Attach mixed content status to resource requests when sent to devtools

Source/core/loader/MixedContentChecker.cpp

Index: Source/core/loader/MixedContentChecker.cpp
diff --git a/Source/core/loader/MixedContentChecker.cpp b/Source/core/loader/MixedContentChecker.cpp
index 449058f80cec9b82bb8e0a250f6ee313b3b95c8c..f3d6ce34e2ab9679811fe6ecb0a7730b061abd19 100644
--- a/Source/core/loader/MixedContentChecker.cpp
+++ b/Source/core/loader/MixedContentChecker.cpp
@@ -38,6 +38,7 @@
 #include "core/loader/FrameLoader.h"
 #include "core/loader/FrameLoaderClient.h"
 #include "platform/RuntimeEnabledFeatures.h"
+#include "platform/network/ResourceRequest.h"
 #include "platform/weborigin/SchemeRegistry.h"
 #include "platform/weborigin/SecurityOrigin.h"
 #include "public/platform/Platform.h"
@@ -99,7 +100,7 @@ LocalFrame* MixedContentChecker::inWhichFrameIsContentMixed(LocalFrame* frame, W
 }
 
 // static
-MixedContentChecker::ContextType MixedContentChecker::contextTypeFromContext(WebURLRequest::RequestContext context, LocalFrame* frame)
+ResourceRequest::ContextType MixedContentChecker::contextTypeFromContext(WebURLRequest::RequestContext context, LocalFrame* frame)
 {
     switch (context) {
     // "Optionally-blockable" mixed content
@@ -107,12 +108,12 @@ MixedContentChecker::ContextType MixedContentChecker::contextTypeFromContext(Web
     case WebURLRequest::RequestContextFavicon:
     case WebURLRequest::RequestContextImage:
     case WebURLRequest::RequestContextVideo:
-        return ContextTypeOptionallyBlockable;
+        return ResourceRequest::ContextTypeOptionallyBlockable;
 
     // Plugins! Oh how dearly we love plugin-loaded content!
     case WebURLRequest::RequestContextPlugin: {
         Settings* settings = frame->settings();
-        return settings || settings->strictMixedContentCheckingForPlugin() ? ContextTypeBlockable : ContextTypeOptionallyBlockable;
+        return settings || settings->strictMixedContentCheckingForPlugin() ? ResourceRequest::ContextTypeBlockable : ResourceRequest::ContextTypeOptionallyBlockable;
     }
 
     // "Blockable" mixed content
@@ -141,19 +142,19 @@ MixedContentChecker::ContextType MixedContentChecker::contextTypeFromContext(Web
     case WebURLRequest::RequestContextWorker:
     case WebURLRequest::RequestContextXMLHttpRequest:
     case WebURLRequest::RequestContextXSLT:
-        return ContextTypeBlockable;
+        return ResourceRequest::ContextTypeBlockable;
 
     // FIXME: Contexts that we should block, but don't currently. https://crbug.com/388650
     case WebURLRequest::RequestContextDownload:
     case WebURLRequest::RequestContextInternal:
     case WebURLRequest::RequestContextPrefetch:
-        return ContextTypeShouldBeBlockable;
+        return ResourceRequest::ContextTypeShouldBeBlockable;
 
     case WebURLRequest::RequestContextUnspecified:
         ASSERT_NOT_REACHED();
     }
     ASSERT_NOT_REACHED();
-    return ContextTypeBlockable;
+    return ResourceRequest::ContextTypeBlockable;
 }
 
 // static
@@ -251,8 +252,8 @@ void MixedContentChecker::count(LocalFrame* frame, WebURLRequest::RequestContext
 
     // Roll blockable content up into a single counter, count unblocked types individually so we
     // can determine when they can be safely moved to the blockable category:
-    ContextType contextType = contextTypeFromContext(requestContext, frame);
-    if (contextType == ContextTypeBlockable) {
+    ResourceRequest::ContextType contextType = contextTypeFromContext(requestContext, frame);
+    if (contextType == ResourceRequest::ContextTypeBlockable) {
         UseCounter::count(frame, UseCounter::MixedContentBlockable);
         return;
     }
@@ -292,11 +293,14 @@ void MixedContentChecker::count(LocalFrame* frame, WebURLRequest::RequestContext
 }
 
 // static
-bool MixedContentChecker::shouldBlockFetch(LocalFrame* frame, WebURLRequest::RequestContext requestContext, WebURLRequest::FrameType frameType, const KURL& url, MixedContentChecker::ReportingStatus reportingStatus)
+bool MixedContentChecker::shouldBlockFetch(LocalFrame* frame, ResourceRequest* request, WebURLRequest::RequestContext requestContext, WebURLRequest::FrameType frameType, const KURL& url, MixedContentChecker::ReportingStatus reportingStatus)
 {
     LocalFrame* mixedFrame = inWhichFrameIsContentMixed(frame, frameType, url);
-    if (!mixedFrame)
+    if (!mixedFrame) {
+        if (request)
+            request->setContextType(ResourceRequest::ContextTypeNotMixedContent);

[pfeldman, 2015/08/17 20:32:52]

Sorry for not taking a look at it earlier. You should not plumb it as mutable
all the way to here to set this bit. Is returning enum an option?

[estark, 2015/08/17 20:36:22]

Mike preferred setting it here on the request. If we return an enum, it would
have to be returned not just from here but also from
FrameFetchContext::canRequest().

         return false;
+    }
 
     MixedContentChecker::count(mixedFrame, requestContext);
 
@@ -309,7 +313,7 @@ bool MixedContentChecker::shouldBlockFetch(LocalFrame* frame, WebURLRequest::Req
     // the client checks in order to prevent degrading the site's security UI.
     bool strictMode = mixedFrame->document()->shouldEnforceStrictMixedContentChecking() || settings->strictMixedContentChecking();
 
-    ContextType contextType = contextTypeFromContext(requestContext, mixedFrame);
+    ResourceRequest::ContextType contextType = contextTypeFromContext(requestContext, mixedFrame);
 
     // If we're loading the main resource of a subframe, we need to take a close look at the loaded URL.
     // If we're dealing with a CORS-enabled scheme, then block mixed frames as active content. Otherwise,
@@ -318,16 +322,16 @@ bool MixedContentChecker::shouldBlockFetch(LocalFrame* frame, WebURLRequest::Req
     // FIXME: Remove this temporary hack once we have a reasonable API for launching external applications
     // via URLs. http://crbug.com/318788 and https://crbug.com/393481
     if (frameType == WebURLRequest::FrameTypeNested && !SchemeRegistry::shouldTreatURLSchemeAsCORSEnabled(url.protocol()))
-        contextType = ContextTypeOptionallyBlockable;
+        contextType = ResourceRequest::ContextTypeOptionallyBlockable;
 
     switch (contextType) {
-    case ContextTypeOptionallyBlockable:
+    case ResourceRequest::ContextTypeOptionallyBlockable:
         allowed = !strictMode && client->allowDisplayingInsecureContent(settings && settings->allowDisplayOfInsecureContent(), securityOrigin, url);
         if (allowed)
             client->didDisplayInsecureContent();
         break;
 
-    case ContextTypeBlockable: {
+    case ResourceRequest::ContextTypeBlockable: {
         bool shouldAskEmbedder = !strictMode && settings && (!settings->strictlyBlockBlockableMixedContent() || settings->allowRunningOfInsecureContent());
         allowed = shouldAskEmbedder && client->allowRunningInsecureContent(settings && settings->allowRunningOfInsecureContent(), securityOrigin, url);
         if (allowed) {
@@ -337,13 +341,19 @@ bool MixedContentChecker::shouldBlockFetch(LocalFrame* frame, WebURLRequest::Req
         break;
     }
 
-    case ContextTypeShouldBeBlockable:
+    case ResourceRequest::ContextTypeShouldBeBlockable:
         allowed = !strictMode;
         if (allowed)
             client->didDisplayInsecureContent();
         break;
+    case ResourceRequest::ContextTypeNotMixedContent:
+        ASSERT_NOT_REACHED();
+        break;
     };
 
+    if (request)
+        request->setContextType(contextType);
+
     if (reportingStatus == SendReport)
         logToConsoleAboutFetch(frame, url, requestContext, allowed);
     return !allowed;