Make Document::isSecureContext() work for OOPIFs

third_party/WebKit/public/web/WebFrameClient.h

Index: third_party/WebKit/public/web/WebFrameClient.h
diff --git a/third_party/WebKit/public/web/WebFrameClient.h b/third_party/WebKit/public/web/WebFrameClient.h
index e0578dc5fb4b828bc759731c50267e2ef041a896..964b240389dcf6802dc8f7f8e965af17a4b53a70 100644
--- a/third_party/WebKit/public/web/WebFrameClient.h
+++ b/third_party/WebKit/public/web/WebFrameClient.h
@@ -181,6 +181,9 @@ public:
     // This frame has been set to enforce strict mixed content checking.
     virtual void didEnforceStrictMixedContentChecking() {}
 
+    // This frame has been navigated to a new |origin|, which is a unique origin that should be considered potentially trustworthy if |isPotentiallyTrustworthyUniqueOrigin| is true.

[alexmos, 2016/03/14 22:20:36]

"has been navigated" doesn't sound correct here, as there was no navigation,
just setting the sandbox flags.

And I'm also realizing that effective sandbox flags will be wrong in the browser
process for the <meta> use case...  which might be problematic as we're starting
to use those in some browser-side security checks.  Probably fine if we fix that
separately, since this CL is already long.

[estark, 2016/03/15 01:04:41]

Urgh. I think we should just kill the <meta> sandbox flags ASAP. (I can work on
it as soon as I finish this CL.) Changing origin, or sandbox flags for that
matter, without navigating just seems too weird.

+    virtual void didUpdateOrigin(const WebSecurityOrigin& origin, bool isPotentiallyTrustworthyUniqueOrigin) {}
+
     // The sandbox flags have changed for a child frame of this frame.
     virtual void didChangeSandboxFlags(WebFrame* childFrame, WebSandboxFlags flags) { }