Remove obsolete histogram values from SSL.InsecureContent

third_party/WebKit/Source/core/loader/MixedContentChecker.cpp

 /*
  * Copyright (C) 2012 Google Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  *
  * 1.  Redistributions of source code must retain the above copyright
  *     notice, this list of conditions and the following disclaimer.
  * 2.  Redistributions in binary form must reproduce the above copyright
@@ skipping 308 matching lines @@
     // If we're dealing with a CORS-enabled scheme, then block mixed frames as active content. Otherwise,
     // treat frames as passive content.
     //
     // FIXME: Remove this temporary hack once we have a reasonable API for launching external applications
     // via URLs. http://crbug.com/318788 and https://crbug.com/393481
     if (frameType == WebURLRequest::FrameTypeNested && !SchemeRegistry::shouldTreatURLSchemeAsCORSEnabled(url.protocol()))
         contextType = ContextTypeOptionallyBlockable;
 
     switch (contextType) {
     case ContextTypeOptionallyBlockable:
-        allowed = !strictMode && client->allowDisplayingInsecureContent(settings && settings->allowDisplayOfInsecureContent(), securityOrigin, url);
+        allowed = !strictMode && client->allowDisplayingInsecureContent(settings && settings->allowDisplayOfInsecureContent(), url);
         if (allowed)
             client->didDisplayInsecureContent();
         break;
 
     case ContextTypeBlockable: {
         // Strictly block subresources in subframes, unless all insecure
         // content is allowed.
         if (!settings->allowRunningOfInsecureContent() && requestIsSubframeSubresource(frame, frameType)) {
             UseCounter::count(mixedFrame, UseCounter::BlockableMixedContentInSubframeBlocked);
             allowed = false;
             break;
         }
 
         bool shouldAskEmbedder = !strictMode && settings && (!settings->strictlyBlockBlockableMixedContent() || settings->allowRunningOfInsecureContent());
         allowed = shouldAskEmbedder && client->allowRunningInsecureContent(settings && settings->allowRunningOfInsecureContent(), securityOrigin, url);

[Mike West, 2016/01/15 08:29:31]

What about the |securityOrigin| here? I thought these were passed in for the
same purpose.

[estark, 2016/01/15 18:42:32]

Unfortunately, this gets passed into DidBlockContentType(), which sends it as
the |details| argument to ChromeViewHostMsg_ContentBlocked, which records the
origin with Rappor. So I think this argument has to stay as long as we care
about those Rappor metrics.

         if (allowed) {
             client->didRunInsecureContent(securityOrigin, url);

[Mike West, 2016/01/15 08:29:30]

Ditto.

             UseCounter::count(mixedFrame, UseCounter::MixedContentBlockableAllowed);
         }
         break;
     }
 
     case ContextTypeShouldBeBlockable:
         allowed = !strictMode;
         if (allowed)
             client->didDisplayInsecureContent();
         break;
@@ skipping 131 matching lines @@
 
     // See comment in shouldBlockFetch() about loading the main resource of a subframe.
     if (request.frameType() == WebURLRequest::FrameTypeNested && !SchemeRegistry::shouldTreatURLSchemeAsCORSEnabled(request.url().protocol())) {
         return ContextTypeOptionallyBlockable;
     }
 
     return contextTypeFromContext(request.requestContext(), mixedFrame);
 }
 
 } // namespace blink