CSP: Dedicated workers always inherit policy.

third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/worker-redirect-blocked-by-connect-src.html

-<!DOCTYPE html>
-<html>
-<head>
-    <script src="/resources/testharness.js"></script>
-    <script src="/resources/testharnessreport.js"></script>
-    <meta http-equiv="Content-Security-Policy" content="child-src 'self'; connect-src 'none'">
-</head>
-<body>
-    <script>
-        var t = async_test("worker redirects to location disallowed by connect-src");
-                var worker = new Worker("/security/resources/redir.php?url=" + encodeURIComponent("http://127.0.0.1:8000/security/contentSecurityPolicy/resources/worker-postmessage.js"));
-        worker.addEventListener("message", function () {
-            t.done();
-        });
-        worker.postMessage("go");
-    </script>
-</body>
-</html>