Merge 55656 - Allow chrome:// pages to load extension resources. Also, lock down access from chrome-extension:// pages to the origin of the resource being requested.

BUG=51702

Review URL: http://codereview.chromium.org/3121003

TBR=aa@chromium.org
Review URL: http://codereview.chromium.org/3186001

git-svn-id: svn://svn.chromium.org/chrome/branches/472/src@56061 0039d316-1c4b-4281-b951-d872f2087c98

5 files changed, 39 insertions, 6 deletions

diff --git a/chrome/browser/extensions/extension_browsertests_misc.cc b/chrome/browser/extensions/extension_browsertests_misc.cc
index 457b224..b6c582c 100644
--- a/chrome/browser/extensions/extension_browsertests_misc.cc
+++ b/chrome/browser/extensions/extension_browsertests_misc.cc
@@ -182,6 +182,7 @@ IN_PROC_BROWSER_TEST_F(ExtensionBrowserTest, OriginPrivileges) {
   ASSERT_TRUE(LoadExtension(test_data_dir_
     .AppendASCII("origin_privileges").AppendASCII("extension")));
 
+  // A web host that has permission.
   ui_test_utils::NavigateToURL(browser(),
       GURL("http://a.com:1337/files/extensions/origin_privileges/index.html"));
   std::string result;
@@ -191,6 +192,7 @@ IN_PROC_BROWSER_TEST_F(ExtensionBrowserTest, OriginPrivileges) {
       &result);
   EXPECT_EQ(result, "Loaded");
 
+  // A web host that does not have permission.
   ui_test_utils::NavigateToURL(browser(),
       GURL("http://b.com:1337/files/extensions/origin_privileges/index.html"));
   ui_test_utils::ExecuteJavaScriptAndExtractString(
@@ -198,6 +200,19 @@ IN_PROC_BROWSER_TEST_F(ExtensionBrowserTest, OriginPrivileges) {
       L"window.domAutomationController.send(document.title)",
       &result);
   EXPECT_EQ(result, "Image failed to load");
+
+  // A different extension. Extensions should always be able to load each
+  // other's resources.
+  ASSERT_TRUE(LoadExtension(test_data_dir_
+    .AppendASCII("origin_privileges").AppendASCII("extension2")));
+  ui_test_utils::NavigateToURL(
+      browser(),
+      GURL("chrome-extension://pbkkcbgdkliohhfaeefcijaghglkahja/index.html"));
+  ui_test_utils::ExecuteJavaScriptAndExtractString(
+    browser()->GetSelectedTabContents()->render_view_host(), L"",
+      L"window.domAutomationController.send(document.title)",
+      &result);
+  EXPECT_EQ(result, "Loaded");
 }
 
 // Tests that we can load extension pages into the tab area and they can call
diff --git a/chrome/browser/extensions/extension_protocols.cc b/chrome/browser/extensions/extension_protocols.cc
index 7caa170..d88e045 100644
--- a/chrome/browser/extensions/extension_protocols.cc
+++ b/chrome/browser/extensions/extension_protocols.cc
@@ -77,13 +77,22 @@ static URLRequestJob* CreateExtensionURLRequestJob(URLRequest* request,
   const ResourceDispatcherHostRequestInfo* info =
       ResourceDispatcherHost::InfoForRequest(request);
 
-  // Don't allow extension resources to be loaded from origins which are not
-  // present in the extension's effective host permissions with the exception
-  // of empty origins and extension schemes.
-  if (!info->frame_origin().empty() &&
-      !GURL(info->frame_origin()).SchemeIs(chrome::kExtensionScheme)) {
+  // Extension resources should only be loadable from web pages which the
+  // extension has host permissions to (and therefore could be running script
+  // in, which might need access to the extension resources).
+  //
+  // chrome:// pages are exempt. We allow them to load any extension resource.
+  // This is used for, eg, the app launcher in the NTP.
+  //
+  // chrome-extension:// pages are also exempt, mostly for legacy reasons. Some
+  // extensions did this to integrate with each other before we added this code.
+  GURL origin_url(info->frame_origin());
+  if (!origin_url.is_empty() &&
+      !origin_url.SchemeIs(chrome::kChromeUIScheme) &&
+      !origin_url.SchemeIs(chrome::kExtensionScheme)) {
     ExtensionExtent host_permissions =
-      context->GetEffectiveHostPermissionsForExtension(request->url().host());
+        context->GetEffectiveHostPermissionsForExtension(
+            request->url().host());
     if (!host_permissions.ContainsURL(GURL(info->frame_origin())))
       return new URLRequestErrorJob(request, net::ERR_ADDRESS_UNREACHABLE);
   }
diff --git a/chrome/test/data/extensions/origin_privileges/extension2/index.html b/chrome/test/data/extensions/origin_privileges/extension2/index.html
new file mode 100644
index 0000000..4183769
--- /dev/null
+++ b/chrome/test/data/extensions/origin_privileges/extension2/index.html
@@ -0,0 +1,3 @@
+<title>Unmodified</title>
+
+<img onload="document.title='Loaded'" onerror="document.title='Image failed to load'" src="chrome-extension://fnbdbepgnidhjejikpionpfohdjjogpm/test.png">
\ No newline at end of file
diff --git a/chrome/test/data/extensions/origin_privileges/extension2/manifest.json b/chrome/test/data/extensions/origin_privileges/extension2/manifest.json
new file mode 100644
index 0000000..970fcf0
--- /dev/null
+++ b/chrome/test/data/extensions/origin_privileges/extension2/manifest.json
@@ -0,0 +1,6 @@
+{
+   "description": "test",
+   "key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPOziAf8MbTjdUo6DysZ4nAU/2f/kwYnftyKkxI1GyTlbStprGy+Y2ek4/59QbE3xEE+dIIuYeObM4QTptpcFMg956ZLFoeDg41Pg3tzUrbltgG8hXTbBxN852FJx2kdaqa/MKUUsJKGSD5hkUmvZRADGGWhMWzvz64ao1h02xJQIDAQAC",
+   "name": "test",
+   "version": "0.1"
+}
diff --git a/chrome/test/data/extensions/origin_privileges/extension2/test.png b/chrome/test/data/extensions/origin_privileges/extension2/test.png
new file mode 100644
index 0000000..4421311
--- /dev/null
+++ b/chrome/test/data/extensions/origin_privileges/extension2/test.png