Implement ContentSecurityPolicy on the browser-side.

third_party/WebKit/Source/core/frame/csp/CSPSource.h

Index: third_party/WebKit/Source/core/frame/csp/CSPSource.h
diff --git a/third_party/WebKit/Source/core/frame/csp/CSPSource.h b/third_party/WebKit/Source/core/frame/csp/CSPSource.h
index bcf85da701a255492a04d0e1528801136c5449f2..a9f255994d72217574bb1a6373d51986695ad3c5 100644
--- a/third_party/WebKit/Source/core/frame/csp/CSPSource.h
+++ b/third_party/WebKit/Source/core/frame/csp/CSPSource.h
@@ -9,6 +9,7 @@
 #include "core/frame/csp/ContentSecurityPolicy.h"
 #include "platform/heap/Handle.h"
 #include "platform/network/ResourceRequest.h"
+#include "public/platform/WebContentSecurityPolicyStruct.h"
 #include "wtf/Allocator.h"
 #include "wtf/text/WTFString.h"
 
@@ -46,6 +47,8 @@ class CORE_EXPORT CSPSource : public GarbageCollectedFinalized<CSPSource> {
   static bool firstSubsumesSecond(const HeapVector<Member<CSPSource>>&,
                                   const HeapVector<Member<CSPSource>>&);
 
+  WebContentSecurityPolicySourceExpression expose() const;
+
   DECLARE_TRACE();
 
  private: