| Index: content/browser/frame_host/mixed_content_navigation_throttle.cc
|
| diff --git a/content/browser/frame_host/mixed_content_navigation_throttle.cc b/content/browser/frame_host/mixed_content_navigation_throttle.cc
|
| index a267d39e9084fcf3f86fb684029d14e06694e3de..a35ff370ebc4efbe118e709b01444c56ae196124 100644
|
| --- a/content/browser/frame_host/mixed_content_navigation_throttle.cc
|
| +++ b/content/browser/frame_host/mixed_content_navigation_throttle.cc
|
| @@ -24,9 +24,9 @@
|
| #include "url/url_constants.h"
|
| #include "url/url_util.h"
|
|
|
| -namespace {
|
| +namespace content {
|
|
|
| -using namespace content;
|
| +namespace {
|
|
|
| // Should return the same value as SchemeRegistry::shouldTreatURLSchemeAsSecure.
|
| bool IsSecureScheme(const std::string& scheme) {
|
| @@ -41,9 +41,9 @@ bool ShouldTreatURLSchemeAsCORSEnabled(const GURL& url) {
|
|
|
| // Should return the same value as SecurityOrigin::isSecure.
|
| // TODO(carlosk): secure origin checks don't match between content and Blink
|
| -// hence this implementation here instead of a direct call to IsOriginSecure (in
|
| -// origin_util.cc). See https://crbug.com/629059.
|
| -bool IsOriginSecure(const GURL& url) {
|
| +// hence this implementation here instead of a direct call to
|
| +// content::IsOriginSecure (in origin_util.cc). See https://crbug.com/629059.
|
| +bool IsSecureOriginForMixedContent(const GURL& url) {
|
| if (IsSecureScheme(url.scheme()))
|
| return true;
|
|
|
| @@ -62,9 +62,10 @@ bool IsOriginSecure(const GURL& url) {
|
| bool IsUrlPotentiallySecure(const GURL& url) {
|
| // blob: and filesystem: URLs never hit the network, and access is restricted
|
| // to same-origin contexts, so they are not blocked.
|
| - bool is_secure =
|
| - url.SchemeIs(url::kBlobScheme) || url.SchemeIs(url::kFileSystemScheme) ||
|
| - IsOriginSecure(url) || IsPotentiallyTrustworthyOrigin(url::Origin(url));
|
| + bool is_secure = url.SchemeIs(url::kBlobScheme) ||
|
| + url.SchemeIs(url::kFileSystemScheme) ||
|
| + IsSecureOriginForMixedContent(url) ||
|
| + IsPotentiallyTrustworthyOrigin(url::Origin(url));
|
|
|
| // TODO(mkwst): Remove this once the following draft is implemented:
|
| // https://tools.ietf.org/html/draft-west-let-localhost-be-localhost-03. See:
|
| @@ -107,8 +108,6 @@ void UpdateRendererOnMixedContentFound(NavigationHandleImpl* navigation_handle,
|
|
|
| } // namespace
|
|
|
| -namespace content {
|
| -
|
| // static
|
| std::unique_ptr<NavigationThrottle>
|
| MixedContentNavigationThrottle::CreateThrottleForNavigation(
|
| @@ -127,26 +126,27 @@ MixedContentNavigationThrottle::MixedContentNavigationThrottle(
|
|
|
| MixedContentNavigationThrottle::~MixedContentNavigationThrottle() {}
|
|
|
| -ThrottleCheckResult MixedContentNavigationThrottle::WillStartRequest() {
|
| +NavigationThrottle::ThrottleCheckResult
|
| +MixedContentNavigationThrottle::WillStartRequest() {
|
| bool should_block = ShouldBlockNavigation(false);
|
| - return should_block ? ThrottleCheckResult::CANCEL
|
| - : ThrottleCheckResult::PROCEED;
|
| + return should_block ? CANCEL : PROCEED;
|
| }
|
|
|
| -ThrottleCheckResult MixedContentNavigationThrottle::WillRedirectRequest() {
|
| +NavigationThrottle::ThrottleCheckResult
|
| +MixedContentNavigationThrottle::WillRedirectRequest() {
|
| // Upon redirects the same checks are to be executed as for requests.
|
| bool should_block = ShouldBlockNavigation(true);
|
| - return should_block ? ThrottleCheckResult::CANCEL
|
| - : ThrottleCheckResult::PROCEED;
|
| + return should_block ? CANCEL : PROCEED;
|
| }
|
|
|
| -ThrottleCheckResult MixedContentNavigationThrottle::WillProcessResponse() {
|
| +NavigationThrottle::ThrottleCheckResult
|
| +MixedContentNavigationThrottle::WillProcessResponse() {
|
| // TODO(carlosk): At this point we are about to process the request response.
|
| // So if we ever need to, here/now it is a good moment to check for the final
|
| // attained security level of the connection. For instance, does it use an
|
| // outdated protocol? The implementation should be based off
|
| // MixedContentChecker::handleCertificateError. See https://crbug.com/576270.
|
| - return ThrottleCheckResult::PROCEED;
|
| + return PROCEED;
|
| }
|
|
|
| const char* MixedContentNavigationThrottle::GetNameForLogging() {
|
| @@ -294,7 +294,7 @@ FrameTreeNode* MixedContentNavigationThrottle::InWhichFrameIsContentMixed(
|
| mixed_content_features_.insert(
|
| MIXED_CONTENT_IN_NON_HTTPS_FRAME_THAT_RESTRICTS_MIXED_CONTENT);
|
| }
|
| - } else if (!IsOriginSecure(url) &&
|
| + } else if (!IsSecureOriginForMixedContent(url) &&
|
| (IsSecureScheme(root->current_origin().scheme()) ||
|
| IsSecureScheme(parent->current_origin().scheme()))) {
|
| mixed_content_features_.insert(
|
|
|
Chromium Code Reviews
Issue 2867833002:
NavigationThrottle: allow customization of net::Error when blocking
