[webkit-changes] [251358] trunk/Source/WebKit
Title: [251358] trunk/Source/WebKit
Revision 251358
Author bfulg...@apple.com
Date 2019-10-20 18:55:11 -0700 (Sun, 20 Oct 2019)
Log Message
Improve serialization logic
https://bugs.webkit.org/show_bug.cgi?id=203039
Reviewed by Alex Christensen.
Check that the SecItemRequestData only contains relevant types for
CFNetwork uses.
* Platform/spi/Cocoa/SecItemSPI.h: Added.
* Shared/mac/SecItemRequestData.cpp:
(WebKit::arrayContainsInvalidType): Added.
(WebKit::dictionaryContainsInvalidType): Added.
(WebKit::validTypeIDs): Added.
(WebKit::isValidType): Added.
(WebKit::SecItemRequestData::decode): Check types during decode.
* Shared/mac/SecItemRequestData.h:
* WebKit.xcodeproj/project.pbxproj:
Modified Paths
trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/Shared/mac/SecItemRequestData.cpp
trunk/Source/WebKit/Shared/mac/SecItemRequestData.h
trunk/Source/WebKit/WebKit.xcodeproj/project.pbxproj
Added Paths
trunk/Source/WebKit/Platform/spi/Cocoa/SecItemSPI.h
Diff
Modified: trunk/Source/WebKit/ChangeLog (251357 => 251358)
--- trunk/Source/WebKit/ChangeLog 2019-10-21 01:44:45 UTC (rev 251357)
+++ trunk/Source/WebKit/ChangeLog 2019-10-21 01:55:11 UTC (rev 251358)
@@ -1,3 +1,24 @@
+2019-10-20 Brent Fulgham
+
+Improve serialization logic
+https://bugs.webkit.org/show_bug.cgi?id=203039
+
+
+Reviewed by Alex Christensen.
+
+Check that the SecItemRequestData only contains relevant types for
+CFNetwork uses.
+
+* Platform/spi/Cocoa/SecItemSPI.h: Added.
+* Shared/mac/SecItemRequestData.cpp:
+(WebKit::arrayContainsInvalidType): Added.
+(WebKit::dictionaryContainsInvalidType): Added.
+(WebKit::validTypeIDs): Added.
+(WebKit::isValidType): Added.
+(WebKit::SecItemRequestData::decode): Check types during decode.
+* Shared/mac/SecItemRequestData.h:
+* WebKit.xcodeproj/project.pbxproj:
+
2019-10-19 Adrian Perez de Castro
[GTK][WPE] Fix non-unified builds after r250857
Copied: trunk/Source/WebKit/Platform/spi/Cocoa/SecItemSPI.h (from rev 251357, trunk/Source/WebKit/Shared/mac/SecItemRequestData.h) (0 => 251358)
--- trunk/Source/WebKit/Platform/spi/Cocoa/SecItemSPI.h (rev 0)
+++ trunk/Source/WebKit/Platform/spi/Cocoa/SecItemSPI.h 2019-10-21 01:55:11 UTC (rev 251358)
@@ -0,0 +1,65 @@
+/*
+ * Copyright (C) 2019 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *notice, this list of conditions and the following disclaimer in the
+ *documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#pragma once
+
+#include
+#include
+#include
+#include
+#include
+#include
+
+#if PLATFORM(MAC)
+#include
+#include
+#include
+#endif
+
+#if USE(APPLE_INTERNAL_SDK)
+
+#include
+#include
+#include
+
+#else
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+CF_ASSUME_NONNULL_BEGIN
+
+CFTypeID SecCodeGetTypeID();
+CFTypeID SecRequirementGetTypeID();
+CFTypeID SecStaticCodeGetTypeID();
+
+CF_ASSUME_NONNULL_END
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif // USE(APPLE_INTERNAL_SDK)
Modified: trunk/Source/WebKit/Shared/mac/SecItemRequestData.cpp (251357 => 251358)
--- trunk/Source/WebKit/Shared/mac/SecItemRequestData.cpp 2019-10-21 01:44:45 UTC (rev 251357)
+++ trunk/Source/WebKit/Shared/mac/SecItemRequestData.cpp 2019-10-21 01:55:11 UTC (rev 251358)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2011 Apple Inc. All rights reserved.
+ * Copyright (C) 2011-2019 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -28,6 +28,8 @@
#include "ArgumentCoders.h"
#include "ArgumentCodersCF.h"
+#include "SecItemSPI.h"
+#include
namespace WebKit {
@@ -62,6 +64,86 @@
[webkit-changes] [251357] trunk/Source/WebCore
Title: [251357] trunk/Source/WebCore
Revision 251357
Author cdu...@apple.com
Date 2019-10-20 18:44:45 -0700 (Sun, 20 Oct 2019)
Log Message
Unreviewed, drop debug logging that was inadvertently committed with r251327.
* history/BackForwardCache.cpp:
Modified Paths
trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/history/BackForwardCache.cpp
Diff
Modified: trunk/Source/WebCore/ChangeLog (251356 => 251357)
--- trunk/Source/WebCore/ChangeLog 2019-10-21 00:44:32 UTC (rev 251356)
+++ trunk/Source/WebCore/ChangeLog 2019-10-21 01:44:45 UTC (rev 251357)
@@ -1,3 +1,9 @@
+2019-10-20 Chris Dumez
+
+Unreviewed, drop debug logging that was inadvertently committed with r251327.
+
+* history/BackForwardCache.cpp:
+
2019-10-20 Zalan Bujtas
[LFC][IFC] Make InlineTextItem reusable when 'segment break' behavior changes
Modified: trunk/Source/WebCore/history/BackForwardCache.cpp (251356 => 251357)
--- trunk/Source/WebCore/history/BackForwardCache.cpp 2019-10-21 00:44:32 UTC (rev 251356)
+++ trunk/Source/WebCore/history/BackForwardCache.cpp 2019-10-21 01:44:45 UTC (rev 251357)
@@ -57,7 +57,7 @@
namespace WebCore {
-#define PCLOG(...) WTFLogAlways("PageCache: %*s%s", indentLevel*4, "", makeString(__VA_ARGS__).utf8().data())
+#define PCLOG(...) LOG(BackForwardCache, "%*s%s", indentLevel*4, "", makeString(__VA_ARGS__).utf8().data())
static inline void logBackForwardCacheFailureDiagnosticMessage(DiagnosticLoggingClient& client, const String& reason)
{
___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [251356] branches/safari-608-branch/Source/WebCore
Title: [251356] branches/safari-608-branch/Source/WebCore Revision 251356 Author bshaf...@apple.com Date 2019-10-20 17:44:32 -0700 (Sun, 20 Oct 2019) Log Message Cherry-pick r251188. rdar://problem/56340816 WebAudioSourceProviderAVFObjC::provideInput should set its WebAudioBufferList parameters correctly https://bugs.webkit.org/show_bug.cgi?id=202930 Reviewed by Eric Carlson. Source/WebCore: There is a time where the bus channel number and audio source channel numbers may be different. In case the bus channel number is less than the audio source channel number, initialization of the WebAudioBufferList might not be fully done. In that case, output silence and return early. Reduce the number of frames to process based on the number of frames the output audio bus plans to process. Partially covered by new API test (this a race so we cannot reproduce the crash easily). * Modules/webaudio/MediaStreamAudioSourceNode.cpp: (WebCore::MediaStreamAudioSourceNode::process): Make sure to process the number of frames the output bus expect. * platform/mediastream/mac/WebAudioSourceProviderAVFObjC.mm: (WebCore::WebAudioSourceProviderAVFObjC::provideInput): Tools: Add a test that has an audio track that goes from 1 to 2 channels while being piped to a WebAudio pipeline. * TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj: * TestWebKitAPI/Tests/WebKit/GetUserMedia.mm: (-[GUMMessageHandler userContentController:didReceiveScriptMessage:]): (TestWebKitAPI::TEST): * TestWebKitAPI/Tests/WebKit/getUserMedia-webaudio.html: Added. git-svn-id: https://svn.webkit.org/repository/webkit/trunk@251188 268f45cc-cd09-0410-ab3c-d52691b4dbfc Modified Paths branches/safari-608-branch/Source/WebCore/ChangeLog branches/safari-608-branch/Source/WebCore/Modules/webaudio/MediaStreamAudioSourceNode.cpp branches/safari-608-branch/Source/WebCore/platform/mediastream/mac/WebAudioSourceProviderAVFObjC.mm Diff Modified: branches/safari-608-branch/Source/WebCore/ChangeLog (251355 => 251356) --- branches/safari-608-branch/Source/WebCore/ChangeLog 2019-10-21 00:44:30 UTC (rev 251355) +++ branches/safari-608-branch/Source/WebCore/ChangeLog 2019-10-21 00:44:32 UTC (rev 251356) @@ -1,5 +1,65 @@ 2019-10-20 Babak Shafiei +Cherry-pick r251188. rdar://problem/56340816 + +WebAudioSourceProviderAVFObjC::provideInput should set its WebAudioBufferList parameters correctly +https://bugs.webkit.org/show_bug.cgi?id=202930 + + +Reviewed by Eric Carlson. + +Source/WebCore: + +There is a time where the bus channel number and audio source channel numbers may be different. +In case the bus channel number is less than the audio source channel number, initialization of +the WebAudioBufferList might not be fully done. +In that case, output silence and return early. +Reduce the number of frames to process based on the number of frames the output audio bus plans to process. + +Partially covered by new API test (this a race so we cannot reproduce the crash easily). + +* Modules/webaudio/MediaStreamAudioSourceNode.cpp: +(WebCore::MediaStreamAudioSourceNode::process): +Make sure to process the number of frames the output bus expect. +* platform/mediastream/mac/WebAudioSourceProviderAVFObjC.mm: +(WebCore::WebAudioSourceProviderAVFObjC::provideInput): + +Tools: + +Add a test that has an audio track that goes from 1 to 2 channels while being piped to a WebAudio pipeline. + +* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj: +* TestWebKitAPI/Tests/WebKit/GetUserMedia.mm: +(-[GUMMessageHandler userContentController:didReceiveScriptMessage:]): +(TestWebKitAPI::TEST): +* TestWebKitAPI/Tests/WebKit/getUserMedia-webaudio.html: Added. + +git-svn-id: https://svn.webkit.org/repository/webkit/trunk@251188 268f45cc-cd09-0410-ab3c-d52691b4dbfc + +2019-10-16 Youenn Fablet + +WebAudioSourceProviderAVFObjC::provideInput should set its WebAudioBufferList parameters correctly +https://bugs.webkit.org/show_bug.cgi?id=202930 + + +Reviewed by Eric Carlson. + +There is a time where the bus channel number and audio source channel numbers may be different. +In case the bus channel number is less than the audio source channel number, initialization of +the WebAudioBufferList might not be fully done. +In that case, output silence and return early. +Reduce the number of frames to process based on the number of frames the output audio bus plans to process. + +Partially covered by new API test (this a race so we cannot reproduce the crash easily). + +* Modules/webaudio/MediaStreamAudioSourceNode.cpp: +(WebCore::MediaStreamAudioSourceNode::process): +Make sure to process the
[webkit-changes] [251354] branches/safari-608-branch
Title: [251354] branches/safari-608-branch
Revision 251354
Author bshaf...@apple.com
Date 2019-10-20 17:44:26 -0700 (Sun, 20 Oct 2019)
Log Message
Cherry-pick r249538. rdar://problem/56426429
LazyClassStructure::setConstructor should not store the constructor to the global object
https://bugs.webkit.org/show_bug.cgi?id=201484
Reviewed by Yusuke Suzuki.
JSTests:
* stress/web-assembly-constructors-should-not-override-global-object-property.js: Added.
Source/_javascript_Core:
LazyClassStructure::setConstructor sets the constructor as a property of the global object.
This became a problem when it started being used for WebAssembly constructors, such as Module
and Instance, since they are properties of the WebAssembly object, not the global object. That
resulted in properties of the global object replaced whenever a lazy WebAssembly constructor
was first accessed. e.g.
globalThis.Module = x;
WebAssembly.Module;
globalThis.Module === WebAssembly.Module;
* runtime/LazyClassStructure.cpp:
(JSC::LazyClassStructure::Initializer::setConstructor):
* runtime/LazyClassStructure.h:
* runtime/Lookup.h:
(JSC::reifyStaticProperty):
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@249538 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Modified Paths
branches/safari-608-branch/JSTests/ChangeLog
branches/safari-608-branch/Source/_javascript_Core/ChangeLog
branches/safari-608-branch/Source/_javascript_Core/runtime/LazyClassStructure.cpp
branches/safari-608-branch/Source/_javascript_Core/runtime/LazyClassStructure.h
branches/safari-608-branch/Source/_javascript_Core/runtime/Lookup.h
Added Paths
branches/safari-608-branch/JSTests/stress/web-assembly-constructors-should-not-override-global-object-property.js
Diff
Modified: branches/safari-608-branch/JSTests/ChangeLog (251353 => 251354)
--- branches/safari-608-branch/JSTests/ChangeLog 2019-10-20 23:40:21 UTC (rev 251353)
+++ branches/safari-608-branch/JSTests/ChangeLog 2019-10-21 00:44:26 UTC (rev 251354)
@@ -1,3 +1,47 @@
+2019-10-20 Babak Shafiei
+
+Cherry-pick r249538. rdar://problem/56426429
+
+LazyClassStructure::setConstructor should not store the constructor to the global object
+https://bugs.webkit.org/show_bug.cgi?id=201484
+
+
+Reviewed by Yusuke Suzuki.
+
+JSTests:
+
+* stress/web-assembly-constructors-should-not-override-global-object-property.js: Added.
+
+Source/_javascript_Core:
+
+LazyClassStructure::setConstructor sets the constructor as a property of the global object.
+This became a problem when it started being used for WebAssembly constructors, such as Module
+and Instance, since they are properties of the WebAssembly object, not the global object. That
+resulted in properties of the global object replaced whenever a lazy WebAssembly constructor
+was first accessed. e.g.
+
+globalThis.Module = x;
+WebAssembly.Module;
+globalThis.Module === WebAssembly.Module;
+
+* runtime/LazyClassStructure.cpp:
+(JSC::LazyClassStructure::Initializer::setConstructor):
+* runtime/LazyClassStructure.h:
+* runtime/Lookup.h:
+(JSC::reifyStaticProperty):
+
+git-svn-id: https://svn.webkit.org/repository/webkit/trunk@249538 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+2019-09-05 Tadeu Zagallo
+
+LazyClassStructure::setConstructor should not store the constructor to the global object
+https://bugs.webkit.org/show_bug.cgi?id=201484
+
+
+Reviewed by Yusuke Suzuki.
+
+* stress/web-assembly-constructors-should-not-override-global-object-property.js: Added.
+
2019-10-15 Kocsen Chung
Cherry-pick r250585. rdar://problem/56280995
Added: branches/safari-608-branch/JSTests/stress/web-assembly-constructors-should-not-override-global-object-property.js (0 => 251354)
--- branches/safari-608-branch/JSTests/stress/web-assembly-constructors-should-not-override-global-object-property.js (rev 0)
+++ branches/safari-608-branch/JSTests/stress/web-assembly-constructors-should-not-override-global-object-property.js 2019-10-21 00:44:26 UTC (rev 251354)
@@ -0,0 +1,4 @@
+var originalModule = this.Module = {};
+WebAssembly.Module;
+if (Module !== originalModule)
+throw new Error('Global property `Module` was overwritten!');
Modified: branches/safari-608-branch/Source/_javascript_Core/ChangeLog (251353 => 251354)
--- branches/safari-608-branch/Source/_javascript_Core/ChangeLog 2019-10-20 23:40:21 UTC (rev 251353)
+++ branches/safari-608-branch/Source/_javascript_Core/ChangeLog 2019-10-21 00:44:26 UTC (rev 251354)
@@ -1,3 +1,61 @@
+2019-10-20 Babak Shafiei
+
+Cherry-pick r249538. rdar://problem/56426429
+
+LazyClassStructure::setConstructor should not store the constructor to the global object
+https://bugs.webkit.org/show_bug.cgi?id=201484
+
+
[webkit-changes] [251355] branches/safari-608-branch/Source/WebKit
Title: [251355] branches/safari-608-branch/Source/WebKit
Revision 251355
Author bshaf...@apple.com
Date 2019-10-20 17:44:30 -0700 (Sun, 20 Oct 2019)
Log Message
Cherry-pick r250773. rdar://problem/56271900
WebPageProxy::updatePlayingMediaDidChange should protect from a null m_userMediaPermissionRequestManager
https://bugs.webkit.org/show_bug.cgi?id=202628
Reviewed by Eric Carlson.
On process swap on navigation or process crash, m_userMediaPermissionRequestManager is made null.
At the same time, the media state is set back to not playing.
Future calls of updatePlayingMediaDidChange should not have any capture state change until getUserMedia/getDisplayMedia
is called, which would create m_userMediaPermissionRequestManager.
But this assumption is not always true given that the media state is computed as process-wide in MediaStreamTrack::captureState on iOS.
The above behavior is fixed as part of https://bugs.webkit.org/show_bug.cgi?id=202627.
Since the call to updatePlayingMediaDidChange is triggered straight from IPC, it should not be trusted and a null check should be added.
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::updatePlayingMediaDidChange):
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250773 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Modified Paths
branches/safari-608-branch/Source/WebKit/ChangeLog
branches/safari-608-branch/Source/WebKit/UIProcess/WebPageProxy.cpp
Diff
Modified: branches/safari-608-branch/Source/WebKit/ChangeLog (251354 => 251355)
--- branches/safari-608-branch/Source/WebKit/ChangeLog 2019-10-21 00:44:26 UTC (rev 251354)
+++ branches/safari-608-branch/Source/WebKit/ChangeLog 2019-10-21 00:44:30 UTC (rev 251355)
@@ -1,5 +1,48 @@
2019-10-20 Babak Shafiei
+Cherry-pick r250773. rdar://problem/56271900
+
+WebPageProxy::updatePlayingMediaDidChange should protect from a null m_userMediaPermissionRequestManager
+https://bugs.webkit.org/show_bug.cgi?id=202628
+
+
+Reviewed by Eric Carlson.
+
+On process swap on navigation or process crash, m_userMediaPermissionRequestManager is made null.
+At the same time, the media state is set back to not playing.
+Future calls of updatePlayingMediaDidChange should not have any capture state change until getUserMedia/getDisplayMedia
+is called, which would create m_userMediaPermissionRequestManager.
+But this assumption is not always true given that the media state is computed as process-wide in MediaStreamTrack::captureState on iOS.
+The above behavior is fixed as part of https://bugs.webkit.org/show_bug.cgi?id=202627.
+Since the call to updatePlayingMediaDidChange is triggered straight from IPC, it should not be trusted and a null check should be added.
+
+* UIProcess/WebPageProxy.cpp:
+(WebKit::WebPageProxy::updatePlayingMediaDidChange):
+
+
+git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250773 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+2019-10-07 youenn fablet
+
+WebPageProxy::updatePlayingMediaDidChange should protect from a null m_userMediaPermissionRequestManager
+https://bugs.webkit.org/show_bug.cgi?id=202628
+
+
+Reviewed by Eric Carlson.
+
+On process swap on navigation or process crash, m_userMediaPermissionRequestManager is made null.
+At the same time, the media state is set back to not playing.
+Future calls of updatePlayingMediaDidChange should not have any capture state change until getUserMedia/getDisplayMedia
+is called, which would create m_userMediaPermissionRequestManager.
+But this assumption is not always true given that the media state is computed as process-wide in MediaStreamTrack::captureState on iOS.
+The above behavior is fixed as part of https://bugs.webkit.org/show_bug.cgi?id=202627.
+Since the call to updatePlayingMediaDidChange is triggered straight from IPC, it should not be trusted and a null check should be added.
+
+* UIProcess/WebPageProxy.cpp:
+(WebKit::WebPageProxy::updatePlayingMediaDidChange):
+
+2019-10-20 Babak Shafiei
+
Apply patch. rdar://problem/56427498
2019-10-20 John Wilander
Modified: branches/safari-608-branch/Source/WebKit/UIProcess/WebPageProxy.cpp (251354 => 251355)
--- branches/safari-608-branch/Source/WebKit/UIProcess/WebPageProxy.cpp 2019-10-21 00:44:26 UTC (rev 251354)
+++ branches/safari-608-branch/Source/WebKit/UIProcess/WebPageProxy.cpp 2019-10-21 00:44:30 UTC (rev 251355)
@@ -8275,7 +8275,9 @@
#if ENABLE(MEDIA_STREAM)
if (oldMediaCaptureState != newMediaCaptureState) {
m_uiClient->mediaCaptureStateDidChange(m_mediaState);
-m_userMediaPermissionRequestManager->captureStateChanged(oldMediaCaptureState, newMediaCaptureState);
+ASSERT(m_userMediaPermissionRequestManager);
+if
[webkit-changes] [251353] branches/safari-608-branch
Title: [251353] branches/safari-608-branch Revision 251353 Author bshaf...@apple.com Date 2019-10-20 16:40:21 -0700 (Sun, 20 Oct 2019) Log Message Apply patch. rdar://problem/56427498 Modified Paths branches/safari-608-branch/LayoutTests/ChangeLog branches/safari-608-branch/Source/WebCore/ChangeLog branches/safari-608-branch/Source/WebCore/page/Settings.yaml branches/safari-608-branch/Source/WebCore/platform/network/NetworkStorageSession.cpp branches/safari-608-branch/Source/WebCore/platform/network/NetworkStorageSession.h branches/safari-608-branch/Source/WebKit/ChangeLog branches/safari-608-branch/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp branches/safari-608-branch/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsMemoryStore.cpp branches/safari-608-branch/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsStore.cpp branches/safari-608-branch/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsStore.h branches/safari-608-branch/Source/WebKit/NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp branches/safari-608-branch/Source/WebKit/NetworkProcess/Classifier/WebResourceLoadStatisticsStore.h branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkProcess.cpp branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkProcess.h branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkProcess.messages.in branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkSession.h branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.cpp branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.h branches/safari-608-branch/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm branches/safari-608-branch/Source/WebKit/Shared/WebPreferences.yaml branches/safari-608-branch/Source/WebKit/UIProcess/API/C/WKWebsiteDataStoreRef.cpp branches/safari-608-branch/Source/WebKit/UIProcess/API/C/WKWebsiteDataStoreRef.h branches/safari-608-branch/Source/WebKit/UIProcess/Network/NetworkProcessProxy.cpp branches/safari-608-branch/Source/WebKit/UIProcess/Network/NetworkProcessProxy.h branches/safari-608-branch/Source/WebKit/UIProcess/WebProcessPool.cpp branches/safari-608-branch/Source/WebKit/UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm branches/safari-608-branch/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.cpp branches/safari-608-branch/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.h branches/safari-608-branch/Tools/ChangeLog branches/safari-608-branch/Tools/WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl branches/safari-608-branch/Tools/WebKitTestRunner/InjectedBundle/InjectedBundle.cpp branches/safari-608-branch/Tools/WebKitTestRunner/InjectedBundle/TestRunner.cpp branches/safari-608-branch/Tools/WebKitTestRunner/InjectedBundle/TestRunner.h branches/safari-608-branch/Tools/WebKitTestRunner/TestController.cpp branches/safari-608-branch/Tools/WebKitTestRunner/TestController.h branches/safari-608-branch/Tools/WebKitTestRunner/TestInvocation.cpp branches/safari-608-branch/Tools/WebKitTestRunner/TestInvocation.h Added Paths branches/safari-608-branch/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-expected.txt branches/safari-608-branch/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction.html Diff Modified: branches/safari-608-branch/LayoutTests/ChangeLog (251352 => 251353) --- branches/safari-608-branch/LayoutTests/ChangeLog 2019-10-20 23:24:48 UTC (rev 251352) +++ branches/safari-608-branch/LayoutTests/ChangeLog 2019-10-20 23:40:21 UTC (rev 251353) @@ -1,3 +1,20 @@ +2019-10-20 Babak Shafiei + +Apply patch. rdar://problem/56427498 + +2019-10-20 John Wilander + +Cherry-pick r251213. rdar://problem/56262708 + +Resource Load Statistics: Block all third-party cookies on websites without prior user interaction +https://bugs.webkit.org/show_bug.cgi?id=203017 + + +Reviewed by Alex Christensen. + +* http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-expected.txt: Added. +* http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction.html: Added. + 2019-10-17 Alan Coon Cherry-pick r250589. rdar://problem/55927251 Added: branches/safari-608-branch/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-expected.txt (0 => 251353) --- branches/safari-608-branch/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-expected.txt (rev 0) +++ branches/safari-608-branch/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-expected.txt
[webkit-changes] [251352] branches/safari-608-branch/Source/WebKit/UIProcess/Cocoa/ SOAuthorization/SubFrameSOAuthorizationSession.h
Title: [251352] branches/safari-608-branch/Source/WebKit/UIProcess/Cocoa/SOAuthorization/SubFrameSOAuthorizationSession.h
Revision 251352
Author bshaf...@apple.com
Date 2019-10-20 16:24:48 -0700 (Sun, 20 Oct 2019)
Log Message
Apply patch. rdar://problem/55954224
Modified Paths
branches/safari-608-branch/Source/WebKit/UIProcess/Cocoa/SOAuthorization/SubFrameSOAuthorizationSession.h
Diff
Modified: branches/safari-608-branch/Source/WebKit/UIProcess/Cocoa/SOAuthorization/SubFrameSOAuthorizationSession.h (251351 => 251352)
--- branches/safari-608-branch/Source/WebKit/UIProcess/Cocoa/SOAuthorization/SubFrameSOAuthorizationSession.h 2019-10-20 17:33:46 UTC (rev 251351)
+++ branches/safari-608-branch/Source/WebKit/UIProcess/Cocoa/SOAuthorization/SubFrameSOAuthorizationSession.h 2019-10-20 23:24:48 UTC (rev 251352)
@@ -29,6 +29,7 @@
#include "FrameLoadState.h"
#include "NavigationSOAuthorizationSession.h"
+#include
namespace IPC {
class DataReference;
@@ -41,8 +42,9 @@
using Callback = CompletionHandler;
using SOAuthorizationSession::weakPtrFactory;
using WeakValueType = SOAuthorizationSession::WeakValueType;
+using FrameIdentifier = uint64_t;
-static Ref create(SOAuthorization *, Ref&&, WebPageProxy&, Callback&&, WebCore::FrameIdentifier);
+static Ref create(SOAuthorization *, Ref&&, WebPageProxy&, Callback&&, FrameIdentifier);
~SubFrameSOAuthorizationSession();
@@ -49,7 +51,7 @@
private:
using Supplement = Variant, String>;
-SubFrameSOAuthorizationSession(SOAuthorization *, Ref&&, WebPageProxy&, Callback&&, WebCore::FrameIdentifier);
+SubFrameSOAuthorizationSession(SOAuthorization *, Ref&&, WebPageProxy&, Callback&&, FrameIdentifier);
// SOAuthorizationSession
void fallBackToWebPathInternal() final;
@@ -65,7 +67,7 @@
void appendRequestToLoad(URL&&, Supplement&&);
void loadRequestToFrame();
-WebCore::FrameIdentifier m_frameID;
+FrameIdentifier m_frameID;
Deque> m_requestsToLoad;
};
___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [251348] branches/safari-608-branch
Title: [251348] branches/safari-608-branch Revision 251348 Author bshaf...@apple.com Date 2019-10-20 10:33:32 -0700 (Sun, 20 Oct 2019) Log Message Cherry-pick r250887. rdar://problem/56061121 Partially undo r250811 https://bugs.webkit.org/show_bug.cgi?id=202715 Reviewed by Chris Dumez. Source/WebCore: This patch changes the SerializedScriptValue to always wrap CryptoKey objects again. CryptoKey objects could belong to an array or another object. In those cases, IDBObjectStore cannot set the flag for the embedded Cryptokey objects. Neither can postMessage to unset the flag. Therefore, there is no way to separate the serialization process into two and this patch restores the old behaviour. However, the hardening part of r250811 is kept and therefore the crash should still be prevented. No new test, updated existing test * Modules/indexeddb/IDBObjectStore.cpp: (WebCore::IDBObjectStore::putOrAdd): (WebCore::JSC::setIsWrappingRequiredForCryptoKey): Deleted. * bindings/js/SerializedScriptValue.cpp: (WebCore::CloneSerializer::dumpIfTerminal): (WebCore::CloneDeserializer::readTerminal): * crypto/CryptoKey.h: (WebCore::CryptoKey::allows const): (WebCore::CryptoKey::isWrappingRequired const): Deleted. (WebCore::CryptoKey::setIsWrappingRequired): Deleted. (): Deleted. * dom/ScriptExecutionContext.h: Tools: * TestWebKitAPI/Tests/WebKit/navigation-client-default-crypto.html: Modified to crash if SerializedScriptValue doesn't wrap CryptoKey objects. LayoutTests: Some rebaselines. * crypto/workers/subtle/ec-postMessage-worker-expected.txt: * crypto/workers/subtle/hrsa-postMessage-worker-expected.txt: * crypto/workers/subtle/rsa-postMessage-worker-expected.txt: git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250887 268f45cc-cd09-0410-ab3c-d52691b4dbfc Modified Paths branches/safari-608-branch/LayoutTests/ChangeLog branches/safari-608-branch/LayoutTests/crypto/workers/subtle/ec-postMessage-worker-expected.txt branches/safari-608-branch/LayoutTests/crypto/workers/subtle/hrsa-postMessage-worker-expected.txt branches/safari-608-branch/LayoutTests/crypto/workers/subtle/rsa-postMessage-worker-expected.txt branches/safari-608-branch/Source/WebCore/ChangeLog branches/safari-608-branch/Source/WebCore/Modules/indexeddb/IDBObjectStore.cpp branches/safari-608-branch/Source/WebCore/bindings/js/SerializedScriptValue.cpp branches/safari-608-branch/Source/WebCore/crypto/CryptoKey.h branches/safari-608-branch/Source/WebCore/dom/ScriptExecutionContext.h branches/safari-608-branch/Tools/ChangeLog branches/safari-608-branch/Tools/TestWebKitAPI/Tests/WebKit/navigation-client-default-crypto.html branches/safari-608-branch/Tools/TestWebKitAPI/Tests/WebKitCocoa/WebCryptoMasterKey.mm Diff Modified: branches/safari-608-branch/LayoutTests/ChangeLog (251347 => 251348) --- branches/safari-608-branch/LayoutTests/ChangeLog 2019-10-20 17:33:28 UTC (rev 251347) +++ branches/safari-608-branch/LayoutTests/ChangeLog 2019-10-20 17:33:32 UTC (rev 251348) @@ -1,5 +1,68 @@ 2019-10-15 Kocsen Chung +Cherry-pick r250887. rdar://problem/56061121 + +Partially undo r250811 +https://bugs.webkit.org/show_bug.cgi?id=202715 + + +Reviewed by Chris Dumez. + +Source/WebCore: + +This patch changes the SerializedScriptValue to always wrap CryptoKey objects again. +CryptoKey objects could belong to an array or another object. In those cases, IDBObjectStore +cannot set the flag for the embedded Cryptokey objects. Neither can postMessage to unset +the flag. Therefore, there is no way to separate the serialization process into two and +this patch restores the old behaviour. However, the hardening part of r250811 is kept +and therefore the crash should still be prevented. + +No new test, updated existing test + +* Modules/indexeddb/IDBObjectStore.cpp: +(WebCore::IDBObjectStore::putOrAdd): +(WebCore::JSC::setIsWrappingRequiredForCryptoKey): Deleted. +* bindings/js/SerializedScriptValue.cpp: +(WebCore::CloneSerializer::dumpIfTerminal): +(WebCore::CloneDeserializer::readTerminal): +* crypto/CryptoKey.h: +(WebCore::CryptoKey::allows const): +(WebCore::CryptoKey::isWrappingRequired const): Deleted. +(WebCore::CryptoKey::setIsWrappingRequired): Deleted. +(): Deleted. +* dom/ScriptExecutionContext.h: + +Tools: + +* TestWebKitAPI/Tests/WebKit/navigation-client-default-crypto.html: +Modified to crash if SerializedScriptValue doesn't wrap CryptoKey objects. + +LayoutTests: + +Some rebaselines. + +* crypto/workers/subtle/ec-postMessage-worker-expected.txt: +* crypto/workers/subtle/hrsa-postMessage-worker-expected.txt: +* crypto/workers/subtle/rsa-postMessage-worker-expected.txt: + +git-svn-id:
[webkit-changes] [251351] branches/safari-608-branch/Source/WebKit/NetworkProcess/ NetworkConnectionToWebProcess.cpp
Title: [251351] branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp
Revision 251351
Author bshaf...@apple.com
Date 2019-10-20 10:33:46 -0700 (Sun, 20 Oct 2019)
Log Message
Unreviewed build fix. rdar://problem/55927251
Modified Paths
branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp
Diff
Modified: branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp (251350 => 251351)
--- branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp 2019-10-20 17:33:43 UTC (rev 251350)
+++ branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp 2019-10-20 17:33:46 UTC (rev 251351)
@@ -711,8 +711,13 @@
resourceLoadStatistics->hasStorageAccess(subFrameDomain, topFrameDomain, frameID, pageID, WTFMove(completionHandler));
return;
} else {
-storageSession()->hasCookies(subFrameDomain, WTFMove(completionHandler));
-return;
+auto* session = networkProcess().storageSession(sessionID);
+if (!session) {
+LOG_ERROR("Non-default storage session was requested, but there was no session for it. Please file a bug unless you just disabled private browsing, in which case it's an expected race.");
+} else {
+session->hasCookies(subFrameDomain, WTFMove(completionHandler));
+return;
+}
}
}
___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [251349] branches/safari-608-branch
Title: [251349] branches/safari-608-branch Revision 251349 Author bshaf...@apple.com Date 2019-10-20 10:33:37 -0700 (Sun, 20 Oct 2019) Log Message Cherry-pick r251086. rdar://problem/56237429 [Cocoa] REGRESSION (r245672): Contenteditable with optical sizing freezes Safari https://bugs.webkit.org/show_bug.cgi?id=202262 Reviewed by Tim Horton. Source/WebKit: r250640 didn't go far enough. We need to apply the same fix everywhere [NSFontDescriptor fontDescriptorWithFontAttributes:] is called. * Shared/Cocoa/ArgumentCodersCocoa.mm: (IPC::decodeFontInternal): * Shared/Cocoa/CoreTextHelpers.h: Added. * Shared/Cocoa/CoreTextHelpers.mm: Added. (fontDescriptorWithFontAttributes): * SourcesCocoa.txt: * UIProcess/Cocoa/WebViewImpl.mm: (WebKit::WebViewImpl::updateFontManagerIfNeeded): * UIProcess/mac/WebPopupMenuProxyMac.mm: (WebKit::WebPopupMenuProxyMac::showPopupMenu): * WebKit.xcodeproj/project.pbxproj: LayoutTests: * fast/forms/contenteditable-font-optical-size-expected.txt: Added. * fast/forms/contenteditable-font-optical-size.html: Added. git-svn-id: https://svn.webkit.org/repository/webkit/trunk@251086 268f45cc-cd09-0410-ab3c-d52691b4dbfc Modified Paths branches/safari-608-branch/LayoutTests/ChangeLog branches/safari-608-branch/Source/WebKit/ChangeLog branches/safari-608-branch/Source/WebKit/Shared/Cocoa/ArgumentCodersCocoa.mm branches/safari-608-branch/Source/WebKit/Shared/ios/WebAutocorrectionData.mm branches/safari-608-branch/Source/WebKit/SourcesCocoa.txt branches/safari-608-branch/Source/WebKit/UIProcess/Cocoa/WebViewImpl.mm branches/safari-608-branch/Source/WebKit/UIProcess/mac/WebPopupMenuProxyMac.mm branches/safari-608-branch/Source/WebKit/WebKit.xcodeproj/project.pbxproj Added Paths branches/safari-608-branch/LayoutTests/fast/forms/contenteditable-font-optical-size-expected.txt branches/safari-608-branch/LayoutTests/fast/forms/contenteditable-font-optical-size.html branches/safari-608-branch/Source/WebKit/Shared/Cocoa/CoreTextHelpers.h branches/safari-608-branch/Source/WebKit/Shared/Cocoa/CoreTextHelpers.mm Diff Modified: branches/safari-608-branch/LayoutTests/ChangeLog (251348 => 251349) --- branches/safari-608-branch/LayoutTests/ChangeLog 2019-10-20 17:33:32 UTC (rev 251348) +++ branches/safari-608-branch/LayoutTests/ChangeLog 2019-10-20 17:33:37 UTC (rev 251349) @@ -1,5 +1,47 @@ 2019-10-15 Kocsen Chung +Cherry-pick r251086. rdar://problem/56237429 + +[Cocoa] REGRESSION (r245672): Contenteditable with optical sizing freezes Safari +https://bugs.webkit.org/show_bug.cgi?id=202262 + +Reviewed by Tim Horton. + +Source/WebKit: + +r250640 didn't go far enough. We need to apply the same fix everywhere [NSFontDescriptor fontDescriptorWithFontAttributes:] is called. + +* Shared/Cocoa/ArgumentCodersCocoa.mm: +(IPC::decodeFontInternal): +* Shared/Cocoa/CoreTextHelpers.h: Added. +* Shared/Cocoa/CoreTextHelpers.mm: Added. +(fontDescriptorWithFontAttributes): +* SourcesCocoa.txt: +* UIProcess/Cocoa/WebViewImpl.mm: +(WebKit::WebViewImpl::updateFontManagerIfNeeded): +* UIProcess/mac/WebPopupMenuProxyMac.mm: +(WebKit::WebPopupMenuProxyMac::showPopupMenu): +* WebKit.xcodeproj/project.pbxproj: + +LayoutTests: + +* fast/forms/contenteditable-font-optical-size-expected.txt: Added. +* fast/forms/contenteditable-font-optical-size.html: Added. + +git-svn-id: https://svn.webkit.org/repository/webkit/trunk@251086 268f45cc-cd09-0410-ab3c-d52691b4dbfc + +2019-10-14 Myles C. Maxfield + +[Cocoa] REGRESSION (r245672): Contenteditable with optical sizing freezes Safari +https://bugs.webkit.org/show_bug.cgi?id=202262 + +Reviewed by Tim Horton. + +* fast/forms/contenteditable-font-optical-size-expected.txt: Added. +* fast/forms/contenteditable-font-optical-size.html: Added. + +2019-10-15 Kocsen Chung + Cherry-pick r250887. rdar://problem/56061121 Partially undo r250811 Added: branches/safari-608-branch/LayoutTests/fast/forms/contenteditable-font-optical-size-expected.txt (0 => 251349) --- branches/safari-608-branch/LayoutTests/fast/forms/contenteditable-font-optical-size-expected.txt (rev 0) +++ branches/safari-608-branch/LayoutTests/fast/forms/contenteditable-font-optical-size-expected.txt 2019-10-20 17:33:37 UTC (rev 251349) @@ -0,0 +1,9 @@ +This test makes sure that contenteditable with optical size doesn't hang the browser. The test passes if there is no hang when typing occurs in the contenteditable element. + +On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE". + + +PASS successfullyParsed is true + +TEST COMPLETE +Lorem ipsumabcde Added: branches/safari-608-branch/LayoutTests/fast/forms/contenteditable-font-optical-size.html (0 => 251349) ---
[webkit-changes] [251347] branches/safari-608-branch/LayoutTests
Title: [251347] branches/safari-608-branch/LayoutTests Revision 251347 Author bshaf...@apple.com Date 2019-10-20 10:33:28 -0700 (Sun, 20 Oct 2019) Log Message Cherry-pick r250844. rdar://problem/56061121 Unreviewed, test gardening * TestExpectations: * platform/ios-simulator/TestExpectations: git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250844 268f45cc-cd09-0410-ab3c-d52691b4dbfc Modified Paths branches/safari-608-branch/LayoutTests/ChangeLog branches/safari-608-branch/LayoutTests/TestExpectations branches/safari-608-branch/LayoutTests/platform/ios-simulator/TestExpectations Diff Modified: branches/safari-608-branch/LayoutTests/ChangeLog (251346 => 251347) --- branches/safari-608-branch/LayoutTests/ChangeLog 2019-10-20 17:33:25 UTC (rev 251346) +++ branches/safari-608-branch/LayoutTests/ChangeLog 2019-10-20 17:33:28 UTC (rev 251347) @@ -1,5 +1,23 @@ 2019-10-15 Kocsen Chung +Cherry-pick r250844. rdar://problem/56061121 + +Unreviewed, test gardening + +* TestExpectations: +* platform/ios-simulator/TestExpectations: + +git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250844 268f45cc-cd09-0410-ab3c-d52691b4dbfc + +2019-10-08 Jiewen Tan + +Unreviewed, test gardening + +* TestExpectations: +* platform/ios-simulator/TestExpectations: + +2019-10-15 Kocsen Chung + Cherry-pick r250929. rdar://problem/56280990 RunResolver::rangeForRendererWithOffsets should check for range end Modified: branches/safari-608-branch/LayoutTests/TestExpectations (251346 => 251347) --- branches/safari-608-branch/LayoutTests/TestExpectations 2019-10-20 17:33:25 UTC (rev 251346) +++ branches/safari-608-branch/LayoutTests/TestExpectations 2019-10-20 17:33:28 UTC (rev 251347) @@ -3455,3 +3455,5 @@ fast/text/design-system-ui-14.html [ ImageOnlyFailure ] fast/text/design-system-ui-15.html [ ImageOnlyFailure ] fast/text/design-system-ui-16.html [ ImageOnlyFailure ] + +webkit.org/b/202648 [ Debug ] crypto/workers/subtle/aes-indexeddb.html [ Skip ] Modified: branches/safari-608-branch/LayoutTests/platform/ios-simulator/TestExpectations (251346 => 251347) --- branches/safari-608-branch/LayoutTests/platform/ios-simulator/TestExpectations 2019-10-20 17:33:25 UTC (rev 251346) +++ branches/safari-608-branch/LayoutTests/platform/ios-simulator/TestExpectations 2019-10-20 17:33:28 UTC (rev 251347) @@ -124,4 +124,6 @@ webkit.org/b/195466 imported/w3c/web-platform-tests/html/semantics/embedded-content/the-img-element/sizes/parse-a-sizes-attribute-width-1000px.html [ Pass Failure ] webkit.org/b/195466 imported/w3c/web-platform-tests/html/semantics/embedded-content/media-elements/ready-states/autoplay.html [ Pass Failure ] -webkit.org/b/195466 imported/w3c/web-platform-tests/html/semantics/embedded-content/media-elements/error-codes/error.html [ Pass Failure ] \ No newline at end of file +webkit.org/b/195466 imported/w3c/web-platform-tests/html/semantics/embedded-content/media-elements/error-codes/error.html [ Pass Failure ] + +webkit.org/b/202648 crypto/workers/subtle/aes-indexeddb.html [ Skip ] ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [251350] branches/safari-608-branch
Title: [251350] branches/safari-608-branch Revision 251350 Author bshaf...@apple.com Date 2019-10-20 10:33:43 -0700 (Sun, 20 Oct 2019) Log Message Cherry-pick r250589. rdar://problem/55927251 Storage Access API: document.hasStorageAccess() should return true when the cookie policy allows access https://bugs.webkit.org/show_bug.cgi?id=202435 Reviewed by Brent Fulgham. Source/WebCore: WebKit's Storage Access API implementation has so far only looked at whether ITP is blocking cookie access or not. However, the default cookie policy is still in effect underneath ITP. document.hasStorageAccess() should return true if the third-party: a) is not classified by ITP, and b) has cookies which implies it can use cookies as third-party according to the default cookie policy. Tests: http/tests/storageAccess/has-storage-access-false-by-default-ephemeral.html http/tests/storageAccess/has-storage-access-true-if-third-party-has-cookies-ephemeral.html http/tests/storageAccess/has-storage-access-true-if-third-party-has-cookies.html * platform/network/NetworkStorageSession.h: * platform/network/cocoa/NetworkStorageSessionCocoa.mm: (WebCore::NetworkStorageSession::hasCookies const): * platform/network/curl/NetworkStorageSessionCurl.cpp: (WebCore::NetworkStorageSession::hasCookies const): Not yet implemented. Always says false. * platform/network/soup/NetworkStorageSessionSoup.cpp: (WebCore::NetworkStorageSession::hasCookies const): Not yet implemented. Always says false. Source/WebKit: WebKit's Storage Access API implementation has so far only looked at whether ITP is blocking cookie access or not. However, the default cookie policy is still in effect underneath ITP. document.hasStorageAccess() should return true if the third-party: a) is not classified by ITP, and b) has cookies which implies it can use cookies as third-party according to the default cookie policy. * NetworkProcess/Classifier/ResourceLoadStatisticsMemoryStore.cpp: (WebKit::ResourceLoadStatisticsMemoryStore::hasStorageAccess): * NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp: (WebKit::WebResourceLoadStatisticsStore::hasCookies): * NetworkProcess/Classifier/WebResourceLoadStatisticsStore.h: * NetworkProcess/NetworkConnectionToWebProcess.cpp: (WebKit::NetworkConnectionToWebProcess::hasStorageAccess): * NetworkProcess/NetworkProcess.cpp: (WebKit::NetworkProcess::registrableDomainsWithWebsiteData): Tools: This change makes sure topPrivatelyControlledDomain() correctly handles domains with leading dots, as often used in cookie domains. * TestWebKitAPI/Tests/WebCore/PublicSuffix.cpp: (TestWebKitAPI::TEST_F): LayoutTests: WebKit's Storage Access API implementation has so far only looked at whether ITP is blocking cookie access or not. However, the default cookie policy is still in effect underneath ITP. document.hasStorageAccess() should return true if the third-party: a) is not classified by ITP, and b) has cookies which implies it can use cookies as third-party according to the default cookie policy. * http/tests/storageAccess/has-storage-access-false-by-default-ephemeral-expected.txt: Added. * http/tests/storageAccess/has-storage-access-false-by-default-ephemeral.html: Copied from LayoutTests/http/tests/storageAccess/has-storage-access-true-if-feature-off.html. * http/tests/storageAccess/has-storage-access-true-if-third-party-has-cookies-ephemeral-expected.txt: Added. * http/tests/storageAccess/has-storage-access-true-if-third-party-has-cookies-ephemeral.html: Copied from LayoutTests/http/tests/storageAccess/has-storage-access-true-if-feature-off.html. * http/tests/storageAccess/has-storage-access-true-if-third-party-has-cookies-expected.txt: Added. * http/tests/storageAccess/has-storage-access-true-if-third-party-has-cookies.html: Renamed from LayoutTests/http/tests/storageAccess/has-storage-access-true-if-feature-off.html. * platform/ios/TestExpectations: * platform/mac-wk2/TestExpectations: git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250589 268f45cc-cd09-0410-ab3c-d52691b4dbfc Modified Paths branches/safari-608-branch/LayoutTests/ChangeLog branches/safari-608-branch/LayoutTests/platform/ios/TestExpectations branches/safari-608-branch/LayoutTests/platform/mac-wk2/TestExpectations branches/safari-608-branch/Source/WebCore/ChangeLog branches/safari-608-branch/Source/WebCore/platform/network/NetworkStorageSession.h branches/safari-608-branch/Source/WebCore/platform/network/cocoa/NetworkStorageSessionCocoa.mm branches/safari-608-branch/Source/WebCore/platform/network/curl/NetworkStorageSessionCurl.cpp branches/safari-608-branch/Source/WebCore/platform/network/soup/NetworkStorageSessionSoup.cpp
[webkit-changes] [251334] branches/safari-608-branch
Title: [251334] branches/safari-608-branch Revision 251334 Author bshaf...@apple.com Date 2019-10-20 10:32:40 -0700 (Sun, 20 Oct 2019) Log Message Cherry-pick r250431. rdar://problem/55927251 Storage Access API: document.hasStorageAccess() should return false by default https://bugs.webkit.org/show_bug.cgi?id=202281 Reviewed by Alex Christensen. document.hasStorageAccess() should return false by default so that it only returns true if the context has asked for and been granted storage access. Source/WebKit: * NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp: (WebKit::ResourceLoadStatisticsDatabaseStore::hasStorageAccess): * NetworkProcess/Classifier/ResourceLoadStatisticsMemoryStore.cpp: (WebKit::ResourceLoadStatisticsMemoryStore::hasStorageAccess): LayoutTests: * http/tests/storageAccess/has-storage-access-false-by-default-expected.txt: Added. * http/tests/storageAccess/has-storage-access-false-by-default.html: Added. * platform/ios/TestExpectations: The new test is marked as [ Pass ]. * platform/mac-wk2/TestExpectations: The new test is marked as [ Pass ]. git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250431 268f45cc-cd09-0410-ab3c-d52691b4dbfc Modified Paths branches/safari-608-branch/LayoutTests/ChangeLog branches/safari-608-branch/LayoutTests/platform/ios/TestExpectations branches/safari-608-branch/LayoutTests/platform/mac-wk2/TestExpectations branches/safari-608-branch/Source/WebKit/ChangeLog branches/safari-608-branch/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp branches/safari-608-branch/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsMemoryStore.cpp Added Paths branches/safari-608-branch/LayoutTests/http/tests/storageAccess/has-storage-access-false-by-default-expected.txt branches/safari-608-branch/LayoutTests/http/tests/storageAccess/has-storage-access-false-by-default.html Diff Modified: branches/safari-608-branch/LayoutTests/ChangeLog (251333 => 251334) --- branches/safari-608-branch/LayoutTests/ChangeLog 2019-10-20 17:32:36 UTC (rev 251333) +++ branches/safari-608-branch/LayoutTests/ChangeLog 2019-10-20 17:32:40 UTC (rev 251334) @@ -1,5 +1,55 @@ 2019-10-15 Kocsen Chung +Cherry-pick r250431. rdar://problem/55927251 + +Storage Access API: document.hasStorageAccess() should return false by default +https://bugs.webkit.org/show_bug.cgi?id=202281 + + +Reviewed by Alex Christensen. + +document.hasStorageAccess() should return false by default so that it only +returns true if the context has asked for and been granted storage access. + +Source/WebKit: + +* NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp: +(WebKit::ResourceLoadStatisticsDatabaseStore::hasStorageAccess): +* NetworkProcess/Classifier/ResourceLoadStatisticsMemoryStore.cpp: +(WebKit::ResourceLoadStatisticsMemoryStore::hasStorageAccess): + +LayoutTests: + +* http/tests/storageAccess/has-storage-access-false-by-default-expected.txt: Added. +* http/tests/storageAccess/has-storage-access-false-by-default.html: Added. +* platform/ios/TestExpectations: +The new test is marked as [ Pass ]. +* platform/mac-wk2/TestExpectations: +The new test is marked as [ Pass ]. + + +git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250431 268f45cc-cd09-0410-ab3c-d52691b4dbfc + +2019-09-27 John Wilander + +Storage Access API: document.hasStorageAccess() should return false by default +https://bugs.webkit.org/show_bug.cgi?id=202281 + + +Reviewed by Alex Christensen. + +document.hasStorageAccess() should return false by default so that it only +returns true if the context has asked for and been granted storage access. + +* http/tests/storageAccess/has-storage-access-false-by-default-expected.txt: Added. +* http/tests/storageAccess/has-storage-access-false-by-default.html: Added. +* platform/ios/TestExpectations: +The new test is marked as [ Pass ]. +* platform/mac-wk2/TestExpectations: +The new test is marked as [ Pass ]. + +2019-10-15 Kocsen Chung + Cherry-pick r249517. rdar://problem/5699 Mail appears to be double inverting code copied from Notes, Xcode, or Terminal. Added: branches/safari-608-branch/LayoutTests/http/tests/storageAccess/has-storage-access-false-by-default-expected.txt (0 => 251334) --- branches/safari-608-branch/LayoutTests/http/tests/storageAccess/has-storage-access-false-by-default-expected.txt (rev 0) +++ branches/safari-608-branch/LayoutTests/http/tests/storageAccess/has-storage-access-false-by-default-expected.txt 2019-10-20 17:32:40 UTC (rev 251334) @@ -0,0 +1,10 @@ +Tests that
[webkit-changes] [251343] branches/safari-608-branch/Source/WebKit
Title: [251343] branches/safari-608-branch/Source/WebKit Revision 251343 Author bshaf...@apple.com Date 2019-10-20 10:33:12 -0700 (Sun, 20 Oct 2019) Log Message Cherry-pick r250780. rdar://problem/56061126 Provide options for DTTZ to happen in more situations https://bugs.webkit.org/show_bug.cgi?id=202634 Reviewed by Antoine Quint. Add two options that can be enabled to trigger double tap zooming in more places. Firstly, an option to keep listening for a double-tap-to-zoom if the first tap found a click handler on the body or document element. The tap will still be dispatched. This is probably the most common case for disabling a DTTZ. Secondly, an option to always keep listening for a double-tap-to-zoom, even if there was a clickable (non-root) element under the first tap. * Shared/WebPreferences.yaml: Add ZoomOnDoubleTapWhenRoot and AlwaysZoomOnDoubleTap. * UIProcess/PageClient.h: The message from the WebProcess now tells the UIProcess if the tapped element was a root-level (document or body). * UIProcess/WebPageProxy.h: * UIProcess/WebPageProxy.messages.in: * UIProcess/ios/PageClientImplIOS.h: * UIProcess/ios/PageClientImplIOS.mm: (WebKit::PageClientImpl::handleSmartMagnificationInformationForPotentialTap): * UIProcess/ios/WKContentViewInteraction.h: * UIProcess/ios/WKContentViewInteraction.mm: (-[WKContentView _endPotentialTapAndEnableDoubleTapGesturesIfNecessary]): (-[WKContentView _handleSmartMagnificationInformationForPotentialTap:renderRect:fitEntireRect:viewportMinimumScale:viewportMaximumScale:nodeIsRootLevel:]): Handle the two new options. * UIProcess/ios/WebPageProxyIOS.mm: (WebKit::WebPageProxy::handleSmartMagnificationInformationForPotentialTap): * WebProcess/WebPage/ios/WebPageIOS.mm: (WebKit::WebPage::potentialTapAtPosition): Check if the tap was on a root-level element. git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250780 268f45cc-cd09-0410-ab3c-d52691b4dbfc Modified Paths branches/safari-608-branch/Source/WebKit/ChangeLog branches/safari-608-branch/Source/WebKit/Shared/WebPreferences.yaml branches/safari-608-branch/Source/WebKit/UIProcess/PageClient.h branches/safari-608-branch/Source/WebKit/UIProcess/WebPageProxy.h branches/safari-608-branch/Source/WebKit/UIProcess/WebPageProxy.messages.in branches/safari-608-branch/Source/WebKit/UIProcess/ios/PageClientImplIOS.h branches/safari-608-branch/Source/WebKit/UIProcess/ios/PageClientImplIOS.mm branches/safari-608-branch/Source/WebKit/UIProcess/ios/WKContentViewInteraction.h branches/safari-608-branch/Source/WebKit/UIProcess/ios/WKContentViewInteraction.mm branches/safari-608-branch/Source/WebKit/UIProcess/ios/WebPageProxyIOS.mm branches/safari-608-branch/Source/WebKit/WebProcess/WebPage/ios/WebPageIOS.mm Diff Modified: branches/safari-608-branch/Source/WebKit/ChangeLog (251342 => 251343) --- branches/safari-608-branch/Source/WebKit/ChangeLog 2019-10-20 17:33:08 UTC (rev 251342) +++ branches/safari-608-branch/Source/WebKit/ChangeLog 2019-10-20 17:33:12 UTC (rev 251343) @@ -1,5 +1,85 @@ 2019-10-15 Kocsen Chung +Cherry-pick r250780. rdar://problem/56061126 + +Provide options for DTTZ to happen in more situations +https://bugs.webkit.org/show_bug.cgi?id=202634 + + +Reviewed by Antoine Quint. + +Add two options that can be enabled to trigger double tap zooming +in more places. + +Firstly, an option to keep listening for a double-tap-to-zoom if the +first tap found a click handler on the body or document element. The +tap will still be dispatched. This is probably the most common case +for disabling a DTTZ. + +Secondly, an option to always keep listening for a double-tap-to-zoom, +even if there was a clickable (non-root) element under the first tap. + +* Shared/WebPreferences.yaml: Add ZoomOnDoubleTapWhenRoot and AlwaysZoomOnDoubleTap. +* UIProcess/PageClient.h: The message from the WebProcess now tells the UIProcess if +the tapped element was a root-level (document or body). +* UIProcess/WebPageProxy.h: +* UIProcess/WebPageProxy.messages.in: +* UIProcess/ios/PageClientImplIOS.h: +* UIProcess/ios/PageClientImplIOS.mm: +(WebKit::PageClientImpl::handleSmartMagnificationInformationForPotentialTap): +* UIProcess/ios/WKContentViewInteraction.h: +* UIProcess/ios/WKContentViewInteraction.mm: +(-[WKContentView _endPotentialTapAndEnableDoubleTapGesturesIfNecessary]): +(-[WKContentView _handleSmartMagnificationInformationForPotentialTap:renderRect:fitEntireRect:viewportMinimumScale:viewportMaximumScale:nodeIsRootLevel:]): +Handle the two new options. + +* UIProcess/ios/WebPageProxyIOS.mm: +(WebKit::WebPageProxy::handleSmartMagnificationInformationForPotentialTap): +* WebProcess/WebPage/ios/WebPageIOS.mm: +(WebKit::WebPage::potentialTapAtPosition):
[webkit-changes] [251336] branches/safari-608-branch/Source/JavaScriptCore
Title: [251336] branches/safari-608-branch/Source/_javascript_Core
Revision 251336
Author bshaf...@apple.com
Date 2019-10-20 10:32:45 -0700 (Sun, 20 Oct 2019)
Log Message
Cherry-pick r250629. rdar://problem/56280996
FTL OSR exit shouldn't bother updating get_by_id array profiles that have changed modes
https://bugs.webkit.org/show_bug.cgi?id=202493
Reviewed by Saam Barati.
I added this optimization for DFG but forgot to do it for the FTL
at the same time. This patch rectifies that.
* ftl/FTLOSRExitCompiler.cpp:
(JSC::FTL::compileStub):
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250629 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Modified Paths
branches/safari-608-branch/Source/_javascript_Core/ChangeLog
branches/safari-608-branch/Source/_javascript_Core/ftl/FTLOSRExitCompiler.cpp
Diff
Modified: branches/safari-608-branch/Source/_javascript_Core/ChangeLog (251335 => 251336)
--- branches/safari-608-branch/Source/_javascript_Core/ChangeLog 2019-10-20 17:32:43 UTC (rev 251335)
+++ branches/safari-608-branch/Source/_javascript_Core/ChangeLog 2019-10-20 17:32:45 UTC (rev 251336)
@@ -1,5 +1,35 @@
2019-10-15 Kocsen Chung
+Cherry-pick r250629. rdar://problem/56280996
+
+FTL OSR exit shouldn't bother updating get_by_id array profiles that have changed modes
+https://bugs.webkit.org/show_bug.cgi?id=202493
+
+Reviewed by Saam Barati.
+
+I added this optimization for DFG but forgot to do it for the FTL
+at the same time. This patch rectifies that.
+
+* ftl/FTLOSRExitCompiler.cpp:
+(JSC::FTL::compileStub):
+
+git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250629 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+2019-10-02 Keith Miller
+
+FTL OSR exit shouldn't bother updating get_by_id array profiles that have changed modes
+https://bugs.webkit.org/show_bug.cgi?id=202493
+
+Reviewed by Saam Barati.
+
+I added this optimization for DFG but forgot to do it for the FTL
+at the same time. This patch rectifies that.
+
+* ftl/FTLOSRExitCompiler.cpp:
+(JSC::FTL::compileStub):
+
+2019-10-15 Kocsen Chung
+
Cherry-pick r250585. rdar://problem/56280995
ObjectAllocationSinkingPhase shouldn't insert hints for allocations which are no longer valid
Modified: branches/safari-608-branch/Source/_javascript_Core/ftl/FTLOSRExitCompiler.cpp (251335 => 251336)
--- branches/safari-608-branch/Source/_javascript_Core/ftl/FTLOSRExitCompiler.cpp 2019-10-20 17:32:43 UTC (rev 251335)
+++ branches/safari-608-branch/Source/_javascript_Core/ftl/FTLOSRExitCompiler.cpp 2019-10-20 17:32:45 UTC (rev 251336)
@@ -28,6 +28,7 @@
#if ENABLE(FTL_JIT)
+#include "BytecodeStructs.h"
#include "DFGOSRExitCompilerCommon.h"
#include "DFGOSRExitPreparation.h"
#include "FTLExitArgumentForOperand.h"
@@ -248,7 +249,15 @@
if (exit.m_kind == BadCache || exit.m_kind == BadIndexingType) {
CodeOrigin codeOrigin = exit.m_codeOriginForExitProfile;
-if (ArrayProfile* arrayProfile = jit.baselineCodeBlockFor(codeOrigin)->getArrayProfile(codeOrigin.bytecodeIndex())) {
+CodeBlock* codeBlock = jit.baselineCodeBlockFor(codeOrigin);
+if (ArrayProfile* arrayProfile = codeBlock->getArrayProfile(codeOrigin.bytecodeIndex())) {
+const Instruction* instruction = codeBlock->instructions().at(codeOrigin.bytecodeIndex()).ptr();
+CCallHelpers::Jump skipProfile;
+if (instruction->is()) {
+auto& metadata = instruction->as().metadata(codeBlock);
+skipProfile = jit.branch8(CCallHelpers::NotEqual, CCallHelpers::AbsoluteAddress(_modeMetadata.mode), CCallHelpers::TrustedImm32(static_cast(GetByIdMode::ArrayLength)));
+}
+
jit.load32(MacroAssembler::Address(GPRInfo::regT0, JSCell::structureIDOffset()), GPRInfo::regT1);
jit.store32(GPRInfo::regT1, arrayProfile->addressOfLastSeenStructureID());
@@ -266,6 +275,9 @@
jit.lshift32(GPRInfo::regT1, GPRInfo::regT2);
storeArrayModes.link();
jit.or32(GPRInfo::regT2, MacroAssembler::AbsoluteAddress(arrayProfile->addressOfArrayModes()));
+
+if (skipProfile.isSet())
+skipProfile.link();
}
}
___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [251331] branches/safari-608-branch
Title: [251331] branches/safari-608-branch Revision 251331 Author bshaf...@apple.com Date 2019-10-20 10:32:28 -0700 (Sun, 20 Oct 2019) Log Message Cherry-pick r249517. rdar://problem/5699 Mail appears to be double inverting code copied from Notes, Xcode, or Terminal. https://bugs.webkit.org/show_bug.cgi?id=201368 rdar://problem/40529867 Reviewed by Ryosuke Niwa. Source/WebCore: Dark mode content that is pasted should have the inline styles inverse color transformed by the color filter to match the color filtered document contents. Layout Test: editing/pasteboard/paste-dark-mode-color-filtered.html API Tests: PasteHTML.TransformColorsOfDarkContent, PasteHTML.DoesNotTransformColorsOfLightContent, PasteRTFD.TransformColorsOfDarkContent, PasteRTFD.DoesNotTransformColorsOfLightContent * editing/EditingStyle.cpp: (WebCore::EditingStyle::inverseTransformColorIfNeeded): Added caret-color to the transformed properties. * editing/ReplaceSelectionCommand.cpp: (WebCore::fragmentNeedsColorTransformed): Added. (WebCore::ReplaceSelectionCommand::inverseTransformColor): Added. (WebCore::ReplaceSelectionCommand::doApply): Call fragmentNeedsColorTransformed() and inverseTransformColor(). * editing/ReplaceSelectionCommand.h: Tools: Added Tests: PasteHTML.TransformColorsOfDarkContent, PasteHTML.DoesNotTransformColorsOfLightContent, PasteRTFD.TransformColorsOfDarkContent, PasteRTFD.DoesNotTransformColorsOfLightContent * TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj: * TestWebKitAPI/Tests/WebKitCocoa/PasteHTML.mm: (createWebViewWithCustomPasteboardDataSetting): Added argument to enable color filter. * TestWebKitAPI/Tests/WebKitCocoa/PasteRTFD.mm: (createWebViewWithCustomPasteboardDataEnabled): Added argument to enable color filter. * TestWebKitAPI/Tests/WebKitCocoa/rich-color-filtered.html: Added. * TestWebKitAPI/cocoa/TestWKWebView.h: * TestWebKitAPI/cocoa/TestWKWebView.mm: (-[TestWKWebView forceDarkMode]): LayoutTests: * TestExpectations: * editing/pasteboard/paste-dark-mode-color-filtered-expected.txt: Added. * editing/pasteboard/paste-dark-mode-color-filtered.html: Added. * platform/ios-12/TestExpectations: * platform/ios/TestExpectations: * platform/mac/TestExpectations: git-svn-id: https://svn.webkit.org/repository/webkit/trunk@249517 268f45cc-cd09-0410-ab3c-d52691b4dbfc Modified Paths branches/safari-608-branch/LayoutTests/ChangeLog branches/safari-608-branch/LayoutTests/TestExpectations branches/safari-608-branch/LayoutTests/platform/ios/TestExpectations branches/safari-608-branch/LayoutTests/platform/ios-12/TestExpectations branches/safari-608-branch/LayoutTests/platform/mac/TestExpectations branches/safari-608-branch/Source/WebCore/ChangeLog branches/safari-608-branch/Source/WebCore/editing/EditingStyle.cpp branches/safari-608-branch/Source/WebCore/editing/ReplaceSelectionCommand.cpp branches/safari-608-branch/Source/WebCore/editing/ReplaceSelectionCommand.h branches/safari-608-branch/Tools/ChangeLog branches/safari-608-branch/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj branches/safari-608-branch/Tools/TestWebKitAPI/Tests/WebKitCocoa/PasteHTML.mm branches/safari-608-branch/Tools/TestWebKitAPI/Tests/WebKitCocoa/PasteRTFD.mm branches/safari-608-branch/Tools/TestWebKitAPI/cocoa/TestWKWebView.h branches/safari-608-branch/Tools/TestWebKitAPI/cocoa/TestWKWebView.mm Added Paths branches/safari-608-branch/LayoutTests/editing/pasteboard/paste-dark-mode-color-filtered-expected.txt branches/safari-608-branch/LayoutTests/editing/pasteboard/paste-dark-mode-color-filtered.html branches/safari-608-branch/Tools/TestWebKitAPI/Tests/WebKitCocoa/rich-color-filtered.html Diff Modified: branches/safari-608-branch/LayoutTests/ChangeLog (251330 => 251331) --- branches/safari-608-branch/LayoutTests/ChangeLog 2019-10-20 15:09:21 UTC (rev 251330) +++ branches/safari-608-branch/LayoutTests/ChangeLog 2019-10-20 17:32:28 UTC (rev 251331) @@ -1,3 +1,71 @@ +2019-10-15 Kocsen Chung + +Cherry-pick r249517. rdar://problem/5699 + +Mail appears to be double inverting code copied from Notes, Xcode, or Terminal. +https://bugs.webkit.org/show_bug.cgi?id=201368 +rdar://problem/40529867 + +Reviewed by Ryosuke Niwa. + +Source/WebCore: + +Dark mode content that is pasted should have the inline styles inverse color +transformed by the color filter to match the color filtered document contents. + +Layout Test: editing/pasteboard/paste-dark-mode-color-filtered.html +API Tests: PasteHTML.TransformColorsOfDarkContent, PasteHTML.DoesNotTransformColorsOfLightContent, +PasteRTFD.TransformColorsOfDarkContent, PasteRTFD.DoesNotTransformColorsOfLightContent + +* editing/EditingStyle.cpp: +(WebCore::EditingStyle::inverseTransformColorIfNeeded): Added caret-color to the
[webkit-changes] [251340] branches/safari-608-branch
Title: [251340] branches/safari-608-branch Revision 251340 Author bshaf...@apple.com Date 2019-10-20 10:33:02 -0700 (Sun, 20 Oct 2019) Log Message Cherry-pick r250729. rdar://problem/56280731 [WebAuthn] Implement _WKWebAuthenticationPanel SPI https://bugs.webkit.org/show_bug.cgi?id=202559 Reviewed by Brent Fulgham. Source/WebKit: This patch implements _WKWebAuthenticationPanel SPI. Here is the structure: 1) API::WebAuthenticationPanel is the APIObject of _WKWebAuthenticationPanel. It is owned by AuthenticatorManager. The lifetime of _WKWebAuthenticationPanel on the other hand is managed by clients. This binding is the surface where clients could interact with WebKit's WebAuthentication implementation. 2) API::WebAuthenticationPanelClient is a base class representing _WKWebAuthenticationPanelDelegate. Its subclass WebKit::WebAuthenticationPanelClient implements bridges to _WKWebAuthenticationPanelDelegate methods. It is owned by API::WebAuthenticationPanel. A weak pointer of WebKit::WebAuthenticationPanelClient is kept in _WKWebAuthenticationPanel to get the _WKWebAuthenticationPanelDelegate set by clients or nil otherwise. This binding is the surface where WebKit interacts with clients. 3) WebAuthenticationPanelFlags is the mirror of enums within _WKWebAuthenticationPanel. Implementation wise, this patch implements: 1) -[WKUIDelegatePrivate webView:runWebAuthenticationPanel:initiatedByFrame:completionHandler:], this is bridged from the regular UIDelegate route. Noted, WKFrameInfo is nil for now, a follow up on Bug 202563 will take care of it. This will be called from AuthenticatorManager::runPanel() which gates the start of discovery on the callback. For clients that don't implement the delegate, the callback will always be called with _WKWebAuthenticationPanelResultUnavailable to allow WebKit run on non-UI mode. A specific C API hack is added to always return _WKWebAuthenticationPanelResultPresented in WebKitTestRunner for layout tests. 2) -[_WKWebAuthenticationPanelDelegate panel:updateWebAuthenticationPanel:] will be implemented in Bug 200932. 3) -[_WKWebAuthenticationPanelDelegate panel:dismissWebAuthenticationPanelWithResult:], this is bridged from API::WebAuthenticationPanel/API::WebAuthenticationPanelClient. This will be called whenever AuthenticatorManager::m_pendingCompletionHandler is invoked. Depending on the respond, _WKWebAuthenticationResult will be returned accordingly. To facilitate that, invokePendingCompletionHandler is crafted to bundle those two operations. 4) -[_WKWebAuthenticationPanel cancel] will be implemented in Bug 191523. Besides the above, this patch also silents the NFC action sheet. * Platform/spi/Cocoa/NearFieldSPI.h: * Shared/API/APIObject.h: * Shared/Cocoa/APIObject.mm: (API::Object::newObject): * Sources.txt: * SourcesCocoa.txt: * UIProcess/API/APIUIClient.h: (API::UIClient::runWebAuthenticationPanel): * UIProcess/API/APIWebAuthenticationPanel.cpp: Copied from Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm. (API::WebAuthenticationPanel::create): (API::WebAuthenticationPanel::WebAuthenticationPanel): (API::WebAuthenticationPanel::setClient): * UIProcess/API/APIWebAuthenticationPanel.h: Copied from Source/WebKit/UIProcess/WebAuthentication/WebAuthenticationRequestData.h. * UIProcess/API/APIWebAuthenticationPanelClient.h: Copied from Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanelInternal.h. (API::WebAuthenticationPanelClient::dismissPanel const): * UIProcess/API/C/WKPage.cpp: (WKPageSetPageUIClient): * UIProcess/API/C/WKPageUIClient.h: * UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm: (-[_WKWebAuthenticationPanel dealloc]): (-[_WKWebAuthenticationPanel relyingPartyID]): (-[_WKWebAuthenticationPanel delegate]): (-[_WKWebAuthenticationPanel setDelegate:]): (-[_WKWebAuthenticationPanel _apiObject]): (-[_WKWebAuthenticationPanel _initWithRelayingPartyID:]): Deleted. * UIProcess/API/Cocoa/_WKWebAuthenticationPanelInternal.h: * UIProcess/Cocoa/UIDelegate.h: * UIProcess/Cocoa/UIDelegate.mm: (WebKit::UIDelegate::setDelegate): (WebKit::webAuthenticationPanelResult): (WebKit::UIDelegate::UIClient::runWebAuthenticationPanel): * UIProcess/WebAuthentication/AuthenticatorManager.cpp: (WebKit::WebCore::isFeatureEnabled): (WebKit::WebCore::getRpId): (WebKit::AuthenticatorManager::handleRequest): (WebKit::AuthenticatorManager::respondReceived): (WebKit::AuthenticatorManager::startDiscovery): (WebKit::AuthenticatorManager::initTimeOutTimer): (WebKit::AuthenticatorManager::timeOutTimerFired): (WebKit::AuthenticatorManager::runPanel): (WebKit::AuthenticatorManager::startRequest): (WebKit::AuthenticatorManager::invokePendingCompletionHandler):
[webkit-changes] [251333] branches/safari-608-branch
Title: [251333] branches/safari-608-branch Revision 251333 Author bshaf...@apple.com Date 2019-10-20 10:32:36 -0700 (Sun, 20 Oct 2019) Log Message Cherry-pick r250416. rdar://problem/55954224 SubFrameSOAuthorizationSession should ensure messages are posted in the right order to the parent frame https://bugs.webkit.org/show_bug.cgi?id=202061 Reviewed by Youenn Fablet. Source/WebKit: This patch ensures messages that signal the process of SOAuthorization interception are posted in the right order to the parent frame. Before this patch, there are chances that SOAuthorizationDidCancel could be posted to the parent before SOAuthorizationDidStart. There are few causes that lead to this race condition: 1) SubFrameSOAuthorizationSession::beforeStart posts SOAuthorizationDidStart in the next runloop. So extension could have the chance to invoke SubFrameSOAuthorizationSession::fallBackToWebPathInternal before SOAuthorizationDidStart is posted. 2) Even if the order is right in the UI process, it is not guaranteed that Web process will strictly follow the order as the loading process is async. To fix the issue: 1) SubFrameSOAuthorizationSession::beforeStart now posts SOAuthorizationDidStart in the same runloop. 2) Observer is introduced in FrameLoadState such that SubFrameSOAuthorizationSession could know if the loading is finished. With this new capacity, SubFrameSOAuthorizationSession can ensure it only posts next message when the previous message has been posted. Implementation wise, a deque to queue requests is provided to maintain order. 1) When new request is added to the deque, SubFrameSOAuthorizationSession will only load the request if it is the only element in the deque. Otherwise, it does nothing. 2) When SubFrameSOAuthorizationSession receives didFinishLoad, it pops the head of the queue and loads the next request in the queue if any. The above design should guarantee all requests are loaded in sequence. * UIProcess/Cocoa/SOAuthorization/SubFrameSOAuthorizationSession.h: * UIProcess/Cocoa/SOAuthorization/SubFrameSOAuthorizationSession.mm: (WebKit::SubFrameSOAuthorizationSession::SubFrameSOAuthorizationSession): (WebKit::SubFrameSOAuthorizationSession::~SubFrameSOAuthorizationSession): (WebKit::SubFrameSOAuthorizationSession::fallBackToWebPathInternal): (WebKit::SubFrameSOAuthorizationSession::completeInternal): (WebKit::SubFrameSOAuthorizationSession::beforeStart): (WebKit::SubFrameSOAuthorizationSession::didFinishLoad): (WebKit::SubFrameSOAuthorizationSession::appendRequestToLoad): (WebKit::SubFrameSOAuthorizationSession::loadRequestToFrame): (WebKit::SubFrameSOAuthorizationSession::loadDataToFrame): Deleted. (WebKit::SubFrameSOAuthorizationSession::postDidCancelMessageToParent): Deleted. * UIProcess/FrameLoadState.cpp: (WebKit::FrameLoadState::addObserver): (WebKit::FrameLoadState::removeObserver): (WebKit::FrameLoadState::didFinishLoad): * UIProcess/FrameLoadState.h: Tools: Adds tests that check the order of messages posted by SubFrameSOAuthorizationSession. * TestWebKitAPI/Tests/WebKitCocoa/TestSOAuthorization.mm: (-[TestSOAuthorizationScriptMessageHandler userContentController:didReceiveScriptMessage:]): (resetState): (TestWebKitAPI::TEST): git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250416 268f45cc-cd09-0410-ab3c-d52691b4dbfc Modified Paths branches/safari-608-branch/Source/WebKit/ChangeLog branches/safari-608-branch/Source/WebKit/UIProcess/Cocoa/SOAuthorization/SOAuthorizationCoordinator.mm branches/safari-608-branch/Source/WebKit/UIProcess/Cocoa/SOAuthorization/SubFrameSOAuthorizationSession.h branches/safari-608-branch/Source/WebKit/UIProcess/Cocoa/SOAuthorization/SubFrameSOAuthorizationSession.mm branches/safari-608-branch/Source/WebKit/UIProcess/FrameLoadState.cpp branches/safari-608-branch/Source/WebKit/UIProcess/FrameLoadState.h branches/safari-608-branch/Tools/ChangeLog branches/safari-608-branch/Tools/TestWebKitAPI/Tests/WebKitCocoa/TestSOAuthorization.mm Diff Modified: branches/safari-608-branch/Source/WebKit/ChangeLog (251332 => 251333) --- branches/safari-608-branch/Source/WebKit/ChangeLog 2019-10-20 17:32:33 UTC (rev 251332) +++ branches/safari-608-branch/Source/WebKit/ChangeLog 2019-10-20 17:32:36 UTC (rev 251333) @@ -1,3 +1,117 @@ +2019-10-15 Kocsen Chung + +Cherry-pick r250416. rdar://problem/55954224 + +SubFrameSOAuthorizationSession should ensure messages are posted in the right order to the parent frame +https://bugs.webkit.org/show_bug.cgi?id=202061 + + +Reviewed by Youenn Fablet. + +Source/WebKit: + +This patch ensures messages that signal the process of SOAuthorization interception are posted in +the right order to the parent frame. Before this patch, there are chances that
[webkit-changes] [251342] branches/safari-608-branch/Source/WebKit
Title: [251342] branches/safari-608-branch/Source/WebKit Revision 251342 Author bshaf...@apple.com Date 2019-10-20 10:33:08 -0700 (Sun, 20 Oct 2019) Log Message Cherry-pick r250755. rdar://problem/56061126 Use a better name than allowFastClicksEverywhere https://bugs.webkit.org/show_bug.cgi?id=202607 Reviewed by Tim Horton. This preference name is quite confusing. Change it to PreferFasterClickOverDoubleTap. * Shared/WebPreferences.yaml: * Shared/WebPreferencesDefaultValues.h: * UIProcess/WebPageProxy.h: (WebKit::WebPageProxy::preferFasterClickOverDoubleTap const): (WebKit::WebPageProxy::allowsFastClicksEverywhere const): Deleted. * UIProcess/ios/WKContentViewInteraction.mm: (-[WKContentView _handleSmartMagnificationInformationForPotentialTap:renderRect:fitEntireRect:viewportMinimumScale:viewportMaximumScale:]): * UIProcess/ios/WebPageProxyIOS.mm: (WebKit::WebPageProxy::effectiveContentModeAfterAdjustingPolicies): git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250755 268f45cc-cd09-0410-ab3c-d52691b4dbfc Modified Paths branches/safari-608-branch/Source/WebKit/ChangeLog branches/safari-608-branch/Source/WebKit/Shared/WebPreferences.yaml branches/safari-608-branch/Source/WebKit/Shared/WebPreferencesDefaultValues.h branches/safari-608-branch/Source/WebKit/UIProcess/WebPageProxy.h branches/safari-608-branch/Source/WebKit/UIProcess/ios/WKContentViewInteraction.mm branches/safari-608-branch/Source/WebKit/UIProcess/ios/WebPageProxyIOS.mm Diff Modified: branches/safari-608-branch/Source/WebKit/ChangeLog (251341 => 251342) --- branches/safari-608-branch/Source/WebKit/ChangeLog 2019-10-20 17:33:05 UTC (rev 251341) +++ branches/safari-608-branch/Source/WebKit/ChangeLog 2019-10-20 17:33:08 UTC (rev 251342) @@ -1,5 +1,51 @@ 2019-10-15 Kocsen Chung +Cherry-pick r250755. rdar://problem/56061126 + +Use a better name than allowFastClicksEverywhere +https://bugs.webkit.org/show_bug.cgi?id=202607 + + +Reviewed by Tim Horton. + +This preference name is quite confusing. Change it to +PreferFasterClickOverDoubleTap. + +* Shared/WebPreferences.yaml: +* Shared/WebPreferencesDefaultValues.h: +* UIProcess/WebPageProxy.h: +(WebKit::WebPageProxy::preferFasterClickOverDoubleTap const): +(WebKit::WebPageProxy::allowsFastClicksEverywhere const): Deleted. +* UIProcess/ios/WKContentViewInteraction.mm: +(-[WKContentView _handleSmartMagnificationInformationForPotentialTap:renderRect:fitEntireRect:viewportMinimumScale:viewportMaximumScale:]): +* UIProcess/ios/WebPageProxyIOS.mm: +(WebKit::WebPageProxy::effectiveContentModeAfterAdjustingPolicies): + +git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250755 268f45cc-cd09-0410-ab3c-d52691b4dbfc + +2019-10-04 Dean Jackson + +Use a better name than allowFastClicksEverywhere +https://bugs.webkit.org/show_bug.cgi?id=202607 + + +Reviewed by Tim Horton. + +This preference name is quite confusing. Change it to +PreferFasterClickOverDoubleTap. + +* Shared/WebPreferences.yaml: +* Shared/WebPreferencesDefaultValues.h: +* UIProcess/WebPageProxy.h: +(WebKit::WebPageProxy::preferFasterClickOverDoubleTap const): +(WebKit::WebPageProxy::allowsFastClicksEverywhere const): Deleted. +* UIProcess/ios/WKContentViewInteraction.mm: +(-[WKContentView _handleSmartMagnificationInformationForPotentialTap:renderRect:fitEntireRect:viewportMinimumScale:viewportMaximumScale:]): +* UIProcess/ios/WebPageProxyIOS.mm: +(WebKit::WebPageProxy::effectiveContentModeAfterAdjustingPolicies): + +2019-10-15 Kocsen Chung + Cherry-pick r250751. rdar://problem/56280731 Unreviewed, build fix after r250729 Modified: branches/safari-608-branch/Source/WebKit/Shared/WebPreferences.yaml (251341 => 251342) --- branches/safari-608-branch/Source/WebKit/Shared/WebPreferences.yaml 2019-10-20 17:33:05 UTC (rev 251341) +++ branches/safari-608-branch/Source/WebKit/Shared/WebPreferences.yaml 2019-10-20 17:33:08 UTC (rev 251342) @@ -1534,17 +1534,17 @@ type: bool defaultValue: true condition: PLATFORM(IOS_FAMILY) - humanReadableName: "Faster clicks" + humanReadableName: "Fast clicks" humanReadableDescription: "Support faster clicks on zoomable pages" webcoreBinding: none category: internal -FastClicksEverywhere: +PreferFasterClickOverDoubleTap: type: bool - defaultValue: DEFAULT_FAST_CLICKS_EVERYWHERE + defaultValue: DEFAULT_PREFER_FASTER_CLICK_OVER_DOUBLE_TAP condition: PLATFORM(IOS_FAMILY) - humanReadableName: "Fast clicks everywhere" - humanReadableDescription: "Force fast clicks on all pages" + humanReadableName: "Use fast clicks before double tap" + humanReadableDescription: "Prefer a faster click over a double
[webkit-changes] [251341] branches/safari-608-branch/Source/WebKit
Title: [251341] branches/safari-608-branch/Source/WebKit
Revision 251341
Author bshaf...@apple.com
Date 2019-10-20 10:33:05 -0700 (Sun, 20 Oct 2019)
Log Message
Cherry-pick r250751. rdar://problem/56280731
Unreviewed, build fix after r250729
* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
* UIProcess/API/Cocoa/_WKWebAuthenticationPanelInternal.h:
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250751 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Modified Paths
branches/safari-608-branch/Source/WebKit/ChangeLog
branches/safari-608-branch/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm
branches/safari-608-branch/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanelInternal.h
Diff
Modified: branches/safari-608-branch/Source/WebKit/ChangeLog (251340 => 251341)
--- branches/safari-608-branch/Source/WebKit/ChangeLog 2019-10-20 17:33:02 UTC (rev 251340)
+++ branches/safari-608-branch/Source/WebKit/ChangeLog 2019-10-20 17:33:05 UTC (rev 251341)
@@ -1,5 +1,23 @@
2019-10-15 Kocsen Chung
+Cherry-pick r250751. rdar://problem/56280731
+
+Unreviewed, build fix after r250729
+
+* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
+* UIProcess/API/Cocoa/_WKWebAuthenticationPanelInternal.h:
+
+git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250751 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+2019-10-04 Jiewen Tan
+
+Unreviewed, build fix after r250729
+
+* UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
+* UIProcess/API/Cocoa/_WKWebAuthenticationPanelInternal.h:
+
+2019-10-15 Kocsen Chung
+
Cherry-pick r250729. rdar://problem/56280731
[WebAuthn] Implement _WKWebAuthenticationPanel SPI
Modified: branches/safari-608-branch/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm (251340 => 251341)
--- branches/safari-608-branch/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm 2019-10-20 17:33:02 UTC (rev 251340)
+++ branches/safari-608-branch/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm 2019-10-20 17:33:05 UTC (rev 251341)
@@ -30,9 +30,13 @@
#import
@implementation _WKWebAuthenticationPanel {
+#if ENABLE(WEB_AUTHN)
WeakPtr _client;
+#endif
}
+#if ENABLE(WEB_AUTHN)
+
- (void)dealloc
{
_panel->~WebAuthenticationPanel();
@@ -59,10 +63,13 @@
_panel->setClient(WTFMove(client));
}
+#endif // ENABLE(WEB_AUTHN)
+
- (void)cancel
{
}
+#if ENABLE(WEB_AUTHN)
#pragma mark WKObject protocol implementation
- (API::Object&)_apiObject
@@ -69,5 +76,6 @@
{
return *_panel;
}
+#endif
@end
Modified: branches/safari-608-branch/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanelInternal.h (251340 => 251341)
--- branches/safari-608-branch/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanelInternal.h 2019-10-20 17:33:02 UTC (rev 251340)
+++ branches/safari-608-branch/Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanelInternal.h 2019-10-20 17:33:05 UTC (rev 251341)
@@ -27,6 +27,8 @@
#import "_WKWebAuthenticationPanel.h"
+#if ENABLE(WEB_AUTHN)
+
#import "APIWebAuthenticationPanel.h"
#import "WKObject.h"
@@ -43,3 +45,5 @@
API::ObjectStorage _panel;
}
@end
+
+#endif // ENABLE(WEB_AUTHN)
___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [251337] branches/safari-608-branch/Source
Title: [251337] branches/safari-608-branch/Source Revision 251337 Author bshaf...@apple.com Date 2019-10-20 10:32:48 -0700 (Sun, 20 Oct 2019) Log Message Cherry-pick r250642. rdar://problem/56280704 [iOS] When hit testing for a context menu interaction, do not consider whether the element is contenteditable https://bugs.webkit.org/show_bug.cgi?id=202498 Reviewed by Tim Horton. Source/WebCore: When the user selects a context menu action, WebKit performs a hit test in order to find the acted-on element on the page. This is separate from the hit test performed to generate the context menu's targeted preview. Since an arbitrary amount of time can elapse between preview generation and action selection, this second hit-tests might return a different element. One case where we know a different element can be returned is in apps that dynamically enable and disable editing. If editing is disabled when the first hit test occurs but is enabled when the second one occurs, different elements will be returned due to Frame::qualifyingNodeAtViewportLocation preferring to return the root editable element when the approximate node is contenteditable. While the appropriate long-term fix is to only hit-test once and use that element for both preview generation and action selection, this patch implements a short-term fix to address the specific problem in rdar://problem/54723131 by disabling the contenteditable behavior described above for context menu interaction hit testing. The long-term fix is tracked by . * page/Frame.h: * page/ios/FrameIOS.mm: (WebCore::Frame::qualifyingNodeAtViewportLocation): (WebCore::Frame::approximateNodeAtViewportLocationLegacy): (WebCore::ancestorRespondingToClickEventsNodeQualifier): (WebCore::Frame::nodeRespondingToClickEvents): (WebCore::Frame::nodeRespondingToDoubleClickEvent): (WebCore::Frame::nodeRespondingToInteraction): (WebCore::Frame::nodeRespondingToScrollWheelEvents): Source/WebKit: * WebProcess/WebPage/ios/WebPageIOS.mm: (WebKit::WebPage::startInteractionWithElementAtPosition): Changed to call WebCore::Frame::nodeRespondingToInteraction. git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250642 268f45cc-cd09-0410-ab3c-d52691b4dbfc Modified Paths branches/safari-608-branch/Source/WebCore/ChangeLog branches/safari-608-branch/Source/WebCore/page/Frame.h branches/safari-608-branch/Source/WebCore/page/ios/FrameIOS.mm branches/safari-608-branch/Source/WebKit/ChangeLog branches/safari-608-branch/Source/WebKit/WebProcess/WebPage/ios/WebPageIOS.mm Diff Modified: branches/safari-608-branch/Source/WebCore/ChangeLog (251336 => 251337) --- branches/safari-608-branch/Source/WebCore/ChangeLog 2019-10-20 17:32:45 UTC (rev 251336) +++ branches/safari-608-branch/Source/WebCore/ChangeLog 2019-10-20 17:32:48 UTC (rev 251337) @@ -1,5 +1,92 @@ 2019-10-15 Kocsen Chung +Cherry-pick r250642. rdar://problem/56280704 + +[iOS] When hit testing for a context menu interaction, do not consider whether the element is contenteditable +https://bugs.webkit.org/show_bug.cgi?id=202498 + + +Reviewed by Tim Horton. + +Source/WebCore: + +When the user selects a context menu action, WebKit performs a hit test in order to find the +acted-on element on the page. This is separate from the hit test performed to generate the +context menu's targeted preview. Since an arbitrary amount of time can elapse between +preview generation and action selection, this second hit-tests might return a different +element. + +One case where we know a different element can be returned is in apps that dynamically +enable and disable editing. If editing is disabled when the first hit test occurs but is +enabled when the second one occurs, different elements will be returned due to +Frame::qualifyingNodeAtViewportLocation preferring to return the root editable element when +the approximate node is contenteditable. + +While the appropriate long-term fix is to only hit-test once and use that element for both +preview generation and action selection, this patch implements a short-term fix to address +the specific problem in rdar://problem/54723131 by disabling the contenteditable behavior +described above for context menu interaction hit testing. + +The long-term fix is tracked by . + +* page/Frame.h: +* page/ios/FrameIOS.mm: +(WebCore::Frame::qualifyingNodeAtViewportLocation): +(WebCore::Frame::approximateNodeAtViewportLocationLegacy): +(WebCore::ancestorRespondingToClickEventsNodeQualifier): +(WebCore::Frame::nodeRespondingToClickEvents): +(WebCore::Frame::nodeRespondingToDoubleClickEvent): +(WebCore::Frame::nodeRespondingToInteraction): +(WebCore::Frame::nodeRespondingToScrollWheelEvents): + +Source/WebKit: + +
[webkit-changes] [251339] branches/safari-608-branch/Source/WebCore
Title: [251339] branches/safari-608-branch/Source/WebCore
Revision 251339
Author bshaf...@apple.com
Date 2019-10-20 10:32:54 -0700 (Sun, 20 Oct 2019)
Log Message
Cherry-pick r250716. rdar://problem/56280993
AppleTV named as XSS-payloads trigger when AirPlay is used
https://bugs.webkit.org/show_bug.cgi?id=202534
Reviewed by Eric Carlson.
Ensure we escape an AirPlay's device name before inserting its name into the DOM.
* Modules/modern-media-controls/media/placard-support.js:
(PlacardSupport.prototype._updateAirPlayPlacard):
(PlacardSupport):
(escapeHTML):
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250716 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Modified Paths
branches/safari-608-branch/Source/WebCore/ChangeLog
branches/safari-608-branch/Source/WebCore/Modules/modern-media-controls/media/placard-support.js
Diff
Modified: branches/safari-608-branch/Source/WebCore/ChangeLog (251338 => 251339)
--- branches/safari-608-branch/Source/WebCore/ChangeLog 2019-10-20 17:32:51 UTC (rev 251338)
+++ branches/safari-608-branch/Source/WebCore/ChangeLog 2019-10-20 17:32:54 UTC (rev 251339)
@@ -1,5 +1,39 @@
2019-10-15 Kocsen Chung
+Cherry-pick r250716. rdar://problem/56280993
+
+AppleTV named as XSS-payloads trigger when AirPlay is used
+https://bugs.webkit.org/show_bug.cgi?id=202534
+
+
+Reviewed by Eric Carlson.
+
+Ensure we escape an AirPlay's device name before inserting its name into the DOM.
+
+* Modules/modern-media-controls/media/placard-support.js:
+(PlacardSupport.prototype._updateAirPlayPlacard):
+(PlacardSupport):
+(escapeHTML):
+
+git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250716 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+2019-10-03 Antoine Quint
+
+AppleTV named as XSS-payloads trigger when AirPlay is used
+https://bugs.webkit.org/show_bug.cgi?id=202534
+
+
+Reviewed by Eric Carlson.
+
+Ensure we escape an AirPlay's device name before inserting its name into the DOM.
+
+* Modules/modern-media-controls/media/placard-support.js:
+(PlacardSupport.prototype._updateAirPlayPlacard):
+(PlacardSupport):
+(escapeHTML):
+
+2019-10-15 Kocsen Chung
+
Cherry-pick r250694. rdar://problem/56061131
[iOS] WebContent process can be interrupted during suspension; loses "Now Playing" status
Modified: branches/safari-608-branch/Source/WebCore/Modules/modern-media-controls/media/placard-support.js (251338 => 251339)
--- branches/safari-608-branch/Source/WebCore/Modules/modern-media-controls/media/placard-support.js 2019-10-20 17:32:51 UTC (rev 251338)
+++ branches/safari-608-branch/Source/WebCore/Modules/modern-media-controls/media/placard-support.js 2019-10-20 17:32:54 UTC (rev 251339)
@@ -80,7 +80,7 @@
switch(this.mediaController.host.externalDeviceType) {
case 'airplay':
-deviceName = UIString("This video is playing on ā%sā.", this.mediaController.host.externalDeviceDisplayName || UIString("Apple TV"));
+deviceName = UIString("This video is playing on ā%sā.", escapeHTML(this.mediaController.host.externalDeviceDisplayName) || UIString("Apple TV"));
break;
case 'tvout':
deviceName = UIString("This video is playing on the TV.");
@@ -90,3 +90,10 @@
}
}
+
+function escapeHTML(unsafeString)
+{
+var div = document.createElement("div");
+div.textContent = unsafeString;
+return div.innerHTML;
+}
___
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [251345] branches/safari-608-branch
Title: [251345] branches/safari-608-branch
Revision 251345
Author bshaf...@apple.com
Date 2019-10-20 10:33:22 -0700 (Sun, 20 Oct 2019)
Log Message
Cherry-pick r250833. rdar://problem/56280706
Apply patch. rdar://problem/55920073
git-svn-id: https://svn.webkit.org/repository/webkit/branches/safari-608.3.10.1-branch@250833 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Modified Paths
branches/safari-608-branch/Source/WebKit/ChangeLog
branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkProcess.cpp
branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkProcess.h
branches/safari-608-branch/Tools/ChangeLog
branches/safari-608-branch/Tools/TestWebKitAPI/Tests/WebKitCocoa/ServiceWorkerBasic.mm
Diff
Modified: branches/safari-608-branch/Source/WebKit/ChangeLog (251344 => 251345)
--- branches/safari-608-branch/Source/WebKit/ChangeLog 2019-10-20 17:33:19 UTC (rev 251344)
+++ branches/safari-608-branch/Source/WebKit/ChangeLog 2019-10-20 17:33:22 UTC (rev 251345)
@@ -1,3 +1,34 @@
+2019-10-15 Alan Coon
+
+Cherry-pick r250833. rdar://problem/56280706
+
+Apply patch. rdar://problem/55920073
+
+git-svn-id: https://svn.webkit.org/repository/webkit/branches/safari-608.3.10.1-branch@250833 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+2019-10-08 Alan Coon
+
+Apply patch. rdar://problem/55920073
+
+2019-10-08 youenn fablet
+
+Remove the protection to spin more than one service worker process at a time.
+rdar://problem/55044713
+
+Before site isolation, we were creating one service worker process for all domains.
+We now create one service worker process per domain, which makes the protection to only spin
+one service worker process potentially harmful: if two requests to create a service worker processes
+for two different domains are made, only one will actually succeed.
+This is reproduced by API test.
+
+At UIProcess side, there is already a check to see whether a service worker process for a given domain is launched.
+That protects against spinning several service worker processes for the same domain.
+
+* NetworkProcess/NetworkProcess.cpp:
+(WebKit::NetworkProcess::createNetworkConnectionToWebProcess):
+(WebKit::NetworkProcess::createServerToContextConnection):
+* NetworkProcess/NetworkProcess.h:
+
2019-10-15 Kocsen Chung
Cherry-pick r250780. rdar://problem/56061126
Modified: branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkProcess.cpp (251344 => 251345)
--- branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkProcess.cpp 2019-10-20 17:33:19 UTC (rev 251344)
+++ branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkProcess.cpp 2019-10-20 17:33:22 UTC (rev 251345)
@@ -430,13 +430,10 @@
#if ENABLE(SERVICE_WORKER)
if (isServiceWorkerProcess && !m_webProcessConnections.isEmpty()) {
ASSERT(parentProcessHasServiceWorkerEntitlement());
-ASSERT(m_waitingForServerToContextProcessConnection);
auto contextConnection = WebSWServerToContextConnection::create(*this, registrableDomain, m_webProcessConnections.last()->connection());
auto addResult = m_serverToContextConnections.add(WTFMove(registrableDomain), contextConnection.copyRef());
ASSERT_UNUSED(addResult, addResult.isNewEntry);
-m_waitingForServerToContextProcessConnection = false;
-
for (auto* server : SWServer::allServers())
server->serverToContextConnectionCreated(contextConnection);
}
@@ -2442,10 +2439,6 @@
void NetworkProcess::createServerToContextConnection(const RegistrableDomain& registrableDomain, Optional sessionID)
{
-if (m_waitingForServerToContextProcessConnection)
-return;
-
-m_waitingForServerToContextProcessConnection = true;
if (sessionID)
parentProcessConnection()->send(Messages::NetworkProcessProxy::EstablishWorkerContextConnectionToNetworkProcessForExplicitSession(registrableDomain, *sessionID), 0);
else
Modified: branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkProcess.h (251344 => 251345)
--- branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkProcess.h 2019-10-20 17:33:19 UTC (rev 251344)
+++ branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkProcess.h 2019-10-20 17:33:22 UTC (rev 251345)
@@ -536,7 +536,6 @@
#if ENABLE(SERVICE_WORKER)
HashMap> m_serverToContextConnections;
-bool m_waitingForServerToContextProcessConnection { false };
bool m_shouldDisableServiceWorkerProcessTerminationDelay { false };
HashMap m_swDatabasePaths;
HashMap> m_swServers;
Modified: branches/safari-608-branch/Tools/ChangeLog (251344 => 251345)
--- branches/safari-608-branch/Tools/ChangeLog 2019-10-20 17:33:19 UTC (rev 251344)
+++
[webkit-changes] [251332] branches/safari-608-branch
Title: [251332] branches/safari-608-branch
Revision 251332
Author bshaf...@apple.com
Date 2019-10-20 10:32:33 -0700 (Sun, 20 Oct 2019)
Log Message
Cherry-pick r249959. rdar://problem/56280989
CheckArray on DirectArguments/ScopedArguments does not filter out slow put array storage
https://bugs.webkit.org/show_bug.cgi?id=201853
Reviewed by Yusuke Suzuki.
JSTests:
* stress/direct-arguments-check-array-filter-type.js: Added.
(foo):
Source/_javascript_Core:
We were claiming CheckArray for ScopedArguments/DirectArguments was filtering
out SlowPutArrayStorage. It does no such thing. We just check that the object
is either ScopedArguments/DirectArguments.
* dfg/DFGArrayMode.h:
(JSC::DFG::ArrayMode::arrayModesThatPassFiltering const):
(JSC::DFG::ArrayMode::arrayModesWithIndexingShapes const):
(JSC::DFG::ArrayMode::arrayModesWithIndexingShape const): Deleted.
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@249959 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Modified Paths
branches/safari-608-branch/JSTests/ChangeLog
branches/safari-608-branch/Source/_javascript_Core/ChangeLog
branches/safari-608-branch/Source/_javascript_Core/dfg/DFGArrayMode.h
Added Paths
branches/safari-608-branch/JSTests/stress/direct-arguments-check-array-filter-type.js
Diff
Modified: branches/safari-608-branch/JSTests/ChangeLog (251331 => 251332)
--- branches/safari-608-branch/JSTests/ChangeLog 2019-10-20 17:32:28 UTC (rev 251331)
+++ branches/safari-608-branch/JSTests/ChangeLog 2019-10-20 17:32:33 UTC (rev 251332)
@@ -1,3 +1,43 @@
+2019-10-15 Kocsen Chung
+
+Cherry-pick r249959. rdar://problem/56280989
+
+CheckArray on DirectArguments/ScopedArguments does not filter out slow put array storage
+https://bugs.webkit.org/show_bug.cgi?id=201853
+
+
+Reviewed by Yusuke Suzuki.
+
+JSTests:
+
+* stress/direct-arguments-check-array-filter-type.js: Added.
+(foo):
+
+Source/_javascript_Core:
+
+We were claiming CheckArray for ScopedArguments/DirectArguments was filtering
+out SlowPutArrayStorage. It does no such thing. We just check that the object
+is either ScopedArguments/DirectArguments.
+
+* dfg/DFGArrayMode.h:
+(JSC::DFG::ArrayMode::arrayModesThatPassFiltering const):
+(JSC::DFG::ArrayMode::arrayModesWithIndexingShapes const):
+(JSC::DFG::ArrayMode::arrayModesWithIndexingShape const): Deleted.
+
+
+git-svn-id: https://svn.webkit.org/repository/webkit/trunk@249959 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+2019-09-17 Saam Barati
+
+CheckArray on DirectArguments/ScopedArguments does not filter out slow put array storage
+https://bugs.webkit.org/show_bug.cgi?id=201853
+
+
+Reviewed by Yusuke Suzuki.
+
+* stress/direct-arguments-check-array-filter-type.js: Added.
+(foo):
+
2019-09-30 Babak Shafiei
Cherry-pick r250058. rdar://problem/55826329
Added: branches/safari-608-branch/JSTests/stress/direct-arguments-check-array-filter-type.js (0 => 251332)
--- branches/safari-608-branch/JSTests/stress/direct-arguments-check-array-filter-type.js (rev 0)
+++ branches/safari-608-branch/JSTests/stress/direct-arguments-check-array-filter-type.js 2019-10-20 17:32:33 UTC (rev 251332)
@@ -0,0 +1,12 @@
+//@ runDefault("--jitPolicyScale=0", "--useRandomizingFuzzerAgent=1", "--validateAbstractInterpreterState=1", "--validateAbstractInterpreterStateProbability=1.0", "--useConcurrentJIT=0")
+
+function foo(a0, a1) {
+Function.__defineSetter__(0, ()=>{});
+Object.freeze(arguments);
+for (let i = 0; i < 3; i++) {}
+arguments[0];
+const x = 0;
+const y = 0;
+}
+
+foo();
Modified: branches/safari-608-branch/Source/_javascript_Core/ChangeLog (251331 => 251332)
--- branches/safari-608-branch/Source/_javascript_Core/ChangeLog 2019-10-20 17:32:28 UTC (rev 251331)
+++ branches/safari-608-branch/Source/_javascript_Core/ChangeLog 2019-10-20 17:32:33 UTC (rev 251332)
@@ -1,3 +1,49 @@
+2019-10-15 Kocsen Chung
+
+Cherry-pick r249959. rdar://problem/56280989
+
+CheckArray on DirectArguments/ScopedArguments does not filter out slow put array storage
+https://bugs.webkit.org/show_bug.cgi?id=201853
+
+
+Reviewed by Yusuke Suzuki.
+
+JSTests:
+
+* stress/direct-arguments-check-array-filter-type.js: Added.
+(foo):
+
+Source/_javascript_Core:
+
+We were claiming CheckArray for ScopedArguments/DirectArguments was filtering
+out SlowPutArrayStorage. It does no such thing. We just check that the object
+is either ScopedArguments/DirectArguments.
+
+* dfg/DFGArrayMode.h:
+(JSC::DFG::ArrayMode::arrayModesThatPassFiltering const):
+(JSC::DFG::ArrayMode::arrayModesWithIndexingShapes const):
+(JSC::DFG::ArrayMode::arrayModesWithIndexingShape const): Deleted.
+
+
[webkit-changes] [251338] branches/safari-608-branch/Source/WebCore
Title: [251338] branches/safari-608-branch/Source/WebCore
Revision 251338
Author bshaf...@apple.com
Date 2019-10-20 10:32:51 -0700 (Sun, 20 Oct 2019)
Log Message
Cherry-pick r250694. rdar://problem/56061131
[iOS] WebContent process can be interrupted during suspension; loses "Now Playing" status
https://bugs.webkit.org/show_bug.cgi?id=202537
Reviewed by Eric Carlson.
Always deactivate the AVAudioSession when the last playing PlatformAudioSession ends playback and the application is in the background.
* platform/audio/PlatformMediaSessionManager.cpp:
(WebCore::PlatformMediaSessionManager::removeSession):
(WebCore::PlatformMediaSessionManager::processWillSuspend):
(WebCore::PlatformMediaSessionManager::maybeDeactivateAudioSession):
* platform/audio/PlatformMediaSessionManager.h:
(WebCore::PlatformMediaSessionManager::isApplicationInBackground const):
* platform/audio/ios/MediaSessionManagerIOS.h:
* platform/audio/ios/MediaSessionManagerIOS.mm:
(WebCore::MediaSessionManageriOS::sessionWillEndPlayback):
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250694 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Modified Paths
branches/safari-608-branch/Source/WebCore/ChangeLog
branches/safari-608-branch/Source/WebCore/platform/audio/PlatformMediaSessionManager.cpp
branches/safari-608-branch/Source/WebCore/platform/audio/PlatformMediaSessionManager.h
branches/safari-608-branch/Source/WebCore/platform/audio/ios/MediaSessionManagerIOS.h
branches/safari-608-branch/Source/WebCore/platform/audio/ios/MediaSessionManagerIOS.mm
Diff
Modified: branches/safari-608-branch/Source/WebCore/ChangeLog (251337 => 251338)
--- branches/safari-608-branch/Source/WebCore/ChangeLog 2019-10-20 17:32:48 UTC (rev 251337)
+++ branches/safari-608-branch/Source/WebCore/ChangeLog 2019-10-20 17:32:51 UTC (rev 251338)
@@ -1,5 +1,51 @@
2019-10-15 Kocsen Chung
+Cherry-pick r250694. rdar://problem/56061131
+
+[iOS] WebContent process can be interrupted during suspension; loses "Now Playing" status
+https://bugs.webkit.org/show_bug.cgi?id=202537
+
+
+Reviewed by Eric Carlson.
+
+Always deactivate the AVAudioSession when the last playing PlatformAudioSession ends playback and the application is in the background.
+
+* platform/audio/PlatformMediaSessionManager.cpp:
+(WebCore::PlatformMediaSessionManager::removeSession):
+(WebCore::PlatformMediaSessionManager::processWillSuspend):
+(WebCore::PlatformMediaSessionManager::maybeDeactivateAudioSession):
+* platform/audio/PlatformMediaSessionManager.h:
+(WebCore::PlatformMediaSessionManager::isApplicationInBackground const):
+* platform/audio/ios/MediaSessionManagerIOS.h:
+* platform/audio/ios/MediaSessionManagerIOS.mm:
+(WebCore::MediaSessionManageriOS::sessionWillEndPlayback):
+
+
+
+git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250694 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+2019-10-03 Jer Noble
+
+[iOS] WebContent process can be interrupted during suspension; loses "Now Playing" status
+https://bugs.webkit.org/show_bug.cgi?id=202537
+
+
+Reviewed by Eric Carlson.
+
+Always deactivate the AVAudioSession when the last playing PlatformAudioSession ends playback and the application is in the background.
+
+* platform/audio/PlatformMediaSessionManager.cpp:
+(WebCore::PlatformMediaSessionManager::removeSession):
+(WebCore::PlatformMediaSessionManager::processWillSuspend):
+(WebCore::PlatformMediaSessionManager::maybeDeactivateAudioSession):
+* platform/audio/PlatformMediaSessionManager.h:
+(WebCore::PlatformMediaSessionManager::isApplicationInBackground const):
+* platform/audio/ios/MediaSessionManagerIOS.h:
+* platform/audio/ios/MediaSessionManagerIOS.mm:
+(WebCore::MediaSessionManageriOS::sessionWillEndPlayback):
+
+2019-10-15 Kocsen Chung
+
Cherry-pick r250642. rdar://problem/56280704
[iOS] When hit testing for a context menu interaction, do not consider whether the element is contenteditable
Modified: branches/safari-608-branch/Source/WebCore/platform/audio/PlatformMediaSessionManager.cpp (251337 => 251338)
--- branches/safari-608-branch/Source/WebCore/platform/audio/PlatformMediaSessionManager.cpp 2019-10-20 17:32:48 UTC (rev 251337)
+++ branches/safari-608-branch/Source/WebCore/platform/audio/PlatformMediaSessionManager.cpp 2019-10-20 17:32:51 UTC (rev 251338)
@@ -166,10 +166,7 @@
m_remoteCommandListener = nullptr;
m_audioHardwareListener = nullptr;
#if USE(AUDIO_SESSION)
-if (m_becameActive && shouldDeactivateAudioSession()) {
-AudioSession::sharedSession().tryToSetActive(false);
-m_becameActive = false;
-}
+
[webkit-changes] [251346] branches/safari-608-branch
Title: [251346] branches/safari-608-branch
Revision 251346
Author bshaf...@apple.com
Date 2019-10-20 10:33:25 -0700 (Sun, 20 Oct 2019)
Log Message
Cherry-pick r250929. rdar://problem/56280990
RunResolver::rangeForRendererWithOffsets should check for range end
https://bugs.webkit.org/show_bug.cgi?id=202761
Reviewed by Antti Koivisto.
Source/WebCore:
This patch ensures that when rangeForRenderer comes back with a collapsed run (empty range), rangeForRendererWithOffsets returns an empty range as well.
Test: fast/text/simple-line-layout-range-check-end.html
* rendering/SimpleLineLayoutResolver.cpp:
(WebCore::SimpleLineLayout::RunResolver::rangeForRendererWithOffsets const):
LayoutTests:
* fast/text/simple-line-layout-range-check-end-expected.txt: Added.
* fast/text/simple-line-layout-range-check-end.html: Added.
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250929 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Modified Paths
branches/safari-608-branch/LayoutTests/ChangeLog
branches/safari-608-branch/Source/WebCore/ChangeLog
branches/safari-608-branch/Source/WebCore/rendering/SimpleLineLayoutResolver.cpp
Added Paths
branches/safari-608-branch/LayoutTests/fast/text/simple-line-layout-range-check-end-expected.txt
branches/safari-608-branch/LayoutTests/fast/text/simple-line-layout-range-check-end.html
Diff
Modified: branches/safari-608-branch/LayoutTests/ChangeLog (251345 => 251346)
--- branches/safari-608-branch/LayoutTests/ChangeLog 2019-10-20 17:33:22 UTC (rev 251345)
+++ branches/safari-608-branch/LayoutTests/ChangeLog 2019-10-20 17:33:25 UTC (rev 251346)
@@ -1,5 +1,42 @@
2019-10-15 Kocsen Chung
+Cherry-pick r250929. rdar://problem/56280990
+
+RunResolver::rangeForRendererWithOffsets should check for range end
+https://bugs.webkit.org/show_bug.cgi?id=202761
+
+
+Reviewed by Antti Koivisto.
+
+Source/WebCore:
+
+This patch ensures that when rangeForRenderer comes back with a collapsed run (empty range), rangeForRendererWithOffsets returns an empty range as well.
+
+Test: fast/text/simple-line-layout-range-check-end.html
+
+* rendering/SimpleLineLayoutResolver.cpp:
+(WebCore::SimpleLineLayout::RunResolver::rangeForRendererWithOffsets const):
+
+LayoutTests:
+
+* fast/text/simple-line-layout-range-check-end-expected.txt: Added.
+* fast/text/simple-line-layout-range-check-end.html: Added.
+
+git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250929 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+2019-10-09 Zalan Bujtas
+
+RunResolver::rangeForRendererWithOffsets should check for range end
+https://bugs.webkit.org/show_bug.cgi?id=202761
+
+
+Reviewed by Antti Koivisto.
+
+* fast/text/simple-line-layout-range-check-end-expected.txt: Added.
+* fast/text/simple-line-layout-range-check-end.html: Added.
+
+2019-10-15 Kocsen Chung
+
Cherry-pick r250811. rdar://problem/56061121
Only wrapping CryptoKeys for IDB during serialization
Added: branches/safari-608-branch/LayoutTests/fast/text/simple-line-layout-range-check-end-expected.txt (0 => 251346)
--- branches/safari-608-branch/LayoutTests/fast/text/simple-line-layout-range-check-end-expected.txt (rev 0)
+++ branches/safari-608-branch/LayoutTests/fast/text/simple-line-layout-range-check-end-expected.txt 2019-10-20 17:33:25 UTC (rev 251346)
@@ -0,0 +1,3 @@
+Pass if no crash or assert.
+text
+
Added: branches/safari-608-branch/LayoutTests/fast/text/simple-line-layout-range-check-end.html (0 => 251346)
--- branches/safari-608-branch/LayoutTests/fast/text/simple-line-layout-range-check-end.html (rev 0)
+++ branches/safari-608-branch/LayoutTests/fast/text/simple-line-layout-range-check-end.html 2019-10-20 17:33:25 UTC (rev 251346)
@@ -0,0 +1,14 @@
+Pass if no crash or assert.
+
+
+
+
+if (window.testRunner)
+testRunner.dumpAsText();
+middle.after("text");
+
+var foo = document.createRange();
+foo.selectNodeContents(last);
+foo.setStartAfter(first);
+foo.getBoundingClientRect();
+
Modified: branches/safari-608-branch/Source/WebCore/ChangeLog (251345 => 251346)
--- branches/safari-608-branch/Source/WebCore/ChangeLog 2019-10-20 17:33:22 UTC (rev 251345)
+++ branches/safari-608-branch/Source/WebCore/ChangeLog 2019-10-20 17:33:25 UTC (rev 251346)
@@ -1,5 +1,46 @@
2019-10-15 Kocsen Chung
+Cherry-pick r250929. rdar://problem/56280990
+
+RunResolver::rangeForRendererWithOffsets should check for range end
+https://bugs.webkit.org/show_bug.cgi?id=202761
+
+
+Reviewed by Antti Koivisto.
+
+Source/WebCore:
+
+This patch ensures that when rangeForRenderer comes back with a collapsed run (empty range), rangeForRendererWithOffsets returns an empty range as well.
+
+Test:
[webkit-changes] [251335] branches/safari-608-branch
Title: [251335] branches/safari-608-branch
Revision 251335
Author bshaf...@apple.com
Date 2019-10-20 10:32:43 -0700 (Sun, 20 Oct 2019)
Log Message
Cherry-pick r250585. rdar://problem/56280995
ObjectAllocationSinkingPhase shouldn't insert hints for allocations which are no longer valid
https://bugs.webkit.org/show_bug.cgi?id=199361
Reviewed by Yusuke Suzuki.
JSTests:
* stress/allocation-sinking-hints-are-valid-ssa-2.js: Added.
(main.fn):
(main.executor):
(main):
* stress/allocation-sinking-hints-are-valid-ssa.js: Added.
(main.fn):
(main.executor):
(main):
Source/_javascript_Core:
In a prior fix to the object allocation sinking phase, I added code where we
made sure to insert PutHints over Phis for fields of an object at control flow
merge points. However, that code didn't consider that the base of the PutHint
may no longer be a valid heap location. This could cause us to emit invalid
SSA code by referring to a node which does not dominate the PutHint location.
This patch fixes the bug to only emit the PutHints when valid.
This patch also makes it so that DFGValidate actually validates that the graph
is in valid SSA form. E.g, any use of a node N must be dominated by N.
* dfg/DFGObjectAllocationSinkingPhase.cpp:
* dfg/DFGValidate.cpp:
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250585 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Modified Paths
branches/safari-608-branch/JSTests/ChangeLog
branches/safari-608-branch/Source/_javascript_Core/ChangeLog
branches/safari-608-branch/Source/_javascript_Core/dfg/DFGObjectAllocationSinkingPhase.cpp
branches/safari-608-branch/Source/_javascript_Core/dfg/DFGValidate.cpp
Added Paths
branches/safari-608-branch/JSTests/stress/allocation-sinking-hints-are-valid-ssa-2.js
branches/safari-608-branch/JSTests/stress/allocation-sinking-hints-are-valid-ssa.js
Diff
Modified: branches/safari-608-branch/JSTests/ChangeLog (251334 => 251335)
--- branches/safari-608-branch/JSTests/ChangeLog 2019-10-20 17:32:40 UTC (rev 251334)
+++ branches/safari-608-branch/JSTests/ChangeLog 2019-10-20 17:32:43 UTC (rev 251335)
@@ -1,5 +1,62 @@
2019-10-15 Kocsen Chung
+Cherry-pick r250585. rdar://problem/56280995
+
+ObjectAllocationSinkingPhase shouldn't insert hints for allocations which are no longer valid
+https://bugs.webkit.org/show_bug.cgi?id=199361
+
+
+Reviewed by Yusuke Suzuki.
+
+JSTests:
+
+* stress/allocation-sinking-hints-are-valid-ssa-2.js: Added.
+(main.fn):
+(main.executor):
+(main):
+* stress/allocation-sinking-hints-are-valid-ssa.js: Added.
+(main.fn):
+(main.executor):
+(main):
+
+Source/_javascript_Core:
+
+In a prior fix to the object allocation sinking phase, I added code where we
+made sure to insert PutHints over Phis for fields of an object at control flow
+merge points. However, that code didn't consider that the base of the PutHint
+may no longer be a valid heap location. This could cause us to emit invalid
+SSA code by referring to a node which does not dominate the PutHint location.
+This patch fixes the bug to only emit the PutHints when valid.
+
+This patch also makes it so that DFGValidate actually validates that the graph
+is in valid SSA form. E.g, any use of a node N must be dominated by N.
+
+* dfg/DFGObjectAllocationSinkingPhase.cpp:
+* dfg/DFGValidate.cpp:
+
+
+
+git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250585 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+2019-10-01 Saam Barati
+
+ObjectAllocationSinkingPhase shouldn't insert hints for allocations which are no longer valid
+https://bugs.webkit.org/show_bug.cgi?id=199361
+
+
+Reviewed by Yusuke Suzuki.
+
+* stress/allocation-sinking-hints-are-valid-ssa-2.js: Added.
+(main.fn):
+(main.executor):
+(main):
+* stress/allocation-sinking-hints-are-valid-ssa.js: Added.
+(main.fn):
+(main.executor):
+(main):
+
+2019-10-15 Kocsen Chung
+
Cherry-pick r249959. rdar://problem/56280989
CheckArray on DirectArguments/ScopedArguments does not filter out slow put array storage
Added: branches/safari-608-branch/JSTests/stress/allocation-sinking-hints-are-valid-ssa-2.js (0 => 251335)
--- branches/safari-608-branch/JSTests/stress/allocation-sinking-hints-are-valid-ssa-2.js (rev 0)
+++ branches/safari-608-branch/JSTests/stress/allocation-sinking-hints-are-valid-ssa-2.js 2019-10-20 17:32:43 UTC (rev 251335)
@@ -0,0 +1,31 @@
+function main() {
+const arr = [0];
+function executor(resolve, ...reject) {
+arr;
+if (resolve > arr) {
+const fn = () => {
+return fn;
+};
+for
[webkit-changes] [251330] trunk/Source/WebCore
Title: [251330] trunk/Source/WebCore
Revision 251330
Author za...@apple.com
Date 2019-10-20 08:09:21 -0700 (Sun, 20 Oct 2019)
Log Message
[LFC][IFC] Make InlineTextItem reusable when 'segment break' behavior changes
https://bugs.webkit.org/show_bug.cgi?id=203184
Reviewed by Antti Koivisto.
InlineTextItem::isWhitespace should dynamically check for 'preserve new line' behavior. This way we don't have to rebuild the inline item list
when the related style property value changes.
* layout/inlineformatting/InlineTextItem.cpp:
(WebCore::Layout::isWhitespaceCharacter):
(WebCore::Layout::moveToNextNonWhitespacePosition):
(WebCore::Layout::InlineTextItem::createAndAppendTextItems):
(WebCore::Layout::InlineTextItem::createWhitespaceItem):
(WebCore::Layout::InlineTextItem::createNonWhitespaceItem):
(WebCore::Layout::InlineTextItem::createSegmentBreakItem):
(WebCore::Layout::InlineTextItem::createEmptyItem):
(WebCore::Layout::InlineTextItem::InlineTextItem):
(WebCore::Layout::InlineTextItem::split const):
(WebCore::Layout::InlineTextItem::isWhitespace const):
(WebCore::Layout::isSoftLineBreak): Deleted.
* layout/inlineformatting/InlineTextItem.h:
(WebCore::Layout::InlineTextItem::isSegmentBreak const):
(WebCore::Layout::InlineTextItem::isWhitespace const): Deleted.
Modified Paths
trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/layout/inlineformatting/InlineTextItem.cpp
trunk/Source/WebCore/layout/inlineformatting/InlineTextItem.h
Diff
Modified: trunk/Source/WebCore/ChangeLog (251329 => 251330)
--- trunk/Source/WebCore/ChangeLog 2019-10-20 14:56:32 UTC (rev 251329)
+++ trunk/Source/WebCore/ChangeLog 2019-10-20 15:09:21 UTC (rev 251330)
@@ -1,5 +1,32 @@
2019-10-20 Zalan Bujtas
+[LFC][IFC] Make InlineTextItem reusable when 'segment break' behavior changes
+https://bugs.webkit.org/show_bug.cgi?id=203184
+
+
+Reviewed by Antti Koivisto.
+
+InlineTextItem::isWhitespace should dynamically check for 'preserve new line' behavior. This way we don't have to rebuild the inline item list
+when the related style property value changes.
+
+* layout/inlineformatting/InlineTextItem.cpp:
+(WebCore::Layout::isWhitespaceCharacter):
+(WebCore::Layout::moveToNextNonWhitespacePosition):
+(WebCore::Layout::InlineTextItem::createAndAppendTextItems):
+(WebCore::Layout::InlineTextItem::createWhitespaceItem):
+(WebCore::Layout::InlineTextItem::createNonWhitespaceItem):
+(WebCore::Layout::InlineTextItem::createSegmentBreakItem):
+(WebCore::Layout::InlineTextItem::createEmptyItem):
+(WebCore::Layout::InlineTextItem::InlineTextItem):
+(WebCore::Layout::InlineTextItem::split const):
+(WebCore::Layout::InlineTextItem::isWhitespace const):
+(WebCore::Layout::isSoftLineBreak): Deleted.
+* layout/inlineformatting/InlineTextItem.h:
+(WebCore::Layout::InlineTextItem::isSegmentBreak const):
+(WebCore::Layout::InlineTextItem::isWhitespace const): Deleted.
+
+2019-10-20 Zalan Bujtas
+
[LFC][IFC] Move the collapsed bit from InlineItems to runs
https://bugs.webkit.org/show_bug.cgi?id=203183
Modified: trunk/Source/WebCore/layout/inlineformatting/InlineTextItem.cpp (251329 => 251330)
--- trunk/Source/WebCore/layout/inlineformatting/InlineTextItem.cpp 2019-10-20 14:56:32 UTC (rev 251329)
+++ trunk/Source/WebCore/layout/inlineformatting/InlineTextItem.cpp 2019-10-20 15:09:21 UTC (rev 251330)
@@ -33,20 +33,15 @@
namespace WebCore {
namespace Layout {
-static inline bool isWhitespaceCharacter(char character, bool preserveNewline)
+static inline bool isWhitespaceCharacter(char character)
{
-return character == ' ' || character == '\t' || (character == '\n' && !preserveNewline);
+return character == ' ' || character == '\t';
}
-static inline bool isSoftLineBreak(char character, bool preserveNewline)
+static unsigned moveToNextNonWhitespacePosition(String textContent, unsigned startPosition)
{
-return preserveNewline && character == '\n';
-}
-
-static unsigned moveToNextNonWhitespacePosition(String textContent, unsigned startPosition, bool preserveNewline)
-{
auto nextNonWhiteSpacePosition = startPosition;
-while (nextNonWhiteSpacePosition < textContent.length() && isWhitespaceCharacter(textContent[nextNonWhiteSpacePosition], preserveNewline))
+while (nextNonWhiteSpacePosition < textContent.length() && isWhitespaceCharacter(textContent[nextNonWhiteSpacePosition]))
++nextNonWhiteSpacePosition;
return nextNonWhiteSpacePosition - startPosition;
}
@@ -89,47 +84,83 @@
{
auto text = inlineBox.textContent();
if (!text.length())
-return inlineContent.append(makeUnique(inlineBox, 0, 0, false));
+return inlineContent.append(InlineTextItem::createEmptyItem(inlineBox));
auto& style = inlineBox.style();
-auto preserveNewline = style.preserveNewline();
[webkit-changes] [251329] trunk/Source/WebCore
Title: [251329] trunk/Source/WebCore
Revision 251329
Author za...@apple.com
Date 2019-10-20 07:56:32 -0700 (Sun, 20 Oct 2019)
Log Message
[LFC][IFC] Move the collapsed bit from InlineItems to runs
https://bugs.webkit.org/show_bug.cgi?id=203183
Reviewed by Antti Koivisto.
Let's not store the collapsed bit on the InlineTextItem. All we need to know is whether the InlineTextItem content is collapsible or not.
Also when only the white-space property changes (going from preserve whitespace to not and vice versa) we don't actually need to rebuild the
InlinItem list since they don't carry any layout dependent information.
This patch also fixes leading/trailing content preservation.
* layout/inlineformatting/InlineLine.cpp:
(WebCore::Layout::Line::Run::canBeExtended const):
(WebCore::Layout::shouldPreserveTrailingContent):
(WebCore::Layout::shouldPreserveLeadingContent):
(WebCore::Layout::Line::appendTextContent):
* layout/inlineformatting/InlineLine.h:
(WebCore::Layout::Line::Run::isCollapsed const):
(WebCore::Layout::Line::Run::setIsCollapsed):
* layout/inlineformatting/InlineLineLayout.cpp:
(WebCore::Layout::inlineItemWidth):
* layout/inlineformatting/InlineTextItem.cpp:
(WebCore::Layout::InlineTextItem::createAndAppendTextItems):
(WebCore::Layout::InlineTextItem::InlineTextItem):
(WebCore::Layout::InlineTextItem::split const):
* layout/inlineformatting/InlineTextItem.h:
(WebCore::Layout::InlineTextItem::isCollapsible const):
(WebCore::Layout::InlineTextItem::isCollapsed const): Deleted.
* layout/inlineformatting/text/TextUtil.cpp:
(WebCore::Layout::TextUtil::isTrimmableContent): Deleted.
* layout/inlineformatting/text/TextUtil.h:
Modified Paths
trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/layout/inlineformatting/InlineLine.cpp
trunk/Source/WebCore/layout/inlineformatting/InlineLine.h
trunk/Source/WebCore/layout/inlineformatting/InlineLineLayout.cpp
trunk/Source/WebCore/layout/inlineformatting/InlineTextItem.cpp
trunk/Source/WebCore/layout/inlineformatting/InlineTextItem.h
trunk/Source/WebCore/layout/inlineformatting/text/TextUtil.cpp
trunk/Source/WebCore/layout/inlineformatting/text/TextUtil.h
Diff
Modified: trunk/Source/WebCore/ChangeLog (251328 => 251329)
--- trunk/Source/WebCore/ChangeLog 2019-10-19 23:50:32 UTC (rev 251328)
+++ trunk/Source/WebCore/ChangeLog 2019-10-20 14:56:32 UTC (rev 251329)
@@ -1,3 +1,37 @@
+2019-10-20 Zalan Bujtas
+
+[LFC][IFC] Move the collapsed bit from InlineItems to runs
+https://bugs.webkit.org/show_bug.cgi?id=203183
+
+Reviewed by Antti Koivisto.
+
+
+Let's not store the collapsed bit on the InlineTextItem. All we need to know is whether the InlineTextItem content is collapsible or not.
+Also when only the white-space property changes (going from preserve whitespace to not and vice versa) we don't actually need to rebuild the
+InlinItem list since they don't carry any layout dependent information.
+This patch also fixes leading/trailing content preservation.
+
+* layout/inlineformatting/InlineLine.cpp:
+(WebCore::Layout::Line::Run::canBeExtended const):
+(WebCore::Layout::shouldPreserveTrailingContent):
+(WebCore::Layout::shouldPreserveLeadingContent):
+(WebCore::Layout::Line::appendTextContent):
+* layout/inlineformatting/InlineLine.h:
+(WebCore::Layout::Line::Run::isCollapsed const):
+(WebCore::Layout::Line::Run::setIsCollapsed):
+* layout/inlineformatting/InlineLineLayout.cpp:
+(WebCore::Layout::inlineItemWidth):
+* layout/inlineformatting/InlineTextItem.cpp:
+(WebCore::Layout::InlineTextItem::createAndAppendTextItems):
+(WebCore::Layout::InlineTextItem::InlineTextItem):
+(WebCore::Layout::InlineTextItem::split const):
+* layout/inlineformatting/InlineTextItem.h:
+(WebCore::Layout::InlineTextItem::isCollapsible const):
+(WebCore::Layout::InlineTextItem::isCollapsed const): Deleted.
+* layout/inlineformatting/text/TextUtil.cpp:
+(WebCore::Layout::TextUtil::isTrimmableContent): Deleted.
+* layout/inlineformatting/text/TextUtil.h:
+
2019-10-19 Chris Dumez
FileReader should not prevent entering the back/forward cache
Modified: trunk/Source/WebCore/layout/inlineformatting/InlineLine.cpp (251328 => 251329)
--- trunk/Source/WebCore/layout/inlineformatting/InlineLine.cpp 2019-10-19 23:50:32 UTC (rev 251328)
+++ trunk/Source/WebCore/layout/inlineformatting/InlineLine.cpp 2019-10-20 14:56:32 UTC (rev 251329)
@@ -54,7 +54,10 @@
{
if (!isText())
return false;
-return !downcast(m_inlineItem).isCollapsed() && !isVisuallyEmpty();
+// Non-collapsed text runs can be merged into one continuous run.
+if (isVisuallyEmpty())
+return false;
+return !isCollapsed();
}
Line::Line(const InlineFormattingContext& inlineFormattingContext, const InitialConstraints& initialConstraints,
