CSP 1.1: Implement the 'frame-ancestors' directive.

LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-url-allow-expected.txt

Index: LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-url-allow-expected.txt
diff --git a/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-url-allow-expected.txt b/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-url-allow-expected.txt
new file mode 100644
index 0000000000000000000000000000000000000000..a05e0977651a46a78048be2f4c576d0c715ba7a9
--- /dev/null
+++ b/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-url-allow-expected.txt
@@ -0,0 +1,28 @@
+A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+Note that we can't distinguish blocked URLs from allowed cross-origin URLs due to the same-origin policy. This test passes if no console message declares that the frame was blocked.
+PASS The inner IFrame passed.
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
+
+--------
+Frame: '<!--framePath //<!--frame0-->-->'
+--------
+Testing a cross-origin child with a policy of "http://127.0.0.1:8000 http://localhost:8080" nested in a same-origin parent.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+IFrame load event fired: the IFrame is cross-origin (or was blocked).
+PASS The IFrame should have been blocked (or cross-origin). It was.
+
+
+--------
+Frame: '<!--framePath //<!--frame0-->/<!--frame0-->-->'
+--------
+This is an IFrame sending a Content Security Policy header containing "frame-ancestors http://127.0.0.1:8000 http://localhost:8080".