Backed out 7 changesets (bug 1048048) for android crashes in various chunks CLOSED TREE
authorWes Kocher <wkocher@mozilla.com>
Mon, 21 Sep 2015 09:08:34 -0700
changeset 263550 2f837630f5566d281aa6f51adb9cc2374da7fedc
parent 263549 155d2bf89d8822c78de7952f07b0d7c0a3c37c5c
child 263551 36d21c206b91cc48300b59583130c0dc63cefd9b
push id65349
push userkwierso@gmail.com
push dateMon, 21 Sep 2015 16:08:43 +0000
treeherdermozilla-inbound@2f837630f556 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
bugs1048048
milestone43.0a1
backs outb5abe23a4ea5934d7cb1e75e86c5b79eeb5e9f22
4f91b10e8be000ee5408461c74099ca96156c0cf
450d4a13c90e95a58caa398e4fcc0a71f4800071
6a727c40eb68d4b84d64d1e173b7401a982fda23
88c2333ff7455b6988eb8d6ccc5e92b414a7ccf8
740ab1ecd0794b5a304b93ef528c8aa4c68ca417
02c6d6aef163530bafee0d39761f18ca3aa1f40c
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Backed out 7 changesets (bug 1048048) for android crashes in various chunks CLOSED TREE Backed out changeset b5abe23a4ea5 (bug 1048048) Backed out changeset 4f91b10e8be0 (bug 1048048) Backed out changeset 450d4a13c90e (bug 1048048) Backed out changeset 6a727c40eb68 (bug 1048048) Backed out changeset 88c2333ff745 (bug 1048048) Backed out changeset 740ab1ecd079 (bug 1048048) Backed out changeset 02c6d6aef163 (bug 1048048)
browser/modules/ContentLinkHandler.jsm
browser/modules/WindowsPreviewPerTab.jsm
dom/base/nsContentPolicy.cpp
dom/base/nsContentPolicyUtils.h
dom/base/nsContentUtils.cpp
dom/base/nsContentUtils.h
dom/base/nsDocument.cpp
dom/base/nsIContentPolicy.idl
dom/base/nsIContentPolicyBase.idl
dom/base/nsImageLoadingContent.cpp
dom/base/nsObjectLoadingContent.cpp
dom/base/nsScriptLoader.cpp
dom/base/nsScriptLoader.h
dom/cache/DBSchema.cpp
dom/fetch/InternalRequest.cpp
dom/fetch/InternalRequest.h
dom/html/ImageDocument.cpp
dom/media/IdpSandbox.jsm
dom/security/nsCSPContext.cpp
dom/security/nsCSPService.cpp
dom/security/test/csp/file_report_for_import.css
dom/security/test/csp/file_report_for_import.html
dom/security/test/csp/file_report_for_import_server.sjs
dom/security/test/csp/mochitest.ini
dom/security/test/csp/test_report_for_import.html
dom/workers/ServiceWorkerScriptCache.cpp
dom/xbl/nsXBLResourceLoader.cpp
dom/xslt/xslt/txMozillaStylesheetCompiler.cpp
dom/xul/XULDocument.cpp
editor/libeditor/nsHTMLEditor.cpp
embedding/browser/nsContextMenuInfo.cpp
image/imgLoader.cpp
layout/generic/nsImageFrame.cpp
layout/style/Loader.cpp
layout/style/Loader.h
testing/web-platform/meta/content-security-policy/style-src/style-src-3_4.html.ini
toolkit/components/places/AsyncFaviconHelpers.cpp
toolkit/components/places/nsAnnoProtocolHandler.cpp
toolkit/components/places/nsFaviconService.cpp
toolkit/components/places/tests/browser/browser_favicon_setAndFetchFaviconForPage.js
toolkit/components/places/tests/favicons/test_moz-anno_favicon_mime_type.js
toolkit/components/search/nsSearchService.js
toolkit/devtools/gcli/commands/screenshot.js
toolkit/devtools/server/actors/styleeditor.js
toolkit/devtools/server/actors/stylesheets.js
toolkit/mozapps/extensions/internal/LightweightThemeImageOptimizer.jsm
toolkit/webapps/NativeApp.jsm
widget/cocoa/OSXNotificationCenter.mm
widget/cocoa/nsMenuItemIconX.mm
widget/windows/WinUtils.cpp
--- a/browser/modules/ContentLinkHandler.jsm
+++ b/browser/modules/ContentLinkHandler.jsm
@@ -159,17 +159,17 @@ this.ContentLinkHandler = {
     try {
       var contentPolicy = Cc["@mozilla.org/layout/content-policy;1"].
                           getService(Ci.nsIContentPolicy);
     } catch(e) {
       return null; // Refuse to load if we can't do a security check.
     }
 
     // Security says okay, now ask content policy
-    if (contentPolicy.shouldLoad(Ci.nsIContentPolicy.TYPE_INTERNAL_IMAGE,
+    if (contentPolicy.shouldLoad(Ci.nsIContentPolicy.TYPE_IMAGE,
                                  uri, targetDoc.documentURIObject,
                                  aLink, aLink.type, null)
                                  != Ci.nsIContentPolicy.ACCEPT)
       return null;
 
     try {
       uri.userPass = "";
     } catch(e) {
--- a/browser/modules/WindowsPreviewPerTab.jsm
+++ b/browser/modules/WindowsPreviewPerTab.jsm
@@ -74,17 +74,17 @@ XPCOMUtils.defineLazyServiceGetter(this,
 
 // nsIURI -> imgIContainer
 function _imageFromURI(doc, uri, privateMode, callback) {
   let channel = ioSvc.newChannelFromURI2(uri,
                                          doc,
                                          null,  // aLoadingPrincipal
                                          null,  // aTriggeringPrincipal
                                          Ci.nsILoadInfo.SEC_NORMAL,
-                                         Ci.nsIContentPolicy.TYPE_INTERNAL_IMAGE);
+                                         Ci.nsIContentPolicy.TYPE_IMAGE);
   try {
     channel.QueryInterface(Ci.nsIPrivateBrowsingChannel);
     channel.setPrivate(privateMode);
   } catch (e) {
     // Ignore channels which do not support nsIPrivateBrowsingChannel
   }
   NetUtil.asyncFetch(channel, function(inputStream, resultCode) {
     if (!Components.isSuccessCode(resultCode))
--- a/dom/base/nsContentPolicy.cpp
+++ b/dom/base/nsContentPolicy.cpp
@@ -8,17 +8,16 @@
  * Implementation of the "@mozilla.org/layout/content-policy;1" contract.
  */
 
 #include "mozilla/Logging.h"
 
 #include "nsISupports.h"
 #include "nsXPCOM.h"
 #include "nsContentPolicyUtils.h"
-#include "mozilla/dom/nsCSPService.h"
 #include "nsContentPolicy.h"
 #include "nsIURI.h"
 #include "nsIDocShell.h"
 #include "nsIDOMElement.h"
 #include "nsIDOMNode.h"
 #include "nsIDOMWindow.h"
 #include "nsIContent.h"
 #include "nsILoadContext.h"
@@ -119,25 +118,19 @@ nsContentPolicy::CheckPolicy(CPMethod   
     }
 
     nsContentPolicyType externalType =
         nsContentUtils::InternalContentPolicyTypeToExternal(contentType);
 
     nsContentPolicyType externalTypeOrScript =
         nsContentUtils::InternalContentPolicyTypeToExternalOrScript(contentType);
 
-    nsContentPolicyType externalTypeOrPreload =
-       nsContentUtils::InternalContentPolicyTypeToExternalOrPreload(contentType);
-
     nsCOMPtr<nsIContentPolicy> mixedContentBlocker =
         do_GetService(NS_MIXEDCONTENTBLOCKER_CONTRACTID);
 
-    nsCOMPtr<nsIContentPolicy> cspService =
-      do_GetService(CSPSERVICE_CONTRACTID);
-
     /* 
      * Enumerate mPolicies and ask each of them, taking the logical AND of
      * their permissions.
      */
     nsresult rv;
     nsCOMArray<nsIContentPolicy> entries;
     mPolicies.GetEntries(entries);
     int32_t count = entries.Count();
@@ -146,25 +139,16 @@ nsContentPolicy::CheckPolicy(CPMethod   
         // Send the internal content policy type to the mixed content blocker
         // which needs to know about TYPE_INTERNAL_WORKER,
         // TYPE_INTERNAL_SHARED_WORKER and TYPE_INTERNAL_SERVICE_WORKER.
         bool isMixedContentBlocker = mixedContentBlocker == entries[i];
         nsContentPolicyType type = externalType;
         if (isMixedContentBlocker) {
             type = externalTypeOrScript;
         }
-        // Send the internal content policy type for CSP which needs to
-        // know about preloads, in particular:
-        // * TYPE_INTERNAL_SCRIPT_PRELOAD
-        // * TYPE_INTERNAL_IMAGE_PRELOAD
-        // * TYPE_INTERNAL_STYLESHEET_PRELOAD
-        bool isCSP = cspService == entries[i];
-        if (isCSP) {
-          type = externalTypeOrPreload;
-        }
         rv = (entries[i]->*policyMethod)(type, contentLocation,
                                          requestingLocation, requestingContext,
                                          mimeType, extra, requestPrincipal,
                                          decision);
 
         if (NS_SUCCEEDED(rv) && NS_CP_REJECTED(*decision)) {
             /* policy says no, no point continuing to check */
             return NS_OK;
--- a/dom/base/nsContentPolicyUtils.h
+++ b/dom/base/nsContentPolicyUtils.h
@@ -87,56 +87,51 @@ NS_CP_ResponseName(int16_t response)
  *
  * @param contentType the content type code
  * @return the name of the given content type code
  */
 inline const char *
 NS_CP_ContentTypeName(uint32_t contentType)
 {
   switch (contentType) {
-    CASE_RETURN( TYPE_OTHER                       );
-    CASE_RETURN( TYPE_SCRIPT                      );
-    CASE_RETURN( TYPE_IMAGE                       );
-    CASE_RETURN( TYPE_STYLESHEET                  );
-    CASE_RETURN( TYPE_OBJECT                      );
-    CASE_RETURN( TYPE_DOCUMENT                    );
-    CASE_RETURN( TYPE_SUBDOCUMENT                 );
-    CASE_RETURN( TYPE_REFRESH                     );
-    CASE_RETURN( TYPE_XBL                         );
-    CASE_RETURN( TYPE_PING                        );
-    CASE_RETURN( TYPE_XMLHTTPREQUEST              );
-    CASE_RETURN( TYPE_OBJECT_SUBREQUEST           );
-    CASE_RETURN( TYPE_DTD                         );
-    CASE_RETURN( TYPE_FONT                        );
-    CASE_RETURN( TYPE_MEDIA                       );
-    CASE_RETURN( TYPE_WEBSOCKET                   );
-    CASE_RETURN( TYPE_CSP_REPORT                  );
-    CASE_RETURN( TYPE_XSLT                        );
-    CASE_RETURN( TYPE_BEACON                      );
-    CASE_RETURN( TYPE_FETCH                       );
-    CASE_RETURN( TYPE_IMAGESET                    );
-    CASE_RETURN( TYPE_WEB_MANIFEST                );
-    CASE_RETURN( TYPE_INTERNAL_SCRIPT             );
-    CASE_RETURN( TYPE_INTERNAL_WORKER             );
-    CASE_RETURN( TYPE_INTERNAL_SHARED_WORKER      );
-    CASE_RETURN( TYPE_INTERNAL_EMBED              );
-    CASE_RETURN( TYPE_INTERNAL_OBJECT             );
-    CASE_RETURN( TYPE_INTERNAL_FRAME              );
-    CASE_RETURN( TYPE_INTERNAL_IFRAME             );
-    CASE_RETURN( TYPE_INTERNAL_AUDIO              );
-    CASE_RETURN( TYPE_INTERNAL_VIDEO              );
-    CASE_RETURN( TYPE_INTERNAL_TRACK              );
-    CASE_RETURN( TYPE_INTERNAL_XMLHTTPREQUEST     );
-    CASE_RETURN( TYPE_INTERNAL_EVENTSOURCE        );
-    CASE_RETURN( TYPE_INTERNAL_SERVICE_WORKER     );
-    CASE_RETURN( TYPE_INTERNAL_SCRIPT_PRELOAD     );
-    CASE_RETURN( TYPE_INTERNAL_IMAGE              );
-    CASE_RETURN( TYPE_INTERNAL_IMAGE_PRELOAD      );
-    CASE_RETURN( TYPE_INTERNAL_STYLESHEET         );
-    CASE_RETURN( TYPE_INTERNAL_STYLESHEET_PRELOAD );
+    CASE_RETURN( TYPE_OTHER                   );
+    CASE_RETURN( TYPE_SCRIPT                  );
+    CASE_RETURN( TYPE_IMAGE                   );
+    CASE_RETURN( TYPE_STYLESHEET              );
+    CASE_RETURN( TYPE_OBJECT                  );
+    CASE_RETURN( TYPE_DOCUMENT                );
+    CASE_RETURN( TYPE_SUBDOCUMENT             );
+    CASE_RETURN( TYPE_REFRESH                 );
+    CASE_RETURN( TYPE_XBL                     );
+    CASE_RETURN( TYPE_PING                    );
+    CASE_RETURN( TYPE_XMLHTTPREQUEST          );
+    CASE_RETURN( TYPE_OBJECT_SUBREQUEST       );
+    CASE_RETURN( TYPE_DTD                     );
+    CASE_RETURN( TYPE_FONT                    );
+    CASE_RETURN( TYPE_MEDIA                   );
+    CASE_RETURN( TYPE_WEBSOCKET               );
+    CASE_RETURN( TYPE_CSP_REPORT              );
+    CASE_RETURN( TYPE_XSLT                    );
+    CASE_RETURN( TYPE_BEACON                  );
+    CASE_RETURN( TYPE_FETCH                   );
+    CASE_RETURN( TYPE_IMAGESET                );
+    CASE_RETURN( TYPE_WEB_MANIFEST            );
+    CASE_RETURN( TYPE_INTERNAL_SCRIPT         );
+    CASE_RETURN( TYPE_INTERNAL_WORKER         );
+    CASE_RETURN( TYPE_INTERNAL_SHARED_WORKER  );
+    CASE_RETURN( TYPE_INTERNAL_EMBED          );
+    CASE_RETURN( TYPE_INTERNAL_OBJECT         );
+    CASE_RETURN( TYPE_INTERNAL_FRAME          );
+    CASE_RETURN( TYPE_INTERNAL_IFRAME         );
+    CASE_RETURN( TYPE_INTERNAL_AUDIO          );
+    CASE_RETURN( TYPE_INTERNAL_VIDEO          );
+    CASE_RETURN( TYPE_INTERNAL_TRACK          );
+    CASE_RETURN( TYPE_INTERNAL_XMLHTTPREQUEST );
+    CASE_RETURN( TYPE_INTERNAL_EVENTSOURCE    );
+    CASE_RETURN( TYPE_INTERNAL_SERVICE_WORKER );
    default:
     return "<Unknown Type>";
   }
 }
 
 #undef CASE_RETURN
 
 /* Passes on parameters from its "caller"'s context. */
--- a/dom/base/nsContentUtils.cpp
+++ b/dom/base/nsContentUtils.cpp
@@ -7954,17 +7954,16 @@ nsContentUtils::GetWindowRoot(nsIDocumen
 }
 
 /* static */
 nsContentPolicyType
 nsContentUtils::InternalContentPolicyTypeToExternal(nsContentPolicyType aType)
 {
   switch (aType) {
   case nsIContentPolicy::TYPE_INTERNAL_SCRIPT:
-  case nsIContentPolicy::TYPE_INTERNAL_SCRIPT_PRELOAD:
   case nsIContentPolicy::TYPE_INTERNAL_WORKER:
   case nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER:
   case nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER:
     return nsIContentPolicy::TYPE_SCRIPT;
 
   case nsIContentPolicy::TYPE_INTERNAL_EMBED:
   case nsIContentPolicy::TYPE_INTERNAL_OBJECT:
     return nsIContentPolicy::TYPE_OBJECT;
@@ -7977,24 +7976,16 @@ nsContentUtils::InternalContentPolicyTyp
   case nsIContentPolicy::TYPE_INTERNAL_VIDEO:
   case nsIContentPolicy::TYPE_INTERNAL_TRACK:
     return nsIContentPolicy::TYPE_MEDIA;
 
   case nsIContentPolicy::TYPE_INTERNAL_XMLHTTPREQUEST:
   case nsIContentPolicy::TYPE_INTERNAL_EVENTSOURCE:
     return nsIContentPolicy::TYPE_XMLHTTPREQUEST;
 
-  case nsIContentPolicy::TYPE_INTERNAL_IMAGE:
-  case nsIContentPolicy::TYPE_INTERNAL_IMAGE_PRELOAD:
-    return nsIContentPolicy::TYPE_IMAGE;
-
-  case nsIContentPolicy::TYPE_INTERNAL_STYLESHEET:
-  case nsIContentPolicy::TYPE_INTERNAL_STYLESHEET_PRELOAD:
-    return nsIContentPolicy::TYPE_STYLESHEET;
-
   default:
     return aType;
   }
 }
 
 /* static */
 nsContentPolicyType
 nsContentUtils::InternalContentPolicyTypeToExternalOrScript(nsContentPolicyType aType)
@@ -8006,27 +7997,16 @@ nsContentUtils::InternalContentPolicyTyp
   case nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER:
     return aType;
 
   default:
     return InternalContentPolicyTypeToExternal(aType);
   }
 }
 
-/* static */
-nsContentPolicyType
-nsContentUtils::InternalContentPolicyTypeToExternalOrPreload(nsContentPolicyType aType)
-{
-  if (aType == nsIContentPolicy::TYPE_INTERNAL_SCRIPT_PRELOAD ||
-      aType == nsIContentPolicy::TYPE_INTERNAL_IMAGE_PRELOAD ||
-      aType == nsIContentPolicy::TYPE_INTERNAL_STYLESHEET_PRELOAD) {
-    return aType;
-  }
-  return InternalContentPolicyTypeToExternal(aType);
-}
 
 nsresult
 nsContentUtils::SetFetchReferrerURIWithPolicy(nsIPrincipal* aPrincipal,
                                               nsIDocument* aDoc,
                                               nsIHttpChannel* aChannel)
 {
   NS_ENSURE_ARG_POINTER(aPrincipal);
   NS_ENSURE_ARG_POINTER(aChannel);
--- a/dom/base/nsContentUtils.h
+++ b/dom/base/nsContentUtils.h
@@ -619,33 +619,33 @@ public:
 
   /**
    * Method to do security and content policy checks on the image URI
    *
    * @param aURI uri of the image to be loaded
    * @param aContext the context the image is loaded in (eg an element)
    * @param aLoadingDocument the document we belong to
    * @param aLoadingPrincipal the principal doing the load
-   * @param [aContentPolicyType=nsIContentPolicy::TYPE_INTERNAL_IMAGE] (Optional)
+   * @param [aContentPolicyType=nsIContentPolicy::TYPE_IMAGE] (Optional)
    *        The CP content type to use
    * @param aImageBlockingStatus the nsIContentPolicy blocking status for this
    *        image.  This will be set even if a security check fails for the
    *        image, to some reasonable REJECT_* value.  This out param will only
    *        be set if it's non-null.
    * @return true if the load can proceed, or false if it is blocked.
    *         Note that aImageBlockingStatus, if set will always be an ACCEPT
    *         status if true is returned and always be a REJECT_* status if
    *         false is returned.
    */
   static bool CanLoadImage(nsIURI* aURI,
                            nsISupports* aContext,
                            nsIDocument* aLoadingDocument,
                            nsIPrincipal* aLoadingPrincipal,
                            int16_t* aImageBlockingStatus = nullptr,
-                           uint32_t aContentPolicyType = nsIContentPolicy::TYPE_INTERNAL_IMAGE);
+                           uint32_t aContentPolicyType = nsIContentPolicy::TYPE_IMAGE);
 
   /**
    * Returns true if objects in aDocument shouldn't initiate image loads.
    */
   static bool DocumentInactiveForImageLoads(nsIDocument* aDocument);
 
   /**
    * Method to start an image load.  This does not do any security checks.
@@ -655,30 +655,30 @@ public:
    * @param aURI uri of the image to be loaded
    * @param aLoadingDocument the document we belong to
    * @param aLoadingPrincipal the principal doing the load
    * @param aReferrer the referrer URI
    * @param aReferrerPolicy the referrer-sending policy to use on channel
    *         creation
    * @param aObserver the observer for the image load
    * @param aLoadFlags the load flags to use.  See nsIRequest
-   * @param [aContentPolicyType=nsIContentPolicy::TYPE_INTERNAL_IMAGE] (Optional)
+   * @param [aContentPolicyType=nsIContentPolicy::TYPE_IMAGE] (Optional)
    *        The CP content type to use
    * @return the imgIRequest for the image load
    */
   static nsresult LoadImage(nsIURI* aURI,
                             nsIDocument* aLoadingDocument,
                             nsIPrincipal* aLoadingPrincipal,
                             nsIURI* aReferrer,
                             mozilla::net::ReferrerPolicy aReferrerPolicy,
                             imgINotificationObserver* aObserver,
                             int32_t aLoadFlags,
                             const nsAString& initiatorType,
                             imgRequestProxy** aRequest,
-                            uint32_t aContentPolicyType = nsIContentPolicy::TYPE_INTERNAL_IMAGE);
+                            uint32_t aContentPolicyType = nsIContentPolicy::TYPE_IMAGE);
 
   /**
    * Obtain an image loader that respects the given document/channel's privacy status.
    * Null document/channel arguments return the public image loader.
    */
   static imgLoader* GetImgLoaderForDocument(nsIDocument* aDoc);
   static imgLoader* GetImgLoaderForChannel(nsIChannel* aChannel,
                                            nsIDocument* aContext);
@@ -961,26 +961,16 @@ public:
    *   * TYPE_INTERNAL_SERVICE_WORKER
    *
    *
    * Note: DO NOT call this function unless you know what you're doing!
    */
   static nsContentPolicyType InternalContentPolicyTypeToExternalOrScript(nsContentPolicyType aType);
 
   /**
-   * Map internal content policy types to external ones or preload types:
-   *   * TYPE_INTERNAL_SCRIPT_PRELOAD
-   *   * TYPE_INTERNAL_IMAGE_PRELOAD
-   *   * TYPE_INTERNAL_STYLESHEET_PRELOAD
-   *
-   * Note: DO NOT call this function unless you know what you're doing!
-   */
-  static nsContentPolicyType InternalContentPolicyTypeToExternalOrPreload(nsContentPolicyType aType);
-
-  /**
    * Quick helper to determine whether there are any mutation listeners
    * of a given type that apply to this content or any of its ancestors.
    * The method has the side effect to call document's MayDispatchMutationEvent
    * using aTargetForSubtreeModified as the parameter.
    *
    * @param aNode  The node to search for listeners
    * @param aType  The type of listener (NS_EVENT_BITS_MUTATION_*)
    * @param aTargetForSubtreeModified The node which is the target of the
--- a/dom/base/nsDocument.cpp
+++ b/dom/base/nsDocument.cpp
@@ -9734,18 +9734,17 @@ nsDocument::MaybePreLoadImage(nsIURI* ur
                               ReferrerPolicy aReferrerPolicy)
 {
   // Early exit if the img is already present in the img-cache
   // which indicates that the "real" load has already started and
   // that we shouldn't preload it.
   int16_t blockingStatus;
   if (nsContentUtils::IsImageInCache(uri, static_cast<nsIDocument *>(this)) ||
       !nsContentUtils::CanLoadImage(uri, static_cast<nsIDocument *>(this),
-                                    this, NodePrincipal(), &blockingStatus,
-                                    nsIContentPolicy::TYPE_INTERNAL_IMAGE_PRELOAD)) {
+                                    this, NodePrincipal(), &blockingStatus)) {
     return;
   }
 
   nsLoadFlags loadFlags = nsIRequest::LOAD_NORMAL;
   switch (Element::StringToCORSMode(aCrossOriginAttr)) {
   case CORS_NONE:
     // Nothing to do
     break;
@@ -9765,18 +9764,17 @@ nsDocument::MaybePreLoadImage(nsIURI* ur
     nsContentUtils::LoadImage(uri,
                               this,
                               NodePrincipal(),
                               mDocumentURI, // uri of document used as referrer
                               aReferrerPolicy,
                               nullptr,       // no observer
                               loadFlags,
                               NS_LITERAL_STRING("img"),
-                              getter_AddRefs(request),
-                              nsIContentPolicy::TYPE_INTERNAL_IMAGE_PRELOAD);
+                              getter_AddRefs(request));
 
   // Pin image-reference to avoid evicting it from the img-cache before
   // the "real" load occurs. Unpinned in DispatchContentLoadedEvents and
   // unlink
   if (NS_SUCCEEDED(rv)) {
     mPreloadingImages.Put(uri, request.forget());
   }
 }
@@ -9880,17 +9878,17 @@ nsDocument::PreloadStyle(nsIURI* uri, co
                          const nsAString& aCrossOriginAttr,
                          const ReferrerPolicy aReferrerPolicy,
                          const nsAString& aIntegrity)
 {
   // The CSSLoader will retain this object after we return.
   nsCOMPtr<nsICSSLoaderObserver> obs = new StubCSSLoaderObserver();
 
   // Charset names are always ASCII.
-  CSSLoader()->LoadSheet(uri, true, NodePrincipal(),
+  CSSLoader()->LoadSheet(uri, NodePrincipal(),
                          NS_LossyConvertUTF16toASCII(charset),
                          obs,
                          Element::StringToCORSMode(aCrossOriginAttr),
                          aReferrerPolicy, aIntegrity);
 }
 
 nsresult
 nsDocument::LoadChromeSheetSync(nsIURI* uri, bool isAgentSheet,
--- a/dom/base/nsIContentPolicy.idl
+++ b/dom/base/nsIContentPolicy.idl
@@ -15,17 +15,17 @@ interface nsIPrincipal;
  * Interface for content policy mechanism.  Implementations of this
  * interface can be used to control loading of various types of out-of-line
  * content, or processing of certain types of in-line content.
  *
  * WARNING: do not block the caller from shouldLoad or shouldProcess (e.g.,
  * by launching a dialog to prompt the user for something).
  */
 
-[scriptable,uuid(caad4f1f-d047-46ac-ae9d-dc598e4fb91b)]
+[scriptable,uuid(ce321216-c404-40a7-a711-d80454ec6b76)]
 interface nsIContentPolicy : nsIContentPolicyBase
 {
   /**
    * Should the resource at this location be loaded?
    * ShouldLoad will be called before loading the resource at aContentLocation
    * to determine whether to start the load at all.
    *
    * @param aContentType      the type of content being tested. This will be one
--- a/dom/base/nsIContentPolicyBase.idl
+++ b/dom/base/nsIContentPolicyBase.idl
@@ -19,17 +19,17 @@ typedef unsigned long nsContentPolicyTyp
  * Interface for content policy mechanism.  Implementations of this
  * interface can be used to control loading of various types of out-of-line
  * content, or processing of certain types of in-line content.
  *
  * WARNING: do not block the caller from shouldLoad or shouldProcess (e.g.,
  * by launching a dialog to prompt the user for something).
  */
 
-[scriptable,uuid(17418187-d86f-48dd-92d1-238838df0a4e)]
+[scriptable,uuid(8527ae0d-0c43-4413-bc46-85c0bcb66876)]
 interface nsIContentPolicyBase : nsISupports
 {
   /**
    * Indicates a unset or bogus policy type.
    */
   const nsContentPolicyType TYPE_INVALID = 0;
 
   /**
@@ -275,57 +275,16 @@ interface nsIContentPolicyBase : nsISupp
    * Indicates an internal constant for scripts loaded through a service
    * worker.
    *
    * This will be mapped to TYPE_SCRIPT before being passed to content policy
    * implementations.
    */
   const nsContentPolicyType TYPE_INTERNAL_SERVICE_WORKER = 35;
 
-  /**
-   * Indicates an internal constant for *preloaded* scripts
-   * loaded through script elements.
-   *
-   * This will be mapped to TYPE_SCRIPT before being passed
-   * to content policy implementations.
-   */
-  const nsContentPolicyType TYPE_INTERNAL_SCRIPT_PRELOAD = 36;
-
-  /**
-   * Indicates an internal constant for normal images.
-   *
-   * This will be mapped to TYPE_IMAGE before being passed
-   * to content policy implementations.
-   */
-  const nsContentPolicyType TYPE_INTERNAL_IMAGE = 37;
-
-  /**
-   * Indicates an internal constant for *preloaded* images.
-   *
-   * This will be mapped to TYPE_IMAGE before being passed
-   * to content policy implementations.
-   */
-  const nsContentPolicyType TYPE_INTERNAL_IMAGE_PRELOAD = 38;
-
-  /**
-   * Indicates an internal constant for normal stylesheets.
-   *
-   * This will be mapped to TYPE_STYLESHEET before being passed
-   * to content policy implementations.
-   */
-  const nsContentPolicyType TYPE_INTERNAL_STYLESHEET = 39;
-
-  /**
-   * Indicates an internal constant for *preloaded* stylesheets.
-   *
-   * This will be mapped to TYPE_STYLESHEET before being passed
-   * to content policy implementations.
-   */
-  const nsContentPolicyType TYPE_INTERNAL_STYLESHEET_PRELOAD = 40;
-
   /* When adding new content types, please update nsContentBlocker,
    * NS_CP_ContentTypeName, nsCSPContext, all nsIContentPolicy
    * implementations, the static_assert in dom/cache/DBSchema.cpp,
    * and other things that are not listed here that are related to
    * nsIContentPolicy. */
 
   //////////////////////////////////////////////////////////////////////
 
--- a/dom/base/nsImageLoadingContent.cpp
+++ b/dom/base/nsImageLoadingContent.cpp
@@ -584,17 +584,17 @@ nsContentPolicyType
 nsImageLoadingContent::PolicyTypeForLoad(ImageLoadType aImageLoadType)
 {
   if (aImageLoadType == eImageLoadType_Imageset) {
     return nsIContentPolicy::TYPE_IMAGESET;
   }
 
   MOZ_ASSERT(aImageLoadType == eImageLoadType_Normal,
              "Unknown ImageLoadType type in PolicyTypeForLoad");
-  return nsIContentPolicy::TYPE_INTERNAL_IMAGE;
+  return nsIContentPolicy::TYPE_IMAGE;
 }
 
 int32_t
 nsImageLoadingContent::GetRequestType(imgIRequest* aRequest,
                                       ErrorResult& aError)
 {
   if (aRequest == mCurrentRequest) {
     return CURRENT_REQUEST;
--- a/dom/base/nsObjectLoadingContent.cpp
+++ b/dom/base/nsObjectLoadingContent.cpp
@@ -1525,17 +1525,17 @@ nsObjectLoadingContent::CheckProcessPoli
     do_QueryInterface(static_cast<nsIImageLoadingContent*>(this));
   NS_ASSERTION(thisContent, "Must be an instance of content");
 
   nsIDocument* doc = thisContent->OwnerDoc();
   
   int32_t objectType;
   switch (mType) {
     case eType_Image:
-      objectType = nsIContentPolicy::TYPE_INTERNAL_IMAGE;
+      objectType = nsIContentPolicy::TYPE_IMAGE;
       break;
     case eType_Document:
       objectType = nsIContentPolicy::TYPE_DOCUMENT;
       break;
     case eType_Plugin:
       objectType = GetContentPolicyType();
       break;
     default:
--- a/dom/base/nsScriptLoader.cpp
+++ b/dom/base/nsScriptLoader.cpp
@@ -218,25 +218,20 @@ IsScriptEventHandler(nsIContent* aScript
 
   return false;
 }
 
 nsresult
 nsScriptLoader::CheckContentPolicy(nsIDocument* aDocument,
                                    nsISupports *aContext,
                                    nsIURI *aURI,
-                                   const nsAString &aType,
-                                   bool aIsPreLoad)
+                                   const nsAString &aType)
 {
-  nsContentPolicyType contentPolicyType = aIsPreLoad
-                                          ? nsIContentPolicy::TYPE_INTERNAL_SCRIPT_PRELOAD
-                                          : nsIContentPolicy::TYPE_INTERNAL_SCRIPT;
-
   int16_t shouldLoad = nsIContentPolicy::ACCEPT;
-  nsresult rv = NS_CheckContentLoadPolicy(contentPolicyType,
+  nsresult rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_INTERNAL_SCRIPT,
                                           aURI,
                                           aDocument->NodePrincipal(),
                                           aContext,
                                           NS_LossyConvertUTF16toASCII(aType),
                                           nullptr,    //extra
                                           &shouldLoad,
                                           nsContentUtils::GetContentPolicy(),
                                           nsContentUtils::GetSecurityManager());
@@ -249,43 +244,42 @@ nsScriptLoader::CheckContentPolicy(nsIDo
 
   return NS_OK;
 }
 
 nsresult
 nsScriptLoader::ShouldLoadScript(nsIDocument* aDocument,
                                  nsISupports* aContext,
                                  nsIURI* aURI,
-                                 const nsAString &aType,
-                                 bool aIsPreLoad)
+                                 const nsAString &aType)
 {
   // Check that the containing page is allowed to load this URI.
   nsresult rv = nsContentUtils::GetSecurityManager()->
     CheckLoadURIWithPrincipal(aDocument->NodePrincipal(), aURI,
                               nsIScriptSecurityManager::ALLOW_CHROME);
 
   NS_ENSURE_SUCCESS(rv, rv);
 
   // After the security manager, the content-policy stuff gets a veto
-  rv = CheckContentPolicy(aDocument, aContext, aURI, aType, aIsPreLoad);
+  rv = CheckContentPolicy(aDocument, aContext, aURI, aType);
   if (NS_FAILED(rv)) {
     return rv;
   }
 
   return NS_OK;
 }
 
 nsresult
 nsScriptLoader::StartLoad(nsScriptLoadRequest *aRequest, const nsAString &aType,
                           bool aScriptFromHead)
 {
   nsISupports *context = aRequest->mElement.get()
                          ? static_cast<nsISupports *>(aRequest->mElement.get())
                          : static_cast<nsISupports *>(mDocument);
-  nsresult rv = ShouldLoadScript(mDocument, context, aRequest->mURI, aType, aRequest->IsPreload());
+  nsresult rv = ShouldLoadScript(mDocument, context, aRequest->mURI, aType);
   if (NS_FAILED(rv)) {
     return rv;
   }
 
   nsCOMPtr<nsILoadGroup> loadGroup = mDocument->GetDocumentLoadGroup();
 
   nsCOMPtr<nsPIDOMWindow> window(do_QueryInterface(mDocument->MasterDocument()->GetWindow()));
 
@@ -297,26 +291,22 @@ nsScriptLoader::StartLoad(nsScriptLoadRe
 
   nsCOMPtr<nsIInterfaceRequestor> prompter(do_QueryInterface(docshell));
 
   // If this document is sandboxed without 'allow-scripts', abort.
   if (mDocument->GetSandboxFlags() & SANDBOXED_SCRIPTS) {
     return NS_OK;
   }
 
-  nsContentPolicyType contentPolicyType = aRequest->IsPreload()
-                                          ? nsIContentPolicy::TYPE_INTERNAL_SCRIPT_PRELOAD
-                                          : nsIContentPolicy::TYPE_INTERNAL_SCRIPT;
-
   nsCOMPtr<nsIChannel> channel;
   rv = NS_NewChannel(getter_AddRefs(channel),
                      aRequest->mURI,
                      mDocument,
                      nsILoadInfo::SEC_NORMAL,
-                     contentPolicyType,
+                     nsIContentPolicy::TYPE_INTERNAL_SCRIPT,
                      loadGroup,
                      prompter,
                      nsIRequest::LOAD_NORMAL |
                      nsIChannel::LOAD_CLASSIFY_URI);
 
   NS_ENSURE_SUCCESS(rv, rv);
 
   nsIScriptElement *script = aRequest->mElement;
@@ -535,17 +525,17 @@ nsScriptLoader::ProcessScriptElement(nsI
 
       // Double-check that the charset the preload used is the same as
       // the charset we have now.
       nsAutoString elementCharset;
       aElement->GetScriptCharset(elementCharset);
       if (elementCharset.Equals(preloadCharset) &&
           ourCORSMode == request->mCORSMode &&
           ourRefPolicy == request->mReferrerPolicy) {
-        rv = CheckContentPolicy(mDocument, aElement, request->mURI, type, false);
+        rv = CheckContentPolicy(mDocument, aElement, request->mURI, type);
         NS_ENSURE_SUCCESS(rv, false);
       } else {
         // Drop the preload
         request = nullptr;
       }
     }
 
     if (!request) {
--- a/dom/base/nsScriptLoader.h
+++ b/dom/base/nsScriptLoader.h
@@ -349,18 +349,17 @@ public:
 
   /**
    * Check whether it's OK to load a script from aURI in
    * aDocument.
    */
   static nsresult ShouldLoadScript(nsIDocument* aDocument,
                                    nsISupports* aContext,
                                    nsIURI* aURI,
-                                   const nsAString &aType,
-                                   bool aIsPreLoad);
+                                   const nsAString &aType);
 
   /**
    * Starts deferring deferred scripts and puts them in the mDeferredRequests
    * queue instead.
    */
   void BeginDeferringScripts()
   {
     mDeferEnabled = true;
@@ -431,18 +430,17 @@ private:
 
 
   /**
    * Helper function to check the content policy for a given request.
    */
   static nsresult CheckContentPolicy(nsIDocument* aDocument,
                                      nsISupports *aContext,
                                      nsIURI *aURI,
-                                     const nsAString &aType,
-                                     bool aIsPreLoad);
+                                     const nsAString &aType);
 
   /**
    * Start a load for aRequest's URI.
    */
   nsresult StartLoad(nsScriptLoadRequest *aRequest, const nsAString &aType,
                      bool aScriptFromHead);
 
   /**
--- a/dom/cache/DBSchema.cpp
+++ b/dom/cache/DBSchema.cpp
@@ -270,22 +270,17 @@ static_assert(nsIContentPolicy::TYPE_INV
               nsIContentPolicy::TYPE_INTERNAL_OBJECT == 27 &&
               nsIContentPolicy::TYPE_INTERNAL_FRAME == 28 &&
               nsIContentPolicy::TYPE_INTERNAL_IFRAME == 29 &&
               nsIContentPolicy::TYPE_INTERNAL_AUDIO == 30 &&
               nsIContentPolicy::TYPE_INTERNAL_VIDEO == 31 &&
               nsIContentPolicy::TYPE_INTERNAL_TRACK == 32 &&
               nsIContentPolicy::TYPE_INTERNAL_XMLHTTPREQUEST == 33 &&
               nsIContentPolicy::TYPE_INTERNAL_EVENTSOURCE == 34 &&
-              nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER == 35 &&
-              nsIContentPolicy::TYPE_INTERNAL_SCRIPT_PRELOAD == 36 &&
-              nsIContentPolicy::TYPE_INTERNAL_IMAGE == 37 &&
-              nsIContentPolicy::TYPE_INTERNAL_IMAGE_PRELOAD == 38 &&
-              nsIContentPolicy::TYPE_INTERNAL_STYLESHEET == 39 &&
-              nsIContentPolicy::TYPE_INTERNAL_STYLESHEET_PRELOAD == 40,
+              nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER == 35,
               "nsContentPolicyType values are as expected");
 
 namespace {
 
 typedef int32_t EntryId;
 
 struct IdCount
 {
--- a/dom/fetch/InternalRequest.cpp
+++ b/dom/fetch/InternalRequest.cpp
@@ -111,32 +111,29 @@ RequestContext
 InternalRequest::MapContentPolicyTypeToRequestContext(nsContentPolicyType aContentPolicyType)
 {
   RequestContext context = RequestContext::Internal;
   switch (aContentPolicyType) {
   case nsIContentPolicy::TYPE_OTHER:
     context = RequestContext::Internal;
     break;
   case nsIContentPolicy::TYPE_INTERNAL_SCRIPT:
-  case nsIContentPolicy::TYPE_INTERNAL_SCRIPT_PRELOAD:
   case nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER:
     context = RequestContext::Script;
     break;
   case nsIContentPolicy::TYPE_INTERNAL_WORKER:
     context = RequestContext::Worker;
     break;
   case nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER:
     context = RequestContext::Sharedworker;
     break;
-  case nsIContentPolicy::TYPE_INTERNAL_IMAGE:
-  case nsIContentPolicy::TYPE_INTERNAL_IMAGE_PRELOAD:
+  case nsIContentPolicy::TYPE_IMAGE:
     context = RequestContext::Image;
     break;
-  case nsIContentPolicy::TYPE_INTERNAL_STYLESHEET:
-  case nsIContentPolicy::TYPE_INTERNAL_STYLESHEET_PRELOAD:
+  case nsIContentPolicy::TYPE_STYLESHEET:
     context = RequestContext::Style;
     break;
   case nsIContentPolicy::TYPE_INTERNAL_OBJECT:
     context = RequestContext::Object;
     break;
   case nsIContentPolicy::TYPE_INTERNAL_EMBED:
     context = RequestContext::Embed;
     break;
--- a/dom/fetch/InternalRequest.h
+++ b/dom/fetch/InternalRequest.h
@@ -38,30 +38,30 @@ namespace dom {
  * eventsource       |
  * favicon           |
  * fetch             | TYPE_FETCH
  * font              | TYPE_FONT
  * form              |
  * frame             | TYPE_INTERNAL_FRAME
  * hyperlink         |
  * iframe            | TYPE_INTERNAL_IFRAME
- * image             | TYPE_INTERNAL_IMAGE, TYPE_INTERNAL_IMAGE_PRELOAD
+ * image             | TYPE_IMAGE
  * imageset          | TYPE_IMAGESET
  * import            | Not supported by Gecko
  * internal          | TYPE_DOCUMENT, TYPE_XBL, TYPE_OTHER
  * location          |
  * manifest          | TYPE_WEB_MANIFEST
  * object            | TYPE_INTERNAL_OBJECT
  * ping              | TYPE_PING
  * plugin            | TYPE_OBJECT_SUBREQUEST
  * prefetch          |
- * script            | TYPE_INTERNAL_SCRIPT, TYPE_INTERNAL_SCRIPT_PRELOAD
+ * script            | TYPE_INTERNAL_SCRIPT
  * sharedworker      | TYPE_INTERNAL_SHARED_WORKER
  * subresource       | Not supported by Gecko
- * style             | TYPE_INTERNAL_STYLESHEET, TYPE_INTERNAL_STYLESHEET_PRELOAD
+ * style             | TYPE_STYLESHEET
  * track             | TYPE_INTERNAL_TRACK
  * video             | TYPE_INTERNAL_VIDEO
  * worker            | TYPE_INTERNAL_WORKER
  * xmlhttprequest    | TYPE_INTERNAL_XMLHTTPREQUEST
  * eventsource       | TYPE_INTERNAL_EVENTSOURCE
  * xslt              | TYPE_XSLT
  *
  * TODO: Figure out if TYPE_REFRESH maps to anything useful
--- a/dom/html/ImageDocument.cpp
+++ b/dom/html/ImageDocument.cpp
@@ -94,17 +94,17 @@ ImageListener::OnStartRequest(nsIRequest
 
   nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager();
   nsCOMPtr<nsIPrincipal> channelPrincipal;
   if (secMan) {
     secMan->GetChannelResultPrincipal(channel, getter_AddRefs(channelPrincipal));
   }
 
   int16_t decision = nsIContentPolicy::ACCEPT;
-  nsresult rv = NS_CheckContentProcessPolicy(nsIContentPolicy::TYPE_INTERNAL_IMAGE,
+  nsresult rv = NS_CheckContentProcessPolicy(nsIContentPolicy::TYPE_IMAGE,
                                              channelURI,
                                              channelPrincipal,
                                              domWindow->GetFrameElementInternal(),
                                              mimeType,
                                              nullptr,
                                              &decision,
                                              nsContentUtils::GetContentPolicy(),
                                              secMan);
--- a/dom/media/IdpSandbox.jsm
+++ b/dom/media/IdpSandbox.jsm
@@ -45,17 +45,17 @@ ResourceLoader.load = function(uri, doc)
   return new Promise((resolve, reject) => {
     let listener = new ResourceLoader(resolve, reject);
     let ioService = Cc['@mozilla.org/network/io-service;1']
       .getService(Ci.nsIIOService);
     let systemPrincipal = Services.scriptSecurityManager.getSystemPrincipal();
     // the '2' identifies this as a script load
     let ioChannel = ioService.newChannelFromURI2(uri, doc, doc.nodePrincipal,
                                                  systemPrincipal, 0,
-                                                 Ci.nsIContentPolicy.TYPE_INTERNAL_SCRIPT);
+                                                 Ci.nsIContentPolicy.TYPE_SCRIPT);
 
     ioChannel.loadGroup = doc.documentLoadGroup.QueryInterface(Ci.nsILoadGroup);
     ioChannel.notificationCallbacks = new RedirectHttpsOnly();
     ioChannel.asyncOpen(listener, null);
   });
 };
 
 ResourceLoader.prototype = {
--- a/dom/security/nsCSPContext.cpp
+++ b/dom/security/nsCSPContext.cpp
@@ -110,24 +110,16 @@ nsCSPContext::ShouldLoad(nsContentPolicy
                          int16_t*            outDecision)
 {
   if (CSPCONTEXTLOGENABLED()) {
     nsAutoCString spec;
     aContentLocation->GetSpec(spec);
     CSPCONTEXTLOG(("nsCSPContext::ShouldLoad, aContentLocation: %s", spec.get()));
   }
 
-  bool isStyleOrScriptPreLoad =
-    (aContentType == nsIContentPolicy::TYPE_INTERNAL_SCRIPT_PRELOAD ||
-     aContentType == nsIContentPolicy::TYPE_INTERNAL_STYLESHEET_PRELOAD);
-
-  // Since we know whether we are dealing with a preload, we have to convert
-  // the internal policytype ot the external policy type before moving on.
-  aContentType = nsContentUtils::InternalContentPolicyTypeToExternal(aContentType);
-
   nsresult rv = NS_OK;
 
   // This ShouldLoad function is called from nsCSPService::ShouldLoad,
   // which already checked a number of things, including:
   // * aContentLocation is not null; we can consume this without further checks
   // * scheme is not a whitelisted scheme (about: chrome:, etc).
   // * CSP is enabled
   // * Content Type is not whitelisted (CSP Reports, TYPE_DOCUMENT, etc).
@@ -148,44 +140,65 @@ nsCSPContext::ShouldLoad(nsContentPolicy
 
   // If the content type doesn't map to a CSP directive, there's nothing for
   // CSP to do.
   CSPDirective dir = CSP_ContentTypeToDirective(aContentType);
   if (dir == nsIContentSecurityPolicy::NO_DIRECTIVE) {
     return NS_OK;
   }
 
+  // This may be a load or a preload. If it is a preload, the document will
+  // not have been fully parsed yet, and aRequestContext will be an
+  // nsIDOMHTMLDocument rather than the nsIDOMHTMLElement associated with the
+  // resource. As a result, we cannot extract the element's corresponding
+  // nonce attribute, and so we cannot correctly check the nonce on a preload.
+  //
+  // Therefore, the decision returned here for a preload may be *incorrect* as
+  // it cannot take the nonce into account. We will still check the load, but
+  // we will not cache the result or report a violation. When the "real load"
+  // happens subsequently, we will re-check with the additional context to
+  // make a final decision.
+  //
+  // We don't just return false because that would block all preloads and
+  // degrade performance. However, we do want to block preloads that are
+  // clearly blocked (their urls are not whitelisted) by CSP.
+
+  nsCOMPtr<nsIDOMHTMLDocument> doc = do_QueryInterface(aRequestContext);
+  bool isPreload = doc &&
+                   (aContentType == nsIContentPolicy::TYPE_SCRIPT ||
+                    aContentType == nsIContentPolicy::TYPE_STYLESHEET);
+
   nsAutoString nonce;
-  if (!isStyleOrScriptPreLoad) {
+  if (!isPreload) {
     nsCOMPtr<nsIDOMHTMLElement> htmlElement = do_QueryInterface(aRequestContext);
     if (htmlElement) {
       rv = htmlElement->GetAttribute(NS_LITERAL_STRING("nonce"), nonce);
       NS_ENSURE_SUCCESS(rv, rv);
     }
   }
 
   // aExtra is only non-null if the channel got redirected.
   bool wasRedirected = (aExtra != nullptr);
   nsCOMPtr<nsIURI> originalURI = do_QueryInterface(aExtra);
 
   bool permitted = permitsInternal(dir,
                                    aContentLocation,
                                    originalURI,
                                    nonce,
                                    wasRedirected,
-                                   isStyleOrScriptPreLoad,
+                                   isPreload,
                                    false,     // allow fallback to default-src
                                    true,      // send violation reports
                                    true);     // send blocked URI in violation reports
 
   *outDecision = permitted ? nsIContentPolicy::ACCEPT
                            : nsIContentPolicy::REJECT_SERVER;
 
   // Done looping, cache any relevant result
-  if (cacheKey.Length() > 0 && !isStyleOrScriptPreLoad) {
+  if (cacheKey.Length() > 0 && !isPreload) {
     mShouldLoadCache.Put(cacheKey, *outDecision);
   }
 
   if (CSPCONTEXTLOGENABLED()) {
     nsAutoCString spec;
     aContentLocation->GetSpec(spec);
     CSPCONTEXTLOG(("nsCSPContext::ShouldLoad, decision: %s, aContentLocation: %s", *outDecision ? "load" : "deny", spec.get()));
   }
--- a/dom/security/nsCSPService.cpp
+++ b/dom/security/nsCSPService.cpp
@@ -100,19 +100,18 @@ CSPService::ShouldLoad(uint32_t aContent
                        nsIURI *aContentLocation,
                        nsIURI *aRequestOrigin,
                        nsISupports *aRequestContext,
                        const nsACString &aMimeTypeGuess,
                        nsISupports *aExtra,
                        nsIPrincipal *aRequestPrincipal,
                        int16_t *aDecision)
 {
-  MOZ_ASSERT(aContentType ==
-             nsContentUtils::InternalContentPolicyTypeToExternalOrPreload(aContentType),
-             "We should only see external content policy types or preloads here.");
+  MOZ_ASSERT(aContentType == nsContentUtils::InternalContentPolicyTypeToExternal(aContentType),
+             "We should only see external content policy types here.");
 
   if (!aContentLocation) {
     return NS_ERROR_FAILURE;
   }
 
   if (MOZ_LOG_TEST(gCspPRLog, LogLevel::Debug)) {
     nsAutoCString location;
     aContentLocation->GetSpec(location);
@@ -247,19 +246,18 @@ CSPService::ShouldProcess(uint32_t      
                           nsIURI           *aContentLocation,
                           nsIURI           *aRequestOrigin,
                           nsISupports      *aRequestContext,
                           const nsACString &aMimeTypeGuess,
                           nsISupports      *aExtra,
                           nsIPrincipal     *aRequestPrincipal,
                           int16_t          *aDecision)
 {
-  MOZ_ASSERT(aContentType ==
-             nsContentUtils::InternalContentPolicyTypeToExternalOrPreload(aContentType),
-             "We should only see external content policy types or preloads here.");
+  MOZ_ASSERT(aContentType == nsContentUtils::InternalContentPolicyTypeToExternal(aContentType),
+             "We should only see external content policy types here.");
 
   if (!aContentLocation)
     return NS_ERROR_FAILURE;
 
   *aDecision = nsIContentPolicy::ACCEPT;
   return NS_OK;
 }
 
deleted file mode 100644
--- a/dom/security/test/csp/file_report_for_import.css
+++ /dev/null
@@ -1,1 +0,0 @@
-@import url("http://example.com/tests/dom/security/test/csp/file_report_for_import_server.sjs?stylesheet");
deleted file mode 100644
--- a/dom/security/test/csp/file_report_for_import.html
+++ /dev/null
@@ -1,10 +0,0 @@
-<!DOCTYPE HTML>
-<html>
-  <head>
-    <title>Bug 1048048 - Test sending csp-report when using import in css</title>
-    <link rel="stylesheet" type="text/css" href="file_report_for_import.css">
-  </head>
-  <body>
-  empty body, just testing @import in the included css for bug 1048048
-</body>
-</html>
deleted file mode 100644
--- a/dom/security/test/csp/file_report_for_import_server.sjs
+++ /dev/null
@@ -1,49 +0,0 @@
-// Custom *.sjs file specifically for the needs of Bug:
-// Bug 1048048 - CSP violation report not sent for @import
-
-const CC = Components.Constructor;
-const BinaryInputStream = CC("@mozilla.org/binaryinputstream;1",
-                             "nsIBinaryInputStream",
-                             "setInputStream");
-
-function handleRequest(request, response)
-{
-  // avoid confusing cache behaviors
-  response.setHeader("Cache-Control", "no-cache", false);
-  response.setHeader("Content-Type", "text/html", false);
-  var queryString = request.queryString;
-
-  // (1) lets process the queryresult request async and
-  // wait till we have received the image request.
-  if (queryString === "queryresult") {
-    response.processAsync();
-    setObjectState("queryResult", response);
-    return;
-  }
-
-  // (2) handle the csp-report and return the JSON back to
-  // the testfile using the afore stored xml request in (1).
-  if (queryString === "report") {
-    getObjectState("queryResult", function(queryResponse) {
-      if (!queryResponse) {
-        return;
-      }
-
-      // send the report back to the XML request for verification
-      var report = new BinaryInputStream(request.bodyInputStream);
-      var avail;
-      var bytes = [];
-      while ((avail = report.available()) > 0) {
-        Array.prototype.push.apply(bytes, report.readByteArray(avail));
-      }
-      var data = String.fromCharCode.apply(null, bytes);
-      queryResponse.bodyOutputStream.write(data, data.length);
-      queryResponse.finish();
-    });
-    return;
-  }
-
-  // we should not get here ever, but just in case return
-  // something unexpected.
-  response.write("doh!");
-}
--- a/dom/security/test/csp/mochitest.ini
+++ b/dom/security/test/csp/mochitest.ini
@@ -122,19 +122,16 @@ support-files =
   file_upgrade_insecure_server.sjs
   file_upgrade_insecure_wsh.py
   file_upgrade_insecure_reporting.html
   file_upgrade_insecure_reporting_server.sjs
   file_upgrade_insecure_referrer.html
   file_upgrade_insecure_referrer_server.sjs
   file_upgrade_insecure_cors.html
   file_upgrade_insecure_cors_server.sjs
-  file_report_for_import.css
-  file_report_for_import.html
-  file_report_for_import_server.sjs
 
 [test_base-uri.html]
 [test_blob_data_schemes.html]
 [test_connect-src.html]
 [test_CSP.html]
 [test_allow_https_schemes.html]
 skip-if = buildapp == 'b2g' #no ssl support
 [test_bug663567.html]
@@ -189,11 +186,10 @@ skip-if = buildapp == 'b2g' #no ssl supp
 # no ssl support as well as websocket tests do not work (see test_websocket.html)
 skip-if = buildapp == 'b2g' || buildapp == 'mulet' || toolkit == 'gonk' || toolkit == 'android'
 [test_upgrade_insecure_reporting.html]
 skip-if = buildapp == 'b2g' || buildapp == 'mulet' || toolkit == 'gonk' || toolkit == 'android'
 [test_upgrade_insecure_referrer.html]
 skip-if = buildapp == 'b2g' || buildapp == 'mulet' || toolkit == 'gonk' || toolkit == 'android'
 [test_upgrade_insecure_cors.html]
 skip-if = buildapp == 'b2g' || buildapp == 'mulet' || toolkit == 'gonk' || toolkit == 'android'
-[test_report_for_import.html]
 [test_blocked_uri_in_reports.html]
 skip-if = e10s || buildapp == 'b2g' # http-on-opening-request observer not supported in child process (bug 1009632)
deleted file mode 100644
--- a/dom/security/test/csp/test_report_for_import.html
+++ /dev/null
@@ -1,112 +0,0 @@
-<!DOCTYPE HTML>
-<html>
-<!--
-https://bugzilla.mozilla.org/show_bug.cgi?id=548193
--->
-<head>
-  <title>Test for Bug 548193</title>
-  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
-  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
-</head>
-<body>
-<p id="display"></p>
-<div id="content" style="display: none">
-</div>
-
-<iframe style="width:200px;height:200px;" id='cspframe'></iframe>
-<script class="testbody" type="text/javascript">
-
-/*
- * Description of the test:
- * We are loading a stylesheet using a csp policy that only allows styles from 'self'
- * to be loaded. In other words, the *.css file itself should be allowed to load, but
- * the @import file within the CSS should get blocked. We verify that the generated
- * csp-report is sent and contains all the expected values.
- * In detail, the test starts by sending an XHR request to the report-server
- * which waits on the server side till the report was received and hands the
- * report in JSON format back to the testfile which then verifies accuracy
- * of all the different report fields in the CSP report.
- */
-
-const TEST_FILE = "tests/dom/security/test/csp/file_report_for_import.html";
-const REPORT_URI =
-  "http://mochi.test:8888/tests/dom/security/test/csp/file_report_for_import_server.sjs?report";
-const POLICY = "style-src 'self'; report-uri " + REPORT_URI;
-
-const DOC_URI =
-  "http://mochi.test:8888/tests/dom/security/test/csp/file_testserver.sjs?" +
-  "file=tests/dom/security/test/csp/file_report_for_import.html&" +
-  "csp=style-src%20%27self%27%3B%20" +
-  "report-uri%20http%3A//mochi.test%3A8888/tests/dom/security/test/csp/" +
-  "file_report_for_import_server.sjs%3Freport";
-
-function checkResults(reportStr) {
-  try {
-    var reportObj = JSON.parse(reportStr);
-    var cspReport = reportObj["csp-report"];
-
-    is(cspReport["document-uri"], DOC_URI, "Incorrect document-uri");
-    is(cspReport["referrer"],
-       "http://mochi.test:8888/tests/dom/security/test/csp/test_report_for_import.html",
-       "Incorrect referrer");
-    is(cspReport["violated-directive"],
-       "style-src http://mochi.test:8888",
-       "Incorrect violated-directive");
-    is(cspReport["original-policy"],
-       "style-src http://mochi.test:8888; report-uri " +
-       "http://mochi.test:8888/tests/dom/security/test/csp/file_report_for_import_server.sjs?report",
-       "Incorrect original-policy");
-    is(cspReport["blocked-uri"],
-       "http://example.com/tests/dom/security/test/csp/file_report_for_import_server.sjs?stylesheet",
-       "Incorrect blocked-uri");
-
-    // we do not always set the following fields
-    is(cspReport["source-file"], undefined, "Incorrect source-file");
-    is(cspReport["script-sample"], undefined, "Incorrect script-sample");
-    is(cspReport["line-number"], undefined, "Incorrect line-number");
-  }
-  catch (e) {
-    ok(false, "Could not parse JSON (exception: " + e + ")");
-  }
-}
-
-function loadTestPageIntoFrame() {
-  // load the resource which will generate a CSP violation report
-  // save this for last so that our listeners are registered.
-  var src = "file_testserver.sjs";
-  // append the file that should be served
-  src += "?file=" + escape(TEST_FILE);
-  // append the CSP that should be used to serve the file
-  src += "&csp=" + escape(POLICY);
-  // appending a fragment so we can test that it's correctly stripped
-  // for document-uri and source-file.
-  src += "#foo";
-  document.getElementById("cspframe").src = src;
-}
-
-function runTest() {
-  // send an xhr request to the server which is processed async, which only
-  // returns after the server has received the csp report.
-  var myXHR = new XMLHttpRequest();
-  myXHR.open("GET", "file_report_for_import_server.sjs?queryresult");
-  myXHR.onload = function(e) {
-    checkResults(myXHR.responseText);
-    SimpleTest.finish();
-  }
-  myXHR.onerror = function(e) {
-    ok(false, "could not query results from server (" + e.message + ")");
-    SimpleTest.finish();
-  }
-  myXHR.send();
-
-  // give it some time and run the testpage
-  SimpleTest.executeSoon(loadTestPageIntoFrame);
-}
-
-SimpleTest.waitForExplicitFinish();
-runTest();
-
-</script>
-</pre>
-</body>
-</html>
--- a/dom/workers/ServiceWorkerScriptCache.cpp
+++ b/dom/workers/ServiceWorkerScriptCache.cpp
@@ -106,22 +106,22 @@ public:
 
     nsCOMPtr<nsILoadGroup> loadGroup;
     rv = NS_NewLoadGroup(getter_AddRefs(loadGroup), aPrincipal);
     if (NS_WARN_IF(NS_FAILED(rv))) {
       return rv;
     }
 
     // Note that because there is no "serviceworker" RequestContext type, we can
-    // use the TYPE_INTERNAL_SCRIPT content policy types when loading a service
+    // use the external TYPE_SCRIPT content policy types when loading a service
     // worker.
     rv = NS_NewChannel(getter_AddRefs(mChannel),
                        uri, aPrincipal,
                        nsILoadInfo::SEC_NORMAL,
-                       nsIContentPolicy::TYPE_INTERNAL_SCRIPT,
+                       nsIContentPolicy::TYPE_SCRIPT,
                        loadGroup);
     if (NS_WARN_IF(NS_FAILED(rv))) {
       return rv;
     }
 
     nsLoadFlags flags;
     rv = mChannel->GetLoadFlags(&flags);
     if (NS_WARN_IF(NS_FAILED(rv))) {
--- a/dom/xbl/nsXBLResourceLoader.cpp
+++ b/dom/xbl/nsXBLResourceLoader.cpp
@@ -146,17 +146,17 @@ nsXBLResourceLoader::LoadResources(bool*
           {
             rv = StyleSheetLoaded(sheet, false, NS_OK);
             NS_ASSERTION(NS_SUCCEEDED(rv), "Processing the style sheet failed!!!");
           }
         }
       }
       else
       {
-        rv = cssLoader->LoadSheet(url, false, docPrincipal, EmptyCString(), this);
+        rv = cssLoader->LoadSheet(url, docPrincipal, EmptyCString(), this);
         if (NS_SUCCEEDED(rv))
           ++mPendingSheets;
       }
     }
   }
 
   *aResult = (mPendingSheets == 0);
   mInLoadResourcesFunc = false;
--- a/dom/xslt/xslt/txMozillaStylesheetCompiler.cpp
+++ b/dom/xslt/xslt/txMozillaStylesheetCompiler.cpp
@@ -419,17 +419,17 @@ txCompileObserver::loadURI(const nsAStri
     nsCOMPtr<nsIPrincipal> referrerPrincipal;
     rv = nsContentUtils::GetSecurityManager()->
       GetSimpleCodebasePrincipal(referrerUri,
                                  getter_AddRefs(referrerPrincipal));
     NS_ENSURE_SUCCESS(rv, rv);
 
     // Content Policy
     int16_t shouldLoad = nsIContentPolicy::ACCEPT;
-    rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_INTERNAL_STYLESHEET,
+    rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_STYLESHEET,
                                    uri,
                                    referrerPrincipal,
                                    mLoaderDocument,
                                    NS_LITERAL_CSTRING("application/xml"),
                                    nullptr,
                                    &shouldLoad);
     NS_ENSURE_SUCCESS(rv, rv);
     if (NS_CP_REJECTED(shouldLoad)) {
@@ -519,17 +519,17 @@ TX_LoadSheet(nsIURI* aUri, txMozillaXSLT
 
     nsAutoCString spec;
     aUri->GetSpec(spec);
     MOZ_LOG(txLog::xslt, LogLevel::Info, ("TX_LoadSheet: %s\n", spec.get()));
 
     // Content Policy
     int16_t shouldLoad = nsIContentPolicy::ACCEPT;
     nsresult rv =
-        NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_INTERNAL_STYLESHEET,
+        NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_STYLESHEET,
                                   aUri,
                                   principal,
                                   aLoaderDocument,
                                   NS_LITERAL_CSTRING("application/xml"),
                                   nullptr,
                                   &shouldLoad);
     NS_ENSURE_SUCCESS(rv, rv);
     if (NS_CP_REJECTED(shouldLoad)) {
@@ -661,17 +661,17 @@ txSyncCompileObserver::loadURI(const nsA
     nsCOMPtr<nsIPrincipal> referrerPrincipal;
     rv = nsContentUtils::GetSecurityManager()->
       GetSimpleCodebasePrincipal(referrerUri,
                                  getter_AddRefs(referrerPrincipal));
     NS_ENSURE_SUCCESS(rv, rv);
 
     // Content Policy
     int16_t shouldLoad = nsIContentPolicy::ACCEPT;
-    rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_INTERNAL_STYLESHEET,
+    rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_STYLESHEET,
                                    uri,
                                    referrerPrincipal,
                                    nullptr,
                                    NS_LITERAL_CSTRING("application/xml"),
                                    nullptr,
                                    &shouldLoad);
     NS_ENSURE_SUCCESS(rv, rv);
     if (NS_CP_REJECTED(shouldLoad)) {
--- a/dom/xul/XULDocument.cpp
+++ b/dom/xul/XULDocument.cpp
@@ -3245,18 +3245,17 @@ XULDocument::LoadScript(nsXULPrototypeSc
     }
 
     // Allow security manager and content policies to veto the load. Note that
     // at this point we already lost context information of the script.
     rv = nsScriptLoader::ShouldLoadScript(
                             this,
                             static_cast<nsIDocument*>(this),
                             aScriptProto->mSrcURI,
-                            NS_LITERAL_STRING("application/x-javascript"),
-                            false);
+                            NS_LITERAL_STRING("application/x-javascript"));
     if (NS_FAILED(rv)) {
       *aBlock = false;
       return rv;
     }
 
     // Release script objects from FastLoad since we decided against using them
     aScriptProto->UnlinkJSObjects();
 
--- a/editor/libeditor/nsHTMLEditor.cpp
+++ b/editor/libeditor/nsHTMLEditor.cpp
@@ -2786,17 +2786,17 @@ nsHTMLEditor::ReplaceStyleSheet(const ns
   nsCOMPtr<nsIPresShell> ps = GetPresShell();
   NS_ENSURE_TRUE(ps, NS_ERROR_NOT_INITIALIZED);
 
   nsCOMPtr<nsIURI> uaURI;
   nsresult rv = NS_NewURI(getter_AddRefs(uaURI), aURL);
   NS_ENSURE_SUCCESS(rv, rv);
 
   return ps->GetDocument()->CSSLoader()->
-    LoadSheet(uaURI, false, nullptr, EmptyCString(), this);
+    LoadSheet(uaURI, nullptr, EmptyCString(), this);
 }
 
 NS_IMETHODIMP
 nsHTMLEditor::RemoveStyleSheet(const nsAString &aURL)
 {
   nsRefPtr<CSSStyleSheet> sheet;
   nsresult rv = GetStyleSheetForURL(aURL, getter_AddRefs(sheet));
   NS_ENSURE_SUCCESS(rv, rv);
--- a/embedding/browser/nsContextMenuInfo.cpp
+++ b/embedding/browser/nsContextMenuInfo.cpp
@@ -289,17 +289,17 @@ nsContextMenuInfo::GetBackgroundImageReq
           NS_ENSURE_TRUE(bgUri, NS_ERROR_FAILURE);
 
           nsRefPtr<imgLoader> il = imgLoader::GetInstance();
           NS_ENSURE_TRUE(il, NS_ERROR_FAILURE);
 
           return il->LoadImage(bgUri, nullptr, nullptr,
                                doc->GetReferrerPolicy(), principal, nullptr,
                                nullptr, nullptr, nsIRequest::LOAD_NORMAL,
-                               nullptr, nsIContentPolicy::TYPE_INTERNAL_IMAGE,
+                               nullptr, nsIContentPolicy::TYPE_IMAGE,
                                EmptyString(), aRequest);
         }
       }
 
       // bail if we encounter non-transparent background-color
       computedStyle->GetPropertyCSSValue(NS_LITERAL_STRING("background-color"),
                                          getter_AddRefs(cssValue));
       primitiveValue = do_QueryInterface(cssValue);
--- a/image/imgLoader.cpp
+++ b/image/imgLoader.cpp
@@ -613,17 +613,17 @@ ShouldLoadCachedImage(imgRequest* aImgRe
    * mHadInsecureRedirect flag
    */
   bool insecureRedirect = aImgRequest->HadInsecureRedirect();
   nsCOMPtr<nsIURI> contentLocation;
   aImgRequest->GetCurrentURI(getter_AddRefs(contentLocation));
   nsresult rv;
 
   int16_t decision = nsIContentPolicy::REJECT_REQUEST;
-  rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_INTERNAL_IMAGE,
+  rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_IMAGE,
                                  contentLocation,
                                  aLoadingPrincipal,
                                  aLoadingContext,
                                  EmptyCString(), //mime guess
                                  nullptr, //aExtra
                                  &decision,
                                  nsContentUtils::GetContentPolicy(),
                                  nsContentUtils::GetSecurityManager());
@@ -1976,17 +1976,17 @@ imgLoader::LoadImageXPCOM(nsIURI* aURI,
                           nsISupports* aCX,
                           nsLoadFlags aLoadFlags,
                           nsISupports* aCacheKey,
                           nsContentPolicyType aContentPolicyType,
                           imgIRequest** _retval)
 {
     // Optional parameter, so defaults to 0 (== TYPE_INVALID)
     if (!aContentPolicyType) {
-      aContentPolicyType = nsIContentPolicy::TYPE_INTERNAL_IMAGE;
+      aContentPolicyType = nsIContentPolicy::TYPE_IMAGE;
     }
     imgRequestProxy* proxy;
     ReferrerPolicy refpol = ReferrerPolicyFromString(aReferrerPolicy);
     nsresult rv = LoadImage(aURI,
                             aInitialDocumentURI,
                             aReferrerURI,
                             refpol,
                             aLoadingPrincipal,
--- a/layout/generic/nsImageFrame.cpp
+++ b/layout/generic/nsImageFrame.cpp
@@ -2199,17 +2199,17 @@ nsImageFrame::LoadIcon(const nsAString& 
   nsRefPtr<imgLoader> il =
     nsContentUtils::GetImgLoaderForDocument(aPresContext->Document());
 
   nsCOMPtr<nsILoadGroup> loadGroup;
   GetLoadGroup(aPresContext, getter_AddRefs(loadGroup));
 
   // For icon loads, we don't need to merge with the loadgroup flags
   nsLoadFlags loadFlags = nsIRequest::LOAD_NORMAL;
-  nsContentPolicyType contentPolicyType = nsIContentPolicy::TYPE_INTERNAL_IMAGE;
+  nsContentPolicyType contentPolicyType = nsIContentPolicy::TYPE_IMAGE;
 
   return il->LoadImage(realURI,     /* icon URI */
                        nullptr,      /* initial document URI; this is only
                                        relevant for cookies, so does not
                                        apply to icons. */
                        nullptr,      /* referrer (not relevant for icons) */
                        mozilla::net::RP_Default,
                        nullptr,      /* principal (not relevant for icons) */
--- a/layout/style/Loader.cpp
+++ b/layout/style/Loader.cpp
@@ -602,17 +602,17 @@ Loader::SetPreferredSheet(const nsAStrin
   // start any pending alternates that aren't alternates anymore
   if (mSheets) {
     LoadDataArray arr(mSheets->mPendingDatas.Count());
     mSheets->mPendingDatas.Enumerate(CollectNonAlternates, &arr);
 
     mDatasToNotifyOn += arr.Length();
     for (uint32_t i = 0; i < arr.Length(); ++i) {
       --mDatasToNotifyOn;
-      LoadSheet(arr[i], eSheetNeedsParser, false);
+      LoadSheet(arr[i], eSheetNeedsParser);
     }
   }
 
   return NS_OK;
 }
 
 static const char kCharsetSym[] = "@charset \"";
 
@@ -1020,18 +1020,17 @@ Loader::ObsoleteSheet(nsIURI* aURI)
  *                         sheet loading the sheet
  * @param aTargetURI the uri of the sheet to be loaded
  * @param aContext the node owning the sheet.  This is the element or document
  *                 owning the stylesheet (possibly indirectly, for child sheets)
  */
 nsresult
 Loader::CheckLoadAllowed(nsIPrincipal* aSourcePrincipal,
                          nsIURI* aTargetURI,
-                         nsISupports* aContext,
-                         bool aIsPreload)
+                         nsISupports* aContext)
 {
   LOG(("css::Loader::CheckLoadAllowed"));
 
   nsresult rv;
 
   if (aSourcePrincipal) {
     // Check with the security manager
     nsIScriptSecurityManager *secMan = nsContentUtils::GetSecurityManager();
@@ -1040,22 +1039,19 @@ Loader::CheckLoadAllowed(nsIPrincipal* a
                                         nsIScriptSecurityManager::ALLOW_CHROME);
     if (NS_FAILED(rv)) { // failure is normal here; don't warn
       return rv;
     }
 
     LOG(("  Passed security check"));
 
     // Check with content policy
-    nsContentPolicyType contentPolicyType =
-      aIsPreload ? nsIContentPolicy::TYPE_INTERNAL_STYLESHEET_PRELOAD
-                 : nsIContentPolicy::TYPE_INTERNAL_STYLESHEET;
 
     int16_t shouldLoad = nsIContentPolicy::ACCEPT;
-    rv = NS_CheckContentLoadPolicy(contentPolicyType,
+    rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_STYLESHEET,
                                    aTargetURI,
                                    aSourcePrincipal,
                                    aContext,
                                    NS_LITERAL_CSTRING("text/css"),
                                    nullptr,                     //extra param
                                    &shouldLoad,
                                    nsContentUtils::GetContentPolicy(),
                                    nsContentUtils::GetSecurityManager());
@@ -1410,19 +1406,17 @@ Loader::InsertChildSheet(CSSStyleSheet* 
  * LoadSheet handles the actual load of a sheet.  If the load is
  * supposed to be synchronous it just opens a channel synchronously
  * using the given uri, wraps the resulting stream in a converter
  * stream and calls ParseSheet.  Otherwise it tries to look for an
  * existing load for this URI and piggyback on it.  Failing all that,
  * a new load is kicked off asynchronously.
  */
 nsresult
-Loader::LoadSheet(SheetLoadData* aLoadData,
-                  StyleSheetState aSheetState,
-                  bool aIsPreload)
+Loader::LoadSheet(SheetLoadData* aLoadData, StyleSheetState aSheetState)
 {
   LOG(("css::Loader::LoadSheet"));
   NS_PRECONDITION(aLoadData, "Need a load data");
   NS_PRECONDITION(aLoadData->mURI, "Need a URI to load");
   NS_PRECONDITION(aLoadData->mSheet, "Need a sheet to load into");
   NS_PRECONDITION(aSheetState != eSheetComplete, "Why bother?");
   NS_PRECONDITION(!aLoadData->mUseSystemPrincipal || aLoadData->mSyncLoad,
                   "Shouldn't use system principal for async loads");
@@ -1562,17 +1556,17 @@ Loader::LoadSheet(SheetLoadData* aLoadDa
       NS_ASSERTION(mSheets->mPendingDatas.Get(&key, &removedData) &&
                    removedData == existingData,
                    "Bad pending table.");
 #endif
 
       mSheets->mPendingDatas.Remove(&key);
 
       LOG(("  Forcing load of pending data"));
-      return LoadSheet(existingData, eSheetNeedsParser, aIsPreload);
+      return LoadSheet(existingData, eSheetNeedsParser);
     }
     // All done here; once the load completes we'll be marked complete
     // automatically
     return NS_OK;
   }
 
 #ifdef DEBUG
   mSyncCallback = true;
@@ -1584,48 +1578,44 @@ Loader::LoadSheet(SheetLoadData* aLoadDa
                  "No loadgroup for stylesheet; onload will fire early");
   }
 
   nsLoadFlags securityFlags = nsILoadInfo::SEC_NORMAL;
   if (inherit) {
     securityFlags |= nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
   }
 
-  nsContentPolicyType contentPolicyType =
-    aIsPreload ? nsIContentPolicy::TYPE_INTERNAL_STYLESHEET_PRELOAD
-               : nsIContentPolicy::TYPE_INTERNAL_STYLESHEET;
-
   nsCOMPtr<nsIChannel> channel;
   // Note we are calling NS_NewChannelWithTriggeringPrincipal here with a node
   // and a principal. This is because of a case where the node is the document
   // being styled and the principal is the stylesheet (perhaps from a different
   // origin)  that is applying the styles.
   if (aLoadData->mRequestingNode) {
     rv = NS_NewChannelWithTriggeringPrincipal(getter_AddRefs(channel),
                                               aLoadData->mURI,
                                               aLoadData->mRequestingNode,
                                               triggeringPrincipal,
                                               securityFlags,
-                                              contentPolicyType,
+                                              nsIContentPolicy::TYPE_STYLESHEET,
                                               loadGroup,
                                               nullptr,   // aCallbacks
                                               nsIChannel::LOAD_NORMAL |
                                               nsIChannel::LOAD_CLASSIFY_URI);
   }
   else {
     // either we are loading something inside a document, in which case
     // we should always have a requestingNode, or we are loading something
     // outside a document, in which case the triggeringPrincipal
     // should always be the systemPrincipal.
     MOZ_ASSERT(nsContentUtils::IsSystemPrincipal(triggeringPrincipal));
     rv = NS_NewChannel(getter_AddRefs(channel),
                        aLoadData->mURI,
                        triggeringPrincipal,
                        securityFlags,
-                       contentPolicyType,
+                       nsIContentPolicy::TYPE_STYLESHEET,
                        loadGroup,
                        nullptr,   // aCallbacks
                        nsIChannel::LOAD_NORMAL |
                        nsIChannel::LOAD_CLASSIFY_URI);
   }
 
   if (NS_FAILED(rv)) {
 #ifdef DEBUG
@@ -2049,17 +2039,17 @@ Loader::LoadStyleLink(nsIContent* aEleme
 
   nsIPrincipal* principal =
     aElement ? aElement->NodePrincipal() : mDocument->NodePrincipal();
 
   nsISupports* context = aElement;
   if (!context) {
     context = mDocument;
   }
-  nsresult rv = CheckLoadAllowed(principal, aURL, context, false);
+  nsresult rv = CheckLoadAllowed(principal, aURL, context);
   if (NS_FAILED(rv)) return rv;
 
   LOG(("  Passed load check"));
 
   StyleSheetState state;
   nsRefPtr<CSSStyleSheet> sheet;
   rv = CreateSheet(aURL, aElement, principal, aCORSMode,
                    aReferrerPolicy, aIntegrity, false,
@@ -2105,17 +2095,17 @@ Loader::LoadStyleLink(nsIContent* aEleme
                                                      data->mSheet->GetReferrerPolicy());
     mSheets->mPendingDatas.Put(&key, data);
 
     data->mMustNotify = true;
     return NS_OK;
   }
 
   // Load completion will free the data
-  rv = LoadSheet(data, state, false);
+  rv = LoadSheet(data, state);
   NS_ENSURE_SUCCESS(rv, rv);
 
   data->mMustNotify = true;
   return rv;
 }
 
 static bool
 HaveAncestorDataWithURI(SheetLoadData *aData, nsIURI *aURI)
@@ -2183,17 +2173,17 @@ Loader::LoadChildSheet(CSSStyleSheet* aP
   }
 
   nsISupports* context = owningNode;
   if (!context) {
     context = mDocument;
   }
 
   nsIPrincipal* principal = aParentSheet->Principal();
-  nsresult rv = CheckLoadAllowed(principal, aURL, context, false);
+  nsresult rv = CheckLoadAllowed(principal, aURL, context);
   if (NS_FAILED(rv)) return rv;
 
   LOG(("  Passed load check"));
 
   SheetLoadData* parentData = nullptr;
   nsCOMPtr<nsICSSLoaderObserver> observer;
 
   int32_t count = mParsingDatas.Length();
@@ -2247,71 +2237,69 @@ Loader::LoadChildSheet(CSSStyleSheet* aP
   nsCOMPtr<nsINode> requestingNode = do_QueryInterface(context);
   SheetLoadData* data = new SheetLoadData(this, aURL, sheet, parentData,
                                           observer, principal, requestingNode);
 
   NS_ADDREF(data);
   bool syncLoad = data->mSyncLoad;
 
   // Load completion will release the data
-  rv = LoadSheet(data, state, false);
+  rv = LoadSheet(data, state);
   NS_ENSURE_SUCCESS(rv, rv);
 
   // If syncLoad is true, |data| will be deleted by now.
   if (!syncLoad) {
     data->mMustNotify = true;
   }
   return rv;
 }
 
 nsresult
 Loader::LoadSheetSync(nsIURI* aURL, bool aAllowUnsafeRules,
                       bool aUseSystemPrincipal,
                       CSSStyleSheet** aSheet)
 {
   LOG(("css::Loader::LoadSheetSync"));
-  return InternalLoadNonDocumentSheet(aURL, false, aAllowUnsafeRules,
+  return InternalLoadNonDocumentSheet(aURL, aAllowUnsafeRules,
                                       aUseSystemPrincipal, nullptr,
                                       EmptyCString(), aSheet, nullptr);
 }
 
 nsresult
 Loader::LoadSheet(nsIURI* aURL,
                   nsIPrincipal* aOriginPrincipal,
                   const nsCString& aCharset,
                   nsICSSLoaderObserver* aObserver,
                   CSSStyleSheet** aSheet)
 {
   LOG(("css::Loader::LoadSheet(aURL, aObserver, aSheet) api call"));
   NS_PRECONDITION(aSheet, "aSheet is null");
-  return InternalLoadNonDocumentSheet(aURL, false, false, false,
+  return InternalLoadNonDocumentSheet(aURL, false, false,
                                       aOriginPrincipal, aCharset,
                                       aSheet, aObserver);
 }
 
 nsresult
 Loader::LoadSheet(nsIURI* aURL,
-                  bool aIsPreload,
                   nsIPrincipal* aOriginPrincipal,
                   const nsCString& aCharset,
                   nsICSSLoaderObserver* aObserver,
                   CORSMode aCORSMode,
                   ReferrerPolicy aReferrerPolicy,
                   const nsAString& aIntegrity)
 {
   LOG(("css::Loader::LoadSheet(aURL, aObserver) api call"));
-  return InternalLoadNonDocumentSheet(aURL, aIsPreload, false, false,
+  return InternalLoadNonDocumentSheet(aURL, false, false,
                                       aOriginPrincipal, aCharset,
                                       nullptr, aObserver, aCORSMode,
                                       aReferrerPolicy, aIntegrity);
 }
 
 nsresult
 Loader::InternalLoadNonDocumentSheet(nsIURI* aURL,
-                                     bool aIsPreload,
                                      bool aAllowUnsafeRules,
                                      bool aUseSystemPrincipal,
                                      nsIPrincipal* aOriginPrincipal,
                                      const nsCString& aCharset,
                                      CSSStyleSheet** aSheet,
                                      nsICSSLoaderObserver* aObserver,
                                      CORSMode aCORSMode,
                                      ReferrerPolicy aReferrerPolicy,
@@ -2329,17 +2317,17 @@ Loader::InternalLoadNonDocumentSheet(nsI
     *aSheet = nullptr;
   }
 
   if (!mEnabled) {
     LOG_WARN(("  Not enabled"));
     return NS_ERROR_NOT_AVAILABLE;
   }
 
-  nsresult rv = CheckLoadAllowed(aOriginPrincipal, aURL, mDocument, aIsPreload);
+  nsresult rv = CheckLoadAllowed(aOriginPrincipal, aURL, mDocument);
   if (NS_FAILED(rv)) {
     return rv;
   }
 
   StyleSheetState state;
   bool isAlternate;
   nsRefPtr<CSSStyleSheet> sheet;
   bool syncLoad = (aObserver == nullptr);
@@ -2364,17 +2352,17 @@ Loader::InternalLoadNonDocumentSheet(nsI
   }
 
   SheetLoadData* data =
     new SheetLoadData(this, aURL, sheet, syncLoad, aAllowUnsafeRules,
                       aUseSystemPrincipal, aCharset, aObserver,
                       aOriginPrincipal, mDocument);
 
   NS_ADDREF(data);
-  rv = LoadSheet(data, state, aIsPreload);
+  rv = LoadSheet(data, state);
   NS_ENSURE_SUCCESS(rv, rv);
 
   if (aSheet) {
     sheet.swap(*aSheet);
   }
   if (aObserver) {
     data->mMustNotify = true;
   }
@@ -2556,17 +2544,17 @@ Loader::StartAlternateLoads()
 {
   NS_PRECONDITION(mSheets, "Don't call me!");
   LoadDataArray arr(mSheets->mPendingDatas.Count());
   mSheets->mPendingDatas.Enumerate(CollectLoadDatas, &arr);
 
   mDatasToNotifyOn += arr.Length();
   for (uint32_t i = 0; i < arr.Length(); ++i) {
     --mDatasToNotifyOn;
-    LoadSheet(arr[i], eSheetNeedsParser, false);
+    LoadSheet(arr[i], eSheetNeedsParser);
   }
 }
 
 static PLDHashOperator
 TraverseSheet(URIPrincipalReferrerPolicyAndCORSModeHashKey*,
               CSSStyleSheet* aSheet,
               void* aClosure)
 {
--- a/layout/style/Loader.h
+++ b/layout/style/Loader.h
@@ -312,17 +312,16 @@ public:
                      nsICSSLoaderObserver* aObserver,
                      CSSStyleSheet** aSheet);
 
   /**
    * Same as above, to be used when the caller doesn't care about the
    * not-yet-loaded sheet.
    */
   nsresult LoadSheet(nsIURI* aURL,
-                     bool aIsPreload,
                      nsIPrincipal* aOriginPrincipal,
                      const nsCString& aCharset,
                      nsICSSLoaderObserver* aObserver,
                      CORSMode aCORSMode = CORS_NONE,
                      ReferrerPolicy aReferrerPolicy = mozilla::net::RP_Default,
                      const nsAString& aIntegrity = EmptyString());
 
   /**
@@ -401,22 +400,19 @@ private:
 
   static PLDHashOperator
   RemoveEntriesWithURI(URIPrincipalReferrerPolicyAndCORSModeHashKey* aKey,
                        nsRefPtr<CSSStyleSheet>& aSheet,
                        void* aUserData);
 
   // Note: null aSourcePrincipal indicates that the content policy and
   // CheckLoadURI checks should be skipped.
-  // aIsPreload indicates whether the html parser preloads that
-  // stylesheet or if it is a regular load.
   nsresult CheckLoadAllowed(nsIPrincipal* aSourcePrincipal,
                             nsIURI* aTargetURI,
-                            nsISupports* aContext,
-                            bool aIsPreload);
+                            nsISupports* aContext);
 
 
   // For inline style, the aURI param is null, but the aLinkingContent
   // must be non-null then.  The loader principal must never be null
   // if aURI is not null.
   // *aIsAlternate is set based on aTitle and aHasAlternateRel.
   nsresult CreateSheet(nsIURI* aURI,
                        nsIContent* aLinkingContent,
@@ -445,17 +441,16 @@ private:
                             nsIContent* aLinkingContent,
                             nsIDocument* aDocument);
 
   nsresult InsertChildSheet(CSSStyleSheet* aSheet,
                             CSSStyleSheet* aParentSheet,
                             ImportRule* aParentRule);
 
   nsresult InternalLoadNonDocumentSheet(nsIURI* aURL,
-                                        bool aIsPreload,
                                         bool aAllowUnsafeRules,
                                         bool aUseSystemPrincipal,
                                         nsIPrincipal* aOriginPrincipal,
                                         const nsCString& aCharset,
                                         CSSStyleSheet** aSheet,
                                         nsICSSLoaderObserver* aObserver,
                                         CORSMode aCORSMode = CORS_NONE,
                                         ReferrerPolicy aReferrerPolicy = mozilla::net::RP_Default,
@@ -477,19 +472,17 @@ private:
   // Start the loads of all the sheets in mPendingDatas
   void StartAlternateLoads();
 
   // Handle an event posted by PostLoadEvent
   void HandleLoadEvent(SheetLoadData* aEvent);
 
   // Note: LoadSheet is responsible for releasing aLoadData and setting the
   // sheet to complete on failure.
-  nsresult LoadSheet(SheetLoadData* aLoadData,
-                     StyleSheetState aSheetState,
-                     bool aIsPreLoad);
+  nsresult LoadSheet(SheetLoadData* aLoadData, StyleSheetState aSheetState);
 
   // Parse the stylesheet in aLoadData.  The sheet data comes from aInput.
   // Set aCompleted to true if the parse finished, false otherwise (e.g. if the
   // sheet had an @import).  If aCompleted is true when this returns, then
   // ParseSheet also called SheetComplete on aLoadData.
   nsresult ParseSheet(const nsAString& aInput,
                       SheetLoadData* aLoadData,
                       bool& aCompleted);
new file mode 100644
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/style-src-3_4.html.ini
@@ -0,0 +1,5 @@
+[style-src-3_4.html]
+  type: testharness
+  [Violation report status OK.]
+    expected: FAIL
+
--- a/toolkit/components/places/AsyncFaviconHelpers.cpp
+++ b/toolkit/components/places/AsyncFaviconHelpers.cpp
@@ -527,17 +527,17 @@ AsyncFetchAndSetIconFromNetwork::Run()
   nsCOMPtr<nsIURI> iconURI;
   nsresult rv = NS_NewURI(getter_AddRefs(iconURI), mIcon.spec);
   NS_ENSURE_SUCCESS(rv, rv);
   nsCOMPtr<nsIChannel> channel;
   rv = NS_NewChannel(getter_AddRefs(channel),
                      iconURI,
                      nsContentUtils::GetSystemPrincipal(),
                      nsILoadInfo::SEC_NORMAL,
-                     nsIContentPolicy::TYPE_INTERNAL_IMAGE);
+                     nsIContentPolicy::TYPE_IMAGE);
 
   NS_ENSURE_SUCCESS(rv, rv);
   nsCOMPtr<nsIInterfaceRequestor> listenerRequestor =
     do_QueryInterface(reinterpret_cast<nsISupports*>(this));
   NS_ENSURE_STATE(listenerRequestor);
   rv = channel->SetNotificationCallbacks(listenerRequestor);
   NS_ENSURE_SUCCESS(rv, rv);
   nsCOMPtr<nsIPrivateBrowsingChannel> pbChannel = do_QueryInterface(channel);
--- a/toolkit/components/places/nsAnnoProtocolHandler.cpp
+++ b/toolkit/components/places/nsAnnoProtocolHandler.cpp
@@ -48,17 +48,17 @@ GetDefaultIcon(nsIChannel **aChannel)
   nsresult rv = NS_NewURI(getter_AddRefs(defaultIconURI),
                           NS_LITERAL_CSTRING(FAVICON_DEFAULT_URL));
   NS_ENSURE_SUCCESS(rv, rv);
 
   return NS_NewChannel(aChannel,
                        defaultIconURI,
                        nsContentUtils::GetSystemPrincipal(),
                        nsILoadInfo::SEC_NORMAL,
-                       nsIContentPolicy::TYPE_INTERNAL_IMAGE);
+                       nsIContentPolicy::TYPE_IMAGE);
 }
 
 ////////////////////////////////////////////////////////////////////////////////
 //// faviconAsyncLoader
 
 namespace {
 
 /**
--- a/toolkit/components/places/nsFaviconService.cpp
+++ b/toolkit/components/places/nsFaviconService.cpp
@@ -325,17 +325,17 @@ nsFaviconService::ReplaceFaviconDataFrom
   rv = ioService->GetProtocolHandler("data", getter_AddRefs(protocolHandler));
   NS_ENSURE_SUCCESS(rv, rv);
 
   nsCOMPtr<nsILoadInfo> loadInfo =
     new mozilla::LoadInfo(nsContentUtils::GetSystemPrincipal(),
                           nullptr, // aTriggeringPrincipal
                           nullptr, // aLoadingNode
                           nsILoadInfo::SEC_NORMAL,
-                          nsIContentPolicy::TYPE_INTERNAL_IMAGE);
+                          nsIContentPolicy::TYPE_IMAGE);
 
   nsCOMPtr<nsIChannel> channel;
   rv = protocolHandler->NewChannel2(dataURI, loadInfo, getter_AddRefs(channel));
   NS_ENSURE_SUCCESS(rv, rv);
 
   // Blocking stream is OK for data URIs.
   nsCOMPtr<nsIInputStream> stream;
   rv = channel->Open(getter_AddRefs(stream));
--- a/toolkit/components/places/tests/browser/browser_favicon_setAndFetchFaviconForPage.js
+++ b/toolkit/components/places/tests/browser/browser_favicon_setAndFetchFaviconForPage.js
@@ -28,17 +28,17 @@ function test() {
       aWin.close();
     });
   });
 
   function getIconFile(aCallback) {
     NetUtil.asyncFetch({
       uri: favIconLocation,
       loadUsingSystemPrincipal: true,
-      contentPolicyType: Ci.nsIContentPolicy.TYPE_INTERNAL_IMAGE
+      contentPolicyType: Ci.nsIContentPolicy.TYPE_IMAGE
     }, function(inputStream, status) {
         if (!Components.isSuccessCode(status)) {
           ok(false, "Could not get the icon file");
           // Handle error.
           return;
         }
 
         // Check the returned size versus the expected size.
--- a/toolkit/components/places/tests/favicons/test_moz-anno_favicon_mime_type.js
+++ b/toolkit/components/places/tests/favicons/test_moz-anno_favicon_mime_type.js
@@ -58,30 +58,30 @@ function run_test()
             getService(Ci.nsIIOService);
 
   // Test that the default icon has the content type of image/png.
   let channel = ios.newChannelFromURI2(fs.defaultFavicon,
                                         null,      // aLoadingNode
                                         Services.scriptSecurityManager.getSystemPrincipal(),
                                         null,      // aTriggeringPrincipal
                                         Ci.nsILoadInfo.SEC_NORMAL,
-                                        Ci.nsIContentPolicy.TYPE_INTERNAL_IMAGE);
+                                        Ci.nsIContentPolicy.TYPE_IMAGE);
   channel.asyncOpen(new streamListener("image/png"), null);
   do_test_pending();
 
   // Test URI that we don't know anything about.  Will end up being the default
   // icon, so expect image/png.
   channel = ios.newChannel2(moz_anno_favicon_prefix + "http://mozilla.org",
                             null,
                             null,
                             null,      // aLoadingNode
                             Services.scriptSecurityManager.getSystemPrincipal(),
                             null,      // aTriggeringPrincipal
                             Ci.nsILoadInfo.SEC_NORMAL,
-                            Ci.nsIContentPolicy.TYPE_INTERNAL_IMAGE);
+                            Ci.nsIContentPolicy.TYPE_IMAGE);
   channel.asyncOpen(new streamListener("image/png"), null);
   do_test_pending();
 
   // Test that the content type of a favicon we add ends up being image/png.
   let testURI = uri("http://mozilla.org/");
   // Add the data before opening
   fs.replaceFaviconDataFromDataURL(testURI, testFaviconData,
                                    (Date.now() + 60 * 60 * 24 * 1000) * 1000);
@@ -89,12 +89,12 @@ function run_test()
   // Open the channel
   channel = ios.newChannel2(moz_anno_favicon_prefix + testURI.spec,
                             null,
                             null,
                             null,      // aLoadingNode
                             Services.scriptSecurityManager.getSystemPrincipal(),
                             null,      // aTriggeringPrincipal
                             Ci.nsILoadInfo.SEC_NORMAL,
-                            Ci.nsIContentPolicy.TYPE_INTERNAL_IMAGE);
+                            Ci.nsIContentPolicy.TYPE_IMAGE);
   channel.asyncOpen(new streamListener("image/png"), null);
   do_test_pending();
 }
--- a/toolkit/components/search/nsSearchService.js
+++ b/toolkit/components/search/nsSearchService.js
@@ -2076,17 +2076,17 @@ Engine.prototype = {
         // No use downloading the icon if the engine file is read-only
         LOG("_setIcon: Downloading icon: \"" + uri.spec +
             "\" for engine: \"" + this.name + "\"");
         var chan = NetUtil.ioService.newChannelFromURI2(uri,
                                                         null,      // aLoadingNode
                                                         Services.scriptSecurityManager.getSystemPrincipal(),
                                                         null,      // aTriggeringPrincipal
                                                         Ci.nsILoadInfo.SEC_NORMAL,
-                                                        Ci.nsIContentPolicy.TYPE_INTERNAL_IMAGE);
+                                                        Ci.nsIContentPolicy.TYPE_IMAGE);
 
         let iconLoadCallback = function (aByteArray, aEngine) {
           // This callback may run after we've already set a preferred icon,
           // so check again.
           if (aEngine._hasPreferredIcon && !aIsPreferred)
             return;
 
           if (!aByteArray || aByteArray.length > MAX_ICON_SIZE) {
--- a/toolkit/devtools/gcli/commands/screenshot.js
+++ b/toolkit/devtools/gcli/commands/screenshot.js
@@ -352,17 +352,17 @@ function saveToClipboard(context, reply)
                                .QueryInterface(Ci.nsILoadContext);
     const io = Cc["@mozilla.org/network/io-service;1"]
                   .getService(Ci.nsIIOService);
     const channel = io.newChannel2(reply.data, null, null,
                                    null,      // aLoadingNode
                                    Services.scriptSecurityManager.getSystemPrincipal(),
                                    null,      // aTriggeringPrincipal
                                    Ci.nsILoadInfo.SEC_NORMAL,
-                                   Ci.nsIContentPolicy.TYPE_INTERNAL_IMAGE);
+                                   Ci.nsIContentPolicy.TYPE_IMAGE);
     const input = channel.open();
     const imgTools = Cc["@mozilla.org/image/tools;1"]
                         .getService(Ci.imgITools);
 
     const container = {};
     imgTools.decodeImageData(input, channel.contentType, container);
 
     const wrapped = Cc["@mozilla.org/supports-interface-pointer;1"]
--- a/toolkit/devtools/server/actors/styleeditor.js
+++ b/toolkit/devtools/server/actors/styleeditor.js
@@ -450,17 +450,17 @@ var OldStyleSheetActor = protocol.ActorC
     if (!this.href) {
       // this is an inline <style> sheet
       let content = this.rawSheet.ownerNode.textContent;
       this.text = content;
       return promise.resolve(content);
     }
 
     let options = {
-      policy: Ci.nsIContentPolicy.TYPE_INTERNAL_STYLESHEET,
+      policy: Ci.nsIContentPolicy.TYPE_STYLESHEET,
       window: this.window,
       charset: this._getCSSCharset()
     };
 
     return fetch(this.href, options).then(({ content }) => {
       this.text = content;
       return content;
     });
--- a/toolkit/devtools/server/actors/stylesheets.js
+++ b/toolkit/devtools/server/actors/stylesheets.js
@@ -601,17 +601,17 @@ var StyleSheetActor = protocol.ActorClas
       // this is an inline <style> sheet
       let content = this.ownerNode.textContent;
       this.text = content;
       return promise.resolve(content);
     }
 
     let options = {
       loadFromCache: true,
-      policy: Ci.nsIContentPolicy.TYPE_INTERNAL_STYLESHEET,
+      policy: Ci.nsIContentPolicy.TYPE_STYLESHEET,
       window: this.window,
       charset: this._getCSSCharset()
     };
 
     return fetch(this.href, options).then(({ content }) => {
       this.text = content;
       return content;
     });
@@ -687,17 +687,17 @@ var StyleSheetActor = protocol.ActorClas
         // no source map for this stylesheet
         deferred.resolve(null);
         return;
       };
 
       url = normalize(url, this.href);
       let options = {
         loadFromCache: false,
-        policy: Ci.nsIContentPolicy.TYPE_INTERNAL_STYLESHEET,
+        policy: Ci.nsIContentPolicy.TYPE_STYLESHEET,
         window: this.window
       };
       let map = fetch(url, options)
         .then(({content}) => {
           let map = new SourceMapConsumer(content);
           this._setSourceMapRoot(map, url, this.href);
           this._sourceMap = promise.resolve(map);
 
@@ -1015,17 +1015,17 @@ var OriginalSourceActor = protocol.Actor
       return promise.resolve(this.text);
     }
     let content = this.sourceMap.sourceContentFor(this.url);
     if (content) {
       this.text = content;
       return promise.resolve(content);
     }
     let options = {
-      policy: Ci.nsIContentPolicy.TYPE_INTERNAL_STYLESHEET,
+      policy: Ci.nsIContentPolicy.TYPE_STYLESHEET,
       window: this.window
     };
     return fetch(this.url, options).then(({content}) => {
       this.text = content;
       return content;
     });
   },
 
--- a/toolkit/mozapps/extensions/internal/LightweightThemeImageOptimizer.jsm
+++ b/toolkit/mozapps/extensions/internal/LightweightThemeImageOptimizer.jsm
@@ -114,17 +114,17 @@ var ImageCropper = {
   }
 };
 
 var ImageFile = {
   read: function ImageFile_read(aURI, aCallback) {
     this._netUtil.asyncFetch({
       uri: aURI,
       loadUsingSystemPrincipal: true,
-      contentPolicyType: Ci.nsIContentPolicy.TYPE_INTERNAL_IMAGE
+      contentPolicyType: Ci.nsIContentPolicy.TYPE_IMAGE
     }, function read_asyncFetch(aInputStream, aStatus, aRequest) {
         if (Components.isSuccessCode(aStatus) && aRequest instanceof Ci.nsIChannel) {
           let channel = aRequest.QueryInterface(Ci.nsIChannel);
           aCallback(aInputStream, channel.contentType);
         } else {
           aCallback();
         }
       });
--- a/toolkit/webapps/NativeApp.jsm
+++ b/toolkit/webapps/NativeApp.jsm
@@ -459,17 +459,17 @@ function downloadIcon(aIconURI) {
     let principal =
       aIconURI.schemeIs("chrome") ?
         Services.scriptSecurityManager.getSystemPrincipal() :
         Services.scriptSecurityManager.createCodebasePrincipal(aIconURI, {});
 
     let channel = NetUtil.newChannel({
       uri: aIconURI,
       loadingPrincipal: principal,
-      contentPolicyType: Ci.nsIContentPolicy.TYPE_INTERNAL_IMAGE});
+      contentPolicyType: Ci.nsIContentPolicy.TYPE_IMAGE});
     let { BadCertHandler } = Cu.import("resource://gre/modules/CertUtils.jsm", {});
     // Pass true to avoid optional redirect-cert-checking behavior.
     channel.notificationCallbacks = new BadCertHandler(true);
 
     channel.asyncOpen(listener, null);
   } catch(e) {
     deferred.reject("Failure initiating download of icon: " + e);
   }
--- a/widget/cocoa/OSXNotificationCenter.mm
+++ b/widget/cocoa/OSXNotificationCenter.mm
@@ -245,17 +245,17 @@ OSXNotificationCenter::ShowAlertNotifica
       NS_NewURI(getter_AddRefs(imageUri), aImageUrl);
       if (imageUri) {
         nsresult rv = il->LoadImage(imageUri, nullptr, nullptr,
                                     mozilla::net::RP_Default,
                                     aPrincipal, nullptr,
                                     this, nullptr,
                                     aInPrivateBrowsing ? nsIRequest::LOAD_ANONYMOUS :
                                                          nsIRequest::LOAD_NORMAL,
-                                    nullptr, nsIContentPolicy::TYPE_INTERNAL_IMAGE,
+                                    nullptr, nsIContentPolicy::TYPE_IMAGE,
                                     EmptyString(),
                                     getter_AddRefs(osxni->mIconRequest));
         if (NS_SUCCEEDED(rv)) {
           // Set a timer for six seconds. If we don't have an icon by the time this
           // goes off then we go ahead without an icon.
           nsCOMPtr<nsITimer> timer = do_CreateInstance(NS_TIMER_CONTRACTID);
           osxni->mIconTimeoutTimer = timer;
           timer->InitWithCallback(this, 6000, nsITimer::TYPE_ONE_SHOT);
--- a/widget/cocoa/nsMenuItemIconX.mm
+++ b/widget/cocoa/nsMenuItemIconX.mm
@@ -305,17 +305,17 @@ nsMenuItemIconX::LoadIcon(nsIURI* aIconU
     if (mNativeMenuItem)
       [mNativeMenuItem setImage:sPlaceholderIconImage];
   }
 
   nsresult rv = loader->LoadImage(aIconURI, nullptr, nullptr,
                                   mozilla::net::RP_Default,
                                   nullptr, loadGroup, this,
                                   nullptr, nsIRequest::LOAD_NORMAL, nullptr,
-                                  nsIContentPolicy::TYPE_INTERNAL_IMAGE, EmptyString(),
+                                  nsIContentPolicy::TYPE_IMAGE, EmptyString(),
                                   getter_AddRefs(mIconRequest));
   if (NS_FAILED(rv)) return rv;
 
   return NS_OK;
 
   NS_OBJC_END_TRY_ABORT_BLOCK_NSRESULT;
 }
 
--- a/widget/windows/WinUtils.cpp
+++ b/widget/windows/WinUtils.cpp
@@ -1103,17 +1103,17 @@ nsresult AsyncFaviconDataReady::OnFavico
     return rv;
   }
  
   nsCOMPtr<nsIChannel> channel;
   rv = NS_NewChannel(getter_AddRefs(channel),
                      mozIconURI,
                      nsContentUtils::GetSystemPrincipal(),
                      nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL,
-                     nsIContentPolicy::TYPE_INTERNAL_IMAGE);
+                     nsIContentPolicy::TYPE_IMAGE);
 
   NS_ENSURE_SUCCESS(rv, rv);
 
   nsCOMPtr<nsIDownloadObserver> downloadObserver = new myDownloadObserver;
   nsCOMPtr<nsIStreamListener> listener;
   rv = NS_NewDownloader(getter_AddRefs(listener), downloadObserver, icoFile);
   NS_ENSURE_SUCCESS(rv, rv);