Implement ContentSecurityPolicy on the browser-side.

content/browser/frame_host/frame_tree_node.cc

Index: content/browser/frame_host/frame_tree_node.cc
diff --git a/content/browser/frame_host/frame_tree_node.cc b/content/browser/frame_host/frame_tree_node.cc
index fd58bcb57abcff1bcf72e6c7fe64ae4110f287f2..8bc73019f0b8317a3ba51dd915308c45b957c0f6 100644
--- a/content/browser/frame_host/frame_tree_node.cc
+++ b/content/browser/frame_host/frame_tree_node.cc
@@ -291,14 +291,17 @@ void FrameTreeNode::ResetFeaturePolicyHeader() {
 }
 
 void FrameTreeNode::AddContentSecurityPolicy(
-    const ContentSecurityPolicyHeader& header) {
+    const ContentSecurityPolicyHeader& header,
+    const std::vector<CSPPolicy>& policies) {
   replication_state_.accumulated_csp_headers.push_back(header);
   render_manager_.OnDidAddContentSecurityPolicy(header);
+  csp_policies_.insert(csp_policies_.end(), policies.begin(), policies.end());
 }
 
 void FrameTreeNode::ResetContentSecurityPolicy() {
   replication_state_.accumulated_csp_headers.clear();
   render_manager_.OnDidResetContentSecurityPolicy();
+  csp_policies_.clear();
 }
 
 void FrameTreeNode::SetInsecureRequestPolicy(