Added validation of the policy specified in the 'csp' attribute

third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp

Index: third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp
diff --git a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp
index 529501b3539cd032b119e70c16308485b2786b98..87ed60003d1bdbec61183be87eb8860dd24f80f1 100644
--- a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp
+++ b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp
@@ -1709,4 +1709,16 @@ bool ContentSecurityPolicy::ShouldBypassContentSecurityPolicy(
   }
 }
 
+// static
+bool ContentSecurityPolicy::IsValidCSPAttr(const String& attr) {
+  ContentSecurityPolicy* policy = ContentSecurityPolicy::Create();
+  policy->AddPolicyFromHeaderValue(attr,
+                                   kContentSecurityPolicyHeaderTypeEnforce,
+                                   kContentSecurityPolicyHeaderSourceHTTP);
+  if (policy->console_messages_.IsEmpty() && policy->policies_.size() == 1) {
+    return true;
+  }
+  return false;
+}
+
 }  // namespace blink