commit 7b70d593c20676a7b2656684416a1be1f50a167a
author lgarron <lgarron@chromium.org> Tue May 12 02:05:04 2015
committer Commit bot <commit-bot@chromium.org> Tue May 12 02:05:15 2015
tree 74533cd9c346b6724ea521976ffab63781c1d1f2
parent 0d4b2884a58526ee74fb9b060488cd6fc31c50f3

Switch //chrome functions to use SchemeIsCryptographic() instead of SchemeIsSecure().

palmer@ recently introduced SchemeIsCryptographic() and
IsOriginSecure(), which are meant to replace SchemeIsSecure().

IsOriginSecure() roughly means "do we trust this content not to be
tampered with before it reaches the user?" [1] This is a higher-level
definition that corresponds to the new "privileged contexts" spec. [2]

SchemeIsCryptographic() [3] is close to the old definition of
SchemeIsSecure(), and literally just checks if the scheme is a
cryptographic scheme (HTTPS or WSS as of right now). The difference is
that SchemeIsCryptographic() will not consider filesystem URLs secure.

[1] https://code.google.com/p/chromium/codesearch#chromium/src/content/public/common/origin_util.h&sq=package:chromium&type=cs&l=19&rcl=143099866
[2] https://www.chromium.org/Home/chromium-security/prefer-secure-origins-for-powerful-new-features and https://w3c.github.io/webappsec/specs/powerfulfeatures/
[3]  https://code.google.com/p/chromium/codesearch#chromium/src/url/gurl.h&sq=package:chromium&type=cs&l=250&rcl=1430998666

BUG=362214

Review URL: https://codereview.chromium.org/1131493004

Cr-Commit-Position: refs/heads/master@{#329313}