Send URLs on non-zero prefix suggest requests also.

chrome/browser/autocomplete/search_provider.h

Index: chrome/browser/autocomplete/search_provider.h
diff --git a/chrome/browser/autocomplete/search_provider.h b/chrome/browser/autocomplete/search_provider.h
index 30e601cebd44da85b30f91022f326a4ec04b063d..80d6cfed7e22041d1bd928bfc67f381327876b43 100644
--- a/chrome/browser/autocomplete/search_provider.h
+++ b/chrome/browser/autocomplete/search_provider.h
@@ -109,6 +109,11 @@ class SearchProvider : public AutocompleteProvider,
     return field_trial_triggered_in_session_;
   }
 
+  // This URL may be sent with suggest requests; see comments on CanSendURL().
+  void set_current_page_url(const GURL& current_page_url) {
+    current_page_url_ = current_page_url;
+  }
+
  private:
   // TODO(hfung): Remove ZeroSuggestProvider as a friend class after
   // refactoring common code to a new base class.
@@ -518,6 +523,25 @@ class SearchProvider : public AutocompleteProvider,
   // Updates the value of |done_| from the internal state.
   void UpdateDone();
 
+  // Whether the URL can be sent in the suggest request.
+  // Don't allow if Chrome is in incognito, if suggest is disabled, if the user
+  // doesn't have unencrypted tab sync enabled, if Google is not the user's
+  // search provider, or the URL is a non-Google HTTPS page. We only want to
+  // send the current URL to the suggest provider if the user is willing to have
+  // this data sent. Because tab sync involves sending the same data, we
+  // currently use "tab sync is enabled and tab sync data is unencrypted" as a
+  // proxy for "the user is OK with sending this data".  We might someday want
+  // to change this to a standalone setting or part of some other explicit
+  // general opt-in. Non-Google HTTPS URLs are not sent because it may contain
+  // sensitive information.  Google HTTPS URLs (including Google search result
+  // pages) are ok because the HTTPS request was already sent to Google earlier.

[Peter Kasting, 2013/10/31 21:55:51]

Nit: How about making this comment a bulleted list:

  // Returns whether we can send the URL of the current page in any suggest
  // requests.  Doing this requires that all the following hold:
  // * The user is not in incognito mode.  Incognito disables suggest entirely.
  // * The current URL is HTTP, or HTTPS with the same domain as the suggest
  //   server.  Non-HTTP[S] URLs (e.g. FTP/file URLs) may contain sensitive
  //   information.  HTTPS URLs may also contain sensitive information, but if
  //   they're on the same domain as the suggest server, then the relevant
  //   entity could have already seen/logged this data.
  // * The suggest request is sent over HTTPS.  This avoids leaking the current
  //   page URL in world-readable network traffic.
  // * The user's suggest provider is Google.  We might want to allow other
  //   providers to see this data someday, but for now this has only been
  //   implemented for Google.  Also see next bullet.
  // * The user is OK in principle with sending URLs of current pages to their
  //   provider.  Today, there is no explicit setting that controls this, but if
  //   the user has tab sync enabled and tab sync is unencrypted, then they're
  //   already sending this data to Google for sync purposes.  Thus we use this
  //   setting as a proxy for "it's OK to send such data".  In the future,
  //   especially if we want to support suggest providers other than Google, we
  //   may change this to be a standalone setting or part of some explicit
  //   general opt-in.

[H Fung, 2013/11/01 19:16:50]

Done, thanks!  I added another bullet that the user needs suggest enabled in
their settings.

+  static bool CanSendURL(
+      const GURL& current_page_url,
+      const GURL& suggest_url,
+      const TemplateURL* template_url,
+      AutocompleteInput::PageClassification page_classification,
+      Profile* profile);
+
   // The amount of time to wait before sending a new suggest request after the
   // previous one.  Non-const because some unittests modify this value.
   static int kMinimumTimeBetweenSuggestQueriesMs;
@@ -587,6 +611,8 @@ class SearchProvider : public AutocompleteProvider,
   // they will not be inlined.
   bool prevent_search_history_inlining_;
 
+  GURL current_page_url_;
+
   DISALLOW_COPY_AND_ASSIGN(SearchProvider);
 };