Show form not secure warnings for blob and filesystem URLs.

components/security_state/core/security_state.cc

Index: components/security_state/core/security_state.cc
diff --git a/components/security_state/core/security_state.cc b/components/security_state/core/security_state.cc
index d5e867ed6de8ae7ea425a6ac330887c8a8ac19c3..4b98f74e2d8cd88314826f13e101c4458a9c3313 100644
--- a/components/security_state/core/security_state.cc
+++ b/components/security_state/core/security_state.cc
@@ -124,9 +124,13 @@ SecurityLevel GetSecurityLevelForRequest(
     return DANGEROUS;
   }
 
-  // Choose the appropriate security level for HTTP requests.
+  // Choose the appropriate security level for requests to HTTP and pseudo URLs
+  // (data:, blob:, filesystem:). filesystem: is a standard scheme so does not
+  // need to be explicitly listed here.
   if (!is_cryptographic_with_certificate) {
-    if (!is_origin_secure_callback.Run(url) && url.IsStandard()) {
+    if (!is_origin_secure_callback.Run(url) &&
+        (url.IsStandard() || url.SchemeIs(url::kDataScheme) ||
+         url.SchemeIs(url::kBlobScheme))) {
       return GetSecurityLevelForNonSecureFieldTrial(
           visible_security_state.displayed_password_field_on_http ||
           visible_security_state.displayed_credit_card_field_on_http);