Updated WebKit from /home/shausman/src/webkit/trunk to origin/qtwebkit-4.5 ( bd7262be70c02564d655e4f2aaf79cd8302a937f )v4.5.2

Changes in WebKit since the last update: ++ b/JavaScriptCore/ChangeLog 2009-02-02 Darin Adler <darin@apple.com> Reviewed by Dave Hyatt. Bug 23676: Speed up uses of reserveCapacity on new vectors by adding a new reserveInitialCapacity https://bugs.webkit.org/show_bug.cgi?id=23676 * API/JSObjectRef.cpp: (JSObjectCopyPropertyNames): Use reserveInitialCapacity. * parser/Lexer.cpp: (JSC::Lexer::Lexer): Ditto. (JSC::Lexer::clear): Ditto. * wtf/Vector.h: Added reserveInitialCapacity, a more efficient version of reserveCapacity for use when the vector is brand new (still size 0 with no capacity other than the inline capacity). 2009-03-19 Geoffrey Garen <ggaren@apple.com> Reviewed by Oliver Hunt. Fixed <rdar://problem/6033712> -- a little bit of hardening in the Collector. SunSpider reports no change. I also verified in the disassembly that we end up with a single compare to constant. * runtime/Collector.cpp: (JSC::Heap::heapAllocate): ++ b/LayoutTests/ChangeLog 2009-05-21 Geoffrey Garen <ggaren@apple.com> Reviewed by Sam Weinig. Tests for <rdar://problem/6910832> | https://bugs.webkit.org/show_bug.cgi?id=25907 Incorrect URL returned to the DOM while the user drags a file * http/tests/local/drag-over-remote-content-expected.txt: Added. * http/tests/local/drag-over-remote-content.html: Added. * http/tests/security/drag-over-remote-content-iframe-expected.txt: Added. * http/tests/security/drag-over-remote-content-iframe.html: Added. 2009-04-14 Eric Carlson <eric.carlson@apple.com> Reviewed by Alexey Proskuryakov. Fix <rdar://problem/6755724> <audio> and <video> elements can reference local file:/// URLs from remote in Safari Test cases to ensure that local 'src', 'poster', and <source> are not loaded. * http/tests/security/local-video-poster-from-remote-expected.txt: Added. * http/tests/security/local-video-poster-from-remote.html: Added. * http/tests/security/local-video-source-from-remote-expected.txt: Added. * http/tests/security/local-video-source-from-remote.html: Added. * http/tests/security/local-video-src-from-remote-expected.txt: Added. * http/tests/security/local-video-src-from-remote.html: Added. * http/tests/security/resources/load-media.cgi: Added. * http/tests/security/resources/silence.mpg: Added. 2009-04-14 Sam Weinig <sam@webkit.org> Reviewed by Darin Adler. Part of <rdar://problem/6150868> Test for incorrect handling of content that needs to go into the head element once the head element has been removed. * fast/parser/head-content-after-head-removal-expected.txt: Added. * fast/parser/head-content-after-head-removal.html: Added. 2009-04-08 Sam Weinig <sam@webkit.org> Reviewed by Geoffrey "Big Boy" Garen. Tests for <rdar://problem/5745677> Possible to stop load during an unload event * fast/events/resources/pass.html: Added. * fast/events/resources/subframe-stop-load-in-unload-handler-using-document-write.html: Added. * fast/events/resources/subframe-stop-load-in-unload-handler-using-window-stop.html: Added. * fast/events/stop-load-in-unload-handler-using-document-write-expected.txt: Added. * fast/events/stop-load-in-unload-handler-using-document-write.html: Added. * fast/events/stop-load-in-unload-handler-using-window-stop-expected.txt: Added. * fast/events/stop-load-in-unload-handler-using-window-stop.html: Added. 2009-04-08 Sam Weinig <sam@webkit.org> Reviewed by Anders Carlsson. Tests for <rdar://problem/6226200> Implement Microsoft's X-FRAME-OPTIONS anti-framing defense * http/tests/security/XFrameOptions: Added. * http/tests/security/XFrameOptions/resources: Added. * http/tests/security/XFrameOptions/resources/x-frame-options-deny-meta-tag-subframe-in-body.html: Added. * http/tests/security/XFrameOptions/resources/x-frame-options-deny-meta-tag-subframe-parent-same-origin-allow.html: Added. * http/tests/security/XFrameOptions/resources/x-frame-options-deny-meta-tag-subframe-parent-same-origin-deny.html: Added. * http/tests/security/XFrameOptions/resources/x-frame-options-deny-meta-tag-subframe.html: Added. * http/tests/security/XFrameOptions/resources/x-frame-options-deny.cgi: Added. * http/tests/security/XFrameOptions/resources/x-frame-options-parent-same-origin-allow.cgi: Added. * http/tests/security/XFrameOptions/resources/x-frame-options-parent-same-origin-deny.cgi: Added. * http/tests/security/XFrameOptions/x-frame-options-deny-expected.txt: Added. * http/tests/security/XFrameOptions/x-frame-options-deny-meta-tag-expected.txt: Added. * http/tests/security/XFrameOptions/x-frame-options-deny-meta-tag-in-body-expected.txt: Added. * http/tests/security/XFrameOptions/x-frame-options-deny-meta-tag-in-body.html: Added. * http/tests/security/XFrameOptions/x-frame-options-deny-meta-tag-parent-same-origin-allow-expected.txt: Added. * http/tests/security/XFrameOptions/x-frame-options-deny-meta-tag-parent-same-origin-allow.html: Added. * http/tests/security/XFrameOptions/x-frame-options-deny-meta-tag-parent-same-origin-deny-expected.txt: Added. * http/tests/security/XFrameOptions/x-frame-options-deny-meta-tag-parent-same-origin-deny.html: Added. * http/tests/security/XFrameOptions/x-frame-options-deny-meta-tag.html: Added. * http/tests/security/XFrameOptions/x-frame-options-deny.html: Added. * http/tests/security/XFrameOptions/x-frame-options-parent-same-origin-allow-expected.txt: Added. * http/tests/security/XFrameOptions/x-frame-options-parent-same-origin-allow.html: Added. * http/tests/security/XFrameOptions/x-frame-options-parent-same-origin-deny-expected.txt: Added. * http/tests/security/XFrameOptions/x-frame-options-parent-same-origin-deny.html: Added. 2009-04-03 Sam Weinig <sam@webkit.org> Reviewed by Darin Adler. Update tests for <rdar://problem/6330929> https://bugs.webkit.org/show_bug.cgi?id=21456 * dom/xhtml/level2/html/HTMLFormElement10-expected.txt: * fast/dom/Window/dom-access-from-closure-iframe-expected.txt: * fast/dom/Window/dom-access-from-closure-window-expected.txt: * http/tests/security/cross-frame-access-document-direct-expected.txt: Added. * http/tests/security/cross-frame-access-document-direct.html: Added. * http/tests/security/resources/cross-frame-iframe-for-document-direct-test-victim.html: Added. * http/tests/security/resources/cross-frame-iframe-for-document-direct-test.html: Added. 2009-04-03 Sam Weinig <sam@webkit.org> Reviewed by Oliver Hunt. Tests for <rdar://problem/6476356> https://bugs.webkit.org/show_bug.cgi?id=23148 Test for using the correct global object for location and history object prototype chain creation. * http/tests/security/cross-frame-access-history-prototype-expected.txt: Added. * http/tests/security/cross-frame-access-history-prototype.html: Added. * http/tests/security/cross-frame-access-location-prototype-expected.txt: Added. * http/tests/security/cross-frame-access-location-prototype.html: Added. * http/tests/security/resources/cross-frame-history-prototype-iframe.html: Added. * http/tests/security/resources/cross-frame-location-prototype-iframe.html: Added. 2009-03-29 Darin Adler <darin@apple.com> Reviewed by Dan Bernstein. <rdar://problem/6015407> attr parsing should allow only identifiers * fast/css/attr-parsing-expected.txt: Added. * fast/css/attr-parsing.html: Added. 2009-03-16 Sam Weinig <sam@webkit.org> Reviewed by Anders Carlsson. Test for <rdar://problem/6320555> Add an upper limit for setting HTMLSelectElement.length. * fast/forms/select-max-length-expected.txt: Added. * fast/forms/select-max-length.html: Added. 2009-02-26 Alexey Proskuryakov <ap@webkit.org> Reviewed by Darin Adler. https://bugs.webkit.org/show_bug.cgi?id=23500 KURL::parse() incorrectly compares its result to original string * fast/loader/url-parse-1-expected.txt: Updated results. Neither old nor new results match Firefox precisely. ++ b/WebCore/ChangeLog 2009-05-21 Geoffrey Garen <ggaren@apple.com> Reviewed by Sam Weinig. Test for <rdar://problem/6910832> | https://bugs.webkit.org/show_bug.cgi?id=25907 Incorrect URL returned to the DOM while the user drags a file * page/DragController.cpp: (WebCore::DragController::dragExited): (WebCore::DragController::tryDHTMLDrag): Don't base our decision on KURL, since that only looks at the text of the document's URL. Do base our decision on the securityOrigin(), which knows more about the document's actual origin. 2009-04-14 Eric Carlson <eric.carlson@apple.com> Reviewed by Alexey Proskuryakov. Fix <rdar://problem/6755724> <audio> and <video> elements can reference local file:/// URLs from remote in Safari Tests: http/tests/security/local-video-poster-from-remote.html http/tests/security/local-video-source-from-remote.html http/tests/security/local-video-src-from-remote.html * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::loadResource): Don't pass url to media engine unless loader->canLoad() says it is OK. 2009-04-14 Sam Weinig <sam@webkit.org> Reviewed by Darin Adler. Part of <rdar://problem/6150868> Fix incorrect handling of content that needs to go into the head element once the head element has been removed. Test: fast/parser/head-content-after-head-removal.html * html/HTMLParser.cpp: (WebCore::HTMLParser::HTMLParser): Remove unneeded initializer of m_head. (WebCore::HTMLParser::handleError): Update since m_head is now a RefPtr. (WebCore::HTMLParser::createHead): Ditto. * html/HTMLParser.h: Make m_head a RefPtr. 2009-04-08 Sam Weinig <sam@webkit.org> Reviewed by Geoffrey "Big Boy" Garen. Fix for <rdar://problem/5745677> Possible to stop load during an unload event Also fixes https://bugs.webkit.org/show_bug.cgi?id=20605 Tests: fast/events/stop-load-in-unload-handler-using-document-write.html fast/events/stop-load-in-unload-handler-using-window-stop.html Don't allow calling methods that would stop the new load inside the unload event. * loader/FrameLoader.cpp: (WebCore::FrameLoader::FrameLoader): (WebCore::FrameLoader::stopLoading): (WebCore::FrameLoader::stopAllLoaders): * loader/FrameLoader.h: 2009-04-08 Sam Weinig <sam@webkit.org> Reviewed by Anders Carlsson. Fix for <rdar://problem/6226200> Implement Microsoft's X-FRAME-OPTIONS anti-framing defense Tests: http/tests/security/XFrameOptions/x-frame-options-deny-meta-tag-in-body.html http/tests/security/XFrameOptions/x-frame-options-deny-meta-tag-parent-same-origin-allow.html http/tests/security/XFrameOptions/x-frame-options-deny-meta-tag-parent-same-origin-deny.html http/tests/security/XFrameOptions/x-frame-options-deny-meta-tag.html http/tests/security/XFrameOptions/x-frame-options-deny.html http/tests/security/XFrameOptions/x-frame-options-parent-same-origin-allow.html http/tests/security/XFrameOptions/x-frame-options-parent-same-origin-deny.html * dom/Document.cpp: (WebCore::Document::processHttpEquiv): Stop the current load and redirect to about:blank if an X-FRAME-OPTIONS <meta> tag http-equiq dictates we should. * loader/FrameLoader.cpp: (WebCore::FrameLoader::shouldInterruptLoadForXFrameOptions): Add logic to parse the X-FRAME-OPTIONS parameter. * loader/FrameLoader.h: * loader/MainResourceLoader.cpp: (WebCore::MainResourceLoader::didReceiveResponse): Stop the current load if framed and a X-FRAME-OPTIONS header and its parameter dictate that we should. 2009-04-05 Simon Hausmann <hausmann@webkit.org> Fix the Qt build. * bridge/qt/qt_runtime.h: (JSC::Bindings::QtRuntimeMethod::createPrototype): Take the JSGlobalObject as second argument. 2009-04-03 Sam Weinig <sam@webkit.org> Reviewed by Darin Adler. <rdar://problem/6330929> https://bugs.webkit.org/show_bug.cgi?id=21456 Don't update the document pointer for all inactive windows on navigations. This change causes us to differ slightly from Firefox when accessing the document from within a closure tied to a navigated context, but as all browsers differ on this edge case, I don't foresee compatibility issues. Test: http/tests/security/cross-frame-access-document-direct.html * bindings/js/JSDOMWindowBase.cpp: (WebCore::JSDOMWindowBase::~JSDOMWindowBase): * bindings/js/ScriptController.cpp: (WebCore::ScriptController::clearWindowShell): (WebCore::ScriptController::initScript): (WebCore::ScriptController::updateDocument): * bindings/js/ScriptController.h: 2009-04-03 Sam Weinig <sam@webkit.org> Reviewed by Oliver Hunt. Fix for <rdar://problem/6476356> https://bugs.webkit.org/show_bug.cgi?id=23148 - Use the window object the Location and History objects are directly associated with instead of the lexical global object to pick the object prototype to serve as the base of the their respective prototype chains. - Re-factor as necessary to allow passing the correct global object to the createPrototype functions. Tests: http/tests/security/cross-frame-access-history-prototype.html http/tests/security/cross-frame-access-location-prototype.html * bindings/js/JSAudioConstructor.cpp: (WebCore::JSAudioConstructor::JSAudioConstructor): * bindings/js/JSDOMBinding.cpp: (WebCore::getCachedDOMStructure): (WebCore::cacheDOMStructure): * bindings/js/JSDOMBinding.h: (WebCore::getDOMStructure): (WebCore::getDOMPrototype): * bindings/js/JSDOMWindowCustom.cpp: (WebCore::JSDOMWindow::history): (WebCore::JSDOMWindow::location): * bindings/js/JSDocumentCustom.cpp: (WebCore::JSDocument::location): * bindings/js/JSImageConstructor.cpp: (WebCore::JSImageConstructor::JSImageConstructor): * bindings/js/JSMessageChannelConstructor.cpp: (WebCore::JSMessageChannelConstructor::JSMessageChannelConstructor): * bindings/js/JSNamedNodesCollection.h: (WebCore::JSNamedNodesCollection::createPrototype): * bindings/js/JSOptionConstructor.cpp: (WebCore::JSOptionConstructor::JSOptionConstructor): * bindings/js/JSRGBColor.h: (WebCore::JSRGBColor::createPrototype): * bindings/js/JSWebKitCSSMatrixConstructor.cpp: (WebCore::JSWebKitCSSMatrixConstructor::JSWebKitCSSMatrixConstructor): * bindings/js/JSWebKitPointConstructor.cpp: (WebCore::JSWebKitPointConstructor::JSWebKitPointConstructor): * bindings/js/JSWorkerConstructor.cpp: (WebCore::JSWorkerConstructor::JSWorkerConstructor): * bindings/js/JSXMLHttpRequestConstructor.cpp: (WebCore::JSXMLHttpRequestConstructor::JSXMLHttpRequestConstructor): * bindings/js/JSXSLTProcessorConstructor.cpp: (WebCore::JSXSLTProcessorConstructor::JSXSLTProcessorConstructor): * bindings/scripts/CodeGeneratorJS.pm: * bridge/objc/objc_runtime.h: (JSC::Bindings::ObjcFallbackObjectImp::createPrototype): * bridge/runtime_array.h: (JSC::RuntimeArray::createPrototype): * bridge/runtime_method.h: (JSC::RuntimeMethod::createPrototype): * bridge/runtime_object.h: (JSC::RuntimeObjectImp::createPrototype): * page/DOMWindow.idl: 2009-03-29 Darin Adler <darin@apple.com> Reviewed by Dan Bernstein. <rdar://problem/6015407> attr parsing should allow only identifiers Test: fast/css/attr-parsing.html * css/CSSParser.cpp: (WebCore::CSSParser::parseContent): Allow only CSS_IDENT, and filter out identifiers that start with "-". * css/CSSPrimitiveValue.cpp: (WebCore::CSSPrimitiveValue::cssText): Added a case for CSS_ATTR so the test case works. This has the pleasant side effect of fixing a bug too. 2009-03-16 Sam Weinig <sam@webkit.org> Reviewed by Anders Carlsson. Fix for <rdar://problem/6320555> Add an upper limit for setting HTMLSelectElement.length. Test: fast/forms/select-max-length.html * html/HTMLSelectElement.cpp: (WebCore::HTMLSelectElement::setOption): (WebCore::HTMLSelectElement::setLength): 2009-03-10 Sam Weinig <sam@webkit.org> Reviewed by Geoffrey Garen. Fix for <rdar://problem/6166844> https://bugs.webkit.org/show_bug.cgi?id=24495 Use same rule for loading java applets as we do for images. * html/HTMLAppletElement.cpp: (WebCore::HTMLAppletElement::createRenderer): * loader/FrameLoader.cpp: (WebCore::FrameLoader::loadItem): 2009-02-26 Alexey Proskuryakov <ap@webkit.org> Reviewed by Darin Adler. https://bugs.webkit.org/show_bug.cgi?id=23500 KURL::parse() incorrectly compares its result to original string * platform/KURL.cpp: (WebCore::KURL::parse): Take string length into account. (cherry picked from commit 96b4fc79fd4a7b4d9cdae924ccec5643e7a49cf0)
author: Simon Hausmann <simon.hausmann@nokia.com> 2009-06-19 17:26:02 +0200
committer: Jason McDonald <jason.mcdonald@nokia.com> 2009-06-20 14:52:11 +1000
commit: 4b2b47ac6c9fe284dce45cf33ff674d7110c1619 (patch)
tree: 2205cad252a3e39ee289bb26e3d07eec54157451 /src/3rdparty/webkit/WebCore/bindings
parent: 38b46cf6f1d939768467a9e316c025334c671abb (diff)
14 files changed, 78 insertions, 35 deletions
diff --git a/src/3rdparty/webkit/WebCore/bindings/js/JSDOMBinding.cpp b/src/3rdparty/webkit/WebCore/bindings/js/JSDOMBinding.cpp
index 4cf083ac05..fca03d943c 100644
--- a/src/3rdparty/webkit/WebCore/bindings/js/JSDOMBinding.cpp
+++ b/src/3rdparty/webkit/WebCore/bindings/js/JSDOMBinding.cpp
@@ -509,19 +509,29 @@ ScriptState* scriptStateFromNode(Node* node)
     return frame->script()->globalObject()->globalExec();
 }
 
-Structure* getCachedDOMStructure(ExecState* exec, const ClassInfo* classInfo)
+Structure* getCachedDOMStructure(JSDOMGlobalObject* globalObject, const ClassInfo* classInfo)
 {
-    JSDOMStructureMap& structures = static_cast<JSDOMGlobalObject*>(exec->lexicalGlobalObject())->structures();
+    JSDOMStructureMap& structures = globalObject->structures();
     return structures.get(classInfo).get();
 }
 
-Structure* cacheDOMStructure(ExecState* exec, PassRefPtr<Structure> structure, const ClassInfo* classInfo)
+Structure* cacheDOMStructure(JSDOMGlobalObject* globalObject, PassRefPtr<Structure> structure, const ClassInfo* classInfo)
 {
-    JSDOMStructureMap& structures = static_cast<JSDOMGlobalObject*>(exec->lexicalGlobalObject())->structures();
+    JSDOMStructureMap& structures = globalObject->structures();
     ASSERT(!structures.contains(classInfo));
     return structures.set(classInfo, structure).first->second.get();
 }
 
+Structure* getCachedDOMStructure(ExecState* exec, const ClassInfo* classInfo)
+{
+    return getCachedDOMStructure(static_cast<JSDOMGlobalObject*>(exec->lexicalGlobalObject()), classInfo);
+}
+
+Structure* cacheDOMStructure(ExecState* exec, PassRefPtr<Structure> structure, const ClassInfo* classInfo)
+{
+    return cacheDOMStructure(static_cast<JSDOMGlobalObject*>(exec->lexicalGlobalObject()), structure, classInfo);
+}
+
 JSObject* getCachedDOMConstructor(ExecState* exec, const ClassInfo* classInfo)
 {
     JSDOMConstructorMap& constructors = static_cast<JSDOMGlobalObject*>(exec->lexicalGlobalObject())->constructors();
diff --git a/src/3rdparty/webkit/WebCore/bindings/js/JSDOMBinding.h b/src/3rdparty/webkit/WebCore/bindings/js/JSDOMBinding.h
index 71da21b20c..5870ecc2aa 100644
--- a/src/3rdparty/webkit/WebCore/bindings/js/JSDOMBinding.h
+++ b/src/3rdparty/webkit/WebCore/bindings/js/JSDOMBinding.h
@@ -73,21 +73,27 @@ namespace WebCore {
     void markActiveObjectsForContext(JSC::JSGlobalData&, ScriptExecutionContext*);
     void markDOMObjectWrapper(JSC::JSGlobalData& globalData, void* object);
 
+    JSC::Structure* getCachedDOMStructure(JSDOMGlobalObject*, const JSC::ClassInfo*);
+    JSC::Structure* cacheDOMStructure(JSDOMGlobalObject*, PassRefPtr<JSC::Structure>, const JSC::ClassInfo*);
     JSC::Structure* getCachedDOMStructure(JSC::ExecState*, const JSC::ClassInfo*);
     JSC::Structure* cacheDOMStructure(JSC::ExecState*, PassRefPtr<JSC::Structure>, const JSC::ClassInfo*);
 
     JSC::JSObject* getCachedDOMConstructor(JSC::ExecState*, const JSC::ClassInfo*);
     void cacheDOMConstructor(JSC::ExecState*, const JSC::ClassInfo*, JSC::JSObject* constructor);
 
-    template<class WrapperClass> inline JSC::Structure* getDOMStructure(JSC::ExecState* exec)
+    template<class WrapperClass> inline JSC::Structure* getDOMStructure(JSC::ExecState* exec, JSDOMGlobalObject* globalObject)
     {
-        if (JSC::Structure* structure = getCachedDOMStructure(exec, &WrapperClass::s_info))
+        if (JSC::Structure* structure = getCachedDOMStructure(globalObject, &WrapperClass::s_info))
             return structure;
-        return cacheDOMStructure(exec, WrapperClass::createStructure(WrapperClass::createPrototype(exec)), &WrapperClass::s_info);
+        return cacheDOMStructure(globalObject, WrapperClass::createStructure(WrapperClass::createPrototype(exec, globalObject)), &WrapperClass::s_info);
+    }
+    template<class WrapperClass> inline JSC::Structure* getDOMStructure(JSC::ExecState* exec)
+    {
+        return getDOMStructure<WrapperClass>(exec, static_cast<JSDOMGlobalObject*>(exec->lexicalGlobalObject()));
     }
-    template<class WrapperClass> inline JSC::JSObject* getDOMPrototype(JSC::ExecState* exec)
+    template<class WrapperClass> inline JSC::JSObject* getDOMPrototype(JSC::ExecState* exec, JSC::JSGlobalObject* globalObject)
     {
-        return static_cast<JSC::JSObject*>(asObject(getDOMStructure<WrapperClass>(exec)->storedPrototype()));
+        return static_cast<JSC::JSObject*>(asObject(getDOMStructure<WrapperClass>(exec, static_cast<JSDOMGlobalObject*>(globalObject))->storedPrototype()));
     }
     #define CREATE_DOM_OBJECT_WRAPPER(exec, className, object) createDOMObjectWrapper<JS##className>(exec, static_cast<className*>(object))
     template<class WrapperClass, class DOMClass> inline DOMObject* createDOMObjectWrapper(JSC::ExecState* exec, DOMClass* object)
diff --git a/src/3rdparty/webkit/WebCore/bindings/js/JSDOMWindowBase.cpp b/src/3rdparty/webkit/WebCore/bindings/js/JSDOMWindowBase.cpp
index 10fc022881..fa22c9bb23 100644
--- a/src/3rdparty/webkit/WebCore/bindings/js/JSDOMWindowBase.cpp
+++ b/src/3rdparty/webkit/WebCore/bindings/js/JSDOMWindowBase.cpp
@@ -153,8 +153,6 @@ void JSDOMWindowBase::updateDocument()
 
 JSDOMWindowBase::~JSDOMWindowBase()
 {
-    if (d()->impl->frame())
-        d()->impl->frame()->script()->clearFormerWindow(asJSDOMWindow(this));
 }
 
 ScriptExecutionContext* JSDOMWindowBase::scriptExecutionContext() const
diff --git a/src/3rdparty/webkit/WebCore/bindings/js/JSDOMWindowCustom.cpp b/src/3rdparty/webkit/WebCore/bindings/js/JSDOMWindowCustom.cpp
index 2c5f882825..74b290d6b0 100644
--- a/src/3rdparty/webkit/WebCore/bindings/js/JSDOMWindowCustom.cpp
+++ b/src/3rdparty/webkit/WebCore/bindings/js/JSDOMWindowCustom.cpp
@@ -28,9 +28,13 @@
 #include "Frame.h"
 #include "FrameLoader.h"
 #include "FrameTree.h"
+#include "History.h"
 #include "JSDOMWindowShell.h"
 #include "JSEventListener.h"
+#include "JSHistory.h"
+#include "JSLocation.h"
 #include "JSMessagePort.h"
+#include "Location.h"
 #include "MessagePort.h"
 #include "ScriptController.h"
 #include "Settings.h"
@@ -124,6 +128,28 @@ JSValuePtr JSDOMWindow::lookupSetter(ExecState* exec, const Identifier& property
     return Base::lookupSetter(exec, propertyName);
 }
 
+JSValuePtr JSDOMWindow::history(ExecState* exec) const
+{
+    History* history = impl()->history();
+    if (DOMObject* wrapper = getCachedDOMObjectWrapper(exec->globalData(), history))
+        return wrapper;
+
+    JSHistory* jsHistory = new (exec) JSHistory(getDOMStructure<JSHistory>(exec, const_cast<JSDOMWindow*>(this)), history);
+    cacheDOMObjectWrapper(exec->globalData(), history, jsHistory);
+    return jsHistory;
+}
+
+JSValuePtr JSDOMWindow::location(ExecState* exec) const
+{
+    Location* location = impl()->location();
+    if (DOMObject* wrapper = getCachedDOMObjectWrapper(exec->globalData(), location))
+        return wrapper;
+
+    JSLocation* jsLocation = new (exec) JSLocation(getDOMStructure<JSLocation>(exec, const_cast<JSDOMWindow*>(this)), location);
+    cacheDOMObjectWrapper(exec->globalData(), location, jsLocation);
+    return jsLocation;
+}
+
 void JSDOMWindow::setLocation(ExecState* exec, JSValuePtr value)
 {
     Frame* activeFrame = asJSDOMWindow(exec->dynamicGlobalObject())->impl()->frame();
diff --git a/src/3rdparty/webkit/WebCore/bindings/js/JSDocumentCustom.cpp b/src/3rdparty/webkit/WebCore/bindings/js/JSDocumentCustom.cpp
index f292b388ae..316252a5d1 100644
--- a/src/3rdparty/webkit/WebCore/bindings/js/JSDocumentCustom.cpp
+++ b/src/3rdparty/webkit/WebCore/bindings/js/JSDocumentCustom.cpp
@@ -55,7 +55,14 @@ JSValuePtr JSDocument::location(ExecState* exec) const
     if (!frame)
         return jsNull();
 
-    return toJS(exec, frame->domWindow()->location());
+    Location* location = frame->domWindow()->location();
+    if (DOMObject* wrapper = getCachedDOMObjectWrapper(exec->globalData(), location))
+        return wrapper;
+
+    JSDOMWindow* window = static_cast<JSDOMWindow*>(exec->lexicalGlobalObject());
+    JSLocation* jsLocation = new (exec) JSLocation(getDOMStructure<JSLocation>(exec, window), location);
+    cacheDOMObjectWrapper(exec->globalData(), location, jsLocation);
+    return jsLocation;
 }
 
 void JSDocument::setLocation(ExecState* exec, JSValuePtr value)
diff --git a/src/3rdparty/webkit/WebCore/bindings/js/JSImageConstructor.cpp b/src/3rdparty/webkit/WebCore/bindings/js/JSImageConstructor.cpp
index 2237c7acfe..c33653ff87 100644
--- a/src/3rdparty/webkit/WebCore/bindings/js/JSImageConstructor.cpp
+++ b/src/3rdparty/webkit/WebCore/bindings/js/JSImageConstructor.cpp
@@ -21,6 +21,7 @@
 #include "JSImageConstructor.h"
 
 #include "HTMLImageElement.h"
+#include "JSHTMLImageElement.h"
 #include "HTMLNames.h"
 #include "JSNode.h"
 #include "ScriptExecutionContext.h"
@@ -38,6 +39,8 @@ JSImageConstructor::JSImageConstructor(ExecState* exec, ScriptExecutionContext*
 {
     ASSERT(context->isDocument());
     m_document = static_cast<JSDocument*>(asObject(toJS(exec, static_cast<Document*>(context))));
+
+    putDirect(exec->propertyNames().prototype, JSHTMLImageElementPrototype::self(exec, exec->lexicalGlobalObject()), None);
 }
 
 static JSObject* constructImage(ExecState* exec, JSObject* constructor, const ArgList& args)
diff --git a/src/3rdparty/webkit/WebCore/bindings/js/JSMessageChannelConstructor.cpp b/src/3rdparty/webkit/WebCore/bindings/js/JSMessageChannelConstructor.cpp
index 6c11bea4a6..98411fa006 100644
--- a/src/3rdparty/webkit/WebCore/bindings/js/JSMessageChannelConstructor.cpp
+++ b/src/3rdparty/webkit/WebCore/bindings/js/JSMessageChannelConstructor.cpp
@@ -51,7 +51,7 @@ JSMessageChannelConstructor::JSMessageChannelConstructor(ExecState* exec, Script
     else
         ASSERT_NOT_REACHED();
 
-    putDirect(exec->propertyNames().prototype, JSMessageChannelPrototype::self(exec), None);
+    putDirect(exec->propertyNames().prototype, JSMessageChannelPrototype::self(exec, exec->lexicalGlobalObject()), None);
 }
 
 JSMessageChannelConstructor::~JSMessageChannelConstructor()
diff --git a/src/3rdparty/webkit/WebCore/bindings/js/JSNamedNodesCollection.h b/src/3rdparty/webkit/WebCore/bindings/js/JSNamedNodesCollection.h
index 19f194b9e3..fff4d6c83d 100644
--- a/src/3rdparty/webkit/WebCore/bindings/js/JSNamedNodesCollection.h
+++ b/src/3rdparty/webkit/WebCore/bindings/js/JSNamedNodesCollection.h
@@ -44,9 +44,9 @@ namespace WebCore {
         virtual const JSC::ClassInfo* classInfo() const { return &s_info; }
         static const JSC::ClassInfo s_info;
 
-        static JSC::ObjectPrototype* createPrototype(JSC::ExecState* exec)
+        static JSC::ObjectPrototype* createPrototype(JSC::ExecState*, JSC::JSGlobalObject* globalObject)
         {
-            return exec->lexicalGlobalObject()->objectPrototype();
+            return globalObject->objectPrototype();
         }
 
         static PassRefPtr<JSC::Structure> createStructure(JSC::JSValuePtr prototype)
diff --git a/src/3rdparty/webkit/WebCore/bindings/js/JSRGBColor.h b/src/3rdparty/webkit/WebCore/bindings/js/JSRGBColor.h
index d5acff3bcf..2f514074f6 100644
--- a/src/3rdparty/webkit/WebCore/bindings/js/JSRGBColor.h
+++ b/src/3rdparty/webkit/WebCore/bindings/js/JSRGBColor.h
@@ -38,9 +38,9 @@ namespace WebCore {
 
         unsigned impl() const { return m_color; }
 
-        static JSC::ObjectPrototype* createPrototype(JSC::ExecState* exec)
+        static JSC::ObjectPrototype* createPrototype(JSC::ExecState*, JSC::JSGlobalObject* globalObject)
         {
-            return exec->lexicalGlobalObject()->objectPrototype();
+            return globalObject->objectPrototype();
         }
 
         static PassRefPtr<JSC::Structure> createStructure(JSC::JSValuePtr prototype)
diff --git a/src/3rdparty/webkit/WebCore/bindings/js/JSXMLHttpRequestConstructor.cpp b/src/3rdparty/webkit/WebCore/bindings/js/JSXMLHttpRequestConstructor.cpp
index d7f54dead7..5269208848 100644
--- a/src/3rdparty/webkit/WebCore/bindings/js/JSXMLHttpRequestConstructor.cpp
+++ b/src/3rdparty/webkit/WebCore/bindings/js/JSXMLHttpRequestConstructor.cpp
@@ -37,8 +37,7 @@ JSXMLHttpRequestConstructor::JSXMLHttpRequestConstructor(ExecState* exec, Script
 {
     ASSERT(context->isDocument());
     m_document = static_cast<JSDocument*>(asObject(toJS(exec, static_cast<Document*>(context))));
-
-    putDirect(exec->propertyNames().prototype, JSXMLHttpRequestPrototype::self(exec), None);
+    putDirect(exec->propertyNames().prototype, JSXMLHttpRequestPrototype::self(exec, exec->lexicalGlobalObject()), None);
 }
 
 static JSObject* constructXMLHttpRequest(ExecState* exec, JSObject* constructor, const ArgList&)
diff --git a/src/3rdparty/webkit/WebCore/bindings/js/JSXSLTProcessorConstructor.cpp b/src/3rdparty/webkit/WebCore/bindings/js/JSXSLTProcessorConstructor.cpp
index ed456e1f43..efa74c9922 100644
--- a/src/3rdparty/webkit/WebCore/bindings/js/JSXSLTProcessorConstructor.cpp
+++ b/src/3rdparty/webkit/WebCore/bindings/js/JSXSLTProcessorConstructor.cpp
@@ -44,7 +44,7 @@ const ClassInfo JSXSLTProcessorConstructor::s_info = { "XSLTProcessorConsructor"
 JSXSLTProcessorConstructor::JSXSLTProcessorConstructor(ExecState* exec)
     : DOMObject(JSXSLTProcessorConstructor::createStructure(exec->lexicalGlobalObject()->objectPrototype()))
 {
-    putDirect(exec->propertyNames().prototype, JSXSLTProcessorPrototype::self(exec), None);
+    putDirect(exec->propertyNames().prototype, JSXSLTProcessorPrototype::self(exec, exec->lexicalGlobalObject()), None);
 }
 
 static JSObject* constructXSLTProcessor(ExecState* exec, JSObject*, const ArgList&)
diff --git a/src/3rdparty/webkit/WebCore/bindings/js/ScriptController.cpp b/src/3rdparty/webkit/WebCore/bindings/js/ScriptController.cpp
index ebed71d7bd..c5696ed431 100644
--- a/src/3rdparty/webkit/WebCore/bindings/js/ScriptController.cpp
+++ b/src/3rdparty/webkit/WebCore/bindings/js/ScriptController.cpp
@@ -133,7 +133,6 @@ void ScriptController::clearWindowShell()
 
     JSLock lock(false);
     m_windowShell->window()->clear();
-    m_liveFormerWindows.add(m_windowShell->window());
     m_windowShell->setWindow(m_frame->domWindow());
     if (Page* page = m_frame->page()) {
         attachDebugger(page->debugger());
@@ -168,7 +167,7 @@ void ScriptController::initScript()
     JSLock lock(false);
 
     m_windowShell = new JSDOMWindowShell(m_frame->domWindow());
-    updateDocument();
+    m_windowShell->window()->updateDocument();
 
     if (Page* page = m_frame->page()) {
         attachDebugger(page->debugger());
@@ -231,9 +230,6 @@ void ScriptController::updateDocument()
     JSLock lock(false);
     if (m_windowShell)
         m_windowShell->window()->updateDocument();
-    HashSet<JSDOMWindow*>::iterator end = m_liveFormerWindows.end();
-    for (HashSet<JSDOMWindow*>::iterator it = m_liveFormerWindows.begin(); it != end; ++it)
-        (*it)->updateDocument();
 }
 
 void ScriptController::updateSecurityOrigin()
diff --git a/src/3rdparty/webkit/WebCore/bindings/js/ScriptController.h b/src/3rdparty/webkit/WebCore/bindings/js/ScriptController.h
index c952cc263a..20f57a41fb 100644
--- a/src/3rdparty/webkit/WebCore/bindings/js/ScriptController.h
+++ b/src/3rdparty/webkit/WebCore/bindings/js/ScriptController.h
@@ -100,7 +100,6 @@ public:
     const String* sourceURL() const { return m_sourceURL; } // 0 if we are not evaluating any script
 
     void clearWindowShell();
-    void clearFormerWindow(JSDOMWindow* window) { m_liveFormerWindows.remove(window); }
     void updateDocument();
 
     // Notifies the ScriptController that the securityOrigin of the current
@@ -142,7 +141,6 @@ private:
     void disconnectPlatformScriptObjects();
 
     JSC::ProtectedPtr<JSDOMWindowShell> m_windowShell;
-    HashSet<JSDOMWindow*> m_liveFormerWindows;
     Frame* m_frame;
     int m_handlerLineno;
     const String* m_sourceURL;
diff --git a/src/3rdparty/webkit/WebCore/bindings/scripts/CodeGeneratorJS.pm b/src/3rdparty/webkit/WebCore/bindings/scripts/CodeGeneratorJS.pm
index f1061df5de..b2990f2698 100644
--- a/src/3rdparty/webkit/WebCore/bindings/scripts/CodeGeneratorJS.pm
+++ b/src/3rdparty/webkit/WebCore/bindings/scripts/CodeGeneratorJS.pm
@@ -438,7 +438,7 @@ sub GenerateHeader
     push(@headerContent, "    virtual ~$className();\n") if (!$hasParent or $interfaceName eq "Document");
 
     # Prototype
-    push(@headerContent, "    static JSC::JSObject* createPrototype(JSC::ExecState*);\n") unless ($dataNode->extendedAttributes->{"ExtendsDOMGlobalObject"});
+    push(@headerContent, "    static JSC::JSObject* createPrototype(JSC::ExecState*, JSC::JSGlobalObject*);\n") unless ($dataNode->extendedAttributes->{"ExtendsDOMGlobalObject"});
 
     $implIncludes{"${className}Custom.h"} = 1 if $dataNode->extendedAttributes->{"CustomHeader"} || $dataNode->extendedAttributes->{"CustomPutFunction"};
 
@@ -664,7 +664,7 @@ sub GenerateHeader
     } elsif ($interfaceName eq "WorkerContext") {
         push(@headerContent, "    void* operator new(size_t, JSC::JSGlobalData*);\n");
     } else {
-        push(@headerContent, "    static JSC::JSObject* self(JSC::ExecState*);\n");
+        push(@headerContent, "    static JSC::JSObject* self(JSC::ExecState*, JSC::JSGlobalObject*);\n");
     }
     push(@headerContent, "    virtual const JSC::ClassInfo* classInfo() const { return &s_info; }\n");
     push(@headerContent, "    static const JSC::ClassInfo s_info;\n");
@@ -913,9 +913,9 @@ sub GenerateImplementation
         push(@implContent, "    return globalData->heap.allocate(size);\n");
         push(@implContent, "}\n\n");
     } else {
-        push(@implContent, "JSObject* ${className}Prototype::self(ExecState* exec)\n");
+        push(@implContent, "JSObject* ${className}Prototype::self(ExecState* exec, JSGlobalObject* globalObject)\n");
         push(@implContent, "{\n");
-        push(@implContent, "    return getDOMPrototype<${className}>(exec);\n");
+        push(@implContent, "    return getDOMPrototype<${className}>(exec, globalObject);\n");
         push(@implContent, "}\n\n");
     }
     if ($numConstants > 0 || $numFunctions > 0) {
@@ -1013,12 +1013,12 @@ sub GenerateImplementation
     }
 
     if (!$dataNode->extendedAttributes->{"ExtendsDOMGlobalObject"}) {
-        push(@implContent, "JSObject* ${className}::createPrototype(ExecState* exec)\n");
+        push(@implContent, "JSObject* ${className}::createPrototype(ExecState* exec, JSGlobalObject* globalObject)\n");
         push(@implContent, "{\n");
         if ($hasParent && $parentClassName ne "JSC::DOMNodeFilter") {
-            push(@implContent, "    return new (exec) ${className}Prototype(${className}Prototype::createStructure(${parentClassName}Prototype::self(exec)));\n");
+            push(@implContent, "    return new (exec) ${className}Prototype(${className}Prototype::createStructure(${parentClassName}Prototype::self(exec, globalObject)));\n");
         } else {
-            push(@implContent, "    return new (exec) ${className}Prototype(${className}Prototype::createStructure(exec->lexicalGlobalObject()->objectPrototype()));\n");
+            push(@implContent, "    return new (exec) ${className}Prototype(${className}Prototype::createStructure(globalObject->objectPrototype()));\n");
         }
         push(@implContent, "}\n\n");
     }
@@ -1998,7 +1998,7 @@ public:
     ${className}Constructor(ExecState* exec)
         : DOMObject(${className}Constructor::createStructure(exec->lexicalGlobalObject()->objectPrototype()))
     {
-        putDirect(exec->propertyNames().prototype, ${protoClassName}::self(exec), None);
+        putDirect(exec->propertyNames().prototype, ${protoClassName}::self(exec, exec->lexicalGlobalObject()), None);
     }
     virtual bool getOwnPropertySlot(ExecState*, const Identifier&, PropertySlot&);
     virtual const ClassInfo* classInfo() const { return &s_info; }
author	Simon Hausmann <simon.hausmann@nokia.com>	2009-06-19 17:26:02 +0200
committer	Jason McDonald <jason.mcdonald@nokia.com>	2009-06-20 14:52:11 +1000
commit	4b2b47ac6c9fe284dce45cf33ff674d7110c1619 (patch)
tree	2205cad252a3e39ee289bb26e3d07eec54157451 /src/3rdparty/webkit/WebCore/bindings
parent	38b46cf6f1d939768467a9e316c025334c671abb (diff)