Fixed javascript in bookmarks cause connection info box to appear

[josiah-keller]

Test plan

#8104 (comment)

---

• Did you search for similar issues before submitting this one? Yes

• Describe the issue you encountered: Any bookmark with a javascript: URL, such as a bookmarklet, causes the connection info box to show up when the bookmark is activated.

• Platform (Win7, 8, 10? macOS? Linux distro?): Windows 10

• Brave Version (revision SHA): 8a97b0c

• Steps to reproduce:

  1. Create a new bookmark (bookmarks manager->right-click->Add Bookmark)
  2. Give the bookmark an arbitrary name and use this for the URL: javascript:void(alert('Hello world!'))
  3. Switch to a website tab (on about: tabs the code doesn't run)
  4. Click the resulting bookmark

• Actual result: The alert appears, but in addition, the connection info box appears.

• Expected result: The connection info box should not appear.

• Will the steps above reproduce in a fresh profile? If not what other info can be added?

• Is this an issue in the currently released version? Yes

• Can this issue be consistently reproduced? Yes

[darkdh]

This is intended to warn users for potential phishing introduced in #7865 made by @diracdeltas

[josiah-keller]

@darkdh In that case, shouldn't the warning be displayed when the bookmark is created? And be more specific?

[josiah-keller]

@darkdh Also, on a legit page there's nothing in the box about phishing, so it's not at all clear to the user why it's being displayed.

[diracdeltas]

it's only displayed for javascript:, data:, and blob: URLs but probably more annoying than useful for javascript: because bookmarklets