CSP: Adding the 'upgrade-insecure-requests' directive.

Source/core/dom/SecurityContext.h

Index: Source/core/dom/SecurityContext.h
diff --git a/Source/core/dom/SecurityContext.h b/Source/core/dom/SecurityContext.h
index 41d8f3fe1651e1674d2361b0ebacd2857c96df77..b41b639217c574e6a499a36356eb2ca030815ce1 100644
--- a/Source/core/dom/SecurityContext.h
+++ b/Source/core/dom/SecurityContext.h
@@ -40,6 +40,13 @@ class KURL;
 
 class SecurityContext {
 public:
+    // The ordering here is important: 'upgrade' overrides 'monitor', which overrides 'ignore'.
+    enum InsecureContentPolicy {
+        InsecureContentIgnore = 0,

[Yoav Weiss, 2015/02/05 13:25:36]

Excuse the bikeshedding but is "ignore" the best name here? If we're not
upgrading, we're still blocking, right?

[Mike West, 2015/02/05 13:39:34]

No, it certainly isn't. InsecureContentDefault, maybe? Idunno.

[Yoav Weiss, 2015/02/05 13:49:13]

Yeah, "InsecureContentDefault" works for me

+        InsecureContentMonitor,
+        InsecureContentUpgrade
+    };
+
     SecurityOrigin* securityOrigin() const { return m_securityOrigin.get(); }
     ContentSecurityPolicy* contentSecurityPolicy() const { return m_contentSecurityPolicy.get(); }
 
@@ -58,6 +65,9 @@ public:
     void setHostedInReservedIPRange() { m_hostedInReservedIPRange = true; }
     bool isHostedInReservedIPRange() const { return m_hostedInReservedIPRange; }
 
+    void setInsecureContentPolicy(InsecureContentPolicy policy) { m_insecureContentPolicy = policy; }
+    InsecureContentPolicy insecureContentPolicy() const { return m_insecureContentPolicy; }
+
 protected:
     SecurityContext();
     virtual ~SecurityContext();
@@ -75,6 +85,7 @@ private:
     SandboxFlags m_sandboxFlags;
 
     bool m_hostedInReservedIPRange;
+    InsecureContentPolicy m_insecureContentPolicy;
 };
 
 } // namespace blink