Index: third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h |
diff --git a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h |
index a51449bb06735d0bb26130fbe62482d901406d74..0ca494e7e592db71f0cc626e17aa6dff80749529 100644 |
--- a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h |
+++ b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h |
@@ -354,6 +354,12 @@ class CORE_EXPORT ContentSecurityPolicy |
static bool isNonceableElement(const Element*); |
+ // This method checks whether the request should be allowed for an |
+ // experimental EmbeddingCSP feature |
+ // Please, see https://w3c.github.io/webappsec-csp/embedded/#origin-allowed. |
+ static bool shouldEnforceEmbeddersPolicy(const ResourceResponse&, |
+ SecurityOrigin*); |
+ |
Document* document() const; |
private: |