PlzNavigate: Enforce 'frame-src' CSP on the browser.

third_party/WebKit/public/platform/WebContentSecurityPolicyStruct.h

Index: third_party/WebKit/public/platform/WebContentSecurityPolicyStruct.h
diff --git a/third_party/WebKit/public/platform/WebContentSecurityPolicyStruct.h b/third_party/WebKit/public/platform/WebContentSecurityPolicyStruct.h
index 53244f5b9144721311be388b24bad6b466040af1..0587b68f797be820909fb8e23a8911228d7b299f 100644
--- a/third_party/WebKit/public/platform/WebContentSecurityPolicyStruct.h
+++ b/third_party/WebKit/public/platform/WebContentSecurityPolicyStruct.h
@@ -33,6 +33,7 @@
 
 #include "public/platform/WebContentSecurityPolicy.h"
 #include "public/platform/WebString.h"
+#include "public/platform/WebURL.h"
 #include "public/platform/WebVector.h"
 
 namespace blink {
@@ -64,6 +65,35 @@ struct WebContentSecurityPolicyPolicy {
   WebVector<WebString> reportEndpoints;
 };
 
+struct WebContentSecurityPolicyViolation {
+  // The name of the directive that infringe the policy. |directive| might be a
+  // directive that serves as a fallback to the |effective_directive|.
+  WebString directive;
+
+  // The name the effective directive that was checked against.
+  WebString effectiveDirective;
+
+  // The console message that was displayed to the user.
+  WebString consoleMessage;
+
+  // The URL that was blocked by the policy.
+  WebURL blockedUrl;
+
+  // The set of URI where a JSON-formatted report of the violation should be
+  // sent.
+  WebVector<WebString> reportEndpoints;
+
+  // The raw content security policy header that was infringed.
+  WebString header;
+
+  // Each policy has an associated disposition, which is either "enforce" or
+  // "report".
+  WebContentSecurityPolicyType disposition;
+
+  // Whether or not the violation happens after a redirection.

[alexmos, 2017/02/14 06:57:20]

nit: s/redirection/redirect/

[arthursonzogni, 2017/02/15 09:26:10]

Done.

+  bool followedRedirect;
+};
+
 }  // namespace blink
 
 #endif