Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(379)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/loader/resource_dispatcher_host_impl.cc

Issue 2053693002: WIP: Move 'Upgrade-Insecure-Requests' to the browser process. Base URL: https://chromium.googlesource.com/chromium/src.git@replicate
Patch Set: DCHECK. Created 4 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | content/child/web_url_loader_impl.cc » ('j') | net/log/net_log_event_type_list.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // See http://dev.chromium.org/developers/design-documents/multi-process-resourc e-loading 5 // See http://dev.chromium.org/developers/design-documents/multi-process-resourc e-loading
6 6
7 #include "content/browser/loader/resource_dispatcher_host_impl.h" 7 #include "content/browser/loader/resource_dispatcher_host_impl.h"
8 8
9 #include <stddef.h> 9 #include <stddef.h>
10 10
(...skipping 100 matching lines...) Expand 10 before | Expand all | Expand 10 after
111 #include "net/url_request/url_request.h" 111 #include "net/url_request/url_request.h"
112 #include "net/url_request/url_request_context.h" 112 #include "net/url_request/url_request_context.h"
113 #include "net/url_request/url_request_job_factory.h" 113 #include "net/url_request/url_request_job_factory.h"
114 #include "ppapi/features/features.h" 114 #include "ppapi/features/features.h"
115 #include "storage/browser/blob/blob_data_handle.h" 115 #include "storage/browser/blob/blob_data_handle.h"
116 #include "storage/browser/blob/blob_storage_context.h" 116 #include "storage/browser/blob/blob_storage_context.h"
117 #include "storage/browser/blob/blob_url_request_job_factory.h" 117 #include "storage/browser/blob/blob_url_request_job_factory.h"
118 #include "storage/browser/blob/shareable_file_reference.h" 118 #include "storage/browser/blob/shareable_file_reference.h"
119 #include "storage/browser/fileapi/file_permission_policy.h" 119 #include "storage/browser/fileapi/file_permission_policy.h"
120 #include "storage/browser/fileapi/file_system_context.h" 120 #include "storage/browser/fileapi/file_system_context.h"
121 #include "third_party/WebKit/public/platform/WebInsecureRequestPolicy.h"
121 #include "url/third_party/mozilla/url_parse.h" 122 #include "url/third_party/mozilla/url_parse.h"
122 #include "url/url_constants.h" 123 #include "url/url_constants.h"
123 124
124 using base::Time; 125 using base::Time;
125 using base::TimeDelta; 126 using base::TimeDelta;
126 using base::TimeTicks; 127 using base::TimeTicks;
127 using storage::ShareableFileReference; 128 using storage::ShareableFileReference;
128 using SyncLoadResultCallback = 129 using SyncLoadResultCallback =
129 content::ResourceDispatcherHostImpl::SyncLoadResultCallback; 130 content::ResourceDispatcherHostImpl::SyncLoadResultCallback;
130 131
(...skipping 1307 matching lines...) Expand 10 before | Expand all | Expand 10 after
1438 new_request->set_first_party_for_cookies( 1439 new_request->set_first_party_for_cookies(
1439 request_data.first_party_for_cookies); 1440 request_data.first_party_for_cookies);
1440 1441
1441 // The initiator should normally be present, unless this is a navigation in a 1442 // The initiator should normally be present, unless this is a navigation in a
1442 // top-level frame. It may be null for some top-level navigations (eg: 1443 // top-level frame. It may be null for some top-level navigations (eg:
1443 // browser-initiated ones). 1444 // browser-initiated ones).
1444 DCHECK(request_data.request_initiator.has_value() || 1445 DCHECK(request_data.request_initiator.has_value() ||
1445 request_data.resource_type == RESOURCE_TYPE_MAIN_FRAME); 1446 request_data.resource_type == RESOURCE_TYPE_MAIN_FRAME);
1446 new_request->set_initiator(request_data.request_initiator); 1447 new_request->set_initiator(request_data.request_initiator);
1447 1448
1449 if (request_data.insecure_request_policy & blink::kUpgradeInsecureRequests) {
1450 // If the initiating context wishes to upgrade insecure requests, we
mmenke 2016/12/15 19:24:22 nit: Avoid "we" in comments. Often unclear what
1451 // blanket-upgrade everything that isn't a main-frame navigation. For
1452 // main-frame navigations, we blanket-upgrade form submissions, and
1453 // otherwise upgrade same-host navigations.
1454 //
1455 // https://w3c.github.io/webappsec-upgrade-insecure-requests/#upgrade-reques t
1456 if (request_data.resource_type != RESOURCE_TYPE_MAIN_FRAME ||
1457 request_data.fetch_request_context_type == REQUEST_CONTEXT_TYPE_FORM) {
1458 new_request->set_insecure_request_policy(
1459 net::URLRequest::UPGRADE_ALL_INSECURE_REQUESTS);
1460 } else {
1461 new_request->set_insecure_request_policy(
1462 net::URLRequest::UPGRADE_SAME_HOST_INSECURE_REQUESTS);
1463 }
1464 }
1465
1448 if (request_data.originated_from_service_worker) { 1466 if (request_data.originated_from_service_worker) {
1449 new_request->SetUserData(URLRequestServiceWorkerData::kUserDataKey, 1467 new_request->SetUserData(URLRequestServiceWorkerData::kUserDataKey,
1450 new URLRequestServiceWorkerData()); 1468 new URLRequestServiceWorkerData());
1451 } 1469 }
1452 1470
1453 // If the request is a MAIN_FRAME request, the first-party URL gets updated on 1471 // If the request is a MAIN_FRAME request, the first-party URL gets updated on
1454 // redirects. 1472 // redirects.
1455 if (request_data.resource_type == RESOURCE_TYPE_MAIN_FRAME) { 1473 if (request_data.resource_type == RESOURCE_TYPE_MAIN_FRAME) {
1456 new_request->set_first_party_url_policy( 1474 new_request->set_first_party_url_policy(
1457 net::URLRequest::UPDATE_FIRST_PARTY_URL_ON_REDIRECT); 1475 net::URLRequest::UPDATE_FIRST_PARTY_URL_ON_REDIRECT);
(...skipping 1373 matching lines...) Expand 10 before | Expand all | Expand 10 after
2831 &throttles); 2849 &throttles);
2832 if (!throttles.empty()) { 2850 if (!throttles.empty()) {
2833 handler.reset(new ThrottlingResourceHandler(std::move(handler), request, 2851 handler.reset(new ThrottlingResourceHandler(std::move(handler), request,
2834 std::move(throttles))); 2852 std::move(throttles)));
2835 } 2853 }
2836 } 2854 }
2837 return handler; 2855 return handler;
2838 } 2856 }
2839 2857
2840 } // namespace content 2858 } // namespace content
OLDNEW
« no previous file with comments | « no previous file | content/child/web_url_loader_impl.cc » ('j') | net/log/net_log_event_type_list.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698