As per section Content-Security-Policy-Report-Only Header Field of the Content Security Policy Level 2 spec., <https://w3c.github.io/webappsec-csp/2/> (Editor's Draft, 29 August 2015), "The Content-Security-Policy-Report-Only header is not supported inside a meta element." Currently we support a report-only policy delivered via a meta element.
<rdar://problem/25718167>
Created attachment 276369 [details] Patch and Layout Tests
Comment on attachment 276369 [details] Patch and Layout Tests Looks great! r=me.
Committed r199538: <http://trac.webkit.org/changeset/199538>