Resource requests from Save-Page-As should go through CanRequestURL checks.

This CL:

- Added checks to ResourceDispatcherHostImpl::BeginSaveFile to verify if
  the renderer process is authorized to access a given resource.

- Removed separate code path for file: URIs that used to be implemented
  in SaveFileManager::SaveLocalFile.  Avoiding a separate code path
  helps consolidate all authorization checks in one place.

BUG=616429

Review-Url: https://codereview.chromium.org/2075273002
Cr-Commit-Position: refs/heads/master@{#408235}
(cherry picked from commit eff8e457298d01b437e4fd78194ad6de3c8d7ad6)

Review URL: https://codereview.chromium.org/2187353004 .

Cr-Commit-Position: refs/branch-heads/2785@{#394}
Cr-Branched-From: 68623971be0cfc492a2cb0427d7f478e7b214c24-refs/heads/master@{#403382}
13 files changed