PlzNavigate: Enforce 'frame-src' CSP on the browser.

content/browser/frame_host/navigation_request.cc

Index: content/browser/frame_host/navigation_request.cc
diff --git a/content/browser/frame_host/navigation_request.cc b/content/browser/frame_host/navigation_request.cc
index 263a9475267e432925115a0ecf03293ad0450c6e..c85d165de13f6cb11c0e3d7e553d6019a34eadcb 100644
--- a/content/browser/frame_host/navigation_request.cc
+++ b/content/browser/frame_host/navigation_request.cc
@@ -393,7 +393,8 @@ void NavigationRequest::CreateNavigationHandle(int pending_nav_entry_id) {
           !browser_initiated_, FrameMsg_Navigate_Type::IsSameDocument(
                                    common_params_.navigation_type),
           common_params_.navigation_start, pending_nav_entry_id,
-          false);  // started_in_context_menu
+          false,  // started_in_context_menu
+          common_params_.should_bypass_main_world_csp);
 
   if (!frame_tree_node->navigation_request()) {
     // A callback could have cancelled this request synchronously in which case
@@ -683,6 +684,13 @@ void NavigationRequest::OnRedirectChecksComplete(
     return;
   }
 
+  if (result == NavigationThrottle::BLOCK_REQUEST) {
+    OnRequestFailed(false, net::ERR_BLOCKED_BY_CLIENT);
+    // DO NOT ADD CODE after this. The previous call to OnRequestFailed has
+    // destroyed the NavigationRequest.
+    return;
+  }
+
   loader_->FollowRedirect();
 }