Make Document::isSecureContext() work for OOPIFs

third_party/WebKit/public/web/WebFrameClient.h

 /*
  * Copyright (C) 2011, 2012 Google Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are
  * met:
  *
  *     * Redistributions of source code must retain the above copyright
  * notice, this list of conditions and the following disclaimer.
  *     * Redistributions in binary form must reproduce the above
@@ skipping 163 matching lines @@
     // This frame is about to be closed. This is called after frameDetached,
     // when the document is being unloaded, due to new one committing.
     virtual void willClose(WebFrame*) { }
 
     // This frame's name has changed.
     virtual void didChangeName(const WebString& name, const WebString& uniqueName) { }
 
     // This frame has been set to enforce strict mixed content checking.
     virtual void didEnforceStrictMixedContentChecking() {}
 
+    // This frame has been navigated to a new |origin|, which is a unique origin that should be considered potentially trustworthy if |isPotentiallyTrustworthyUniqueOrigin| is true.

[alexmos, 2016/03/14 22:20:36]

"has been navigated" doesn't sound correct here, as there was no navigation,
just setting the sandbox flags.

And I'm also realizing that effective sandbox flags will be wrong in the browser
process for the <meta> use case...  which might be problematic as we're starting
to use those in some browser-side security checks.  Probably fine if we fix that
separately, since this CL is already long.

[estark, 2016/03/15 01:04:41]

Urgh. I think we should just kill the <meta> sandbox flags ASAP. (I can work on
it as soon as I finish this CL.) Changing origin, or sandbox flags for that
matter, without navigating just seems too weird.

+    virtual void didUpdateOrigin(const WebSecurityOrigin& origin, bool isPotentiallyTrustworthyUniqueOrigin) {}
+
     // The sandbox flags have changed for a child frame of this frame.
     virtual void didChangeSandboxFlags(WebFrame* childFrame, WebSandboxFlags flags) { }
 
     // Some frame owner properties have changed for a child frame of this frame.
     // Frame owner properties currently include: scrolling, marginwidth and
     // marginheight.
     virtual void didChangeFrameOwnerProperties(WebFrame* childFrame, const WebFrameOwnerProperties&) { }
 
     // Called when a watched CSS selector matches or stops matching.
     virtual void didMatchCSS(WebLocalFrame*, const WebVector<WebString>& newlyMatchingSelectors, const WebVector<WebString>& stoppedMatchingSelectors) { }
@@ skipping 505 matching lines @@
     // This method takes ownership of the callbacks pointer.
     virtual void checkIfAudioSinkExistsAndIsAuthorized(const WebString& sinkId, const WebSecurityOrigin&, WebSetSinkIdCallbacks*) { BLINK_ASSERT_NOT_REACHED(); }
 
 protected:
     virtual ~WebFrameClient() { }
 };
 
 } // namespace blink
 
 #endif