chromium/content/browser/keyboard_lock/keyboard_lock_service_impl.cc

@@ -38,20 +38,22 @@ void LogKeyboardLockMethodCalled(KeyboardLockMethods method) {
 }  // namespace
 
 KeyboardLockServiceImpl::KeyboardLockServiceImpl(
-    RenderFrameHost* render_frame_host)
-    : render_frame_host_(static_cast<RenderFrameHostImpl*>(render_frame_host)) {
+    RenderFrameHost* render_frame_host,
+    blink::mojom::KeyboardLockServiceRequest request)
+    : FrameServiceBase(render_frame_host, std::move(request)),
+      render_frame_host_(static_cast<RenderFrameHostImpl*>(render_frame_host)) {
   DCHECK(render_frame_host_);
 }
 
-KeyboardLockServiceImpl::~KeyboardLockServiceImpl() = default;
-
 // static
 void KeyboardLockServiceImpl::CreateMojoService(
     RenderFrameHost* render_frame_host,
     blink::mojom::KeyboardLockServiceRequest request) {
-  mojo::MakeStrongBinding(
-      std::make_unique<KeyboardLockServiceImpl>(render_frame_host),
-      std::move(request));
+  DCHECK(render_frame_host);
+
+  // The object is bound to the lifetime of |render_frame_host| and the mojo
+  // connection. See FrameServiceBase for details.
+  new KeyboardLockServiceImpl(render_frame_host, std::move(request));
 }
 
 void KeyboardLockServiceImpl::RequestKeyboardLock(
@@ -131,4 +133,6 @@ void KeyboardLockServiceImpl::GetKeyboardLayoutMap(
   std::move(callback).Run(std::move(response));
 }
 
+KeyboardLockServiceImpl::~KeyboardLockServiceImpl() = default;
+
 }  // namespace content

chromium/content/browser/keyboard_lock/keyboard_lock_service_impl.h

@@ -9,6 +9,7 @@
 #include <vector>
 
 #include "content/common/content_export.h"
+#include "content/public/browser/frame_service_base.h"
 #include "mojo/public/cpp/bindings/strong_binding.h"
 #include "third_party/blink/public/platform/modules/keyboard_lock/keyboard_lock.mojom.h"
 
@@ -17,11 +18,11 @@ namespace content {
 class RenderFrameHost;
 class RenderFrameHostImpl;
 
-class CONTENT_EXPORT KeyboardLockServiceImpl
-    : public blink::mojom::KeyboardLockService {
+class CONTENT_EXPORT KeyboardLockServiceImpl final
+    : public FrameServiceBase<blink::mojom::KeyboardLockService> {
  public:
-  explicit KeyboardLockServiceImpl(RenderFrameHost* render_frame_host);
-  ~KeyboardLockServiceImpl() override;
+  KeyboardLockServiceImpl(RenderFrameHost* render_frame_host,
+                          blink::mojom::KeyboardLockServiceRequest request);
 
   static void CreateMojoService(
       RenderFrameHost* render_frame_host,
@@ -34,6 +35,9 @@ class CONTENT_EXPORT KeyboardLockServiceImpl
   void GetKeyboardLayoutMap(GetKeyboardLayoutMapCallback callback) override;
 
  private:
+  // |this| can only be destroyed by FrameServiceBase.
+  ~KeyboardLockServiceImpl() override;
+
   RenderFrameHostImpl* const render_frame_host_;
 };
 

chromium/third_party/blink/renderer/core/dom/document.h

@@ -702,6 +702,12 @@ class CORE_EXPORT Document : public ContainerNode,
   String UserAgent() const final;
   void DisableEval(const String& error_message) final;
 
+  // TODO(https://crbug.com/880986): Implement Document's HTTPS state in more
+  // spec-conformant way.
+  HttpsState GetHttpsState() const final {
+    return CalculateHttpsState(GetSecurityOrigin());
+  }
+
   CSSStyleSheet& ElementSheet();
 
   virtual DocumentParser* CreateParser();

chromium/third_party/blink/renderer/core/execution_context/execution_context.h

@@ -37,6 +37,7 @@
 #include "third_party/blink/renderer/core/dom/context_lifecycle_observer.h"
 #include "third_party/blink/renderer/platform/heap/handle.h"
 #include "third_party/blink/renderer/platform/loader/fetch/access_control_status.h"
+#include "third_party/blink/renderer/platform/loader/fetch/https_state.h"
 #include "third_party/blink/renderer/platform/supplementable.h"
 #include "third_party/blink/renderer/platform/weborigin/referrer_policy.h"
 #include "v8/include/v8.h"
@@ -143,6 +144,8 @@ class CORE_EXPORT ExecutionContext : public ContextLifecycleNotifier,
   virtual LocalDOMWindow* ExecutingWindow() const { return nullptr; }
   virtual String UserAgent() const = 0;
 
+  virtual HttpsState GetHttpsState() const = 0;
+
   // Gets the DOMTimerCoordinator which maintains the "active timer
   // list" of tasks created by setTimeout and setInterval. The
   // DOMTimerCoordinator is owned by the ExecutionContext and should

chromium/third_party/blink/renderer/core/exported/web_shared_worker_impl.cc

@@ -340,7 +340,8 @@ void WebSharedWorkerImpl::ContinueOnScriptLoaderFinished() {
           content_security_policy ? content_security_policy->Headers()
                                   : Vector<CSPHeaderAndType>(),
           referrer_policy, starter_origin, starter_secure_context,
-          worker_clients, main_script_loader_->ResponseAddressSpace(),
+          document->GetHttpsState(), worker_clients,
+          main_script_loader_->ResponseAddressSpace(),
           main_script_loader_->OriginTrialTokens(), devtools_worker_token_,
           std::move(worker_settings), kV8CacheOptionsDefault,
           nullptr /* worklet_module_response_map */,

chromium/third_party/blink/renderer/core/layout/custom/layout_worklet_global_scope_proxy.cc

@@ -45,8 +45,8 @@ LayoutWorkletGlobalScopeProxy::LayoutWorkletGlobalScopeProxy(
       document->Url(), ScriptType::kModule, document->UserAgent(),
       document->GetContentSecurityPolicy()->Headers(),
       document->GetReferrerPolicy(), document->GetSecurityOrigin(),
-      document->IsSecureContext(), worker_clients, document->AddressSpace(),
-      OriginTrialContext::GetTokens(document).get(),
+      document->IsSecureContext(), document->GetHttpsState(), worker_clients,
+      document->AddressSpace(), OriginTrialContext::GetTokens(document).get(),
       base::UnguessableToken::Create(), nullptr /* worker_settings */,
       kV8CacheOptionsDefault, module_responses_map);
   global_scope_ = LayoutWorkletGlobalScope::Create(

chromium/third_party/blink/renderer/core/loader/mixed_content_checker.cc

@@ -209,17 +209,11 @@ bool RequestIsSubframeSubresource(
           frame_type != network::mojom::RequestContextFrameType::kNested);
 }
 
-// static
-bool MixedContentChecker::IsMixedContent(const SecurityOrigin* security_origin,
-                                         const KURL& url) {
-  if (!SchemeRegistry::ShouldTreatURLSchemeAsRestrictingMixedContent(
-          security_origin->Protocol()))
-    return false;
-
+static bool IsInsecureUrl(const KURL& url) {
   // |url| is mixed content if its origin is not potentially trustworthy nor
-  // secure. We do a quick check against `SecurityOrigin::isSecure` to catch
+  // secure. We do a quick check against `SecurityOrigin::IsSecure` to catch
   // things like `about:blank`, which cannot be sanely passed into
-  // `SecurityOrigin::create` (as their origin depends on their context).
+  // `SecurityOrigin::Create` (as their origin depends on their context).
   // blob: and filesystem: URLs never hit the network, and access is restricted
   // to same-origin contexts, so they are not blocked either.
   bool is_allowed = url.ProtocolIs("blob") || url.ProtocolIs("filesystem") ||
@@ -228,6 +222,29 @@ bool MixedContentChecker::IsMixedContent(const SecurityOrigin* security_origin,
   return !is_allowed;
 }
 
+// static
+bool MixedContentChecker::IsMixedContent(const SecurityOrigin* security_origin,
+                                         const KURL& url) {
+  if (!SchemeRegistry::ShouldTreatURLSchemeAsRestrictingMixedContent(
+          security_origin->Protocol()))
+    return false;
+
+  return IsInsecureUrl(url);
+}
+
+// static
+bool MixedContentChecker::IsMixedContent(
+    const FetchClientSettingsObjectImpl& settings,
+    const KURL& url) {
+  switch (settings.GetHttpsState()) {
+    case HttpsState::kNone:
+      return false;
+
+    case HttpsState::kModern:
+      return IsInsecureUrl(url);
+  }
+}
+
 // static
 Frame* MixedContentChecker::InWhichFrameIsContentMixed(
     Frame* frame,
@@ -457,7 +474,7 @@ bool MixedContentChecker::ShouldBlockFetchOnWorker(
     SecurityViolationReportingPolicy reporting_policy,
     bool is_worklet_global_scope) {
   if (!MixedContentChecker::IsMixedContent(
-          worker_fetch_context.GetSecurityOrigin(), url)) {
+          *worker_fetch_context.GetFetchClientSettingsObject(), url)) {
     return false;
   }
 
@@ -563,7 +580,7 @@ bool MixedContentChecker::IsWebSocketAllowed(
     const WorkerFetchContext& worker_fetch_context,
     const KURL& url) {
   if (!MixedContentChecker::IsMixedContent(
-          worker_fetch_context.GetSecurityOrigin(), url)) {
+          *worker_fetch_context.GetFetchClientSettingsObject(), url)) {
     return true;
   }
 

chromium/third_party/blink/renderer/core/loader/mixed_content_checker.h

@@ -44,6 +44,7 @@
 namespace blink {
 
 class ConsoleMessage;
+class FetchClientSettingsObjectImpl;
 class Frame;
 class FrameFetchContext;
 class LocalFrame;
@@ -86,6 +87,7 @@ class CORE_EXPORT MixedContentChecker final {
   static bool IsWebSocketAllowed(const WorkerFetchContext&, const KURL&);
 
   static bool IsMixedContent(const SecurityOrigin*, const KURL&);
+  static bool IsMixedContent(const FetchClientSettingsObjectImpl&, const KURL&);
   static bool IsMixedFormAction(LocalFrame*,
                                 const KURL&,
                                 SecurityViolationReportingPolicy =

chromium/third_party/blink/renderer/core/loader/modulescript/module_script_loader_test.cc

@@ -186,7 +186,8 @@ void ModuleScriptLoaderTest::InitializeForWorklet() {
       GetDocument().Url(), ScriptType::kModule, GetDocument().UserAgent(),
       Vector<CSPHeaderAndType>(), GetDocument().GetReferrerPolicy(),
       GetDocument().GetSecurityOrigin(), GetDocument().IsSecureContext(),
-      nullptr /* worker_clients */, GetDocument().AddressSpace(),
+      GetDocument().GetHttpsState(), nullptr /* worker_clients */,
+      GetDocument().AddressSpace(),
       OriginTrialContext::GetTokens(&GetDocument()).get(),
       base::UnguessableToken::Create(), nullptr /* worker_settings */,
       kV8CacheOptionsDefault, new WorkletModuleResponsesMap);

chromium/third_party/blink/renderer/core/loader/worker_fetch_context.cc

@@ -107,7 +107,7 @@ WorkerFetchContext::WorkerFetchContext(
         SubresourceFilter::Create(global_scope, std::move(web_filter));
   }
 }
-const FetchClientSettingsObject*
+const FetchClientSettingsObjectImpl*
 WorkerFetchContext::GetFetchClientSettingsObject() const {
   return fetch_client_settings_object_.Get();
 }
@@ -292,8 +292,6 @@ void WorkerFetchContext::PrepareRequest(ResourceRequest& request,
   DCHECK(!user_agent.IsNull());
   request.SetHTTPUserAgent(AtomicString(user_agent));
 
-  FrameLoader::UpgradeInsecureRequest(request, global_scope_);
-
   WrappedResourceRequest webreq(request);
   web_context_->WillSendRequest(webreq);
 }
@@ -390,6 +388,7 @@ void WorkerFetchContext::PopulateResourceRequest(
     const ClientHintsPreferences& hints_preferences,
     const FetchParameters::ResourceWidth& resource_width,
     ResourceRequest& out_request) {
+  FrameLoader::UpgradeInsecureRequest(out_request, global_scope_);
   SetFirstPartyCookieAndRequestorOrigin(out_request);
 }
 

chromium/third_party/blink/renderer/core/loader/worker_fetch_context.h

@@ -37,7 +37,7 @@ class WorkerFetchContext final : public BaseFetchContext {
   ~WorkerFetchContext() override;
 
   // BaseFetchContext implementation:
-  const FetchClientSettingsObject* GetFetchClientSettingsObject()
+  const FetchClientSettingsObjectImpl* GetFetchClientSettingsObject()
       const override;
   KURL GetSiteForCookies() const override;
   SubresourceFilter* GetSubresourceFilter() const override;

chromium/third_party/blink/renderer/core/script/fetch_client_settings_object_impl.cc

@@ -34,6 +34,11 @@ const String FetchClientSettingsObjectImpl::GetOutgoingReferrer() const {
   return execution_context_->OutgoingReferrer();
 }
 
+HttpsState FetchClientSettingsObjectImpl::GetHttpsState() const {
+  DCHECK(execution_context_->IsContextThread());
+  return execution_context_->GetHttpsState();
+}
+
 void FetchClientSettingsObjectImpl::Trace(Visitor* visitor) {
   visitor->Trace(execution_context_);
   FetchClientSettingsObject::Trace(visitor);

chromium/third_party/blink/renderer/core/script/fetch_client_settings_object_impl.h

@@ -9,6 +9,7 @@
 #include "third_party/blink/renderer/core/script/fetch_client_settings_object.h"
 #include "third_party/blink/renderer/platform/cross_thread_copier.h"
 #include "third_party/blink/renderer/platform/heap/member.h"
+#include "third_party/blink/renderer/platform/loader/fetch/https_state.h"
 #include "third_party/blink/renderer/platform/weborigin/kurl.h"
 #include "third_party/blink/renderer/platform/weborigin/referrer_policy.h"
 #include "third_party/blink/renderer/platform/weborigin/security_origin.h"
@@ -35,6 +36,8 @@ class CORE_EXPORT FetchClientSettingsObjectImpl final
   ReferrerPolicy GetReferrerPolicy() const override;
   const String GetOutgoingReferrer() const override;
 
+  HttpsState GetHttpsState() const;
+
   void Trace(Visitor* visitor) override;
 
  private:

chromium/third_party/blink/renderer/core/testing/null_execution_context.h

@@ -34,6 +34,10 @@ class NullExecutionContext
   void DisableEval(const String&) override {}
   String UserAgent() const override { return String(); }
 
+  HttpsState GetHttpsState() const override {
+    return CalculateHttpsState(GetSecurityOrigin());
+  }
+
   EventTarget* ErrorEventTarget() override { return nullptr; }
 
   bool TasksNeedPause() override { return tasks_need_pause_; }

chromium/third_party/blink/renderer/core/workers/dedicated_worker.cc

@@ -307,7 +307,8 @@ DedicatedWorker::CreateGlobalScopeCreationParams() {
       script_url_, script_type, GetExecutionContext()->UserAgent(),
       GetExecutionContext()->GetContentSecurityPolicy()->Headers(),
       kReferrerPolicyDefault, GetExecutionContext()->GetSecurityOrigin(),
-      GetExecutionContext()->IsSecureContext(), CreateWorkerClients(),
+      GetExecutionContext()->IsSecureContext(),
+      GetExecutionContext()->GetHttpsState(), CreateWorkerClients(),
       GetExecutionContext()->GetSecurityContext().AddressSpace(),
       OriginTrialContext::GetTokens(GetExecutionContext()).get(),
       devtools_worker_token, std::move(settings), kV8CacheOptionsDefault,

chromium/third_party/blink/renderer/core/workers/dedicated_worker_test.cc

@@ -133,10 +133,12 @@ class DedicatedWorkerMessagingProxyForTest
         std::make_unique<GlobalScopeCreationParams>(
             script_url, ScriptType::kClassic, "fake user agent", headers,
             kReferrerPolicyDefault, security_origin_.get(),
-            false /* starter_secure_context */, nullptr /* worker_clients */,
-            mojom::IPAddressSpace::kLocal, nullptr /* origin_trial_tokens */,
-            base::UnguessableToken::Create(), std::move(worker_settings),
-            kV8CacheOptionsDefault, nullptr /* worklet_module_responses_map */),
+            false /* starter_secure_context */,
+            CalculateHttpsState(security_origin_.get()),
+            nullptr /* worker_clients */, mojom::IPAddressSpace::kLocal,
+            nullptr /* origin_trial_tokens */, base::UnguessableToken::Create(),
+            std::move(worker_settings), kV8CacheOptionsDefault,
+            nullptr /* worklet_module_responses_map */),
         WorkerBackingThreadStartupData(
             WorkerBackingThreadStartupData::HeapLimitMode::kDefault,
             WorkerBackingThreadStartupData::AtomicsWaitMode::kAllow));

chromium/third_party/blink/renderer/core/workers/global_scope_creation_params.cc

@@ -17,6 +17,7 @@ GlobalScopeCreationParams::GlobalScopeCreationParams(
     ReferrerPolicy referrer_policy,
     const SecurityOrigin* starter_origin,
     bool starter_secure_context,
+    HttpsState starter_https_state,
     WorkerClients* worker_clients,
     mojom::IPAddressSpace address_space,
     const Vector<String>* origin_trial_tokens,
@@ -34,6 +35,7 @@ GlobalScopeCreationParams::GlobalScopeCreationParams(
       referrer_policy(referrer_policy),
       starter_origin(starter_origin ? starter_origin->IsolatedCopy() : nullptr),
       starter_secure_context(starter_secure_context),
+      starter_https_state(starter_https_state),
       worker_clients(worker_clients),
       address_space(address_space),
       parent_devtools_token(parent_devtools_token),

chromium/third_party/blink/renderer/core/workers/global_scope_creation_params.h

@@ -20,6 +20,7 @@
 #include "third_party/blink/renderer/core/workers/worker_settings.h"
 #include "third_party/blink/renderer/core/workers/worklet_module_responses_map.h"
 #include "third_party/blink/renderer/platform/graphics/begin_frame_provider.h"
+#include "third_party/blink/renderer/platform/loader/fetch/https_state.h"
 #include "third_party/blink/renderer/platform/network/content_security_policy_parsers.h"
 #include "third_party/blink/renderer/platform/network/content_security_policy_response_headers.h"
 #include "third_party/blink/renderer/platform/weborigin/kurl.h"
@@ -44,6 +45,7 @@ struct CORE_EXPORT GlobalScopeCreationParams final {
       ReferrerPolicy referrer_policy,
       const SecurityOrigin*,
       bool starter_secure_context,
+      HttpsState starter_https_state,
       WorkerClients*,
       mojom::IPAddressSpace,
       const Vector<String>* origin_trial_tokens,
@@ -95,6 +97,8 @@ struct CORE_EXPORT GlobalScopeCreationParams final {
   // The value should be supplied as the result of Document.IsSecureContext().
   bool starter_secure_context;
 
+  HttpsState starter_https_state;
+
   // This object is created and initialized on the thread creating
   // a new worker context, but ownership of it and this
   // GlobalScopeCreationParams structure is passed along to the new worker

chromium/third_party/blink/renderer/core/workers/main_thread_worklet_test.cc

@@ -67,8 +67,9 @@ class MainThreadWorkletTest : public PageTestBase {
         document->Url(), ScriptType::kModule, document->UserAgent(),
         document->GetContentSecurityPolicy()->Headers(),
         document->GetReferrerPolicy(), document->GetSecurityOrigin(),
-        document->IsSecureContext(), nullptr /* worker_clients */,
-        document->AddressSpace(), OriginTrialContext::GetTokens(document).get(),
+        document->IsSecureContext(), document->GetHttpsState(),
+        nullptr /* worker_clients */, document->AddressSpace(),
+        OriginTrialContext::GetTokens(document).get(),
         base::UnguessableToken::Create(), nullptr /* worker_settings */,
         kV8CacheOptionsDefault, new WorkletModuleResponsesMap);
     global_scope_ = new MainThreadWorkletGlobalScope(

chromium/third_party/blink/renderer/core/workers/threaded_worklet_messaging_proxy.cc

@@ -59,7 +59,7 @@ void ThreadedWorkletMessagingProxy::Initialize(
           document->Url(), ScriptType::kModule, document->UserAgent(),
           csp->Headers(), document->GetReferrerPolicy(),
           document->GetSecurityOrigin(), document->IsSecureContext(),
-          worker_clients, document->AddressSpace(),
+          document->GetHttpsState(), worker_clients, document->AddressSpace(),
           OriginTrialContext::GetTokens(document).get(),
           base::UnguessableToken::Create(),
           std::make_unique<WorkerSettings>(document->GetSettings()),