Experimental Feature: Allow-CSP-From header

third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h

Index: third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h
diff --git a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h
index a51449bb06735d0bb26130fbe62482d901406d74..0ca494e7e592db71f0cc626e17aa6dff80749529 100644
--- a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h
+++ b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h
@@ -354,6 +354,12 @@ class CORE_EXPORT ContentSecurityPolicy
 
   static bool isNonceableElement(const Element*);
 
+  // This method checks whether the request should be allowed for an
+  // experimental EmbeddingCSP feature
+  // Please, see https://w3c.github.io/webappsec-csp/embedded/#origin-allowed.
+  static bool shouldEnforceEmbeddersPolicy(const ResourceResponse&,
+                                           SecurityOrigin*);
+
   Document* document() const;
 
  private: