The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/81fb72f0982740ece29d016e1853561f8e04c8eb

commit 81fb72f0982740ece29d016e1853561f8e04c8eb
Author: mkwst <mkwst@chromium.org>
Date: Wed Mar 02 13:28:55 2016

CORS-RFC1918: Introduce 'treat-as-public-address' CSP directive

As defined at https://mikewest.github.io/cors-rfc1918/#csp, this CSP
directive allows a document to drop any "external request" privileges it
might have based on the IP address from which it was served. This flag
isn't used yet, but will be once we start teaching the various loaders
about the joys and sorrows of external requests.

BUG= 591056 

Review URL: https://codereview.chromium.org/1747263002

Cr-Commit-Position: refs/heads/master@{#378735}

[modify] https://crrev.com/81fb72f0982740ece29d016e1853561f8e04c8eb/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.cpp
[modify] https://crrev.com/81fb72f0982740ece29d016e1853561f8e04c8eb/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h
[modify] https://crrev.com/81fb72f0982740ece29d016e1853561f8e04c8eb/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp
[modify] https://crrev.com/81fb72f0982740ece29d016e1853561f8e04c8eb/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h
[modify] https://crrev.com/81fb72f0982740ece29d016e1853561f8e04c8eb/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicyTest.cpp