Let ContentSecurityPolicy shared between imports and the master.

Let ContentSecurityPolicy shared between imports and the master.

This change is to match Blink's HTML Imports implementation
match the spec change [1] which says that all imported document
should follow CSP of the master document, instead of its own.

The implementation is straightforward. It:

- Makes ContentSecurityPolicy object ref-counted and passes
  one of the master to its imported document.
- Disables <meta> directive for CSP when the document is an import.

Tests have to be changed much. As one CSP constraints all the scripts in each test,
things like shouldBe() is no longer usable in many test. Also, many imports
are now need to be servced via CORS so the change turns some of them from HTML to CGI.

Removed tests are ones that is no longer relevant: if script-src is unsafe-inline,
we cannot load any imports thus cannot test scripts in such imports.

[1] https://www.w3.org/Bugs/Public/show_bug.cgi?id=24268

BUG=334210
TEST=http/tests/htmlimports/
R=abarth@chromium.org, dglazkov@chromium.org

Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=168331

[Hajime Morrita, 2014-02-27 23:36:42]

PTAL?

[abarth-chromium, 2014-02-28 06:54:34]

What is the lifetime relationship between an imported Document and its master? 
The ContentSecurityPolicy object contains a points to the master Document.  If
the master Document can die before the child Document, we could have a
use-after-free.

If that's not an issue (i.e., if the master never dies before the child), then
LGTM.

[abarth-chromium, 2014-02-28 06:54:58]

(I should say that I didn't review the tests.  Maybe Dimitri should check those
for spec compliance?)

[dglazkov, 2014-02-28 16:34:32]

I find these tests amazing.

[Hajime Morrita, 2014-02-28 18:05:53]

On 2014/02/28 06:54:34, abarth wrote:
> What is the lifetime relationship between an imported Document and its master?

> The ContentSecurityPolicy object contains a points to the master Document.  If
> the master Document can die before the child Document, we could have a
> use-after-free.
> 

> If that's not an issue (i.e., if the master never dies before the child), then
> LGTM.

Thanks for the catch! The pointer should be cleared when the master Document
dies.
Documents can be accessible from JS and there are ways to let them outlive  :-/

[Hajime Morrita, 2014-02-28 22:40:59]

The CQ bit was checked by morrita@chromium.org

[commit-bot: I haz the power, 2014-02-28 22:41:17]

CQ is trying da patch. Follow status at
https://chromium-status.appspot.com/cq/morrita@chromium.org/183883004/20001

[commit-bot: I haz the power, 2014-03-01 00:19:42]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2014-03-01 00:19:42]

Retried try job too often on blink_android_compile_rel for step(s) webkit_lint
http://build.chromium.org/p/tryserver.chromium/buildstatus?builder=blink_andr...

[Hajime Morrita, 2014-03-01 00:56:53]

The CQ bit was checked by morrita@chromium.org

[commit-bot: I haz the power, 2014-03-01 00:57:03]

CQ is trying da patch. Follow status at
https://chromium-status.appspot.com/cq/morrita@chromium.org/183883004/20001

[commit-bot: I haz the power, 2014-03-01 02:15:40]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2014-03-01 02:15:40]

Retried try job too often on blink_android_compile_rel for step(s) webkit_lint
http://build.chromium.org/p/tryserver.chromium/buildstatus?builder=blink_andr...

[Hajime Morrita, 2014-03-03 21:27:03]

The CQ bit was checked by morrita@chromium.org

[commit-bot: I haz the power, 2014-03-03 21:27:19]

CQ is trying da patch. Follow status at
https://chromium-status.appspot.com/cq/morrita@chromium.org/183883004/20001

[commit-bot: I haz the power, 2014-03-03 21:28:03]

Change committed as 168331