Prevent usage of web payments API over insecure HTTPS.

components/payments/content/android/java/src/org/chromium/components/payments/OriginSecurityChecker.java

Index: components/payments/content/android/java/src/org/chromium/components/payments/OriginSecurityChecker.java
diff --git a/components/payments/content/android/java/src/org/chromium/components/payments/OriginSecurityChecker.java b/components/payments/content/android/java/src/org/chromium/components/payments/OriginSecurityChecker.java
new file mode 100644
index 0000000000000000000000000000000000000000..d69cec40a00b60e3c6e199726ec43d0217ef981e
--- /dev/null
+++ b/components/payments/content/android/java/src/org/chromium/components/payments/OriginSecurityChecker.java
@@ -0,0 +1,37 @@
+// Copyright 2017 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+package org.chromium.components.payments;
+
+import org.chromium.base.annotations.JNINamespace;
+
+/** Helper for origin security. */
+@JNINamespace("payments")
+public class OriginSecurityChecker {
+    /**
+     * Returns true for a valid URL from a secure origin, e.g., http://localhost, file://test.html,
+     * https://bobpay.com.
+     *
+     * @param url The URL to check.
+     * @return Whether the origin of the URL is secure.
+     */
+    public static boolean isSecureOrigin(String url) {
+        return nativeIsSecureOrigin(url);
+    }
+
+    /**
+     * Returns true for a valid URL with a cryptoraphic scheme, e.g., HTTPS, HTTPS-SO, WSS.
+     *
+     * @param url The URL to check.
+     * @return Whether the scheme of the URL is cryptographic.
+     */
+    public static boolean isCryptographicScheme(String url) {
+        return nativeIsCryptographicScheme(url);
+    }
+
+    private OriginSecurityChecker() {}
+
+    private static native boolean nativeIsSecureOrigin(String url);
+    private static native boolean nativeIsCryptographicScheme(String url);
+}