Some more background:

UX is (now) asking the Omnibox to perform UI transitions based upon changes within the security model. Prior to this, we would simply translate the current security level to a UI state. If the security level "glitched", the user wouldn't see it.

Now, if the level goes from 'no security(0)' to 'secure(2)', we're supposed to kick off an animation, which the user can clearly see. Thus, if the level goes from 'insecure(5)' to 'no security(0)' to 'secure(2)', we will animate, but if the level correctly went directly from 'insecure(5)' to 'secure(2)', then we wouldn't.

What's most interesting is that we're not seeing the intervening 'no security(0)' level when going from 'secure(2)' to 'insecure(5)'. Thus, the conditions under which we animate is inconsistent.

+felt@, would you mind taking a look?  It seems the problem is caused by using the arrow keys. Somehow ToolBarModel thinks user is inputting something to it, and returns SecurityLevel::NONE.

https://cs.chromium.org/chromium/src/components/toolbar/toolbar_model_impl.cc?dr=C&sq=package:chromium&rcl=1472831237&l=65

Tried to reproduce it in 63.0.3225.0, following the instructions doesn't seem to trigger it though. Alternating from badssl.com to very.badssl.com using Alt+arrow keys prints out the expected transition from 3 to 5 and 5 to 3 (after enabling unsafe scripts on very.badssl.com, before enabling them the transitions are from 3 to 0 and 0 to 3).

I'm seeing the same thing. I don't know if the timing of Layout() changed, or if the security model did in fact improve; I don't see any CLs submitted on behalf of this bug. So closing, can't duplicate.