Merge 55103 - Refactored extension privilege enumeration and implemented URLP...

chrome/browser/extensions/extension_protocols.cc

Index: chrome/browser/extensions/extension_protocols.cc
===================================================================
--- chrome/browser/extensions/extension_protocols.cc	(revision 56058)
+++ chrome/browser/extensions/extension_protocols.cc	(working copy)
@@ -74,12 +74,24 @@
   ChromeURLRequestContext* context =
       static_cast<ChromeURLRequestContext*>(request->context());
 
+  const ResourceDispatcherHostRequestInfo* info =
+      ResourceDispatcherHost::InfoForRequest(request);
+
+  // Don't allow extension resources to be loaded from origins which are not
+  // present in the extension's effective host permissions with the exception
+  // of empty origins and extension schemes.
+  if (!info->frame_origin().empty() &&
+      !GURL(info->frame_origin()).SchemeIs(chrome::kExtensionScheme)) {
+    ExtensionExtent host_permissions =
+      context->GetEffectiveHostPermissionsForExtension(request->url().host());
+    if (!host_permissions.ContainsURL(GURL(info->frame_origin())))
+      return new URLRequestErrorJob(request, net::ERR_ADDRESS_UNREACHABLE);
+  }
+
   // Don't allow toplevel navigations to extension resources in incognito mode.
-  // This is because an extension must run in a single process, and an incognito
-  // tab prevents that.
+  // This is because an extension must run in a single process, and an
+  // incognito tab prevents that.
   // TODO(mpcomplete): better error code.
-  const ResourceDispatcherHostRequestInfo* info =
-      ResourceDispatcherHost::InfoForRequest(request);
   if (context->is_off_the_record() &&
       info && info->resource_type() == ResourceType::MAIN_FRAME)
     return new URLRequestErrorJob(request, net::ERR_ADDRESS_UNREACHABLE);