CSP: 'connect-src' should not cause exceptions.

third_party/WebKit/Source/modules/beacon/NavigatorBeacon.cpp

Index: third_party/WebKit/Source/modules/beacon/NavigatorBeacon.cpp
diff --git a/third_party/WebKit/Source/modules/beacon/NavigatorBeacon.cpp b/third_party/WebKit/Source/modules/beacon/NavigatorBeacon.cpp
index c87cb3026b3fcda5529111c17df85e6424031a12..e29b8a8f2f3fc8d6ab19384da336d056a860ade3 100644
--- a/third_party/WebKit/Source/modules/beacon/NavigatorBeacon.cpp
+++ b/third_party/WebKit/Source/modules/beacon/NavigatorBeacon.cpp
@@ -14,7 +14,6 @@
 #include "core/frame/LocalFrame.h"
 #include "core/frame/Settings.h"
 #include "core/frame/UseCounter.h"
-#include "core/frame/csp/ContentSecurityPolicy.h"
 #include "core/html/FormData.h"
 #include "core/loader/PingLoader.h"
 #include "platform/loader/fetch/FetchUtils.h"
@@ -58,16 +57,6 @@ bool NavigatorBeacon::canSendBeacon(ExecutionContext* context,
         SyntaxError, "Beacons are only supported over HTTP(S).");
     return false;
   }
-  // FIXME: CSP is not enforced on redirects, crbug.com/372197
-  if (!ContentSecurityPolicy::shouldBypassMainWorld(context) &&
-      !context->contentSecurityPolicy()->allowConnectToSource(url)) {
-    // We can safely expose the URL to JavaScript, as these checks happen
-    // synchronously before redirection. JavaScript receives no new information.
-    exceptionState.throwSecurityError(
-        "Refused to send beacon to '" + url.elidedString() +
-        "' because it violates the document's Content Security Policy.");
-    return false;
-  }
 
   // If detached from frame, do not allow sending a Beacon.
   if (!supplementable()->frame())