Index: Source/core/loader/FrameFetchContext.cpp |
diff --git a/Source/core/loader/FrameFetchContext.cpp b/Source/core/loader/FrameFetchContext.cpp |
index 2ff4516d9dd31350df7f2432cb91f7a2a676147a..e9a2b218f9e9871cee8f40aef6d5fcd962e3af25 100644 |
--- a/Source/core/loader/FrameFetchContext.cpp |
+++ b/Source/core/loader/FrameFetchContext.cpp |
@@ -627,7 +627,7 @@ void FrameFetchContext::upgradeInsecureRequest(FetchRequest& fetchRequest) |
// Tack a 'Prefer' header to outgoing navigational requests, as described in |
// https://w3c.github.io/webappsec/specs/upgrade/#feature-detect |
if (fetchRequest.resourceRequest().frameType() != WebURLRequest::FrameTypeNone && !SecurityOrigin::isSecure(url)) |
- fetchRequest.mutableResourceRequest().addHTTPHeaderField("Prefer", "return=secure-representation"); |
+ fetchRequest.mutableResourceRequest().addHTTPHeaderField("Prefer", "tls"); |
if (m_document->insecureRequestsPolicy() == SecurityContext::InsecureRequestsUpgrade && url.protocolIs("http")) { |
// We always upgrade subresource requests and nested frames, we always upgrade form |
@@ -645,6 +645,7 @@ void FrameFetchContext::upgradeInsecureRequest(FetchRequest& fetchRequest) |
if (url.port() == 80) |
url.setPort(443); |
fetchRequest.mutableResourceRequest().setURL(url); |
+ fetchRequest.mutableResourceRequest().addHTTPHeaderField("Upgraded", "1"); |
} |
} |
} |