Enable HTTP-bad Phase 1 by default except iOS

components/security_state/core/security_state.cc

Index: components/security_state/core/security_state.cc
diff --git a/components/security_state/core/security_state.cc b/components/security_state/core/security_state.cc
index d5e867ed6de8ae7ea425a6ac330887c8a8ac19c3..e1f706562df7e9cd8eb21455e873d78fcee7a0fc 100644
--- a/components/security_state/core/security_state.cc
+++ b/components/security_state/core/security_state.cc
@@ -74,9 +74,17 @@ SecurityLevel GetSecurityLevelForNonSecureFieldTrial(
     if (!GetSecurityLevelAndHistogramValueForNonSecureFieldTrial(
             group, displayed_sensitive_input_on_http, &level, &status)) {
       // If neither the command-line switch nor field trial group is set, then
-      // nonsecure defaults to neutral.
+      // nonsecure defaults to neutral for iOS and HTTP_SHOW_WARNING on other
+      // platforms.
+#if defined(OS_IOS)
       status = NEUTRAL;
       level = NONE;
+#else
+      status = HTTP_SHOW_WARNING;
+      level = displayed_sensitive_input_on_http
+                  ? security_state::HTTP_SHOW_WARNING
+                  : NONE;
+#endif
     }
   }