diff --git a/dom/html/ImageDocument.cpp b/dom/html/ImageDocument.cpp
index 2b0ea3f0e581..2e037284a6ed 100644
--- a/dom/html/ImageDocument.cpp
+++ b/dom/html/ImageDocument.cpp
@@ -23,6 +23,7 @@
#include "nsGenericHTMLElement.h"
#include "nsDocShell.h"
#include "DocumentInlines.h"
+#include "ImageBlocker.h"
#include "nsDOMTokenList.h"
#include "nsIDOMEventListener.h"
#include "nsIFrame.h"
@@ -76,33 +77,13 @@ ImageListener::OnStartRequest(nsIRequest* request) {
nsCOMPtr domWindow = imgDoc->GetWindow();
NS_ENSURE_TRUE(domWindow, NS_ERROR_UNEXPECTED);
- // Do a ShouldProcess check to see whether to keep loading the image.
+ // This is an image being loaded as a document, so it's not going to be
+ // detected by the ImageBlocker. However we don't want to call
+ // NS_CheckContentLoadPolicy (with an TYPE_INTERNAL_IMAGE) here, as it would
+ // e.g. make this image load be detectable by CSP.
nsCOMPtr channelURI;
channel->GetURI(getter_AddRefs(channelURI));
-
- nsCOMPtr loadInfo = channel->LoadInfo();
- // query the corresponding arguments for the channel loadinfo and pass
- // it on to the temporary loadinfo used for content policy checks.
- nsCOMPtr requestingNode = domWindow->GetFrameElementInternal();
- nsCOMPtr loadingPrincipal;
- if (requestingNode) {
- loadingPrincipal = requestingNode->NodePrincipal();
- } else {
- nsContentUtils::GetSecurityManager()->GetChannelResultPrincipal(
- channel, getter_AddRefs(loadingPrincipal));
- }
-
- nsCOMPtr secCheckLoadInfo = new net::LoadInfo(
- loadingPrincipal, loadInfo->TriggeringPrincipal(), requestingNode,
- nsILoadInfo::SEC_ONLY_FOR_EXPLICIT_CONTENTSEC_CHECK,
- nsIContentPolicy::TYPE_INTERNAL_IMAGE);
-
- int16_t decision = nsIContentPolicy::ACCEPT;
- nsresult rv =
- NS_CheckContentProcessPolicy(channelURI, secCheckLoadInfo, &decision,
- nsContentUtils::GetContentPolicy());
-
- if (NS_FAILED(rv) || NS_CP_REJECTED(decision)) {
+ if (image::ImageBlocker::ShouldBlock(channelURI)) {
request->Cancel(NS_ERROR_CONTENT_BLOCKED);
return NS_OK;
}
diff --git a/dom/html/reftests/iframe-with-image-src.html b/dom/html/reftests/iframe-with-image-src.html
new file mode 100644
index 000000000000..554abc60db23
--- /dev/null
+++ b/dom/html/reftests/iframe-with-image-src.html
@@ -0,0 +1,6 @@
+
+
+
+
+
+
diff --git a/dom/html/reftests/reftest.list b/dom/html/reftests/reftest.list
index 4dc3df7a4ac0..77dd250af967 100644
--- a/dom/html/reftests/reftest.list
+++ b/dom/html/reftests/reftest.list
@@ -60,6 +60,9 @@ fuzzy(0-3,0-7544) fuzzy-if(!geckoview,2-3,50-7544) == bug917595-exif-rotated.jpg
# Test imageset is using permissions.default.image
pref(permissions.default.image,1) HTTP == bug1196784-with-srcset.html bug1196784-no-srcset.html
pref(permissions.default.image,2) HTTP == bug1196784-with-srcset.html bug1196784-no-srcset.html
+# Test