Part 3.2: Is policy list subsumed under subsuming policy?

third_party/WebKit/Source/core/frame/csp/SourceListDirective.cpp

Index: third_party/WebKit/Source/core/frame/csp/SourceListDirective.cpp
diff --git a/third_party/WebKit/Source/core/frame/csp/SourceListDirective.cpp b/third_party/WebKit/Source/core/frame/csp/SourceListDirective.cpp
index 888a95f4d9d551d1ff86ab3386917b2d380d48a0..81693e89ce95e6320b1ce114117f38b7106806f8 100644
--- a/third_party/WebKit/Source/core/frame/csp/SourceListDirective.cpp
+++ b/third_party/WebKit/Source/core/frame/csp/SourceListDirective.cpp
@@ -575,18 +575,27 @@ bool SourceListDirective::subsumes(
   if (!m_list.size() || !other.size())
     return !m_list.size();
 
-  HeapVector<Member<CSPSource>> normalizedA = other[0]->m_list;
-  for (size_t i = 1; i < other.size(); i++) {
-    normalizedA = other[i]->getIntersectCSPSources(normalizedA);
-  }
+  HeapVector<Member<CSPSource>> normalizedA = m_list;
+  if (m_allowSelf)
+    normalizedA.append(m_policy->getSelfSource());
+
+  HeapVector<Member<CSPSource>> normalizedB = other[0]->m_list;
+  if (other[0]->m_allowSelf)
+    normalizedB.append(other[0]->m_policy->getSelfSource());
+  for (size_t i = 1; i < other.size(); i++)
+    normalizedB = other[i]->getIntersectCSPSources(normalizedB);
 
-  return CSPSource::firstSubsumesSecond(m_list, normalizedA);
+  return CSPSource::firstSubsumesSecond(normalizedA, normalizedB);
 }
 
 HeapVector<Member<CSPSource>> SourceListDirective::getIntersectCSPSources(
     HeapVector<Member<CSPSource>> otherVector) {
   HeapVector<Member<CSPSource>> normalized;
-  for (const auto& aCspSource : m_list) {
+  HeapVector<Member<CSPSource>> thisVector = m_list;
+  if (m_allowSelf)
+    thisVector.append(m_policy->getSelfSource());
+
+  for (const auto& aCspSource : thisVector) {
     Member<CSPSource> matchedCspSource(nullptr);
     for (const auto& bCspSource : otherVector) {
       if ((matchedCspSource = bCspSource->intersect(aCspSource)))