This nixes the changes to nsContentUtils altogether, and allows the image load (if the content policy denies it) only if the REJECT type is TYPE || SERVER.
According to the idl this should be fine, REJECT_REQUEST is for other reasons that we may not want to bypass, but REJECT_{IMAGE|SERVER} are directly connected with permissions granted either to images as a whole or to this particular server.
I tried to write a test for this, but I can't seem to figure out how to detect an image rejection or success on the image itself...
Since bz gave me the r-/sr-, is it ok that I ask you for r/sr or do you want jonas to look at this as well?
Created an attachment (id=382357)
patch ver.2
This nixes the changes to nsContentUtils altogether, and allows the image load (if the content policy denies it) only if the REJECT type is TYPE || SERVER.
According to the idl this should be fine, REJECT_REQUEST is for other reasons that we may not want to bypass, but REJECT_ {IMAGE| SERVER} are directly connected with permissions granted either to images as a whole or to this particular server.
I tried to write a test for this, but I can't seem to figure out how to detect an image rejection or success on the image itself...
Since bz gave me the r-/sr-, is it ok that I ask you for r/sr or do you want jonas to look at this as well?