Skip interstitials and don't block requests for localhost SSL errors

chrome/browser/ssl/chrome_ssl_host_state_delegate.cc

Index: chrome/browser/ssl/chrome_ssl_host_state_delegate.cc
diff --git a/chrome/browser/ssl/chrome_ssl_host_state_delegate.cc b/chrome/browser/ssl/chrome_ssl_host_state_delegate.cc
index e179edb926b9ef8df5a97c152f88933e09be8c57..24f7ed00ca4613376071a924acd7877a0666c5ca 100644
--- a/chrome/browser/ssl/chrome_ssl_host_state_delegate.cc
+++ b/chrome/browser/ssl/chrome_ssl_host_state_delegate.cc
@@ -327,6 +327,14 @@ ChromeSSLHostStateDelegate::QueryPolicy(const std::string& host,
   scoped_ptr<base::Value> value(map->GetWebsiteSetting(
       url, url, CONTENT_SETTINGS_TYPE_SSL_CERT_DECISIONS, std::string(), NULL));
 
+  // We always let certificate errors on localhost through; they are

[felt, 2015/02/03 06:23:17]

nit: Given that "we" can sometimes be ambiguous, a standard Chrome
recommendation is to rephrase to avoid it.

another nit: Since this is behind a flag, we aren't *always* letting certificate
errors on localhost through.

[estark, 2015/02/03 22:42:09]

Done.

+  // unlikely to indicate actual security problems.
+  bool allowLocalhost = base::CommandLine::ForCurrentProcess()->
+    HasSwitch(switches::kAllowInsecureLocalhost);
+  if (allowLocalhost && url.DomainIs("localhost")) {
+    return ALLOWED;
+  }
+
   // Set a default value in case this method is short circuited and doesn't do a
   // full query.
   *expired_previous_decision = false;