Replicate WebInsecureRequestPolicy instead of a bool for strict mixed content checks.

third_party/WebKit/Source/web/WebRemoteFrameImpl.cpp

Index: third_party/WebKit/Source/web/WebRemoteFrameImpl.cpp
diff --git a/third_party/WebKit/Source/web/WebRemoteFrameImpl.cpp b/third_party/WebKit/Source/web/WebRemoteFrameImpl.cpp
index e9c08e2b9a8ebcc4dcb1174dfbee4b75c3e1f3fc..9e4b630214cf67fe66321f99d5fbdf262205ffff 100644
--- a/third_party/WebKit/Source/web/WebRemoteFrameImpl.cpp
+++ b/third_party/WebKit/Source/web/WebRemoteFrameImpl.cpp
@@ -658,12 +658,10 @@ void WebRemoteFrameImpl::resetReplicatedContentSecurityPolicy() const
     frame()->securityContext()->resetReplicatedContentSecurityPolicy();
 }
 
-void WebRemoteFrameImpl::setReplicatedShouldEnforceStrictMixedContentChecking(bool shouldEnforce) const
+void WebRemoteFrameImpl::setReplicatedInsecureRequestPolicy(WebInsecureRequestPolicy policy) const
 {
     DCHECK(frame());
-    WebInsecureRequestPolicy oldPolicy = frame()->securityContext()->getInsecureRequestPolicy();
-    WebInsecureRequestPolicy newPolicy = shouldEnforce ? oldPolicy | kBlockAllMixedContent : oldPolicy & ~kBlockAllMixedContent;
-    frame()->securityContext()->setInsecureRequestPolicy(newPolicy);
+    frame()->securityContext()->setInsecureRequestPolicy(policy);

[Yoav Weiss, 2016/06/07 14:13:14]

Is merging of both policies no longer required?

[Mike West, 2016/06/07 15:56:23]

The previous iteration didn't merge the policies; it overwrote the "block" bit
according to the boolean that was passed in. Since we're now replicating the
whole thing, we don't need to merge.

Note that there's no actual document here: this is populating the
RemoteSecurityContext that's sitting on the RemoteFrame. The actual values are
coming from a distinct process. There's nothing to merge with; the browser is
the canonical source.

 }
 
 void WebRemoteFrameImpl::setReplicatedPotentiallyTrustworthyUniqueOrigin(bool isUniqueOriginPotentiallyTrustworthy) const