PlzNavigate: Move navigation-level mixed content checks to the browser.

content/browser/frame_host/render_frame_host_delegate.cc

Index: content/browser/frame_host/render_frame_host_delegate.cc
diff --git a/content/browser/frame_host/render_frame_host_delegate.cc b/content/browser/frame_host/render_frame_host_delegate.cc
index 7410d178fa401ceba7e9c696637ae866a738cf68..3f825a05cc1da243ccec20a21c0b651c050bee99 100644
--- a/content/browser/frame_host/render_frame_host_delegate.cc
+++ b/content/browser/frame_host/render_frame_host_delegate.cc
@@ -93,4 +93,12 @@ RenderFrameHostDelegate::CreateWebUIForRenderFrameHost(const GURL& url) {
   return nullptr;
 }
 
+bool RenderFrameHostDelegate::ShouldAllowRunningInsecureContent(
+    bool allowed_per_settings,
+    const url::Origin& origin,
+    const GURL& resource_url,
+    WebContents* web_contents) {
+  return false;

[jam, 2017/01/12 01:39:00]

nit: why not return allowed_per_settings?

[carlosk, 2017/01/12 17:44:02]

My reasoning was:
B) These methods were not required from them before anyway, so there's no
current users (beyond the "right" one).
A) For the 2 existing sub-classes of RenderFrameHostDelegate beyond
WebContentsImpl, calling any mixed content method on them looks like an error.

I even considered using NOTREACHED. IIUC these are default implemented only to
avoid the need for subclasses to create an empty override and not because they
are expected to be called.

WDYT?

[jam, 2017/01/12 18:24:07]

seems fair, we better not have this error in our interstitials :)

+}
+
 }  // namespace content