Allow navigations to non-web-accessible resources from chrome schemes.

chrome/browser/extensions/window_open_apitest.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <stddef.h>
 
 #include "base/path_service.h"
 #include "base/strings/stringprintf.h"
 #include "base/test/histogram_tester.h"
 #include "build/build_config.h"
 #include "chrome/browser/extensions/extension_apitest.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/ui/browser.h"
 #include "chrome/browser/ui/browser_finder.h"
 #include "chrome/browser/ui/browser_list.h"
 #include "chrome/browser/ui/tabs/tab_strip_model.h"
 #include "chrome/common/chrome_paths.h"
+#include "chrome/common/url_constants.h"
 #include "chrome/test/base/ui_test_utils.h"
 #include "content/public/browser/notification_service.h"
 #include "content/public/browser/notification_types.h"
 #include "content/public/browser/render_frame_host.h"
 #include "content/public/browser/render_process_host.h"
 #include "content/public/browser/web_contents.h"
 #include "content/public/common/result_codes.h"
 #include "content/public/common/url_constants.h"
 #include "content/public/test/browser_test_utils.h"
+#include "content/public/test/test_navigation_observer.h"
 #include "extensions/browser/extension_host.h"
 #include "extensions/browser/process_manager.h"
 #include "extensions/common/constants.h"
 #include "extensions/common/extension.h"
 #include "extensions/test/extension_test_message_listener.h"
 #include "extensions/test/result_catcher.h"
 #include "net/dns/mock_host_resolver.h"
 #include "net/test/embedded_test_server/embedded_test_server.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
@@ skipping 250 matching lines @@
   ASSERT_TRUE(content::ExecuteScriptAndExtractBool(newtab, "testExtensionApi()",
                                                    &result));
   EXPECT_TRUE(result);
 }
 
 // Tests that calling window.open for an extension URL from a non-HTTP or HTTPS
 // URL on a new tab cannot access non-web-accessible resources.
 IN_PROC_BROWSER_TEST_F(ExtensionBrowserTest,
                        WindowOpenInaccessibleResourceFromDataURL) {
   base::HistogramTester uma;
-  ASSERT_TRUE(LoadExtension(
-      test_data_dir_.AppendASCII("uitest").AppendASCII("window_open")));
+  const extensions::Extension* extension = LoadExtension(
+      test_data_dir_.AppendASCII("uitest").AppendASCII("window_open"));
+  ASSERT_TRUE(extension);
 
   ui_test_utils::NavigateToURL(browser(), GURL("data:text/html,foo"));
 
   // test.html is not web-accessible and should not be loaded.
-  GURL extension_url(extensions::Extension::GetResourceURL(
-      extensions::Extension::GetBaseURLFromExtensionId(
-          last_loaded_extension_id()),
-      "test.html"));
-
+  GURL extension_url(extension->GetResourceURL("test.html"));
   content::WindowedNotificationObserver windowed_observer(
       content::NOTIFICATION_LOAD_STOP,
       content::NotificationService::AllSources());
   ASSERT_TRUE(content::ExecuteScript(
       browser()->tab_strip_model()->GetActiveWebContents(),
       "window.open('" + extension_url.spec() + "');"));
   windowed_observer.Wait();
   content::NavigationController* controller =
       content::Source<content::NavigationController>(windowed_observer.source())
           .ptr();
   content::WebContents* newtab = controller->GetWebContents();
   ASSERT_TRUE(newtab);
 
   EXPECT_NE(extension_url, newtab->GetMainFrame()->GetLastCommittedURL());
   EXPECT_FALSE(newtab->GetMainFrame()->GetSiteInstance()->GetSiteURL().SchemeIs(
       extensions::kExtensionScheme));
 
   // Verify that the blocking was recorded correctly in UMA.
   uma.ExpectUniqueSample("Extensions.ShouldAllowOpenURL.Failure",
                          2, /* FAILURE_SCHEME_NOT_HTTP_OR_HTTPS_OR_EXTENSION */
                          1);
 }
+
+// Test that navigating to an extension URL is allowed on chrome:// and
+// chrome-search:// pages, even for URLs that are not web-accessible.
+// See https://crbug.com/662602.
+IN_PROC_BROWSER_TEST_F(ExtensionBrowserTest,
+                       NavigateToInaccessibleResourceFromChromeURL) {
+  // Mint an extension URL which is not web-accessible.
+  const extensions::Extension* extension = LoadExtension(
+      test_data_dir_.AppendASCII("uitest").AppendASCII("window_open"));
+  ASSERT_TRUE(extension);
+  GURL extension_url(extension->GetResourceURL("test.html"));
+
+  content::WebContents* tab =
+      browser()->tab_strip_model()->GetActiveWebContents();
+
+  // Navigate to the non-web-accessible URL from chrome:// and
+  // chrome-search:// pages.  Verify that the page loads correctly.
+  GURL history_url(chrome::kChromeUIHistoryURL);
+  GURL ntp_url(chrome::kChromeSearchLocalNtpUrl);
+  ASSERT_TRUE(history_url.SchemeIs(content::kChromeUIScheme));
+  ASSERT_TRUE(ntp_url.SchemeIs(chrome::kChromeSearchScheme));
+  GURL start_urls[] = {history_url, ntp_url};
+  for (size_t i = 0; i < arraysize(start_urls); i++) {
+    ui_test_utils::NavigateToURL(browser(), start_urls[i]);
+    EXPECT_EQ(start_urls[i], tab->GetMainFrame()->GetLastCommittedURL());
+
+    content::TestNavigationObserver observer(tab);
+    ASSERT_TRUE(content::ExecuteScript(
+        tab, "location.href = '" + extension_url.spec() + "';"));
+    observer.Wait();
+    EXPECT_EQ(extension_url, tab->GetMainFrame()->GetLastCommittedURL());
+    std::string result;
+    ASSERT_TRUE(content::ExecuteScriptAndExtractString(
+        tab, "domAutomationController.send(document.body.innerText)", &result));
+    EXPECT_EQ("HOWDIE!!!", result);
+  }
+}