt/qt_runtime.cpp:
392         (JSC::Bindings::convertValueToQVariant):
393
394 2011-06-13  Jeffrey Pfau  <jpfau@apple.com>
395
396         Reviewed by Darin Adler.
397
398         Crash in WebCore::RenderMathMLUnderOver::layout()
399         https://bugs.webkit.org/show_bug.cgi?id=57900
400
401         Add more null checks so that removing children in MathML elements does not cause crashes.
402         Note that this only half fixes the third repro in the Bugzilla bug, as another bug will
403         still crash that repro.
404
405         Test: mathml/munderover-remove-children.html
406
407         * rendering/mathml/RenderMathMLSubSup.cpp:
408         (WebCore::RenderMathMLSubSup::stretchToHeight):
409         * rendering/mathml/RenderMathMLUnderOver.cpp:
410         (WebCore::RenderMathMLUnderOver::layout):
411         (WebCore::RenderMathMLUnderOver::nonOperatorHeight):
412
413 2011-06-13  Ryosuke Niwa  <rniwa@webkit.org>
414
415         Reviewed by Dan Bernstein.
416
417         REGRESSION (r81518): Crash in makeRange() when invoking the dictionary panel over a file input
418         https://bugs.webkit.org/show_bug.cgi?id=62544
419
420         Fixed the crash by adding null pointer checks.
421
422         No new tests since there's no way to open dictionary panel.
423
424         * dom/Position.cpp:
425         (WebCore::Position::parentAnchoredEquivalent):
426         * editing/VisiblePosition.cpp:
427         (WebCore::makeRange):
428         * page/Frame.cpp:
429         (WebCore::Frame::rangeForPoint):
430
431 2011-06-14  Caio Marcelo de Oliveira Filho  <caio.oliveira@openbossa.org>
432
433         Reviewed by Andreas Kling.
434
435         [Qt] tst_QWebFrame::overloadedSlots() fails
436         https://bugs.webkit.org/show_bug.cgi?id=37319
437
438         Increase the likeness that JSElements are converted to QWebElements. When hinted
439         with QWebElement metatype, we qualify the conversion from JSElement as a "perfect
440         match".
441
442         The test was failing because the wrong slot was called, since the QWebElement
443         match was taken as equal to the others and not chosen when the metacall happened.
444
445         We also remove the implicit conversion between JSDocument (which is not an
446         element) to QWebElement. The conversion only worked for calling slots, while
447         without hint it returned a QVariantMap (as can be seen in domCycles test). It was
448         added for supporting DRT, but since this change we can use it as QVariantMap and
449         get the value for "documentElement".
450
451         This patch is based on Noam Rosenthal original patch in the same bug.
452
453         * bridge/qt/qt_runtime.cpp:
454         (JSC::Bindings::hintForRealType):
455         Extracted function to choose the metatype hint based on the JSValue type.  Add
456         QWebElement metatype as a hint for JSElement objects, this way if no hint is
457         provided, JSElement objects will always be converted to QWebElements.
458
459         (JSC::Bindings::convertValueToQVariant):
460         Use previous function. Identify the conversion between JSElement to QWebElement
461         as a "perfect match" (dist = 0). And remove the implicit conversion when the hint
462         is QWebElement metatype and we have a JSDocument.  Changed from JSHTMLElement to
463         JSElement to cover the 'documentElement'.
464
465 2011-06-12  Dan Bernstein  <mitz@apple.com>
466
467         Reviewed by Darin Adler.
468
469         <rdar://problem/9513180> REGRESSION (r84166): recalcStyle for display:inline to display:none transition has complexity N^2 where N is the number of child Text nodes
470         https://bugs.webkit.org/show_bug.cgi?id=61557
471
472         Replaced the fix for bug 58500 with a refined version.
473
474         * rendering/RenderText.cpp:
475         (WebCore::RenderText::clippedOverflowRectForRepaint): Use the containing block unless it is
476         across a layer boundary.
477
478 2011-06-10  Abhishek Arya  <inferno@chromium.org>
479
480         Reviewed by Simon Fraser.
481
482         Null parent element sheet pointers in CSSMutableStyleDeclaration consumers
483         when removed from document, set them when reinserted into document.
484         https://bugs.webkit.org/show_bug.cgi?id=62230
485
486         When a HTMLBodyElement, StyledElement are removed from document,
487         we didn't clear out the parent pointers from their link, style declarations.
488         These parent pointers pointed to the document's element sheet which will
489         get removed when document is getting destroyed. It does make sense to
490         clear out parent pointers when we are getting removed from document and
491         readd them when we get inserted again.
492
493         Tests: fast/dom/body-link-decl-parent-crash.html
494                fast/dom/styled-inline-style-decl-parent-crash.html
495
496         * dom/StyledElement.cpp:
497         (WebCore::StyledElement::insertedIntoDocument):
498         (WebCore::StyledElement::removedFromDocument):
499         * dom/StyledElement.h:
500         * html/HTMLBodyElement.cpp:
501         (WebCore::HTMLBodyElement::parseMappedAttribute):
502         (WebCore::HTMLBodyElement::insertedIntoDocument):
503         (WebCore::HTMLBodyElement::removedFromDocument):
504         (WebCore::HTMLBodyElement::didMoveToNewOwnerDocument):
505         * html/HTMLBodyElement.h:
506
507 2011-06-10  James Simonsen  <simonjam@chromium.org>
508
509         Reviewed by Tony Gentilcore.
510
511         Don't execute scripts in shadow SVG.
512         https://bugs.webkit.org/show_bug.cgi?id=62225
513
514         Test: svg/dom/use-style-recalc-script-execute-crash.html
515
516         * dom/ScriptElement.cpp:
517         (WebCore::ScriptElement::prepareScript):
518
519 2011-06-09  Jian Li  <jianli@chromium.org>
520
521         Reviewed by David Levin.
522
523         Calling WebKitBlobBuilder.append with null argument should not crash
524         https://bugs.webkit.org/show_bug.cgi?id=62419
525
526         Test: fast/files/blob-builder-crash.html
527
528         * fileapi/WebKitBlobBuilder.cpp:
529         (WebCore::WebKitBlobBuilder::append):
530
531 2011-06-09  Julien Chaffraix  <jchaffraix@codeaurora.org>
532
533         Reviewed by Antti Koivisto.
534
535         REGRESSION(84329): Stylesheets on some pages do not load
536         https://bugs.webkit.org/show_bug.cgi?id=61400
537
538         Test: fast/css/link-disabled-attr.html
539
540         Fixed r84329: the change did not take into account the fact
541         that HTMLLinkElement did already contain the disabled information
542         and the 2 information were not linked as they should have!
543
544         The new logic pushes the information to the stylesheet as this
545         is what the spec mandates and what FF is doing. Also it keeps
546         one bit of information (that JS enabled the stylesheet) as it
547         is needed for the recalcStyleSelector logic.
548
549         * dom/Document.cpp:
550         (WebCore::Document::recalcStyleSelector): s/isDisabled/disabled.
551
552         * html/HTMLLinkElement.cpp:
553         (WebCore::HTMLLinkElement::HTMLLinkElement): Removed m_disabledState,
554         replaced by m_isEnabledViaScript.
555         (WebCore::HTMLLinkElement::setDisabled): Updated the logic after
556         m_disabledState removal. It also matches the spec by forwarding
557         the disabled state to our stylesheet if we have one.
558         (WebCore::HTMLLinkElement::parseMappedAttribute): Removed harmful
559         handling of the disabledAttr.
560         (WebCore::HTMLLinkElement::process): Updated after m_disabledState removal.
561         * html/HTMLLinkElement.h:
562         (WebCore::HTMLLinkElement::isEnabledViaScript): Ditto.
563         (WebCore::HTMLLinkElement::isAlternate): Ditto.
564
565 2011-06-09  Simon Fraser  <simon.fraser@apple.com>
566
567         Reviewed by Darin Adler.
568
569         Crashes in RenderLayerBacking::paintingGoesToWindow
570         https://bugs.webkit.org/show_bug.cgi?id=61159
571
572         Speculative fix for unreproducible crash that can occur when RenderObject::repaintUsingContainer()
573         finds a repaintContainer that is not the RenderView, but that is also not
574         composited (for unknown reasons), by checking to see if the layer is
575         compositing before using backing(). An assertion remains to try to catch
576         this in debug builds.
577
578         * rendering/RenderLayer.cpp:
579         (WebCore::RenderLayer::setBackingNeedsRepaintInRect):
580
581 2011-06-09  Julien Chaffraix  <jchaffraix@webkit.org>
582
583         Reviewed by Darin Adler.
584
585         WebCore::WebKitCSSKeyframesRuleInternal::nameAttrSetter() - crash
586         https://bugs.webkit.org/show_bug.cgi?id=62384
587
588         Test: fast/css/webkit-keyframes-crash.html
589
590         * css/WebKitCSSKeyframesRule.cpp:
591         (WebCore::WebKitCSSKeyframesRule::setName): stylesheet() is never garanteed
592         to return a non-null pointer. Thus null-check here like the rest of the code.
593
594 2011-06-08  Adam Barth  <abarth@webkit.org>
595
596         Reviewed by Eric Seidel.
597
598         constructTreeFromToken can re-enter parser, causing ASSERTs
599         https://bugs.webkit.org/show_bug.cgi?id=62160
600
601         This patch clears the HTMLToken before constructing the tree from the
602         token, putting the HTMLDocumentParser in a good state to be re-entered.
603
604         Tests: fast/parser/document-write-onload-nesting.html
605                fast/parser/document-write-onload-ordering.html
606
607         * html/parser/HTMLDocumentParser.cpp:
608         (WebCore::HTMLDocumentParser::pumpTokenizer):
609         * html/parser/HTMLToken.h:
610         (WebCore::HTMLToken::isUninitialized):
611         * html/parser/HTMLTreeBuilder.cpp:
612         (WebCore::HTMLTreeBuilder::constructTreeFromToken):
613
614 2011-06-08  Yael Aharon  <yael.aharon@nokia.com>
615
616         Reviewed by Andreas Kling.
617
618         [Qt] Build fix for building QtWebKit inside of Qt.
619         https://bugs.webkit.org/show_bug.cgi?id=62280
620
621         Remove CONFIG=staticlib, because it causes the configure script to add -lwebcore
622         into QtWebKit.prl.
623
624         No new tests, as this is just a build fix.
625
626         * WebCore.pri:
627
628 2011-06-08  Andreas Kling  <andreas.kling@nokia.com>
629
630         Reviewed by Laszlo Gombos.
631
632         [Symbian] Float{32,64}Array and Int16Array fail to build.
633         https://bugs.webkit.org/show_bug.cgi?id=62219
634
635         For some reason, RVCT 2.x is moaning about "class member designated by
636         a using-declaration must be visible in a direct base class".
637         Apply same fix as r69122 and r76592.
638
639         * html/canvas/Float32Array.h:
640         (WebCore::Float32Array::set):
641         * html/canvas/Float64Array.h:
642         (WebCore::Float64Array::set):
643         * html/canvas/Int16Array.h:
644         (WebCore::Int16Array::set):
645
646 2011-06-07  Yi Shen  <yi.4.shen@nokia.com>
647
648         Reviewed by Simon Hausmann.
649
650         [Qt] Fix the error code for media resource failures when using QtMobility
651         https://bugs.webkit.org/show_bug.cgi?id=55901
652
653         To indicate the media resource failures, set the network state to
654         MediaPlayer::FormatError when receives QMediaPlayer::InvalidMedia or
655         QMediaPlayer::ResourceError.
656
657         * platform/graphics/qt/MediaPlayerPrivateQt.cpp:
658         (WebCore::MediaPlayerPrivateQt::updateStates):
659
660 2011-06-05  Igor Oliveira  <igor.oliveira@openbossa.org>
661
662         Reviewed by Kenneth Rohde Christiansen.
663
664         fast/viewport/viewport-45.html fails in GTK+/Qt
665         https://bugs.webkit.org/show_bug.cgi?id=47481
666
667         computeViewportAttributes does many math operations with float point arithmetic
668         and in some cases there is loss of precision making tests have incorrect values.
669
670         * dom/ViewportArguments.cpp:
671         (WebCore::computeViewportAttributes):
672
673 2011-06-04  Abhishek Arya  <inferno@chromium.org>
674
675         Reviewed by Kent Tamura.
676
677         Add some asserts for array boundary checks in TextRun. Fix
678         an integer issue in linux text controller code.
679         https://bugs.webkit.org/show_bug.cgi?id=62085
680
681         Testing ComplexTextControllerLinux change requires a testcase
682         > 32 kb which is not feasible. All other changes are tested by
683         existing layouttests.
684
685         * platform/graphics/TextRun.h:
686         (WebCore::TextRun::operator[]): add assert.
687         (WebCore::TextRun::data): add assert.
688         * platform/graphics/WidthIterator.cpp:
689         (WebCore::WidthIterator::advance): bail early and prevent access
690         to one byte across the text run boundary.
691         * platform/graphics/chromium/ComplexTextControllerLinux.cpp:
692         (WebCore::ComplexTextController::getNormalizedTextRun): wrong
693         int16 vs int comparison.
694         * rendering/svg/SVGTextRunRenderingContext.cpp:
695         (WebCore::SVGTextRunWalker::walk): bail early when from and to
696         is outside the text run boundary. this hit easily after adding
697         the assert when from = to = end and read in run.data(from). 
698
699 2011-06-04  Jeffrey Pfau  <jpfau@apple.com>
700
701         Reviewed by Beth Dakin.
702
703         Crash in WebCore::RenderMathMLSubSup::baselinePosition()
704         https://bugs.webkit.org/show_bug.cgi?id=57897
705
706         Simple patch adding NULL checks in each function.
707         Test: mathml/msubsup-remove-children.xhtml
708
709         * rendering/mathml/RenderMathMLSubSup.cpp:
710         (WebCore::RenderMathMLSubSup::stretchToHeight):
711         (WebCore::RenderMathMLSubSup::baselinePosition):
712
713 2011-06-03  Alexis Menard  <alexis.menard@openbossa.org>
714
715         Reviewed by Andreas Kling.
716
717         To support building namespaced Qt, we require that forward-declarations
718         of Qt classes be wrapped in QT_BEGIN_NAMESPACE and QT_END_NAMESPACE.
719
720         * platform/network/qt/QtMIMETypeSniffer.h:
721
722 2011-06-01  Andras Becsi  <abecsi@webkit.org>
723
724         Reviewed by Csaba Osztrogonác.
725
726         [Qt] Fix the Phonon build when logging is disabled
727         https://bugs.webkit.org/show_bug.cgi?id=61869
728
729         No new tests needed.
730
731         * platform/graphics/qt/MediaPlayerPrivatePhonon.cpp: Add missing guards.
732         (WebCore::MediaPlayerPrivatePhonon::networkState):
733         (WebCore::MediaPlayerPrivatePhonon::readyState):
734         (WebCore::MediaPlayerPrivatePhonon::updateStates):
735         (WebCore::MediaPlayerPrivatePhonon::stateChanged):
736
737 2011-05-31  Abhishek Arya  <inferno@chromium.org>
738
739         Reviewed by Dimitri Glazkov.
740
741         Improve hasMediaControls logic to check that node has
742         media controls. This can be false when cloning nodes.
743         https://bugs.webkit.org/show_bug.cgi?id=61765
744
745         Test: media/media-controls-clone-crash.html
746
747         * dom/Node.h:
748         (WebCore::Node::isMediaControls):
749         * html/HTMLMediaElement.cpp:
750         (WebCore::HTMLMediaElement::mediaControls):
751         (WebCore::HTMLMediaElement::hasMediaControls):
752         * html/shadow/MediaControls.h:
753         (WebCore::MediaControls::isMediaControls):
754         (WebCore::toMediaControls):
755
756 2011-05-30  Eric Carlson  <eric.carlson@apple.com>
757
758         Reviewed by Alexey Proskuryakov.
759
760         Audio and video files saved to the Application Cache should preserve the original file extension
761         https://bugs.webkit.org/show_bug.cgi?id=61750
762         <rdar://9524922>
763
764         No new tests, it isn't possible to check the name of the file in the cache from within
765         DRT. Changes verified manually.
766
767         * loader/appcache/ApplicationCacheStorage.cpp:
768         (WebCore::ApplicationCacheStorage::store): Append the original file extension to the cache
769             file name.
770         (WebCore::ApplicationCacheStorage::writeDataToUniqueFileInDirectory): Add extension parameter.
771         * loader/appcache/ApplicationCacheStorage.h:
772
773 2011-05-30  Jer Noble  <jer.noble@apple.com>
774
775         Reviewed by Darin Adler and Simon Fraser.
776
777         REGRESSION (r87622): Scrubbing a Vimeo movie when in fullscreen stops playback; no way to make it start again
778         https://bugs.webkit.org/show_bug.cgi?id=61717
779         rdar://problem/9522272
780
781         May be some good way to test this later. No immediate idea about the best way.
782
783         When a media element is taken into full-screen mode, stop events from propagating
784         outside the media element's shadow DOM, EventDispatcher::determineDispatchBehavior()
785         has been changed to take a shadow root node. In our full screen media element check,
786         we check to see if the passed shadow root is the shadow root of the full screen media
787         element, and if so, specify events should StayInsideShadowDOM. The end result is that
788         inside EventDispatcher::ensureEventAncestors, an ancestor chain is built up all the
789         way from the SliderThumb to the video element's shadow root, but no further.
790
791         * dom/EventDispatcher.cpp:
792         (WebCore::EventDispatcher::determineDispatchBehavior): Restrict events to the
793         shadow DOM when showing a full screen video.
794
795         * html/HTMLMediaElement.cpp:
796         (WebCore::HTMLMediaElement::HTMLMediaElement): Removed code to manage full screen controls.
797         The events telling us about activity in the shadow DOM no longer bubble out so we need to
798         handle this inside the shadow DOM on the root element.
799         (WebCore::HTMLMediaElement::play): Ditto.
800         (WebCore::HTMLMediaElement::playbackProgressTimerFired): Ditto.
801         (WebCore::HTMLMediaElement::defaultEventHandler): Ditto.
802         (WebCore::HTMLMediaElement::enterFullscreen): Ditto.
803         (WebCore::HTMLMediaElement::exitFullscreen): Ditto.
804         * html/HTMLMediaElement.h: Added isPlaying function, removed things moved to the root element.
805
806         * html/shadow/MediaControlElements.cpp:
807         (WebCore::MediaControlVolumeSliderContainerElement::defaultEventHandler): Rolled out
808         changes that tried to make special rules for events using preDispatchEventHandler and such.
809         This rolls out both r87622 and r87655.
810         (WebCore::MediaControlMuteButtonElement::defaultEventHandler): Ditto.
811         (WebCore::MediaControlPanelMuteButtonElement::defaultEventHandler): Ditto.
812         (WebCore::MediaControlPlayButtonElement::defaultEventHandler): Ditto.
813         (WebCore::MediaControlSeekButtonElement::defaultEventHandler): Ditto.
814         (WebCore::MediaControlRewindButtonElement::defaultEventHandler): Ditto.
815         (WebCore::MediaControlReturnToRealtimeButtonElement::defaultEventHandler): Ditto.
816         (WebCore::MediaControlToggleClosedCaptionsButtonElement::defaultEventHandler): Ditto.
817         (WebCore::MediaControlTimelineElement::defaultEventHandler): Ditto.
818         (WebCore::MediaControlVolumeSliderElement::defaultEventHandler): Ditto.
819         (WebCore::MediaControlFullscreenButtonElement::defaultEventHandler): Ditto.
820         (WebCore::MediaControlFullscreenVolumeMinButtonElement::defaultEventHandler): Ditto.
821         (WebCore::MediaControlFullscreenVolumeMaxButtonElement::defaultEventHandler): Ditto.
822         * html/shadow/MediaControlElements.h: Ditto.
823
824         * html/shadow/MediaControlRootElement.cpp:
825         (WebCore::MediaControlRootElement::MediaControlRootElement): Initialize new data members.
826         (WebCore::MediaControlRootElement::playbackStarted): Start the timer so we will consider
827         hiding the controls later.
828         (WebCore::MediaControlRootElement::playbackProgressed): Hide the controls if the mouse
829         is no longer over the controls.
830         (WebCore::MediaControlRootElement::playbackStopped): Stop the timer since we only hide
831         automatically if we're playing.
832         (WebCore::MediaControlRootElement::enteredFullscreen): Start the timer.
833         (WebCore::MediaControlRootElement::exitedFullscreen): Stop the timer since we only care
834         if we are full screen.
835         (WebCore::MediaControlRootElement::containsRelatedTarget): Added. Helper for next function.
836         (WebCore::MediaControlRootElement::defaultEventHandler): Do the hide/show and timer functions
837         as the mouse is moved in and out.
838         (WebCore::MediaControlRootElement::startHideFullscreenControlsTimer): Start the timer if
839         needed.
840         (WebCore::MediaControlRootElement::hideFullscreenControlsTimerFired): Hide if the conditions
841         are met.
842         (WebCore::MediaControlRootElement::stopHideFullscreenControlsTimer): Stop the timer.
843
844         * html/shadow/MediaControlRootElement.h: Added new functions and data members.
845
846
847 2011-05-29  Brian Weinstein  <bweinstein@apple.com>
848
849         Reviewed by Darin Adler.
850
851         Controls never hide in full screen after user stops moving mouse
852         https://bugs.webkit.org/show_bug.cgi?id=61715
853         <rdar://problem/9522182>
854         
855         When we get a mouse move event in HTMLMediaElement::defaultEventHandler, and we are in full screen,
856         show the media controls, and then start a timer.
857         
858         The timer fires 3 seconds after the user's last mouse movement (timer is restarted on every mouse
859         move), and hides the controls.
860
861         * html/HTMLMediaElement.cpp:
862         (WebCore::HTMLMediaElement::HTMLMediaElement): Initialize our new timer.
863         (WebCore::HTMLMediaElement::play): If we are in full screen mode, start our timer to hide the full screen
864             controls. We don't want the user to have to move the mouse to hide them when they use the spacebar
865             to play.
866         (WebCore::HTMLMediaElement::startHideFullscreenControlsTimer): Starts a oneshot timer 3 seconds in the future
867             if we are in full screen.
868         (WebCore::HTMLMediaElement::hideFullscreenControlsTimerFired): Make sure that we are currently playing, and
869             we are in full screen, and hide the controls. We don't want to hide the controls if we are paused.
870         (WebCore::HTMLMediaElement::stopHideFullscreenControlsTimer): Stops the timer.
871         (WebCore::HTMLMediaElement::defaultEventHandler): If we get a mouse move event and are in full screen, show the
872             controls and start a timer to hide them.
873         (WebCore::HTMLMediaElement::enterFullscreen): Start a timer to hide the full screen controls. The user shouldn't
874             have the move the mouse once they enter full screen to hide the controls.
875         (WebCore::HTMLMediaElement::exitFullscreen): Stop the timer to hide the full screen controls.
876         * html/HTMLMediaElement.h:
877         * html/shadow/MediaControls.h: Added pure virtual shouldHideControls() method.
878         * html/shadow/MediaControlRootElement.cpp:
879         (WebCore::MediaControlRootElement::playbackStopped): Stop the timer to hide the full screen controls.
880         (WebCore::MediaControlRootElement::shouldHideControls): Added, only report that
881             the caller should hide the controls if the panel is not hovered.
882         * html/shadow/MediaControlRootElement.h:
883
884 2011-05-29  Darin Adler  <darin@apple.com>
885
886         Reviewed by Kevin Decker.
887
888         REGRESSION (r87622): In media documents, clicking the full screen button and the play button pauses the video
889         https://bugs.webkit.org/show_bug.cgi?id=61713
890
891         We need to come up with a way to regression-test these changes. Nothing at the moment.
892
893         The bug is that we removed calls to preventDefault, but we still do need to prevent
894         default handling of this event.
895
896         * html/shadow/MediaControlElements.cpp:
897         (WebCore::MediaControlElement::preDispatchEventHandler): Add back the preventDefault
898         that was in here before r87622 as well as the stopPropagation that was added in r87622.
899         (WebCore::MediaControlMuteButtonElement::preDispatchEventHandler): Ditto.
900         (WebCore::MediaControlPlayButtonElement::preDispatchEventHandler): Ditto.
901         (WebCore::MediaControlSeekButtonElement::preDispatchEventHandler): Ditto.
902         (WebCore::MediaControlRewindButtonElement::preDispatchEventHandler): Ditto.
903         (WebCore::MediaControlReturnToRealtimeButtonElement::preDispatchEventHandler): Ditto.
904         (WebCore::MediaControlToggleClosedCaptionsButtonElement::preDispatchEventHandler): Ditto.
905         (WebCore::MediaControlFullscreenButtonElement::preDispatchEventHandler): Ditto.
906         (WebCore::MediaControlFullscreenVolumeMinButtonElement::preDispatchEventHandler): Ditto.
907         (WebCore::MediaControlFullscreenVolumeMaxButtonElement::preDispatchEventHandler): Ditto.
908
909 2011-05-28  Jer Noble  <jer.noble@apple.com>
910
911         Reviewed by Maciej Stachowiak.
912
913         Mouse clicks propagate outside full-screen media controls.
914         https://bugs.webkit.org/show_bug.cgi?id=61689
915
916         Mouse click events are propagating out of the media controls, so mouse click
917         listeners registered on the video element are getting fired when the user
918         clicks on media controller buttons.  By default, block propagation of click 
919         events from MediaControlElements by overriding preDispatchEventHandler, and
920         convert all instances of defaultEventHandler -> preDispatchEventHandler.  Change
921         all calls of event->setDefaultHandled() to event->stopPropagation().
922
923         * html/shadow/MediaControlElements.cpp:
924         (WebCore::MediaControlElement::preDispatchEventHandler): Added.  Block 
925             propagation of all mouse click events.
926         (WebCore::MediaControlVolumeSliderContainerElement::preDispatchEventHandler):
927             Renamed from setDefaultHandled.
928         (WebCore::MediaControlMuteButtonElement::preDispatchEventHandler): Ditto.
929         (WebCore::MediaControlPanelMuteButtonElement::preDispatchEventHandler): Ditto.
930         (WebCore::MediaControlPlayButtonElement::preDispatchEventHandler): Ditto.
931         (WebCore::MediaControlSeekButtonElement::preDispatchEventHandler): Ditto.
932         (WebCore::MediaControlRewindButtonElement::preDispatchEventHandler): Ditto.
933         (WebCore::MediaControlReturnToRealtimeButtonElement::preDispatchEventHandler): Ditto.
934         (WebCore::MediaControlToggleClosedCaptionsButtonElement::preDispatchEventHandler): Ditto.
935         (WebCore::MediaControlTimelineElement::preDispatchEventHandler): Ditto.
936         (WebCore::MediaControlVolumeSliderElement::preDispatchEventHandler): Ditto.
937         (WebCore::MediaControlFullscreenButtonElement::preDispatchEventHandler): Ditto.
938         (WebCore::MediaControlFullscreenVolumeMinButtonElement::preDispatchEventHandler): Ditto.
939         (WebCore::MediaControlFullscreenVolumeMaxButtonElement::preDispatchEventHandler): Ditto.
940         * html/shadow/MediaControlElements.h:
941
942 2011-05-26  Alexis Menard  <alexis.menard@openbossa.org>
943
944         Unreviewed build fix for Qt and QuickTime backend.
945
946         r87328 added a new system interface, we need to add it too.
947
948         * platform/qt/WebCoreSystemInterface.h:
949         * platform/qt/WebCoreSystemInterface.mm:
950
951 2011-05-24  Jer Noble  <jer.noble@apple.com>
952
953         Reviewed by Darin Adler.
954
955         Video fails to play on Vimeo
956         https://bugs.webkit.org/show_bug.cgi?id=61403
957
958         No new tests; Covered by media/video-canvas-source.html.
959
960         Vimeo redirects their assets from player.vimeo.com to av.vimeo.com, which is rejected
961         by AVFoundation and QTKit due to our setting a ForbidCrossSiteReference option when
962         creating an AVAsset or QTMovie. Instead, we should just reject local->remote and
963         remote->local and make our answer to hasSingleSecurityOrigin dynamic.
964
965         When checking whether a given request has a single security origin, use a 
966         SecurityOrigin to check the host, port, and scheme.
967
968         * WebCore.exp.in:
969         * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
970         (WebCore::MediaPlayerPrivateAVFoundation::assetURL): Added.
971         * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.h:
972         * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.mm:
973         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL): Exchange ForbidCrossSiteReference
974             for ForbidRemoteReferenceToLocal and ForbidLocalReferenceToRemote
975         (WebCore::MediaPlayerPrivateAVFoundationObjC::hasSingleSecurityOrigin): Check to see that the
976             requested and resolved URLs have the same host and port.
977         * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
978         (WebCore::MediaPlayerPrivateQTKit::commonMovieAttributes): Exchange NoCrossSiteAttribute for 
979             NoRemoteToLocalSiteAttribute and NoLocalToRemoteSiteAttribute.
980         (WebCore::MediaPlayerPrivateQTKit::hasSingleSecurityOrigin):     Check to see that the
981                 requested and resolved URLs have the same host and port.
982         * platform/mac/WebCoreSystemInterface.h: Added wkAVAssetResolvedURL.
983         * platform/mac/WebCoreSystemInterface.mm: Ditto.
984
985 2011-05-15  Eric Carlson  <eric.carlson@apple.com>
986
987         Reviewed by Maciej Stachowiak.
988
989         Use new AVAssetReferenceRestrictions to prevent cross site media references
990         https://bugs.webkit.org/show_bug.cgi?id=60791
991         <rdar://problem/9374202>
992
993         Test: http/tests/media/video-cross-site.html
994
995         * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.mm:
996         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL): Set restriction
997             to prevent cross-domain references from being followed.
998
999 2011-05-10  Eric Carlson  <eric.carlson@apple.com>
1000
1001         Reviewed by Darin Adler.
1002
1003         Files that load quickly sometimes won't play.
1004         https://bugs.webkit.org/show_bug.cgi?id=60556
1005         <rdar://problem/9330567>
1006
1007         No new tests, this failure is very difficult to reproduce on some machines. The fix was
1008         verified manually.
1009
1010         * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
1011         (WebCore::MediaPlayerPrivateAVFoundation::playabilityKnown): Move the call to updateStates
1012             to dispatchNotification so it is more obvious which state changes call it.
1013         (WebCore::MediaPlayerPrivateAVFoundation::setNaturalSize): Correct logging typo.
1014         (WebCore::MediaPlayerPrivateAVFoundation::metadataLoaded): Move updateStates call to 
1015             dispatchNotification.
1016         (WebCore::MediaPlayerPrivateAVFoundation::rateChanged): Ditto.
1017         (WebCore::MediaPlayerPrivateAVFoundation::loadedTimeRangesChanged): Ditto.
1018         (WebCore::MediaPlayerPrivateAVFoundation::dispatchNotification): Call updateStates after
1019             processing "size changed" notification so we detect all state changes. Consolidate
1020             calls to updateStates here.
1021
1022         * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.mm:
1023         (WebCore::MediaPlayerPrivateAVFoundationObjC::createVideoLayer): Name the video layer in
1024             a debug build.
1025
1026 2011-05-05  Eric Carlson  <eric.carlson@apple.com>
1027
1028         Reviewed by Adam Roben.
1029
1030         Block callbacks delivered during destruction
1031         https://bugs.webkit.org/show_bug.cgi?id=60291
1032         <rdar://problem/9382942>
1033
1034         No new tests, tested by existing tests.
1035
1036         * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
1037         (WebCore::MediaPlayerPrivateAVFoundation::~MediaPlayerPrivateAVFoundation): Call 
1038             setIgnoreLoadStateChanges(true) to cancel all callbacks.
1039         (WebCore::MediaPlayerPrivateAVFoundation::updateStates): Return immediately if 
1040             m_ignoreLoadStateChanges is true.
1041         (WebCore::MediaPlayerPrivateAVFoundation::dispatchNotification): loadStateChanged -> updateStates.
1042             Don't call updateStates after calling loadedTimeRangesChanged, it already does it.
1043         * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
1044
1045 2011-05-25  Andrew Scherkus  <scherkus@chromium.org>
1046
1047         Reviewed by Eric Carlson.
1048
1049         Fix media element regression where ended event stopped firing after changing the src attribute.
1050
1051         https://bugs.webkit.org/show_bug.cgi?id=61336
1052
1053         Test: media/media-ended.html
1054
1055         * html/HTMLMediaElement.cpp:
1056         (WebCore::HTMLMediaElement::prepareForLoad):
1057
1058 2011-05-25  Jer Noble  <jer.noble@apple.com>
1059
1060         Reviewed by Darin Adler.
1061
1062         REGRESSION: Fullscreen button on embedded Vimeo videos does nothing
1063         https://bugs.webkit.org/show_bug.cgi?id=61461
1064
1065         Tests: fullscreen/full-screen-iframe-legacy.html
1066
1067         Allow calls from the legacy full-screen API to bypass the iframe
1068         "webkitallowfullscreen" requirement by adding a parameter to 
1069         Document::webkitRequestFullScreenForElement specifying the strictness
1070         of that check.  Specify this new parameter everywhere that function is 
1071         called, including in the default controls' full-screen button handler.
1072
1073         * dom/Document.cpp:
1074         (WebCore::Document::webkitRequestFullScreenForElement):
1075         * dom/Document.h:
1076         * dom/Element.cpp:
1077         (WebCore::Element::requestFullScreen): Renamed from webkitRequestFullScreen.
1078         * html/HTMLMediaElement.cpp:
1079         (WebCore::HTMLMediaElement::enterFullscreen):
1080         * html/shadow/MediaControlElements.cpp:
1081         (WebCore::MediaControlFullscreenButtonElement::defaultEventHandler):
1082
1083 2011-05-25  Alexis Menard  <alexis.menard@openbossa.org>
1084
1085         Reviewed by Eric Carlson.
1086
1087         [Qt] Enable usage of QuickTime mediaplayer for the Qt port on Mac.
1088         https://bugs.webkit.org/show_bug.cgi?id=61279
1089
1090         Enable the QuickTime backend for the Qt port on Mac. The patch adds the bits in WebCore
1091         to enable the QTKit backend of the Mac port. It can be enabled by passing DEFINES+=USE_QTKIT=1
1092         when calling build-webkit.
1093
1094         * WebCore.pri:
1095         * WebCore.pro:
1096         * features.pri:
1097         * platform/KURL.h:
1098         * platform/SharedBuffer.h:
1099         * platform/cf/KURLCFNet.cpp:
1100         * platform/cf/SharedBufferCF.cpp:
1101         * platform/graphics/FloatSize.h:
1102         * platform/graphics/IntRect.h:
1103         * platform/graphics/IntSize.h:
1104         * platform/graphics/MediaPlayer.cpp:
1105         * platform/graphics/cg/FloatSizeCG.cpp:
1106         * platform/graphics/cg/IntRectCG.cpp:
1107         * platform/graphics/mac/MediaPlayerPrivateQTKit.h:
1108         * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
1109         (WebCore::MediaPlayerPrivateQTKit::createQTMovieView):
1110         (WebCore::MediaPlayerPrivateQTKit::createQTVideoRenderer):
1111         (WebCore::MediaPlayerPrivateQTKit::createQTMovieLayer):
1112         (WebCore::MediaPlayerPrivateQTKit::preferredRenderingMode):
1113         (WebCore::MediaPlayerPrivateQTKit::paint):
1114         (-[WebCoreMovieObserver layerHostChanged:]):
1115         * platform/mac/KURLMac.mm:
1116         * platform/mac/SharedBufferMac.mm:
1117         (+[WebCoreSharedBufferData initialize]):
1118         * platform/mac/WebCoreObjCExtras.mm:
1119         * platform/qt/WebCoreSystemInterface.h: Added.
1120         * platform/qt/WebCoreSystemInterface.mm: Added.
1121
1122 2011-05-16  Jeremy Noble  <jer.noble@apple.com>
1123
1124         Unreviewed; build fix for non-SnowLeopard builds.
1125
1126         * platform/graphics/mac/MediaPlayerPrivateQTKit.mm: Wrap definition 
1127             of layerIsDescendentOf in a #if check.
1128
1129 2011-05-13  Jer Noble  <jer.noble@apple.com>
1130
1131         Reviewed by Simon Fraser.
1132
1133         Video is blank, controller is misplaced on trailers.apple.com movie in fullscreen (with two screens)
1134         https://bugs.webkit.org/show_bug.cgi?id=60826
1135
1136         Listen for a WebKitLayerHostChanged notification and, if the affected layer is an
1137         ancestor layer of the qtMovieLayer, tear down the layer and recreate it the
1138         next time setVisible(true) is called.
1139
1140         * dom/Document.cpp:
1141         (WebCore::Document::webkitDidEnterFullScreenForElement):  Call setFullScreenRootLayer(0) 
1142             before disabling animation on the full screen renderer.
1143         * platform/graphics/mac/MediaPlayerPrivateQTKit.h:
1144         * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
1145         (WebCore::MediaPlayerPrivateQTKit::createQTMovie): Register an observer for the new 
1146             WebKitLayerHostChanged notification.
1147         (WebCore::layerIsDescendentOf): Added.
1148         (WebCore::MediaPlayerPrivateQTKit::layerHostChanged): Added.  If the changed
1149             layer is an ancestor of the movie layer, tear down rendering and re-
1150             create the next time setVisible(true) is called.
1151         (-[WebCoreMovieObserver layerHostChanged:]):  Added ObjC listener wrapper.
1152
1153 2011-05-18  Jeremy Noble  <jer.noble@apple.com>
1154
1155         Reviewed by Darin Adler.
1156
1157         Poster is not shown in Safari for video element with no playable source elements.
1158         https://bugs.webkit.org/show_bug.cgi?id=61109
1159
1160         Test: media/video-src-invalid-poster.html
1161
1162         In the case where no video sources are playable, update the display state and 
1163         renderer, allowing the poster image to display.
1164
1165         * html/HTMLMediaElement.cpp:
1166         (WebCore::HTMLMediaElement::waitForSourceChange): 
1167
1168 2011-05-14  Jeremy Noble  <jer.noble@apple.com>
1169
1170         Reviewed by Darin Adler.
1171
1172         Exiting full screen causes <video> element inline controls to become visible
1173         https://bugs.webkit.org/show_bug.cgi?id=60142
1174
1175         Create a queue of elements who must be targeted with webkitfullscreenchange events. Instead of dispatching
1176         a single event with whatever the current value of m_fullScreenElement is (which may have been cleared, or
1177         changed since the timer was asked to fire), dispatch one event for each entry in the queue.
1178
1179         Test: fullscreen/video-controls-override.html
1180
1181         * dom/Document.cpp:
1182         (WebCore::Document::webkitDidEnterFullScreenForElement): Push current full screen element onto the
1183             webkitfullscreenchange event delay queue.
1184         (WebCore::Document::webkitDidExitFullScreenForElement): Ditto.
1185         (WebCore::Document::fullScreenElementRemoved): Ditto.
1186         (WebCore::Document::fullScreenChangeDelayTimerFired): Empty the queue, dispatching a 
1187             webkitfullscreenchange event for each entry.
1188         * dom/Document.h:
1189
1190 2011-05-05  Jer Noble  <jer.noble@apple.com>
1191
1192         Reviewed by Maciej Stachowiak.
1193
1194         Removing the full screen element via parent.innerHTML="" does not result in a webkitfullscreenchange event.
1195         https://bugs.webkit.org/show_bug.cgi?id=60278
1196
1197         Handle the removal of a full screen element from within Node::willRemove() instead
1198         of Document::nodeWillBeRemoved().  The new function Document::fullScreenElementWillBeRemoved() will
1199         be called by Node::willRemove() to handle those changes which used to occur in nodeWillBeRemoved().
1200
1201         Test: fullscreen/full-screen-remove-children.html
1202
1203         * dom/Document.cpp:
1204         (WebCore::Document::nodeWillBeRemoved): Removed the code checking for the full screen element.
1205         (WebCore::Document::fullScreenElementWillBeRemoved): Added, moved from nodeWillBeRemoved.
1206         * dom/Document.h:
1207         * dom/Node.cpp:
1208         (WebCore::Node::willRemove): Check to see if this is the current full screen element.
1209
1210 2011-05-04  Philippe Normand  <pnormand@igalia.com>
1211
1212         Reviewed by Martin Robinson.
1213
1214         [Gtk+] deadlock in gstreamer video player when exiting fullscreen
1215         https://bugs.webkit.org/show_bug.cgi?id=58548
1216
1217         Block data flow towards the pipeline branch to remove to avoid
1218         potential deadlocks during the PAUSED->READY transitions of the
1219         elements to remove.
1220
1221         * platform/graphics/gstreamer/GStreamerGWorld.cpp:
1222         (WebCore::GStreamerGWorld::exitFullscreen):
1223
1224 2011-05-11  Eric Carlson  <eric.carlson@apple.com>
1225
1226         Reviewed by Darin Adler.
1227
1228         Video track sometimes fails to draw.
1229         https://bugs.webkit.org/show_bug.cgi?id=60635
1230         <rdar://problem/9281951>
1231
1232         No new tests, covered by existing pixel tests.
1233
1234         * html/HTMLMediaElement.cpp:
1235         (WebCore::HTMLMediaElement::loadResource): Set display mode to "Unknown" to force a 
1236             recalculation, and media engine notification, the next time the state machine runs.
1237
1238 2011-05-05  Eric Carlson  <eric.carlson@apple.com>
1239
1240         Reviewed by Adam Roben.
1241
1242         The preload attribute of the video tag is not completely implemented
1243         https://bugs.webkit.org/show_bug.cgi?id=43673
1244         <rdar://problem/9369746>
1245
1246         This change implements "preload=metadata" for the AVFoundation backend.
1247         Tested manually with manual-tests/media-elements/video-preload.html.
1248
1249         * html/HTMLMediaElement.cpp:
1250         (WebCore::HTMLMediaElement::HTMLMediaElement): Initialize m_havePreparedToPlay.
1251         (WebCore::HTMLMediaElement::prepareForLoad): Ditto.
1252         (WebCore::HTMLMediaElement::prepareToPlay): New, tell player to prepare to play.
1253         (WebCore::HTMLMediaElement::seek): Call prepareToPlay when preload is less than 'auto'
1254             because we need to have media data loaded to seek.
1255         (WebCore::HTMLMediaElement::updatePlayState): Call prepareToPlay.
1256         * html/HTMLMediaElement.h:
1257
1258         * manual-tests/media-elements/video-preload.html: Make changing urls work. 
1259
1260         * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
1261         (WebCore::MediaPlayerPrivateAVFoundation::MediaPlayerPrivateAVFoundation):  Remove 
1262             m_videoFrameHasDrawn and m_delayingLoad as they are no longer used.
1263         (WebCore::MediaPlayerPrivateAVFoundation::resumeLoad): Removed.
1264         (WebCore::MediaPlayerPrivateAVFoundation::load): Don't initialize m_videoFrameHasDrawn. 
1265             Move all preload logic to setPreload, call it from here.
1266         (WebCore::MediaPlayerPrivateAVFoundation::prepareToPlay): Move all preload logic to 
1267             setPreload, call it.
1268         (WebCore::MediaPlayerPrivateAVFoundation::duration): Don't cache duration = 0, it is
1269             unlikely to be correct and isn't worth caching. Use invalidTime() function.
1270         (WebCore::MediaPlayerPrivateAVFoundation::seeking): Use invalidTime() function.
1271         (WebCore::MediaPlayerPrivateAVFoundation::setNaturalSize): Add logging.
1272         (WebCore::MediaPlayerPrivateAVFoundation::updateStates): Update for name change AVAssetStatus
1273             to AssetStatus. Always create a AVPlayerItem for live streams because they can't be inspected
1274             without one. Set networkState to 'idle' when the playback buffer is full because that is
1275             a signal that AVFoundation won't do any more IO. Set readyState to 'HAVE_CURRENT_DATA' 
1276             when the first frame is available.
1277         (WebCore::MediaPlayerPrivateAVFoundation::metadataLoaded): Call tracksChanged so we cache
1278             width, height, hasVideo, etc.
1279         (WebCore::MediaPlayerPrivateAVFoundation::loadedTimeRangesChanged): Use invalidTime() function.
1280         (WebCore::MediaPlayerPrivateAVFoundation::timeChanged): Ditto.
1281         (WebCore::MediaPlayerPrivateAVFoundation::seekCompleted): Ditto.
1282         (WebCore::MediaPlayerPrivateAVFoundation::repaint): Don't set m_videoFrameHasDrawn, it is done
1283             in derived classes.
1284         (WebCore::MediaPlayerPrivateAVFoundation::setPreload): Centralize all logic about when to create
1285             AVAsset and AVPlayerItem here.
1286         * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
1287
1288         * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.h:
1289         * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.mm:
1290         (WebCore::MediaPlayerPrivateAVFoundationObjC::MediaPlayerPrivateAVFoundationObjC): Initialize
1291             m_videoFrameHasDrawn.
1292         (WebCore::MediaPlayerPrivateAVFoundationObjC::hasAvailableVideoFrame): New, renamed from
1293             videoLayerIsReadyToDisplay. Return true if we have a layer with frames available or
1294             if we have painted a frame to the context.
1295         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL): New, create the AVAsset
1296             if necessary.
1297         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForCacheResource): Ditto.
1298         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayer): Restructure logic.
1299         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerItem): New, create AVPlayerItem.
1300         (WebCore::MediaPlayerPrivateAVFoundationObjC::beginLoadingMetadata): Correct logging.
1301         (WebCore::MediaPlayerPrivateAVFoundationObjC::playerItemStatus): Return "buffer full" when
1302             the buffer is full.
1303         (WebCore::MediaPlayerPrivateAVFoundationObjC::platformDuration): Get the duration from the
1304             AVAsset when we haven't allocated the AVPlayerItem yet so that we can return duration
1305             when we only have metadata.
1306         (WebCore::MediaPlayerPrivateAVFoundationObjC::assetStatus): Update for name change.
1307         (WebCore::MediaPlayerPrivateAVFoundationObjC::paint): Set m_videoFrameHasDrawn.
1308         (WebCore::MediaPlayerPrivateAVFoundationObjC::tracksChanged): Get attributes from AVAsset
1309             when when we haven't allocated the AVPlayerItem yet so that we can report attributes
1310             when we only have metadata.
1311         (WebCore::MediaPlayerPrivateAVFoundationObjC::sizeChanged): Guard against being called before
1312             we have allocated the AVPlayerItem.
1313
1314 2011-06-03  Doreen Jiang  <doreen.jiang@nokia.com>
1315
1316         Reviewed by Benjamin Poulain.
1317
1318         [Qt]The minimum size of the select menu list is incorrect for qtwebkit
1319         https://bugs.webkit.org/show_bug.cgi?id=56752
1320
1321         The minimum width of the select-box is calculated to be as small as possible 
1322         instead of hardcoded value (width of 7 characters) in minimumMenuListSize() function
1323         This will avoid overapping the select lists in popular websites.
1324
1325         Test: fast/forms/selectlist-minsize.html
1326
1327         * platform/qt/RenderThemeQt.cpp:
1328         (WebCore::RenderThemeQt::minimumMenuListSize):
1329
1330 2011-06-02  Ryosuke Niwa  <rniwa@webkit.org>
1331
1332         Reviewed by Eric Seidel.
1333
1334         REGRESSION: inline style is lost when deleting line break between paragraphs with same style
1335         https://bugs.webkit.org/show_bug.cgi?id=61899
1336
1337         The bug was caused by ReplaceSelectionCommand::doApply's calling handleStyleSpansBeforeInsertion
1338         before insertionPos is adjusted by positionAvoidingPrecedingNodes and positionOutsideTabSpan.
1339
1340         Fixed the bug by calling handleStyleSpansBeforeInsertion after the calls to these two functions.
1341
1342         Test: editing/deleting/delete-line-break-between-paragraphs-with-same-style.html
1343
1344         * editing/ReplaceSelectionCommand.cpp:
1345         (WebCore::ReplaceSelectionCommand::doApply):
1346
1347 2011-06-01  Ryosuke Niwa  <rniwa@webkit.org>
1348
1349         Reviewed by Simon Fraser.
1350
1351         REGRESSION: Text selection broken for text with line-height applied
1352         https://bugs.webkit.org/show_bug.cgi?id=54929
1353
1354         The bug was caused by RenderText::positionForPoint's not considering the case where a point is
1355         above selectionTop and below lineTop of the first root inline box. Fixed the bug by considering
1356         any point between selectionTop and lineTop to be inside a root inline box. This condition is
1357         consistent with the condition we use to determine the bottom of a line.
1358
1359         Test: editing/selection/hit-test-on-text-with-line-height.html
1360
1361         * rendering/RenderBlock.cpp:
1362         (WebCore::RenderBlock::positionForPointWithInlineChildren): Fixed a condition to determine whether
1363         or not a point is above the first root line box. We need to check both selectionTop and logicalTop
1364         for the same reason explained above.
1365         * rendering/RenderText.cpp:
1366         (WebCore::RenderText::positionForPoint): See above.
1367
1368 2011-06-02  Andreas Kling  <kling@webkit.org>
1369
1370         Rubber-stamped by Simon Hausmann.
1371
1372         Remove Qt's precompiled header hack as it was broken, and was not even
1373         used unless building WebKit inside a Qt tree.
1374
1375         * WebCore.pri:
1376
1377 2011-06-01  David Carson  <dacarson@apple.com>
1378
1379         Reviewed by Antti Koivisto.
1380
1381         https://bugs.webkit.org/show_bug.cgi?id=61831
1382         If width and height of an iframe is fixed and should not be visible, then
1383         it shouldn't be flattened.
1384
1385         Test: fast/frames/flattening/iframe-flattening-fixed-width-and-height-zero-size.html
1386
1387         * rendering/RenderIFrame.cpp:
1388         (WebCore::RenderIFrame::flattenFrame): add a check for a zero width or height
1389
1390 2011-06-02  Aparna Nandyal  <aparna.nand@wipro.com>
1391
1392         Reviewed by Andreas Kling.
1393
1394         [Qt] Multiple drop events when doing DnD of images.
1395         https://bugs.webkit.org/show_bug.cgi?id=61504
1396
1397         Duplicate entries of the url were getting added into drag data
1398         which is removed. The duplicate entries were causing the same image
1399         url to be copied twice. The code changes now match other webkit ports.
1400
1401         * platform/qt/ClipboardQt.cpp:
1402         (WebCore::ClipboardQt::declareAndWriteDragImage):
1403
1404 2011-05-31  Rafael Brandao  <rafael.lobo@openbossa.org>
1405
1406         Reviewed by Andreas Kling.
1407
1408         [Qt] tst_QWebFrame::render() failing
1409         https://bugs.webkit.org/show_bug.cgi?id=60893
1410
1411         Due a problem on QPicture (http://bugreports.qt.nokia.com/browse/QTBUG-19496),
1412         this test was calculating the final geometry incorrectly. As the order between
1413         a translate and a draw operation could be relevant for it, but not for the
1414         final rendered result, they were changed on ScrollbarThemeQt::paint.
1415
1416         * platform/qt/ScrollbarThemeQt.cpp:
1417         (WebCore::ScrollbarThemeQt::paint):
1418
1419 2011-05-31  B.J. Wever  <skylined@chromium.org>
1420
1421         Reviewed by Adam Barth.
1422
1423         requestFileSystem and resolveLocalFileSystemURI are not checking if
1424         errorCallback is NULL before scheduling a callback on error.
1425         https://bugs.webkit.org/show_bug.cgi?id=49539
1426
1427         Test: fast/filesystem/filesystem-no-callback-null-ptr-crash.html
1428
1429         * fileapi/DOMFileSystem.cpp:
1430         (WebCore::DOMFileSystem::scheduleCallback): Only call callback if
1431           one is supplied.
1432
1433 2011-05-31  Abhishek Arya  <inferno@chromium.org>
1434
1435         Reviewed by Dimitri Glazkov.
1436
1437         Convert raw ptr to RefPtr for documentElement.
1438         https://bugs.webkit.org/show_bug.cgi?id=61688
1439
1440         Test: fast/dom/xml-parser-error-message-crash.svg
1441
1442         * dom/XMLDocumentParser.cpp:
1443         (WebCore::XMLDocumentParser::insertErrorMessageBlock):
1444
1445 2011-05-31  Yael Aharon  <yael.aharon@nokia.com>
1446
1447         Reviewed by Kenneth Rohde Christiansen.
1448
1449         Frame flattening is broken with nested frames
1450         https://bugs.webkit.org/show_bug.cgi?id=61491
1451
1452         After r77988, when frame flattening is enabled, performPostLayoutTasks() is called on a timer for iframes.
1453         This causes layout of nested iframes to sometimes happen asynchronously, but WebCore expects layout to always finish synchronously.
1454         Added a call to updateWidgetPosition() for cases that performPostLayoutTasks() is now happening asynchronously.
1455
1456         Test: fast/frames/flattening/iframe-flattening-nested.html
1457
1458         * page/FrameView.cpp:
1459         (WebCore::FrameView::layout):
1460
1461 2011-05-13  Adam Roben  <aroben@apple.com>
1462
1463         Build fix after r86418
1464
1465         * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.h:
1466         Made the destructor public so that this class can be used with
1467         [Pass]OwnPtr.
1468
1469 2011-05-13  Patrick Gansterer  <paroga@webkit.org>
1470
1471         Reviewed by Adam Barth.
1472
1473         Enable OwnPtr strict mode in MediaPlayer
1474         https://bugs.webkit.org/show_bug.cgi?id=59466
1475
1476         Let the CreateMediaEnginePlayer function return a PassOwnPtr instead of a raw pointer.
1477         Also fix the templete argument of OwnPtr for the m_private member variable.
1478
1479         * platform/graphics/MediaPlayer.cpp:
1480         (WebCore::MediaPlayer::MediaPlayer):
1481         (WebCore::MediaPlayer::loadWithNextMediaEngine):
1482         * platform/graphics/MediaPlayer.h:
1483         * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.h:
1484         * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.mm:
1485         (WebCore::MediaPlayerPrivateAVFoundationObjC::create):
1486         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1487         (WebCore::MediaPlayerPrivateGStreamer::create):
1488         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
1489         * platform/graphics/mac/MediaPlayerPrivateQTKit.h:
1490         * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
1491         (WebCore::MediaPlayerPrivateQTKit::create):
1492         * platform/graphics/qt/MediaPlayerPrivatePhonon.cpp:
1493         (WebCore::MediaPlayerPrivatePhonon::create):
1494         * platform/graphics/qt/MediaPlayerPrivatePhonon.h:
1495         * platform/graphics/qt/MediaPlayerPrivateQt.cpp:
1496         (WebCore::MediaPlayerPrivateQt::create):
1497         * platform/graphics/qt/MediaPlayerPrivateQt.h:
1498         * platform/graphics/win/MediaPlayerPrivateQuickTimeVisualContext.cpp:
1499         (WebCore::MediaPlayerPrivateQuickTimeVisualContext::create):
1500         * platform/graphics/win/MediaPlayerPrivateQuickTimeVisualContext.h:
1501         * platform/graphics/win/MediaPlayerPrivateQuickTimeWin.cpp:
1502         (WebCore::MediaPlayerPrivate::create):
1503         * platform/graphics/win/MediaPlayerPrivateQuickTimeWin.h:
1504         * platform/graphics/wince/MediaPlayerPrivateWinCE.h:
1505
1506 2011-05-12  Maciej Stachowiak  <mjs@apple.com>
1507
1508         Reviewed by Darin Adler.
1509
1510         XMLDocumentParserLibxml2 should play nice with strict OwnPtrs
1511         https://bugs.webkit.org/show_bug.cgi?id=59394
1512
1513         Properly fix this (formerly rolled out for breaking the build). I think the original
1514         failure had nothing to do with Deque<OwnPtr>, which in fact appears to work fine.
1515
1516         * dom/XMLDocumentParserLibxml2.cpp:
1517         (WebCore::PendingCallbacks::~PendingCallbacks):
1518         (WebCore::PendingCallbacks::create):
1519         (WebCore::PendingCallbacks::appendStartElementNSCallback):
1520         (WebCore::PendingCallbacks::appendEndElementNSCallback):
1521         (WebCore::PendingCallbacks::appendCharactersCallback):
1522         (WebCore::PendingCallbacks::appendProcessingInstructionCallback):
1523         (WebCore::PendingCallbacks::appendCDATABlockCallback):
1524         (WebCore::PendingCallbacks::appendCommentCallback):
1525         (WebCore::PendingCallbacks::appendInternalSubsetCallback):
1526         (WebCore::PendingCallbacks::appendErrorCallback):
1527         (WebCore::PendingCallbacks::PendingCallbacks):
1528         (WebCore::XMLDocumentParser::XMLDocumentParser):
1529
1530 2011-05-31  Oleg Romashin  <oleg.romashin@nokia.com>
1531
1532         Reviewed by Benjamin Poulain.
1533
1534         Fix compilation with debug enabled, m_lightSource.type is not valid anymore
1535         https://bugs.webkit.org/show_bug.cgi?id=61719
1536
1537         * platform/graphics/filters/arm/FELightingNEON.h:
1538         (WebCore::FELighting::platformApplyNeon):
1539
1540 2011-05-12  Daniel Bates  <dbates@rim.com>
1541
1542         Attempt to fix the build after changeset 86391 <http://trac.webkit.org/changeset/86391>
1543         (https://bugs.webkit.org/show_bug.cgi?id=60681).
1544
1545         * page/PluginHalter.cpp:
1546         (WebCore::PluginHalter::PluginHalter): Substitute m_client for client in ASSERT_ARG since client is now of type PassOwnPtr
1547         so it becomes 0 when assigned to another variable.
1548
1549 2011-05-12  Patrick Gansterer  <paroga@webkit.org>
1550
1551         Reviewed by Adam Barth.
1552
1553         Enable OwnPtr strict mode in PluginHalter
1554         https://bugs.webkit.org/show_bug.cgi?id=60681
1555
1556         Pass PluginHalterClient as (Pass)OwnPtr to Page and PluginHalter.
1557
1558         * WebCore.exp.in:
1559         * page/Page.cpp:
1560         (WebCore::Page::Page):
1561         (WebCore::Page::PageClients::PageClients):
1562         * page/Page.h:
1563         * page/PluginHalter.cpp:
1564         (WebCore::PluginHalter::PluginHalter):
1565         * page/PluginHalter.h:
1566
1567 2011-05-28  Alexey Proskuryakov  <ap@apple.com>
1568
1569         Suggested by Simon Fraser.
1570
1571         REGRESSION (r85375): Load event is sometimes lost when multiple image elements use the same URL
1572         https://bugs.webkit.org/show_bug.cgi?id=61692
1573         <rdar://problem/9488628>
1574
1575         * loader/ImageLoader.cpp: (WebCore::ImageLoader::notifyFinished): There was no need to use
1576         ASSERT_UNUSED here.
1577
1578 2011-05-28  Alexey Proskuryakov  <ap@apple.com>
1579
1580         Reviewed by Geoff Garen.
1581
1582         REGRESSION (r85375): Load event is sometimes lost when multiple image elements use the same URL
1583         https://bugs.webkit.org/show_bug.cgi?id=61692
1584         <rdar://problem/9488628>
1585
1586         Test: fast/dom/gc-image-element-2.html
1587
1588         Manually verified that tests from bug 59604 and from bug 40926 still pass.
1589
1590         The problem here was that HTMLImageElement::hasPendingActivity() could return false when
1591         a load (or error) event was still expected to fire.
1592
1593         * loader/cache/CachedResource.cpp:
1594         (WebCore::CachedResource::setRequest):
1595         * loader/cache/CachedResource.h:
1596         (WebCore::CachedResource::wasCanceled):
1597         (WebCore::CachedResource::errorOccurred):
1598         Track whether the load was canceled. We want to always notify clients of load outcome,
1599         as that's the only way they could make intelligent decisions.
1600
1601         * dom/ScriptElement.cpp: (WebCore::ScriptElement::execute): Cached resource clients now
1602         get a notifyFinished call on cancellation. Handle this case, where we don't need the
1603         execute the script, but also don't need to fire an error event.
1604
1605         * html/HTMLImageElement.cpp: Moved hasPendingActivity() to header, since it's just a single
1606         function call now.
1607
1608         * html/HTMLImageElement.h: (WebCore::HTMLImageElement::hasPendingActivity): There is a large
1609         window between when CachedResource::isLoading() becomes false and events are queued.
1610         ImageLoader::haveFiredLoadEvent() is a much better indication of whether we are expecting
1611         an event to fire.
1612
1613         * html/HTMLLinkElement.cpp: (WebCore::HTMLLinkElement::onloadTimerFired): Again, don't do
1614         anything on cancellation.
1615
1616         * loader/ImageLoader.cpp:
1617         (WebCore::ImageEventSender::hasPendingEvents): Made it debug-only again, and fixed to
1618         give an accurate result while looping over the list of events to dispatch.
1619         (WebCore::ImageLoader::notifyFinished): Don't do anything when cancelled. We don't want to
1620         switch to a broken image icon, or to dispatch events.
1621         (WebCore::ImageEventSender::dispatchPendingEvents): Clear the current loader from dispatching
1622         list, as the event is no longer pending when it's being dispatched.
1623
1624         * loader/ImageLoader.h: Removed unnecessary hasPendingLoadEvent(). We don't care whether one
1625         is already pending, we only care if one is expected at some time in the future, and
1626         !haveFiredLoadEvent() is our best idea of that.
1627
1628         * dom/XMLDocumentParser.cpp: (WebCore::XMLDocumentParser::notifyFinished): Another place to
1629         handle cancellation.
1630
1631 2011-05-23  Syed Idris Shah  <syed.idris-shah@nokia.com>
1632
1633         Reviewed by Andreas Kling.
1634
1635         GraphicsContext3DInternal object should be called for getAttachedShaders.
1636         [Qt] fast/canvas/webgl/gl-object-get-calls.html crash for Qt based webkit
1637         https://bugs.webkit.org/show_bug.cgi?id=61202 
1638
1639         LayoutTests/fast/canvas/webgl/gl-object-get-calls.html
1640
1641         getAttachedShaders should be called on GraphicsContext3DInternal instance.
1642         It was left out by mistake.
1643
1644         * platform/graphics/qt/GraphicsContext3DQt.cpp: 
1645         (WebCore::GraphicsContext3D::getAttachedShaders): GraphicsContext3DInternal instance should be called.
1646
1647 2011-05-26  MORITA Hajime  <morrita@google.com>
1648
1649         Reviewed by Kent Tamura.
1650
1651         WebCore::HTMLSummaryElement::isMainSummary ReadAV@NULL
1652         https://bugs.webkit.org/show_bug.cgi?id=61511
1653
1654         Removed Unnecessary wrong cast to Elmement, which can be non-Element.
1655
1656         Test: fast/html/details-summary-document-child.html
1657
1658         * html/HTMLSummaryElement.cpp:
1659         (WebCore::HTMLSummaryElement::detailsElement):
1660
1661 2011-05-26  Shane Stephens  <shanestephens@google.com>
1662
1663         Reviewed by James Robinson.
1664
1665         REGRESSION (r81992): layout triggered by position update fails to apply when transform is updated at same time
1666         https://bugs.webkit.org/show_bug.cgi?id=60689
1667
1668         When a transform is modified in a style, we were upgrading our understanding
1669         of the difference from PositionedMovementOnly to SimplifiedLayout.  However,
1670         if the position of the style is independently changed at the same time, both
1671         PositionedMovement and SimplifiedLayout passes are required.
1672
1673         Test: transforms/2d/set-transform-and-top.html
1674
1675         * rendering/RenderObject.cpp:
1676         Added checks for SimplifiedLayoutAndPositionedMovement - when encountered,
1677         set both PositionedMovement and SimplifiedLayout update flasgs.
1678         * rendering/style/RenderStyleConstants.h:
1679         Added a new StyleDifference enum value (SimplifiedLayoutAndPositionedMovement) for
1680         cases when both PositionedMovement and SimplifiedLayout are required.
1681
1682 2011-05-26  Syed Idris Shah  <syed.idris-shah@nokia.com>
1683
1684         Reviewed by Andreas Kling.
1685
1686         [Qt] fast/canvas/webgl/gl-uniform-arrays.html failing for Qt on Linux
1687         https://bugs.webkit.org/show_bug.cgi?id=60377 
1688
1689         LayoutTests/fast/canvas/webgl/gl-uniform-arrays.html
1690
1691         For an array of active uniform, we should be careful while truncating the name of the uniform. 
1692         Currently we are truncating the last three characters of an array with out checking for [0]. 
1693         As a result we are truncating the the actual name of the active uniforms i.e. color to co. 
1694
1695         * html/canvas/WebGLRenderingContext.cpp:
1696         (WebCore::WebGLRenderingContext::getUniform): Strip "[0]" from the name if it's an array and is part of the name.
1697
1698 2011-05-24  Syed Idris Shah  <syed.idris-shah@nokia.com>
1699
1700         Reviewed by Andreas Kling.
1701
1702         [Qt] fast/canvas/webgl/gl-uniform-arrays.html failing for Qt on Linux
1703         https://bugs.webkit.org/show_bug.cgi?id=60377 
1704
1705         LayoutTests/fast/canvas/webgl/gl-uniform-arrays.html
1706
1707         We do not need assert for the useProgram as program can be null.
1708
1709         * platform/graphics/qt/GraphicsContext3DQt.cpp:
1710         (WebCore::GraphicsContext3D::useProgram): Program can be null. Removing assert.
1711
1712 2011-05-26  Sheriff Bot  <webkit.review.bot@gmail.com>
1713
1714         Unreviewed, rolling out r87368.
1715         http://trac.webkit.org/changeset/87368
1716         https://bugs.webkit.org/show_bug.cgi?id=61564
1717
1718         Wrong approach, will do the wrong thing if the element needs
1719         simplified normal flow layout but is not positioned (Requested
1720         by jamesr on #webkit).
1721
1722         * rendering/RenderObject.h:
1723         (WebCore::RenderObject::needsPositionedMovementLayout):
1724
1725 2011-05-20  Abhishek Arya  <inferno@chromium.org>
1726
1727         Reviewed by Kent Tamura.
1728
1729         Make auto-focus a post attach callback in
1730         HTMLFormControlElement::attach().
1731         https://bugs.webkit.org/show_bug.cgi?id=32882
1732
1733         Original patch by Darin Adler. This one uses a part of it.
1734         
1735         Test: fast/forms/input-element-attach-crash.html
1736
1737         * dom/Document.cpp:
1738         (WebCore::Document::recalcStyle): Make sure that m_inStyleRecalc is
1739         already false by the time post-attach callbacks are done so that
1740         layout triggered inside those callbacks can work properly.
1741         * html/HTMLFormControlElement.cpp:
1742         (WebCore::shouldAutofocus): Helper function that expresses
1743         the rule for which form control elements should auto-focus.
1744         (WebCore::focusPostAttach): Called post-attach to focus an
1745         element if we discover it should be focused during attach.
1746         (WebCore::HTMLFormControlElement::attach): Refactored code for
1747         which elements need auto-focus into a separate function. Instead
1748         of focusing right away, use the focusPostAttach function to focus
1749         after attach is done. Also added calls to suspendPostAttachCallbacks
1750         and resumePostAttachCallbacks so post-attach callbacks happen late
1751         enough. Before, they could run inside the base attach function.
1752         * html/HTMLInputElement.cpp:
1753         (WebCore::HTMLInputElement::attach): Added calls to
1754         suspendPostAttachCallbacks and resumePostAttachCallbacks so
1755         post-attach callbacks happen late enough
1756
1757 2011-05-18  Rob Buis  <rbuis@rim.com>
1758
1759         Reviewed by Nikolas Zimmermann.
1760
1761         NULL deref when SVG elements have table styles 
1762         https://bugs.webkit.org/show_bug.cgi?id=45561
1763
1764         Restrict computed CSS values for SVG display property to block, inline or none.
1765
1766         Tests: svg/custom/display-table-caption-foreignObject.svg
1767                svg/custom/display-table-caption-inherit-foreignObject.xhtml
1768                svg/custom/display-table-caption-inherit-text.xhtml
1769                svg/custom/display-table-caption-text.svg
1770
1771         * css/CSSStyleSelector.cpp:
1772         (WebCore::SVGDisplayPropertyGuard::SVGDisplayPropertyGuard):
1773         (WebCore::SVGDisplayPropertyGuard::~SVGDisplayPropertyGuard):
1774         (WebCore::isAcceptableForSVGElement):
1775         (WebCore::CSSStyleSelector::applyProperty):
1776
1777 2011-05-17  Cris Neckar  <cdn@chromium.org>
1778
1779         Reviewed by Adam Barth.
1780
1781         Clear the image from ImageLoader rather than clearing the ImageLoader in HTMLObjectElement::renderFallbackContent.
1782         https://bugs.webkit.org/show_bug.cgi?id=61005
1783
1784         Test: http/tests/loading/nested_bad_objects.php
1785
1786         * html/HTMLObjectElement.cpp:
1787         (WebCore::HTMLObjectElement::renderFallbackContent):
1788
1789 2011-05-10  MORITA Hajime  <morrita@google.com>
1790
1791         Reviewed by Kent Tamura.
1792
1793         Crashes if the document inside iframe is removed during pasting some text into it.
1794         https://bugs.webkit.org/show_bug.cgi?id=60534
1795
1796         Added missing null check.
1797         
1798         Test: editing/pasteboard/paste-removing-iframe.html
1799
1800         * editing/Editor.cpp:
1801         (WebCore::Editor::shouldChangeSelection):
1802
1803 2011-05-11  Sam Weinig  <sam@webkit.org>
1804
1805         Reviewed by Eric Seidel.
1806
1807         Frequent crashes beneath WebCore::ScriptElement::prepareScript
1808         https://bugs.webkit.org/show_bug.cgi?id=60559
1809
1810         * html/parser/HTMLScriptRunner.cpp:
1811         (WebCore::HTMLScriptRunner::runScript):
1812         Add null check and explanation that we are keeping the ASSERT to help
1813         track down the cause and produce a test.
1814
1815 2011-05-08  Dan Bernstein  <mitz@apple.com>
1816
1817         Reviewed by Darin Adler.
1818
1819         <rdar://problem/9401853> REGRESSION (r78846): Insufficient expansion for justification when there are multiple inline boxes
1820         https://bugs.webkit.org/show_bug.cgi?id=60432
1821
1822         * rendering/InlineTextBox.h:
1823         (WebCore::InlineTextBox::setExpansion): Changed back to take a int, since the m_expansion member
1824         variable is a (truncated) int anyway.
1825         * rendering/RenderBlockLineLayout.cpp:
1826         (WebCore::computeExpansionForJustifiedText): Changed the expansion local variable into an int
1827         so that the right amount is added to the total width. Also changed to use an early return.
1828
1829 2011-05-06  Jon Lee  <jonlee@apple.com>
1830
1831         Reviewed by Alice Liu.
1832
1833         Crash when sending a wheel event to a node with no shadow ancestor node
1834         https://bugs.webkit.org/show_bug.cgi?id=60429
1835         <rdar://problem/9389619>
1836
1837         * page/EventHandler.cpp:
1838         (WebCore::EventHandler::handleWheelEvent):add check to see if the shadow ancestor node of the node that was under the mouse exists before trying to dispatch the wheel event to it.
1839
1840 2011-05-25  Simon Fraser  <simon.fraser@apple.com>
1841
1842         Reviewed by Dan Bernstein.
1843
1844         Always antialias borders, outlines and rules when scaling
1845         https://bugs.webkit.org/show_bug.cgi?id=61502
1846         
1847         r84273 changed the behavior of drawLineForBoxSide() to never antialias by default.
1848         This actually disabled antialiasing in some circumstances where it used to be enabled,
1849         for example collapsed table border drawing.
1850         
1851         Fix by allowing antialiasing for collapsed table borders, column rules and span
1852         outlines when the context is scaled.
1853
1854         Test: fast/borders/border-antialiasing.html
1855
1856         * rendering/RenderBlock.cpp:
1857         (WebCore::RenderBlock::paintColumnRules):
1858         * rendering/RenderInline.cpp:
1859         (WebCore::RenderInline::paintOutline):
1860         (WebCore::RenderInline::paintOutlineForLine):
1861         * rendering/RenderTableCell.cpp:
1862         (WebCore::RenderTableCell::paintCollapsedBorder):
1863
1864 2011-05-26  Igor Oliveira  <igor.oliveira@openbossa.org>
1865
1866         Reviewed by Andreas Kling.
1867
1868         drag-not-loaded-image.html test crashes when WebKit is built with debug option
1869         https://bugs.webkit.org/show_bug.cgi?id=61480
1870
1871         Checks if image has content before starting to drag.
1872
1873         * page/DragController.cpp:
1874         (WebCore::DragController::startDrag):
1875
1876 2011-05-25  Igor Oliveira  <igor.oliveira@openbossa.org>
1877
1878         Reviewed by Antonio Gomes.
1879
1880         [Qt] QtWebKit crashes when dragging not loaded images
1881         https://bugs.webkit.org/show_bug.cgi?id=61314
1882
1883         Checks if nativeImageForCurrentFrame is a valid pointer.
1884
1885         Test: http/tests/misc/drag-not-loaded-image.html
1886
1887         * platform/qt/DragImageQt.cpp:
1888         (WebCore::createDragImageFromImage):
1889
1890 2011-05-26  Shane Stephens  <shanestephens@google.com>
1891
1892         Reviewed by James Robinson.
1893
1894         REGRESSION (r81992): layout triggered by position update fails to apply when transform is updated at same time
1895         https://bugs.webkit.org/show_bug.cgi?id=60689
1896
1897         Test: transforms/2d/set-transform-and-top.html
1898
1899         * rendering/RenderBlock.cpp:
1900         (WebCore::RenderBlock::simplifiedLayout):
1901
1902 2011-05-25  Alexis Menard  <alexis.menard@openbossa.org>
1903
1904         Reviewed by Antonio Gomes.
1905
1906         [Qt] When QWebView has a different style set on it then the scrollbars are not rendered correctly
1907         https://bugs.webkit.org/show_bug.cgi?id=34635
1908
1909         Make sure the scrollbar is properly rendered on Mac with another style than the Mac style. The code had
1910         two paths, one for Mac and one for any other styles. The problem is that on Mac you can still run the
1911         application with -style plastique for example, therefore the code used for other styles should also be
1912         used whenever the current style is not the Mac style.
1913
1914         * platform/qt/ScrollbarThemeQt.cpp:
1915         (WebCore::ScrollbarThemeQt::paint):
1916
1917 2011-05-24  Leo Yang  <leo.yang@torchmobile.com.cn>
1918
1919         Reviewed by Ryosuke Niwa.
1920
1921         [SVG] Assertion failure by dragging text between input fields inside <foreignObject>s
1922         https://bugs.webkit.org/show_bug.cgi?id=60692
1923
1924         Add NULL check of 'holder' in WebCore::ReplacementFragment::ReplacementFragment()
1925         before call VisibleSelection::selectionFromContentsOfNode() to prevent crashing.
1926
1927         Test: editing/pasteboard/drag-drop-input-in-svg.svg
1928
1929         * editing/ReplaceSelectionCommand.cpp:
1930         (WebCore::ReplacementFragment::ReplacementFragment):
1931
1932 2011-05-24  Andy Estes  <aestes@apple.com>
1933
1934         Reviewed by Geoffrey Garen.
1935
1936         REGRESSION (r70748): WebKit cannot play QuickTime movies on Mac OS X Wiki Server pages
1937         https://bugs.webkit.org/show_bug.cgi?id=61229
1938
1939         This site-specific hack maintains compatibility with Mac OS X Wiki Server,
1940         which embeds QuickTime movies using an object tag containing QuickTime's
1941         ActiveX classid. Treat this classid as valid only if OS X Server's unique
1942         'generator' meta tag is present. Only apply this quirk if there is no
1943         fallback content, which ensures the quirk will disable itself if Wiki
1944         Server is updated to generate an alternate embed tag as fallback content.
1945
1946         * html/HTMLObjectElement.cpp:
1947         (WebCore::HTMLObjectElement::shouldAllowQuickTimeClassIdQuirk): Return
1948         true if site-specific quirks are enabled, the object element has no
1949         fallback content, the classid attribute matches QuickTime's classid and
1950         the document has a 'generator' meta tag matching Mac OS X Web Services
1951         Server's unique generator string.
1952         (WebCore::HTMLObjectElement::hasValidClassId): Call
1953         shouldAllowQuickTimeClassIdQuirk()
1954         * html/HTMLObjectElement.h:
1955
1956 2011-05-24  Tony Chang  <tony@chromium.org>
1957
1958         Reviewed by James Robinson.
1959
1960         fix render overflow computation for input type=range
1961         https://bugs.webkit.org/show_bug.cgi?id=61132
1962
1963         Test: fast/forms/slider-hit-testing.html
1964
1965         We need to clear m_overflow otherwise we use the first
1966         size of the slider for hit testing (i.e., changes to the size
1967         cause problems).  This only shows up if the thumb isn't contained
1968         in the bounds of the slider.  Making the range have a smaller height
1969         than the thumb shows the bug.
1970
1971         * rendering/RenderSlider.cpp:
1972         (WebCore::RenderSlider::layout): Clear the overflow during layout
1973             so we re-compute the overflow based on the current size of the
1974             slider.
1975
1976 2011-05-14  Abhishek Arya  <inferno@chromium.org>
1977
1978         Reviewed by Dan Bernstein.
1979
1980         As per spec, only allow one font family name in a font face rule.
1981         Other things like initial value, inherited value or multiple names
1982         are discarded.
1983         https://bugs.webkit.org/show_bug.cgi?id=60837
1984
1985         Test: fast/css/invalid-font-family-in-font-face-crash.html
1986
1987         * css/CSSParser.cpp:
1988         (WebCore::CSSParser::createFontFaceRule):
1989
1990 2011-05-18  Abhishek Arya  <inferno@chromium.org>
1991
1992         Reviewed by Dirk Schulze.
1993
1994         When SMIL element is getting removed, make sure to remove it
1995         from target's animation elements list.
1996         https://bugs.webkit.org/show_bug.cgi?id=60980
1997
1998         Test: svg/animations/smil-element-not-removed-crash.html
1999
2000         * svg/animation/SVGSMILElement.cpp:
2001         (WebCore::SVGSMILElement::~SVGSMILElement):
2002
2003 2011-05-23  James Simonsen  <simonjam@chromium.org>
2004
2005         Reviewed by Adam Barth.
2006
2007         Convert raw pointer to RefPtr.
2008         https://bugs.webkit.org/show_bug.cgi?id=61196
2009
2010         * dom/XMLDocumentParserLibxml2.cpp:
2011         (WebCore::XMLDocumentParser::endElementNs):
2012         * dom/XMLDocumentParserQt.cpp:
2013         (WebCore::XMLDocumentParser::parseEndElement):
2014
2015 2011-05-23  Sheriff Bot  <webkit.review.bot@gmail.com>
2016
2017         Unreviewed, rolling out r87007.
2018         http://trac.webkit.org/changeset/87007
2019         https://bugs.webkit.org/show_bug.cgi?id=61329
2020
2021         patch unnecessarily breaks HTML5 compatibility (Requested by
2022         estes on #webkit).
2023
2024         * html/HTMLObjectElement.cpp:
2025         (WebCore::HTMLObjectElement::hasValidClassId):
2026
2027 2011-05-23  Julien Chaffraix  <jchaffraix@codeaurora.org>
2028
2029         Reviewed by Darin Adler.
2030
2031         Crash from null pointer dereference below WebCore::StorageAreaImpl::setItem()
2032         https://bugs.webkit.org/show_bug.cgi?id=57140
2033
2034         Test: fast/storage/storage-detached-iframe.html
2035
2036         Access of localStorage on a detached iframe was causing a crash because a detached 
2037         iframe has a null m_page, and WebCore::privateBrowsingEnabled() wasn't testing for such.
2038
2039         * storage/StorageAreaImpl.cpp:
2040         (WebCore::privateBrowsingEnabled): check that child->page() is non-null before
2041         accessing it.
2042
2043 2011-05-20  Ryosuke Niwa  <rniwa@webkit.org>
2044
2045         Reviewed by Enrica Casucci.
2046
2047         REGRESSION(r84311): WebKit copies too much styles when copying
2048         https://bugs.webkit.org/show_bug.cgi?id=60914
2049
2050         The bug was caused by WebKit's cloning node hierarchy up until the node that has background color.
2051         Fixed the bug by not cloning background color and adding the effective background color to the wrapping
2052         style span.
2053
2054         Tests: editing/pasteboard/do-no-clone-unnecessary-styles-2.html
2055                editing/pasteboard/do-no-clone-unnecessary-styles.html
2056
2057         * editing/EditingStyle.cpp:
2058         (WebCore::cssValueToRGBA): Extracted from getRGBAFontColor.
2059         (WebCore::getRGBAFontColor): Moved.
2060         (WebCore::rgbaBackgroundColorInEffect): Added.
2061         (WebCore::EditingStyle::init): Added support for InheritablePropertiesAndBackgroundColorInEffect.
2062         (WebCore::EditingStyle::prepareToApplyAt): Include the effective background color at the given position.
2063         Also remove the background color property when the effective background color is equal to the background
2064         color property (in terms of RGBA value) of the editing style.
2065         (WebCore::hasTransparentBackgroundColor): Moved from Editor class.
2066         (WebCore::backgroundColorInEffect): Extracted from Editor::selectionStartCSSPropertyValue.
2067         * editing/EditingStyle.h: Added prototypes for hasTransparentBackgroundColor and backgroundColorInEffect.
2068         * editing/Editor.cpp:
2069         (WebCore::Editor::selectionStartCSSPropertyValue): Calls backgroundColorInEffect.
2070         * editing/Editor.h: Removed hasTransparentBackgroundColor.
2071         * editing/markup.cpp:
2072         (WebCore::isElementPresentational): Reverted r85090 and r84311.
2073         (WebCore::createMarkup): Include the background color in effect when computing the editing style.
2074
2075 2011-05-20  Ryosuke Niwa  <rniwa@webkit.org>
2076
2077         Reviewed by Enrica Casucci.
2078
2079         Wrap copied contents by one style span instead of two
2080         https://bugs.webkit.org/show_bug.cgi?id=60988
2081
2082         Replaced sourceDocumentStyleSpan and copiedRangeStyleSpan by one wrapping style span. Instead
2083         of wrapping the copied contents by user-applied style and document default style in serialization,
2084         take the difference with the document default's style in paste code.
2085
2086         This will dramatically simplify our copy and paste code and pave a way to fix the bug 60914.
2087
2088         No new tests because copy & paste is tested by existing layout tests.
2089
2090         * editing/EditingStyle.cpp:
2091         (WebCore::EditingStyle::prepareToApplyAt): Remove the color property if RGBA values of color
2092         matches that of the computed style at the specified position.
2093         * editing/ReplaceSelectionCommand.cpp:
2094         (WebCore::ReplaceSelectionCommand::handleStyleSpans): Replaced sourceDocumentStyleSpan and
2095         copiedRangeStyleSpan by wrappingStyleSpan. When pasting as a quotation, compare style against
2096         the document's default style to avoid keeping the document default style (tested by
2097         editing/pasteboard/4930986-3.html).
2098         * editing/ReplaceSelectionCommand.h:
2099         * editing/markup.cpp:
2100         (WebCore::createMarkup): Only use one style span to wrap the serialized contents.
2101
2102 2011-05-23  Abhishek Arya  <inferno@chromium.org>
2103
2104         Reviewed by Simon Fraser.
2105
2106         Terminate css color parsing on integers which are not followed
2107         by a terminator.
2108         https://bugs.webkit.org/show_bug.cgi?id=61293
2109
2110         Test: fast/css/parse-color-int-or-percent-crash.html
2111
2112         * css/CSSParser.cpp:
2113         (WebCore::parseColorIntOrPercentage):
2114
2115 2011-05-21  Dirk Schulze  <krit@webkit.org>
2116
2117         Reviewed by Darin Adler.
2118
2119         REGRESSION(r66731): pointer-events are broken in some cases
2120         https://bugs.webkit.org/show_bug.cgi?id=45467
2121
2122         The SVGSVGElement shouldn't be the target of a mouse event, if its pointer-events attribute is set
2123         to 'none'. This matches the behavior on Firefox where an embedded SVG element is the target of an event,
2124         if none of its childs caught the event. This is the case for all pointer-events other than 'none'.
2125
2126         Tests: svg/custom/pointer-events-on-svg-with-pointer.xhtml
2127                svg/custom/pointer-events-on-svg-without-pointer.xhtml
2128
2129         * rendering/svg/RenderSVGRoot.cpp:
2130         (WebCore::RenderSVGRoot::nodeAtPoint):
2131
2132 2011-05-21  Dan Bernstein  <mitz@apple.com>
2133
2134         Reviewed by Darin Adler.
2135
2136         <rdar://problem/9479926> REGRESSION (r82144): Icon overlaps text in Twitter message dialog
2137         https://bugs.webkit.org/show_bug.cgi?id=61241
2138
2139         Test: fast/block/positioning/start-ignoring-before.html
2140
2141         * rendering/RenderBlockLineLayout.cpp:
2142         (WebCore::TrailingObjects::updateMidpointsForTrailingBoxes): Added a boolean parameter saying
2143         whether to merge the first trailing space with the line break.
2144         (WebCore::RenderBlock::LineBreaker::nextLineBreak): When adding a midpoint behind the current
2145         character, account for trailing positioned objects that occurred after the midpoint by calling
2146         updateMidpointsForTrailingBoxes(), which adds midpoints for them.
2147
2148 2011-05-20  Andy Estes  <aestes@apple.com>
2149
2150         Reviewed by Darin Adler.
2151
2152         REGRESSION (r70748): WebKit cannot play videos created by Podcast Producer.
2153         https://bugs.webkit.org/show_bug.cgi?id=61229
2154         
2155         Podcast Producer uses an object tag with a classid attribute to embed
2156         QuickTime Player into a page. In r70748, we changed our behavior to
2157         render the object's fallback content when a non-empty classid is
2158         encountered, per HTML5. Since Podcast Producer videos have no fallback
2159         content, this change in behavior causes the video to fail to load.
2160         
2161         Since the object tag has a valid type attribute, we would be able to
2162         load it if weren't for the non-empty classid. This patch changes our
2163         policy to allow objects with non-empty classids if there is no fallback
2164         content. We still continue to prefer fallback content if it exists,
2165         however.
2166
2167         * html/HTMLObjectElement.cpp:
2168         (WebCore::HTMLObjectElement::hasValidClassId): Treat a non-empty
2169         classid as valid if the object has no fallback content.
2170
2171 2011-05-20  Dirk Schulze  <krit@webkit.org>
2172
2173         Reviewed by Eric Seidel.
2174
2175         SVG Large curve path segment OOM crash
2176         https://bugs.webkit.org/show_bug.cgi?id=42079
2177
2178         Limit the depth of repeatedly splitting a segment on length calculation to 20. The limitation
2179         is necessary for very big segments that would be splitter into millions of parts otherwise.
2180         The limitation just cause a less accurate approximation.
2181         At the moment the limit is fixed to 20. This is comparable with splitting the segment into 
2182         ~1 million parts as a worst case. We might want to be more flexible later.
2183
2184         Test: svg/custom/path-getTotalLength-on-big-segment-crash.svg
2185
2186         * platform/graphics/PathTraversalState.cpp:
2187         (WebCore::midPoint):
2188         (WebCore::curveLength):
2189         (WebCore::PathTraversalState::PathTraversalState):
2190         (WebCore::PathTraversalState::moveTo):
2191         (WebCore::PathTraversalState::quadraticBezierTo):
2192         (WebCore::PathTraversalState::cubicBezierTo):
2193         * platform/graphics/PathTraversalState.h:
2194
2195 2011-05-19  Andrew Wilson  <atwilson@chromium.org>
2196
2197         Reviewed by Darin Adler.
2198
2199         MessagePortArray cloning code needs to verify source before copying.
2200         https://bugs.webkit.org/show_bug.cgi?id=61130
2201
2202         * bindings/js/JSMessagePortCustom.cpp:
2203         (WebCore::fillMessagePortArray):
2204         Changed code to not pre-allocate the destination array.
2205         * bindings/v8/custom/V8MessagePortCustom.cpp:
2206         (WebCore::getMessagePortArray):
2207         Changed code to not pre-allocate the destination array.
2208
2209 2011-05-06  Alexis Menard  <alexis.menard@openbossa.org>
2210
2211         Reviewed by Darin Adler.
2212
2213         Fix two warnings of unused variables.
2214         https://bugs.webkit.org/show_bug.cgi?id=60370
2215
2216         Remove two unused local variable from the code.
2217
2218         No new tests, the existing ones should cover.
2219
2220         * rendering/RenderFlexibleBox.cpp:
2221         (WebCore::RenderFlexibleBox::layoutVerticalBox):
2222         * svg/animation/SVGSMILElement.cpp:
2223         (WebCore::SVGSMILElement::calculateNextProgressTime):
2224
2225 2011-05-18  Alexis Menard  <alexis.menard@openbossa.org>, Simon Hausmann  <simon.hausmann@nokia.com>
2226
2227         Reviewed by Eric Carlson.
2228
2229         MediaElements fails to load the data in some cases.
2230         https://bugs.webkit.org/show_bug.cgi?id=60760
2231
2232         WebKitWebSourceGStreamer is the interface between WebKit and GStreamer
2233         that uses the ResourceHandle API to request data and pass it down. For
2234         our builds it is absolutely essential that we have a NetworkingContext
2235         available there, in order to get access to the QNetworkAccessManager.
2236         No access means we basically cannot load the video. The WebSource gains
2237         access to the NetworkingContext through a WebCore::Frame pointer it has.
2238
2239         MediaPlayerPrivateGStreamer is responsible for propagating a pointer of
2240         the WebCore::Frame to the WebKitWebSource in
2241         mediaPlayerPrivateSourceChangedCallback. In there we used the MediaPlayer's
2242         frameView() accessor to access the frame. However the frameView() member
2243         is only set through the render tree's RenderVideo, which is rather unreliable
2244         given that some sites create "fake" video tags initially that only become
2245         visible later (or never).
2246
2247         A more reliable way is to simply use the document of the MediaPlayerClient,
2248         which is provided at constructor time.
2249
2250         Test: http/tests/media/media-can-load-when-hidden.html
2251
2252         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
2253         (WebCore::MediaPlayerPrivateGStreamer::sourceChanged):
2254
2255 2011-05-19  Andrew Wason  <rectalogic@rectalogic.com>
2256
2257         Reviewed by Darin Adler.
2258
2259         Fix GraphicsContext3DQt.cpp compile error
2260         https://bugs.webkit.org/show_bug.cgi?id=61128
2261
2262         * platform/graphics/qt/GraphicsContext3DQt.cpp:
2263         (WebCore::GraphicsContext3D::GraphicsContext3D):
2264          clear() m_internal OwnPtr.
2265
2266 2011-05-19  Ryosuke Niwa  <rniwa@webkit.org>
2267
2268         Reviewed by Darin Adler.
2269
2270         REGRESSION (r83322): Many crashes in Mail.app in WebCore::Node::nodeIndex
2271         https://bugs.webkit.org/show_bug.cgi?id=61012
2272
2273         The crash was caused by ReplaceSelectionCommand's inserting content into a middle of the paragraph
2274         being moved when the insertion position's container node is the node to split to. Fixed the crash
2275         by not changing the insertion position in such a case.
2276
2277         Unfortunately, this fix caused markup to bloat in some tests but we'll take this regression since
2278         it's much better than crashing.
2279
2280         Test: editing/pasteboard/paste-after-inline-style-element.html
2281
2282         * editing/ReplaceSelectionCommand.cpp:
2283         (WebCore::ReplaceSelectionCommand::doApply):
2284
2285 2011-05-19  Emil A Eklund  <eae@chromium.org>
2286
2287         Reviewed by Alexey Proskuryakov.
2288
2289         REGRESSION (r80808): Multiple <select> - Selection reset to first element from multiple selected ones
2290         https://bugs.webkit.org/show_bug.cgi?id=60986
2291
2292         * html/HTMLSelectElement.cpp:
2293         (WebCore::HTMLSelectElement::setMultiple):
2294         Don't restore selection if the multiple attribute hasn't changed.
2295
2296 2011-05-18  Yi Shen  <yi.4.shen@nokia.com>
2297
2298         Reviewed by Andreas Kling.
2299
2300         [Qt] Enterkey to go to Newline does not work in the text area(in HTML form)
2301         https://bugs.webkit.org/show_bug.cgi?id=33179
2302
2303         Fill the missing key text for the EnterKey event.
2304
2305         Tests: fast/events/onsearch-enter.html
2306
2307         * platform/qt/PlatformKeyboardEventQt.cpp:
2308         (WebCore::keyTextForKeyEvent):
2309
2310 2011-05-18  Oliver Hunt  <oliver@apple.com>
2311
2312         Reviewed by Sam Weinig.
2313
2314         JSGlobalObject and some others do GC allocation during initialization, which can cause heap corruption
2315         https://bugs.webkit.org/show_bug.cgi?id=61090
2316
2317         Rather than having Constructor objects create their structure
2318         as part of initialisation, we now pass their expected structure
2319         in as an argument.  This required fixing the few custom Constructors
2320         and the code generator.
2321
2322         * bindings/js/JSAudioConstructor.cpp:
2323         (WebCore::JSAudioConstructor::JSAudioConstructor):
2324         * bindings/js/JSAudioConstructor.h:
2325         * bindings/js/JSDOMGlobalObject.h:
2326         (WebCore::getDOMConstructor):
2327           Pass the Constructor objects structure in as an argument
2328         * bindings/js/JSImageConstructor.cpp:
2329         (WebCore::JSImageConstructor::JSImageConstructor):
2330         * bindings/js/JSImageConstructor.h:
2331         * bindings/js/JSOptionConstructor.cpp:
2332         (WebCore::JSOptionConstructor::JSOptionConstructor):
2333         * bindings/js/JSOptionConstructor.h:
2334         * bindings/scripts/CodeGeneratorJS.pm:
2335
2336 2011-05-18  Caio Marcelo de Oliveira Filho  <caio.oliveira@openbossa.org>
2337
2338         Reviewed by Andreas Kling.
2339
2340         [Qt] Fix tst_QWebFrame::getSetStaticProperty() autotest
2341         https://bugs.webkit.org/show_bug.cgi?id=60984
2342
2343         The code for converting objects to QVariantMap was causing exception,
2344         that was "leaking" to the next evaluation. One situation was reading
2345         the property 'localStorage' when we do not have a proper security
2346         origin, which throws a SECURITY_ERR.
2347
2348         Now, we will simply not include on the QVariantMap those properties,
2349         and make sure that we clean the exception if necessary.
2350
2351         * bridge/qt/qt_runtime.cpp:
2352         (JSC::Bindings::convertValueToQVariantMap):
2353         Extracted function that performs conversion from JSObject to a QVariantMap. This
2354         functions makes sure that exception is clean after its execution.
2355
2356         (JSC::Bindings::convertValueToQVariant):
2357         Use the previous function. Add a comment explaining the choice of distance value.
2358
2359 2011-05-18  Abhishek Arya  <inferno@chromium.org>
2360
2361         Reviewed by Beth Dakin.
2362
2363         Remove removeChild on table caption since destroy call
2364         already does that.
2365         https://bugs.webkit.org/show_bug.cgi?id=61083
2366
2367         Test: fast/table/table-captions-child-visible-crash.html
2368
2369         * rendering/RenderTable.cpp:
2370         (WebCore::RenderTable::recalcCaption):
2371
2372 2011-05-09  Luiz Agostini  <luiz.agostini@openbossa.org>
2373
2374         Reviewed by Kenneth Rohde Christiansen.
2375
2376         [Qt] Redirection of HTTP POST (3xx) incorrectly includes original POST data
2377         https://bugs.webkit.org/show_bug.cgi?id=60440
2378
2379         Makes sure that the HTTP headers Content-type and Content-length are not included in
2380         the requests that do not have any content.
2381
2382         Tests: http/tests/navigation/post-301-response.html
2383                http/tests/navigation/post-302-response.html
2384                http/tests/navigation/post-303-response.html
2385                http/tests/navigation/post-307-response.html
2386
2387         * platform/network/qt/QNetworkReplyHandler.cpp:
2388         (WebCore::QNetworkReplyHandler::sendNetworkRequest):
2389
2390 2011-05-17  Andreas Kling  <kling@webkit.org>
2391
2392         Reviewed by Benjamin Poulain.
2393
2394         [Qt] GraphicsLayerQtImpl: Remove an unused variable.
2395
2396         * platform/graphics/qt/GraphicsLayerQt.cpp:
2397         (WebCore::GraphicsLayerQtImpl::paint):
2398
2399 2011-05-17  Sam Magnuson  <smagnuson@netflix.com>
2400
2401         Reviewed by Kenneth Rohde Christiansen.
2402
2403         [Qt] Node that have both an opacity and a transform animation on them seem not to fire.
2404         https://bugs.webkit.org/show_bug.cgi?id=40841
2405
2406         Test: compositing/animation/busy-indicator.html
2407
2408         * platform/graphics/qt/GraphicsLayerQt.cpp:
2409         (WebCore::GraphicsLayerQtImpl::recache):
2410         (WebCore::GraphicsLayerQtImpl::flushChanges):
2411         (WebCore::GraphicsLayerQt::setContentsToImage):
2412         (WebCore::TransformAnimationQt::getAnimatedProperty):
2413         (WebCore::OpacityAnimationQt::getAnimatedProperty):
2414         (WebCore::GraphicsLayerQt::addAnimation):
2415
2416 2011-05-16  Adam Barth  <abarth@webkit.org>
2417
2418         Reviewed by Eric Seidel.
2419
2420         Remove bogus ASSERT in Document::setCompatibilityMode
2421         https://bugs.webkit.org/show_bug.cgi?id=60935
2422
2423         The ASSERT is invalid when the parser is in the initial state and the
2424         document is non-empty, which is strange but not impossible.
2425
2426         Test: fast/parser/append-child-followed-by-document-write.html
2427
2428         * dom/Document.cpp:
2429         (WebCore::Document::setCompatibilityMode):
2430
2431 2011-05-15  Geoffrey Garen  <ggaren@apple.com>
2432
2433         Reviewed by Gavin Barraclough.
2434
2435         https://bugs.webkit.org/show_bug.cgi?id=59699
2436         Global object is recreated on teardown, for no good reason
2437         
2438         (Another partial fix for <rdar://problem/9417875> REGRESSION: SunSpider
2439         ~7% slower in browser than on command line (was 17%))
2440         
2441         I'm basically rolling out http://trac.webkit.org/changeset/49786 because
2442
2443         (a) it created this performance problem
2444         
2445         and
2446         
2447         (b) a more complete fix, which obsoletes http://trac.webkit.org/changeset/49786,
2448         was committed in http://trac.webkit.org/changeset/53439.
2449         
2450         Tested with the file attached to https://bugs.webkit.org/show_bug.cgi?id=29832.
2451
2452         * page/Frame.cpp:
2453         (WebCore::Frame::~Frame): Don't create a new window every time we destroy
2454         a frame.
2455
2456 2011-05-13  Mikhail Naganov  <mnaganov@chromium.org>
2457
2458         Web Inspector: Unreviewed image glyph position fix in CSS after r85588.
2459
2460         * inspector/front-end/heapProfiler.css:
2461         (.heapshot-help-status-bar-item .glyph):
2462
2463 2011-05-13  Alexey Proskuryakov  <ap@apple.com>
2464
2465         Reviewed by Joseph Pecoraro.
2466
2467         Hide appcache status bar items
2468         https://bugs.webkit.org/show_bug.cgi?id=60799
2469
2470         We have a number of non-trivial bugs that make these more misleading than helpful to developers.
2471
2472         * inspector/front-end/ApplicationCacheItemsView.js: (WebInspector.ApplicationCacheItemsView):
2473         Just hide the items for now. Removing all support code would be complicated, and not helpful.
2474
2475 2011-05-13  Abhishek Arya  <inferno@chromium.org>
2476
2477         Reviewed by Dave Hyatt.
2478
2479         Regression(r75823): Revert initialization back to the first RenderBlock
2480         in the parent chain.
2481         https://bugs.webkit.org/show_bug.cgi?id=60780
2482
2483         Test: fast/block/float/float-not-removed-crash.html
2484
2485         * rendering/RenderBox.cpp:
2486         (WebCore::RenderBox::removeFloatingOrPositionedChildFromBlockLists):
2487         In r75823, I forgot to initialize parentBlock, when the original code
2488         did and Hyatt did mention in c#5. Now, initializing parentBlock to the
2489         first RenderBlock in the parent chain.
2490
2491 2011-05-13  Adam Roben  <aroben@apple.com>
2492
2493         Tell ScrollView's child Widgets that their frame rects have changed when its own frame rect
2494         changes
2495
2496         r79167 moved some code from setFrameRect to setBoundsSize, including a call to
2497         frameRectsChanged. This was done because positionScrollbarLayers, which is called by
2498         frameRectsChanged, only needs to be called when the bounds change, not when the frame rect
2499         changes. But the recursive calls inside frameRectsChanged *do* need to be called when the
2500         frame rect changes.
2501
2502         This patch moves the positionScrollbarLayers call out of frameRectsChanged, since it needs
2503         to be called at different times from frameRectsChanged. Then it restores the
2504         frameRectsChanged call to setFrameRect, which fixes the bug.
2505
2506         Test: platform/win/plugins/iframe-inside-overflow.html
2507
2508         Fixes <http://webkit.org/b/60194> <rdar://problem/9383760> REGRESSION (r79167): Windowed
2509         plugins in Google Reader don't move when the article list is scrolled
2510
2511         Reviewed by Dan Bernstein.
2512
2513         * platform/ScrollView.cpp:
2514         (WebCore::ScrollView::updateScrollbars): Added a positionScrollbarLayers call here now that
2515         frameRectsChanged doesn't call it for us. Also added a FIXME because it seems strange to
2516         call frameRectsChanged here when our frame rect hasn't changed.
2517         (WebCore::ScrollView::setFrameRect): Added back the frameRectsChanged call that was removed
2518         in r79167.
2519         (WebCore::ScrollView::setBoundsSize): Replaced a frameRectsChanged call with a call to
2520         positionScrollbarLayers. We were only calling frameRectsChanged here in order to get
2521         positionScrollbarLayers to be called.
2522         (WebCore::ScrollView::frameRectsChanged): Removed the call to positionScrollbarLayers. All
2523         callers of frameRectsChanged have been updated to call positionScrollbarLayers if needed.
2524
2525 2011-05-11  Alexis Menard  <alexis.menard@openbossa.org>
2526
2527         Reviewed by Kenneth Rohde Christiansen.
2528
2529         [Qt] Implements a disable appearance for Media Elements of Qt port.
2530         https://bugs.webkit.org/show_bug.cgi?id=60561
2531
2532         Implements a disable appearance for the media controls of the Qt port
2533         when the media is not yet available.
2534
2535         * platform/qt/RenderThemeQt.cpp:
2536         (WebCore::mediaElementCanPlay):
2537         (WebCore::RenderThemeQt::getMediaControlForegroundColor):
2538         (WebCore::RenderThemeQt::paintMediaSliderThumb):
2539
2540 2011-05-11  Chang Shu  <cshu@webkit.org>
2541
2542         Reviewed by Antonio Gomes.
2543
2544         [Qt] Tab not working in editing/inserting/typing-tab-designmode-forms.html
2545         https://bugs.webkit.org/show_bug.cgi?id=60477
2546
2547         PlatformKeyboardEvent.m_text should be set to "\t" instead of leaving as null.
2548         The value is checked at EventHandler.cpp:2527 (r86166).
2549
2550         Function keyTextForKeyEvent is partially implemented and can be enhanced in
2551         a need-base.
2552
2553         * platform/qt/PlatformKeyboardEventQt.cpp:
2554         (WebCore::keyTextForKeyEvent):
2555         (WebCore::PlatformKeyboardEvent::PlatformKeyboardEvent):
2556
2557 2011-05-12  Rob Buis  <rwlbuis@gmail.com>
2558
2559         Reviewed by Eric Seidel.
2560
2561         REGRESSION(79985): Changes in fill-opacity should trigger repaint but don't
2562         https://bugs.webkit.org/show_bug.cgi?id=59941
2563
2564         Also consider fill-opacity when determining whether StyleDifferenceRepaint is needed.
2565
2566         Test: svg/custom/fill-opacity-update.svg
2567
2568         * rendering/style/SVGRenderStyle.cpp:
2569         (WebCore::SVGRenderStyle::diff):
2570
2571 2011-05-12  Adam Barth  <abarth@webkit.org>
2572
2573         Reviewed by Darin Adler.
2574
2575         REGRESSION (r65868): createContextualFragment does not work with <style>
2576         https://bugs.webkit.org/show_bug.cgi?id=60155
2577
2578         createContextualFragment doesn't have a spec, so it's hard to tell what
2579         we're supposed to do exactly.  This patch appears to make our behavior
2580         more like Firefox and should fix the compat issue with this site.
2581
2582         Tests: fast/parser/style-in-create-contextual-fragment-head.html
2583                fast/parser/style-in-create-contextual-fragment.html
2584
2585         * dom/Element.cpp:
2586         (WebCore::Element::deprecatedCreateContextualFragment):
2587
2588 2011-05-12  Carol Szabo  <carol@webkit.org>
2589
2590         Reviewed by David Hyatt.
2591
2592         Fix reparenting and destruction of counter nodes. 
2593         https://bugs.webkit.org/show_bug.cgi?id=57929
2594
2595         Fixed several issues related to not met assertions.
2596         See below in the per file description.
2597
2598         Test: fast/css/counters/element-removal-crash.xhtml
2599
2600         * dom/ContainerNode.cpp:
2601         (WebCore::ContainerNode::removeChildren):
2602         Fixed the fact that Node::detach() used to be called
2603         while the DOM tree was in an inconsistent state.
2604         * rendering/RenderCounter.cpp:
2605         (WebCore::RenderCounter::rendererRemovedFromTree):
2606         Introduced this function to remove counters from
2607         descendents of renderers removed from the renderer
2608         tree not only from the removed renderers themselves.
2609         * rendering/RenderCounter.h:
2610         * rendering/RenderObjectChildList.cpp:
2611         (WebCore::RenderObjectChildList::removeChildNode):
2612         Changed to call RenderCounter::rendererRemovedFromTree
2613         instead of RenderCounter::destroyCounters.
2614
2615 2011-05-11  Dimitri Glazkov  <dglazkov@chromium.org>
2616
2617         Unreviewed, rolling out r85650.
2618         http://trac.webkit.org/changeset/85650
2619         https://bugs.webkit.org/show_bug.cgi?id=59983
2620
2621         Triggers m_numNodeListCaches > 0 assert in gc-heavy sites.
2622
2623         * dom/ContainerNode.cpp:
2624         (WebCore::ContainerNode::childrenChanged):
2625         * dom/Node.cpp:
2626         (WebCore::Node::~Node):
2627         (WebCore::Node::setDocument):
2628         (WebCore::Node::setTreeScopeRecursively):
2629         (WebCore::Node::childNodes):
2630         (WebCore::Node::registerDynamicNodeList):
2631         (WebCore::Node::unregisterDynamicNodeList):
2632         (WebCore::Node::notifyLocalNodeListsAttributeChanged):
2633         (WebCore::Node::notifyLocalNodeListsChildrenChanged):
2634         (WebCore::Node::getElementsByTagName):
2635         (WebCore::Node::getElementsByTagNameNS):
2636         (WebCore::Node::getElementsByName):
2637         (WebCore::Node::getElementsByClassName):
2638         * dom/Node.h:
2639         * html/HTMLFormControlElement.cpp:
2640         (WebCore::HTMLFormControlElement::labels):
2641
2642 2011-05-06  Eric Carlson  <eric.carlson@apple.com>
2643
2644         Reviewed by Darin Adler.
2645
2646         REGRESSION (r77954): HTTP Live Streams have incorrect controller UI
2647         https://bugs.webkit.org/show_bug.cgi?id=60304
2648         <rdar://problem/9392609>
2649
2650         Don't assume that the only time the media controls UI may need to change is on a 
2651         network state change, readyState changes can be significant as well.
2652
2653         Tested manually because we don't have any live streams to test in DRT.
2654
2655         * html/HTMLMediaElement.cpp:
2656         (WebCore::HTMLMediaElement::setNetworkState): changedNetworkState -> updateStatusDisplay.
2657         (WebCore::HTMLMediaElement::setReadyState): Call updateStatusDisplay.
2658
2659         * html/shadow/MediaControlRootElement.cpp:
2660         (WebCore::MediaControlRootElement::reset): changedNetworkState -> updateStatusDisplay.
2661         (WebCore::MediaControlRootElement::updateStatusDisplay): Ditto.
2662         * html/shadow/MediaControlRootElement.h:
2663
2664         * html/shadow/MediaControlRootElementChromium.cpp:
2665         (WebCore::MediaControlRootElementChromium::reset): Ditto.
2666         (WebCore::MediaControlRootElementChromium::updateStatusDisplay): Ditto.
2667         * html/shadow/MediaControlRootElementChromium.h:
2668         * html/shadow/MediaControls.h:
2669
2670 2011-05-06  David Hyatt  <hyatt@apple.com>
2671
2672         Reviewed by Dan Bernstein.
2673
2674         https://bugs.webkit.org/show_bug.cgi?id=60398 (<rdar://problem/9307696>)
2675         REGRESSION (r81684?): cox.com sign in button is missing
2676         
2677         Fix a typo in r81684 where the ascent was used in a comparison instead of boxHeight.
2678         This restores the original behavior before the refactoring messed it up.
2679
2680         Added fast/inline/nested-top-alignment.html
2681
2682         * rendering/InlineFlowBox.cpp:
2683         (WebCore::InlineFlowBox::computeLogicalBoxHeights):
2684
2685 2011-05-06  David Hyatt  <hyatt@apple.com>
2686
2687         Reviewed by Dan Bernstein.
2688
2689         https://bugs.webkit.org/show_bug.cgi?id=60390 (<rdar://problem/9364449>)
2690         REGRESSION (r81992): portions of ticketmaster site render blank
2691
2692         Make simplified layout skip from a positioned object out to its containing block.  There is no
2693         need to dirty the intermediate inlines, and in this case it's actively harmful, since the
2694         block responsible for the layout of the positioned object doesn't get m_posChildNeedsLayout set.
2695
2696         Added fast/block/positioning/hiding-inside-relpositioned-inline.html
2697
2698         * rendering/RenderObject.h:
2699         (WebCore::RenderObject::markContainingBlocksForLayout):
2700
2701 2011-05-05  Bharathwaaj Srinivasan  <bharathwaaj.s@gmail.com>
2702
2703         Reviewed by Holger Freyther.
2704
2705         Fix build-webkit --minimal.
2706         https://bugs.webkit.org/show_bug.cgi?id=60257
2707
2708         No new tests. This is just a build fix.
2709
2710         * bindings/js/JSDOMBinding.cpp:
2711
2712 2011-05-08  Jarkko Sakkinen  <jarkko.j.sakkinen@gmail.com>
2713
2714         Reviewed by Kenneth Rohde Christiansen.
2715
2716         [Qt] GraphicsContext3D::getImageData() does not retrieve image data correctly
2717         https://bugs.webkit.org/show_bug.cgi?id=58556
2718
2719         Tests: fast/canvas/webgl/gl-teximage.html
2720
2721         * platform/graphics/qt/GraphicsContext3DQt.cpp:
2722         (WebCore::GraphicsContext3D::getImageData):
2723
2724 2011-05-09  Jeremy Noble  <jer.noble@apple.com>
2725
2726         Reviewed by Simon Fraser.
2727
2728         REGRESSION (r84706): Crazy rendering of vimeo.com after exiting fullscreen video
2729         https://bugs.webkit.org/show_bug.cgi?id=60512
2730
2731         Initialize m_containsFullScreenElement.
2732
2733         * html/HTMLFrameElementBase.cpp:
2734         (WebCore::HTMLFrameElementBase::HTMLFrameElementBase):
2735
2736 2011-05-08  Jeremy Noble  <jer.noble@apple.com>
2737
2738         Reviewed by Dan Bernstein.
2739
2740         Full-screen video disappears behind black screen with scrollbar, followed by crash at jerryseinfeld.com
2741         https://bugs.webkit.org/show_bug.cgi?id=60449
2742
2743         Make RenderFullScreen a non-anonymous block, so that it does not get deleted when a parent attempts to 
2744         coalesce anonymous children.
2745
2746         Test: fullscreen/full-screen-remove-sibling.html
2747
2748         * rendering/RenderObject.h:
2749         (WebCore::RenderObject::isAnonymousBlock):
2750
2751 2011-05-10  MORITA Hajime  <morrita@google.com>
2752
2753         Reviewed by Ryosuke Niwa.
2754
2755         REGRESSION(r73886): Frequent crashes in replaceSelectionWithFragment
2756         https://bugs.webkit.org/show_bug.cgi?id=60090
2757
2758         SpellChecker uses TextCheckerClient, which belongs Page object,
2759         which is possibly destroyed during SpellChecker's lifetime.
2760         This change added to a guard before using TextCheckerClient to
2761         ensure it being live.
2762         
2763         No new tests, this is a speculative fix for a real crash.
2764
2765         * editing/Editor.cpp:
2766         (WebCore::Editor::Editor):
2767         * editing/SpellChecker.cpp:
2768         (WebCore::SpellChecker::SpellChecker):
2769         (WebCore::SpellChecker::client):
2770         (WebCore::SpellChecker::canCheckAsynchronously):
2771         (WebCore::SpellChecker::requestCheckingFor):
2772         * editing/SpellChecker.h:
2773
2774 2011-05-10  Alexis Menard  <alexis.menard@openbossa.org>
2775
2776         Reviewed by Antonio Gomes.
2777
2778         Warning fix on PluginPackage.cpp.
2779         https://bugs.webkit.org/show_bug.cgi?id=60371
2780
2781         Warning fix on conversion from time_t to unsigned on Linux with GCC 4.6.0.
2782         Let's use a struct rather than an array so we can pass everything to StringHasher.
2783
2784         * plugins/PluginPackage.cpp:
2785         (WebCore::PluginPackage::hash):
2786
2787 2011-05-10  Andreas Kling  <andreas.kling@nokia.com>
2788
2789         Rubber-stamped by Csaba Osztrogonác.
2790
2791         [Qt] Disable HAVE_QRAWFONT until Qt API stabilizes.
2792         https://bugs.webkit.org/show_bug.cgi?id=60551
2793
2794         * WebCore.pro: Disable the line that enables HAVE_QRAWFONT
2795         if the feature is found. Added a comment about why.
2796
2797 2011-05-10  Keith Kyzivat  <keith.kyzivat@nokia.com>
2798
2799         Reviewed by Kenneth Rohde Christiansen.
2800
2801         [Qt] QtRawFont support should check based on feature, not version
2802         https://bugs.webkit.org/show_bug.cgi?id=60513
2803
2804         Build fix - no tests added.
2805
2806         * WebCore.pro:
2807
2808 2011-05-09  Csaba Osztrogonác  <ossy@webkit.org>
2809
2810         Unreviewed Qt 4.8 fix.
2811
2812         * WebCore.pro: 4.8 bots are updated with the full QRawFont APIs, so we can set HAVE_QRAWFONT now.
2813
2814 2011-05-06  Andreas Kling  <andreas.kling@nokia.com>
2815
2816         Unreviewed Qt 4.8 build fix.
2817
2818         * WebCore.pro: Don't set HAVE_QRAWFONT yet. Left a FIXME so we can
2819         enable it after the 4.8 bots are updated with the full QRawFont APIs.
2820
2821 2011-05-09  Andreas Kling  <kling@webkit.org>
2822
2823         Reviewed by Kenneth Rohde Christiansen.
2824
2825         [Qt] Simple small-caps text is displayed in uniform size.
2826         https://bugs.webkit.org/show_bug.cgi?id=60492
2827
2828         Covered by existing tests.
2829
2830         * platform/graphics/qt/FontPlatformDataQt.cpp:
2831         (WebCore::FontPlatformData::FontPlatformData): In the FontPlatformData constructor
2832         used by SimpleFontData::scaledFontData(), pass the pixel size to both QFont and QRawFont
2833         to make small caps and emphasis marks have the correct size when rendered through
2834         the fast font path.
2835
2836 2011-05-09  Alexis Menard  <alexis.menard@openbossa.org>
2837
2838         Reviewed by Andreas Kling.
2839
2840         [Qt] Fix the build on Embedded Linux.
2841         https://bugs.webkit.org/show_bug.cgi?id=60347        
2842
2843         qpa is the name for lighthouse but the old name for Qt for Embedded Linux should
2844         still be used in order to build properly.
2845
2846         * WebCore.pri:
2847
2848 2011-05-06  Alexis Menard  <alexis.menard@openbossa.org>
2849
2850         Reviewed by Alexey Proskuryakov.
2851
2852         Build fix with gcc 4.6 and c++0x support.
2853         https://bugs.webkit.org/show_bug.cgi?id=60284
2854
2855         When enabling support of c++0x the compilation fails because of an
2856         ambiguous overload error. In this code when constructing the pair
2857         we use the new c++0x rvalue reference feature (&&). It means we are
2858         calling String(const WTF::AtomicString&) which becomes ambiguous because
2859         it has an overload WTF::String::String(const WTF::String&) and usually one
2860         with the native port string type (e.g. QString). In this code we want the
2861         String version because the pair store Strings.
2862
2863         No new tests, build fix.
2864
2865         * loader/FormSubmission.cpp:
2866         (WebCore::FormSubmission::create):
2867
2868 2011-05-05  Tony Gentilcore  <tonyg@chromium.org>
2869
2870         Reviewed by Adam Barth.
2871
2872         ASSERT(m_state == ParsingState) fires @ www.canalplus.fr
2873         https://bugs.webkit.org/show_bug.cgi?id=60101
2874
2875         Test: fast/parser/close-while-stopping.html
2876
2877         * dom/Document.cpp:
2878         (WebCore::Document::close): According to http://www.whatwg.org/specs/web-apps/current-work/#dom-document-close,
2879         the close() steps should be aborted if there is no script-created parser
2880         associated with the document. Our parser lives throughout
2881         http://www.whatwg.org/specs/web-apps/current-work/#the-end, but it seems
2882         the spec doesn't consider the parser active any more. So to properly
2883         respect this, we need to check that the parser is still parsing.
2884
2885 2011-05-05  Andreas Kling  <andreas.kling@nokia.com>
2886
2887         Reviewed by Simon Hausmann.
2888
2889         [Qt] Implement the fast font path for Qt.
2890         https://bugs.webkit.org/show_bug.cgi?id=51106
2891
2892         Use the new QRawFont and QGlyphs APIs in Qt 4.8 to implement the fast paths for
2893         rendering and measurement of simple text.
2894
2895         Since this is still unreleased API, it's guarded by HAVE(QRAWFONT) until the new
2896         classes are fully integrated into the Qt 4.8 release branch.
2897
2898         * WebCore.pro: Add HAVE_QRAWFONT define (for Qt >= 4.8) and new files to build.
2899
2900         * platform/graphics/Font.cpp:
2901         (WebCore::Font::drawText): Disable fast font path for stroked text, and when
2902         painting text with a shadow. (Qt-only)
2903         (WebCore::Font::codePath): Try to use fast font path in more cases.
2904
2905         * platform/graphics/qt/FontCacheQt.cpp:
2906         (WebCore::rawFontForCharacters): Helper function, returns a suitable QRawFont
2907         to use for rendering a given string. Goes through QTextLayout to find the best
2908         font based on the original QFont query.
2909         (WebCore::FontCache::getFontDataForCharacters): Implemented using helper above.
2910
2911         * platform/graphics/qt/FontPlatformData.h:
2912         (WebCore::FontPlatformDataPrivate::FontPlatformDataPrivate):
2913         (WebCore::FontPlatformData::FontPlatformData):
2914         (WebCore::FontPlatformData::rawFont):
2915         * platform/graphics/qt/FontPlatformDataQt.cpp:
2916         (WebCore::FontPlatformData::FontPlatformData): Add a QRawFont member to FontPlatformData.
2917
2918         * platform/graphics/qt/FontQt.cpp:
2919         (WebCore::fillPenForContext):
2920         (WebCore::strokePenForContext):
2921         (WebCore::drawTextCommon): Factored QPen creation out of drawTextCommon
2922         to share code between complex and simple font rendering paths.
2923         (WebCore::Font::drawGlyphs): Implemented using QPainter::drawGlyphs().
2924
2925         * platform/graphics/qt/GlyphPageTreeNodeQt.cpp:
2926         (WebCore::GlyphPage::fill): Implemented using QRawFont::glyphIndexesForString().
2927
2928         * platform/graphics/qt/SimpleFontDataQt.cpp:
2929         (WebCore::SimpleFontData::determinePitch): Return false when using QRawFont since we
2930         have no way of knowing the pitch.
2931         (WebCore::SimpleFontData::containsCharacters): Implemented using QRawFont::supportsCharacter().
2932         (WebCore::SimpleFontData::platformWidthForGlyph): Implemented using QRawFont::advancesForGlyphIndexes().
2933         (WebCore::SimpleFontData::scaledFontData): Added, based on other ports.
2934         (WebCore::SimpleFontData::smallCapsFontData): Ditto.
2935         (WebCore::SimpleFontData::emphasisMarkFontData): Ditto.
2936         (WebCore::SimpleFontData::platformBoundsForGlyph): Stub.
2937         (WebCore::SimpleFontData::platformInit): Use QRawFont APIs to retrieve font metrics.
2938         (WebCore::SimpleFontData::platformCharWidthInit): Ditto.
2939
2940 2011-05-05  Alexis Menard  <alexis.menard@openbossa.org>
2941
2942         Reviewed by Andreas Kling.
2943
2944         [Qt] RenderThemeQt and DumpRenderTreeSupportQt should use nullptr rather than 0.
2945         https://bugs.webkit.org/show_bug.cgi?id=60224
2946
2947         We should use nullptr rather than 0. nullptr will be added in the new C++ standard
2948         but WebKit already has a nullptr class if there is no c++0x support.
2949
2950         * platform/qt/RenderThemeQt.cpp:
2951         (WebCore::RenderThemeQt::adjustProgressBarStyle):
2952         (WebCore::RenderThemeQt::adjustSliderTrackStyle):
2953         (WebCore::RenderThemeQt::adjustSliderThumbStyle):
2954
2955 2011-05-05  Ilya Tikhonovsky  <loislo@chromium.org>
2956
2957         Reviewed by Yury Semikhatsky.
2958
2959         Web Inspector: rename BrowserDebugger to DOMDebugger.
2960
2961         https://bugs.webkit.org/show_bug.cgi?id=60256
2962         InspectorBrowserDebuggerAgent => InspectorDOMDebuggerAgent
2963         browserDebugger => domDebugger
2964
2965         * CMakeLists.txt:
2966         * GNUmakefile.list.am:
2967         * WebCore.gypi:
2968         * WebCore.pro:
2969         * WebCore.vcproj/WebCore.vcproj:
2970         * WebCore.xcodeproj/project.pbxproj:
2971         * inspector/CodeGeneratorInspector.pm:
2972         * inspector/InspectorAgent.cpp:
2973         (WebCore::InspectorAgent::InspectorAgent):
2974         (WebCore::InspectorAgent::inspectedPageDestroyed):
2975         (WebCore::InspectorAgent::disconnectFrontend):
2976         * inspector/InspectorAgent.h:
2977         (WebCore::InspectorAgent::DOMDebuggerAgent):
2978         * inspector/InspectorController.cpp:
2979         (WebCore::InspectorController::connectFrontend):
2980         * inspector/InspectorDOMDebuggerAgent.cpp: Renamed from Source/WebCore/inspector/InspectorBrowserDebuggerAgent.cpp.
2981         (WebCore::InspectorDOMDebuggerAgent::create):
2982         (WebCore::InspectorDOMDebuggerAgent::InspectorDOMDebuggerAgent):
2983         (WebCore::InspectorDOMDebuggerAgent::~InspectorDOMDebuggerAgent):
2984         (WebCore::InspectorDOMDebuggerAgent::debuggerWasEnabled):
2985         (WebCore::InspectorDOMDebuggerAgent::debuggerWasDisabled):
2986         (WebCore::InspectorDOMDebuggerAgent::disable):
2987         (WebCore::InspectorDOMDebuggerAgent::clearFrontend):
2988         (WebCore::InspectorDOMDebuggerAgent::discardBindings):
2989         (WebCore::InspectorDOMDebuggerAgent::setEventListenerBreakpoint):
2990         (WebCore::InspectorDOMDebuggerAgent::removeEventListenerBreakpoint):
2991         (WebCore::InspectorDOMDebuggerAgent::didInsertDOMNode):
2992         (WebCore::InspectorDOMDebuggerAgent::didRemoveDOMNode):
2993         (WebCore::InspectorDOMDebuggerAgent::setDOMBreakpoint):
2994         (WebCore::InspectorDOMDebuggerAgent::removeDOMBreakpoint):
2995         (WebCore::InspectorDOMDebuggerAgent::willInsertDOMNode):
2996         (WebCore::InspectorDOMDebuggerAgent::willRemoveDOMNode):
2997         (WebCore::InspectorDOMDebuggerAgent::willModifyDOMAttr):
2998         (WebCore::InspectorDOMDebuggerAgent::descriptionForDOMEvent):
2999         (WebCore::InspectorDOMDebuggerAgent::hasBreakpoint):
3000         (WebCore::InspectorDOMDebuggerAgent::updateSubtreeBreakpoints):
3001         (WebCore::InspectorDOMDebuggerAgent::pauseOnNativeEventIfNeeded):
3002         (WebCore::InspectorDOMDebuggerAgent::setXHRBreakpoint):
3003         (WebCore::InspectorDOMDebuggerAgent::removeXHRBreakpoint):
3004         (WebCore::InspectorDOMDebuggerAgent::willSendXMLHttpRequest):
3005         (WebCore::InspectorDOMDebuggerAgent::clear):
3006         * inspector/InspectorDOMDebuggerAgent.h: Renamed from Source/WebCore/inspector/InspectorBrowserDebuggerAgent.h.
3007         * inspector/InspectorInstrumentation.cpp:
3008         (WebCore::InspectorInstrumentation::willInsertDOMNodeImpl):
3009         (WebCore::InspectorInstrumentation::didInsertDOMNodeImpl):
3010         (WebCore::InspectorInstrumentation::willRemoveDOMNodeImpl):
3011         (WebCore::InspectorInstrumentation::didRemoveDOMNodeImpl):
3012         (WebCore::InspectorInstrumentation::willModifyDOMAttrImpl):
3013         (WebCore::InspectorInstrumentation::willSendXMLHttpRequestImpl):
3014         (WebCore::InspectorInstrumentation::pauseOnNativeEventIfNeeded):
3015         * inspector/InstrumentingAgents.h:
3016         (WebCore::InstrumentingAgents::InstrumentingAgents):
3017         (WebCore::InstrumentingAgents::inspectorDOMDebuggerAgent):
3018         (WebCore::InstrumentingAgents::setInspectorDOMDebuggerAgent):
3019         * inspector/WorkerInspectorController.cpp:
3020         (WebCore::WorkerInspectorController::connectFrontend):
3021
3022 2011-05-04  Yury Semikhatsky  <yurys@chromium.org>
3023
3024         Reviewed by Pavel Feldman.
3025
3026         Web Inspector: show only Console and Scripts panels in worker inspector front-end
3027         https://bugs.webkit.org/show_bug.cgi?id=60159
3028
3029         * inspector/front-end/WorkerManager.js:
3030         (WebInspector.WorkerManager.isWorkerFrontend):
3031         * inspector/front-end/inspector.js: show only Scripts and Console panels in the worker inspector front-end.
3032
3033 2011-05-03  Hans Wennborg  <hans@chromium.org>
3034
3035         Reviewed by Steve Block.
3036
3037         IndexedDB: Unit tests for LevelDB key coding functions
3038         https://bugs.webkit.org/show_bug.cgi?id=59692
3039
3040         Fix some embarrassing bugs uncovered by unit tests.
3041
3042         No new functionality, but this is now covered by unit tests in the Chromium WebKit port.
3043
3044         * storage/IDBLevelDBCoding.cpp:
3045         (WebCore::IDBLevelDBCoding::decodeInt):
3046         (WebCore::IDBLevelDBCoding::decodeVarInt):
3047
3048 2011-05-05  Young Han Lee  <joybro@company100.net>
3049
3050         Reviewed by Csaba Osztrogonác.
3051
3052         [Texmap][Qt] Enable strict OwnPtr for Qt with texmap enabled.
3053         https://bugs.webkit.org/show_bug.cgi?id=60251
3054
3055         No new tests. Build fix.
3056
3057         * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
3058         (WebCore::GraphicsLayerTextureMapper::GraphicsLayerTextureMapper):
3059
3060 2011-05-04  Jay Civelli  <jcivelli@chromium.org>
3061
3062         Reviewed by Adam Barth.
3063
3064         Adding a utility class to read a SharedBuffer line by line.
3065         https://bugs.webkit.org/show_bug.cgi?id=59946
3066
3067         * CMakeLists.txt:
3068         * GNUmakefile.list.am:
3069         * WebCore.gypi:
3070         * WebCore.pro:
3071         * WebCore.vcproj/WebCore.vcproj:
3072         * WebCore.xcodeproj/project.pbxproj:
3073         * platform/SharedBufferCRLFLineReader.cpp: Added.
3074         * platform/SharedBufferCRLFLineReader.h: Added.
3075
3076 2011-05-04  Sheriff Bot  <webkit.review.bot@gmail.com>
3077
3078         Unreviewed, rolling out r85788.
3079         http://trac.webkit.org/changeset/85788
3080         https://bugs.webkit.org/show_bug.cgi?id=60250
3081
3082         svg/text/text-block-child-crash.xhtml asserts (Requested by
3083         Ossy on #webkit).
3084
3085         * css/CSSStyleSelector.cpp:
3086         (WebCore::CSSStyleSelector::applyProperty):
3087
3088 2011-05-04  Ryosuke Niwa  <rniwa@webkit.org>
3089
3090         Reviewed by Eric Seidel.
3091
3092         Make more member functions in EventHandler private
3093         https://bugs.webkit.org/show_bug.cgi?id=60200
3094
3095         Reduced the number of public member functions in EventHandler.
3096
3097         * WebCore.exp.in:
3098         * page/EventHandler.cpp:
3099         (WebCore::EventHandler::handleAutoscroll):
3100         (WebCore::EventHandler::autoscrollTimerFired):
3101         (WebCore::EventHandler::stopAutoscrollTimer):
3102         (WebCore::EventHandler::handleMousePressEvent):
3103         (WebCore::EventHandler::handleMouseMoveEvent):
3104         (WebCore::EventHandler::keyEvent):
3105         (WebCore::EventHandler::eventInvertsTabsToLinksClientCallResult):
3106         * page/EventHandler.h:
3107         (WebCore::EventHandler::mouseDownMayStartSelect):
3108
3109 2011-05-04  James Robinson  <jamesr@chromium.org>
3110
3111         Reviewed by Kenneth Russell.
3112
3113         [chromium] REGRESSION(85136): Composited content vanishes when transform-style changes from preserve-3d to flat
3114         https://bugs.webkit.org/show_bug.cgi?id=60202
3115
3116         In r85136 I accidentally transposed two lines in GraphicsLayerChromium when adding a null check.  This switches
3117         the order back and adds a regression test.
3118
3119         Test: compositing/repaint/transform-style-change.html
3120
3121         * platform/graphics/chromium/GraphicsLayerChromium.cpp:
3122         (WebCore::GraphicsLayerChromium::updateLayerPreserves3D):
3123
3124 2011-05-04  Cris Neckar  <cdn@chromium.org>
3125
3126         Reviewed by Adam Barth.
3127
3128         Expose WebView directly through ChromeClient.
3129         https://bugs.webkit.org/show_bug.cgi?id=49902
3130
3131         Test: fast/media/media-svg-crash.html
3132
3133         * loader/EmptyClients.h:
3134         (WebCore::EmptyChromeClient::webView):
3135         * page/ChromeClient.h:
3136         * page/brew/ChromeClientBrew.h:
3137         (WebCore::ChromeClientBrew::webView):
3138
3139 2011-05-04  Joseph Pecoraro  <joepeck@webkit.org>
3140
3141         Reviewed by Darin Adler.
3142
3143         Unable to Paste After Deleting Text from Input due to -webkit-user-select
3144         https://bugs.webkit.org/show_bug.cgi?id=60219
3145
3146         When deleting all the text inside the input a placeholder <br>
3147         element was inserted for the selection point. However, when
3148         pasting, the test run computes the -webkit-user-select for the
3149         <br> element, instead of what would be the text inside the
3150         <input> and incorrectly disallows selection and prevented
3151         the paste.
3152
3153         Test: editing/pasteboard/paste-placeholder-input.html
3154
3155         * editing/ReplaceSelectionCommand.cpp:
3156         (WebCore::ReplacementFragment::insertFragmentForTestRendering): skip
3157         <br> elements above us as those are likely placeholder elements.
3158
3159 2011-05-04  Fridrich Strba  <fridrich.strba@bluewin.ch>
3160
3161         Reviewed by Martin Robinson.
3162
3163         Windows build of WebKit GTK needs to be able to find SystemInfo.h
3164         https://bugs.webkit.org/show_bug.cgi?id=60221
3165
3166         * GNUmakefile.am: add Source/WebCore/platform/win to the paths searched
3167         for headers, since Source/WebCore/platform/win/SystemInfo.h
3168         header is needed by Source/WebKit/gtk/webkit/webkitwebsettings.cpp
3169         on Windows.
3170
3171 2011-05-04  Vangelis Kokkevis  <vangelis@chromium.org>
3172
3173         Reviewed by Kenneth Russell.
3174
3175         [chromium] Improve sorting of layers in hierarchies that preserve-3d
3176         by testing for overlapping regions between layer pairs and doing a
3177         topological sort to determine the right order.
3178         https://bugs.webkit.org/show_bug.cgi?id=59255
3179
3180         Test: platform/chromium/compositing/perpendicular-layer-sorting.html
3181
3182         * WebCore.gypi:
3183         * platform/graphics/chromium/LayerRendererChromium.cpp:
3184         (WebCore::LayerRendererChromium::updatePropertiesAndRenderSurfaces):
3185         * platform/graphics/chromium/LayerRendererChromium.h:
3186         * platform/graphics/chromium/cc/CCLayerImpl.h:
3187         (WebCore::CCLayerImpl::clearRenderSurface):
3188         * platform/graphics/chromium/cc/CCLayerSorter.cpp: Added.
3189         (WebCore::perpProduct):
3190         (WebCore::innerProduct):
3191         (WebCore::pointInColinearEdge):
3192         (WebCore::edgeEdgeTest):
3193         (WebCore::CCLayerSorter::LayerIntersector::LayerIntersector):
3194         (WebCore::CCLayerSorter::LayerIntersector::go):
3195         (WebCore::CCLayerSorter::LayerIntersector::edgeTriangleTest):
3196         (WebCore::CCLayerSorter::LayerIntersector::triangleTriangleTest):
3197         (WebCore::CCLayerSorter::LayerIntersector::checkZDiff):
3198         (WebCore::CCLayerSorter::LayerIntersector::layerZFromProjectedPoint):
3199         (WebCore::CCLayerSorter::CCLayerSorter):
3200         (WebCore::CCLayerSorter::checkOverlap):
3201         (WebCore::CCLayerSorter::createGraphNodes):
3202         (WebCore::CCLayerSorter::createGraphEdges):
3203         (WebCore::CCLayerSorter::removeEdgeFromList):
3204         (WebCore::CCLayerSorter::sort):
3205         * platform/graphics/chromium/cc/CCLayerSorter.h: Added.
3206         (WebCore::CCLayerSorter::GraphNode::GraphNode):
3207         (WebCore::CCLayerSorter::GraphEdge::GraphEdge):
3208
3209 2011-05-03  Jer Noble  <jer.noble@apple.com>
3210
3211         Reviewed by Antti Koivisto.
3212
3213         Safari: Video at apple.com cannot play at full screen mode with layout distortion
3214         https://bugs.webkit.org/show_bug.cgi?id=60140
3215
3216         Because a fullscreen element may be in a stacking context with a lower z-index than
3217         a sibling stacking context, those higher contexts would sometimes "pop" through the 
3218         full screen renderer. To facilitate eliminating all the stacking contexts aside from
3219         the full screen renderer, added a new pseudo-class specific to video or audio full
3220         screen elements. Then, added a new UA rule which resets the z-index and opacities of 
3221         all elements under said pseudo-class to auto and 1 respectively. To facilitate quick
3222         identity checking of HTMLMediaElements, added isMediaElement() virtual function to 
3223         Element and HTMLMediaElement. 
3224
3225         Test: fullscreen/full-screen-stacking-context.html
3226
3227         * css/CSSSelector.cpp:
3228         (WebCore::CSSSelector::pseudoId): Support PseudoFullScreenMediaDocument.
3229         (WebCore::nameToPseudoTypeMap): Support fullScreenMediaDocument.
3230         (WebCore::CSSSelector::extractPseudoType): Support PseudoFullScreenMediaDocument.
3231         * css/CSSSelector.h: Add PseudoFullScreenMediaDocument.
3232         * css/CSSStyleSelector.cpp:
3233         (WebCore::CSSStyleSelector::SelectorChecker::checkOneSelector): Support PseudoFullScreenMediaDocument.
3234         * css/fullscreen.css:
3235         (:root:-webkit-full-screen-document:not(:-webkit-full-screen)): Corrected these names, 
3236             which were missing the -webkit prefix.
3237         (:root:-webkit-full-screen-media-document *:not(-webkit-full-screen)): Added.
3238         * dom/Element.h:
3239         (WebCore::Element::isMediaElement): Added, returns false.
3240         * html/HTMLMediaElement.h:
3241         (WebCore::HTMLMediaElement::isMediaElement): Added, returns true.
3242         * rendering/style/RenderStyleConstants.h: Added FULL_SCREEN_MEDIA_DOCUMENT.
3243
3244 2011-05-04  Levi Weintraub  <leviw@chromium.org>
3245
3246         Reviewed by Eric Seidel.
3247
3248         Split findNextLineBreak into a LineBreaker class
3249         https://bugs.webkit.org/show_bug.cgi?id=60209
3250
3251         Breaking findNextLineBreak into a new class inside RenderBlock. Currently it's tracking
3252         nearly no state, but subsequent patches will move some of the local variables used throughout
3253         the nextLineBreak function into member variables to simplify breaking off helper functions from
3254         the bloated function.
3255
3256         No new tests since this is just moving code around.
3257
3258         * WebCore.xcodeproj/project.pbxproj:
3259         * rendering/RenderBlock.h:
3260         (WebCore::RenderBlock::LineBreaker::LineBreaker):
3261         (WebCore::RenderBlock::LineBreaker::lineWasHyphenated): Accessor.
3262         (WebCore::RenderBlock::LineBreaker::positionedObjects): Ditto.
3263         (WebCore::RenderBlock::LineBreaker::clear): Ditto.
3264         * rendering/RenderBlockLineLayout.cpp:
3265         (WebCore::RenderBlock::layoutRunsAndFloats):
3266         (WebCore::RenderBlock::LineBreaker::skipTrailingWhitespace):
3267         (WebCore::RenderBlock::LineBreaker::skipLeadingWhitespace):
3268         (WebCore::RenderBlock::LineBreaker::reset):
3269         (WebCore::RenderBlock::LineBreaker::nextLineBreak):
3270
3271 2011-05-04  Fridrich Strba  <fridrich.strba@bluewin.ch>
3272
3273         Reviewed by Adam Barth.
3274
3275         Add COMPILER(MINGW) to the compilers using the Microsoft C Runtime's vsnprintf.
3276         The vsnprintf is part of Microsoft C runtime used also by MinGW (GCC) toolchain.
3277         https://bugs.webkit.org/show_bug.cgi?id=58579
3278
3279         * dom/XMLDocumentParserLibxml2.cpp:
3280         (WebCore::XMLDocumentParser::error):
3281
3282 2011-05-04  Alexis Menard  <alexis.menard@openbossa.org>
3283
3284         Unreviewed warning fix.
3285
3286         The variable is just used in the ASSERT macro. Let's use ASSERT_UNUSED to avoid
3287         a warning in Release build.
3288
3289         * dom/Node.cpp:
3290         (WebCore::Node::removeEventListener):
3291         * platform/DateComponents.cpp:
3292         (WebCore::DateComponents::parseTime):
3293         * rendering/RenderLayer.cpp:
3294         (WebCore::RenderLayer::convertToLayerCoords):
3295         * storage/StorageMap.cpp:
3296         (WebCore::StorageMap::importItem):
3297         * svg/SVGUseElement.cpp:
3298         (WebCore::SVGUseElement::buildShadowTree):
3299         (WebCore::SVGUseElement::expandUseElementsInShadowTree):
3300
3301 2011-05-04  Alexis Menard  <alexis.menard@openbossa.org>
3302
3303         Unreviewed warning fix.
3304
3305         The variable is just used in the ASSERT macro. Let's use ASSERT_UNUSED to avoid
3306         a warning in Release build.
3307
3308         * accessibility/AccessibilityRenderObject.cpp:
3309         (WebCore::lastChildConsideringContinuation):
3310
3311 2011-05-04  Dimitri Glazkov  <dglazkov@chromium.org>
3312
3313         Sort xcodeproj files.
3314
3315         The WebCore.xcodeproj got out of sorts again.
3316
3317         * WebCore.xcodeproj/project.pbxproj: Ran sort-XCode-project-file.
3318
3319 2011-05-04  Alexis Menard  <alexis.menard@openbossa.org>
3320
3321         Reviewed by Adam Barth.
3322
3323         Warning fix.
3324
3325         * bindings/js/DOMObjectHashTableMap.h:
3326         (WebCore::DOMObjectHashTableMap::~DOMObjectHashTableMap):
3327
3328 2011-05-04  Rob Buis  <rbuis@rim.com>
3329
3330         Reviewed by Darin Adler.
3331
3332         NULL deref when SVG elements have table styles 
3333         https://bugs.webkit.org/show_bug.cgi?id=45561
3334
3335         Restrict computed CSS values for SVG display property to block, inline or none.
3336
3337         Tests: svg/custom/display-table-caption-foreignObject.svg
3338                svg/custom/display-table-caption-inherit-foreignObject.xhtml
3339                svg/custom/display-table-caption-inherit-text.xhtml
3340                svg/custom/display-table-caption-text.svg
3341
3342         * css/CSSStyleSelector.cpp:
3343         (WebCore::CSSStyleSelector::applyProperty):
3344
3345 2011-05-04  Tao Bai  <michaelbai@chromium.org>
3346
3347         Reviewed by David Kilzer.
3348
3349         Populate touch-icon url to FrameLoaderClient
3350         https://bugs.webkit.org/show_bug.cgi?id=59143
3351         
3352         Parsed and populated apple-touch-icon url to FrameLoaderClient.
3353         Changed favicon to be a type of icon.
3354
3355         * CMakeLists.txt:
3356         * Configurations/FeatureDefines.xcconfig:
3357         * GNUmakefile.am:
3358         * GNUmakefile.list.am:
3359         * WebCore.gypi:
3360         * WebCore.vcproj/WebCore.vcproj:
3361         * WebCore.xcodeproj/project.pbxproj:
3362         * dom/Document.cpp:
3363         (WebCore::Document::iconURL):
3364         (WebCore::Document::setIconURL):
3365         * dom/Document.h:
3366         * dom/IconURL.cpp: Added.
3367         (WebCore::toIconIndex):
3368         * dom/IconURL.h: Added.
3369         (WebCore::IconURL::IconURL):
3370         * features.pri:
3371         * html/HTMLLinkElement.cpp:
3372         (WebCore::HTMLLinkElement::tokenizeRelAttribute):
3373         (WebCore::HTMLLinkElement::process):
3374         (WebCore::HTMLLinkElement::addSubresourceAttributeURLs):
3375         * html/HTMLLinkElement.h:
3376         (WebCore::HTMLLinkElement::RelAttribute::RelAttribute):
3377         (WebCore::HTMLLinkElement::isEnabledViaScript):
3378         * html/parser/HTMLPreloadScanner.cpp:
3379         (WebCore::HTMLNames::PreloadTask::relAttributeIsStyleSheet):
3380         * loader/DocumentLoader.cpp:
3381         (WebCore::DocumentLoader::iconURL):
3382         (WebCore::DocumentLoader::setIconURL):
3383         * loader/DocumentLoader.h:
3384         * loader/EmptyClients.h:
3385         (WebCore::EmptyFrameLoaderClient::dispatchDidChangeIcons):
3386         * loader/FrameLoader.cpp:
3387         (WebCore::FrameLoader::iconURL):
3388         (WebCore::FrameLoader::iconURLs):
3389         (WebCore::FrameLoader::fillIconURL):
3390         (WebCore::FrameLoader::getDefaultIconURL):
3391         (WebCore::FrameLoader::setIconURL):
3392         (WebCore::FrameLoader::didChangeIcons):
3393         * loader/FrameLoader.h:
3394         * loader/FrameLoaderClient.h:
3395
3396 2011-05-04  Chris Marrin  <cmarrin@apple.com>
3397
3398         Reviewed by Simon Fraser.
3399
3400         Crash in PlatformCALayer ::replaceSublayer when layer has not superlayer
3401         https://bugs.webkit.org/show_bug.cgi?id=60191
3402
3403         Skip replaceSublayer when there is no superlayer rather than asserting.
3404         This is probably not a problem and happens when restructuring the layer
3405         tree. Avoiding this crash will allow us to get more testing.
3406
3407         * platform/graphics/ca/GraphicsLayerCA.cpp:
3408         (WebCore::GraphicsLayerCA::swapFromOrToTiledLayer):
3409
3410 2011-05-04  Martin Robinson  <mrobinson@igalia.com>
3411
3412         Reviewed by Gustavo Noronha Silva.
3413
3414         Fix the GTK+ 2.x build for Windows. Instead of making getStockIcon a RenderTheme
3415         method, just use extern declarations to avoid having to declare it in the header.
3416         This will prevent having to include glib.h in RenderThemeGtk.h, which is included
3417         in many C++ files.
3418
3419         No new tests. This is just a build fix.
3420
3421         * platform/gtk/RenderThemeGtk.cpp: Update getStockIcon calls to say getStockIconForWidgetType.
3422         (WebCore::RenderThemeGtk::paintSearchFieldResultsDecoration):
3423         (WebCore::RenderThemeGtk::paintSearchFieldCancelButton):
3424         (WebCore::RenderThemeGtk::paintCapsLockIndicator):
3425         (WebCore::RenderThemeGtk::paintMediaButton):
3426         * platform/gtk/RenderThemeGtk.h: Removed getStockIcon declaration. Make gtkContainer() and
3427         gtkEntry() public because they are now accessed externally from getStockIcon().
3428         * platform/gtk/RenderThemeGtk2.cpp: Update getStockIcon calls.
3429         (WebCore::getStockIconForWidgetType):
3430         * platform/gtk/RenderThemeGtk3.cpp: Ditto.
3431         (WebCore::getStockIconForWidgetType):
3432
3433 2011-05-04  Mark Pilgrim  <pilgrim@chromium.org>
3434
3435         Reviewed by Tony Chang.
3436
3437         IndexedDB open (database) should fail if name is null
3438         https://bugs.webkit.org/show_bug.cgi?id=60022
3439
3440         Test: storage/indexeddb/mozilla/open-database-null-name.html
3441
3442         Combination problem: Bug in IDL didn't pass null values to .cpp layer,
3443         then .cpp layer didn't check for null value anyway.
3444
3445         * storage/IDBFactory.cpp:
3446         (WebCore::IDBFactory::open): check for null name
3447         * storage/IDBFactory.idl: pass null name as null
3448
3449 2011-05-04  Jer Noble  <jer.noble@apple.com>
3450
3451         Reviewed by Darin Adler.
3452
3453         Entering full screen fails >= second time on Vimeo.com.
3454         https://bugs.webkit.org/show_bug.cgi?id=60143
3455
3456         Force the RenderFullScreen's layer backing to be recreated when setAnimating() is called.