Index: public/web/WebSecurityPolicy.h |
diff --git a/public/web/WebSecurityPolicy.h b/public/web/WebSecurityPolicy.h |
index a21f36c23a209083c7adcf24a56a9a35e14d52d4..29ea62927a270d408e9a33c221a40cf9a0846719 100644 |
--- a/public/web/WebSecurityPolicy.h |
+++ b/public/web/WebSecurityPolicy.h |
@@ -61,10 +61,15 @@ public: |
// schemes are not registered as "secure" are embedded. |
BLINK_EXPORT static void registerURLSchemeAsRestrictingMixedContent(const WebString&); |
- // Registers a URL scheme to not generate mixed content warnings when |
- // included by page whose scheme is registed as restricting mixed content. |
+ // For example, https and wss are secure schemes because they cannot be |
Tom Sepez
2015/04/01 17:11:49
nit: same here.
palmer
2015/04/03 19:21:44
Done.
|
+ // corrupted by active network attackers, nor eavesdropped on by passive |
+ // network attackers.. Subresources transported by secure schemes do not |
+ // trigger mixed content warnings. |
BLINK_EXPORT static void registerURLSchemeAsSecure(const WebString&); |
+ // Returns true if the scheme has been registered as a secure scheme. |
+ BLINK_EXPORT static bool shouldTreatURLSchemeAsSecure(const WebString&); |
+ |
// Registers a non-HTTP URL scheme which can be sent CORS requests. |
BLINK_EXPORT static void registerURLSchemeAsCORSEnabled(const WebString&); |