Delegating the "are images allowed" decision to renderer.

chrome/renderer/content_settings_observer.cc

Index: chrome/renderer/content_settings_observer.cc
diff --git a/chrome/renderer/content_settings_observer.cc b/chrome/renderer/content_settings_observer.cc
index 94150e65b4ff6968ee426bb3a351b9eb13b55024..98dc12d2912598b478955fa6f8b8a2096af42ec8 100644
--- a/chrome/renderer/content_settings_observer.cc
+++ b/chrome/renderer/content_settings_observer.cc
@@ -75,6 +75,11 @@ void ContentSettingsObserver::SetDefaultContentSettings(
   default_settings_ = settings;
 }
 
+void ContentSettingsObserver::SetImageSettingRules(
+    const ContentSettingsForOneType* image_setting_rules) {
+  image_setting_rules_ = image_setting_rules;
+}
+
 ContentSetting ContentSettingsObserver::GetContentSetting(
     ContentSettingsType type) {
   // Don't call this for plug-ins.
@@ -118,7 +123,7 @@ void ContentSettingsObserver::DidCommitProvisionalLoad(
   NavigationState* state = NavigationState::FromDataSource(frame->dataSource());
   if (!state->was_within_same_page()) {
     // Clear "block" flags for the new page. This needs to happen before any of
-    // allowScripts(), allowImages(), allowPlugins() is called for the new page
+    // allowScripts(), allowImage(), allowPlugins() is called for the new page
     // so that these functions can correctly detect that a piece of content
     // flipped from "not blocked" to "blocked".
     ClearBlockedContentSettings();
@@ -198,16 +203,38 @@ bool ContentSettingsObserver::AllowFileSystem(WebFrame* frame) {
 bool ContentSettingsObserver::AllowImage(WebFrame* frame,
                                          bool enabled_per_settings,
                                          const WebURL& image_url) {
-  if (enabled_per_settings &&
-      AllowContentType(CONTENT_SETTINGS_TYPE_IMAGES)) {
-    return true;
-  }
-
   if (IsWhitelistedForContentSettings(frame))
     return true;
 
-  DidBlockContentType(CONTENT_SETTINGS_TYPE_IMAGES, std::string());
-  return false;  // Other protocols fall through here.
+  bool allow = enabled_per_settings;
+
+  WebString top_origin = frame->top()->document().securityOrigin().toString();
+  GURL page_url(frame->document().url());
+  GURL primary_url;
+  // For file:// URLs, the top_origin is unique ("null"). Use the file:// URL as
+  // the primary URL.
+  if (top_origin == "null" && page_url.SchemeIsFile())

[Bernhard Bauer, 2011/10/21 10:10:10]

Are there other cases where we might want to use the URL instead? 
http://codesearch.google.com/codesearch#OAMlx_jo-ck/src/third_party/WebKit/So...
says that the SecurityOrigin could be unique for sandboxed iframes as well.

Also, we might want to pull this out into a general method (for example, to use
it for plug-in content settings as well).

[marja, 2011/10/21 10:25:05]

How about this version: use the doc url always when the top origin url is
unique? (I'd like to leave out from this CL the other Allow* funcs using this
func.) Still lgty?

[Bernhard Bauer, 2011/10/21 10:57:35]

I guess both versions serve the file URL use case, which is what I was concerned
about, so LGTM. I don't know enough about all the other edge cases to judge how
we want to treat them.

+    primary_url = page_url;
+  else
+    primary_url = GURL(top_origin);
+
+  GURL secondary_url(image_url);
+  if (image_setting_rules_ &&
+      enabled_per_settings) {
+    ContentSettingsForOneType::const_iterator it;
+    for (it = image_setting_rules_->begin();
+         it != image_setting_rules_->end(); ++it) {
+      if (it->primary_pattern.Matches(primary_url) &&
+          it->secondary_pattern.Matches(secondary_url)) {
+        allow = (it->setting != CONTENT_SETTING_BLOCK);
+        break;
+      }
+    }
+  }
+
+  if (!allow)
+    DidBlockContentType(CONTENT_SETTINGS_TYPE_IMAGES, std::string());
+  return allow;
 }
 
 bool ContentSettingsObserver::AllowIndexedDB(WebFrame* frame,