Timeline



Jun 18, 2007:

9:56 PM Changeset in webkit [23582] by kdecker
  • 2 edits in trunk/WebKit

Reviewed by Kevin Decker


  • Carbon/HIWebView.m: (WindowHandler): HIObjectIsOfClass requires non-NULL input on Tiger. Reworked Kevin Decker's patch to remove the conditional compilation for Tiger, yet still avoid crashing BBEdit.
7:12 PM Changeset in webkit [23581] by weinig
  • 2 edits in trunk/WebCore

Qt build fix.

  • platform/qt/PlatformScreenQt.cpp: (WebCore::screenDepth): (WebCore::screenDepthPerComponent): (WebCore::screenIsMonochrome): (WebCore::screenRect): (WebCore::screenAvailableRect):
7:05 PM Changeset in webkit [23580] by andersca
  • 2 edits in branches/Safari-2-0-branch/WebCore

Reviewed by Kevin McCullough.

Merged fix from TOT to Safari-2-0-branch


2007-06-05 Anders Carlsson <andersca@apple.com>

Reviewed by Geoff.

<rdar://problem/5245555> REGRESSION: HTTP header injection in XMLHttpRequest.setRequestHeader
<rdar://problem/5246208> HTTP injection in XMLHttpRequest.open method parameter
<rdar://problem/5246242> HTTP header injection in HXMLHttpRequest.setRequestHeader header parameter

Check method names, header names and header values and throw exceptions if any of them are
invalid. This is what the new XMLHttpRequest spec states that we should do.

  • khtml/ecma/xmlhttprequest.cpp: (KJS::isValidToken): (KJS::isValidHeaderValue): (KJS::XMLHttpRequestProtoFunc::tryCall):
7:03 PM Changeset in webkit [23579] by weinig
  • 10 edits in trunk

WebCore:

Reviewed by Beth.

Fix build and update licenses.

  • WebCore.xcodeproj/project.pbxproj:
  • page/BarInfo.cpp:
  • page/BarInfo.h:
  • page/BarInfo.idl:
  • page/Screen.cpp: (WebCore::Screen::height): (WebCore::Screen::width): (WebCore::Screen::colorDepth): (WebCore::Screen::pixelDepth): (WebCore::Screen::availLeft): (WebCore::Screen::availTop): (WebCore::Screen::availHeight): (WebCore::Screen::availWidth):
  • page/Screen.h:
  • page/Screen.idl:

WebKit:

Reviewed by Beth.

Build fix.

  • WebCoreSupport/WebChromeClient.mm:
6:30 PM Changeset in webkit [23578] by kdecker
  • 2 edits in trunk/WebKit

2007-06-18 Kevin Decker <kdecker@apple.com>

  • Carbon/HIWebView.m: (WindowHandler): Fixed the Tiger build; ControlKind wasn't defined.
6:14 PM Changeset in webkit [23577] by andersca
  • 6 edits in trunk

LayoutTests:

Reviewed by John Sullivan.

Update result, we shouldn't call didFinishLoadForFrame if the URL isn't valid.


  • http/tests/loading/bad-scheme-subframe-expected.txt:

WebCore:

Reviewed by John Sullivan.

<rdar://problem/5277008> Assertion in [LocationChangeHandler finishedLoadingFrame:]


Don't send any frame load callbacks if the document load hasn't been
committed for real.


  • loader/FrameLoader.cpp: (WebCore::FrameLoader::checkLoadCompleteForThisFrame):

WebKitTools:

Reviewed by John Sullivan.

Assert that the frame has a dataSource.


  • DumpRenderTree/FrameLoadDelegate.m: (-[FrameLoadDelegate webView:didFinishLoadForFrame:]):
5:08 PM Changeset in webkit [23576] by weinig
  • 18 edits
    4 moves
    4 adds in trunk

LayoutTests:

Reviewed by Geoff.

Updates tests for http://bugs.webkit.org/show_bug.cgi?id=14193
Move the Screen object out of the JS bindings

  • fast/dom/Window/window-appendages-cleared-expected.txt:
  • fast/dom/Window/window-properties-expected.txt:

WebCore:

Reviewed by Geoff.

Patch for http://bugs.webkit.org/show_bug.cgi?id=14193
Move the Screen object out of the JS bindings

  • Renames Screen.h to PlatformScreen.h to accommodate new class.
  • Autogenerates JSScreen.
  • DerivedSources.make:
  • WebCore.pro:
  • WebCore.vcproj/WebCore.vcproj:
  • WebCore.xcodeproj/project.pbxproj:
  • bindings/js/kjs_window.cpp: (KJS::WindowPrivate::WindowPrivate): (KJS::Window::mark): (KJS::Window::getValueProperty): (KJS::Window::clearHelperObjectProperties):
  • bindings/js/kjs_window.h: (KJS::Window::):
  • css/MediaQueryEvaluator.cpp:
  • page/DOMWindow.cpp: (WebCore::DOMWindow::DOMWindow): (WebCore::DOMWindow::~DOMWindow): (WebCore::DOMWindow::frame): (WebCore::DOMWindow::disconnectFrame): (WebCore::DOMWindow::screen):
  • page/DOMWindow.h:
  • page/DOMWindow.idl:
  • page/Screen.cpp: Added. (WebCore::Screen::Screen): (WebCore::Screen::disconnectFrame): (WebCore::Screen::height): (WebCore::Screen::width): (WebCore::Screen::colorDepth): (WebCore::Screen::pixelDepth): (WebCore::Screen::availLeft): (WebCore::Screen::availTop): (WebCore::Screen::availHeight): (WebCore::Screen::availWidth):
  • page/Screen.h: Added.
  • page/Screen.idl: Added.
  • page/mac/WebCoreFrameBridge.mm:
  • platform/PlatformScreen.h: Copied from WebCore/platform/Screen.h.
  • platform/Screen.h: Removed.
  • platform/gdk/PlatformScreenGdk.cpp: Copied from WebCore/platform/gdk/ScreenGdk.cpp.
  • platform/gdk/ScreenGdk.cpp: Removed.
  • platform/mac/PlatformMouseEventMac.mm:
  • platform/mac/PlatformScreenMac.mm: Copied from WebCore/platform/mac/ScreenMac.mm.
  • platform/mac/ScreenMac.mm: Removed.
  • platform/qt/PlatformScreenQt.cpp: Added. (WebCore::WebCore::screenDepth): (WebCore::WebCore::screenDepthPerComponent): (WebCore::WebCore::screenIsMonochrome): (WebCore::WebCore::screenRect): (WebCore::WebCore::screenAvailableRect):
  • platform/qt/TemporaryLinkStubs.cpp:
  • platform/win/PlatformScreenWin.cpp: Copied from WebCore/platform/win/ScreenWin.cpp.
  • platform/win/ScreenWin.cpp: Removed.
  • rendering/RenderObject.cpp:
5:06 PM Changeset in webkit [23575] by thatcher
  • 2 edits in branches/Safari-522/WebKit

Merge r23574.

5:01 PM Changeset in webkit [23574] by kdecker
  • 2 edits in trunk/WebKit

Reviewed by Tim Hatcher.

Fixed: <rdar://problem/5276135> With Safari 3 Tiger Beta installed, a crash occurs in BBEdit while mousing down and dragging outside of HTML preview window

  • Carbon/HIWebView.m: (WindowHandler): Because the fix for 5051616 causes Tiger to crash in HIToolbox (but not on Leopard), I reverted back to using GetControlKind on Tiger only, instead of HIObjectIsOfClass.
4:04 PM Changeset in webkit [23573] by weinig
  • 10 edits
    3 adds in trunk/WebCore

Reviewed by Geoff.

Patch for http://bugs.webkit.org/show_bug.cgi?id=14211
Move the BarInfo object out of the JS bindings

  • DerivedSources.make:
  • WebCore.pro:
  • WebCore.vcproj/WebCore.vcproj:
  • WebCore.xcodeproj/project.pbxproj:
  • bindings/js/kjs_window.cpp: (KJS::WindowPrivate::WindowPrivate): (KJS::Window::mark): (KJS::Window::getValueProperty): (KJS::Window::clearHelperObjectProperties): (KJS::Window::disconnectFrame):
  • bindings/js/kjs_window.h: (KJS::Window::):
  • page/BarInfo.cpp: Added. (WebCore::BarInfo::BarInfo): (WebCore::BarInfo::disconnectFrame): (WebCore::BarInfo::visible):
  • page/BarInfo.h: Added. (WebCore::BarInfo::):
  • page/BarInfo.idl: Added.
  • page/DOMWindow.cpp: (WebCore::DOMWindow::~DOMWindow): (WebCore::DOMWindow::disconnectFrame): (WebCore::DOMWindow::locationbar): (WebCore::DOMWindow::menubar): (WebCore::DOMWindow::personalbar): (WebCore::DOMWindow::scrollbars): (WebCore::DOMWindow::statusbar): (WebCore::DOMWindow::toolbar):
  • page/DOMWindow.h:
  • page/DOMWindow.idl:
3:52 PM Changeset in webkit [23572] by thatcher
  • 4 edits
    4 copies in branches/Safari-522

Merge r21602.

3:45 PM Changeset in webkit [23571] by thatcher
  • 5 edits in branches/Safari-522

Merge r21529.

3:04 PM Changeset in webkit [23570] by staikos
  • 2 edits in trunk/WebKitTools

Reflect the library name change for WebKitQt in the perl scripts. Patch from
Adam Treat

1:11 PM Changeset in webkit [23569] by hyatt
  • 2 edits in trunk/WebKit/win

Groundwork for Ctrl+Enter URL bar support.

10:27 AM Changeset in webkit [23568] by andersca
  • 7 edits in branches/Safari-522

Merge 21104, 21254 and 21776.

10:15 AM Changeset in webkit [23567] by weinig
  • 10 edits in trunk

LayoutTests:

Reviewed by Darin.

Update tests now that window.frames points to window and not FrameArray
(which has been removed).

  • fast/dom/Window/resources/window-appendages-cleared-results.html:
  • fast/dom/Window/window-appendages-cleared-expected.txt:
  • fast/dom/Window/window-appendages-cleared.html:
  • fast/dom/Window/window-properties-expected.txt:
  • fast/js/toString-and-valueOf-override-expected.txt:
  • fast/js/toString-and-valueOf-override.html:

WebCore:

Reviewed by Darin.

Remove the FrameArray class and instead make window.frames another
self-reference for window (like window.window, window.self, etc).
This is what Firefox and what the HTML5 dictates.

  • bindings/js/kjs_window.cpp: (KJS::WindowPrivate::WindowPrivate): (KJS::Window::mark): (KJS::Window::getValueProperty): (KJS::Window::clearHelperObjectProperties): (KJS::Window::disconnectFrame):
  • bindings/js/kjs_window.h:
9:58 AM Changeset in webkit [23566] by bdash
  • 3 edits in trunk/WebKitTools

2007-06-18 Jake Helfert <jake@jakeonthenet.com>

Reviewed by Adam.

  • Spinneret/Spinneret/Spinneret.cpp: (_tWinMain):

-Changed IWebViewExt to IWebViewPrivate
-Changed Co[Un]initialize to Ole[Un]initialize because WebKit now calls

the WIN32 function RegisterDragDrop which requires the Ole* calls.

  • Spinneret/Spinneret/Spinneret.h: (SpinneretWebHost::didReceiveIcon): Updated method signature. (SpinneretWebHost::willPerformClientRedirectToURL): Updated method signature. (SpinneretWebHost::windowScriptObjectAvailable): Updated method signature.
9:55 AM Changeset in webkit [23565] by bdash
  • 3 edits
    2 adds in trunk

2007-06-18 Mitz Pettel <mitz@webkit.org>

Reviewed by Adele.

Test: fast/forms/input-zero-height-focus.html

  • rendering/RenderTextControl.cpp: (WebCore::RenderTextControl::setSelectionRange): Avoid setting the selection in a zero-height text control.

2007-06-18 Mitz Pettel <mitz@webkit.org>

Reviewed by Adele.

  • fast/forms/input-zero-height-focus-expected.txt: Added.
  • fast/forms/input-zero-height-focus.html: Added.
9:49 AM Changeset in webkit [23564] by bdash
  • 3 edits
    1 add in trunk/WebCore

2007-06-18 Alp Toker <alp.toker@collabora.co.uk>

Reviewed by Sam Weinig.

http://bugs.webkit.org/show_bug.cgi?id=14052
Implement SoundGdk

  • WebCore.pro:
  • platform/gdk/SoundGdk.cpp: Added. (WebCore::systemBeep):
  • platform/gdk/TemporaryLinkStubs.cpp: (WebCore::systemBeep):
12:16 AM Changeset in webkit [23563] by hyatt
  • 3 edits in trunk/WebKit/win

Add support for horizontal mouse wheeling (WebKit part).

12:14 AM Changeset in webkit [23562] by hyatt
  • 3 edits in trunk/WebCore

Add support for horizontal mouse wheeling (WebCore part).

Jun 17, 2007:

11:40 PM Changeset in webkit [23561] by hyatt
  • 2 edits in trunk/WebKit/win

Add support for Ctrl+Mouse Wheel to do text zooming on Win32.

1:20 PM Changeset in webkit [23560] by weinig
  • 2 edits in trunk/WebCore

Win32 build fix.

  • WebCore.vcproj/WebCore.vcproj:

Jun 16, 2007:

10:51 PM Changeset in webkit [23559] by hyatt
  • 4 edits in trunk/WebKit

Back out fix for 13972. Quicktime will no longer clip correctly. :(
Too many regressions in Mail caused by inserting an extra view into the
hierarchy. Can revisit later.

Reviewed by olliej

  • Plugins/WebPluginController.mm: (-[WebPluginController destroyPlugin:]): (-[WebPluginController destroyAllPlugins]):
  • WebCoreSupport/WebFrameBridge.mm: (-[WebFrameBridge pluginViewWithPackage:attributeNames:attributeValues:baseURL:DOMElement:loadManually:]):
  • WebView/WebHTMLView.mm: (-[WebHTMLView addSubview:]): (-[WebHTMLView willRemoveSubview:]):

Jun 15, 2007:

8:14 PM Changeset in webkit [23558] by hyatt
  • 4 edits in trunk/WebCore

Fix for bugzilla bugs 14183 and 14184, 'repeat' regressed in border-image
because of a botched 'round' support removal. Also update for a change in
the spec that has the second stretch/round/repeat keyword match the first
if omitted.


Reviewed by olliej

  • css/cssparser.cpp: (WebCore::BorderImageParseContext::commitBorderImage):
  • platform/graphics/Image.cpp: (WebCore::Image::drawTiled):
  • platform/graphics/Image.h: (WebCore::Image::):
6:47 PM Changeset in webkit [23557] by weinig
  • 22 edits
    1 move in trunk

LayoutTests:

Reviewed by Darin.

Update test for http://bugs.webkit.org/show_bug.cgi?id=14053
Autogenerate JS binding for Rect

  • fast/dom/Window/window-properties-expected.txt:

WebCore:

Reviewed by Darin.

Patch for http://bugs.webkit.org/show_bug.cgi?id=14053
Autogenerate JS binding for Rect

  • Renames RectImpl to Rect, DOMStyleSheetList to JSStyleSheetList and DOMRGBColor to JSRGBColor
  • Moves JSStyleSheetList and JSRGBColor into the WebCore namespace.
  • DerivedSources.make:
  • WebCore.pro:
  • WebCore.xcodeproj/project.pbxproj:
  • bindings/js/kjs_css.cpp: (WebCore::): (WebCore::JSStyleSheetList::JSStyleSheetList): (WebCore::JSStyleSheetList::~JSStyleSheetList): (WebCore::JSStyleSheetList::getValueProperty): (WebCore::JSStyleSheetList::indexGetter): (WebCore::JSStyleSheetList::nameGetter): (WebCore::JSStyleSheetList::getOwnPropertySlot): (WebCore::toJS): (WebCore::JSStyleSheetListFunc::callAsFunction): (WebCore::JSRGBColor::JSRGBColor): (WebCore::JSRGBColor::~JSRGBColor): (WebCore::JSRGBColor::getOwnPropertySlot): (WebCore::JSRGBColor::getValueProperty): (WebCore::getJSRGBColor):
  • bindings/js/kjs_css.h: (WebCore::JSStyleSheetList::classInfo): (WebCore::JSStyleSheetList::): (WebCore::JSStyleSheetList::impl): (WebCore::JSRGBColor::classInfo): (WebCore::JSRGBColor::): (WebCore::JSRGBColor::impl):
  • bindings/objc/DOMUtility.mm: (KJS::createDOMWrapper):
  • bindings/scripts/CodeGeneratorJS.pm:
  • bindings/scripts/CodeGeneratorObjC.pm:
  • css/CSSBorderImageValue.cpp: (WebCore::CSSBorderImageValue::CSSBorderImageValue):
  • css/CSSBorderImageValue.h:
  • css/CSSPrimitiveValue.cpp: (WebCore::CSSPrimitiveValue::CSSPrimitiveValue): (WebCore::CSSPrimitiveValue::cssText):
  • css/CSSPrimitiveValue.h: (WebCore::CSSPrimitiveValue::getRectValue): (WebCore::CSSPrimitiveValue::):
  • css/DashboardRegion.h:
  • css/Rect.h: Copied from css/RectImpl.h. (WebCore::Rect::~Rect): (WebCore::Rect::top): (WebCore::Rect::right): (WebCore::Rect::bottom): (WebCore::Rect::left): (WebCore::Rect::setTop): (WebCore::Rect::setRight): (WebCore::Rect::setBottom): (WebCore::Rect::setLeft):
  • css/Rect.idl:
  • css/RectImpl.h: Removed.
  • css/cssparser.cpp: (WebCore::CSSParser::parseShape): (WebCore::BorderImageParseContext::commitBorderImage):
  • css/cssstyleselector.cpp: (WebCore::CSSStyleSelector::applyProperty):
  • page/DOMWindow.idl:

WebKit:

Reviewed by Darin.

Patch for http://bugs.webkit.org/show_bug.cgi?id=14053
Autogenerate JS binding for Rect

  • Fix conflicts by using ::Rect instead of Rect.
  • Plugins/WebBaseNetscapePluginView.mm: (-[WebBaseNetscapePluginView saveAndSetNewPortStateForUpdate:]): (-[WebBaseNetscapePluginView sendEvent:]): (-[WebBaseNetscapePluginView tellQuickTimeToChill]): (-[WebBaseNetscapePluginView invalidateRegion:]): (-[WebBaseNetscapePluginView _printedPluginBitmap]):
5:53 PM Changeset in webkit [23556] by kevino
  • 1 edit in branches/wx-port-alpha/trunk/WebKitTools/Scripts/build-wxwebkit

Allow users to specify whether they're using a debug or wxPython build of wx.

5:29 PM Changeset in webkit [23555] by kevino
  • 5 edits in branches/wx-port-alpha/trunk

Fix for cases where the wxpresets don't define WX_PYTHON, and only have the webcore and jscore templates include flags. (these are not linked to directly by wx clients)

4:21 PM Changeset in webkit [23554] by zimmermann
  • 19 edits
    9 adds in branches/feature-branch

Reviewed by Eric.

Fixes: http://bugs.webkit.org/show_bug.cgi?id=14015 (SVGTransformList::initialize() has no effect)

Fix SVGTransformList usage in SVG DOM exposed to JS.
This also fixes SVG space invaders including most repainting issues. (still some unrelated ones left)

This is basically the _same_ fix applied to SVGPointList some months ago. We just forgot
to add JSSVGTransformListCustom when switching from SVGTransform* -> SVGTransform (POD type).

3:07 PM Changeset in webkit [23553] by andersca
  • 2 edits in trunk/WebKit

Reviewed by Kevin.

A better fix for <rdar://problem/5271774>. Only try to access the element if the
view has an associated window. This also works with GC. (Fix suggested by Kevin.)

  • Plugins/WebKitPluginContainerView.mm: (-[WebKitPluginContainerView dealloc]): (-[WebKitPluginContainerView visibleRect]):
2:17 PM Changeset in webkit [23552] by andersca
  • 2 edits in trunk/WebKit

Reviewed by Kevin.

<rdar://problem/5271774> REGRESSION: A crash occurs when closing a window that contains a QT movie


In some cases, calling [super dealloc] might end up calling visibleRect, so make sure to
set _element to 0 so we won't send a message to a freed object and crash.


  • Plugins/WebKitPluginContainerView.mm: (-[WebKitPluginContainerView dealloc]): (-[WebKitPluginContainerView visibleRect]):
12:21 PM Changeset in webkit [23551] by zimmermann
  • 4 edits
    4 adds in branches/feature-branch

Reviewed by Eric.
Fixes: http://bugs.webkit.org/show_bug.cgi?id=14155

JSSVGMatrix was not working properly.
"matrix.translate(10, 10)" actually altered 'matrix' instead of returning a
new SVGMatrix object, as described in SVG 1.1 specification.

10:32 AM Changeset in webkit [23550] by spadma
  • 2 edits in S60/trunk/WebKit

vbradley, reviewed by Sachin

DESC: EYLG-6ZVCLT - Chinese candidate and autofill boxes overlap
http://bugs.webkit.org/show_bug.cgi?id=13925

  • BrowserView/src/WebKitControl.cpp: (CStaticObjectContainer::FormDataManagerHandlerL):
10:27 AM Changeset in webkit [23549] by spadma
  • 2 edits in S60/branches/3.1m/WebKit

2007-06-14 Mahesh Kulkarni <mahesh.kulkarni@nokia.com>

Reviewed by Sachin Padma.
DESC: Plug-in request for execution of JavaScript through NpnGetUrl API not working
http://waplabdc.nokia-boston.com/browser/users/MaheshKK/geturl.html

  • WebKit\Plugin\PluginLoader.cpp: (CPluginLoader::LoadPluginContentL): Do not resolve URL when "javascript:" is in the URL


10:25 AM Changeset in webkit [23548] by spadma
  • 2 edits in S60/trunk/WebKit

007-06-14 Mahesh Kulkarni <mahesh.kulkarni@nokia.com>

Reviewed by Sachin Padma.
DESC: Plug-in request for execution of JavaScript through NpnGetUrl API not working
http://waplabdc.nokia-boston.com/browser/users/MaheshKK/geturl.html

  • WebKit\Plugin\PluginLoader.cpp: (CPluginLoader::LoadPluginContentL): Do not resolve URL when "javascript:" is in the URL
9:54 AM Changeset in webkit [23547] by eseidel
  • 2 edits in branches/feature-branch/WebCore

2007-06-15 Eric Seidel <eric@webkit.org>

Reviewed by Niko.

Fix the release build.

  • rendering/SVGRootInlineBox.cpp: (WebCore::applyTextAnchorToTextChunk):

Jun 14, 2007:

7:51 PM Changeset in webkit [23546] by staikos
  • 3 edits in trunk/WebKitQt

Add evaluateJavaScript() method

7:31 PM Changeset in webkit [23545] by staikos
  • 7 edits in trunk

Add quite a bit of keyboard handling in editing and non-editing mode for
QtWebKit, as well as some focus fixes.

6:41 PM Changeset in webkit [23544] by rwlbuis
  • 3 edits
    4 adds in branches/feature-branch

Reviewed by Eric.

http://bugs.webkit.org/show_bug.cgi?id=14051
<svg:image> fails to position correctly when <svg> is inside an inline <div>

Leave parent translation to the containers.

5:02 PM Changeset in webkit [23543] by zimmermann
  • 5 edits in branches/feature-branch/WebCore

Reviewed by Eric.
Fixes: http://bugs.webkit.org/show_bug.cgi?id=13963

Fix SVG space invaders. It actually highlighted a bad problem with our JSSVGPODTypeWrapper's.
Introduce a new "2nd-level cache" for all readwrite POD properties. Subsequent calls to ie.
myRect.x.baseVal.value don't create a new wrapper everytime, but are properly cached now.
This leads to a massive reduction in created wrappers.

4:50 PM Changeset in webkit [23542] by thatcher
  • 12 edits
    4 copies in branches/Safari-522

Merge r21212.

4:39 PM Changeset in webkit [23541] by thatcher
  • 2 edits in branches/Safari-522/WebCore

Merge r20855.

3:15 PM Changeset in webkit [23540] by andersca
  • 2 edits in trunk/JavaScriptCore

Fix Windows build.


  • bindings/runtime_object.cpp: (RuntimeObjectImp::canPut):
2:58 PM Changeset in webkit [23539] by hyatt
  • 3 edits in trunk/WebCore

Fix for missing text in non-English Windows installs.

2:43 PM Changeset in webkit [23538] by andersca
  • 14 edits
    2 adds in trunk

JavaScriptCore:

Reviewed by Darin.

<rdar://problem/5103077>
Crash at _NPN_ReleaseObject when quitting page at http://eshop.macsales.com/shop/ModBook


<rdar://problem/5183692>
http://bugs.webkit.org/show_bug.cgi?id=13547
REGRESSION: Crash in _NPN_ReleaseObject when closing Safari on nba.com (13547)


<rdar://problem/5261499>
CrashTracer: [USER] 75 crashes in Safari at com.apple.JavaScriptCore: KJS::Bindings::CInstance::~CInstance + 40


Have the root object track all live instances of RuntimeObjectImp. When invalidating
the root object, also invalidate all live runtime objects by zeroing out their instance ivar.
This prevents instances from outliving their plug-ins which lead to crashes.


  • bindings/c/c_utility.cpp: (KJS::Bindings::convertValueToNPVariant):
  • bindings/jni/jni_jsobject.cpp: (JavaJSObject::convertValueToJObject):
  • bindings/jni/jni_utility.cpp: (KJS::Bindings::convertValueToJValue):
  • bindings/objc/objc_runtime.mm: (ObjcFallbackObjectImp::callAsFunction):
  • bindings/runtime_array.cpp: (RuntimeArray::RuntimeArray):
  • bindings/runtime_array.h: (KJS::RuntimeArray::getConcreteArray):
  • bindings/runtime_method.cpp: (RuntimeMethod::callAsFunction):
  • bindings/runtime_method.h:
  • bindings/runtime_object.cpp: (RuntimeObjectImp::RuntimeObjectImp): (RuntimeObjectImp::~RuntimeObjectImp): (RuntimeObjectImp::invalidate): (RuntimeObjectImp::fallbackObjectGetter): (RuntimeObjectImp::fieldGetter): (RuntimeObjectImp::methodGetter): (RuntimeObjectImp::getOwnPropertySlot): (RuntimeObjectImp::put): (RuntimeObjectImp::canPut): (RuntimeObjectImp::defaultValue): (RuntimeObjectImp::implementsCall): (RuntimeObjectImp::callAsFunction): (RuntimeObjectImp::getPropertyNames): (RuntimeObjectImp::throwInvalidAccessError):
  • bindings/runtime_object.h:
  • bindings/runtime_root.cpp: (KJS::Bindings::RootObject::invalidate): (KJS::Bindings::RootObject::addRuntimeObject): (KJS::Bindings::RootObject::removeRuntimeObject):
  • bindings/runtime_root.h:

LayoutTests:

Reviewed by Darin.

Add test that manipulates plug-in script objects after the plug-in has been destroyed.


  • plugins/netscape-destroy-plugin-script-objects-expected.txt: Added.
  • plugins/netscape-destroy-plugin-script-objects.html: Added.
2:42 PM Changeset in webkit [23537] by weinig
  • 3 edits in trunk/WebKitTools

Reviewed by Brady.

Update set of files to download for cygwin to include
diffutils and regenerate the zip file. This should fix
an issue on vista where svn-create-patch doesn't work.

  • CygwinDownloader/cygwin-downloader.py:
  • CygwinDownloader/cygwin-downloader.zip:
2:08 PM Changeset in webkit [23536] by andersca
  • 4 edits in trunk/WebCore

Reviewed by Geoff.

Add Frame::cleanupScriptObjectsForPlugin which will invalidate the root object
for a given plug-in.

  • WebCore.exp:
  • page/Frame.cpp: (WebCore::Frame::cleanupScriptObjectsForPlugin):
  • page/Frame.h:
2:06 PM Changeset in webkit [23535] by andersca
  • 4 edits in trunk/WebKit

Reviewed by Geoff.

Call cleanupScriptObjectsForPlugin on the frame after destroying the plug-in.


  • Plugins/WebBaseNetscapePluginView.mm: (-[WebBaseNetscapePluginView _destroyPlugin]):
  • Plugins/WebPluginController.mm: (-[WebPluginController destroyPlugin:]): (-[WebPluginController destroyAllPlugins]):
1:02 PM Changeset in webkit [23534] by kdecker
  • 2 edits in branches/Safari-2-0-branch/WebKit

Reviewed by John and Darin and Anders!

Fixed: <rdar://problem/5269008> REGRESSION (Safari 3 Beta 1): Package Tracker widget fails (can't find localized strings due to bundle ID)

  • Misc.subproj/WebLocalizableStrings.m: The problem was that WebLocalizableStrings.m has the system WebKit bundle identifier, not WebKitForDashboard's bundle identifier. The code therefore couldn't find the localizable string "Recent searches", thus returned a nil string and therefore triggered an assertion failure in NSMenuItem. I fixed this by changing the bundle constant to "com.apple.WebKitForDashboard".
12:22 PM Changeset in webkit [23533] by eseidel
  • 4 edits in branches/feature-branch/WebCore

2007-06-14 Eric Seidel <eric@webkit.org>

Reviewed by Niko.

Text gradients are broken on feature branch
http://bugs.webkit.org/show_bug.cgi?id=14142

  • rendering/SVGRenderSupport.cpp: (WebCore::prepareToRenderSVGContent):
  • rendering/SVGRootInlineBox.cpp: (WebCore::prepareTextRendering): (WebCore::SVGRootInlineBox::paint): (WebCore::SVGRootInlineBox::paintInlineBoxes): (WebCore::SVGRootInlineBox::paintChildInlineTextBox): (WebCore::SVGRootInlineBox::paintChildInlineFlowBox):
  • rendering/SVGRootInlineBox.h:
12:16 PM Changeset in webkit [23532] by zimmermann
  • 2 edits in branches/feature-branch/WebCore

Reviewed by Sam.
Fixes: http://bugs.webkit.org/show_bug.cgi?id=11273

Implement pixelUnitToMillimeterX(), pixelUnitToMillimeterY() in SVGSVGElement.
Use cssPixelsPerInch, just like done in CSSPrimitiveValue & SVGLength.

11:43 AM Applications using WebKit edited by ruben@mailplaneapp.com
Added Mailplane (diff)
11:33 AM Changeset in webkit [23531] by bdash
  • 2 edits in trunk/WebKitTools

2007-06-14 Mark Rowe <mrowe@apple.com>

Update script to match new nightly.webkit.org infrastructure.

  • BuildSlaveSupport/build-launcher-dmg: Upload to the live web server, not the caching proxy. Let the server know it's a Mac build.
10:50 AM Changeset in webkit [23530] by rwlbuis
  • 3 edits
    4 adds in branches/feature-branch

Reviewed by Eric.

http://bugs.webkit.org/show_bug.cgi?id=9752
%-sizing of elements with a html parent is broken

Calculate width/height for length percentages when embedded in xhtml.

10:21 AM Changeset in webkit [23529] by andersca
  • 3 edits in trunk/WebCore

Reviewed by Geoff.

<rdar://problem/5211677>
-[WebPreferences setJavaEnabled:] only disables java inside <applet>, not <object>


  • loader/FrameLoader.cpp: (WebCore::FrameLoader::requestObject): If the object is a Java MIME type and Java is disabled, don't load the plug-in.


  • platform/MimeTypeRegistry.cpp: (WebCore::MimeTypeRegistry::isJavaAppletMIMEType): Clean this up and add another applet MIME type.
10:13 AM Changeset in webkit [23528] by staikos
  • 8 edits in trunk

Implement the javascript dialogs and file chooser dialog, along with some
cleanups.

9:47 AM Changeset in webkit [23527] by staikos
  • 2 edits in trunk/WebCore

Add missing null-init of pointer (will fix an upcoming crash)

9:13 AM Changeset in webkit [23526] by andersca
  • 5 edits in trunk

JavaScriptCore:

Reviewed by Mitz.

<rdar://problem/5244948>
Safari keeps on complaining about slow script playing NBC TV video (14133)

http://bugs.webkit.org/show_bug.cgi?id=14133
Runaway JavaScript timer fires when spinning around in Google Maps street view

Make sure to start and stop the timeout checker around calls to JS.


  • bindings/NP_jsobject.cpp: (_NPN_InvokeDefault): (_NPN_Invoke): (_NPN_Evaluate):
  • bindings/jni/jni_jsobject.cpp: (JavaJSObject::call): (JavaJSObject::eval):

WebCore:

Reviewed by Mitz.

<rdar://problem/5244948>
Safari keeps on complaining about slow script playing NBC TV video (14133)

http://bugs.webkit.org/show_bug.cgi?id=14133
Runaway JavaScript timer fires when spinning around in Google Maps street view

Make sure to start and stop the timeout checker around calls to JS.

  • bindings/objc/WebScriptObject.mm: (-[WebScriptObject callWebScriptMethod:withArguments:]): (-[WebScriptObject evaluateWebScript:]):
4:41 AM Changeset in webkit [23525] by hausmann
  • 2 edits in trunk/WebKitQt

Removed QWebHistoryItem::parent() as it is not implemented and WebCore's

HistoryItem itself doesn't seem to have a parent pointer either.

4:40 AM Changeset in webkit [23524] by hausmann
  • 3 edits in trunk/WebKitQt

Make it possible to copy QWebHistoryItem objects.

Note: See TracTimeline for information about the timeline view.