Add a new flag for HTTP-bad Phase 1 development work

This extends the #mark-non-secure-as flag to use for the HTTP-bad phase
1 (passwords and CC form detection) work. It currently behaves exactly
like the existing kMarkNonSecureAsNeutral switch, although presumably
that will change as we make progress.

BUG=646221

Review-Url: https://codereview.chromium.org/2337103002
Cr-Commit-Position: refs/heads/master@{#418860}

chrome/app/generated_resources.grd

@@ -5265,13 +5265,16 @@ Keep your key file in a safe place. You will need it to create new versions of y
         Mark non-secure origins as non-secure
       </message>
       <message name="IDS_MARK_NON_SECURE_AS_DESCRIPTION" desc="Description of the 'Mark Non-Secure Origins As' lab.">
-        Mark non-secure origins as non-secure, or as "dubious".
+        Change the UI treatment for non-secure (HTTP) origins
       </message>
       <message name="IDS_MARK_NON_SECURE_AS_NEUTRAL">
-        Mark non-secure origins as neutral.
+        Always mark non-secure origins as neutral
       </message>
       <message name="IDS_MARK_NON_SECURE_AS_NON_SECURE">
-        Mark non-secure origins as non-secure.
+        Always mark non-secure origins as non-secure
+      </message>
+      <message name="IDS_MARK_NON_SECURE_WITH_PASSWORDS_OR_CC_AS_NON_SECURE">
+        Mark non-secure origins as non-secure when password or credit card fields are detected
       </message>
       <message name="IDS_FLAGS_SAVE_PAGE_AS_MHTML_NAME" desc="Name of the 'Save Page as MHTML' lab.">
         Save Page as MHTML

chrome/browser/about_flags.cc

@@ -200,7 +200,10 @@ const FeatureEntry::Choice kMarkNonSecureAsChoices[] = {
      security_state::switches::kMarkNonSecureAsNeutral},
     {IDS_MARK_NON_SECURE_AS_NON_SECURE,
      security_state::switches::kMarkNonSecureAs,
-     security_state::switches::kMarkNonSecureAsNonSecure}};
+     security_state::switches::kMarkNonSecureAsNonSecure},
+    {IDS_MARK_NON_SECURE_WITH_PASSWORDS_OR_CC_AS_NON_SECURE,
+     security_state::switches::kMarkNonSecureAs,
+     security_state::switches::kMarkNonSecureWithPasswordsOrCcAsNonSecure}};
 
 const FeatureEntry::Choice kDataReductionProxyLoFiChoices[] = {
     { IDS_GENERIC_EXPERIMENT_CHOICE_DEFAULT, "", "" },

components/security_state/security_state_model.cc

@@ -37,7 +37,8 @@ SecurityStateModel::SecurityLevel GetSecurityLevelForNonSecureFieldTrial() {
   } else if (choice == switches::kMarkNonSecureAsNonSecure) {
     status = NON_SECURE;
     level = SecurityStateModel::SECURITY_ERROR;
-  } else if (group == switches::kMarkNonSecureAsNeutral) {
+  } else if (group == switches::kMarkNonSecureAsNeutral ||
+             group == switches::kMarkNonSecureWithPasswordsOrCcAsNonSecure) {
     status = NEUTRAL;
     level = SecurityStateModel::NONE;
   } else if (group == switches::kMarkNonSecureAsNonSecure) {

components/security_state/switches.cc

@@ -11,6 +11,8 @@ namespace switches {
 const char kMarkNonSecureAs[] = "mark-non-secure-as";
 const char kMarkNonSecureAsNeutral[] = "neutral";
 const char kMarkNonSecureAsNonSecure[] = "non-secure";
+const char kMarkNonSecureWithPasswordsOrCcAsNonSecure[] =
+    "non-secure-passwords-cc";
 
 }  // namespace switches
 }  // namespace security_state

components/security_state/switches.h

@@ -11,6 +11,7 @@ namespace switches {
 extern const char kMarkNonSecureAs[];
 extern const char kMarkNonSecureAsNeutral[];
 extern const char kMarkNonSecureAsNonSecure[];
+extern const char kMarkNonSecureWithPasswordsOrCcAsNonSecure[];
 
 }
 }  // namespace security_state