Index: content/browser/frame_host/navigation_controller_impl.cc |
diff --git a/content/browser/frame_host/navigation_controller_impl.cc b/content/browser/frame_host/navigation_controller_impl.cc |
index 558396b20de98bf3c1550971fe1e70a5a92768e5..38445247b35671eadb933eaebfb324de1bb8d29d 100644 |
--- a/content/browser/frame_host/navigation_controller_impl.cc |
+++ b/content/browser/frame_host/navigation_controller_impl.cc |
@@ -1109,6 +1109,12 @@ void NavigationControllerImpl::RendererDidNavigateToNewPage( |
new_entry = GetLastCommittedEntry()->CloneAndReplace( |
frame_entry, true, rfh->frame_tree_node(), |
delegate_->GetFrameTree()->root()); |
+ if (new_entry->GetURL().GetOrigin() != params.url.GetOrigin()) { |
+ // TODO(jam): we had one report of this with a URL that was redirecting to |
+ // only tildes. Until we understand that better, don't copy the cert in |
+ // this case. |
+ new_entry->GetSSL() = SSLStatus(); |
+ } |
// We expect |frame_entry| to be owned by |new_entry|. This should never |
// fail, because it's the main frame. |
@@ -1220,6 +1226,8 @@ void NavigationControllerImpl::RendererDidNavigateToExistingPage( |
// meanwhile and no new page was created. We are stuck at the last committed |
// entry. |
entry = GetLastCommittedEntry(); |
+ CHECK(!is_in_page); |
+ entry->GetSSL() = handle->ssl_status(); |
} else if (params.nav_entry_id) { |
// This is a browser-initiated navigation (back/forward/reload). |
entry = GetEntryWithUniqueID(params.nav_entry_id); |