From 1335f2114e9564f29f784118d69a582fc6513fb3 Mon Sep 17 00:00:00 2001
From: Sid Stamm <sstamm@mozilla.com <none@none>
Date: Mon, 8 Mar 2010 00:24:30 -0800
Subject: [PATCH] bug 550442 object sub loads should obey the object-src policy

---
 content/base/src/contentSecurityPolicy.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/base/src/contentSecurityPolicy.js b/content/base/src/contentSecurityPolicy.js
index 8711a0b3104..a7d6bef7e2e 100644
--- a/content/base/src/contentSecurityPolicy.js
+++ b/content/base/src/contentSecurityPolicy.js
@@ -99,6 +99,7 @@ function ContentSecurityPolicy() {
   csp._MAPPINGS[cp.TYPE_IMAGE]             = cspr_sd.IMG_SRC;
   csp._MAPPINGS[cp.TYPE_STYLESHEET]        = cspr_sd.STYLE_SRC;
   csp._MAPPINGS[cp.TYPE_OBJECT]            = cspr_sd.OBJECT_SRC;
+  csp._MAPPINGS[cp.TYPE_OBJECT_SUBREQUEST] = cspr_sd.OBJECT_SRC;
   csp._MAPPINGS[cp.TYPE_SUBDOCUMENT]       = cspr_sd.FRAME_SRC;
   csp._MAPPINGS[cp.TYPE_MEDIA]             = cspr_sd.MEDIA_SRC;
   csp._MAPPINGS[cp.TYPE_FONT]              = cspr_sd.FONT_SRC;
@@ -108,7 +109,6 @@ function ContentSecurityPolicy() {
   /* These must go through the catch-all */
   csp._MAPPINGS[cp.TYPE_XBL]               = cspr_sd.ALLOW;
   csp._MAPPINGS[cp.TYPE_PING]              = cspr_sd.ALLOW;
-  csp._MAPPINGS[cp.TYPE_OBJECT_SUBREQUEST] = cspr_sd.ALLOW;
   csp._MAPPINGS[cp.TYPE_DTD]               = cspr_sd.ALLOW;
 }