[HTML Import] Respect Content Security Policy Model

Source/core/html/HTMLImportsController.cpp

Index: Source/core/html/HTMLImportsController.cpp
diff --git a/Source/core/html/HTMLImportsController.cpp b/Source/core/html/HTMLImportsController.cpp
index 91c93204cf1b067164bd2738eb38709b88723eb2..60089a7891d5f3612595a8f9c760d1669471fdb4 100644
--- a/Source/core/html/HTMLImportsController.cpp
+++ b/Source/core/html/HTMLImportsController.cpp
@@ -38,6 +38,7 @@
 #include "core/loader/DocumentWriter.h"
 #include "core/loader/cache/CachedScript.h"
 #include "core/loader/cache/ResourceFetcher.h"
+#include "core/page/ContentSecurityPolicy.h"
 #include "weborigin/SecurityOrigin.h"
 
 namespace WebCore {
@@ -90,7 +91,7 @@ void LinkImport::process()
 
     FetchRequest request = builder.build(true);
     request.setPotentiallyCrossOriginEnabled(controller->securityOrigin(), DoNotAllowStoredCredentials);
-    CachedResourceHandle<CachedRawResource> resource = controller->fetcher()->requestRawResource(request);
+    CachedResourceHandle<CachedRawResource> resource = m_owner->document()->fetcher()->requestImport(request);

[abarth-chromium, 2013/07/25 04:53:09]

requestImport  ->  fetchImport ?  :)

Not worth renaming in this CL, but an idea for your loader renaming project.

     if (!resource)
         return;
 
@@ -180,6 +181,7 @@ HTMLImportLoader::State HTMLImportLoader::startParsing(const ResourceResponse& r
         return StateError;
 
     m_importedDocument = HTMLDocument::create(DocumentInit(response.url(), 0, this));
+    m_importedDocument->initContentSecurityPolicy(ContentSecurityPolicyResponseHeaders(response));
     m_writer = DocumentWriter::create(m_importedDocument.get(), response.mimeType(), response.textEncodingName());
 
     return StateLoading;