From John Mellor: Origin display needs to be made secure, i.e. we need to ensure the true origin always shows even if the developer shows a long title that contains "(https://fakeorigin.com)".
Currently we're just display "<title> <origin>" which means long titles (or in fact very short titles) can hide the origin.
Comment 1 by joh...@chromium.org
, Oct 16 2017