Allow content script insertion on about:-URLs.

extensions/common/permissions/permissions_data.cc

Index: extensions/common/permissions/permissions_data.cc
diff --git a/extensions/common/permissions/permissions_data.cc b/extensions/common/permissions/permissions_data.cc
index ca5d3ff6ff2b3aa6af2d8d1563728577715642a8..933e42a45988dd2ef76a73c592071707f9fa03cb 100644
--- a/extensions/common/permissions/permissions_data.cc
+++ b/extensions/common/permissions/permissions_data.cc
@@ -511,8 +511,8 @@ bool PermissionsData::CanExecuteScriptOnPage(const Extension* extension,
   } else {
     // Otherwise, see if this extension has permission to execute script
     // programmatically on pages.
-    can_access = GetActivePermissions(extension)->
-        HasExplicitAccessToOrigin(document_url);
+    can_access =
+        GetActivePermissions(extension)->HasEffectiveAccessToURL(document_url);

[not at google - send to devlin, 2014/05/01 20:32:19]

why do you need this change? there isn't a script, so we check against the
explicit host permissions. that is the right thing to do, not checking against
all permissions.

[robwu, 2014/05/01 21:30:38]

The change is not needed any more, so I've reverted it.

My reasoning for not having reverted the change earlier is that if an extension
has declared a content script for a page, then it should also be able to
programatically insert a content script using chrome.tabs.executeScript.

[not at google - send to devlin, 2014/05/02 16:01:48]

Understood. We try to keep the permissions as narrow as possible.

   }
 
   if (!can_access && error) {