Merge m-c to inbound, a=merge

MozReview-Commit-ID: FevzakV3RlU

addon-sdk/source/lib/sdk/addon/runner.js

@@ -28,7 +28,7 @@ XPCOMUtils.defineLazyGetter(this, "DevToolsShim", function () {
 function setDefaultPrefs(prefsURI) {
   const prefs = Cc['@mozilla.org/preferences-service;1'].
                 getService(Ci.nsIPrefService).
-                QueryInterface(Ci.nsIPrefBranch2);
+                QueryInterface(Ci.nsIPrefBranch);
   const branch = prefs.getDefaultBranch('');
   const sandbox = Sandbox({
     name: prefsURI,

addon-sdk/source/lib/sdk/preferences/event-target.js

@@ -26,7 +26,7 @@ const PrefsTarget = Class({
     let branch = Cc["@mozilla.org/preferences-service;1"].
         getService(Ci.nsIPrefService).
         getBranch(branchName).
-        QueryInterface(Ci.nsIPrefBranch2);
+        QueryInterface(Ci.nsIPrefBranch);
     prefTargetNS(this).branch = branch;
 
     // provides easy access to preference values

browser/app/profile/firefox.js

@@ -1698,7 +1698,7 @@ pref("extensions.formautofill.loglevel", "Warn");
 pref("browser.sessionstore.restore_tabs_lazily", true);
 
 // Enable safebrowsing v4 tables (suffixed by "-proto") update.
-pref("urlclassifier.malwareTable", "goog-malware-proto,goog-unwanted-proto,test-malware-simple,test-unwanted-simple");
+pref("urlclassifier.malwareTable", "goog-malware-proto,goog-unwanted-proto,test-malware-simple,test-unwanted-simple,test-harmful-simple");
 pref("urlclassifier.phishTable", "goog-phish-proto,test-phish-simple");
 
 pref("browser.suppress_first_window_animation", true);

browser/base/content/blockedSite.xhtml

@@ -89,6 +89,9 @@
           case "unwantedBlocked" :
             error = "unwanted";
             break;
+          case "harmfulBlocked" :
+            error = "harmful";
+            break;
           default:
             return;
         }
@@ -122,6 +125,15 @@
           el.remove();
         }
 
+        if (error !== "harmful") {
+          el = document.getElementById("errorTitleText_harmful");
+          el.remove();
+          el = document.getElementById("errorShortDescText_harmful");
+          el.remove();
+          el = document.getElementById("errorLongDescText_harmful");
+          el.remove();
+        }
+
         // Set sitename
         document.getElementById(error + "_sitename").textContent = getHostString();
         document.title = document.getElementById("errorTitleText_" + error)
@@ -149,6 +161,7 @@
         <h1 class="title-text" id="errorTitleText_phishing">&safeb.blocked.phishingPage.title2;</h1>
         <h1 class="title-text" id="errorTitleText_malware">&safeb.blocked.malwarePage.title;</h1>
         <h1 class="title-text" id="errorTitleText_unwanted">&safeb.blocked.unwantedPage.title;</h1>
+        <h1 class="title-text" id="errorTitleText_harmful">&safeb.blocked.harmfulPage.title;</h1>
       </div>
 
       <div id="errorLongContent">
@@ -158,6 +171,7 @@
           <p id="errorShortDescText_phishing">&safeb.blocked.phishingPage.shortDesc2;</p>
           <p id="errorShortDescText_malware">&safeb.blocked.malwarePage.shortDesc;</p>
           <p id="errorShortDescText_unwanted">&safeb.blocked.unwantedPage.shortDesc;</p>
+          <p id="errorShortDescText_harmful">&safeb.blocked.harmfulPage.shortDesc;</p>
         </div>
 
         <!-- Long Description -->
@@ -165,6 +179,7 @@
           <p id="errorLongDescText_phishing">&safeb.blocked.phishingPage.longDesc2;</p>
           <p id="errorLongDescText_malware">&safeb.blocked.malwarePage.longDesc;</p>
           <p id="errorLongDescText_unwanted">&safeb.blocked.unwantedPage.longDesc;</p>
+          <p id="errorLongDescText_harmful">&safeb.blocked.harmfulPage.longDesc;</p>
         </div>
 
         <!-- Advisory -->

browser/base/content/browser.js

@@ -3146,9 +3146,12 @@ var BrowserOnClick = {
     } else if (reason === "unwanted") {
       sendTelemetry = true;
       bucketName = "WARNING_UNWANTED_PAGE_";
+    } else if (reason === "harmful") {
+      sendTelemetry = true;
+      bucketName = "WARNING_HARMFUL_PAGE_";
     }
-    let secHistogram = Services.telemetry.getHistogramById("SECURITY_UI");
-    let nsISecTel = Ci.nsISecurityUITelemetry;
+    let secHistogram = Services.telemetry.getHistogramById("URLCLASSIFIER_UI_EVENTS");
+    let nsISecTel = Ci.IUrlClassifierUITelemetry;
     bucketName += isTopFrame ? "TOP_" : "FRAME_";
     switch (elementId) {
       case "getMeOutButton":

browser/base/content/content.js

@@ -695,6 +695,8 @@ var ClickEventHandler = {
       reason = "malware";
     } else if (/e=unwantedBlocked/.test(ownerDoc.documentURI)) {
       reason = "unwanted";
+    } else if (/e=harmfulBlocked/.test(ownerDoc.documentURI)) {
+      reason = "harmful";
     }
 
     let docShell = ownerDoc.defaultView.QueryInterface(Ci.nsIInterfaceRequestor)

browser/components/preferences/in-content-new/sync.xul

@@ -47,7 +47,9 @@
       <vbox id="fxaContentWrapper">
         <groupbox id="noFxaGroup">
           <vbox>
-            <label id="noFxaCaption">&signedOut.caption;</label>
+            <caption>
+              <label id="noFxaCaption">&signedOut.caption;</label>
+            </caption>
             <description id="noFxaDescription" flex="1">&signedOut.description;</description>
             <hbox class="fxaAccountBox">
               <vbox>

browser/components/preferences/sitePermissions.css

@@ -3,7 +3,7 @@
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 .website-name {
-  padding: 5px;
+  -moz-box-align: center;
 }
 
 #permissionsBox {

browser/components/safebrowsing/content/test/head.js

@@ -86,7 +86,7 @@ function waitForDBInit(callback) {
   });
 }
 
-Services.prefs.setCharPref("urlclassifier.malwareTable", "test-malware-simple,test-unwanted-simple");
+Services.prefs.setCharPref("urlclassifier.malwareTable", "test-malware-simple,test-unwanted-simple,test-harmful.simple");
 Services.prefs.setCharPref("urlclassifier.phishTable", "test-phish-simple");
 Services.prefs.setCharPref("urlclassifier.blockedTable", "test-block-simple");
 SafeBrowsing.init();

browser/extensions/pocket/skin/shared/pocket.css

@@ -15,12 +15,6 @@ panelmultiview[mainViewId=PanelUI-pocketView] > .panel-viewcontainer > .panel-vi
 
 #pocket-button {
   list-style-image: url("chrome://pocket-shared/skin/pocket.svg");
-  -moz-context-properties: fill;
-  fill: var(--toolbarbutton-icon-fill);
-}
-
-toolbar[brighttext] #pocket-button {
-  fill: var(--toolbarbutton-icon-fill-inverted);
 }
 
 #pocket-button[open="true"][animationsenabled] > .toolbarbutton-icon {

browser/locales/en-US/chrome/browser/safebrowsing/phishing-afterload-warning-message.dtd

@@ -32,3 +32,7 @@
 <!ENTITY safeb.blocked.phishingPage.shortDesc2 "This web page at <span id='phishing_sitename'/> has been reported as a deceptive site and has been blocked based on your security preferences.">
 <!ENTITY safeb.blocked.phishingPage.longDesc2 "<p>Deceptive sites are designed to trick you into doing something dangerous, like installing software, or revealing your personal information, like passwords, phone numbers or credit cards.</p><p>Entering any information on this web page may result in identity theft or other fraud.</p>">
 
+<!ENTITY safeb.blocked.harmfulPage.title "The site ahead may contain malware">
+<!-- Localization note (safeb.blocked.harmfulPage.shortDesc) - Please don't translate the contents of the <span id="harmful_sitename"/> tag. It will be replaced at runtime with a domain name (e.g. www.badsite.com) -->
+<!ENTITY safeb.blocked.harmfulPage.shortDesc "Firefox blocked this page because it might try to install dangerous apps that steal or delete your information (for example, photos, passwords, messages and credit cards).">
+<!ENTITY safeb.blocked.harmfulPage.longDesc "">

browser/locales/en-US/chrome/overrides/appstrings.properties

@@ -31,6 +31,7 @@ externalProtocolUnknown=<Unknown>
 externalProtocolChkMsg=Remember my choice for all links of this type.
 externalProtocolLaunchBtn=Launch application
 malwareBlocked=The site at %S has been reported as an attack site and has been blocked based on your security preferences.
+harmfulBlocked=The site at %S has been reported as a potentially harmful site and has been blocked based on your security preferences.
 unwantedBlocked=The site at %S has been reported as serving unwanted software and has been blocked based on your security preferences.
 deceptiveBlocked=This web page at %S has been reported as a deceptive site and has been blocked based on your security preferences.
 cspBlocked=This page has a content security policy that prevents it from being loaded in this way.

browser/themes/shared/compacttheme.inc.css

@@ -53,8 +53,6 @@
   --chrome-selection-color: #fff;
   --chrome-selection-background-color: #5675B9;
 
-  --toolbarbutton-icon-fill-inverted: rgba(249, 249, 250, .7);
-
 %endif
 
   /* Url and search bars */
@@ -126,6 +124,10 @@ toolbar:-moz-lwtheme-darktext {
 }
 %endif
 
+toolbar[brighttext] .toolbarbutton-1 {
+  fill: rgba(249, 249, 250, .7);
+}
+
 #urlbar ::-moz-selection,
 #navigator-toolbox .searchbar-textbox ::-moz-selection,
 .browserContainer > findbar ::-moz-selection {

browser/themes/shared/downloads/indicator.inc.css

@@ -255,8 +255,6 @@ toolbar[brighttext] #downloads-indicator-progress-inner {
   min-width: 1344px;
   height: 98px; /* Height is equal to height of each frame in the SVG animation */
   -moz-context-properties: fill;
-  /* Intentionally not using --toolbarbutton-icon-fill to get better contrast/balance
-     across default, dark and light themes */
   fill: #737373;
 %else
   background-size: 16px;

browser/themes/shared/incontentprefs/preferences.inc.css

@@ -7,6 +7,7 @@
 
 .main-content {
   padding-top: 0;
+  background-color: #fafafc;
 }
 
 .pane-container {
@@ -18,12 +19,23 @@
   width: 100%;
   padding: 0;
   font: message-box;
-  font-size: 1.25rem;
+  color: #0c0c0d;
+}
+
+#mainPrefPane groupbox,
+#mainPrefPane deck,
+#mainPrefPane description {
+  font-size: 1.36rem;
+}
+
+input,
+description.indent,
+.indent > description {
+  font-size: 1.18rem !important;
 }
 
 description.indent,
 .indent > description {
-  font-size: 1.18rem;
   color: #737373;
 }
 
@@ -38,6 +50,11 @@ html|option {
   -moz-user-select: none;
 }
 
+caption > label {
+  font-size: 1.55rem;
+  font-weight: 600;
+}
+
 #engineList treechildren::-moz-tree-image(engineShown, checked),
 #blocklistsTree treechildren::-moz-tree-image(selectionCol, checked) {
   list-style-image: url("chrome://global/skin/in-content/check.svg");
@@ -87,6 +104,7 @@ html|option {
 
 .header-name {
   font-size: 2rem;
+  font-weight: 300;
 }
 
 .subcategory {
@@ -97,12 +115,30 @@ html|option {
 
 #categories {
   max-height: 100vh;
+  background-color: #fafafc;
 }
 
 #categories > scrollbox {
   overflow-x: hidden !important;
 }
 
+.category-name {
+  font-size: 1.45rem;
+  color: #0c0c0d;
+}
+
+.category,
+.category:hover,
+.category[selected] {
+  background-color: transparent;
+  border-inline-start: initial;
+  padding-inline-start: 44px;
+}
+
+richlistitem[selected='true'] .category-name {
+  color: #0a84ff;
+}
+
 /**
  * We want the last category to always have non-0 getBoundingClientRect().bottom
  * so we can use the value to figure out the max-height of the list in
@@ -197,8 +233,9 @@ html|option {
   font-size: 90%;
 }
 
-#isNotDefaultLabel {
-  font-weight: bold;
+#isNotDefaultLabel,
+#signedOutAccountBoxTitle {
+  font-weight: 600;
 }
 
 #downloadFolder {
@@ -474,7 +511,6 @@ groupbox {
 }
 
 #noFxaCaption {
-  font-weight: bold;
   margin-bottom: 11px;
 }
 
@@ -507,10 +543,6 @@ groupbox {
   padding: 14px 20px 14px 14px;
 }
 
-#signedOutAccountBoxTitle {
-  font-weight: bold;
-}
-
 .fxaAccountBoxButtons {
   margin-bottom: 0 !important;
   margin-top: 11px;
@@ -632,6 +664,8 @@ groupbox {
   background-position: 15px;
   padding-inline-start: 35px;
   white-space: nowrap;
+  fill: #0c0c0d;
+  stroke: #0c0c0d;
 }
 
 .help-button:-moz-locale-dir(rtl) {
@@ -642,10 +676,19 @@ groupbox {
 
 .help-button:link,
 .help-button:visited {
-  color: var(--in-content-category-text);
+  color: #0c0c0d !important;
+  opacity: 0.8;
   text-decoration: none;
 }
 
+.help-button:hover {
+  color: #0c0c0d !important;
+  fill: #0c0c0d !important;
+  stroke: #0c0c0d !important;
+  stroke-opacity: 0!important;
+  opacity: 0.9;
+}
+
 .search-container {
   position: sticky;
   background-color: var(--in-content-page-background);

browser/themes/shared/toolbarbutton-icons.inc.css

@@ -1,16 +1,14 @@
 :root {
-  --toolbarbutton-icon-fill: #4c4c4c;
-  --toolbarbutton-icon-fill-inverted: #fff;
   --toolbarbutton-icon-fill-attention: #177ee5;
 }
 
 .toolbarbutton-1 {
   -moz-context-properties: fill;
-  fill: var(--toolbarbutton-icon-fill);
+  fill: #4c4c4c;
 }
 
 toolbar[brighttext] .toolbarbutton-1 {
-  fill: var(--toolbarbutton-icon-fill-inverted);
+  fill: #fff;
 }
 
 #back-button:-moz-locale-dir(rtl) > .toolbarbutton-icon,

devtools/client/commandline/test/browser_cmd_pref1.js

@@ -5,7 +5,7 @@
 
 var prefBranch = Cc["@mozilla.org/preferences-service;1"]
                     .getService(Ci.nsIPrefService).getBranch(null)
-                    .QueryInterface(Ci.nsIPrefBranch2);
+                    .QueryInterface(Ci.nsIPrefBranch);
 
 const TEST_URI = "data:text/html;charset=utf-8,gcli-pref1";
 

devtools/client/commandline/test/browser_cmd_pref2.js

@@ -5,7 +5,7 @@
 
 var prefBranch = Cc["@mozilla.org/preferences-service;1"]
                     .getService(Ci.nsIPrefService).getBranch(null)
-                    .QueryInterface(Ci.nsIPrefBranch2);
+                    .QueryInterface(Ci.nsIPrefBranch);
 
 const TEST_URI = "data:text/html;charset=utf-8,gcli-pref2";
 

devtools/client/commandline/test/browser_cmd_pref3.js

@@ -5,7 +5,7 @@
 
 var prefBranch = Cc["@mozilla.org/preferences-service;1"]
                     .getService(Ci.nsIPrefService).getBranch(null)
-                    .QueryInterface(Ci.nsIPrefBranch2);
+                    .QueryInterface(Ci.nsIPrefBranch);
 
 var supportsString = Cc["@mozilla.org/supports-string;1"]
                       .createInstance(Ci.nsISupportsString);

devtools/client/commandline/test/browser_cmd_settings.js

@@ -5,7 +5,7 @@
 
 var prefBranch = Cc["@mozilla.org/preferences-service;1"]
                     .getService(Ci.nsIPrefService).getBranch(null)
-                    .QueryInterface(Ci.nsIPrefBranch2);
+                    .QueryInterface(Ci.nsIPrefBranch);
 
 var supportsString = Cc["@mozilla.org/supports-string;1"]
                       .createInstance(Ci.nsISupportsString);

devtools/client/shared/developer-toolbar.js

@@ -20,7 +20,7 @@ const { PluralForm } = require("devtools/shared/plural-form");
 
 loader.lazyGetter(this, "prefBranch", function () {
   return Services.prefs.getBranch(null)
-                    .QueryInterface(Ci.nsIPrefBranch2);
+                    .QueryInterface(Ci.nsIPrefBranch);
 });
 
 loader.lazyRequireGetter(this, "gcliInit", "devtools/shared/gcli/commands/index");

devtools/client/webide/test/browser.ini

@@ -1,5 +1,6 @@
 [DEFAULT]
 tags = devtools
+skip-if = asan || debug # bug 1078284 too many intermittents for these tests
 subsuite = devtools
 support-files =
   addons/simulators.json

devtools/client/webide/test/chrome.ini

@@ -1,5 +1,6 @@
 [DEFAULT]
 tags = devtools
+skip-if = asan || debug # bug 1078284 too many intermittents for these tests
 support-files =
   app/index.html
   app/manifest.webapp

devtools/shared/gcli/commands/cmd.js

@@ -14,7 +14,7 @@ const l10n = require("gcli/l10n");
 loader.lazyGetter(this, "prefBranch", function () {
   let prefService = Cc["@mozilla.org/preferences-service;1"]
                       .getService(Ci.nsIPrefService);
-  return prefService.getBranch(null).QueryInterface(Ci.nsIPrefBranch2);
+  return prefService.getBranch(null).QueryInterface(Ci.nsIPrefBranch);
 });
 
 loader.lazyImporter(this, "NetUtil", "resource://gre/modules/NetUtil.jsm");

devtools/shared/gcli/source/lib/gcli/index.js

@@ -22,7 +22,7 @@ var Ci = require('chrome').Ci;
 
 var prefSvc = Cc['@mozilla.org/preferences-service;1']
                         .getService(Ci.nsIPrefService);
-var prefBranch = prefSvc.getBranch(null).QueryInterface(Ci.nsIPrefBranch2);
+var prefBranch = prefSvc.getBranch(null).QueryInterface(Ci.nsIPrefBranch);
 
 exports.hiddenByChromePref = function() {
   return !prefBranch.prefHasUserValue('devtools.chrome.enabled');

devtools/shared/gcli/source/lib/gcli/settings.js

@@ -28,7 +28,7 @@ var Services = require("Services");
 XPCOMUtils.defineLazyGetter(imports, 'prefBranch', function() {
   var prefService = Cc['@mozilla.org/preferences-service;1']
           .getService(Ci.nsIPrefService);
-  return prefService.getBranch(null).QueryInterface(Ci.nsIPrefBranch2);
+  return prefService.getBranch(null).QueryInterface(Ci.nsIPrefBranch);
 });
 
 XPCOMUtils.defineLazyGetter(imports, 'supportsString', function() {

docshell/base/nsDocShell.cpp

@@ -220,6 +220,7 @@
 #include "mozilla/dom/PerformanceNavigation.h"
 #include "mozilla/dom/ScriptSettings.h"
 #include "mozilla/Encoding.h"
+#include "IUrlClassifierUITelemetry.h"
 
 #ifdef MOZ_TOOLKIT_SEARCH
 #include "nsIBrowserSearchService.h"
@@ -5123,7 +5124,8 @@ nsDocShell::DisplayLoadError(nsresult aError, nsIURI* aURI,
     }
   } else if (NS_ERROR_PHISHING_URI == aError ||
              NS_ERROR_MALWARE_URI == aError ||
-             NS_ERROR_UNWANTED_URI == aError) {
+             NS_ERROR_UNWANTED_URI == aError ||
+             NS_ERROR_HARMFUL_URI == aError) {
     nsAutoCString host;
     aURI->GetHost(host);
     CopyUTF8toUTF16(host, formatStrs[0]);
@@ -5143,22 +5145,27 @@ nsDocShell::DisplayLoadError(nsresult aError, nsIURI* aURI,
     if (NS_ERROR_PHISHING_URI == aError) {
       sendTelemetry = true;
       error = "deceptiveBlocked";
-      bucketId = IsFrame() ? nsISecurityUITelemetry::WARNING_PHISHING_PAGE_FRAME
-                           : nsISecurityUITelemetry::WARNING_PHISHING_PAGE_TOP;
+      bucketId = IsFrame() ? IUrlClassifierUITelemetry::WARNING_PHISHING_PAGE_FRAME
+                           : IUrlClassifierUITelemetry::WARNING_PHISHING_PAGE_TOP;
     } else if (NS_ERROR_MALWARE_URI == aError) {
       sendTelemetry = true;
       error = "malwareBlocked";
-      bucketId = IsFrame() ? nsISecurityUITelemetry::WARNING_MALWARE_PAGE_FRAME
-                           : nsISecurityUITelemetry::WARNING_MALWARE_PAGE_TOP;
+      bucketId = IsFrame() ? IUrlClassifierUITelemetry::WARNING_MALWARE_PAGE_FRAME
+                           : IUrlClassifierUITelemetry::WARNING_MALWARE_PAGE_TOP;
     } else if (NS_ERROR_UNWANTED_URI == aError) {
       sendTelemetry = true;
       error = "unwantedBlocked";
-      bucketId = IsFrame() ? nsISecurityUITelemetry::WARNING_UNWANTED_PAGE_FRAME
-                           : nsISecurityUITelemetry::WARNING_UNWANTED_PAGE_TOP;
+      bucketId = IsFrame() ? IUrlClassifierUITelemetry::WARNING_UNWANTED_PAGE_FRAME
+                           : IUrlClassifierUITelemetry::WARNING_UNWANTED_PAGE_TOP;
+    } else if (NS_ERROR_HARMFUL_URI == aError) {
+      sendTelemetry = true;
+      error = "harmfulBlocked";
+      bucketId = IsFrame() ? IUrlClassifierUITelemetry::WARNING_HARMFUL_PAGE_FRAME
+                           : IUrlClassifierUITelemetry::WARNING_HARMFUL_PAGE_TOP;
     }
 
     if (sendTelemetry && errorPage.EqualsIgnoreCase("blocked")) {
-      Telemetry::Accumulate(Telemetry::SECURITY_UI, bucketId);
+      Telemetry::Accumulate(Telemetry::URLCLASSIFIER_UI_EVENTS, bucketId);
     }
 
     cssClass.AssignLiteral("blacklist");
@@ -8000,6 +8007,7 @@ nsDocShell::EndPageLoad(nsIWebProgress* aProgress,
                aStatus == NS_ERROR_MALWARE_URI ||
                aStatus == NS_ERROR_PHISHING_URI ||
                aStatus == NS_ERROR_UNWANTED_URI ||
+               aStatus == NS_ERROR_HARMFUL_URI ||
                aStatus == NS_ERROR_UNSAFE_CONTENT_TYPE ||
                aStatus == NS_ERROR_REMOTE_XUL ||
                aStatus == NS_ERROR_INTERCEPTION_FAILED ||

dom/base/AutocompleteFieldList.h

@@ -65,6 +65,7 @@ AUTOCOMPLETE_UNSUPPORTED_FIELD_NAME(CC_GIVEN_NAME, "cc-given-name")
 AUTOCOMPLETE_UNSUPPORTED_FIELD_NAME(CC_ADDITIONAL_NAME, "cc-additional-name")
 AUTOCOMPLETE_UNSUPPORTED_FIELD_NAME(CC_FAMILY_NAME, "cc-family-name")
 AUTOCOMPLETE_UNSUPPORTED_FIELD_NAME(CC_CSC, "cc-csc")
+AUTOCOMPLETE_UNSUPPORTED_FIELD_NAME(CC_TYPE, "cc-type")
 AUTOCOMPLETE_UNSUPPORTED_FIELD_NAME(TRANSACTION_CURRENCY, "transaction-currency")
 AUTOCOMPLETE_UNSUPPORTED_FIELD_NAME(TRANSACTION_AMOUNT, "transaction-amount")
 AUTOCOMPLETE_UNSUPPORTED_FIELD_NAME(LANGUAGE, "language")

dom/browser-element/BrowserElementChildPreload.js

@@ -1460,6 +1460,9 @@ BrowserElementChild.prototype = {
           case Cr.NS_ERROR_MALWARE_URI :
             sendAsyncMsg('error', { type: 'malwareBlocked' });
             return;
+          case Cr.NS_ERROR_HARMFUL_URI :
+            sendAsyncMsg('error', { type: 'harmfulBlocked' });
+            return;
           case Cr.NS_ERROR_UNWANTED_URI :
             sendAsyncMsg('error', { type: 'unwantedBlocked' });
             return;

dom/media/MediaDecoderStateMachine.cpp

@@ -1956,8 +1956,8 @@ public:
 
   void Enter()
   {
-    // TODO : use more approriate way to decide whether need to release
-    // resource in bug1367983.
+    // On Android, the life cycle of graphic buffer is equal to Android's codec,
+    // we couldn't release it if we still need to render the frame.
 #ifndef MOZ_WIDGET_ANDROID
     if (!mMaster->mLooping) {
       // We've decoded all samples.

dom/media/gmp/GMPServiceParent.cpp

@@ -61,6 +61,8 @@ namespace mozilla {
 #endif
 #define __CLASS__ "GMPService"
 
+#define NS_DispatchToMainThread(...) CompileError_UseAbstractMainThreadInstead
+
 namespace gmp {
 
 static const uint32_t NodeIdSaltLength = 32;
@@ -1887,8 +1889,10 @@ GMPServiceParent::ActorDestroy(ActorDestroyReason aWhy)
   NS_DispatchToCurrentThread(
     NS_NewRunnableFunction("gmp::GMPServiceParent::ActorDestroy", [self]() {
       // The GMPServiceParent must be destroyed on the main thread.
-      NS_DispatchToMainThread(NS_NewRunnableFunction(
-        "gmp::GMPServiceParent::ActorDestroy", [self]() { delete self; }));
+      self->mService->mMainThread->Dispatch(
+        NS_NewRunnableFunction(
+          "gmp::GMPServiceParent::ActorDestroy", [self]() { delete self; }),
+        NS_DISPATCH_NORMAL);
     }));
 }
 
@@ -1953,3 +1957,5 @@ GMPServiceParent::Create(Endpoint<PGMPServiceParent>&& aGMPService)
 
 } // namespace gmp
 } // namespace mozilla
+
+#undef NS_DispatchToMainThread

dom/media/platforms/wrappers/H264Converter.cpp

@@ -74,6 +74,13 @@ H264Converter::Decode(MediaRawData* aSample)
       __func__);
   }
 
+  if (!mp4_demuxer::AnnexB::IsAVCC(aSample)) {
+    return DecodePromise::CreateAndReject(
+      MediaResult(NS_ERROR_DOM_MEDIA_FATAL_ERR,
+                  RESULT_DETAIL("Invalid H264 content")),
+      __func__);
+  }
+
   nsresult rv;
   if (!mDecoder) {
     // It is not possible to create an AVCC H264 decoder without SPS.

gfx/tests/gtest/TestTreeTraversal.cpp

@@ -286,6 +286,7 @@ TEST(TreeTraversal, DepthFirstSearchValueExists)
   size_t expectedNeedleTraversalRank = 7;
   RefPtr<SearchTestNodeForward> needleNode;
   std::vector<RefPtr<SearchTestNodeForward>> nodeList;
+  nodeList.reserve(10);
   for (size_t i = 0; i < 10; i++)
   {
     if (i == expectedNeedleTraversalRank) {
@@ -335,6 +336,7 @@ TEST(TreeTraversal, DepthFirstSearchValueExistsReverse)
   size_t expectedNeedleTraversalRank = 7;
   RefPtr<SearchTestNodeReverse> needleNode;
   std::vector<RefPtr<SearchTestNodeReverse>> nodeList;
+  nodeList.reserve(10);
   for (size_t i = 0; i < 10; i++)
   {
     if (i == expectedNeedleTraversalRank) {
@@ -406,6 +408,7 @@ TEST(TreeTraversal, DepthFirstSearchValueDoesNotExist)
 {
   int visitCount = 0;
   std::vector<RefPtr<SearchTestNodeForward>> nodeList;
+  nodeList.reserve(10);
   for (int i = 0; i < 10; i++)
   {
       nodeList.push_back(new SearchTestNodeForward(SearchNodeType::Hay, i));
@@ -446,6 +449,7 @@ TEST(TreeTraversal, DepthFirstSearchValueDoesNotExistReverse)
 {
   int visitCount = 0;
   std::vector<RefPtr<SearchTestNodeReverse>> nodeList;
+  nodeList.reserve(10);
   for (int i = 0; i < 10; i++)
   {
       nodeList.push_back(new SearchTestNodeReverse(SearchNodeType::Hay, i));
@@ -619,6 +623,7 @@ TEST(TreeTraversal, DepthFirstSearchPostOrderValueDoesNotExist)
 {
   int visitCount = 0;
   std::vector<RefPtr<SearchTestNodeForward>> nodeList;
+  nodeList.reserve(10);
   for (int i = 0; i < 10; i++)
   {
       nodeList.push_back(new SearchTestNodeForward(SearchNodeType::Hay, i));
@@ -658,6 +663,7 @@ TEST(TreeTraversal, DepthFirstSearchPostOrderValueDoesNotExistReverse)
 {
   int visitCount = 0;
   std::vector<RefPtr<SearchTestNodeReverse>> nodeList;
+  nodeList.reserve(10);
   for (int i = 0; i < 10; i++)
   {
       nodeList.push_back(new SearchTestNodeReverse(SearchNodeType::Hay, i));
@@ -734,6 +740,7 @@ TEST(TreeTraversal, BreadthFirstSearchValueExists)
   size_t expectedNeedleTraversalRank = 7;
   RefPtr<SearchTestNodeForward> needleNode;
   std::vector<RefPtr<SearchTestNodeForward>> nodeList;
+  nodeList.reserve(10);
   for (size_t i = 0; i < 10; i++)
   {
     if (i == expectedNeedleTraversalRank) {
@@ -783,6 +790,7 @@ TEST(TreeTraversal, BreadthFirstSearchValueExistsReverse)
   size_t expectedNeedleTraversalRank = 7;
   RefPtr<SearchTestNodeReverse> needleNode;
   std::vector<RefPtr<SearchTestNodeReverse>> nodeList;
+  nodeList.reserve(10);
   for (size_t i = 0; i < 10; i++)
   {
     if (i == expectedNeedleTraversalRank) {
@@ -830,6 +838,7 @@ TEST(TreeTraversal, BreadthFirstSearchValueDoesNotExist)
 {
   int visitCount = 0;
   std::vector<RefPtr<SearchTestNodeForward>> nodeList;
+  nodeList.reserve(10);
   for (int i = 0; i < 10; i++)
   {
     nodeList.push_back(new SearchTestNodeForward(SearchNodeType::Hay, i));
@@ -870,6 +879,7 @@ TEST(TreeTraversal, BreadthFirstSearchValueDoesNotExistReverse)
 {
   int visitCount = 0;
   std::vector<RefPtr<SearchTestNodeReverse>> nodeList;
+  nodeList.reserve(10);
   for (int i = 0; i < 10; i++)
   {
     nodeList.push_back(new SearchTestNodeReverse(SearchNodeType::Hay, i));
@@ -920,6 +930,7 @@ TEST(TreeTraversal, ForEachNodeAllEligible)
 {
   std::vector<RefPtr<ForEachTestNodeForward>> nodeList;
   int visitCount = 0;
+  nodeList.reserve(10);
   for (int i = 0; i < 10; i++)
   {
     nodeList.push_back(new ForEachTestNodeForward(ForEachNodeType::Continue,i));
@@ -958,6 +969,7 @@ TEST(TreeTraversal, ForEachNodeAllEligibleReverse)
 {
   std::vector<RefPtr<ForEachTestNodeReverse>> nodeList;
   int visitCount = 0;
+  nodeList.reserve(10);
   for (int i = 0; i < 10; i++)
   {
     nodeList.push_back(new ForEachTestNodeReverse(ForEachNodeType::Continue,i));
@@ -1119,6 +1131,7 @@ TEST(TreeTraversal, ForEachNodeLeavesIneligible)
 {
 
   std::vector<RefPtr<ForEachTestNodeForward>> nodeList;
+  nodeList.reserve(10);
   int visitCount = 0;
   for (int i = 0; i < 10; i++)
   {
@@ -1161,6 +1174,7 @@ TEST(TreeTraversal, ForEachNodeLeavesIneligibleReverse)
 {
 
   std::vector<RefPtr<ForEachTestNodeReverse>> nodeList;
+  nodeList.reserve(10);
   int visitCount = 0;
   for (int i = 0; i < 10; i++)
   {
@@ -1202,6 +1216,7 @@ TEST(TreeTraversal, ForEachNodeLeavesIneligibleReverse)
 TEST(TreeTraversal, ForEachNodeLambdaReturnsVoid)
 {
   std::vector<RefPtr<ForEachTestNodeReverse>> nodeList;
+  nodeList.reserve(10);
   int visitCount = 0;
   for (int i = 0; i < 10; i++)
   {

js/xpconnect/src/xpc.msg

@@ -233,3 +233,4 @@ XPC_MSG_DEF(NS_ERROR_PHISHING_URI                     , "The URI is phishing")
 XPC_MSG_DEF(NS_ERROR_TRACKING_URI                     , "The URI is tracking")
 XPC_MSG_DEF(NS_ERROR_UNWANTED_URI                     , "The URI is unwanted")
 XPC_MSG_DEF(NS_ERROR_BLOCKED_URI                      , "The URI is blocked")
+XPC_MSG_DEF(NS_ERROR_HARMFUL_URI                      , "The URI is harmful")

media/webrtc/signaling/src/peerconnection/PeerConnectionMedia.cpp

@@ -557,6 +557,7 @@ PeerConnectionMedia::ActivateOrRemoveTransport_s(
                 static_cast<unsigned>(aComponentCount));
 
     std::vector<std::string> attrs;
+    attrs.reserve(aCandidateList.size() + 2 /* ufrag + pwd */);
     for (const auto& candidate : aCandidateList) {
       attrs.push_back("candidate:" + candidate);
     }

mobile/android/chrome/content/browser.js

@@ -4850,6 +4850,7 @@ var ErrorPageEventHandler = {
           // First check whether it's malware, phishing or unwanted, so that we
           // can use the right strings/links
           let bucketName = "";
+          const probe = "URLCLASSIFIER_UI_EVENTS";
           let sendTelemetry = false;
           if (errorDoc.documentURI.includes("e=malwareBlocked")) {
             sendTelemetry = true;
@@ -4860,6 +4861,9 @@ var ErrorPageEventHandler = {
           } else if (errorDoc.documentURI.includes("e=unwantedBlocked")) {
             sendTelemetry = true;
             bucketName = "WARNING_UNWANTED_PAGE_";
+          } else if (errorDoc.documentURI.includes("e=harmfulBlocked")) {
+            sendTelemetry = true;
+            bucketName = "WARNING_HARMFUL_PAGE_";
           }
           let nsISecTel = Ci.nsISecurityUITelemetry;
           let isIframe = (errorDoc.defaultView.parent === errorDoc.defaultView);
@@ -4869,14 +4873,14 @@ var ErrorPageEventHandler = {
 
           if (target == errorDoc.getElementById("getMeOutButton")) {
             if (sendTelemetry) {
-              Telemetry.addData("SECURITY_UI", nsISecTel[bucketName + "GET_ME_OUT_OF_HERE"]);
+              Telemetry.addData(probe, nsISecTel[bucketName + "GET_ME_OUT_OF_HERE"]);
             }
             errorDoc.location = "about:home";
           } else if (target == errorDoc.getElementById("reportButton")) {
             // We log even if malware/phishing info URL couldn't be found:
             // the measurement is for how many users clicked the WHY BLOCKED button
             if (sendTelemetry) {
-              Telemetry.addData("SECURITY_UI", nsISecTel[bucketName + "WHY_BLOCKED"]);
+              Telemetry.addData(probe, nsISecTel[bucketName + "WHY_BLOCKED"]);
             }
 
             // This is the "Why is this site blocked" button. We redirect
@@ -4886,7 +4890,7 @@ var ErrorPageEventHandler = {
           } else if (target == errorDoc.getElementById("ignoreWarningButton") &&
                      Services.prefs.getBoolPref("browser.safebrowsing.allowOverride")) {
             if (sendTelemetry) {
-              Telemetry.addData("SECURITY_UI", nsISecTel[bucketName + "IGNORE_WARNING"]);
+              Telemetry.addData(probe, nsISecTel[bucketName + "IGNORE_WARNING"]);
             }
 
             // Allow users to override and continue through to the site,

mobile/locales/en-US/overrides/appstrings.properties

@@ -31,6 +31,7 @@ externalProtocolUnknown=<Unknown>
 externalProtocolChkMsg=Remember my choice for all links of this type.
 externalProtocolLaunchBtn=Launch application
 malwareBlocked=The site at %S has been reported as an attack site and has been blocked based on your security preferences.
+harmfulBlocked=The site at %S has been reported as a potentially harmful site and has been blocked based on your security preferences.
 deceptiveBlocked=This web page at %S has been reported as a deceptive site and has been blocked based on your security preferences.
 unwantedBlocked=The site at %S has been reported as serving unwanted software and has been blocked based on your security preferences.
 cspBlocked=This page has a content security policy that prevents it from being loaded in this way.

modules/libpref/Preferences.cpp

@@ -719,8 +719,6 @@ NS_INTERFACE_MAP_BEGIN(Preferences)
     NS_INTERFACE_MAP_ENTRY(nsIPrefService)
     NS_INTERFACE_MAP_ENTRY(nsIObserver)
     NS_INTERFACE_MAP_ENTRY(nsIPrefBranch)
-    NS_INTERFACE_MAP_ENTRY(nsIPrefBranch2)
-    NS_INTERFACE_MAP_ENTRY(nsIPrefBranchInternal)
     NS_INTERFACE_MAP_ENTRY(nsISupportsWeakReference)
 NS_INTERFACE_MAP_END
 

modules/libpref/Preferences.h

@@ -12,7 +12,6 @@
 
 #include "nsIPrefService.h"
 #include "nsIPrefBranch.h"
-#include "nsIPrefBranchInternal.h"
 #include "nsIObserver.h"
 #include "nsCOMPtr.h"
 #include "nsTArray.h"
@@ -49,7 +48,7 @@ class PrefSetting;
 
 class Preferences final : public nsIPrefService,
                           public nsIObserver,
-                          public nsIPrefBranchInternal,
+                          public nsIPrefBranch,
                           public nsSupportsWeakReference
 {
 public:

modules/libpref/init/all.js

@@ -5319,7 +5319,7 @@ pref("dom.flyweb.enabled", false);
 pref("dom.mapped_arraybuffer.enabled", true);
 
 // The tables used for Safebrowsing phishing and malware checks.
-pref("urlclassifier.malwareTable", "goog-malware-shavar,goog-unwanted-shavar,test-malware-simple,test-unwanted-simple");
+pref("urlclassifier.malwareTable", "goog-malware-shavar,goog-unwanted-shavar,test-malware-simple,test-unwanted-simple,test-harmful-simple");
 
 #ifdef MOZILLA_OFFICIAL
 // In the official build, we are allowed to use google's private
@@ -5333,7 +5333,7 @@ pref("urlclassifier.phishTable", "googpub-phish-shavar,test-phish-simple");
 pref("urlclassifier.downloadAllowTable", "goog-downloadwhite-proto");
 pref("urlclassifier.downloadBlockTable", "goog-badbinurl-proto");
 
-pref("urlclassifier.disallow_completions", "test-malware-simple,test-phish-simple,test-unwanted-simple,test-track-simple,test-trackwhite-simple,test-block-simple,goog-downloadwhite-digest256,base-track-digest256,mozstd-trackwhite-digest256,content-track-digest256,mozplugin-block-digest256,mozplugin2-block-digest256,block-flash-digest256,except-flash-digest256,allow-flashallow-digest256,except-flashallow-digest256,block-flashsubdoc-digest256,except-flashsubdoc-digest256,except-flashinfobar-digest256");
+pref("urlclassifier.disallow_completions", "test-malware-simple,test-harmful-simple,test-phish-simple,test-unwanted-simple,test-track-simple,test-trackwhite-simple,test-block-simple,goog-downloadwhite-digest256,base-track-digest256,mozstd-trackwhite-digest256,content-track-digest256,mozplugin-block-digest256,mozplugin2-block-digest256,block-flash-digest256,except-flash-digest256,allow-flashallow-digest256,except-flashallow-digest256,block-flashsubdoc-digest256,except-flashsubdoc-digest256,except-flashinfobar-digest256");
 
 // The table and update/gethash URLs for Safebrowsing phishing and malware
 // checks.
@@ -5383,7 +5383,7 @@ pref("browser.safebrowsing.provider.google.advisoryName", "Google Safe Browsing.
 
 // Prefs for v4.
 pref("browser.safebrowsing.provider.google4.pver", "4");
-pref("browser.safebrowsing.provider.google4.lists", "goog-badbinurl-proto,goog-downloadwhite-proto,goog-phish-proto,googpub-phish-proto,goog-malware-proto,goog-unwanted-proto");
+pref("browser.safebrowsing.provider.google4.lists", "goog-badbinurl-proto,goog-downloadwhite-proto,goog-phish-proto,googpub-phish-proto,goog-malware-proto,goog-unwanted-proto,goog-harmful-proto");
 pref("browser.safebrowsing.provider.google4.updateURL", "https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?$ct=application/x-protobuf&key=%GOOGLE_API_KEY%&$httpMethod=POST");
 pref("browser.safebrowsing.provider.google4.gethashURL", "https://safebrowsing.googleapis.com/v4/fullHashes:find?$ct=application/x-protobuf&key=%GOOGLE_API_KEY%&$httpMethod=POST");
 pref("browser.safebrowsing.provider.google4.reportURL", "https://safebrowsing.google.com/safebrowsing/diagnostic?client=%NAME%&hl=%LOCALE%&site=");

modules/libpref/moz.build

@@ -17,8 +17,6 @@ XPCSHELL_TESTS_MANIFESTS += [
 
 XPIDL_SOURCES += [
     'nsIPrefBranch.idl',
-    'nsIPrefBranch2.idl',
-    'nsIPrefBranchInternal.idl',
     'nsIPrefLocalizedString.idl',
     'nsIPrefService.idl',
     'nsIRelativeFilePref.idl',

modules/libpref/nsIPrefBranch2.idl

@@ -1,16 +0,0 @@
-/* -*- Mode: IDL; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#include "nsIPrefBranch.idl"
-
-/**
- * An empty interface to provide backwards compatibility for existing code.
- *
- * @see nsIPrefBranch
- */
-[scriptable, uuid(8892016d-07f7-4530-b5c1-d73dfcde4a1c)]
-interface nsIPrefBranch2 : nsIPrefBranch
-{
-};

modules/libpref/nsIPrefBranchInternal.idl

@@ -1,17 +0,0 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#include "nsIPrefBranch2.idl"
-
-/**
- * An empty interface to provide backwards compatibility for existing code that
- * bsmedberg didn't want to break all at once. Don't use me!
- *
- * @status NON-FROZEN interface WHICH WILL PROBABLY GO AWAY.
- */
-
-[scriptable, uuid(355bd1e9-248a-438b-809d-e0db1b287882)]
-interface nsIPrefBranchInternal : nsIPrefBranch2
-{
-};

modules/libpref/nsPrefBranch.cpp

@@ -103,8 +103,6 @@ NS_IMPL_RELEASE(nsPrefBranch)
 NS_INTERFACE_MAP_BEGIN(nsPrefBranch)
   NS_INTERFACE_MAP_ENTRY_AMBIGUOUS(nsISupports, nsIPrefBranch)
   NS_INTERFACE_MAP_ENTRY(nsIPrefBranch)
-  NS_INTERFACE_MAP_ENTRY_CONDITIONAL(nsIPrefBranch2, !mIsDefault)
-  NS_INTERFACE_MAP_ENTRY_CONDITIONAL(nsIPrefBranchInternal, !mIsDefault)
   NS_INTERFACE_MAP_ENTRY(nsIObserver)
   NS_INTERFACE_MAP_ENTRY(nsISupportsWeakReference)
 NS_INTERFACE_MAP_END

modules/libpref/nsPrefBranch.h

@@ -9,7 +9,6 @@
 #include "nsCOMPtr.h"
 #include "nsIObserver.h"
 #include "nsIPrefBranch.h"
-#include "nsIPrefBranchInternal.h"
 #include "nsIPrefLocalizedString.h"
 #include "nsXPCOM.h"
 #include "nsISupportsPrimitives.h"
@@ -176,7 +175,7 @@ class PrefCallback : public PLDHashEntryHdr {
     }
 };
 
-class nsPrefBranch final : public nsIPrefBranchInternal,
+class nsPrefBranch final : public nsIPrefBranch,
                            public nsIObserver,
                            public nsSupportsWeakReference
 {
@@ -184,7 +183,6 @@ class nsPrefBranch final : public nsIPrefBranchInternal,
 public:
   NS_DECL_ISUPPORTS
   NS_DECL_NSIPREFBRANCH
-  NS_DECL_NSIPREFBRANCH2
   NS_DECL_NSIOBSERVER
 
   nsPrefBranch(const char *aPrefRoot, bool aDefaultBranch);

netwerk/protocol/http/HttpChannelChild.cpp

@@ -1153,6 +1153,7 @@ HttpChannelChild::DoOnStopRequest(nsIRequest* aRequest, nsresult aChannelStatus,
       aChannelStatus == NS_ERROR_MALWARE_URI ||
       aChannelStatus == NS_ERROR_UNWANTED_URI ||
       aChannelStatus == NS_ERROR_BLOCKED_URI ||
+      aChannelStatus == NS_ERROR_HARMFUL_URI ||
       aChannelStatus == NS_ERROR_PHISHING_URI) {
     nsCString list, provider, prefix;
 

security/manager/ssl/nsISecurityUITelemetry.idl

@@ -96,25 +96,25 @@ const uint32_t WARNING_GEOLOCATION_REQUEST_NEVER_SHARE = 49;
 // It would be nice to measure the two cases of user clicking
 // "not now", and user closing the popup. This is currently not implemented.
 
-const uint32_t WARNING_MALWARE_PAGE_TOP = 52;
-const uint32_t WARNING_MALWARE_PAGE_TOP_WHY_BLOCKED = 53;
-const uint32_t WARNING_MALWARE_PAGE_TOP_GET_ME_OUT_OF_HERE = 54;
-const uint32_t WARNING_MALWARE_PAGE_TOP_IGNORE_WARNING = 55;
+// const uint32_t WARNING_MALWARE_PAGE_TOP = 52;
+// const uint32_t WARNING_MALWARE_PAGE_TOP_WHY_BLOCKED = 53;
+// const uint32_t WARNING_MALWARE_PAGE_TOP_GET_ME_OUT_OF_HERE = 54;
+// const uint32_t WARNING_MALWARE_PAGE_TOP_IGNORE_WARNING = 55;
 
-const uint32_t WARNING_PHISHING_PAGE_TOP = 56;
-const uint32_t WARNING_PHISHING_PAGE_TOP_WHY_BLOCKED = 57;
-const uint32_t WARNING_PHISHING_PAGE_TOP_GET_ME_OUT_OF_HERE = 58;
-const uint32_t WARNING_PHISHING_PAGE_TOP_IGNORE_WARNING = 59;
+// const uint32_t WARNING_PHISHING_PAGE_TOP = 56;
+// const uint32_t WARNING_PHISHING_PAGE_TOP_WHY_BLOCKED = 57;
+// const uint32_t WARNING_PHISHING_PAGE_TOP_GET_ME_OUT_OF_HERE = 58;
+// const uint32_t WARNING_PHISHING_PAGE_TOP_IGNORE_WARNING = 59;
 
-const uint32_t WARNING_MALWARE_PAGE_FRAME = 60;
-const uint32_t WARNING_MALWARE_PAGE_FRAME_WHY_BLOCKED = 61;
-const uint32_t WARNING_MALWARE_PAGE_FRAME_GET_ME_OUT_OF_HERE = 62;
-const uint32_t WARNING_MALWARE_PAGE_FRAME_IGNORE_WARNING = 63;
+// const uint32_t WARNING_MALWARE_PAGE_FRAME = 60;
+// const uint32_t WARNING_MALWARE_PAGE_FRAME_WHY_BLOCKED = 61;
+// const uint32_t WARNING_MALWARE_PAGE_FRAME_GET_ME_OUT_OF_HERE = 62;
+// const uint32_t WARNING_MALWARE_PAGE_FRAME_IGNORE_WARNING = 63;
 
-const uint32_t WARNING_PHISHING_PAGE_FRAME = 64;
-const uint32_t WARNING_PHISHING_PAGE_FRAME_WHY_BLOCKED = 65;
-const uint32_t WARNING_PHISHING_PAGE_FRAME_GET_ME_OUT_OF_HERE = 66;
-const uint32_t WARNING_PHISHING_PAGE_FRAME_IGNORE_WARNING = 67;
+// const uint32_t WARNING_PHISHING_PAGE_FRAME = 64;
+// const uint32_t WARNING_PHISHING_PAGE_FRAME_WHY_BLOCKED = 65;
+// const uint32_t WARNING_PHISHING_PAGE_FRAME_GET_ME_OUT_OF_HERE = 66;
+// const uint32_t WARNING_PHISHING_PAGE_FRAME_IGNORE_WARNING = 67;
 
 const uint32_t WARNING_BAD_CERT_TOP = 68;
 const uint32_t WARNING_BAD_CERT_TOP_STS = 69;
@@ -136,15 +136,15 @@ const uint32_t WARNING_BAD_CERT_TOP_CONFIRM_ADD_EXCEPTION_FLAG_DOMAIN = 2;
 const uint32_t WARNING_BAD_CERT_TOP_CONFIRM_ADD_EXCEPTION_FLAG_TIME = 4;
 
 // Another Safe Browsing list (like malware & phishing above)
-const uint32_t WARNING_UNWANTED_PAGE_TOP = 92;
-const uint32_t WARNING_UNWANTED_PAGE_TOP_WHY_BLOCKED = 93;
-const uint32_t WARNING_UNWANTED_PAGE_TOP_GET_ME_OUT_OF_HERE = 94;
-const uint32_t WARNING_UNWANTED_PAGE_TOP_IGNORE_WARNING = 95;
-const uint32_t WARNING_UNWANTED_PAGE_FRAME = 96;
-const uint32_t WARNING_UNWANTED_PAGE_FRAME_WHY_BLOCKED = 97;
-const uint32_t WARNING_UNWANTED_PAGE_FRAME_GET_ME_OUT_OF_HERE = 98;
-const uint32_t WARNING_UNWANTED_PAGE_FRAME_IGNORE_WARNING = 99;
+// const uint32_t WARNING_UNWANTED_PAGE_TOP = 92;
+// const uint32_t WARNING_UNWANTED_PAGE_TOP_WHY_BLOCKED = 93;
+// const uint32_t WARNING_UNWANTED_PAGE_TOP_GET_ME_OUT_OF_HERE = 94;
+// const uint32_t WARNING_UNWANTED_PAGE_TOP_IGNORE_WARNING = 95;
+// const uint32_t WARNING_UNWANTED_PAGE_FRAME = 96;
+// const uint32_t WARNING_UNWANTED_PAGE_FRAME_WHY_BLOCKED = 97;
+// const uint32_t WARNING_UNWANTED_PAGE_FRAME_GET_ME_OUT_OF_HERE = 98;
+// const uint32_t WARNING_UNWANTED_PAGE_FRAME_IGNORE_WARNING = 99;
 
-// This uses up buckets till 99 (including)
-// We only have buckets up to 100.
+// All the buckets are used so the safebrowsing-related buckets were
+// moved under URLCLASSIFIER_UI_EVENTS probe. See bug 1375277 for more information.
 };

security/sandbox/linux/broker/SandboxBroker.cpp

@@ -214,7 +214,9 @@ SandboxBroker::Policy::AddDir(int aPerms, const char* aPath)
   // be opened. We're guaranteed to have a trailing / now,
   // so just cut that.
   path.Truncate(path.Length() - 1);
-  Policy::AddPath(aPerms, path.get(), AddAlways);
+  if (!path.IsEmpty()) {
+    Policy::AddPath(aPerms, path.get(), AddAlways);
+  }
 }
 
 void

security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp

@@ -88,12 +88,6 @@ SandboxBrokerPolicyFactory::SandboxBrokerPolicyFactory()
 #endif
 
   // Read permissions
-  // No read blocking at level 2 and below
-  if (Preferences::GetInt("security.sandbox.content.level") <= 2) {
-    policy->AddDir(rdonly, "/");
-    mCommonContentPolicy.reset(policy);
-    return;
-  }
   policy->AddPath(rdonly, "/dev/urandom");
   policy->AddPath(rdonly, "/proc/cpuinfo");
   policy->AddPath(rdonly, "/proc/meminfo");
@@ -233,29 +227,37 @@ SandboxBrokerPolicyFactory::GetContentPolicy(int aPid, bool aFileProcess)
   UniquePtr<SandboxBroker::Policy>
     policy(new SandboxBroker::Policy(*mCommonContentPolicy));
 
+  // Read any extra paths that will get write permissions,
+  // configured by the user or distro
+  AddDynamicPathList(policy.get(),
+                     "security.sandbox.content.write_path_whitelist",
+                     rdwr);
+
+  // No read blocking at level 2 and below.
+  // file:// processes also get global read permissions
+  // This requires accessing user preferences so we can only do it now.
+  // Our constructor is initialized before user preferences are read in.
+  if (GetEffectiveContentSandboxLevel() <= 2 || aFileProcess) {
+    policy->AddDir(rdonly, "/");
+    return policy;
+  }
+
+  // Read permissions only from here on!
+  // Whitelisted for reading by the user/distro
+  AddDynamicPathList(policy.get(),
+                    "security.sandbox.content.read_path_whitelist",
+                    rdonly);
+
   // Bug 1198550: the profiler's replacement for dl_iterate_phdr
   policy->AddPath(rdonly, nsPrintfCString("/proc/%d/maps", aPid).get());
 
   // Bug 1198552: memory reporting.
   policy->AddPath(rdonly, nsPrintfCString("/proc/%d/statm", aPid).get());
   policy->AddPath(rdonly, nsPrintfCString("/proc/%d/smaps", aPid).get());
-  // Now read any extra paths, this requires accessing user preferences
-  // so we can only do it now. Our constructor is initialized before
-  // user preferences are read in.
-  AddDynamicPathList(policy.get(),
-                     "security.sandbox.content.read_path_whitelist",
-                     rdonly);
-  AddDynamicPathList(policy.get(),
-                     "security.sandbox.content.write_path_whitelist",
-                     rdwr);
 
-  // file:// processes get global read permissions
-  if (aFileProcess) {
-    policy->AddDir(rdonly, "/");
-  }
-
-  // userContent.css sits in the profile, which is normally blocked
-  // and we can't get the profile dir earlier
+  // userContent.css and the extensions dir sit in the profile, which is
+  // normally blocked and we can't get the profile dir earlier in startup,
+  // so this must happen here.
   nsCOMPtr<nsIFile> profileDir;
   nsresult rv = NS_GetSpecialDirectory(NS_APP_USER_PROFILE_50_DIR,
                                        getter_AddRefs(profileDir));
@@ -282,7 +284,7 @@ SandboxBrokerPolicyFactory::GetContentPolicy(int aPid, bool aFileProcess)
           nsAutoCString tmpPath;
           rv = workDir->GetNativePath(tmpPath);
           if (NS_SUCCEEDED(rv)) {
-            policy->AddPath(rdonly, tmpPath.get());
+            policy->AddDir(rdonly, tmpPath.get());
           }
         }
       }

servo/components/style/properties/helpers/animated_properties.mako.rs

@@ -1364,7 +1364,14 @@ impl Animatable for MozLength {
 
 impl ToAnimatedZero for MozLength {
     #[inline]
-    fn to_animated_zero(&self) -> Result<Self, ()> { Err(()) }
+    fn to_animated_zero(&self) -> Result<Self, ()> {
+        match *self {
+            MozLength::LengthOrPercentageOrAuto(ref length) => {
+                Ok(MozLength::LengthOrPercentageOrAuto(length.to_animated_zero()?))
+            },
+            _ => Err(())
+        }
+    }
 }
 
 /// https://drafts.csswg.org/css-transitions/#animtype-lpcalc

servo/components/style/properties/longhand/font.mako.rs

@@ -213,7 +213,6 @@ macro_rules! impl_gecko_keyword_conversions {
                     serialization.push(' ');
                     serialize_identifier(&ident, &mut serialization).unwrap();
                 }
-                println!("serialization: {}", serialization);
                 Ok(FontFamily::FamilyName(FamilyName {
                     name: Atom::from(value),
                     syntax: FamilyNameSyntax::Identifiers(serialization),

servo/components/style/selector_map.rs

@@ -16,7 +16,7 @@ use selector_parser::SelectorImpl;
 use selectors::matching::{matches_selector, MatchingContext, ElementSelectorFlags};
 use selectors::parser::{Component, Combinator, SelectorIter};
 use selectors::parser::LocalName as LocalNameSelector;
-use smallvec::VecLike;
+use smallvec::{SmallVec, VecLike};
 use std::collections::HashMap;
 use std::collections::hash_map;
 use std::hash::Hash;
@@ -49,16 +49,21 @@ pub trait SelectorMapEntry : Sized + Clone {
 /// element name, etc. will contain the Selectors that actually match that
 /// element.
 ///
+/// We use a 1-entry SmallVec to avoid a separate heap allocation in the case
+/// where we only have one entry, which is quite common. See measurements in:
+/// * https://bugzilla.mozilla.org/show_bug.cgi?id=1363789#c5
+/// * https://bugzilla.mozilla.org/show_bug.cgi?id=681755
+///
 /// TODO: Tune the initial capacity of the HashMap
 #[derive(Debug)]
 #[cfg_attr(feature = "servo", derive(HeapSizeOf))]
 pub struct SelectorMap<T> {
     /// A hash from an ID to rules which contain that ID selector.
-    pub id_hash: MaybeCaseInsensitiveHashMap<Atom, Vec<T>>,
+    pub id_hash: MaybeCaseInsensitiveHashMap<Atom, SmallVec<[T; 1]>>,
     /// A hash from a class name to rules which contain that class selector.
-    pub class_hash: MaybeCaseInsensitiveHashMap<Atom, Vec<T>>,
+    pub class_hash: MaybeCaseInsensitiveHashMap<Atom, SmallVec<[T; 1]>>,
     /// A hash from local name to rules which contain that local name selector.
-    pub local_name_hash: FnvHashMap<LocalName, Vec<T>>,
+    pub local_name_hash: FnvHashMap<LocalName, SmallVec<[T; 1]>>,
     /// Rules that don't have ID, class, or element selectors.
     pub other: Vec<T>,
     /// The number of entries in this map.
@@ -213,12 +218,12 @@ impl<T: SelectorMapEntry> SelectorMap<T> {
         self.count += 1;
 
         if let Some(id_name) = get_id_name(entry.selector()) {
-            self.id_hash.entry(id_name, quirks_mode).or_insert_with(Vec::new).push(entry);
+            self.id_hash.entry(id_name, quirks_mode).or_insert_with(SmallVec::new).push(entry);
             return;
         }
 
         if let Some(class_name) = get_class_name(entry.selector()) {
-            self.class_hash.entry(class_name, quirks_mode).or_insert_with(Vec::new).push(entry);
+            self.class_hash.entry(class_name, quirks_mode).or_insert_with(SmallVec::new).push(entry);
             return;
         }
 
@@ -429,10 +434,12 @@ pub fn get_local_name(iter: SelectorIter<SelectorImpl>)
 }
 
 #[inline]
-fn find_push<Str: Eq + Hash, V>(map: &mut FnvHashMap<Str, Vec<V>>,
-                                key: Str,
-                                value: V) {
-    map.entry(key).or_insert_with(Vec::new).push(value)
+fn find_push<Str: Eq + Hash, V, VL>(map: &mut FnvHashMap<Str, VL>,
+                                    key: Str,
+                                    value: V)
+    where VL: VecLike<V> + Default
+{
+    map.entry(key).or_insert_with(VL::default).push(value)
 }
 
 /// Wrapper for FnvHashMap that does ASCII-case-insensitive lookup in quirks mode.

servo/components/style/stylist.rs

@@ -51,9 +51,8 @@ pub use ::fnv::FnvHashMap;
 
 /// This structure holds all the selectors and device characteristics
 /// for a given document. The selectors are converted into `Rule`s
-/// (defined in rust-selectors), and introduced in a `SelectorMap`
-/// depending on the pseudo-element (see `PerPseudoElementSelectorMap`),
-/// and stylesheet origin (see the fields of `PerPseudoElementSelectorMap`).
+/// (defined in rust-selectors), and sorted into `SelectorMap`s keyed
+/// off stylesheet origin and pseudo-element (see `CascadeData`).
 ///
 /// This structure is effectively created once per pipeline, in the
 /// LayoutThread corresponding to that pipeline.
@@ -90,17 +89,14 @@ pub struct Stylist {
     /// had clear() called on it with no following rebuild()).
     is_cleared: bool,
 
-    /// The current selector maps, after evaluating media
-    /// rules against the current device.
-    element_map: PerPseudoElementSelectorMap,
+    /// Selector maps for all of the style sheets in the stylist, after
+    /// evalutaing media rules against the current device, split out per
+    /// cascade level.
+    cascade_data: CascadeData,
 
     /// The rule tree, that stores the results of selector matching.
     rule_tree: RuleTree,
 
-    /// The selector maps corresponding to a given pseudo-element
-    /// (depending on the implementation)
-    pseudos_map: FnvHashMap<PseudoElement, PerPseudoElementSelectorMap>,
-
     /// A map with all the animations indexed by name.
     animations: FnvHashMap<Atom, KeyframesAnimation>,
 
@@ -234,7 +230,7 @@ impl Stylist {
     /// be reset in clear().
     #[inline]
     pub fn new(device: Device, quirks_mode: QuirksMode) -> Self {
-        let mut stylist = Stylist {
+        Stylist {
             viewport_constraints: None,
             device: device,
             is_device_dirty: true,
@@ -242,8 +238,7 @@ impl Stylist {
             quirks_mode: quirks_mode,
             effective_media_query_results: EffectiveMediaQueryResults::new(),
 
-            element_map: PerPseudoElementSelectorMap::new(),
-            pseudos_map: Default::default(),
+            cascade_data: CascadeData::new(),
             animations: Default::default(),
             precomputed_pseudo_element_decls: Default::default(),
             rules_source_order: 0,
@@ -257,15 +252,9 @@ impl Stylist {
             num_selectors: 0,
             num_declarations: 0,
             num_rebuilds: 0,
-        };
-
-        SelectorImpl::each_eagerly_cascaded_pseudo_element(|pseudo| {
-            stylist.pseudos_map.insert(pseudo, PerPseudoElementSelectorMap::new());
-        });
+        }
 
         // FIXME: Add iso-8859-9.css when the document’s encoding is ISO-8859-8.
-
-        stylist
     }
 
     /// Returns the number of selectors.
@@ -317,8 +306,7 @@ impl Stylist {
         // preserve current device
         self.is_device_dirty = true;
         // preserve current quirks_mode value
-        self.element_map = PerPseudoElementSelectorMap::new();
-        self.pseudos_map = Default::default();
+        self.cascade_data.clear();
         self.animations.clear(); // Or set to Default::default()?
         self.precomputed_pseudo_element_decls = Default::default();
         self.rules_source_order = 0;
@@ -393,10 +381,6 @@ impl Stylist {
             self.device.account_for_viewport_rule(constraints);
         }
 
-        SelectorImpl::each_eagerly_cascaded_pseudo_element(|pseudo| {
-            self.pseudos_map.insert(pseudo, PerPseudoElementSelectorMap::new());
-        });
-
         extra_data.clear();
 
         if let Some(ua_stylesheets) = ua_stylesheets {
@@ -420,8 +404,8 @@ impl Stylist {
         }
 
         SelectorImpl::each_precomputed_pseudo_element(|pseudo| {
-            if let Some(map) = self.pseudos_map.remove(&pseudo) {
-                let declarations = map.user_agent.get_universal_rules(CascadeLevel::UANormal);
+            if let Some(map) = self.cascade_data.user_agent.pseudos_map.remove(&pseudo) {
+                let declarations = map.get_universal_rules(CascadeLevel::UANormal);
                 self.precomputed_pseudo_element_decls.insert(pseudo, declarations);
             }
         });
@@ -474,6 +458,10 @@ impl Stylist {
         self.effective_media_query_results.saw_effective(stylesheet);
 
         let origin = stylesheet.origin(guard);
+
+        let origin_cascade_data =
+            self.cascade_data.borrow_mut_for_origin(&origin);
+
         for rule in stylesheet.effective_rules(&self.device, guard) {
             match *rule {
                 CssRule::Style(ref locked) => {
@@ -482,24 +470,17 @@ impl Stylist {
                     for selector in &style_rule.selectors.0 {
                         self.num_selectors += 1;
 
-                        let map = if let Some(pseudo) = selector.pseudo_element() {
-                            self.pseudos_map
-                                .entry(pseudo.canonical())
-                                .or_insert_with(PerPseudoElementSelectorMap::new)
-                                .borrow_for_origin(&origin)
-                        } else {
-                            self.element_map.borrow_for_origin(&origin)
-                        };
-
                         let hashes =
                             AncestorHashes::new(&selector, self.quirks_mode);
 
-                        map.insert(
-                            Rule::new(selector.clone(),
-                                      hashes.clone(),
-                                      locked.clone(),
-                                      self.rules_source_order),
-                            self.quirks_mode);
+                        origin_cascade_data
+                            .borrow_mut_for_pseudo_or_insert(selector.pseudo_element())
+                            .insert(
+                                Rule::new(selector.clone(),
+                                          hashes.clone(),
+                                          locked.clone(),
+                                          self.rules_source_order),
+                                self.quirks_mode);
 
                         self.invalidation_map.note_selector(selector, self.quirks_mode);
                         let mut visitor = StylistSelectorVisitor {
@@ -857,7 +838,8 @@ impl Stylist {
     {
         let pseudo = pseudo.canonical();
         debug_assert!(pseudo.is_lazy());
-        if self.pseudos_map.get(&pseudo).is_none() {
+
+        if !self.cascade_data.has_rules_for_pseudo(&pseudo) {
             return CascadeInputs::default()
         }
 
@@ -1117,17 +1099,6 @@ impl Stylist {
         self.quirks_mode = quirks_mode;
     }
 
-    /// Returns the correspond PerPseudoElementSelectorMap given PseudoElement.
-    fn get_map(&self,
-               pseudo_element: Option<&PseudoElement>) -> Option<&PerPseudoElementSelectorMap>
-    {
-        match pseudo_element {
-            Some(pseudo) => self.pseudos_map.get(pseudo),
-            None => Some(&self.element_map),
-        }
-    }
-
-
     /// Returns the applicable CSS declarations for the given element by
     /// treating us as an XBL stylesheet-only stylist.
     pub fn push_applicable_declarations_as_xbl_only_stylist<E, V>(&self,
@@ -1141,21 +1112,19 @@ impl Stylist {
             MatchingContext::new(MatchingMode::Normal, None, self.quirks_mode);
         let mut dummy_flag_setter = |_: &E, _: ElementSelectorFlags| {};
 
-        let map = match self.get_map(pseudo_element) {
-            Some(map) => map,
-            None => return,
-        };
         let rule_hash_target = element.rule_hash_target();
 
         // nsXBLPrototypeResources::LoadResources() loads Chrome XBL style
         // sheets under eAuthorSheetFeatures level.
-        map.author.get_all_matching_rules(element,
-                                          &rule_hash_target,
-                                          applicable_declarations,
-                                          &mut matching_context,
-                                          self.quirks_mode,
-                                          &mut dummy_flag_setter,
-                                          CascadeLevel::XBL);
+        if let Some(map) = self.cascade_data.author.borrow_for_pseudo(pseudo_element) {
+            map.get_all_matching_rules(element,
+                                       &rule_hash_target,
+                                       applicable_declarations,
+                                       &mut matching_context,
+                                       self.quirks_mode,
+                                       &mut dummy_flag_setter,
+                                       CascadeLevel::XBL);
+        }
     }
 
     /// Returns the applicable CSS declarations for the given element.
@@ -1187,10 +1156,6 @@ impl Stylist {
                       "Style attributes do not apply to pseudo-elements");
         debug_assert!(pseudo_element.map_or(true, |p| !p.is_precomputed()));
 
-        let map = match self.get_map(pseudo_element) {
-            Some(map) => map,
-            None => return,
-        };
         let rule_hash_target = element.rule_hash_target();
 
         debug!("Determining if style is shareable: pseudo: {}",
@@ -1199,13 +1164,15 @@ impl Stylist {
         let only_default_rules = rule_inclusion == RuleInclusion::DefaultOnly;
 
         // Step 1: Normal user-agent rules.
-        map.user_agent.get_all_matching_rules(element,
-                                              &rule_hash_target,
-                                              applicable_declarations,
-                                              context,
-                                              self.quirks_mode,
-                                              flags_setter,
-                                              CascadeLevel::UANormal);
+        if let Some(map) = self.cascade_data.user_agent.borrow_for_pseudo(pseudo_element) {
+            map.get_all_matching_rules(element,
+                                       &rule_hash_target,
+                                       applicable_declarations,
+                                       context,
+                                       self.quirks_mode,
+                                       flags_setter,
+                                       CascadeLevel::UANormal);
+        }
 
         if pseudo_element.is_none() && !only_default_rules {
             // Step 2: Presentational hints.
@@ -1233,13 +1200,15 @@ impl Stylist {
         // Which may be more what you would probably expect.
         if rule_hash_target.matches_user_and_author_rules() {
             // Step 3a: User normal rules.
-            map.user.get_all_matching_rules(element,
-                                            &rule_hash_target,
-                                            applicable_declarations,
-                                            context,
-                                            self.quirks_mode,
-                                            flags_setter,
-                                            CascadeLevel::UserNormal);
+            if let Some(map) = self.cascade_data.user.borrow_for_pseudo(pseudo_element) {
+                map.get_all_matching_rules(element,
+                                           &rule_hash_target,
+                                           applicable_declarations,
+                                           context,
+                                           self.quirks_mode,
+                                           flags_setter,
+                                           CascadeLevel::UserNormal);
+            }
         } else {
             debug!("skipping user rules");
         }
@@ -1254,13 +1223,15 @@ impl Stylist {
             // See nsStyleSet::FileRules().
             if !cut_off_inheritance {
                 // Step 3c: Author normal rules.
-                map.author.get_all_matching_rules(element,
-                                                  &rule_hash_target,
-                                                  applicable_declarations,
-                                                  context,
-                                                  self.quirks_mode,
-                                                  flags_setter,
-                                                  CascadeLevel::AuthorNormal);
+                if let Some(map) = self.cascade_data.author.borrow_for_pseudo(pseudo_element) {
+                    map.get_all_matching_rules(element,
+                                               &rule_hash_target,
+                                               applicable_declarations,
+                                               context,
+                                               self.quirks_mode,
+                                               flags_setter,
+                                               CascadeLevel::AuthorNormal);
+                }
             } else {
                 debug!("skipping author normal rules due to cut off inheritance");
             }
@@ -1592,37 +1563,132 @@ impl<'a> SelectorVisitor for StylistSelectorVisitor<'a> {
     }
 }
 
-/// Map that contains the CSS rules for a specific PseudoElement
-/// (or lack of PseudoElement).
+/// Data resulting from performing the CSS cascade.
 #[cfg_attr(feature = "servo", derive(HeapSizeOf))]
 #[derive(Debug)]
-struct PerPseudoElementSelectorMap {
+struct CascadeData {
     /// Rules from user agent stylesheets
-    user_agent: SelectorMap<Rule>,
+    user_agent: PerOriginCascadeData,
     /// Rules from author stylesheets
-    author: SelectorMap<Rule>,
+    author: PerOriginCascadeData,
     /// Rules from user stylesheets
-    user: SelectorMap<Rule>,
+    user: PerOriginCascadeData,
 }
 
-impl PerPseudoElementSelectorMap {
-    #[inline]
+impl CascadeData {
     fn new() -> Self {
-        PerPseudoElementSelectorMap {
-            user_agent: SelectorMap::new(),
-            author: SelectorMap::new(),
-            user: SelectorMap::new(),
+        CascadeData {
+            user_agent: PerOriginCascadeData::new(),
+            author: PerOriginCascadeData::new(),
+            user: PerOriginCascadeData::new(),
         }
     }
 
     #[inline]
-    fn borrow_for_origin(&mut self, origin: &Origin) -> &mut SelectorMap<Rule> {
+    fn borrow_mut_for_origin(&mut self, origin: &Origin) -> &mut PerOriginCascadeData {
         match *origin {
             Origin::UserAgent => &mut self.user_agent,
             Origin::Author => &mut self.author,
             Origin::User => &mut self.user,
         }
     }
+
+    fn clear(&mut self) {
+        self.user_agent.clear();
+        self.author.clear();
+        self.user.clear();
+    }
+
+    fn has_rules_for_pseudo(&self, pseudo: &PseudoElement) -> bool {
+        self.iter_origins().any(|d| d.has_rules_for_pseudo(pseudo))
+    }
+
+    fn iter_origins(&self) -> CascadeDataIter {
+        CascadeDataIter {
+            cascade_data: &self,
+            cur: 0,
+        }
+    }
+}
+
+struct CascadeDataIter<'a> {
+    cascade_data: &'a CascadeData,
+    cur: usize,
+}
+
+impl<'a> Iterator for CascadeDataIter<'a> {
+    type Item = &'a PerOriginCascadeData;
+
+    fn next(&mut self) -> Option<&'a PerOriginCascadeData> {
+        let result = match self.cur {
+            0 => &self.cascade_data.user_agent,
+            1 => &self.cascade_data.author,
+            2 => &self.cascade_data.user,
+            _ => return None,
+        };
+        self.cur += 1;
+        Some(result)
+    }
+}
+
+/// Data resulting from performing the CSS cascade that is specific to a given
+/// origin.
+#[cfg_attr(feature = "servo", derive(HeapSizeOf))]
+#[derive(Debug)]
+struct PerOriginCascadeData {
+    /// Rules from stylesheets at this `CascadeData`'s origin.
+    element_map: SelectorMap<Rule>,
+
+    /// Rules from stylesheets at this `CascadeData`'s origin that correspond
+    /// to a given pseudo-element.
+    pseudos_map: FnvHashMap<PseudoElement, SelectorMap<Rule>>,
+}
+
+impl PerOriginCascadeData {
+    fn new() -> Self {
+        let mut data = PerOriginCascadeData {
+            element_map: SelectorMap::new(),
+            pseudos_map: Default::default(),
+        };
+        SelectorImpl::each_eagerly_cascaded_pseudo_element(|pseudo| {
+            data.pseudos_map.insert(pseudo, SelectorMap::new());
+        });
+        data
+    }
+
+    #[inline]
+    fn borrow_for_pseudo(&self, pseudo: Option<&PseudoElement>) -> Option<&SelectorMap<Rule>> {
+        match pseudo {
+            Some(pseudo) => self.pseudos_map.get(&pseudo.canonical()),
+            None => Some(&self.element_map),
+        }
+    }
+
+    #[inline]
+    fn borrow_mut_for_pseudo_or_insert(&mut self, pseudo: Option<&PseudoElement>) -> &mut SelectorMap<Rule> {
+        match pseudo {
+            Some(pseudo) => {
+                self.pseudos_map
+                    .entry(pseudo.canonical())
+                    .or_insert_with(SelectorMap::new)
+            }
+            None => &mut self.element_map,
+        }
+    }
+
+    fn clear(&mut self) {
+        self.element_map = SelectorMap::new();
+        self.pseudos_map = Default::default();
+        SelectorImpl::each_eagerly_cascaded_pseudo_element(|pseudo| {
+            self.pseudos_map.insert(pseudo, SelectorMap::new());
+        });
+    }
+
+    fn has_rules_for_pseudo(&self, pseudo: &PseudoElement) -> bool {
+        // FIXME(emilio): We should probably make the pseudos map be an
+        // enumerated array.
+        self.pseudos_map.contains_key(pseudo)
+    }
 }
 
 /// A rule, that wraps a style rule, but represents a single selector of the

servo/components/style/values/computed/length.rs

@@ -574,7 +574,7 @@ impl LengthOrNumber {
 pub type LengthOrNormal = Either<Length, Normal>;
 
 /// A value suitable for a `min-width`, `min-height`, `width` or `height` property.
-/// See specified/values/length.rs for more details.
+/// See values/specified/length.rs for more details.
 #[allow(missing_docs)]
 #[cfg_attr(feature = "servo", derive(HeapSizeOf))]
 #[derive(Clone, Copy, Debug, PartialEq, ToCss)]
@@ -618,7 +618,7 @@ impl ToComputedValue for specified::MozLength {
 }
 
 /// A value suitable for a `max-width` or `max-height` property.
-/// See specified/values/length.rs for more details.
+/// See values/specified/length.rs for more details.
 #[allow(missing_docs)]
 #[cfg_attr(feature = "servo", derive(HeapSizeOf))]
 #[derive(Clone, Copy, Debug, PartialEq, ToCss)]

taskcluster/ci/test/tests.yml

@@ -227,6 +227,7 @@ gtest:
             linux64-qr/.*: ['mozilla-central', 'try']
             windows.*-pgo/.*: [] # permafails on pgo
             windows.*-nightly/.*: [] # permafails on nightly too
+            windows.*-devedition/.*: [] # permafails here too
             default: built-projects
     mozharness:
         script: desktop_unittest.py

testing/marionette/client/marionette_driver/marionette.py

@@ -1176,16 +1176,21 @@ class Marionette(object):
 
     @do_process_check
     def start_session(self, capabilities=None, session_id=None, timeout=60):
-        """Create a new Marionette session.
+        """Create a new WebDriver session.
 
         This method must be called before performing any other action.
 
-        :param capabilities: An optional dict of desired or required capabilities.
+        :param capabilities: An optional dictionary of
+            Marionette-recognised capabilities.  It does not
+            accept a WebDriver conforming capabilities dictionary
+            (including alwaysMatch, firstMatch, desiredCapabilities,
+            or requriedCapabilities), and only recognises extension
+            capabilities that are specific to Marionette.
         :param timeout: Timeout in seconds for the server to be ready.
-        :param session_id: unique identifier for the session. If no session id is
-            passed in then one will be generated by the marionette server.
+        :param session_id: Unique identifier for the session. If no
+            session ID is passed in then one will be generated.
 
-        :returns: A dict of the capabilities offered.
+        :returns: A dictionary of the capabilities offered.
 
         """
         self.crashed = 0

testing/marionette/driver.js

@@ -659,7 +659,114 @@ GeckoDriver.prototype.listeningPromise = function() {
   });
 };
 
-/** Create a new session. */
+/**
+ * Create a new WebDriver session.
+ *
+ * It is expected that the caller performs the necessary checks on
+ * the requested capabilities to be WebDriver conforming.  The WebDriver
+ * service offered by Marionette does not match or negotiate capabilities
+ * beyond type- and bounds checks.
+ *
+ * <h3>Capabilities</h3>
+ *
+ * <dl>
+ *  <dt><code>pageLoadStrategy</code> (string)
+ *  <dd>The page load strategy to use for the current session.  Must be
+ *   one of "<tt>none</tt>", "<tt>eager</tt>", and "<tt>normal</tt>".
+ *
+ *  <dt><code>acceptInsecureCerts</code> (boolean)
+ *  <dd>Indicates whether untrusted and self-signed TLS certificates
+ *   are implicitly trusted on navigation for the duration of the session.
+ *
+ *  <dt><code>timeouts</code> (Timeouts object)
+ *  <dd>Describes the timeouts imposed on certian session operations.
+ *
+ *  <dt><code>proxy</code> (Proxy object)
+ *  <dd>Defines the proxy configuration.
+ *
+ *  <dt><code>specificationLevel</code> (number)
+ *  <dd>If set to 1, a WebDriver conforming <i>WebDriver::ElementClick</i>
+ *   implementation will be used.
+ *
+ *  <dt><code>moz:accessibilityChecks</code> (boolean)
+ *  <dd>Run a11y checks when clicking elements.
+ * </dl>
+ *
+ * <h4>Timeouts object</h4>
+ *
+ * <dl>
+ *  <dt><code>script</code> (number)
+ *  <dd>Determines when to interrupt a script that is being evaluates.
+ *
+ *  <dt><code>pageLoad</code> (number)
+ *  <dd>Provides the timeout limit used to interrupt navigation of the
+ *   browsing context.
+ *
+ *  <dt><code>implicit</code> (number)
+ *  <dd>Gives the timeout of when to abort when locating an element.
+ * </dl>
+ *
+ * <h4>Proxy object</h4>
+ *
+ * <dl>
+ *  <dt><code>proxyType</code> (string)
+ *  <dd>Indicates the type of proxy configuration.  Must be one
+ *   of "<tt>pac</tt>", "<tt>direct</tt>", "<tt>autodetect</tt>",
+ *   "<tt>system</tt>", or "<tt>manual</tt>".
+ *
+ *  <dt><code>proxyAutoconfigUrl</code> (string)
+ *  <dd>Defines the URL for a proxy auto-config file if
+ *   <code>proxyType</code> is equal to "<tt>pac</tt>".
+ *
+ *  <dt><code>ftpProxy</code> (string)
+ *  <dd>Defines the proxy host for FTP traffic when the
+ *   <code>proxyType</code> is "<tt>manual</tt>".
+ *
+ *  <dt><code>httpProxy</code> (string)
+ *  <dd>Defines the proxy host for HTTP traffic when the
+ *   <code>proxyType</code> is "<tt>manual</tt>".
+ *
+ *  <dt><code>noProxy</code> (string)
+ *  <dd>Lists the adress for which the proxy should be bypassed when
+ *   the <code>proxyType</code> is "<tt>manual</tt>".  Must be a JSON
+ *   List containing any number of any of domains, IPv4 addresses, or IPv6
+ *   addresses.
+ *
+ *  <dt><code>sslProxy</code> (string)
+ *  <dd>Defines the proxy host for encrypted TLS traffic when the
+ *   <code>proxyType</code> is "<tt>manual</tt>".
+ *
+ *  <dt><code>socksProxy</code> (string)
+ *  <dd>Defines the proxy host for a SOCKS proxy traffic when the
+ *   <code>proxyType</code> is "<tt>manual</tt>".
+ *
+ *  <dt><code>socksVersion</code> (string)
+ *  <dd>Defines the SOCKS proxy version when the <code>proxyType</code> is
+ *   "<tt>manual</tt>".  It must be any integer between 0 and 255
+ *   inclusive.
+ * </dl>
+ *
+ * <h3>Example</h3>
+ *
+ * Input:
+ *
+ * <pre><code>
+ *     {"capabilities": {"acceptInsecureCerts": true}}
+ * </code></pre>
+ *
+ * @param {string=} sessionId
+ *     Normally a unique ID is given to a new session, however this can
+ *     be overriden by providing this field.
+ * @param {Object.<string, *>=} capabilities
+ *     JSON Object containing any of the recognised capabilities listed
+ *     above.
+ *
+ * @return {Object}
+ *     Session ID and capabilities offered by the WebDriver service.
+ *
+ * @throws {SessionNotCreatedError}
+ *     If, for whatever reason, a session could not be created.
+ */
 GeckoDriver.prototype.newSession = function* (cmd, resp) {
   if (this.sessionID) {
     throw new SessionNotCreatedError("Maximum number of active sessions");
@@ -670,9 +777,7 @@ GeckoDriver.prototype.newSession = function* (cmd, resp) {
 
   try {
     this.capabilities = session.Capabilities.fromJSON(
-        cmd.parameters.capabilities, {merge: true});
-    logger.config("Matched capabilities: " +
-        JSON.stringify(this.capabilities));
+        cmd.parameters.capabilities);
   } catch (e) {
     throw new SessionNotCreatedError(e);
   }

testing/marionette/harness/marionette_harness/tests/unit/test_accessibility.py

@@ -103,8 +103,7 @@ class TestAccessibility(MarionetteTestCase):
 
     def setup_accessibility(self, enable_a11y_checks=True, navigate=True):
         self.marionette.delete_session()
-        self.marionette.start_session(
-            {"requiredCapabilities": {"moz:accessibilityChecks": enable_a11y_checks}})
+        self.marionette.start_session({"moz:accessibilityChecks": enable_a11y_checks})
         self.assertEqual(
             self.marionette.session_capabilities["moz:accessibilityChecks"],
             enable_a11y_checks)

testing/marionette/harness/marionette_harness/tests/unit/test_capabilities.py

@@ -71,38 +71,10 @@ class TestCapabilities(MarionetteTestCase):
 
     def test_set_specification_level(self):
         self.marionette.delete_session()
-        self.marionette.start_session({"desiredCapabilities": {"specificationLevel": 2}})
+        self.marionette.start_session({"specificationLevel": 2})
         caps = self.marionette.session_capabilities
         self.assertEqual(2, caps["specificationLevel"])
 
-        self.marionette.delete_session()
-        self.marionette.start_session({"requiredCapabilities": {"specificationLevel": 3}})
-        caps = self.marionette.session_capabilities
-        self.assertEqual(3, caps["specificationLevel"])
-
-    def test_we_can_pass_in_required_capabilities_on_session_start(self):
-        self.marionette.delete_session()
-        capabilities = {"requiredCapabilities": {"browserName": self.appinfo["name"].lower()}}
-        self.marionette.start_session(capabilities)
-        caps = self.marionette.session_capabilities
-        self.assertIn("browserName", caps)
-
-        # Start a new session just to make sure we leave the browser in the
-        # same state it was before it started the test
-        self.marionette.start_session()
-
-    def test_capability_types(self):
-        for value in ["", "invalid", True, 42, []]:
-            print("testing value {}".format(value))
-            with self.assertRaises(SessionNotCreatedException):
-                print("  with desiredCapabilities")
-                self.marionette.delete_session()
-                self.marionette.start_session({"desiredCapabilities": value})
-            with self.assertRaises(SessionNotCreatedException):
-                print("  with requiredCapabilities")
-                self.marionette.delete_session()
-                self.marionette.start_session({"requiredCapabilities": value})
-
     def test_we_get_valid_uuid4_when_creating_a_session(self):
         self.assertNotIn("{", self.marionette.session_id,
                          "Session ID has {{}} in it: {}".format(
@@ -123,144 +95,52 @@ class TestCapabilityMatching(MarionetteTestCase):
         if self.marionette.session is not None:
             self.marionette.delete_session()
 
-    def test_browser_name_desired(self):
-        self.marionette.start_session({"desiredCapabilities": {"browserName": self.browser_name}})
-        self.assertEqual(self.marionette.session_capabilities["browserName"], self.browser_name)
-
-    def test_browser_name_required(self):
-        self.marionette.start_session({"requiredCapabilities": {"browserName": self.browser_name}})
-        self.assertEqual(self.marionette.session_capabilities["browserName"], self.browser_name)
-
-    def test_browser_name_desired_allowed_types(self):
-        for typ in self.allowed:
-            self.delete_session()
-            self.marionette.start_session({"desiredCapabilities": {"browserName": typ}})
-            self.assertEqual(self.marionette.session_capabilities["browserName"], self.browser_name)
-
-    def test_browser_name_desired_disallowed_types(self):
-        for typ in self.disallowed:
-            with self.assertRaises(SessionNotCreatedException):
-                self.marionette.start_session({"desiredCapabilities": {"browserName": typ}})
-
-    def test_browser_name_required_allowed_types(self):
-        for typ in self.allowed:
-            self.delete_session()
-            self.marionette.start_session({"requiredCapabilities": {"browserName": typ}})
-            self.assertEqual(self.marionette.session_capabilities["browserName"], self.browser_name)
-
-    def test_browser_name_requried_disallowed_types(self):
-        for typ in self.disallowed:
-            with self.assertRaises(SessionNotCreatedException):
-                self.marionette.start_session({"requiredCapabilities": {"browserName": typ}})
-
-    def test_browser_name_prefers_required(self):
-        caps = {"desiredCapabilities": {"browserName": "invalid"},
-                    "requiredCapabilities": {"browserName": "*"}}
-        self.marionette.start_session(caps)
-
-    def test_browser_name_error_on_invalid_required(self):
-        with self.assertRaises(SessionNotCreatedException):
-            caps = {"desiredCapabilities": {"browserName": "*"},
-                        "requiredCapabilities": {"browserName": "invalid"}}
-            self.marionette.start_session(caps)
-
-    # TODO(ato): browser version comparison not implemented yet
-
-    def test_platform_name_desired(self):
-        self.marionette.start_session({"desiredCapabilities": {"platformName": self.platform_name}})
-        self.assertEqual(self.marionette.session_capabilities["platformName"], self.platform_name)
-
-    def test_platform_name_required(self):
-        self.marionette.start_session({"requiredCapabilities": {"platformName": self.platform_name}})
-        self.assertEqual(self.marionette.session_capabilities["platformName"], self.platform_name)
-
-    def test_platform_name_desired_allowed_types(self):
-        for typ in self.allowed:
-            self.delete_session()
-            self.marionette.start_session({"desiredCapabilities": {"platformName": typ}})
-            self.assertEqual(self.marionette.session_capabilities["platformName"], self.platform_name)
-
-    def test_platform_name_desired_disallowed_types(self):
-        for typ in self.disallowed:
-            with self.assertRaises(SessionNotCreatedException):
-                self.marionette.start_session({"desiredCapabilities": {"platformName": typ}})
-
-    def test_platform_name_required_allowed_types(self):
-        for typ in self.allowed:
-            self.delete_session()
-            self.marionette.start_session({"requiredCapabilities": {"platformName": typ}})
-            self.assertEqual(self.marionette.session_capabilities["platformName"], self.platform_name)
-
-    def test_platform_name_requried_disallowed_types(self):
-        for typ in self.disallowed:
-            with self.assertRaises(SessionNotCreatedException):
-                self.marionette.start_session({"requiredCapabilities": {"platformName": typ}})
-
-    def test_platform_name_prefers_required(self):
-        caps = {"desiredCapabilities": {"platformName": "invalid"},
-                    "requiredCapabilities": {"platformName": "*"}}
-        self.marionette.start_session(caps)
-
-    def test_platform_name_error_on_invalid_required(self):
-        with self.assertRaises(SessionNotCreatedException):
-            caps = {"desiredCapabilities": {"platformName": "*"},
-                        "requiredCapabilities": {"platformName": "invalid"}}
-            self.marionette.start_session(caps)
-
-    # TODO(ato): platform version comparison not imlpemented yet
-
     def test_accept_insecure_certs(self):
-        for capability_type in ["desiredCapabilities", "requiredCapabilities"]:
-            print("testing {}".format(capability_type))
-            for value in ["", 42, {}, []]:
-                print("  type {}".format(type(value)))
-                with self.assertRaises(SessionNotCreatedException):
-                    self.marionette.start_session({capability_type: {"acceptInsecureCerts": value}})
+        for value in ["", 42, {}, []]:
+            print("  type {}".format(type(value)))
+            with self.assertRaises(SessionNotCreatedException):
+                self.marionette.start_session({"acceptInsecureCerts": value})
 
         self.delete_session()
-        self.marionette.start_session({"desiredCapabilities": {"acceptInsecureCerts": True}})
-        self.assertTrue(self.marionette.session_capabilities["acceptInsecureCerts"])
-        self.delete_session()
-        self.marionette.start_session({"requiredCapabilities": {"acceptInsecureCerts": True}})
-
+        self.marionette.start_session({"acceptInsecureCerts": True})
         self.assertTrue(self.marionette.session_capabilities["acceptInsecureCerts"])
 
     def test_page_load_strategy(self):
         for strategy in ["none", "eager", "normal"]:
             print("valid strategy {}".format(strategy))
             self.delete_session()
-            self.marionette.start_session({"desiredCapabilities": {"pageLoadStrategy": strategy}})
+            self.marionette.start_session({"pageLoadStrategy": strategy})
             self.assertEqual(self.marionette.session_capabilities["pageLoadStrategy"], strategy)
 
         # A null value should be treatend as "normal"
         self.delete_session()
-        self.marionette.start_session({"desiredCapabilities": {"pageLoadStrategy": None}})
+        self.marionette.start_session({"pageLoadStrategy": None})
         self.assertEqual(self.marionette.session_capabilities["pageLoadStrategy"], "normal")
 
         for value in ["", "EAGER", True, 42, {}, []]:
             print("invalid strategy {}".format(value))
             with self.assertRaisesRegexp(SessionNotCreatedException, "InvalidArgumentError"):
-                self.marionette.start_session({"desiredCapabilities": {"pageLoadStrategy": value}})
+                self.marionette.start_session({"pageLoadStrategy": value})
 
     def test_proxy_default(self):
         self.marionette.start_session()
         self.assertNotIn("proxy", self.marionette.session_capabilities)
 
     def test_proxy_desired(self):
-        self.marionette.start_session({"desiredCapabilities": {"proxy": {"proxyType": "manual"}}})
+        self.marionette.start_session({"proxy": {"proxyType": "manual"}})
         self.assertIn("proxy", self.marionette.session_capabilities)
         self.assertEqual(self.marionette.session_capabilities["proxy"]["proxyType"], "manual")
         self.assertEqual(self.marionette.get_pref("network.proxy.type"), 1)
 
     def test_proxy_required(self):
-        self.marionette.start_session({"requiredCapabilities": {"proxy": {"proxyType": "manual"}}})
+        self.marionette.start_session({"proxy": {"proxyType": "manual"}})
         self.assertIn("proxy", self.marionette.session_capabilities)
         self.assertEqual(self.marionette.session_capabilities["proxy"]["proxyType"], "manual")
         self.assertEqual(self.marionette.get_pref("network.proxy.type"), 1)
 
     def test_timeouts(self):
         timeouts = {u"implicit": 123, u"pageLoad": 456, u"script": 789}
-        caps = {"desiredCapabilities": {"timeouts": timeouts}}
+        caps = {"timeouts": timeouts}
         self.marionette.start_session(caps)
         self.assertIn("timeouts", self.marionette.session_capabilities)
         self.assertDictEqual(self.marionette.session_capabilities["timeouts"], timeouts)

testing/marionette/harness/marionette_harness/tests/unit/test_click.py

@@ -132,8 +132,7 @@ class TestClick(TestLegacyClick):
     def setUp(self):
         TestLegacyClick.setUp(self)
         self.marionette.delete_session()
-        self.marionette.start_session(
-            {"requiredCapabilities": {"specificationLevel": 1}})
+        self.marionette.start_session({"specificationLevel": 1})
 
     def test_click_element_obscured_by_absolute_positioned_element(self):
         self.marionette.navigate(obscured_overlay)

testing/marionette/harness/marionette_harness/tests/unit/test_navigation.py

@@ -609,8 +609,7 @@ class TestTLSNavigation(MarionetteTestCase):
         self.test_page_insecure = self.fixtures.where_is("test.html", on="https")
 
         self.marionette.delete_session()
-        self.capabilities = self.marionette.start_session(
-            {"requiredCapabilities": self.insecure_tls})
+        self.capabilities = self.marionette.start_session(self.insecure_tls)
 
     def tearDown(self):
         try:
@@ -623,8 +622,7 @@ class TestTLSNavigation(MarionetteTestCase):
     @contextlib.contextmanager
     def safe_session(self):
         try:
-            self.capabilities = self.marionette.start_session(
-                {"requiredCapabilities": self.secure_tls})
+            self.capabilities = self.marionette.start_session(self.secure_tls)
             self.assertFalse(self.capabilities["acceptInsecureCerts"])
             yield self.marionette
         finally:
@@ -633,8 +631,7 @@ class TestTLSNavigation(MarionetteTestCase):
     @contextlib.contextmanager
     def unsafe_session(self):
         try:
-            self.capabilities = self.marionette.start_session(
-                {"requiredCapabilities": self.insecure_tls})
+            self.capabilities = self.marionette.start_session(self.insecure_tls)
             self.assertTrue(self.capabilities["acceptInsecureCerts"])
             yield self.marionette
         finally:
@@ -679,7 +676,7 @@ class TestPageLoadStrategy(BaseNavigationTestCase):
 
     def test_none(self):
         self.marionette.delete_session()
-        self.marionette.start_session({"desiredCapabilities": {"pageLoadStrategy": "none"}})
+        self.marionette.start_session({"pageLoadStrategy": "none"})
 
         # With a strategy of "none" there should be no wait for the page load, and the
         # current load state is unknown. So only test that the command executes successfully.
@@ -688,7 +685,7 @@ class TestPageLoadStrategy(BaseNavigationTestCase):
     @skip_if_mobile("Disabling due to message passing slowness on Android.")
     def test_eager(self):
         self.marionette.delete_session()
-        self.marionette.start_session({"desiredCapabilities": {"pageLoadStrategy": "eager"}})
+        self.marionette.start_session({"pageLoadStrategy": "eager"})
 
         self.marionette.navigate(self.test_page_slow_resource)
         self.assertEqual("interactive", self.ready_state)
@@ -697,7 +694,7 @@ class TestPageLoadStrategy(BaseNavigationTestCase):
 
     def test_normal(self):
         self.marionette.delete_session()
-        self.marionette.start_session({"desiredCapabilities": {"pageLoadStrategy": "normal"}})
+        self.marionette.start_session({"pageLoadStrategy": "normal"})
 
         self.marionette.navigate(self.test_page_slow_resource)
         self.assertEqual(self.test_page_slow_resource, self.marionette.get_url())
@@ -708,7 +705,7 @@ class TestPageLoadStrategy(BaseNavigationTestCase):
     def test_strategy_after_remoteness_change(self):
         """Bug 1378191 - Reset of capabilities after listener reload"""
         self.marionette.delete_session()
-        self.marionette.start_session({"desiredCapabilities": {"pageLoadStrategy": "eager"}})
+        self.marionette.start_session({"pageLoadStrategy": "eager"})
 
         # Trigger a remoteness change which will reload the listener script
         self.assertTrue(self.is_remote_tab, "Initial tab doesn't have remoteness flag set")

testing/marionette/session.js

@@ -273,7 +273,7 @@ session.Capabilities = class extends Map {
 
   /**
    * @param {string} key
-   *     Capability name.
+   *     Capability key.
    * @param {(string|number|boolean)} value
    *     JSON-safe capability value.
    */
@@ -302,101 +302,27 @@ session.Capabilities = class extends Map {
   /**
    * Unmarshal a JSON object representation of WebDriver capabilities.
    *
-   * @param {Object.<string, ?>=} json
+   * @param {Object.<string, *>=} json
    *     WebDriver capabilities.
-   * @param {boolean=} merge
-   *     If providing <var>json</var> with <tt>desiredCapabilities</tt> or
-   *     <tt>requiredCapabilities</tt> fields, or both, it should be
-   *     set to true to merge these before parsing.  This indicates that
-   *     the input provided is from a client and not from
-   *     {@link session.Capabilities#toJSON}.
    *
    * @return {session.Capabilities}
    *     Internal representation of WebDriver capabilities.
    */
-  static fromJSON(json, {merge = false} = {}) {
+  static fromJSON(json) {
     if (typeof json == "undefined" || json === null) {
       json = {};
     }
     assert.object(json);
 
-    if (merge) {
-      json = session.Capabilities.merge_(json);
-    }
     return session.Capabilities.match_(json);
   }
 
-  // Processes capabilities as described by WebDriver.
-  static merge_(json) {
-    for (let entry of [json.desiredCapabilities, json.requiredCapabilities]) {
-      if (typeof entry == "undefined" || entry === null) {
-        continue;
-      }
-      assert.object(entry,
-          error.pprint`Expected ${entry} to be a capabilities object`);
-    }
-
-    let desired = json.desiredCapabilities || {};
-    let required = json.requiredCapabilities || {};
-
-    // One level deep union merge of desired- and required capabilities
-    // with preference on required
-    return Object.assign({}, desired, required);
-  }
-
   // Matches capabilities as described by WebDriver.
-  static match_(caps = {}) {
+  static match_(json = {}) {
     let matched = new session.Capabilities();
 
-    const defined = v => typeof v != "undefined" && v !== null;
-    const wildcard = v => v === "*";
-
-    // Iff |actual| provides some value, or is a wildcard or an exact
-    // match of |expected|.  This means it can be null or undefined,
-    // or "*", or "firefox".
-    function stringMatch(actual, expected) {
-      return !defined(actual) || (wildcard(actual) || actual === expected);
-    }
-
-    for (let [k, v] of Object.entries(caps)) {
+    for (let [k, v] of Object.entries(json)) {
       switch (k) {
-        case "browserName":
-          let bname = matched.get("browserName");
-          if (!stringMatch(v, bname)) {
-            throw new TypeError(
-                pprint`Given browserName ${v}, but my name is ${bname}`);
-          }
-          break;
-
-        // TODO(ato): bug 1326397
-        case "browserVersion":
-          let bversion = matched.get("browserVersion");
-          if (!stringMatch(v, bversion)) {
-            throw new TypeError(
-                pprint`Given browserVersion ${v}, ` +
-                pprint`but current version is ${bversion}`);
-          }
-          break;
-
-        case "platformName":
-          let pname = matched.get("platformName");
-          if (!stringMatch(v, pname)) {
-            throw new TypeError(
-                pprint`Given platformName ${v}, ` +
-                pprint`but current platform is ${pname}`);
-          }
-          break;
-
-        // TODO(ato): bug 1326397
-        case "platformVersion":
-          let pversion = matched.get("platformVersion");
-          if (!stringMatch(v, pversion)) {
-            throw new TypeError(
-                pprint`Given platformVersion ${v}, ` +
-                pprint`but current platform version is ${pversion}`);
-          }
-          break;
-
         case "acceptInsecureCerts":
           assert.boolean(v);
           matched.set("acceptInsecureCerts", v);

testing/marionette/test_session.js

@@ -283,62 +283,15 @@ add_test(function test_Capabilities_fromJSON() {
 
   // plain
   for (let typ of [{}, null, undefined]) {
-    ok(fromJSON(typ, {merge: true}).has("browserName"));
-    ok(fromJSON(typ, {merge: false}).has("browserName"));
+    ok(fromJSON(typ).has("browserName"));
   }
   for (let typ of [true, 42, "foo", []]) {
-    Assert.throws(() =>
-        fromJSON(typ, {merge: true}), InvalidArgumentError);
-    Assert.throws(() =>
-        fromJSON(typ, {merge: false}), InvalidArgumentError);
-  }
-
-  // merging
-  let desired = {"moz:accessibilityChecks": false};
-  let required = {"moz:accessibilityChecks": true};
-  let matched = fromJSON(
-      {desiredCapabilities: desired, requiredCapabilities: required},
-      {merge: true});
-  ok(matched.has("moz:accessibilityChecks"));
-  equal(true, matched.get("moz:accessibilityChecks"));
-
-  // desiredCapabilities/requriedCapabilities types
-  for (let typ of [undefined, null, {}]) {
-    ok(fromJSON({desiredCapabilities: typ}, {merge: true}));
-    ok(fromJSON({requiredCapabilities: typ}, {merge: true}));
-  }
-  for (let typ of [true, 42, "foo", []]) {
-    Assert.throws(() => fromJSON({desiredCapabilities: typ}, {merge: true}));
-    Assert.throws(() => fromJSON({requiredCapabilities: typ}, {merge: true}));
+    Assert.throws(() => fromJSON(typ), InvalidArgumentError);
   }
 
   // matching
   let caps = new session.Capabilities();
 
-  ok(fromJSON({browserName: caps.get("browserName")}));
-  ok(fromJSON({browserName: null}));
-  ok(fromJSON({browserName: undefined}));
-  ok(fromJSON({browserName: "*"}));
-  Assert.throws(() => fromJSON({browserName: "foo"}));
-
-  ok(fromJSON({browserVersion: caps.get("browserVersion")}));
-  ok(fromJSON({browserVersion: null}));
-  ok(fromJSON({browserVersion: undefined}));
-  ok(fromJSON({browserVersion: "*"}));
-  Assert.throws(() => fromJSON({browserVersion: "foo"}));
-
-  ok(fromJSON({platformName: caps.get("platformName")}));
-  ok(fromJSON({platformName: null}));
-  ok(fromJSON({platformName: undefined}));
-  ok(fromJSON({platformName: "*"}));
-  Assert.throws(() => fromJSON({platformName: "foo"}));
-
-  ok(fromJSON({platformVersion: caps.get("platformVersion")}));
-  ok(fromJSON({platformVersion: null}));
-  ok(fromJSON({platformVersion: undefined}));
-  ok(fromJSON({platformVersion: "*"}));
-  Assert.throws(() => fromJSON({platformVersion: "foo"}));
-
   caps = fromJSON({acceptInsecureCerts: true});
   equal(true, caps.get("acceptInsecureCerts"));
   caps = fromJSON({acceptInsecureCerts: false});

testing/web-platform/meta/html/semantics/forms/the-form-element/form-autocomplete.html.ini

@@ -24,12 +24,6 @@
   [organization-title is an allowed autocomplete field name]
     expected: FAIL
 
-  [locality is an allowed autocomplete field name]
-    expected: FAIL
-
-  [region is an allowed autocomplete field name]
-    expected: FAIL
-
   [cc-given-name is an allowed autocomplete field name]
     expected: FAIL
 
@@ -42,6 +36,9 @@
   [cc-csc is an allowed autocomplete field name]
     expected: FAIL
 
+  [cc-type is an allowed autocomplete field name]
+    expected: FAIL
+
   [language is an allowed autocomplete field name]
     expected: FAIL
 

toolkit/components/telemetry/Histograms.json

@@ -13682,5 +13682,14 @@
     "n_buckets": 100,
     "releaseChannelCollection": "opt-out",
     "description": "The amount of time spend(ms) for users who view VR content in OpenVR."
+  },
+  "URLCLASSIFIER_UI_EVENTS": {
+    "record_in_processes": ["main", "content"],
+    "alert_emails": ["seceng-telemetry@mozilla.com", "francois@mozilla.com"],
+    "bug_numbers": [1375277],
+    "expires_in_version": "never",
+    "kind": "enumerated",
+    "n_values": 64,
+    "description": "URL CLassifier-related (aka Safe Browsing) UI events. See nsIUrlClassifierUITelemetry.idl for the specific values."
   }
 }

toolkit/components/url-classifier/IUrlClassifierUITelemetry.idl

@@ -0,0 +1,49 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "nsISupports.idl"
+
+[scriptable, uuid(a6c62ce5-3a95-41bb-b0f1-8cd4f4ca00e3)]
+
+interface IUrlClassifierUITelemetry : nsISupports {
+
+const uint32_t WARNING_MALWARE_PAGE_TOP = 1;
+const uint32_t WARNING_MALWARE_PAGE_TOP_WHY_BLOCKED = 2;
+const uint32_t WARNING_MALWARE_PAGE_TOP_GET_ME_OUT_OF_HERE = 3;
+const uint32_t WARNING_MALWARE_PAGE_TOP_IGNORE_WARNING = 4;
+const uint32_t WARNING_MALWARE_PAGE_FRAME = 5;
+const uint32_t WARNING_MALWARE_PAGE_FRAME_WHY_BLOCKED = 6;
+const uint32_t WARNING_MALWARE_PAGE_FRAME_GET_ME_OUT_OF_HERE = 7;
+const uint32_t WARNING_MALWARE_PAGE_FRAME_IGNORE_WARNING = 8;
+
+const uint32_t WARNING_PHISHING_PAGE_TOP = 9;
+const uint32_t WARNING_PHISHING_PAGE_TOP_WHY_BLOCKED = 10;
+const uint32_t WARNING_PHISHING_PAGE_TOP_GET_ME_OUT_OF_HERE = 11;
+const uint32_t WARNING_PHISHING_PAGE_TOP_IGNORE_WARNING = 12;
+const uint32_t WARNING_PHISHING_PAGE_FRAME = 13;
+const uint32_t WARNING_PHISHING_PAGE_FRAME_WHY_BLOCKED = 14;
+const uint32_t WARNING_PHISHING_PAGE_FRAME_GET_ME_OUT_OF_HERE = 15;
+const uint32_t WARNING_PHISHING_PAGE_FRAME_IGNORE_WARNING = 16;
+
+const uint32_t WARNING_UNWANTED_PAGE_TOP = 17;
+const uint32_t WARNING_UNWANTED_PAGE_TOP_WHY_BLOCKED = 18;
+const uint32_t WARNING_UNWANTED_PAGE_TOP_GET_ME_OUT_OF_HERE = 19;
+const uint32_t WARNING_UNWANTED_PAGE_TOP_IGNORE_WARNING = 20;
+const uint32_t WARNING_UNWANTED_PAGE_FRAME = 21;
+const uint32_t WARNING_UNWANTED_PAGE_FRAME_WHY_BLOCKED = 22;
+const uint32_t WARNING_UNWANTED_PAGE_FRAME_GET_ME_OUT_OF_HERE = 23;
+const uint32_t WARNING_UNWANTED_PAGE_FRAME_IGNORE_WARNING = 24;
+
+const uint32_t WARNING_HARMFUL_PAGE_TOP = 25;
+const uint32_t WARNING_HARMFUL_PAGE_TOP_WHY_BLOCKED = 26;
+const uint32_t WARNING_HARMFUL_PAGE_TOP_GET_ME_OUT_OF_HERE = 27;
+const uint32_t WARNING_HARMFUL_PAGE_TOP_IGNORE_WARNING = 28;
+const uint32_t WARNING_HARMFUL_PAGE_FRAME = 29;
+const uint32_t WARNING_HARMFUL_PAGE_FRAME_WHY_BLOCKED = 30;
+const uint32_t WARNING_HARMFUL_PAGE_FRAME_GET_ME_OUT_OF_HERE = 31;
+const uint32_t WARNING_HARMFUL_PAGE_FRAME_IGNORE_WARNING = 32;
+
+};

toolkit/components/url-classifier/SafeBrowsing.jsm

@@ -401,6 +401,7 @@ this.SafeBrowsing = {
     const phishURL    = "itisatrap.org/firefox/its-a-trap.html";
     const malwareURL  = "itisatrap.org/firefox/its-an-attack.html";
     const unwantedURL = "itisatrap.org/firefox/unwanted.html";
+    const harmfulURL  = "itisatrap.org/firefox/harmful.html";
     const trackerURLs = [
       "trackertest.org/",
       "itisatracker.org/",
@@ -417,6 +418,9 @@ this.SafeBrowsing = {
     update += "n:1000\ni:test-unwanted-simple\nad:1\n" +
               "a:1:32:" + unwantedURL.length + "\n" +
               unwantedURL + "\n";
+    update += "n:1000\ni:test-harmful-simple\nad:1\n" +
+              "a:1:32:" + harmfulURL.length + "\n" +
+              harmfulURL + "\n";
     update += "n:1000\ni:test-track-simple\n" +
               "ad:" + trackerURLs.length + "\n";
     trackerURLs.forEach((trackerURL, i) => {
@@ -449,7 +453,7 @@ this.SafeBrowsing = {
     };
 
     try {
-      let tables = "test-malware-simple,test-phish-simple,test-unwanted-simple,test-track-simple,test-trackwhite-simple,test-block-simple";
+      let tables = "test-malware-simple,test-phish-simple,test-unwanted-simple,test-harmful-simple,test-track-simple,test-trackwhite-simple,test-block-simple";
       db.beginUpdate(dummyListener, tables, "");
       db.beginStream("", "");
       db.updateStream(update);

toolkit/components/url-classifier/moz.build

@@ -10,6 +10,7 @@ with Files('**'):
 TEST_DIRS += ['tests']
 
 XPIDL_SOURCES += [
+    'IUrlClassifierUITelemetry.idl',
     'nsIUrlClassifierDBService.idl',
     'nsIUrlClassifierHashCompleter.idl',
     'nsIUrlClassifierInfo.idl',

toolkit/components/url-classifier/nsUrlClassifierDBService.cpp

@@ -81,6 +81,9 @@ TablesToResponse(const nsACString& tables)
   if (FindInReadable(NS_LITERAL_CSTRING("-block-"), tables)) {
     return NS_ERROR_BLOCKED_URI;
   }
+  if (FindInReadable(NS_LITERAL_CSTRING("-harmful-"), tables)) {
+    return NS_ERROR_HARMFUL_URI;
+  }
   return NS_OK;
 }
 

toolkit/components/url-classifier/nsUrlClassifierUtils.cpp

@@ -227,10 +227,11 @@ static const struct {
   const char* mListName;
   uint32_t mThreatType;
 } THREAT_TYPE_CONV_TABLE[] = {
-  { "goog-malware-proto",  MALWARE_THREAT},            // 1
-  { "googpub-phish-proto", SOCIAL_ENGINEERING_PUBLIC}, // 2
-  { "goog-unwanted-proto", UNWANTED_SOFTWARE},         // 3
-  { "goog-phish-proto", SOCIAL_ENGINEERING},           // 5
+  { "goog-malware-proto",  MALWARE_THREAT},                  // 1
+  { "googpub-phish-proto", SOCIAL_ENGINEERING_PUBLIC},       // 2
+  { "goog-unwanted-proto", UNWANTED_SOFTWARE},               // 3
+  { "goog-harmful-proto",  POTENTIALLY_HARMFUL_APPLICATION}, // 4
+  { "goog-phish-proto",    SOCIAL_ENGINEERING},              // 5
 
   // For application reputation
   { "goog-badbinurl-proto", MALICIOUS_BINARY},         // 7

toolkit/components/url-classifier/tests/mochitest/test_classifier.html

@@ -33,7 +33,10 @@ var testData = [
   },
   { url: "blocked.example.com/",
     db: "test-block-simple"
-  }
+  },
+  { url: "harmful.example.com/",
+    db: "test-harmful-simple"
+  },
 ];
 
 const Cc = SpecialPowers.Cc;
@@ -81,6 +84,16 @@ var testURLs = [
     table: "test-phish-simple",
     result: Cr.NS_ERROR_PHISHING_URI
   },
+  { url: "http://harmful.example.com",
+    trackingProtection: false,
+    table: "test-harmful-simple",
+    result: Cr.NS_ERROR_HARMFUL_URI
+  },
+  { url: "http://harmful.example.com",
+    trackingProtection: true,
+    table: "test-harmful-simple",
+    result: Cr.NS_ERROR_HARMFUL_URI
+  },
   { url: "http://tracking.example.com",
     trackingProtection: false,
     table: "test-track-simple",
@@ -135,7 +148,7 @@ function testService() {
         return;
       }
       let test = testURLs.shift();
-      let tables = "test-malware-simple,test-unwanted-simple,test-phish-simple,test-track-simple,test-block-simple";
+      let tables = "test-malware-simple,test-unwanted-simple,test-phish-simple,test-track-simple,test-block-simple,test-harmful-simple";
       let uri = ios.newURI(test.url);
       let prin = ssm.createCodebasePrincipal(uri, {});
       is(service.classifyLocal(uri, tables), test.table,
@@ -158,10 +171,11 @@ function testService() {
 }
 
 SpecialPowers.pushPrefEnv(
-  {"set" : [["urlclassifier.malwareTable", "test-malware-simple,test-unwanted-simple"],
+  {"set" : [["urlclassifier.malwareTable", "test-malware-simple,test-unwanted-simple,test-harmful-simple"],
             ["urlclassifier.phishTable", "test-phish-simple"],
             ["urlclassifier.downloadBlockTable", "test-block-simple"],
             ["urlclassifier.trackingTable", "test-track-simple"],
+            ["browser.safebrowsing.debug", true],
             ["privacy.trackingprotection.annotate_channels", true]]},
   function() {
     classifierHelper.waitForInit()

toolkit/components/url-classifier/tests/unit/head_urlclassifier.js

@@ -56,12 +56,14 @@ function cleanUp() {
   delFile("safebrowsing/test-malware-simple.sbstore");
   delFile("safebrowsing/test-unwanted-simple.sbstore");
   delFile("safebrowsing/test-block-simple.sbstore");
+  delFile("safebrowsing/test-harmful-simple.sbstore");
   delFile("safebrowsing/test-track-simple.sbstore");
   delFile("safebrowsing/test-trackwhite-simple.sbstore");
   delFile("safebrowsing/test-phish-simple.pset");
   delFile("safebrowsing/test-malware-simple.pset");
   delFile("safebrowsing/test-unwanted-simple.pset");
   delFile("safebrowsing/test-block-simple.pset");
+  delFile("safebrowsing/test-harmful-simple.pset");
   delFile("safebrowsing/test-track-simple.pset");
   delFile("safebrowsing/test-trackwhite-simple.pset");
   delFile("safebrowsing/moz-phish-simple.sbstore");

toolkit/components/url-classifier/tests/unit/test_threat_type_conversion.js

@@ -7,6 +7,7 @@ function run_test() {
   equal(urlUtils.convertListNameToThreatType("goog-malware-proto"), 1);
   equal(urlUtils.convertListNameToThreatType("googpub-phish-proto"), 2);
   equal(urlUtils.convertListNameToThreatType("goog-unwanted-proto"), 3);
+  equal(urlUtils.convertListNameToThreatType("goog-harmful-proto"), 4);
   equal(urlUtils.convertListNameToThreatType("goog-phish-proto"), 5);
 
   try {
@@ -23,6 +24,7 @@ function run_test() {
   equal(urlUtils.convertThreatTypeToListNames(1), "goog-malware-proto");
   equal(urlUtils.convertThreatTypeToListNames(2), "googpub-phish-proto,test-phish-proto");
   equal(urlUtils.convertThreatTypeToListNames(3), "goog-unwanted-proto,test-unwanted-proto");
+  equal(urlUtils.convertThreatTypeToListNames(4), "goog-harmful-proto");
   equal(urlUtils.convertThreatTypeToListNames(5), "goog-phish-proto");
 
   try {

toolkit/content/widgets/preferences.xml

@@ -94,7 +94,7 @@
       </field>
       <field name="rootBranchInternal">
         Components.classes["@mozilla.org/preferences-service;1"]
-                  .getService(Components.interfaces.nsIPrefBranchInternal);
+                  .getService(Components.interfaces.nsIPrefBranch);
       </field>
       <property name="type" readonly="true">
         <getter>

toolkit/modules/LightweightThemeConsumer.jsm

@@ -71,7 +71,7 @@ LightweightThemeConsumer.prototype = {
       .getInterface(Ci.nsIDOMWindowUtils);
 
     const parsedData = JSON.parse(aData);
-    if (parsedData.window && parsedData.window !== outerWindowID) {
+    if (parsedData && parsedData.window && parsedData.window !== outerWindowID) {
       return;
     }
 

xpcom/base/ErrorList.py

@@ -844,6 +844,7 @@ with modules["URILOADER"]:
     errors["NS_ERROR_TRACKING_URI"] = FAILURE(34)
     errors["NS_ERROR_UNWANTED_URI"] = FAILURE(35)
     errors["NS_ERROR_BLOCKED_URI"] = FAILURE(37)
+    errors["NS_ERROR_HARMFUL_URI"] = FAILURE(38)
     # Used when "Save Link As..." doesn't see the headers quickly enough to
     # choose a filename.  See nsContextMenu.js.
     errors["NS_ERROR_SAVE_LINK_AS_TIMEOUT"] = FAILURE(32)