Color the VR omnibox security icons.

chrome/browser/resources/vr_shell/vr_shell_ui.js

Index: chrome/browser/resources/vr_shell/vr_shell_ui.js
diff --git a/chrome/browser/resources/vr_shell/vr_shell_ui.js b/chrome/browser/resources/vr_shell/vr_shell_ui.js
index c3595e2937d770d03ec65e46954810de33754679..51271d7242380d0aa0a025f2f2b7a9232c67e314 100644
--- a/chrome/browser/resources/vr_shell/vr_shell_ui.js
+++ b/chrome/browser/resources/vr_shell/vr_shell_ui.js
@@ -347,11 +347,27 @@ var vrShellUi = (function() {
         this.setNativeVisibility(false);
         return;
       }
-      let secure = this.level == 2 || this.level == 3;
-      document.querySelector('#omni-secure-icon').style.display =
-          (secure ? 'block' : 'none');
-      document.querySelector('#omni-insecure-icon').style.display =
-          (secure ? 'none' : 'block');
+
+      // See security_state.h and getSecurityIconResource() for this mapping.
+      let image = 'warning.svg';
+      switch (this.level) {
+        case 0: // NONE
+        case 1: // HTTP_SHOW_WARNING
+        case 4: // SECURITY_WARNING
+          image = 'info.svg';
+          break;
+        case 2: // SECURE:
+        case 3: // EV_SECURE:
+          image = 'lock.svg';
+          break;
+        case 5: // SECURE_WITH_POLICY_INSTALLED_CERT
+          // TODO(cjgrant): Clank appears to not handle this case.

[cjgrant, 2016/12/05 20:28:36]

I'm investigating this, and will list a bug if warranted.

[cjgrant, 2016/12/06 15:52:00]

Done (not a bug, only ChromeOS uses '5')

+          break;
+        case 6: // DANGEROUS:

[mthiesse, 2016/12/05 20:57:30]

no dangerous icon? Saving that for later?

[cjgrant, 2016/12/05 22:10:17]

It would use the warning image from line 352, but that was a stupid place for a
default.  I'll move it.

[cjgrant, 2016/12/06 15:52:00]

Done.

+        default:
+          break;
+      }
+      document.querySelector('#omni-icon').src = 'images/' + image;
 
       let state = 'idle';
       this.visibleAfterTransition = true;