(Re-)introduce AncestorThrottle to handle 'X-Frame-Options'.

third_party/WebKit/Source/core/loader/FrameLoader.cpp

Index: third_party/WebKit/Source/core/loader/FrameLoader.cpp
diff --git a/third_party/WebKit/Source/core/loader/FrameLoader.cpp b/third_party/WebKit/Source/core/loader/FrameLoader.cpp
index a577dbea66984bba2f7d0fe6f7ba8cbf7eed3725..cb81d9c911b53ef89047e7e73ca473703ffdc61f 100644
--- a/third_party/WebKit/Source/core/loader/FrameLoader.cpp
+++ b/third_party/WebKit/Source/core/loader/FrameLoader.cpp
@@ -1718,72 +1718,6 @@ void FrameLoader::applyUserAgent(ResourceRequest& request) {
   request.setHTTPUserAgent(AtomicString(userAgent));
 }
 
-bool FrameLoader::shouldInterruptLoadForXFrameOptions(
-    const String& content,
-    const KURL& url,
-    unsigned long requestIdentifier) {
-  UseCounter::count(m_frame->domWindow()->document(),
-                    UseCounter::XFrameOptions);
-
-  Frame* topFrame = m_frame->tree().top();
-  if (m_frame == topFrame)
-    return false;
-
-  XFrameOptionsDisposition disposition = parseXFrameOptionsHeader(content);
-
-  switch (disposition) {
-    case XFrameOptionsSameOrigin: {
-      UseCounter::count(m_frame->domWindow()->document(),
-                        UseCounter::XFrameOptionsSameOrigin);
-      RefPtr<SecurityOrigin> origin = SecurityOrigin::create(url);
-      // Out-of-process ancestors are always a different origin.
-      if (!topFrame->isLocalFrame() ||
-          !origin->isSameSchemeHostPort(
-              toLocalFrame(topFrame)->document()->getSecurityOrigin()))
-        return true;
-      for (Frame* frame = m_frame->tree().parent(); frame;
-           frame = frame->tree().parent()) {
-        if (!frame->isLocalFrame() ||
-            !origin->isSameSchemeHostPort(
-                toLocalFrame(frame)->document()->getSecurityOrigin())) {
-          UseCounter::count(
-              m_frame->domWindow()->document(),
-              UseCounter::XFrameOptionsSameOriginWithBadAncestorChain);
-          break;
-        }
-      }
-      return false;
-    }
-    case XFrameOptionsDeny:
-      return true;
-    case XFrameOptionsAllowAll:
-      return false;
-    case XFrameOptionsConflict: {
-      ConsoleMessage* consoleMessage = ConsoleMessage::createForRequest(
-          JSMessageSource, ErrorMessageLevel,
-          "Multiple 'X-Frame-Options' headers with conflicting values ('" +
-              content + "') encountered when loading '" + url.elidedString() +
-              "'. Falling back to 'DENY'.",
-          url, requestIdentifier);
-      m_frame->document()->addConsoleMessage(consoleMessage);
-      return true;
-    }
-    case XFrameOptionsInvalid: {
-      ConsoleMessage* consoleMessage = ConsoleMessage::createForRequest(
-          JSMessageSource, ErrorMessageLevel,
-          "Invalid 'X-Frame-Options' header encountered when loading '" +
-              url.elidedString() + "': '" + content +
-              "' is not a recognized directive. The header will be ignored.",
-          url, requestIdentifier);
-      m_frame->document()->addConsoleMessage(consoleMessage);
-      return false;
-    }
-    default:
-      NOTREACHED();
-      return false;
-  }
-}
-
 bool FrameLoader::shouldTreatURLAsSameAsCurrent(const KURL& url) const {
   return m_currentItem && url == m_currentItem->url();
 }