15 files changed, 227 insertions, 65 deletions

diff --git a/chrome/browser/chrome_content_browser_client.cc b/chrome/browser/chrome_content_browser_client.cc
index 365b2b2..84e598e 100644
--- a/chrome/browser/chrome_content_browser_client.cc
+++ b/chrome/browser/chrome_content_browser_client.cc
@@ -15,6 +15,7 @@
 #include "chrome/browser/chrome_plugin_message_filter.h"
 #include "chrome/browser/chrome_quota_permission_context.h"
 #include "chrome/browser/chrome_worker_message_filter.h"
+#include "chrome/browser/content_settings/content_settings_utils.h"
 #include "chrome/browser/content_settings/cookie_settings.h"
 #include "chrome/browser/content_settings/tab_specific_content_settings.h"
 #include "chrome/browser/download/download_util.h"
@@ -317,10 +318,10 @@ void ChromeContentBrowserClient::BrowserRenderProcessHostCreated(
       profile->IsOffTheRecord()));
 
   SendExtensionWebRequestStatusToHost(host);
-  ContentSettingsForOneType settings;
-  HostContentSettingsMap* map = profile->GetHostContentSettingsMap();
-  map->GetSettingsForOneType(CONTENT_SETTINGS_TYPE_IMAGES, "", &settings);
-  host->Send(new ChromeViewMsg_SetImageSettingRules(settings));
+
+  RendererContentSettingRules rules;
+  GetRendererContentSettingRules(profile->GetHostContentSettingsMap(), &rules);
+  host->Send(new ChromeViewMsg_SetContentSettingRules(rules));
 }
 
 void ChromeContentBrowserClient::PluginProcessHostCreated(
diff --git a/chrome/browser/content_settings/content_settings_utils.cc b/chrome/browser/content_settings/content_settings_utils.cc
index 2338507..de814d9 100644
--- a/chrome/browser/content_settings/content_settings_utils.cc
+++ b/chrome/browser/content_settings/content_settings_utils.cc
@@ -14,8 +14,10 @@
 #include "base/values.h"
 #include "chrome/browser/content_settings/content_settings_provider.h"
 #include "chrome/browser/content_settings/content_settings_rule.h"
+#include "chrome/browser/content_settings/host_content_settings_map.h"
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/content_settings_pattern.h"
+#include "chrome/common/render_messages.h"
 #include "googleurl/src/gurl.h"
 
 namespace {
@@ -194,4 +196,12 @@ ContentSetting GetContentSetting(const ProviderInterface* provider,
   return ValueToContentSetting(value.get());
 }
 
+void GetRendererContentSettingRules(const HostContentSettingsMap* map,
+                                    RendererContentSettingRules* rules) {
+  map->GetSettingsForOneType(CONTENT_SETTINGS_TYPE_IMAGES, "",
+                             &(rules->image_rules));
+  map->GetSettingsForOneType(CONTENT_SETTINGS_TYPE_JAVASCRIPT, "",
+                             &(rules->script_rules));
+}
+
 }  // namespace content_settings
diff --git a/chrome/browser/content_settings/content_settings_utils.h b/chrome/browser/content_settings/content_settings_utils.h
index 4fae58c..4b0e81b 100644
--- a/chrome/browser/content_settings/content_settings_utils.h
+++ b/chrome/browser/content_settings/content_settings_utils.h
@@ -17,6 +17,7 @@ class Value;
 }
 
 class GURL;
+class HostContentSettingsMap;
 
 namespace content_settings {
 
@@ -85,6 +86,11 @@ ContentSetting GetContentSetting(
     const std::string& resource_identifier,
     bool include_incognito);
 
+// Populates |rules| with content setting rules for content types that are
+// handled by the renderer.
+void GetRendererContentSettingRules(const HostContentSettingsMap* map,
+                                    RendererContentSettingRules* rules);
+
 }  // namespace content_settings
 
 #endif  // CHROME_BROWSER_CONTENT_SETTINGS_CONTENT_SETTINGS_UTILS_H_
diff --git a/chrome/browser/content_settings/tab_specific_content_settings.cc b/chrome/browser/content_settings/tab_specific_content_settings.cc
index bee8f69..91948d5 100644
--- a/chrome/browser/content_settings/tab_specific_content_settings.cc
+++ b/chrome/browser/content_settings/tab_specific_content_settings.cc
@@ -16,6 +16,7 @@
 #include "chrome/browser/browsing_data_indexed_db_helper.h"
 #include "chrome/browser/browsing_data_local_storage_helper.h"
 #include "chrome/browser/content_settings/content_settings_details.h"
+#include "chrome/browser/content_settings/content_settings_utils.h"
 #include "chrome/browser/content_settings/host_content_settings_map.h"
 #include "chrome/browser/cookies_tree_model.h"
 #include "chrome/browser/profiles/profile.h"
@@ -490,9 +491,9 @@ void TabSpecificContentSettings::Observe(
         map->GetDefaultContentSettings()));
     Send(new ChromeViewMsg_SetContentSettingsForCurrentURL(
         entry_url, map->GetContentSettings(entry_url)));
-    ContentSettingsForOneType settings;
-    map->GetSettingsForOneType(CONTENT_SETTINGS_TYPE_IMAGES, "", &settings);
-    Send(new ChromeViewMsg_SetImageSettingRules(settings));
+    RendererContentSettingRules rules;
+    GetRendererContentSettingRules(map, &rules);
+    Send(new ChromeViewMsg_SetContentSettingRules(rules));
   }
 }
 
diff --git a/chrome/common/content_settings.cc b/chrome/common/content_settings.cc
index ecf26f8..cd30d6c 100644
--- a/chrome/common/content_settings.cc
+++ b/chrome/common/content_settings.cc
@@ -33,3 +33,7 @@ ContentSettingPatternSource::ContentSettingPatternSource(
       incognito(incognito) {}
 
 ContentSettingPatternSource::ContentSettingPatternSource() {}
+
+RendererContentSettingRules::RendererContentSettingRules() {}
+
+RendererContentSettingRules::~RendererContentSettingRules() {}
diff --git a/chrome/common/content_settings.h b/chrome/common/content_settings.h
index ec500b6..cff4102 100644
--- a/chrome/common/content_settings.h
+++ b/chrome/common/content_settings.h
@@ -76,4 +76,11 @@ struct SettingInfo {
 
 }  // namespace content_settings
 
+struct RendererContentSettingRules {
+  RendererContentSettingRules();
+  ~RendererContentSettingRules();
+  ContentSettingsForOneType image_rules;
+  ContentSettingsForOneType script_rules;
+};
+
 #endif  // CHROME_COMMON_CONTENT_SETTINGS_H_
diff --git a/chrome/common/render_messages.h b/chrome/common/render_messages.h
index 1d7b41d..89e395e 100644
--- a/chrome/common/render_messages.h
+++ b/chrome/common/render_messages.h
@@ -148,6 +148,11 @@ IPC_STRUCT_TRAITS_BEGIN(ContentSettingPatternSource)
   IPC_STRUCT_TRAITS_MEMBER(incognito)
 IPC_STRUCT_TRAITS_END()
 
+IPC_STRUCT_TRAITS_BEGIN(RendererContentSettingRules)
+  IPC_STRUCT_TRAITS_MEMBER(image_rules)
+  IPC_STRUCT_TRAITS_MEMBER(script_rules)
+IPC_STRUCT_TRAITS_END()
+
 IPC_STRUCT_TRAITS_BEGIN(ThumbnailScore)
   IPC_STRUCT_TRAITS_MEMBER(boring_score)
   IPC_STRUCT_TRAITS_MEMBER(good_clipping)
@@ -245,9 +250,9 @@ IPC_MESSAGE_CONTROL2(ChromeViewMsg_SetContentSettingsForCurrentURL,
 IPC_MESSAGE_CONTROL1(ChromeViewMsg_SetDefaultContentSettings,
                      ContentSettings /* content_settings */)
 
-// Set the content settings for images.
-IPC_MESSAGE_CONTROL1(ChromeViewMsg_SetImageSettingRules,
-                     ContentSettingsForOneType /* rules */)
+// Set the content setting rules stored by the renderer.
+IPC_MESSAGE_CONTROL1(ChromeViewMsg_SetContentSettingRules,
+                     RendererContentSettingRules /* rules */)
 
 // Tells the render view to load all blocked plugins.
 IPC_MESSAGE_ROUTED0(ChromeViewMsg_LoadBlockedPlugins)
diff --git a/chrome/renderer/chrome_content_renderer_client.cc b/chrome/renderer/chrome_content_renderer_client.cc
index a13506c..7cf200c 100644
--- a/chrome/renderer/chrome_content_renderer_client.cc
+++ b/chrome/renderer/chrome_content_renderer_client.cc
@@ -219,8 +219,8 @@ void ChromeContentRendererClient::RenderViewCreated(
   if (chrome_observer_.get()) {
     content_settings->SetDefaultContentSettings(
         chrome_observer_->default_content_settings());
-    content_settings->SetImageSettingRules(
-        chrome_observer_->image_setting_rules());
+    content_settings->SetContentSettingRules(
+        chrome_observer_->content_setting_rules());
   }
   new ExtensionHelper(render_view, extension_dispatcher_.get());
   new PageLoadHistograms(render_view, histogram_snapshots_.get());
diff --git a/chrome/renderer/chrome_render_process_observer.cc b/chrome/renderer/chrome_render_process_observer.cc
index 2d7efcb..0b2fd95 100644
--- a/chrome/renderer/chrome_render_process_observer.cc
+++ b/chrome/renderer/chrome_render_process_observer.cc
@@ -267,8 +267,8 @@ bool ChromeRenderProcessObserver::OnControlMessageReceived(
                         OnSetDefaultContentSettings)
     IPC_MESSAGE_HANDLER(ChromeViewMsg_SetContentSettingsForCurrentURL,
                         OnSetContentSettingsForCurrentURL)
-    IPC_MESSAGE_HANDLER(ChromeViewMsg_SetImageSettingRules,
-                        OnSetImageSettingRules)
+    IPC_MESSAGE_HANDLER(ChromeViewMsg_SetContentSettingRules,
+                        OnSetContentSettingRules)
     IPC_MESSAGE_HANDLER(ChromeViewMsg_SetCacheCapacities, OnSetCacheCapacities)
     IPC_MESSAGE_HANDLER(ChromeViewMsg_ClearCache, OnClearCache)
     IPC_MESSAGE_HANDLER(ChromeViewMsg_SetFieldTrialGroup, OnSetFieldTrialGroup)
@@ -310,9 +310,9 @@ void ChromeRenderProcessObserver::OnSetDefaultContentSettings(
   default_content_settings_ = content_settings;
 }
 
-void ChromeRenderProcessObserver::OnSetImageSettingRules(
-    const ContentSettingsForOneType& settings) {
-  image_setting_rules_ = settings;
+void ChromeRenderProcessObserver::OnSetContentSettingRules(
+    const RendererContentSettingRules& rules) {
+  content_setting_rules_ = rules;
 }
 
 void ChromeRenderProcessObserver::OnSetCacheCapacities(size_t min_dead_capacity,
@@ -430,9 +430,9 @@ void ChromeRenderProcessObserver::ExecutePendingClearCache() {
   }
 }
 
-const ContentSettingsForOneType*
-ChromeRenderProcessObserver::image_setting_rules() const {
-  return &image_setting_rules_;
+const RendererContentSettingRules*
+ChromeRenderProcessObserver::content_setting_rules() const {
+  return &content_setting_rules_;
 }
 
 const ContentSettings*
diff --git a/chrome/renderer/chrome_render_process_observer.h b/chrome/renderer/chrome_render_process_observer.h
index e3ba711..74ab740 100644
--- a/chrome/renderer/chrome_render_process_observer.h
+++ b/chrome/renderer/chrome_render_process_observer.h
@@ -45,9 +45,9 @@ class ChromeRenderProcessObserver : public content::RenderProcessObserver {
   // |ChromeRenderProcessObserver|.
   const ContentSettings* default_content_settings() const;
 
-  // Returns a pointer to the image setting rules owned by
+  // Returns a pointer to the content setting rules owned by
   // |ChromeRenderProcessObserver|.
-  const ContentSettingsForOneType* image_setting_rules() const;
+  const RendererContentSettingRules* content_setting_rules() const;
 
  private:
   // RenderProcessObserver implementation.
@@ -58,7 +58,7 @@ class ChromeRenderProcessObserver : public content::RenderProcessObserver {
   void OnSetContentSettingsForCurrentURL(
       const GURL& url, const ContentSettings& content_settings);
   void OnSetDefaultContentSettings(const ContentSettings& content_settings);
-  void OnSetImageSettingRules(const ContentSettingsForOneType& settings);
+  void OnSetContentSettingRules(const RendererContentSettingRules& rules);
   void OnSetCacheCapacities(size_t min_dead_capacity,
                             size_t max_dead_capacity,
                             size_t capacity);
@@ -80,7 +80,7 @@ class ChromeRenderProcessObserver : public content::RenderProcessObserver {
   // If true, the web cache shall be cleared before the next navigation event.
   bool clear_cache_pending_;
   ContentSettings default_content_settings_;
-  ContentSettingsForOneType image_setting_rules_;
+  RendererContentSettingRules content_setting_rules_;
 
   DISALLOW_COPY_AND_ASSIGN(ChromeRenderProcessObserver);
 };
diff --git a/chrome/renderer/chrome_render_view_observer.cc b/chrome/renderer/chrome_render_view_observer.cc
index 2fd19c5..fef6187 100644
--- a/chrome/renderer/chrome_render_view_observer.cc
+++ b/chrome/renderer/chrome_render_view_observer.cc
@@ -423,6 +423,15 @@ bool ChromeRenderViewObserver::allowScript(WebFrame* frame,
   return content_settings_->AllowScript(frame, enabled_per_settings);
 }
 
+bool ChromeRenderViewObserver::allowScriptFromSource(
+    WebFrame* frame,
+    bool enabled_per_settings,
+    const WebURL& script_url) {
+  return content_settings_->AllowScriptFromSource(frame,
+                                                  enabled_per_settings,
+                                                  script_url);
+}
+
 bool ChromeRenderViewObserver::allowScriptExtension(
     WebFrame* frame, const WebString& extension_name, int extension_group) {
   return extension_dispatcher_->AllowScriptExtension(
diff --git a/chrome/renderer/chrome_render_view_observer.h b/chrome/renderer/chrome_render_view_observer.h
index f0d8e82..c3e5fca 100644
--- a/chrome/renderer/chrome_render_view_observer.h
+++ b/chrome/renderer/chrome_render_view_observer.h
@@ -90,6 +90,9 @@ class ChromeRenderViewObserver : public content::RenderViewObserver,
                             bool enabled_per_settings) OVERRIDE;
   virtual bool allowScript(WebKit::WebFrame* frame,
                            bool enabled_per_settings) OVERRIDE;
+  virtual bool allowScriptFromSource(WebKit::WebFrame* frame,
+                                     bool enabled_per_settings,
+                                     const WebKit::WebURL& script_url) OVERRIDE;
   virtual bool allowScriptExtension(WebKit::WebFrame* frame,
                                     const WebKit::WebString& extension_name,
                                     int extension_group) OVERRIDE;
diff --git a/chrome/renderer/content_settings_observer.cc b/chrome/renderer/content_settings_observer.cc
index 24b0db3..3d1bfac 100644
--- a/chrome/renderer/content_settings_observer.cc
+++ b/chrome/renderer/content_settings_observer.cc
@@ -59,6 +59,21 @@ GURL GetOriginOrURL(const WebFrame* frame) {
   return GURL(top_origin);
 }
 
+ContentSetting GetContentSettingFromRules(
+    const ContentSettingsForOneType& rules,
+    const GURL& primary_url,
+    const GURL& secondary_url) {
+  ContentSettingsForOneType::const_iterator it;
+  for (it = rules.begin(); it != rules.end(); ++it) {
+    if (it->primary_pattern.Matches(primary_url) &&
+        it->secondary_pattern.Matches(secondary_url)) {
+      return it->setting;
+    }
+  }
+  NOTREACHED();
+  return CONTENT_SETTING_DEFAULT;
+}
+
 }  // namespace
 
 ContentSettingsObserver::ContentSettingsObserver(
@@ -66,7 +81,7 @@ ContentSettingsObserver::ContentSettingsObserver(
     : content::RenderViewObserver(render_view),
       content::RenderViewObserverTracker<ContentSettingsObserver>(render_view),
       default_content_settings_(NULL),
-      image_setting_rules_(NULL),
+      content_setting_rules_(NULL),
       plugins_temporarily_allowed_(false) {
   ClearBlockedContentSettings();
 }
@@ -84,9 +99,9 @@ void ContentSettingsObserver::SetDefaultContentSettings(
   default_content_settings_ = settings;
 }
 
-void ContentSettingsObserver::SetImageSettingRules(
-    const ContentSettingsForOneType* image_setting_rules) {
-  image_setting_rules_ = image_setting_rules;
+void ContentSettingsObserver::SetContentSettingRules(
+    const RendererContentSettingRules* content_setting_rules) {
+  content_setting_rules_ = content_setting_rules;
 }
 
 ContentSetting ContentSettingsObserver::GetContentSetting(
@@ -132,9 +147,10 @@ void ContentSettingsObserver::DidCommitProvisionalLoad(
   NavigationState* state = NavigationState::FromDataSource(frame->dataSource());
   if (!state->was_within_same_page()) {
     // Clear "block" flags for the new page. This needs to happen before any of
-    // allowScripts(), allowImage(), allowPlugins() is called for the new page
-    // so that these functions can correctly detect that a piece of content
-    // flipped from "not blocked" to "blocked".
+    // |AllowScript()|, |AllowScriptFromSource()|, |AllowImage()|, or
+    // |AllowPlugins()| is called for the new page so that these functions can
+    // correctly detect that a piece of content flipped from "not blocked" to
+    // "blocked".
     ClearBlockedContentSettings();
     plugins_temporarily_allowed_ = false;
   }
@@ -217,19 +233,12 @@ bool ContentSettingsObserver::AllowImage(WebFrame* frame,
     return true;
 
   bool allow = enabled_per_settings;
-  const GURL& primary_url = GetOriginOrURL(frame);
-  GURL secondary_url(image_url);
-  if (image_setting_rules_ &&
-      enabled_per_settings) {
-    ContentSettingsForOneType::const_iterator it;
-    for (it = image_setting_rules_->begin();
-         it != image_setting_rules_->end(); ++it) {
-      if (it->primary_pattern.Matches(primary_url) &&
-          it->secondary_pattern.Matches(secondary_url)) {
-        allow = (it->setting != CONTENT_SETTING_BLOCK);
-        break;
-      }
-    }
+  if (content_setting_rules_ && enabled_per_settings) {
+    const GURL& primary_url = GetOriginOrURL(frame);
+    GURL secondary_url(image_url);
+    allow = GetContentSettingFromRules(
+        content_setting_rules_->image_rules,
+        primary_url, secondary_url) != CONTENT_SETTING_BLOCK;
   }
 
   if (!allow)
@@ -259,15 +268,38 @@ bool ContentSettingsObserver::AllowPlugins(WebFrame* frame,
 
 bool ContentSettingsObserver::AllowScript(WebFrame* frame,
                                           bool enabled_per_settings) {
-  if (enabled_per_settings &&
-      AllowContentType(CONTENT_SETTINGS_TYPE_JAVASCRIPT)) {
+  if (!enabled_per_settings)
+    return false;
+  if (IsWhitelistedForContentSettings(frame))
     return true;
+
+  if (content_setting_rules_) {
+    const GURL& primary_url = GetOriginOrURL(frame);
+    GURL secondary_url(frame->document().securityOrigin().toString());
+    return (GetContentSettingFromRules(
+        content_setting_rules_->script_rules,
+        primary_url, secondary_url) != CONTENT_SETTING_BLOCK);
   }
+  return true;
+}
 
+bool ContentSettingsObserver::AllowScriptFromSource(
+    WebFrame* frame,
+    bool enabled_per_settings,
+    const WebKit::WebURL& script_url) {
+  if (!enabled_per_settings)
+    return false;
   if (IsWhitelistedForContentSettings(frame))
     return true;
 
-  return false;  // Other protocols fall through here.
+  if (content_setting_rules_) {
+    const GURL& primary_url = GetOriginOrURL(frame);
+    GURL secondary_url(script_url);
+    return (GetContentSettingFromRules(
+        content_setting_rules_->script_rules,
+        primary_url, secondary_url) != CONTENT_SETTING_BLOCK);
+  }
+  return true;
 }
 
 bool ContentSettingsObserver::AllowStorage(WebFrame* frame, bool local) {
diff --git a/chrome/renderer/content_settings_observer.h b/chrome/renderer/content_settings_observer.h
index acff53b..dd9c7b9 100644
--- a/chrome/renderer/content_settings_observer.h
+++ b/chrome/renderer/content_settings_observer.h
@@ -34,11 +34,11 @@ class ContentSettingsObserver
   // allowPlugins().
   void SetDefaultContentSettings(const ContentSettings* settings);
 
-  // Sets the image setting rules which back |allowImage()|. The
-  // |ContentSettingsForOneType| object must outlive this
+  // Sets the content setting rules which back |AllowImage()|, |AllowScript()|,
+  // and |AllowScriptFromSource()|. |content_setting_rules| must outlive this
   // |ContentSettingsObserver|.
-  void SetImageSettingRules(
-      const ContentSettingsForOneType* image_setting_rules);
+  void SetContentSettingRules(
+      const RendererContentSettingRules* content_setting_rules);
 
   // Returns the setting for the given type.
   ContentSetting GetContentSetting(ContentSettingsType type);
@@ -68,6 +68,8 @@ class ContentSettingsObserver
                       const WebKit::WebSecurityOrigin& origin);
   bool AllowPlugins(WebKit::WebFrame* frame, bool enabled_per_settings);
   bool AllowScript(WebKit::WebFrame* frame, bool enabled_per_settings);
+  bool AllowScriptFromSource(WebKit::WebFrame* frame, bool enabled_per_settings,
+                             const WebKit::WebURL& script_url);
   bool AllowStorage(WebKit::WebFrame* frame, bool local);
   void DidNotAllowPlugins(WebKit::WebFrame* frame);
   void DidNotAllowScript(WebKit::WebFrame* frame);
@@ -102,10 +104,11 @@ class ContentSettingsObserver
   // Stores if loading of scripts and plugins is allowed.
   ContentSettings current_content_settings_;
 
-  // Stores the rules for image content settings. Normally, they are owned by
-  // |ChromeRenderProcessObserver|. In the tests they are owned by the caller of
-  // |SetImageSettingRules|.
-  const ContentSettingsForOneType* image_setting_rules_;
+  // A pointer to content setting rules stored by the renderer. Normally, the
+  // |RendererContentSettingRules| object is owned by
+  // |ChromeRenderProcessObserver|. In the tests it is owned by the caller of
+  // |SetContentSettingRules|.
+  const RendererContentSettingRules* content_setting_rules_;
 
   // Stores if images, scripts, and plugins have actually been blocked.
   bool content_blocked_[CONTENT_SETTINGS_NUM_TYPES];
diff --git a/chrome/renderer/content_settings_observer_browsertest.cc b/chrome/renderer/content_settings_observer_browsertest.cc
index 8bde493..78c7d21 100644
--- a/chrome/renderer/content_settings_observer_browsertest.cc
+++ b/chrome/renderer/content_settings_observer_browsertest.cc
@@ -105,13 +105,18 @@ TEST_F(ChromeRenderViewTest, JSBlockSentAfterPageLoad) {
   LoadHTML(html.c_str());
 
   // 2. Block JavaScript.
-  ContentSettings settings;
-  for (int i = 0; i < CONTENT_SETTINGS_NUM_TYPES; ++i)
-    settings.settings[i] = CONTENT_SETTING_ALLOW;
-  settings.settings[CONTENT_SETTINGS_TYPE_JAVASCRIPT] = CONTENT_SETTING_BLOCK;
+  RendererContentSettingRules content_setting_rules;
+  ContentSettingsForOneType& script_setting_rules =
+      content_setting_rules.script_rules;
+  script_setting_rules.push_back(
+      ContentSettingPatternSource(
+          ContentSettingsPattern::Wildcard(),
+          ContentSettingsPattern::Wildcard(),
+          CONTENT_SETTING_BLOCK,
+          "",
+          false));
   ContentSettingsObserver* observer = ContentSettingsObserver::Get(view_);
-  observer->SetContentSettings(settings);
-  observer->SetDefaultContentSettings(&settings);
+  observer->SetContentSettingRules(&content_setting_rules);
 
   // Make sure no pending messages are in the queue.
   ProcessPendingMessages();
@@ -174,7 +179,9 @@ TEST_F(ChromeRenderViewTest, ImagesBlockedByDefault) {
   LoadHTML("<html>Foo</html>");
 
   // Set the default image blocking setting.
-  ContentSettingsForOneType image_setting_rules;
+  RendererContentSettingRules content_setting_rules;
+  ContentSettingsForOneType& image_setting_rules =
+      content_setting_rules.image_rules;
   image_setting_rules.push_back(
       ContentSettingPatternSource(ContentSettingsPattern::Wildcard(),
                                   ContentSettingsPattern::Wildcard(),
@@ -183,7 +190,7 @@ TEST_F(ChromeRenderViewTest, ImagesBlockedByDefault) {
                                   false));
 
   ContentSettingsObserver* observer = ContentSettingsObserver::Get(view_);
-  observer->SetImageSettingRules(&image_setting_rules);
+  observer->SetContentSettingRules(&content_setting_rules);
   EXPECT_CALL(mock_observer,
               OnContentBlocked(CONTENT_SETTINGS_TYPE_IMAGES, std::string()));
   EXPECT_FALSE(observer->AllowImage(GetMainFrame(),
@@ -215,7 +222,9 @@ TEST_F(ChromeRenderViewTest, ImagesAllowedByDefault) {
   LoadHTML("<html>Foo</html>");
 
   // Set the default image blocking setting.
-  ContentSettingsForOneType image_setting_rules;
+  RendererContentSettingRules content_setting_rules;
+  ContentSettingsForOneType& image_setting_rules =
+      content_setting_rules.image_rules;
   image_setting_rules.push_back(
       ContentSettingPatternSource(ContentSettingsPattern::Wildcard(),
                                   ContentSettingsPattern::Wildcard(),
@@ -224,7 +233,7 @@ TEST_F(ChromeRenderViewTest, ImagesAllowedByDefault) {
                                   false));
 
   ContentSettingsObserver* observer = ContentSettingsObserver::Get(view_);
-  observer->SetImageSettingRules(&image_setting_rules);
+  observer->SetContentSettingRules(&content_setting_rules);
   EXPECT_CALL(
       mock_observer,
       OnContentBlocked(CONTENT_SETTINGS_TYPE_IMAGES, std::string())).Times(0);
@@ -247,3 +256,75 @@ TEST_F(ChromeRenderViewTest, ImagesAllowedByDefault) {
                                     true, mock_observer.image_url_));
   ::testing::Mock::VerifyAndClearExpectations(&observer);
 }
+
+TEST_F(ChromeRenderViewTest, ContentSettingsBlockScripts) {
+  // Set the content settings for scripts.
+  RendererContentSettingRules content_setting_rules;
+  ContentSettingsForOneType& script_setting_rules =
+      content_setting_rules.script_rules;
+  script_setting_rules.push_back(
+      ContentSettingPatternSource(
+          ContentSettingsPattern::Wildcard(),
+          ContentSettingsPattern::Wildcard(),
+          CONTENT_SETTING_BLOCK,
+          "",
+          false));
+
+  ContentSettingsObserver* observer = ContentSettingsObserver::Get(view_);
+  observer->SetContentSettingRules(&content_setting_rules);
+
+  // Load a page which contains a script.
+  std::string html = "<html>"
+                     "<head>"
+                     "<script src='data:foo'></script>"
+                     "</head>"
+                     "<body>"
+                     "</body>"
+                     "</html>";
+  LoadHTML(html.c_str());
+
+  // Verify that the script was blocked.
+  bool was_blocked = false;
+  for (size_t i = 0; i < render_thread_->sink().message_count(); ++i) {
+    const IPC::Message* msg = render_thread_->sink().GetMessageAt(i);
+    if (msg->type() == ChromeViewHostMsg_ContentBlocked::ID)
+      was_blocked = true;
+  }
+  EXPECT_TRUE(was_blocked);
+}
+
+TEST_F(ChromeRenderViewTest, ContentSettingsAllowScripts) {
+  // Set the content settings for scripts.
+  RendererContentSettingRules content_setting_rules;
+  ContentSettingsForOneType& script_setting_rules =
+      content_setting_rules.script_rules;
+  script_setting_rules.push_back(
+      ContentSettingPatternSource(
+          ContentSettingsPattern::Wildcard(),
+          ContentSettingsPattern::Wildcard(),
+          CONTENT_SETTING_ALLOW,
+          "",
+          false));
+
+  ContentSettingsObserver* observer = ContentSettingsObserver::Get(view_);
+  observer->SetContentSettingRules(&content_setting_rules);
+
+  // Load a page which contains a script.
+  std::string html = "<html>"
+                     "<head>"
+                     "<script src='data:foo'></script>"
+                     "</head>"
+                     "<body>"
+                     "</body>"
+                     "</html>";
+  LoadHTML(html.c_str());
+
+  // Verify that the script was not blocked.
+  bool was_blocked = false;
+  for (size_t i = 0; i < render_thread_->sink().message_count(); ++i) {
+    const IPC::Message* msg = render_thread_->sink().GetMessageAt(i);
+    if (msg->type() == ChromeViewHostMsg_ContentBlocked::ID)
+      was_blocked = true;
+  }
+  EXPECT_FALSE(was_blocked);
+}