Implementing mixed content for forms posting to insecure location from secure ones

Source/core/loader/MixedContentChecker.cpp

Index: Source/core/loader/MixedContentChecker.cpp
diff --git a/Source/core/loader/MixedContentChecker.cpp b/Source/core/loader/MixedContentChecker.cpp
index af7f992b2390a1bb4410b2da8fdb9f542b94d2ea..99d6a78d1d71aee7c357f67ba0d6ef39b6c59909 100644
--- a/Source/core/loader/MixedContentChecker.cpp
+++ b/Source/core/loader/MixedContentChecker.cpp
@@ -58,14 +58,17 @@ bool MixedContentChecker::isMixedContent(SecurityOrigin* securityOrigin, const K
     return !SecurityOrigin::isSecure(url);
 }
 
-bool MixedContentChecker::canDisplayInsecureContent(SecurityOrigin* securityOrigin, const KURL& url) const
+bool MixedContentChecker::canDisplayInsecureContentInternal(SecurityOrigin* securityOrigin, const KURL& url, bool isForm) const
 {
     if (!isMixedContent(securityOrigin, url))
         return true;
 
     Settings* settings = m_frame->settings();
     bool allowed = client()->allowDisplayingInsecureContent(settings && settings->allowDisplayOfInsecureContent(), securityOrigin, url);
-    logWarning(allowed, "displayed", url);
+    if (!isForm)
+        logWarning(allowed, "displayed insecure content from", "loaded", url);
+    else
+        logWarning(allowed, "is submitting data to an insecure location at", "submitted", url);
 
     if (allowed)
         client()->didDisplayInsecureContent();
@@ -81,7 +84,7 @@ bool MixedContentChecker::canRunInsecureContentInternal(SecurityOrigin* security
     Settings* settings = m_frame->settings();
     bool allowedPerSettings = settings && (settings->allowRunningOfInsecureContent() || (isWebSocket && settings->allowConnectingInsecureWebSocket()));
     bool allowed = client()->allowRunningInsecureContent(allowedPerSettings, securityOrigin, url);
-    logWarning(allowed, "ran", url);
+    logWarning(allowed, "ran insecure content from", "loaded", url);
 
     if (allowed)
         client()->didRunInsecureContent(securityOrigin, url);
@@ -89,9 +92,9 @@ bool MixedContentChecker::canRunInsecureContentInternal(SecurityOrigin* security
     return allowed;
 }
 
-void MixedContentChecker::logWarning(bool allowed, const String& action, const KURL& target) const
+void MixedContentChecker::logWarning(bool allowed, const String& action1, const String& action2, const KURL& target) const

[Mike West, 2014/06/06 12:18:18]

I'd prefer that we drop both strings, and turn this into an enum with four
states (perhaps `{ EXECUTION, DISPLAY, CONNECTION, DISPLAY }`). That would also
allow us to fix the WebSockets message, which is bad.

If we had such an enum, I'd also like it to be passed through
can*InsecureContentInternal so that we can drop the boolean arguments. Boolean
arguments are practically meaningless at the callsite; Blink style generally
prefers enums for readability.

[mhm, 2014/06/06 19:11:59]

Done.

 {
-    String message = String(allowed ? "" : "[blocked] ") + "The page at '" + m_frame->document()->url().elidedString() + "' was loaded over HTTPS, but " + action + " insecure content from '" + target.elidedString() + "': this content should also be loaded over HTTPS.\n";
+    String message = String(allowed ? "" : "[blocked] ") + "The page at '" + m_frame->document()->url().elidedString() + "' was loaded over HTTPS, but " + action1 + " '" + target.elidedString() + "': this content should also be " + action2 + " over HTTPS.\n";
     MessageLevel messageLevel = allowed ? WarningMessageLevel : ErrorMessageLevel;
     m_frame->document()->addConsoleMessage(SecurityMessageSource, messageLevel, message);
 }