CSP: Suppress violation reports for extension resources.

Source/core/frame/csp/ContentSecurityPolicy.cpp

Index: Source/core/frame/csp/ContentSecurityPolicy.cpp
diff --git a/Source/core/frame/csp/ContentSecurityPolicy.cpp b/Source/core/frame/csp/ContentSecurityPolicy.cpp
index 0547df0c9f6ad43b0ab4f44cd6bcd4e43ba1c6dd..af518e36b19fab72fcaf6e14e029e4e2e3b2a0da 100644
--- a/Source/core/frame/csp/ContentSecurityPolicy.cpp
+++ b/Source/core/frame/csp/ContentSecurityPolicy.cpp
@@ -743,6 +743,13 @@ void ContentSecurityPolicy::reportViolation(const String& directiveText, const S
     if (reportEndpoints.isEmpty())
         return;
 
+    // TODO(mkwst): Obviously, we shouldn't hit this check, as extension-loaded
+    // resources should be allowed regardless. We apparently do, however, so
+    // we should at least stop spamming reporting endpoints. See
+    // https://crbug.com/524356 for detail.
+    if (!violationData.sourceFile().isEmpty() && SchemeRegistry::schemeShouldBypassContentSecurityPolicy(violationData.sourceFile().protocol())

[Mike West, 2015/09/09 09:18:18]

Ha, I'm an idiot. Pretend that this reads `KURL(ParsedURLString,
violationData.sourceFile()).protocol()` and that there was an extra `)` at the
end of the line. :(

+        return;
+
     // We need to be careful here when deciding what information to send to the
     // report-uri. Currently, we send only the current document's URL and the
     // directive that was violated. The document's URL is safe to send because