Replicate Content-Security-Policy into remote frame proxies.

third_party/WebKit/Source/core/dom/RemoteSecurityContext.cpp

Index: third_party/WebKit/Source/core/dom/RemoteSecurityContext.cpp
diff --git a/third_party/WebKit/Source/core/dom/RemoteSecurityContext.cpp b/third_party/WebKit/Source/core/dom/RemoteSecurityContext.cpp
index cd753ba59bfd33737090b6fd8a951f39dd70633c..97cbf5dd6ff88bddcf9ca74cc657c22c5c4e31e2 100644
--- a/third_party/WebKit/Source/core/dom/RemoteSecurityContext.cpp
+++ b/third_party/WebKit/Source/core/dom/RemoteSecurityContext.cpp
@@ -16,10 +16,8 @@ RemoteSecurityContext::RemoteSecurityContext()
     // we set it using replicated origin data from the browser process.
     DCHECK(!getSecurityOrigin());
 
-    // CSP will not be replicated for RemoteSecurityContexts, as it is moving
-    // to the browser process.  For now, initialize CSP to a default
-    // locked-down policy.
-    setContentSecurityPolicy(ContentSecurityPolicy::create());
+    // Start with a clean slate.
+    resetReplicatedContentSecurityPolicy();
 
     // FIXME: Document::initSecurityContext has a few other things we may
     // eventually want here, such as enforcing a setting to
@@ -39,7 +37,15 @@ DEFINE_TRACE(RemoteSecurityContext)
 void RemoteSecurityContext::setReplicatedOrigin(PassRefPtr<SecurityOrigin> origin)
 {
     setSecurityOrigin(origin);
+    if (getSecurityOrigin())

[dcheng, 2016/05/11 20:15:07]

Is this ever actually null? it seems broken if it is. Can we just assert that
origin is always non-null?

[Łukasz Anforowicz, 2016/05/11 23:14:48]

Done.

+        contentSecurityPolicy()->bindToSecurityOrigin(*getSecurityOrigin());
 }
 
+void RemoteSecurityContext::resetReplicatedContentSecurityPolicy()
+{
+    setContentSecurityPolicy(ContentSecurityPolicy::create());
+    if (getSecurityOrigin())
+        contentSecurityPolicy()->bindToSecurityOrigin(*getSecurityOrigin());
+}
 
 } // namespace blink