Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(23)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/loader/resource_dispatcher_host_impl.cc

Issue 2053693002: WIP: Move 'Upgrade-Insecure-Requests' to the browser process. Base URL: https://chromium.googlesource.com/chromium/src.git@replicate
Patch Set: Rebase. :( Created 3 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | content/child/web_url_loader_impl.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // See http://dev.chromium.org/developers/design-documents/multi-process-resourc e-loading 5 // See http://dev.chromium.org/developers/design-documents/multi-process-resourc e-loading
6 6
7 #include "content/browser/loader/resource_dispatcher_host_impl.h" 7 #include "content/browser/loader/resource_dispatcher_host_impl.h"
8 8
9 #include <stddef.h> 9 #include <stddef.h>
10 10
(...skipping 101 matching lines...) Expand 10 before | Expand all | Expand 10 after
112 #include "net/url_request/url_request.h" 112 #include "net/url_request/url_request.h"
113 #include "net/url_request/url_request_context.h" 113 #include "net/url_request/url_request_context.h"
114 #include "net/url_request/url_request_job_factory.h" 114 #include "net/url_request/url_request_job_factory.h"
115 #include "ppapi/features/features.h" 115 #include "ppapi/features/features.h"
116 #include "storage/browser/blob/blob_data_handle.h" 116 #include "storage/browser/blob/blob_data_handle.h"
117 #include "storage/browser/blob/blob_storage_context.h" 117 #include "storage/browser/blob/blob_storage_context.h"
118 #include "storage/browser/blob/blob_url_request_job_factory.h" 118 #include "storage/browser/blob/blob_url_request_job_factory.h"
119 #include "storage/browser/blob/shareable_file_reference.h" 119 #include "storage/browser/blob/shareable_file_reference.h"
120 #include "storage/browser/fileapi/file_permission_policy.h" 120 #include "storage/browser/fileapi/file_permission_policy.h"
121 #include "storage/browser/fileapi/file_system_context.h" 121 #include "storage/browser/fileapi/file_system_context.h"
122 #include "third_party/WebKit/public/platform/WebInsecureRequestPolicy.h"
122 #include "url/third_party/mozilla/url_parse.h" 123 #include "url/third_party/mozilla/url_parse.h"
123 #include "url/url_constants.h" 124 #include "url/url_constants.h"
124 125
125 using base::Time; 126 using base::Time;
126 using base::TimeDelta; 127 using base::TimeDelta;
127 using base::TimeTicks; 128 using base::TimeTicks;
128 using storage::ShareableFileReference; 129 using storage::ShareableFileReference;
129 using SyncLoadResultCallback = 130 using SyncLoadResultCallback =
130 content::ResourceDispatcherHostImpl::SyncLoadResultCallback; 131 content::ResourceDispatcherHostImpl::SyncLoadResultCallback;
131 132
(...skipping 1262 matching lines...) Expand 10 before | Expand all | Expand 10 after
1394 new_request->set_first_party_for_cookies( 1395 new_request->set_first_party_for_cookies(
1395 request_data.first_party_for_cookies); 1396 request_data.first_party_for_cookies);
1396 1397
1397 // The initiator should normally be present, unless this is a navigation in a 1398 // The initiator should normally be present, unless this is a navigation in a
1398 // top-level frame. It may be null for some top-level navigations (eg: 1399 // top-level frame. It may be null for some top-level navigations (eg:
1399 // browser-initiated ones). 1400 // browser-initiated ones).
1400 DCHECK(request_data.request_initiator.has_value() || 1401 DCHECK(request_data.request_initiator.has_value() ||
1401 request_data.resource_type == RESOURCE_TYPE_MAIN_FRAME); 1402 request_data.resource_type == RESOURCE_TYPE_MAIN_FRAME);
1402 new_request->set_initiator(request_data.request_initiator); 1403 new_request->set_initiator(request_data.request_initiator);
1403 1404
1405 if (request_data.insecure_request_policy & blink::kUpgradeInsecureRequests) {
1406 // If the initiating context wishes to upgrade insecure requests, we
1407 // blanket-upgrade everything that isn't a main-frame navigation. For
1408 // main-frame navigations, we blanket-upgrade form submissions, and
1409 // otherwise upgrade same-host navigations.
1410 //
1411 // https://w3c.github.io/webappsec-upgrade-insecure-requests/#upgrade-reques t
1412 if (request_data.resource_type != RESOURCE_TYPE_MAIN_FRAME ||
1413 request_data.fetch_request_context_type == REQUEST_CONTEXT_TYPE_FORM) {
1414 new_request->set_insecure_request_policy(
1415 net::URLRequest::UPGRADE_ALL_INSECURE_REQUESTS);
1416 } else {
1417 new_request->set_insecure_request_policy(
1418 net::URLRequest::UPGRADE_SAME_HOST_INSECURE_REQUESTS);
1419 }
1420 }
1421
1404 if (request_data.originated_from_service_worker) { 1422 if (request_data.originated_from_service_worker) {
1405 new_request->SetUserData(URLRequestServiceWorkerData::kUserDataKey, 1423 new_request->SetUserData(URLRequestServiceWorkerData::kUserDataKey,
1406 new URLRequestServiceWorkerData()); 1424 new URLRequestServiceWorkerData());
1407 } 1425 }
1408 1426
1409 // If the request is a MAIN_FRAME request, the first-party URL gets updated on 1427 // If the request is a MAIN_FRAME request, the first-party URL gets updated on
1410 // redirects. 1428 // redirects.
1411 if (request_data.resource_type == RESOURCE_TYPE_MAIN_FRAME) { 1429 if (request_data.resource_type == RESOURCE_TYPE_MAIN_FRAME) {
1412 new_request->set_first_party_url_policy( 1430 new_request->set_first_party_url_policy(
1413 net::URLRequest::UPDATE_FIRST_PARTY_URL_ON_REDIRECT); 1431 net::URLRequest::UPDATE_FIRST_PARTY_URL_ON_REDIRECT);
(...skipping 1382 matching lines...) Expand 10 before | Expand all | Expand 10 after
2796 &throttles); 2814 &throttles);
2797 if (!throttles.empty()) { 2815 if (!throttles.empty()) {
2798 handler.reset(new ThrottlingResourceHandler(std::move(handler), request, 2816 handler.reset(new ThrottlingResourceHandler(std::move(handler), request,
2799 std::move(throttles))); 2817 std::move(throttles)));
2800 } 2818 }
2801 } 2819 }
2802 return handler; 2820 return handler;
2803 } 2821 }
2804 2822
2805 } // namespace content 2823 } // namespace content
OLDNEW
« no previous file with comments | « no previous file | content/child/web_url_loader_impl.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698