Interesting. I know on Android, you can see the padlock (and check the cert if you want). The issue on a chromeless web views is that a malicious app could fake the chrome.