Don't commit the blocked URL when a frame is blocked by XFrameOptions.

third_party/WebKit/Source/core/loader/DocumentLoader.cpp

Index: third_party/WebKit/Source/core/loader/DocumentLoader.cpp
diff --git a/third_party/WebKit/Source/core/loader/DocumentLoader.cpp b/third_party/WebKit/Source/core/loader/DocumentLoader.cpp
index 8d320475baeebc8b197aa2ad247952ffb564b645..5f0fed374f76a91178a024558f36fe9efb30a97d 100644
--- a/third_party/WebKit/Source/core/loader/DocumentLoader.cpp
+++ b/third_party/WebKit/Source/core/loader/DocumentLoader.cpp
@@ -356,9 +356,18 @@ void DocumentLoader::cancelLoadAfterXFrameOptionsOrCSPDenied(const ResourceRespo
 
     setWasBlockedAfterXFrameOptionsOrCSP();
 
-    // Pretend that this was an empty HTTP 200 response.
+    // Pretend that this was an empty HTTP 200 response.  Don't reuse the
+    // original URL for the empty page (https://crbug.com/622385).
+    //
+    // TODO(mkwst):  Remove this once XFO moves to the browser.
+    // https://crbug.com/555418.
     clearMainResourceHandle();
-    m_response = ResourceResponse(blankURL(), "text/html", 0, nullAtom, String());
+    KURL blockedURL = SecurityOrigin::urlWithUniqueSecurityOrigin();
+    m_originalRequest.setURL(blockedURL);
+    m_request.setURL(blockedURL);
+    m_redirectChain.removeLast();
+    appendRedirect(blockedURL);
+    m_response = ResourceResponse(blockedURL, "text/html", 0, nullAtom, String());
     finishedLoading(monotonicallyIncreasingTime());
 
     return;