CSP: Move policy parsing out of Document.

Source/core/workers/WorkerGlobalScope.cpp

Index: Source/core/workers/WorkerGlobalScope.cpp
diff --git a/Source/core/workers/WorkerGlobalScope.cpp b/Source/core/workers/WorkerGlobalScope.cpp
index e96908aedc1d73a66fa8f4eadd3ea73eef9ffe73..9784955ae00a7feb17919771c2ddb7ca35ecd52c 100644
--- a/Source/core/workers/WorkerGlobalScope.cpp
+++ b/Source/core/workers/WorkerGlobalScope.cpp
@@ -104,8 +104,10 @@ WorkerGlobalScope::~WorkerGlobalScope()
 
 void WorkerGlobalScope::applyContentSecurityPolicyFromString(const String& policy, ContentSecurityPolicyHeaderType contentSecurityPolicyType)
 {
-    setContentSecurityPolicy(ContentSecurityPolicy::create(this));
+    // FIXME: This doesn't match the CSP2 spec's Worker behavior (see https://w3c.github.io/webappsec/specs/content-security-policy/#processing-model-workers)
+    setContentSecurityPolicy(ContentSecurityPolicy::create());

[sof, 2014/09/11 07:44:04]

(Nothing wrong with this, but I like the style added in
FrameLoader::didBeginDocument(), which separately builds up the CSP object and
then assigns it in the end.)

[Mike West, 2014/09/11 08:29:13]

I'll rework it, no worries.

     contentSecurityPolicy()->didReceiveHeader(policy, contentSecurityPolicyType, ContentSecurityPolicyHeaderSourceHTTP);
+    contentSecurityPolicy()->bindToExecutionContext(executionContext());
 }
 
 ExecutionContext* WorkerGlobalScope::executionContext() const