| Index: third_party/WebKit/Source/core/html/HTMLFormElement.cpp
|
| diff --git a/third_party/WebKit/Source/core/html/HTMLFormElement.cpp b/third_party/WebKit/Source/core/html/HTMLFormElement.cpp
|
| index c5200edbf03c3b1794311ef801021aa8b1bee69d..5fb7ef492beac2dead4d4f49c5c25f083299f3e3 100644
|
| --- a/third_party/WebKit/Source/core/html/HTMLFormElement.cpp
|
| +++ b/third_party/WebKit/Source/core/html/HTMLFormElement.cpp
|
| @@ -489,12 +489,15 @@ void HTMLFormElement::parseAttribute(const QualifiedName& name, const AtomicStri
|
| {
|
| if (name == actionAttr) {
|
| m_attributes.parseAction(value);
|
| - // If the new action attribute is pointing to insecure "action" location from a secure page
|
| - // it is marked as "passive" mixed content.
|
| - KURL actionURL = document().completeURL(m_attributes.action().isEmpty() ? document().url().getString() : m_attributes.action());
|
| - if (MixedContentChecker::isMixedFormAction(document().frame(), actionURL))
|
| - UseCounter::count(document().frame(), UseCounter::MixedContentFormPresent);
|
| logUpdateAttributeIfIsolatedWorldAndInDocument("form", actionAttr, oldValue, value);
|
| +
|
| + if (document().getInsecureRequestsPolicy() != SecurityContext::InsecureRequestsUpgrade) {
|
| + // If we're not upgrading insecure requests, and the new action attribute is pointing to
|
| + // an insecure "action" location from a secure page it is marked as "passive" mixed content.
|
| + KURL actionURL = document().completeURL(m_attributes.action().isEmpty() ? document().url().getString() : m_attributes.action());
|
| + if (MixedContentChecker::isMixedFormAction(document().frame(), actionURL))
|
| + UseCounter::count(document().frame(), UseCounter::MixedContentFormPresent);
|
| + }
|
| } else if (name == targetAttr) {
|
| m_attributes.setTarget(value);
|
| } else if (name == methodAttr) {
|
|
|
Chromium Code Reviews
Issue 1964303003:
UPGRADE: Correctly handle navigations. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master