diff --git a/app/packager_common.cc b/app/packager_common.cc
index fbf314d74b..c09bdf6c65 100644
--- a/app/packager_common.cc
+++ b/app/packager_common.cc
@@ -69,6 +69,7 @@ scoped_ptr<EncryptionKeySource> CreateEncryptionKeySource() {
     encryption_key_source.reset(new WidevineEncryptionKeySource(
         FLAGS_key_server_url,
         FLAGS_content_id,
+        FLAGS_policy,
         signer.Pass(),
         FLAGS_crypto_period_duration == 0 ? kDisableKeyRotation : 0));
   } else if (FLAGS_enable_fixed_key_encryption) {
diff --git a/app/widevine_encryption_flags.cc b/app/widevine_encryption_flags.cc
index a69ef465ac..bdb2aa1ed3 100644
--- a/app/widevine_encryption_flags.cc
+++ b/app/widevine_encryption_flags.cc
@@ -17,6 +17,10 @@ DEFINE_bool(enable_widevine_encryption,
             "--aes_signing_iv) or RSA signing key (--rsa_signing_key_path).");
 DEFINE_string(key_server_url, "", "Key server url.");
 DEFINE_string(content_id, "", "Content Id.");
+DEFINE_string(policy,
+              "",
+              "The name of a stored policy, which specifies DRM content "
+              "rights.");
 DEFINE_int32(max_sd_pixels,
              768 * 576,
              "If the video track has more pixels per frame than max_sd_pixels, "
diff --git a/app/widevine_encryption_flags.h b/app/widevine_encryption_flags.h
index 3c7cb1e2cc..264d393a00 100644
--- a/app/widevine_encryption_flags.h
+++ b/app/widevine_encryption_flags.h
@@ -14,6 +14,7 @@
 DECLARE_bool(enable_widevine_encryption);
 DECLARE_string(key_server_url);
 DECLARE_string(content_id);
+DECLARE_string(policy);
 DECLARE_int32(max_sd_pixels);
 DECLARE_string(signer);
 DECLARE_string(aes_signing_key);
diff --git a/media/base/http_fetcher.cc b/media/base/http_fetcher.cc
index 818b61d671..ee741f3d23 100644
--- a/media/base/http_fetcher.cc
+++ b/media/base/http_fetcher.cc
@@ -180,7 +180,8 @@ Status SimpleHttpFetcher::FetchInternal(const std::string& method,
   }
 
   if (status_code != kHttpOK) {
-    std::string error_message = "HTTP returns status " + base::IntToString(status_code);
+    std::string error_message =
+        "HTTP returns status " + base::IntToString(status_code);
     LOG(ERROR) << error_message;
     return Status(error::HTTP_FAILURE, error_message);
   }
diff --git a/media/base/widevine_encryption_key_source.cc b/media/base/widevine_encryption_key_source.cc
index cbcf980cc0..41139b7297 100644
--- a/media/base/widevine_encryption_key_source.cc
+++ b/media/base/widevine_encryption_key_source.cc
@@ -126,11 +126,13 @@ class WidevineEncryptionKeySource::RefCountedEncryptionKeyMap
 WidevineEncryptionKeySource::WidevineEncryptionKeySource(
     const std::string& server_url,
     const std::string& content_id,
+    const std::string& policy,
     scoped_ptr<RequestSigner> signer,
     int first_crypto_period_index)
     : http_fetcher_(new SimpleHttpFetcher()),
       server_url_(server_url),
       content_id_(content_id),
+      policy_(policy),
       signer_(signer.Pass()),
       key_rotation_enabled_(first_crypto_period_index >= 0),
       crypto_period_count_(kDefaultCryptoPeriodCount),
@@ -268,7 +270,7 @@ void WidevineEncryptionKeySource::FillRequest(const std::string& content_id,
 
   base::DictionaryValue request_dict;
   request_dict.SetString("content_id", content_id_base64_string);
-  request_dict.SetString("policy", "");
+  request_dict.SetString("policy", policy_);
 
   // Build tracks.
   base::ListValue* tracks = new base::ListValue();
diff --git a/media/base/widevine_encryption_key_source.h b/media/base/widevine_encryption_key_source.h
index b1e027ac52..4bad3e66fb 100644
--- a/media/base/widevine_encryption_key_source.h
+++ b/media/base/widevine_encryption_key_source.h
@@ -28,11 +28,13 @@ class WidevineEncryptionKeySource : public EncryptionKeySource {
  public:
   /// @param server_url is the Widevine common encryption server url.
   /// @param content_id the unique id identify the content to be encrypted.
+  /// @param policy specifies the DRM content rights.
   /// @param signer signs the request message. It should not be NULL.
   /// @param first_crypto_period_index indicates the starting crypto period
   ///        index. Set it to kDisableKeyRotation to disable key rotation.
   WidevineEncryptionKeySource(const std::string& server_url,
                               const std::string& content_id,
+                              const std::string& policy,
                               scoped_ptr<RequestSigner> signer,
                               int first_crypto_period_index);
   virtual ~WidevineEncryptionKeySource();
@@ -89,6 +91,7 @@ class WidevineEncryptionKeySource : public EncryptionKeySource {
   scoped_ptr<HttpFetcher> http_fetcher_;
   std::string server_url_;
   std::string content_id_;
+  std::string policy_;
   scoped_ptr<RequestSigner> signer_;
 
   const bool key_rotation_enabled_;
diff --git a/media/base/widevine_encryption_key_source_unittest.cc b/media/base/widevine_encryption_key_source_unittest.cc
index ec23688a02..bcd71ad12f 100644
--- a/media/base/widevine_encryption_key_source_unittest.cc
+++ b/media/base/widevine_encryption_key_source_unittest.cc
@@ -18,6 +18,7 @@
 namespace {
 const char kServerUrl[] = "http://www.foo.com/getcontentkey";
 const char kContentId[] = "ContentFoo";
+const char kPolicy[] = "PolicyFoo";
 const char kSignerName[] = "SignerFoo";
 
 const char kMockSignature[] = "MockSignature";
@@ -32,7 +33,7 @@ const char kLicenseStatusTransientError[] = "INTERNAL_ERROR";
 const char kLicenseStatusUnknownError[] = "UNKNOWN_ERROR";
 
 const char kExpectedRequestMessageFormat[] =
-    "{\"content_id\":\"%s\",\"drm_types\":[\"WIDEVINE\"],\"policy\":\"\","
+    "{\"content_id\":\"%s\",\"drm_types\":[\"WIDEVINE\"],\"policy\":\"%s\","
     "\"tracks\":[{\"type\":\"SD\"},{\"type\":\"HD\"},{\"type\":\"AUDIO\"}]}";
 const char kExpectedSignedMessageFormat[] =
     "{\"request\":\"%s\",\"signature\":\"%s\",\"signer\":\"%s\"}";
@@ -135,6 +136,7 @@ class WidevineEncryptionKeySourceTest : public ::testing::Test {
     widevine_encryption_key_source_.reset(new WidevineEncryptionKeySource(
         kServerUrl,
         kContentId,
+        kPolicy,
         mock_request_signer_.PassAs<RequestSigner>(),
         first_crypto_period_index));
     widevine_encryption_key_source_->set_http_fetcher(
@@ -175,7 +177,7 @@ TEST_F(WidevineEncryptionKeySourceTest, GenerateSignatureFailure) {
 // verify the correct behavior on http failure.
 TEST_F(WidevineEncryptionKeySourceTest, HttpPostFailure) {
   std::string expected_message = base::StringPrintf(
-      kExpectedRequestMessageFormat, Base64Encode(kContentId).c_str());
+      kExpectedRequestMessageFormat, Base64Encode(kContentId).c_str(), kPolicy);
   EXPECT_CALL(*mock_request_signer_, GenerateSignature(expected_message, _))
       .WillOnce(DoAll(SetArgPointee<1>(kMockSignature), Return(true)));
 
@@ -271,7 +273,7 @@ namespace {
 
 const char kCryptoPeriodRequestMessageFormat[] =
     "{\"content_id\":\"%s\",\"crypto_period_count\":%u,\"drm_types\":["
-    "\"WIDEVINE\"],\"first_crypto_period_index\":%u,\"policy\":\"\","
+    "\"WIDEVINE\"],\"first_crypto_period_index\":%u,\"policy\":\"%s\","
     "\"tracks\":[{\"type\":\"SD\"},{\"type\":\"HD\"},{\"type\":\"AUDIO\"}]}";
 
 const char kCryptoPeriodTrackFormat[] =
@@ -323,7 +325,8 @@ TEST_F(WidevineEncryptionKeySourceTest, KeyRotationTest) {
         base::StringPrintf(kCryptoPeriodRequestMessageFormat,
                            Base64Encode(kContentId).c_str(),
                            kCryptoPeriodCount,
-                           first_crypto_period_index);
+                           first_crypto_period_index,
+                           kPolicy);
     EXPECT_CALL(*mock_request_signer_, GenerateSignature(expected_message, _))
         .WillOnce(DoAll(SetArgPointee<1>(kMockSignature), Return(true)));