Complete UI thread blob/filesystem URL blocking and remove IO thread check.

chrome/browser/net/chrome_extensions_network_delegate.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/net/chrome_extensions_network_delegate.h"
 
 #include <stdint.h>
 
 #include "base/macros.h"
 #include "extensions/features/features.h"
 #include "net/base/net_errors.h"
 
 #if BUILDFLAG(ENABLE_EXTENSIONS)
-#include "base/debug/alias.h"
-#include "base/debug/dump_without_crashing.h"
-#include "base/strings/string_util.h"
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/extensions/api/proxy/proxy_api.h"
 #include "chrome/browser/extensions/event_router_forwarder.h"
 #include "chrome/browser/profiles/profile_manager.h"
 #include "chrome/browser/renderer_host/chrome_navigation_ui_data.h"
 #include "content/public/browser/browser_thread.h"
-#include "content/public/browser/child_process_security_policy.h"
 #include "content/public/browser/render_frame_host.h"
 #include "content/public/browser/resource_request_info.h"
 #include "content/public/common/browser_side_navigation_policy.h"
 #include "extensions/browser/api/web_request/web_request_api.h"
 #include "extensions/browser/extension_navigation_ui_data.h"
 #include "extensions/browser/info_map.h"
 #include "extensions/browser/process_manager.h"
 #include "extensions/common/permissions/api_permission.h"
 #include "net/url_request/url_request.h"
 
@@ skipping 130 matching lines @@
 
 void ChromeExtensionsNetworkDelegateImpl::ForwardDoneRequestStatus(
     net::URLRequest* request) {
   ForwardRequestStatus(REQUEST_DONE, request, profile_);
 }
 
 int ChromeExtensionsNetworkDelegateImpl::OnBeforeURLRequest(
     net::URLRequest* request,
     const net::CompletionCallback& callback,
     GURL* new_url) {
-  const content::ResourceRequestInfo* info =
-      content::ResourceRequestInfo::ForRequest(request);
-  const GURL& url(request->url());
-
-  // Block top-level navigations to blob: or filesystem: URLs with extension
-  // origin from non-extension processes.  See https://crbug.com/645028.
-  //
-  // TODO(alexmos): This check is redundant with the one in
-  // ExtensionNavigationThrottle::WillStartRequest, which was introduced in
-  // M56. This check is reintroduced temporarily to tighten this blocking for
-  // apps with a "webview" permission on M55/54 (see https://crbug.com/656752).
-  // It will be removed after it's merged.  Unlike the check in
-  // ExtensionNavigationThrottle, this check is incompatible with PlzNavigate
-  // and is disabled for that mode.
-  bool is_nested_url = url.SchemeIsFileSystem() || url.SchemeIsBlob();
-  bool is_navigation =
-      info && content::IsResourceTypeFrame(info->GetResourceType());
-  if (is_nested_url && is_navigation && info->IsMainFrame()) {
-    // Nested conditional so we don't always pay the GURL -> Origin conversion.
-    url::Origin origin = url::Origin(url);
-    if (origin.scheme() == extensions::kExtensionScheme &&
-        !extension_info_map_->process_map().Contains(info->GetChildID()) &&
-        !content::IsBrowserSideNavigationEnabled()) {
-      // Relax this restriction for apps that use <webview>.  See
-      // https://crbug.com/652077.
-      const extensions::Extension* extension =
-          extension_info_map_->extensions().GetByID(origin.host());
-      bool has_webview_permission =
-          extension &&
-          extension->permissions_data()->HasAPIPermission(
-              extensions::APIPermission::kWebView);
-      // Check whether the request is coming from a <webview> guest process via
-      // ChildProcessSecurityPolicy.  A guest process should have already been
-      // granted permission to request |origin| when its WebContents was
-      // created. See https://crbug.com/656752.
-      auto* policy = content::ChildProcessSecurityPolicy::GetInstance();
-      bool from_guest =
-          policy->HasSpecificPermissionForOrigin(info->GetChildID(), origin);

[alexmos, 2017/05/10 17:12:19]

Can't remove this from the API, unfortunately, because the Devtools extensions
stuff is also using it now.

-      if (!has_webview_permission || !from_guest) {
-        // TODO(alexmos): Temporary instrumentation to find any regressions for
-        // this blocking.  Remove after verifying that this is not breaking any
-        // legitimate use cases.
-        char origin_copy[256];
-        base::strlcpy(origin_copy, origin.Serialize().c_str(),
-                      arraysize(origin_copy));
-        base::debug::Alias(&origin_copy);
-        base::debug::Alias(&from_guest);
-        base::debug::DumpWithoutCrashing();

[alexmos, 2017/05/10 17:12:19]

I checked the stats on this, and it's rare (40 instances in all versions since
last Oct), so it's unlikely that there were regressions due to this.

-        return net::ERR_ABORTED;
-      }
-    }
-  }
-
   return ExtensionWebRequestEventRouter::GetInstance()->OnBeforeRequest(
       profile_, extension_info_map_.get(), request, callback, new_url);
 }
 
 int ChromeExtensionsNetworkDelegateImpl::OnBeforeStartTransaction(
     net::URLRequest* request,
     const net::CompletionCallback& callback,
     net::HttpRequestHeaders* headers) {
   return ExtensionWebRequestEventRouter::GetInstance()->OnBeforeSendHeaders(
       profile_, extension_info_map_.get(), request, callback, headers);
@@ skipping 166 matching lines @@
 }
 
 net::NetworkDelegate::AuthRequiredResponse
 ChromeExtensionsNetworkDelegate::OnAuthRequired(
     net::URLRequest* request,
     const net::AuthChallengeInfo& auth_info,
     const AuthCallback& callback,
     net::AuthCredentials* credentials) {
   return net::NetworkDelegate::AUTH_REQUIRED_RESPONSE_NO_ACTION;
 }