Diff
Modified: trunk/LayoutTests/ChangeLog (166664 => 166665)
--- trunk/LayoutTests/ChangeLog 2014-04-02 21:02:22 UTC (rev 166664)
+++ trunk/LayoutTests/ChangeLog 2014-04-02 21:06:33 UTC (rev 166665)
@@ -1,3 +1,20 @@
+2014-04-02 Daniel Bates <[email protected]>
+
+ Remove Settings::maximumDecodedImageSize()
+ https://bugs.webkit.org/show_bug.cgi?id=131057
+ <rdar://problem/15626368>
+
+ Reviewed by Darin Adler.
+
+ Remove test LayoutTests/fast/images/decoded-size-exceeds-max-decoded-size.html as it
+ isn't applicable following the removal of the setting Settings::maximumDecodedImageSize().
+ Additionally update the test fast/images/bag-png.html to ensure that we dispatch
+ a DOM Error event when we fail to decode a malformed image.
+
+ * fast/images/bad-png.html:
+ * fast/images/decoded-size-exceeds-max-decoded-size-expected.txt: Removed.
+ * fast/images/decoded-size-exceeds-max-decoded-size.html: Removed.
+
2014-04-02 Timothy Hatcher <[email protected]>
Remove Input domain from the Web Inspector protocol.
Modified: trunk/LayoutTests/fast/images/bad-png.html (166664 => 166665)
--- trunk/LayoutTests/fast/images/bad-png.html 2014-04-02 21:02:22 UTC (rev 166664)
+++ trunk/LayoutTests/fast/images/bad-png.html 2014-04-02 21:06:33 UTC (rev 166665)
@@ -1,8 +1,17 @@
<html>
<head>
<script>
- if (window.testRunner)
+ if (window.testRunner) {
+ testRunner.waitUntilDone();
testRunner.dumpAsText();
+ }
+
+ function testPassed()
+ {
+ document.getElementById("result").innerText = "PASS";
+ if (window.testRunner)
+ testRunner.notifyDone();
+ }
</script>
</head>
@@ -10,7 +19,7 @@
<!-- This previously tried to recursively decode the PNG, leading to heap
corruption when trying to unwind the stack through a member of a
destroyed object. -->
- <img src=""
- <p>PASS</p>
+ <img src="" _onerror_="testPassed()">
+ <p id="result">FAIL</p>
</body>
</html>
Deleted: trunk/LayoutTests/fast/images/decoded-size-exceeds-max-decoded-size-expected.txt (166664 => 166665)
--- trunk/LayoutTests/fast/images/decoded-size-exceeds-max-decoded-size-expected.txt 2014-04-02 21:02:22 UTC (rev 166664)
+++ trunk/LayoutTests/fast/images/decoded-size-exceeds-max-decoded-size-expected.txt 2014-04-02 21:06:33 UTC (rev 166665)
@@ -1,10 +0,0 @@
-Tests that an image whose size exceeds the maximum decoded size dispatches a DOM error event.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS event.type is 'error'.
-PASS successfullyParsed is true
-
-TEST COMPLETE
-
Deleted: trunk/LayoutTests/fast/images/decoded-size-exceeds-max-decoded-size.html (166664 => 166665)
--- trunk/LayoutTests/fast/images/decoded-size-exceeds-max-decoded-size.html 2014-04-02 21:02:22 UTC (rev 166664)
+++ trunk/LayoutTests/fast/images/decoded-size-exceeds-max-decoded-size.html 2014-04-02 21:06:33 UTC (rev 166665)
@@ -1,26 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-<script src=""
-<script>
-window.jsTestIsAsync = true;
-if (window.internals)
- window.internals.settings.setMaximumDecodedImageSize(0); // bytes
-</script>
-</head>
-<body>
-<img src="" width="256" height="256" _onerror_="checkDispatchedEvent(event)" _onload_="checkDispatchedEvent(event)">
-<script>
-description("Tests that an image whose size exceeds the maximum decoded size dispatches a DOM error event.");
-function checkDispatchedEvent(event)
-{
- if (event.type === "error")
- testPassed("event.type is 'error'.");
- else
- testPassed("event.type should have been 'error'. Was '" + event.type + "'.");
- finishJSTest();
-}
-</script>
-<script src=""
-</body>
-</html>
Modified: trunk/Source/WebCore/ChangeLog (166664 => 166665)
--- trunk/Source/WebCore/ChangeLog 2014-04-02 21:02:22 UTC (rev 166664)
+++ trunk/Source/WebCore/ChangeLog 2014-04-02 21:06:33 UTC (rev 166665)
@@ -1,3 +1,33 @@
+2014-04-02 Daniel Bates <[email protected]>
+
+ Remove Settings::maximumDecodedImageSize()
+ https://bugs.webkit.org/show_bug.cgi?id=131057
+ <rdar://problem/15626368>
+
+ Reviewed by Darin Adler.
+
+ The setting Settings::maximumDecodedImageSize() and its related logic have various
+ shortcomings, including the inability to cancel an image load when the estimated
+ decoded image size exceeds the maximum decoded image size. In the iOS port, this
+ setting is less useful given image subsampling support. For now, we remove this
+ setting and its related logic. Should it turn out that such a setting is useful
+ then we can implement it again taking care to address the shortcomings in the
+ original design.
+
+ * html/HTMLCanvasElement.cpp: For the iOS port, define MaxCanvasArea to be 4580 * 1145
+ pixels such that the maximum size of the image buffer is 20 MB (assumes 4 bytes per pixel).
+ (WebCore::HTMLCanvasElement::HTMLCanvasElement):
+ (WebCore::HTMLCanvasElement::createImageBuffer):
+ * html/HTMLCanvasElement.h:
+ * html/canvas/CanvasRenderingContext2D.cpp:
+ (WebCore::CanvasRenderingContext2D::createImageData):
+ (WebCore::CanvasRenderingContext2D::getImageData):
+ * loader/cache/CachedImage.cpp:
+ (WebCore::CachedImage::addIncrementalDataBuffer):
+ (WebCore::CachedImage::finishLoading):
+ * loader/cache/CachedImage.h:
+ * page/Settings.in:
+
2014-04-02 Martin Hock <[email protected]>
Unify private browsing with sessions.
Modified: trunk/Source/WebCore/html/HTMLCanvasElement.cpp (166664 => 166665)
--- trunk/Source/WebCore/html/HTMLCanvasElement.cpp 2014-04-02 21:02:22 UTC (rev 166664)
+++ trunk/Source/WebCore/html/HTMLCanvasElement.cpp 2014-04-02 21:06:33 UTC (rev 166665)
@@ -67,9 +67,11 @@
// Firefox limits width/height to 32767 pixels, but slows down dramatically before it
// reaches that limit. We limit by area instead, giving us larger maximum dimensions,
-// in exchange for a smaller maximum canvas size.
-#if !PLATFORM(IOS)
-static const float MaxCanvasArea = 32768 * 8192; // Maximum canvas area in CSS pixels
+// in exchange for a smaller maximum canvas size. The maximum canvas size is in CSS pixels.
+#if PLATFORM(IOS)
+static const float MaxCanvasArea = 4580 * 1145; // 20 MB assuming 4 bytes per pixel
+#else
+static const float MaxCanvasArea = 32768 * 8192;
#endif
HTMLCanvasElement::HTMLCanvasElement(const QualifiedName& tagName, Document& document)
@@ -79,10 +81,6 @@
, m_ignoreReset(false)
, m_deviceScaleFactor(targetDeviceScaleFactor())
, m_originClean(true)
-#if PLATFORM(IOS)
- // FIXME: We should look to reconcile usage of MaxCanvasArea and m_maximumDecodedImageSize.
- , m_maximumDecodedImageSize(document.settings() ? document.settings()->maximumDecodedImageSize() : 0)
-#endif
, m_hasCreatedImageBuffer(false)
, m_didClearImageBuffer(false)
{
@@ -574,13 +572,8 @@
if (!deviceSize.isExpressibleAsIntSize())
return;
-#if PLATFORM(IOS)
- if (deviceSize.width() * deviceSize.height() * 4 > m_maximumDecodedImageSize)
- return;
-#else
if (deviceSize.width() * deviceSize.height() > MaxCanvasArea)
return;
-#endif
IntSize bufferSize(deviceSize.width(), deviceSize.height());
if (!bufferSize.width() || !bufferSize.height())
Modified: trunk/Source/WebCore/html/HTMLCanvasElement.h (166664 => 166665)
--- trunk/Source/WebCore/html/HTMLCanvasElement.h 2014-04-02 21:02:22 UTC (rev 166664)
+++ trunk/Source/WebCore/html/HTMLCanvasElement.h 2014-04-02 21:06:33 UTC (rev 166665)
@@ -128,12 +128,6 @@
void setOriginTainted() { m_originClean = false; }
bool originClean() const { return m_originClean; }
-#if PLATFORM(IOS)
- // FIXME: Can we use unsigned data types, unsigned or size_t?
- void setMaximumDecodedImageSize(float maximumDecodedImageSize) { m_maximumDecodedImageSize = maximumDecodedImageSize; }
- float maximumDecodedImageSize() { return m_maximumDecodedImageSize; }
-#endif
-
AffineTransform baseTransform() const;
void makeRenderingResultsAvailable();
@@ -182,11 +176,6 @@
float m_deviceScaleFactor;
bool m_originClean;
-#if PLATFORM(IOS)
- // FIXME: Can we use a unsigned data type, unsigned or size_t?
- float m_maximumDecodedImageSize;
-#endif
-
// m_createdImageBuffer means we tried to malloc the buffer. We didn't necessarily get it.
mutable bool m_hasCreatedImageBuffer;
mutable bool m_didClearImageBuffer;
Modified: trunk/Source/WebCore/html/canvas/CanvasRenderingContext2D.cpp (166664 => 166665)
--- trunk/Source/WebCore/html/canvas/CanvasRenderingContext2D.cpp 2014-04-02 21:02:22 UTC (rev 166664)
+++ trunk/Source/WebCore/html/canvas/CanvasRenderingContext2D.cpp 2014-04-02 21:06:33 UTC (rev 166665)
@@ -1857,15 +1857,6 @@
return 0;
}
-#if PLATFORM(IOS)
- // If the canvas element was created before Document had a Frame,
- // then no maximumDecodedImageSize was set.
- if (!canvas()->maximumDecodedImageSize()) {
- if (Settings* settings = canvas()->document().settings())
- canvas()->setMaximumDecodedImageSize(settings->maximumDecodedImageSize());
- }
-#endif
-
FloatSize logicalSize(fabs(sw), fabs(sh));
if (!logicalSize.isExpressibleAsIntSize())
return 0;
@@ -1916,15 +1907,6 @@
sh = -sh;
}
-#if PLATFORM(IOS)
- // If the canvas element was created before Document had a Frame,
- // then no maximumDecodedImageSize was set.
- if (!canvas()->maximumDecodedImageSize()) {
- if (Settings* settings = canvas()->document().settings())
- canvas()->setMaximumDecodedImageSize(settings->maximumDecodedImageSize());
- }
-#endif
-
FloatRect logicalRect(sx, sy, sw, sh);
if (logicalRect.width() < 1)
logicalRect.setWidth(1);
Modified: trunk/Source/WebCore/loader/cache/CachedImage.cpp (166664 => 166665)
--- trunk/Source/WebCore/loader/cache/CachedImage.cpp 2014-04-02 21:02:22 UTC (rev 166664)
+++ trunk/Source/WebCore/loader/cache/CachedImage.cpp 2014-04-02 21:06:33 UTC (rev 166665)
@@ -381,18 +381,6 @@
m_image.clear();
}
-bool CachedImage::canBeDrawn() const
-{
- if (!m_image || m_image->isNull())
- return false;
-
- if (!m_loader || m_loader->reachedTerminalState())
- return true;
-
- size_t estimatedDecodedImageSize = m_image->width() * m_image->height() * 4; // no overflow check
- return estimatedDecodedImageSize <= m_loader->frameLoader()->frame().settings().maximumDecodedImageSize();
-}
-
void CachedImage::addIncrementalDataBuffer(ResourceBuffer* data)
{
m_data = data;
@@ -408,8 +396,8 @@
if (!sizeAvailable)
return;
- if (!canBeDrawn()) {
- // There's no image to draw or its decoded size is bigger than the maximum allowed.
+ if (m_image->isNull()) {
+ // Image decoding failed. Either we need more image data or the image data is malformed.
error(errorOccurred() ? status() : DecodeError);
if (inCache())
memoryCache()->remove(this);
@@ -447,8 +435,8 @@
if (m_image)
m_image->setData(m_data->sharedBuffer(), true);
- if (!canBeDrawn()) {
- // There's no image to draw or its decoded size is bigger than the maximum allowed.
+ if (!m_image || m_image->isNull()) {
+ // Image decoding failed; the image data is malformed.
error(errorOccurred() ? status() : DecodeError);
if (inCache())
memoryCache()->remove(this);
Modified: trunk/Source/WebCore/loader/cache/CachedImage.h (166664 => 166665)
--- trunk/Source/WebCore/loader/cache/CachedImage.h 2014-04-02 21:02:22 UTC (rev 166664)
+++ trunk/Source/WebCore/loader/cache/CachedImage.h 2014-04-02 21:06:33 UTC (rev 166665)
@@ -99,7 +99,6 @@
void createImage();
void clearImage();
- bool canBeDrawn() const;
// If not null, changeRect is the changed part of the image.
void notifyObservers(const IntRect* changeRect = 0);
virtual PurgePriority purgePriority() const override { return PurgeFirst; }
Modified: trunk/Source/WebCore/page/Settings.in (166664 => 166665)
--- trunk/Source/WebCore/page/Settings.in 2014-04-02 21:02:22 UTC (rev 166664)
+++ trunk/Source/WebCore/page/Settings.in 2014-04-02 21:06:33 UTC (rev 166665)
@@ -25,7 +25,6 @@
minimumAccelerated2dCanvasSize type=int, initial=257*256
layoutFallbackWidth type=int, initial=980
-maximumDecodedImageSize type=size_t, initial=std::numeric_limits<size_t>::max()
deviceWidth type=int, initial=0
deviceHeight type=int, initial=0
Modified: trunk/Source/WebKit/mac/ChangeLog (166664 => 166665)
--- trunk/Source/WebKit/mac/ChangeLog 2014-04-02 21:02:22 UTC (rev 166664)
+++ trunk/Source/WebKit/mac/ChangeLog 2014-04-02 21:06:33 UTC (rev 166665)
@@ -1,3 +1,21 @@
+2014-04-02 Daniel Bates <[email protected]>
+
+ Remove Settings::maximumDecodedImageSize()
+ https://bugs.webkit.org/show_bug.cgi?id=131057
+ <rdar://problem/15626368>
+
+ Reviewed by Darin Adler.
+
+ Remove preferences key WebKitMaximumImageSize.
+
+ * WebView/WebPreferenceKeysPrivate.h:
+ * WebView/WebPreferences.mm:
+ (+[WebPreferences initialize]):
+ (-[WebPreferences _maximumImageSize:]): Deleted.
+ * WebView/WebPreferencesPrivate.h:
+ * WebView/WebView.mm:
+ (-[WebView _preferencesChanged:]):
+
2014-04-02 Martin Hock <[email protected]>
Unify private browsing with sessions.
Modified: trunk/Source/WebKit/mac/WebView/WebPreferenceKeysPrivate.h (166664 => 166665)
--- trunk/Source/WebKit/mac/WebView/WebPreferenceKeysPrivate.h 2014-04-02 21:02:22 UTC (rev 166664)
+++ trunk/Source/WebKit/mac/WebView/WebPreferenceKeysPrivate.h 2014-04-02 21:06:33 UTC (rev 166665)
@@ -180,7 +180,6 @@
#define WebKitMinimumZoomFontSizePreferenceKey @"WebKitMinimumZoomFontSizePreferenceKey"
#if TARGET_OS_IPHONE
-#define WebKitMaximumImageSizePreferenceKey @"WebKitMaximumImageSize"
#define WebKitStandalonePreferenceKey @"WebKitStandalonePreferenceKey"
#define WebKitTelephoneParsingEnabledPreferenceKey @"WebKitTelephoneParsingEnabledPreferenceKey"
#define WebKitAlwaysUseBaselineOfPrimaryFontPreferenceKey @"WebKitAlwaysUseBaselineOfPrimaryFontPreferenceKey"
Modified: trunk/Source/WebKit/mac/WebView/WebPreferences.mm (166664 => 166665)
--- trunk/Source/WebKit/mac/WebView/WebPreferences.mm 2014-04-02 21:02:22 UTC (rev 166664)
+++ trunk/Source/WebKit/mac/WebView/WebPreferences.mm 2014-04-02 21:06:33 UTC (rev 166665)
@@ -394,9 +394,6 @@
WTF::initializeMainThreadToProcessMainThread();
RunLoop::initializeMainRunLoop();
#endif
-#if PLATFORM(IOS)
- static unsigned defaultMaximumImageSize = 20 * 1024 * 1024;
-#endif
NSDictionary *dict = [NSDictionary dictionaryWithObjectsAndKeys:
@"Times", WebKitStandardFontPreferenceKey,
@@ -557,7 +554,6 @@
[NSNumber numberWithBool:NO], WebKitPlugInSnapshottingEnabledPreferenceKey,
#if PLATFORM(IOS)
- [NSNumber numberWithUnsignedInt:defaultMaximumImageSize], WebKitMaximumImageSizePreferenceKey,
[NSNumber numberWithBool:NO], WebKitTelephoneParsingEnabledPreferenceKey,
[NSNumber numberWithInt:-1], WebKitLayoutIntervalPreferenceKey,
[NSNumber numberWithFloat:-1.0f], WebKitMaxParseDurationPreferenceKey,
@@ -1405,11 +1401,6 @@
}
#if PLATFORM(IOS)
-- (size_t)_maximumImageSize
-{
- return [[NSUserDefaults standardUserDefaults] integerForKey:WebKitMaximumImageSizePreferenceKey];
-}
-
- (BOOL)_standalone
{
return [self _boolValueForKey:WebKitStandalonePreferenceKey];
Modified: trunk/Source/WebKit/mac/WebView/WebPreferencesPrivate.h (166664 => 166665)
--- trunk/Source/WebKit/mac/WebView/WebPreferencesPrivate.h 2014-04-02 21:02:22 UTC (rev 166664)
+++ trunk/Source/WebKit/mac/WebView/WebPreferencesPrivate.h 2014-04-02 21:06:33 UTC (rev 166665)
@@ -292,7 +292,6 @@
// Other private methods
#if TARGET_OS_IPHONE
-- (size_t)_maximumImageSize;
- (BOOL)_standalone;
- (void)_setStandalone:(BOOL)flag;
- (void)_setTelephoneNumberParsingEnabled:(BOOL)flag;
Modified: trunk/Source/WebKit/mac/WebView/WebView.mm (166664 => 166665)
--- trunk/Source/WebKit/mac/WebView/WebView.mm 2014-04-02 21:02:22 UTC (rev 166664)
+++ trunk/Source/WebKit/mac/WebView/WebView.mm 2014-04-02 21:06:33 UTC (rev 166665)
@@ -2288,7 +2288,6 @@
#else
// iOS-specific settings
settings.setStandalone([preferences _standalone]);
- settings.setMaximumDecodedImageSize([preferences _maximumImageSize]);
settings.setTelephoneNumberParsingEnabled([preferences _telephoneNumberParsingEnabled]);
settings.setAlwaysUseBaselineOfPrimaryFont([preferences _alwaysUseBaselineOfPrimaryFont]);
settings.setAllowMultiElementImplicitSubmission([preferences _allowMultiElementImplicitFormSubmission]);
