[ServiceWorker] Don't register ServiceWorker with an invalid HTTPS certificate.

content/browser/service_worker/service_worker_write_to_cache_job.cc

Index: content/browser/service_worker/service_worker_write_to_cache_job.cc
diff --git a/content/browser/service_worker/service_worker_write_to_cache_job.cc b/content/browser/service_worker/service_worker_write_to_cache_job.cc
index 4e2c24fd49051f23ed7503186f8882f8e018b1af..a2f347e74d75b91cb83d6f7093e7a38cb8f2a240 100644
--- a/content/browser/service_worker/service_worker_write_to_cache_job.cc
+++ b/content/browser/service_worker/service_worker_write_to_cache_job.cc
@@ -305,7 +305,7 @@ void ServiceWorkerWriteToCacheJob::OnCertificateRequested(
       net::URLRequestStatus::FAILED, net::ERR_FAILED));
 }
 
-void ServiceWorkerWriteToCacheJob:: OnSSLCertificateError(
+void ServiceWorkerWriteToCacheJob::OnSSLCertificateError(
     net::URLRequest* request,
     const net::SSLInfo& ssl_info,
     bool fatal) {
@@ -315,7 +315,7 @@ void ServiceWorkerWriteToCacheJob:: OnSSLCertificateError(
   // TODO(michaeln): Pass this thru to our jobs client,
   // see NotifySSLCertificateError.
   AsyncNotifyDoneHelper(net::URLRequestStatus(
-      net::URLRequestStatus::FAILED, net::ERR_FAILED));
+      net::URLRequestStatus::FAILED, net::ERR_INSECURE_RESPONSE));
 }
 
 void ServiceWorkerWriteToCacheJob::OnBeforeNetworkStart(
@@ -341,6 +341,13 @@ void ServiceWorkerWriteToCacheJob::OnResponseStarted(
     // response to our consumer, just don't cache it?
     return;
   }
+  // OnSSLCertificateError is not called when the HTTPS connection is reused.
+  // So we check cert_status here.
+  if (net::IsCertStatusError(request->ssl_info().cert_status)) {
+    AsyncNotifyDoneHelper(net::URLRequestStatus(
+        net::URLRequestStatus::FAILED, net::ERR_INSECURE_RESPONSE));
+    return;
+  }
   // To prevent most user-uploaded content from being used as a serviceworker.
   if (version_->script_url() == url_) {
     std::string mime_type;