[Extensions] Block extension API navigations to devtools scheme pages

This CL blocks extension API navigations to devtools scheme pages for
extensions which do not have either the devtools or debugger permission.

Bug: 1049265
Change-Id: I1db2847c9a15918b3557ec799810013c58a75108
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2555462
Commit-Queue: Tim Judkins <tjudkins@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Devlin <rdevlin.cronin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#831189}

chrome/browser/extensions/api/tabs/tabs_constants.cc

@@ -121,6 +121,9 @@ const char kLockedFullscreenModeNewTabError[] =
     "You cannot create new tabs while in locked fullscreen mode.";
 const char kGroupParamsError[] =
     "Cannot specify 'createProperties' along with a 'groupId'.";
+const char kCannotNavigateToDevtools[] =
+    "Cannot navigate to a devtools:// page without either the devtools or "
+    "debugger permission.";
 
 }  // namespace tabs_constants
 }  // namespace extensions

chrome/browser/extensions/api/tabs/tabs_constants.h

@@ -109,6 +109,7 @@ extern const char kJavaScriptUrlsNotAllowedInTabsUpdate[];
 extern const char kBrowserWindowNotAllowed[];
 extern const char kLockedFullscreenModeNewTabError[];
 extern const char kGroupParamsError[];
+extern const char kCannotNavigateToDevtools[];
 
 }  // namespace tabs_constants
 }  // namespace extensions

chrome/browser/extensions/extension_tab_util.cc

@@ -815,6 +815,17 @@ bool ExtensionTabUtil::PrepareURLForNavigation(const std::string& url_string,
     return false;
   }
 
+  // Don't let the extension navigate directly to devtools scheme pages, unless
+  // they have applicable permissions.
+  if (url.SchemeIs(content::kChromeDevToolsScheme) &&
+      !(extension->permissions_data()->HasAPIPermission(
+            APIPermission::kDevtools) ||
+        extension->permissions_data()->HasAPIPermission(
+            APIPermission::kDebugger))) {
+    *error = tabs_constants::kCannotNavigateToDevtools;
+    return false;
+  }
+
   return_url->Swap(&url);
   return true;
 }

chrome/browser/extensions/extension_tab_util_unittest.cc

@@ -165,4 +165,41 @@ TEST(ExtensionTabUtilTest, PrepareURLForNavigation) {
   }
 }
 
+TEST(ExtensionTabUtilTest, PrepareURLForNavigationOnDevtools) {
+  const std::string kDevtoolsURL(
+      "devtools://devtools/bundled/devtools_app.html");
+  // A devtools url should return false and set the error.
+  {
+    auto no_permission_extension = ExtensionBuilder("none").Build();
+    std::string error;
+    GURL url;
+    EXPECT_FALSE(ExtensionTabUtil::PrepareURLForNavigation(
+        kDevtoolsURL, no_permission_extension.get(), &url, &error));
+    EXPECT_EQ(tabs_constants::kCannotNavigateToDevtools, error);
+  }
+  // Having the devtools permissions should allow access.
+  {
+    auto devtools_extension = ExtensionBuilder("devtools")
+                                  .SetManifestKey("devtools_page", "foo.html")
+                                  .Build();
+    std::string error;
+    GURL url;
+    EXPECT_TRUE(ExtensionTabUtil::PrepareURLForNavigation(
+        kDevtoolsURL, devtools_extension.get(), &url, &error));
+    EXPECT_EQ(kDevtoolsURL, url);
+    EXPECT_TRUE(error.empty());
+  }
+  // Having the debugger permissions should also allow access.
+  {
+    auto debugger_extension =
+        ExtensionBuilder("debugger").AddPermission("debugger").Build();
+    std::string error;
+    GURL url;
+    EXPECT_TRUE(ExtensionTabUtil::PrepareURLForNavigation(
+        kDevtoolsURL, debugger_extension.get(), &url, &error));
+    EXPECT_EQ(kDevtoolsURL, url);
+    EXPECT_TRUE(error.empty());
+  }
+}
+
 }  // namespace extensions