WIP: Move 'Upgrade-Insecure-Requests' to the browser process.

net/url_request/url_request_http_job.cc

Index: net/url_request/url_request_http_job.cc
diff --git a/net/url_request/url_request_http_job.cc b/net/url_request/url_request_http_job.cc
index 68e708f214642b01be15264d32f6b8ccb42b0d45..d51d21988936687b27d1eee4a890ea2de29b303f 100644
--- a/net/url_request/url_request_http_job.cc
+++ b/net/url_request/url_request_http_job.cc
@@ -1127,6 +1127,41 @@ std::unique_ptr<SourceStream> URLRequestHttpJob::SetUpSourceStream() {
   return upstream;
 }
 
+RedirectInfo URLRequestHttpJob::ComputeRedirectInfo(const GURL& location,

[estark, 2016/12/15 20:49:54]

Why is this logic in URLRequestHttpJob instead of URLRequestJob with the
referrer policy stuff?

+                                                    int http_status_code) {
+  // If |request|'s insecure request policy matches its URL, then upgrade it
+  // from a non-secure protocol to a secure protocol (e.g. "http" => "https").
+  // See https://www.w3.org/TR/upgrade-insecure-requests/ for details.
+  //
+  // TODO(mkwst): HSTS is currently modeled as a redirect, which makes sense,
+  // given the web-exposed behavior developers currently rely upon. At some
+  // point, however, https://wicg.github.io/hsts-priming/ will change that
+  // expectation. Once those changes are in place, it might make sense to
+  // merge the HSTS logic from 'MaybeInternallyRedirect' into this function.
+  if (request_->insecure_request_policy() ==
+          net::URLRequest::DO_NOT_UPGRADE_INSECURE_REQUESTS ||
+      location.SchemeIsCryptographic() ||
+      (request_->initiator() &&
+       request_->insecure_request_policy() ==
+           net::URLRequest::UPGRADE_SAME_HOST_INSECURE_REQUESTS &&
+       request_->initiator()->host() != location.host())) {

[mmenke, 2016/12/15 19:24:22]

->host() => ->host_piece()?  No need to create new strings here.

[mmenke, 2016/12/15 19:24:22]

I think this would be clearer with the unusual case first.  Checking for one of
a set of cases in generally clearer than checking that we're not in one of a set
of cases.

+    return URLRequestJob::ComputeRedirectInfo(location, http_status_code);
+  }
+
+  request_->net_log().AddEvent(
+      NetLogEventType::URL_REQUEST_REWRITTEN,
+      NetLog::StringCallback("reason", "Upgrade-Insecure-Requests"));
+
+  DCHECK(location.SchemeIs(url::kHttpScheme) ||
+         location.SchemeIs(url::kWsScheme));
+  GURL::Replacements replacements;
+  replacements.SetSchemeStr(location.SchemeIs(url::kHttpScheme)
+                                ? url::kHttpsScheme
+                                : url::kWssScheme);
+  return URLRequestJob::ComputeRedirectInfo(
+      location.ReplaceComponents(replacements), http_status_code);
+}
+
 bool URLRequestHttpJob::CopyFragmentOnRedirect(const GURL& location) const {
   // Allow modification of reference fragments by default, unless
   // |allowed_unsafe_redirect_url_| is set and equal to the redirect URL.