service worker: Don't control a subframe of an insecure context

third_party/WebKit/Source/platform/weborigin/SecurityOrigin.cpp

Index: third_party/WebKit/Source/platform/weborigin/SecurityOrigin.cpp
diff --git a/third_party/WebKit/Source/platform/weborigin/SecurityOrigin.cpp b/third_party/WebKit/Source/platform/weborigin/SecurityOrigin.cpp
index 84f740fc03ff7327967632e6f58fb297406c20b3..75ccae4168e61cf84ba79686b9a8fb9e9cea04aa 100644
--- a/third_party/WebKit/Source/platform/weborigin/SecurityOrigin.cpp
+++ b/third_party/WebKit/Source/platform/weborigin/SecurityOrigin.cpp
@@ -359,6 +359,15 @@ bool SecurityOrigin::isPotentiallyTrustworthy() const
     return false;
 }
 
+bool SecurityOrigin::isPotentiallyTrustworthy(String* errorMessage) const

[Tom Sepez, 2016/06/03 17:29:58]

Why do we need to add this?  Can't the caller use the existing version and then
call the public isPotentiallyTrustworthyErrorMessage() as needed?

[falken, 2016/06/06 06:38:13]

Done, removed. Yeah, we don't need it. I also removed the param from
Frame::canChildBeSecure so now only Document::isSecureContext is responsible for
populating the error message. I think the original idea was for the message to
be more detailed about the exact error, but it's currently always just
SecurityOrigin::isPotentiallyTrustworthyErrorMessage.

+{
+    if (isPotentiallyTrustworthy())
+        return true;
+    if (errorMessage)
+        *errorMessage = isPotentiallyTrustworthyErrorMessage();
+    return false;
+}
+
 // static
 String SecurityOrigin::isPotentiallyTrustworthyErrorMessage()
 {