Mixed Content: Don't override a request's context during redirects.

LayoutTests/http/tests/security/mixedContent/insecure-script-through-redirection-expected.txt

Index: LayoutTests/http/tests/security/mixedContent/insecure-script-through-redirection-expected.txt
diff --git a/LayoutTests/http/tests/security/mixedContent/insecure-script-through-redirection-expected.txt b/LayoutTests/http/tests/security/mixedContent/insecure-script-through-redirection-expected.txt
new file mode 100644
index 0000000000000000000000000000000000000000..def031c1a6fadf6ec7f723cf29a66025a08c9e9a
--- /dev/null
+++ b/LayoutTests/http/tests/security/mixedContent/insecure-script-through-redirection-expected.txt
@@ -0,0 +1,2 @@
+CONSOLE WARNING: Mixed Content: The page at 'https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-script-through-redirection.html' was loaded over HTTPS, but requested an insecure script 'http://127.0.0.1:8000/security/mixedContent/resources/script.js'. This content should also be served over HTTPS.

[mmal, 2014/09/26 12:10:41]

Is it only a warning we now shows for scripts?

[Mike West, 2014/09/26 12:58:48]

In layout tests, yes. Which is silly. I don't know the historical context, but
the "allow_running_of_insecure_content" flag is set to true in
TestPreferences::Reset. You have to add
`testRunner.overridePreference("WebKitAllowRunningInsecureContent", false);` to
the test to see the blocking behavior. *shrug*

[mmal, 2014/09/26 13:32:29]

Is it the case when only http server is started but the test is opened on chrome
canary? I saw warning there, while chrome stable blocked the script.

+This test opens a window that loads an insecure script through redirection. We should block it.