WIP: Move 'Upgrade-Insecure-Requests' to the browser process.

third_party/WebKit/Source/platform/network/ResourceRequest.cpp

 /*
  * Copyright (C) 2003, 2006 Apple Computer, Inc.  All rights reserved.
  * Copyright (C) 2009, 2012 Google Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
@@ skipping 69 matching lines @@
   setFrameType(data->m_frameType);
   setFetchRequestMode(data->m_fetchRequestMode);
   setFetchCredentialsMode(data->m_fetchCredentialsMode);
   setFetchRedirectMode(data->m_fetchRedirectMode);
   setLoFiState(data->m_loFiState);
   m_referrerPolicy = data->m_referrerPolicy;
   m_didSetHTTPReferrer = data->m_didSetHTTPReferrer;
   m_checkForBrowserSideNavigation = data->m_checkForBrowserSideNavigation;
   m_uiStartTime = data->m_uiStartTime;
   m_isExternalRequest = data->m_isExternalRequest;
+  m_insecureRequestPolicy = data->m_insecureRequestPolicy;
   m_inputPerfMetricReportPolicy = data->m_inputPerfMetricReportPolicy;
   m_redirectStatus = data->m_redirectStatus;
 }
 
 ResourceRequest::ResourceRequest(const ResourceRequest&) = default;
 
 ResourceRequest& ResourceRequest::operator=(const ResourceRequest&) = default;
 
 std::unique_ptr<CrossThreadResourceRequestData> ResourceRequest::copyData()
     const {
@@ skipping 28 matching lines @@
   data->m_frameType = m_frameType;
   data->m_fetchRequestMode = m_fetchRequestMode;
   data->m_fetchCredentialsMode = m_fetchCredentialsMode;
   data->m_fetchRedirectMode = m_fetchRedirectMode;
   data->m_loFiState = m_loFiState;
   data->m_referrerPolicy = m_referrerPolicy;
   data->m_didSetHTTPReferrer = m_didSetHTTPReferrer;
   data->m_checkForBrowserSideNavigation = m_checkForBrowserSideNavigation;
   data->m_uiStartTime = m_uiStartTime;
   data->m_isExternalRequest = m_isExternalRequest;
+  data->m_insecureRequestPolicy = m_insecureRequestPolicy;
   data->m_inputPerfMetricReportPolicy = m_inputPerfMetricReportPolicy;
   data->m_redirectStatus = m_redirectStatus;
   return data;
 }
 
 bool ResourceRequest::isEmpty() const {
   return m_url.isEmpty();
 }
 
 bool ResourceRequest::isNull() const {
@@ skipping 251 matching lines @@
   m_frameType = WebURLRequest::FrameTypeNone;
   m_fetchRequestMode = WebURLRequest::FetchRequestModeNoCORS;
   m_fetchCredentialsMode = WebURLRequest::FetchCredentialsModeInclude;
   m_fetchRedirectMode = WebURLRequest::FetchRedirectModeFollow;
   m_referrerPolicy = ReferrerPolicyDefault;
   m_loFiState = WebURLRequest::LoFiUnspecified;
   m_didSetHTTPReferrer = false;
   m_checkForBrowserSideNavigation = true;
   m_uiStartTime = 0;
   m_isExternalRequest = false;
+  m_insecureRequestPolicy = kLeaveInsecureRequestsAlone;
   m_inputPerfMetricReportPolicy = InputToLoadPerfMetricReportPolicy::NoReport;
   m_redirectStatus = RedirectStatus::NoRedirect;
   m_requestorOrigin = SecurityOrigin::createUnique();
 }
 
 bool ResourceRequest::needsHTTPOrigin() const {
   if (!httpOrigin().isEmpty())
     return false;  // Request already has an Origin header.
 
   // Don't send an Origin header for GET or HEAD to avoid privacy issues.
   // For example, if an intranet page has a hyperlink to an external web
   // site, we don't want to include the Origin of the request because it
   // will leak the internal host name. Similar privacy concerns have lead
   // to the widespread suppression of the Referer header at the network
   // layer.
   if (httpMethod() == HTTPNames::GET || httpMethod() == HTTPNames::HEAD)
     return false;
 
   // For non-GET and non-HEAD methods, always send an Origin header so the
   // server knows we support this feature.
   return true;
 }
 
 }  // namespace blink