Index: Source/core/loader/MixedContentChecker.cpp |
diff --git a/Source/core/loader/MixedContentChecker.cpp b/Source/core/loader/MixedContentChecker.cpp |
index 449058f80cec9b82bb8e0a250f6ee313b3b95c8c..f3d6ce34e2ab9679811fe6ecb0a7730b061abd19 100644 |
--- a/Source/core/loader/MixedContentChecker.cpp |
+++ b/Source/core/loader/MixedContentChecker.cpp |
@@ -38,6 +38,7 @@ |
#include "core/loader/FrameLoader.h" |
#include "core/loader/FrameLoaderClient.h" |
#include "platform/RuntimeEnabledFeatures.h" |
+#include "platform/network/ResourceRequest.h" |
#include "platform/weborigin/SchemeRegistry.h" |
#include "platform/weborigin/SecurityOrigin.h" |
#include "public/platform/Platform.h" |
@@ -99,7 +100,7 @@ LocalFrame* MixedContentChecker::inWhichFrameIsContentMixed(LocalFrame* frame, W |
} |
// static |
-MixedContentChecker::ContextType MixedContentChecker::contextTypeFromContext(WebURLRequest::RequestContext context, LocalFrame* frame) |
+ResourceRequest::ContextType MixedContentChecker::contextTypeFromContext(WebURLRequest::RequestContext context, LocalFrame* frame) |
{ |
switch (context) { |
// "Optionally-blockable" mixed content |
@@ -107,12 +108,12 @@ MixedContentChecker::ContextType MixedContentChecker::contextTypeFromContext(Web |
case WebURLRequest::RequestContextFavicon: |
case WebURLRequest::RequestContextImage: |
case WebURLRequest::RequestContextVideo: |
- return ContextTypeOptionallyBlockable; |
+ return ResourceRequest::ContextTypeOptionallyBlockable; |
// Plugins! Oh how dearly we love plugin-loaded content! |
case WebURLRequest::RequestContextPlugin: { |
Settings* settings = frame->settings(); |
- return settings || settings->strictMixedContentCheckingForPlugin() ? ContextTypeBlockable : ContextTypeOptionallyBlockable; |
+ return settings || settings->strictMixedContentCheckingForPlugin() ? ResourceRequest::ContextTypeBlockable : ResourceRequest::ContextTypeOptionallyBlockable; |
} |
// "Blockable" mixed content |
@@ -141,19 +142,19 @@ MixedContentChecker::ContextType MixedContentChecker::contextTypeFromContext(Web |
case WebURLRequest::RequestContextWorker: |
case WebURLRequest::RequestContextXMLHttpRequest: |
case WebURLRequest::RequestContextXSLT: |
- return ContextTypeBlockable; |
+ return ResourceRequest::ContextTypeBlockable; |
// FIXME: Contexts that we should block, but don't currently. https://crbug.com/388650 |
case WebURLRequest::RequestContextDownload: |
case WebURLRequest::RequestContextInternal: |
case WebURLRequest::RequestContextPrefetch: |
- return ContextTypeShouldBeBlockable; |
+ return ResourceRequest::ContextTypeShouldBeBlockable; |
case WebURLRequest::RequestContextUnspecified: |
ASSERT_NOT_REACHED(); |
} |
ASSERT_NOT_REACHED(); |
- return ContextTypeBlockable; |
+ return ResourceRequest::ContextTypeBlockable; |
} |
// static |
@@ -251,8 +252,8 @@ void MixedContentChecker::count(LocalFrame* frame, WebURLRequest::RequestContext |
// Roll blockable content up into a single counter, count unblocked types individually so we |
// can determine when they can be safely moved to the blockable category: |
- ContextType contextType = contextTypeFromContext(requestContext, frame); |
- if (contextType == ContextTypeBlockable) { |
+ ResourceRequest::ContextType contextType = contextTypeFromContext(requestContext, frame); |
+ if (contextType == ResourceRequest::ContextTypeBlockable) { |
UseCounter::count(frame, UseCounter::MixedContentBlockable); |
return; |
} |
@@ -292,11 +293,14 @@ void MixedContentChecker::count(LocalFrame* frame, WebURLRequest::RequestContext |
} |
// static |
-bool MixedContentChecker::shouldBlockFetch(LocalFrame* frame, WebURLRequest::RequestContext requestContext, WebURLRequest::FrameType frameType, const KURL& url, MixedContentChecker::ReportingStatus reportingStatus) |
+bool MixedContentChecker::shouldBlockFetch(LocalFrame* frame, ResourceRequest* request, WebURLRequest::RequestContext requestContext, WebURLRequest::FrameType frameType, const KURL& url, MixedContentChecker::ReportingStatus reportingStatus) |
{ |
LocalFrame* mixedFrame = inWhichFrameIsContentMixed(frame, frameType, url); |
- if (!mixedFrame) |
+ if (!mixedFrame) { |
+ if (request) |
+ request->setContextType(ResourceRequest::ContextTypeNotMixedContent); |
pfeldman
2015/08/17 20:32:52
Sorry for not taking a look at it earlier. You sho
estark
2015/08/17 20:36:22
Mike preferred setting it here on the request. If
|
return false; |
+ } |
MixedContentChecker::count(mixedFrame, requestContext); |
@@ -309,7 +313,7 @@ bool MixedContentChecker::shouldBlockFetch(LocalFrame* frame, WebURLRequest::Req |
// the client checks in order to prevent degrading the site's security UI. |
bool strictMode = mixedFrame->document()->shouldEnforceStrictMixedContentChecking() || settings->strictMixedContentChecking(); |
- ContextType contextType = contextTypeFromContext(requestContext, mixedFrame); |
+ ResourceRequest::ContextType contextType = contextTypeFromContext(requestContext, mixedFrame); |
// If we're loading the main resource of a subframe, we need to take a close look at the loaded URL. |
// If we're dealing with a CORS-enabled scheme, then block mixed frames as active content. Otherwise, |
@@ -318,16 +322,16 @@ bool MixedContentChecker::shouldBlockFetch(LocalFrame* frame, WebURLRequest::Req |
// FIXME: Remove this temporary hack once we have a reasonable API for launching external applications |
// via URLs. http://crbug.com/318788 and https://crbug.com/393481 |
if (frameType == WebURLRequest::FrameTypeNested && !SchemeRegistry::shouldTreatURLSchemeAsCORSEnabled(url.protocol())) |
- contextType = ContextTypeOptionallyBlockable; |
+ contextType = ResourceRequest::ContextTypeOptionallyBlockable; |
switch (contextType) { |
- case ContextTypeOptionallyBlockable: |
+ case ResourceRequest::ContextTypeOptionallyBlockable: |
allowed = !strictMode && client->allowDisplayingInsecureContent(settings && settings->allowDisplayOfInsecureContent(), securityOrigin, url); |
if (allowed) |
client->didDisplayInsecureContent(); |
break; |
- case ContextTypeBlockable: { |
+ case ResourceRequest::ContextTypeBlockable: { |
bool shouldAskEmbedder = !strictMode && settings && (!settings->strictlyBlockBlockableMixedContent() || settings->allowRunningOfInsecureContent()); |
allowed = shouldAskEmbedder && client->allowRunningInsecureContent(settings && settings->allowRunningOfInsecureContent(), securityOrigin, url); |
if (allowed) { |
@@ -337,13 +341,19 @@ bool MixedContentChecker::shouldBlockFetch(LocalFrame* frame, WebURLRequest::Req |
break; |
} |
- case ContextTypeShouldBeBlockable: |
+ case ResourceRequest::ContextTypeShouldBeBlockable: |
allowed = !strictMode; |
if (allowed) |
client->didDisplayInsecureContent(); |
break; |
+ case ResourceRequest::ContextTypeNotMixedContent: |
+ ASSERT_NOT_REACHED(); |
+ break; |
}; |
+ if (request) |
+ request->setContextType(contextType); |
+ |
if (reportingStatus == SendReport) |
logToConsoleAboutFetch(frame, url, requestContext, allowed); |
return !allowed; |