When trying on https://untrusted-root.badssl.com/, the page contents turn white, but the browser doesn't appear to crash. Chrome version 56.0.2924.67 beta on nyan_big.

Crash repros on M55, example crash report: crash/9785fff080000000

Blank page repros on M57. The privacy policy actually uses an onclick handler to show the page, and it doesn't handle middle click properly: https://cs.chromium.org/chromium/src/components/security_interstitials/core/controller_client.cc?l=21&cl=GROK&gsn=kPrivacyLinkHtml

meacer@, can you take a look at this?

Same for me here.

OS: Ubuntu Linux 16.04
Chromium version: Version 55.0.2883.87

console output:
[6830:6854:0202/154540:ERROR:cert_verify_proc_nss.cc(942)] CERT_PKIXVerifyCert for <some domain> failed err=-8179
[6830:6830:0202/154719:FATAL:navigation_handle_impl.cc(470)] Check failed: url_ == params.url ( vs. about:blank)
#0 0x7fb8871ec7be base::debug::StackTrace::StackTrace()
#1 0x7fb887208247 logging::LogMessage::~LogMessage()
#2 0x7fb881f88a1f content::NavigationHandleImpl::DidCommitNavigation()
#3 0x7fb881f7b1a3 content::InterstitialPageNavigatorImpl::DidNavigate()
#4 0x7fb881f95fc1 content::RenderFrameHostImpl::OnDidCommitProvisionalLoad()
#5 0x7fb881f9e84e <unknown>
#6 0x7fb8820fb9a9 <unknown>
#7 0x7fb8809de3f4 IPC::ChannelProxy::Context::OnDispatchMessage()
#8 0x7fb8871edccb base::debug::TaskAnnotator::RunTask()
#9 0x7fb8872124cf base::MessageLoop::RunTask()
#10 0x7fb887213b4d base::MessageLoop::DeferOrRunPendingTask()
#11 0x7fb88721494d base::MessageLoop::DoWork()
#12 0x7fb887214f61 base::MessagePumpGlib::Run()
#13 0x7fb887236dc8 base::RunLoop::Run()
#14 0x555d58e08117 <unknown>
#15 0x7fb881eb522f content::BrowserMainLoop::RunMainMessageLoopParts()
#16 0x7fb881eb749d <unknown>
#17 0x7fb881eb1159 content::BrowserMain()
#18 0x7fb8824ecd14 <unknown>
#19 0x7fb8824ec021 content::ContentMain()
#20 0x555d5887093c <unknown>
#21 0x7fb8726b0830 __libc_start_main
#22 0x555d58870809 <unknown>

Aborted (core dumped)

Fix at https://codereview.chromium.org/2673963004/

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/5ecfaa1461f7ec8faf7bae9456cf2888a7608add

commit 5ecfaa1461f7ec8faf7bae9456cf2888a7608add
Author: meacer <meacer@chromium.org>
Date: Tue Feb 07 22:41:50 2017

Fix crash caused by middle clicking the privacy link in SSL interstitials

Middle clicking the privacy link initiates a new navigation instead of an
in-page navigation which causes a crash. This CL changes the link to an
in-page link to prevent that.

BUG= 682596 

Review-Url: https://codereview.chromium.org/2673963004
Cr-Commit-Position: refs/heads/master@{#448753}

[modify] https://crrev.com/5ecfaa1461f7ec8faf7bae9456cf2888a7608add/components/security_interstitials/core/controller_client.cc

This is a one character fix and has been baking in Canary for 5 days. Requesting merge to M57.

Your change meets the bar and is auto-approved for M57. Please go ahead and merge the CL to branch 2987 manually. Please contact milestone owner if you have questions.
Owners: amineer@(clank), cmasso@(bling), ketakid@(cros), govind@(desktop)

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/23d4cde5a1addad4c462335124a5a367baec3399

commit 23d4cde5a1addad4c462335124a5a367baec3399
Author: Mustafa Acer <meacer@chromium.org>
Date: Mon Feb 13 19:48:19 2017

[Merge M57] Fix crash caused by middle clicking the privacy link in SSL interstitials

Middle clicking the privacy link initiates a new navigation instead of an
in-page navigation which causes a crash. This CL changes the link to an
in-page link to prevent that.

BUG= 682596 
TBR=estark

Review-Url: https://codereview.chromium.org/2673963004
Cr-Commit-Position: refs/heads/master@{#448753}
(cherry picked from commit 5ecfaa1461f7ec8faf7bae9456cf2888a7608add)

Review-Url: https://codereview.chromium.org/2692953002 .
Cr-Commit-Position: refs/branch-heads/2987@{#483}
Cr-Branched-From: ad51088c0e8776e8dcd963dbe752c4035ba6dab6-refs/heads/master@{#444943}

[modify] https://crrev.com/23d4cde5a1addad4c462335124a5a367baec3399/components/security_interstitials/core/controller_client.cc

**Ignore Previous comment**

Tested this issue on Windows-10 and Mac OS 10.12 using chrome latest M57-57.0.2987.54 by following steps mentioned in the original comment. By opening the link https://untrusted-root.badssl.com/ unable to see any 'Privacy policy' link to verify this issue. But able to view the link on Ubuntu 14.04, by middle clicking on privacy policy no crashes has been observed.

meacer@ Attaching screen-shot for reference, Could you please let us know how to verify this issue on Windows and Mac OS?

Thanks!

Deleted: Screen Shot 2017-02-15 at 3.15.57 PM.png 81.3 KB

	Screen Shot 2017-02-15 at 3.15.57 PM.png 81.3 KB View Download

brajkumar@: Sorry for incomplete instructions.

The checkbox is controlled by Finch, and I think you weren't automatically put in the right bucket that displays the checkbox. Can you please try running chrome with --force-fieldtrials=ReportCertificateErrors/ShowAndPossiblySend ?

Thank you  meacer@, Verified issue with Chrome 57.0.2987.54 on Windows 7,10, mac and Linux.

Also note that middle click doesn't work on interstitials. Filed bug 692656 for that.