Avoid initializing a SecurityOrigin from a KURL for isSecure() check.

third_party/WebKit/Source/platform/weborigin/SecurityPolicy.cpp

Index: third_party/WebKit/Source/platform/weborigin/SecurityPolicy.cpp
diff --git a/third_party/WebKit/Source/platform/weborigin/SecurityPolicy.cpp b/third_party/WebKit/Source/platform/weborigin/SecurityPolicy.cpp
index ee60b12d53d92d8dbe4b922e3f740a015c5c41bf..2971d499926ac889ac8f29890296148f4ca0f9f5 100644
--- a/third_party/WebKit/Source/platform/weborigin/SecurityPolicy.cpp
+++ b/third_party/WebKit/Source/platform/weborigin/SecurityPolicy.cpp
@@ -207,6 +207,13 @@ bool SecurityPolicy::isOriginWhiteListedTrustworthy(
   return trustworthyOriginSet().contains(origin.toRawString());
 }
 
+bool SecurityPolicy::isUrlWhiteListedTrustworthy(const KURL& url) {
+  // Early return to avoid initializing the SecurityOrigin.
+  if (trustworthyOriginSet().isEmpty())
+    return false;
+  return isOriginWhiteListedTrustworthy(*SecurityOrigin::create(url).get());
+}
+
 bool SecurityPolicy::isAccessWhiteListed(const SecurityOrigin* activeOrigin,
                                          const SecurityOrigin* targetOrigin) {
   if (OriginAccessWhiteList* list =