Add upgrade-insecure-requests in FetchClientSettingsObject

This CL adds the following methods that are used in
upgrade-insecure-requests processing to FetchClientSettingsObject,
and use them in FrameLoader::UpgradeInsecureRequest():

- GetInsecureRequestsPolicy()
- GetUpgradeInsecureNavigationsSet()
- GetMixedAutoUpgradeOptOut()

Before this CL, upgrade-insecure-requests works based on
ExecutionContext's SecurityContext, and thus uses the
insideSettings' CSP list during off-the-main-thread
worker script fetch.

After this CL, upgrade-insecure-requests works via
FetchClientSettingsObject and thus uses the
outside settings object's CSP list correctly
in off-the-main-thread worker script fetch.

This CL doesn't cause behavior changes in dedicated workers
because dedicated workers inherits the parent's CSP list.

This CL probably affect behaviors in off-the-main-thread
fetch for shared and service workers, but these are not
covered by tests.
Anyway OTMT for shared and service workers is still under
development and will be tested and fixed in the future.

Bug: 878274
Change-Id: I412845c9c7a866d22b97c501936d640fab99b71f
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1570669
Commit-Queue: Hiroshige Hayashizaki <hiroshige@chromium.org>
Reviewed-by: Kenichi Ishibashi <bashi@chromium.org>
Reviewed-by: Carlos IL <carlosil@chromium.org>
Reviewed-by: Hiroki Nakagawa <nhiroki@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#652708}
Cr-Mirrored-From: https://chromium.googlesource.com/chromium/src
Cr-Mirrored-Commit: 479f1f91f3c2c9731f0d13925c4a12f095e3a13a
14 files changed
tree: 70f8385de768e9a487bf0db2a21436ff151e1128
  1. .gitignore
  2. BUILD.gn
  3. DEPS
  4. OWNERS
  5. PRESUBMIT.py
  6. Python-Markdown/
  7. README.chromium
  8. README.chromium.template
  9. SPIRV-Tools/
  10. abseil-cpp/
  11. accessibility-audit/
  12. accessibility_test_framework/
  13. adobe/
  14. afl/
  15. android_build_tools/
  16. android_crazy_linker/
  17. android_data_chart/
  18. android_deps/
  19. android_media/
  20. android_opengl/
  21. android_platform/
  22. android_protobuf/
  23. android_sdk/
  24. android_support_test_runner/
  25. android_swipe_refresh/
  26. android_system_sdk/
  27. apache-mac/
  28. apache-portable-runtime/
  29. apache-win32/
  30. apk-patch-size-estimator/
  31. apple_apsl/
  32. arcore-android-sdk/
  33. ashmem/
  34. auto/
  35. axe-core/
  36. bazel/
  37. binutils/
  38. blanketjs/
  39. blink/
  40. boringssl/
  41. bouncycastle/
  42. breakpad/
  43. brotli/
  44. bspatch/
  45. byte_buddy/
  46. cacheinvalidation/
  47. cct_dynamic_module/
  48. ced/
  49. chaijs/
  50. checkstyle/
  51. chromevox/
  52. cld_3/
  53. closure_compiler/
  54. colorama/
  55. crashpad/
  56. crc32c/
  57. custom_tabs_client/
  58. d3/
  59. dav1d/
  60. decklink/
  61. devscripts/
  62. dom_distiller_js/
  63. emoji-segmenter/
  64. errorprone/
  65. espresso/
  66. expat/
  67. feed/
  68. flatbuffers/
  69. flot/
  70. fontconfig/
  71. freetype/
  72. fuchsia-sdk/
  73. gestures/
  74. gif_player/
  75. glfw/
  76. glslang/
  77. google-truth/
  78. google_android_play_core/
  79. google_appengine_cloudstorage/
  80. google_input_tools/
  81. google_toolbox_for_mac/
  82. googletest/
  83. gradle_wrapper/
  84. grpc/
  85. gson/
  86. guava/
  87. gvr-android-keyboard/
  88. gvr-android-sdk/
  89. hamcrest/
  90. harfbuzz-ng/
  91. hunspell/
  92. iaccessible2/
  93. iccjpeg/
  94. icu4j/
  95. ijar/
  96. ink/
  97. inspector_protocol/
  98. instrumented_libraries/
  99. intellij/
  100. isimpledom/
  101. jacoco/
  102. jinja2/
  103. jsoncpp/
  104. jsr-305/
  105. jstemplate/
  106. junit/
  107. khronos/
  108. lcov/
  109. leveldatabase/
  110. libFuzzer/
  111. libXNVCtrl/
  112. libaddressinput/
  113. libaom/
  114. libcxx-pretty-printers/
  115. libdrm/
  116. libevdev/
  117. libjingle_xmpp/
  118. libjpeg.gni
  119. libjpeg/
  120. liblouis/
  121. libovr/
  122. libphonenumber/
  123. libpng/
  124. libprotobuf-mutator/
  125. libsecret/
  126. libsync/
  127. libudev/
  128. libusb/
  129. libvpx/
  130. libwebm/
  131. libwebp/
  132. libxml/
  133. libxslt/
  134. logilab/
  135. lzma_sdk/
  136. mach_override/
  137. markdown/
  138. markupsafe/
  139. material_design_icons/
  140. mesa_headers/
  141. metrics_proto/
  142. microsoft_webauthn/
  143. minigbm/
  144. minizip/
  145. mocha/
  146. mockito/
  147. modp_b64/
  148. motemplate/
  149. mozilla/
  150. netty-tcnative/
  151. netty4/
  152. node/
  153. nvml/
  154. objenesis/
  155. ocmock/
  156. openh264/
  157. openscreen/
  158. openvr/
  159. opus/
  160. ots/
  161. ow2_asm/
  162. pexpect/
  163. pffft/
  164. ply/
  165. polymer/
  166. proguard/
  167. protobuf/
  168. protoc_javalite/
  169. pycoverage/
  170. pyftpdlib/
  171. pyjson5/
  172. pylint/
  173. pymock/
  174. pystache/
  175. pywebsocket/
  176. qcms/
  177. quic_trace/
  178. qunit/
  179. r8/
  180. re2/
  181. requests/
  182. rnnoise/
  183. robolectric/
  184. s2cellid/
  185. sfntly/
  186. shaderc/
  187. simplejson/
  188. sinonjs/
  189. smhasher/
  190. snappy/
  191. speech-dispatcher/
  192. spirv-cross/
  193. spirv-headers/
  194. sqlite/
  195. sqlite4java/
  196. sudden_motion_sensor/
  197. tcmalloc/
  198. test_fonts/
  199. tlslite/
  200. ub-uiautomator/
  201. unrar/
  202. usb_ids/
  203. usrsctp/
  204. v4l-utils/
  205. vulkan/
  206. wayland-protocols/
  207. wayland/
  208. wds/
  209. web-animations-js/
  210. webdriver/
  211. webgl/
  212. webrtc_overrides/
  213. webxr_test_pages/
  214. widevine/
  215. win_build_output/
  216. woff2/
  217. wtl/
  218. xstream/
  219. yasm/
  220. zlib/