(Re-)introduce AncestorThrottle to handle 'X-Frame-Options'.

content/renderer/render_frame_impl.cc

Index: content/renderer/render_frame_impl.cc
diff --git a/content/renderer/render_frame_impl.cc b/content/renderer/render_frame_impl.cc
index 824f1b636f0d3a2c3d07cf96e77a6f8afc320513..ec92930e3023afe5cf8a6a0817526f6417ca33b4 100644
--- a/content/renderer/render_frame_impl.cc
+++ b/content/renderer/render_frame_impl.cc
@@ -2340,6 +2340,18 @@ void RenderFrameImpl::LoadNavigationErrorPage(
   const blink::WebHistoryItem& history_item =
       entry ? entry->root() : blink::WebHistoryItem();
 
+  // Requests blocked by the X-Frame-Options or by the CSP directive
+  // frame-ancestor don't display error pages but blank pages instead.

[alexmos, 2016/11/30 01:22:19]

I think this CL only moves XFO to the browser process, but not CSP
frame-ancestors, so let's not mention frame-ancestors here until we move it over
as well :)

[arthursonzogni, 2016/11/30 13:49:55]

Done.

+  // See crbug.com/622385 if you want to remove this.

[alexmos, 2016/11/30 01:22:19]

Let's rephrase this as a TODO to remove this once error pages commit in the
right process.  Feel free to include myself, mkwst, and/or yourself as the
TODO() target. :)  Let's also reference crbug.com/588314 in addition to 622385.

[arthursonzogni, 2016/11/30 13:49:55]

Done.

+  if (error.reason == net::ERR_BLOCKED_BY_RESPONSE) {
+    frame_->loadData("", WebString::fromUTF8("text/html"),
+                     WebString::fromUTF8("UTF-8"),
+                     GURL("data:text/html,"), WebURL(), replace,

[alexmos, 2016/11/30 01:22:19]

Existing code uses SecurityOrigin::urlWithUniqueSecurityOrigin(), which is
defined as "data:,".  Perhaps we can reuse that URL here?

[arthursonzogni, 2016/11/30 13:49:55]

Done.

+                     frame_load_type, history_item,
+                     blink::WebHistoryDifferentDocumentLoad, false);
+    return;
+  }

[arthursonzogni, 2016/11/23 17:38:51]

Some justifications about this:
* I use "" to load a blank page.
* I use GURL("data:text/html,") such that forward/backward navigation reloads a
blank page and not something else. GURL("about:blank") is not a better
alternative because in that case, the parent frame is allowed to access its
children, which is forbidden.

The behavior is the same as the actual one. Once there is no more problems with
error pages, this block should be removed.

[alexmos, 2016/11/30 01:22:19]

Ack.  This seems fairly similar to what is currently done by
DocumentLoader::cancelLoadAfterXFrameOptionsOrCSPDenied.

+
   frame_->loadData(error_html, WebString::fromUTF8("text/html"),
                    WebString::fromUTF8("UTF-8"), GURL(kUnreachableWebDataURL),
                    error.unreachableURL, replace, frame_load_type, history_item,