Comments from bsmith in bug 802905: > > Also, need to make sure that CSP handles unknown content types like > > TYPE_OTHER, to match the required behavior described in the comments for > > TYPE_OTHER that were added to this patch. In the new documentation in nsIContentPolicy, it says that content policy implementations must treat unknown types the same as they treat TYPE_OTHER. So, let's take an arbitrary unknown content type like 55. csp._MAPPINGS is null, which means CSP will not block the content. But, instead, CSP should handle the content just like it does for csp._MAPPINGS[TYPE_OTHER], which maps to cspr_sd.DEFAULT_SRC. (I think the best way to resolve this is to have null mean DEFAULT_SRC, and have a new explicit value for "CSP cannot block this" instead of using null to mean that. But, there are other ways of doing it.)
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 809982
You need to log in before you can comment on or make changes to this bug.