Revert 109213 - Take script URLs into account when applying script content settings.

<cmp> We suspect this CL caused a performance regression on chromium.perf.
      Reverting to see if this is the source of the regression.

Transmit script content settings to the renderer. Use the script URL as the secondary URL
for the content setting rules.

BUG=90840
TEST=ChromeRenderViewTest.ContentSettings(Allow|Block)Scripts


Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=109005

Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=109036

Review URL: http://codereview.chromium.org/8409006

TBR=marja@chromium.org
Review URL: http://codereview.chromium.org/8510040

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@109362 0039d316-1c4b-4281-b951-d872f2087c98

8 files changed, 55 insertions, 183 deletions

diff --git a/chrome/renderer/chrome_content_renderer_client.cc b/chrome/renderer/chrome_content_renderer_client.cc
index 7cf200c..a13506c 100644
--- a/chrome/renderer/chrome_content_renderer_client.cc
+++ b/chrome/renderer/chrome_content_renderer_client.cc
@@ -219,8 +219,8 @@ void ChromeContentRendererClient::RenderViewCreated(
   if (chrome_observer_.get()) {
     content_settings->SetDefaultContentSettings(
         chrome_observer_->default_content_settings());
-    content_settings->SetContentSettingRules(
-        chrome_observer_->content_setting_rules());
+    content_settings->SetImageSettingRules(
+        chrome_observer_->image_setting_rules());
   }
   new ExtensionHelper(render_view, extension_dispatcher_.get());
   new PageLoadHistograms(render_view, histogram_snapshots_.get());
diff --git a/chrome/renderer/chrome_render_process_observer.cc b/chrome/renderer/chrome_render_process_observer.cc
index 0b2fd95..2d7efcb 100644
--- a/chrome/renderer/chrome_render_process_observer.cc
+++ b/chrome/renderer/chrome_render_process_observer.cc
@@ -267,8 +267,8 @@ bool ChromeRenderProcessObserver::OnControlMessageReceived(
                         OnSetDefaultContentSettings)
     IPC_MESSAGE_HANDLER(ChromeViewMsg_SetContentSettingsForCurrentURL,
                         OnSetContentSettingsForCurrentURL)
-    IPC_MESSAGE_HANDLER(ChromeViewMsg_SetContentSettingRules,
-                        OnSetContentSettingRules)
+    IPC_MESSAGE_HANDLER(ChromeViewMsg_SetImageSettingRules,
+                        OnSetImageSettingRules)
     IPC_MESSAGE_HANDLER(ChromeViewMsg_SetCacheCapacities, OnSetCacheCapacities)
     IPC_MESSAGE_HANDLER(ChromeViewMsg_ClearCache, OnClearCache)
     IPC_MESSAGE_HANDLER(ChromeViewMsg_SetFieldTrialGroup, OnSetFieldTrialGroup)
@@ -310,9 +310,9 @@ void ChromeRenderProcessObserver::OnSetDefaultContentSettings(
   default_content_settings_ = content_settings;
 }
 
-void ChromeRenderProcessObserver::OnSetContentSettingRules(
-    const RendererContentSettingRules& rules) {
-  content_setting_rules_ = rules;
+void ChromeRenderProcessObserver::OnSetImageSettingRules(
+    const ContentSettingsForOneType& settings) {
+  image_setting_rules_ = settings;
 }
 
 void ChromeRenderProcessObserver::OnSetCacheCapacities(size_t min_dead_capacity,
@@ -430,9 +430,9 @@ void ChromeRenderProcessObserver::ExecutePendingClearCache() {
   }
 }
 
-const RendererContentSettingRules*
-ChromeRenderProcessObserver::content_setting_rules() const {
-  return &content_setting_rules_;
+const ContentSettingsForOneType*
+ChromeRenderProcessObserver::image_setting_rules() const {
+  return &image_setting_rules_;
 }
 
 const ContentSettings*
diff --git a/chrome/renderer/chrome_render_process_observer.h b/chrome/renderer/chrome_render_process_observer.h
index 74ab740..e3ba711 100644
--- a/chrome/renderer/chrome_render_process_observer.h
+++ b/chrome/renderer/chrome_render_process_observer.h
@@ -45,9 +45,9 @@ class ChromeRenderProcessObserver : public content::RenderProcessObserver {
   // |ChromeRenderProcessObserver|.
   const ContentSettings* default_content_settings() const;
 
-  // Returns a pointer to the content setting rules owned by
+  // Returns a pointer to the image setting rules owned by
   // |ChromeRenderProcessObserver|.
-  const RendererContentSettingRules* content_setting_rules() const;
+  const ContentSettingsForOneType* image_setting_rules() const;
 
  private:
   // RenderProcessObserver implementation.
@@ -58,7 +58,7 @@ class ChromeRenderProcessObserver : public content::RenderProcessObserver {
   void OnSetContentSettingsForCurrentURL(
       const GURL& url, const ContentSettings& content_settings);
   void OnSetDefaultContentSettings(const ContentSettings& content_settings);
-  void OnSetContentSettingRules(const RendererContentSettingRules& rules);
+  void OnSetImageSettingRules(const ContentSettingsForOneType& settings);
   void OnSetCacheCapacities(size_t min_dead_capacity,
                             size_t max_dead_capacity,
                             size_t capacity);
@@ -80,7 +80,7 @@ class ChromeRenderProcessObserver : public content::RenderProcessObserver {
   // If true, the web cache shall be cleared before the next navigation event.
   bool clear_cache_pending_;
   ContentSettings default_content_settings_;
-  RendererContentSettingRules content_setting_rules_;
+  ContentSettingsForOneType image_setting_rules_;
 
   DISALLOW_COPY_AND_ASSIGN(ChromeRenderProcessObserver);
 };
diff --git a/chrome/renderer/chrome_render_view_observer.cc b/chrome/renderer/chrome_render_view_observer.cc
index fef6187..2fd19c5 100644
--- a/chrome/renderer/chrome_render_view_observer.cc
+++ b/chrome/renderer/chrome_render_view_observer.cc
@@ -423,15 +423,6 @@ bool ChromeRenderViewObserver::allowScript(WebFrame* frame,
   return content_settings_->AllowScript(frame, enabled_per_settings);
 }
 
-bool ChromeRenderViewObserver::allowScriptFromSource(
-    WebFrame* frame,
-    bool enabled_per_settings,
-    const WebURL& script_url) {
-  return content_settings_->AllowScriptFromSource(frame,
-                                                  enabled_per_settings,
-                                                  script_url);
-}
-
 bool ChromeRenderViewObserver::allowScriptExtension(
     WebFrame* frame, const WebString& extension_name, int extension_group) {
   return extension_dispatcher_->AllowScriptExtension(
diff --git a/chrome/renderer/chrome_render_view_observer.h b/chrome/renderer/chrome_render_view_observer.h
index c3e5fca..f0d8e82 100644
--- a/chrome/renderer/chrome_render_view_observer.h
+++ b/chrome/renderer/chrome_render_view_observer.h
@@ -90,9 +90,6 @@ class ChromeRenderViewObserver : public content::RenderViewObserver,
                             bool enabled_per_settings) OVERRIDE;
   virtual bool allowScript(WebKit::WebFrame* frame,
                            bool enabled_per_settings) OVERRIDE;
-  virtual bool allowScriptFromSource(WebKit::WebFrame* frame,
-                                     bool enabled_per_settings,
-                                     const WebKit::WebURL& script_url) OVERRIDE;
   virtual bool allowScriptExtension(WebKit::WebFrame* frame,
                                     const WebKit::WebString& extension_name,
                                     int extension_group) OVERRIDE;
diff --git a/chrome/renderer/content_settings_observer.cc b/chrome/renderer/content_settings_observer.cc
index 3d1bfac..24b0db3 100644
--- a/chrome/renderer/content_settings_observer.cc
+++ b/chrome/renderer/content_settings_observer.cc
@@ -59,21 +59,6 @@ GURL GetOriginOrURL(const WebFrame* frame) {
   return GURL(top_origin);
 }
 
-ContentSetting GetContentSettingFromRules(
-    const ContentSettingsForOneType& rules,
-    const GURL& primary_url,
-    const GURL& secondary_url) {
-  ContentSettingsForOneType::const_iterator it;
-  for (it = rules.begin(); it != rules.end(); ++it) {
-    if (it->primary_pattern.Matches(primary_url) &&
-        it->secondary_pattern.Matches(secondary_url)) {
-      return it->setting;
-    }
-  }
-  NOTREACHED();
-  return CONTENT_SETTING_DEFAULT;
-}
-
 }  // namespace
 
 ContentSettingsObserver::ContentSettingsObserver(
@@ -81,7 +66,7 @@ ContentSettingsObserver::ContentSettingsObserver(
     : content::RenderViewObserver(render_view),
       content::RenderViewObserverTracker<ContentSettingsObserver>(render_view),
       default_content_settings_(NULL),
-      content_setting_rules_(NULL),
+      image_setting_rules_(NULL),
       plugins_temporarily_allowed_(false) {
   ClearBlockedContentSettings();
 }
@@ -99,9 +84,9 @@ void ContentSettingsObserver::SetDefaultContentSettings(
   default_content_settings_ = settings;
 }
 
-void ContentSettingsObserver::SetContentSettingRules(
-    const RendererContentSettingRules* content_setting_rules) {
-  content_setting_rules_ = content_setting_rules;
+void ContentSettingsObserver::SetImageSettingRules(
+    const ContentSettingsForOneType* image_setting_rules) {
+  image_setting_rules_ = image_setting_rules;
 }
 
 ContentSetting ContentSettingsObserver::GetContentSetting(
@@ -147,10 +132,9 @@ void ContentSettingsObserver::DidCommitProvisionalLoad(
   NavigationState* state = NavigationState::FromDataSource(frame->dataSource());
   if (!state->was_within_same_page()) {
     // Clear "block" flags for the new page. This needs to happen before any of
-    // |AllowScript()|, |AllowScriptFromSource()|, |AllowImage()|, or
-    // |AllowPlugins()| is called for the new page so that these functions can
-    // correctly detect that a piece of content flipped from "not blocked" to
-    // "blocked".
+    // allowScripts(), allowImage(), allowPlugins() is called for the new page
+    // so that these functions can correctly detect that a piece of content
+    // flipped from "not blocked" to "blocked".
     ClearBlockedContentSettings();
     plugins_temporarily_allowed_ = false;
   }
@@ -233,12 +217,19 @@ bool ContentSettingsObserver::AllowImage(WebFrame* frame,
     return true;
 
   bool allow = enabled_per_settings;
-  if (content_setting_rules_ && enabled_per_settings) {
-    const GURL& primary_url = GetOriginOrURL(frame);
-    GURL secondary_url(image_url);
-    allow = GetContentSettingFromRules(
-        content_setting_rules_->image_rules,
-        primary_url, secondary_url) != CONTENT_SETTING_BLOCK;
+  const GURL& primary_url = GetOriginOrURL(frame);
+  GURL secondary_url(image_url);
+  if (image_setting_rules_ &&
+      enabled_per_settings) {
+    ContentSettingsForOneType::const_iterator it;
+    for (it = image_setting_rules_->begin();
+         it != image_setting_rules_->end(); ++it) {
+      if (it->primary_pattern.Matches(primary_url) &&
+          it->secondary_pattern.Matches(secondary_url)) {
+        allow = (it->setting != CONTENT_SETTING_BLOCK);
+        break;
+      }
+    }
   }
 
   if (!allow)
@@ -268,38 +259,15 @@ bool ContentSettingsObserver::AllowPlugins(WebFrame* frame,
 
 bool ContentSettingsObserver::AllowScript(WebFrame* frame,
                                           bool enabled_per_settings) {
-  if (!enabled_per_settings)
-    return false;
-  if (IsWhitelistedForContentSettings(frame))
+  if (enabled_per_settings &&
+      AllowContentType(CONTENT_SETTINGS_TYPE_JAVASCRIPT)) {
     return true;
-
-  if (content_setting_rules_) {
-    const GURL& primary_url = GetOriginOrURL(frame);
-    GURL secondary_url(frame->document().securityOrigin().toString());
-    return (GetContentSettingFromRules(
-        content_setting_rules_->script_rules,
-        primary_url, secondary_url) != CONTENT_SETTING_BLOCK);
   }
-  return true;
-}
 
-bool ContentSettingsObserver::AllowScriptFromSource(
-    WebFrame* frame,
-    bool enabled_per_settings,
-    const WebKit::WebURL& script_url) {
-  if (!enabled_per_settings)
-    return false;
   if (IsWhitelistedForContentSettings(frame))
     return true;
 
-  if (content_setting_rules_) {
-    const GURL& primary_url = GetOriginOrURL(frame);
-    GURL secondary_url(script_url);
-    return (GetContentSettingFromRules(
-        content_setting_rules_->script_rules,
-        primary_url, secondary_url) != CONTENT_SETTING_BLOCK);
-  }
-  return true;
+  return false;  // Other protocols fall through here.
 }
 
 bool ContentSettingsObserver::AllowStorage(WebFrame* frame, bool local) {
diff --git a/chrome/renderer/content_settings_observer.h b/chrome/renderer/content_settings_observer.h
index dd9c7b9..acff53b 100644
--- a/chrome/renderer/content_settings_observer.h
+++ b/chrome/renderer/content_settings_observer.h
@@ -34,11 +34,11 @@ class ContentSettingsObserver
   // allowPlugins().
   void SetDefaultContentSettings(const ContentSettings* settings);
 
-  // Sets the content setting rules which back |AllowImage()|, |AllowScript()|,
-  // and |AllowScriptFromSource()|. |content_setting_rules| must outlive this
+  // Sets the image setting rules which back |allowImage()|. The
+  // |ContentSettingsForOneType| object must outlive this
   // |ContentSettingsObserver|.
-  void SetContentSettingRules(
-      const RendererContentSettingRules* content_setting_rules);
+  void SetImageSettingRules(
+      const ContentSettingsForOneType* image_setting_rules);
 
   // Returns the setting for the given type.
   ContentSetting GetContentSetting(ContentSettingsType type);
@@ -68,8 +68,6 @@ class ContentSettingsObserver
                       const WebKit::WebSecurityOrigin& origin);
   bool AllowPlugins(WebKit::WebFrame* frame, bool enabled_per_settings);
   bool AllowScript(WebKit::WebFrame* frame, bool enabled_per_settings);
-  bool AllowScriptFromSource(WebKit::WebFrame* frame, bool enabled_per_settings,
-                             const WebKit::WebURL& script_url);
   bool AllowStorage(WebKit::WebFrame* frame, bool local);
   void DidNotAllowPlugins(WebKit::WebFrame* frame);
   void DidNotAllowScript(WebKit::WebFrame* frame);
@@ -104,11 +102,10 @@ class ContentSettingsObserver
   // Stores if loading of scripts and plugins is allowed.
   ContentSettings current_content_settings_;
 
-  // A pointer to content setting rules stored by the renderer. Normally, the
-  // |RendererContentSettingRules| object is owned by
-  // |ChromeRenderProcessObserver|. In the tests it is owned by the caller of
-  // |SetContentSettingRules|.
-  const RendererContentSettingRules* content_setting_rules_;
+  // Stores the rules for image content settings. Normally, they are owned by
+  // |ChromeRenderProcessObserver|. In the tests they are owned by the caller of
+  // |SetImageSettingRules|.
+  const ContentSettingsForOneType* image_setting_rules_;
 
   // Stores if images, scripts, and plugins have actually been blocked.
   bool content_blocked_[CONTENT_SETTINGS_NUM_TYPES];
diff --git a/chrome/renderer/content_settings_observer_browsertest.cc b/chrome/renderer/content_settings_observer_browsertest.cc
index 78c7d21..8bde493 100644
--- a/chrome/renderer/content_settings_observer_browsertest.cc
+++ b/chrome/renderer/content_settings_observer_browsertest.cc
@@ -105,18 +105,13 @@ TEST_F(ChromeRenderViewTest, JSBlockSentAfterPageLoad) {
   LoadHTML(html.c_str());
 
   // 2. Block JavaScript.
-  RendererContentSettingRules content_setting_rules;
-  ContentSettingsForOneType& script_setting_rules =
-      content_setting_rules.script_rules;
-  script_setting_rules.push_back(
-      ContentSettingPatternSource(
-          ContentSettingsPattern::Wildcard(),
-          ContentSettingsPattern::Wildcard(),
-          CONTENT_SETTING_BLOCK,
-          "",
-          false));
+  ContentSettings settings;
+  for (int i = 0; i < CONTENT_SETTINGS_NUM_TYPES; ++i)
+    settings.settings[i] = CONTENT_SETTING_ALLOW;
+  settings.settings[CONTENT_SETTINGS_TYPE_JAVASCRIPT] = CONTENT_SETTING_BLOCK;
   ContentSettingsObserver* observer = ContentSettingsObserver::Get(view_);
-  observer->SetContentSettingRules(&content_setting_rules);
+  observer->SetContentSettings(settings);
+  observer->SetDefaultContentSettings(&settings);
 
   // Make sure no pending messages are in the queue.
   ProcessPendingMessages();
@@ -179,9 +174,7 @@ TEST_F(ChromeRenderViewTest, ImagesBlockedByDefault) {
   LoadHTML("<html>Foo</html>");
 
   // Set the default image blocking setting.
-  RendererContentSettingRules content_setting_rules;
-  ContentSettingsForOneType& image_setting_rules =
-      content_setting_rules.image_rules;
+  ContentSettingsForOneType image_setting_rules;
   image_setting_rules.push_back(
       ContentSettingPatternSource(ContentSettingsPattern::Wildcard(),
                                   ContentSettingsPattern::Wildcard(),
@@ -190,7 +183,7 @@ TEST_F(ChromeRenderViewTest, ImagesBlockedByDefault) {
                                   false));
 
   ContentSettingsObserver* observer = ContentSettingsObserver::Get(view_);
-  observer->SetContentSettingRules(&content_setting_rules);
+  observer->SetImageSettingRules(&image_setting_rules);
   EXPECT_CALL(mock_observer,
               OnContentBlocked(CONTENT_SETTINGS_TYPE_IMAGES, std::string()));
   EXPECT_FALSE(observer->AllowImage(GetMainFrame(),
@@ -222,9 +215,7 @@ TEST_F(ChromeRenderViewTest, ImagesAllowedByDefault) {
   LoadHTML("<html>Foo</html>");
 
   // Set the default image blocking setting.
-  RendererContentSettingRules content_setting_rules;
-  ContentSettingsForOneType& image_setting_rules =
-      content_setting_rules.image_rules;
+  ContentSettingsForOneType image_setting_rules;
   image_setting_rules.push_back(
       ContentSettingPatternSource(ContentSettingsPattern::Wildcard(),
                                   ContentSettingsPattern::Wildcard(),
@@ -233,7 +224,7 @@ TEST_F(ChromeRenderViewTest, ImagesAllowedByDefault) {
                                   false));
 
   ContentSettingsObserver* observer = ContentSettingsObserver::Get(view_);
-  observer->SetContentSettingRules(&content_setting_rules);
+  observer->SetImageSettingRules(&image_setting_rules);
   EXPECT_CALL(
       mock_observer,
       OnContentBlocked(CONTENT_SETTINGS_TYPE_IMAGES, std::string())).Times(0);
@@ -256,75 +247,3 @@ TEST_F(ChromeRenderViewTest, ImagesAllowedByDefault) {
                                     true, mock_observer.image_url_));
   ::testing::Mock::VerifyAndClearExpectations(&observer);
 }
-
-TEST_F(ChromeRenderViewTest, ContentSettingsBlockScripts) {
-  // Set the content settings for scripts.
-  RendererContentSettingRules content_setting_rules;
-  ContentSettingsForOneType& script_setting_rules =
-      content_setting_rules.script_rules;
-  script_setting_rules.push_back(
-      ContentSettingPatternSource(
-          ContentSettingsPattern::Wildcard(),
-          ContentSettingsPattern::Wildcard(),
-          CONTENT_SETTING_BLOCK,
-          "",
-          false));
-
-  ContentSettingsObserver* observer = ContentSettingsObserver::Get(view_);
-  observer->SetContentSettingRules(&content_setting_rules);
-
-  // Load a page which contains a script.
-  std::string html = "<html>"
-                     "<head>"
-                     "<script src='data:foo'></script>"
-                     "</head>"
-                     "<body>"
-                     "</body>"
-                     "</html>";
-  LoadHTML(html.c_str());
-
-  // Verify that the script was blocked.
-  bool was_blocked = false;
-  for (size_t i = 0; i < render_thread_->sink().message_count(); ++i) {
-    const IPC::Message* msg = render_thread_->sink().GetMessageAt(i);
-    if (msg->type() == ChromeViewHostMsg_ContentBlocked::ID)
-      was_blocked = true;
-  }
-  EXPECT_TRUE(was_blocked);
-}
-
-TEST_F(ChromeRenderViewTest, ContentSettingsAllowScripts) {
-  // Set the content settings for scripts.
-  RendererContentSettingRules content_setting_rules;
-  ContentSettingsForOneType& script_setting_rules =
-      content_setting_rules.script_rules;
-  script_setting_rules.push_back(
-      ContentSettingPatternSource(
-          ContentSettingsPattern::Wildcard(),
-          ContentSettingsPattern::Wildcard(),
-          CONTENT_SETTING_ALLOW,
-          "",
-          false));
-
-  ContentSettingsObserver* observer = ContentSettingsObserver::Get(view_);
-  observer->SetContentSettingRules(&content_setting_rules);
-
-  // Load a page which contains a script.
-  std::string html = "<html>"
-                     "<head>"
-                     "<script src='data:foo'></script>"
-                     "</head>"
-                     "<body>"
-                     "</body>"
-                     "</html>";
-  LoadHTML(html.c_str());
-
-  // Verify that the script was not blocked.
-  bool was_blocked = false;
-  for (size_t i = 0; i < render_thread_->sink().message_count(); ++i) {
-    const IPC::Message* msg = render_thread_->sink().GetMessageAt(i);
-    if (msg->type() == ChromeViewHostMsg_ContentBlocked::ID)
-      was_blocked = true;
-  }
-  EXPECT_FALSE(was_blocked);
-}