Created new URLRequestContext for secure proxy check

net/http/http_stream_factory_impl_job.cc

Index: net/http/http_stream_factory_impl_job.cc
diff --git a/net/http/http_stream_factory_impl_job.cc b/net/http/http_stream_factory_impl_job.cc
index f9f6e39883934a6fea57ac53b78702783f21fc26..b33f31e6d9635646dcf4bd5437eead77a2d821c7 100644
--- a/net/http/http_stream_factory_impl_job.cc
+++ b/net/http/http_stream_factory_impl_job.cc
@@ -707,19 +707,22 @@ int HttpStreamFactoryImpl::Job::DoResolveProxyComplete(int result) {
 bool HttpStreamFactoryImpl::Job::ShouldForceSpdySSL() const {
   bool rv = session_->params().force_spdy_always &&
       session_->params().force_spdy_over_ssl;
-  return rv && !session_->HasSpdyExclusion(origin_);
+  return rv && !session_->HasSpdyExclusion(origin_) &&
+         (request_info_.load_flags & LOAD_UNENCRYPTED_HTTP11) == 0;
 }
 
 bool HttpStreamFactoryImpl::Job::ShouldForceSpdyWithoutSSL() const {
   bool rv = session_->params().force_spdy_always &&
       !session_->params().force_spdy_over_ssl;
-  return rv && !session_->HasSpdyExclusion(origin_);
+  return rv && !session_->HasSpdyExclusion(origin_) &&
+         (request_info_.load_flags & LOAD_UNENCRYPTED_HTTP11) == 0;
 }
 
 bool HttpStreamFactoryImpl::Job::ShouldForceQuic() const {
   return session_->params().enable_quic &&
-    session_->params().origin_to_force_quic_on.Equals(origin_) &&
-    proxy_info_.is_direct();
+         session_->params().origin_to_force_quic_on.Equals(origin_) &&
+         proxy_info_.is_direct() &&
+         (request_info_.load_flags & LOAD_UNENCRYPTED_HTTP11) == 0;
 }
 
 int HttpStreamFactoryImpl::Job::DoWaitForJob() {
@@ -745,10 +748,17 @@ int HttpStreamFactoryImpl::Job::DoInitConnection() {
   DCHECK(proxy_info_.proxy_server().is_valid());
   next_state_ = STATE_INIT_CONNECTION_COMPLETE;
 
-  using_ssl_ = request_info_.url.SchemeIs("https") ||
-      request_info_.url.SchemeIs("wss") || ShouldForceSpdySSL();
+  using_ssl_ = (request_info_.load_flags & LOAD_UNENCRYPTED_HTTP11) == 0 &&

[sclittle, 2015/03/04 21:35:23]

What happens if the load flag is set for a https URL?

[tbansal1, 2015/03/06 19:57:40]

Done.

+               (request_info_.url.SchemeIs("https") ||
+                request_info_.url.SchemeIs("wss") || ShouldForceSpdySSL());

[Ryan Hamilton, 2015/03/05 01:43:57]

This definitely seems wrong. If HTTP11 is required for a secure origins (https
or wss) that should simply be an error.

[tbansal1, 2015/03/06 19:57:40]

Done.

   using_spdy_ = false;
 
+  base::WeakPtr<HttpServerProperties> http_server_properties =
+      session_->http_server_properties();
+  if (http_server_properties)
+    if ((request_info_.load_flags & LOAD_UNENCRYPTED_HTTP11) != 0)
+      http_server_properties->SetHTTP11Required(origin_);

[sclittle, 2015/03/04 21:35:23]

Won't this also force all future requests to this origin in the session to only
use HTTP/1.1?

[tbansal1, 2015/03/06 19:57:40]

Done.

+
   if (ShouldForceQuic())
     using_quic_ = true;
 
@@ -832,8 +842,6 @@ int HttpStreamFactoryImpl::Job::DoInitConnection() {
                   false /* not a proxy server */);
   }
 
-  base::WeakPtr<HttpServerProperties> http_server_properties =
-      session_->http_server_properties();
   if (http_server_properties) {
     http_server_properties->MaybeForceHTTP11(origin_, &server_ssl_config_);
     if (proxy_info_.is_http() || proxy_info_.is_https()) {