Add upgrade-insecure-requests in FetchClientSettingsObject
This CL adds the following methods that are used in
upgrade-insecure-requests processing to FetchClientSettingsObject,
and use them in FrameLoader::UpgradeInsecureRequest():
Before this CL, upgrade-insecure-requests works based on
ExecutionContext's SecurityContext, and thus uses the
insideSettings' CSP list during off-the-main-thread
worker script fetch.
After this CL, upgrade-insecure-requests works via
FetchClientSettingsObject and thus uses the
outside settings object's CSP list correctly
in off-the-main-thread worker script fetch.
This CL doesn't cause behavior changes in dedicated workers
because dedicated workers inherits the parent's CSP list.
This CL probably affect behaviors in off-the-main-thread
fetch for shared and service workers, but these are not
covered by tests.
Anyway OTMT for shared and service workers is still under
development and will be tested and fixed in the future.
Commit-Queue: Hiroshige Hayashizaki <firstname.lastname@example.org>
Reviewed-by: Kenichi Ishibashi <email@example.com>
Reviewed-by: Carlos IL <firstname.lastname@example.org>
Reviewed-by: Hiroki Nakagawa <email@example.com>
14 files changed