OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2013 Google Inc. All rights reserved. | 2 * Copyright (C) 2013 Google Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
6 * met: | 6 * met: |
7 * | 7 * |
8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
(...skipping 607 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
618 return m_document ? m_document->securityOrigin() : nullptr; | 618 return m_document ? m_document->securityOrigin() : nullptr; |
619 } | 619 } |
620 | 620 |
621 String FrameFetchContext::charset() const | 621 String FrameFetchContext::charset() const |
622 { | 622 { |
623 return m_document ? m_document->charset().string() : String(); | 623 return m_document ? m_document->charset().string() : String(); |
624 } | 624 } |
625 | 625 |
626 void FrameFetchContext::upgradeInsecureRequest(FetchRequest& fetchRequest) | 626 void FrameFetchContext::upgradeInsecureRequest(FetchRequest& fetchRequest) |
627 { | 627 { |
628 if (!m_document || !RuntimeEnabledFeatures::experimentalContentSecurityPolic
yFeaturesEnabled()) | 628 if (!m_document) |
629 return; | 629 return; |
630 | 630 |
631 KURL url = fetchRequest.resourceRequest().url(); | 631 KURL url = fetchRequest.resourceRequest().url(); |
632 | 632 |
633 // Tack an 'HTTPS' header to outgoing navigational requests, as described in | 633 // Tack an 'HTTPS' header to outgoing navigational requests, as described in |
634 // https://w3c.github.io/webappsec/specs/upgrade/#feature-detect | 634 // https://w3c.github.io/webappsec/specs/upgrade/#feature-detect |
635 if (fetchRequest.resourceRequest().frameType() != WebURLRequest::FrameTypeNo
ne) | 635 if (fetchRequest.resourceRequest().frameType() != WebURLRequest::FrameTypeNo
ne) |
636 fetchRequest.mutableResourceRequest().addHTTPHeaderField("HTTPS", "1"); | 636 fetchRequest.mutableResourceRequest().addHTTPHeaderField("HTTPS", "1"); |
637 | 637 |
638 if (m_document->insecureRequestsPolicy() == SecurityContext::InsecureRequest
sUpgrade && url.protocolIs("http")) { | 638 if (m_document->insecureRequestsPolicy() == SecurityContext::InsecureRequest
sUpgrade && url.protocolIs("http")) { |
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
680 fetchRequest.mutableResourceRequest().addHTTPHeaderField("CSP", "active"
); | 680 fetchRequest.mutableResourceRequest().addHTTPHeaderField("CSP", "active"
); |
681 } | 681 } |
682 | 682 |
683 DEFINE_TRACE(FrameFetchContext) | 683 DEFINE_TRACE(FrameFetchContext) |
684 { | 684 { |
685 visitor->trace(m_document); | 685 visitor->trace(m_document); |
686 FetchContext::trace(visitor); | 686 FetchContext::trace(visitor); |
687 } | 687 } |
688 | 688 |
689 } // namespace blink | 689 } // namespace blink |
OLD | NEW |