Block navigations to hosted apps non-icon resources with PlzNavigate.

extensions/browser/extension_navigation_throttle.cc

 // Copyright 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "extensions/browser/extension_navigation_throttle.h"
 
 #include "components/guest_view/browser/guest_view_base.h"
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/navigation_handle.h"
 #include "content/public/browser/render_frame_host.h"
 #include "content/public/browser/web_contents.h"
 #include "content/public/common/browser_side_navigation_policy.h"
 #include "content/public/common/url_constants.h"
 #include "extensions/browser/extension_registry.h"
 #include "extensions/browser/guest_view/web_view/web_view_guest.h"
 #include "extensions/browser/url_request_util.h"
 #include "extensions/common/constants.h"
 #include "extensions/common/extension.h"
 #include "extensions/common/extension_set.h"
+#include "extensions/common/manifest_handlers/icons_handler.h"
 #include "extensions/common/manifest_handlers/web_accessible_resources_info.h"
 #include "extensions/common/manifest_handlers/webview_info.h"
 #include "extensions/common/permissions/api_permission.h"
 #include "extensions/common/permissions/permissions_data.h"
 #include "ui/base/page_transition_types.h"
 
 namespace extensions {
 
 ExtensionNavigationThrottle::ExtensionNavigationThrottle(
     content::NavigationHandle* navigation_handle)
@@ skipping 28 matching lines @@
     return content::NavigationThrottle::PROCEED;
   }
 
   // If the navigation is to an unknown or disabled extension, block it.
   if (!target_extension) {
     // TODO(nick): This yields an unsatisfying error page; use a different error
     // code once that's supported. https://crbug.com/649869
     return content::NavigationThrottle::BLOCK_REQUEST;
   }
 
+  // Hosted apps don't have any associated resources outside of icons, so
+  // block any requests to URLs in their extension origin.
+  if (target_extension->is_hosted_app()) {
+    base::StringPiece resource_root_relative_path =
+        url.path_piece().empty() ? base::StringPiece()
+                                 : url.path_piece().substr(1);
+    if (!IconsInfo::GetIcons(target_extension)
+             .ContainsPath(resource_root_relative_path)) {
+      return content::NavigationThrottle::BLOCK_REQUEST;
+    }
+  }
+
   if (navigation_handle()->IsInMainFrame()) {
     // Block top-level navigations to blob: or filesystem: URLs with extension
     // origin from non-extension processes.  See https://crbug.com/645028.
     bool current_frame_is_extension_process =
         !!registry->enabled_extensions().GetExtensionOrAppByURL(
             navigation_handle()->GetStartingSiteInstance()->GetSiteURL());
 
     if (!url_has_extension_scheme && !current_frame_is_extension_process) {
       // Relax this restriction for apps that use <webview>.  See
       // https://crbug.com/652077.
@@ skipping 89 matching lines @@
     return CANCEL;
   }
   return result;
 }
 
 const char* ExtensionNavigationThrottle::GetNameForLogging() {
   return "ExtensionNavigationThrottle";
 }
 
 }  // namespace extensions