Part 2.3: Is policy list subsumed under subsuming policy?

third_party/WebKit/Source/core/frame/csp/SourceListDirective.cpp

Index: third_party/WebKit/Source/core/frame/csp/SourceListDirective.cpp
diff --git a/third_party/WebKit/Source/core/frame/csp/SourceListDirective.cpp b/third_party/WebKit/Source/core/frame/csp/SourceListDirective.cpp
index 119921624da02cdff03ede62c515a9ff99f63e55..0dc7edfe695d0a9dd6408fa42f92f6b20251dff6 100644
--- a/third_party/WebKit/Source/core/frame/csp/SourceListDirective.cpp
+++ b/third_party/WebKit/Source/core/frame/csp/SourceListDirective.cpp
@@ -575,8 +575,19 @@ HeapVector<Member<CSPSource>> SourceListDirective::getIntersectCSPSources(
   for (const auto& aCspSource : m_list) {
     Member<CSPSource> matchedCspSource(nullptr);
     for (const auto& bCspSource : otherVector) {
-      if ((matchedCspSource = bCspSource->intersect(aCspSource)))
+      if (aCspSource->isSchemeOnly() && bCspSource->isSchemeOnly()) {

[Mike West, 2016/11/17 10:58:31]

Nit: I guess I reviewed this earlier, but looking at it not, |sourceA| seems a
lot clearer than |aCspSource|.

+        if (Member<CSPSource> intersection =
+                bCspSource->intersect(aCspSource)) {
+          matchedCspSource = intersection;
+          break;
+        }
+      }
+      if (bCspSource->subsumes(aCspSource)) {

[amalika, 2016/11/09 17:53:46]

We always want to preserve the CSPSource we are currently considering instead of
just finding intersaction.

This is to handle the case:

Example 3:
A: https://example.com http://example.com/foo
B: http://example.com/foo https://example.com


However, as soon as we know it is subsumed by bCSPSource, we can break out of
the loop.

+        matchedCspSource = aCspSource;
         break;
+      }
+      if (Member<CSPSource> intersection = bCspSource->intersect(aCspSource))
+        matchedCspSource = intersection;
     }
     if (matchedCspSource)
       normalized.append(matchedCspSource);