At first glance it does appear that this policy will dramatically limit the ease of adding third-party content to the page, such as ads, if that content uses scripts. For one thing, ad content will need to be rewritten to load external .js files. For a service such as Google Analytics the service provider will need to document all the hostnames that serve any JS content (assuming the initial .js file loads additional scripts, which is relatively common).
This policy has the potential to be extremely powerful but the difficulty in implementation is relatively high, especially for many of the popular sites. However, for any sites which don't have ads it could be easily done. I know that the site I maintain would need some framework upgrades to support this feature, however, when coding with this approach in mind it is easy enough to apply. And it's fully backwards compatible, which is great.