Adding CSP attribute on HTMLIFrameElement

third_party/WebKit/Source/core/html/HTMLIFrameElement.cpp

Index: third_party/WebKit/Source/core/html/HTMLIFrameElement.cpp
diff --git a/third_party/WebKit/Source/core/html/HTMLIFrameElement.cpp b/third_party/WebKit/Source/core/html/HTMLIFrameElement.cpp
index 3701006c9fe5ce2bd149e314f54818832022ef47..ec7c297e09d7f91816aadffba0c5413f43d11cc4 100644
--- a/third_party/WebKit/Source/core/html/HTMLIFrameElement.cpp
+++ b/third_party/WebKit/Source/core/html/HTMLIFrameElement.cpp
@@ -30,6 +30,7 @@
 #include "core/html/HTMLDocument.h"
 #include "core/inspector/ConsoleMessage.h"
 #include "core/layout/LayoutIFrame.h"
+#include "platform/RuntimeEnabledFeatures.h"
 
 namespace blink {
 
@@ -119,6 +120,8 @@ void HTMLIFrameElement::parseAttribute(const QualifiedName& name, const AtomicSt
     } else if (name == permissionsAttr) {
         if (initializePermissionsAttribute())
             m_permissions->setValue(value);
+    } else if (RuntimeEnabledFeatures::embedderCSPEnforcementEnabled() && name == cspAttr) {
+        m_csp = value;

[Mike West, 2016/09/26 14:55:02]

I think you need to notify the client that this value was updated. You don't
_need_ to do that in this patch, as you're not actually replicating
`FrameOwnerProperties` up to the host yet, but you might as well call into
`frameOwnerPropertiesChanged()` now so that you don't have to look for it again
later. :)

     } else {
         if (name == srcAttr)
             logUpdateAttributeIfIsolatedWorldAndInDocument("iframe", srcAttr, oldValue, value);