When a navigation occurs there are security checks currently being made in the renderer process. With PlzNavigate, some of these security checks must be moved to or duplicated at the browser so that:
a) Navigations are not blocked on a renderer IPC round-trip, and
b) Navigations are not negatively affected performance wise.

The reason why some might be duplicated is to avoid the opposite performance issue when the renderer is fetching resources directly from its own cache (see discussion here [1]).

Security check examples:
- Mixed content (MIX).
- CSP checks.
- X-Frame-Options (XFO).
- Upgrades from HTTP to HTTPS.

This is an umbrella issue for other specific ones on each security check piece that needs to go through this work


[1] https://groups.google.com/a/chromium.org/d/topic/site-isolation-dev/m7I_26cnu2A/discussion