Upgrade insecure requests: Pipe navigational hosts down into nested documents.

Source/core/frame/csp/ContentSecurityPolicy.cpp

Index: Source/core/frame/csp/ContentSecurityPolicy.cpp
diff --git a/Source/core/frame/csp/ContentSecurityPolicy.cpp b/Source/core/frame/csp/ContentSecurityPolicy.cpp
index 7533db5ee3cc34b2a34e511ebb043f580591ec65..c7d5031576a4841bb791521e945cc85eb21c1a1d 100644
--- a/Source/core/frame/csp/ContentSecurityPolicy.cpp
+++ b/Source/core/frame/csp/ContentSecurityPolicy.cpp
@@ -176,8 +176,10 @@ void ContentSecurityPolicy::applyPolicySideEffectsToExecutionContext()
             document->enforceStrictMixedContentChecking();
         if (didSetReferrerPolicy())
             document->setReferrerPolicy(m_referrerPolicy);
-        if (m_insecureRequestsPolicy > document->insecureRequestsPolicy())
+        if (m_insecureRequestsPolicy > document->insecureRequestsPolicy()) {
             document->setInsecureRequestsPolicy(m_insecureRequestsPolicy);
+            document->addInsecureNavigationUpgrade(securityOrigin()->host().impl()->hash());
+        }

[Yoav Weiss, 2015/03/17 15:17:27]

Are we sure that securityOrigin is not null? Same Q for impl().

If yes, let's add ASSERTs here, otherwise, NULL checks?

[Mike West, 2015/03/18 09:31:53]

ASSERT and isNull() added.

 
         for (const auto& consoleMessage : m_consoleMessages)
             m_executionContext->addConsoleMessage(consoleMessage);