add {secure:} opt to protocol.registerStandardSchemes

atom/app/atom_content_client.cc

@@ -204,4 +204,18 @@ void AtomContentClient::AddServiceWorkerSchemes(
   service_worker_schemes->insert(url::kFileScheme);
 }
 
+void AtomContentClient::AddSecureSchemesAndOrigins(
+    std::set<std::string>* secure_schemes,
+    std::set<GURL>* secure_origins) {
+  std::vector<std::string> schemes;
+  ConvertStringWithSeparatorToVector(&schemes, ",",
+                                     switches::kRegisterSecureSchemes);                        
+  if (!schemes.empty()) {
+    for (const std::string& scheme : schemes) {
+      secure_schemes->insert(scheme);
+    }
+  }
+}
+
+
 }  // namespace atom

atom/app/atom_content_client.h

@@ -31,6 +31,9 @@ class AtomContentClient : public brightray::ContentClient {
       std::vector<content::PepperPluginInfo>* plugins) override;
   void AddServiceWorkerSchemes(
       std::set<std::string>* service_worker_schemes) override;
+  void AddSecureSchemesAndOrigins(
+      std::set<std::string>* secure_schemes,
+      std::set<GURL>* secure_origins) override;
 
  private:
   DISALLOW_COPY_AND_ASSIGN(AtomContentClient);

atom/browser/api/atom_api_protocol.cc

@@ -46,7 +46,7 @@ std::vector<std::string> GetStandardSchemes() {
   return g_standard_schemes;
 }
 
-void RegisterStandardSchemes(const std::vector<std::string>& schemes) {
+void RegisterStandardSchemes(const std::vector<std::string>& schemes, mate::Arguments* args) {
   g_standard_schemes = schemes;
 
   auto* policy = content::ChildProcessSecurityPolicy::GetInstance();
@@ -55,8 +55,17 @@ void RegisterStandardSchemes(const std::vector<std::string>& schemes) {
     policy->RegisterWebSafeScheme(scheme);
   }
 
+  // add switches to register as standard
   base::CommandLine::ForCurrentProcess()->AppendSwitchASCII(
       atom::switches::kStandardSchemes, base::JoinString(schemes, ","));
+
+  mate::Dictionary opts;
+  bool secure = false;
+  if (args->GetNext(&opts) && opts.Get("secure", &secure) && secure) {
+    // add switches to register as secure
+    base::CommandLine::ForCurrentProcess()->AppendSwitchASCII(
+      atom::switches::kRegisterSecureSchemes, base::JoinString(schemes, ","));
+  }
 }
 
 Protocol::Protocol(v8::Isolate* isolate, AtomBrowserContext* browser_context)
@@ -220,7 +229,7 @@ void RegisterStandardSchemes(
     return;
   }
 
-  atom::api::RegisterStandardSchemes(schemes);
+  atom::api::RegisterStandardSchemes(schemes, args);
 }
 
 void Initialize(v8::Local<v8::Object> exports, v8::Local<v8::Value> unused,

atom/browser/api/atom_api_protocol.h

@@ -29,7 +29,7 @@ namespace atom {
 namespace api {
 
 std::vector<std::string> GetStandardSchemes();
-void RegisterStandardSchemes(const std::vector<std::string>& schemes);
+void RegisterStandardSchemes(const std::vector<std::string>& schemes, mate::Arguments* args);
 
 class Protocol : public mate::TrackableObject<Protocol> {
  public:

atom/common/options_switches.cc

@@ -144,6 +144,9 @@ const char kStandardSchemes[] = "standard-schemes";
 // Register schemes to handle service worker.
 const char kRegisterServiceWorkerSchemes[] = "register-service-worker-schemes";
 
+// Register schemes as secure.
+const char kRegisterSecureSchemes[] = "register-secure-schemes";
+
 // The minimum SSL/TLS version ("tls1", "tls1.1", or "tls1.2") that
 // TLS fallback will accept.
 const char kSSLVersionFallbackMin[] = "ssl-version-fallback-min";

atom/common/options_switches.h

@@ -76,6 +76,7 @@ extern const char kPpapiFlashVersion[];
 extern const char kDisableHttpCache[];
 extern const char kStandardSchemes[];
 extern const char kRegisterServiceWorkerSchemes[];
+extern const char kRegisterSecureSchemes[];
 extern const char kSSLVersionFallbackMin[];
 extern const char kCipherSuiteBlacklist[];
 extern const char kAppUserModelId[];