Fix CHECK that's being fired inside NavigationControllerImpl::RendererDidNavigateToExistingPage.

The check was supposed to alert us if this condition is being hit, and apparently it is. Add logic to not copy the cert for in-page navigations. I didn't add logic to handle the restore case since intended_as_new_entry shouldn't be set in that scenario.

BUG=697827
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_site_isolation

Review-Url: https://codereview.chromium.org/2752113007
Cr-Commit-Position: refs/heads/master@{#457818}

content/browser/frame_host/navigation_controller_impl.cc

@@ -1219,8 +1219,10 @@ void NavigationControllerImpl::RendererDidNavigateToExistingPage(
     // meanwhile and no new page was created. We are stuck at the last committed
     // entry.
     entry = GetLastCommittedEntry();
-    CHECK(!is_in_page);
-    entry->GetSSL() = handle->ssl_status();
+    // If this is an in-page navigation, then there's no SSLStatus in the
+    // NavigationHandle so don't overwrite the existing entry's SSLStatus.
+    if (!is_in_page)
+      entry->GetSSL() = handle->ssl_status();
   } else if (params.nav_entry_id) {
     // This is a browser-initiated navigation (back/forward/reload).
     entry = GetEntryWithUniqueID(params.nav_entry_id);