Simple PoC to leak contents from embedded origin using Chrome's PNaCl plugin
url_loader.cc to your desired exfiltration target.
url_loader_handler.cc to your leak destination. Note that this destination needs to allow CORS access from embedded origin, and leak destination's response body needs to be
For more details about PNaCl_Leaker read following post.