content/browser/loader/resource_dispatcher_host_impl.cc - Issue 2053693002: WIP: Move 'Upgrade-Insecure-Requests' to the browser process.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: content/browser/loader/resource_dispatcher_host_impl.cc

Issue 2053693002: WIP: Move 'Upgrade-Insecure-Requests' to the browser process. Base URL: https://chromium.googlesource.com/chromium/src.git@replicate

Patch Set: Just redirects. Created 4 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: content/browser/loader/resource_dispatcher_host_impl.cc

diff --git a/content/browser/loader/resource_dispatcher_host_impl.cc b/content/browser/loader/resource_dispatcher_host_impl.cc

index e9253e595a21d1f12280603be819bcb609ea01ea..fb6e367d520261a35676c3281bdcd771b91a906a 100644

--- a/content/browser/loader/resource_dispatcher_host_impl.cc

+++ b/content/browser/loader/resource_dispatcher_host_impl.cc

@@ -118,6 +118,7 @@

#include "storage/browser/blob/shareable_file_reference.h"

#include "storage/browser/fileapi/file_permission_policy.h"

#include "storage/browser/fileapi/file_system_context.h"

+#include "third_party/WebKit/public/platform/WebInsecureRequestPolicy.h"

#include "url/third_party/mozilla/url_parse.h"

#include "url/url_constants.h"

@@ -1445,6 +1446,23 @@ void ResourceDispatcherHostImpl::ContinuePendingBeginRequest(

request_data.resource_type == RESOURCE_TYPE_MAIN_FRAME);

new_request->set_initiator(request_data.request_initiator);

+ if (request_data.insecure_request_policy & blink::kUpgradeInsecureRequests) {

+ // If the initiating context wishes to upgrade insecure requests, we

+ // blanket-upgrade everything that isn't a main-frame navigation. For

+ // main-frame navigations, we blanket-upgrade form submissions, and

+ // otherwise upgrade same-host navigations.

+ //

+ // https://w3c.github.io/webappsec-upgrade-insecure-requests/#upgrade-request

+ if (request_data.resource_type != RESOURCE_TYPE_MAIN_FRAME ||

+ request_data.fetch_request_context_type == REQUEST_CONTEXT_TYPE_FORM) {

+ new_request->set_insecure_request_policy(

+ net::URLRequest::UPGRADE_ALL_INSECURE_REQUESTS);

+ } else {

+ new_request->set_insecure_request_policy(

+ net::URLRequest::UPGRADE_SAME_HOST_INSECURE_REQUESTS);

+ }

if (request_data.originated_from_service_worker) {

new_request->SetUserData(URLRequestServiceWorkerData::kUserDataKey,

new URLRequestServiceWorkerData());

« no previous file with comments | « no previous file | content/child/web_url_loader_impl.cc » ('j') | net/url_request/url_request.cc » ('J')