Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(44)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: third_party/WebKit/Source/core/html/HTMLFormElement.cpp

Issue 2040133003: Replace SecurityContext::InsecureRequestsPolicy with WebInsecureRequestPolicy. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@combine-uir-block
Patch Set: Ugh. Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicyTest.cpp ('k') | third_party/WebKit/Source/core/loader/FormSubmission.cpp » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: third_party/WebKit/Source/core/html/HTMLFormElement.cpp
diff --git a/third_party/WebKit/Source/core/html/HTMLFormElement.cpp b/third_party/WebKit/Source/core/html/HTMLFormElement.cpp
index 026dcf70376d21047671b710d42602102d488f97..caa42f4b1d87d71db4352dabf07720299a20dca9 100644
--- a/third_party/WebKit/Source/core/html/HTMLFormElement.cpp
+++ b/third_party/WebKit/Source/core/html/HTMLFormElement.cpp
@@ -52,6 +52,7 @@
#include "core/loader/MixedContentChecker.h"
#include "core/loader/NavigationScheduler.h"
#include "platform/UserGestureIndicator.h"
+#include "public/platform/WebInsecureRequestPolicy.h"
#include "wtf/text/AtomicString.h"
#include <limits>
@@ -449,13 +450,13 @@ void HTMLFormElement::parseAttribute(const QualifiedName& name, const AtomicStri
m_attributes.parseAction(value);
logUpdateAttributeIfIsolatedWorldAndInDocument("form", actionAttr, oldValue, value);
- if (document().getInsecureRequestsPolicy() != SecurityContext::InsecureRequestsUpgrade) {
- // If we're not upgrading insecure requests, and the new action attribute is pointing to
- // an insecure "action" location from a secure page it is marked as "passive" mixed content.
- KURL actionURL = document().completeURL(m_attributes.action().isEmpty() ? document().url().getString() : m_attributes.action());
- if (MixedContentChecker::isMixedFormAction(document().frame(), actionURL))
- UseCounter::count(document().frame(), UseCounter::MixedContentFormPresent);
- }
+ // If we're not upgrading insecure requests, and the new action attribute is pointing to
+ // an insecure "action" location from a secure page it is marked as "passive" mixed content.
+ if (document().getInsecureRequestPolicy() & kUpgradeInsecureRequests)
+ return;
+ KURL actionURL = document().completeURL(m_attributes.action().isEmpty() ? document().url().getString() : m_attributes.action());
+ if (MixedContentChecker::isMixedFormAction(document().frame(), actionURL))
+ UseCounter::count(document().frame(), UseCounter::MixedContentFormPresent);
} else if (name == targetAttr) {
m_attributes.setTarget(value);
} else if (name == methodAttr) {
« no previous file with comments | « third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicyTest.cpp ('k') | third_party/WebKit/Source/core/loader/FormSubmission.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698