Allow 'chrome-extension:' URLs to bypass content settings (2/2)

extensions/renderer/dispatcher.cc

Index: extensions/renderer/dispatcher.cc
diff --git a/extensions/renderer/dispatcher.cc b/extensions/renderer/dispatcher.cc
index fa07dd1a51536cacfb530961aeff7e2612aaca7d..2a8cc9eff90e7b818ed9fcc190c525ca42baa55d 100644
--- a/extensions/renderer/dispatcher.cc
+++ b/extensions/renderer/dispatcher.cc
@@ -270,6 +270,9 @@ Dispatcher::Dispatcher(DispatcherDelegate* delegate)
       // Extension resources are HTTP-like and safe to expose to the fetch API.
       // The rules for the fetch API are consistent with XHR.
       WebSecurityPolicy::registerURLSchemeAsSupportingFetchAPI,
+      // Extension resources, when loaded as the top-level document, should
+      // bypass Blink's strict first-party origin checks.
+      WebSecurityPolicy::registerURLSchemeAsFirstPartyWhenTopLevel,
   };
 
   WebString extension_scheme(base::ASCIIToUTF16(kExtensionScheme));