Revert of Lock down the registration of blob:chrome-extension:// URLs

Revert of Lock down the registration of blob:chrome-extension:// URLs (patchset #13 id:230001 of https://codereview.chromium.org/2364633004/ )

Reason for revert:
Speculative revert to fix failing test http/tests/xmlhttprequest/xhr-to-blob-in-isolated-world.html in webkit_tests.

See failures in:
https://build.chromium.org/p/chromium.webkit/builders/WebKit%20Win7/builds/46369
https://build.chromium.org/p/chromium.webkit/builders/WebKit%20Mac10.10/builds/24388

Original issue's description:
> Update ChildProcessSecurityPolicy so that the chrome-extension:// scheme
> is considered "web safe" to be requestable from any process, but only
> "web safe" to commit in extension processes.
>
> In ChildProcessSecurityPolicy::CanRequestURL and CanCommitURL, when
> seeing blob and filesystem urls, make a security decision based
> on the inner origin rather than the scheme.
>
> When the extensions ProcessManager (via ExtensionWebContentsObserver) notices a
> RenderFrame being created in an extension SiteInstance, grant that process
> permission to commit chrome-extension:// URLs.
>
> In BlobDispatcherHost, only allow creation of blob URLs from processes that
> would be able to commit them.
>
> Add a security exploit browsertest that verifies the above mechanisms working
> together.
>
> BUG=644966
>
> Committed: https://crrev.com/a411fd062bc68fc2b5fc3aca7e4cbb8e4a3e074e
> Cr-Commit-Position: refs/heads/master@{#421964}

TBR=reillyg@chromium.org,creis@chromium.org,thestig@chromium.org,rdevlin.cronin@chromium.org,nick@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=644966
Committed: https://crrev.com/bd3b7a4c91c8dc7a28e197c3a88a2885121c3042
Cr-Commit-Position: refs/heads/master@{#421997}

[tsergeant, 2016-09-30 00:40:44]

The CQ bit was checked by tsergeant@chromium.org

[tsergeant, 2016-09-30 00:40:44]

Created Revert of Lock down the registration of blob:chrome-extension:// URLs

[commit-bot: I haz the power, 2016-09-30 00:41:19]

CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-09-30 00:42:39]

Description was changed from

==========
Revert of Lock down the registration of blob:chrome-extension:// URLs (patchset
#13 id:230001 of https://codereview.chromium.org/2364633004/ )

Reason for revert:
Speculative revert to fix failing test
http/tests/xmlhttprequest/xhr-to-blob-in-isolated-world.html in webkit_tests.

See failures in:
https://build.chromium.org/p/chromium.webkit/builders/WebKit%20Win7/builds/46369
https://build.chromium.org/p/chromium.webkit/builders/WebKit%20Mac10.10/build...

Original issue's description:
> Update ChildProcessSecurityPolicy so that the chrome-extension:// scheme
> is considered "web safe" to be requestable from any process, but only
> "web safe" to commit in extension processes.
> 
> In ChildProcessSecurityPolicy::CanRequestURL and CanCommitURL, when
> seeing blob and filesystem urls, make a security decision based
> on the inner origin rather than the scheme.
> 
> When the extensions ProcessManager (via ExtensionWebContentsObserver) notices
a
> RenderFrame being created in an extension SiteInstance, grant that process
> permission to commit chrome-extension:// URLs.
> 
> In BlobDispatcherHost, only allow creation of blob URLs from processes that
> would be able to commit them.
> 
> Add a security exploit browsertest that verifies the above mechanisms working
> together.
> 
> BUG=644966
> 
> Committed: https://crrev.com/a411fd062bc68fc2b5fc3aca7e4cbb8e4a3e074e
> Cr-Commit-Position: refs/heads/master@{#421964}

TBR=reillyg@chromium.org,creis@chromium.org,thestig@chromium.org,rdevlin.cron...
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=644966
==========

to

==========
Revert of Lock down the registration of blob:chrome-extension:// URLs (patchset
#13 id:230001 of https://codereview.chromium.org/2364633004/ )

Reason for revert:
Speculative revert to fix failing test
http/tests/xmlhttprequest/xhr-to-blob-in-isolated-world.html in webkit_tests.

See failures in:
https://build.chromium.org/p/chromium.webkit/builders/WebKit%20Win7/builds/46369
https://build.chromium.org/p/chromium.webkit/builders/WebKit%20Mac10.10/build...

Original issue's description:
> Update ChildProcessSecurityPolicy so that the chrome-extension:// scheme
> is considered "web safe" to be requestable from any process, but only
> "web safe" to commit in extension processes.
> 
> In ChildProcessSecurityPolicy::CanRequestURL and CanCommitURL, when
> seeing blob and filesystem urls, make a security decision based
> on the inner origin rather than the scheme.
> 
> When the extensions ProcessManager (via ExtensionWebContentsObserver) notices
a
> RenderFrame being created in an extension SiteInstance, grant that process
> permission to commit chrome-extension:// URLs.
> 
> In BlobDispatcherHost, only allow creation of blob URLs from processes that
> would be able to commit them.
> 
> Add a security exploit browsertest that verifies the above mechanisms working
> together.
> 
> BUG=644966
> 
> Committed: https://crrev.com/a411fd062bc68fc2b5fc3aca7e4cbb8e4a3e074e
> Cr-Commit-Position: refs/heads/master@{#421964}

TBR=reillyg@chromium.org,creis@chromium.org,thestig@chromium.org,rdevlin.cron...
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=644966
==========

[commit-bot: I haz the power, 2016-09-30 00:42:40]

Committed patchset #1 (id:1)

[commit-bot: I haz the power, 2016-09-30 00:45:48]

Description was changed from

==========
Revert of Lock down the registration of blob:chrome-extension:// URLs (patchset
#13 id:230001 of https://codereview.chromium.org/2364633004/ )

Reason for revert:
Speculative revert to fix failing test
http/tests/xmlhttprequest/xhr-to-blob-in-isolated-world.html in webkit_tests.

See failures in:
https://build.chromium.org/p/chromium.webkit/builders/WebKit%20Win7/builds/46369
https://build.chromium.org/p/chromium.webkit/builders/WebKit%20Mac10.10/build...

Original issue's description:
> Update ChildProcessSecurityPolicy so that the chrome-extension:// scheme
> is considered "web safe" to be requestable from any process, but only
> "web safe" to commit in extension processes.
> 
> In ChildProcessSecurityPolicy::CanRequestURL and CanCommitURL, when
> seeing blob and filesystem urls, make a security decision based
> on the inner origin rather than the scheme.
> 
> When the extensions ProcessManager (via ExtensionWebContentsObserver) notices
a
> RenderFrame being created in an extension SiteInstance, grant that process
> permission to commit chrome-extension:// URLs.
> 
> In BlobDispatcherHost, only allow creation of blob URLs from processes that
> would be able to commit them.
> 
> Add a security exploit browsertest that verifies the above mechanisms working
> together.
> 
> BUG=644966
> 
> Committed: https://crrev.com/a411fd062bc68fc2b5fc3aca7e4cbb8e4a3e074e
> Cr-Commit-Position: refs/heads/master@{#421964}

TBR=reillyg@chromium.org,creis@chromium.org,thestig@chromium.org,rdevlin.cron...
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=644966
==========

to

==========
Revert of Lock down the registration of blob:chrome-extension:// URLs (patchset
#13 id:230001 of https://codereview.chromium.org/2364633004/ )

Reason for revert:
Speculative revert to fix failing test
http/tests/xmlhttprequest/xhr-to-blob-in-isolated-world.html in webkit_tests.

See failures in:
https://build.chromium.org/p/chromium.webkit/builders/WebKit%20Win7/builds/46369
https://build.chromium.org/p/chromium.webkit/builders/WebKit%20Mac10.10/build...

Original issue's description:
> Update ChildProcessSecurityPolicy so that the chrome-extension:// scheme
> is considered "web safe" to be requestable from any process, but only
> "web safe" to commit in extension processes.
>
> In ChildProcessSecurityPolicy::CanRequestURL and CanCommitURL, when
> seeing blob and filesystem urls, make a security decision based
> on the inner origin rather than the scheme.
>
> When the extensions ProcessManager (via ExtensionWebContentsObserver) notices
a
> RenderFrame being created in an extension SiteInstance, grant that process
> permission to commit chrome-extension:// URLs.
>
> In BlobDispatcherHost, only allow creation of blob URLs from processes that
> would be able to commit them.
>
> Add a security exploit browsertest that verifies the above mechanisms working
> together.
>
> BUG=644966
>
> Committed: https://crrev.com/a411fd062bc68fc2b5fc3aca7e4cbb8e4a3e074e
> Cr-Commit-Position: refs/heads/master@{#421964}

TBR=reillyg@chromium.org,creis@chromium.org,thestig@chromium.org,rdevlin.cron...
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=644966

Committed: https://crrev.com/bd3b7a4c91c8dc7a28e197c3a88a2885121c3042
Cr-Commit-Position: refs/heads/master@{#421997}
==========

[commit-bot: I haz the power, 2016-09-30 00:45:49]

Patchset 1 (id:??) landed as
https://crrev.com/bd3b7a4c91c8dc7a28e197c3a88a2885121c3042
Cr-Commit-Position: refs/heads/master@{#421997}