Add schema chrome-extension-resource:// for extension resources

chrome/renderer/chrome_content_renderer_client.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/renderer/chrome_content_renderer_client.h"
 
 #include <string>
 
 #include "base/command_line.h"
 #include "base/logging.h"
@@ skipping 213 matching lines @@
 
   // chrome:, and chrome-extension: resources shouldn't trigger insecure
   // content warnings.
   WebSecurityPolicy::registerURLSchemeAsSecure(chrome_ui_scheme);
 
   WebString extension_scheme(ASCIIToUTF16(chrome::kExtensionScheme));
   WebSecurityPolicy::registerURLSchemeAsSecure(extension_scheme);
 
   // chrome-extension: resources should be allowed to receive CORS requests.
   WebSecurityPolicy::registerURLSchemeAsCORSEnabled(extension_scheme);
+
+  WebString extension_resource_scheme(
+      ASCIIToUTF16(chrome::kExtensionResourceScheme));
+  WebSecurityPolicy::registerURLSchemeAsSecure(extension_resource_scheme);
+
+  // chrome-extension-resource: resources should be allowed to receive CORS
+  // requests.
+  WebSecurityPolicy::registerURLSchemeAsCORSEnabled(extension_resource_scheme);
 }
 
 void ChromeContentRendererClient::RenderViewCreated(
     content::RenderView* render_view) {
   ContentSettingsObserver* content_settings =
       new ContentSettingsObserver(render_view);
   if (chrome_observer_.get()) {
     content_settings->SetContentSettingRules(
         chrome_observer_->content_setting_rules());
   }
@@ skipping 493 matching lines @@
     if (is_extension_url != extension_dispatcher_->is_extension_process())
       return true;
   }
 
   return false;
 }
 
 bool ChromeContentRendererClient::WillSendRequest(WebKit::WebFrame* frame,
                                                   const GURL& url,
                                                   GURL* new_url) {
-  // If the request is for an extension resource, check whether it should be
-  // allowed. If not allowed, we reset the URL to something invalid to prevent
-  // the request and cause an error.
+  // Check whether the request should be allowed. If not allowed, we reset the
+  // URL to something invalid to prevent the request and cause an error.
   if (url.SchemeIs(chrome::kExtensionScheme) &&
       !ExtensionResourceRequestPolicy::CanRequestResource(
           url,
           frame,
           extension_dispatcher_->extensions())) {
     *new_url = GURL("chrome-extension://invalid/");
     return true;
+
+  }
+
+  if (url.SchemeIs(chrome::kExtensionResourceScheme) &&
+      !ExtensionResourceRequestPolicy::CanRequestExtensionResourceScheme(
+          url,
+          frame)) {
+    *new_url = GURL("chrome-extension-resource://invalid/");
+    return true;
   }
 
   return false;
 }
 
 bool ChromeContentRendererClient::ShouldPumpEventsDuringCookieMessage() {
   // We no longer pump messages, even under Chrome Frame. We rely on cookie
   // read requests handled by CF not putting up UI or causing other actions
   // that would require us to pump messages. This fixes http://crbug.com/110090.
   return false;
@@ skipping 133 matching lines @@
 bool ChromeContentRendererClient::IsOtherExtensionWithWebRequestInstalled() {
   return extension_dispatcher_->IsOtherExtensionWithWebRequestInstalled();
 }
 
 void ChromeContentRendererClient::RegisterPPAPIInterfaceFactories(
     webkit::ppapi::PpapiInterfaceFactoryManager* factory_manager) {
   factory_manager->RegisterFactory(ChromePPAPIInterfaceFactory);
 }
 
 }  // namespace chrome