Delegating the "are images allowed" decision to renderer.

chrome/renderer/content_settings_observer.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/renderer/content_settings_observer.h"
 
 #include "chrome/common/render_messages.h"
 #include "chrome/common/url_constants.h"
 #include "content/common/database_messages.h"
 #include "content/public/renderer/navigation_state.h"
@@ skipping 38 matching lines @@
   }
 
   return false;
 }
 
 }  // namespace
 
 ContentSettings ContentSettingsObserver::default_settings_;
 
 ContentSettingsObserver::ContentSettingsObserver(
-    content::RenderView* render_view)
+    content::RenderView* render_view,
+    const ContentSettingsForOneType* image_setting_rules)
     : content::RenderViewObserver(render_view),
       content::RenderViewObserverTracker<ContentSettingsObserver>(render_view),
+      image_setting_rules_(image_setting_rules),
       plugins_temporarily_allowed_(false) {
   ClearBlockedContentSettings();
 }
 
 ContentSettingsObserver::~ContentSettingsObserver() {
 }
 
 void ContentSettingsObserver::SetContentSettings(
     const ContentSettings& settings) {
   current_content_settings_ = settings;
@@ skipping 42 matching lines @@
 }
 
 void ContentSettingsObserver::DidCommitProvisionalLoad(
     WebFrame* frame, bool is_new_navigation) {
   if (frame->parent())
     return; // Not a top-level navigation.
 
   NavigationState* state = NavigationState::FromDataSource(frame->dataSource());
   if (!state->was_within_same_page()) {
     // Clear "block" flags for the new page. This needs to happen before any of
-    // allowScripts(), allowImages(), allowPlugins() is called for the new page
+    // allowScripts(), allowImage(), allowPlugins() is called for the new page
     // so that these functions can correctly detect that a piece of content
     // flipped from "not blocked" to "blocked".
     ClearBlockedContentSettings();
     plugins_temporarily_allowed_ = false;
   }
 
   GURL url = frame->document().url();
 
   if (frame->document().securityOrigin().toString() == "null" &&
       !url.SchemeIs(chrome::kFileScheme)) {
@@ skipping 59 matching lines @@
   bool result = false;
   Send(new ChromeViewHostMsg_AllowFileSystem(
       routing_id(), GURL(frame->document().securityOrigin().toString()),
       GURL(frame->top()->document().securityOrigin().toString()), &result));
   return result;
 }
 
 bool ContentSettingsObserver::AllowImage(WebFrame* frame,
                                          bool enabled_per_settings,
                                          const WebURL& image_url) {
-  if (enabled_per_settings &&
-      AllowContentType(CONTENT_SETTINGS_TYPE_IMAGES)) {
-    return true;
-  }
-
+  DCHECK(image_setting_rules_);
   if (IsWhitelistedForContentSettings(frame))
     return true;
 
-  DidBlockContentType(CONTENT_SETTINGS_TYPE_IMAGES, std::string());
-  return false;  // Other protocols fall through here.
+  if (frame->document().securityOrigin().isEmpty() ||
+      frame->top()->document().securityOrigin().isEmpty()) {

[Bernhard Bauer, 2011/10/17 13:13:19]

Nit: If you move this check into the |if (enabled_per_settings)| below, you can
remove this call to |DidBlockContentType|.

[marja, 2011/10/18 12:23:02]

Done.

+    DidBlockContentType(CONTENT_SETTINGS_TYPE_IMAGES, std::string());
+    return false;  // Uninitialized document.
+  }
+
+  bool allow = false;
+  GURL top_url(frame->top()->document().securityOrigin().toString());
+  GURL image_gurl(image_url);
+  if (enabled_per_settings) {
+    ContentSettingsForOneType::const_iterator it;
+    for (it = image_setting_rules_->begin();
+         it != image_setting_rules_->end(); ++it) {
+      if (it->a.Matches(top_url) && it->b.Matches(image_gurl)) {
+        allow = (it->c != CONTENT_SETTING_BLOCK);
+        break;
+      }
+    }
+  }
+
+  if (!allow)
+    DidBlockContentType(CONTENT_SETTINGS_TYPE_IMAGES, std::string());
+  return allow;
 }
 
 bool ContentSettingsObserver::AllowIndexedDB(WebFrame* frame,
                                              const WebString& name,
                                              const WebSecurityOrigin& origin) {
   if (frame->document().securityOrigin().isEmpty() ||
       frame->top()->document().securityOrigin().isEmpty())
     return false; // Uninitialized document.
 
   bool result = false;
@@ skipping 67 matching lines @@
   // CONTENT_SETTING_ASK is only valid for cookies.
   return current_content_settings_.settings[settings_type] !=
       CONTENT_SETTING_BLOCK;
 }
 
 void ContentSettingsObserver::ClearBlockedContentSettings() {
   for (size_t i = 0; i < arraysize(content_blocked_); ++i)
     content_blocked_[i] = false;
   cached_storage_permissions_.clear();
 }