GitLab

Previously, we were treating all blob: URLs as nonsecure for the purposes of
HTTP-Bad: namely, all blob: URLs would get a security level of
HTTP_SHOW_WARNING. Instead, we now use the origin of the blob: URL to determine
whether the security level should be HTTP_SHOW_WARNING (for nonsecure origins)
or NONE (for secure origins).

Bug: 797533
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo
Change-Id: I5400aaad91b55c3330d01c43bba5056b7351f723
Reviewed-on: https://chromium-review.googlesource.com/1031529
Commit-Queue: Emily Stark <estark@chromium.org>
Reviewed-by: Mustafa Emre Acer <meacer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#554759}