Bug 1128798 - [e10s] Make a version of nsIContentPolicy that doesn't pass the node as a parameter (r=mrbkap,tanvi,ckerschb)
authorBill McCloskey <wmccloskey@mozilla.com>
Fri, 20 Feb 2015 08:54:12 -0800
changeset 230001 9ba87714f5cfda74e6dd2eb8fd73678429a9b3e6
parent 230000 bc5168c2922d017babf46cab931dc7f8ad7c82c6
child 230002 0645b0eeb7202ee9e3aa0a0fe90b2affabbc79bc
push id28305
push userkwierso@gmail.com
push dateSat, 21 Feb 2015 01:57:46 +0000
treeherdermozilla-central@56efbd155062 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmrbkap, tanvi, ckerschb
bugs1128798
milestone38.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1128798 - [e10s] Make a version of nsIContentPolicy that doesn't pass the node as a parameter (r=mrbkap,tanvi,ckerschb)
dom/base/moz.build
dom/base/nsContentPolicy.cpp
dom/base/nsContentPolicy.h
dom/base/nsContentPolicyUtils.h
dom/base/nsIContentPolicy.idl
dom/base/nsIContentPolicyBase.idl
dom/base/nsISimpleContentPolicy.idl
dom/base/test/file_simplecontentpolicy.js
dom/base/test/mochitest.ini
dom/base/test/test_simplecontentpolicy.html
testing/specialpowers/content/SpecialPowersObserverAPI.js
--- a/dom/base/moz.build
+++ b/dom/base/moz.build
@@ -4,16 +4,17 @@
 # License, v. 2.0. If a copy of the MPL was not distributed with this
 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
 
 TEST_DIRS += ['test']
 
 XPIDL_SOURCES += [
     'nsIConsoleAPIStorage.idl',
     'nsIContentPolicy.idl',
+    'nsIContentPolicyBase.idl',
     'nsIDocumentEncoder.idl',
     'nsIDOMDataChannel.idl',
     'nsIDOMDOMCursor.idl',
     'nsIDOMDOMRequest.idl',
     'nsIDOMFile.idl',
     'nsIDOMFileList.idl',
     'nsIDOMFileReader.idl',
     'nsIDOMFormData.idl',
@@ -27,16 +28,17 @@ XPIDL_SOURCES += [
     'nsIObjectLoadingContent.idl',
     'nsIScriptChannel.idl',
     'nsIScriptLoaderObserver.idl',
     'nsISelection.idl',
     'nsISelectionController.idl',
     'nsISelectionDisplay.idl',
     'nsISelectionListener.idl',
     'nsISelectionPrivate.idl',
+    'nsISimpleContentPolicy.idl',
     'nsISiteSpecificUserAgent.idl',
     'nsISlowScriptDebug.idl',
     'nsIXMLHttpRequest.idl',
 ]
 
 XPIDL_MODULE = 'dom'
 
 EXPORTS += [
--- a/dom/base/nsContentPolicy.cpp
+++ b/dom/base/nsContentPolicy.cpp
@@ -33,16 +33,17 @@ NS_NewContentPolicy(nsIContentPolicy **a
   if (!*aResult)
       return NS_ERROR_OUT_OF_MEMORY;
   NS_ADDREF(*aResult);
   return NS_OK;
 }
 
 nsContentPolicy::nsContentPolicy()
     : mPolicies(NS_CONTENTPOLICY_CATEGORY)
+    , mSimplePolicies(NS_SIMPLECONTENTPOLICY_CATEGORY)
 {
 #ifdef PR_LOGGING
     if (! gConPolLog) {
         gConPolLog = PR_NewLogModule("nsContentPolicy");
     }
 #endif
 }
 
@@ -65,16 +66,17 @@ nsContentPolicy::~nsContentPolicy()
 #else  // ! defined(DEBUG)
 
 #define WARN_IF_URI_UNINITIALIZED(uri,name)
 
 #endif // defined(DEBUG)
 
 inline nsresult
 nsContentPolicy::CheckPolicy(CPMethod          policyMethod,
+                             SCPMethod         simplePolicyMethod,
                              uint32_t          contentType,
                              nsIURI           *contentLocation,
                              nsIURI           *requestingLocation,
                              nsISupports      *requestingContext,
                              const nsACString &mimeType,
                              nsISupports      *extra,
                              nsIPrincipal     *requestPrincipal,
                              int16_t           *decision)
@@ -128,16 +130,63 @@ nsContentPolicy::CheckPolicy(CPMethod   
                                          decision);
 
         if (NS_SUCCEEDED(rv) && NS_CP_REJECTED(*decision)) {
             /* policy says no, no point continuing to check */
             return NS_OK;
         }
     }
 
+    nsCOMPtr<nsIDOMElement> topFrameElement;
+    bool isTopLevel = true;
+    nsCOMPtr<nsPIDOMWindow> window;
+    if (nsCOMPtr<nsINode> node = do_QueryInterface(requestingContext)) {
+        window = node->OwnerDoc()->GetWindow();
+    } else {
+        window = do_QueryInterface(requestingContext);
+    }
+
+    if (window) {
+        nsCOMPtr<nsIDocShell> docShell = window->GetDocShell();
+        nsCOMPtr<nsILoadContext> loadContext = do_QueryInterface(docShell);
+        loadContext->GetTopFrameElement(getter_AddRefs(topFrameElement));
+
+        MOZ_ASSERT(window->IsOuterWindow());
+
+        if (topFrameElement) {
+            nsCOMPtr<nsIDOMWindow> topWindow;
+            window->GetScriptableTop(getter_AddRefs(topWindow));
+            isTopLevel = topWindow == static_cast<nsIDOMWindow*>(window);
+        } else {
+            // If we don't have a top frame element, then requestingContext is
+            // part of the top-level XUL document. Presumably it's the <browser>
+            // element that content is being loaded into, so we call it the
+            // topFrameElement.
+            topFrameElement = do_QueryInterface(requestingContext);
+            isTopLevel = true;
+        }
+    }
+
+    nsCOMArray<nsISimpleContentPolicy> simpleEntries;
+    mSimplePolicies.GetEntries(simpleEntries);
+    count = simpleEntries.Count();
+    for (int32_t i = 0; i < count; i++) {
+        /* check the appropriate policy */
+        rv = (simpleEntries[i]->*simplePolicyMethod)(contentType, contentLocation,
+                                                     requestingLocation,
+                                                     topFrameElement, isTopLevel,
+                                                     mimeType, extra, requestPrincipal,
+                                                     decision);
+
+        if (NS_SUCCEEDED(rv) && NS_CP_REJECTED(*decision)) {
+            /* policy says no, no point continuing to check */
+            return NS_OK;
+        }
+    }
+
     // everyone returned failure, or no policies: sanitize result
     *decision = nsIContentPolicy::ACCEPT;
     return NS_OK;
 }
 
 #ifdef PR_LOGGING
 
 //uses the parameters from ShouldXYZ to produce and log a message
@@ -180,17 +229,19 @@ nsContentPolicy::ShouldLoad(uint32_t    
                             nsISupports      *requestingContext,
                             const nsACString &mimeType,
                             nsISupports      *extra,
                             nsIPrincipal     *requestPrincipal,
                             int16_t          *decision)
 {
     // ShouldProcess does not need a content location, but we do
     NS_PRECONDITION(contentLocation, "Must provide request location");
-    nsresult rv = CheckPolicy(&nsIContentPolicy::ShouldLoad, contentType,
+    nsresult rv = CheckPolicy(&nsIContentPolicy::ShouldLoad,
+                              &nsISimpleContentPolicy::ShouldLoad,
+                              contentType,
                               contentLocation, requestingLocation,
                               requestingContext, mimeType, extra,
                               requestPrincipal, decision);
     LOG_CHECK("ShouldLoad");
 
     return rv;
 }
 
@@ -199,16 +250,18 @@ nsContentPolicy::ShouldProcess(uint32_t 
                                nsIURI           *contentLocation,
                                nsIURI           *requestingLocation,
                                nsISupports      *requestingContext,
                                const nsACString &mimeType,
                                nsISupports      *extra,
                                nsIPrincipal     *requestPrincipal,
                                int16_t          *decision)
 {
-    nsresult rv = CheckPolicy(&nsIContentPolicy::ShouldProcess, contentType,
+    nsresult rv = CheckPolicy(&nsIContentPolicy::ShouldProcess,
+                              &nsISimpleContentPolicy::ShouldProcess,
+                              contentType,
                               contentLocation, requestingLocation,
                               requestingContext, mimeType, extra,
                               requestPrincipal, decision);
     LOG_CHECK("ShouldProcess");
 
     return rv;
 }
--- a/dom/base/nsContentPolicy.h
+++ b/dom/base/nsContentPolicy.h
@@ -3,16 +3,17 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #ifndef __nsContentPolicy_h__
 #define __nsContentPolicy_h__
 
 #include "nsIContentPolicy.h"
+#include "nsISimpleContentPolicy.h"
 #include "nsCategoryCache.h"
 
 /* 
  * Implementation of the "@mozilla.org/layout/content-policy;1" contract.
  */
 
 class nsContentPolicy : public nsIContentPolicy
 {
@@ -23,28 +24,37 @@ class nsContentPolicy : public nsIConten
     nsContentPolicy();
 
  protected:
     virtual ~nsContentPolicy();
 
  private:
     //Array of policies
     nsCategoryCache<nsIContentPolicy> mPolicies;
+    nsCategoryCache<nsISimpleContentPolicy> mSimplePolicies;
 
     //Helper type for CheckPolicy
     typedef
     NS_STDCALL_FUNCPROTO(nsresult, CPMethod, nsIContentPolicy,
                          ShouldProcess,
                          (uint32_t, nsIURI*, nsIURI*, nsISupports*,
                            const nsACString &, nsISupports*, nsIPrincipal*,
                            int16_t*));
 
+    typedef
+    NS_STDCALL_FUNCPROTO(nsresult, SCPMethod, nsISimpleContentPolicy,
+                         ShouldProcess,
+                         (uint32_t, nsIURI*, nsIURI*, nsIDOMElement*, bool,
+                           const nsACString &, nsISupports*, nsIPrincipal*,
+                           int16_t*));
+
     //Helper method that applies policyMethod across all policies in mPolicies
     // with the given parameters
-    nsresult CheckPolicy(CPMethod policyMethod, uint32_t contentType,
+    nsresult CheckPolicy(CPMethod policyMethod, SCPMethod simplePolicyMethod,
+                         uint32_t contentType,
                          nsIURI *aURI, nsIURI *origURI,
                          nsISupports *requestingContext,
                          const nsACString &mimeGuess, nsISupports *extra,
                          nsIPrincipal *requestPrincipal,
                          int16_t *decision);
 };
 
 nsresult
--- a/dom/base/nsContentPolicyUtils.h
+++ b/dom/base/nsContentPolicyUtils.h
@@ -24,16 +24,17 @@
 #include "nsIDocument.h"
 #include "nsPIDOMWindow.h"
 
 class nsACString;
 class nsIPrincipal;
 
 #define NS_CONTENTPOLICY_CONTRACTID   "@mozilla.org/layout/content-policy;1"
 #define NS_CONTENTPOLICY_CATEGORY "content-policy"
+#define NS_SIMPLECONTENTPOLICY_CATEGORY "simple-content-policy"
 #define NS_CONTENTPOLICY_CID                              \
   {0x0e3afd3d, 0xeb60, 0x4c2b,                            \
      { 0x96, 0x3b, 0x56, 0xd7, 0xc4, 0x39, 0xf1, 0x24 }}
 
 /**
  * Evaluates to true if val is ACCEPT.
  *
  * @param val the status returned from shouldProcess/shouldLoad
--- a/dom/base/nsIContentPolicy.idl
+++ b/dom/base/nsIContentPolicy.idl
@@ -1,234 +1,34 @@
 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
 /* vim: set ft=cpp tw=78 sw=2 et ts=8 : */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "nsISupports.idl"
+#include "nsIContentPolicyBase.idl"
 
 interface nsIURI;
 interface nsIDOMNode;
 interface nsIPrincipal;
 
 /**
- * The type of nsIContentPolicy::TYPE_*
- */
-typedef unsigned long nsContentPolicyType;
-
-/**
  * Interface for content policy mechanism.  Implementations of this
  * interface can be used to control loading of various types of out-of-line
  * content, or processing of certain types of in-line content.
  *
  * WARNING: do not block the caller from shouldLoad or shouldProcess (e.g.,
  * by launching a dialog to prompt the user for something).
  */
 
-[scriptable,uuid(94513f07-d559-480e-8879-6249852365ea)]
-interface nsIContentPolicy : nsISupports
+[scriptable,uuid(447a2300-ab3c-11e4-bcd8-0800200c9a66)]
+interface nsIContentPolicy : nsIContentPolicyBase
 {
   /**
-   * Indicates a unset or bogus policy type.
-   */
-  const nsContentPolicyType TYPE_INVALID = 0;
-
-  /**
-   * Gecko/Firefox developers: Avoid using TYPE_OTHER. Especially for
-   * requests that are coming from webpages. Or requests in general which
-   * you expect that security checks will be done on.
-   * Always use a more specific type if one is available. And do not hesitate
-   * to add more types as appropriate.
-   * But if you are fairly sure that no one would care about your more specific
-   * type, then it's ok to use TYPE_OTHER.
-   *
-   * Extension developers: Whenever it is reasonable, use one of the existing
-   * content types. If none of the existing content types are right for
-   * something you are doing, file a bug in the Core/DOM component that
-   * includes a patch that adds your new content type to the end of the list of
-   * TYPE_* constants here. But, don't start using your new content type until
-   * your patch has been accepted, because it will be uncertain what exact
-   * value and name your new content type will have; in that interim period,
-   * use TYPE_OTHER. In your patch, document your new content type in the style
-   * of the existing ones. In the bug you file, provide a more detailed
-   * description of the new type of content you want Gecko to support, so that
-   * the existing implementations of nsIContentPolicy can be properly modified
-   * to deal with that new type of content.
-   *
-   * Implementations of nsIContentPolicy should treat this the same way they
-   * treat unknown types, because existing users of TYPE_OTHER may be converted
-   * to use new content types.
-   */
-  const nsContentPolicyType TYPE_OTHER = 1;
-
-  /**
-   * Indicates an executable script (such as JavaScript).
-   */
-  const nsContentPolicyType TYPE_SCRIPT = 2;
-
-  /**
-   * Indicates an image (e.g., IMG elements).
-   */
-  const nsContentPolicyType TYPE_IMAGE = 3;
-
-  /**
-   * Indicates a stylesheet (e.g., STYLE elements).
-   */
-  const nsContentPolicyType TYPE_STYLESHEET = 4;
-
-  /**
-   * Indicates a generic object (plugin-handled content typically falls under
-   * this category).
-   */
-  const nsContentPolicyType TYPE_OBJECT = 5;
-
-  /**
-   * Indicates a document at the top-level (i.e., in a browser).
-   */
-  const nsContentPolicyType TYPE_DOCUMENT = 6;
-
-  /**
-   * Indicates a document contained within another document (e.g., IFRAMEs,
-   * FRAMES, and OBJECTs).
-   */
-  const nsContentPolicyType TYPE_SUBDOCUMENT = 7;
-
-  /**
-   * Indicates a timed refresh.
-   *
-   * shouldLoad will never get this, because it does not represent content
-   * to be loaded (the actual load triggered by the refresh will go through
-   * shouldLoad as expected).
-   *
-   * shouldProcess will get this for, e.g., META Refresh elements and HTTP
-   * Refresh headers.
-   */
-  const nsContentPolicyType TYPE_REFRESH = 8;
-
-  /**
-   * Indicates an XBL binding request, triggered either by -moz-binding CSS
-   * property.
-   */
-  const nsContentPolicyType TYPE_XBL = 9;
-
-  /**
-   * Indicates a ping triggered by a click on <A PING="..."> element.
-   */
-  const nsContentPolicyType TYPE_PING = 10;
-
-  /**
-   * Indicates an XMLHttpRequest. Also used for document.load and for EventSource.
-   */
-  const nsContentPolicyType TYPE_XMLHTTPREQUEST = 11;
-  const nsContentPolicyType TYPE_DATAREQUEST    = 11; // alias
-
-  /**
-   * Indicates a request by a plugin.
-   */
-  const nsContentPolicyType TYPE_OBJECT_SUBREQUEST = 12;
-
-  /**
-   * Indicates a DTD loaded by an XML document.
-   */
-  const nsContentPolicyType TYPE_DTD = 13;
-
-  /**
-   * Indicates a font loaded via @font-face rule.
-   */
-  const nsContentPolicyType TYPE_FONT = 14;
-
-  /**
-   * Indicates a video or audio load.
-   */
-  const nsContentPolicyType TYPE_MEDIA = 15;
-
-  /**
-   * Indicates a WebSocket load.
-   */
-  const nsContentPolicyType TYPE_WEBSOCKET = 16;
-
-  /**
-   * Indicates a Content Security Policy report.
-   */
-  const nsContentPolicyType TYPE_CSP_REPORT = 17;
-
-  /**
-   * Indicates a style sheet transformation.
-   */
-  const nsContentPolicyType TYPE_XSLT = 18;
-
-  /**
-   * Indicates a beacon post.
-   */
-  const nsContentPolicyType TYPE_BEACON = 19;
-
-  /**
-   * Indicates a load initiated by the fetch() function from the Fetch
-   * specification.
-   */
-  const nsContentPolicyType TYPE_FETCH = 20;
-
-  /**
-   * Indicates a <img srcset> or <picture> request.
-   */
-  const nsContentPolicyType TYPE_IMAGESET = 21;
-
-  /* When adding new content types, please update nsContentBlocker,
-   * NS_CP_ContentTypeName, nsCSPContext, all nsIContentPolicy
-   * implementations, and other things that are not listed here that are
-   * related to nsIContentPolicy. */
-
-  //////////////////////////////////////////////////////////////////////
-
-  /**
-   * Returned from shouldLoad or shouldProcess if the load or process request
-   * is rejected based on details of the request.
-   */
-  const short REJECT_REQUEST = -1;
-
-  /**
-   * Returned from shouldLoad or shouldProcess if the load/process is rejected
-   * based solely on its type (of the above flags).
-   *
-   * NOTE that it is not meant to stop future requests for this type--only the
-   * current request.
-   */
-  const short REJECT_TYPE = -2;
-
-  /**
-   * Returned from shouldLoad or shouldProcess if the load/process is rejected
-   * based on the server it is hosted on or requested from (aContentLocation or
-   * aRequestOrigin), e.g., if you block an IMAGE because it is served from
-   * goatse.cx (even if you don't necessarily block other types from that
-   * server/domain).
-   *
-   * NOTE that it is not meant to stop future requests for this server--only the
-   * current request.
-   */
-  const short REJECT_SERVER = -3;
-
-  /**
-   * Returned from shouldLoad or shouldProcess if the load/process is rejected
-   * based on some other criteria. Mozilla callers will handle this like
-   * REJECT_REQUEST; third-party implementors may, for example, use this to
-   * direct their own callers to consult the extra parameter for additional
-   * details.
-   */
-  const short REJECT_OTHER = -4;
-
-  /**
-   * Returned from shouldLoad or shouldProcess if the load or process request
-   * is not rejected.
-   */
-  const short ACCEPT = 1;
-
-  //////////////////////////////////////////////////////////////////////
-
-  /**
    * Should the resource at this location be loaded?
    * ShouldLoad will be called before loading the resource at aContentLocation
    * to determine whether to start the load at all.
    *
    * @param aContentType      the type of content being tested. This will be one
    *                          one of the TYPE_* constants.
    *
    * @param aContentLocation  the location of the content being checked; must
@@ -323,10 +123,9 @@ interface nsIContentPolicy : nsISupports
    */
   short shouldProcess(in nsContentPolicyType aContentType,
                       in nsIURI        aContentLocation,
                       in nsIURI        aRequestOrigin,
                       in nsISupports   aContext,
                       in ACString      aMimeType,
                       in nsISupports   aExtra,
                       [optional] in nsIPrincipal  aRequestPrincipal);
-
 };
copy from dom/base/nsIContentPolicy.idl
copy to dom/base/nsIContentPolicyBase.idl
--- a/dom/base/nsIContentPolicy.idl
+++ b/dom/base/nsIContentPolicyBase.idl
@@ -19,18 +19,18 @@ typedef unsigned long nsContentPolicyTyp
  * Interface for content policy mechanism.  Implementations of this
  * interface can be used to control loading of various types of out-of-line
  * content, or processing of certain types of in-line content.
  *
  * WARNING: do not block the caller from shouldLoad or shouldProcess (e.g.,
  * by launching a dialog to prompt the user for something).
  */
 
-[scriptable,uuid(94513f07-d559-480e-8879-6249852365ea)]
-interface nsIContentPolicy : nsISupports
+[scriptable,uuid(21bb54b0-ab3c-11e4-bcd8-0800200c9a66)]
+interface nsIContentPolicyBase : nsISupports
 {
   /**
    * Indicates a unset or bogus policy type.
    */
   const nsContentPolicyType TYPE_INVALID = 0;
 
   /**
    * Gecko/Firefox developers: Avoid using TYPE_OTHER. Especially for
@@ -215,118 +215,9 @@ interface nsIContentPolicy : nsISupports
    */
   const short REJECT_OTHER = -4;
 
   /**
    * Returned from shouldLoad or shouldProcess if the load or process request
    * is not rejected.
    */
   const short ACCEPT = 1;
-
-  //////////////////////////////////////////////////////////////////////
-
-  /**
-   * Should the resource at this location be loaded?
-   * ShouldLoad will be called before loading the resource at aContentLocation
-   * to determine whether to start the load at all.
-   *
-   * @param aContentType      the type of content being tested. This will be one
-   *                          one of the TYPE_* constants.
-   *
-   * @param aContentLocation  the location of the content being checked; must
-   *                          not be null
-   *
-   * @param aRequestOrigin    OPTIONAL. the location of the resource that
-   *                          initiated this load request; can be null if
-   *                          inapplicable
-   *
-   * @param aContext          OPTIONAL. the nsIDOMNode or nsIDOMWindow that
-   *                          initiated the request, or something that can QI
-   *                          to one of those; can be null if inapplicable.
-   *                          Note that for navigation events (new windows and
-   *                          link clicks), this is the NEW window.
-   *
-   * @param aMimeTypeGuess    OPTIONAL. a guess for the requested content's
-   *                          MIME type, based on information available to
-   *                          the request initiator (e.g., an OBJECT's type
-   *                          attribute); does not reliably reflect the
-   *                          actual MIME type of the requested content
-   *
-   * @param aExtra            an OPTIONAL argument, pass-through for non-Gecko
-   *                          callers to pass extra data to callees.
-   *
-   * @param aRequestPrincipal an OPTIONAL argument, defines the principal that
-   *                          caused the load. This is optional only for
-   *                          non-gecko code: all gecko code should set this
-   *                          argument.  For navigation events, this is
-   *                          the principal of the page that caused this load.
-   *
-   * @return ACCEPT or REJECT_*
-   *
-   * @note shouldLoad can be called while the DOM and layout of the document
-   * involved is in an inconsistent state.  This means that implementors of
-   * this method MUST NOT do any of the following:
-   * 1)  Modify the DOM in any way (e.g. setting attributes is a no-no).
-   * 2)  Query any DOM properties that depend on layout (e.g. offset*
-   *     properties).
-   * 3)  Query any DOM properties that depend on style (e.g. computed style).
-   * 4)  Query any DOM properties that depend on the current state of the DOM
-   *     outside the "context" node (e.g. lengths of node lists).
-   * 5)  [JavaScript implementations only] Access properties of any sort on any
-   *     object without using XPCNativeWrapper (either explicitly or
-   *     implicitly).  Due to various DOM0 things, this leads to item 4.
-   * If you do any of these things in your shouldLoad implementation, expect
-   * unpredictable behavior, possibly including crashes, content not showing
-   * up, content showing up doubled, etc.  If you need to do any of the things
-   * above, do them off timeout or event.
-   */
-  short shouldLoad(in nsContentPolicyType aContentType,
-                   in nsIURI        aContentLocation,
-                   in nsIURI        aRequestOrigin,
-                   in nsISupports   aContext,
-                   in ACString      aMimeTypeGuess,
-                   in nsISupports   aExtra,
-                   [optional] in nsIPrincipal  aRequestPrincipal);
-
-  /**
-   * Should the resource be processed?
-   * ShouldProcess will be called once all the information passed to it has
-   * been determined about the resource, typically after part of the resource
-   * has been loaded.
-   *
-   * @param aContentType      the type of content being tested. This will be one
-   *                          one of the TYPE_* constants.
-   *
-   * @param aContentLocation  OPTIONAL; the location of the resource being
-   *                          requested: MAY be, e.g., a post-redirection URI
-   *                          for the resource.
-   *
-   * @param aRequestOrigin    OPTIONAL. the location of the resource that
-   *                          initiated this load request; can be null if
-   *                          inapplicable
-   *
-   * @param aContext          OPTIONAL. the nsIDOMNode or nsIDOMWindow that
-   *                          initiated the request, or something that can QI
-   *                          to one of those; can be null if inapplicable.
-   *
-   * @param aMimeType         the MIME type of the requested resource (e.g.,
-   *                          image/png), as reported by the networking library,
-   *                          if available (may be empty if inappropriate for
-   *                          the type, e.g., TYPE_REFRESH).
-   *
-   * @param aExtra            an OPTIONAL argument, pass-through for non-Gecko
-   *                          callers to pass extra data to callees.
-   *
-   * @return ACCEPT or REJECT_*
-   *
-   * @note shouldProcess can be called while the DOM and layout of the document
-   * involved is in an inconsistent state.  See the note on shouldLoad to see
-   * what this means for implementors of this method.
-   */
-  short shouldProcess(in nsContentPolicyType aContentType,
-                      in nsIURI        aContentLocation,
-                      in nsIURI        aRequestOrigin,
-                      in nsISupports   aContext,
-                      in ACString      aMimeType,
-                      in nsISupports   aExtra,
-                      [optional] in nsIPrincipal  aRequestPrincipal);
-
 };
new file mode 100644
--- /dev/null
+++ b/dom/base/nsISimpleContentPolicy.idl
@@ -0,0 +1,147 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ft=cpp tw=78 sw=2 et ts=8 : */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "nsISupports.idl"
+#include "nsIContentPolicyBase.idl"
+
+interface nsIURI;
+interface nsIDOMNode;
+interface nsIPrincipal;
+interface nsIDOMElement;
+
+/**
+ * Interface for content policy mechanism.  Implementations of this
+ * interface can be used to control loading of various types of out-of-line
+ * content, or processing of certain types of in-line content.
+ *
+ * This interface differs from nsIContentPolicy in that it offers less control
+ * (the DOM node doing the load is not provided) but more flexibility for
+ * Gecko. In particular, this interface allows an add-on in the chrome process
+ * to block loads without using cross-process wrappers (CPOWs). Add-ons should
+ * prefer this interface to nsIContentPolicy because it should be faster in
+ * e10s. In the future, it may also be run asynchronously.
+ *
+ * WARNING: do not block the caller from shouldLoad or shouldProcess (e.g.,
+ * by launching a dialog to prompt the user for something).
+ */
+
+[scriptable,uuid(83d93c70-ab46-11e4-bcd8-0800200c9a66)]
+interface nsISimpleContentPolicy : nsIContentPolicyBase
+{
+  /**
+   * Should the resource at this location be loaded?
+   * ShouldLoad will be called before loading the resource at aContentLocation
+   * to determine whether to start the load at all.
+   *
+   * @param aContentType      the type of content being tested. This will be one
+   *                          one of the TYPE_* constants.
+   *
+   * @param aContentLocation  the location of the content being checked; must
+   *                          not be null
+   *
+   * @param aRequestOrigin    OPTIONAL. the location of the resource that
+   *                          initiated this load request; can be null if
+   *                          inapplicable
+   *
+   * @param aTopFrameElement  OPTIONAL. The top frame element (typically a
+   *                          <xul:browser> element) that initiated the
+   *                          request. In a content process, this argument
+   *                          will be null.
+   *
+   * @param aIsTopLevel       OPTIONAL. True iff the request was initiated
+   *                          from a frame where |window.top === window|.
+   *
+   * @param aMimeTypeGuess    OPTIONAL. a guess for the requested content's
+   *                          MIME type, based on information available to
+   *                          the request initiator (e.g., an OBJECT's type
+   *                          attribute); does not reliably reflect the
+   *                          actual MIME type of the requested content
+   *
+   * @param aExtra            an OPTIONAL argument, pass-through for non-Gecko
+   *                          callers to pass extra data to callees.
+   *
+   * @param aRequestPrincipal an OPTIONAL argument, defines the principal that
+   *                          caused the load. This is optional only for
+   *                          non-gecko code: all gecko code should set this
+   *                          argument.  For navigation events, this is
+   *                          the principal of the page that caused this load.
+   *
+   * @return ACCEPT or REJECT_*
+   *
+   * @note shouldLoad can be called while the DOM and layout of the document
+   * involved is in an inconsistent state.  This means that implementors of
+   * this method MUST NOT do any of the following:
+   * 1)  Modify the DOM in any way (e.g. setting attributes is a no-no).
+   * 2)  Query any DOM properties that depend on layout (e.g. offset*
+   *     properties).
+   * 3)  Query any DOM properties that depend on style (e.g. computed style).
+   * 4)  Query any DOM properties that depend on the current state of the DOM
+   *     outside the "context" node (e.g. lengths of node lists).
+   * 5)  [JavaScript implementations only] Access properties of any sort on any
+   *     object without using XPCNativeWrapper (either explicitly or
+   *     implicitly).  Due to various DOM0 things, this leads to item 4.
+   * If you do any of these things in your shouldLoad implementation, expect
+   * unpredictable behavior, possibly including crashes, content not showing
+   * up, content showing up doubled, etc.  If you need to do any of the things
+   * above, do them off timeout or event.
+   */
+  short shouldLoad(in nsContentPolicyType aContentType,
+                   in nsIURI        aContentLocation,
+                   in nsIURI        aRequestOrigin,
+                   in nsIDOMElement aTopFrameElement,
+                   in boolean       aIsTopLevel,
+                   in ACString      aMimeTypeGuess,
+                   in nsISupports   aExtra,
+                   in nsIPrincipal  aRequestPrincipal);
+
+  /**
+   * Should the resource be processed?
+   * ShouldProcess will be called once all the information passed to it has
+   * been determined about the resource, typically after part of the resource
+   * has been loaded.
+   *
+   * @param aContentType      the type of content being tested. This will be one
+   *                          one of the TYPE_* constants.
+   *
+   * @param aContentLocation  OPTIONAL; the location of the resource being
+   *                          requested: MAY be, e.g., a post-redirection URI
+   *                          for the resource.
+   *
+   * @param aRequestOrigin    OPTIONAL. the location of the resource that
+   *                          initiated this load request; can be null if
+   *                          inapplicable
+   *
+   * @param aTopFrameElement  OPTIONAL. The top frame element (typically a
+   *                          <xul:browser> element) that initiated the
+   *                          request. In a content process, this argument
+   *                          will be null.
+   *
+   * @param aIsTopLevel       OPTIONAL. True iff the request was initiated
+   *                          from a frame where |window.top === window|.
+   *
+   * @param aMimeType         the MIME type of the requested resource (e.g.,
+   *                          image/png), as reported by the networking library,
+   *                          if available (may be empty if inappropriate for
+   *                          the type, e.g., TYPE_REFRESH).
+   *
+   * @param aExtra            an OPTIONAL argument, pass-through for non-Gecko
+   *                          callers to pass extra data to callees.
+   *
+   * @return ACCEPT or REJECT_*
+   *
+   * @note shouldProcess can be called while the DOM and layout of the document
+   * involved is in an inconsistent state.  See the note on shouldLoad to see
+   * what this means for implementors of this method.
+   */
+  short shouldProcess(in nsContentPolicyType aContentType,
+                      in nsIURI        aContentLocation,
+                      in nsIURI        aRequestOrigin,
+                      in nsIDOMElement aTopFrameElement,
+                      in boolean       aIsTopLevel,
+                      in ACString      aMimeType,
+                      in nsISupports   aExtra,
+                      in nsIPrincipal  aRequestPrincipal);
+};
new file mode 100644
--- /dev/null
+++ b/dom/base/test/file_simplecontentpolicy.js
@@ -0,0 +1,73 @@
+const Ci = Components.interfaces;
+const Cc = Components.classes;
+const Cr = Components.results;
+
+Components.utils.import("resource://gre/modules/Services.jsm");
+Components.utils.import("resource://gre/modules/XPCOMUtils.jsm");
+
+function executeSoon(f)
+{
+  Services.tm.mainThread.dispatch(f, Ci.nsIThread.DISPATCH_NORMAL);
+}
+
+var urlSuffix = "/this/is/the/test/url";
+
+// Content policy / factory implementation for the test
+var policyID = Components.ID("{6aadacff-f1f2-46f4-a6db-6d429f884a30}");
+var policyName = "@mozilla.org/simpletestpolicy;1";
+var policy = {
+  // nsISupports implementation
+  QueryInterface:
+    XPCOMUtils.generateQI([
+      Ci.nsISupports,
+      Ci.nsIFactory,
+      Ci.nsISimpleContentPolicy]),
+
+  // nsIFactory implementation
+  createInstance: function(outer, iid) {
+    return this.QueryInterface(iid);
+  },
+
+  // nsIContentPolicy implementation
+  shouldLoad: function(contentType,
+                       contentLocation,
+                       requestOrigin,
+                       frame,
+                       isTopLevel,
+                       mimeTypeGuess,
+                       extra)
+  {
+    // Remember last content type seen for the test url
+    if (contentLocation.spec.endsWith(urlSuffix)) {
+      assert.ok(frame === browserElement, "correct <browser> element");
+      sendAsyncMessage("shouldLoad", {contentType: contentType, isTopLevel: isTopLevel});
+      return Ci.nsIContentPolicy.REJECT_REQUEST;
+    }
+
+    return Ci.nsIContentPolicy.ACCEPT;
+  },
+
+  shouldProcess: function() {
+    return Ci.nsIContentPolicy.ACCEPT;
+  }
+}
+
+// Register content policy
+var componentManager = Components.manager.QueryInterface(Ci.nsIComponentRegistrar);
+componentManager.registerFactory(policyID, "Test simple content policy", policyName, policy);
+
+var categoryManager = Cc["@mozilla.org/categorymanager;1"].getService(Ci.nsICategoryManager);
+categoryManager.addCategoryEntry("simple-content-policy", policyName, policyName, false, true);
+
+addMessageListener("finished", () => {
+  // Unregister content policy
+  categoryManager.deleteCategoryEntry("simple-content-policy", policyName, false);
+
+  executeSoon(function() {
+    // Component must be unregistered delayed, otherwise other content
+    // policy will not be removed from the category correctly
+    componentManager.unregisterFactory(policyID, policy);
+  });
+});
+
+sendAsyncMessage("ready");
--- a/dom/base/test/mochitest.ini
+++ b/dom/base/test/mochitest.ini
@@ -187,16 +187,17 @@ support-files =
   file_htmlserializer_ipv6.html
   file_htmlserializer_ipv6_out.html
   file_mozfiledataurl_audio.ogg
   file_mozfiledataurl_doc.html
   file_mozfiledataurl_img.jpg
   file_mozfiledataurl_inner.html
   file_mozfiledataurl_text.txt
   file_restrictedEventSource.sjs
+  file_simplecontentpolicy.js
   file_websocket_basic_wsh.py
   file_websocket_hello_wsh.py
   file_websocket_http_resource.txt
   file_websocket_permessage_deflate_wsh.py
   file_websocket_permessage_deflate_disabled_wsh.py
   file_websocket_permessage_deflate_rejected_wsh.py
   file_websocket_wsh.py
   file_x-frame-options_main.html
@@ -300,16 +301,18 @@ skip-if = buildapp == 'mulet' || buildap
 [test_open_null_features.html]
 skip-if = (buildapp == 'b2g' && toolkit != 'gonk') # Fails on b2g-desktop, tracked in bug 1011874
 [test_postMessage_solidus.html]
 [test_screen_orientation.html]
 [test_settimeout_extra_arguments.html]
 [test_settimeout_inner.html]
 [test_setting_opener.html]
 skip-if = (buildapp == 'b2g' && toolkit != 'gonk') #Bug 931116, b2g desktop specific, initial triage
+[test_simplecontentpolicy.html]
+skip-if = e10s || buildapp == 'b2g'
 [test_url.html]
 [test_url_data.html]
 [test_url_empty_port.html]
 [test_url_malformedHost.html]
 [test_urlExceptions.html]
 [test_urlSearchParams.html]
 [test_urlSearchParams_utf8.html]
 [test_urlutils_stringify.html]
new file mode 100644
--- /dev/null
+++ b/dom/base/test/test_simplecontentpolicy.html
@@ -0,0 +1,149 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <title>Test for nsISimpleContentPolicy</title>
+  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1128798">Mozilla Bug 1128798</a>
+<p id="display"></p>
+<div id="content" style="display: none">
+
+</div>
+<pre id="test">
+<script class="testbody" type="text/javascript">
+
+var lastContentType = -1;
+const testURL = window.location.href + "/this/is/the/test/url";
+const Cc = SpecialPowers.Cc;
+const Ci = SpecialPowers.Ci;
+
+var beaconUrl = "http://mochi.test:8888/tests/dom/tests/mochitest/beacon/beacon-handler.sjs";
+
+var chromeURL = SimpleTest.getTestFileURL("file_simplecontentpolicy.js");
+var script = SpecialPowers.loadChromeScript(chromeURL);
+
+// Try creating different request types. Most of these are not
+// top-level because they run in the test iframe.
+var tests = [["SCRIPT", false],
+             ["IMAGE", false],
+             ["STYLESHEET", false],
+             ["OBJECT", false],
+             ["DOCUMENT", true],
+             ["SUBDOCUMENT", false],
+             ["XBL", false],
+             ["XMLHTTPREQUEST", false],
+             ["BEACON", false]];
+var curTest = -1;
+
+var div;
+
+SimpleTest.waitForExplicitFinish();
+
+script.addMessageListener("ready", function(msg) {
+  SpecialPowers.pushPrefEnv({'set': [["beacon.enabled", true]]}, runNextTest);
+});
+
+script.addMessageListener("shouldLoad", function(msg) {
+  var isTopLevel = tests[curTest][1];
+  var type = "TYPE_" + tests[curTest][0];
+  is(msg.contentType, Ci.nsIContentPolicy[type], "Content policies triggered for " + type);
+  is(msg.isTopLevel, isTopLevel, "isTopLevel is set correctly");
+
+  if (tests[curTest] == "XBL") {
+    //XXX Removing binding to work-around a memory leak (bugs 478528, 499735).
+    div.style.MozBinding = "";
+  }
+
+  runNextTest();
+});
+
+function runNextTest() {
+  curTest++;
+  if (curTest < tests.length) {
+    var method = "request_" + tests[curTest][0].toLowerCase();
+    try {
+      window[method]();
+    } catch(e) {}
+  }
+  else {
+    script.sendAsyncMessage("finished");
+
+    SimpleTest.finish();
+  }
+}
+
+// Request creating functions
+
+function request_script() {
+  var content = $("content");
+
+Math.sin(1);
+  var script = document.createElement("script");
+  script.setAttribute("type", "text/javascript")
+  script.setAttribute("src", testURL)
+  content.appendChild(script);
+}
+
+function request_image() {
+  var content = $("content");
+
+  var image = new Image();
+  image.src = testURL;
+}
+
+function request_stylesheet() {
+  var content = $("content");
+
+  var stylesheet = document.createElement("link");
+  stylesheet.setAttribute("rel", "stylesheet");
+  stylesheet.setAttribute("type", "text/css");
+  stylesheet.setAttribute("href", testURL);
+  content.appendChild(stylesheet);
+}
+
+function request_object() {
+  var content = $("content");
+
+  var object = document.createElement("embed");
+  object.setAttribute("src", testURL);
+  content.appendChild(object);
+}
+
+function request_document() {
+  top.location.href = testURL;
+}
+
+function request_subdocument() {
+  var content = $("content");
+
+  var frame = document.createElement("iframe");
+  frame.setAttribute("src", testURL);
+  content.appendChild(frame);
+}
+
+function request_xbl() {
+  var content = $("content");
+
+  div = document.createElement("div");
+  div.style.MozBinding = "url(" + testURL + ")";
+  $('test').appendChild(div);
+  div.offsetLeft; // Flush styles.
+}
+
+function request_xmlhttprequest() {
+  var request = new XMLHttpRequest();
+  request.open("GET", testURL, false);
+  request.send(null);
+}
+
+function request_beacon() {
+  navigator.sendBeacon(testURL, "bacon would have been a better name than beacon");
+}
+
+</script>
+</pre>
+</body>
+</html>
+
--- a/testing/specialpowers/content/SpecialPowersObserverAPI.js
+++ b/testing/specialpowers/content/SpecialPowersObserverAPI.js
@@ -412,16 +412,17 @@ SpecialPowersObserverAPI.prototype = {
                          .messageManager;
         sb.sendAsyncMessage = (name, message) => {
           mm.sendAsyncMessage("SPChromeScriptMessage",
                               { id: id, name: name, message: message });
         };
         sb.addMessageListener = (name, listener) => {
           this._chromeScriptListeners.push({ id: id, name: name, listener: listener });
         };
+        sb.browserElement = aMessage.target;
 
         // Also expose assertion functions
         let reporter = function (err, message, stack) {
           // Pipe assertions back to parent process
           mm.sendAsyncMessage("SPChromeScriptAssert",
                               { id: id, url: url, err: err, message: message,
                                 stack: stack });
         };