[webcrypto] Only allow crypto.subtle.* to be used from "secure origins".

Source/platform/weborigin/SecurityOrigin.h

Index: Source/platform/weborigin/SecurityOrigin.h
diff --git a/Source/platform/weborigin/SecurityOrigin.h b/Source/platform/weborigin/SecurityOrigin.h
index b43766449a1e9bd62f1a6648c8a8731bc0312ca3..9933aae003f76f89a74a92fa137ef886183dc653 100644
--- a/Source/platform/weborigin/SecurityOrigin.h
+++ b/Source/platform/weborigin/SecurityOrigin.h
@@ -113,6 +113,14 @@ public:
     // display content from the user's files system.
     bool canDisplay(const KURL&) const;
 
+    // A "secure origin" as defined by [1] are those that load resources either
+    // from the local machine (necessarily trusted) or over the network from a
+    // cryptographically-authenticated server.
+    //
+    // [1] http://www.chromium.org/Home/chromium-security/security-faq#TOC-Which-origins-are-secure-
+    //
+    bool canAccessFeatureRequiringSecureOrigin() const;
+
     // Returns true if this SecurityOrigin can load local resources, such
     // as images, iframes, and style sheets, and can link to local URLs.
     // For example, call this function before creating an iframe to a
@@ -131,7 +139,7 @@ public:
     //       with older versions of WebKit.
     void grantLoadLocalResources();
 
-    // Explicitly grant the ability to access very other SecurityOrigin.
+    // Explicitly grant the ability to access every other SecurityOrigin.
     //
     // WARNING: This is an extremely powerful ability. Use with caution!
     void grantUniversalAccess();