Move PlzNavigate frame-src CSP check to NavigationRequest

content/browser/frame_host/navigation_request.h

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CONTENT_BROWSER_FRAME_HOST_NAVIGATION_REQUEST_H_
 #define CONTENT_BROWSER_FRAME_HOST_NAVIGATION_REQUEST_H_
 
 #include <memory>
 
 #include "base/callback_forward.h"
@@ skipping 156 matching lines @@
       RenderFrameHostImpl* render_frame_host);
 
   void set_on_start_checks_complete_closure_for_testing(
       const base::Closure& closure) {
     on_start_checks_complete_closure_ = closure;
   }
 
   int nav_entry_id() const { return nav_entry_id_; }
 
  private:
+  // This enum describes the result of a Content Security Policy (CSP) check for
+  // the request.
+  enum ContentSecurityPolicyCheckResult {
+    // The request should be allowed to continue. PASSED could mean that the
+    // request did not violate any CSP, or that it violated a report-only CSP.
+    CONTENT_SECURITY_POLICY_CHECK_PASSED,
+    // The request should be blocked because it violated an enforced CSP.
+    CONTENT_SECURITY_POLICY_CHECK_FAILED,
+  };
+
   NavigationRequest(FrameTreeNode* frame_tree_node,
                     const CommonNavigationParams& common_params,
                     const BeginNavigationParams& begin_params,
                     const RequestNavigationParams& request_params,
                     bool browser_initiated,
                     bool may_transfer,
                     const FrameNavigationEntry* frame_navigation_entry,
                     const NavigationEntryImpl* navitation_entry);
 
   // NavigationURLLoaderDelegate implementation.
@@ skipping 15 matching lines @@
   // NavigationHandle.
   void OnStartChecksComplete(NavigationThrottle::ThrottleCheckResult result);
   void OnRedirectChecksComplete(NavigationThrottle::ThrottleCheckResult result);
   void OnWillProcessResponseChecksComplete(
       NavigationThrottle::ThrottleCheckResult result);
 
   // Have a RenderFrameHost commit the navigation. The NavigationRequest will
   // be destroyed after this call.
   void CommitNavigation();
 
+  // Check whether a request should be allowed to continue or should be blocked
+  // because it violates a CSP. This method can have two side effects:
+  // - If a CSP is configured to send reports and the request violates the CSP,
+  //   a report will be sent.
+  // - The navigation request may be upgraded from HTTP to HTTPS if a CSP is
+  //   configured to upgrade insecure requests.
+  ContentSecurityPolicyCheckResult CheckContentSecurityPolicyFrameSrc(
+      bool is_redirect);
+
   FrameTreeNode* frame_tree_node_;
 
   // Initialized on creation of the NavigationRequest. Sent to the renderer when
   // the navigation is ready to commit.
   // Note: When the navigation is ready to commit, the url in |common_params|
   // will be set to the final navigation url, obtained after following all
   // redirects.
   // Note: |common_params_| and |begin_params_| are not const as they can be
   // modified during redirects.
   // Note: |request_params_| is not const because service_worker_provider_id
@@ skipping 43 matching lines @@
   mojo::ScopedDataPipeConsumerHandle handle_;
 
   base::Closure on_start_checks_complete_closure_;
 
   DISALLOW_COPY_AND_ASSIGN(NavigationRequest);
 };
 
 }  // namespace content
 
 #endif  // CONTENT_BROWSER_FRAME_HOST_NAVIGATION_REQUEST_H_