Remember user decisions on invalid certificates behind a flag

chrome/browser/browsing_data/browsing_data_remover.cc

Index: chrome/browser/browsing_data/browsing_data_remover.cc
diff --git a/chrome/browser/browsing_data/browsing_data_remover.cc b/chrome/browser/browsing_data/browsing_data_remover.cc
index d9f4802afb4afaef404bd6757bd5fec6b1eac6fa..0faabd11bdd8d9f1f44733a90e51569063f334b4 100644
--- a/chrome/browser/browsing_data/browsing_data_remover.cc
+++ b/chrome/browser/browsing_data/browsing_data_remover.cc
@@ -59,6 +59,7 @@
 #include "content/public/browser/notification_service.h"
 #include "content/public/browser/plugin_data_remover.h"
 #include "content/public/browser/session_storage_usage_info.h"
+#include "content/public/browser/ssl_host_state_decisions.h"
 #include "content/public/browser/storage_partition.h"
 #include "content/public/browser/user_metrics.h"
 #include "net/base/net_errors.h"
@@ -405,6 +406,11 @@ void BrowsingDataRemover::RemoveImpl(int remove_mask,
         base::Bind(&BrowsingDataRemover::OnClearedWebRtcLogs,
                    base::Unretained(this)));
 #endif
+
+    // The SSL Host State that tracks SSL interstitial "proceed" decisions may
+    // include origins that the user has visited, so it must be cleared.
+    if (profile_->GetSSLHostStateDecisions())
+      profile_->GetSSLHostStateDecisions()->Clear();

[Ryan Sleevi, 2014/07/17 23:19:35]

Privacy question: What if the user tries to delete all visits to site within the
past hour/day?

Seems like you might still persist this information, and only nuke it if they
nuke ALL data. Doesn't seem like what users will want?

[jww, 2014/07/21 23:39:32]

No, this deletes the cert memory if they delete the history for a site for any
length of time. I added a test to verify.

   }
 
   if ((remove_mask & REMOVE_DOWNLOADS) && may_delete_history) {