Stop sending SSLInfo from network service for subframe navigations.

Optimize to only send SSLInfo from network service on top-level requests. Changes GetURLLoaderOptions to only set kURLLoadOptionSendSSLInfoWithResponse when |is_main_frame| is true and sets new default to kURLLoadOptionNone. This also makes a change in WebContentsImpl to fetch SSLInfo only on main frame navigations. Bug: 787535 Change-Id: Ie4a929ba90e4c358d111e174a3c399298f22b5f3 Reviewed-on: https://chromium-review.googlesource.com/1148239Reviewed-by: John Abd-El-Malek <jam@chromium.org> Reviewed-by: Charlie Harrison <csharrison@chromium.org> Commit-Queue: Livvie Lin <livvielin@chromium.org> Cr-Commit-Position: refs/heads/master@{#581974}

Stop sending SSLInfo from network service for subframe navigations.
Optimize to only send SSLInfo from network service on top-level requests. Changes GetURLLoaderOptions to only set kURLLoadOptionSendSSLInfoWithResponse when |is_main_frame| is true and sets new default to kURLLoadOptionNone. This also makes a change in WebContentsImpl to fetch SSLInfo only on main frame navigations. Bug: 787535 Change-Id: Ie4a929ba90e4c358d111e174a3c399298f22b5f3 Reviewed-on: https://chromium-review.googlesource.com/1148239Reviewed-by: John Abd-El-Malek <jam@chromium.org> Reviewed-by: Charlie Harrison <csharrison@chromium.org> Commit-Queue: Livvie Lin <livvielin@chromium.org> Cr-Commit-Position: refs/heads/master@{#581974}
139bf442 · Livvie Lin · Commit Bot · a5722ccf · 139bf442 · 139bf442
Commit 139bf442 authored Aug 10, 2018 by Livvie Lin Committed by Commit Bot Aug 10, 2018
Showing with 13 additions and 5 deletions

content/browser/loader/navigation_url_loader_impl.cc content/browser/loader/navigation_url_loader_impl.cc +6 -2

content/browser/web_contents/web_contents_impl.cc content/browser/web_contents/web_contents_impl.cc +7 -3

No files found.
--- a/content/browser/loader/navigation_url_loader_impl.cc
+++ b/content/browser/loader/navigation_url_loader_impl.cc
@@ -376,9 +376,13 @@ class NavigationURLLoaderImpl::URLLoaderRequestController
  }
  static uint32_t GetURLLoaderOptions(bool is_main_frame) {
-    uint32_t options = network::mojom::kURLLoadOptionSendSSLInfoWithResponse;
+    uint32_t options = network::mojom::kURLLoadOptionNone;
-    if (is_main_frame)
+    if (is_main_frame) {
+      // SSLInfo is not needed on subframe responses because users can inspect
+      // only the certificate for the main frame when using the info bubble.
+      options |= network::mojom::kURLLoadOptionSendSSLInfoWithResponse;
      options |= network::mojom::kURLLoadOptionSendSSLInfoForCertificateError;
+    }
    if (base::FeatureList::IsEnabled(network::features::kNetworkService)) {
      options |= network::mojom::kURLLoadOptionSniffMimeType;

--- a/content/browser/web_contents/web_contents_impl.cc
+++ b/content/browser/web_contents/web_contents_impl.cc
@@ -4088,9 +4088,13 @@ void WebContentsImpl::ReadyToCommitNavigation(
  if (navigation_handle->IsSameDocument())
    return;
-  controller_.ssl_manager()->DidStartResourceResponse(
+  // SSLInfo is not needed on subframe navigations since the main-frame
-      navigation_handle->GetURL(),
+  // certificate is the only one that can be inspected (using the info
-      net::IsCertStatusError(navigation_handle->GetSSLInfo().cert_status));
+  // bubble) without refreshing the page with DevTools open.
+  if (navigation_handle->IsInMainFrame())
+    controller_.ssl_manager()->DidStartResourceResponse(
+        navigation_handle->GetURL(),
+        net::IsCertStatusError(navigation_handle->GetSSLInfo().cert_status));
  SetNotWaitingForResponse();
 }