| Index: Source/core/loader/MixedContentChecker.cpp
|
| diff --git a/Source/core/loader/MixedContentChecker.cpp b/Source/core/loader/MixedContentChecker.cpp
|
| index 449058f80cec9b82bb8e0a250f6ee313b3b95c8c..a90d0a2209aa79d82454da763ec1696cdf3bd54b 100644
|
| --- a/Source/core/loader/MixedContentChecker.cpp
|
| +++ b/Source/core/loader/MixedContentChecker.cpp
|
| @@ -38,6 +38,7 @@
|
| #include "core/loader/FrameLoader.h"
|
| #include "core/loader/FrameLoaderClient.h"
|
| #include "platform/RuntimeEnabledFeatures.h"
|
| +#include "platform/network/ResourceRequest.h"
|
| #include "platform/weborigin/SchemeRegistry.h"
|
| #include "platform/weborigin/SecurityOrigin.h"
|
| #include "public/platform/Platform.h"
|
| @@ -99,7 +100,7 @@ LocalFrame* MixedContentChecker::inWhichFrameIsContentMixed(LocalFrame* frame, W
|
| }
|
|
|
| // static
|
| -MixedContentChecker::ContextType MixedContentChecker::contextTypeFromContext(WebURLRequest::RequestContext context, LocalFrame* frame)
|
| +ResourceRequest::ContextType MixedContentChecker::contextTypeFromContext(WebURLRequest::RequestContext context, LocalFrame* frame)
|
| {
|
| switch (context) {
|
| // "Optionally-blockable" mixed content
|
| @@ -107,12 +108,12 @@ MixedContentChecker::ContextType MixedContentChecker::contextTypeFromContext(Web
|
| case WebURLRequest::RequestContextFavicon:
|
| case WebURLRequest::RequestContextImage:
|
| case WebURLRequest::RequestContextVideo:
|
| - return ContextTypeOptionallyBlockable;
|
| + return ResourceRequest::ContextTypeOptionallyBlockable;
|
|
|
| // Plugins! Oh how dearly we love plugin-loaded content!
|
| case WebURLRequest::RequestContextPlugin: {
|
| Settings* settings = frame->settings();
|
| - return settings || settings->strictMixedContentCheckingForPlugin() ? ContextTypeBlockable : ContextTypeOptionallyBlockable;
|
| + return settings || settings->strictMixedContentCheckingForPlugin() ? ResourceRequest::ContextTypeBlockable : ResourceRequest::ContextTypeOptionallyBlockable;
|
| }
|
|
|
| // "Blockable" mixed content
|
| @@ -141,19 +142,19 @@ MixedContentChecker::ContextType MixedContentChecker::contextTypeFromContext(Web
|
| case WebURLRequest::RequestContextWorker:
|
| case WebURLRequest::RequestContextXMLHttpRequest:
|
| case WebURLRequest::RequestContextXSLT:
|
| - return ContextTypeBlockable;
|
| + return ResourceRequest::ContextTypeBlockable;
|
|
|
| // FIXME: Contexts that we should block, but don't currently. https://crbug.com/388650
|
| case WebURLRequest::RequestContextDownload:
|
| case WebURLRequest::RequestContextInternal:
|
| case WebURLRequest::RequestContextPrefetch:
|
| - return ContextTypeShouldBeBlockable;
|
| + return ResourceRequest::ContextTypeShouldBeBlockable;
|
|
|
| case WebURLRequest::RequestContextUnspecified:
|
| ASSERT_NOT_REACHED();
|
| }
|
| ASSERT_NOT_REACHED();
|
| - return ContextTypeBlockable;
|
| + return ResourceRequest::ContextTypeBlockable;
|
| }
|
|
|
| // static
|
| @@ -251,8 +252,8 @@ void MixedContentChecker::count(LocalFrame* frame, WebURLRequest::RequestContext
|
|
|
| // Roll blockable content up into a single counter, count unblocked types individually so we
|
| // can determine when they can be safely moved to the blockable category:
|
| - ContextType contextType = contextTypeFromContext(requestContext, frame);
|
| - if (contextType == ContextTypeBlockable) {
|
| + ResourceRequest::ContextType contextType = contextTypeFromContext(requestContext, frame);
|
| + if (contextType == ResourceRequest::ContextTypeBlockable) {
|
| UseCounter::count(frame, UseCounter::MixedContentBlockable);
|
| return;
|
| }
|
| @@ -292,7 +293,7 @@ void MixedContentChecker::count(LocalFrame* frame, WebURLRequest::RequestContext
|
| }
|
|
|
| // static
|
| -bool MixedContentChecker::shouldBlockFetch(LocalFrame* frame, WebURLRequest::RequestContext requestContext, WebURLRequest::FrameType frameType, const KURL& url, MixedContentChecker::ReportingStatus reportingStatus)
|
| +bool MixedContentChecker::shouldBlockFetch(LocalFrame* frame, ResourceRequest* request, WebURLRequest::RequestContext requestContext, WebURLRequest::FrameType frameType, const KURL& url, MixedContentChecker::ReportingStatus reportingStatus)
|
| {
|
| LocalFrame* mixedFrame = inWhichFrameIsContentMixed(frame, frameType, url);
|
| if (!mixedFrame)
|
| @@ -309,7 +310,7 @@ bool MixedContentChecker::shouldBlockFetch(LocalFrame* frame, WebURLRequest::Req
|
| // the client checks in order to prevent degrading the site's security UI.
|
| bool strictMode = mixedFrame->document()->shouldEnforceStrictMixedContentChecking() || settings->strictMixedContentChecking();
|
|
|
| - ContextType contextType = contextTypeFromContext(requestContext, mixedFrame);
|
| + ResourceRequest::ContextType contextType = contextTypeFromContext(requestContext, mixedFrame);
|
|
|
| // If we're loading the main resource of a subframe, we need to take a close look at the loaded URL.
|
| // If we're dealing with a CORS-enabled scheme, then block mixed frames as active content. Otherwise,
|
| @@ -318,16 +319,16 @@ bool MixedContentChecker::shouldBlockFetch(LocalFrame* frame, WebURLRequest::Req
|
| // FIXME: Remove this temporary hack once we have a reasonable API for launching external applications
|
| // via URLs. http://crbug.com/318788 and https://crbug.com/393481
|
| if (frameType == WebURLRequest::FrameTypeNested && !SchemeRegistry::shouldTreatURLSchemeAsCORSEnabled(url.protocol()))
|
| - contextType = ContextTypeOptionallyBlockable;
|
| + contextType = ResourceRequest::ContextTypeOptionallyBlockable;
|
|
|
| switch (contextType) {
|
| - case ContextTypeOptionallyBlockable:
|
| + case ResourceRequest::ContextTypeOptionallyBlockable:
|
| allowed = !strictMode && client->allowDisplayingInsecureContent(settings && settings->allowDisplayOfInsecureContent(), securityOrigin, url);
|
| if (allowed)
|
| client->didDisplayInsecureContent();
|
| break;
|
|
|
| - case ContextTypeBlockable: {
|
| + case ResourceRequest::ContextTypeBlockable: {
|
| bool shouldAskEmbedder = !strictMode && settings && (!settings->strictlyBlockBlockableMixedContent() || settings->allowRunningOfInsecureContent());
|
| allowed = shouldAskEmbedder && client->allowRunningInsecureContent(settings && settings->allowRunningOfInsecureContent(), securityOrigin, url);
|
| if (allowed) {
|
| @@ -337,13 +338,18 @@ bool MixedContentChecker::shouldBlockFetch(LocalFrame* frame, WebURLRequest::Req
|
| break;
|
| }
|
|
|
| - case ContextTypeShouldBeBlockable:
|
| + case ResourceRequest::ContextTypeShouldBeBlockable:
|
| allowed = !strictMode;
|
| if (allowed)
|
| client->didDisplayInsecureContent();
|
| break;
|
| };
|
|
|
| + if (request) {
|
| + request->setContextType(contextType);
|
| + request->setIsMixedContent(true);
|
| + }
|
| +
|
| if (reportingStatus == SendReport)
|
| logToConsoleAboutFetch(frame, url, requestContext, allowed);
|
| return !allowed;
|
|
|
Chromium Code Reviews
Issue 1299493003:
Attach mixed content status to resource requests when sent to devtools (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master