Implement the `require-sri-for` CSP directive

third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/require-sri-for/require-sri-for-worker-fromblob-allowed.php

Index: third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/require-sri-for/require-sri-for-worker-fromblob-allowed.php
diff --git a/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/require-sri-for/require-sri-for-worker-fromblob-allowed.php b/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/require-sri-for/require-sri-for-worker-fromblob-allowed.php
new file mode 100644
index 0000000000000000000000000000000000000000..22143ddd103cef1fe80acf0765ef62791912d2a3
--- /dev/null
+++ b/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/require-sri-for/require-sri-for-worker-fromblob-allowed.php
@@ -0,0 +1,15 @@
+<!doctype html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+// TODO(mkwst) extend the policy when workers support SRI
+<meta http-equiv="Content-Security-Policy" content="require-sri-for; script-src 'self' 'unsafe-inline'">
+<script>
+    var executed_test = async_test('Test that a worker can be created.');
+    var blob = URL.createObjectURL(new Blob(['importScripts("http://127.0.0.1:8000/security/contentSecurityPolicy/require-sri-for/sri-worker.js")']));
+    var worker = new Worker(blob);
+    worker.onmessage = function(e){
+        assert_equals(e.data, "ping");
+    };
+    document.addEventListener('securitypolicyviolation', executed_test.unreached_func("No report should be generated"));
+    executed_test.done();
+</script>