Basic experimental suborigin CSP directive and SecurityOrigin mods

Source/core/dom/ExecutionContext.cpp

Index: Source/core/dom/ExecutionContext.cpp
diff --git a/Source/core/dom/ExecutionContext.cpp b/Source/core/dom/ExecutionContext.cpp
index a559d1c459d0b23cf46a16752ff19ece544d013a..74c59b26455cba7c3e7dfb59f1b7c4ba0cb957b8 100644
--- a/Source/core/dom/ExecutionContext.cpp
+++ b/Source/core/dom/ExecutionContext.cpp
@@ -37,6 +37,7 @@
 #include "core/inspector/ScriptCallStack.h"
 #include "core/workers/WorkerGlobalScope.h"
 #include "core/workers/WorkerThread.h"
+#include "platform/RuntimeEnabledFeatures.h"
 #include "wtf/MainThread.h"
 
 namespace blink {
@@ -253,6 +254,20 @@ void ExecutionContext::removeURLFromMemoryCache(const KURL& url)
     memoryCache()->removeURLFromCache(url);
 }
 
+// |name| should be non-empty, and this should be enforced by parsing.
+void ExecutionContext::enforceSuborigin(const String& name)
+{
+    if (name.isNull())
+        return;
+    ASSERT(!name.isEmpty());
+    ASSERT(RuntimeEnabledFeatures::suboriginsEnabled());

[jochen (gone - plz use gerrit), 2015/04/27 19:35:10]

maybe just return if it's not enabled?

[jww, 2015/05/30 01:11:07]

If Suborigins aren't enabled, then the CSP directive will just fail silently,
but it should never reach here, so I'd rather leave this as an ASSERT if that's
OK.

+    SecurityOrigin* origin = securityContext().securityOrigin();
+    ASSERT(origin);
+    ASSERT(!origin->hasSuborigin() || origin->suboriginName() == name);
+    origin->addSuborigin(name);
+    securityContext().didUpdateSecurityOrigin();
+}
+
 DEFINE_TRACE(ExecutionContext)
 {
 #if ENABLE(OILPAN)