Move 'frame-src' CSP checks into FrameFetchContext.

third_party/WebKit/Source/core/loader/FrameLoader.cpp

Index: third_party/WebKit/Source/core/loader/FrameLoader.cpp
diff --git a/third_party/WebKit/Source/core/loader/FrameLoader.cpp b/third_party/WebKit/Source/core/loader/FrameLoader.cpp
index 2b94715d0ecbb29575518815d8c9543d0edae911..0dc2534a27ccb1f6fd793e3423f203e8a749de23 100644
--- a/third_party/WebKit/Source/core/loader/FrameLoader.cpp
+++ b/third_party/WebKit/Source/core/loader/FrameLoader.cpp
@@ -1366,23 +1366,8 @@ bool FrameLoader::shouldContinueForNavigationPolicy(const ResourceRequest& reque
     if (request.url().isEmpty() || substituteData.isValid())
         return true;
 
-    // If we're loading content into a subframe, check against the parent's Content Security Policy
-    // and kill the load if that check fails, unless we should bypass the main world's CSP.
-    if (shouldCheckMainWorldContentSecurityPolicy == CheckContentSecurityPolicy) {
-        Frame* parentFrame = m_frame->tree().parent();
-        if (parentFrame) {
-            ContentSecurityPolicy* parentPolicy = parentFrame->securityContext()->contentSecurityPolicy();
-            if (!parentPolicy->allowChildFrameFromSource(request.url(), request.redirectStatus())) {
-                // Fire a load event, as timing attacks would otherwise reveal that the
-                // frame was blocked. This way, it looks like every other cross-origin
-                // page load.
-                m_frame->document()->enforceSandboxFlags(SandboxOrigin);
-                m_frame->owner()->dispatchLoad();
-                return false;
-            }
-        }
-    }
-
+    // TODO(mkwst): Look into moving this to 'FrameFetchContext::canRequestInternal' alongside the
+    // 'frame-src' checks.
     bool isFormSubmission = type == NavigationTypeFormSubmitted || type == NavigationTypeFormResubmitted;
     if (isFormSubmission && !m_frame->document()->contentSecurityPolicy()->allowFormAction(request.url()))
         return false;