Closed Bug 1819898 Opened 1 year ago Closed 1 year ago

Use internal content policy types for determining IsUpgradableDisplayType

Categories

(Core :: DOM: Security, task, P3)

task

Tracking

()

RESOLVED FIXED
112 Branch
Tracking Status
firefox112 --- fixed

People

(Reporter: freddy, Assigned: ckerschb)

References

(Blocks 1 open bug)

Details

(Whiteboard: [domsecurity-active])

Attachments

(1 file)

Looks like we use the external contentpolicytype and the internal contentpolicytype interchangeably.

For a more robust implementation, more consistency would be reasonable.
The "is upgradable display type" check looks at the external IMAGE and MEDIA types (https://searchfox.org/mozilla-central/rev/f7edb0b474a1a922f3285107620e802c6e19914d/dom/base/nsContentUtils.cpp#8647-8651), but that also includes <track>?

Our telemetry seems to have looked at the internal content policy type which is more detailed

Further breadcrumbs:
https://searchfox.org/mozilla-central/rev/f7edb0b474a1a922f3285107620e802c6e19914d/dom/security/nsMixedContentBlocker.cpp#757-763

Assignee: nobody → ckerschb
Status: NEW → ASSIGNED
Whiteboard: [domsecurity-active]
Summary: Use and track the correct contentpolicytypes in mixed-content blocking → Use internal content policy types for determining IsUpgradableDisplayType
Blocks: 1820474
Pushed by mozilla@christophkerschbaumer.com:
https://hg.mozilla.org/integration/autoland/rev/5804b3277416
Use internal content policy types for determining IsUpgradableDisplayType, r=freddyb
Status: ASSIGNED → RESOLVED
Closed: 1 year ago
Resolution: --- → FIXED
Target Milestone: --- → 112 Branch
Duplicate of this bug: 1439463
You need to log in before you can comment on or make changes to this bug.