MixedContentChecker should not log blocked preload requests

This CL adds a SuppressLog argument to MixedContentChecker::shouldBlockFetch to suppress logging for preload requests.
This makes it consistent with content security policy checks which also do not warn on preload requests.

BUG=432771

Review URL: https://codereview.chromium.org/726563004

git-svn-id: svn://svn.chromium.org/blink/trunk@185420 bbb929c8-8fbe-4397-9dbb-9b2b20218538

third_party/WebKit/LayoutTests/http/tests/security/mixedContent/preload-insecure-image-in-main-frame-blocked-expected.txt

+CONSOLE ERROR: line 2: Mixed Content: The page at 'https://127.0.0.1:8443/security/mixedContent/resources/frame-preloads-insecure-image.html' was loaded over HTTPS, but requested an insecure image 'http://127.0.0.1:8080/security/resources/compass.jpg'. This request has been blocked; the content must be served over HTTPS.
+This test opens a window that loads an insecure image. We should not trigger a mixed content callback even though the main frame in the window is HTTPS and is displaying insecure content, because we've set the preference to block this.

third_party/WebKit/LayoutTests/http/tests/security/mixedContent/preload-insecure-image-in-main-frame-blocked.html

+<html>
+<body>
+<script>
+if (window.testRunner) {
+    testRunner.waitUntilDone();
+    testRunner.dumpAsText();
+    testRunner.setCanOpenWindows();
+    testRunner.setCloseRemainingWindowsWhenComplete(true);
+    testRunner.overridePreference("WebKitAllowDisplayingInsecureContent", false);
+}
+
+window.addEventListener("message", function (e) {
+  if (window.testRunner)
+      testRunner.notifyDone();
+}, false);
+
+</script>
+<p>This test opens a window that loads an insecure image.  We should not
+trigger a mixed content callback even though the main frame in the window
+is HTTPS and is displaying insecure content, because we've set the preference
+to block this.</p>
+<script>
+window.open("https://127.0.0.1:8443/security/mixedContent/resources/frame-preloads-insecure-image.html");
+</script>
+</body>
+</html>

third_party/WebKit/LayoutTests/http/tests/security/mixedContent/resources/frame-preloads-insecure-image.html

+<script src="https://127.0.0.1:8080/resources/slow-script.pl?delay=3000"></script>
+<img src="http://127.0.0.1:8080/security/resources/compass.jpg">
+<script>
+window.onload = function() {
+    if (window.opener)
+        window.opener.postMessage('done', '*');
+};
+</script>

third_party/WebKit/Source/core/fetch/ResourceFetcher.cpp

@@ -591,7 +591,9 @@ bool ResourceFetcher::canRequest(Resource::Type type, const ResourceRequest& res
             effectiveFrame = toLocalFrame(frame()->tree().parent());
     }
 
-    return !MixedContentChecker::shouldBlockFetch(effectiveFrame, resourceRequest, url);
+    MixedContentChecker::ReportingStatus mixedContentReporting = forPreload ?
+        MixedContentChecker::SuppressReport : MixedContentChecker::SendReport;
+    return !MixedContentChecker::shouldBlockFetch(effectiveFrame, resourceRequest, url, mixedContentReporting);
 }
 
 bool ResourceFetcher::canAccessResource(Resource* resource, SecurityOrigin* sourceOrigin, const KURL& url) const
@@ -674,7 +676,8 @@ void ResourceFetcher::maybeNotifyInsecureContent(const Resource* resource) const
     // As a side effect browser will be notified.
     MixedContentChecker::shouldBlockFetch(frame(),
                                           resource->lastResourceRequest(),
-                                          resource->lastResourceRequest().url());
+                                          resource->lastResourceRequest().url(),
+                                          MixedContentChecker::SendReport);
 }
 
 // Limit the number of URLs in m_validatedURLs to avoid memory bloat.
@@ -1261,8 +1264,7 @@ void ResourceFetcher::preload(Resource::Type type, FetchRequest& request, const
     // Loading images involves several special cases, so use dedicated fetch method instead.
     if (type == Resource::Image)
         resource = fetchImage(request);
-
-    if (!resource)
+    else
         resource = requestResource(type, request);
     if (!resource || (m_preloads && m_preloads->contains(resource.get())))
         return;

third_party/WebKit/Source/core/loader/MixedContentChecker.cpp

@@ -213,7 +213,7 @@ void MixedContentChecker::logToConsole(LocalFrame* frame, const KURL& url, WebUR
 }
 
 // static
-bool MixedContentChecker::shouldBlockFetch(LocalFrame* frame, const ResourceRequest& resourceRequest, const KURL& url)
+bool MixedContentChecker::shouldBlockFetch(LocalFrame* frame, const ResourceRequest& resourceRequest, const KURL& url, MixedContentChecker::ReportingStatus reportingStatus)
 {
     // No frame, no mixed content:
     if (!frame)
@@ -228,7 +228,7 @@ bool MixedContentChecker::shouldBlockFetch(LocalFrame* frame, const ResourceRequ
             return false;
 
         LocalFrame* localTop = toLocalFrame(top);
-        if (frame != localTop && shouldBlockFetch(localTop, resourceRequest, url))
+        if (frame != localTop && shouldBlockFetch(localTop, resourceRequest, url, reportingStatus))
             return true;
     }
 
@@ -280,7 +280,8 @@ bool MixedContentChecker::shouldBlockFetch(LocalFrame* frame, const ResourceRequ
         return true;
     };
 
-    logToConsole(frame, url, resourceRequest.requestContext(), allowed);
+    if (reportingStatus == SendReport)
+        logToConsole(frame, url, resourceRequest.requestContext(), allowed);
     return !allowed;
 }
 

third_party/WebKit/Source/core/loader/MixedContentChecker.h

@@ -48,7 +48,8 @@ class MixedContentChecker final {
 public:
     explicit MixedContentChecker(LocalFrame*);
 
-    static bool shouldBlockFetch(LocalFrame*, const ResourceRequest&, const KURL&);
+    enum ReportingStatus { SendReport, SuppressReport };
+    static bool shouldBlockFetch(LocalFrame*, const ResourceRequest&, const KURL&, ReportingStatus);
 
     bool canDisplayInsecureContent(SecurityOrigin* securityOrigin, const KURL& url) const
     {