net: make HSTS hosts use the normal SSL interstitials

content/browser/ssl/ssl_cert_error_handler.cc

Index: content/browser/ssl/ssl_cert_error_handler.cc
diff --git a/content/browser/ssl/ssl_cert_error_handler.cc b/content/browser/ssl/ssl_cert_error_handler.cc
index c668b411d400d461232b4c8cabc0acfe0affa309..8af198a90b8ed7a0bc0c4176170f40eb83dc2a9e 100644
--- a/content/browser/ssl/ssl_cert_error_handler.cc
+++ b/content/browser/ssl/ssl_cert_error_handler.cc
@@ -13,15 +13,13 @@ SSLCertErrorHandler::SSLCertErrorHandler(
     net::URLRequest* request,
     ResourceType::Type resource_type,
     int cert_error,
-    net::X509Certificate* cert)
+    const net::SSLInfo& ssl_info,
+    bool must_be_fatal)
     : SSLErrorHandler(rdh, request, resource_type),
-      cert_error_(cert_error) {
+      ssl_info_(ssl_info),
+      cert_error_(cert_error),
+      must_be_fatal_(must_be_fatal) {
   DCHECK(request == resource_dispatcher_host_->GetURLRequest(request_id_));
-
-  // We cannot use the request->ssl_info(), it's not been initialized yet, so
-  // we have to set the fields manually.
-  ssl_info_.cert = cert;
-  ssl_info_.SetCertError(cert_error);

[wtc, 2011/09/23 00:04:51]

This is interesting -- so in the original code, ssl_info_
only has the |cert| and |cert_status| members properly
initialized.

I found that we only use the |cert|, |cert_status|, and
|security_bits| members of ssl_info_.  The default value
of |security_bits| is -1.  Could you find out in a debugger
if ssl_info.security_bits (note it's the |ssl_info| argument)
is also -1 at this point?  Thanks.

[agl, 2011/09/23 18:45:38]

ssl_info.security_bits has the value that you would expect (i.e. 128 for most
sites).

[wtc, 2011/09/26 19:18:48]

That should be fine.  Could be considered an improvement :-)

 }
 
 SSLCertErrorHandler* SSLCertErrorHandler::AsSSLCertErrorHandler() {