Enable SRI only for same origin and CORS content.

Source/core/frame/SubresourceIntegrity.cpp

Index: Source/core/frame/SubresourceIntegrity.cpp
diff --git a/Source/core/frame/SubresourceIntegrity.cpp b/Source/core/frame/SubresourceIntegrity.cpp
index d7e824e010ca8d821f11996ff69e14e781922104..5be75cf457aaa7ca1f1cb302286d73ed88d52257 100644
--- a/Source/core/frame/SubresourceIntegrity.cpp
+++ b/Source/core/frame/SubresourceIntegrity.cpp
@@ -8,6 +8,7 @@
 #include "core/HTMLNames.h"
 #include "core/dom/Document.h"
 #include "core/dom/Element.h"
+#include "core/fetch/Resource.h"
 #include "core/frame/ConsoleTypes.h"
 #include "core/frame/UseCounter.h"
 #include "core/inspector/ConsoleMessage.h"
@@ -82,7 +83,7 @@ static String digestToString(const DigestValue& digest)
     return base64URLEncode(reinterpret_cast<const char*>(digest.data()), digest.size(), Base64DoNotInsertLFs);
 }
 
-bool SubresourceIntegrity::CheckSubresourceIntegrity(const Element& element, const String& source, const KURL& resourceUrl, const String& resourceType)
+bool SubresourceIntegrity::CheckSubresourceIntegrity(const Element& element, const String& source, const KURL& resourceUrl, const String& resourceType, const Resource& resource)
 {
     if (!RuntimeEnabledFeatures::subresourceIntegrityEnabled())
         return true;
@@ -92,6 +93,11 @@ bool SubresourceIntegrity::CheckSubresourceIntegrity(const Element& element, con
 
     Document& document = element.document();
 
+    if (!resource.isEligibleForIntegrityCheck(&document)) {
+        logErrorToConsole("Subresource Integrity: The resource '" + resourceUrl.elidedString() + "' has an integrity attribute, but the resource requires CORS to be enabled to check the integrity, and it is not. The resource has been blocked.", document);
+        return false;
+    }
+
     String integrity;
     HashAlgorithm algorithm;
     String type;