Update FormatOriginForSecurityDisplay() comments

components/url_formatter/elide_url.h

Index: components/url_formatter/elide_url.h
diff --git a/components/url_formatter/elide_url.h b/components/url_formatter/elide_url.h
index acdccbf70e0adf5d293dbf2ba8f2d3ea587feb95..c6f53986a46bbe952efc6c548563cc6f84a6d66d 100644
--- a/components/url_formatter/elide_url.h
+++ b/components/url_formatter/elide_url.h
@@ -84,6 +84,17 @@ base::string16 FormatUrlForSecurityDisplay(
 
 // This is a convenience function for formatting a url::Origin in a concise and
 // human-friendly way, to help users make security-related decisions.
+//
+// Internationalized domain names (IDN) may be presented in Unicode if
+// they're regarded safe.

[palmer, 2016/06/16 22:20:00]

Maybe say what "safe" means in this context. Also, the implementation of this
function doesn't seem to make any direct decisions about IDN safety.

[juncai, 2016/06/16 22:36:50]

Right. This paragraph is removed.

+//
+// - Omits the port if it is 0 or the default for the scheme.
+//
+// Do not use this for origins which will be parsed or sent to other
+// applications.
+//
+// Generally, prefer SchemeDisplay::SHOW to omitting the scheme unless there is
+// plenty of indication as to whether the origin is secure elsewhere in the UX.
 base::string16 FormatOriginForSecurityDisplay(
     const url::Origin& origin,
     const SchemeDisplay scheme_display = SchemeDisplay::SHOW);