diff --git a/dom/html/ImageDocument.cpp b/dom/html/ImageDocument.cpp index 2b0ea3f0e581..2e037284a6ed 100644 --- a/dom/html/ImageDocument.cpp +++ b/dom/html/ImageDocument.cpp @@ -23,6 +23,7 @@ #include "nsGenericHTMLElement.h" #include "nsDocShell.h" #include "DocumentInlines.h" +#include "ImageBlocker.h" #include "nsDOMTokenList.h" #include "nsIDOMEventListener.h" #include "nsIFrame.h" @@ -76,33 +77,13 @@ ImageListener::OnStartRequest(nsIRequest* request) { nsCOMPtr domWindow = imgDoc->GetWindow(); NS_ENSURE_TRUE(domWindow, NS_ERROR_UNEXPECTED); - // Do a ShouldProcess check to see whether to keep loading the image. + // This is an image being loaded as a document, so it's not going to be + // detected by the ImageBlocker. However we don't want to call + // NS_CheckContentLoadPolicy (with an TYPE_INTERNAL_IMAGE) here, as it would + // e.g. make this image load be detectable by CSP. nsCOMPtr channelURI; channel->GetURI(getter_AddRefs(channelURI)); - - nsCOMPtr loadInfo = channel->LoadInfo(); - // query the corresponding arguments for the channel loadinfo and pass - // it on to the temporary loadinfo used for content policy checks. - nsCOMPtr requestingNode = domWindow->GetFrameElementInternal(); - nsCOMPtr loadingPrincipal; - if (requestingNode) { - loadingPrincipal = requestingNode->NodePrincipal(); - } else { - nsContentUtils::GetSecurityManager()->GetChannelResultPrincipal( - channel, getter_AddRefs(loadingPrincipal)); - } - - nsCOMPtr secCheckLoadInfo = new net::LoadInfo( - loadingPrincipal, loadInfo->TriggeringPrincipal(), requestingNode, - nsILoadInfo::SEC_ONLY_FOR_EXPLICIT_CONTENTSEC_CHECK, - nsIContentPolicy::TYPE_INTERNAL_IMAGE); - - int16_t decision = nsIContentPolicy::ACCEPT; - nsresult rv = - NS_CheckContentProcessPolicy(channelURI, secCheckLoadInfo, &decision, - nsContentUtils::GetContentPolicy()); - - if (NS_FAILED(rv) || NS_CP_REJECTED(decision)) { + if (image::ImageBlocker::ShouldBlock(channelURI)) { request->Cancel(NS_ERROR_CONTENT_BLOCKED); return NS_OK; } diff --git a/dom/html/reftests/iframe-with-image-src.html b/dom/html/reftests/iframe-with-image-src.html new file mode 100644 index 000000000000..554abc60db23 --- /dev/null +++ b/dom/html/reftests/iframe-with-image-src.html @@ -0,0 +1,6 @@ + + + + + + diff --git a/dom/html/reftests/reftest.list b/dom/html/reftests/reftest.list index 4dc3df7a4ac0..77dd250af967 100644 --- a/dom/html/reftests/reftest.list +++ b/dom/html/reftests/reftest.list @@ -60,6 +60,9 @@ fuzzy(0-3,0-7544) fuzzy-if(!geckoview,2-3,50-7544) == bug917595-exif-rotated.jpg # Test imageset is using permissions.default.image pref(permissions.default.image,1) HTTP == bug1196784-with-srcset.html bug1196784-no-srcset.html pref(permissions.default.image,2) HTTP == bug1196784-with-srcset.html bug1196784-no-srcset.html +# Test