Revert of Use |IsOriginSecure| for mark-HTTP-nonsecure field trial (patchset...

Revert of Use |IsOriginSecure| for mark-HTTP-nonsecure field trial (patchset #1 id:1 of https://codereview.chromium.org/1143503003/) Reason for revert: Android Tests dbg bot is failing: http://build.chromium.org/p/chromium.linux/builders/Android%20Tests%20(dbg) The reason of this failure is following patch: https://codereview.chromium.org/1123943002/ I had to revert this patch because it is a follow up. Original issue's description: > Use |IsOriginSecure| for mark-HTTP-nonsecure field trial > > When the flag or field trial is set such that non-secure origins will be > marked as dubious/non-secure, use |IsOriginSecure| to determine whether > an origin is non-secure, instead of simply treating http:// and ftp:// > as non-secure. This means that http://nytimes.com will be marked as > dubious/non-secure, but not http://localhost (for example). > > BUG=487499 > TEST=Enable the "Mark non-secure as non-secure" flag in > chrome://flags. Visit http://nytimes.com and observe that the lock icon > is red and crossed out. Visit an http:// URL on localhost and observe > that the lock icon is neutral. > > Committed: https://crrev.com/5f99677ac4f9b8180ee7fd2f0d5c85e91828a951 > Cr-Commit-Position: refs/heads/master@{#329774} TBR=meacer@chromium.org,estark@chromium.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=487499 Review URL: https://codereview.chromium.org/1130843005 Cr-Commit-Position: refs/heads/master@{#329826}

Revert of Use |IsOriginSecure| for mark-HTTP-nonsecure field trial (patchset...
Revert of Use |IsOriginSecure| for mark-HTTP-nonsecure field trial (patchset #1 id:1 of https://codereview.chromium.org/1143503003/) Reason for revert: Android Tests dbg bot is failing: http://build.chromium.org/p/chromium.linux/builders/Android%20Tests%20(dbg) The reason of this failure is following patch: https://codereview.chromium.org/1123943002/ I had to revert this patch because it is a follow up. Original issue's description: > Use |IsOriginSecure| for mark-HTTP-nonsecure field trial > > When the flag or field trial is set such that non-secure origins will be > marked as dubious/non-secure, use |IsOriginSecure| to determine whether > an origin is non-secure, instead of simply treating http:// and ftp:// > as non-secure. This means that http://nytimes.com will be marked as > dubious/non-secure, but not http://localhost (for example). > > BUG=487499 > TEST=Enable the "Mark non-secure as non-secure" flag in > chrome://flags. Visit http://nytimes.com and observe that the lock icon > is red and crossed out. Visit an http:// URL on localhost and observe > that the lock icon is neutral. > > Committed: https://crrev.com/5f99677ac4f9b8180ee7fd2f0d5c85e91828a951 > Cr-Commit-Position: refs/heads/master@{#329774} TBR=meacer@chromium.org,estark@chromium.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=487499 Review URL: https://codereview.chromium.org/1130843005 Cr-Commit-Position: refs/heads/master@{#329826}
236d015a · sergeyv · Commit bot · 14c65a43 · 236d015a
Commit 236d015a authored May 14, 2015 by sergeyv Committed by Commit bot May 14, 2015
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

chrome/browser/ssl/connection_security_helper.cc chrome/browser/ssl/connection_security_helper.cc +2 -2

No files found.
--- a/chrome/browser/ssl/connection_security_helper.cc
+++ b/chrome/browser/ssl/connection_security_helper.cc
@@ -16,12 +16,12 @@
 #include "content/public/browser/navigation_controller.h"
 #include "content/public/browser/navigation_entry.h"
 #include "content/public/browser/web_contents.h"
-#include "content/public/common/origin_util.h"
 #include "content/public/common/ssl_status.h"
 #include "net/base/net_util.h"
 #include "net/cert/cert_status_flags.h"
 #include "net/cert/x509_certificate.h"
 #include "net/ssl/ssl_connection_status_flags.h"
+#include "url/url_constants.h"

 #if defined(OS_CHROMEOS)
 #include "chrome/browser/chromeos/policy/policy_cert_service.h"
@@ -73,7 +73,7 @@ ConnectionSecurityHelper::GetSecurityLevelForWebContents(

    case content::SECURITY_STYLE_UNAUTHENTICATED: {
      const GURL& url = entry->GetURL();
-      if (!content::IsOriginSecure(url))
+      if (url.SchemeIs(url::kHttpScheme) || url.SchemeIs(url::kFtpScheme))
        return GetSecurityLevelForNonSecureFieldTrial();
      return NONE;
    }