WIP: Move 'Upgrade-Insecure-Requests' to the browser process.

content/common/resource_request.h

Index: content/common/resource_request.h
diff --git a/content/common/resource_request.h b/content/common/resource_request.h
index 0f5651fadff17f0ce9650188809c70f0fa0950e0..9fd6e5362942dfc4d7337b37fc15a0fa1e5bcca8 100644
--- a/content/common/resource_request.h
+++ b/content/common/resource_request.h
@@ -19,6 +19,7 @@
 #include "content/public/common/request_context_type.h"
 #include "content/public/common/resource_type.h"
 #include "net/base/request_priority.h"
+#include "third_party/WebKit/public/platform/WebInsecureRequestPolicy.h"
 #include "third_party/WebKit/public/platform/WebPageVisibilityState.h"
 #include "third_party/WebKit/public/platform/WebReferrerPolicy.h"
 #include "ui/base/page_transition_types.h"
@@ -189,6 +190,11 @@ struct CONTENT_EXPORT ResourceRequest {
   // The response should be downloaded and stored in the network cache, but not
   // sent back to the renderer.
   bool download_to_network_cache_only = false;
+
+  // The insecure request policy of the context which triggered this request:
+  // https://w3c.github.io/webappsec-upgrade-insecure-requests/#insecure-requests-policy
+  blink::WebInsecureRequestPolicy insecure_request_policy =
+      blink::kLeaveInsecureRequestsAlone;
 };
 
 }  // namespace content