Add schema chrome-extension-resource:// for extension resources

chrome/renderer/chrome_content_renderer_client.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/renderer/chrome_content_renderer_client.h"
 
 #include <string>
 
 #include "base/command_line.h"
 #include "base/logging.h"
@@ skipping 196 matching lines @@
 
   // chrome:, and chrome-extension: resources shouldn't trigger insecure
   // content warnings.
   WebSecurityPolicy::registerURLSchemeAsSecure(chrome_ui_scheme);
 
   WebString extension_scheme(ASCIIToUTF16(chrome::kExtensionScheme));
   WebSecurityPolicy::registerURLSchemeAsSecure(extension_scheme);
 
   // chrome-extension: resources should be allowed to receive CORS requests.
   WebSecurityPolicy::registerURLSchemeAsCORSEnabled(extension_scheme);
+
+  WebString extension_resource_scheme(
+      ASCIIToUTF16(chrome::kExtensionResourceScheme));
+  WebSecurityPolicy::registerURLSchemeAsSecure(extension_resource_scheme);
+
+  // chrome-extension-resource: resources should be allowed to receive CORS
+  // requests.
+  WebSecurityPolicy::registerURLSchemeAsCORSEnabled(extension_resource_scheme);
 }
 
 void ChromeContentRendererClient::RenderViewCreated(
     content::RenderView* render_view) {
   ContentSettingsObserver* content_settings =
       new ContentSettingsObserver(render_view);
   if (chrome_observer_.get()) {
     content_settings->SetContentSettingRules(
         chrome_observer_->content_setting_rules());
   }
@@ skipping 469 matching lines @@
     if (is_extension_url != extension_dispatcher_->is_extension_process())
       return true;
   }
 
   return false;
 }
 
 bool ChromeContentRendererClient::WillSendRequest(WebKit::WebFrame* frame,
                                                   const GURL& url,
                                                   GURL* new_url) {
-  // If the request is for an extension resource, check whether it should be
-  // allowed. If not allowed, we reset the URL to something invalid to prevent
-  // the request and cause an error.
-  if (url.SchemeIs(chrome::kExtensionScheme) &&
+  // Check whether the request should be allowed. If not allowed, we reset the
+  // URL to something invalid to prevent the request and cause an error.
+  if ((url.SchemeIs(chrome::kExtensionScheme) &&
       !ExtensionResourceRequestPolicy::CanRequestResource(
           url,
           frame,
-          extension_dispatcher_->extensions())) {
+          extension_dispatcher_->extensions())) ||
+      (url.SchemeIs(chrome::kExtensionResourceScheme) &&

[Tom Sepez, 2012/04/18 18:03:01]

Worry about promoting a c-e-r:// scheme to a c-e:// scheme on error.

[Aaron Boodman, 2012/04/18 18:06:21]

Theoretically, this URL should have no privileges, but yeah, it's a hack and I
can see there being problems.

The real problem is that the underlying WebKit interfaces don't allow us to make
the request fail here.

Is there a better URL we can redirect to here?

[Tom Sepez, 2012/04/18 18:24:38]

Maybe you invent c-e-r://null and check for that in the URLRequest logic,
returning '' in that case?

[Peng, 2012/04/18 18:29:16]

Tom, Aaron, Any suggestion? I don't know any other better options.

[Peng, 2012/04/18 18:35:12]

Only requesting from web page will be redirected to c-e-r://null. probably
should return some error instead of '' empty page?

[Peng, 2012/04/18 18:47:32]

Done.

[Aaron Boodman, 2012/04/18 18:51:01]

How is that different from what we do now?

Can we use the Chrome 404 page instead? I don't know what its URL is, but
there's probably a constant somewhere. And presumably we're extra careful to
make sure it doesn't have any privileges.

[Aaron Boodman, 2012/04/18 19:13:49]

I discussed with peng offline. We are going to use
chrome-extension-resource://invalid. This results in a page that has the origin:
data:text/html,chromewebdata, which should be very low privilege.

+       !ExtensionResourceRequestPolicy::CanRequestExtensionResourceScheme(
+          url,
+          frame,
+          extension_dispatcher_->extensions()))) {
     *new_url = GURL("chrome-extension://invalid/");
     return true;
   }
 
   return false;
 }
 
 bool ChromeContentRendererClient::ShouldPumpEventsDuringCookieMessage() {
   // We no longer pump messages, even under Chrome Frame. We rely on cookie
   // read requests handled by CF not putting up UI or causing other actions
@@ skipping 135 matching lines @@
 bool ChromeContentRendererClient::IsOtherExtensionWithWebRequestInstalled() {
   return extension_dispatcher_->IsOtherExtensionWithWebRequestInstalled();
 }
 
 void ChromeContentRendererClient::RegisterPPAPIInterfaceFactories(
     webkit::ppapi::PpapiInterfaceFactoryManager* factory_manager) {
   factory_manager->RegisterFactory(ChromePPAPIInterfaceFactory);
 }
 
 }  // namespace chrome