On 7/1/14 7:28 AM, Doug Turner wrote:
adding tanvi.
On Jul 1, 2014, at 7:20, Boris Zbarsky <bzbar...@mit.edu> wrote:
On 7/1/14, 6:06 AM, Anne van Kesteren wrote:
Hi Doug, Patrick, Boris,
ccing Jonas, since he's been thinking about this a lot recently.
https://developer.mozilla.org/en-US/docs/Mozilla/Tech/XPCOM/Reference/Interface/nsIContentPolicy
suggests we have somewhat less granularity than Chromium / the
specification at the moment, but I'm not sure if that's up to date.
It's up to date, but Jonas is in the middle of working on a replacement for
that API.
The "content policy types" in
https://developer.mozilla.org/en-US/docs/Mozilla/Tech/XPCOM/Reference/Interface/nsIContentPolicy#Constants
are mostly up-to-date. We've added a few more:
TYPE_CSP_REPORT
TYPE_XSLT
TYPE_BEACON
http://mxr.mozilla.org/mozilla-central/source/content/base/public/nsIContentPolicy.idl#138
The work we are doing on the replacement API doesn't change these
types. Each content policy uses these types, the request origin, and
the requesting origin to determine whether or not the content can be
loaded. Looks like some of these map to
http://fetch.spec.whatwg.org/#concept-request-context, but we are
missing quite a few. As new types are introduced into our code base,
developers are encouraged to create new constants and avoid using
TYPE_OTHER. We can add a followup item to our project to extend these
types and add granularity.
~Tanvi
_______________________________________________
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform
