diff --git a/browser/base/content/aboutaccounts/aboutaccounts.js b/browser/base/content/aboutaccounts/aboutaccounts.js
index bf6fc6cf5157..641267462cf5 100644
--- a/browser/base/content/aboutaccounts/aboutaccounts.js
+++ b/browser/base/content/aboutaccounts/aboutaccounts.js
@@ -9,9 +9,17 @@ const {classes: Cc, interfaces: Ci, utils: Cu} = Components;
 Cu.import("resource://gre/modules/Services.jsm");
 Cu.import("resource://gre/modules/FxAccounts.jsm");
 
+let fxAccountsCommon = {};
+Cu.import("resource://gre/modules/FxAccountsCommon.js", fxAccountsCommon);
+
 const PREF_LAST_FXA_USER = "identity.fxaccounts.lastSignedInUserHash";
 const PREF_SYNC_SHOW_CUSTOMIZATION = "services.sync.ui.showCustomizationDialog";
 
+const OBSERVER_TOPICS = [
+  fxAccountsCommon.ONVERIFIED_NOTIFICATION,
+  fxAccountsCommon.ONLOGOUT_NOTIFICATION,
+];
+
 function log(msg) {
   //dump("FXA: " + msg + "\n");
 };
@@ -150,6 +158,11 @@ let wrapper = {
     xps.whenLoaded().then(() => {
       return fxAccounts.setSignedInUser(accountData);
     }).then(() => {
+      // If the user data is verified, we want it to immediately look like
+      // they are signed in without waiting for messages to bounce around.
+      if (accountData.verified) {
+        showManage();
+      }
       this.injectData("message", { status: "login" });
       // until we sort out a better UX, just leave the jelly page in place.
       // If the account email is not yet verified, it will tell the user to
@@ -249,23 +262,36 @@ function openPrefs() {
 }
 
 function init() {
-  if (window.location.href.contains("action=signin")) {
-    show("remote");
-    wrapper.init(fxAccounts.getAccountsSignInURI());
-  } else if (window.location.href.contains("action=signup")) {
-    show("remote");
-    wrapper.init();
-  } else if (window.location.href.contains("action=reauth")) {
-    fxAccounts.promiseAccountsForceSigninURI().then(url => {
-      show("remote");
-      wrapper.init(url);
-    });
-  } else {
-    // Check if we have a local account
-    fxAccounts.getSignedInUser().then(user => {
+  fxAccounts.getSignedInUser().then(user => {
+    if (window.location.href.contains("action=signin")) {
       if (user) {
-        show("stage");
-        show("manage");
+        // asking to sign-in when already signed in just shows manage.
+        showManage();
+      } else {
+        show("remote");
+        wrapper.init(fxAccounts.getAccountsSignInURI());
+      }
+    } else if (window.location.href.contains("action=signup")) {
+      if (user) {
+        // asking to sign-up when already signed in just shows manage.
+        showManage();
+      } else {
+        show("remote");
+        wrapper.init();
+      }
+    } else if (window.location.href.contains("action=reauth")) {
+      // ideally we would only show this when we know the user is in a
+      // "must reauthenticate" state - but we don't.
+      // As the email address will be included in the URL returned from
+      // promiseAccountsForceSigninURI, just always show it.
+      fxAccounts.promiseAccountsForceSigninURI().then(url => {
+        show("remote");
+        wrapper.init(url);
+      });
+    } else {
+      // No action specified
+      if (user) {
+        showManage();
         let sb = Services.strings.createBundle("chrome://browser/locale/syncSetup.properties");
         document.title = sb.GetStringFromName("manage.pageTitle");
       } else {
@@ -274,8 +300,8 @@ function init() {
         // load the remote frame in the background
         wrapper.init();
       }
-    });
-  }
+    }
+  });
 }
 
 function show(id) {
@@ -285,7 +311,38 @@ function hide(id) {
   document.getElementById(id).style.display = 'none';
 }
 
+function showManage() {
+  show("stage");
+  show("manage");
+  hide("remote");
+  hide("intro");
+}
+
 document.addEventListener("DOMContentLoaded", function onload() {
   document.removeEventListener("DOMContentLoaded", onload, true);
   init();
 }, true);
+
+function initObservers() {
+  function observe(subject, topic, data) {
+    log("about:accounts observed " + topic);
+    if (topic == fxAccountsCommon.ONLOGOUT_NOTIFICATION) {
+      // All about:account windows get changed to action=signin on logout.
+      window.location = "about:accounts?action=signin";
+      return;
+    }
+    // must be onverified - just about:accounts is loaded.
+    window.location = "about:accounts";
+  }
+
+  for (let topic of OBSERVER_TOPICS) {
+    Services.obs.addObserver(observe, topic, false);
+  }
+  window.addEventListener("unload", function(event) {
+    log("about:accounts unloading")
+    for (let topic of OBSERVER_TOPICS) {
+      Services.obs.removeObserver(observe, topic);
+    }
+  });
+}
+initObservers();
diff --git a/browser/base/content/browser-fxaccounts.js b/browser/base/content/browser-fxaccounts.js
index dc26aae09c52..636bb9a2f1dd 100644
--- a/browser/base/content/browser-fxaccounts.js
+++ b/browser/base/content/browser-fxaccounts.js
@@ -24,6 +24,7 @@ let gFxAccounts = {
     // Do all this dance to lazy-load FxAccountsCommon.
     delete this.topics;
     return this.topics = [
+      "weave:service:ready",
       "weave:service:sync:start",
       "weave:service:login:error",
       FxAccountsCommon.ONLOGIN_NOTIFICATION,
diff --git a/browser/base/content/browser-social.js b/browser/base/content/browser-social.js
index f7ab48a6b674..18941e916f17 100644
--- a/browser/base/content/browser-social.js
+++ b/browser/base/content/browser-social.js
@@ -901,7 +901,7 @@ SocialSidebar = {
     let popup = event.target;
     let providerMenuSeps = popup.getElementsByClassName("social-provider-menu");
     if (providerMenuSeps[0].previousSibling.nodeName == "menuseparator")
-      SocialSidebar._populateProviderMenu(providerMenuSeps[0]);
+      SocialSidebar.populateProviderMenu(providerMenuSeps[0]);
   },
 
   clearProviderMenus: function() {
@@ -916,7 +916,7 @@ SocialSidebar = {
     }
   },
 
-  _populateProviderMenu: function(providerMenuSep) {
+  populateProviderMenu: function(providerMenuSep) {
     let menu = providerMenuSep.parentNode;
     // selectable providers are inserted before the provider-menu seperator,
     // remove any menuitems in that area
diff --git a/browser/base/content/browser.css b/browser/base/content/browser.css
index 9383241abf80..0849ef76f54e 100644
--- a/browser/base/content/browser.css
+++ b/browser/base/content/browser.css
@@ -768,10 +768,6 @@ toolbarbutton[type="badged"] {
   -moz-binding: url("chrome://browser/content/urlbarBindings.xml#toolbarbutton-badged");
 }
 
-toolbarpaletteitem[place="palette"] > toolbarbutton[type="badged"] > .toolbarbutton-badge-container {
-  padding: 5px;
-}
-
 toolbarbutton[type="socialmark"] {
   -moz-binding: url("chrome://browser/content/socialmarks.xml#toolbarbutton-marks");
 }
@@ -779,11 +775,9 @@ toolbarbutton[type="socialmark"] {
 toolbarbutton[type="badged"] > .toolbarbutton-badge-container > .toolbarbutton-icon,
 toolbarbutton[type="socialmark"] > .toolbarbutton-icon {
   max-width: 16px;
-  max-height: 16px;
 }
 toolbarpaletteitem[place="palette"] > toolbarbutton[type="badged"] > .toolbarbutton-badge-container > .toolbarbutton-icon {
   max-width: 32px;
-  max-height: 32px;
 }
 
 panelview > .social-panel-frame {
diff --git a/browser/base/content/browser.xul b/browser/base/content/browser.xul
index 5ea8be7bf3c8..2e945234fc77 100644
--- a/browser/base/content/browser.xul
+++ b/browser/base/content/browser.xul
@@ -1166,7 +1166,7 @@
 
 #ifndef XP_UNIX
     <svg:clipPath id="windows-keyhole-forward-clip-path" clipPathUnits="objectBoundingBox">
-      <svg:path d="M 0,0 C 0.16,0.11 0.28,0.29 0.28,0.5 0.28,0.71 0.16,0.89 0,1 L 1,1 1,0 0,0 z"/>
+      <svg:path d="m 0,0 c .3,.25 .3,.75, 0,1 l 1,0 0,-1 z"/>
     </svg:clipPath>
     <svg:clipPath id="windows-urlbar-back-button-clip-path" clipPathUnits="userSpaceOnUse">
       <svg:path d="m 0,-5 l 0,7.8 c 2.5,3.2 4,6.2 4,10.2 c 0,4 -1.5,7 -4,10 l 0,22l10000,0 l 0,-50 l -10000,0 z"/>
diff --git a/browser/base/content/socialmarks.xml b/browser/base/content/socialmarks.xml
index 351f26a04141..60baee9fd737 100644
--- a/browser/base/content/socialmarks.xml
+++ b/browser/base/content/socialmarks.xml
@@ -12,7 +12,9 @@
       <xul:panel anonid="panel" hidden="true" type="arrow" class="social-panel"/>
       <xul:image class="toolbarbutton-icon" xbl:inherits="validate,src=image,label"/>
       <xul:label class="toolbarbutton-text" crop="right" flex="1"
-                 xbl:inherits="value=label,accesskey,crop"/>
+                 xbl:inherits="value=label,accesskey,crop,wrap"/>
+      <xul:label class="toolbarbutton-multiline-text" flex="1"
+                 xbl:inherits="xbl:text=label,accesskey,wrap"/>
     </content>
     <implementation implements="nsIDOMEventListener, nsIObserver">
       <field name="inMenuPanel">false</field>
diff --git a/browser/base/content/test/general/browser.ini b/browser/base/content/test/general/browser.ini
index 1e63b3915e0d..35361ae4fdf1 100644
--- a/browser/base/content/test/general/browser.ini
+++ b/browser/base/content/test/general/browser.ini
@@ -83,6 +83,8 @@ support-files =
 skip-if = (os == "linux" || os == "mac") && debug # bug 970052, bug 970053
 [browser_aboutAccounts.js]
 skip-if = os == "linux" # Bug 958026
+support-files =
+  content_aboutAccounts.js
 [browser_aboutHealthReport.js]
 skip-if = os == "linux" # Bug 924307
 [browser_aboutHome.js]
diff --git a/browser/base/content/test/general/browser_aboutAccounts.js b/browser/base/content/test/general/browser_aboutAccounts.js
index ec7ee856942c..a1512479fd1e 100644
--- a/browser/base/content/test/general/browser_aboutAccounts.js
+++ b/browser/base/content/test/general/browser_aboutAccounts.js
@@ -9,22 +9,35 @@ XPCOMUtils.defineLazyModuleGetter(this, "Task",
 XPCOMUtils.defineLazyModuleGetter(this, "fxAccounts",
   "resource://gre/modules/FxAccounts.jsm");
 
+const CHROME_BASE = "chrome://mochitests/content/browser/browser/base/content/test/general/";
+// Preference helpers.
+let changedPrefs = new Set();
+
+function setPref(name, value) {
+  changedPrefs.add(name);
+  Services.prefs.setCharPref(name, value);
+}
+
 registerCleanupFunction(function() {
   // Ensure we don't pollute prefs for next tests.
-  Services.prefs.clearUserPref("identity.fxaccounts.remote.uri");
+  for (let name of changedPrefs) {
+    Services.prefs.clearUserPref(name);
+  }
 });
 
 let gTests = [
-
 {
   desc: "Test the remote commands",
-  setup: function ()
-  {
-    Services.prefs.setCharPref("identity.fxaccounts.remote.uri",
-                               "https://example.com/browser/browser/base/content/test/general/accounts_testRemoteCommands.html");
+  teardown: function* () {
+    gBrowser.removeCurrentTab();
+    yield fxAccounts.signOut();
   },
-  run: function ()
+  run: function* ()
   {
+    setPref("identity.fxaccounts.remote.uri",
+            "https://example.com/browser/browser/base/content/test/general/accounts_testRemoteCommands.html");
+    yield promiseNewTabLoadEvent("about:accounts");
+
     let deferred = Promise.defer();
 
     let results = 0;
@@ -47,11 +60,135 @@ let gTests = [
       ok(false, "Failed to get all commands");
       deferred.reject();
     }
-    return deferred.promise.then(() => fxAccounts.signOut());
+    yield deferred.promise;
   }
 },
+{
+  desc: "Test action=signin - no user logged in",
+  teardown: () => gBrowser.removeCurrentTab(),
+  run: function* ()
+  {
+    // When this loads with no user logged-in, we expect the "normal" URL
+    const expected_url = "https://example.com/?is_sign_in";
+    setPref("identity.fxaccounts.remote.signin.uri", expected_url);
+    let [tab, url] = yield promiseNewTabWithIframeLoadEvent("about:accounts?action=signin");
+    is(url, expected_url, "action=signin got the expected URL");
+    // we expect the remote iframe to be shown.
+    yield checkVisibilities(tab, {
+      stage: false, // parent of 'manage' and 'intro'
+      manage: false,
+      intro: false, // this is  "get started"
+      remote: true
+    });
+  }
+},
+{
+  desc: "Test action=signin - user logged in",
+  teardown: function* () {
+    gBrowser.removeCurrentTab();
+    yield signOut();
+  },
+  run: function* ()
+  {
+    // When this loads with a user logged-in, we expect the normal URL to
+    // have been ignored and the "manage" page to be shown.
+    const expected_url = "https://example.com/?is_sign_in";
+    setPref("identity.fxaccounts.remote.signin.uri", expected_url);
+    yield setSignedInUser();
+    let tab = yield promiseNewTabLoadEvent("about:accounts?action=signin");
+    // about:accounts initializes after fetching the current user from Fxa -
+    // so we also request it - by the time we get it we know it should have
+    // done its thing.
+    yield fxAccounts.getSignedInUser();
+    // we expect "manage" to be shown.
+    yield checkVisibilities(tab, {
+      stage: true, // parent of 'manage' and 'intro'
+      manage: true,
+      intro: false, // this is  "get started"
+      remote: false
+    });
+  }
+},
+{
+  desc: "Test action=signup - no user logged in",
+  teardown: () => gBrowser.removeCurrentTab(),
+  run: function* ()
+  {
+    const expected_url = "https://example.com/?is_sign_up";
+    setPref("identity.fxaccounts.remote.uri", expected_url);
+    let [tab, url] = yield promiseNewTabWithIframeLoadEvent("about:accounts?action=signup");
+    is(url, expected_url, "action=signup got the expected URL");
+    // we expect the remote iframe to be shown.
+    yield checkVisibilities(tab, {
+      stage: false, // parent of 'manage' and 'intro'
+      manage: false,
+      intro: false, // this is  "get started"
+      remote: true
+    });
+  },
+},
+{
+  desc: "Test action=signup - user logged in",
+  teardown: () => gBrowser.removeCurrentTab(),
+  run: function* ()
+  {
+    const expected_url = "https://example.com/?is_sign_up";
+    setPref("identity.fxaccounts.remote.uri", expected_url);
+    yield setSignedInUser();
+    let tab = yield promiseNewTabLoadEvent("about:accounts?action=signup");
+    yield fxAccounts.getSignedInUser();
+    // we expect "manage" to be shown.
+    yield checkVisibilities(tab, {
+      stage: true, // parent of 'manage' and 'intro'
+      manage: true,
+      intro: false, // this is  "get started"
+      remote: false
+    });
+  },
+},
+{
+  desc: "Test action=reauth",
+  teardown: function* () {
+    gBrowser.removeCurrentTab();
+    yield signOut();
+  },
+  run: function* ()
+  {
+    const expected_url = "https://example.com/?is_force_auth";
+    setPref("identity.fxaccounts.remote.force_auth.uri", expected_url);
+    let userData = {
+      email: "foo@example.com",
+      uid: "1234@lcip.org",
+      assertion: "foobar",
+      sessionToken: "dead",
+      kA: "beef",
+      kB: "cafe",
+      verified: true
+    };
 
-
+    yield setSignedInUser();
+    let [tab, url] = yield promiseNewTabWithIframeLoadEvent("about:accounts?action=reauth");
+    // The current user will be appended to the url
+    let expected = expected_url + "&email=foo%40example.com";
+    is(url, expected, "action=reauth got the expected URL");
+  },
+},
+{
+  desc: "Test observers about:accounts",
+  teardown: function() {
+    gBrowser.removeCurrentTab();
+  },
+  run: function* () {
+    setPref("identity.fxaccounts.remote.uri", "https://example.com/");
+    yield setSignedInUser();
+    let tab = yield promiseNewTabLoadEvent("about:accounts");
+    // sign the user out - the tab should have action=signin
+    yield signOut();
+    // wait for the new load.
+    yield promiseOneMessage(tab, "test:document:load");
+    is(tab.linkedBrowser.contentDocument.location.href, "about:accounts?action=signin");
+  }
+},
 ]; // gTests
 
 function test()
@@ -61,32 +198,91 @@ function test()
   Task.spawn(function () {
     for (let test of gTests) {
       info(test.desc);
-      test.setup();
-
-      yield promiseNewTabLoadEvent("about:accounts");
-
-      yield test.run();
-
-      gBrowser.removeCurrentTab();
+      try {
+        yield test.run();
+      } finally {
+        yield test.teardown();
+      }
     }
 
     finish();
   });
 }
 
+function promiseOneMessage(tab, messageName) {
+  let mm = tab.linkedBrowser.messageManager;
+  let deferred = Promise.defer();
+  mm.addMessageListener(messageName, function onmessage(message) {
+    mm.removeMessageListener(messageName, onmessage);
+    deferred.resolve(message);
+  });
+  return deferred.promise;
+}
+
 function promiseNewTabLoadEvent(aUrl)
 {
+  let tab = gBrowser.selectedTab = gBrowser.addTab(aUrl);
+  let browser = tab.linkedBrowser;
+  let mm = browser.messageManager;
+
+  // give it an e10s-friendly content script to help with our tests.
+  mm.loadFrameScript(CHROME_BASE + "content_aboutAccounts.js", true);
+  // and wait for it to tell us about the load.
+  return promiseOneMessage(tab, "test:document:load").then(
+    () => tab
+  );
+}
+
+// Returns a promise which is resolved with the iframe's URL after a new
+// tab is created and the iframe in that tab loads.
+function promiseNewTabWithIframeLoadEvent(aUrl) {
   let deferred = Promise.defer();
   let tab = gBrowser.selectedTab = gBrowser.addTab(aUrl);
   let browser = tab.linkedBrowser;
+  let mm = browser.messageManager;
 
-  browser.addEventListener("load", function onLoad(event) {
-    let iframe = browser.contentDocument.getElementById("remote");
-    if (iframe && event.target == iframe.contentDocument) {
-      browser.removeEventListener("load", onLoad, true);
-      deferred.resolve();
-    }
-  }, true);
-
+  // give it an e10s-friendly content script to help with our tests.
+  mm.loadFrameScript(CHROME_BASE + "content_aboutAccounts.js", true);
+  // and wait for it to tell us about the iframe load.
+  mm.addMessageListener("test:iframe:load", function onFrameLoad(message) {
+    mm.removeMessageListener("test:iframe:load", onFrameLoad);
+    deferred.resolve([tab, message.data.url]);
+  });
   return deferred.promise;
 }
+
+function checkVisibilities(tab, data) {
+  let ids = Object.keys(data);
+  let mm = tab.linkedBrowser.messageManager;
+  let deferred = Promise.defer();
+  mm.addMessageListener("test:check-visibilities-response", function onResponse(message) {
+    mm.removeMessageListener("test:check-visibilities-response", onResponse);
+    for (let id of ids) {
+      is(message.data[id], data[id], "Element '" + id + "' has correct visibility");
+    }
+    deferred.resolve();
+  });
+  mm.sendAsyncMessage("test:check-visibilities", {ids: ids});
+  return deferred.promise;
+}
+
+// watch out - these will fire observers which if you aren't careful, may
+// interfere with the tests.
+function setSignedInUser(data) {
+  if (!data) {
+    data = {
+      email: "foo@example.com",
+      uid: "1234@lcip.org",
+      assertion: "foobar",
+      sessionToken: "dead",
+      kA: "beef",
+      kB: "cafe",
+      verified: true
+    }
+  }
+ return fxAccounts.setSignedInUser(data);
+}
+
+function signOut() {
+  return fxAccounts.signOut();
+}
diff --git a/browser/base/content/test/general/content_aboutAccounts.js b/browser/base/content/test/general/content_aboutAccounts.js
new file mode 100644
index 000000000000..e09cdae1aa96
--- /dev/null
+++ b/browser/base/content/test/general/content_aboutAccounts.js
@@ -0,0 +1,48 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+// This file is loaded as a "content script" for browser_aboutAccounts tests
+"use strict";
+
+addEventListener("load", function load(event) {
+  if (event.target != content.document) {
+    return;
+  }
+//  content.document.removeEventListener("load", load, true);
+  sendAsyncMessage("test:document:load");
+}, true);
+
+addEventListener("DOMContentLoaded", function domContentLoaded(event) {
+  removeEventListener("DOMContentLoaded", domContentLoaded, true);
+  let iframe = content.document.getElementById("remote");
+  iframe.addEventListener("load", function iframeLoaded(event) {
+    if (iframe.contentWindow.location.href == "about:blank" ||
+        event.target != iframe) {
+      return;
+    }
+    iframe.removeEventListener("load", iframeLoaded, true);
+    sendAsyncMessage("test:iframe:load", {url: iframe.getAttribute("src")});
+  }, true);
+}, true);
+
+// Return the visibility state of a list of ids.
+addMessageListener("test:check-visibilities", function (message) {
+  let result = {};
+  for (let id of message.data.ids) {
+    let elt = content.document.getElementById(id);
+    if (elt) {
+      let displayStyle = content.window.getComputedStyle(elt).display;
+      if (displayStyle == 'none') {
+        result[id] = false;
+      } else if (displayStyle == 'block') {
+        result[id] = true;
+      } else {
+        result[id] = "strange: " + displayStyle; // tests should fail!
+      }
+    } else {
+      result[id] = "doesn't exist: " + id;
+    }
+  }
+  sendAsyncMessage("test:check-visibilities-response", result);
+});
diff --git a/browser/base/content/urlbarBindings.xml b/browser/base/content/urlbarBindings.xml
index f985baca8c36..2e108b37b905 100644
--- a/browser/base/content/urlbarBindings.xml
+++ b/browser/base/content/urlbarBindings.xml
@@ -2196,12 +2196,14 @@
            extends="chrome://global/content/bindings/toolbarbutton.xml#toolbarbutton">
     <content>
       <children includes="observes|template|menupopup|panel|tooltip"/>
-      <xul:hbox class="toolbarbutton-badge-container" align="start" pack="end" flex="1">
+      <xul:hbox class="toolbarbutton-badge-container" align="start" pack="end">
         <xul:hbox class="toolbarbutton-badge" xbl:inherits="badge"/>
         <xul:image class="toolbarbutton-icon" xbl:inherits="validate,src=image,label"/>
       </xul:hbox>
       <xul:label class="toolbarbutton-text" crop="right" flex="1"
-                 xbl:inherits="value=label,accesskey,crop"/>
+                 xbl:inherits="value=label,accesskey,crop,wrap"/>
+      <xul:label class="toolbarbutton-multiline-text" flex="1"
+                 xbl:inherits="xbl:text=label,accesskey,wrap"/>
     </content>
   </binding>
 
diff --git a/browser/components/customizableui/content/panelUI.inc.xul b/browser/components/customizableui/content/panelUI.inc.xul
index ad4963316fd3..58c574b69b05 100644
--- a/browser/components/customizableui/content/panelUI.inc.xul
+++ b/browser/components/customizableui/content/panelUI.inc.xul
@@ -153,6 +153,11 @@
       <vbox id="PanelUI-developerItems" class="panel-subview-body"/>
     </panelview>
 
+    <panelview id="PanelUI-sidebar" flex="1">
+      <label value="&appMenuSidebars.label;" class="panel-subview-header"/>
+      <vbox id="PanelUI-sidebarItems" class="panel-subview-body"/>
+    </panelview>
+
     <panelview id="PanelUI-characterEncodingView" flex="1">
       <label value="&charsetMenu.label;" class="panel-subview-header"/>
       <vbox class="panel-subview-body">
diff --git a/browser/components/customizableui/src/CustomizableWidgets.jsm b/browser/components/customizableui/src/CustomizableWidgets.jsm
index 7735218fba22..68a76910fd07 100644
--- a/browser/components/customizableui/src/CustomizableWidgets.jsm
+++ b/browser/components/customizableui/src/CustomizableWidgets.jsm
@@ -320,6 +320,74 @@ const CustomizableWidgets = [{
       parent.appendChild(items);
     }
   }, {
+    id: "sidebar-button",
+    type: "view",
+    viewId: "PanelUI-sidebar",
+    onViewShowing: function(aEvent) {
+      // Largely duplicated from the developer-button above with a couple minor
+      // alterations.
+      // Populate the subview with whatever menuitems are in the
+      // sidebar menu. We skip menu elements, because the menu panel has no way
+      // of dealing with those right now.
+      let doc = aEvent.target.ownerDocument;
+      let win = doc.defaultView;
+
+      let items = doc.getElementById("PanelUI-sidebarItems");
+      let menu = doc.getElementById("viewSidebarMenu");
+
+      // First clear any existing menuitems then populate. Social sidebar
+      // options may not have been added yet, so we do that here. Add it to the
+      // standard menu first, then copy all sidebar options to the panel.
+      win.SocialSidebar.clearProviderMenus();
+      let providerMenuSeps = menu.getElementsByClassName("social-provider-menu");
+      if (providerMenuSeps.length > 0)
+        win.SocialSidebar.populateProviderMenu(providerMenuSeps[0]);
+
+      let attrs = ["oncommand", "onclick", "label", "key", "disabled",
+                   "command", "observes", "hidden", "class", "origin",
+                   "image", "checked"];
+
+      let fragment = doc.createDocumentFragment();
+      let itemsToDisplay = [...menu.children];
+      for (let node of itemsToDisplay) {
+        if (node.hidden)
+          continue;
+
+        let item;
+        if (node.localName == "menuseparator") {
+          item = doc.createElementNS(kNSXUL, "menuseparator");
+        } else if (node.localName == "menuitem") {
+          item = doc.createElementNS(kNSXUL, "toolbarbutton");
+        } else {
+          continue;
+        }
+        for (let attr of attrs) {
+          let attrVal = node.getAttribute(attr);
+          if (attrVal)
+            item.setAttribute(attr, attrVal);
+        }
+        if (node.localName == "menuitem")
+          item.classList.add("subviewbutton");
+        fragment.appendChild(item);
+      }
+
+      items.appendChild(fragment);
+    },
+    onViewHiding: function(aEvent) {
+      let doc = aEvent.target.ownerDocument;
+      let items = doc.getElementById("PanelUI-sidebarItems");
+      let parent = items.parentNode;
+      // We'll take the container out of the document before cleaning it out
+      // to avoid reflowing each time we remove something.
+      parent.removeChild(items);
+
+      while (items.firstChild) {
+        items.firstChild.remove();
+      }
+
+      parent.appendChild(items);
+    }
+  }, {
     id: "add-ons-button",
     shortcutId: "key_openAddons",
     tooltiptext: "add-ons-button.tooltiptext2",
diff --git a/browser/components/customizableui/src/CustomizeMode.jsm b/browser/components/customizableui/src/CustomizeMode.jsm
index 8c3bfef3d63b..78b55d5e3e08 100644
--- a/browser/components/customizableui/src/CustomizeMode.jsm
+++ b/browser/components/customizableui/src/CustomizeMode.jsm
@@ -214,8 +214,6 @@ CustomizeMode.prototype = {
       customizeButton.setAttribute("label", customizeButton.getAttribute("exitLabel"));
       customizeButton.setAttribute("enterTooltiptext", customizeButton.getAttribute("tooltiptext"));
       customizeButton.setAttribute("tooltiptext", customizeButton.getAttribute("exitTooltiptext"));
-      document.getElementById("PanelUI-help").setAttribute("disabled", true);
-      document.getElementById("PanelUI-quit").setAttribute("disabled", true);
 
       this._transitioning = true;
 
@@ -246,6 +244,9 @@ CustomizeMode.prototype = {
 
       window.gNavToolbox.addEventListener("toolbarvisibilitychange", this);
 
+      document.getElementById("PanelUI-help").setAttribute("disabled", true);
+      document.getElementById("PanelUI-quit").setAttribute("disabled", true);
+
       this._updateResetButton();
       this._updateUndoResetButton();
 
@@ -336,7 +337,6 @@ CustomizeMode.prototype = {
 
     this.document.removeEventListener("keypress", this);
     this.window.PanelUI.menuButton.removeEventListener("mousedown", this);
-    this.window.PanelUI.menuButton.open = false;
 
     this.window.PanelUI.beginBatchUpdate();
 
@@ -425,6 +425,7 @@ CustomizeMode.prototype = {
       CustomizableUI.dispatchToolboxEvent("customizationending", {}, window);
 
       window.PanelUI.setMainView(window.PanelUI.mainView);
+      window.PanelUI.menuButton.open = false;
       window.PanelUI.menuButton.disabled = false;
 
       let customizeButton = document.getElementById("PanelUI-customize");
diff --git a/browser/devtools/debugger/debugger-panes.js b/browser/devtools/debugger/debugger-panes.js
index a54e86c8e1be..ead40897b7e0 100644
--- a/browser/devtools/debugger/debugger-panes.js
+++ b/browser/devtools/debugger/debugger-panes.js
@@ -1961,10 +1961,14 @@ VariableBubbleView.prototype = {
   /**
    * The mousemove listener for the source editor.
    */
-  _onMouseMove: function({ clientX: x, clientY: y }) {
+  _onMouseMove: function({ clientX: x, clientY: y, buttons: btns }) {
     // Prevent the variable inspection popup from showing when the thread client
-    // is not paused, or while a popup is already visible.
-    if (gThreadClient && gThreadClient.state != "paused" || !this._tooltip.isHidden()) {
+    // is not paused, or while a popup is already visible, or when the user tries
+    // to select text in the editor.
+    if (gThreadClient && gThreadClient.state != "paused"
+        || !this._tooltip.isHidden()
+        || (DebuggerView.editor.somethingSelected()
+         && btns > 0)) {
       clearNamedTimeout("editor-mouse-move");
       return;
     }
diff --git a/browser/devtools/debugger/test/browser.ini b/browser/devtools/debugger/test/browser.ini
index 90699b1006f8..a4cdf1c873fa 100644
--- a/browser/devtools/debugger/test/browser.ini
+++ b/browser/devtools/debugger/test/browser.ini
@@ -265,6 +265,7 @@ support-files =
 [browser_dbg_variables-view-popup-11.js]
 [browser_dbg_variables-view-popup-12.js]
 [browser_dbg_variables-view-popup-13.js]
+[browser_dbg_variables-view-popup-14.js]
 [browser_dbg_variables-view-reexpand-01.js]
 [browser_dbg_variables-view-reexpand-02.js]
 [browser_dbg_variables-view-webidl.js]
diff --git a/browser/devtools/debugger/test/browser_dbg_variables-view-popup-14.js b/browser/devtools/debugger/test/browser_dbg_variables-view-popup-14.js
new file mode 100644
index 000000000000..c6b6751b9710
--- /dev/null
+++ b/browser/devtools/debugger/test/browser_dbg_variables-view-popup-14.js
@@ -0,0 +1,49 @@
+/* Any copyright is dedicated to the Public Domain.
+   http://creativecommons.org/publicdomain/zero/1.0/ */
+
+/**
+ * Tests that the variable inspection popup is hidden when
+ * selecting text in the editor.
+ */
+
+const TAB_URL = EXAMPLE_URL + "doc_frame-parameters.html";
+
+function test() {
+  Task.spawn(function*() {
+    let [tab, debuggee, panel] = yield initDebugger(TAB_URL);
+    let win = panel.panelWin;
+    let bubble = win.DebuggerView.VariableBubble;
+
+    // Allow this generator function to yield first.
+    executeSoon(() => debuggee.start());
+    yield waitForSourceAndCaretAndScopes(panel, ".html", 24);
+
+    // Select some text.
+    let cursor = win.DebuggerView.editor.getOffset({ line: 15, ch: 12 });
+    let [ anchor, head ] = win.DebuggerView.editor.getPosition(
+      cursor,
+      cursor + 3
+    );
+    win.DebuggerView.editor.setSelection(anchor, head);
+
+    // Try to Inspect variable during selection.
+    let popupOpened = yield intendOpenVarPopup(panel, { line: 15, ch: 12 }, true);
+
+    // Ensure the bubble is not there
+    ok(!popupOpened,
+      "The popup is not opened");
+    ok(!bubble._markedText,
+      "The marked text in the editor is not there.");
+
+    // Try to Inspect variable after selection.
+    popupOpened = yield intendOpenVarPopup(panel, { line: 15, ch: 12 }, false);
+
+    // Ensure the bubble is not there
+    ok(popupOpened,
+      "The popup is opened");
+    ok(bubble._markedText,
+      "The marked text in the editor is there.");
+
+    yield resumeDebuggerThenCloseAndFinish(panel);
+  });
+}
diff --git a/browser/devtools/debugger/test/head.js b/browser/devtools/debugger/test/head.js
index 679092400000..3ce51dfe49a7 100644
--- a/browser/devtools/debugger/test/head.js
+++ b/browser/devtools/debugger/test/head.js
@@ -605,6 +605,41 @@ function openVarPopup(aPanel, aCoords, aWaitForFetchedProperties) {
   return promise.all([popupShown, fetchedProperties]).then(waitForTick);
 }
 
+// Simulates the mouse hovering a variable in the debugger
+// Takes in account the position of the cursor in the text, if the text is
+// selected and if a button is currently pushed (aButtonPushed > 0).
+// The function returns a promise which returns true if the popup opened or
+// false if it didn't
+function intendOpenVarPopup(aPanel, aPosition, aButtonPushed) {
+  let bubble = aPanel.panelWin.DebuggerView.VariableBubble;
+  let editor = aPanel.panelWin.DebuggerView.editor;
+  let tooltip = bubble._tooltip;
+
+  let { left, top } = editor.getCoordsFromPosition(aPosition);
+
+  const eventDescriptor = {
+    clientX: left,
+    clientY: top,
+    buttons: aButtonPushed
+  };
+
+  bubble._onMouseMove(eventDescriptor);
+
+  const deferred = promise.defer();
+  window.setTimeout(
+    function() {
+      if(tooltip.isEmpty()) {
+        deferred.resolve(false);
+      } else {
+        deferred.resolve(true);
+      }
+    },
+    tooltip.defaultShowDelay + 1000
+  );
+
+  return deferred.promise;
+}
+
 function hideVarPopup(aPanel) {
   let bubble = aPanel.panelWin.DebuggerView.VariableBubble;
   let tooltip = bubble._tooltip.panel;
@@ -661,7 +696,6 @@ function filterTraces(aPanel, f) {
     .children;
   return Array.filter(traces, f);
 }
-
 function attachAddonActorForUrl(aClient, aUrl) {
   let deferred = promise.defer();
 
diff --git a/browser/devtools/framework/test/browser_toolbox_tabsswitch_shortcuts.js b/browser/devtools/framework/test/browser_toolbox_tabsswitch_shortcuts.js
index 4e00336a0dfb..97a1c3e2508c 100644
--- a/browser/devtools/framework/test/browser_toolbox_tabsswitch_shortcuts.js
+++ b/browser/devtools/framework/test/browser_toolbox_tabsswitch_shortcuts.js
@@ -11,12 +11,15 @@ function test() {
 
   addTab("about:blank", function() {
     let target = TargetFactory.forTab(gBrowser.selectedTab);
-    toolIDs = gDevTools.getToolDefinitionArray()
-                .filter(def => def.isTargetSupported(target))
-                .map(def => def.id);
     idIndex = 0;
-    gDevTools.showToolbox(target, toolIDs[0], Toolbox.HostType.BOTTOM)
-             .then(testShortcuts);
+
+    target.makeRemote().then(() => {
+      toolIDs = gDevTools.getToolDefinitionArray()
+                  .filter(def => def.isTargetSupported(target))
+                  .map(def => def.id);
+      gDevTools.showToolbox(target, toolIDs[0], Toolbox.HostType.BOTTOM)
+               .then(testShortcuts);
+    });
   });
 }
 
diff --git a/browser/devtools/framework/test/browser_toolbox_tool_ready.js b/browser/devtools/framework/test/browser_toolbox_tool_ready.js
index 1681608453fd..155aa66af7ac 100644
--- a/browser/devtools/framework/test/browser_toolbox_tool_ready.js
+++ b/browser/devtools/framework/test/browser_toolbox_tool_ready.js
@@ -3,6 +3,10 @@
 
 function test() {
   addTab().then(function(data) {
+    data.target.makeRemote().then(performChecks.bind(null, data));
+  }).then(null, console.error);
+
+  function performChecks(data) {
     let toolIds = gDevTools.getToolDefinitionArray()
                     .filter(def => def.isTargetSupported(data.target))
                     .map(def => def.id);
@@ -32,5 +36,5 @@ function test() {
     };
 
     open(0);
-  }).then(null, console.error);
+  }
 }
diff --git a/browser/devtools/framework/toolbox.js b/browser/devtools/framework/toolbox.js
index d34b38216211..f803021a5897 100644
--- a/browser/devtools/framework/toolbox.js
+++ b/browser/devtools/framework/toolbox.js
@@ -253,21 +253,20 @@ Toolbox.prototype = {
         this._addZoomKeys();
         this._loadInitialZoom();
 
-        // Load the toolbox-level actor fronts and utilities now
-        this._target.makeRemote().then(() => {
-          this._telemetry.toolOpened("toolbox");
+        this._telemetry.toolOpened("toolbox");
 
-          this.selectTool(this._defaultToolId).then(panel => {
-            this.emit("ready");
-            deferred.resolve();
-          });
+        this.selectTool(this._defaultToolId).then(panel => {
+          this.emit("ready");
+          deferred.resolve();
         });
       };
 
-      iframe.setAttribute("src", this._URL);
-
-      let domHelper = new DOMHelpers(iframe.contentWindow);
-      domHelper.onceDOMReady(domReady);
+      // Load the toolbox-level actor fronts and utilities now
+      this._target.makeRemote().then(() => {
+        iframe.setAttribute("src", this._URL);
+        let domHelper = new DOMHelpers(iframe.contentWindow);
+        domHelper.onceDOMReady(domReady);
+      });
 
       return deferred.promise;
     });
@@ -465,7 +464,7 @@ Toolbox.prototype = {
   fireCustomKey: function(toolId) {
     let toolDefinition = gDevTools.getToolDefinition(toolId);
 
-    if (toolDefinition.onkey && 
+    if (toolDefinition.onkey &&
         ((this.currentToolId === toolId) ||
           (toolId == "webconsole" && this.splitConsole))) {
       toolDefinition.onkey(this.getCurrentPanel(), this);
@@ -1093,27 +1092,17 @@ Toolbox.prototype = {
    * Returns a promise that resolves when the fronts are initialized
    */
   initInspector: function() {
-    let deferred = promise.defer();
-
-    if (!this._inspector) {
-      this._inspector = InspectorFront(this._target.client, this._target.form);
-      this._inspector.getWalker().then(walker => {
-        this._walker = walker;
+    if (!this._initInspector) {
+      this._initInspector = Task.spawn(function*() {
+        this._inspector = InspectorFront(this._target.client, this._target.form);
+        this._walker = yield this._inspector.getWalker();
         this._selection = new Selection(this._walker);
         if (this.highlighterUtils.isRemoteHighlightable) {
-          this._inspector.getHighlighter().then(highlighter => {
-            this._highlighter = highlighter;
-            deferred.resolve();
-          });
-        } else {
-          deferred.resolve();
+          this._highlighter = yield this._inspector.getHighlighter();
         }
-      });
-    } else {
-      deferred.resolve();
+      }.bind(this));
     }
-
-    return deferred.promise;
+    return this._initInspector;
   },
 
   /**
diff --git a/browser/devtools/main.js b/browser/devtools/main.js
index 6059a330a548..9f37ef853ea1 100644
--- a/browser/devtools/main.js
+++ b/browser/devtools/main.js
@@ -239,7 +239,8 @@ Tools.netMonitor = {
   inMenu: true,
 
   isTargetSupported: function(target) {
-    return !target.isApp;
+    let root = target.client.mainRoot;
+    return root.traits.networkMonitor || !target.isApp;
   },
 
   build: function(iframeWindow, toolbox) {
diff --git a/browser/devtools/netmonitor/netmonitor-controller.js b/browser/devtools/netmonitor/netmonitor-controller.js
index d418b30ea1c6..48c0e6dc604b 100644
--- a/browser/devtools/netmonitor/netmonitor-controller.js
+++ b/browser/devtools/netmonitor/netmonitor-controller.js
@@ -78,7 +78,11 @@ const EVENTS = {
   // Fired when charts have been displayed in the PerformanceStatisticsView.
   PLACEHOLDER_CHARTS_DISPLAYED: "NetMonitor:PlaceholderChartsDisplayed",
   PRIMED_CACHE_CHART_DISPLAYED: "NetMonitor:PrimedChartsDisplayed",
-  EMPTY_CACHE_CHART_DISPLAYED: "NetMonitor:EmptyChartsDisplayed"
+  EMPTY_CACHE_CHART_DISPLAYED: "NetMonitor:EmptyChartsDisplayed",
+
+  // Fired once the NetMonitorController establishes a connection to the debug
+  // target.
+  CONNECTED: "connected",
 };
 
 // Descriptions for what this frontend is currently doing.
@@ -200,7 +204,10 @@ let NetMonitorController = {
       this._startMonitoringTab(client, form, deferred.resolve);
     }
 
-    return deferred.promise;
+    return deferred.promise.then((result) => {
+      window.emit(EVENTS.CONNECTED);
+      return result;
+    });
   },
 
   /**
@@ -362,6 +369,25 @@ let NetMonitorController = {
     return promise.reject(new Error("Invalid activity type"));
   },
 
+  /**
+   * Getter that tells if the server supports sending custom network requests.
+   * @type boolean
+   */
+  get supportsCustomRequest() {
+    return this.webConsoleClient &&
+           (this.webConsoleClient.traits.customNetworkRequest ||
+            !this._target.isApp);
+  },
+
+  /**
+   * Getter that tells if the server can do network performance statistics.
+   * @type boolean
+   */
+  get supportsPerfStats() {
+    return this.tabClient &&
+           (this.tabClient.traits.reconfigure || !this._target.isApp);
+  },
+
   _startup: null,
   _shutdown: null,
   _connection: null,
@@ -493,6 +519,11 @@ NetworkEventsHandler.prototype = {
    *        The message received from the server.
    */
   _onNetworkEvent: function(aType, aPacket) {
+    if (aPacket.from != this.webConsoleClient.actor) {
+      // Skip events from different console actors.
+      return;
+    }
+
     let { actor, startedDateTime, method, url, isXHR } = aPacket.eventActor;
     NetMonitorView.RequestsMenu.addRequest(actor, startedDateTime, method, url, isXHR);
     window.emit(EVENTS.NETWORK_EVENT);
@@ -508,6 +539,10 @@ NetworkEventsHandler.prototype = {
    */
   _onNetworkEventUpdate: function(aType, aPacket) {
     let actor = aPacket.from;
+    if (!NetMonitorView.RequestsMenu.getItemByValue(actor)) {
+      // Skip events from unknown actors.
+      return;
+    }
 
     switch (aPacket.updateType) {
       case "requestHeaders":
diff --git a/browser/devtools/netmonitor/netmonitor-view.js b/browser/devtools/netmonitor/netmonitor-view.js
index 6be11f22010a..261312c1ee18 100644
--- a/browser/devtools/netmonitor/netmonitor-view.js
+++ b/browser/devtools/netmonitor/netmonitor-view.js
@@ -374,16 +374,32 @@ RequestsMenuView.prototype = Heritage.extend(WidgetMethods, {
     $("#request-menu-context-newtab").addEventListener("command", this._onContextNewTabCommand, false);
     $("#request-menu-context-copy-url").addEventListener("command", this._onContextCopyUrlCommand, false);
     $("#request-menu-context-copy-image-as-data-uri").addEventListener("command", this._onContextCopyImageAsDataUriCommand, false);
-    $("#request-menu-context-resend").addEventListener("command", this._onContextResendCommand, false);
-    $("#request-menu-context-perf").addEventListener("command", this._onContextPerfCommand, false);
 
-    $("#requests-menu-perf-notice-button").addEventListener("command", this._onContextPerfCommand, false);
-    $("#requests-menu-network-summary-button").addEventListener("command", this._onContextPerfCommand, false);
-    $("#requests-menu-network-summary-label").addEventListener("click", this._onContextPerfCommand, false);
+    window.once("connected", this._onConnect.bind(this));
+  },
 
-    $("#custom-request-send-button").addEventListener("click", this.sendCustomRequestEvent, false);
-    $("#custom-request-close-button").addEventListener("click", this.closeCustomRequestEvent, false);
-    $("#headers-summary-resend").addEventListener("click", this.cloneSelectedRequestEvent, false);
+  _onConnect: function() {
+    if (NetMonitorController.supportsCustomRequest) {
+      $("#request-menu-context-resend").addEventListener("command", this._onContextResendCommand, false);
+      $("#custom-request-send-button").addEventListener("click", this.sendCustomRequestEvent, false);
+      $("#custom-request-close-button").addEventListener("click", this.closeCustomRequestEvent, false);
+      $("#headers-summary-resend").addEventListener("click", this.cloneSelectedRequestEvent, false);
+    } else {
+      $("#request-menu-context-resend").hidden = true;
+      $("#headers-summary-resend").hidden = true;
+    }
+
+    if (NetMonitorController.supportsPerfStats) {
+      $("#request-menu-context-perf").addEventListener("command", this._onContextPerfCommand, false);
+      $("#requests-menu-perf-notice-button").addEventListener("command", this._onContextPerfCommand, false);
+      $("#requests-menu-network-summary-button").addEventListener("command", this._onContextPerfCommand, false);
+      $("#requests-menu-network-summary-label").addEventListener("click", this._onContextPerfCommand, false);
+    } else {
+      $("#notice-perf-message").hidden = true;
+      $("#request-menu-context-perf").hidden = true;
+      $("#requests-menu-network-summary-button").hidden = true;
+      $("#requests-menu-network-summary-label").hidden = true;
+    }
   },
 
   /**
@@ -546,8 +562,12 @@ RequestsMenuView.prototype = Heritage.extend(WidgetMethods, {
    */
   sendCustomRequest: function() {
     let selected = this.selectedItem.attachment;
-    let data = Object.create(selected);
 
+    let data = {
+      method: selected.method,
+      url: selected.url,
+      httpVersion: selected.httpVersion,
+    };
     if (selected.requestHeaders) {
       data.headers = selected.requestHeaders.headers;
     }
@@ -1534,7 +1554,8 @@ RequestsMenuView.prototype = Heritage.extend(WidgetMethods, {
     let selectedItem = this.selectedItem;
 
     let resendElement = $("#request-menu-context-resend");
-    resendElement.hidden = !selectedItem || selectedItem.attachment.isCustom;
+    resendElement.hidden = !NetMonitorController.supportsCustomRequest ||
+                           !selectedItem || selectedItem.attachment.isCustom;
 
     let copyUrlElement = $("#request-menu-context-copy-url");
     copyUrlElement.hidden = !selectedItem;
diff --git a/browser/devtools/styleinspector/style-inspector.js b/browser/devtools/styleinspector/style-inspector.js
index c9c352c9a14a..0f43fc89635e 100644
--- a/browser/devtools/styleinspector/style-inspector.js
+++ b/browser/devtools/styleinspector/style-inspector.js
@@ -90,6 +90,10 @@ exports.RuleViewTool = RuleViewTool;
 
 RuleViewTool.prototype = {
   onSelect: function RVT_onSelect(aEvent) {
+    if (!this.view) {
+      // Skip the event if RuleViewTool has been destroyed.
+      return;
+    }
     this.view.setPageStyle(this.inspector.pageStyle);
 
     if (!this.inspector.selection.isConnected() ||
@@ -158,6 +162,10 @@ exports.ComputedViewTool = ComputedViewTool;
 ComputedViewTool.prototype = {
   onSelect: function CVT_onSelect(aEvent)
   {
+    if (!this.view) {
+      // Skip the event if ComputedViewTool has been destroyed.
+      return;
+    }
     this.view.setPageStyle(this.inspector.pageStyle);
 
     if (!this.inspector.selection.isConnected() ||
diff --git a/browser/devtools/webconsole/console-output.js b/browser/devtools/webconsole/console-output.js
index 525f9d8a2588..d606c415700e 100644
--- a/browser/devtools/webconsole/console-output.js
+++ b/browser/devtools/webconsole/console-output.js
@@ -9,6 +9,8 @@ const {Cc, Ci, Cu} = require("chrome");
 
 loader.lazyImporter(this, "VariablesView", "resource:///modules/devtools/VariablesView.jsm");
 loader.lazyImporter(this, "escapeHTML", "resource:///modules/devtools/VariablesView.jsm");
+loader.lazyImporter(this, "gDevTools", "resource:///modules/devtools/gDevTools.jsm");
+loader.lazyImporter(this, "Task","resource://gre/modules/Task.jsm");
 
 const Heritage = require("sdk/core/heritage");
 const XHTML_NS = "http://www.w3.org/1999/xhtml";
@@ -131,7 +133,7 @@ ConsoleOutput.prototype = {
    * @type DOMDocument
    */
   get document() {
-    return this.owner.document;
+    return this.owner ? this.owner.document : null;
   },
 
   /**
@@ -150,6 +152,14 @@ ConsoleOutput.prototype = {
     return this.owner.webConsoleClient;
   },
 
+  /**
+   * Getter for the current toolbox debuggee target.
+   * @type Target
+   */
+  get toolboxTarget() {
+    return this.owner.owner.target;
+  },
+
   /**
    * Release an actor.
    *
@@ -507,6 +517,15 @@ Messages.BaseMessage.prototype = {
   {
     this.output.openLink(event.target.href);
   },
+
+  destroy: function()
+  {
+    // Destroy all widgets that have registered themselves in this.widgets
+    for (let widget of this.widgets) {
+      widget.destroy();
+    }
+    this.widgets.clear();
+  }
 }; // Messages.BaseMessage.prototype
 
 
@@ -2017,6 +2036,7 @@ Widgets.ObjectRenderers.add({
       case Ci.nsIDOMNode.TEXT_NODE:
       case Ci.nsIDOMNode.COMMENT_NODE:
       case Ci.nsIDOMNode.DOCUMENT_FRAGMENT_NODE:
+      case Ci.nsIDOMNode.ELEMENT_NODE:
         return true;
       default:
         return false;
@@ -2045,6 +2065,9 @@ Widgets.ObjectRenderers.add({
       case Ci.nsIDOMNode.DOCUMENT_FRAGMENT_NODE:
         this._renderDocumentFragmentNode();
         break;
+      case Ci.nsIDOMNode.ELEMENT_NODE:
+        this._renderElementNode();
+        break;
       default:
         throw new Error("Unsupported nodeType: " + preview.nodeType);
     }
@@ -2138,6 +2161,168 @@ Widgets.ObjectRenderers.add({
 
     this._text(" ]");
   },
+
+  _renderElementNode: function()
+  {
+    let doc = this.document;
+    let {attributes, nodeName} = this.objectActor.preview;
+
+    this.element = this.el("span." + "kind-" + this.objectActor.preview.kind + ".elementNode");
+
+    let openTag = this.el("span.cm-tag");
+    openTag.textContent = "<";
+    this.element.appendChild(openTag);
+
+    let tagName = this._anchor(nodeName, {
+      className: "cm-tag",
+      appendTo: openTag
+    });
+
+    if (this.options.concise) {
+      if (attributes.id) {
+        tagName.appendChild(this.el("span.cm-attribute", "#" + attributes.id));
+      }
+      if (attributes.class) {
+        tagName.appendChild(this.el("span.cm-attribute", "." + attributes.class.split(" ").join(".")));
+      }
+    } else {
+      for (let name of Object.keys(attributes)) {
+        let attr = this._renderAttributeNode(" " + name, attributes[name]);
+        this.element.appendChild(attr);
+      }
+    }
+
+    let closeTag = this.el("span.cm-tag");
+    closeTag.textContent = ">";
+    this.element.appendChild(closeTag);
+
+    // Register this widget in the owner message so that it gets destroyed when
+    // the message is destroyed.
+    this.message.widgets.add(this);
+
+    this.linkToInspector();
+  },
+
+  /**
+   * If the DOMNode being rendered can be highlit in the page, this function
+   * will attach mouseover/out event listeners to do so, and the inspector icon
+   * to open the node in the inspector.
+   * @return a promise (always the same) that resolves when the node has been
+   * linked to the inspector, or rejects if it wasn't (either if no toolbox
+   * could be found to access the inspector, or if the node isn't present in the
+   * inspector, i.e. if the node is in a DocumentFragment or not part of the
+   * tree, or not of type Ci.nsIDOMNode.ELEMENT_NODE).
+   */
+  linkToInspector: function()
+  {
+    if (this._linkedToInspector) {
+      return this._linkedToInspector;
+    }
+
+    this._linkedToInspector = Task.spawn(function*() {
+      // Checking the node type
+      if (this.objectActor.preview.nodeType !== Ci.nsIDOMNode.ELEMENT_NODE) {
+        throw null;
+      }
+
+      // Checking the presence of a toolbox
+      let target = this.message.output.toolboxTarget;
+      this.toolbox = gDevTools.getToolbox(target);
+      if (!this.toolbox) {
+        throw null;
+      }
+
+      // Checking that the inspector supports the node
+      yield this.toolbox.initInspector();
+      this._nodeFront = yield this.toolbox.walker.getNodeActorFromObjectActor(this.objectActor.actor);
+      if (!this._nodeFront) {
+        throw null;
+      }
+
+      // At this stage, the message may have been cleared already
+      if (!this.document) {
+        throw null;
+      }
+
+      this.highlightDomNode = this.highlightDomNode.bind(this);
+      this.element.addEventListener("mouseover", this.highlightDomNode, false);
+      this.unhighlightDomNode = this.unhighlightDomNode.bind(this);
+      this.element.addEventListener("mouseout", this.unhighlightDomNode, false);
+
+      this._openInspectorNode = this._anchor("", {
+        className: "open-inspector",
+        onClick: this.openNodeInInspector.bind(this)
+      });
+      this._openInspectorNode.title = l10n.getStr("openNodeInInspector");
+    }.bind(this));
+
+    return this._linkedToInspector;
+  },
+
+  /**
+   * Highlight the DOMNode corresponding to the ObjectActor in the page.
+   * @return a promise that resolves when the node has been highlighted, or
+   * rejects if the node cannot be highlighted (detached from the DOM)
+   */
+  highlightDomNode: function()
+  {
+    return Task.spawn(function*() {
+      yield this.linkToInspector();
+      let isAttached = yield this.toolbox.walker.isInDOMTree(this._nodeFront);
+      if (isAttached) {
+        yield this.toolbox.highlighterUtils.highlightNodeFront(this._nodeFront);
+      } else {
+        throw null;
+      }
+    }.bind(this));
+  },
+
+  /**
+   * Unhighlight a previously highlit node
+   * @see highlightDomNode
+   * @return a promise that resolves when the highlighter has been hidden
+   */
+  unhighlightDomNode: function()
+  {
+    return this.linkToInspector().then(() => {
+      return this.toolbox.highlighterUtils.unhighlight();
+    });
+  },
+
+  /**
+   * Open the DOMNode corresponding to the ObjectActor in the inspector panel
+   * @return a promise that resolves when the inspector has been switched to
+   * and the node has been selected, or rejects if the node cannot be selected
+   * (detached from the DOM). Note that in any case, the inspector panel will
+   * be switched to.
+   */
+  openNodeInInspector: function()
+  {
+    return Task.spawn(function*() {
+      yield this.linkToInspector();
+      yield this.toolbox.selectTool("inspector");
+
+      let isAttached = yield this.toolbox.walker.isInDOMTree(this._nodeFront);
+      if (isAttached) {
+        let onReady = this.toolbox.inspector.once("inspector-updated");
+        yield this.toolbox.selection.setNodeFront(this._nodeFront, "console");
+        yield onReady;
+      } else {
+        throw null;
+      }
+    }.bind(this));
+  },
+
+  destroy: function()
+  {
+    if (this.toolbox && this._nodeFront) {
+      this.element.removeEventListener("mouseover", this.highlightDomNode, false);
+      this.element.removeEventListener("mouseout", this.unhighlightDomNode, false);
+      this._openInspectorNode.removeEventListener("mousedown", this.openNodeInInspector, true);
+      this.toolbox = null;
+      this._nodeFront = null;
+    }
+  },
 }); // Widgets.ObjectRenderers.byKind.DOMNode
 
 /**
diff --git a/browser/devtools/webconsole/test/browser.ini b/browser/devtools/webconsole/test/browser.ini
index d68628e76663..ec54b6c6ced1 100644
--- a/browser/devtools/webconsole/test/browser.ini
+++ b/browser/devtools/webconsole/test/browser.ini
@@ -69,6 +69,7 @@ support-files =
   test-console-output-02.html
   test-console-output-03.html
   test-console-output-04.html
+  test-console-output-dom-elements.html
   test-console-output-events.html
   test-consoleiframes.html
   test-data.json
@@ -266,6 +267,11 @@ run-if = os == "mac"
 [browser_webconsole_output_02.js]
 [browser_webconsole_output_03.js]
 [browser_webconsole_output_04.js]
+[browser_webconsole_output_05.js]
+[browser_webconsole_output_dom_elements_01.js]
+[browser_webconsole_output_dom_elements_02.js]
+[browser_webconsole_output_dom_elements_03.js]
+[browser_webconsole_output_dom_elements_04.js]
 [browser_webconsole_output_events.js]
 [browser_console_variables_view_highlighter.js]
 [browser_webconsole_start_netmon_first.js]
diff --git a/browser/devtools/webconsole/test/browser_webconsole_output_01.js b/browser/devtools/webconsole/test/browser_webconsole_output_01.js
index b1c763369069..a7531a4b02ea 100644
--- a/browser/devtools/webconsole/test/browser_webconsole_output_01.js
+++ b/browser/devtools/webconsole/test/browser_webconsole_output_01.js
@@ -7,7 +7,6 @@
 
 const TEST_URI = "data:text/html;charset=utf8,test for console output - 01";
 
-let dateNow = Date.now();
 let {DebuggerServer} = Cu.import("resource://gre/modules/devtools/dbg-server.jsm", {});
 
 let LONG_STRING_LENGTH = DebuggerServer.LONG_STRING_LENGTH;
@@ -76,70 +75,6 @@ let inputTests = [
     output: "/foobar/",
     inspectable: true,
   },
-
-  // 9
-  {
-    input: "/foo?b*\\s\"ar/igym",
-    output: "/foo?b*\\s\"ar/gimy",
-    printOutput: "/foo?b*\\s\"ar/gimy",
-    inspectable: true,
-  },
-
-  // 10
-  {
-    input: "null",
-    output: "null",
-  },
-
-  // 11
-  {
-    input: "undefined",
-    output: "undefined",
-  },
-
-  // 12
-  {
-    input: "true",
-    output: "true",
-  },
-
-  // 13
-  {
-    input: "new Boolean(false)",
-    output: "false",
-    inspectable: true,
-  },
-
-  // 14
-  {
-    input: "new Date(" + dateNow + ")",
-    output: "Date " + (new Date(dateNow)).toISOString(),
-    printOutput: (new Date(dateNow)).toString(),
-    inspectable: true,
-  },
-
-  // 15
-  {
-    input: "new Date('test')",
-    output: "Invalid Date",
-    printOutput: "Invalid Date",
-    inspectable: true,
-    variablesViewLabel: "Invalid Date",
-  },
-
-  // 16
-  {
-    input: "new Number(43)",
-    output: "43",
-    inspectable: true,
-  },
-
-  // 17
-  {
-    input: "new String('hello world')",
-    output: '"hello world"',
-    inspectable: true,
-  },
 ];
 
 longString = initialString = null;
@@ -150,11 +85,9 @@ function test() {
     DebuggerServer.LONG_STRING_INITIAL_LENGTH = LONG_STRING_INITIAL_LENGTH;
   });
 
-  addTab(TEST_URI);
-  browser.addEventListener("load", function onLoad() {
-    browser.removeEventListener("load", onLoad, true);
-    openConsole().then((hud) => {
-      return checkOutputForInputs(hud, inputTests);
-    }).then(finishTest);
-  }, true);
+  Task.spawn(function*() {
+    let {tab} = yield loadTab(TEST_URI);
+    let hud = yield openConsole(tab);
+    return checkOutputForInputs(hud, inputTests);
+  }).then(finishTest);
 }
diff --git a/browser/devtools/webconsole/test/browser_webconsole_output_04.js b/browser/devtools/webconsole/test/browser_webconsole_output_04.js
index c76fc8923111..579529a2b253 100644
--- a/browser/devtools/webconsole/test/browser_webconsole_output_04.js
+++ b/browser/devtools/webconsole/test/browser_webconsole_output_04.js
@@ -29,7 +29,7 @@ let inputTests = [
   // 2
   {
     input: "testDocumentFragment()",
-    output: 'DocumentFragment [ <div#foo1>, <div#foo3> ]',
+    output: 'DocumentFragment [ <div#foo1.bar>, <div#foo3> ]',
     printOutput: "[object DocumentFragment]",
     inspectable: true,
     variablesViewLabel: "DocumentFragment[2]",
diff --git a/browser/devtools/webconsole/test/browser_webconsole_output_05.js b/browser/devtools/webconsole/test/browser_webconsole_output_05.js
new file mode 100644
index 000000000000..5c168cec2575
--- /dev/null
+++ b/browser/devtools/webconsole/test/browser_webconsole_output_05.js
@@ -0,0 +1,84 @@
+/*
+ * Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/
+ */
+
+// Test the webconsole output for various types of objects.
+
+const TEST_URI = "data:text/html;charset=utf8,test for console output - 05";
+
+let dateNow = Date.now();
+
+let inputTests = [
+  // 0
+  {
+    input: "/foo?b*\\s\"ar/igym",
+    output: "/foo?b*\\s\"ar/gimy",
+    printOutput: "/foo?b*\\s\"ar/gimy",
+    inspectable: true,
+  },
+
+  // 1
+  {
+    input: "null",
+    output: "null",
+  },
+
+  // 2
+  {
+    input: "undefined",
+    output: "undefined",
+  },
+
+  // 3
+  {
+    input: "true",
+    output: "true",
+  },
+
+  // 4
+  {
+    input: "new Boolean(false)",
+    output: "false",
+    inspectable: true,
+  },
+
+  // 5
+  {
+    input: "new Date(" + dateNow + ")",
+    output: "Date " + (new Date(dateNow)).toISOString(),
+    printOutput: (new Date(dateNow)).toString(),
+    inspectable: true,
+  },
+
+  // 6
+  {
+    input: "new Date('test')",
+    output: "Invalid Date",
+    printOutput: "Invalid Date",
+    inspectable: true,
+    variablesViewLabel: "Invalid Date",
+  },
+
+  // 7
+  {
+    input: "new Number(43)",
+    output: "43",
+    inspectable: true,
+  },
+
+  // 8
+  {
+    input: "new String('hello world')",
+    output: '"hello world"',
+    inspectable: true,
+  },
+];
+
+function test() {
+  Task.spawn(function*() {
+    let {tab} = yield loadTab(TEST_URI);
+    let hud = yield openConsole(tab);
+    return checkOutputForInputs(hud, inputTests);
+  }).then(finishTest);
+}
diff --git a/browser/devtools/webconsole/test/browser_webconsole_output_dom_elements_01.js b/browser/devtools/webconsole/test/browser_webconsole_output_dom_elements_01.js
new file mode 100644
index 000000000000..c6f8393363f7
--- /dev/null
+++ b/browser/devtools/webconsole/test/browser_webconsole_output_dom_elements_01.js
@@ -0,0 +1,99 @@
+/*
+ * Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/
+ */
+
+// Test the webconsole output for various types of DOM Nodes.
+
+const TEST_URI = "http://example.com/browser/browser/devtools/webconsole/test/test-console-output-dom-elements.html";
+
+let inputTests = [
+  {
+    input: "testBodyNode()",
+    output: '<body id="body-id" class="body-class">',
+    printOutput: "[object HTMLBodyElement]",
+    inspectable: true,
+    noClick: true,
+    inspectorIcon: true
+  },
+
+  {
+    input: "testDocumentElement()",
+    output: '<html lang="en-US" dir="ltr">',
+    printOutput: "[object HTMLHtmlElement]",
+    inspectable: true,
+    noClick: true,
+    inspectorIcon: true
+  },
+
+  {
+    input: "testDocument()",
+    output: 'HTMLDocument \u2192 ' + TEST_URI,
+    printOutput: "[object HTMLDocument]",
+    inspectable: true,
+    noClick: true,
+    inspectorIcon: false
+  },
+
+  {
+    input: "testNode()",
+    output: '<p some-attribute="some-value">',
+    printOutput: "[object HTMLParagraphElement]",
+    inspectable: true,
+    noClick: true,
+    inspectorIcon: true
+  },
+
+  {
+    input: "testNodeList()",
+    output: 'NodeList [ <html>, <head>, <meta>, <title>, <body#body-id.body-class>, <p>, <iframe>, <script> ]',
+    printOutput: "[object NodeList]",
+    inspectable: true,
+    noClick: true,
+    inspectorIcon: true
+  },
+
+  {
+    input: "testNodeInIframe()",
+    output: '<p>',
+    printOutput: "[object HTMLParagraphElement]",
+    inspectable: true,
+    noClick: true,
+    inspectorIcon: true
+  },
+
+  {
+    input: "testDocumentFragment()",
+    output: 'DocumentFragment [ <span.foo>, <div#fragdiv> ]',
+    printOutput: "[object DocumentFragment]",
+    inspectable: true,
+    noClick: true,
+    inspectorIcon: false
+  },
+
+  {
+    input: "testNodeInDocumentFragment()",
+    output: '<span class="foo" data-lolz="hehe">',
+    printOutput: "[object HTMLSpanElement]",
+    inspectable: true,
+    noClick: true,
+    inspectorIcon: false
+  },
+
+  {
+    input: "testUnattachedNode()",
+    output: '<p class="such-class" data-data="such-data">',
+    printOutput: "[object HTMLParagraphElement]",
+    inspectable: true,
+    noClick: true,
+    inspectorIcon: false
+  }
+];
+
+function test() {
+  Task.spawn(function*() {
+    let {tab} = yield loadTab(TEST_URI);
+    let hud = yield openConsole(tab);
+    yield checkOutputForInputs(hud, inputTests);
+  }).then(finishTest);
+}
diff --git a/browser/devtools/webconsole/test/browser_webconsole_output_dom_elements_02.js b/browser/devtools/webconsole/test/browser_webconsole_output_dom_elements_02.js
new file mode 100644
index 000000000000..4dbd900710a0
--- /dev/null
+++ b/browser/devtools/webconsole/test/browser_webconsole_output_dom_elements_02.js
@@ -0,0 +1,98 @@
+/*
+ * Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/
+ */
+
+// Test the inspector links in the webconsole output for DOM Nodes actually
+// open the inspector and select the right node
+
+const TEST_URI = "http://example.com/browser/browser/devtools/webconsole/test/test-console-output-dom-elements.html";
+
+const TEST_DATA = [
+  {
+    // The first test shouldn't be returning the body element as this is the
+    // default selected node, so re-selecting it won't fire the inspector-updated
+    // event
+    input: "testNode()",
+    output: '<p some-attribute="some-value">'
+  },
+  {
+    input: "testBodyNode()",
+    output: '<body id="body-id" class="body-class">'
+  },
+  {
+    input: "testNodeInIframe()",
+    output: '<p>'
+  },
+  {
+    input: "testDocumentElement()",
+    output: '<html lang="en-US" dir="ltr">'
+  }
+];
+
+function test() {
+  Task.spawn(function*() {
+    let {tab} = yield loadTab(TEST_URI);
+    let hud = yield openConsole(tab);
+    let toolbox = gDevTools.getToolbox(hud.target);
+
+    // Loading the inspector panel at first, to make it possible to listen for
+    // new node selections
+    yield toolbox.selectTool("inspector");
+    let inspector = toolbox.getCurrentPanel();
+    yield toolbox.selectTool("webconsole");
+
+    info("Iterating over the test data");
+    for (let data of TEST_DATA) {
+      let [result] = yield jsEval(data.input, hud, {text: data.output});
+      let {widget, msg} = yield getWidgetAndMessage(result);
+
+      let inspectorIcon = msg.querySelector(".open-inspector");
+      ok(inspectorIcon, "Inspector icon found in the ElementNode widget");
+
+      info("Clicking on the inspector icon and waiting for the inspector to be selected");
+      let onInspectorSelected = toolbox.once("inspector-selected");
+      let onInspectorUpdated = inspector.once("inspector-updated");
+      let onNewNode = toolbox.selection.once("new-node");
+
+      EventUtils.synthesizeMouseAtCenter(inspectorIcon, {},
+        inspectorIcon.ownerDocument.defaultView);
+      yield onInspectorSelected;
+      yield onInspectorUpdated;
+      yield onNewNode;
+      ok(true, "Inspector selected and new node got selected");
+
+      let rawNode = content.wrappedJSObject[data.input.replace(/\(\)/g, "")]();
+      is(inspector.selection.node.wrappedJSObject, rawNode,
+         "The current inspector selection is correct");
+
+      info("Switching back to the console");
+      yield toolbox.selectTool("webconsole");
+    }
+  }).then(finishTest);
+}
+
+function jsEval(input, hud, message) {
+  info("Executing '" + input + "' in the web console");
+
+  hud.jsterm.clearOutput();
+  hud.jsterm.execute(input);
+
+  return waitForMessages({
+    webconsole: hud,
+    messages: [message]
+  });
+}
+
+function* getWidgetAndMessage(result) {
+  info("Getting the output ElementNode widget");
+
+  let msg = [...result.matched][0];
+  let widget = [...msg._messageObject.widgets][0];
+  ok(widget, "ElementNode widget found in the output");
+
+  info("Waiting for the ElementNode widget to be linked to the inspector");
+  yield widget.linkToInspector();
+
+  return {widget: widget, msg: msg};
+}
diff --git a/browser/devtools/webconsole/test/browser_webconsole_output_dom_elements_03.js b/browser/devtools/webconsole/test/browser_webconsole_output_dom_elements_03.js
new file mode 100644
index 000000000000..cc420d492f0b
--- /dev/null
+++ b/browser/devtools/webconsole/test/browser_webconsole_output_dom_elements_03.js
@@ -0,0 +1,67 @@
+/*
+ * Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/
+ */
+
+// Test that inspector links in webconsole outputs for DOM Nodes highlight
+// the actual DOM Nodes on hover
+
+const TEST_URI = "http://example.com/browser/browser/devtools/webconsole/test/test-console-output-dom-elements.html";
+
+function test() {
+  Task.spawn(function*() {
+    let {tab} = yield loadTab(TEST_URI);
+    let hud = yield openConsole(tab);
+    let toolbox = gDevTools.getToolbox(hud.target);
+
+    // Loading the inspector panel at first, to make it possible to listen for
+    // new node selections
+    yield toolbox.loadTool("inspector");
+    let inspector = toolbox.getPanel("inspector");
+
+    info("Executing 'testNode()' in the web console to output a DOM Node");
+    let [result] = yield jsEval("testNode()", hud, {
+      text: '<p some-attribute="some-value">'
+    });
+
+    let elementNodeWidget = yield getWidget(result);
+
+    let nodeFront = yield hoverOverWidget(elementNodeWidget, toolbox);
+    let attrs = nodeFront.attributes;
+    is(nodeFront.tagName, "P", "The correct node was highlighted");
+    is(attrs[0].name, "some-attribute", "The correct node was highlighted");
+    is(attrs[0].value, "some-value", "The correct node was highlighted");
+  }).then(finishTest);
+}
+
+function jsEval(input, hud, message) {
+  hud.jsterm.execute(input);
+  return waitForMessages({
+    webconsole: hud,
+    messages: [message]
+  });
+}
+
+function* getWidget(result) {
+  info("Getting the output ElementNode widget");
+
+  let msg = [...result.matched][0];
+  let elementNodeWidget = [...msg._messageObject.widgets][0];
+  ok(elementNodeWidget, "ElementNode widget found in the output");
+
+  info("Waiting for the ElementNode widget to be linked to the inspector");
+  yield elementNodeWidget.linkToInspector();
+
+  return elementNodeWidget;
+}
+
+function* hoverOverWidget(widget, toolbox) {
+  info("Hovering over the output to highlight the node");
+
+  let onHighlight = toolbox.once("node-highlight");
+  EventUtils.sendMouseEvent({type: "mouseover"}, widget.element,
+    widget.element.ownerDocument.defaultView);
+  let nodeFront = yield onHighlight;
+  ok(true, "The highlighter was shown on a node");
+  return nodeFront;
+}
diff --git a/browser/devtools/webconsole/test/browser_webconsole_output_dom_elements_04.js b/browser/devtools/webconsole/test/browser_webconsole_output_dom_elements_04.js
new file mode 100644
index 000000000000..7cb0847e7685
--- /dev/null
+++ b/browser/devtools/webconsole/test/browser_webconsole_output_dom_elements_04.js
@@ -0,0 +1,106 @@
+/*
+ * Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/
+ */
+
+// Test that inspector links in the webconsole output for DOM Nodes do not try
+// to highlight or select nodes once they have been detached
+
+const TEST_URI = "http://example.com/browser/browser/devtools/webconsole/test/test-console-output-dom-elements.html";
+
+const TEST_DATA = [
+  {
+    // The first test shouldn't be returning the body element as this is the
+    // default selected node, so re-selecting it won't fire the inspector-updated
+    // event
+    input: "testNode()",
+    output: '<p some-attribute="some-value">'
+  },
+  {
+    input: "testBodyNode()",
+    output: '<body id="body-id" class="body-class">'
+  },
+  {
+    input: "testNodeInIframe()",
+    output: '<p>'
+  },
+  {
+    input: "testDocumentElement()",
+    output: '<html lang="en-US" dir="ltr">'
+  }
+];
+
+const PREF = "devtools.webconsole.persistlog";
+
+function test() {
+  Services.prefs.setBoolPref(PREF, true);
+  registerCleanupFunction(() => Services.prefs.clearUserPref(PREF));
+
+  Task.spawn(function*() {
+    let {tab} = yield loadTab(TEST_URI);
+    let hud = yield openConsole(tab);
+    let toolbox = gDevTools.getToolbox(hud.target);
+
+    info("Executing the test data");
+    let widgets = [];
+    for (let data of TEST_DATA) {
+      let [result] = yield jsEval(data.input, hud, {text: data.output});
+      let {widget} = yield getWidgetAndMessage(result);
+      widgets.push(widget);
+    }
+
+    info("Reloading the page");
+    yield reloadPage();
+
+    info("Iterating over the ElementNode widgets");
+    for (let widget of widgets) {
+      // Verify that openNodeInInspector rejects since the associated dom node
+      // doesn't exist anymore
+      yield widget.openNodeInInspector().then(() => {
+        ok(false, "The openNodeInInspector promise resolved");
+      }, () => {
+        ok(true, "The openNodeInInspector promise rejected as expected");
+      });
+      yield toolbox.selectTool("webconsole");
+
+      // Verify that highlightDomNode rejects too, for the same reason
+      yield widget.highlightDomNode().then(() => {
+        ok(false, "The highlightDomNode promise resolved");
+      }, () => {
+        ok(true, "The highlightDomNode promise rejected as expected");
+      });
+    }
+  }).then(finishTest);
+}
+
+function jsEval(input, hud, message) {
+  info("Executing '" + input + "' in the web console");
+  hud.jsterm.execute(input);
+  return waitForMessages({
+    webconsole: hud,
+    messages: [message]
+  });
+}
+
+function* getWidgetAndMessage(result) {
+  info("Getting the output ElementNode widget");
+
+  let msg = [...result.matched][0];
+  let widget = [...msg._messageObject.widgets][0];
+  ok(widget, "ElementNode widget found in the output");
+
+  info("Waiting for the ElementNode widget to be linked to the inspector");
+  yield widget.linkToInspector();
+
+  return {widget: widget, msg: msg};
+}
+
+function reloadPage() {
+  let def = promise.defer();
+  gBrowser.selectedBrowser.addEventListener("load", function onload() {
+    gBrowser.selectedBrowser.removeEventListener("load", onload, true);
+    def.resolve();
+  }, true);
+  content.location.reload();
+  return def.promise;
+}
diff --git a/browser/devtools/webconsole/test/head.js b/browser/devtools/webconsole/test/head.js
index 26983f8770e3..d94ad1f2ce92 100644
--- a/browser/devtools/webconsole/test/head.js
+++ b/browser/devtools/webconsole/test/head.js
@@ -1314,6 +1314,10 @@ function whenDelayedStartupFinished(aWindow, aCallback)
  *        - variablesViewLabel: string|RegExp, optional, the expected variables
  *        view label when the object is inspected. If this is not provided, then
  *        |output| is used.
+ *
+ *        - inspectorIcon: boolean, when true, the test runner expects the
+ *        result widget to contain an inspectorIcon element (className
+ *        open-inspector).
  */
 function checkOutputForInputs(hud, inputTests)
 {
@@ -1338,12 +1342,12 @@ function checkOutputForInputs(hud, inputTests)
     yield checkJSEval(entry);
   }
 
-  function checkConsoleLog(entry)
+  function* checkConsoleLog(entry)
   {
     hud.jsterm.clearOutput();
     hud.jsterm.execute("console.log(" + entry.input + ")");
 
-    return waitForMessages({
+    let [result] = yield waitForMessages({
       webconsole: hud,
       messages: [{
         name: "console.log() output: " + entry.output,
@@ -1352,6 +1356,11 @@ function checkOutputForInputs(hud, inputTests)
         severity: SEVERITY_LOG,
       }],
     });
+
+    if (typeof entry.inspectorIcon == "boolean") {
+      let msg = [...result.matched][0];
+      yield checkLinkToInspector(entry, msg);
+    }
   }
 
   function checkPrintOutput(entry)
@@ -1385,10 +1394,13 @@ function checkOutputForInputs(hud, inputTests)
       }],
     });
 
+    let msg = [...result.matched][0];
     if (!entry.noClick) {
-      let msg = [...result.matched][0];
       yield checkObjectClick(entry, msg);
     }
+    if (typeof entry.inspectorIcon == "boolean") {
+      yield checkLinkToInspector(entry, msg);
+    }
   }
 
   function checkObjectClick(entry, msg)
@@ -1413,6 +1425,29 @@ function checkOutputForInputs(hud, inputTests)
     return promise.resolve(null);
   }
 
+  function checkLinkToInspector(entry, msg)
+  {
+    let elementNodeWidget = [...msg._messageObject.widgets][0];
+    if (!elementNodeWidget) {
+      ok(!entry.inspectorIcon, "The message has no ElementNode widget");
+      return;
+    }
+
+    return elementNodeWidget.linkToInspector().then(() => {
+      // linkToInspector resolved, check for the .open-inspector element
+      if (entry.inspectorIcon) {
+        ok(msg.querySelectorAll(".open-inspector").length,
+          "The ElementNode widget is linked to the inspector");
+      } else {
+        ok(!msg.querySelectorAll(".open-inspector").length,
+          "The ElementNode widget isn't linked to the inspector");
+      }
+    }, () => {
+      // linkToInspector promise rejected, node not linked to inspector
+      ok(!entry.inspectorIcon, "The ElementNode widget isn't linked to the inspector");
+    });
+  }
+
   function onVariablesViewOpen(entry, deferred, event, view, options)
   {
     let label = entry.variablesViewLabel || entry.output;
diff --git a/browser/devtools/webconsole/test/test-console-output-dom-elements.html b/browser/devtools/webconsole/test/test-console-output-dom-elements.html
new file mode 100644
index 000000000000..3d2ef95f511b
--- /dev/null
+++ b/browser/devtools/webconsole/test/test-console-output-dom-elements.html
@@ -0,0 +1,68 @@
+<!DOCTYPE HTML>
+<html dir="ltr" lang="en-US">
+<head>
+  <meta charset="utf-8">
+  <title>Test the web console output - 05</title>
+  <!--
+  - Any copyright is dedicated to the Public Domain.
+  - http://creativecommons.org/publicdomain/zero/1.0/
+  -->
+</head>
+<body class="body-class" id="body-id">
+  <p some-attribute="some-value">hello world!</p>
+  <iframe src="data:text/html,<p>hello from iframe</p>"></iframe>
+  <script type="text/javascript">
+function testBodyNode() {
+  return document.body;
+}
+
+function testDocumentElement() {
+  return document.documentElement;
+}
+
+function testDocument() {
+  return document;
+}
+
+function testNode() {
+  return document.querySelector("p");
+}
+
+function testNodeList() {
+  return document.querySelectorAll("*");
+}
+
+function testNodeInIframe() {
+  return document.querySelector("iframe").contentWindow.document.querySelector("p");
+}
+
+function testDocumentFragment() {
+  var frag = document.createDocumentFragment();
+
+  var span = document.createElement("span");
+  span.className = 'foo';
+  span.dataset.lolz = 'hehe';
+
+  var div = document.createElement('div')
+  div.id = 'fragdiv';
+
+  frag.appendChild(span);
+  frag.appendChild(div);
+
+  return frag;
+}
+
+function testNodeInDocumentFragment() {
+  var frag = testDocumentFragment();
+  return frag.firstChild;
+}
+
+function testUnattachedNode() {
+  var p = document.createElement("p");
+  p.className = "such-class";
+  p.dataset.data = "such-data";
+  return p;
+}
+  </script>
+</body>
+</html>
diff --git a/browser/devtools/webconsole/webconsole.js b/browser/devtools/webconsole/webconsole.js
index 87576ffd89b1..5390071645f8 100644
--- a/browser/devtools/webconsole/webconsole.js
+++ b/browser/devtools/webconsole/webconsole.js
@@ -2362,6 +2362,10 @@ WebConsoleFrame.prototype = {
    */
   removeOutputMessage: function WCF_removeOutputMessage(aNode)
   {
+    if (aNode._messageObject) {
+      aNode._messageObject.destroy();
+    }
+
     if (aNode._objectActors) {
       for (let actor of aNode._objectActors) {
         this._releaseObject(actor);
diff --git a/browser/locales/en-US/chrome/browser/devtools/webconsole.properties b/browser/locales/en-US/chrome/browser/devtools/webconsole.properties
index f43d04799d5f..b05301894b0c 100644
--- a/browser/locales/en-US/chrome/browser/devtools/webconsole.properties
+++ b/browser/locales/en-US/chrome/browser/devtools/webconsole.properties
@@ -214,6 +214,11 @@ emptyPropertiesList=No properties to display
 # example: 3 repeats
 messageRepeats.tooltip2=#1 repeat;#1 repeats
 
+# LOCALIZATION NOTE (openNodeInInspector): the text that is displayed in a
+# tooltip when hovering over the inspector icon next to a DOM Node in the console
+# output
+openNodeInInspector=Click to select the node in the inspector
+
 # LOCALIZATION NOTE (cdFunctionInvalidArgument): the text that is displayed when
 # cd() is invoked with an invalid argument.
 cdFunctionInvalidArgument=Cannot cd() to the given window. Invalid argument.
diff --git a/browser/themes/linux/Toolbar-inverted.png b/browser/themes/linux/Toolbar-inverted.png
index 0ffa8f286b85..cf96381b4015 100644
Binary files a/browser/themes/linux/Toolbar-inverted.png and b/browser/themes/linux/Toolbar-inverted.png differ
diff --git a/browser/themes/linux/Toolbar.png b/browser/themes/linux/Toolbar.png
index dce0b0a7d994..b854c8cf442f 100644
Binary files a/browser/themes/linux/Toolbar.png and b/browser/themes/linux/Toolbar.png differ
diff --git a/browser/themes/linux/customizableui/panelUIOverlay.css b/browser/themes/linux/customizableui/panelUIOverlay.css
index cab7ef2b8bc4..d24899d55bc6 100644
--- a/browser/themes/linux/customizableui/panelUIOverlay.css
+++ b/browser/themes/linux/customizableui/panelUIOverlay.css
@@ -29,6 +29,18 @@
   -moz-margin-start: 3px;
 }
 
+/* subviewbutton entries for social sidebars have images that come from external
+/* sources, and are not guaranteed to be the size we want, so force the size on
+/* those icons. */
+toolbarbutton.social-provider-menuitem > .toolbarbutton-icon {
+  width: 16px;
+  height: 16px;
+}
+
+.subviewbutton:-moz-any([image],[targetURI],.cui-withicon, .restoreallitem, .bookmark-item)[checked="true"] > .toolbarbutton-icon {
+  visibility: hidden;
+}
+
 .PanelUI-subView toolbarseparator,
 .PanelUI-subView menuseparator,
 .cui-widget-panelview menuseparator,
diff --git a/browser/themes/linux/menuPanel.png b/browser/themes/linux/menuPanel.png
index 0fc16291d311..7eb34b02d9d0 100644
Binary files a/browser/themes/linux/menuPanel.png and b/browser/themes/linux/menuPanel.png differ
diff --git a/browser/themes/osx/Toolbar-inverted.png b/browser/themes/osx/Toolbar-inverted.png
index ae37cddeba3d..bb26aa6c86b3 100644
Binary files a/browser/themes/osx/Toolbar-inverted.png and b/browser/themes/osx/Toolbar-inverted.png differ
diff --git a/browser/themes/osx/Toolbar-inverted@2x.png b/browser/themes/osx/Toolbar-inverted@2x.png
index 14329b60663e..f64286e67f58 100644
Binary files a/browser/themes/osx/Toolbar-inverted@2x.png and b/browser/themes/osx/Toolbar-inverted@2x.png differ
diff --git a/browser/themes/osx/Toolbar.png b/browser/themes/osx/Toolbar.png
index 0082253ab47c..93e89f4de44a 100644
Binary files a/browser/themes/osx/Toolbar.png and b/browser/themes/osx/Toolbar.png differ
diff --git a/browser/themes/osx/Toolbar@2x.png b/browser/themes/osx/Toolbar@2x.png
index 0c8427aedcce..1ad9d945d2a3 100644
Binary files a/browser/themes/osx/Toolbar@2x.png and b/browser/themes/osx/Toolbar@2x.png differ
diff --git a/browser/themes/osx/browser.css b/browser/themes/osx/browser.css
index 6bb69708d284..0760ac298f8d 100644
--- a/browser/themes/osx/browser.css
+++ b/browser/themes/osx/browser.css
@@ -724,6 +724,10 @@ toolbar .toolbarbutton-1 > .toolbarbutton-menubutton-dropmarker > .dropmarker-ic
     -moz-image-region: rect(18px, 666px, 36px, 648px);
   }
 
+  #sidebar-button@toolbarButtonPressed@ {
+    -moz-image-region: rect(18px, 684px, 36px, 666px);
+  }
+
   /**
    * OSX has a unique set of icons when fullscreen is in the checked state.
    */
@@ -1027,6 +1031,14 @@ toolbar .toolbarbutton-1 > .toolbarbutton-menubutton-dropmarker > .dropmarker-ic
     -moz-image-region: rect(36px, 1332px, 72px, 1296px);
   }
 
+  #sidebar-button[cui-areatype="toolbar"] {
+    -moz-image-region: rect(0, 1368px, 36px, 1332px);
+  }
+
+  #sidebar-button[cui-areatype="toolbar"]:hover:active:not([disabled="true"]) {
+    -moz-image-region: rect(36px, 1368px, 72px, 1332px);
+  }
+
   :-moz-any(@primaryToolbarButtons@) > .toolbarbutton-icon,
   :-moz-any(@primaryToolbarButtons@) > .toolbarbutton-menubutton-button > .toolbarbutton-icon {
     width: 18px;
@@ -1160,6 +1172,11 @@ toolbar .toolbarbutton-1 > .toolbarbutton-menubutton-dropmarker > .dropmarker-ic
     -moz-image-region: rect(0px, 1600px, 64px, 1536px);
   }
 
+  #sidebar-button[cui-areatype="menu-panel"],
+  toolbarpaletteitem[place="palette"] > #sidebar-button {
+    -moz-image-region: rect(0px, 1728px, 64px, 1664px);
+  }
+
   /* Footer and wide panel control icons */
   #edit-controls@inAnyPanel@ > toolbarbutton,
   #zoom-controls@inAnyPanel@ > toolbarbutton,
@@ -3979,7 +3996,7 @@ toolbarbutton.chevron > .toolbarbutton-menu-dropmarker {
   position: relative;
 }
 .toolbarbutton-badge-container > .toolbarbutton-icon {
-  margin: 7px 2px;
+  margin: 4px 2px;
 }
 
 .toolbarbutton-badge[badge]:not([badge=""]) {
diff --git a/browser/themes/osx/menuPanel.png b/browser/themes/osx/menuPanel.png
index 8b6aa254b231..336a98333a59 100644
Binary files a/browser/themes/osx/menuPanel.png and b/browser/themes/osx/menuPanel.png differ
diff --git a/browser/themes/osx/menuPanel@2x.png b/browser/themes/osx/menuPanel@2x.png
index 1cc200c52e54..bbe06b4111fd 100644
Binary files a/browser/themes/osx/menuPanel@2x.png and b/browser/themes/osx/menuPanel@2x.png differ
diff --git a/browser/themes/shared/browser.inc b/browser/themes/shared/browser.inc
index 379d9f13d5b7..f45210401b13 100644
--- a/browser/themes/shared/browser.inc
+++ b/browser/themes/shared/browser.inc
@@ -1,5 +1,5 @@
 %filter substitution
 
-%define primaryToolbarButtons #back-button, #forward-button, #home-button, #print-button, #downloads-button, #bookmarks-menu-button, #new-tab-button, #new-window-button, #cut-button, #copy-button, #paste-button, #fullscreen-button, #zoom-out-button, #zoom-reset-button, #zoom-in-button, #sync-button, #feed-button, #tabview-button, #webrtc-status-button, #social-share-button, #open-file-button, #find-button, #developer-button, #preferences-button, #privatebrowsing-button, #save-page-button, #switch-to-metro-button, #add-ons-button, #history-panelmenu, #nav-bar-overflow-button, #PanelUI-menu-button, #characterencoding-button, #email-link-button
+%define primaryToolbarButtons #back-button, #forward-button, #home-button, #print-button, #downloads-button, #bookmarks-menu-button, #new-tab-button, #new-window-button, #cut-button, #copy-button, #paste-button, #fullscreen-button, #zoom-out-button, #zoom-reset-button, #zoom-in-button, #sync-button, #feed-button, #tabview-button, #webrtc-status-button, #social-share-button, #open-file-button, #find-button, #developer-button, #preferences-button, #privatebrowsing-button, #save-page-button, #switch-to-metro-button, #add-ons-button, #history-panelmenu, #nav-bar-overflow-button, #PanelUI-menu-button, #characterencoding-button, #email-link-button, #sidebar-button
 %define inAnyPanel :-moz-any(:not([cui-areatype="toolbar"]), [overflowedItem=true])
 %define nestedButtons #zoom-out-button, #zoom-in-button, #cut-button, #copy-button, #paste-button
diff --git a/browser/themes/shared/customizableui/customizeMode.inc.css b/browser/themes/shared/customizableui/customizeMode.inc.css
index 952abe36c36b..0aea6b5aa3a2 100644
--- a/browser/themes/shared/customizableui/customizeMode.inc.css
+++ b/browser/themes/shared/customizableui/customizeMode.inc.css
@@ -17,13 +17,13 @@
   pointer-events: none;
 }
 
-#main-window[customize-entered] .customization-target:not(#PanelUI-contents)::before,
+#main-window[customize-entered] .customization-target:not(:-moz-any(#PanelUI-contents, #TabsToolbar, #toolbar-menubar))::before,
 #PanelUI-contents > .panel-customization-placeholder {
   -moz-outline-radius: 2.5px;
   outline: 1px dashed transparent;
 }
 
-#main-window[customize-entered] .customization-target:not(#PanelUI-contents)::before {
+#main-window[customize-entered] .customization-target:not(:-moz-any(#PanelUI-contents, #TabsToolbar, #toolbar-menubar))::before {
   /* Prevent jumping of tabs when switching a window between inactive and active (bug 853415). */
   -moz-box-ordinal-group: 0;
   content: "";
@@ -45,16 +45,16 @@
 }
 
 /* The parents of the outline pseudo-elements need to be positioned so that the outline is positioned relative to it. */
-#main-window[customize-entered] .customization-target:not(#PanelUI-contents):hover,
-#main-window[customize-entered] .customization-target[customizing-dragovertarget]:not(#PanelUI-contents),
+#main-window[customize-entered] .customization-target:not(:-moz-any(#PanelUI-contents, #TabsToolbar, #toolbar-menubar)):hover,
+#main-window[customize-entered] .customization-target[customizing-dragovertarget]:not(:-moz-any(#PanelUI-contents, #TabsToolbar, #toolbar-menubar)),
 #main-window[customize-entered] #nav-bar-customization-target.customization-target {
   position: relative;
 }
 
 /* Most target outlines are shown on hover and drag over but the panel menu uses
    placeholders instead. */
-#main-window[customize-entered] .customization-target:not(#PanelUI-contents):hover::before,
-#main-window[customize-entered] .customization-target[customizing-dragovertarget]:not(#PanelUI-contents)::before,
+#main-window[customize-entered] .customization-target:not(:-moz-any(#PanelUI-contents, #TabsToolbar, #toolbar-menubar)):hover::before,
+#main-window[customize-entered] .customization-target[customizing-dragovertarget]:not(:-moz-any(#PanelUI-contents, #TabsToolbar, #toolbar-menubar))::before,
 /* nav-bar and panel outlines are always shown */
 #nav-bar[showoutline=true] > #nav-bar-customization-target.customization-target::before {
   outline-color: rgb(102,102,102);
diff --git a/browser/themes/shared/customizableui/panelUIOverlay.inc.css b/browser/themes/shared/customizableui/panelUIOverlay.inc.css
index 5e126daf9da4..78d757eed4b8 100644
--- a/browser/themes/shared/customizableui/panelUIOverlay.inc.css
+++ b/browser/themes/shared/customizableui/panelUIOverlay.inc.css
@@ -295,6 +295,7 @@ toolbaritem[cui-areatype="menu-panel"][sdkstylewidget="true"]:not(.panel-wide-it
 
 .panelUI-grid .toolbarbutton-1 > .toolbarbutton-menubutton-button > .toolbarbutton-icon,
 .panelUI-grid .toolbarbutton-1 > .toolbarbutton-icon,
+.panelUI-grid .toolbarbutton-1 > .toolbarbutton-badge-container,
 .customization-palette .toolbarbutton-1 > .toolbarbutton-menubutton-button > .toolbarbutton-icon,
 .customization-palette .toolbarbutton-1 > .toolbarbutton-icon,
 .panelUI-grid #bookmarks-toolbar-placeholder > .toolbarbutton-icon,
@@ -317,6 +318,16 @@ toolbaritem[cui-areatype="menu-panel"][sdkstylewidget="true"]:not(.panel-wide-it
   margin: 4px calc(@menuPanelButtonWidth@ / 2 - 23px);
 }
 
+/* above we treat the container as the icon for the margins, that is so the
+/* badge itself is positioned correctly. Here we make sure that the icon itself
+/* has the minum size we want, but no padding/margin. */
+.panelUI-grid .toolbarbutton-1 > .toolbarbutton-badge-container > .toolbarbutton-icon {
+  min-width: 32px;
+  min-height: 32px;
+  margin: 0;
+  padding: 0;
+}
+
 toolbarpaletteitem[place="palette"] > toolbaritem > toolbarbutton {
   -moz-box-flex: 1;
 }
diff --git a/browser/themes/shared/devtools/webconsole.inc.css b/browser/themes/shared/devtools/webconsole.inc.css
index 1ac7ce01aa7a..0bd292b4adfb 100644
--- a/browser/themes/shared/devtools/webconsole.inc.css
+++ b/browser/themes/shared/devtools/webconsole.inc.css
@@ -381,6 +381,23 @@ a {
   text-decoration: underline;
 }
 
+/* Open DOMNode in inspector button */
+.open-inspector {
+  background: url("chrome://browser/skin/devtools/vview-open-inspector.png") no-repeat 0 0;
+  padding-left: 16px;
+  margin-left: 5px;
+  cursor: pointer;
+}
+
+.elementNode:hover .open-inspector,
+.open-inspector:hover {
+  background-position: -32px 0;
+}
+
+.open-inspector:active {
+  background-position: -16px 0;
+}
+
 /* Replace these values with CSS variables as available */
 .theme-dark .jsterm-input-container {
   background-color: #252c33; /* tabToolbarBackgroundColor */
diff --git a/browser/themes/shared/menupanel.inc.css b/browser/themes/shared/menupanel.inc.css
index adbb74a48efe..259f99dfda5e 100644
--- a/browser/themes/shared/menupanel.inc.css
+++ b/browser/themes/shared/menupanel.inc.css
@@ -126,6 +126,15 @@ toolbarpaletteitem[place="palette"] > #email-link-button {
   -moz-image-region: rect(0, 800px, 32px, 768px);
 }
 
+#sidebar-button[cui-areatype="menu-panel"],
+toolbarpaletteitem[place="palette"] > #sidebar-button {
+  -moz-image-region: rect(0, 864px, 32px, 832px);
+}
+
+#sidebar-button[cui-areatype="menu-panel"][panel-multiview-anchor=true] {
+  -moz-image-region: rect(32px, 864px, 64px, 832px);
+}
+
 /* Wide panel control icons */
 
 #edit-controls@inAnyPanel@ > toolbarbutton,
diff --git a/browser/themes/shared/toolbarbuttons.inc.css b/browser/themes/shared/toolbarbuttons.inc.css
index a88c6b9c8d18..3d5fb495cbe8 100644
--- a/browser/themes/shared/toolbarbuttons.inc.css
+++ b/browser/themes/shared/toolbarbuttons.inc.css
@@ -64,10 +64,6 @@
   -moz-image-region: rect(0px, 306px, 18px, 288px);
 }
 
-#email-link-button[cui-areatype="toolbar"] {
-  -moz-image-region: rect(0, 666px, 18px, 648px);
-}
-
 #characterencoding-button[cui-areatype="toolbar"]{
   -moz-image-region: rect(0, 324px, 18px, 306px);
 }
@@ -143,3 +139,11 @@
 #tabview-button {
   -moz-image-region: rect(0, 648px, 18px, 630px);
 }
+
+#email-link-button[cui-areatype="toolbar"] {
+  -moz-image-region: rect(0, 666px, 18px, 648px);
+}
+
+#sidebar-button[cui-areatype="toolbar"] {
+  -moz-image-region: rect(0, 684px, 18px, 666px);
+}
diff --git a/browser/themes/windows/Toolbar-aero.png b/browser/themes/windows/Toolbar-aero.png
index 52fc5535bcea..8f907146c306 100644
Binary files a/browser/themes/windows/Toolbar-aero.png and b/browser/themes/windows/Toolbar-aero.png differ
diff --git a/browser/themes/windows/Toolbar-inverted.png b/browser/themes/windows/Toolbar-inverted.png
index 0ffa8f286b85..cf96381b4015 100644
Binary files a/browser/themes/windows/Toolbar-inverted.png and b/browser/themes/windows/Toolbar-inverted.png differ
diff --git a/browser/themes/windows/Toolbar-lunaSilver.png b/browser/themes/windows/Toolbar-lunaSilver.png
index 41cd28940050..38505430a0df 100644
Binary files a/browser/themes/windows/Toolbar-lunaSilver.png and b/browser/themes/windows/Toolbar-lunaSilver.png differ
diff --git a/browser/themes/windows/Toolbar.png b/browser/themes/windows/Toolbar.png
index 57f6f7c7f499..bb03cd414927 100644
Binary files a/browser/themes/windows/Toolbar.png and b/browser/themes/windows/Toolbar.png differ
diff --git a/browser/themes/windows/browser-aero.css b/browser/themes/windows/browser-aero.css
index b721ff099ccf..6893779cbb6b 100644
--- a/browser/themes/windows/browser-aero.css
+++ b/browser/themes/windows/browser-aero.css
@@ -318,6 +318,36 @@
   }
 }
 
+/* Win8 and beyond. */
+@media not all and (-moz-os-version: windows-vista) {
+  @media not all and (-moz-os-version: windows-win7) {
+    #urlbar:not(:-moz-lwtheme),
+    .searchbar-textbox:not(:-moz-lwtheme) {
+      background-color: hsla(0,0%,100%,.9);
+      border: 1px solid transparent;
+      border-color: hsla(210,54%,20%,.25) hsla(210,54%,20%,.27) hsla(210,54%,20%,.3);
+      box-shadow: 0 1px 0 hsla(0,0%,0%,.01) inset,
+                  0 1px 0 hsla(0,0%,100%,.1);
+      transition-property: border-color, background-color;
+      transition-duration: 200ms;
+    }
+
+    #urlbar:not(:-moz-lwtheme)[focused],
+    .searchbar-textbox:not(:-moz-lwtheme)[focused] {
+      background-color: hsla(0,0%,100%,1);
+      border-color: #4595e5;
+    }
+
+    /* Introducing an additional hover state for the Bookmark button */
+    #nav-bar .toolbarbutton-1[buttonover] > .toolbarbutton-menubutton-button:hover > .toolbarbutton-icon {
+      background-color: hsla(210,4%,10%,.08);
+      -moz-border-end: 1px solid;
+      -moz-padding-end: 5px;
+      border-color: hsla(210,4%,10%,.1);
+    }
+  }
+}
+
 /* ::::: fullscreen window controls ::::: */
 
 #window-controls {
diff --git a/browser/themes/windows/browser.css b/browser/themes/windows/browser.css
index 865dbdbf50fc..93465906d20a 100644
--- a/browser/themes/windows/browser.css
+++ b/browser/themes/windows/browser.css
@@ -538,19 +538,38 @@ toolbar .toolbarbutton-1 > .toolbarbutton-menubutton-dropmarker:-moz-lwtheme-bri
 #nav-bar .toolbarbutton-1 > .toolbarbutton-text,
 #nav-bar .toolbarbutton-1 > .toolbarbutton-badge-container,
 #nav-bar .toolbarbutton-1 > .toolbarbutton-menubutton-button > .toolbarbutton-icon,
-#nav-bar .toolbarbutton-1 > .toolbarbutton-menubutton-dropmarker > .dropmarker-icon {
+#nav-bar .toolbarbutton-1 > .toolbarbutton-menubutton-dropmarker > .dropmarker-icon,
+@conditionalForwardWithUrlbar@ > .toolbarbutton-1:-moz-any([disabled],:not([open]):not([disabled]):not(:active)) > .toolbarbutton-icon {
   padding: 2px 6px;
-  background: hsla(210,32%,93%,0) padding-box;
-  border-radius: 2px;
   border: 1px solid;
-  border-color: hsla(210,54%,20%,0) hsla(210,54%,20%,0) hsla(210,54%,20%,0);
-  box-shadow: 0 1px hsla(0,0%,100%,0) inset,
-              0 1px hsla(210,54%,20%,0),
-              0 0 2px hsla(210,54%,20%,0);
-  transition-property: background-color, border-color, box-shadow;
+  border-color: transparent;
+  transition-property: background-color, border-color;
   transition-duration: 150ms;
 }
 
+%ifdef WINDOWS_AERO
+@media (-moz-os-version: windows-vista),
+       (-moz-os-version: windows-win7) {
+%endif
+  /* < Win8 */
+  #nav-bar .toolbarbutton-1 > .toolbarbutton-icon,
+  #nav-bar .toolbarbutton-1 > .toolbarbutton-text,
+  #nav-bar .toolbarbutton-1 > .toolbarbutton-badge-container,
+  #nav-bar .toolbarbutton-1 > .toolbarbutton-menubutton-button > .toolbarbutton-icon {
+    background-color: hsla(210,32%,93%,0);
+    background-origin: padding-box;
+    border-radius: 2px;
+    border-color: hsla(210,54%,20%,0) hsla(210,54%,20%,0) hsla(210,54%,20%,0);
+    box-shadow: 0 1px hsla(0,0%,100%,0) inset,
+                0 1px hsla(210,54%,20%,0),
+                0 0 2px hsla(210,54%,20%,0);
+    transition-property: background-color, border-color, box-shadow;
+    transition-duration: 150ms;
+  }
+%ifdef WINDOWS_AERO
+}
+%endif
+
 #nav-bar .toolbarbutton-1:not(:-moz-any(@primaryToolbarButtons@)) > .toolbarbutton-icon,
 #nav-bar .toolbarbutton-1:not(:-moz-any(@primaryToolbarButtons@)) > .toolbarbutton-badge-container,
 #nav-bar .toolbarbutton-1:not(:-moz-any(@primaryToolbarButtons@)) > .toolbarbutton-menubutton-button > .toolbarbutton-icon {
@@ -599,26 +618,17 @@ toolbarbutton[sdk-button="true"][cui-areatype="toolbar"] > .toolbarbutton-icon {
   content: "";
   display: -moz-box;
   width: 1px;
-  height: 18px;
+  height: 16px;
   -moz-margin-end: -1px;
-  background-image: linear-gradient(hsla(210,54%,20%,.2) 0, hsla(210,54%,20%,.2) 18px);
+  background-image: linear-gradient(hsla(210,54%,20%,.2) 0, hsla(210,54%,20%,.2) 16px);
   background-clip: padding-box;
   background-position: center;
   background-repeat: no-repeat;
-  background-size: 1px 18px;
-  box-shadow: 0 0 0 1px hsla(0,0%,100%,.2);
+  background-size: 1px 16px;
 }
 
-#nav-bar .toolbarbutton-1 > .toolbarbutton-menubutton-button > .toolbarbutton-icon:-moz-locale-dir(ltr),
-#nav-bar .toolbarbutton-1 > .toolbarbutton-menubutton-dropmarker > .dropmarker-icon:-moz-locale-dir(rtl) {
-  border-top-right-radius: 0;
-  border-bottom-right-radius: 0;
-}
-
-#nav-bar .toolbarbutton-1 > .toolbarbutton-menubutton-button > .toolbarbutton-icon:-moz-locale-dir(rtl),
-#nav-bar .toolbarbutton-1 > .toolbarbutton-menubutton-dropmarker > .dropmarker-icon:-moz-locale-dir(ltr) {
-  border-top-left-radius: 0;
-  border-bottom-left-radius: 0;
+@conditionalForwardWithUrlbar@ > .toolbarbutton-1:-moz-any([disabled],:not([open]):not([disabled]):not(:active)) > .toolbarbutton-icon {
+  border-color: hsla(210,4%,10%,.1);
 }
 
 #nav-bar .toolbarbutton-1:not([disabled=true]):-moz-any(:hover,[open]) > .toolbarbutton-menubutton-button > .toolbarbutton-icon,
@@ -626,48 +636,114 @@ toolbarbutton[sdk-button="true"][cui-areatype="toolbar"] > .toolbarbutton-icon {
 #nav-bar .toolbarbutton-1:not([disabled=true]):not([checked]):not([open]):not(:active):hover > .toolbarbutton-icon,
 #nav-bar .toolbarbutton-1:not([disabled=true]):not([checked]):not([open]):not(:active):hover > .toolbarbutton-text,
 #nav-bar .toolbarbutton-1:not([disabled=true]):not([checked]):not([open]):not(:active):hover > .toolbarbutton-badge-container,
-@conditionalForwardWithUrlbar@ > .toolbarbutton-1:-moz-any([disabled=true],:not([open]):not([disabled=true]):not(:active)) > .toolbarbutton-icon {
-  background-image: linear-gradient(hsla(0,0%,100%,.6), hsla(0,0%,100%,.1));
-  border-color: hsla(210,54%,20%,.15) hsla(210,54%,20%,.2) hsla(210,54%,20%,.25);
-  box-shadow: 0 1px hsla(0,0%,100%,.3) inset,
-              0 1px hsla(210,54%,20%,.03),
-              0 0 2px hsla(210,54%,20%,.1);
+@conditionalForwardWithUrlbar@ > #forward-button:not([open]):not(:active):not([disabled]):hover > .toolbarbutton-icon,
+#nav-bar .toolbarbutton-1:not([buttonover]):not([open]):not(:active):hover > .toolbarbutton-menubutton-dropmarker:not([disabled]) > .dropmarker-icon {
+  background-color: hsla(210,4%,10%,.08);
+  border-color: hsla(210,4%,10%,.1);
 }
 
-#nav-bar .toolbarbutton-1 > .toolbarbutton-menubutton-button:not([disabled=true]):not([open]):not(:active):hover > .toolbarbutton-icon,
-#nav-bar .toolbarbutton-1:not([buttonover]):not([open]):not(:active):hover > .toolbarbutton-menubutton-dropmarker:not([disabled=true]) > .dropmarker-icon,
-@conditionalForwardWithUrlbar@ > #forward-button:not([open]):not(:active):not([disabled=true]):hover > .toolbarbutton-icon {
-  border-color: hsla(210,54%,20%,.3) hsla(210,54%,20%,.35) hsla(210,54%,20%,.4);
-  background-color: hsla(210,48%,96%,.75);
-  box-shadow: 0 0 1px hsla(210,54%,20%,.03),
-              0 0 2px hsla(210,54%,20%,.1);
+%ifdef WINDOWS_AERO
+@media (-moz-os-version: windows-vista),
+       (-moz-os-version: windows-win7) {
+%endif
+  /* < Win8 */
+  #nav-bar .toolbarbutton-1:not(:hover):not(:active):not([open]) > .toolbarbutton-menubutton-dropmarker::before,
+  #nav-bar .toolbaritem-combined-buttons > .toolbarbutton-1:-moz-any(:not(:hover):not([open]),[disabled]) + .toolbarbutton-1:-moz-any(:not(:hover):not([open]),[disabled])::before {
+    content: "";
+    display: -moz-box;
+    width: 1px;
+    height: 18px;
+    -moz-margin-end: -1px;
+    background-image: linear-gradient(hsla(210,54%,20%,.2) 0, hsla(210,54%,20%,.2) 18px);
+    background-clip: padding-box;
+    background-position: center;
+    background-repeat: no-repeat;
+    background-size: 1px 18px;
+    box-shadow: 0 0 0 1px hsla(0,0%,100%,.2);
+  }
+
+  #nav-bar .toolbarbutton-1 > .toolbarbutton-menubutton-button > .toolbarbutton-icon:-moz-locale-dir(ltr),
+  #nav-bar .toolbarbutton-1 > .toolbarbutton-menubutton-dropmarker > .dropmarker-icon:-moz-locale-dir(rtl) {
+    border-top-right-radius: 0;
+    border-bottom-right-radius: 0;
+  }
+
+  #nav-bar .toolbarbutton-1 > .toolbarbutton-menubutton-button > .toolbarbutton-icon:-moz-locale-dir(rtl),
+  #nav-bar .toolbarbutton-1 > .toolbarbutton-menubutton-dropmarker > .dropmarker-icon:-moz-locale-dir(ltr) {
+    border-top-left-radius: 0;
+    border-bottom-left-radius: 0;
+  }
+
+  #nav-bar .toolbarbutton-1:not([disabled]):-moz-any(:hover,[open]) > .toolbarbutton-menubutton-button > .toolbarbutton-icon,
+  #nav-bar .toolbarbutton-1:not([disabled]):hover > .toolbarbutton-menubutton-dropmarker > .dropmarker-icon,
+  #nav-bar .toolbarbutton-1:not([disabled]):not([checked]):not([open]):not(:active):hover > .toolbarbutton-icon,
+  #nav-bar .toolbarbutton-1:not([disabled]):not([checked]):not([open]):not(:active):hover > .toolbarbutton-text,
+  #nav-bar .toolbarbutton-1:not([disabled]):not([checked]):not([open]):not(:active):hover > .toolbarbutton-badge-container,
+  @conditionalForwardWithUrlbar@ > .toolbarbutton-1:-moz-any([disabled],:not([open]):not([disabled]):not(:active)) > .toolbarbutton-icon {
+    background-image: linear-gradient(hsla(0,0%,100%,.6), hsla(0,0%,100%,.1));
+    background-color: transparent;
+    border-color: hsla(210,54%,20%,.15) hsla(210,54%,20%,.2) hsla(210,54%,20%,.25);
+    box-shadow: 0 1px hsla(0,0%,100%,.3) inset,
+                0 1px hsla(210,54%,20%,.03),
+                0 0 2px hsla(210,54%,20%,.1);
+  }
+
+  #nav-bar .toolbarbutton-1 > .toolbarbutton-menubutton-button:not([disabled]):not([open]):not(:active):hover > .toolbarbutton-icon,
+  #nav-bar .toolbarbutton-1:not([buttonover]):not([open]):not(:active):hover > .toolbarbutton-menubutton-dropmarker:not([disabled]) > .dropmarker-icon,
+  @conditionalForwardWithUrlbar@ > #forward-button:not([open]):not(:active):not([disabled]):hover > .toolbarbutton-icon {
+    border-color: hsla(210,54%,20%,.3) hsla(210,54%,20%,.35) hsla(210,54%,20%,.4);
+    background-color: hsla(210,48%,96%,.75);
+    box-shadow: 0 0 1px hsla(210,54%,20%,.03),
+                0 0 2px hsla(210,54%,20%,.1);
+  }
+%ifdef WINDOWS_AERO
 }
+%endif
 
 #nav-bar .toolbarbutton-1 > .toolbarbutton-menubutton-button:not([disabled=true]):hover:active > .toolbarbutton-icon,
 #nav-bar .toolbarbutton-1[open] > .toolbarbutton-menubutton-dropmarker:not([disabled=true]) > .dropmarker-icon,
 #nav-bar .toolbarbutton-1:not([disabled=true]):-moz-any([open],[checked],:hover:active) > .toolbarbutton-icon,
 #nav-bar .toolbarbutton-1:not([disabled=true]):-moz-any([open],[checked],:hover:active) > .toolbarbutton-text,
 #nav-bar .toolbarbutton-1:not([disabled=true]):-moz-any([open],[checked],:hover:active) > .toolbarbutton-badge-container {
-  background-image: linear-gradient(hsla(0,0%,100%,.6), hsla(0,0%,100%,.1));
-  background-color: hsla(210,54%,20%,.15);
-  border-color: hsla(210,54%,20%,.3) hsla(210,54%,20%,.35) hsla(210,54%,20%,.4);
-  box-shadow: 0 1px 1px hsla(210,54%,20%,.1) inset,
-              0 0 1px hsla(210,54%,20%,.2) inset,
-              /* allows windows-keyhole-forward-clip-path to be used for non-hover as well as hover: */
-              0 1px 0 hsla(210,54%,20%,0),
-              0 0 2px hsla(210,54%,20%,0);
-  text-shadow: none;
-  transition: none;
+  background-color: hsla(210,4%,10%,.12);
+  border-top-color: hsla(210,4%,10%,.2);
+  box-shadow: 0 1px 0 0 hsla(210,4%,10%,.1) inset;
+  transition-duration: 10ms;
 }
 
-#nav-bar .toolbarbutton-1:-moz-any(:hover,[open]) > .toolbarbutton-menubutton-dropmarker:not([disabled=true]) > .dropmarker-icon {
-  -moz-border-start-color: hsla(210,54%,20%,.35);
-}
+%ifdef WINDOWS_AERO
+@media (-moz-os-version: windows-vista),
+       (-moz-os-version: windows-win7) {
+%endif
+  /* < Win8 */
+  #nav-bar .toolbarbutton-1 > .toolbarbutton-menubutton-button:not([disabled]):hover:active > .toolbarbutton-icon,
+  #nav-bar .toolbarbutton-1[open] > .toolbarbutton-menubutton-dropmarker:not([disabled]) > .dropmarker-icon,
+  #nav-bar .toolbarbutton-1:not([disabled]):-moz-any([open],[checked],:hover:active) > .toolbarbutton-icon,
+  #nav-bar .toolbarbutton-1:not([disabled]):-moz-any([open],[checked],:hover:active) > .toolbarbutton-text,
+  #nav-bar .toolbarbutton-1:not([disabled]):-moz-any([open],[checked],:hover:active) > .toolbarbutton-badge-container {
+    background-image: linear-gradient(hsla(0,0%,100%,.6), hsla(0,0%,100%,.1));
+    background-color: hsla(210,54%,20%,.15);
+    border-color: hsla(210,54%,20%,.3) hsla(210,54%,20%,.35) hsla(210,54%,20%,.4);
+    box-shadow: 0 1px 1px hsla(210,54%,20%,.1) inset,
+                0 0 1px hsla(210,54%,20%,.2) inset,
+                /* allows windows-keyhole-forward-clip-path to be used for non-hover as well as hover: */
+                0 1px 0 hsla(210,54%,20%,0),
+                0 0 2px hsla(210,54%,20%,0);
+    text-shadow: none;
+    transition: none;
+  }
 
-#nav-bar .toolbarbutton-1[checked]:not(:active):hover > .toolbarbutton-icon {
-  background-color: rgba(90%,90%,90%,.4);
-  transition: background-color .4s;
+  #nav-bar .toolbarbutton-1:-moz-any(:hover,[open]) > .toolbarbutton-menubutton-dropmarker:not([disabled]) > .dropmarker-icon {
+    -moz-border-start-color: hsla(210,54%,20%,.35);
+  }
+
+  #nav-bar .toolbarbutton-1[checked]:not(:active):hover > .toolbarbutton-icon {
+    background-color: rgba(90%,90%,90%,.4);
+    transition: background-color .4s;
+  }
+%ifdef WINDOWS_AERO
 }
+%endif
 
 #TabsToolbar .toolbarbutton-1,
 #TabsToolbar .toolbarbutton-1 > .toolbarbutton-menubutton-button,
@@ -702,15 +778,27 @@ toolbarbutton[sdk-button="true"][cui-areatype="toolbar"] > .toolbarbutton-icon {
 }
 
 #forward-button > .toolbarbutton-icon {
+  background-clip: padding-box !important;
   /*mask: url(keyhole-forward-mask.svg#mask); XXX: this regresses twinopen */
   clip-path: url(chrome://browser/content/browser.xul#windows-keyhole-forward-clip-path) !important;
-  margin-left: -6px !important;
+  margin-left: -7px !important;
   border-left-style: none !important;
   border-radius: 0 !important;
   padding-left: 7px !important;
   padding-right: 3px !important;
 }
 
+%ifdef WINDOWS_AERO
+@media (-moz-os-version: windows-vista),
+       (-moz-os-version: windows-win7) {
+%endif
+  #forward-button > .toolbarbutton-icon {
+    margin-left: -6px !important;
+  }
+%ifdef WINDOWS_AERO
+}
+%endif
+
 @conditionalForwardWithUrlbar@:not([switchingtabs]) > #forward-button {
   transition: opacity @forwardTransitionLength@ ease-out;
 }
@@ -743,40 +831,65 @@ toolbarbutton[sdk-button="true"][cui-areatype="toolbar"] > .toolbarbutton-icon {
 
 #back-button > .toolbarbutton-icon {
   border-radius: 10000px !important;
+  background-clip: padding-box !important;
+  background-color: hsla(210,25%,98%,.08) !important;
   padding: 5px !important;
-  border: none !important;
-  background-image: linear-gradient(hsla(0,0%,100%,.6), hsla(0,0%,100%,.1)) !important;
-  box-shadow: 0 1px 0 hsla(0,0%,100%,.3) inset,
-              0 0 0 1px hsla(0,0%,100%,.3) inset,
-              0 0 0 1px hsla(210,54%,20%,.25),
-              0 1px 0 hsla(210,54%,20%,.35) !important;
-  transition-property: background-color, box-shadow !important;
+  border-color: hsla(210,4%,10%,.25) !important;
+  transition-property: background-color, border-color !important;
+  transition-duration: 250ms !important;
 }
 
 #back-button:not([disabled="true"]):not([open="true"]):not(:active):hover > .toolbarbutton-icon {
-  background-color: hsla(210,48%,96%,.75) !important;
-  box-shadow: 0 1px 0 hsla(0,0%,100%,.3) inset,
-              0 0 0 1px hsla(0,0%,100%,.3) inset,
-              0 0 0 1px hsla(210,54%,20%,.3),
-              0 1px 0 hsla(210,54%,20%,.4),
-              0 0 4px hsla(210,54%,20%,.2) !important;
+  background-color: hsla(210,4%,10%,.08) !important;
+  box-shadow: none !important;
 }
 
-#back-button:not([disabled="true"]):hover:active > .toolbarbutton-icon,
 #back-button[open="true"] > .toolbarbutton-icon {
-  background-color: hsla(210,54%,20%,.15) !important;
-  box-shadow: 0 1px 1px hsla(210,54%,20%,.1) inset,
-              0 0 1px hsla(210,54%,20%,.2) inset,
-              0 0 0 1px hsla(210,54%,20%,.4),
-              0 1px 0 hsla(210,54%,20%,.2) !important;
-  transition: none;
+  background-color: hsla(210,4%,10%,.12) !important;
+  box-shadow: 0 1px 0 0 hsla(210,80%,20%,.1) inset !important;
 }
 
-#main-window:not([customizing]) #back-button[disabled] > .toolbarbutton-icon {
-  box-shadow: 0 0 0 1px hsla(210,54%,20%,.55),
-              0 1px 0 hsla(210,54%,20%,.65) !important;
-  transition: none;
+%ifdef WINDOWS_AERO
+@media (-moz-os-version: windows-vista),
+       (-moz-os-version: windows-win7) {
+%endif
+  #back-button > .toolbarbutton-icon {
+    border: none !important;
+    background-image: linear-gradient(hsla(0,0%,100%,.6), hsla(0,0%,100%,.1)) !important;
+    box-shadow: 0 1px 0 hsla(0,0%,100%,.3) inset,
+                0 0 0 1px hsla(0,0%,100%,.3) inset,
+                0 0 0 1px hsla(210,54%,20%,.25),
+                0 1px 0 hsla(210,54%,20%,.35) !important;
+    transition-property: background-color, box-shadow !important;
+  }
+
+  #back-button:not([disabled="true"]):not([open="true"]):not(:active):hover > .toolbarbutton-icon {
+    background-color: hsla(210,48%,96%,.75) !important;
+    box-shadow: 0 1px 0 hsla(0,0%,100%,.3) inset,
+                0 0 0 1px hsla(0,0%,100%,.3) inset,
+                0 0 0 1px hsla(210,54%,20%,.3),
+                0 1px 0 hsla(210,54%,20%,.4),
+                0 0 4px hsla(210,54%,20%,.2) !important;
+  }
+
+  #back-button:not([disabled="true"]):hover:active > .toolbarbutton-icon,
+  #back-button[open="true"] > .toolbarbutton-icon {
+    background-color: hsla(210,54%,20%,.15) !important;
+    box-shadow: 0 1px 1px hsla(210,54%,20%,.1) inset,
+                0 0 1px hsla(210,54%,20%,.2) inset,
+                0 0 0 1px hsla(210,54%,20%,.4),
+                0 1px 0 hsla(210,54%,20%,.2) !important;
+    transition: none;
+  }
+
+  #main-window:not([customizing]) #back-button[disabled] > .toolbarbutton-icon {
+    box-shadow: 0 0 0 1px hsla(210,54%,20%,.55),
+                0 1px 0 hsla(210,54%,20%,.65) !important;
+    transition: none;
+  }
+%ifdef WINDOWS_AERO
 }
+%endif
 
 #back-button:-moz-locale-dir(rtl) > .toolbarbutton-icon,
 #forward-button:-moz-locale-dir(rtl) {
@@ -899,9 +1012,21 @@ toolbarbutton[sdk-button="true"][cui-areatype="toolbar"] > .toolbarbutton-icon {
   padding: 0;
   background-clip: padding-box;
   border: 1px solid ThreeDShadow;
-  border-radius: 2px;
 }
 
+%ifdef WINDOWS_AERO
+@media (-moz-os-version: windows-vista),
+       (-moz-os-version: windows-win7) {
+%endif
+  /* < Win8 */
+  #urlbar,
+  .searchbar-textbox {
+    border-radius: 2px;
+  }
+%ifdef WINDOWS_AERO
+}
+%endif
+
 #urlbar {
   -moz-padding-end: 2px;
 }
diff --git a/browser/themes/windows/customizableui/panelUIOverlay.css b/browser/themes/windows/customizableui/panelUIOverlay.css
index b2045430076d..f18d11b5e899 100644
--- a/browser/themes/windows/customizableui/panelUIOverlay.css
+++ b/browser/themes/windows/customizableui/panelUIOverlay.css
@@ -47,6 +47,18 @@
   -moz-margin-start: 3px;
 }
 
+/* subviewbutton entries for social sidebars have images that come from external
+/* sources, and are not guaranteed to be the size we want, so force the size on
+/* those icons. */
+toolbarbutton.social-provider-menuitem > .toolbarbutton-icon {
+  width: 16px;
+  height: 16px;
+}
+
+.subviewbutton:-moz-any([image],[targetURI],.cui-withicon, .restoreallitem, .bookmark-item)[checked="true"] > .toolbarbutton-icon {
+  visibility: hidden;
+}
+
 %ifdef WINDOWS_AERO
 /* Win8 and beyond. */
 @media not all and (-moz-os-version: windows-vista) {
diff --git a/browser/themes/windows/menuPanel-aero.png b/browser/themes/windows/menuPanel-aero.png
index 2145b4db604f..d42c9b32211c 100644
Binary files a/browser/themes/windows/menuPanel-aero.png and b/browser/themes/windows/menuPanel-aero.png differ
diff --git a/browser/themes/windows/menuPanel.png b/browser/themes/windows/menuPanel.png
index 0fc16291d311..7eb34b02d9d0 100644
Binary files a/browser/themes/windows/menuPanel.png and b/browser/themes/windows/menuPanel.png differ
diff --git a/mobile/android/base/GeckoApp.java b/mobile/android/base/GeckoApp.java
index ce95ad51d623..171db7fbf77c 100644
--- a/mobile/android/base/GeckoApp.java
+++ b/mobile/android/base/GeckoApp.java
@@ -16,6 +16,7 @@ import java.net.URL;
 import java.text.DateFormat;
 import java.text.SimpleDateFormat;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.Iterator;
@@ -678,10 +679,7 @@ public abstract class GeckoApp
                 Intent intent = GeckoAppShell.getOpenURIIntent(sAppContext, message.optString("url"),
                     message.optString("mime"), message.optString("action"), message.optString("title"));
                 String[] handlers = GeckoAppShell.getHandlersForIntent(intent);
-                ArrayList<String> appList = new ArrayList<String>(handlers.length);
-                for (int i = 0; i < handlers.length; i++) {
-                    appList.add(handlers[i]);
-                }
+                List<String> appList = Arrays.asList(handlers);
                 JSONObject handlersJSON = new JSONObject();
                 handlersJSON.put("apps", new JSONArray(appList));
                 EventDispatcher.sendResponse(message, handlersJSON);
diff --git a/mobile/android/base/browserid/JSONWebTokenUtils.java b/mobile/android/base/browserid/JSONWebTokenUtils.java
index 845ecafcadd5..b9093bba8e4d 100644
--- a/mobile/android/base/browserid/JSONWebTokenUtils.java
+++ b/mobile/android/base/browserid/JSONWebTokenUtils.java
@@ -9,7 +9,9 @@ import java.io.UnsupportedEncodingException;
 import java.security.GeneralSecurityException;
 import java.util.ArrayList;
 import java.util.Map;
+import java.util.TreeMap;
 
+import org.json.simple.JSONObject;
 import org.json.simple.parser.ParseException;
 import org.mozilla.apache.commons.codec.binary.Base64;
 import org.mozilla.apache.commons.codec.binary.StringUtils;
@@ -28,6 +30,7 @@ import org.mozilla.gecko.sync.Utils;
 public class JSONWebTokenUtils {
   public static final long DEFAULT_CERTIFICATE_DURATION_IN_MILLISECONDS = 60 * 60 * 1000;
   public static final long DEFAULT_ASSERTION_DURATION_IN_MILLISECONDS = 60 * 60 * 1000;
+  public static final long DEFAULT_FUTURE_EXPIRES_AT_IN_MILLISECONDS = 9999999999999L;
   public static final String DEFAULT_CERTIFICATE_ISSUER = "127.0.0.1";
   public static final String DEFAULT_ASSERTION_ISSUER = "127.0.0.1";
 
@@ -70,8 +73,12 @@ public class JSONWebTokenUtils {
     return payload;
   }
 
-  protected static String getPayloadString(String payloadString, String issuer,
-      long issuedAt, String audience, long expiresAt) throws NonObjectJSONException,
+  /**
+   * Public for testing.
+   */
+  @SuppressWarnings("unchecked")
+  public static String getPayloadString(String payloadString, String audience, String issuer,
+      Long issuedAt, long expiresAt) throws NonObjectJSONException,
       IOException, ParseException {
     ExtendedJSONObject payload;
     if (payloadString != null) {
@@ -79,13 +86,16 @@ public class JSONWebTokenUtils {
     } else {
       payload = new ExtendedJSONObject();
     }
-    payload.put("iss", issuer);
-    payload.put("iat", issuedAt);
     if (audience != null) {
       payload.put("aud", audience);
     }
+    payload.put("iss", issuer);
+    if (issuedAt != null) {
+      payload.put("iat", issuedAt);
+    }
     payload.put("exp", expiresAt);
-    return payload.toJSONString();
+    // TreeMap so that keys are sorted. A small attempt to keep output stable over time.
+    return JSONObject.toJSONString(new TreeMap<Object, Object>(payload.object));
   }
 
   protected static String getCertificatePayloadString(VerifyingPublicKey publicKeyToSign, String email) throws NonObjectJSONException, IOException, ParseException  {
@@ -100,33 +110,42 @@ public class JSONWebTokenUtils {
   public static String createCertificate(VerifyingPublicKey publicKeyToSign, String email,
       String issuer, long issuedAt, long expiresAt, SigningPrivateKey privateKey) throws NonObjectJSONException, IOException, ParseException, GeneralSecurityException  {
     String certificatePayloadString = getCertificatePayloadString(publicKeyToSign, email);
-    String payloadString = getPayloadString(certificatePayloadString, issuer, issuedAt, null, expiresAt);
+    String payloadString = getPayloadString(certificatePayloadString, null, issuer, issuedAt, expiresAt);
     return JSONWebTokenUtils.encode(payloadString, privateKey);
   }
 
-  public static String createCertificate(VerifyingPublicKey publicKeyToSign, String email, SigningPrivateKey privateKey) throws NonObjectJSONException, IOException, ParseException, GeneralSecurityException  {
-    String issuer = DEFAULT_CERTIFICATE_ISSUER;
-    long issuedAt = System.currentTimeMillis();
-    long durationInMilliseconds = DEFAULT_CERTIFICATE_DURATION_IN_MILLISECONDS;
-    return createCertificate(publicKeyToSign, email, issuer, issuedAt, issuedAt + durationInMilliseconds, privateKey);
-  }
-
+  /**
+   * Create a Browser ID assertion.
+   *
+   * @param privateKeyToSignWith
+   *          private key to sign assertion with.
+   * @param certificate
+   *          to include in assertion; no attempt is made to ensure the
+   *          certificate is valid, or corresponds to the private key, or any
+   *          other condition.
+   * @param audience
+   *          to produce assertion for.
+   * @param issuer
+   *          to produce assertion for.
+   * @param issuedAt
+   *          timestamp for assertion, in milliseconds since the epoch; if null,
+   *          no timestamp is included.
+   * @param expiresAt
+   *          expiration timestamp for assertion, in milliseconds since the epoch.
+   * @return assertion.
+   * @throws NonObjectJSONException
+   * @throws IOException
+   * @throws ParseException
+   * @throws GeneralSecurityException
+   */
   public static String createAssertion(SigningPrivateKey privateKeyToSignWith, String certificate, String audience,
-      String issuer, long issuedAt, long durationInMilliseconds) throws NonObjectJSONException, IOException, ParseException, GeneralSecurityException  {
-    long expiresAt = issuedAt + durationInMilliseconds;
+      String issuer, Long issuedAt, long expiresAt) throws NonObjectJSONException, IOException, ParseException, GeneralSecurityException  {
     String emptyAssertionPayloadString = "{}";
-    String payloadString = getPayloadString(emptyAssertionPayloadString, issuer, issuedAt, audience, expiresAt);
+    String payloadString = getPayloadString(emptyAssertionPayloadString, audience, issuer, issuedAt, expiresAt);
     String signature = JSONWebTokenUtils.encode(payloadString, privateKeyToSignWith);
     return certificate + "~" + signature;
   }
 
-  public static String createAssertion(SigningPrivateKey privateKeyToSignWith, String certificate, String audience) throws NonObjectJSONException, IOException, ParseException, GeneralSecurityException  {
-    String issuer = DEFAULT_ASSERTION_ISSUER;
-    long issuedAt = System.currentTimeMillis();
-    long durationInMilliseconds = DEFAULT_ASSERTION_DURATION_IN_MILLISECONDS;
-    return createAssertion(privateKeyToSignWith, certificate, audience, issuer, issuedAt, durationInMilliseconds);
-  }
-
   /**
    * For debugging only!
    *
diff --git a/mobile/android/base/browserid/MockMyIDTokenFactory.java b/mobile/android/base/browserid/MockMyIDTokenFactory.java
index 0a5ef31f215f..ee4933ec3b2f 100644
--- a/mobile/android/base/browserid/MockMyIDTokenFactory.java
+++ b/mobile/android/base/browserid/MockMyIDTokenFactory.java
@@ -40,18 +40,17 @@ public class MockMyIDTokenFactory {
    *          sign username@mockmyid.com
    * @param issuedAt
    *          timestamp for certificate, in milliseconds since the epoch.
-   * @param durationInMilliseconds
-   *          lifespan of certificate, in milliseconds.
+   * @param expiresAt
+   *          expiration timestamp for certificate, in milliseconds since the epoch.
    * @return encoded certificate string.
    * @throws Exception
    */
   public String createMockMyIDCertificate(final VerifyingPublicKey publicKeyToSign, String username,
-      final long issuedAt, final long durationInMilliseconds)
+      final long issuedAt, final long expiresAt)
           throws Exception {
     if (!username.endsWith("@mockmyid.com")) {
       username = username + "@mockmyid.com";
     }
-    long expiresAt = issuedAt + durationInMilliseconds;
     SigningPrivateKey mockMyIdPrivateKey = getMockMyIDPrivateKey();
     return JSONWebTokenUtils.createCertificate(publicKeyToSign, username, "mockmyid.com", issuedAt, expiresAt, mockMyIdPrivateKey);
   }
@@ -69,8 +68,9 @@ public class MockMyIDTokenFactory {
    */
   public String createMockMyIDCertificate(final VerifyingPublicKey publicKeyToSign, final String username)
       throws Exception {
-    return createMockMyIDCertificate(publicKeyToSign, username,
-        System.currentTimeMillis(), JSONWebTokenUtils.DEFAULT_CERTIFICATE_DURATION_IN_MILLISECONDS );
+    long ciat = System.currentTimeMillis();
+    long cexp = ciat + JSONWebTokenUtils.DEFAULT_CERTIFICATE_DURATION_IN_MILLISECONDS;
+    return createMockMyIDCertificate(publicKeyToSign, username, ciat, cexp);
   }
 
   /**
@@ -84,23 +84,24 @@ public class MockMyIDTokenFactory {
    *          sign username@mockmyid.com.
    * @param certificateIssuedAt
    *          timestamp for certificate, in milliseconds since the epoch.
-   * @param certificateDurationInMilliseconds
-   *          lifespan of certificate, in milliseconds.
+   * @param certificateExpiresAt
+   *          expiration timestamp for certificate, in milliseconds since the epoch.
    * @param assertionIssuedAt
-   *          timestamp for assertion, in milliseconds since the epoch.
-   * @param assertionDurationInMilliseconds
-   *          lifespan of assertion, in milliseconds.
+   *          timestamp for assertion, in milliseconds since the epoch; if null,
+   *          no timestamp is included.
+   * @param assertionExpiresAt
+   *          expiration timestamp for assertion, in milliseconds since the epoch.
    * @return encoded assertion string.
    * @throws Exception
    */
   public String createMockMyIDAssertion(BrowserIDKeyPair keyPair, String username, String audience,
-      long certificateIssuedAt, long certificateDurationInMilliseconds,
-      long assertionIssuedAt, long assertionDurationInMilliseconds)
+      long certificateIssuedAt, long certificateExpiresAt,
+      Long assertionIssuedAt, long assertionExpiresAt)
           throws Exception {
     String certificate = createMockMyIDCertificate(keyPair.getPublic(), username,
-        certificateIssuedAt, certificateDurationInMilliseconds);
+        certificateIssuedAt, certificateExpiresAt);
     return JSONWebTokenUtils.createAssertion(keyPair.getPrivate(), certificate, audience,
-        JSONWebTokenUtils.DEFAULT_ASSERTION_ISSUER, assertionIssuedAt, assertionDurationInMilliseconds);
+        JSONWebTokenUtils.DEFAULT_ASSERTION_ISSUER, assertionIssuedAt, assertionExpiresAt);
   }
 
   /**
@@ -117,9 +118,11 @@ public class MockMyIDTokenFactory {
    */
   public String createMockMyIDAssertion(BrowserIDKeyPair keyPair, String username, String audience)
       throws Exception {
-    long now = System.currentTimeMillis();
+    long ciat = System.currentTimeMillis();
+    long cexp = ciat + JSONWebTokenUtils.DEFAULT_CERTIFICATE_DURATION_IN_MILLISECONDS;
+    long aiat = ciat + 1;
+    long aexp = aiat + JSONWebTokenUtils.DEFAULT_ASSERTION_DURATION_IN_MILLISECONDS;
     return createMockMyIDAssertion(keyPair, username, audience,
-        now, JSONWebTokenUtils.DEFAULT_CERTIFICATE_DURATION_IN_MILLISECONDS,
-        now + 1, JSONWebTokenUtils.DEFAULT_ASSERTION_DURATION_IN_MILLISECONDS);
+        ciat, cexp, aiat, aexp);
   }
 }
diff --git a/mobile/android/base/browserid/verifier/BrowserIDRemoteVerifierClient.java b/mobile/android/base/browserid/verifier/BrowserIDRemoteVerifierClient.java
index 0f802fbd03cd..a07eb5fcea60 100644
--- a/mobile/android/base/browserid/verifier/BrowserIDRemoteVerifierClient.java
+++ b/mobile/android/base/browserid/verifier/BrowserIDRemoteVerifierClient.java
@@ -10,6 +10,7 @@ import java.net.URI;
 import java.net.URISyntaxException;
 import java.security.GeneralSecurityException;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.List;
 
 import org.mozilla.gecko.background.common.log.Logger;
@@ -118,9 +119,9 @@ public class BrowserIDRemoteVerifierClient implements BrowserIDVerifierClient {
 
     r.delegate = new RemoteVerifierResourceDelegate(r, delegate);
 
-    List<NameValuePair> nvps = new ArrayList<NameValuePair>();
-    nvps.add(new BasicNameValuePair("audience", audience));
-    nvps.add(new BasicNameValuePair("assertion", assertion));
+    List<NameValuePair> nvps = Arrays.asList(new NameValuePair[] {
+        new BasicNameValuePair("audience", audience),
+        new BasicNameValuePair("assertion", assertion) });
 
     try {
       r.post(new UrlEncodedFormEntity(nvps, "UTF-8"));
diff --git a/mobile/android/base/favicons/Favicons.java b/mobile/android/base/favicons/Favicons.java
index 3e1ba5d51463..6c61e8cfaf5a 100644
--- a/mobile/android/base/favicons/Favicons.java
+++ b/mobile/android/base/favicons/Favicons.java
@@ -30,8 +30,10 @@ import java.io.File;
 import java.net.URI;
 import java.net.URISyntaxException;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.Collections;
 import java.util.Iterator;
+import java.util.List;
 import java.util.Set;
 
 public class Favicons {
@@ -396,9 +398,9 @@ public class Favicons {
 
         // Load and cache the built-in favicon in each of its sizes.
         // TODO: don't open the zip twice!
-        ArrayList<Bitmap> toInsert = new ArrayList<Bitmap>(2);
-        toInsert.add(loadBrandingBitmap(context, "favicon64.png"));
-        toInsert.add(loadBrandingBitmap(context, "favicon32.png"));
+        List<Bitmap> toInsert = Arrays.asList(loadBrandingBitmap(context, "favicon64.png"),
+                                              loadBrandingBitmap(context, "favicon32.png"));
+
         putFaviconsInMemCache(BUILT_IN_FAVICON_URL, toInsert.iterator(), true);
     }
 
diff --git a/mobile/android/base/fxa/FxAccountConstants.java.in b/mobile/android/base/fxa/FxAccountConstants.java.in
index dea54cb48d1c..c6ece3af247a 100644
--- a/mobile/android/base/fxa/FxAccountConstants.java.in
+++ b/mobile/android/base/fxa/FxAccountConstants.java.in
@@ -14,6 +14,8 @@ public class FxAccountConstants {
   public static final String DEFAULT_AUTH_SERVER_ENDPOINT = "https://api.accounts.firefox.com/v1";
   public static final String DEFAULT_TOKEN_SERVER_ENDPOINT = "https://token.services.mozilla.com/1.0/sync/1.5";
 
+  public static final String STAGE_TOKEN_SERVER_ENDPOINT = "https://token.stage.mozaws.net/1.0/sync/1.5";
+
   // For extra debugging.  Not final so it can be changed from Fennec, or from
   // an add-on.
   public static boolean LOG_PERSONAL_INFORMATION = false;
diff --git a/mobile/android/base/fxa/login/Married.java b/mobile/android/base/fxa/login/Married.java
index 5889b3ae38e0..226023ca4fec 100644
--- a/mobile/android/base/fxa/login/Married.java
+++ b/mobile/android/base/fxa/login/Married.java
@@ -56,8 +56,11 @@ public class Married extends TokensAndKeysState {
     delegate.handleTransition(new LogMessage("staying married"), this);
   }
 
-  public String generateAssertion(String audience, String issuer, long issuedAt, long durationInMilliseconds) throws NonObjectJSONException, IOException, ParseException, GeneralSecurityException {
-    String assertion = JSONWebTokenUtils.createAssertion(keyPair.getPrivate(), certificate, audience, issuer, issuedAt, durationInMilliseconds);
+  public String generateAssertion(String audience, String issuer) throws NonObjectJSONException, IOException, ParseException, GeneralSecurityException {
+    // We generate assertions with no iat and an exp after 2050 to avoid
+    // invalid-timestamp errors from the token server.
+    final long expiresAt = JSONWebTokenUtils.DEFAULT_FUTURE_EXPIRES_AT_IN_MILLISECONDS;
+    String assertion = JSONWebTokenUtils.createAssertion(keyPair.getPrivate(), certificate, audience, issuer, null, expiresAt);
     if (!FxAccountConstants.LOG_PERSONAL_INFORMATION) {
       return assertion;
     }
diff --git a/mobile/android/base/fxa/sync/FxAccountSyncAdapter.java b/mobile/android/base/fxa/sync/FxAccountSyncAdapter.java
index d86a766e8fe9..645e52fc31b0 100644
--- a/mobile/android/base/fxa/sync/FxAccountSyncAdapter.java
+++ b/mobile/android/base/fxa/sync/FxAccountSyncAdapter.java
@@ -347,9 +347,9 @@ public class FxAccountSyncAdapter extends AbstractThreadedSyncAdapter {
           // skew adjustment that the HawkAuthHeaderProvider uses to adjust its
           // timestamps. Eventually we might want this to adapt within the scope of a
           // global session.
-          final SkewHandler tokenServerSkewHandler = SkewHandler.getSkewHandlerForHostname(storageHostname);
-          final long tokenServerSkew = tokenServerSkewHandler.getSkewInSeconds();
-          final AuthHeaderProvider authHeaderProvider = new HawkAuthHeaderProvider(token.id, token.key.getBytes("UTF-8"), false, tokenServerSkew);
+          final SkewHandler storageServerSkewHandler = SkewHandler.getSkewHandlerForHostname(storageHostname);
+          final long storageServerSkew = storageServerSkewHandler.getSkewInSeconds();
+          final AuthHeaderProvider authHeaderProvider = new HawkAuthHeaderProvider(token.id, token.key.getBytes("UTF-8"), false, storageServerSkew);
 
           final Context context = getContext();
           final SyncConfiguration syncConfig = new SyncConfiguration(token.uid, authHeaderProvider, sharedPrefs, syncKeyBundle);
@@ -503,11 +503,7 @@ public class FxAccountSyncAdapter extends AbstractThreadedSyncAdapter {
             }
 
             final Married married = (Married) state;
-            SkewHandler skewHandler = SkewHandler.getSkewHandlerFromEndpointString(tokenServerEndpoint);
-            final long now = System.currentTimeMillis();
-            final long issuedAtMillis = now + skewHandler.getSkewInMillis();
-            final long assertionDurationMillis = this.getAssertionDurationInMilliseconds();
-            final String assertion = married.generateAssertion(audience, JSONWebTokenUtils.DEFAULT_ASSERTION_ISSUER, issuedAtMillis, assertionDurationMillis);
+            final String assertion = married.generateAssertion(audience, JSONWebTokenUtils.DEFAULT_ASSERTION_ISSUER);
 
             /*
              * At this point we're in the correct state to sync, and we're ready to fetch
diff --git a/mobile/android/base/health/BrowserHealthRecorder.java b/mobile/android/base/health/BrowserHealthRecorder.java
index 9e3ecf997eec..e5bbaac34228 100644
--- a/mobile/android/base/health/BrowserHealthRecorder.java
+++ b/mobile/android/base/health/BrowserHealthRecorder.java
@@ -14,6 +14,7 @@ import java.util.Arrays;
 import java.util.Collections;
 import java.util.HashSet;
 import java.util.Iterator;
+import java.util.List;
 import java.util.Scanner;
 import java.util.Set;
 import java.util.concurrent.atomic.AtomicBoolean;
@@ -789,9 +790,9 @@ public class BrowserHealthRecorder implements HealthRecorder, GeckoEventListener
             new MeasurementFields() {
                 @Override
                 public Iterable<FieldSpec> getFields() {
-                    ArrayList<FieldSpec> out = new ArrayList<FieldSpec>(2);
-                    out.add(new FieldSpec("normal", Field.TYPE_JSON_DISCRETE));
-                    out.add(new FieldSpec("abnormal", Field.TYPE_JSON_DISCRETE));
+                    List<FieldSpec> out = Arrays.asList(
+                        new FieldSpec("normal", Field.TYPE_JSON_DISCRETE),
+                        new FieldSpec("abnormal", Field.TYPE_JSON_DISCRETE));
                     return out;
                 }
         });
diff --git a/mobile/android/base/preferences/CustomListPreference.java b/mobile/android/base/preferences/CustomListPreference.java
index 7d63625c7ad1..8b7e0e7b3957 100644
--- a/mobile/android/base/preferences/CustomListPreference.java
+++ b/mobile/android/base/preferences/CustomListPreference.java
@@ -27,14 +27,15 @@ public abstract class CustomListPreference extends Preference implements View.On
     public static final int INDEX_SET_DEFAULT_BUTTON = 0;
 
     // Dialog item labels.
-    protected final String[] mDialogItems;
+    private String[] mDialogItems;
 
     // Dialog displayed when this element is tapped.
     protected AlertDialog mDialog;
 
     // Cache label to avoid repeated use of the resource system.
-    public final String LABEL_IS_DEFAULT;
-    public final String LABEL_SET_AS_DEFAULT;
+    protected final String LABEL_IS_DEFAULT;
+    protected final String LABEL_SET_AS_DEFAULT;
+    protected final String LABEL_REMOVE;
 
     protected boolean mIsDefault;
 
@@ -68,8 +69,7 @@ public abstract class CustomListPreference extends Preference implements View.On
         // Fetch these strings now, instead of every time we ever want to relabel a button.
         LABEL_IS_DEFAULT = res.getString(R.string.pref_default);
         LABEL_SET_AS_DEFAULT = res.getString(R.string.pref_dialog_set_default);
-
-        mDialogItems = getDialogStrings();
+        LABEL_REMOVE = res.getString(R.string.pref_dialog_remove);
     }
 
     /**
@@ -97,10 +97,17 @@ public abstract class CustomListPreference extends Preference implements View.On
         }
     }
 
+    private String[] getCachedDialogItems() {
+        if (mDialogItems == null) {
+            mDialogItems = createDialogItems();
+        }
+        return mDialogItems;
+    }
+
     /**
      * Returns the strings to be displayed in the dialog.
      */
-    abstract protected String[] getDialogStrings();
+    abstract protected String[] createDialogItems();
 
     /**
      * Display a dialog for this preference, when the preference is clicked.
@@ -108,7 +115,7 @@ public abstract class CustomListPreference extends Preference implements View.On
     public void showDialog() {
         final AlertDialog.Builder builder = new AlertDialog.Builder(getContext());
         builder.setTitle(getTitle().toString());
-        builder.setItems(mDialogItems, new DialogInterface.OnClickListener() {
+        builder.setItems(getCachedDialogItems(), new DialogInterface.OnClickListener() {
             // Forward relevant events to the container class for handling.
             @Override
             public void onClick(DialogInterface dialog, int indexClicked) {
diff --git a/mobile/android/base/preferences/PanelsPreference.java b/mobile/android/base/preferences/PanelsPreference.java
index cd0c181481a2..e3d8a4173af9 100644
--- a/mobile/android/base/preferences/PanelsPreference.java
+++ b/mobile/android/base/preferences/PanelsPreference.java
@@ -16,16 +16,22 @@ import android.widget.TextView;
 public class PanelsPreference extends CustomListPreference {
     protected String LOGTAG = "PanelsPreference";
 
-    private static final int INDEX_SHOW_BUTTON = 1;
-    private static final int INDEX_REMOVE_BUTTON = 2;
+    /**
+     * Index of the context menu button for controlling display options.
+     * For (removable) Dynamic panels, this button removes the panel.
+     * For built-in panels, this button toggles showing or hiding the panel.
+     */
+    private static final int INDEX_DISPLAY_BUTTON = 1;
 
     private String LABEL_HIDE;
     private String LABEL_SHOW;
 
     protected boolean mIsHidden = false;
+    private boolean mIsRemovable;
 
-    public PanelsPreference(Context context, CustomListCategory parentCategory) {
+    public PanelsPreference(Context context, CustomListCategory parentCategory, boolean isRemovable) {
         super(context, parentCategory);
+        mIsRemovable = isRemovable;
     }
 
     @Override
@@ -49,15 +55,17 @@ public class PanelsPreference extends CustomListPreference {
     }
 
     @Override
-    protected String[] getDialogStrings() {
+    protected String[] createDialogItems() {
+        if (mIsRemovable) {
+            return new String[] { LABEL_SET_AS_DEFAULT, LABEL_REMOVE };
+        }
+
+        // Built-in panels can't be removed, so use show/hide options.
         Resources res = getContext().getResources();
         LABEL_HIDE = res.getString(R.string.pref_panels_hide);
         LABEL_SHOW = res.getString(R.string.pref_panels_show);
 
-        // XXX: Don't provide the "Remove" string for now, because we only support built-in
-        // panels, which can only be disabled.
-        return new String[] { LABEL_SET_AS_DEFAULT,
-                              LABEL_HIDE };
+        return new String[] { LABEL_SET_AS_DEFAULT, LABEL_HIDE };
     }
 
     @Override
@@ -81,12 +89,15 @@ public class PanelsPreference extends CustomListPreference {
                 mParentCategory.setDefault(this);
                 break;
 
-            case INDEX_SHOW_BUTTON:
-                ((PanelsPreferenceCategory) mParentCategory).setHidden(this, !mIsHidden);
-                break;
-
-            case INDEX_REMOVE_BUTTON:
-                mParentCategory.uninstall(this);
+            case INDEX_DISPLAY_BUTTON:
+                // Handle display options for the panel.
+                if (mIsRemovable) {
+                    // For removable panels, the button displays text for removing the panel.
+                    mParentCategory.uninstall(this);
+                } else {
+                    // Otherwise, the button toggles between text for showing or hiding the panel.
+                    ((PanelsPreferenceCategory) mParentCategory).setHidden(this, !mIsHidden);
+                }
                 break;
 
             default:
@@ -99,8 +110,10 @@ public class PanelsPreference extends CustomListPreference {
         super.configureShownDialog();
 
         // Handle Show/Hide buttons.
-        final TextView hideButton = (TextView) mDialog.getListView().getChildAt(INDEX_SHOW_BUTTON);
-        hideButton.setText(mIsHidden ? LABEL_SHOW : LABEL_HIDE);
+        if (!mIsRemovable) {
+            final TextView hideButton = (TextView) mDialog.getListView().getChildAt(INDEX_DISPLAY_BUTTON);
+            hideButton.setText(mIsHidden ? LABEL_SHOW : LABEL_HIDE);
+        }
     }
 
     public void setHidden(boolean toHide) {
diff --git a/mobile/android/base/preferences/PanelsPreferenceCategory.java b/mobile/android/base/preferences/PanelsPreferenceCategory.java
index b5f2cffadd34..e5c4d8ed962f 100644
--- a/mobile/android/base/preferences/PanelsPreferenceCategory.java
+++ b/mobile/android/base/preferences/PanelsPreferenceCategory.java
@@ -86,8 +86,10 @@ public class PanelsPreferenceCategory extends CustomListCategory {
 
     private void displayHomeConfig(HomeConfig.State configState) {
         for (PanelConfig panelConfig : configState) {
+            final boolean isRemovable = panelConfig.isDynamic();
+
             // Create and add the pref.
-            final PanelsPreference pref = new PanelsPreference(getContext(), PanelsPreferenceCategory.this);
+            final PanelsPreference pref = new PanelsPreference(getContext(), PanelsPreferenceCategory.this, isRemovable);
             pref.setTitle(panelConfig.getTitle());
             pref.setKey(panelConfig.getId());
             // XXX: Pull icon from PanelInfo.
diff --git a/mobile/android/base/preferences/SearchEnginePreference.java b/mobile/android/base/preferences/SearchEnginePreference.java
index f17dbd88b600..3c0ef44e46ae 100644
--- a/mobile/android/base/preferences/SearchEnginePreference.java
+++ b/mobile/android/base/preferences/SearchEnginePreference.java
@@ -14,7 +14,6 @@ import org.mozilla.gecko.widget.FaviconView;
 
 import android.app.AlertDialog;
 import android.content.Context;
-import android.content.res.Resources;
 import android.graphics.Bitmap;
 import android.graphics.drawable.BitmapDrawable;
 import android.text.SpannableString;
@@ -66,10 +65,9 @@ public class SearchEnginePreference extends CustomListPreference {
      * Returns the strings to be displayed in the dialog.
      */
     @Override
-    protected String[] getDialogStrings() {
-        Resources res = getContext().getResources();
+    protected String[] createDialogItems() {
         return new String[] { LABEL_SET_AS_DEFAULT,
-                              res.getString(R.string.pref_dialog_remove) };
+                              LABEL_REMOVE };
     }
 
     @Override
diff --git a/mobile/android/base/sqlite/SQLiteBridge.java b/mobile/android/base/sqlite/SQLiteBridge.java
index afdc8db7f525..023774015035 100644
--- a/mobile/android/base/sqlite/SQLiteBridge.java
+++ b/mobile/android/base/sqlite/SQLiteBridge.java
@@ -13,6 +13,7 @@ import android.util.Log;
 import org.mozilla.gecko.mozglue.RobocopTarget;
 
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.Map.Entry;
 
 /*
@@ -200,9 +201,7 @@ public class SQLiteBridge {
         if (!TextUtils.isEmpty(whereClause)) {
             sb.append(" WHERE ");
             sb.append(whereClause);
-            for (int i = 0; i < whereArgs.length; i++) {
-                valueNames.add(whereArgs[i]);
-            }
+            valueNames.addAll(Arrays.asList(whereArgs));
         }
 
         String[] binds = new String[valueNames.size()];
diff --git a/mobile/android/base/sync/repositories/android/FormHistoryRepositorySession.java b/mobile/android/base/sync/repositories/android/FormHistoryRepositorySession.java
index 8a9eab5856e3..ebf9b7f01880 100644
--- a/mobile/android/base/sync/repositories/android/FormHistoryRepositorySession.java
+++ b/mobile/android/base/sync/repositories/android/FormHistoryRepositorySession.java
@@ -5,6 +5,7 @@
 package org.mozilla.gecko.sync.repositories.android;
 
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.List;
 import java.util.concurrent.Callable;
 
@@ -313,9 +314,9 @@ public class FormHistoryRepositorySession extends
       }
     };
 
-    ArrayList<Callable<Cursor>> callableCursors = new ArrayList<Callable<Cursor>>();
-    callableCursors.add(regularCallable);
-    callableCursors.add(deletedCallable);
+    @SuppressWarnings("unchecked")
+    List<Callable<Cursor>> callableCursors = Arrays.asList(regularCallable, deletedCallable);
+
     fetchHelper(delegate, sharedEnd, callableCursors);
   }
 
@@ -348,9 +349,9 @@ public class FormHistoryRepositorySession extends
       }
     };
 
-    ArrayList<Callable<Cursor>> callableCursors = new ArrayList<Callable<Cursor>>();
-    callableCursors.add(regularCallable);
-    callableCursors.add(deletedCallable);
+    @SuppressWarnings("unchecked")
+    List<Callable<Cursor>> callableCursors = Arrays.asList(regularCallable, deletedCallable);
+
     fetchHelper(delegate, sharedEnd, callableCursors);
   }
 
diff --git a/mobile/android/base/sync/setup/activities/SendTabData.java b/mobile/android/base/sync/setup/activities/SendTabData.java
index 2359a2d6a8af..74b972ad5c27 100644
--- a/mobile/android/base/sync/setup/activities/SendTabData.java
+++ b/mobile/android/base/sync/setup/activities/SendTabData.java
@@ -5,6 +5,7 @@
 package org.mozilla.gecko.sync.setup.activities;
 
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.List;
 
 import android.content.Intent;
@@ -50,10 +51,7 @@ public class SendTabData {
 
     // For URL, take first URL from EXTRA_TEXT, EXTRA_SUBJECT, and EXTRA_TITLE
     // (in that order).
-    List<String> strings = new ArrayList<String>();
-    strings.add(text);
-    strings.add(subject);
-    strings.add(title);
+    List<String> strings = Arrays.asList(text, subject, title);
     String theUri = new WebURLFinder(strings).bestWebURL();
 
     return new SendTabData(theTitle, theUri);
diff --git a/mobile/android/base/tests/UITest.java b/mobile/android/base/tests/UITest.java
index 7e4722739335..b42959d9ef4a 100644
--- a/mobile/android/base/tests/UITest.java
+++ b/mobile/android/base/tests/UITest.java
@@ -44,6 +44,9 @@ abstract class UITest extends ActivityInstrumentationTestCase2<Activity>
     private static final String LAUNCHER_ACTIVITY = TestConstants.ANDROID_PACKAGE_NAME + ".App";
     private static final String TARGET_PACKAGE_ID = "org.mozilla.gecko";
 
+    private static final String JUNIT_FAILURE_MSG = "A JUnit method was called. Make sure " +
+        "you are using AssertionHelper to make assertions. Try `fAssert*(...);`";
+
     private final static Class<Activity> sLauncherActivityClass;
 
     private Activity mActivity;
@@ -226,4 +229,63 @@ abstract class UITest extends ActivityInstrumentationTestCase2<Activity>
 
         return intent;
     }
+
+    /**
+     * Throws an Exception. Called from overridden JUnit methods to ensure JUnit assertions
+     * are not accidentally used over AssertionHelper assertions (the latter of which contains
+     * additional logging facilities for use in our test harnesses).
+     */
+    private static void junit() {
+        throw new UnsupportedOperationException(JUNIT_FAILURE_MSG);
+    }
+
+    // Note: inexplicably, javac does not think we're overriding these methods,
+    // so we can't use the @Override annotation.
+    public static void assertEquals(short e, short a) { junit(); }
+    public static void assertEquals(String m, int e, int a) { junit(); }
+    public static void assertEquals(String m, short e, short a) { junit(); }
+    public static void assertEquals(char e, char a) { junit(); }
+    public static void assertEquals(String m, String e, String a) { junit(); }
+    public static void assertEquals(int e, int a) { junit(); }
+    public static void assertEquals(String m, double e, double a, double delta) { junit(); }
+    public static void assertEquals(String m, long e, long a) { junit(); }
+    public static void assertEquals(byte e, byte a) { junit(); }
+    public static void assertEquals(Object e, Object a) { junit(); }
+    public static void assertEquals(boolean e, boolean a) { junit(); }
+    public static void assertEquals(String m, float e, float a, float delta) { junit(); }
+    public static void assertEquals(String m, boolean e, boolean a) { junit(); }
+    public static void assertEquals(String e, String a) { junit(); }
+    public static void assertEquals(float e, float a, float delta) { junit(); }
+    public static void assertEquals(String m, byte e, byte a) { junit(); }
+    public static void assertEquals(double e, double a, double delta) { junit(); }
+    public static void assertEquals(String m, char e, char a) { junit(); }
+    public static void assertEquals(String m, Object e, Object a) { junit(); }
+    public static void assertEquals(long e, long a) { junit(); }
+
+    public static void assertFalse(String m, boolean c) { junit(); }
+    public static void assertFalse(boolean c) { junit(); }
+
+    public static void assertNotNull(String m, Object o) { junit(); }
+    public static void assertNotNull(Object o) { junit(); }
+
+    public static void assertNotSame(Object e, Object a) { junit(); }
+    public static void assertNotSame(String m, Object e, Object a) { junit(); }
+
+    public static void assertNull(Object o) { junit(); }
+    public static void assertNull(String m, Object o) { junit(); }
+
+    public static void assertSame(Object e, Object a) { junit(); }
+    public static void assertSame(String m, Object e, Object a) { junit(); }
+
+    public static void assertTrue(String m, boolean c) { junit(); }
+    public static void assertTrue(boolean c) { junit(); }
+
+    public static void fail(String m) { junit(); }
+    public static void fail() { junit(); }
+
+    public static void failNotEquals(String m, Object e, Object a) { junit(); }
+    public static void failNotSame(String m, Object e, Object a) { junit(); }
+    public static void failSame(String m) { junit(); }
+
+    public static String format(String m, Object e, Object a) { junit(); return null; }
 }
diff --git a/mobile/android/base/tests/testInputConnection.java b/mobile/android/base/tests/testInputConnection.java
index 287a477af800..42a8857d740b 100644
--- a/mobile/android/base/tests/testInputConnection.java
+++ b/mobile/android/base/tests/testInputConnection.java
@@ -75,10 +75,10 @@ public class testInputConnection extends UITest {
             assertTextAndSelectionAt("Can finish composition", ic, "foobar", 6);
 
             // Test getTextBeforeCursor
-            assertEquals("Can retrieve text before cursor", "bar", ic.getTextBeforeCursor(3, 0));
+            fAssertEquals("Can retrieve text before cursor", "bar", ic.getTextBeforeCursor(3, 0));
 
             // Test getTextAfterCursor
-            assertEquals("Can retrieve text after cursor", "", ic.getTextAfterCursor(3, 0));
+            fAssertEquals("Can retrieve text after cursor", "", ic.getTextAfterCursor(3, 0));
         }
     }
 }
diff --git a/mobile/android/chrome/content/browser.js b/mobile/android/chrome/content/browser.js
index 32b9c6226b49..6086ddd1b084 100644
--- a/mobile/android/chrome/content/browser.js
+++ b/mobile/android/chrome/content/browser.js
@@ -7100,7 +7100,7 @@ var WebappsUI = {
             );
           }
         );
-      }
+      });
     } else {
       DOMApplicationRegistry.denyInstall(aData);
     }
diff --git a/mobile/android/components/HelperAppDialog.js b/mobile/android/components/HelperAppDialog.js
index cdd9cf304ad2..a8c246560c28 100644
--- a/mobile/android/components/HelperAppDialog.js
+++ b/mobile/android/components/HelperAppDialog.js
@@ -5,13 +5,15 @@
 
 const { classes: Cc, interfaces: Ci, utils: Cu, results: Cr } = Components;
 
+const APK_MIME_TYPE = "application/vnd.android.package-archive";
 const PREF_BD_USEDOWNLOADDIR = "browser.download.useDownloadDir";
 const URI_GENERIC_ICON_DOWNLOAD = "drawable://alert_download";
 
-Cu.import("resource://gre/modules/XPCOMUtils.jsm");
-Cu.import("resource://gre/modules/Services.jsm");
-Cu.import("resource://gre/modules/Prompt.jsm");
+Cu.import("resource://gre/modules/FileUtils.jsm");
 Cu.import("resource://gre/modules/HelperApps.jsm");
+Cu.import("resource://gre/modules/Prompt.jsm");
+Cu.import("resource://gre/modules/Services.jsm");
+Cu.import("resource://gre/modules/XPCOMUtils.jsm");
 
 // -----------------------------------------------------------------------
 // HelperApp Launcher Dialog
@@ -23,7 +25,110 @@ HelperAppLauncherDialog.prototype = {
   classID: Components.ID("{e9d277a0-268a-4ec2-bb8c-10fdf3e44611}"),
   QueryInterface: XPCOMUtils.generateQI([Ci.nsIHelperAppLauncherDialog]),
 
+  getNativeWindow: function () {
+    try {
+      let win = Services.wm.getMostRecentWindow("navigator:browser");
+      if (win && win.NativeWindow) {
+        return win.NativeWindow;
+      }
+    } catch (e) {
+    }
+    return null;
+  },
+
+  /**
+   * Returns false if `url` represents a local or special URL that we don't
+   * wish to ever download.
+   *
+   * Returns true otherwise.
+   */
+  _canDownload: function (url, alreadyResolved=false) {
+    Services.console.logStringMessage("_canDownload: " + url);
+    // The common case.
+    if (url.schemeIs("http") ||
+        url.schemeIs("https") ||
+        url.schemeIs("ftp")) {
+      Services.console.logStringMessage("_canDownload: true\n");
+      return true;
+    }
+
+    // The less-common opposite case.
+    if (url.schemeIs("chrome") ||
+        url.schemeIs("jar") ||
+        url.schemeIs("resource") ||
+        url.schemeIs("wyciwyg")) {
+      Services.console.logStringMessage("_canDownload: false\n");
+      return false;
+    }
+
+    // For all other URIs, try to resolve them to an inner URI, and check that.
+    if (!alreadyResolved) {
+      let ioSvc = Cc["@mozilla.org/network/io-service;1"].getService(Components.interfaces.nsIIOService);
+      let innerURI = ioSvc.newChannelFromURI(url).URI;
+      if (!url.equals(innerURI)) {
+        Services.console.logStringMessage("_canDownload: recursing.\n");
+        return this._canDownload(innerURI, true);
+      }
+    }
+
+    if (url.schemeIs("file")) {
+      // If it's in our app directory or profile directory, we never ever
+      // want to do anything with it, including saving to disk or passing the
+      // file to another application.
+      let file = url.QueryInterface(Ci.nsIFileURL).file;
+
+      // TODO: pref blacklist?
+
+      let appRoot = FileUtils.getFile("XREExeF", []);
+      if (appRoot.contains(file, true)) {
+        Services.console.logStringMessage("_canDownload: appRoot.\n");
+        return false;
+      }
+
+      let profileRoot = FileUtils.getFile("ProfD", []);
+      if (profileRoot.contains(file, true)) {
+        Services.console.logStringMessage("_canDownload: prof dir.\n");
+        return false;
+      }
+
+      Services.console.logStringMessage("_canDownload: safe.\n");
+      return true;
+    }
+
+    // Anything else is fine to download.
+    return true;
+  },
+
+  /**
+   * Returns true if `launcher` represents a download for which we wish
+   * to prompt.
+   */
+  _shouldPrompt: function (launcher) {
+    let mimeType = this._getMimeTypeFromLauncher(launcher);
+
+    // Straight equality: nsIMIMEInfo normalizes.
+    return APK_MIME_TYPE == mimeType;
+  },
+
   show: function hald_show(aLauncher, aContext, aReason) {
+    if (!this._canDownload(aLauncher.source)) {
+      aLauncher.cancel(Cr.NS_BINDING_ABORTED);
+
+      let win = this.getNativeWindow();
+      if (!win) {
+        // Oops.
+        Services.console.logStringMessage("Refusing download, but can't show a toast.");
+        return;
+      }
+
+      Services.console.logStringMessage("Refusing download of non-downloadable file.");
+      let bundle = Services.strings.createBundle("chrome://browser/locale/handling.properties");
+      let failedText = bundle.GetStringFromName("protocol.failed");
+      win.toast.show(failedText, "long");
+
+      return;
+    }
+
     let bundle = Services.strings.createBundle("chrome://browser/locale/browser.properties");
 
     let defaultHandler = new Object();
@@ -31,13 +136,13 @@ HelperAppLauncherDialog.prototype = {
       mimeType: aLauncher.MIMEInfo.MIMEType,
     });
 
-    // Add a fake intent for save to disk at the top of the list
+    // Add a fake intent for save to disk at the top of the list.
     apps.unshift({
       name: bundle.GetStringFromName("helperapps.saveToDisk"),
       packageName: "org.mozilla.gecko.Download",
       iconUri: "drawable://icon",
       launch: function() {
-        // Reset the preferredAction here
+        // Reset the preferredAction here.
         aLauncher.MIMEInfo.preferredAction = Ci.nsIMIMEInfo.saveToDisk;
         aLauncher.saveToDisk(null, false);
         return true;
@@ -65,32 +170,38 @@ HelperAppLauncherDialog.prototype = {
       }
     }
 
-    if (apps.length > 1) {
-      HelperApps.prompt(apps, {
-        title: bundle.GetStringFromName("helperapps.pick"),
-        buttons: [
-          bundle.GetStringFromName("helperapps.alwaysUse"),
-          bundle.GetStringFromName("helperapps.useJustOnce")
-        ]
-      }, (data) => {
-        if (data.button < 0)
-          return;
-
-        callback(apps[data.icongrid0]);
-
-        if (data.button == 0)
-          this._setPreferredApp(aLauncher, apps[data.icongrid0]);
-      });
-    } else {
+    // If there's only one choice, and we don't want to prompt, go right ahead
+    // and choose that app automatically.
+    if (!this._shouldPrompt(aLauncher) && (apps.length === 1)) {
       callback(apps[0]);
+      return;
     }
+
+    // Otherwise, let's go through the prompt.
+    HelperApps.prompt(apps, {
+      title: bundle.GetStringFromName("helperapps.pick"),
+      buttons: [
+        bundle.GetStringFromName("helperapps.alwaysUse"),
+        bundle.GetStringFromName("helperapps.useJustOnce")
+      ]
+    }, (data) => {
+      if (data.button < 0) {
+        return;
+      }
+
+      callback(apps[data.icongrid0]);
+
+      if (data.button === 0) {
+        this._setPreferredApp(aLauncher, apps[data.icongrid0]);
+      }
+    });
   },
 
   _getPrefName: function getPrefName(mimetype) {
     return "browser.download.preferred." + mimetype.replace("\\", ".");
   },
 
-  _getMimeTypeFromLauncher: function getMimeTypeFromLauncher(launcher) {
+  _getMimeTypeFromLauncher: function (launcher) {
     let mime = launcher.MIMEInfo.MIMEType;
     if (!mime)
       mime = ContentAreaUtils.getMIMETypeForURI(launcher.source) || "";
@@ -105,7 +216,7 @@ HelperAppLauncherDialog.prototype = {
     try {
       return Services.prefs.getCharPref(this._getPrefName(mime));
     } catch(ex) {
-      Services.console.logStringMessage("Error getting pref for " + mime + " " + ex);
+      Services.console.logStringMessage("Error getting pref for " + mime + ".");
     }
     return null;
   },
diff --git a/mobile/android/tests/background/junit3/src/nativecode/test/TestNativeCrypto.java b/mobile/android/tests/background/junit3/src/nativecode/test/TestNativeCrypto.java
index a9edb0efbe81..d24f28491414 100644
--- a/mobile/android/tests/background/junit3/src/nativecode/test/TestNativeCrypto.java
+++ b/mobile/android/tests/background/junit3/src/nativecode/test/TestNativeCrypto.java
@@ -5,15 +5,23 @@ package org.mozilla.gecko.background.nativecode.test;
 
 import java.io.UnsupportedEncodingException;
 import java.security.GeneralSecurityException;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.util.Arrays;
 
 import junit.framework.TestCase;
 
 import org.mozilla.gecko.background.nativecode.NativeCrypto;
 import org.mozilla.gecko.sync.Utils;
 
-// Test vectors from
-// SHA-256: <https://github.com/ircmaxell/PHP-PasswordLib/blob/master/test/Data/Vectors/pbkdf2-draft-josefsson-sha256.test-vectors>
-//          <https://gitorious.org/scrypt/nettle-scrypt/blobs/37c0d5288e991604fe33dba2f1724986a8dddf56/testsuite/pbkdf2-test.c>
+/*
+ * Tests the Java wrapper over native implementations of crypto code. Test vectors from:
+ *   * PBKDF2SHA256:
+ *     - <https://github.com/ircmaxell/PHP-PasswordLib/blob/master/test/Data/Vectors/pbkdf2-draft-josefsson-sha256.test-vectors>
+ *     - <https://gitorious.org/scrypt/nettle-scrypt/blobs/37c0d5288e991604fe33dba2f1724986a8dddf56/testsuite/pbkdf2-test.c>
+ *   * SHA-1:
+ *     - <http://oauth.googlecode.com/svn/code/c/liboauth/src/sha1.c>
+ */
 public class TestNativeCrypto extends TestCase {
 
   public final void testPBKDF2SHA256A() throws UnsupportedEncodingException, GeneralSecurityException {
@@ -72,6 +80,71 @@ public class TestNativeCrypto extends TestCase {
     checkPBKDF2SHA256("password", "salt", 80000, 32, null);
   }
 
+  public final void testPBKDF2SHA256InvalidLenArg() throws UnsupportedEncodingException, GeneralSecurityException {
+    final String p = "password";
+    final String s = "salt";
+    final int c = 1;
+    final int dkLen = -1; // Should always be positive.
+
+    try {
+      NativeCrypto.pbkdf2SHA256(p.getBytes("US-ASCII"), s.getBytes("US-ASCII"), c, dkLen);
+      fail("Expected sha256 to throw with negative dkLen argument.");
+    } catch (IllegalArgumentException e) { } // Expected.
+  }
+
+  public final void testSHA1() throws UnsupportedEncodingException {
+    final String[] inputs = new String[] {
+      "abc",
+      "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+      "" // To be filled in below.
+    };
+    final String baseStr = "01234567";
+    final int repetitions = 80;
+    final StringBuilder builder = new StringBuilder(baseStr.length() * repetitions);
+    for (int i = 0; i < 80; ++i) {
+      builder.append(baseStr);
+    }
+    inputs[2] = builder.toString();
+
+    final String[] expecteds = new String[] {
+      "a9993e364706816aba3e25717850c26c9cd0d89d",
+      "84983e441c3bd26ebaae4aa1f95129e5e54670f1",
+      "dea356a2cddd90c7a7ecedc5ebb563934f460452"
+    };
+
+    for (int i = 0; i < inputs.length; ++i) {
+      final byte[] input = inputs[i].getBytes("US-ASCII");
+      final String expected = expecteds[i];
+
+      final byte[] actual = NativeCrypto.sha1(input);
+      assertNotNull("Hashed value is non-null", actual);
+      assertExpectedBytes(expected, actual);
+    }
+  }
+
+  /**
+   * Test to ensure the output of our SHA1 algo is the same as MessageDigest's. This is important
+   * because we intend to replace MessageDigest in FHR with this SHA-1 algo (bug 959652).
+   */
+  public final void testSHA1AgainstMessageDigest() throws UnsupportedEncodingException,
+      NoSuchAlgorithmException {
+    final String[] inputs = {
+      "password",
+      "saranghae",
+      "aoeusnthaoeusnthaoeusnth \0 12345098765432109876_!"
+    };
+
+    final MessageDigest digest = MessageDigest.getInstance("SHA-1");
+    for (final String input : inputs) {
+      final byte[] inputBytes = input.getBytes("US-ASCII");
+
+      final byte[] mdBytes = digest.digest(inputBytes);
+      final byte[] ourBytes = NativeCrypto.sha1(inputBytes);
+      assertTrue("MessageDigest hash is the same as NativeCrypto SHA-1 hash",
+          Arrays.equals(ourBytes, mdBytes));
+    }
+  }
+
   private void checkPBKDF2SHA256(String p, String s, int c, int dkLen,
                                 final String expectedStr)
                                                     throws GeneralSecurityException, UnsupportedEncodingException {
diff --git a/services/sync/modules/browserid_identity.js b/services/sync/modules/browserid_identity.js
index 467e69a9b1a7..914213bf3de1 100644
--- a/services/sync/modules/browserid_identity.js
+++ b/services/sync/modules/browserid_identity.js
@@ -516,6 +516,7 @@ this.BrowserIDManager.prototype = {
         this._shouldHaveSyncKeyBundle = true;
         this._syncKeyBundle = null;
         Weave.Status.login = this._authFailureReason;
+        Services.obs.notifyObservers(null, "weave:service:login:error", null);
         throw err;
       });
   },
diff --git a/toolkit/components/crashes/CrashManager.jsm b/toolkit/components/crashes/CrashManager.jsm
index 4669818dd80d..14da9a625afe 100644
--- a/toolkit/components/crashes/CrashManager.jsm
+++ b/toolkit/components/crashes/CrashManager.jsm
@@ -462,6 +462,11 @@ this.CrashManager.prototype = Object.freeze({
   _getStore: function () {
     return Task.spawn(function* () {
       if (!this._store) {
+        yield OS.File.makeDir(this._storeDir, {
+          ignoreExisting: true,
+          unixMode: OS.Constants.libc.S_IRWXU,
+        });
+
         let store = new CrashStore(this._storeDir, this._telemetryStoreSizeKey);
         yield store.load();
 
diff --git a/toolkit/components/crashes/CrashManagerTest.jsm b/toolkit/components/crashes/CrashManagerTest.jsm
index 34125b987d71..c096b5c6ce00 100644
--- a/toolkit/components/crashes/CrashManagerTest.jsm
+++ b/toolkit/components/crashes/CrashManagerTest.jsm
@@ -134,9 +134,14 @@ this.getManager = function () {
     const dirMode = OS.Constants.libc.S_IRWXU;
     let baseFile = OS.Constants.Path.profileDir;
 
-    function makeDir() {
+    function makeDir(create=true) {
       return Task.spawn(function* () {
         let path = OS.Path.join(baseFile, "dummy-dir-" + DUMMY_DIR_COUNT++);
+
+        if (!create) {
+          return path;
+        }
+
         dump("Creating directory: " + path + "\n");
         yield OS.File.makeDir(path, {unixMode: dirMode});
 
@@ -148,7 +153,10 @@ this.getManager = function () {
     let submittedD = yield makeDir();
     let eventsD1 = yield makeDir();
     let eventsD2 = yield makeDir();
-    let storeD = yield makeDir();
+
+    // Store directory is created at run-time if needed. Ensure those code
+    // paths are triggered.
+    let storeD = yield makeDir(false);
 
     let m = new TestingCrashManager({
       pendingDumpsDir: pendingD,
diff --git a/toolkit/components/jsdownloads/src/DownloadCore.jsm b/toolkit/components/jsdownloads/src/DownloadCore.jsm
index d651e3bfe22f..04aa304f005b 100644
--- a/toolkit/components/jsdownloads/src/DownloadCore.jsm
+++ b/toolkit/components/jsdownloads/src/DownloadCore.jsm
@@ -363,19 +363,22 @@ this.Download.prototype = {
 
     // This function propagates progress from the DownloadSaver object, unless
     // it comes in late from a download attempt that was replaced by a new one.
+    // If the cancellation process for the download has started, then the update
+    // is ignored.
     function DS_setProgressBytes(aCurrentBytes, aTotalBytes, aHasPartialData)
     {
-      if (this._currentAttempt == currentAttempt || !this._currentAttempt) {
+      if (this._currentAttempt == currentAttempt) {
         this._setBytes(aCurrentBytes, aTotalBytes, aHasPartialData);
       }
     }
 
     // This function propagates download properties from the DownloadSaver
     // object, unless it comes in late from a download attempt that was
-    // replaced by a new one.
+    // replaced by a new one.  If the cancellation process for the download has
+    // started, then the update is ignored.
     function DS_setProperties(aOptions)
     {
-      if (this._currentAttempt && this._currentAttempt != currentAttempt) {
+      if (this._currentAttempt != currentAttempt) {
         return;
       }
 
@@ -2053,10 +2056,16 @@ this.DownloadLegacySaver.prototype = {
             Cu.reportError(e2);
           }
         }
+        // In case the operation failed, ensure we stop downloading data.  Since
+        // we never re-enter this function, deferCanceled is always available.
+        this.deferCanceled.resolve();
         throw ex;
       } finally {
-        // We don't need the reference to the request anymore.
+        // We don't need the reference to the request anymore.  We must also set
+        // deferCanceled to null in order to free any indirect references it
+        // may hold to the request.
         this.request = null;
+        this.deferCanceled = null;
         // Allow the download to restart through a DownloadCopySaver.
         this.firstExecutionFinished = true;
       }
@@ -2073,8 +2082,12 @@ this.DownloadLegacySaver.prototype = {
       return this.copySaver.cancel.apply(this.copySaver, arguments);
     }
 
-    // Cancel the operation as soon as the object is connected.
-    this.deferCanceled.resolve();
+    // If the download hasn't stopped already, resolve deferCanceled so that the
+    // operation is canceled as soon as a cancellation handler is registered.
+    // Note that the handler might not have been registered yet.
+    if (this.deferCanceled) {
+      this.deferCanceled.resolve();
+    }
   },
 
   /**
diff --git a/toolkit/components/jsdownloads/src/DownloadLegacy.js b/toolkit/components/jsdownloads/src/DownloadLegacy.js
index d8498f4186e4..1a3ba9bf82b3 100644
--- a/toolkit/components/jsdownloads/src/DownloadLegacy.js
+++ b/toolkit/components/jsdownloads/src/DownloadLegacy.js
@@ -99,7 +99,8 @@ DownloadLegacyTransfer.prototype = {
         // To handle asynchronous cancellation properly, we should hook up the
         // handler only after we have been notified that the main request
         // started.  We will wait until the main request stopped before
-        // notifying that the download has been canceled.
+        // notifying that the download has been canceled.  Since the request has
+        // not completed yet, deferCanceled is guaranteed to be set.
         return download.saver.deferCanceled.promise.then(() => {
           // Only cancel if the object executing the download is still running.
           if (this._cancelable && !this._componentFailed) {
@@ -224,11 +225,8 @@ DownloadLegacyTransfer.prototype = {
         aDownload.tryToKeepPartialData = true;
       }
 
-      // Start the download before allowing it to be controlled.
-      aDownload.start().then(null, function () {
-        // In case the operation failed, ensure we stop downloading data.
-        aDownload.saver.deferCanceled.resolve();
-      });
+      // Start the download before allowing it to be controlled.  Ignore errors.
+      aDownload.start().then(null, () => {});
 
       // Start processing all the other events received through nsITransfer.
       this._deferDownload.resolve(aDownload);
diff --git a/toolkit/devtools/client/dbg-client.jsm b/toolkit/devtools/client/dbg-client.jsm
index 8a615b2cc8c9..6a12ecbfae6e 100644
--- a/toolkit/devtools/client/dbg-client.jsm
+++ b/toolkit/devtools/client/dbg-client.jsm
@@ -449,7 +449,8 @@ DebuggerClient.prototype = {
       let cachedTab = this._tabClients.get(aTabActor);
       let cachedResponse = {
         cacheEnabled: cachedTab.cacheEnabled,
-        javascriptEnabled: cachedTab.javascriptEnabled
+        javascriptEnabled: cachedTab.javascriptEnabled,
+        traits: cachedTab.traits,
       };
       setTimeout(() => aOnResponse(cachedResponse, cachedTab), 0);
       return;
@@ -519,7 +520,7 @@ DebuggerClient.prototype = {
         if (this._consoleClients.has(aConsoleActor)) {
           consoleClient = this._consoleClients.get(aConsoleActor);
         } else {
-          consoleClient = new WebConsoleClient(this, aConsoleActor);
+          consoleClient = new WebConsoleClient(this, aResponse);
           this._consoleClients.set(aConsoleActor, consoleClient);
         }
       }
@@ -984,6 +985,7 @@ function TabClient(aClient, aForm) {
   this.cacheEnabled = aForm.cacheEnabled;
   this.thread = null;
   this.request = this.client.request;
+  this.traits = aForm.traits || {};
 }
 
 TabClient.prototype = {
diff --git a/toolkit/devtools/server/actors/childtab.js b/toolkit/devtools/server/actors/childtab.js
index 84870aaebb25..ae7c6519a6b1 100644
--- a/toolkit/devtools/server/actors/childtab.js
+++ b/toolkit/devtools/server/actors/childtab.js
@@ -24,6 +24,7 @@ function ContentActor(connection, chromeGlobal)
 {
   TabActor.call(this, connection, chromeGlobal);
   this._chromeGlobal = chromeGlobal;
+  this.traits.reconfigure = false;
 }
 
 ContentActor.prototype = Object.create(TabActor.prototype);
diff --git a/toolkit/devtools/server/actors/highlighter.js b/toolkit/devtools/server/actors/highlighter.js
index b28b1561c3d7..23f8419d60aa 100644
--- a/toolkit/devtools/server/actors/highlighter.js
+++ b/toolkit/devtools/server/actors/highlighter.js
@@ -83,7 +83,7 @@ let HighlighterActor = protocol.ActorClass({
    * outline highlighter for instance does not scrollIntoView
    */
   showBoxModel: method(function(node, options={}) {
-    if (this._isNodeValidForHighlighting(node.rawNode)) {
+    if (node && this._isNodeValidForHighlighting(node.rawNode)) {
       this._boxModelHighlighter.show(node.rawNode, options);
     } else {
       this._boxModelHighlighter.hide();
diff --git a/toolkit/devtools/server/actors/inspector.js b/toolkit/devtools/server/actors/inspector.js
index bfc8f42ddb69..c0df9c66df21 100644
--- a/toolkit/devtools/server/actors/inspector.js
+++ b/toolkit/devtools/server/actors/inspector.js
@@ -2050,14 +2050,54 @@ var WalkerActor = protocol.ActorClass({
     this.releaseNode(documentActor, { force: true });
   },
 
+  /**
+   * Check if a node is attached to the DOM tree of the current page.
+   * @param {nsIDomNode} rawNode
+   * @return {Boolean} false if the node is removed from the tree or within a
+   * document fragment
+   */
+  _isInDOMTree: function(rawNode) {
+    let walker = documentWalker(rawNode, this.rootWin);
+    let current = walker.currentNode;
+
+    // Reaching the top of tree
+    while (walker.parentNode()) {
+      current = walker.currentNode;
+    }
+
+    // The top of the tree is a fragment or is not rootDoc, hence rawNode isn't
+    // attached
+    if (current.nodeType === Ci.nsIDOMNode.DOCUMENT_FRAGMENT_NODE ||
+        current !== this.rootDoc) {
+      return false;
+    }
+
+    // Otherwise the top of the tree is rootDoc, hence rawNode is in rootDoc
+    return true;
+  },
+
+  /**
+   * @see _isInDomTree
+   */
+  isInDOMTree: method(function(node) {
+    return node ? this._isInDOMTree(node.rawNode) : false;
+  }, {
+    request: { node: Arg(0, "domnode") },
+    response: { attached: RetVal("boolean") }
+  }),
+
   /**
    * Given an ObjectActor (identified by its ID), commonly used in the debugger,
    * webconsole and variablesView, return the corresponding inspector's NodeActor
    */
   getNodeActorFromObjectActor: method(function(objectActorID) {
-    let debuggerObject = this.conn.poolFor(objectActorID).get(objectActorID).obj;
+    let debuggerObject = this.conn.getActor(objectActorID).obj;
     let rawNode = debuggerObject.unsafeDereference();
 
+    if (!this._isInDOMTree(rawNode)) {
+      return null;
+    }
+
     // This is a special case for the document object whereby it is considered
     // as document.documentElement (the <html> node)
     if (rawNode.defaultView && rawNode === rawNode.defaultView.document) {
@@ -2070,7 +2110,7 @@ var WalkerActor = protocol.ActorClass({
       objectActorID: Arg(0, "string")
     },
     response: {
-      nodeFront: RetVal("disconnectedNode")
+      nodeFront: RetVal("nullable:disconnectedNode")
     }
   }),
 });
@@ -2208,7 +2248,7 @@ var WalkerFront = exports.WalkerFront = protocol.FrontClass(WalkerActor, {
 
   getNodeActorFromObjectActor: protocol.custom(function(objectActorID) {
     return this._getNodeActorFromObjectActor(objectActorID).then(response => {
-      return response.node;
+      return response ? response.node : null;
     });
   }, {
     impl: "_getNodeActorFromObjectActor"
diff --git a/toolkit/devtools/server/actors/root.js b/toolkit/devtools/server/actors/root.js
index 38351a7ea884..478d18d8db07 100644
--- a/toolkit/devtools/server/actors/root.js
+++ b/toolkit/devtools/server/actors/root.js
@@ -183,7 +183,8 @@ RootActor.prototype = {
         // Wether the inspector actor implements the getImageDataFromURL
         // method that returns data-uris for image URLs. This is used for image
         // tooltips for instance
-        urlToImageDataResolver: true
+        urlToImageDataResolver: true,
+        networkMonitor: true,
       }
     };
   },
diff --git a/toolkit/devtools/server/actors/webapps.js b/toolkit/devtools/server/actors/webapps.js
index 21dca8f72455..dc771c247bba 100644
--- a/toolkit/devtools/server/actors/webapps.js
+++ b/toolkit/devtools/server/actors/webapps.js
@@ -10,6 +10,14 @@ let Ci = Components.interfaces;
 let CC = Components.Constructor;
 
 Cu.import("resource://gre/modules/osfile.jsm");
+Cu.import("resource://gre/modules/XPCOMUtils.jsm");
+
+let {devtools} = Cu.import("resource://gre/modules/devtools/Loader.jsm", {});
+
+XPCOMUtils.defineLazyGetter(this, "NetworkMonitorManager", () => {
+  return devtools.require("devtools/toolkit/webconsole/network-monitor")
+         .NetworkMonitorManager;
+});
 
 let promise;
 
@@ -822,13 +830,19 @@ WebappsActor.prototype = {
                        .frameLoader
                        .messageManager;
       let actor = map.get(mm);
+      let netMonitor = null;
       if (!actor) {
         let onConnect = actor => {
           map.set(mm, actor);
+          netMonitor = new NetworkMonitorManager(appFrame);
           return { actor: actor };
         };
         let onDisconnect = mm => {
           map.delete(mm);
+          if (netMonitor) {
+            netMonitor.destroy();
+            netMonitor = null;
+          }
         };
         return DebuggerServer.connectToChild(this.conn, mm, onDisconnect)
                              .then(onConnect);
diff --git a/toolkit/devtools/server/actors/webbrowser.js b/toolkit/devtools/server/actors/webbrowser.js
index d0adf2003e15..1ead3b8ac37d 100644
--- a/toolkit/devtools/server/actors/webbrowser.js
+++ b/toolkit/devtools/server/actors/webbrowser.js
@@ -494,12 +494,16 @@ function TabActor(aConnection, aChromeEventHandler)
   this._extraActors = {};
 
   this._onWindowCreated = this.onWindowCreated.bind(this);
+
+  this.traits = { reconfigure: true };
 }
 
 // XXX (bug 710213): TabActor attach/detach/exit/disconnect is a
 // *complete* mess, needs to be rethought asap.
 
 TabActor.prototype = {
+  traits: null,
+
   get exited() { return !this._chromeEventHandler; },
   get attached() { return !!this._attached; },
 
@@ -735,7 +739,8 @@ TabActor.prototype = {
       type: "tabAttached",
       threadActor: this.threadActor.actorID,
       cacheEnabled: this._getCacheEnabled(),
-      javascriptEnabled: this._getJavascriptEnabled()
+      javascriptEnabled: this._getJavascriptEnabled(),
+      traits: this.traits,
     };
   },
 
diff --git a/toolkit/devtools/server/actors/webconsole.js b/toolkit/devtools/server/actors/webconsole.js
index 9904bd35bb33..156aec5ecc4c 100644
--- a/toolkit/devtools/server/actors/webconsole.js
+++ b/toolkit/devtools/server/actors/webconsole.js
@@ -16,10 +16,21 @@ let devtools = Cu.import("resource://gre/modules/devtools/Loader.jsm", {}).devto
 
 XPCOMUtils.defineLazyModuleGetter(this, "Services",
                                   "resource://gre/modules/Services.jsm");
+XPCOMUtils.defineLazyGetter(this, "NetworkMonitor", () => {
+  return devtools.require("devtools/toolkit/webconsole/network-monitor")
+         .NetworkMonitor;
+});
+XPCOMUtils.defineLazyGetter(this, "NetworkMonitorChild", () => {
+  return devtools.require("devtools/toolkit/webconsole/network-monitor")
+         .NetworkMonitorChild;
+});
+XPCOMUtils.defineLazyGetter(this, "ConsoleProgressListener", () => {
+  return devtools.require("devtools/toolkit/webconsole/network-monitor")
+         .ConsoleProgressListener;
+});
 
 for (let name of ["WebConsoleUtils", "ConsoleServiceListener",
-                  "ConsoleAPIListener", "ConsoleProgressListener",
-                  "JSTermHelpers", "JSPropertyProvider", "NetworkMonitor",
+                  "ConsoleAPIListener", "JSTermHelpers", "JSPropertyProvider",
                   "ConsoleReflowListener"]) {
   Object.defineProperty(this, name, {
     get: function(prop) {
@@ -65,6 +76,10 @@ function WebConsoleActor(aConnection, aParentActor)
     Services.obs.addObserver(this._onObserverNotification,
                              "last-pb-context-exited", false);
   }
+
+  this.traits = {
+    customNetworkRequest: !this._parentIsContentActor,
+  };
 }
 
 WebConsoleActor.l10n = new WebConsoleUtils.l10n("chrome://global/locale/console.properties");
@@ -115,6 +130,23 @@ WebConsoleActor.prototype =
    */
   conn: null,
 
+  /**
+   * List of supported features by the console actor.
+   * @type object
+   */
+  traits: null,
+
+  /**
+   * Boolean getter that tells if the parent actor is a ContentActor.
+   *
+   * @private
+   * @type boolean
+   */
+  get _parentIsContentActor() {
+    return "ContentActor" in DebuggerServer &&
+            this.parentActor instanceof DebuggerServer.ContentActor;
+  },
+
   /**
    * The window we work with.
    * @type nsIDOMWindow
@@ -254,13 +286,6 @@ WebConsoleActor.prototype =
    */
   _jstermHelpersCache: null,
 
-  /**
-   * Getter for the NetworkMonitor.saveRequestAndResponseBodies preference.
-   * @type boolean
-   */
-  get saveRequestAndResponseBodies()
-    this._prefs["NetworkMonitor.saveRequestAndResponseBodies"] || null,
-
   actorPrefix: "console",
 
   grip: function WCA_grip()
@@ -477,6 +502,14 @@ WebConsoleActor.prototype =
   {
     let startedListeners = [];
     let window = !this.parentActor.isRootActor ? this.window : null;
+    let appId = null;
+    let messageManager = null;
+
+    if (this._parentIsContentActor) {
+      // Filter network requests by appId on Firefox OS devices.
+      appId = this.parentActor.docShell.appId;
+      messageManager = this.parentActor._chromeGlobal;
+    }
 
     while (aRequest.listeners.length > 0) {
       let listener = aRequest.listeners.shift();
@@ -499,8 +532,13 @@ WebConsoleActor.prototype =
           break;
         case "NetworkActivity":
           if (!this.networkMonitor) {
-            this.networkMonitor =
-              new NetworkMonitor(window, this);
+            if (appId && messageManager) {
+              this.networkMonitor =
+                new NetworkMonitorChild(appId, messageManager, this);
+            }
+            else {
+              this.networkMonitor = new NetworkMonitor({ window: window }, this);
+            }
             this.networkMonitor.init();
           }
           startedListeners.push(listener);
@@ -526,6 +564,7 @@ WebConsoleActor.prototype =
     return {
       startedListeners: startedListeners,
       nativeConsoleAPI: this.hasNativeConsoleAPI(this.window),
+      traits: this.traits,
     };
   },
 
@@ -821,6 +860,11 @@ WebConsoleActor.prototype =
   {
     for (let key in aRequest.preferences) {
       this._prefs[key] = aRequest.preferences[key];
+
+      if (key == "NetworkMonitor.saveRequestAndResponseBodies" &&
+          this.networkMonitor) {
+        this.networkMonitor.saveRequestAndResponseBodies = this._prefs[key];
+      }
     }
     return { updated: Object.keys(aRequest.preferences) };
   },
@@ -1131,6 +1175,8 @@ WebConsoleActor.prototype =
    *
    * @param object aEvent
    *        The initial network request event information.
+   * @param nsIHttpChannel aChannel
+   *        The network request nsIHttpChannel object.
    * @return object
    *         A new NetworkEventActor is returned. This is used for tracking the
    *         network request and response.
@@ -1155,8 +1201,10 @@ WebConsoleActor.prototype =
    * Get the NetworkEventActor for a nsIChannel, if it exists,
    * otherwise create a new one.
    *
-   * @param object aChannel
+   * @param nsIHttpChannel aChannel
    *        The channel for the network event.
+   * @return object
+   *         The NetworkEventActor for the given channel.
    */
   getNetworkEventActor: function WCA_getNetworkEventActor(aChannel) {
     let actor = this._netEvents.get(aChannel);
diff --git a/toolkit/devtools/webconsole/client.js b/toolkit/devtools/webconsole/client.js
index 478eabc909ba..25aaf6636ed0 100644
--- a/toolkit/devtools/webconsole/client.js
+++ b/toolkit/devtools/webconsole/client.js
@@ -16,19 +16,24 @@ loader.lazyImporter(this, "LongStringClient", "resource://gre/modules/devtools/d
  *
  * @param object aDebuggerClient
  *        The DebuggerClient instance we live for.
- * @param string aActor
- *        The WebConsoleActor ID.
+ * @param object aResponse
+ *        The response packet received from the "startListeners" request sent to
+ *        the WebConsoleActor.
  */
-function WebConsoleClient(aDebuggerClient, aActor)
+function WebConsoleClient(aDebuggerClient, aResponse)
 {
-  this._actor = aActor;
+  this._actor = aResponse.from;
   this._client = aDebuggerClient;
   this._longStrings = {};
+  this.traits = aResponse.traits || {};
 }
 exports.WebConsoleClient = WebConsoleClient;
 
 WebConsoleClient.prototype = {
   _longStrings: null,
+  traits: null,
+
+  get actor() { return this._actor; },
 
   /**
    * Retrieve the cached messages from the server.
diff --git a/toolkit/devtools/webconsole/network-helper.js b/toolkit/devtools/webconsole/network-helper.js
index 132aeda11941..d7af682defa6 100644
--- a/toolkit/devtools/webconsole/network-helper.js
+++ b/toolkit/devtools/webconsole/network-helper.js
@@ -188,6 +188,40 @@ let NetworkHelper = {
     return null;
   },
 
+  /**
+   * Gets the web appId that is associated with aRequest.
+   *
+   * @param nsIHttpChannel aRequest
+   * @returns number|null
+   *          The appId for the given request, if available.
+   */
+  getAppIdForRequest: function NH_getAppIdForRequest(aRequest)
+  {
+    try {
+      return this.getRequestLoadContext(aRequest).appId;
+    } catch (ex) {
+      // request loadContent is not always available.
+    }
+    return null;
+  },
+
+  /**
+   * Gets the topFrameElement that is associated with aRequest.
+   *
+   * @param nsIHttpChannel aRequest
+   * @returns nsIDOMElement|null
+   *          The top frame element for the given request, if available.
+   */
+  getTopFrameForRequest: function NH_getTopFrameForRequest(aRequest)
+  {
+    try {
+      return this.getRequestLoadContext(aRequest).topFrameElement;
+    } catch (ex) {
+      // request loadContent is not always available.
+    }
+    return null;
+  },
+
   /**
    * Gets the nsIDOMWindow that is associated with aRequest.
    *
diff --git a/toolkit/devtools/webconsole/network-monitor.js b/toolkit/devtools/webconsole/network-monitor.js
new file mode 100644
index 000000000000..a27667ac40a2
--- /dev/null
+++ b/toolkit/devtools/webconsole/network-monitor.js
@@ -0,0 +1,1481 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+"use strict";
+
+const {Cc, Ci, Cu} = require("chrome");
+
+Cu.import("resource://gre/modules/XPCOMUtils.jsm");
+
+loader.lazyGetter(this, "NetworkHelper", () => require("devtools/toolkit/webconsole/network-helper"));
+loader.lazyImporter(this, "Services", "resource://gre/modules/Services.jsm");
+loader.lazyImporter(this, "DevToolsUtils", "resource://gre/modules/devtools/DevToolsUtils.jsm");
+loader.lazyImporter(this, "NetUtil", "resource://gre/modules/NetUtil.jsm");
+loader.lazyImporter(this, "PrivateBrowsingUtils", "resource://gre/modules/PrivateBrowsingUtils.jsm");
+loader.lazyServiceGetter(this, "gActivityDistributor",
+                         "@mozilla.org/network/http-activity-distributor;1",
+                         "nsIHttpActivityDistributor");
+
+///////////////////////////////////////////////////////////////////////////////
+// Network logging
+///////////////////////////////////////////////////////////////////////////////
+
+// The maximum uint32 value.
+const PR_UINT32_MAX = 4294967295;
+
+// HTTP status codes.
+const HTTP_MOVED_PERMANENTLY = 301;
+const HTTP_FOUND = 302;
+const HTTP_SEE_OTHER = 303;
+const HTTP_TEMPORARY_REDIRECT = 307;
+
+// The maximum number of bytes a NetworkResponseListener can hold.
+const RESPONSE_BODY_LIMIT = 1048576; // 1 MB
+
+/**
+ * The network response listener implements the nsIStreamListener and
+ * nsIRequestObserver interfaces. This is used within the NetworkMonitor feature
+ * to get the response body of the request.
+ *
+ * The code is mostly based on code listings from:
+ *
+ *   http://www.softwareishard.com/blog/firebug/
+ *      nsitraceablechannel-intercept-http-traffic/
+ *
+ * @constructor
+ * @param object aOwner
+ *        The response listener owner. This object needs to hold the
+ *        |openResponses| object.
+ * @param object aHttpActivity
+ *        HttpActivity object associated with this request. See NetworkMonitor
+ *        for more information.
+ */
+function NetworkResponseListener(aOwner, aHttpActivity)
+{
+  this.owner = aOwner;
+  this.receivedData = "";
+  this.httpActivity = aHttpActivity;
+  this.bodySize = 0;
+}
+exports.NetworkResponseListener = NetworkResponseListener;
+
+NetworkResponseListener.prototype = {
+  QueryInterface:
+    XPCOMUtils.generateQI([Ci.nsIStreamListener, Ci.nsIInputStreamCallback,
+                           Ci.nsIRequestObserver, Ci.nsISupports]),
+
+  /**
+   * This NetworkResponseListener tracks the NetworkMonitor.openResponses object
+   * to find the associated uncached headers.
+   * @private
+   */
+  _foundOpenResponse: false,
+
+  /**
+   * The response listener owner.
+   */
+  owner: null,
+
+  /**
+   * The response will be written into the outputStream of this nsIPipe.
+   * Both ends of the pipe must be blocking.
+   */
+  sink: null,
+
+  /**
+   * The HttpActivity object associated with this response.
+   */
+  httpActivity: null,
+
+  /**
+   * Stores the received data as a string.
+   */
+  receivedData: null,
+
+  /**
+   * The network response body size.
+   */
+  bodySize: null,
+
+  /**
+   * The nsIRequest we are started for.
+   */
+  request: null,
+
+  /**
+   * Set the async listener for the given nsIAsyncInputStream. This allows us to
+   * wait asynchronously for any data coming from the stream.
+   *
+   * @param nsIAsyncInputStream aStream
+   *        The input stream from where we are waiting for data to come in.
+   * @param nsIInputStreamCallback aListener
+   *        The input stream callback you want. This is an object that must have
+   *        the onInputStreamReady() method. If the argument is null, then the
+   *        current callback is removed.
+   * @return void
+   */
+  setAsyncListener: function NRL_setAsyncListener(aStream, aListener)
+  {
+    // Asynchronously wait for the stream to be readable or closed.
+    aStream.asyncWait(aListener, 0, 0, Services.tm.mainThread);
+  },
+
+  /**
+   * Stores the received data, if request/response body logging is enabled. It
+   * also does limit the number of stored bytes, based on the
+   * RESPONSE_BODY_LIMIT constant.
+   *
+   * Learn more about nsIStreamListener at:
+   * https://developer.mozilla.org/en/XPCOM_Interface_Reference/nsIStreamListener
+   *
+   * @param nsIRequest aRequest
+   * @param nsISupports aContext
+   * @param nsIInputStream aInputStream
+   * @param unsigned long aOffset
+   * @param unsigned long aCount
+   */
+  onDataAvailable:
+  function NRL_onDataAvailable(aRequest, aContext, aInputStream, aOffset, aCount)
+  {
+    this._findOpenResponse();
+    let data = NetUtil.readInputStreamToString(aInputStream, aCount);
+
+    this.bodySize += aCount;
+
+    if (!this.httpActivity.discardResponseBody &&
+        this.receivedData.length < RESPONSE_BODY_LIMIT) {
+      this.receivedData += NetworkHelper.
+                           convertToUnicode(data, aRequest.contentCharset);
+    }
+  },
+
+  /**
+   * See documentation at
+   * https://developer.mozilla.org/En/NsIRequestObserver
+   *
+   * @param nsIRequest aRequest
+   * @param nsISupports aContext
+   */
+  onStartRequest: function NRL_onStartRequest(aRequest)
+  {
+    this.request = aRequest;
+    this._findOpenResponse();
+    // Asynchronously wait for the data coming from the request.
+    this.setAsyncListener(this.sink.inputStream, this);
+  },
+
+  /**
+   * Handle the onStopRequest by closing the sink output stream.
+   *
+   * For more documentation about nsIRequestObserver go to:
+   * https://developer.mozilla.org/En/NsIRequestObserver
+   */
+  onStopRequest: function NRL_onStopRequest()
+  {
+    this._findOpenResponse();
+    this.sink.outputStream.close();
+  },
+
+  /**
+   * Find the open response object associated to the current request. The
+   * NetworkMonitor._httpResponseExaminer() method saves the response headers in
+   * NetworkMonitor.openResponses. This method takes the data from the open
+   * response object and puts it into the HTTP activity object, then sends it to
+   * the remote Web Console instance.
+   *
+   * @private
+   */
+  _findOpenResponse: function NRL__findOpenResponse()
+  {
+    if (!this.owner || this._foundOpenResponse) {
+      return;
+    }
+
+    let openResponse = null;
+
+    for each (let item in this.owner.openResponses) {
+      if (item.channel === this.httpActivity.channel) {
+        openResponse = item;
+        break;
+      }
+    }
+
+    if (!openResponse) {
+      return;
+    }
+    this._foundOpenResponse = true;
+
+    delete this.owner.openResponses[openResponse.id];
+
+    this.httpActivity.owner.addResponseHeaders(openResponse.headers);
+    this.httpActivity.owner.addResponseCookies(openResponse.cookies);
+  },
+
+  /**
+   * Clean up the response listener once the response input stream is closed.
+   * This is called from onStopRequest() or from onInputStreamReady() when the
+   * stream is closed.
+   * @return void
+   */
+  onStreamClose: function NRL_onStreamClose()
+  {
+    if (!this.httpActivity) {
+      return;
+    }
+    // Remove our listener from the request input stream.
+    this.setAsyncListener(this.sink.inputStream, null);
+
+    this._findOpenResponse();
+
+    if (!this.httpActivity.discardResponseBody && this.receivedData.length) {
+      this._onComplete(this.receivedData);
+    }
+    else if (!this.httpActivity.discardResponseBody &&
+             this.httpActivity.responseStatus == 304) {
+      // Response is cached, so we load it from cache.
+      let charset = this.request.contentCharset || this.httpActivity.charset;
+      NetworkHelper.loadFromCache(this.httpActivity.url, charset,
+                                  this._onComplete.bind(this));
+    }
+    else {
+      this._onComplete();
+    }
+  },
+
+  /**
+   * Handler for when the response completes. This function cleans up the
+   * response listener.
+   *
+   * @param string [aData]
+   *        Optional, the received data coming from the response listener or
+   *        from the cache.
+   */
+  _onComplete: function NRL__onComplete(aData)
+  {
+    let response = {
+      mimeType: "",
+      text: aData || "",
+    };
+
+    response.size = response.text.length;
+
+    try {
+      response.mimeType = this.request.contentType;
+    }
+    catch (ex) { }
+
+    if (!response.mimeType || !NetworkHelper.isTextMimeType(response.mimeType)) {
+      response.encoding = "base64";
+      response.text = btoa(response.text);
+    }
+
+    if (response.mimeType && this.request.contentCharset) {
+      response.mimeType += "; charset=" + this.request.contentCharset;
+    }
+
+    this.receivedData = "";
+
+    this.httpActivity.owner.
+      addResponseContent(response, this.httpActivity.discardResponseBody);
+
+    this.httpActivity.channel = null;
+    this.httpActivity.owner = null;
+    this.httpActivity = null;
+    this.sink = null;
+    this.inputStream = null;
+    this.request = null;
+    this.owner = null;
+  },
+
+  /**
+   * The nsIInputStreamCallback for when the request input stream is ready -
+   * either it has more data or it is closed.
+   *
+   * @param nsIAsyncInputStream aStream
+   *        The sink input stream from which data is coming.
+   * @returns void
+   */
+  onInputStreamReady: function NRL_onInputStreamReady(aStream)
+  {
+    if (!(aStream instanceof Ci.nsIAsyncInputStream) || !this.httpActivity) {
+      return;
+    }
+
+    let available = -1;
+    try {
+      // This may throw if the stream is closed normally or due to an error.
+      available = aStream.available();
+    }
+    catch (ex) { }
+
+    if (available != -1) {
+      if (available != 0) {
+        // Note that passing 0 as the offset here is wrong, but the
+        // onDataAvailable() method does not use the offset, so it does not
+        // matter.
+        this.onDataAvailable(this.request, null, aStream, 0, available);
+      }
+      this.setAsyncListener(aStream, this);
+    }
+    else {
+      this.onStreamClose();
+    }
+  },
+}; // NetworkResponseListener.prototype
+
+
+/**
+ * The network monitor uses the nsIHttpActivityDistributor to monitor network
+ * requests. The nsIObserverService is also used for monitoring
+ * http-on-examine-response notifications. All network request information is
+ * routed to the remote Web Console.
+ *
+ * @constructor
+ * @param object aFilters
+ *        Object with the filters to use for network requests:
+ *        - window (nsIDOMWindow): filter network requests by the associated
+ *        window object.
+ *        - appId (number): filter requests by the appId.
+ *        - topFrame (nsIDOMElement): filter requests by their topFrameElement.
+ *        Filters are optional. If any of these filters match the request is
+ *        logged (OR is applied). If no filter is provided then all requests are
+ *        logged.
+ * @param object aOwner
+ *        The network monitor owner. This object needs to hold:
+ *        - onNetworkEvent(aRequestInfo, aChannel, aNetworkMonitor).
+ *        This method is invoked once for every new network request and it is
+ *        given the following arguments: the initial network request
+ *        information, and the channel. The third argument is the NetworkMonitor
+ *        instance.
+ *        onNetworkEvent() must return an object which holds several add*()
+ *        methods which are used to add further network request/response
+ *        information.
+ */
+function NetworkMonitor(aFilters, aOwner)
+{
+  if (aFilters) {
+    this.window = aFilters.window;
+    this.appId = aFilters.appId;
+    this.topFrame = aFilters.topFrame;
+  }
+  if (!this.window && !this.appId && !this.topFrame) {
+    this._logEverything = true;
+  }
+  this.owner = aOwner;
+  this.openRequests = {};
+  this.openResponses = {};
+  this._httpResponseExaminer =
+    DevToolsUtils.makeInfallible(this._httpResponseExaminer).bind(this);
+}
+exports.NetworkMonitor = NetworkMonitor;
+
+NetworkMonitor.prototype = {
+  _logEverything: false,
+  window: null,
+  appId: null,
+  topFrame: null,
+
+  httpTransactionCodes: {
+    0x5001: "REQUEST_HEADER",
+    0x5002: "REQUEST_BODY_SENT",
+    0x5003: "RESPONSE_START",
+    0x5004: "RESPONSE_HEADER",
+    0x5005: "RESPONSE_COMPLETE",
+    0x5006: "TRANSACTION_CLOSE",
+
+    0x804b0003: "STATUS_RESOLVING",
+    0x804b000b: "STATUS_RESOLVED",
+    0x804b0007: "STATUS_CONNECTING_TO",
+    0x804b0004: "STATUS_CONNECTED_TO",
+    0x804b0005: "STATUS_SENDING_TO",
+    0x804b000a: "STATUS_WAITING_FOR",
+    0x804b0006: "STATUS_RECEIVING_FROM"
+  },
+
+  // Network response bodies are piped through a buffer of the given size (in
+  // bytes).
+  responsePipeSegmentSize: null,
+
+  owner: null,
+
+  /**
+   * Whether to save the bodies of network requests and responses. Disabled by
+   * default to save memory.
+   * @type boolean
+   */
+  saveRequestAndResponseBodies: false,
+
+  /**
+   * Object that holds the HTTP activity objects for ongoing requests.
+   */
+  openRequests: null,
+
+  /**
+   * Object that holds response headers coming from this._httpResponseExaminer.
+   */
+  openResponses: null,
+
+  /**
+   * The network monitor initializer.
+   */
+  init: function NM_init()
+  {
+    this.responsePipeSegmentSize = Services.prefs
+                                   .getIntPref("network.buffer.cache.size");
+
+    gActivityDistributor.addObserver(this);
+
+    if (Services.appinfo.processType != Ci.nsIXULRuntime.PROCESS_TYPE_CONTENT) {
+      Services.obs.addObserver(this._httpResponseExaminer,
+                               "http-on-examine-response", false);
+    }
+  },
+
+  /**
+   * Observe notifications for the http-on-examine-response topic, coming from
+   * the nsIObserverService.
+   *
+   * @private
+   * @param nsIHttpChannel aSubject
+   * @param string aTopic
+   * @returns void
+   */
+  _httpResponseExaminer: function NM__httpResponseExaminer(aSubject, aTopic)
+  {
+    // The httpResponseExaminer is used to retrieve the uncached response
+    // headers. The data retrieved is stored in openResponses. The
+    // NetworkResponseListener is responsible with updating the httpActivity
+    // object with the data from the new object in openResponses.
+
+    if (!this.owner || aTopic != "http-on-examine-response" ||
+        !(aSubject instanceof Ci.nsIHttpChannel)) {
+      return;
+    }
+
+    let channel = aSubject.QueryInterface(Ci.nsIHttpChannel);
+
+    if (!this._matchRequest(channel)) {
+      return;
+    }
+
+    let response = {
+      id: gSequenceId(),
+      channel: channel,
+      headers: [],
+      cookies: [],
+    };
+
+    let setCookieHeader = null;
+
+    channel.visitResponseHeaders({
+      visitHeader: function NM__visitHeader(aName, aValue) {
+        let lowerName = aName.toLowerCase();
+        if (lowerName == "set-cookie") {
+          setCookieHeader = aValue;
+        }
+        response.headers.push({ name: aName, value: aValue });
+      }
+    });
+
+    if (!response.headers.length) {
+      return; // No need to continue.
+    }
+
+    if (setCookieHeader) {
+      response.cookies = NetworkHelper.parseSetCookieHeader(setCookieHeader);
+    }
+
+    // Determine the HTTP version.
+    let httpVersionMaj = {};
+    let httpVersionMin = {};
+
+    channel.QueryInterface(Ci.nsIHttpChannelInternal);
+    channel.getResponseVersion(httpVersionMaj, httpVersionMin);
+
+    response.status = channel.responseStatus;
+    response.statusText = channel.responseStatusText;
+    response.httpVersion = "HTTP/" + httpVersionMaj.value + "." +
+                                     httpVersionMin.value;
+
+    this.openResponses[response.id] = response;
+  },
+
+  /**
+   * Begin observing HTTP traffic that originates inside the current tab.
+   *
+   * @see https://developer.mozilla.org/en/XPCOM_Interface_Reference/nsIHttpActivityObserver
+   *
+   * @param nsIHttpChannel aChannel
+   * @param number aActivityType
+   * @param number aActivitySubtype
+   * @param number aTimestamp
+   * @param number aExtraSizeData
+   * @param string aExtraStringData
+   */
+  observeActivity: DevToolsUtils.makeInfallible(function NM_observeActivity(aChannel, aActivityType, aActivitySubtype, aTimestamp, aExtraSizeData, aExtraStringData)
+  {
+    if (!this.owner ||
+        aActivityType != gActivityDistributor.ACTIVITY_TYPE_HTTP_TRANSACTION &&
+        aActivityType != gActivityDistributor.ACTIVITY_TYPE_SOCKET_TRANSPORT) {
+      return;
+    }
+
+    if (!(aChannel instanceof Ci.nsIHttpChannel)) {
+      return;
+    }
+
+    aChannel = aChannel.QueryInterface(Ci.nsIHttpChannel);
+
+    if (aActivitySubtype ==
+        gActivityDistributor.ACTIVITY_SUBTYPE_REQUEST_HEADER) {
+      this._onRequestHeader(aChannel, aTimestamp, aExtraStringData);
+      return;
+    }
+
+    // Iterate over all currently ongoing requests. If aChannel can't
+    // be found within them, then exit this function.
+    let httpActivity = null;
+    for each (let item in this.openRequests) {
+      if (item.channel === aChannel) {
+        httpActivity = item;
+        break;
+      }
+    }
+
+    if (!httpActivity) {
+      return;
+    }
+
+    let transCodes = this.httpTransactionCodes;
+
+    // Store the time information for this activity subtype.
+    if (aActivitySubtype in transCodes) {
+      let stage = transCodes[aActivitySubtype];
+      if (stage in httpActivity.timings) {
+        httpActivity.timings[stage].last = aTimestamp;
+      }
+      else {
+        httpActivity.timings[stage] = {
+          first: aTimestamp,
+          last: aTimestamp,
+        };
+      }
+    }
+
+    switch (aActivitySubtype) {
+      case gActivityDistributor.ACTIVITY_SUBTYPE_REQUEST_BODY_SENT:
+        this._onRequestBodySent(httpActivity);
+        break;
+      case gActivityDistributor.ACTIVITY_SUBTYPE_RESPONSE_HEADER:
+        this._onResponseHeader(httpActivity, aExtraStringData);
+        break;
+      case gActivityDistributor.ACTIVITY_SUBTYPE_TRANSACTION_CLOSE:
+        this._onTransactionClose(httpActivity);
+        break;
+      default:
+        break;
+    }
+  }),
+
+  /**
+   * Check if a given network request should be logged by this network monitor
+   * instance based on the current filters.
+   *
+   * @private
+   * @param nsIHttpChannel aChannel
+   *        Request to check.
+   * @return boolean
+   *         True if the network request should be logged, false otherwise.
+   */
+  _matchRequest: function NM__matchRequest(aChannel)
+  {
+    if (this._logEverything) {
+      return true;
+    }
+
+    if (this.window) {
+      let win = NetworkHelper.getWindowForRequest(aChannel);
+      if (win && win.top === this.window) {
+        return true;
+      }
+    }
+
+    if (this.topFrame) {
+      let topFrame = NetworkHelper.getTopFrameForRequest(aChannel);
+      if (topFrame && topFrame === this.topFrame) {
+        return true;
+      }
+    }
+
+    if (this.appId) {
+      let appId = NetworkHelper.getAppIdForRequest(aChannel);
+      if (appId && appId == this.appId) {
+        return true;
+      }
+    }
+
+    return false;
+  },
+
+  /**
+   * Handler for ACTIVITY_SUBTYPE_REQUEST_HEADER. When a request starts the
+   * headers are sent to the server. This method creates the |httpActivity|
+   * object where we store the request and response information that is
+   * collected through its lifetime.
+   *
+   * @private
+   * @param nsIHttpChannel aChannel
+   * @param number aTimestamp
+   * @param string aExtraStringData
+   * @return void
+   */
+  _onRequestHeader:
+  function NM__onRequestHeader(aChannel, aTimestamp, aExtraStringData)
+  {
+    if (!this._matchRequest(aChannel)) {
+      return;
+    }
+
+    let win = NetworkHelper.getWindowForRequest(aChannel);
+    let httpActivity = this.createActivityObject(aChannel);
+
+    // see NM__onRequestBodySent()
+    httpActivity.charset = win ? win.document.characterSet : null;
+    httpActivity.private = win ? PrivateBrowsingUtils.isWindowPrivate(win) : false;
+
+    httpActivity.timings.REQUEST_HEADER = {
+      first: aTimestamp,
+      last: aTimestamp
+    };
+
+    let httpVersionMaj = {};
+    let httpVersionMin = {};
+    let event = {};
+    event.startedDateTime = new Date(Math.round(aTimestamp / 1000)).toISOString();
+    event.headersSize = aExtraStringData.length;
+    event.method = aChannel.requestMethod;
+    event.url = aChannel.URI.spec;
+    event.private = httpActivity.private;
+
+    // Determine if this is an XHR request.
+    try {
+      let callbacks = aChannel.notificationCallbacks;
+      let xhrRequest = callbacks ? callbacks.getInterface(Ci.nsIXMLHttpRequest) : null;
+      httpActivity.isXHR = event.isXHR = !!xhrRequest;
+    } catch (e) {
+      httpActivity.isXHR = event.isXHR = false;
+    }
+
+    // Determine the HTTP version.
+    aChannel.QueryInterface(Ci.nsIHttpChannelInternal);
+    aChannel.getRequestVersion(httpVersionMaj, httpVersionMin);
+
+    event.httpVersion = "HTTP/" + httpVersionMaj.value + "." +
+                                  httpVersionMin.value;
+
+    event.discardRequestBody = !this.saveRequestAndResponseBodies;
+    event.discardResponseBody = !this.saveRequestAndResponseBodies;
+
+    let headers = [];
+    let cookies = [];
+    let cookieHeader = null;
+
+    // Copy the request header data.
+    aChannel.visitRequestHeaders({
+      visitHeader: function NM__visitHeader(aName, aValue)
+      {
+        if (aName == "Cookie") {
+          cookieHeader = aValue;
+        }
+        headers.push({ name: aName, value: aValue });
+      }
+    });
+
+    if (cookieHeader) {
+      cookies = NetworkHelper.parseCookieHeader(cookieHeader);
+    }
+
+    httpActivity.owner = this.owner.onNetworkEvent(event, aChannel, this);
+
+    this._setupResponseListener(httpActivity);
+
+    this.openRequests[httpActivity.id] = httpActivity;
+
+    httpActivity.owner.addRequestHeaders(headers);
+    httpActivity.owner.addRequestCookies(cookies);
+  },
+
+  /**
+   * Create the empty HTTP activity object. This object is used for storing all
+   * the request and response information.
+   *
+   * This is a HAR-like object. Conformance to the spec is not guaranteed at
+   * this point.
+   *
+   * TODO: Bug 708717 - Add support for network log export to HAR
+   *
+   * @see http://www.softwareishard.com/blog/har-12-spec
+   * @param nsIHttpChannel aChannel
+   *        The HTTP channel for which the HTTP activity object is created.
+   * @return object
+   *         The new HTTP activity object.
+   */
+  createActivityObject: function NM_createActivityObject(aChannel)
+  {
+    return {
+      id: gSequenceId(),
+      channel: aChannel,
+      charset: null, // see NM__onRequestHeader()
+      url: aChannel.URI.spec,
+      discardRequestBody: !this.saveRequestAndResponseBodies,
+      discardResponseBody: !this.saveRequestAndResponseBodies,
+      timings: {}, // internal timing information, see NM_observeActivity()
+      responseStatus: null, // see NM__onResponseHeader()
+      owner: null, // the activity owner which is notified when changes happen
+    };
+  },
+
+  /**
+   * Setup the network response listener for the given HTTP activity. The
+   * NetworkResponseListener is responsible for storing the response body.
+   *
+   * @private
+   * @param object aHttpActivity
+   *        The HTTP activity object we are tracking.
+   */
+  _setupResponseListener: function NM__setupResponseListener(aHttpActivity)
+  {
+    let channel = aHttpActivity.channel;
+    channel.QueryInterface(Ci.nsITraceableChannel);
+
+    // The response will be written into the outputStream of this pipe.
+    // This allows us to buffer the data we are receiving and read it
+    // asynchronously.
+    // Both ends of the pipe must be blocking.
+    let sink = Cc["@mozilla.org/pipe;1"].createInstance(Ci.nsIPipe);
+
+    // The streams need to be blocking because this is required by the
+    // stream tee.
+    sink.init(false, false, this.responsePipeSegmentSize, PR_UINT32_MAX, null);
+
+    // Add listener for the response body.
+    let newListener = new NetworkResponseListener(this, aHttpActivity);
+
+    // Remember the input stream, so it isn't released by GC.
+    newListener.inputStream = sink.inputStream;
+    newListener.sink = sink;
+
+    let tee = Cc["@mozilla.org/network/stream-listener-tee;1"].
+              createInstance(Ci.nsIStreamListenerTee);
+
+    let originalListener = channel.setNewListener(tee);
+
+    tee.init(originalListener, sink.outputStream, newListener);
+  },
+
+  /**
+   * Handler for ACTIVITY_SUBTYPE_REQUEST_BODY_SENT. The request body is logged
+   * here.
+   *
+   * @private
+   * @param object aHttpActivity
+   *        The HTTP activity object we are working with.
+   */
+  _onRequestBodySent: function NM__onRequestBodySent(aHttpActivity)
+  {
+    if (aHttpActivity.discardRequestBody) {
+      return;
+    }
+
+    let sentBody = NetworkHelper.
+                   readPostTextFromRequest(aHttpActivity.channel,
+                                           aHttpActivity.charset);
+
+    if (!sentBody && this.window &&
+        aHttpActivity.url == this.window.location.href) {
+      // If the request URL is the same as the current page URL, then
+      // we can try to get the posted text from the page directly.
+      // This check is necessary as otherwise the
+      //   NetworkHelper.readPostTextFromPageViaWebNav()
+      // function is called for image requests as well but these
+      // are not web pages and as such don't store the posted text
+      // in the cache of the webpage.
+      let webNav = this.window.QueryInterface(Ci.nsIInterfaceRequestor).
+                   getInterface(Ci.nsIWebNavigation);
+      sentBody = NetworkHelper.
+                 readPostTextFromPageViaWebNav(webNav, aHttpActivity.charset);
+    }
+
+    if (sentBody) {
+      aHttpActivity.owner.addRequestPostData({ text: sentBody });
+    }
+  },
+
+  /**
+   * Handler for ACTIVITY_SUBTYPE_RESPONSE_HEADER. This method stores
+   * information about the response headers.
+   *
+   * @private
+   * @param object aHttpActivity
+   *        The HTTP activity object we are working with.
+   * @param string aExtraStringData
+   *        The uncached response headers.
+   */
+  _onResponseHeader:
+  function NM__onResponseHeader(aHttpActivity, aExtraStringData)
+  {
+    // aExtraStringData contains the uncached response headers. The first line
+    // contains the response status (e.g. HTTP/1.1 200 OK).
+    //
+    // Note: The response header is not saved here. Calling the
+    // channel.visitResponseHeaders() methood at this point sometimes causes an
+    // NS_ERROR_NOT_AVAILABLE exception.
+    //
+    // We could parse aExtraStringData to get the headers and their values, but
+    // that is not trivial to do in an accurate manner. Hence, we save the
+    // response headers in this._httpResponseExaminer().
+
+    let headers = aExtraStringData.split(/\r\n|\n|\r/);
+    let statusLine = headers.shift();
+    let statusLineArray = statusLine.split(" ");
+
+    let response = {};
+    response.httpVersion = statusLineArray.shift();
+    response.status = statusLineArray.shift();
+    response.statusText = statusLineArray.join(" ");
+    response.headersSize = aExtraStringData.length;
+
+    aHttpActivity.responseStatus = response.status;
+
+    // Discard the response body for known response statuses.
+    switch (parseInt(response.status)) {
+      case HTTP_MOVED_PERMANENTLY:
+      case HTTP_FOUND:
+      case HTTP_SEE_OTHER:
+      case HTTP_TEMPORARY_REDIRECT:
+        aHttpActivity.discardResponseBody = true;
+        break;
+    }
+
+    response.discardResponseBody = aHttpActivity.discardResponseBody;
+
+    aHttpActivity.owner.addResponseStart(response);
+  },
+
+  /**
+   * Handler for ACTIVITY_SUBTYPE_TRANSACTION_CLOSE. This method updates the HAR
+   * timing information on the HTTP activity object and clears the request
+   * from the list of known open requests.
+   *
+   * @private
+   * @param object aHttpActivity
+   *        The HTTP activity object we work with.
+   */
+  _onTransactionClose: function NM__onTransactionClose(aHttpActivity)
+  {
+    let result = this._setupHarTimings(aHttpActivity);
+    aHttpActivity.owner.addEventTimings(result.total, result.timings);
+    delete this.openRequests[aHttpActivity.id];
+  },
+
+  /**
+   * Update the HTTP activity object to include timing information as in the HAR
+   * spec. The HTTP activity object holds the raw timing information in
+   * |timings| - these are timings stored for each activity notification. The
+   * HAR timing information is constructed based on these lower level data.
+   *
+   * @param object aHttpActivity
+   *        The HTTP activity object we are working with.
+   * @return object
+   *         This object holds two properties:
+   *         - total - the total time for all of the request and response.
+   *         - timings - the HAR timings object.
+   */
+  _setupHarTimings: function NM__setupHarTimings(aHttpActivity)
+  {
+    let timings = aHttpActivity.timings;
+    let harTimings = {};
+
+    // Not clear how we can determine "blocked" time.
+    harTimings.blocked = -1;
+
+    // DNS timing information is available only in when the DNS record is not
+    // cached.
+    harTimings.dns = timings.STATUS_RESOLVING && timings.STATUS_RESOLVED ?
+                     timings.STATUS_RESOLVED.last -
+                     timings.STATUS_RESOLVING.first : -1;
+
+    if (timings.STATUS_CONNECTING_TO && timings.STATUS_CONNECTED_TO) {
+      harTimings.connect = timings.STATUS_CONNECTED_TO.last -
+                           timings.STATUS_CONNECTING_TO.first;
+    }
+    else if (timings.STATUS_SENDING_TO) {
+      harTimings.connect = timings.STATUS_SENDING_TO.first -
+                           timings.REQUEST_HEADER.first;
+    }
+    else {
+      harTimings.connect = -1;
+    }
+
+    if ((timings.STATUS_WAITING_FOR || timings.STATUS_RECEIVING_FROM) &&
+        (timings.STATUS_CONNECTED_TO || timings.STATUS_SENDING_TO)) {
+      harTimings.send = (timings.STATUS_WAITING_FOR ||
+                         timings.STATUS_RECEIVING_FROM).first -
+                        (timings.STATUS_CONNECTED_TO ||
+                         timings.STATUS_SENDING_TO).last;
+    }
+    else {
+      harTimings.send = -1;
+    }
+
+    if (timings.RESPONSE_START) {
+      harTimings.wait = timings.RESPONSE_START.first -
+                        (timings.REQUEST_BODY_SENT ||
+                         timings.STATUS_SENDING_TO).last;
+    }
+    else {
+      harTimings.wait = -1;
+    }
+
+    if (timings.RESPONSE_START && timings.RESPONSE_COMPLETE) {
+      harTimings.receive = timings.RESPONSE_COMPLETE.last -
+                           timings.RESPONSE_START.first;
+    }
+    else {
+      harTimings.receive = -1;
+    }
+
+    let totalTime = 0;
+    for (let timing in harTimings) {
+      let time = Math.max(Math.round(harTimings[timing] / 1000), -1);
+      harTimings[timing] = time;
+      if (time > -1) {
+        totalTime += time;
+      }
+    }
+
+    return {
+      total: totalTime,
+      timings: harTimings,
+    };
+  },
+
+  /**
+   * Suspend Web Console activity. This is called when all Web Consoles are
+   * closed.
+   */
+  destroy: function NM_destroy()
+  {
+    if (Services.appinfo.processType != Ci.nsIXULRuntime.PROCESS_TYPE_CONTENT) {
+      Services.obs.removeObserver(this._httpResponseExaminer,
+                                  "http-on-examine-response");
+    }
+
+    gActivityDistributor.removeObserver(this);
+
+    this.openRequests = {};
+    this.openResponses = {};
+    this.owner = null;
+    this.window = null;
+    this.topFrame = null;
+  },
+}; // NetworkMonitor.prototype
+
+
+/**
+ * The NetworkMonitorChild is used to proxy all of the network activity of the
+ * child app process from the main process. The child WebConsoleActor creates an
+ * instance of this object.
+ *
+ * Network requests for apps happen in the main process. As such,
+ * a NetworkMonitor instance is used by the WebappsActor in the main process to
+ * log the network requests for this child process.
+ *
+ * The main process creates NetworkEventActorProxy instances per request. These
+ * send the data to this object using the nsIMessageManager. Here we proxy the
+ * data to the WebConsoleActor or to a NetworkEventActor.
+ *
+ * @constructor
+ * @param number appId
+ *        The web appId of the child process.
+ * @param nsIMessageManager messageManager
+ *        The nsIMessageManager to use to communicate with the parent process.
+ * @param object owner
+ *        The WebConsoleActor that is listening for the network requests.
+ */
+function NetworkMonitorChild(appId, messageManager, owner) {
+  this.appId = appId;
+  this.owner = owner;
+  this._messageManager = messageManager;
+  this._onNewEvent = this._onNewEvent.bind(this);
+  this._onUpdateEvent = this._onUpdateEvent.bind(this);
+  this._netEvents = new Map();
+}
+exports.NetworkMonitorChild = NetworkMonitorChild;
+
+NetworkMonitorChild.prototype = {
+  appId: null,
+  owner: null,
+  _netEvents: null,
+  _saveRequestAndResponseBodies: false,
+
+  get saveRequestAndResponseBodies() {
+    return this._saveRequestAndResponseBodies;
+  },
+
+  set saveRequestAndResponseBodies(val) {
+    this._saveRequestAndResponseBodies = val;
+
+    this._messageManager.sendAsyncMessage("debug:netmonitor", {
+      appId: this.appId,
+      action: "setPreferences",
+      preferences: {
+        saveRequestAndResponseBodies: this._saveRequestAndResponseBodies,
+      },
+    });
+  },
+
+  init: function() {
+    this._messageManager.addMessageListener("debug:netmonitor:newEvent", this._onNewEvent);
+    this._messageManager.addMessageListener("debug:netmonitor:updateEvent", this._onUpdateEvent);
+    this._messageManager.sendAsyncMessage("debug:netmonitor", {
+      appId: this.appId,
+      action: "start",
+    });
+  },
+
+  _onNewEvent: DevToolsUtils.makeInfallible(function _onNewEvent(msg) {
+    let {id, event} = msg.data;
+    let actor = this.owner.onNetworkEvent(event);
+    this._netEvents.set(id, Cu.getWeakReference(actor));
+  }),
+
+  _onUpdateEvent: DevToolsUtils.makeInfallible(function _onUpdateEvent(msg) {
+    let {id, method, args} = msg.data;
+    let weakActor = this._netEvents.get(id);
+    let actor = weakActor ? weakActor.get() : null;
+    if (!actor) {
+      Cu.reportError("Received debug:netmonitor:updateEvent for unknown event ID: " + id);
+      return;
+    }
+    if (!(method in actor)) {
+      Cu.reportError("Received debug:netmonitor:updateEvent unsupported method: " + method);
+      return;
+    }
+    actor[method].apply(actor, args);
+  }),
+
+  destroy: function() {
+    this._messageManager.removeMessageListener("debug:netmonitor:newEvent", this._onNewEvent);
+    this._messageManager.removeMessageListener("debug:netmonitor:updateEvent", this._onUpdateEvent);
+    this._messageManager.sendAsyncMessage("debug:netmonitor", { action: "disconnect" });
+    this._netEvents.clear();
+    this._messageManager = null;
+    this.owner = null;
+  },
+}; // NetworkMonitorChild.prototype
+
+/**
+ * The NetworkEventActorProxy is used to send network request information from
+ * the main process to the child app process. One proxy is used per request.
+ * Similarly, one NetworkEventActor in the child app process is used per
+ * request. The client receives all network logs from the child actors.
+ *
+ * The child process has a NetworkMonitorChild instance that is listening for
+ * all network logging from the main process. The net monitor shim is used to
+ * proxy the data to the WebConsoleActor instance of the child process.
+ *
+ * @constructor
+ * @param nsIMessageManager messageManager
+ *        The message manager for the child app process. This is used for
+ *        communication with the NetworkMonitorChild instance of the process.
+ */
+function NetworkEventActorProxy(messageManager) {
+  this.id = gSequenceId();
+  this.messageManager = messageManager;
+}
+exports.NetworkEventActorProxy = NetworkEventActorProxy;
+
+NetworkEventActorProxy.methodFactory = function(method) {
+  return DevToolsUtils.makeInfallible(function() {
+    let args = Array.slice(arguments);
+    this.messageManager.sendAsyncMessage("debug:netmonitor:updateEvent", {
+      id: this.id,
+      method: method,
+      args: args,
+    });
+  }, "NetworkEventActorProxy." + method);
+};
+
+NetworkEventActorProxy.prototype = {
+  /**
+   * Initialize the network event. This method sends the network request event
+   * to the content process.
+   *
+   * @param object event
+   *        Object describing the network request.
+   * @return object
+   *         This object.
+   */
+  init: DevToolsUtils.makeInfallible(function(event)
+  {
+    this.messageManager.sendAsyncMessage("debug:netmonitor:newEvent", {
+      id: this.id,
+      event: event,
+    });
+    return this;
+  }),
+};
+
+(function() {
+  // Listeners for new network event data coming from the NetworkMonitor.
+  let methods = ["addRequestHeaders", "addRequestCookies", "addRequestPostData",
+                 "addResponseStart", "addResponseHeaders", "addResponseCookies",
+                 "addResponseContent", "addEventTimings"];
+  let factory = NetworkEventActorProxy.methodFactory;
+  for (let method of methods) {
+    NetworkEventActorProxy.prototype[method] = factory(method);
+  }
+})();
+
+
+/**
+ * The NetworkMonitor manager used by the Webapps actor in the main process.
+ * This object uses the message manager to listen for requests from the child
+ * process to start/stop the network monitor.
+ *
+ * @constructor
+ * @param nsIDOMElement frame
+ *        The browser frame to work with (mozbrowser).
+ */
+function NetworkMonitorManager(frame)
+{
+  let mm = frame.QueryInterface(Ci.nsIFrameLoaderOwner).frameLoader.messageManager;
+  this.messageManager = mm;
+  this.frame = frame;
+  this.onNetMonitorMessage = this.onNetMonitorMessage.bind(this);
+  this.onNetworkEvent = this.onNetworkEvent.bind(this);
+
+  mm.addMessageListener("debug:netmonitor", this.onNetMonitorMessage);
+}
+exports.NetworkMonitorManager = NetworkMonitorManager;
+
+NetworkMonitorManager.prototype = {
+  netMonitor: null,
+  frame: null,
+  messageManager: null,
+
+  /**
+   * Handler for "debug:monitor" messages received through the message manager
+   * from the content process.
+   *
+   * @param object msg
+   *        Message from the content.
+   */
+  onNetMonitorMessage: DevToolsUtils.makeInfallible(function _onNetMonitorMessage(msg) {
+    let { action, appId } = msg.json;
+
+    // Pipe network monitor data from parent to child via the message manager.
+    switch (action) {
+      case "start":
+        if (!this.netMonitor) {
+          this.netMonitor = new NetworkMonitor({
+            topFrame: this.frame,
+            appId: appId,
+          }, this);
+          this.netMonitor.init();
+        }
+        break;
+
+      case "setPreferences": {
+        let {preferences} = msg.json;
+        for (let key of Object.keys(preferences)) {
+          if (key == "saveRequestAndResponseBodies" && this.netMonitor) {
+            this.netMonitor.saveRequestAndResponseBodies = preferences[key];
+          }
+        }
+        break;
+      }
+
+      case "stop":
+        if (this.netMonitor) {
+          this.netMonitor.destroy();
+          this.netMonitor = null;
+        }
+        break;
+
+      case "disconnect":
+        this.destroy();
+        break;
+    }
+  }),
+
+  /**
+   * Handler for new network requests. This method is invoked by the current
+   * NetworkMonitor instance.
+   *
+   * @param object event
+   *        Object describing the network request.
+   * @return object
+   *         A NetworkEventActorProxy instance which is notified when further
+   *         data about the request is available.
+   */
+  onNetworkEvent: DevToolsUtils.makeInfallible(function _onNetworkEvent(event) {
+    return new NetworkEventActorProxy(this.messageManager).init(event);
+  }),
+
+  destroy: function()
+  {
+    this.messageManager.removeMessageListener("debug:netmonitor",
+                                              this.onNetMonitorMessage);
+    this.messageManager = null;
+    this.filters = null;
+
+    if (this.netMonitor) {
+      this.netMonitor.destroy();
+      this.netMonitor = null;
+    }
+  },
+}; // NetworkMonitorManager.prototype
+
+
+/**
+ * A WebProgressListener that listens for location changes.
+ *
+ * This progress listener is used to track file loads and other kinds of
+ * location changes.
+ *
+ * @constructor
+ * @param object aWindow
+ *        The window for which we need to track location changes.
+ * @param object aOwner
+ *        The listener owner which needs to implement two methods:
+ *        - onFileActivity(aFileURI)
+ *        - onLocationChange(aState, aTabURI, aPageTitle)
+ */
+function ConsoleProgressListener(aWindow, aOwner)
+{
+  this.window = aWindow;
+  this.owner = aOwner;
+}
+exports.ConsoleProgressListener = ConsoleProgressListener;
+
+ConsoleProgressListener.prototype = {
+  /**
+   * Constant used for startMonitor()/stopMonitor() that tells you want to
+   * monitor file loads.
+   */
+  MONITOR_FILE_ACTIVITY: 1,
+
+  /**
+   * Constant used for startMonitor()/stopMonitor() that tells you want to
+   * monitor page location changes.
+   */
+  MONITOR_LOCATION_CHANGE: 2,
+
+  /**
+   * Tells if you want to monitor file activity.
+   * @private
+   * @type boolean
+   */
+  _fileActivity: false,
+
+  /**
+   * Tells if you want to monitor location changes.
+   * @private
+   * @type boolean
+   */
+  _locationChange: false,
+
+  /**
+   * Tells if the console progress listener is initialized or not.
+   * @private
+   * @type boolean
+   */
+  _initialized: false,
+
+  _webProgress: null,
+
+  QueryInterface: XPCOMUtils.generateQI([Ci.nsIWebProgressListener,
+                                         Ci.nsISupportsWeakReference]),
+
+  /**
+   * Initialize the ConsoleProgressListener.
+   * @private
+   */
+  _init: function CPL__init()
+  {
+    if (this._initialized) {
+      return;
+    }
+
+    this._webProgress = this.window.QueryInterface(Ci.nsIInterfaceRequestor)
+                        .getInterface(Ci.nsIWebNavigation)
+                        .QueryInterface(Ci.nsIWebProgress);
+    this._webProgress.addProgressListener(this,
+                                          Ci.nsIWebProgress.NOTIFY_STATE_ALL);
+
+    this._initialized = true;
+  },
+
+  /**
+   * Start a monitor/tracker related to the current nsIWebProgressListener
+   * instance.
+   *
+   * @param number aMonitor
+   *        Tells what you want to track. Available constants:
+   *        - this.MONITOR_FILE_ACTIVITY
+   *          Track file loads.
+   *        - this.MONITOR_LOCATION_CHANGE
+   *          Track location changes for the top window.
+   */
+  startMonitor: function CPL_startMonitor(aMonitor)
+  {
+    switch (aMonitor) {
+      case this.MONITOR_FILE_ACTIVITY:
+        this._fileActivity = true;
+        break;
+      case this.MONITOR_LOCATION_CHANGE:
+        this._locationChange = true;
+        break;
+      default:
+        throw new Error("ConsoleProgressListener: unknown monitor type " +
+                        aMonitor + "!");
+    }
+    this._init();
+  },
+
+  /**
+   * Stop a monitor.
+   *
+   * @param number aMonitor
+   *        Tells what you want to stop tracking. See this.startMonitor() for
+   *        the list of constants.
+   */
+  stopMonitor: function CPL_stopMonitor(aMonitor)
+  {
+    switch (aMonitor) {
+      case this.MONITOR_FILE_ACTIVITY:
+        this._fileActivity = false;
+        break;
+      case this.MONITOR_LOCATION_CHANGE:
+        this._locationChange = false;
+        break;
+      default:
+        throw new Error("ConsoleProgressListener: unknown monitor type " +
+                        aMonitor + "!");
+    }
+
+    if (!this._fileActivity && !this._locationChange) {
+      this.destroy();
+    }
+  },
+
+  onStateChange:
+  function CPL_onStateChange(aProgress, aRequest, aState, aStatus)
+  {
+    if (!this.owner) {
+      return;
+    }
+
+    if (this._fileActivity) {
+      this._checkFileActivity(aProgress, aRequest, aState, aStatus);
+    }
+
+    if (this._locationChange) {
+      this._checkLocationChange(aProgress, aRequest, aState, aStatus);
+    }
+  },
+
+  /**
+   * Check if there is any file load, given the arguments of
+   * nsIWebProgressListener.onStateChange. If the state change tells that a file
+   * URI has been loaded, then the remote Web Console instance is notified.
+   * @private
+   */
+  _checkFileActivity:
+  function CPL__checkFileActivity(aProgress, aRequest, aState, aStatus)
+  {
+    if (!(aState & Ci.nsIWebProgressListener.STATE_START)) {
+      return;
+    }
+
+    let uri = null;
+    if (aRequest instanceof Ci.imgIRequest) {
+      let imgIRequest = aRequest.QueryInterface(Ci.imgIRequest);
+      uri = imgIRequest.URI;
+    }
+    else if (aRequest instanceof Ci.nsIChannel) {
+      let nsIChannel = aRequest.QueryInterface(Ci.nsIChannel);
+      uri = nsIChannel.URI;
+    }
+
+    if (!uri || !uri.schemeIs("file") && !uri.schemeIs("ftp")) {
+      return;
+    }
+
+    this.owner.onFileActivity(uri.spec);
+  },
+
+  /**
+   * Check if the current window.top location is changing, given the arguments
+   * of nsIWebProgressListener.onStateChange. If that is the case, the remote
+   * Web Console instance is notified.
+   * @private
+   */
+  _checkLocationChange:
+  function CPL__checkLocationChange(aProgress, aRequest, aState, aStatus)
+  {
+    let isStart = aState & Ci.nsIWebProgressListener.STATE_START;
+    let isStop = aState & Ci.nsIWebProgressListener.STATE_STOP;
+    let isNetwork = aState & Ci.nsIWebProgressListener.STATE_IS_NETWORK;
+    let isWindow = aState & Ci.nsIWebProgressListener.STATE_IS_WINDOW;
+
+    // Skip non-interesting states.
+    if (!isNetwork || !isWindow || aProgress.DOMWindow != this.window) {
+      return;
+    }
+
+    if (isStart && aRequest instanceof Ci.nsIChannel) {
+      this.owner.onLocationChange("start", aRequest.URI.spec, "");
+    }
+    else if (isStop) {
+      this.owner.onLocationChange("stop", this.window.location.href,
+                                  this.window.document.title);
+    }
+  },
+
+  onLocationChange: function() {},
+  onStatusChange: function() {},
+  onProgressChange: function() {},
+  onSecurityChange: function() {},
+
+  /**
+   * Destroy the ConsoleProgressListener.
+   */
+  destroy: function CPL_destroy()
+  {
+    if (!this._initialized) {
+      return;
+    }
+
+    this._initialized = false;
+    this._fileActivity = false;
+    this._locationChange = false;
+
+    try {
+      this._webProgress.removeProgressListener(this);
+    }
+    catch (ex) {
+      // This can throw during browser shutdown.
+    }
+
+    this._webProgress = null;
+    this.window = null;
+    this.owner = null;
+  },
+}; // ConsoleProgressListener.prototype
+
+function gSequenceId() { return gSequenceId.n++; }
+gSequenceId.n = 1;
diff --git a/toolkit/devtools/webconsole/utils.js b/toolkit/devtools/webconsole/utils.js
index 1c433567e4b5..421b0c6df50e 100644
--- a/toolkit/devtools/webconsole/utils.js
+++ b/toolkit/devtools/webconsole/utils.js
@@ -10,14 +10,8 @@ const {Cc, Ci, Cu, components} = require("chrome");
 
 Cu.import("resource://gre/modules/XPCOMUtils.jsm");
 
-loader.lazyGetter(this, "NetworkHelper", () => require("devtools/toolkit/webconsole/network-helper"));
 loader.lazyImporter(this, "Services", "resource://gre/modules/Services.jsm");
-loader.lazyImporter(this, "NetUtil", "resource://gre/modules/NetUtil.jsm");
-loader.lazyImporter(this, "PrivateBrowsingUtils", "resource://gre/modules/PrivateBrowsingUtils.jsm");
 loader.lazyImporter(this, "LayoutHelpers", "resource://gre/modules/devtools/LayoutHelpers.jsm");
-loader.lazyServiceGetter(this, "gActivityDistributor",
-                         "@mozilla.org/network/http-activity-distributor;1",
-                         "nsIHttpActivityDistributor");
 
 // TODO: Bug 842672 - toolkit/ imports modules from browser/.
 // Note that these are only used in JSTermHelpers, see $0 and pprint().
@@ -1677,1157 +1671,6 @@ function JSTermHelpers(aOwner)
 }
 exports.JSTermHelpers = JSTermHelpers;
 
-(function(WCU) {
-///////////////////////////////////////////////////////////////////////////////
-// Network logging
-///////////////////////////////////////////////////////////////////////////////
-
-// The maximum uint32 value.
-const PR_UINT32_MAX = 4294967295;
-
-// HTTP status codes.
-const HTTP_MOVED_PERMANENTLY = 301;
-const HTTP_FOUND = 302;
-const HTTP_SEE_OTHER = 303;
-const HTTP_TEMPORARY_REDIRECT = 307;
-
-// The maximum number of bytes a NetworkResponseListener can hold.
-const RESPONSE_BODY_LIMIT = 1048576; // 1 MB
-
-/**
- * The network response listener implements the nsIStreamListener and
- * nsIRequestObserver interfaces. This is used within the NetworkMonitor feature
- * to get the response body of the request.
- *
- * The code is mostly based on code listings from:
- *
- *   http://www.softwareishard.com/blog/firebug/
- *      nsitraceablechannel-intercept-http-traffic/
- *
- * @constructor
- * @param object aOwner
- *        The response listener owner. This object needs to hold the
- *        |openResponses| object.
- * @param object aHttpActivity
- *        HttpActivity object associated with this request. See NetworkMonitor
- *        for more information.
- */
-function NetworkResponseListener(aOwner, aHttpActivity)
-{
-  this.owner = aOwner;
-  this.receivedData = "";
-  this.httpActivity = aHttpActivity;
-  this.bodySize = 0;
-}
-
-NetworkResponseListener.prototype = {
-  QueryInterface:
-    XPCOMUtils.generateQI([Ci.nsIStreamListener, Ci.nsIInputStreamCallback,
-                           Ci.nsIRequestObserver, Ci.nsISupports]),
-
-  /**
-   * This NetworkResponseListener tracks the NetworkMonitor.openResponses object
-   * to find the associated uncached headers.
-   * @private
-   */
-  _foundOpenResponse: false,
-
-  /**
-   * The response listener owner.
-   */
-  owner: null,
-
-  /**
-   * The response will be written into the outputStream of this nsIPipe.
-   * Both ends of the pipe must be blocking.
-   */
-  sink: null,
-
-  /**
-   * The HttpActivity object associated with this response.
-   */
-  httpActivity: null,
-
-  /**
-   * Stores the received data as a string.
-   */
-  receivedData: null,
-
-  /**
-   * The network response body size.
-   */
-  bodySize: null,
-
-  /**
-   * The nsIRequest we are started for.
-   */
-  request: null,
-
-  /**
-   * Set the async listener for the given nsIAsyncInputStream. This allows us to
-   * wait asynchronously for any data coming from the stream.
-   *
-   * @param nsIAsyncInputStream aStream
-   *        The input stream from where we are waiting for data to come in.
-   * @param nsIInputStreamCallback aListener
-   *        The input stream callback you want. This is an object that must have
-   *        the onInputStreamReady() method. If the argument is null, then the
-   *        current callback is removed.
-   * @return void
-   */
-  setAsyncListener: function NRL_setAsyncListener(aStream, aListener)
-  {
-    // Asynchronously wait for the stream to be readable or closed.
-    aStream.asyncWait(aListener, 0, 0, Services.tm.mainThread);
-  },
-
-  /**
-   * Stores the received data, if request/response body logging is enabled. It
-   * also does limit the number of stored bytes, based on the
-   * RESPONSE_BODY_LIMIT constant.
-   *
-   * Learn more about nsIStreamListener at:
-   * https://developer.mozilla.org/en/XPCOM_Interface_Reference/nsIStreamListener
-   *
-   * @param nsIRequest aRequest
-   * @param nsISupports aContext
-   * @param nsIInputStream aInputStream
-   * @param unsigned long aOffset
-   * @param unsigned long aCount
-   */
-  onDataAvailable:
-  function NRL_onDataAvailable(aRequest, aContext, aInputStream, aOffset, aCount)
-  {
-    this._findOpenResponse();
-    let data = NetUtil.readInputStreamToString(aInputStream, aCount);
-
-    this.bodySize += aCount;
-
-    if (!this.httpActivity.discardResponseBody &&
-        this.receivedData.length < RESPONSE_BODY_LIMIT) {
-      this.receivedData += NetworkHelper.
-                           convertToUnicode(data, aRequest.contentCharset);
-    }
-  },
-
-  /**
-   * See documentation at
-   * https://developer.mozilla.org/En/NsIRequestObserver
-   *
-   * @param nsIRequest aRequest
-   * @param nsISupports aContext
-   */
-  onStartRequest: function NRL_onStartRequest(aRequest)
-  {
-    this.request = aRequest;
-    this._findOpenResponse();
-    // Asynchronously wait for the data coming from the request.
-    this.setAsyncListener(this.sink.inputStream, this);
-  },
-
-  /**
-   * Handle the onStopRequest by closing the sink output stream.
-   *
-   * For more documentation about nsIRequestObserver go to:
-   * https://developer.mozilla.org/En/NsIRequestObserver
-   */
-  onStopRequest: function NRL_onStopRequest()
-  {
-    this._findOpenResponse();
-    this.sink.outputStream.close();
-  },
-
-  /**
-   * Find the open response object associated to the current request. The
-   * NetworkMonitor._httpResponseExaminer() method saves the response headers in
-   * NetworkMonitor.openResponses. This method takes the data from the open
-   * response object and puts it into the HTTP activity object, then sends it to
-   * the remote Web Console instance.
-   *
-   * @private
-   */
-  _findOpenResponse: function NRL__findOpenResponse()
-  {
-    if (!this.owner || this._foundOpenResponse) {
-      return;
-    }
-
-    let openResponse = null;
-
-    for each (let item in this.owner.openResponses) {
-      if (item.channel === this.httpActivity.channel) {
-        openResponse = item;
-        break;
-      }
-    }
-
-    if (!openResponse) {
-      return;
-    }
-    this._foundOpenResponse = true;
-
-    delete this.owner.openResponses[openResponse.id];
-
-    this.httpActivity.owner.addResponseHeaders(openResponse.headers);
-    this.httpActivity.owner.addResponseCookies(openResponse.cookies);
-  },
-
-  /**
-   * Clean up the response listener once the response input stream is closed.
-   * This is called from onStopRequest() or from onInputStreamReady() when the
-   * stream is closed.
-   * @return void
-   */
-  onStreamClose: function NRL_onStreamClose()
-  {
-    if (!this.httpActivity) {
-      return;
-    }
-    // Remove our listener from the request input stream.
-    this.setAsyncListener(this.sink.inputStream, null);
-
-    this._findOpenResponse();
-
-    if (!this.httpActivity.discardResponseBody && this.receivedData.length) {
-      this._onComplete(this.receivedData);
-    }
-    else if (!this.httpActivity.discardResponseBody &&
-             this.httpActivity.responseStatus == 304) {
-      // Response is cached, so we load it from cache.
-      let charset = this.request.contentCharset || this.httpActivity.charset;
-      NetworkHelper.loadFromCache(this.httpActivity.url, charset,
-                                  this._onComplete.bind(this));
-    }
-    else {
-      this._onComplete();
-    }
-  },
-
-  /**
-   * Handler for when the response completes. This function cleans up the
-   * response listener.
-   *
-   * @param string [aData]
-   *        Optional, the received data coming from the response listener or
-   *        from the cache.
-   */
-  _onComplete: function NRL__onComplete(aData)
-  {
-    let response = {
-      mimeType: "",
-      text: aData || "",
-    };
-
-    response.size = response.text.length;
-
-    try {
-      response.mimeType = this.request.contentType;
-    }
-    catch (ex) { }
-
-    if (!response.mimeType || !NetworkHelper.isTextMimeType(response.mimeType)) {
-      response.encoding = "base64";
-      response.text = btoa(response.text);
-    }
-
-    if (response.mimeType && this.request.contentCharset) {
-      response.mimeType += "; charset=" + this.request.contentCharset;
-    }
-
-    this.receivedData = "";
-
-    this.httpActivity.owner.
-      addResponseContent(response, this.httpActivity.discardResponseBody);
-
-    this.httpActivity.channel = null;
-    this.httpActivity.owner = null;
-    this.httpActivity = null;
-    this.sink = null;
-    this.inputStream = null;
-    this.request = null;
-    this.owner = null;
-  },
-
-  /**
-   * The nsIInputStreamCallback for when the request input stream is ready -
-   * either it has more data or it is closed.
-   *
-   * @param nsIAsyncInputStream aStream
-   *        The sink input stream from which data is coming.
-   * @returns void
-   */
-  onInputStreamReady: function NRL_onInputStreamReady(aStream)
-  {
-    if (!(aStream instanceof Ci.nsIAsyncInputStream) || !this.httpActivity) {
-      return;
-    }
-
-    let available = -1;
-    try {
-      // This may throw if the stream is closed normally or due to an error.
-      available = aStream.available();
-    }
-    catch (ex) { }
-
-    if (available != -1) {
-      if (available != 0) {
-        // Note that passing 0 as the offset here is wrong, but the
-        // onDataAvailable() method does not use the offset, so it does not
-        // matter.
-        this.onDataAvailable(this.request, null, aStream, 0, available);
-      }
-      this.setAsyncListener(aStream, this);
-    }
-    else {
-      this.onStreamClose();
-    }
-  },
-};
-
-/**
- * The network monitor uses the nsIHttpActivityDistributor to monitor network
- * requests. The nsIObserverService is also used for monitoring
- * http-on-examine-response notifications. All network request information is
- * routed to the remote Web Console.
- *
- * @constructor
- * @param nsIDOMWindow aWindow
- *        Optional, the window that we monitor network requests for. If no
- *        window is given, all browser network requests are logged.
- * @param object aOwner
- *        The network monitor owner. This object needs to hold:
- *        - onNetworkEvent(aRequestInfo, aChannel). This method is invoked once for
- *        every new network request and it is given two arguments: the initial network
- *        request information, and the channel. onNetworkEvent() must return an object
- *        which holds several add*() methods which are used to add further network
- *        request/response information.
- *        - saveRequestAndResponseBodies property which tells if you want to log
- *        request and response bodies.
- */
-function NetworkMonitor(aWindow, aOwner)
-{
-  this.window = aWindow;
-  this.owner = aOwner;
-  this.openRequests = {};
-  this.openResponses = {};
-  this._httpResponseExaminer = this._httpResponseExaminer.bind(this);
-}
-
-NetworkMonitor.prototype = {
-  httpTransactionCodes: {
-    0x5001: "REQUEST_HEADER",
-    0x5002: "REQUEST_BODY_SENT",
-    0x5003: "RESPONSE_START",
-    0x5004: "RESPONSE_HEADER",
-    0x5005: "RESPONSE_COMPLETE",
-    0x5006: "TRANSACTION_CLOSE",
-
-    0x804b0003: "STATUS_RESOLVING",
-    0x804b000b: "STATUS_RESOLVED",
-    0x804b0007: "STATUS_CONNECTING_TO",
-    0x804b0004: "STATUS_CONNECTED_TO",
-    0x804b0005: "STATUS_SENDING_TO",
-    0x804b000a: "STATUS_WAITING_FOR",
-    0x804b0006: "STATUS_RECEIVING_FROM"
-  },
-
-  // Network response bodies are piped through a buffer of the given size (in
-  // bytes).
-  responsePipeSegmentSize: null,
-
-  owner: null,
-
-  /**
-   * Whether to save the bodies of network requests and responses. Disabled by
-   * default to save memory.
-   */
-  get saveRequestAndResponseBodies()
-    this.owner && this.owner.saveRequestAndResponseBodies,
-
-  /**
-   * Object that holds the HTTP activity objects for ongoing requests.
-   */
-  openRequests: null,
-
-  /**
-   * Object that holds response headers coming from this._httpResponseExaminer.
-   */
-  openResponses: null,
-
-  /**
-   * The network monitor initializer.
-   */
-  init: function NM_init()
-  {
-    this.responsePipeSegmentSize = Services.prefs
-                                   .getIntPref("network.buffer.cache.size");
-
-    gActivityDistributor.addObserver(this);
-
-    if (Services.appinfo.processType != Ci.nsIXULRuntime.PROCESS_TYPE_CONTENT) {
-      Services.obs.addObserver(this._httpResponseExaminer,
-                               "http-on-examine-response", false);
-    }
-  },
-
-  /**
-   * Observe notifications for the http-on-examine-response topic, coming from
-   * the nsIObserverService.
-   *
-   * @private
-   * @param nsIHttpChannel aSubject
-   * @param string aTopic
-   * @returns void
-   */
-  _httpResponseExaminer: function NM__httpResponseExaminer(aSubject, aTopic)
-  {
-    // The httpResponseExaminer is used to retrieve the uncached response
-    // headers. The data retrieved is stored in openResponses. The
-    // NetworkResponseListener is responsible with updating the httpActivity
-    // object with the data from the new object in openResponses.
-
-    if (!this.owner || aTopic != "http-on-examine-response" ||
-        !(aSubject instanceof Ci.nsIHttpChannel)) {
-      return;
-    }
-
-    let channel = aSubject.QueryInterface(Ci.nsIHttpChannel);
-
-    if (this.window) {
-      // Try to get the source window of the request.
-      let win = NetworkHelper.getWindowForRequest(channel);
-      if (!win || win.top !== this.window) {
-        return;
-      }
-    }
-
-    let response = {
-      id: gSequenceId(),
-      channel: channel,
-      headers: [],
-      cookies: [],
-    };
-
-    let setCookieHeader = null;
-
-    channel.visitResponseHeaders({
-      visitHeader: function NM__visitHeader(aName, aValue) {
-        let lowerName = aName.toLowerCase();
-        if (lowerName == "set-cookie") {
-          setCookieHeader = aValue;
-        }
-        response.headers.push({ name: aName, value: aValue });
-      }
-    });
-
-    if (!response.headers.length) {
-      return; // No need to continue.
-    }
-
-    if (setCookieHeader) {
-      response.cookies = NetworkHelper.parseSetCookieHeader(setCookieHeader);
-    }
-
-    // Determine the HTTP version.
-    let httpVersionMaj = {};
-    let httpVersionMin = {};
-
-    channel.QueryInterface(Ci.nsIHttpChannelInternal);
-    channel.getResponseVersion(httpVersionMaj, httpVersionMin);
-
-    response.status = channel.responseStatus;
-    response.statusText = channel.responseStatusText;
-    response.httpVersion = "HTTP/" + httpVersionMaj.value + "." +
-                                     httpVersionMin.value;
-
-    this.openResponses[response.id] = response;
-  },
-
-  /**
-   * Begin observing HTTP traffic that originates inside the current tab.
-   *
-   * @see https://developer.mozilla.org/en/XPCOM_Interface_Reference/nsIHttpActivityObserver
-   *
-   * @param nsIHttpChannel aChannel
-   * @param number aActivityType
-   * @param number aActivitySubtype
-   * @param number aTimestamp
-   * @param number aExtraSizeData
-   * @param string aExtraStringData
-   */
-  observeActivity:
-  function NM_observeActivity(aChannel, aActivityType, aActivitySubtype,
-                              aTimestamp, aExtraSizeData, aExtraStringData)
-  {
-    if (!this.owner ||
-        aActivityType != gActivityDistributor.ACTIVITY_TYPE_HTTP_TRANSACTION &&
-        aActivityType != gActivityDistributor.ACTIVITY_TYPE_SOCKET_TRANSPORT) {
-      return;
-    }
-
-    if (!(aChannel instanceof Ci.nsIHttpChannel)) {
-      return;
-    }
-
-    aChannel = aChannel.QueryInterface(Ci.nsIHttpChannel);
-
-    if (aActivitySubtype ==
-        gActivityDistributor.ACTIVITY_SUBTYPE_REQUEST_HEADER) {
-      this._onRequestHeader(aChannel, aTimestamp, aExtraStringData);
-      return;
-    }
-
-    // Iterate over all currently ongoing requests. If aChannel can't
-    // be found within them, then exit this function.
-    let httpActivity = null;
-    for each (let item in this.openRequests) {
-      if (item.channel === aChannel) {
-        httpActivity = item;
-        break;
-      }
-    }
-
-    if (!httpActivity) {
-      return;
-    }
-
-    let transCodes = this.httpTransactionCodes;
-
-    // Store the time information for this activity subtype.
-    if (aActivitySubtype in transCodes) {
-      let stage = transCodes[aActivitySubtype];
-      if (stage in httpActivity.timings) {
-        httpActivity.timings[stage].last = aTimestamp;
-      }
-      else {
-        httpActivity.timings[stage] = {
-          first: aTimestamp,
-          last: aTimestamp,
-        };
-      }
-    }
-
-    switch (aActivitySubtype) {
-      case gActivityDistributor.ACTIVITY_SUBTYPE_REQUEST_BODY_SENT:
-        this._onRequestBodySent(httpActivity);
-        break;
-      case gActivityDistributor.ACTIVITY_SUBTYPE_RESPONSE_HEADER:
-        this._onResponseHeader(httpActivity, aExtraStringData);
-        break;
-      case gActivityDistributor.ACTIVITY_SUBTYPE_TRANSACTION_CLOSE:
-        this._onTransactionClose(httpActivity);
-        break;
-      default:
-        break;
-    }
-  },
-
-  /**
-   * Handler for ACTIVITY_SUBTYPE_REQUEST_HEADER. When a request starts the
-   * headers are sent to the server. This method creates the |httpActivity|
-   * object where we store the request and response information that is
-   * collected through its lifetime.
-   *
-   * @private
-   * @param nsIHttpChannel aChannel
-   * @param number aTimestamp
-   * @param string aExtraStringData
-   * @return void
-   */
-  _onRequestHeader:
-  function NM__onRequestHeader(aChannel, aTimestamp, aExtraStringData)
-  {
-    let win = NetworkHelper.getWindowForRequest(aChannel);
-
-    // Try to get the source window of the request.
-    if (this.window && (!win || win.top !== this.window)) {
-      return;
-    }
-
-    let httpActivity = this.createActivityObject(aChannel);
-
-    // see NM__onRequestBodySent()
-    httpActivity.charset = win ? win.document.characterSet : null;
-    httpActivity.private = win ? PrivateBrowsingUtils.isWindowPrivate(win) : false;
-
-    httpActivity.timings.REQUEST_HEADER = {
-      first: aTimestamp,
-      last: aTimestamp
-    };
-
-    let httpVersionMaj = {};
-    let httpVersionMin = {};
-    let event = {};
-    event.startedDateTime = new Date(Math.round(aTimestamp / 1000)).toISOString();
-    event.headersSize = aExtraStringData.length;
-    event.method = aChannel.requestMethod;
-    event.url = aChannel.URI.spec;
-    event.private = httpActivity.private;
-
-    // Determine if this is an XHR request.
-    try {
-      let callbacks = aChannel.notificationCallbacks;
-      let xhrRequest = callbacks ? callbacks.getInterface(Ci.nsIXMLHttpRequest) : null;
-      httpActivity.isXHR = event.isXHR = !!xhrRequest;
-    } catch (e) {
-      httpActivity.isXHR = event.isXHR = false;
-    }
-
-    // Determine the HTTP version.
-    aChannel.QueryInterface(Ci.nsIHttpChannelInternal);
-    aChannel.getRequestVersion(httpVersionMaj, httpVersionMin);
-
-    event.httpVersion = "HTTP/" + httpVersionMaj.value + "." +
-                                  httpVersionMin.value;
-
-    event.discardRequestBody = !this.saveRequestAndResponseBodies;
-    event.discardResponseBody = !this.saveRequestAndResponseBodies;
-
-    let headers = [];
-    let cookies = [];
-    let cookieHeader = null;
-
-    // Copy the request header data.
-    aChannel.visitRequestHeaders({
-      visitHeader: function NM__visitHeader(aName, aValue)
-      {
-        if (aName == "Cookie") {
-          cookieHeader = aValue;
-        }
-        headers.push({ name: aName, value: aValue });
-      }
-    });
-
-    if (cookieHeader) {
-      cookies = NetworkHelper.parseCookieHeader(cookieHeader);
-    }
-
-    httpActivity.owner = this.owner.onNetworkEvent(event, aChannel);
-
-    this._setupResponseListener(httpActivity);
-
-    this.openRequests[httpActivity.id] = httpActivity;
-
-    httpActivity.owner.addRequestHeaders(headers);
-    httpActivity.owner.addRequestCookies(cookies);
-  },
-
-  /**
-   * Create the empty HTTP activity object. This object is used for storing all
-   * the request and response information.
-   *
-   * This is a HAR-like object. Conformance to the spec is not guaranteed at
-   * this point.
-   *
-   * TODO: Bug 708717 - Add support for network log export to HAR
-   *
-   * @see http://www.softwareishard.com/blog/har-12-spec
-   * @param nsIHttpChannel aChannel
-   *        The HTTP channel for which the HTTP activity object is created.
-   * @return object
-   *         The new HTTP activity object.
-   */
-  createActivityObject: function NM_createActivityObject(aChannel)
-  {
-    return {
-      id: gSequenceId(),
-      channel: aChannel,
-      charset: null, // see NM__onRequestHeader()
-      url: aChannel.URI.spec,
-      discardRequestBody: !this.saveRequestAndResponseBodies,
-      discardResponseBody: !this.saveRequestAndResponseBodies,
-      timings: {}, // internal timing information, see NM_observeActivity()
-      responseStatus: null, // see NM__onResponseHeader()
-      owner: null, // the activity owner which is notified when changes happen
-    };
-  },
-
-  /**
-   * Setup the network response listener for the given HTTP activity. The
-   * NetworkResponseListener is responsible for storing the response body.
-   *
-   * @private
-   * @param object aHttpActivity
-   *        The HTTP activity object we are tracking.
-   */
-  _setupResponseListener: function NM__setupResponseListener(aHttpActivity)
-  {
-    let channel = aHttpActivity.channel;
-    channel.QueryInterface(Ci.nsITraceableChannel);
-
-    // The response will be written into the outputStream of this pipe.
-    // This allows us to buffer the data we are receiving and read it
-    // asynchronously.
-    // Both ends of the pipe must be blocking.
-    let sink = Cc["@mozilla.org/pipe;1"].createInstance(Ci.nsIPipe);
-
-    // The streams need to be blocking because this is required by the
-    // stream tee.
-    sink.init(false, false, this.responsePipeSegmentSize, PR_UINT32_MAX, null);
-
-    // Add listener for the response body.
-    let newListener = new NetworkResponseListener(this, aHttpActivity);
-
-    // Remember the input stream, so it isn't released by GC.
-    newListener.inputStream = sink.inputStream;
-    newListener.sink = sink;
-
-    let tee = Cc["@mozilla.org/network/stream-listener-tee;1"].
-              createInstance(Ci.nsIStreamListenerTee);
-
-    let originalListener = channel.setNewListener(tee);
-
-    tee.init(originalListener, sink.outputStream, newListener);
-  },
-
-  /**
-   * Handler for ACTIVITY_SUBTYPE_REQUEST_BODY_SENT. The request body is logged
-   * here.
-   *
-   * @private
-   * @param object aHttpActivity
-   *        The HTTP activity object we are working with.
-   */
-  _onRequestBodySent: function NM__onRequestBodySent(aHttpActivity)
-  {
-    if (aHttpActivity.discardRequestBody) {
-      return;
-    }
-
-    let sentBody = NetworkHelper.
-                   readPostTextFromRequest(aHttpActivity.channel,
-                                           aHttpActivity.charset);
-
-    if (!sentBody && this.window &&
-        aHttpActivity.url == this.window.location.href) {
-      // If the request URL is the same as the current page URL, then
-      // we can try to get the posted text from the page directly.
-      // This check is necessary as otherwise the
-      //   NetworkHelper.readPostTextFromPageViaWebNav()
-      // function is called for image requests as well but these
-      // are not web pages and as such don't store the posted text
-      // in the cache of the webpage.
-      let webNav = this.window.QueryInterface(Ci.nsIInterfaceRequestor).
-                   getInterface(Ci.nsIWebNavigation);
-      sentBody = NetworkHelper.
-                 readPostTextFromPageViaWebNav(webNav, aHttpActivity.charset);
-    }
-
-    if (sentBody) {
-      aHttpActivity.owner.addRequestPostData({ text: sentBody });
-    }
-  },
-
-  /**
-   * Handler for ACTIVITY_SUBTYPE_RESPONSE_HEADER. This method stores
-   * information about the response headers.
-   *
-   * @private
-   * @param object aHttpActivity
-   *        The HTTP activity object we are working with.
-   * @param string aExtraStringData
-   *        The uncached response headers.
-   */
-  _onResponseHeader:
-  function NM__onResponseHeader(aHttpActivity, aExtraStringData)
-  {
-    // aExtraStringData contains the uncached response headers. The first line
-    // contains the response status (e.g. HTTP/1.1 200 OK).
-    //
-    // Note: The response header is not saved here. Calling the
-    // channel.visitResponseHeaders() methood at this point sometimes causes an
-    // NS_ERROR_NOT_AVAILABLE exception.
-    //
-    // We could parse aExtraStringData to get the headers and their values, but
-    // that is not trivial to do in an accurate manner. Hence, we save the
-    // response headers in this._httpResponseExaminer().
-
-    let headers = aExtraStringData.split(/\r\n|\n|\r/);
-    let statusLine = headers.shift();
-    let statusLineArray = statusLine.split(" ");
-
-    let response = {};
-    response.httpVersion = statusLineArray.shift();
-    response.status = statusLineArray.shift();
-    response.statusText = statusLineArray.join(" ");
-    response.headersSize = aExtraStringData.length;
-
-    aHttpActivity.responseStatus = response.status;
-
-    // Discard the response body for known response statuses.
-    switch (parseInt(response.status)) {
-      case HTTP_MOVED_PERMANENTLY:
-      case HTTP_FOUND:
-      case HTTP_SEE_OTHER:
-      case HTTP_TEMPORARY_REDIRECT:
-        aHttpActivity.discardResponseBody = true;
-        break;
-    }
-
-    response.discardResponseBody = aHttpActivity.discardResponseBody;
-
-    aHttpActivity.owner.addResponseStart(response);
-  },
-
-  /**
-   * Handler for ACTIVITY_SUBTYPE_TRANSACTION_CLOSE. This method updates the HAR
-   * timing information on the HTTP activity object and clears the request
-   * from the list of known open requests.
-   *
-   * @private
-   * @param object aHttpActivity
-   *        The HTTP activity object we work with.
-   */
-  _onTransactionClose: function NM__onTransactionClose(aHttpActivity)
-  {
-    let result = this._setupHarTimings(aHttpActivity);
-    aHttpActivity.owner.addEventTimings(result.total, result.timings);
-    delete this.openRequests[aHttpActivity.id];
-  },
-
-  /**
-   * Update the HTTP activity object to include timing information as in the HAR
-   * spec. The HTTP activity object holds the raw timing information in
-   * |timings| - these are timings stored for each activity notification. The
-   * HAR timing information is constructed based on these lower level data.
-   *
-   * @param object aHttpActivity
-   *        The HTTP activity object we are working with.
-   * @return object
-   *         This object holds two properties:
-   *         - total - the total time for all of the request and response.
-   *         - timings - the HAR timings object.
-   */
-  _setupHarTimings: function NM__setupHarTimings(aHttpActivity)
-  {
-    let timings = aHttpActivity.timings;
-    let harTimings = {};
-
-    // Not clear how we can determine "blocked" time.
-    harTimings.blocked = -1;
-
-    // DNS timing information is available only in when the DNS record is not
-    // cached.
-    harTimings.dns = timings.STATUS_RESOLVING && timings.STATUS_RESOLVED ?
-                     timings.STATUS_RESOLVED.last -
-                     timings.STATUS_RESOLVING.first : -1;
-
-    if (timings.STATUS_CONNECTING_TO && timings.STATUS_CONNECTED_TO) {
-      harTimings.connect = timings.STATUS_CONNECTED_TO.last -
-                           timings.STATUS_CONNECTING_TO.first;
-    }
-    else if (timings.STATUS_SENDING_TO) {
-      harTimings.connect = timings.STATUS_SENDING_TO.first -
-                           timings.REQUEST_HEADER.first;
-    }
-    else {
-      harTimings.connect = -1;
-    }
-
-    if ((timings.STATUS_WAITING_FOR || timings.STATUS_RECEIVING_FROM) &&
-        (timings.STATUS_CONNECTED_TO || timings.STATUS_SENDING_TO)) {
-      harTimings.send = (timings.STATUS_WAITING_FOR ||
-                         timings.STATUS_RECEIVING_FROM).first -
-                        (timings.STATUS_CONNECTED_TO ||
-                         timings.STATUS_SENDING_TO).last;
-    }
-    else {
-      harTimings.send = -1;
-    }
-
-    if (timings.RESPONSE_START) {
-      harTimings.wait = timings.RESPONSE_START.first -
-                        (timings.REQUEST_BODY_SENT ||
-                         timings.STATUS_SENDING_TO).last;
-    }
-    else {
-      harTimings.wait = -1;
-    }
-
-    if (timings.RESPONSE_START && timings.RESPONSE_COMPLETE) {
-      harTimings.receive = timings.RESPONSE_COMPLETE.last -
-                           timings.RESPONSE_START.first;
-    }
-    else {
-      harTimings.receive = -1;
-    }
-
-    let totalTime = 0;
-    for (let timing in harTimings) {
-      let time = Math.max(Math.round(harTimings[timing] / 1000), -1);
-      harTimings[timing] = time;
-      if (time > -1) {
-        totalTime += time;
-      }
-    }
-
-    return {
-      total: totalTime,
-      timings: harTimings,
-    };
-  },
-
-  /**
-   * Suspend Web Console activity. This is called when all Web Consoles are
-   * closed.
-   */
-  destroy: function NM_destroy()
-  {
-    if (Services.appinfo.processType != Ci.nsIXULRuntime.PROCESS_TYPE_CONTENT) {
-      Services.obs.removeObserver(this._httpResponseExaminer,
-                                  "http-on-examine-response");
-    }
-
-    gActivityDistributor.removeObserver(this);
-
-    this.openRequests = {};
-    this.openResponses = {};
-    this.owner = null;
-    this.window = null;
-  },
-};
-
-exports.NetworkMonitor = NetworkMonitor;
-exports.NetworkResponseListener = NetworkResponseListener;
-})(WebConsoleUtils);
-
-/**
- * A WebProgressListener that listens for location changes.
- *
- * This progress listener is used to track file loads and other kinds of
- * location changes.
- *
- * @constructor
- * @param object aWindow
- *        The window for which we need to track location changes.
- * @param object aOwner
- *        The listener owner which needs to implement two methods:
- *        - onFileActivity(aFileURI)
- *        - onLocationChange(aState, aTabURI, aPageTitle)
- */
-function ConsoleProgressListener(aWindow, aOwner)
-{
-  this.window = aWindow;
-  this.owner = aOwner;
-}
-exports.ConsoleProgressListener = ConsoleProgressListener;
-
-ConsoleProgressListener.prototype = {
-  /**
-   * Constant used for startMonitor()/stopMonitor() that tells you want to
-   * monitor file loads.
-   */
-  MONITOR_FILE_ACTIVITY: 1,
-
-  /**
-   * Constant used for startMonitor()/stopMonitor() that tells you want to
-   * monitor page location changes.
-   */
-  MONITOR_LOCATION_CHANGE: 2,
-
-  /**
-   * Tells if you want to monitor file activity.
-   * @private
-   * @type boolean
-   */
-  _fileActivity: false,
-
-  /**
-   * Tells if you want to monitor location changes.
-   * @private
-   * @type boolean
-   */
-  _locationChange: false,
-
-  /**
-   * Tells if the console progress listener is initialized or not.
-   * @private
-   * @type boolean
-   */
-  _initialized: false,
-
-  _webProgress: null,
-
-  QueryInterface: XPCOMUtils.generateQI([Ci.nsIWebProgressListener,
-                                         Ci.nsISupportsWeakReference]),
-
-  /**
-   * Initialize the ConsoleProgressListener.
-   * @private
-   */
-  _init: function CPL__init()
-  {
-    if (this._initialized) {
-      return;
-    }
-
-    this._webProgress = this.window.QueryInterface(Ci.nsIInterfaceRequestor)
-                        .getInterface(Ci.nsIWebNavigation)
-                        .QueryInterface(Ci.nsIWebProgress);
-    this._webProgress.addProgressListener(this,
-                                          Ci.nsIWebProgress.NOTIFY_STATE_ALL);
-
-    this._initialized = true;
-  },
-
-  /**
-   * Start a monitor/tracker related to the current nsIWebProgressListener
-   * instance.
-   *
-   * @param number aMonitor
-   *        Tells what you want to track. Available constants:
-   *        - this.MONITOR_FILE_ACTIVITY
-   *          Track file loads.
-   *        - this.MONITOR_LOCATION_CHANGE
-   *          Track location changes for the top window.
-   */
-  startMonitor: function CPL_startMonitor(aMonitor)
-  {
-    switch (aMonitor) {
-      case this.MONITOR_FILE_ACTIVITY:
-        this._fileActivity = true;
-        break;
-      case this.MONITOR_LOCATION_CHANGE:
-        this._locationChange = true;
-        break;
-      default:
-        throw new Error("ConsoleProgressListener: unknown monitor type " +
-                        aMonitor + "!");
-    }
-    this._init();
-  },
-
-  /**
-   * Stop a monitor.
-   *
-   * @param number aMonitor
-   *        Tells what you want to stop tracking. See this.startMonitor() for
-   *        the list of constants.
-   */
-  stopMonitor: function CPL_stopMonitor(aMonitor)
-  {
-    switch (aMonitor) {
-      case this.MONITOR_FILE_ACTIVITY:
-        this._fileActivity = false;
-        break;
-      case this.MONITOR_LOCATION_CHANGE:
-        this._locationChange = false;
-        break;
-      default:
-        throw new Error("ConsoleProgressListener: unknown monitor type " +
-                        aMonitor + "!");
-    }
-
-    if (!this._fileActivity && !this._locationChange) {
-      this.destroy();
-    }
-  },
-
-  onStateChange:
-  function CPL_onStateChange(aProgress, aRequest, aState, aStatus)
-  {
-    if (!this.owner) {
-      return;
-    }
-
-    if (this._fileActivity) {
-      this._checkFileActivity(aProgress, aRequest, aState, aStatus);
-    }
-
-    if (this._locationChange) {
-      this._checkLocationChange(aProgress, aRequest, aState, aStatus);
-    }
-  },
-
-  /**
-   * Check if there is any file load, given the arguments of
-   * nsIWebProgressListener.onStateChange. If the state change tells that a file
-   * URI has been loaded, then the remote Web Console instance is notified.
-   * @private
-   */
-  _checkFileActivity:
-  function CPL__checkFileActivity(aProgress, aRequest, aState, aStatus)
-  {
-    if (!(aState & Ci.nsIWebProgressListener.STATE_START)) {
-      return;
-    }
-
-    let uri = null;
-    if (aRequest instanceof Ci.imgIRequest) {
-      let imgIRequest = aRequest.QueryInterface(Ci.imgIRequest);
-      uri = imgIRequest.URI;
-    }
-    else if (aRequest instanceof Ci.nsIChannel) {
-      let nsIChannel = aRequest.QueryInterface(Ci.nsIChannel);
-      uri = nsIChannel.URI;
-    }
-
-    if (!uri || !uri.schemeIs("file") && !uri.schemeIs("ftp")) {
-      return;
-    }
-
-    this.owner.onFileActivity(uri.spec);
-  },
-
-  /**
-   * Check if the current window.top location is changing, given the arguments
-   * of nsIWebProgressListener.onStateChange. If that is the case, the remote
-   * Web Console instance is notified.
-   * @private
-   */
-  _checkLocationChange:
-  function CPL__checkLocationChange(aProgress, aRequest, aState, aStatus)
-  {
-    let isStart = aState & Ci.nsIWebProgressListener.STATE_START;
-    let isStop = aState & Ci.nsIWebProgressListener.STATE_STOP;
-    let isNetwork = aState & Ci.nsIWebProgressListener.STATE_IS_NETWORK;
-    let isWindow = aState & Ci.nsIWebProgressListener.STATE_IS_WINDOW;
-
-    // Skip non-interesting states.
-    if (!isNetwork || !isWindow || aProgress.DOMWindow != this.window) {
-      return;
-    }
-
-    if (isStart && aRequest instanceof Ci.nsIChannel) {
-      this.owner.onLocationChange("start", aRequest.URI.spec, "");
-    }
-    else if (isStop) {
-      this.owner.onLocationChange("stop", this.window.location.href,
-                                  this.window.document.title);
-    }
-  },
-
-  onLocationChange: function() {},
-  onStatusChange: function() {},
-  onProgressChange: function() {},
-  onSecurityChange: function() {},
-
-  /**
-   * Destroy the ConsoleProgressListener.
-   */
-  destroy: function CPL_destroy()
-  {
-    if (!this._initialized) {
-      return;
-    }
-
-    this._initialized = false;
-    this._fileActivity = false;
-    this._locationChange = false;
-
-    try {
-      this._webProgress.removeProgressListener(this);
-    }
-    catch (ex) {
-      // This can throw during browser shutdown.
-    }
-
-    this._webProgress = null;
-    this.window = null;
-    this.owner = null;
-  },
-};
-
 
 /**
  * A ReflowObserver that listens for reflow events from the page.