Allow doc.written scripts with a matching domain and registry to execute.

third_party/WebKit/Source/core/loader/FrameFetchContext.cpp

Index: third_party/WebKit/Source/core/loader/FrameFetchContext.cpp
diff --git a/third_party/WebKit/Source/core/loader/FrameFetchContext.cpp b/third_party/WebKit/Source/core/loader/FrameFetchContext.cpp
index f873f582a862959088feae2731098e1add6b3b7e..badde027815f2df2a317cbf685437b71701447b9 100644
--- a/third_party/WebKit/Source/core/loader/FrameFetchContext.cpp
+++ b/third_party/WebKit/Source/core/loader/FrameFetchContext.cpp
@@ -64,6 +64,7 @@
 #include "platform/Logging.h"
 #include "platform/TracedValue.h"
 #include "platform/mhtml/MHTMLArchive.h"
+#include "platform/network/NetworkUtils.h"
 #include "platform/network/ResourceLoadPriority.h"
 #include "platform/network/ResourceTimingInfo.h"
 #include "platform/weborigin/SchemeRegistry.h"
@@ -110,7 +111,17 @@ bool shouldDisallowFetchForMainFrameScript(const ResourceRequest& request, Fetch
     // Avoid blocking same origin scripts, as they may be used to render main
     // page content, whereas cross-origin scripts inserted via document.write
     // are likely to be third party content.
-    if (request.url().host() == document.getSecurityOrigin()->domain())
+    String requestHost = request.url().host();
+    String documentHost = document.getSecurityOrigin()->domain();
+    if (requestHost == documentHost)
+        return false;
+
+    // If the hosts didn't match, then see if the domains match. For example, if
+    // a script is served from static.example.com for a document served from
+    // www.example.com, we consider that a first party script and allow it.
+    String requestDomain = NetworkUtils::getDomainAndRegistry(requestHost, true);
+    String documentDomain = NetworkUtils::getDomainAndRegistry(documentHost, true);
+    if (!requestDomain.isEmpty() && !documentDomain.isEmpty() && requestDomain == documentDomain)
         return false;
 
     emitWarningForDocWriteScripts(request.url().getString(), document);