| Index: Source/core/loader/MixedContentChecker.cpp
|
| diff --git a/Source/core/loader/MixedContentChecker.cpp b/Source/core/loader/MixedContentChecker.cpp
|
| index af7f992b2390a1bb4410b2da8fdb9f542b94d2ea..99d6a78d1d71aee7c357f67ba0d6ef39b6c59909 100644
|
| --- a/Source/core/loader/MixedContentChecker.cpp
|
| +++ b/Source/core/loader/MixedContentChecker.cpp
|
| @@ -58,14 +58,17 @@ bool MixedContentChecker::isMixedContent(SecurityOrigin* securityOrigin, const K
|
| return !SecurityOrigin::isSecure(url);
|
| }
|
|
|
| -bool MixedContentChecker::canDisplayInsecureContent(SecurityOrigin* securityOrigin, const KURL& url) const
|
| +bool MixedContentChecker::canDisplayInsecureContentInternal(SecurityOrigin* securityOrigin, const KURL& url, bool isForm) const
|
| {
|
| if (!isMixedContent(securityOrigin, url))
|
| return true;
|
|
|
| Settings* settings = m_frame->settings();
|
| bool allowed = client()->allowDisplayingInsecureContent(settings && settings->allowDisplayOfInsecureContent(), securityOrigin, url);
|
| - logWarning(allowed, "displayed", url);
|
| + if (!isForm)
|
| + logWarning(allowed, "displayed insecure content from", "loaded", url);
|
| + else
|
| + logWarning(allowed, "is submitting data to an insecure location at", "submitted", url);
|
|
|
| if (allowed)
|
| client()->didDisplayInsecureContent();
|
| @@ -81,7 +84,7 @@ bool MixedContentChecker::canRunInsecureContentInternal(SecurityOrigin* security
|
| Settings* settings = m_frame->settings();
|
| bool allowedPerSettings = settings && (settings->allowRunningOfInsecureContent() || (isWebSocket && settings->allowConnectingInsecureWebSocket()));
|
| bool allowed = client()->allowRunningInsecureContent(allowedPerSettings, securityOrigin, url);
|
| - logWarning(allowed, "ran", url);
|
| + logWarning(allowed, "ran insecure content from", "loaded", url);
|
|
|
| if (allowed)
|
| client()->didRunInsecureContent(securityOrigin, url);
|
| @@ -89,9 +92,9 @@ bool MixedContentChecker::canRunInsecureContentInternal(SecurityOrigin* security
|
| return allowed;
|
| }
|
|
|
| -void MixedContentChecker::logWarning(bool allowed, const String& action, const KURL& target) const
|
| +void MixedContentChecker::logWarning(bool allowed, const String& action1, const String& action2, const KURL& target) const
|
| {
|
| - String message = String(allowed ? "" : "[blocked] ") + "The page at '" + m_frame->document()->url().elidedString() + "' was loaded over HTTPS, but " + action + " insecure content from '" + target.elidedString() + "': this content should also be loaded over HTTPS.\n";
|
| + String message = String(allowed ? "" : "[blocked] ") + "The page at '" + m_frame->document()->url().elidedString() + "' was loaded over HTTPS, but " + action1 + " '" + target.elidedString() + "': this content should also be " + action2 + " over HTTPS.\n";
|
| MessageLevel messageLevel = allowed ? WarningMessageLevel : ErrorMessageLevel;
|
| m_frame->document()->addConsoleMessage(SecurityMessageSource, messageLevel, message);
|
| }
|
|
|
Chromium Code Reviews
Issue 311033003:
Implementing mixed content for forms posting to insecure location from secure ones (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master