Upgrade insecure request: Drop the reporting functionality.

Source/core/frame/csp/CSPDirectiveList.cpp

Index: Source/core/frame/csp/CSPDirectiveList.cpp
diff --git a/Source/core/frame/csp/CSPDirectiveList.cpp b/Source/core/frame/csp/CSPDirectiveList.cpp
index cde021c47977c9a0ab434f2aa5085c8523b280ec..93e1e78af715a573aed95211696ae2fd5d6372ac 100644
--- a/Source/core/frame/csp/CSPDirectiveList.cpp
+++ b/Source/core/frame/csp/CSPDirectiveList.cpp
@@ -581,14 +581,17 @@ void CSPDirectiveList::enforceStrictMixedContentChecking(const String& name, con
 
 void CSPDirectiveList::enableInsecureContentUpgrade(const String& name, const String& value)
 {
+    if (m_reportOnly) {
+        m_policy->reportInvalidInReportOnly(name);
+        return;
+    }

[Yoav Weiss, 2015/03/05 12:06:14]

Why is report-only invalid here? 

     if (m_upgradeInsecureRequests) {
         m_policy->reportDuplicateDirective(name);
         return;
     }
     m_upgradeInsecureRequests = true;
-    // FIXME: Monitoring insecure content currently has no effect. We'll eventually wire it up
-    // to the CSP reporting mechanism if we go this route. https://crbug.com/455674
-    m_policy->setInsecureContentPolicy(m_reportOnly ? SecurityContext::InsecureContentMonitor : SecurityContext::InsecureContentUpgrade);
+
+    m_policy->setInsecureContentPolicy(SecurityContext::InsecureContentUpgrade);
     if (!value.isEmpty())
         m_policy->reportValueForEmptyDirective(name, value);
 }