Enable Javascript and images for AW committed interstitials

We are converting Android WebView Safe Browsing interstitials to
committed interstitials, so that interstitials work more like other
error pages. In WebView, existing error pages don't need to run JS,
but interstitials do. This CL forces images and scripts to be enabled
for error pages so that interstitials work properly (e.g., clicking on
buttons works) even if the app has disabled JS for web content. Images
and script are force-enabled by allowlisting the underlying error page
URL in AwContentSettingsClient, similar to how content settings are
allowlisted for error pages in ContentSettingsAgentImpl for Chrome
(https://cs.chromium.org/chromium/src/chrome/renderer/content_settings_agent_impl.cc?type=cs&sq=package:chromium&g=0&l=616).

I have not added tests in this CL because this will already be covered
by existing Safe Browsing WebView tests once they are switched over to
use committed interstitials
(https://chromium-review.googlesource.com/c/chromium/src/+/1909276/). This
CL can be manually tested by visiting a link on
https://testsafebrowsing.appspot.com in an app that has Javascript
disabled for WebView and clicking the "Details" link and observing
that the interstitial UI changes.

Bug: 1018809
Change-Id: I46f71738a2af3ff7361922ef0cde1522bcfb6e3e
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2017987Reviewed-by: Carlos IL <carlosil@chromium.org>
Reviewed-by: Bo <boliu@chromium.org>
Commit-Queue: Emily Stark <estark@chromium.org>
Cr-Commit-Position: refs/heads/master@{#734964}

android_webview/renderer/aw_content_settings_client.cc

@@ -4,6 +4,7 @@
 
 #include "android_webview/renderer/aw_content_settings_client.h"
 
+#include "content/public/common/url_constants.h"
 #include "content/public/common/web_preferences.h"
 #include "content/public/renderer/render_frame.h"
 #include "third_party/blink/public/platform/web_url.h"
@@ -34,6 +35,22 @@ AwContentSettingsClient::AwContentSettingsClient(
 AwContentSettingsClient::~AwContentSettingsClient() {
 }
 
+bool AwContentSettingsClient::AllowImage(bool enabled_per_settings,
+                                         const blink::WebURL& image_url) {
+  if (ShouldAllowlistForContentSettings()) {
+    return true;
+  }
+  return blink::WebContentSettingsClient::AllowImage(enabled_per_settings,
+                                                     image_url);
+}
+
+bool AwContentSettingsClient::AllowScript(bool enabled_per_settings) {
+  if (ShouldAllowlistForContentSettings()) {
+    return true;
+  }
+  return blink::WebContentSettingsClient::AllowScript(enabled_per_settings);
+}
+
 bool AwContentSettingsClient::AllowRunningInsecureContent(
     bool enabled_per_settings,
     const blink::WebURL& url) {
@@ -48,4 +65,9 @@ void AwContentSettingsClient::OnDestruct() {
   delete this;
 }
 
+bool AwContentSettingsClient::ShouldAllowlistForContentSettings() const {
+  return render_frame()->GetWebFrame()->GetDocument().Url().GetString() ==
+         content::kUnreachableWebDataURL;
+}
+
 }  // namespace android_webview

android_webview/renderer/aw_content_settings_client.h

@@ -24,10 +24,15 @@ class AwContentSettingsClient : public content::RenderFrameObserver,
   void OnDestruct() override;
 
   // blink::WebContentSettingsClient implementation.
+  bool AllowImage(bool enabled_per_settings,
+                  const blink::WebURL& image_url) override;
+  bool AllowScript(bool enabled_per_settings) override;
   bool AllowRunningInsecureContent(bool enabled_per_settings,
                                    const blink::WebURL& url) override;
   bool ShouldAutoupgradeMixedContent() override;
 
+  bool ShouldAllowlistForContentSettings() const;
+
   DISALLOW_COPY_AND_ASSIGN(AwContentSettingsClient);
 };