Add 'XHR' to the Resource::Type enum, and use it for XHR requests.

LayoutTests/http/tests/security/mixedContent/insecure-image-in-iframe-expected.txt

Index: LayoutTests/http/tests/security/mixedContent/insecure-image-in-iframe-expected.txt
diff --git a/LayoutTests/http/tests/security/mixedContent/insecure-image-in-iframe-expected.txt b/LayoutTests/http/tests/security/mixedContent/insecure-image-in-iframe-expected.txt
index bda7afeec96730fed06d27e90474033705fdac91..0ca2609729b4c326a8ff337ddd35422a2822e48c 100644
--- a/LayoutTests/http/tests/security/mixedContent/insecure-image-in-iframe-expected.txt
+++ b/LayoutTests/http/tests/security/mixedContent/insecure-image-in-iframe-expected.txt
@@ -1,3 +1,7 @@
+CONSOLE WARNING: line 1: The page at 'https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-image.html' was loaded over HTTPS, but displayed insecure content from 'http://127.0.0.1:8080/security/resources/compass.jpg': this content should also be loaded over HTTPS.
+
+CONSOLE WARNING: line 1: The page at 'https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-image.html' was loaded over HTTPS, but displayed insecure content from 'http://127.0.0.1:8080/security/resources/compass.jpg': this content should also be loaded over HTTPS.
+
 This test loads a secure iframe that loads an insecure image. We should *not* get a mixed content callback becase the main frame is HTTP and the image doesn't contaminate the child iframe's security origin with mixed content.