Add managed policies for Native Messaging

chrome/browser/extensions/api/messaging/message_service.cc

Index: chrome/browser/extensions/api/messaging/message_service.cc
diff --git a/chrome/browser/extensions/api/messaging/message_service.cc b/chrome/browser/extensions/api/messaging/message_service.cc
index 23cf172c4daf91ea7aad51f38e62cb18dca2c6cd..415d31e60940ee4c6173838a8229367dc961b098 100644
--- a/chrome/browser/extensions/api/messaging/message_service.cc
+++ b/chrome/browser/extensions/api/messaging/message_service.cc
@@ -63,6 +63,9 @@ const char kReceivingEndDoesntExistError[] =
 #if defined(OS_WIN) || defined(OS_MACOSX) || defined(OS_LINUX)
 const char kMissingPermissionError[] =
     "Access to native messaging requires nativeMessaging permission.";
+const char kProhibitedByPoliciesError[] =
+    "Access to the native messaging host was disabled by the system "
+    "administrator.";
 #endif
 
 struct MessageService::MessageChannel {
@@ -358,6 +361,13 @@ void MessageService::OpenChannelToNativeApp(
     return;
   }
 
+  // Verify that the host is not blocked by policies.
+  if (!NativeMessageProcessHost::IsHostAllowed(profile->GetPrefs(),
+                                               native_app_name)) {
+    DispatchOnDisconnect(source, receiver_port_id, kProhibitedByPoliciesError);
+    return;
+  }
+
   scoped_ptr<MessageChannel> channel(new MessageChannel());
   channel->opener.reset(new ExtensionMessagePort(source, MSG_ROUTING_CONTROL,
                                                  source_extension_id));