Make UseCounter take a LocaFrame instead of any Frame

third_party/WebKit/Source/core/loader/MixedContentChecker.cpp

 /*
  * Copyright (C) 2012 Google Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  *
  * 1.  Redistributions of source code must retain the above copyright
  *     notice, this list of conditions and the following disclaimer.
  * 2.  Redistributions in binary form must reproduce the above copyright
@@ skipping 123 matching lines @@
     case WebURLRequest::kRequestContextXSLT:
       return "XSLT";
   }
   NOTREACHED();
   return "resource";
 }
 
 }  // namespace
 
 static void MeasureStricterVersionOfIsMixedContent(Frame& frame,
-                                                   const KURL& url) {
+                                                   const KURL& url,
+                                                   const LocalFrame* source) {
   // We're currently only checking for mixed content in `https://*` contexts.
   // What about other "secure" contexts the SchemeRegistry knows about? We'll
   // use this method to measure the occurrence of non-webby mixed content to
   // make sure we're not breaking the world without realizing it.
   SecurityOrigin* origin = frame.GetSecurityContext()->GetSecurityOrigin();
   if (MixedContentChecker::IsMixedContent(origin, url)) {
     if (origin->Protocol() != "https") {
       UseCounter::Count(
-          &frame,
+          source,
           UseCounter::kMixedContentInNonHTTPSFrameThatRestrictsMixedContent);
     }
   } else if (!SecurityOrigin::IsSecure(url) &&
              SchemeRegistry::ShouldTreatURLSchemeAsSecure(origin->Protocol())) {
     UseCounter::Count(
-        &frame,
+        source,
         UseCounter::kMixedContentInSecureFrameThatDoesNotRestrictMixedContent);
   }
 }
 
 bool RequestIsSubframeSubresource(Frame* frame,
                                   WebURLRequest::FrameType frame_type) {
   return (frame && frame != frame->Tree().Top() &&
           frame_type != WebURLRequest::kFrameTypeNested);
 }
 
@@ skipping 18 matching lines @@
   if (is_allowed && url.ProtocolIs("http") &&
       NetworkUtils::IsLocalHostname(url.Host(), nullptr))
     is_allowed = false;
   return !is_allowed;
 }
 
 // static
 Frame* MixedContentChecker::InWhichFrameIsContentMixed(
     Frame* frame,
     WebURLRequest::FrameType frame_type,
-    const KURL& url) {
+    const KURL& url,
+    const LocalFrame* source) {
   // We only care about subresource loads; top-level navigations cannot be mixed
   // content. Neither can frameless requests.
   if (frame_type == WebURLRequest::kFrameTypeTopLevel || !frame)
     return nullptr;
 
   // Check the top frame first.
   Frame& top = frame->Tree().Top();
-  MeasureStricterVersionOfIsMixedContent(top, url);
+  MeasureStricterVersionOfIsMixedContent(top, url, source);
   if (IsMixedContent(top.GetSecurityContext()->GetSecurityOrigin(), url))
     return ⊤
 
-  MeasureStricterVersionOfIsMixedContent(*frame, url);
+  MeasureStricterVersionOfIsMixedContent(*frame, url, source);
   if (IsMixedContent(frame->GetSecurityContext()->GetSecurityOrigin(), url))
     return frame;
 
   // No mixed content, no problem.
   return nullptr;
 }
 
 // static
 void MixedContentChecker::LogToConsoleAboutFetch(
     LocalFrame* frame,
@@ skipping 17 matching lines @@
         ConsoleMessage::Create(kSecurityMessageSource, message_level, message,
                                std::move(source_location)));
   } else {
     frame->GetDocument()->AddConsoleMessage(
         ConsoleMessage::Create(kSecurityMessageSource, message_level, message));
   }
 }
 
 // static
 void MixedContentChecker::Count(Frame* frame,
-                                WebURLRequest::RequestContext request_context) {
-  UseCounter::Count(frame, UseCounter::kMixedContentPresent);
+                                WebURLRequest::RequestContext request_context,
+                                const LocalFrame* source) {
+  UseCounter::Count(source, UseCounter::kMixedContentPresent);
 
   // Roll blockable content up into a single counter, count unblocked types
   // individually so we can determine when they can be safely moved to the
   // blockable category:
   WebMixedContentContextType context_type =
       WebMixedContent::ContextTypeFromRequestContext(
           request_context,
           frame->GetSettings()->GetStrictMixedContentCheckingForPlugin());
   if (context_type == WebMixedContentContextType::kBlockable) {
-    UseCounter::Count(frame, UseCounter::kMixedContentBlockable);
+    UseCounter::Count(source, UseCounter::kMixedContentBlockable);
     return;
   }
 
   UseCounter::Feature feature;
   switch (request_context) {
     case WebURLRequest::kRequestContextAudio:
       feature = UseCounter::kMixedContentAudio;
       break;
     case WebURLRequest::kRequestContextDownload:
       feature = UseCounter::kMixedContentDownload;
@@ skipping 14 matching lines @@
       feature = UseCounter::kMixedContentPrefetch;
       break;
     case WebURLRequest::kRequestContextVideo:
       feature = UseCounter::kMixedContentVideo;
       break;
 
     default:
       NOTREACHED();
       return;
   }
-  UseCounter::Count(frame, feature);
+  UseCounter::Count(source, feature);
 }
 
 // static
 bool MixedContentChecker::ShouldBlockFetch(
     LocalFrame* frame,
     WebURLRequest::RequestContext request_context,
     WebURLRequest::FrameType frame_type,
     ResourceRequest::RedirectStatus redirect_status,
     const KURL& url,
     SecurityViolationReportingPolicy reporting_policy) {
   // Frame-level loads are checked by the browser if PlzNavigate is enabled. No
   // need to check them again here.
   if (frame->GetSettings()->GetBrowserSideNavigationEnabled() &&
       frame_type != WebURLRequest::kFrameTypeNone) {
     return false;
   }
 
   Frame* effective_frame = EffectiveFrameForFrameType(frame, frame_type);
   Frame* mixed_frame =
-      InWhichFrameIsContentMixed(effective_frame, frame_type, url);
+      InWhichFrameIsContentMixed(effective_frame, frame_type, url, frame);
   if (!mixed_frame)
     return false;
 
-  MixedContentChecker::Count(mixed_frame, request_context);
+  MixedContentChecker::Count(mixed_frame, request_context, frame);
   if (ContentSecurityPolicy* policy =
           frame->GetSecurityContext()->GetContentSecurityPolicy())
     policy->ReportMixedContent(url, redirect_status);
 
   Settings* settings = mixed_frame->GetSettings();
   // Use the current local frame's client; the embedder doesn't distinguish
   // mixed content signals from different frames on the same page.
   LocalFrameClient* client = frame->Loader().Client();
   ContentSettingsClient* content_settings_client =
       frame->GetContentSettingsClient();
@@ skipping 39 matching lines @@
       // subframes, unless all insecure content is allowed. This is to avoid the
       // following situation: https://a.com embeds https://b.com, which loads a
       // script over insecure HTTP. The user opts to allow the insecure content,
       // thinking that they are allowing an insecure script to run on
       // https://a.com and not realizing that they are in fact allowing an
       // insecure script on https://b.com.
       if (!settings->GetAllowRunningOfInsecureContent() &&
           RequestIsSubframeSubresource(effective_frame, frame_type) &&
           IsMixedContent(frame->GetSecurityContext()->GetSecurityOrigin(),
                          url)) {
-        UseCounter::Count(mixed_frame,
+        UseCounter::Count(frame,
                           UseCounter::kBlockableMixedContentInSubframeBlocked);
         allowed = false;
         break;
       }
 
       bool should_ask_embedder =
           !strict_mode && settings &&
           (!settings->GetStrictlyBlockBlockableMixedContent() ||
            settings->GetAllowRunningOfInsecureContent());
       allowed = should_ask_embedder &&
                 content_settings_client->AllowRunningInsecureContent(
                     settings && settings->GetAllowRunningOfInsecureContent(),
                     security_origin, url);
       if (allowed) {
         client->DidRunInsecureContent(security_origin, url);
-        UseCounter::Count(mixed_frame,
-                          UseCounter::kMixedContentBlockableAllowed);
+        UseCounter::Count(frame, UseCounter::kMixedContentBlockableAllowed);
       }
       break;
     }
 
     case WebMixedContentContextType::kShouldBeBlockable:
       allowed = !strict_mode;
       if (allowed)
         client->DidDisplayInsecureContent();
       break;
     case WebMixedContentContextType::kNotMixedContent:
@@ skipping 27 matching lines @@
       allowed ? kWarningMessageLevel : kErrorMessageLevel;
   frame->GetDocument()->AddConsoleMessage(
       ConsoleMessage::Create(kSecurityMessageSource, message_level, message));
 }
 
 // static
 bool MixedContentChecker::ShouldBlockWebSocket(
     LocalFrame* frame,
     const KURL& url,
     SecurityViolationReportingPolicy reporting_policy) {
-  Frame* mixed_frame =
-      InWhichFrameIsContentMixed(frame, WebURLRequest::kFrameTypeNone, url);
+  Frame* mixed_frame = InWhichFrameIsContentMixed(
+      frame, WebURLRequest::kFrameTypeNone, url, frame);
   if (!mixed_frame)
     return false;
 
-  UseCounter::Count(mixed_frame, UseCounter::kMixedContentPresent);
-  UseCounter::Count(mixed_frame, UseCounter::kMixedContentWebSocket);
+  UseCounter::Count(frame, UseCounter::kMixedContentPresent);
+  UseCounter::Count(frame, UseCounter::kMixedContentWebSocket);
   if (ContentSecurityPolicy* policy =
           frame->GetSecurityContext()->GetContentSecurityPolicy()) {
     policy->ReportMixedContent(url,
                                ResourceRequest::RedirectStatus::kNoRedirect);
   }
 
   Settings* settings = mixed_frame->GetSettings();
   // Use the current local frame's client; the embedder doesn't distinguish
   // mixed content signals from different frames on the same page.
   ContentSettingsClient* content_settings_client =
@@ skipping 31 matching lines @@
     LocalFrame* frame,
     const KURL& url,
     SecurityViolationReportingPolicy reporting_policy) {
   // For whatever reason, some folks handle forms via JavaScript, and submit to
   // `javascript:void(0)` rather than calling `preventDefault()`. We
   // special-case `javascript:` URLs here, as they don't introduce MixedContent
   // for form submissions.
   if (url.ProtocolIs("javascript"))
     return false;
 
-  Frame* mixed_frame =
-      InWhichFrameIsContentMixed(frame, WebURLRequest::kFrameTypeNone, url);
+  Frame* mixed_frame = InWhichFrameIsContentMixed(
+      frame, WebURLRequest::kFrameTypeNone, url, frame);
   if (!mixed_frame)
     return false;
 
-  UseCounter::Count(mixed_frame, UseCounter::kMixedContentPresent);
+  UseCounter::Count(frame, UseCounter::kMixedContentPresent);
 
   // Use the current local frame's client; the embedder doesn't distinguish
   // mixed content signals from different frames on the same page.
   frame->Loader().Client()->DidContainInsecureFormAction();
 
   if (reporting_policy == SecurityViolationReportingPolicy::kReport) {
     String message = String::Format(
         "Mixed Content: The page at '%s' was loaded over a secure connection, "
         "but contains a form which targets an insecure endpoint '%s'. This "
         "endpoint should be made available over a secure connection.",
@@ skipping 95 matching lines @@
   }
 }
 
 WebMixedContentContextType MixedContentChecker::ContextTypeForInspector(
     LocalFrame* frame,
     const ResourceRequest& request) {
   Frame* effective_frame =
       EffectiveFrameForFrameType(frame, request.GetFrameType());
 
   Frame* mixed_frame = InWhichFrameIsContentMixed(
-      effective_frame, request.GetFrameType(), request.Url());
+      effective_frame, request.GetFrameType(), request.Url(), frame);
   if (!mixed_frame)
     return WebMixedContentContextType::kNotMixedContent;
 
   // See comment in shouldBlockFetch() about loading the main resource of a
   // subframe.
   if (request.GetFrameType() == WebURLRequest::kFrameTypeNested &&
       !SchemeRegistry::ShouldTreatURLSchemeAsCORSEnabled(
           request.Url().Protocol())) {
     return WebMixedContentContextType::kOptionallyBlockable;
   }
 
   bool strict_mixed_content_checking_for_plugin =
       mixed_frame->GetSettings() &&
       mixed_frame->GetSettings()->GetStrictMixedContentCheckingForPlugin();
   return WebMixedContent::ContextTypeFromRequestContext(
       request.GetRequestContext(), strict_mixed_content_checking_for_plugin);
 }
 
 }  // namespace blink