Content from about:blank URLs inherits the origin from the document that loaded the URL, since the URL itself does not give any information about the origin [1].  Therefore, constructing an url::Origin from about:blank GURL seems to always indicate a coding mistake (i.e. the origin being constructed is very unlikely to be the origin the caller intends to construct).  Therefore, it seems desirable to get to a state where url::Origin's constructors DCHECK (or CHECK?) when constructed for an about:blank URL:

    $ git diff origin/master
    diff --git a/url/origin.cc b/url/origin.cc
    index 81908281b51e..e51d698f2e78 100644
    --- a/url/origin.cc
    +++ b/url/origin.cc
    @@ -37,6 +37,13 @@ GURL AddSuboriginToUrl(const GURL& url, const std::string& suborigin) {
     Origin::Origin() : unique_(true), suborigin_(std::string()) {}
     
     Origin::Origin(const GURL& url) : unique_(true), suborigin_(std::string()) {
    +  // Content from about:blank URLs inherits the origin from the document that
    +  // loaded the URL, since the URL itself does not give any information about
    +  // the origin.  Therefore if the caller of Origin constructor passes in
    +  // an about:blank URL, it means that the information about the origin has
    +  // already been lost.
    +  DCHECK(!url.IsAboutBlank());
    +
       if (!url.is_valid() || (!url.IsStandard() && !url.SchemeIsBlob()))
         return;
     
    @@ -86,6 +93,13 @@ Origin::Origin(base::StringPiece scheme,
                    base::StringPiece suborigin,
                    SchemeHostPort::ConstructPolicy policy)
         : tuple_(scheme.as_string(), host.as_string(), port, policy) {
    +  // Content from about:blank URLs inherits the origin from the document that
    +  // loaded the URL, since the URL itself does not give any information about
    +  // the origin.  Therefore if the caller of Origin constructor passes in
    +  // an about:blank URL, it means that the information about the origin has
    +  // already been lost.
    +  DCHECK_NE(kAboutScheme, scheme);
    +
       unique_ = tuple_.IsInvalid();
       suborigin_ = suborigin.as_string();
     }
    @@ -96,6 +110,13 @@ Origin::Origin(std::string scheme,
                    std::string suborigin,
                    SchemeHostPort::ConstructPolicy policy)
         : tuple_(std::move(scheme), std::move(host), port, policy) {
    +  // Content from about:blank URLs inherits the origin from the document that
    +  // loaded the URL, since the URL itself does not give any information about
    +  // the origin.  Therefore if the caller of Origin constructor passes in
    +  // an about:blank URL, it means that the information about the origin has
    +  // already been lost.
    +  DCHECK_NE(kAboutScheme, scheme);
    +
       unique_ = tuple_.IsInvalid();
       suborigin_ = std::move(suborigin);
     }


An incomplete list of currently known callers that fail the DCHECKs proposed above (based on running url_unittests, content_unittests, unit_tests):

    content::SiteInstance::GetSiteForURL()
    - e.g. called by NavigationHandleImpl::NavigationHandleImpl - seems like a bug to me

    IsSensitiveURL()
    - compares about:blank's "origin" with "google.com;  otoh, about:blank should never appear in nav requests, so maybe this is okay?

    content::SiteInstanceImpl::GetEffectiveURL()
    - seems benign - about:blank's "origin" only compared with the list of isolated origins

    content::ChildProcessSecurityPolicyImpl::AddIsolatedOriginsFromCommandLine()
    - seems benign - only fails when called directly by test code

    content::SiteInstance::IsSameWebSite()
    - seems benign - only fails when called directly by test code


[1] See https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy, "Inherited origins" section