Replicate Content-Security-Policy into remote frame proxies.

content/browser/frame_host/navigation_handle_impl.cc

Index: content/browser/frame_host/navigation_handle_impl.cc
diff --git a/content/browser/frame_host/navigation_handle_impl.cc b/content/browser/frame_host/navigation_handle_impl.cc
index 894f6ea13c0bced481e0404917b7837f41a1c2d4..b2fbbb702e147559ab438d4d14b95faf2986d60d 100644
--- a/content/browser/frame_host/navigation_handle_impl.cc
+++ b/content/browser/frame_host/navigation_handle_impl.cc
@@ -28,6 +28,25 @@ void UpdateThrottleCheckResult(
   *to_update = result;
 }
 
+void ResetContentSecurityPolicyFromHttpHeaders(
+    FrameTreeNode* frame_tree_node,
+    const scoped_refptr<net::HttpResponseHeaders>& response_headers) {
+  frame_tree_node->ResetContentSecurityPolicy();
+
+  ContentSecurityPolicyHeader header;
+  header.source = blink::WebContentSecurityPolicySourceHTTP;
+  if (response_headers->GetNormalizedHeader("Content-Security-Policy",
+                                            &header.header_value)) {
+    header.type = blink::WebContentSecurityPolicyTypeEnforce;
+    frame_tree_node->AddContentSecurityPolicy(header);
+  }
+  if (response_headers->GetNormalizedHeader(
+          "Content-Security-Policy-Report-Only", &header.header_value)) {
+    header.type = blink::WebContentSecurityPolicyTypeReport;
+    frame_tree_node->AddContentSecurityPolicy(header);
+  }
+}
+
 }  // namespace
 
 // static
@@ -361,8 +380,11 @@ void NavigationHandleImpl::WillProcessResponse(
   NavigationThrottle::ThrottleCheckResult result = CheckWillProcessResponse();
 
   // If the navigation is about to proceed, then it's ready to commit.
-  if (result == NavigationThrottle::PROCEED)
+  if (result == NavigationThrottle::PROCEED) {
     ReadyToCommitNavigation(render_frame_host);
+    ResetContentSecurityPolicyFromHttpHeaders(
+        render_frame_host->frame_tree_node(), response_headers);
+  }
 
   // If the navigation is not deferred, run the callback.
   if (result != NavigationThrottle::DEFER)