Part 3.1: Is policy list subsumed under subsuming policy?

third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h

Index: third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h
diff --git a/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h b/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h
index b305e5b816001596b461bfa223679f74d6d976da..1b26a6222315623711b5ddeb027c76ba54b5821c 100644
--- a/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h
+++ b/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h
@@ -22,6 +22,8 @@ namespace blink {
 
 class ContentSecurityPolicy;
 
+typedef HeapVector<Member<SourceListDirective>> SourceListDirectiveVector;
+
 class CORE_EXPORT CSPDirectiveList
     : public GarbageCollectedFinalized<CSPDirectiveList> {
   WTF_MAKE_NONCOPYABLE(CSPDirectiveList);
@@ -156,10 +158,15 @@ class CORE_EXPORT CSPDirectiveList
 
   bool shouldSendCSPHeader(Resource::Type) const;
 
+  // The algorithm is described here:
+  // https://w3c.github.io/webappsec-csp/embedded/#subsume-policy
+  bool subsumes(CSPDirectiveListVector);
+
   DECLARE_TRACE();
 
  private:
   FRIEND_TEST_ALL_PREFIXES(CSPDirectiveListTest, IsMatchingNoncePresent);
+  FRIEND_TEST_ALL_PREFIXES(CSPDirectiveListTest, GetSourceVector);
 
   enum RequireSRIForToken { None = 0, Script = 1 << 0, Style = 1 << 1 };
 
@@ -265,6 +272,11 @@ class CORE_EXPORT CSPDirectiveList
 
   bool denyIfEnforcingPolicy() const { return isReportOnly(); }
 
+  SourceListDirective* getSourceListDirective(const char* name);
+  static SourceListDirectiveVector getSourceVector(
+      const char* name,
+      CSPDirectiveListVector policies);
+
   Member<ContentSecurityPolicy> m_policy;
 
   String m_header;