7 files changed, 17 insertions, 14 deletions

diff --git a/components/script/dom/htmliframeelement.rs b/components/script/dom/htmliframeelement.rs
index 18116eee8ae..7de3d4977b1 100644
--- a/components/script/dom/htmliframeelement.rs
+++ b/components/script/dom/htmliframeelement.rs
@@ -16,6 +16,7 @@ use embedder_traits::ViewportDetails;
 use html5ever::{LocalName, Prefix, local_name, ns};
 use js::rust::HandleObject;
 use net_traits::ReferrerPolicy;
+use net_traits::request::Destination;
 use profile_traits::ipc as ProfiledIpc;
 use script_traits::{NewLayoutInfo, UpdatePipelineIdReason};
 use servo_url::ServoUrl;
@@ -282,6 +283,7 @@ impl HTMLIFrameElement {
                 Some(document.insecure_requests_policy()),
                 document.has_trustworthy_ancestor_or_current_origin(),
             );
+            load_data.destination = Destination::IFrame;
             load_data.policy_container = Some(window.as_global_scope().policy_container());
             let element = self.upcast::<Element>();
             load_data.srcdoc = String::from(element.get_string_attribute(&local_name!("srcdoc")));
@@ -375,6 +377,8 @@ impl HTMLIFrameElement {
             Some(document.insecure_requests_policy()),
             document.has_trustworthy_ancestor_or_current_origin(),
         );
+        load_data.destination = Destination::IFrame;
+        load_data.policy_container = Some(window.as_global_scope().policy_container());
 
         let pipeline_id = self.pipeline_id();
         // If the initial `about:blank` page is the current page, load with replacement enabled,
@@ -382,10 +386,6 @@ impl HTMLIFrameElement {
         let is_about_blank =
             pipeline_id.is_some() && pipeline_id == self.about_blank_pipeline_id.get();
 
-        if is_about_blank {
-            load_data.policy_container = Some(window.as_global_scope().policy_container());
-        }
-
         let history_handling = if is_about_blank {
             NavigationHistoryBehavior::Replace
         } else {
@@ -425,6 +425,7 @@ impl HTMLIFrameElement {
             Some(document.insecure_requests_policy()),
             document.has_trustworthy_ancestor_or_current_origin(),
         );
+        load_data.destination = Destination::IFrame;
         load_data.policy_container = Some(window.as_global_scope().policy_container());
         let browsing_context_id = BrowsingContextId::new();
         let webview_id = window.window_proxy().webview_id();
diff --git a/components/script/navigation.rs b/components/script/navigation.rs
index 5aa71abb74a..17cff5bab4a 100644
--- a/components/script/navigation.rs
+++ b/components/script/navigation.rs
@@ -11,7 +11,6 @@ use std::cell::Cell;
 use base::cross_process_instant::CrossProcessInstant;
 use base::id::{BrowsingContextId, PipelineId, WebViewId};
 use constellation_traits::LoadData;
-use content_security_policy::Destination;
 use crossbeam_channel::Sender;
 use embedder_traits::ViewportDetails;
 use http::header;
@@ -202,12 +201,13 @@ impl InProgressLoad {
             self.load_data.referrer.clone(),
         )
         .method(self.load_data.method.clone())
-        .destination(Destination::Document)
+        .destination(self.load_data.destination)
         .mode(RequestMode::Navigate)
         .credentials_mode(CredentialsMode::Include)
         .use_url_credentials(true)
         .pipeline_id(Some(id))
         .referrer_policy(self.load_data.referrer_policy)
+        .policy_container(self.load_data.policy_container.clone().unwrap_or_default())
         .insecure_requests_policy(
             self.load_data
                 .inherited_insecure_requests_policy
diff --git a/components/shared/constellation/from_script_message.rs b/components/shared/constellation/from_script_message.rs
index 3856def660e..a5424abe6d1 100644
--- a/components/shared/constellation/from_script_message.rs
+++ b/components/shared/constellation/from_script_message.rs
@@ -23,7 +23,7 @@ use http::{HeaderMap, Method};
 use ipc_channel::Error as IpcError;
 use ipc_channel::ipc::{IpcReceiver, IpcSender};
 use net_traits::policy_container::PolicyContainer;
-use net_traits::request::{InsecureRequestsPolicy, Referrer, RequestBody};
+use net_traits::request::{Destination, InsecureRequestsPolicy, Referrer, RequestBody};
 use net_traits::storage_thread::StorageType;
 use net_traits::{CoreResourceMsg, ReferrerPolicy, ResourceThreads};
 use profile_traits::mem::MemoryReportResult;
@@ -111,6 +111,8 @@ pub struct LoadData {
     pub has_trustworthy_ancestor_origin: bool,
     /// Servo internal: if crash details are present, trigger a crash error page with these details.
     pub crash: Option<String>,
+    /// Destination, used for CSP checks
+    pub destination: Destination,
 }
 
 /// The result of evaluating a javascript scheme url.
@@ -152,6 +154,7 @@ impl LoadData {
             crash: None,
             inherited_insecure_requests_policy,
             has_trustworthy_ancestor_origin,
+            destination: Destination::Document,
         }
     }
 }
diff --git a/tests/wpt/meta/MANIFEST.json b/tests/wpt/meta/MANIFEST.json
index 0cab7c4aa61..8f9578b1ac9 100644
--- a/tests/wpt/meta/MANIFEST.json
+++ b/tests/wpt/meta/MANIFEST.json
@@ -567585,7 +567585,7 @@
       ]
      ],
      "frame-src-blocked.sub.html": [
-      "a4957f8715c4bdc0db9473caee3fc9f2e767fd71",
+      "76fcc2cbb536ba9ec0c8741ad9fe9af470165d32",
       [
        null,
        {}
diff --git a/tests/wpt/meta/content-security-policy/frame-src/frame-src-blocked.sub.html.ini b/tests/wpt/meta/content-security-policy/frame-src/frame-src-blocked.sub.html.ini
index 0ba5c4c9773..713c921cb01 100644
--- a/tests/wpt/meta/content-security-policy/frame-src/frame-src-blocked.sub.html.ini
+++ b/tests/wpt/meta/content-security-policy/frame-src/frame-src-blocked.sub.html.ini
@@ -1,4 +1,3 @@
 [frame-src-blocked.sub.html]
-  expected: ERROR
   [Expecting logs: ["PASS IFrame #1 generated a load event.","violated-directive=frame-src"\]]
     expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/frame-src/frame-src-cross-origin-same-document-navigation.window.js.ini b/tests/wpt/meta/content-security-policy/frame-src/frame-src-cross-origin-same-document-navigation.window.js.ini
index b22b217fc25..287c3f6b2c7 100644
--- a/tests/wpt/meta/content-security-policy/frame-src/frame-src-cross-origin-same-document-navigation.window.js.ini
+++ b/tests/wpt/meta/content-security-policy/frame-src/frame-src-cross-origin-same-document-navigation.window.js.ini
@@ -1,4 +1,4 @@
 [frame-src-cross-origin-same-document-navigation.window.html]
-  expected: OK
+  expected: TIMEOUT
   [frame-src-cross-origin-same-document-navigation]
-    expected: FAIL
+    expected: TIMEOUT
diff --git a/tests/wpt/tests/content-security-policy/frame-src/frame-src-blocked.sub.html b/tests/wpt/tests/content-security-policy/frame-src/frame-src-blocked.sub.html
index a4957f8715c..76fcc2cbb53 100644
--- a/tests/wpt/tests/content-security-policy/frame-src/frame-src-blocked.sub.html
+++ b/tests/wpt/tests/content-security-policy/frame-src/frame-src-blocked.sub.html
@@ -18,17 +18,17 @@
         }, false);
 
         function alert_assert(msg) {
-            t_alert.step(function() {
+            t_log.step(function() {
                 if (msg.match(/^FAIL/i)) {
                     assert_unreached(msg);
-                    t_alert.done();
+                    t_log.done();
                 }
                 for (var i = 0; i < expected_alerts.length; i++) {
                     if (expected_alerts[i] == msg) {
                         assert_equals(expected_alerts[i], msg);
                         expected_alerts.splice(i, 1);
                         if (expected_alerts.length == 0) {
-                            t_alert.done();
+                            t_log.done();
                         }
                         return;
                     }