Enable webview tag in whitelisted webui pages, following the example of <extensionoptions>.

Only whitelisted webUIs could embed webview tag, specifically, they have to be declared in _api_features.json and they have to relax CSP to allow internal browser plugins.

BUG=

Review URL: https://codereview.chromium.org/572633003

Cr-Commit-Position: refs/heads/master@{#296251}

chrome/browser/ui/webui/signin/inline_login_ui.cc

@@ -25,6 +25,7 @@ content::WebUIDataSource* CreateWebUIDataSource() {
   content::WebUIDataSource* source =
         content::WebUIDataSource::Create(chrome::kChromeUIChromeSigninHost);
   source->OverrideContentSecurityPolicyFrameSrc("frame-src chrome-extension:;");
+  source->OverrideContentSecurityPolicyObjectSrc("object-src *;");
   source->SetUseJsonJSFormatV2();
   source->SetJsonPath("strings.js");
 

chrome/common/extensions/api/_api_features.json

@@ -193,11 +193,16 @@
     "dependencies": ["permission:chromeosInfoPrivate"],
     "contexts": ["blessed_extension"]
   },
-  "chromeWebViewInternal": {
+  "chromeWebViewInternal": [{
     "internal": true,
     "dependencies": ["permission:webview"],
     "contexts": ["blessed_extension"]
-  },
+  }, {
+    "internal": true,
+    "channel": "dev",
+    "contexts": ["webui"],
+    "matches": ["chrome://chrome-signin/*"]
+  }],
   "cloudPrintPrivate": {
     "dependencies": ["permission:cloudPrintPrivate"],
     "contexts": ["blessed_extension"]
@@ -731,8 +736,8 @@
     // webview uses webRequestInternal API.
     "channel": "stable",
     "internal": true,
-    "dependencies": ["permission:webview"],
-    "contexts": ["unblessed_extension"]
+    "contexts": ["webui"],
+    "matches": ["chrome://chrome-signin/*"]
   }],
   "webrtcAudioPrivate": {
     "dependencies": ["permission:webrtcAudioPrivate"],
@@ -765,10 +770,9 @@
     "dependencies": ["permission:webview"],
     "contexts": ["blessed_extension"]
   }, {
-    // Component extensions can use the webViewRequest API from iframes.
-    "location": "component",
-    "dependencies": ["permission:webview"],
-    "contexts": ["unblessed_extension"]
+    "channel": "stable",
+    "contexts": ["webui"],
+    "matches": ["chrome://chrome-signin/*"]
   }],
   "webviewTag": {
     "internal": true,

extensions/browser/guest_view/app_view/app_view_guest.cc

@@ -143,6 +143,7 @@ int AppViewGuest::GetTaskPrefix() const {
 void AppViewGuest::CreateWebContents(
     const std::string& embedder_extension_id,
     int embedder_render_process_id,
+    const GURL& embedder_site_url,
     const base::DictionaryValue& create_params,
     const WebContentsCreatedCallback& callback) {
   std::string app_id;

extensions/browser/guest_view/app_view/app_view_guest.h

@@ -51,6 +51,7 @@ class AppViewGuest : public GuestView<AppViewGuest>,
   virtual void CreateWebContents(
       const std::string& embedder_extension_id,
       int embedder_render_process_id,
+      const GURL& embedder_site_url,
       const base::DictionaryValue& create_params,
       const WebContentsCreatedCallback& callback) OVERRIDE;
   virtual void DidAttachToEmbedder() OVERRIDE;

extensions/browser/guest_view/extension_options/extension_options_guest.cc

@@ -59,6 +59,7 @@ extensions::GuestViewBase* ExtensionOptionsGuest::Create(
 void ExtensionOptionsGuest::CreateWebContents(
     const std::string& embedder_extension_id,
     int embedder_render_process_id,
+    const GURL& embedder_site_url,
     const base::DictionaryValue& create_params,
     const WebContentsCreatedCallback& callback) {
   // Get the extension's base URL.

extensions/browser/guest_view/extension_options/extension_options_guest.h

@@ -30,6 +30,7 @@ class ExtensionOptionsGuest
   virtual void CreateWebContents(
       const std::string& embedder_extension_id,
       int embedder_render_process_id,
+      const GURL& embedder_site_url,
       const base::DictionaryValue& create_params,
       const WebContentsCreatedCallback& callback) OVERRIDE;
   virtual void DidAttachToEmbedder() OVERRIDE;

extensions/browser/guest_view/guest_view_base.cc

@@ -136,11 +136,12 @@ void GuestViewBase::Init(const std::string& embedder_extension_id,
   int embedder_process_id =
       embedder_web_contents->GetRenderProcessHost()->GetID();
 
+  const GURL& embedder_site_url = embedder_web_contents->GetLastCommittedURL();
   Feature::Availability availability = feature->IsAvailableToContext(
       embedder_extension,
       process_map->GetMostLikelyContextType(embedder_extension,
                                             embedder_process_id),
-      embedder_web_contents->GetLastCommittedURL());
+      embedder_site_url);
   if (!availability.is_available()) {
     // The derived class did not create a WebContents so this class serves no
     // purpose. Let's self-destruct.
@@ -151,6 +152,7 @@ void GuestViewBase::Init(const std::string& embedder_extension_id,
 
   CreateWebContents(embedder_extension_id,
                     embedder_process_id,
+                    embedder_site_url,
                     create_params,
                     base::Bind(&GuestViewBase::CompleteInit,
                                AsWeakPtr(),

extensions/browser/guest_view/guest_view_base.h

@@ -160,6 +160,7 @@ class GuestViewBase : public content::BrowserPluginGuestDelegate,
   virtual void CreateWebContents(
       const std::string& embedder_extension_id,
       int embedder_render_process_id,
+      const GURL& embedder_site_url,
       const base::DictionaryValue& create_params,
       const WebContentsCreatedCallback& callback) = 0;
 

extensions/browser/guest_view/mime_handler_view/mime_handler_view_guest.cc

@@ -59,6 +59,7 @@ int MimeHandlerViewGuest::GetTaskPrefix() const {
 void MimeHandlerViewGuest::CreateWebContents(
     const std::string& embedder_extension_id,
     int embedder_render_process_id,
+    const GURL& embedder_site_url,
     const base::DictionaryValue& create_params,
     const WebContentsCreatedCallback& callback) {
   std::string orig_mime_type;

extensions/browser/guest_view/mime_handler_view/mime_handler_view_guest.h

@@ -24,6 +24,7 @@ class MimeHandlerViewGuest : public GuestView<MimeHandlerViewGuest> {
   virtual void CreateWebContents(
       const std::string& embedder_extension_id,
       int embedder_render_process_id,
+      const GURL& embedder_site_url,
       const base::DictionaryValue& create_params,
       const WebContentsCreatedCallback& callback) OVERRIDE;
   virtual void DidAttachToEmbedder() OVERRIDE;

extensions/browser/guest_view/web_view/web_view_guest.cc

@@ -186,6 +186,7 @@ int WebViewGuest::GetTaskPrefix() const {
 void WebViewGuest::CreateWebContents(
     const std::string& embedder_extension_id,
     int embedder_render_process_id,
+    const GURL& embedder_site_url,
     const base::DictionaryValue& create_params,
     const WebContentsCreatedCallback& callback) {
   content::RenderProcessHost* embedder_render_process_host =
@@ -210,12 +211,20 @@ void WebViewGuest::CreateWebContents(
   std::string url_encoded_partition = net::EscapeQueryParamValue(
       storage_partition_id, false);
   // The SiteInstance of a given webview tag is based on the fact that it's
-  // a guest process in addition to which platform application the tag
-  // belongs to and what storage partition is in use, rather than the URL
-  // that the tag is being navigated to.
+  // a guest process in addition to which platform application or which WebUI
+  // page the tag belongs to and what storage partition is in use, rather than
+  // the URL that the tag is being navigated to.
+  std::string partition_domain;
+  if (embedder_extension_id.empty()) {
+    DCHECK(content::ChildProcessSecurityPolicy::GetInstance()->HasWebUIBindings(
+        embedder_render_process_id));
+    partition_domain = embedder_site_url.host();
+  } else {
+    partition_domain = embedder_extension_id;
+  }
   GURL guest_site(base::StringPrintf("%s://%s/%s?%s",
                                      content::kGuestScheme,
-                                     embedder_extension_id.c_str(),
+                                     partition_domain.c_str(),
                                      persist_storage ? "persist" : "",
                                      url_encoded_partition.c_str()));
 
@@ -760,7 +769,6 @@ void WebViewGuest::PushWebViewStateToIOThread() {
     NOTREACHED();
     return;
   }
-  DCHECK(embedder_extension_id() == partition_domain);
 
   WebViewRendererState::WebViewInfo web_view_info;
   web_view_info.embedder_process_id = embedder_render_process_id();
@@ -1113,7 +1121,6 @@ void WebViewGuest::DestroyUnattachedWindows() {
 
 GURL WebViewGuest::ResolveURL(const std::string& src) {
   if (!in_extension()) {
-    NOTREACHED();
     return GURL(src);
   }
 

extensions/browser/guest_view/web_view/web_view_guest.h

@@ -83,6 +83,7 @@ class WebViewGuest : public GuestView<WebViewGuest>,
   virtual void CreateWebContents(
       const std::string& embedder_extension_id,
       int embedder_render_process_id,
+      const GURL& embedder_site_url,
       const base::DictionaryValue& create_params,
       const WebContentsCreatedCallback& callback) OVERRIDE;
   virtual void DidAttachToEmbedder() OVERRIDE;

extensions/common/api/_api_features.json

@@ -72,17 +72,15 @@
       "internal": true,
       "channel": "stable",
       "contexts": ["blessed_extension"]
-    }, {
-      // Component extensions can use the guestViewInternal API from iframes.
-      "location": "component",
-      "internal": true,
-      "dependencies": ["permission:webview"],
-      "contexts": ["unblessed_extension"]
     }, {
       "internal": true,
       "channel": "trunk",
       "contexts": ["webui"],
-      "matches": ["chrome://extensions-frame/*", "chrome://extensions/*"]
+      "matches": [
+        "chrome://extensions-frame/*",
+        "chrome://extensions/*",
+        "chrome://chrome-signin/*"
+      ]
     }
   ],
   "hid": {
@@ -252,10 +250,9 @@
     "dependencies": ["permission:webview"],
     "contexts": ["blessed_extension"]
   }, {
-    // Component extensions can use the webViewInternal API from iframes.
-    "location": "component",
     "internal": true,
-    "dependencies": ["permission:webview"],
-    "contexts": ["unblessed_extension"]
+    "channel": "dev",
+    "contexts": ["webui"],
+    "matches": ["chrome://chrome-signin/*"]
   }]
 }