From 27eef9c8edf84061f4e36a3bd26ff7538092a22b Mon Sep 17 00:00:00 2001
From: "aa@chromium.org" <aa@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>
Date: Sat, 14 Feb 2009 04:09:51 +0000
Subject: Add chrome-extension to the list of "web-safe" schemes for resource
 loading. This makes web pages able to refer to resources inside extensions.

Review URL: http://codereview.chromium.org/20371

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@9821 0039d316-1c4b-4281-b951-d872f2087c98
---
 chrome/browser/renderer_host/renderer_security_policy.cc          | 1 +
 chrome/browser/renderer_host/renderer_security_policy_unittest.cc | 2 ++
 2 files changed, 3 insertions(+)

(limited to 'chrome/browser')

diff --git a/chrome/browser/renderer_host/renderer_security_policy.cc b/chrome/browser/renderer_host/renderer_security_policy.cc
index 108ef61..3350f59 100644
--- a/chrome/browser/renderer_host/renderer_security_policy.cc
+++ b/chrome/browser/renderer_host/renderer_security_policy.cc
@@ -82,6 +82,7 @@ RendererSecurityPolicy::RendererSecurityPolicy() {
   RegisterWebSafeScheme("ftp");
   RegisterWebSafeScheme("data");
   RegisterWebSafeScheme("feed");
+  RegisterWebSafeScheme("chrome-extension");
 
   // We know about the following psuedo schemes and treat them specially.
   RegisterPseudoScheme("about");
diff --git a/chrome/browser/renderer_host/renderer_security_policy_unittest.cc b/chrome/browser/renderer_host/renderer_security_policy_unittest.cc
index a098112..c9faaea 100644
--- a/chrome/browser/renderer_host/renderer_security_policy_unittest.cc
+++ b/chrome/browser/renderer_host/renderer_security_policy_unittest.cc
@@ -33,6 +33,7 @@ TEST_F(RendererSecurityPolicyTest, IsWebSafeSchemeTest) {
   EXPECT_TRUE(p->IsWebSafeScheme("ftp"));
   EXPECT_TRUE(p->IsWebSafeScheme("data"));
   EXPECT_TRUE(p->IsWebSafeScheme("feed"));
+  EXPECT_TRUE(p->IsWebSafeScheme("chrome-extension"));
 
   EXPECT_FALSE(p->IsWebSafeScheme("registered-web-safe-scheme"));
   p->RegisterWebSafeScheme("registered-web-safe-scheme");
@@ -63,6 +64,7 @@ TEST_F(RendererSecurityPolicyTest, StandardSchemesTest) {
   EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("data:text/html,<b>Hi</b>")));
   EXPECT_TRUE(p->CanRequestURL(kRendererID,
                                GURL("view-source:http://www.google.com/")));
+  EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("chrome-extension://xy/z")));
 
   // Dangerous
   EXPECT_FALSE(p->CanRequestURL(kRendererID,
-- 
cgit v1.1