Downgrade lock icon for broken-HTTPS subresources

content/browser/ssl/ssl_policy.cc

Index: content/browser/ssl/ssl_policy.cc
diff --git a/content/browser/ssl/ssl_policy.cc b/content/browser/ssl/ssl_policy.cc
index dab2a5aa1ecd98f5627175d19dc0cfa6fe705301..b540431648d935cec1f0da46b8f714417a09861e 100644
--- a/content/browser/ssl/ssl_policy.cc
+++ b/content/browser/ssl/ssl_policy.cc
@@ -118,15 +118,11 @@ void SSLPolicy::DidRunInsecureContent(NavigationEntryImpl* entry,
 }
 
 void SSLPolicy::OnRequestStarted(SSLRequestInfo* info) {
-  // TODO(abarth): This mechanism is wrong.  What we should be doing is sending
-  // this information back through WebKit and out some FrameLoaderClient
-  // methods.
-
-  if (net::IsCertStatusError(info->ssl_cert_status())) {
-    backend_->HostRanInsecureContent(info->url().host(), info->child_id());
-  } else if (info->ssl_cert_id() && info->url().SchemeIsCryptographic()) {
-    // If the scheme is https: or wss: *and* the security info for the cert has
-    // been set (i.e. the cert id is not 0), revoke any previous decisions that
+  if (info->ssl_cert_id() && info->url().SchemeIsCryptographic() &&
+      !net::IsCertStatusError(info->ssl_cert_status())) {
+    // If the scheme is https: or wss: *and* the security info for the
+    // cert has been set (i.e. the cert id is not 0) and the cert did
+    // not have any errors, revoke any previous decisions that
     // have occurred. If the cert info has not been set, do nothing since it
     // isn't known if the connection was actually a valid connection or if it
     // had a cert error.