Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1467)

Unified Diff: content/browser/loader/resource_dispatcher_host_impl.cc

Issue 1914593002: Limit requests for which link headers can install service workers to secure contexts. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: add more tests Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: content/browser/loader/resource_dispatcher_host_impl.cc
diff --git a/content/browser/loader/resource_dispatcher_host_impl.cc b/content/browser/loader/resource_dispatcher_host_impl.cc
index 5987668ac2310da93ca3860ebfc31d2e070a077e..84b7596772304f17d1990dbda619467bf867b0f8 100644
--- a/content/browser/loader/resource_dispatcher_host_impl.cc
+++ b/content/browser/loader/resource_dispatcher_host_impl.cc
@@ -1544,7 +1544,7 @@ void ResourceDispatcherHostImpl::BeginRequest(
resource_context,
request_data.resource_type == RESOURCE_TYPE_MAIN_FRAME),
support_async_revalidation ? request_data.headers : std::string(),
- request_data.request_body);
+ request_data.request_body, request_data.initiated_in_secure_context);
// Request takes ownership.
extra_info->AssociateWithRequest(new_request.get());
@@ -1844,7 +1844,8 @@ ResourceRequestInfoImpl* ResourceDispatcherHostImpl::CreateRequestInfo(
true, // is_async
false, // is_using_lofi
std::string(), // original_headers
- nullptr); // body
+ nullptr, // body
+ false); // initiated_in_secure_context
}
void ResourceDispatcherHostImpl::OnRenderFrameDeleted(
@@ -2259,7 +2260,8 @@ void ResourceDispatcherHostImpl::BeginNavigationRequest(
// TODO(ricea): Make the feature work with stale-while-revalidate
// and clean this up.
std::string(), // original_headers
- info.common_params.post_data);
+ info.common_params.post_data,
+ false); // initiated_in_secure_context
kinuko 2016/06/23 14:42:27 when we're enabling plznavigate how will we handle
Marijn Kruisselbrink 2016/06/23 18:02:01 Added a TODO. At least it doesn't matter for the l
// Request takes ownership.
extra_info->AssociateWithRequest(new_request.get());

Powered by Google App Engine
This is Rietveld 408576698