Explicitly whitelist 'blob:' and 'filesystem:' for built-in extensions.

Explicitly whitelist 'blob:' and 'filesystem:' for built-in extensions.

This CL is brought to you by opening all the 'manifest.json' files
outside of test directories that contain 'content_security_policy' keys,
and executing `:%s/'self'/'self' blob: filesystem:/g` on each.

Next time I'll write a bash script. :/

BUG=473904
R=jochen@chromium.org
TBR=fukino@chromium.org

Committed: https://crrev.com/797e601a815d28264be2d65e068fafb0eb063195
Cr-Commit-Position: refs/heads/master@{#334836}

[Mike West, 2015-06-17 08:39:33]

WDYT, Jochen? Should be a no-op, but will fix the test failures that show up in
the ChromeOS trybots for https://codereview.chromium.org/1178373004.

-mike

[jochen (gone - plz use gerrit), 2015-06-17 08:41:39]

can we estimate what percentage of extensions from the webstore we'll break in
similar ways?

[Mike West, 2015-06-17 08:54:05]

On 2015/06/17 at 08:41:39, jochen wrote:
> can we estimate what percentage of extensions from the webstore we'll break in
similar ways?

Between 0% and 100%. :)

I'll see what I can dig up; it's difficult to verify just from the manifest, as
most extensions don't use either blobs or filesystem data. One (bad?) option
would be to convert `'self'` to `'self' blob: filesystem:` for all extensions
running as v2. That might be a reasonable compromise.

[Mike West, 2015-06-17 09:18:57]

On 2015/06/17 at 08:54:05, Mike West wrote:
> On 2015/06/17 at 08:41:39, jochen wrote:
> > can we estimate what percentage of extensions from the webstore we'll break
in similar ways?
> 
> Between 0% and 100%. :)
> 
> I'll see what I can dig up; it's difficult to verify just from the manifest,
as most extensions don't use either blobs or filesystem data. One (bad?) option
would be to convert `'self'` to `'self' blob: filesystem:` for all extensions
running as v2. That might be a reasonable compromise.

Of the ~150k manifests in the dataset I have access to, 1069 define a content
security policy containing `'self'` and use `URL.createObjectURL`. 525 contain
`'self'` and use `window.requestFileSystem`.

Unfortunately, some of those are extensions with large numbers of users.

I'll talk with kalman@ about converting the extension CSP as we load it in. In
the meantime, I'll hold off on the Blink-side change. I think this change is
still relevant, however, and shouldn't have any negative impact on the status
quo.

[jochen (gone - plz use gerrit), 2015-06-17 12:54:14]

lgtm

[Mike West, 2015-06-17 12:55:41]

The CQ bit was checked by mkwst@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2015-06-17 12:55:58]

Dry run: CQ is trying da patch. Follow status at
 https://chromium-cq-status.appspot.com/patch-status/1176203008/1

[commit-bot: I haz the power, 2015-06-17 14:19:01]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2015-06-17 14:19:03]

Dry run: This issue passed the CQ dry run.

[Mike West, 2015-06-17 15:31:55]

mkwst@chromium.org changed reviewers:
+ fukino@chromium.org

[Mike West, 2015-06-17 15:32:42]

TBRing fukino@chromium.org for the mechanical change to ui/file_manager.

[Mike West, 2015-06-17 15:32:45]

The CQ bit was checked by mkwst@chromium.org

[commit-bot: I haz the power, 2015-06-17 15:33:25]

CQ is trying da patch. Follow status at
 https://chromium-cq-status.appspot.com/patch-status/1176203008/1

[commit-bot: I haz the power, 2015-06-17 15:39:20]

Committed patchset #1 (id:1)

[commit-bot: I haz the power, 2015-06-17 15:40:18]

Patchset 1 (id:??) landed as
https://crrev.com/797e601a815d28264be2d65e068fafb0eb063195
Cr-Commit-Position: refs/heads/master@{#334836}