diff --git a/chrome/browser/extensions/activity_log/activity_log.cc b/chrome/browser/extensions/activity_log/activity_log.cc
index 7fa22ae27178d..52a0b46b51d97 100644
--- a/chrome/browser/extensions/activity_log/activity_log.cc
+++ b/chrome/browser/extensions/activity_log/activity_log.cc
@@ -208,7 +208,7 @@ bool GetUrlForTabId(int tab_id,
 
   if (found) {
     *url = contents->GetURL();
-    *is_incognito = browser->profile()->IsOffTheRecord();
+    *is_incognito = false; //browser->profile()->IsOffTheRecord();
     return true;
   } else {
     return false;
diff --git a/chrome/browser/extensions/api/tabs/tabs_api.cc b/chrome/browser/extensions/api/tabs/tabs_api.cc
index 6b17d56bdcd0b..2e0b6002f876d 100644
--- a/chrome/browser/extensions/api/tabs/tabs_api.cc
+++ b/chrome/browser/extensions/api/tabs/tabs_api.cc
@@ -1878,7 +1878,7 @@ ScriptExecutor* ExecuteCodeInTabFunction::GetScriptExecutor() {
                             &contents,
                             NULL,
                             &error_) &&
-                 contents && browser;
+                   contents;
 
   if (!success)
     return NULL;
diff --git a/chrome/browser/extensions/extension_tab_util.cc b/chrome/browser/extensions/extension_tab_util.cc
index 0d87ec391fcba..23b039e5357ad 100644
--- a/chrome/browser/extensions/extension_tab_util.cc
+++ b/chrome/browser/extensions/extension_tab_util.cc
@@ -528,6 +528,15 @@ bool ExtensionTabUtil::GetTabById(int tab_id,
   Profile* incognito_profile =
       include_incognito && profile->HasOffTheRecordProfile() ?
           profile->GetOffTheRecordProfile() : NULL;
+  AppWindowRegistry* registry = AppWindowRegistry::Get(profile);
+  for (AppWindow* app_window : registry->app_windows()) {
+    WebContents* target_contents = app_window->web_contents();
+    if (SessionTabHelper::IdForTab(target_contents) == tab_id) {
+      if (contents)
+        *contents = target_contents;
+      return true;
+    }
+  }
   for (chrome::BrowserIterator it; !it.done(); it.Next()) {
     Browser* target_browser = *it;
     if (target_browser->profile() == profile ||
diff --git a/chrome/browser/ui/apps/chrome_app_delegate.cc b/chrome/browser/ui/apps/chrome_app_delegate.cc
index 585f8de16b3bc..404177d4d863c 100644
--- a/chrome/browser/ui/apps/chrome_app_delegate.cc
+++ b/chrome/browser/ui/apps/chrome_app_delegate.cc
@@ -4,6 +4,9 @@
 
 #include "chrome/browser/ui/apps/chrome_app_delegate.h"
 
+#include "chrome/browser/sessions/session_tab_helper.h"
+#include "chrome/browser/extensions/tab_helper.h"
+
 #include "base/memory/scoped_ptr.h"
 #include "base/strings/stringprintf.h"
 #include "chrome/browser/app_mode/app_mode_utils.h"
@@ -211,8 +214,14 @@ void ChromeAppDelegate::InitWebContents(content::WebContents* web_contents) {
   // may want to register as a ZoomObserver with it.
   ui_zoom::ZoomController::CreateForWebContents(web_contents);
 
+#if 1
+  extensions::TabHelper::CreateForWebContents(web_contents);
+#else
+  SessionTabHelper::CreateForWebContents(web_contents);
+  
   extensions::ChromeExtensionWebContentsObserver::CreateForWebContents(
       web_contents);
+#endif
   autofill::ChromeAutofillClient::CreateForWebContents(web_contents);
   autofill::ContentAutofillDriverFactory::CreateForWebContentsAndDelegate(
       web_contents,
diff --git a/content/browser/renderer_host/render_process_host_impl.cc b/content/browser/renderer_host/render_process_host_impl.cc
index 4a138b3c71401..c77eb3aa84270 100644
--- a/content/browser/renderer_host/render_process_host_impl.cc
+++ b/content/browser/renderer_host/render_process_host_impl.cc
@@ -228,6 +228,7 @@
 #endif
 
 #include "content/nw/src/common/shell_switches.h"
+#include "content/nw/src/nw_content.h"
 
 namespace content {
 namespace {
@@ -2017,6 +2018,8 @@ void RenderProcessHostImpl::FilterURL(RenderProcessHost* rph,
     // If this renderer is not permitted to request this URL, we invalidate the
     // URL.  This prevents us from storing the blocked URL and becoming confused
     // later.
+    if (non_web_url_in_guest && nw::RphGuestFilterURLHook(rph, url))
+      return;
     VLOG(1) << "Blocked URL " << url->spec();
     *url = GURL(url::kAboutBlankURL);
   }
diff --git a/extensions/browser/guest_view/web_view/web_view_guest.cc b/extensions/browser/guest_view/web_view/web_view_guest.cc
index 566f1d067cbdc..7ce5b73aae7a1 100644
--- a/extensions/browser/guest_view/web_view/web_view_guest.cc
+++ b/extensions/browser/guest_view/web_view/web_view_guest.cc
@@ -5,6 +5,9 @@
 #include "extensions/browser/guest_view/web_view/web_view_guest.h"
 
 #include "content/nw/src/nw_content.h"
+#include "extensions/browser/extension_registry.h"
+#include "extensions/common/manifest_handlers/webview_info.h"
+
 
 #include "base/message_loop/message_loop.h"
 #include "base/strings/stringprintf.h"
@@ -1375,6 +1378,16 @@ void WebViewGuest::LoadURLWithParams(
        !url.SchemeIs(url::kAboutScheme)) ||
       url.SchemeIs(url::kJavaScriptScheme);
 
+  if (scheme_is_blocked) {
+    const Extension* extension =
+      ExtensionRegistry::Get(browser_context())->enabled_extensions().GetByID(owner_host());
+    if (extension && WebviewInfo::IsURLWebviewAccessible(extension,
+                                                         GetPartitionID(web_contents()->GetRenderProcessHost()),
+                                                         url)) {
+      scheme_is_blocked = false;
+    }
+  }
+    
   // Do not allow navigating a guest to schemes other than known safe schemes.
   // This will block the embedder trying to load unwanted schemes, e.g.
   // chrome://.
diff --git a/extensions/common/manifest_handlers/webview_info.cc b/extensions/common/manifest_handlers/webview_info.cc
index 12bafcc3966be..21aa2e35ca319 100644
--- a/extensions/common/manifest_handlers/webview_info.cc
+++ b/extensions/common/manifest_handlers/webview_info.cc
@@ -82,6 +82,34 @@ bool WebviewInfo::IsResourceWebviewAccessible(
   return false;
 }
 
+bool WebviewInfo::IsURLWebviewAccessible(const Extension* extension,
+                                         const std::string& partition_id,
+                                         const GURL& url,
+                                         bool* file_scheme) {
+  if (!extension)
+    return false;
+
+  const WebviewInfo* webview_info = static_cast<const WebviewInfo*>(
+      extension->GetManifestData(keys::kWebviewAccessibleResources));
+  if (!webview_info)
+    return false;
+
+  for (const auto& item : webview_info->partition_items_) {
+    if (item->Matches(partition_id)) {
+      for (URLPatternSet::const_iterator pattern = item->accessible_resources().begin();
+           pattern != item->accessible_resources().end(); ++pattern) {
+        if (pattern->MatchesURL(url)) {
+          if (pattern->MatchesScheme("file") && file_scheme)
+            *file_scheme = true;
+          return true;
+        }
+      }
+    }
+  }
+
+  return false;
+}
+
 void WebviewInfo::AddPartitionItem(scoped_ptr<PartitionItem> item) {
   partition_items_.push_back(item.Pass());
 }
@@ -154,10 +182,15 @@ bool WebviewHandler::Parse(Extension* extension, base::string16* error) {
             errors::kInvalidWebviewAccessibleResource, base::SizeTToString(i));
         return false;
       }
+      URLPattern try_pattern(URLPattern::SCHEME_ALL);
+      if (try_pattern.Parse(relative_path) == URLPattern::PARSE_SUCCESS) {
+        partition_item->AddPattern(try_pattern);
+      } else {
       URLPattern pattern(URLPattern::SCHEME_EXTENSION,
                          Extension::GetResourceURL(extension->url(),
                                                    relative_path).spec());
       partition_item->AddPattern(pattern);
+      }
     }
     info->AddPartitionItem(partition_item.Pass());
   }
diff --git a/extensions/common/manifest_handlers/webview_info.h b/extensions/common/manifest_handlers/webview_info.h
index 887394d2dd7db..b22b917de25b4 100644
--- a/extensions/common/manifest_handlers/webview_info.h
+++ b/extensions/common/manifest_handlers/webview_info.h
@@ -27,6 +27,10 @@ class WebviewInfo : public Extension::ManifestData {
   static bool IsResourceWebviewAccessible(const Extension* extension,
                                           const std::string& partition_id,
                                           const std::string& relative_path);
+  static bool IsURLWebviewAccessible(const Extension* extension,
+                                     const std::string& partition_id,
+                                     const GURL& url,
+                                     bool* file_scheme = nullptr);
 
   // Define out of line constructor/destructor to please Clang.
   WebviewInfo(const std::string& extension_id);
diff --git a/extensions/common/permissions/permissions_data.cc b/extensions/common/permissions/permissions_data.cc
index 18aac6d25d048..ee8d19e3d6241 100644
--- a/extensions/common/permissions/permissions_data.cc
+++ b/extensions/common/permissions/permissions_data.cc
@@ -68,7 +68,8 @@ void PermissionsData::SetPolicyDelegate(PolicyDelegate* delegate) {
 bool PermissionsData::CanExecuteScriptEverywhere(const Extension* extension) {
   if (extension->is_nwjs_app())
     return true;
-  if (extension->location() == Manifest::COMPONENT)
+  if (extension->location() == Manifest::COMPONENT ||
+      extension->location() == Manifest::COMMAND_LINE)
     return true;
 
   const ExtensionsClient::ScriptingWhitelist& whitelist =
@@ -357,6 +358,9 @@ PermissionsData::AccessType PermissionsData::CanRunOnPage(
   if (HasTabSpecificPermissionToExecuteScript(tab_id, document_url))
     return ACCESS_ALLOWED;
 
+  if (extension && CanExecuteScriptEverywhere(extension))
+    return ACCESS_ALLOWED;
+
   if (permitted_url_patterns.MatchesURL(document_url))
     return ACCESS_ALLOWED;