UPGRADE: Correctly handle navigations.
The behavior of 'upgrade-insecure-requests' has regressed for iframes and
navigations due to some recent changes in those bits of the loader. Of
course, I was an idiot, and didn't write layout tests for those pieces,
but relied on unit tests. The unit tests kept working, because they hard
coded the expected inputs! Hooray! The web, however, broke. Bleh.
This patch adjusts things such that iframes and navigations are correctly
upgraded in the presence of the directive.
As a drive-by, it also disables the mixed content warning that we show for
insecure form actions on secure pages if upgrading is active (as part of
the UIR promise is that we won't break your security indicators).