Move 'frame-src' CSP checks into FrameFetchContext.

content/browser/site_per_process_browsertest.cc

Index: content/browser/site_per_process_browsertest.cc
diff --git a/content/browser/site_per_process_browsertest.cc b/content/browser/site_per_process_browsertest.cc
index d8f517e83baff1feb9618154f3e63c20ceb89c09..89bc318762a94a9a93ecd2c80d3c86720daf0eb1 100644
--- a/content/browser/site_per_process_browsertest.cc
+++ b/content/browser/site_per_process_browsertest.cc
@@ -6214,10 +6214,10 @@ IN_PROC_BROWSER_TEST_F(SitePerProcessIgnoreCertErrorsBrowserTest,
   ASSERT_EQ(1U, root->child_count());
   FrameTreeNode* mixed_child = root->child_at(0)->child_at(0);
   ASSERT_TRUE(mixed_child);
-  // The child iframe attempted to create a mixed iframe; this should
-  // have been blocked, so the mixed iframe should not have committed a
-  // load.
-  EXPECT_FALSE(mixed_child->has_committed_real_load());
+  // The child iframe attempted to create a mixed iframe; this will commit
+  // a load to 'data:,' (so that it ends up in a unique origin).
+  EXPECT_TRUE(mixed_child->has_committed_real_load());
+  EXPECT_EQ(GURL("data:,"), mixed_child->current_url());
 }
 
 // Test that subresources with certificate errors that are redundant
@@ -6431,15 +6431,14 @@ IN_PROC_BROWSER_TEST_F(SitePerProcessBrowserTest,
     load_observer.Wait();
   }
 
-  // The blocked frame should stay at the old location.
-  EXPECT_EQ(old_subframe_url, root->child_at(0)->current_url());
+  // The blocked frame should commit 'about:blank'
+  EXPECT_EQ(GURL("data:,"), root->child_at(0)->current_url());

[Charlie Reis, 2016/06/02 17:22:11]

Is the comment wrong?  about:blank and data:, aren't the same, are they?  (Same
below.)

[alexmos, 2016/06/02 22:21:06]

nit: maybe we could just define a kBlockedPageURL and use that everywhere in
this file?  Also +1 to Charlie's comment about the comment :)

[Mike West, 2016/06/06 08:40:09]

Done and done.

 
-  // The blocked frame should keep the old title.
   std::string frame_title;
   EXPECT_TRUE(ExecuteScriptAndExtractString(
       root->child_at(0)->current_frame_host(),
       "domAutomationController.send(document.title)", &frame_title));
-  EXPECT_EQ("Title Of Awesomeness", frame_title);
+  EXPECT_EQ("", frame_title);
 
   // Navigate to a URL without CSP.
   EXPECT_TRUE(NavigateToURL(
@@ -6508,15 +6507,14 @@ IN_PROC_BROWSER_TEST_F(SitePerProcessBrowserTest,
     load_observer2.Wait();
   }
 
-  // The blocked frame should stay at the old location.
-  EXPECT_EQ(old_subframe_url, root->child_at(0)->current_url());
+  // The blocked frame should commit 'about:blank'
+  EXPECT_EQ(GURL("data:,"), root->child_at(0)->current_url());
 
-  // The blocked frame should keep the old title.
   std::string frame_title;
   EXPECT_TRUE(ExecuteScriptAndExtractString(
       root->child_at(0)->current_frame_host(),
       "domAutomationController.send(document.title)", &frame_title));
-  EXPECT_EQ("Title Of Awesomeness", frame_title);
+  EXPECT_EQ("", frame_title);
 }
 
 // Test that a cross-origin frame's navigation can be blocked by CSP frame-src.
@@ -6579,15 +6577,14 @@ IN_PROC_BROWSER_TEST_F(SitePerProcessBrowserTest,
     load_observer2.Wait();
   }
 
-  // The blocked frame should stay at the old location.
-  EXPECT_EQ(old_subframe_url, navigating_frame->current_url());
+  // The blocked frame should commit 'about:blank'.
+  EXPECT_EQ(GURL("data:,"), navigating_frame->current_url());
 
-  // The blocked frame should keep the old title.
   std::string frame_title;
   EXPECT_TRUE(ExecuteScriptAndExtractString(
       navigating_frame->current_frame_host(),
       "domAutomationController.send(document.title)", &frame_title));
-  EXPECT_EQ("Title Of Awesomeness", frame_title);
+  EXPECT_EQ("", frame_title);
 
   // Navigate the subframe to a URL without CSP.
   NavigateFrameToURL(srcdoc_frame,