Remove "whitelist" and "blacklist" from extension docs.

I left one instance of "whitelist" in shared_modules, where it's
actually part of the public API.

BUG=842296

Change-Id: I63c8533c88801c283af5a6ddca710c2a246ce6bf
Reviewed-on: https://chromium-review.googlesource.com/1056027
Commit-Queue: Jeffrey Yasskin <jyasskin@chromium.org>
Reviewed-by: Devlin <rdevlin.cronin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#558375}

chrome/common/extensions/docs/templates/articles/app_codelab_images.html

@@ -39,7 +39,7 @@ apply the process mentioned above in order to show an image thumbnail next to th
 <h3 id="update-permissions">Update permissions</h3>
 
 <p>In a Chrome App, you can make XMLHttpRequest calls to any URL as long as you 
-whitelist its domain in the manifest. Since you won't know 
+specify its domain in the manifest. Since you won't know
 beforehand what image URL the user will type, 
 ask permission to make requests to <code>"&lt;all_urls&gt;"</code>.</p>
 

chrome/common/extensions/docs/templates/articles/app_external.html

@@ -266,7 +266,7 @@ you want to specify the exact origin
 from where the message is sent.
 Chrome Apps have no access
 to the unique origin of sandboxed content,
-so you can only whitelist all origins
+so you can only allowlist all origins
 as acceptable origins ('*').
 On the receiving end,
 you generally want to check the origin;

chrome/common/extensions/docs/templates/articles/app_identity.html

@@ -283,7 +283,7 @@ redirect URIs from other providers, you should use:
 
 <p>
 To make cross-origin XHRs to the provider API endpoints,
-you need to whitelist the appropriate patterns in the permissions:
+you need to allowlist the appropriate patterns in the permissions:
 </p>
 
 <pre data-filename="manifest.json">

chrome/common/extensions/docs/templates/articles/contentSecurityPolicy.html

@@ -13,7 +13,7 @@
 </p>
 
 <p>
-  In general, CSP works as a black/whitelisting mechanism for resources loaded
+  In general, CSP works as a block/allowlisting mechanism for resources loaded
   or executed by your extensions. Defining a reasonable policy for your
   extension enables you to carefully consider the resources that your extension
   requires, and to ask the browser to ensure that those are the only resources
@@ -263,7 +263,7 @@ function main() {
 </p>
 
 <p>
-  As of Chrome 46, inline scripts can be whitelisted by specifying the
+  As of Chrome 46, inline scripts can be allowed by specifying the
   base64-encoded hash of the source code in the policy. This hash must be
   prefixed by the used hash algorithm (sha256, sha384 or sha512).
   See
@@ -275,7 +275,7 @@ function main() {
 
 <p>
   If you have a need for some external JavaScript or object
-  resources, you can relax the policy to a limited extent by whitelisting
+  resources, you can relax the policy to a limited extent by allowlisting
   secure origins from which scripts should be accepted. We want to ensure that
   executable resources loaded with an extension's elevated permissions are
   exactly the resources you expect, and haven't been replaced by an active
@@ -286,7 +286,7 @@ function main() {
 </p>
 
 <p>
-  Currently, we allow whitelisting origins with the following schemes:
+  Currently, developers can allowlist origins with the following schemes:
   <code>blob</code>, <code>filesystem</code>, <code>https</code>, and
   <code>chrome-extension</code>.
   The host part of the origin must explicitly be specified for the
@@ -299,12 +299,12 @@ function main() {
   domains, the subdomain must explicitly be listed. For example,
   <code>https://*.cloudfront.net</code> is invalid, but
   <code>https://XXXX.cloudfront.net</code> and
-  <code>https://*.XXXX.cloudfront.net</code> can be whitelisted.
+  <code>https://*.XXXX.cloudfront.net</code> can be allowlisted.
 </p>
 
 <p>
-  To ease development, we're also allowing the whitelisting of resources loaded
-  over HTTP from servers on your local machine. You may whitelist script and
+  For development ease, resources loaded over HTTP from servers on your local
+  machine can be allowlisted. You may allowlist script and
   object sources on any port of either <code>http://127.0.0.1</code> or
   <code>http://localhost</code>.
 </p>

chrome/common/extensions/docs/templates/articles/external_extensions.html

@@ -384,13 +384,13 @@ that have a dependency on the native binary
 <p><b>What if the user uninstalls the extension?</b> </p>
 <p>If the user uninstalls the extension through the UI, it will no
 longer be installed or updated on each startup. In other words, the
-external extension is blacklisted. </p>
+external extension is blocklisted. </p>
 
-<p><b>How do I get off the blacklist?</b> </p>
+<p><b>How do I get off the blocklist?</b> </p>
 <p>If the user uninstalls your extension, you should respect that
 decision. However, if you (the developer) accidentally uninstalled
 your extension through the UI,
-you can remove the blacklist tag
+you can remove the blocklist tag
 by installing the extension normally
 through the UI, and then uninstalling it. </p>
 

chrome/common/extensions/docs/templates/articles/manifest/storage.html

@@ -135,7 +135,7 @@ does not conform to the schema then it will not be published by the
     // This example policy could map a URL to its settings. An example value:
     // {
     //   "youtube.com": {
-    //     "blacklisted": true
+    //     "blocklisted": true
     //   },
     //   "google.com": {
     //     "bypass_proxy": true
@@ -146,7 +146,7 @@ does not conform to the schema then it will not be published by the
       "additionalProperties": {
         "type": "object",
         "properties": {
-          "blacklisted": { "type": "boolean" },
+          "blocklisted": { "type": "boolean" },
           "bypass_proxy": { "type": "boolean" }
         }
       }

chrome/common/extensions/docs/templates/articles/manifest/web_accessible_resources.html

@@ -5,7 +5,7 @@ An array of strings specifying the paths of packaged resources that are expected
 to be usable in the context of a web page. These paths are relative to the package
 root, and may contain wildcards.
 For example, an extension that injects a content script with the intention of
-building up some custom interface for <code>example.com</code> would whitelist
+building up some custom interface for <code>example.com</code> would allow
 any resources that interface requires (images, icons, stylesheets, scripts,
 etc.) as follows:
 </p>
@@ -27,7 +27,7 @@ etc.) as follows:
 <p>
 These resources would then be available in a webpage via the URL
 <code>chrome-extension://[PACKAGE ID]/[PATH]</code>, which can be generated with
-the <a href="https://developer.chrome.com/extensions/extension#method-getURL">extension.getURL</a> method. Whitelisted resources are served with appropriate
+the <a href="https://developer.chrome.com/extensions/extension#method-getURL">extension.getURL</a> method. Allowlisted resources are served with appropriate
 <a href="https://www.w3.org/TR/cors/">CORS</a> headers, so they're available via
 mechanisms like XHR.
 </p>
@@ -45,7 +45,7 @@ owned by the redirecting extension.</li>
 </ul>
 
 <p>
-<a href="https://developer.chrome.com/extensions/content_scripts">Content scripts</a> themselves do not need to be whitelisted.
+<a href="https://developer.chrome.com/extensions/content_scripts">Content scripts</a> themselves do not need to be allowlisted.
 </p>
 
 <p>
@@ -63,13 +63,13 @@ attack surface and protect the privacy of users.
 
 <p>
 Resources inside of packages using <a href="https://developer.chrome.com/extensions/manifest#manifest_version"><code>manifest_version</code></a>
-2 or above are <strong>blocked by default</strong>, and must be whitelisted
+2 or above are <strong>blocked by default</strong>, and must be allowlisted
 for use via this property.
 </p>
 
 <p>
 Resources inside of packages using <code>manifest_version</code> 1 are available
 by default, but <em>if</em> you do set this property, then it will be treated as
-a complete list of all whitelisted resources. Resources not listed will be
+a complete list of all allowlisted resources. Resources not listed will be
 blocked.
 </p>

chrome/common/extensions/docs/templates/articles/manifestVersion.html

@@ -102,7 +102,7 @@
       A package's resources are no longer available by default to external
       websites (as the <code>src</code> of an image, or a <code>script</code>
       tag). If you want a website to be able to load a resource contained in
-      your package, you'll need to explicitly whitelist it via the
+      your package, you'll need to explicitly allowlist it via the
       <a href="manifest/web_accessible_resources">
         <code>web_accessible_resources</code>
       </a> manifest attribute. This is particularly relevant for extensions that

chrome/common/extensions/docs/templates/articles/messaging.html

@@ -223,7 +223,7 @@ methods. Here's an example of each:
 // For simple requests:
 chrome.runtime.onMessageExternal.addListener(
   function(request, sender, sendResponse) {
-    if (sender.id == blacklistedExtension)
+    if (sender.id == blocklistedExtension)
       return;  // don't allow this extension access
     else if (request.getTargetData)
       sendResponse({targetData: targetData});
@@ -312,7 +312,7 @@ Here is an example:
 <pre>
 chrome.runtime.onMessageExternal.addListener(
   function(request, sender, sendResponse) {
-    if (sender.url == blacklistedWebsite)
+    if (sender.url == blocklistedWebsite)
       return;  // don't allow this web page access
     if (request.openUrlInEditor)
       openUrl(request.openUrlInEditor);

chrome/common/extensions/docs/templates/articles/nativeMessaging.html

@@ -130,7 +130,7 @@ size of the message sent to the native messaging host is 4 GB.
 
 <p>
 The first argument to the native messaging host is the origin of the caller,
-usually <code>chrome-extension://[ID of whitelisted extension]</code>.
+usually <code>chrome-extension://[ID of allowed extension]</code>.
 This allows native messaging hosts to identify the source of the message when
 multiple extensions are specified in the <code>allowed_origins</code> key in the
 <a href="#native-messaging-host-manifest">native messaging host manifest</a>.

chrome/common/extensions/docs/templates/articles/tut_migration_to_manifest_v2.html

@@ -110,7 +110,7 @@ followed by more detailed summaries of what these changes mean and why they were
       <li>Consider downloading the library and
         packaging it in your extension,
         then loading it from the local package.</li>
-      <li>Whitelist the HTTPS domain that serves the resource
+      <li>Allowlist the HTTPS domain that serves the resource
         in the "content_security_policy" part of your manifest.</li>
     </ul>
 </ul>
@@ -265,7 +265,7 @@ If your extension embeds resources (like images, script, CSS styles, etc)
 that are used in content scripts that are injected into web pages,
 you need to use the
 <a href="manifest/web_accessible_resources">web_accessible_resources</a> property
-to whitelist these resources so that external Web pages can use them:
+to allowlist these resources so that external Web pages can use them:
 </p>
 
 <pre data-filename="manifest.json">
@@ -292,7 +292,7 @@ There are two ways to do this:
 <ol>
   <li>Download the relevant library locally (like jQuery)
     and package it with your extension.</li>
-    <li>You can relax the CSP in a limited way by whitelisting HTTPS origins
+    <li>You can relax the CSP in a limited way by allowlisting HTTPS origins
       in the “content_security_policy” section of your manifest.
       To include a library like Google Analytics, this is the approach to take:
       <pre data-filename="manifest.json">

chrome/common/extensions/docs/templates/intros/feedbackPrivate.html

@@ -34,7 +34,7 @@ for up to a day.
 
 <p class="note">
 <b>Note:</b>
-The feedbackPrivate API can also be used by whitelisted apps to provide
+The feedbackPrivate API can also be used by particular apps to provide
 a custom feedback UI and send Chrome Feedback. The productId field in
 the feedbackInfo structure can be given to override the product ID to
 be sent with the feedback report. This will allow the app to send

chrome/common/extensions/docs/templates/intros/networkingPrivate.html

 <h2 id="code">Implemention of the Chrome Networking Private API</h2>
 
 <p>
-The Networking Private API is designed to allow whitelisted apps and
+The Networking Private API is designed to allow particular apps and
 extensions to view and configure the networks available on a device.
 </p>
 
@@ -14,5 +14,5 @@ Open Network Configuration</a> to describe network types and properties.
 <b>Note:</b>
 The networkingPrivate API is in active development and is primarily supported
 on Chrome OS, with a subset supported on Windows and OSX for WiFi configuration.
-It is currently only available to whitelisted apps.
+It is currently only available to allowlisted apps.
 </p>