Add schema chrome-extension-resource:// for extension resources

chrome/browser/extensions/extension_protocols.cc

Index: chrome/browser/extensions/extension_protocols.cc
diff --git a/chrome/browser/extensions/extension_protocols.cc b/chrome/browser/extensions/extension_protocols.cc
index 4b551533b00188845870845d9d44b1bd55a41d48..8b098ec3adbe7e1d731632d2b534a95fc4c796c2 100644
--- a/chrome/browser/extensions/extension_protocols.cc
+++ b/chrome/browser/extensions/extension_protocols.cc
@@ -8,6 +8,7 @@
 
 #include "base/compiler_specific.h"
 #include "base/file_path.h"
+#include "base/file_util.h"
 #include "base/logging.h"
 #include "base/message_loop.h"
 #include "base/path_service.h"
@@ -240,7 +241,7 @@ class ExtensionProtocolHandler
   DISALLOW_COPY_AND_ASSIGN(ExtensionProtocolHandler);
 };
 
-// Creates URLRequestJobs for extension:// URLs.
+// Creates URLRequestJobs for chrome-extension:// URLs.
 net::URLRequestJob*
 ExtensionProtocolHandler::MaybeCreateJob(net::URLRequest* request) const {
   // TODO(mpcomplete): better error code.
@@ -317,11 +318,46 @@ ExtensionProtocolHandler::MaybeCreateJob(net::URLRequest* request) const {
     base::ThreadRestrictions::ScopedAllowIO allow_io;
     resource_file_path = resource.GetFilePath();
   }
-
   return new URLRequestExtensionJob(request, resource_file_path,
                                     content_security_policy, send_cors_header);
 }
 
+class ExtensionResourceProtocolHandler
+    : public net::URLRequestJobFactory::ProtocolHandler {
+ public:
+  ExtensionResourceProtocolHandler() {}
+  virtual ~ExtensionResourceProtocolHandler() {}
+
+  virtual net::URLRequestJob* MaybeCreateJob(
+      net::URLRequest* request) const OVERRIDE;
+
+ private:
+  DISALLOW_COPY_AND_ASSIGN(ExtensionResourceProtocolHandler);
+};
+
+// Creates URLRequestJobs for chrome-extension-resource:// URLs.
+net::URLRequestJob*
+ExtensionResourceProtocolHandler::MaybeCreateJob(
+    net::URLRequest* request) const {
+  DCHECK(!request->url().has_host());
+
+  FilePath resource_root_path;
+  PathService::Get(chrome::DIR_RESOURCES_EXTENSION, &resource_root_path);
+
+  FilePath relative_path =
+    extension_file_util::ExtensionURLToRelativeFilePath(request->url());

[Tom Sepez, 2012/04/13 17:20:51]

Is this where we count on unsafe directory traversal being blocked?  Why do we
know that this will happen?

[Peng, 2012/04/17 13:52:05]

This function just decode the escape and get the relative file path.

The code for blocking direct traversal is between 352  and 356 of this
reversion.

In the next reversion, I will move this logic into
ExtensionResourceURLToFilePath().

+
+  FilePath full_path = resource_root_path.Append(relative_path);
+
+  if (!file_util::AbsolutePath(&full_path) ||
+      !resource_root_path.IsParent(full_path) ||
+      !file_util::PathExists(full_path)) {
+      full_path = FilePath();

[abarth-chromium, 2012/04/13 17:11:24]

This is an important security check, and I'm glad to see it here.  Can we add a
unit test to make sure that it continues to function as expected?

[Peng, 2012/04/17 13:52:05]

Done.

+  }
+
+  return new net::URLRequestFileJob(request, full_path);
+}
+
 }  // namespace
 
 net::URLRequestJobFactory::ProtocolHandler* CreateExtensionProtocolHandler(
@@ -329,3 +365,8 @@ net::URLRequestJobFactory::ProtocolHandler* CreateExtensionProtocolHandler(
     ExtensionInfoMap* extension_info_map) {
   return new ExtensionProtocolHandler(is_incognito, extension_info_map);
 }
+
+net::URLRequestJobFactory::ProtocolHandler*
+CreateExtensionResourceProtocolHandler() {
+  return new ExtensionResourceProtocolHandler();
+}