Replicate Content-Security-Policy into remote frame proxies.

content/common/frame_messages.h

Index: content/common/frame_messages.h
diff --git a/content/common/frame_messages.h b/content/common/frame_messages.h
index 72baac5eb7fd41f06127e1024fef8101a6d4e34d..28cdcef0c9ecf4176c8ac140f5408cefa4ea1bc4 100644
--- a/content/common/frame_messages.h
+++ b/content/common/frame_messages.h
@@ -18,6 +18,7 @@
 #include "cc/surfaces/surface_sequence.h"
 #include "content/common/content_export.h"
 #include "content/common/content_param_traits.h"
+#include "content/common/content_security_policy_header.h"
 #include "content/common/frame_message_enums.h"
 #include "content/common/frame_replication_state.h"
 #include "content/common/navigation_gesture.h"
@@ -387,6 +388,7 @@ IPC_STRUCT_TRAITS_BEGIN(content::FrameReplicationState)
   IPC_STRUCT_TRAITS_MEMBER(sandbox_flags)
   IPC_STRUCT_TRAITS_MEMBER(name)
   IPC_STRUCT_TRAITS_MEMBER(unique_name)
+  IPC_STRUCT_TRAITS_MEMBER(accumulated_csp_headers)
   IPC_STRUCT_TRAITS_MEMBER(scope)
   IPC_STRUCT_TRAITS_MEMBER(should_enforce_strict_mixed_content_checking)
   IPC_STRUCT_TRAITS_MEMBER(has_potentially_trustworthy_unique_origin)
@@ -542,6 +544,12 @@ IPC_STRUCT_BEGIN(FrameHostMsg_CreateChildFrame_Params)
   IPC_STRUCT_MEMBER(blink::WebFrameOwnerProperties, frame_owner_properties)
 IPC_STRUCT_END()
 
+IPC_STRUCT_TRAITS_BEGIN(content::ContentSecurityPolicyHeader)
+  IPC_STRUCT_TRAITS_MEMBER(header_value)
+  IPC_STRUCT_TRAITS_MEMBER(type)
+  IPC_STRUCT_TRAITS_MEMBER(source)
+IPC_STRUCT_TRAITS_END()
+
 #if defined(OS_MACOSX) || defined(OS_ANDROID)
 // This message is used for supporting popup menus on Mac OS X and Android using
 // native controls. See the FrameHostMsg_ShowPopup message.
@@ -772,6 +780,13 @@ IPC_MESSAGE_ROUTED2(FrameMsg_DidUpdateName,
                     std::string /* name */,
                     std::string /* unique_name */)
 
+// Updates ContentSecurityPolicy in a frame proxy / in RemoteSecurityContext.

[alexmos, 2016/05/11 19:46:40]

nit: Updates replicated ContentSecurityPolicy in a frame proxy.

Might also mention when it's sent (when the frame adds a CSP header via <meta>
in another process).

[Łukasz Anforowicz, 2016/05/11 23:14:48]

Done.
I'd rather avoid this - this is tricky (there are more triggers for sending CSP
to the browser) and I'd rather keep the explanation in a single place (i.e. in
comment for FrameLoaderClient::didAddContentSecurityPolicy).

[alexmos, 2016/05/12 22:37:24]

Acknowledged.

+IPC_MESSAGE_ROUTED1(FrameMsg_AddContentSecurityPolicy,
+                    content::ContentSecurityPolicyHeader)
+
+// Resets ContentSecurityPolicy in a frame proxy / in RemoteSecurityContext.
+IPC_MESSAGE_ROUTED0(FrameMsg_ResetContentSecurityPolicy)
+
 // Update a proxy's replicated enforcement of strict mixed content
 // checking.  Used when the frame's mixed content setting is changed in
 // another process.
@@ -966,6 +981,10 @@ IPC_MESSAGE_ROUTED2(FrameHostMsg_DidChangeName,
                     std::string /* name */,
                     std::string /* unique_name */)
 
+// Sent when the frame parsed a new Content Security Policy.
+IPC_MESSAGE_ROUTED1(FrameHostMsg_DidAddContentSecurityPolicy,
+                    content::ContentSecurityPolicyHeader)
+
 // Sent when the frame starts enforcing strict mixed content
 // checking. Sending this information in DidCommitProvisionalLoad isn't
 // sufficient; this message is needed because, for example, a document