CSP source *.x.y should not match host x.y

third_party/WebKit/Source/core/frame/csp/CSPSource.cpp

Index: third_party/WebKit/Source/core/frame/csp/CSPSource.cpp
diff --git a/third_party/WebKit/Source/core/frame/csp/CSPSource.cpp b/third_party/WebKit/Source/core/frame/csp/CSPSource.cpp
index 461f566fc55746d1002d568cc0e85c6d26c70cf2..5be05dad47dd1f5708ded735ec26620edb5355a0 100644
--- a/third_party/WebKit/Source/core/frame/csp/CSPSource.cpp
+++ b/third_party/WebKit/Source/core/frame/csp/CSPSource.cpp
@@ -5,6 +5,7 @@
 #include "config.h"
 #include "core/frame/csp/CSPSource.h"
 
+#include "core/frame/UseCounter.h"
 #include "core/frame/csp/ContentSecurityPolicy.h"
 #include "platform/weborigin/KURL.h"
 #include "platform/weborigin/KnownPorts.h"
@@ -44,10 +45,24 @@ bool CSPSource::schemeMatches(const KURL& url) const
 bool CSPSource::hostMatches(const KURL& url) const
 {
     const String& host = url.host();
-    if (equalIgnoringCase(host, m_host))
-        return true;
-    return m_hostWildcard == HasWildcard && host.endsWith("." + m_host, TextCaseInsensitive);
-
+    Document* document = m_policy->document();
+    bool match;
+
+    bool equalHosts = equalIgnoringCase(host, m_host);
+    if (m_hostWildcard == HasWildcard) {
+        match = host.endsWith("." + m_host, TextCaseInsensitive);
+
+        // Chrome used to, incorrectly, match *.x.y to x.y. This was fixed, but
+        // the following count measures when a match fails that would have
+        // passed the old, incorrect style, in case a lot of sites were
+        // relying on that behavior.
+        if (document && equalHosts)
+            UseCounter::count(*document, UseCounter::CSPSourceWildcardWouldMatchExactHost);
+    } else {
+        match = equalHosts;
+    }
+
+    return match;
 }
 
 bool CSPSource::pathMatches(const KURL& url) const