Fix SRI bypass by loading same resource twice in same origin.

third_party/WebKit/Source/core/fetch/ScriptResource.h

Index: third_party/WebKit/Source/core/fetch/ScriptResource.h
diff --git a/third_party/WebKit/Source/core/fetch/ScriptResource.h b/third_party/WebKit/Source/core/fetch/ScriptResource.h
index 3cab8be7442527c9d0c198a1bc16f3e58edb9a49..2e79b09636a458482e98825a7e8f0077f5e1a5de 100644
--- a/third_party/WebKit/Source/core/fetch/ScriptResource.h
+++ b/third_party/WebKit/Source/core/fetch/ScriptResource.h
@@ -34,6 +34,12 @@
 
 namespace blink {
 
+enum ScriptIntegrityDisposition {

[dcheng, 2016/02/09 01:12:46]

Nit: use enum class? And just name the enum members NotChecked/Failed/Passed.

It'll make a few things more verbose, but having things in a real namespace is
nice so we don't have a situation like this: https://crbug.com/584543

[jww, 2016/02/09 04:38:50]

Done.

+    IntegrityNotChecked = 0,
+    IntegrityFailed,
+    IntegrityPassed
+};
+
 class FetchRequest;
 class ScriptResource;
 
@@ -71,8 +77,8 @@ public:
 
     void setIntegrityMetadata(const IntegrityMetadataSet& metadata) { m_integrityMetadata = metadata; }
     const IntegrityMetadataSet& integrityMetadata() const { return m_integrityMetadata; }
-    void setIntegrityAlreadyChecked(bool checked) { m_integrityChecked = checked; }
-    bool integrityAlreadyChecked() { return m_integrityChecked; }
+    void setIntegrityAlreadyChecked(bool validIntegrity) { m_integrityDisposition =  (validIntegrity ? IntegrityPassed : IntegrityFailed); }
+    ScriptIntegrityDisposition integrityDisposition() { return m_integrityDisposition; }
     bool mustRefetchDueToIntegrityMetadata(const FetchRequest&) const override;
 
 private:
@@ -87,7 +93,7 @@ private:
         }
     };
 
-    bool m_integrityChecked;
+    ScriptIntegrityDisposition m_integrityDisposition;
     IntegrityMetadataSet m_integrityMetadata;
 
     CompressibleString m_script;