net/url_request/url_request.h - Issue 2053693002: WIP: Move 'Upgrade-Insecure-Requests' to the browser process.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/url_request/url_request.h

Issue 2053693002: WIP: Move 'Upgrade-Insecure-Requests' to the browser process. Base URL: https://chromium.googlesource.com/chromium/src.git@replicate

Patch Set: Created 4 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/url_request/url_request.h

diff --git a/net/url_request/url_request.h b/net/url_request/url_request.h

index eb94da89088b9c5a4a2360cbd2593a3b1b859086..14b5ca177233de289b1cd1e11db1ff9df4286fb1 100644

--- a/net/url_request/url_request.h

+++ b/net/url_request/url_request.h

@@ -118,6 +118,27 @@ class NET_EXPORT URLRequest : NON_EXPORTED_BASE(public base::NonThreadSafe),

UPDATE_FIRST_PARTY_URL_ON_REDIRECT,

};

+ // 'Upgrade-Insecure-Requests' gives developers the ability to force some

+ // requests to upgrade themselves to secure transport before hitting the

+ // network (along with any redirects they encounter along the way). The

+ // insecure request policy governs this behavior:

+ //

+ // * DO_NOT_UPGRADE_INSECURE_REQUESTS is the default behavior, which does

+ // not upgrade insecure request (hence the clever name).

+ //

+ // * UPGRADE_ALL_INSECURE_REQUESTS will upgrade any insecure request to

+ // secure transport.

+ //

+ // * UPGRADE_SAME_HOST_INSECURE_REQUESTS will upgrade any insecure request

+ // whose target's host matches the request's initiator's host.

+ //

+ // See https://w3c.github.io/webappsec-upgrade-insecure-requests/ for detail.

+ enum InsecureRequestPolicy {

+ DO_NOT_UPGRADE_INSECURE_REQUESTS,

+ UPGRADE_SAME_HOST_INSECURE_REQUESTS,

+ UPGRADE_ALL_INSECURE_REQUESTS

+ };

// The delegate's methods are called from the message loop of the thread

// on which the request's Start() method is called. See above for the

// ordering of callbacks.

@@ -307,6 +328,14 @@ class NET_EXPORT URLRequest : NON_EXPORTED_BASE(public base::NonThreadSafe),

// This method may only be called before Start().

void set_initiator(const url::Origin& initiator);

+ // The insecure request policy to apply to this request. The insecure request

+ // policy may only be changed before Start() is called.

+ InsecureRequestPolicy insecure_request_policy() const {

+ return insecure_request_policy_;

+ }

+ void set_insecure_request_policy(

+ InsecureRequestPolicy insecure_request_policy);

// The request method, as an uppercase string. "GET" is the default value.

// The request method may only be changed before Start() is called and

// should only be assigned an uppercase value.

@@ -777,6 +806,7 @@ class NET_EXPORT URLRequest : NON_EXPORTED_BASE(public base::NonThreadSafe),

ReferrerPolicy referrer_policy_;

std::string token_binding_referrer_;

FirstPartyURLPolicy first_party_url_policy_;

+ InsecureRequestPolicy insecure_request_policy_;

HttpRequestHeaders extra_request_headers_;

int load_flags_; // Flags indicating the request type for the load;

// expected values are LOAD_* enums above.

« content/browser/net/insecure_request_interceptor.cc ('K') | « content/content_tests.gypi ('k') | net/url_request/url_request.cc » ('j') | no next file with comments »