[Payment Request] Respect --ignore-certificate-errors flag.

Before this patch, Payment Request would always return false for
canMakePayment() and hasEnrolledInstrument() and reject show() with
NotSupportedError for websites with invalid certificates, even if the
--ignore-certificate-errors flag was passed on the command line. This
flag is used by web platform tests, which was unable to run some Payment
Request tests.

This patch checks for --ignore-certificate-errors flag the SSL validity
checker for Payment Request.

After this patch, web platform tests are able to run more of the Payment
Request tests.

Bug: 964472
Change-Id: I94be74cbaa973a37b5effc0d3925e18ca5a50f2f
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1618121Reviewed-by: Danyao Wang <danyao@chromium.org>
Commit-Queue: Rouslan Solomakhin <rouslan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#661012}

chrome/browser/payments/ssl_validity_checker.cc

@@ -4,8 +4,10 @@
 
 #include "chrome/browser/payments/ssl_validity_checker.h"
 
+#include "base/command_line.h"
 #include "base/logging.h"
 #include "chrome/browser/ssl/security_state_tab_helper.h"
+#include "components/network_session_configurator/common/network_switches.h"
 #include "components/security_state/core/security_state.h"
 
 namespace payments {
@@ -21,7 +23,10 @@ bool SslValidityChecker::IsSslCertificateValid(
   security_state::SecurityLevel security_level = helper->GetSecurityLevel();
   return security_level == security_state::EV_SECURE ||
          security_level == security_state::SECURE ||
-         security_level == security_state::SECURE_WITH_POLICY_INSTALLED_CERT;
+         security_level == security_state::SECURE_WITH_POLICY_INSTALLED_CERT ||
+         // No early return, so the other code is exercised in tests, too.
+         base::CommandLine::ForCurrentProcess()->HasSwitch(
+             switches::kIgnoreCertificateErrors);
 }
 
 }  // namespace payments