Add `devtools:` as a secure context. We trust `devtools:` in the same way we trust `chrome:`. We should consider these resources to be secure contexts, as this will enable us to harden them with mechanisms like Trusted Types that are only available in such contexts. Bug: 1070526 Change-Id: I0ac60c642e1afd3f81d669d60a399a94ab0f0751 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2145882 Reviewed-by: Alex Moshchuk <alexmos@chromium.org> Commit-Queue: Mike West <mkwst@chromium.org> Cr-Commit-Position: refs/heads/master@{#759163}

commit: cac85e1889906fd2ec977705f91b1cfe25eba22c [log] [tgz]
author: Mike West <mkwst@chromium.org> Wed Apr 15 06:57:00 2020
committer: Commit Bot <commit-bot@chromium.org> Wed Apr 15 06:57:00 2020
tree: d1a3225da8db33339a77ae8610fc91ef6b70c033
parent: 6df9d63f2edc4facbd2d9fe1892fa3ca6090dabb [diff]
diff --git a/content/common/url_schemes.cc b/content/common/url_schemes.cc
index d0a31f2..c00901a2 100644
--- a/content/common/url_schemes.cc
+++ b/content/common/url_schemes.cc

@@ -69,6 +69,7 @@
   for (auto& scheme : schemes.referrer_schemes)
     url::AddReferrerScheme(scheme.c_str(), url::SCHEME_WITH_HOST);
 
+  schemes.secure_schemes.push_back(kChromeDevToolsScheme);
   schemes.secure_schemes.push_back(kChromeUIScheme);
   schemes.secure_schemes.push_back(kChromeUIUntrustedScheme);
   schemes.secure_schemes.push_back(kChromeErrorScheme);
commit	cac85e1889906fd2ec977705f91b1cfe25eba22c	[log] [tgz]
author	Mike West <mkwst@chromium.org>	Wed Apr 15 06:57:00 2020
committer	Commit Bot <commit-bot@chromium.org>	Wed Apr 15 06:57:00 2020
tree	d1a3225da8db33339a77ae8610fc91ef6b70c033
parent	6df9d63f2edc4facbd2d9fe1892fa3ca6090dabb [diff]