CSP: Move policy parsing out of Document.

Source/core/workers/WorkerGlobalScope.cpp

Index: Source/core/workers/WorkerGlobalScope.cpp
diff --git a/Source/core/workers/WorkerGlobalScope.cpp b/Source/core/workers/WorkerGlobalScope.cpp
index 42a5da82d953788966b4210b54d52fe8f9671b57..631b3dc98124d0b1e3cdf16f4a1a25aa83d98293 100644
--- a/Source/core/workers/WorkerGlobalScope.cpp
+++ b/Source/core/workers/WorkerGlobalScope.cpp
@@ -103,8 +103,11 @@ WorkerGlobalScope::~WorkerGlobalScope()
 
 void WorkerGlobalScope::applyContentSecurityPolicyFromString(const String& policy, ContentSecurityPolicyHeaderType contentSecurityPolicyType)
 {
-    setContentSecurityPolicy(ContentSecurityPolicy::create(this));
-    contentSecurityPolicy()->didReceiveHeader(policy, contentSecurityPolicyType, ContentSecurityPolicyHeaderSourceHTTP);
+    // FIXME: This doesn't match the CSP2 spec's Worker behavior (see https://w3c.github.io/webappsec/specs/content-security-policy/#processing-model-workers)
+    RefPtr<ContentSecurityPolicy> csp = ContentSecurityPolicy::create();
+    csp->didReceiveHeader(policy, contentSecurityPolicyType, ContentSecurityPolicyHeaderSourceHTTP);
+    csp->bindToExecutionContext(executionContext());
+    setContentSecurityPolicy(csp);
 }
 
 ExecutionContext* WorkerGlobalScope::executionContext() const