Add console warning and tests for strict secure cookies.

third_party/WebKit/Source/devtools/front_end/sdk/NetworkManager.js

Index: third_party/WebKit/Source/devtools/front_end/sdk/NetworkManager.js
diff --git a/third_party/WebKit/Source/devtools/front_end/sdk/NetworkManager.js b/third_party/WebKit/Source/devtools/front_end/sdk/NetworkManager.js
index 248740e8ea6043866c123217c285d6d32f019a08..6b857ebdc418c1fe7527cb3f5d51235143e76199 100644
--- a/third_party/WebKit/Source/devtools/front_end/sdk/NetworkManager.js
+++ b/third_party/WebKit/Source/devtools/front_end/sdk/NetworkManager.js
@@ -382,6 +382,22 @@ SDK.NetworkDispatcher = class {
           response.url));
     }
 
+    // Cookies with the Secure attribute set will be ignored if coming from an
+    // insecure connection. See net::CanonicalCookie::Create in
+    // net/cookies/canonical_cookie.cc. Note that this console message is meant
+    // to be temporary, and should be removed after 08/01/2017.
+    if (response.url.asParsedURL().scheme !== 'https' &&
+        'Set-Cookie' in response.headers) {
+      var cookies = SDK.CookieParser.parseSetCookie(this._manager._target, response.headers['Set-Cookie']);
+      for (var i = 0; i < cookies.length; i++) {
+        if (cookies[i].secure()) {
+          Common.console.warn(Common.UIString(
+              'Set-Cookie for %s is ignored in response from url: %s. It is marked as secure, but the response url is insecure.',
+              cookies[i].name(), response.url));
+        }
+      }
+    }
+
     this._updateNetworkRequestWithResponse(networkRequest, response);
 
     this._updateNetworkRequest(networkRequest);