Upgrade insecure requests: Pipe navigational hosts down into nested documents.

Source/core/loader/FrameLoader.cpp

Index: Source/core/loader/FrameLoader.cpp
diff --git a/Source/core/loader/FrameLoader.cpp b/Source/core/loader/FrameLoader.cpp
index 750cdfb588091093dcdfab606c5317e81f6cc9e5..c30804aa1cba9d59522d0b6cdc79614ed337e971 100644
--- a/Source/core/loader/FrameLoader.cpp
+++ b/Source/core/loader/FrameLoader.cpp
@@ -1420,4 +1420,18 @@ SecurityContext::InsecureRequestsPolicy FrameLoader::insecureRequestsPolicy() co
     return toLocalFrame(parentFrame)->document()->insecureRequestsPolicy();
 }
 
+SecurityContext::InsecureNavigationsSet* FrameLoader::insecureNavigationsToUpgrade() const
+{
+    Frame* parentFrame = m_frame->tree().parent();

[Yoav Weiss, 2015/03/17 15:17:28]

ASSERT for m_frame? (although the rest of the file doesn't do that for some
reason...)

[Mike West, 2015/03/18 09:31:53]

Done.

+    if (!parentFrame)
+        return nullptr;
+
+    // FIXME: We need a way to propagate insecure requests policy flags to
+    // out-of-process frames. For now, we'll always use default behavior.
+    if (!parentFrame->isLocalFrame())
+        return nullptr;
+
+    return toLocalFrame(parentFrame)->document()->insecureNavigationsToUpgrade();

[Yoav Weiss, 2015/03/17 15:17:28]

are we sure the parent frame has a doc?

[Mike West, 2015/03/18 09:31:53]

If the parent frame didn't have a doc, it wouldn't be this frame's parent, would
it? I'll add an assert.

+}
+
 } // namespace blink