Fix DCHECK in WebFormElementObserverImpl

The WebFormElementObserverImpl made an incorrect but also totally unnecessary
cast of a Node to an HTMLElement. This edge case was discovered by the fuzzer
where a form was inside an <svg> element, whose style attribute was changed,
but which could not be casted to HTMLElement.

Bug: 861571
Change-Id: I62c8238e25ef39e662dc154a1f2bd772667ec52f
Reviewed-on: https://chromium-review.googlesource.com/1128973Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Commit-Queue: Dominic Battré <battre@chromium.org>
Cr-Commit-Position: refs/heads/master@{#573458}

third_party/blink/renderer/core/exported/web_form_element_observer_impl.cc

@@ -84,9 +84,8 @@ void WebFormElementObserverImpl::ObserverCallback::Deliver(
       }
     } else {
       // Either "style" or "class" was modified. Check the computed style.
-      HTMLElement& element = *ToHTMLElement(record->target());
       CSSComputedStyleDeclaration* style =
-          CSSComputedStyleDeclaration::Create(&element);
+          CSSComputedStyleDeclaration::Create(record->target());
       if (style->GetPropertyValue(CSSPropertyDisplay) == "none") {
         callback_->ElementWasHiddenOrRemoved();
         Disconnect();