Fix crash when navigating to an unregistered scheme (fixes issue #3105)

The policy->CanAccessDataForOrigin CHECK in NavigationRequest::
GetOriginForURLLoaderFactory was failing because unregistered schemes
(which are already considered non-standard schemes) didn't trigger the
registered non-standard scheme allowance that we previously added in
ChildProcessSecurityPolicyImpl::CanAccessDataForOrigin. This change
modifies GetOriginForURLLoaderFactory to always return an opaque/unique
origin for non-standard schemes resulting in unregistered and non-standard
schemes receiving the same treatment.

New test coverage has been added for this condition, and can be run with:
ceftests --gtest_filter=CorsTest.*CustomUnregistered*

patch/patches/browser_security_policy_1081397.patch

@@ -19,3 +19,20 @@ index 52ebdbbc7c2e..822f2e41afec 100644
            }
  
            // TODO(wjmaclean): We should update the ProcessLock comparison API
+diff --git content/browser/renderer_host/navigation_request.cc content/browser/renderer_host/navigation_request.cc
+index dae1c91d2d72..c48bd5ea1fb7 100644
+--- content/browser/renderer_host/navigation_request.cc
++++ content/browser/renderer_host/navigation_request.cc
+@@ -4871,6 +4871,12 @@ url::Origin NavigationRequest::GetOriginForURLLoaderFactory() {
+ 
+   // Calculate an approximation of the origin. The sandbox/csp are ignored.
+   url::Origin origin = GetOriginForURLLoaderFactoryUnchecked(this);
++  if (!origin.GetURL().IsStandard()) {
++    // Always return an opaque origin for non-standard URLs. Otherwise, the
++    // below CanAccessDataForOrigin() check may fail for unregistered custom
++    // scheme requests in CEF.
++    return origin.DeriveNewOpaqueOrigin();
++  }
+ 
+   // Apply sandbox flags.
+   // See https://html.spec.whatwg.org/#sandboxed-origin-browsing-context-flag