WIP: Move 'Upgrade-Insecure-Requests' to the browser process.

net/url_request/url_request.cc

Index: net/url_request/url_request.cc
diff --git a/net/url_request/url_request.cc b/net/url_request/url_request.cc
index 75eb4220106fe424eb49df9492143b2558913953..cde62a24007838990f650da73944a84e97d5846c 100644
--- a/net/url_request/url_request.cc
+++ b/net/url_request/url_request.cc
@@ -469,6 +469,16 @@ void URLRequest::set_first_party_url_policy(
   first_party_url_policy_ = first_party_url_policy;
 }
 
+void URLRequest::set_insecure_request_policy(
+    InsecureRequestPolicy insecure_request_policy) {
+  DCHECK(!is_pending_);
+  DCHECK(insecure_request_policy == DO_NOT_UPGRADE_INSECURE_REQUESTS ||
+         url().SchemeIsCryptographic() ||

[mmenke, 2016/12/15 19:24:22]

We allow insecure_request_policy == UPGRADE_SAME_HOST_INSECURE_REQUESTS without
an initiator for cryptographic schemes?

Think this DCHECK needs a comment saying just what we're trying to do with it.

+         (insecure_request_policy == UPGRADE_SAME_HOST_INSECURE_REQUESTS &&
+          initiator() && initiator()->host() == url().host()));
+  insecure_request_policy_ = insecure_request_policy;
+}
+
 void URLRequest::set_initiator(const base::Optional<url::Origin>& initiator) {
   DCHECK(!is_pending_);
   DCHECK(!initiator.has_value() || initiator.value().unique() ||
@@ -565,6 +575,7 @@ URLRequest::URLRequest(const GURL& url,
       method_("GET"),
       referrer_policy_(CLEAR_REFERRER_ON_TRANSITION_FROM_SECURE_TO_INSECURE),
       first_party_url_policy_(NEVER_CHANGE_FIRST_PARTY_URL),
+      insecure_request_policy_(DO_NOT_UPGRADE_INSECURE_REQUESTS),
       load_flags_(LOAD_NORMAL),
       delegate_(delegate),
       status_(URLRequestStatus::FromError(OK)),