// static bool MixedContentChecker::shouldBlockFetch(LocalFrame* frame, WebURLRequest::RequestContext requestContext, WebURLRequest::FrameType frameType, const KURL& url, MixedContentChecker::ReportingStatus reportingStatus) { Frame* effectiveFrame = effectiveFrameForFrameType(frame, frameType); Frame* mixedFrame = inWhichFrameIsContentMixed(effectiveFrame, frameType, url); if (!mixedFrame) return false; MixedContentChecker::count(mixedFrame, requestContext); Settings* settings = mixedFrame->settings(); // Use the current local frame's client; the embedder doesn't // distinguish mixed content signals from different frames on the // same page. FrameLoaderClient* client = frame->loader().client(); SecurityOrigin* securityOrigin = mixedFrame->securityContext()->getSecurityOrigin(); bool allowed = false; // If we're in strict mode, we'll automagically fail everything, and intentionally skip // the client checks in order to prevent degrading the site's security UI. bool strictMode = mixedFrame->securityContext()->shouldEnforceStrictMixedContentChecking() || settings->strictMixedContentChecking(); ContextType contextType = contextTypeFromContext(requestContext, mixedFrame); // If we're loading the main resource of a subframe, we need to take a close look at the loaded URL. // If we're dealing with a CORS-enabled scheme, then block mixed frames as active content. Otherwise, // treat frames as passive content. // // FIXME: Remove this temporary hack once we have a reasonable API for launching external applications // via URLs. http://crbug.com/318788 and https://crbug.com/393481 if (frameType == WebURLRequest::FrameTypeNested && !SchemeRegistry::shouldTreatURLSchemeAsCORSEnabled(url.protocol())) contextType = ContextTypeOptionallyBlockable; switch (contextType) { case ContextTypeOptionallyBlockable: allowed = !strictMode && client->allowDisplayingInsecureContent(settings && settings->allowDisplayOfInsecureContent(), url); if (allowed) client->didDisplayInsecureContent(); break; case ContextTypeBlockable: { // Strictly block subresources that are mixed with respect to // their subframes, unless all insecure content is allowed. This // is to avoid the following situation: https://a.com embeds // https://b.com, which loads a script over insecure HTTP. The // user opts to allow the insecure content, thinking that they are // allowing an insecure script to run on https://a.com and not // realizing that they are in fact allowing an insecure script on // https://b.com. if (!settings->allowRunningOfInsecureContent() && requestIsSubframeSubresource(effectiveFrame, frameType) && isMixedContent(frame->securityContext()->getSecurityOrigin(), url)) { UseCounter::count(mixedFrame, UseCounter::BlockableMixedContentInSubframeBlocked); allowed = false; break; } bool shouldAskEmbedder = !strictMode && settings && (!settings->strictlyBlockBlockableMixedContent() || settings->allowRunningOfInsecureContent()); allowed = shouldAskEmbedder && client->allowRunningInsecureContent(settings && settings->allowRunningOfInsecureContent(), securityOrigin, url); if (allowed) { client->didRunInsecureContent(securityOrigin, url); UseCounter::count(mixedFrame, UseCounter::MixedContentBlockableAllowed); } break; } case ContextTypeShouldBeBlockable: allowed = !strictMode; if (allowed) client->didDisplayInsecureContent(); break; case ContextTypeNotMixedContent: ASSERT_NOT_REACHED(); break; }; if (reportingStatus == SendReport) logToConsoleAboutFetch(frame, mainResourceUrlForFrame(mixedFrame), url, requestContext, allowed); return !allowed; }
// static bool MixedContentChecker::shouldBlockFetch(LocalFrame* frame, WebURLRequest::RequestContext requestContext, WebURLRequest::FrameType frameType, const KURL& url, MixedContentChecker::ReportingStatus reportingStatus) { LocalFrame* mixedFrame = inWhichFrameIsContentMixed(frame, frameType, url); if (!mixedFrame) return false; MixedContentChecker::count(mixedFrame, requestContext); Settings* settings = mixedFrame->settings(); FrameLoaderClient* client = mixedFrame->loader().client(); SecurityOrigin* securityOrigin = mixedFrame->document()->securityOrigin(); bool allowed = false; // If we're in strict mode, we'll automagically fail everything, and intentionally skip // the client checks in order to prevent degrading the site's security UI. bool strictMode = mixedFrame->securityContext()->shouldEnforceStrictMixedContentChecking() || settings->strictMixedContentChecking(); ContextType contextType = contextTypeFromContext(requestContext, mixedFrame); // If we're loading the main resource of a subframe, we need to take a close look at the loaded URL. // If we're dealing with a CORS-enabled scheme, then block mixed frames as active content. Otherwise, // treat frames as passive content. // // FIXME: Remove this temporary hack once we have a reasonable API for launching external applications // via URLs. http://crbug.com/318788 and https://crbug.com/393481 if (frameType == WebURLRequest::FrameTypeNested && !SchemeRegistry::shouldTreatURLSchemeAsCORSEnabled(url.protocol())) contextType = ContextTypeOptionallyBlockable; switch (contextType) { case ContextTypeOptionallyBlockable: allowed = !strictMode && client->allowDisplayingInsecureContent(settings && settings->allowDisplayOfInsecureContent(), url); if (allowed) client->didDisplayInsecureContent(); break; case ContextTypeBlockable: { // Strictly block subresources in subframes, unless all insecure // content is allowed. if (!settings->allowRunningOfInsecureContent() && requestIsSubframeSubresource(frame, frameType)) { UseCounter::count(mixedFrame, UseCounter::BlockableMixedContentInSubframeBlocked); allowed = false; break; } bool shouldAskEmbedder = !strictMode && settings && (!settings->strictlyBlockBlockableMixedContent() || settings->allowRunningOfInsecureContent()); allowed = shouldAskEmbedder && client->allowRunningInsecureContent(settings && settings->allowRunningOfInsecureContent(), securityOrigin, url); if (allowed) { client->didRunInsecureContent(securityOrigin, url); UseCounter::count(mixedFrame, UseCounter::MixedContentBlockableAllowed); } break; } case ContextTypeShouldBeBlockable: allowed = !strictMode; if (allowed) client->didDisplayInsecureContent(); break; case ContextTypeNotMixedContent: ASSERT_NOT_REACHED(); break; }; if (reportingStatus == SendReport) logToConsoleAboutFetch(frame, url, requestContext, allowed); return !allowed; }