Disable Form-Not-Secure warning when |autofill_client_| is null

components/password_manager/core/browser/password_autofill_manager.cc

Index: components/password_manager/core/browser/password_autofill_manager.cc
diff --git a/components/password_manager/core/browser/password_autofill_manager.cc b/components/password_manager/core/browser/password_autofill_manager.cc
index b66695368640af5b944a0752b36faf8817eac5f5..970d059ac9312179ae947980c84abac54bb0784b 100644
--- a/components/password_manager/core/browser/password_autofill_manager.cc
+++ b/components/password_manager/core/browser/password_autofill_manager.cc
@@ -258,6 +258,16 @@ void PasswordAutofillManager::OnShowNotSecureWarning(
     base::i18n::TextDirection text_direction,
     const gfx::RectF& bounds) {
   DCHECK(security_state::IsHttpWarningInFormEnabled());
+  // TODO(estark): Other code paths in this file don't do null checks before
+  // using |autofill_client_|. It seems that these other code paths somehow
+  // short-circuit before dereferencing |autofill_client_| in cases where it's
+  // null; it would be good to understand why/how and make a firm decision about
+  // whether |autofill_client_| is allowed to be null. Ideally we would be able
+  // to get rid of such cases so that we can enable Form-Not-Secure warnings
+  // here in all cases. https://crbug.com/699217
+  if (!autofill_client_)
+    return;
+
   std::vector<autofill::Suggestion> suggestions;
   autofill::Suggestion http_warning_suggestion(
       l10n_util::GetStringUTF8(IDS_AUTOFILL_LOGIN_HTTP_WARNING_MESSAGE),