Replace security state workaround in CanAccessDataForOrigin()

- Replace workaround with code that is more strict about enforcing
  security policy during child process shutdown. The old code would
  always allow data access for IDs not in the security_state_ map. The
  new code adds a pending map so we can deal with UI/IO thread races
  during child process removal AND rejects any unknown IDs.

- Fixed a test that depended on the old behavior where unknown IDs
  always allowed access.

Bug: 898281, 600441, 915203
Change-Id: I26ca1e48536672b05d2310d8a17be47d5b6ef5c7
Reviewed-on: https://chromium-review.googlesource.com/c/1382855
Commit-Queue: Aaron Colwell <acolwell@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Alex Moshchuk <alexmos@chromium.org>
Cr-Commit-Position: refs/heads/master@{#617937}
7 files changed