Don't autofill credit cards on non-secure pages

components/autofill/core/browser/autofill_client.h

Index: components/autofill/core/browser/autofill_client.h
diff --git a/components/autofill/core/browser/autofill_client.h b/components/autofill/core/browser/autofill_client.h
index 6d2edcab3db9f361f4383d63bb7b4556b46d6cb3..8fb749f81696300c9c61634f7592d5eee97ebeb7 100644
--- a/components/autofill/core/browser/autofill_client.h
+++ b/components/autofill/core/browser/autofill_client.h
@@ -12,6 +12,7 @@
 #include "base/memory/weak_ptr.h"
 #include "base/strings/string16.h"
 #include "ui/base/window_open_disposition.h"
+#include "url/gurl.h"
 
 class IdentityProvider;
 
@@ -173,6 +174,13 @@ class AutofillClient {
   // Opens |url| with the supplied |disposition|.
   virtual void LinkClicked(const GURL& url,
                            WindowOpenDisposition disposition) = 0;
+
+  // If the context is secure. Default implementation only checks the
+  // |form_origin|'s scheme being cryptographic, override in inherited classes
+  // to also check for secure https and no mixed content.
+  virtual bool IsContextSecure(const GURL& form_origin) {
+    return form_origin.SchemeIsCryptographic();

[Evan Stade, 2015/06/25 23:54:57]

ah, I didn't notice this code because normally we don't put code in header
files. This would go in a .cc file, except this is an interface and there should
be no default implementations.

[sigbjorn, 2015/06/26 07:30:44]

What do you prefer as a solution then? To avoid a default implementation, all
inherited classes must be fixed. I believe that leaves Mac and Android, I don't
know if there are any more. I do not have the setup to fix code for those OSes.
(I can try fixing them blindly, and use reviews and attempted commits to notice
any obvious issues.)

Another approach is to file separate bugs for those platforms, and remove the
default implementation once those have been fixed.

+  };
 };
 
 }  // namespace autofill