Able to reproduce the issue on Windows 10, mac 10.11.6 and Ubuntu 14.04 using chrome reported version #54.0.2840.99 and latest canary #56.0.2920.0.

Bisect Information:
=====================
Good build: 54.0.2840.15
Bad Build : 54.0.2840.16

Could not run the bisect tool as the good and bad builds are branch builds. Hence, providing the CL from omahaproxy.

Change Log URL: 
https://chromium.googlesource.com/chromium/src/+log/54.0.2840.15..54.0.2840.16?pretty=fuller&n=10000

Unable to find any suspect from the above CL, could anyone from the dev team please look into this issue.

Thanks...!!

Any update on this issue?

I see. We're treating `mailto:` as a navigation, and disallowing it because it doesn't match the policy (and isn't a standard scheme so it doesn't match `*`). For better or worse, even if you'd fixed the `frame-src` bit, it still wouldn't have worked, because we're also blocking it as mixed content. :(

1. I overstated the mixed content impact; we treat it as passive mixed content. The request isn't blocked, but it degrades the security UX of the browser. In general, I think that's a good idea for non-webby schemes that launch native applications. That kind of communication is potentially dangerous, and marking it as such seems reasonable.

2. `mailto:` is specced as a navigation, and implemented as such in browsers. I'm torn as to whether we should special-case it as part of `*` in CSP. On the one hand, I think it was probably a mistake to limit `*` to webby schemes. On the other, `mailto:` is baked-into the platform in a way that other custom schemes aren't. So... I'll start a spec discussion.

I fixed this issue on my side by adding mailto: to the default-src  

I think that's a reasonable solution (and I apologize that it took me so long to see this). I also think that, at a minimum, we should improve Chrome's error message so that the scope of `*` is clear, because it isn't at all today. :(

Sounds good to me