Index: third_party/WebKit/Source/core/loader/MixedContentChecker.h |
diff --git a/third_party/WebKit/Source/core/loader/MixedContentChecker.h b/third_party/WebKit/Source/core/loader/MixedContentChecker.h |
index b1100e79ab882ec943879713013455ee27fcc21d..adb23c76bee46fb2e7aace51562e4cc45f1a4eb6 100644 |
--- a/third_party/WebKit/Source/core/loader/MixedContentChecker.h |
+++ b/third_party/WebKit/Source/core/loader/MixedContentChecker.h |
@@ -35,18 +35,24 @@ |
#include "core/CoreExport.h" |
#include "platform/heap/Handle.h" |
#include "platform/network/ResourceRequest.h" |
-#include "public/platform/WebMixedContent.h" |
#include "public/platform/WebURLRequest.h" |
#include "wtf/text/WTFString.h" |
namespace blink { |
+enum class WebMixedContentContextType; |
class Frame; |
class LocalFrame; |
class KURL; |
class ResourceResponse; |
class SecurityOrigin; |
+// Checks all sub-resource loads for mixed-content. Frame-level loads are |
+// checked at the browser by MixedContentNavigationThrottle. Changes to this |
+// class might need to be reflected on its browser counterpart. |
+// |
+// Current mixed content draft that drives this implementation: |
+// https://w3c.github.io/webappsec-mixed-content/ |
class CORE_EXPORT MixedContentChecker final { |
WTF_MAKE_NONCOPYABLE(MixedContentChecker); |
DISALLOW_NEW(); |
@@ -80,7 +86,7 @@ class CORE_EXPORT MixedContentChecker final { |
static void checkMixedPrivatePublic(LocalFrame*, |
const AtomicString& resourceIPAddress); |
- static WebMixedContent::ContextType contextTypeForInspector( |
+ static WebMixedContentContextType contextTypeForInspector( |
LocalFrame*, |
const ResourceRequest&); |
@@ -94,6 +100,15 @@ class CORE_EXPORT MixedContentChecker final { |
WebURLRequest::FrameType, |
WebURLRequest::RequestContext); |
+ // Log to the frame console about found mixed content and report it to the CSP |
+ // policy. |
+ static void mixedContentFoundByTheBrowser(LocalFrame*, |
+ const KURL& mainResourceUrl, |
+ const KURL& mixedContentUrl, |
+ WebURLRequest::RequestContext, |
+ bool wasAllowed, |
+ bool hadRedirect); |
+ |
private: |
FRIEND_TEST_ALL_PREFIXES(MixedContentCheckerTest, HandleCertificateError); |