Budget API calls should only succeed on secure origins

chrome/browser/budget_service/budget_manager_unittest.cc

Index: chrome/browser/budget_service/budget_manager_unittest.cc
diff --git a/chrome/browser/budget_service/budget_manager_unittest.cc b/chrome/browser/budget_service/budget_manager_unittest.cc
index f6826beb14478b53d69bdabe7d463ae0ae17e784..401966c6d503b3371e653af728a5cecf695534e4 100644
--- a/chrome/browser/budget_service/budget_manager_unittest.cc
+++ b/chrome/browser/budget_service/budget_manager_unittest.cc
@@ -37,11 +37,12 @@ class BudgetManagerTest : public testing::Test {
 
   void SetSiteEngagementScore(double score) {
     SiteEngagementService* service = SiteEngagementService::Get(&profile_);
-    service->ResetScoreForURL(GURL(kTestOrigin), score);
+    service->ResetScoreForURL(GURL(origin().Serialize()), score);
   }
 
   Profile* profile() { return &profile_; }
   const url::Origin origin() const { return origin_; }
+  void SetOrigin(const url::Origin& origin) { origin_ = origin; }
 
   void ReserveCallback(base::Closure run_loop_closure,
                        blink::mojom::BudgetServiceErrorType error,
@@ -81,7 +82,7 @@ class BudgetManagerTest : public testing::Test {
  private:
   content::TestBrowserThreadBundle thread_bundle_;
   TestingProfile profile_;
-  const url::Origin origin_;
+  url::Origin origin_;
 };
 
 TEST_F(BudgetManagerTest, GetBudgetConsumedOverTime) {
@@ -107,3 +108,14 @@ TEST_F(BudgetManagerTest, GetBudgetConsumedOverTime) {
   // available.
   ASSERT_FALSE(ConsumeBudget(type));
 }
+
+TEST_F(BudgetManagerTest, TestInsecureOrigins) {
+  const blink::mojom::BudgetOperationType type =
+      blink::mojom::BudgetOperationType::SILENT_PUSH;
+  SetOrigin(url::Origin(GURL("http://example.com")));
+  SetSiteEngagementScore(kTestSES);
+
+  // Methods on the BudgetManager should only be allowed for secure origins.
+  ASSERT_FALSE(ReserveBudget(type));
+  ASSERT_FALSE(ConsumeBudget(type));
+}