Fix for "chrome://" links in PDFs.

chrome/browser/extensions/chrome_extension_web_contents_observer.cc

Index: chrome/browser/extensions/chrome_extension_web_contents_observer.cc
diff --git a/chrome/browser/extensions/chrome_extension_web_contents_observer.cc b/chrome/browser/extensions/chrome_extension_web_contents_observer.cc
index b692dfbb0e01fcb1cc9de515061cfef4a3cda176..51c72031e80438451b2a363728a909c16385f06a 100644
--- a/chrome/browser/extensions/chrome_extension_web_contents_observer.cc
+++ b/chrome/browser/extensions/chrome_extension_web_contents_observer.cc
@@ -8,7 +8,9 @@
 #include "chrome/browser/extensions/extension_service.h"
 #include "chrome/browser/extensions/window_controller.h"
 #include "chrome/common/extensions/chrome_extension_messages.h"
+#include "chrome/common/url_constants.h"
 #include "content/public/browser/browser_context.h"
+#include "content/public/browser/child_process_security_policy.h"
 #include "content/public/browser/render_frame_host.h"
 #include "content/public/browser/render_process_host.h"
 #include "content/public/browser/render_view_host.h"
@@ -33,6 +35,38 @@ ChromeExtensionWebContentsObserver::~ChromeExtensionWebContentsObserver() {}
 void ChromeExtensionWebContentsObserver::RenderViewCreated(
     content::RenderViewHost* render_view_host) {
   ReloadIfTerminated(render_view_host);
+
+  const Extension* extension = GetExtension(render_view_host);
+  if (!extension)
+    return;
+
+  Manifest::Type type = extension->GetType();

[Devlin, 2015/09/23 23:14:17]

won't need this.

[paulmeyer, 2015/09/29 17:24:55]

Done.

+  int process_id = render_view_host->GetProcess()->GetID();
+
+  // Components of chrome that are implemented as extensions are allowed to use
+  // chrome://resources/ URLs.
+  if (type == Manifest::TYPE_EXTENSION &&

[Devlin, 2015/09/23 23:14:17]

extension->is_extension()

[paulmeyer, 2015/09/29 17:24:56]

Done.

+      extension->location() == Manifest::COMPONENT) {

[Devlin, 2015/09/23 23:14:17]

Manifest::IsComponentLocation(extension->location())

[paulmeyer, 2015/09/29 17:24:55]

Done.

+    url::Origin origin = url::Origin::UnsafelyCreateOriginWithoutNormalization(

[Charlie Reis, 2015/09/23 22:57:14]

Sounds like that's not a preferred way to create Origins, apart from IPC
messages.  Why not create a GURL from a string of the scheme and host, and then
convert that to Origin, similar to below?

+        content::kChromeUIScheme, content::kChromeUIResourcesHost, 0);
+    content::ChildProcessSecurityPolicy::GetInstance()->GrantOrigin(

[Devlin, 2015/09/23 23:14:17]

This would be less verbose if we cached it.

[paulmeyer, 2015/09/29 17:24:56]

Done.

+        process_id, origin);
+  }
+
+  // Extensions, legacy packaged apps, and platform apps are allowed to use

[Charlie Reis, 2015/09/23 22:57:14]

nit: component platform apps

[paulmeyer, 2015/09/29 17:24:56]

Done.

+  // chrome://favicon/ and chrome://extension-icon/ URLs. Hosted apps are not
+  // allowed because they are served via web servers (and are generally never
+  // given access to Chrome APIs).
+  if (type == Manifest::TYPE_EXTENSION ||

[Devlin, 2015/09/23 23:14:17]

is_extension(), analogous for below

[paulmeyer, 2015/09/29 17:24:55]

Done.

+      type == Manifest::TYPE_LEGACY_PACKAGED_APP ||
+      (type == Manifest::TYPE_PLATFORM_APP &&
+       extension->location() == Manifest::COMPONENT)) {
+    content::ChildProcessSecurityPolicy::GetInstance()->GrantOrigin(
+        process_id, url::Origin(GURL(chrome::kChromeUIFaviconURL)));
+    content::ChildProcessSecurityPolicy::GetInstance()->GrantOrigin(
+        process_id, url::Origin(GURL(chrome::kChromeUIExtensionIconURL)));
+  }
+
   ExtensionWebContentsObserver::RenderViewCreated(render_view_host);

[Devlin, 2015/09/23 23:14:17]

I think I'd prefer to do this initialization first.

[paulmeyer, 2015/09/29 17:24:56]

Done.

 }