Bug 1320404 - Remove appId from origin attributes - part 1 - OriginAttributes and nsIPrincipal, r=Ehsan,flod

Differential Revision: https://phabricator.services.mozilla.com/D29353

--HG--
extra : moz-landing-system : lando

browser/base/content/test/caps/browser_principalSerialization_version1.js

@@ -113,7 +113,6 @@ add_task(async function test_realHistoryCheck() {
       "output": {
         "URI": false,
         "originAttributes": {
-          "appId": 0,
           "firstPartyDomain": "",
           "inIsolatedMozBrowser": false,
           "privateBrowsingId": 0,
@@ -128,7 +127,6 @@ add_task(async function test_realHistoryCheck() {
         "cspJSON": "{\"csp-policies\":[{\"child-src\":[\"https://www.googletagmanager.com\",\"https://www.google-analytics.com\",\"https://www.youtube-nocookie.com\",\"https://trackertest.org\",\"https://www.surveygizmo.com\",\"https://accounts.firefox.com\",\"https://accounts.firefox.com.cn\",\"https://www.youtube.com\"],\"connect-src\":[\"'self'\",\"https://*.mozilla.net\",\"https://*.mozilla.org\",\"https://*.mozilla.com\",\"https://www.googletagmanager.com\",\"https://www.google-analytics.com\",\"https://accounts.firefox.com/\",\"https://accounts.firefox.com.cn/\"],\"default-src\":[\"'self'\",\"https://*.mozilla.net\",\"https://*.mozilla.org\",\"https://*.mozilla.com\"],\"frame-src\":[\"https://www.googletagmanager.com\",\"https://www.google-analytics.com\",\"https://www.youtube-nocookie.com\",\"https://trackertest.org\",\"https://www.surveygizmo.com\",\"https://accounts.firefox.com\",\"https://accounts.firefox.com.cn\",\"https://www.youtube.com\"],\"img-src\":[\"'self'\",\"https://*.mozilla.net\",\"https://*.mozilla.org\",\"https://*.mozilla.com\",\"data:\",\"https://mozilla.org\",\"https://www.googletagmanager.com\",\"https://www.google-analytics.com\",\"https://adservice.google.com\",\"https://adservice.google.de\",\"https://adservice.google.dk\",\"https://creativecommons.org\",\"https://ad.doubleclick.net\"],\"report-only\":false,\"script-src\":[\"'self'\",\"https://*.mozilla.net\",\"https://*.mozilla.org\",\"https://*.mozilla.com\",\"'unsafe-inline'\",\"'unsafe-eval'\",\"https://www.googletagmanager.com\",\"https://www.google-analytics.com\",\"https://tagmanager.google.com\",\"https://www.youtube.com\",\"https://s.ytimg.com\"],\"style-src\":[\"'self'\",\"https://*.mozilla.net\",\"https://*.mozilla.org\",\"https://*.mozilla.com\",\"'unsafe-inline'\"]}]}",
         "URISpec": "https://www.mozilla.org/en-US/",
         "originAttributes": {
-          "appId": 0,
           "firstPartyDomain": "",
           "inIsolatedMozBrowser": false,
           "privateBrowsingId": 0,
@@ -141,7 +139,6 @@ add_task(async function test_realHistoryCheck() {
       "output": {
         "URISpec": "https://www.mozilla.org/en-US/firefox/accounts/",
         "originAttributes": {
-          "appId": 0,
           "firstPartyDomain": "",
           "inIsolatedMozBrowser": false,
           "privateBrowsingId": 0,
@@ -155,7 +152,6 @@ add_task(async function test_realHistoryCheck() {
       "output": {
         "URISpec": "https://developer.mozilla.org/en-US/?utm_source=www.mozilla.org&utm_medium=referral&utm_campaign=nav&utm_content=developers",
         "originAttributes": {
-          "appId": 0,
           "firstPartyDomain": "",
           "inIsolatedMozBrowser": false,
           "privateBrowsingId": 0,
@@ -169,7 +165,6 @@ add_task(async function test_realHistoryCheck() {
       "output": {
         "URI": false,
         "originAttributes": {
-          "appId": 0,
           "firstPartyDomain": "",
           "inIsolatedMozBrowser": false,
           "privateBrowsingId": 0,
@@ -183,7 +178,6 @@ add_task(async function test_realHistoryCheck() {
       "output": {
         "URISpec": "moz-nullprincipal:{045ca18d-436c-4744-bbb6-b1a15366df79}",
         "originAttributes": {
-          "appId": 0,
           "firstPartyDomain": "",
           "inIsolatedMozBrowser": false,
           "privateBrowsingId": 0,

browser/components/sessionstore/test/browser_restore_cookies_noOriginAttributes.js

@@ -107,7 +107,6 @@ const SESSION_DATA_OA = JSON.stringify(
       name: "test1",
       originAttributes: {
         addonId: "",
-        appId: 0,
         inIsolatedMozBrowser: false,
         userContextId: 0,
       },

caps/BasePrincipal.cpp

@@ -293,18 +293,6 @@ BasePrincipal::GetOriginSuffix(nsACString& aOriginAttributes) {
   return NS_OK;
 }
 
-NS_IMETHODIMP
-BasePrincipal::GetAppId(uint32_t* aAppId) {
-  if (AppId() == nsIScriptSecurityManager::UNKNOWN_APP_ID) {
-    MOZ_ASSERT(false);
-    *aAppId = nsIScriptSecurityManager::NO_APP_ID;
-    return NS_OK;
-  }
-
-  *aAppId = AppId();
-  return NS_OK;
-}
-
 NS_IMETHODIMP
 BasePrincipal::GetUserContextId(uint32_t* aUserContextId) {
   *aUserContextId = UserContextId();

caps/BasePrincipal.h

@@ -122,7 +122,6 @@ class BasePrincipal : public nsJSPrincipals {
   NS_IMETHOD GetOriginAttributes(JSContext* aCx,
                                  JS::MutableHandle<JS::Value> aVal) final;
   NS_IMETHOD GetOriginSuffix(nsACString& aOriginSuffix) final;
-  NS_IMETHOD GetAppId(uint32_t* aAppId) final;
   NS_IMETHOD GetIsInIsolatedMozBrowserElement(
       bool* aIsInIsolatedMozBrowserElement) final;
   NS_IMETHOD GetUserContextId(uint32_t* aUserContextId) final;
@@ -154,7 +153,6 @@ class BasePrincipal : public nsJSPrincipals {
   const OriginAttributes& OriginAttributesRef() final {
     return mOriginAttributes;
   }
-  uint32_t AppId() const { return mOriginAttributes.mAppId; }
   extensions::WebExtensionPolicy* AddonPolicy();
   uint32_t UserContextId() const { return mOriginAttributes.mUserContextId; }
   uint32_t PrivateBrowsingId() const {

caps/OriginAttributes.cpp

@@ -133,11 +133,6 @@ void OriginAttributes::CreateSuffix(nsACString& aStr) const {
   // naming.
   //
 
-  if (mAppId != nsIScriptSecurityManager::NO_APP_ID) {
-    value.AppendInt(mAppId);
-    params.Set(NS_LITERAL_STRING("appId"), value);
-  }
-
   if (mInIsolatedMozBrowser) {
     params.Set(NS_LITERAL_STRING("inBrowser"), NS_LITERAL_STRING("1"));
   }
@@ -207,16 +202,6 @@ class MOZ_STACK_CLASS PopulateFromSuffixIterator final
 
   bool URLParamsIterator(const nsAString& aName,
                          const nsAString& aValue) override {
-    if (aName.EqualsLiteral("appId")) {
-      nsresult rv;
-      int64_t val = aValue.ToInteger64(&rv);
-      NS_ENSURE_SUCCESS(rv, false);
-      NS_ENSURE_TRUE(val <= UINT32_MAX, false);
-      mOriginAttributes->mAppId = static_cast<uint32_t>(val);
-
-      return true;
-    }
-
     if (aName.EqualsLiteral("inBrowser")) {
       if (!aValue.EqualsLiteral("1")) {
         return false;
@@ -226,7 +211,7 @@ class MOZ_STACK_CLASS PopulateFromSuffixIterator final
       return true;
     }
 
-    if (aName.EqualsLiteral("addonId")) {
+    if (aName.EqualsLiteral("addonId") || aName.EqualsLiteral("appId")) {
       // No longer supported. Silently ignore so that legacy origin strings
       // don't cause failures.
       return true;

caps/OriginAttributes.h

@@ -17,8 +17,7 @@ class OriginAttributes : public dom::OriginAttributesDictionary {
  public:
   OriginAttributes() {}
 
-  OriginAttributes(uint32_t aAppId, bool aInIsolatedMozBrowser) {
-    mAppId = aAppId;
+  explicit OriginAttributes(bool aInIsolatedMozBrowser) {
     mInIsolatedMozBrowser = aInIsolatedMozBrowser;
   }
 
@@ -46,8 +45,7 @@ class OriginAttributes : public dom::OriginAttributesDictionary {
   }
 
   bool operator==(const OriginAttributes& aOther) const {
-    return mAppId == aOther.mAppId &&
-           mInIsolatedMozBrowser == aOther.mInIsolatedMozBrowser &&
+    return mInIsolatedMozBrowser == aOther.mInIsolatedMozBrowser &&
            mUserContextId == aOther.mUserContextId &&
            mPrivateBrowsingId == aOther.mPrivateBrowsingId &&
            mFirstPartyDomain == aOther.mFirstPartyDomain;
@@ -58,8 +56,7 @@ class OriginAttributes : public dom::OriginAttributesDictionary {
   }
 
   MOZ_MUST_USE bool EqualsIgnoringFPD(const OriginAttributes& aOther) const {
-    return mAppId == aOther.mAppId &&
-           mInIsolatedMozBrowser == aOther.mInIsolatedMozBrowser &&
+    return mInIsolatedMozBrowser == aOther.mInIsolatedMozBrowser &&
            mUserContextId == aOther.mUserContextId &&
            mPrivateBrowsingId == aOther.mPrivateBrowsingId;
   }
@@ -129,10 +126,6 @@ class OriginAttributesPattern : public dom::OriginAttributesPatternDictionary {
 
   // Performs a match of |aAttrs| against this pattern.
   bool Matches(const OriginAttributes& aAttrs) const {
-    if (mAppId.WasPassed() && mAppId.Value() != aAttrs.mAppId) {
-      return false;
-    }
-
     if (mInIsolatedMozBrowser.WasPassed() &&
         mInIsolatedMozBrowser.Value() != aAttrs.mInIsolatedMozBrowser) {
       return false;
@@ -157,11 +150,6 @@ class OriginAttributesPattern : public dom::OriginAttributesPatternDictionary {
   }
 
   bool Overlaps(const OriginAttributesPattern& aOther) const {
-    if (mAppId.WasPassed() && aOther.mAppId.WasPassed() &&
-        mAppId.Value() != aOther.mAppId.Value()) {
-      return false;
-    }
-
     if (mInIsolatedMozBrowser.WasPassed() &&
         aOther.mInIsolatedMozBrowser.WasPassed() &&
         mInIsolatedMozBrowser.Value() != aOther.mInIsolatedMozBrowser.Value()) {

caps/nsIPrincipal.idl

@@ -267,24 +267,6 @@ interface nsIPrincipal : nsISerializable
      */
     readonly attribute ACString baseDomain;
 
-    /**
-     * Gets the id of the app this principal is inside.  If this principal is
-     * not inside an app, returns nsIScriptSecurityManager::NO_APP_ID.
-     *
-     * Note that this principal does not necessarily have the permissions of
-     * the app identified by appId.  For example, this principal might
-     * correspond to an iframe whose origin differs from that of the app frame
-     * containing it.  In this case, the iframe will have the appId of its
-     * containing app frame, but the iframe must not run with the app's
-     * permissions.
-     *
-     * Similarly, this principal might correspond to an <iframe mozbrowser>
-     * inside an app frame; in this case, the content inside the iframe should
-     * not have any of the app's permissions, even if the iframe is at the same
-     * origin as the app.
-     */
-    [infallible] readonly attribute unsigned long appId;
-
     /**
      * Gets the ID of the add-on this principal belongs to.
      */

caps/tests/gtest/TestOriginAttributes.cpp

@@ -34,15 +34,9 @@ TEST(OriginAttributes, Suffix_default)
   TestSuffix(attrs);
 }
 
-TEST(OriginAttributes, Suffix_appId_inIsolatedMozBrowser)
+TEST(OriginAttributes, Suffix_inIsolatedMozBrowser)
 {
-  OriginAttributes attrs(1, true);
-  TestSuffix(attrs);
-}
-
-TEST(OriginAttributes, Suffix_maxAppId_inIsolatedMozBrowser)
-{
-  OriginAttributes attrs(4294967295, true);
+  OriginAttributes attrs(true);
   TestSuffix(attrs);
 }
 

caps/tests/unit/test_origin.js

@@ -19,7 +19,6 @@ function checkCrossOrigin(a, b) {
 
 function checkOriginAttributes(prin, attrs, suffix) {
   attrs = attrs || {};
-  Assert.equal(prin.originAttributes.appId, attrs.appId || 0);
   Assert.equal(prin.originAttributes.inIsolatedMozBrowser, attrs.inIsolatedMozBrowser || false);
   Assert.equal(prin.originSuffix, suffix || "");
   Assert.equal(ChromeUtils.originAttributesToSuffix(attrs), suffix || "");
@@ -41,7 +40,6 @@ function checkSandboxOriginAttributes(arr, attrs, options) {
 // utility function useful for debugging
 function printAttrs(name, attrs) {
   info(name + " {\n" +
-       "\tappId: " + attrs.appId + ",\n" +
        "\tuserContextId: " + attrs.userContextId + ",\n" +
        "\tinIsolatedMozBrowser: " + attrs.inIsolatedMozBrowser + ",\n" +
        "\tprivateBrowsingId: '" + attrs.privateBrowsingId + "',\n" +
@@ -53,7 +51,6 @@ function checkValues(attrs, values) {
   values = values || {};
   // printAttrs("attrs", attrs);
   // printAttrs("values", values);
-  Assert.equal(attrs.appId, values.appId || 0);
   Assert.equal(attrs.userContextId, values.userContextId || 0);
   Assert.equal(attrs.inIsolatedMozBrowser, values.inIsolatedMozBrowser || false);
   Assert.equal(attrs.privateBrowsingId, values.privateBrowsingId || "");
@@ -94,13 +91,6 @@ function run_test() {
   // Test origin attributes.
   //
 
-  // Just app.
-  var exampleOrg_app = ssm.createCodebasePrincipal(makeURI("http://example.org"), {appId: 42});
-  var nullPrin_app = ssm.createNullPrincipal({appId: 42});
-  checkOriginAttributes(exampleOrg_app, {appId: 42}, "^appId=42");
-  checkOriginAttributes(nullPrin_app, {appId: 42}, "^appId=42");
-  Assert.equal(exampleOrg_app.origin, "http://example.org^appId=42");
-
   // Just browser.
   var exampleOrg_browser = ssm.createCodebasePrincipal(makeURI("http://example.org"), {inIsolatedMozBrowser: true});
   var nullPrin_browser = ssm.createNullPrincipal({inIsolatedMozBrowser: true});
@@ -108,18 +98,6 @@ function run_test() {
   checkOriginAttributes(nullPrin_browser, {inIsolatedMozBrowser: true}, "^inBrowser=1");
   Assert.equal(exampleOrg_browser.origin, "http://example.org^inBrowser=1");
 
-  // App and browser.
-  var exampleOrg_appBrowser = ssm.createCodebasePrincipal(makeURI("http://example.org"), {inIsolatedMozBrowser: true, appId: 42});
-  var nullPrin_appBrowser = ssm.createNullPrincipal({inIsolatedMozBrowser: true, appId: 42});
-  checkOriginAttributes(exampleOrg_appBrowser, {appId: 42, inIsolatedMozBrowser: true}, "^appId=42&inBrowser=1");
-  checkOriginAttributes(nullPrin_appBrowser, {appId: 42, inIsolatedMozBrowser: true}, "^appId=42&inBrowser=1");
-  Assert.equal(exampleOrg_appBrowser.origin, "http://example.org^appId=42&inBrowser=1");
-
-  // App and browser, different domain.
-  var exampleCom_appBrowser = ssm.createCodebasePrincipal(makeURI("https://www.example.com:123"), {appId: 42, inIsolatedMozBrowser: true});
-  checkOriginAttributes(exampleCom_appBrowser, {appId: 42, inIsolatedMozBrowser: true}, "^appId=42&inBrowser=1");
-  Assert.equal(exampleCom_appBrowser.origin, "https://www.example.com:123^appId=42&inBrowser=1");
-
   // First party Uri
   var exampleOrg_firstPartyDomain = ssm.createCodebasePrincipal(makeURI("http://example.org"), {firstPartyDomain: "example.org"});
   checkOriginAttributes(exampleOrg_firstPartyDomain, { firstPartyDomain: "example.org" }, "^firstPartyDomain=example.org");
@@ -144,32 +122,16 @@ function run_test() {
   checkOriginAttributes(exampleOrg_userContext, { userContextId: 42 }, "^userContextId=42");
   Assert.equal(exampleOrg_userContext.origin, "http://example.org^userContextId=42");
 
-  // UserContext and App.
-  var exampleOrg_userContextApp = ssm.createCodebasePrincipal(makeURI("http://example.org"), {appId: 24, userContextId: 42});
-  var nullPrin_userContextApp = ssm.createNullPrincipal({appId: 24, userContextId: 42});
-  checkOriginAttributes(exampleOrg_userContextApp, {appId: 24, userContextId: 42}, "^appId=24&userContextId=42");
-  checkOriginAttributes(nullPrin_userContextApp, {appId: 24, userContextId: 42}, "^appId=24&userContextId=42");
-  Assert.equal(exampleOrg_userContextApp.origin, "http://example.org^appId=24&userContextId=42");
-
   checkSandboxOriginAttributes(null, {});
   checkSandboxOriginAttributes("http://example.org", {});
   checkSandboxOriginAttributes("http://example.org", {}, {originAttributes: {}});
-  checkSandboxOriginAttributes("http://example.org", {appId: 42}, {originAttributes: {appId: 42}});
   checkSandboxOriginAttributes(["http://example.org"], {});
   checkSandboxOriginAttributes(["http://example.org"], {}, {originAttributes: {}});
-  checkSandboxOriginAttributes(["http://example.org"], {appId: 42}, {originAttributes: {appId: 42}});
 
   // Check that all of the above are cross-origin.
-  checkCrossOrigin(exampleOrg_app, exampleOrg);
-  checkCrossOrigin(exampleOrg_app, nullPrin_app);
-  checkCrossOrigin(exampleOrg_browser, exampleOrg_app);
   checkCrossOrigin(exampleOrg_browser, nullPrin_browser);
-  checkCrossOrigin(exampleOrg_appBrowser, exampleOrg_app);
-  checkCrossOrigin(exampleOrg_appBrowser, nullPrin_appBrowser);
-  checkCrossOrigin(exampleOrg_appBrowser, exampleCom_appBrowser);
   checkCrossOrigin(exampleOrg_firstPartyDomain, exampleOrg);
   checkCrossOrigin(exampleOrg_userContext, exampleOrg);
-  checkCrossOrigin(exampleOrg_userContext, exampleOrg_userContextApp);
 
   // Check Principal kinds.
   function checkKind(prin, kind) {
@@ -195,12 +157,9 @@ function run_test() {
   var uri = "http://example.org";
   var tests = [
     [ "", {} ],
-    [ "^appId=5", {appId: 5} ],
     [ "^userContextId=3", {userContextId: 3} ],
     [ "^inBrowser=1", {inIsolatedMozBrowser: true} ],
-    [ "^firstPartyDomain=example.org", {firstPartyDomain: "example.org"} ],
-    [ "^appId=3&inBrowser=1&userContextId=6",
-      {appId: 3, userContextId: 6, inIsolatedMozBrowser: true} ] ];
+    [ "^firstPartyDomain=example.org", {firstPartyDomain: "example.org"} ] ];
 
   // check that we can create an origin attributes from an origin properly
   tests.forEach(t => {
@@ -216,30 +175,6 @@ function run_test() {
     Assert.equal(ChromeUtils.originAttributesToSuffix(attrs), t[0]);
   });
 
-  // each row in the set_tests array has these values:
-  // [0] - the suffix used to create an origin attribute from
-  // [1] - the expected result of creating an origin attribute from [0]
-  // [2] - the pattern to set on the origin attributes
-  // [3] - the expected result of setting [2] values on [1]
-  // [4] - the expected result of creating a suffix from [3]
-  var set_tests = [
-    [ "", {}, {appId: 5}, {appId: 5}, "^appId=5" ],
-    [ "^appId=5", {appId: 5}, {appId: 3}, {appId: 3}, "^appId=3" ],
-    [ "^appId=5", {appId: 5}, {userContextId: 3}, {appId: 5, userContextId: 3}, "^appId=5&userContextId=3" ],
-    [ "^appId=5", {appId: 5}, {appId: 3, userContextId: 7}, {appId: 3, userContextId: 7}, "^appId=3&userContextId=7" ] ];
-
-  // check that we can set origin attributes values properly
-  set_tests.forEach(t => {
-    let orig = ChromeUtils.createOriginAttributesFromOrigin(uri + t[0]);
-    checkValues(orig, t[1]);
-    let mod = orig;
-    for (var key in t[2]) {
-      mod[key] = t[2][key];
-    }
-    checkValues(mod, t[3]);
-    Assert.equal(ChromeUtils.originAttributesToSuffix(mod), t[4]);
-  });
-
   // each row in the dflt_tests array has these values:
   // [0] - the suffix used to create an origin attribute from
   // [1] - the expected result of creating an origin attributes from [0]
@@ -247,9 +182,7 @@ function run_test() {
   // [3] - the expected result of creating a suffix from [2]
   var dflt_tests = [
     [ "", {}, {}, "" ],
-    [ "^userContextId=3", {userContextId: 3}, {}, "" ],
-    [ "^appId=5", {appId: 5}, {appId: 5}, "^appId=5" ],
-    [ "^appId=5&userContextId=3", {appId: 5, userContextId: 3}, {appId: 5}, "^appId=5" ] ];
+    [ "^userContextId=3", {userContextId: 3}, {}, "" ] ];
 
   // check that we can set the userContextId to default properly
   dflt_tests.forEach(t => {
@@ -268,9 +201,7 @@ function run_test() {
   // [3] - the expected result of creating a suffix from [2]
   var dflt2_tests = [
     [ "", {}, {}, "" ],
-    [ "^firstPartyDomain=foo.com", {firstPartyDomain: "foo.com"}, {}, "" ],
-    [ "^appId=5", {appId: 5}, {appId: 5}, "^appId=5" ],
-    [ "^appId=5&firstPartyDomain=foo.com", {appId: 5, firstPartyDomain: "foo.com"}, {appId: 5}, "^appId=5" ] ];
+    [ "^firstPartyDomain=foo.com", {firstPartyDomain: "foo.com"}, {}, "" ] ];
 
   // check that we can set the userContextId to default properly
   dflt2_tests.forEach(t => {

docshell/base/LoadContext.h

@@ -33,7 +33,7 @@ class LoadContext final : public nsILoadContext, public nsIInterfaceRequestor {
   NS_DECL_NSILOADCONTEXT
   NS_DECL_NSIINTERFACEREQUESTOR
 
-  // appId/inIsolatedMozBrowser arguments override those in
+  // inIsolatedMozBrowser argumentsoverrides that in
   // SerializedLoadContext provided by child process.
   LoadContext(const IPC::SerializedLoadContext& aToCopy,
               dom::Element* aTopFrameElement, OriginAttributes& aAttrs)
@@ -49,7 +49,7 @@ class LoadContext final : public nsILoadContext, public nsIInterfaceRequestor {
         mOriginAttributes(aAttrs) {
   }
 
-  // appId/inIsolatedMozBrowser arguments override those in
+  // inIsolatedMozBrowser argument overrides that in
   // SerializedLoadContext provided by child process.
   LoadContext(const IPC::SerializedLoadContext& aToCopy,
               uint64_t aNestedFrameId, OriginAttributes& aAttrs)
@@ -97,8 +97,7 @@ class LoadContext final : public nsILoadContext, public nsIInterfaceRequestor {
         mOriginAttributes(aAttrs) {
   }
 
-  // Constructor for creating a LoadContext with a given principal's appId and
-  // browser flag.
+  // Constructor for creating a LoadContext with a given browser flag.
   explicit LoadContext(nsIPrincipal* aPrincipal,
                        nsILoadContext* aOptionalBase = nullptr);
 

docshell/base/nsDocShell.h

@@ -232,7 +232,7 @@ class nsDocShell final : public nsDocLoader,
   NS_IMETHOD OnLeaveLink() override;
 
   // Don't use NS_DECL_NSILOADCONTEXT because some of nsILoadContext's methods
-  // are shared with nsIDocShell (appID, etc.) and can't be declared twice.
+  // are shared with nsIDocShell and can't be declared twice.
   NS_IMETHOD GetAssociatedWindow(mozIDOMWindowProxy**) override;
   NS_IMETHOD GetTopWindow(mozIDOMWindowProxy**) override;
   NS_IMETHOD GetTopFrameElement(mozilla::dom::Element**) override;

dom/base/ChromeUtils.h

@@ -100,8 +100,7 @@ class ChromeUtils {
   static bool IsOriginAttributesEqualIgnoringFPD(
       const dom::OriginAttributesDictionary& aA,
       const dom::OriginAttributesDictionary& aB) {
-    return aA.mAppId == aB.mAppId &&
-           aA.mInIsolatedMozBrowser == aB.mInIsolatedMozBrowser &&
+    return aA.mInIsolatedMozBrowser == aB.mInIsolatedMozBrowser &&
            aA.mUserContextId == aB.mUserContextId &&
            aA.mPrivateBrowsingId == aB.mPrivateBrowsingId;
   }

dom/base/Document.cpp

@@ -2590,10 +2590,6 @@ nsresult Document::StartDocumentLoad(const char* aCommand, nsIChannel* aChannel,
              uri ? uri->GetSpecOrDefault().get() : ""));
   }
 
-  MOZ_ASSERT(
-      NodePrincipal()->GetAppId() != nsIScriptSecurityManager::UNKNOWN_APP_ID,
-      "Document should never have UNKNOWN_APP_ID");
-
   MOZ_ASSERT(GetReadyStateEnum() == Document::READYSTATE_UNINITIALIZED,
              "Bad readyState");
   SetReadyStateInternal(READYSTATE_LOADING);

dom/base/PostMessageEvent.cpp

@@ -98,9 +98,6 @@ PostMessageEvent::Run() {
       OriginAttributes sourceAttrs = mProvidedPrincipal->OriginAttributesRef();
       OriginAttributes targetAttrs = targetPrin->OriginAttributesRef();
 
-      MOZ_DIAGNOSTIC_ASSERT(
-          sourceAttrs.mAppId == targetAttrs.mAppId,
-          "Target and source should have the same mAppId attribute.");
       MOZ_DIAGNOSTIC_ASSERT(
           sourceAttrs.mUserContextId == targetAttrs.mUserContextId,
           "Target and source should have the same userContextId attribute.");

dom/base/nsFrameLoader.cpp

@@ -2218,8 +2218,6 @@ nsresult nsFrameLoader::MaybeCreateDocShell() {
 
     // So far we want to make sure Inherit doesn't override any other origin
     // attribute than firstPartyDomain.
-    MOZ_ASSERT(attrs.mAppId == oa.mAppId,
-               "docshell and document should have the same appId attribute.");
     MOZ_ASSERT(
         attrs.mUserContextId == oa.mUserContextId,
         "docshell and document should have the same userContextId attribute.");
@@ -2234,7 +2232,6 @@ nsresult nsFrameLoader::MaybeCreateDocShell() {
   }
 
   if (OwnerIsMozBrowserFrame()) {
-    attrs.mAppId = nsIScriptSecurityManager::NO_APP_ID;
     attrs.mInIsolatedMozBrowser = OwnerIsIsolatedMozBrowserFrame();
     docShell->SetFrameType(nsIDocShell::FRAME_TYPE_BROWSER);
   } else {
@@ -3379,8 +3376,6 @@ nsresult nsFrameLoader::GetNewTabContext(MutableTabContext* aTabContext,
   attrs.mInIsolatedMozBrowser = OwnerIsIsolatedMozBrowserFrame();
   nsresult rv;
 
-  attrs.mAppId = nsIScriptSecurityManager::NO_APP_ID;
-
   // set the userContextId on the attrs before we pass them into
   // the tab context
   rv = PopulateUserContextIdFromAttribute(attrs);

dom/base/test/test_messagemanager_principal.html

@@ -24,9 +24,6 @@
       addMessageListener("test:ipcMessage", function(message) {
         sendAsyncMessage(message.name, "principal: " + (message.principal ? "OK" : "KO"));
 
-        sendAsyncMessage(message.name, "principal.appId: " +
-                         ("appId" in message.principal ? "OK" : "KO"));
-
         sendAsyncMessage(message.name, "principal.origin: " +
                          ("origin" in message.principal ? "OK" : "KO"));
 

dom/base/test/test_messagemanager_send_principal.html

@@ -26,9 +26,6 @@
         sendAsyncMessage("test:result", "is nsIPrincipal: " +
                          (message.data instanceof Ci.nsIPrincipal ? "OK" : "KO"));
 
-        sendAsyncMessage("test:result", "principal.appId: " +
-                         ("appId" in message.data ? "OK" : "KO"));
-
         sendAsyncMessage("test:result", "principal.origin: " +
                          ("origin" in message.data ? "OK" : "KO"));
 

dom/base/test/test_messagemanager_targetchain.html

@@ -102,12 +102,9 @@
       var principal = SpecialPowers.wrap(document).nodePrincipal;
       SpecialPowers.pushPermissions([
         { type: "browser", allow: 1, context: { url: principal.URI.spec,
-                                                originAttributes: {
-                                                  appId: principal.appId
-                                                }}},
+                                                originAttributes: {}}},
         { type: "browser", allow: 1, context: { url: principal.URI.spec,
                                                 originAttributes: {
-                                                  appId: principal.appId,
                                                   inIsolatedMozBrowser: true }}}
       ], () => {
         SpecialPowers.pushPrefEnv({

dom/browser-element/mochitest/browserElement_Auth.js

@@ -159,12 +159,12 @@ function testAuthJarNoInterfere(e) {
 
   // Set a bunch of auth data that should not conflict with the correct auth data already
   // stored in the cache.
-  var attrs = {appId: 1};
+  var attrs = {userContextId: 1};
   var principal = secMan.createCodebasePrincipal(uri, attrs);
   authMgr.setAuthIdentity("http", "test", -1, "basic", "http_realm",
                           "tests/dom/browser-element/mochitest/file_http_401_response.sjs",
                           "", "httpuser", "wrongpass", false, principal);
-  attrs = {appId: 1, inIsolatedMozBrowser: true};
+  attrs = {userContextId: 1, inIsolatedMozBrowser: true};
   principal = secMan.createCodebasePrincipal(uri, attrs);
   authMgr.setAuthIdentity("http", "test", -1, "basic", "http_realm",
                           "tests/dom/browser-element/mochitest/file_http_401_response.sjs",

dom/browser-element/mochitest/browserElement_CopyPaste.js

@@ -328,7 +328,6 @@ function testCut2(e) {
 var principal = SpecialPowers.wrap(document).nodePrincipal;
 var context = { url: SpecialPowers.wrap(principal.URI).spec,
                 originAttributes: {
-                  appId: principal.appId,
                   inIsolatedMozBrowser: true }};
 
 addEventListener("testready", function() {

dom/chrome-webidl/ChromeUtils.webidl

@@ -520,14 +520,12 @@ dictionary IOActivityDataDictionary {
  * (3) Update the methods on mozilla::OriginAttributesPattern, including matching.
  */
 dictionary OriginAttributesDictionary {
-  unsigned long appId = 0;
   unsigned long userContextId = 0;
   boolean inIsolatedMozBrowser = false;
   unsigned long privateBrowsingId = 0;
   DOMString firstPartyDomain = "";
 };
 dictionary OriginAttributesPatternDictionary {
-  unsigned long appId;
   unsigned long userContextId;
   boolean inIsolatedMozBrowser;
   unsigned long privateBrowsingId;

dom/ipc/BrowserBridgeParent.cpp

@@ -31,7 +31,6 @@ nsresult BrowserBridgeParent::Init(const nsString& aPresentationURL,
   // from our Manager().
   OriginAttributes attrs;
   attrs.mInIsolatedMozBrowser = false;
-  attrs.mAppId = nsIScriptSecurityManager::NO_APP_ID;
   attrs.SyncAttributesWithPrivateBrowsing(false);
   MutableTabContext tabContext;
   tabContext.SetTabContext(false, 0, UIStateChangeType_Set,

dom/ipc/PTabContext.ipdlh

@@ -23,9 +23,6 @@ namespace dom {
 // will be equal to the opener's values.  For a <xul:browser>, those app IDs
 // will be NO_APP_ID.
 //
-// If isMozBrowserElement is true, the frame's browserFrameOwnerAppId will be
-// equal to the opener's app-id.
-//
 // It's an error to set isMozBrowserElement == false if opener is a mozbrowser
 // element.  Such a PopupIPCTabContext should be rejected by code which receives
 // it.

dom/ipc/TabContext.cpp

@@ -95,9 +95,6 @@ bool TabContext::SetTabContext(bool aIsMozBrowserElement,
                                const nsAString& aPresentationURL) {
   NS_ENSURE_FALSE(mInitialized, false);
 
-  // Veryify that app id matches mAppId passed in originAttributes
-  MOZ_RELEASE_ASSERT(aOriginAttributes.mAppId == NO_APP_ID);
-
   mInitialized = true;
   mIsMozBrowserElement = aIsMozBrowserElement;
   mChromeOuterWindowID = aChromeOuterWindowID;

dom/presentation/tests/mochitest/test_presentation_mixed_security_contexts.html

@@ -23,7 +23,6 @@ function setup() {
   SpecialPowers.addPermission("presentation",
                               true, { url: "https://example.com/tests/dom/presentation/tests/mochitest/file_presentation_mixed_security_contexts.html",
                                       originAttributes: {
-                                        appId: SpecialPowers.Ci.nsIScriptSecurityManager.NO_APP_ID,
                                         inIsolatedMozBrowser: false }});
 
   return new Promise(function(aResolve, aReject) {

dom/push/test/xpcshell/test_clear_origin_data.js

@@ -50,32 +50,12 @@ add_task(async function test_webapps_cleardata() {
 
   let testRecords = [{
     scope: "https://example.org/1",
-    originAttributes: { appId: 1 },
-    clearIf: { appId: 1, inIsolatedMozBrowser: false },
+    originAttributes: {},
+    clearIf: { inIsolatedMozBrowser: false },
   }, {
     scope: "https://example.org/1",
-    originAttributes: { appId: 1, inIsolatedMozBrowser: true },
-    clearIf: { appId: 1 },
-  }, {
-    scope: "https://example.org/1",
-    originAttributes: { appId: 2, inIsolatedMozBrowser: true },
-    clearIf: { appId: 2, inIsolatedMozBrowser: true },
-  }, {
-    scope: "https://example.org/2",
-    originAttributes: { appId: 1 },
-    clearIf: { appId: 1, inIsolatedMozBrowser: false },
-  }, {
-    scope: "https://example.org/2",
-    originAttributes: { appId: 2, inIsolatedMozBrowser: true },
-    clearIf: { appId: 2, inIsolatedMozBrowser: true },
-  }, {
-    scope: "https://example.org/3",
-    originAttributes: { appId: 3, inIsolatedMozBrowser: true },
-    clearIf: { inIsolatedMozBrowser: true },
-  }, {
-    scope: "https://example.org/3",
-    originAttributes: { appId: 4, inIsolatedMozBrowser: true },
-    clearIf: { inIsolatedMozBrowser: true },
+    originAttributes: { inIsolatedMozBrowser: true },
+    clearIf: {},
   }];
 
   let unregisterDone;
@@ -122,19 +102,11 @@ add_task(async function test_webapps_cleardata() {
     })
   ));
 
-  // Removes records for all scopes with the same app ID. Excludes records
-  // where `inIsolatedMozBrowser` is true.
-  await clearForPattern(testRecords, { appId: 1, inIsolatedMozBrowser: false });
+  // Removes all the records, Excluding where `inIsolatedMozBrowser` is true.
+  await clearForPattern(testRecords, { inIsolatedMozBrowser: false });
 
-  // Removes the remaining record for app ID 1, where `inIsolatedMozBrowser` is true.
-  await clearForPattern(testRecords, { appId: 1 });
-
-  // Removes all records for all scopes with the same app ID, where
-  // `inIsolatedMozBrowser` is true.
-  await clearForPattern(testRecords, { appId: 2, inIsolatedMozBrowser: true });
-
-  // Removes all records where `inIsolatedMozBrowser` is true.
-  await clearForPattern(testRecords, { inIsolatedMozBrowser: true });
+  // Removes the all the remaining records where `inIsolatedMozBrowser` is true.
+  await clearForPattern(testRecords, {});
 
   equal(testRecords.length, 0, "Should remove all test records");
   await unregisterPromise;

dom/push/test/xpcshell/test_notification_http2.js

@@ -60,7 +60,7 @@ add_task(async function test_pushNotifications() {
       y: "26jk0IFbqcK6-JxhHAm-rsHEwy0CyVJjtnfOcqc1tgA",
     },
     originAttributes: ChromeUtils.originAttributesToSuffix(
-      { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+      { inIsolatedMozBrowser: false }),
     quota: Infinity,
     systemRecord: true,
   }, {
@@ -79,7 +79,7 @@ add_task(async function test_pushNotifications() {
       y: "5TZ1rK8Ldih6ljyxVwnBA-nygQHGRpEmu1jV5K8437E",
     },
     originAttributes: ChromeUtils.originAttributesToSuffix(
-      { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+      { inIsolatedMozBrowser: false }),
     quota: Infinity,
     systemRecord: true,
   }, {
@@ -98,7 +98,7 @@ add_task(async function test_pushNotifications() {
       y: "Ja6n3YH8TOcH8narDF6t8mKVvg2ioLW-8MH5O4dzGcI",
     },
     originAttributes: ChromeUtils.originAttributesToSuffix(
-      { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+      { inIsolatedMozBrowser: false }),
     quota: Infinity,
     systemRecord: true,
   }, {
@@ -122,7 +122,7 @@ add_task(async function test_pushNotifications() {
       padding: "reject",
     }),
     originAttributes: ChromeUtils.originAttributesToSuffix(
-      { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+      { inIsolatedMozBrowser: false }),
     quota: Infinity,
     systemRecord: true,
   }];

dom/push/test/xpcshell/test_reconnect_retry.js

@@ -57,7 +57,7 @@ add_task(async function test_reconnect_retry() {
   let registration = await PushService.register({
     scope: "https://example.com/page/1",
     originAttributes: ChromeUtils.originAttributesToSuffix(
-      { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+      { inIsolatedMozBrowser: false }),
   });
   let retryEndpoint = "https://example.org/push/" + channelID;
   equal(registration.endpoint, retryEndpoint, "Wrong endpoint for retried request");
@@ -65,7 +65,7 @@ add_task(async function test_reconnect_retry() {
   registration = await PushService.register({
     scope: "https://example.com/page/2",
     originAttributes: ChromeUtils.originAttributesToSuffix(
-      { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+      { inIsolatedMozBrowser: false }),
   });
   notEqual(registration.endpoint, retryEndpoint, "Wrong endpoint for new request");
 

dom/push/test/xpcshell/test_register_5xxCode_http2.js

@@ -78,7 +78,6 @@ add_task(async function test1() {
   });
 
   let originAttributes = ChromeUtils.originAttributesToSuffix({
-    appId: Ci.nsIScriptSecurityManager.NO_APP_ID,
     inIsolatedMozBrowser: false,
   });
   let newRecord = await PushService.register({

dom/push/test/xpcshell/test_register_case.js

@@ -45,7 +45,7 @@ add_task(async function test_register_case() {
   let newRecord = await PushService.register({
     scope: "https://example.net/case",
     originAttributes: ChromeUtils.originAttributesToSuffix(
-      { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+      { inIsolatedMozBrowser: false }),
   });
   equal(newRecord.endpoint, "https://example.com/update/case",
     "Wrong push endpoint in registration record");

dom/push/test/xpcshell/test_register_error_http2.js

@@ -35,7 +35,7 @@ add_task(async function test_pushSubscriptionNoConnection() {
     PushService.register({
       scope: "https://example.net/page/invalid-response",
       originAttributes: ChromeUtils.originAttributesToSuffix(
-        { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+        { inIsolatedMozBrowser: false }),
     }),
     /Registration error/,
     "Expected error for not being able to establish connecion."
@@ -71,7 +71,7 @@ add_task(async function test_pushSubscriptionMissingLocation() {
     PushService.register({
       scope: "https://example.net/page/invalid-response",
       originAttributes: ChromeUtils.originAttributesToSuffix(
-        { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+        { inIsolatedMozBrowser: false }),
     }),
     /Registration error/,
     "Expected error for the missing location header."
@@ -97,7 +97,7 @@ add_task(async function test_pushSubscriptionMissingLink() {
     PushService.register({
       scope: "https://example.net/page/invalid-response",
       originAttributes: ChromeUtils.originAttributesToSuffix(
-        { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+        { inIsolatedMozBrowser: false }),
     }),
     /Registration error/,
     "Expected error for the missing link header."
@@ -123,7 +123,7 @@ add_task(async function test_pushSubscriptionMissingLink1() {
     PushService.register({
       scope: "https://example.net/page/invalid-response",
       originAttributes: ChromeUtils.originAttributesToSuffix(
-        { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+        { inIsolatedMozBrowser: false }),
     }),
     /Registration error/,
     "Expected error for the missing push endpoint."
@@ -149,7 +149,7 @@ add_task(async function test_pushSubscriptionLocationBogus() {
     PushService.register({
       scope: "https://example.net/page/invalid-response",
       originAttributes: ChromeUtils.originAttributesToSuffix(
-        { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+        { inIsolatedMozBrowser: false }),
     }),
     /Registration error/,
     "Expected error for the bogus location"
@@ -175,7 +175,7 @@ add_task(async function test_pushSubscriptionNot2xxCode() {
     PushService.register({
       scope: "https://example.net/page/invalid-response",
       originAttributes: ChromeUtils.originAttributesToSuffix(
-        { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+        { inIsolatedMozBrowser: false }),
     }),
     /Registration error/,
     "Expected error for not 201 responce code."

dom/push/test/xpcshell/test_register_invalid_channel.js

@@ -47,7 +47,7 @@ add_task(async function test_register_invalid_channel() {
     PushService.register({
       scope: "https://example.com/invalid-channel",
       originAttributes: ChromeUtils.originAttributesToSuffix(
-        { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+        { inIsolatedMozBrowser: false }),
     }),
     /Registration error/,
     "Expected error for invalid channel ID"

dom/push/test/xpcshell/test_register_invalid_endpoint.js

@@ -48,7 +48,7 @@ add_task(async function test_register_invalid_endpoint() {
     PushService.register({
       scope: "https://example.net/page/invalid-endpoint",
       originAttributes: ChromeUtils.originAttributesToSuffix(
-        { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+        { inIsolatedMozBrowser: false }),
     }),
     /Registration error/,
     "Expected error for invalid endpoint"

dom/push/test/xpcshell/test_register_invalid_json.js

@@ -48,7 +48,7 @@ add_task(async function test_register_invalid_json() {
     PushService.register({
       scope: "https://example.net/page/invalid-json",
       originAttributes: ChromeUtils.originAttributesToSuffix(
-        { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+        { inIsolatedMozBrowser: false }),
     }),
     /Registration error/,
     "Expected error for invalid JSON response"

dom/push/test/xpcshell/test_register_no_id.js

@@ -52,7 +52,7 @@ add_task(async function test_register_no_id() {
     PushService.register({
       scope: "https://example.com/incomplete",
       originAttributes: ChromeUtils.originAttributesToSuffix(
-        { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+        { inIsolatedMozBrowser: false }),
     }),
     /Registration error/,
     "Expected error for incomplete register response"

dom/push/test/xpcshell/test_register_request_queue.js

@@ -44,12 +44,12 @@ add_task(async function test_register_request_queue() {
   let firstRegister = PushService.register({
     scope: "https://example.com/page/1",
     originAttributes: ChromeUtils.originAttributesToSuffix(
-      { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+      { inIsolatedMozBrowser: false }),
   });
   let secondRegister = PushService.register({
     scope: "https://example.com/page/1",
     originAttributes: ChromeUtils.originAttributesToSuffix(
-      { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+      { inIsolatedMozBrowser: false }),
   });
 
   await Promise.all([

dom/push/test/xpcshell/test_register_rollback.js

@@ -75,7 +75,7 @@ add_task(async function test_register_rollback() {
     PushService.register({
       scope: "https://example.com/storage-error",
       originAttributes: ChromeUtils.originAttributesToSuffix(
-        { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+        { inIsolatedMozBrowser: false }),
     }),
     /universe has imploded/,
     "Expected error for unregister database failure"

dom/push/test/xpcshell/test_register_success.js

@@ -58,7 +58,7 @@ add_task(async function test_register_success() {
   let newRecord = await PushService.register({
     scope: "https://example.org/1",
     originAttributes: ChromeUtils.originAttributesToSuffix(
-      { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+      { inIsolatedMozBrowser: false }),
   });
   equal(newRecord.endpoint, "https://example.com/update/1",
     "Wrong push endpoint in registration record");

dom/push/test/xpcshell/test_register_success_http2.js

@@ -49,7 +49,7 @@ add_task(async function test_pushSubscriptionSuccess() {
   let newRecord = await PushService.register({
     scope: "https://example.org/1",
     originAttributes: ChromeUtils.originAttributesToSuffix(
-      { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+      { inIsolatedMozBrowser: false }),
   });
 
   var subscriptionUri = serverURL + "/pushSubscriptionSuccesss";
@@ -83,7 +83,7 @@ add_task(async function test_pushSubscriptionMissingLink2() {
   let newRecord = await PushService.register({
     scope: "https://example.org/no_receiptEndpoint",
     originAttributes: ChromeUtils.originAttributesToSuffix(
-      { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+      { inIsolatedMozBrowser: false }),
   });
 
   var subscriptionUri = serverURL + "/subscriptionMissingLink2";

dom/push/test/xpcshell/test_register_timeout.js

@@ -75,7 +75,7 @@ add_task(async function test_register_timeout() {
     PushService.register({
       scope: "https://example.net/page/timeout",
       originAttributes: ChromeUtils.originAttributesToSuffix(
-        { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+        { inIsolatedMozBrowser: false }),
     }),
     /Registration error/,
     "Expected error for request timeout"

dom/push/test/xpcshell/test_register_wrong_id.js

@@ -58,7 +58,7 @@ add_task(async function test_register_wrong_id() {
     PushService.register({
       scope: "https://example.com/mismatched",
       originAttributes: ChromeUtils.originAttributesToSuffix(
-        { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+        { inIsolatedMozBrowser: false }),
     }),
     /Registration error/,
     "Expected error for mismatched register reply"

dom/push/test/xpcshell/test_register_wrong_type.js

@@ -52,7 +52,7 @@ add_task(async function test_register_wrong_type() {
     PushService.register({
       scope: "https://example.com/mistyped",
       originAttributes: ChromeUtils.originAttributesToSuffix(
-        { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+        { inIsolatedMozBrowser: false }),
     }),
     /Registration error/,
     "Expected error for non-string channel ID"

dom/push/test/xpcshell/test_registration_error.js

@@ -33,7 +33,7 @@ add_task(async function test_registrations_error() {
     PushService.registration({
       scope: "https://example.net/1",
       originAttributes: ChromeUtils.originAttributesToSuffix(
-        { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+        { inIsolatedMozBrowser: false }),
     }),
     function(error) {
       return error == "Database error";

dom/push/test/xpcshell/test_registration_error_http2.js

@@ -27,7 +27,7 @@ add_task(async function test_registrations_error() {
     PushService.registration({
       scope: "https://example.net/1",
       originAttributes: ChromeUtils.originAttributesToSuffix(
-        { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+        { inIsolatedMozBrowser: false }),
     }),
     function(error) {
       return error == "Database error";

dom/push/test/xpcshell/test_registration_none.js

@@ -25,7 +25,7 @@ add_task(async function test_registration_none() {
   let registration = await PushService.registration({
     scope: "https://example.net/1",
     originAttributes: ChromeUtils.originAttributesToSuffix(
-      { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+      { inIsolatedMozBrowser: false }),
   });
   ok(!registration, "Should not open a connection without registration");
 });

dom/push/test/xpcshell/test_registration_success.js

@@ -23,22 +23,6 @@ add_task(async function test_registration_success() {
     originAttributes: "",
     version: 5,
     quota: Infinity,
-  }, {
-    channelID: "f6edfbcd-79d6-49b8-9766-48b9dcfeff0f",
-    pushEndpoint: "https://example.com/update/same-manifest/2",
-    scope: "https://example.net/b",
-    originAttributes: ChromeUtils.originAttributesToSuffix(
-      { appId: 42 }),
-    version: 10,
-    quota: Infinity,
-  }, {
-    channelID: "b1cf38c9-6836-4d29-8a30-a3e98d59b728",
-    pushEndpoint: "https://example.org/update/different-manifest",
-    scope: "https://example.org/c",
-    originAttributes: ChromeUtils.originAttributesToSuffix(
-      { appId: 42, inIsolatedMozBrowser: true }),
-    version: 15,
-    quota: Infinity,
   }];
   for (let record of records) {
     await db.put(record);

dom/push/test/xpcshell/test_registration_success_http2.js

@@ -29,7 +29,7 @@ add_task(async function test_pushNotifications() {
     pushReceiptEndpoint: serverURL + "/pushReceiptEndpointA",
     scope: "https://example.net/a",
     originAttributes: ChromeUtils.originAttributesToSuffix(
-      { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+      { inIsolatedMozBrowser: false }),
     quota: Infinity,
   }, {
     subscriptionUri: serverURL + "/subscriptionB",
@@ -37,7 +37,7 @@ add_task(async function test_pushNotifications() {
     pushReceiptEndpoint: serverURL + "/pushReceiptEndpointB",
     scope: "https://example.net/b",
     originAttributes: ChromeUtils.originAttributesToSuffix(
-      { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+      { inIsolatedMozBrowser: false }),
     quota: Infinity,
   }, {
     subscriptionUri: serverURL + "/subscriptionC",
@@ -45,7 +45,7 @@ add_task(async function test_pushNotifications() {
     pushReceiptEndpoint: serverURL + "/pushReceiptEndpointC",
     scope: "https://example.net/c",
     originAttributes: ChromeUtils.originAttributesToSuffix(
-      { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+      { inIsolatedMozBrowser: false }),
     quota: Infinity,
   }];
 
@@ -61,7 +61,7 @@ add_task(async function test_pushNotifications() {
   let registration = await PushService.registration({
     scope: "https://example.net/a",
     originAttributes: ChromeUtils.originAttributesToSuffix(
-      { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+      { inIsolatedMozBrowser: false }),
   });
   equal(
     registration.endpoint,

dom/push/test/xpcshell/test_unregister_empty_scope.js

@@ -31,7 +31,7 @@ add_task(async function test_unregister_empty_scope() {
     PushService.unregister({
       scope: "",
       originAttributes: ChromeUtils.originAttributesToSuffix(
-        { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+        { inIsolatedMozBrowser: false }),
     }),
     /Invalid page record/,
     "Expected error for empty endpoint"

dom/push/test/xpcshell/test_unregister_invalid_json.js

@@ -79,7 +79,7 @@ add_task(async function test_unregister_invalid_json() {
     PushService.unregister({
       scope: "https://example.net/page/1",
       originAttributes: ChromeUtils.originAttributesToSuffix(
-        { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+        { inIsolatedMozBrowser: false }),
     }),
     /Request timed out/,
     "Expected error for second invalid JSON response"

dom/push/test/xpcshell/test_unregister_not_found.js

@@ -30,7 +30,7 @@ add_task(async function test_unregister_not_found() {
   let result = await PushService.unregister({
     scope: "https://example.net/nonexistent",
     originAttributes: ChromeUtils.originAttributesToSuffix(
-      { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+      { inIsolatedMozBrowser: false }),
   });
   ok(result === false, "unregister should resolve with false for nonexistent scope");
 });

dom/push/test/xpcshell/test_unregister_success_http2.js

@@ -44,7 +44,7 @@ add_task(async function test_pushUnsubscriptionSuccess() {
     pushReceiptEndpoint: serverURL + "/receiptPushEndpointUnsubscriptionSuccess",
     scope: "https://example.com/page/unregister-success",
     originAttributes: ChromeUtils.originAttributesToSuffix(
-      { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+      { inIsolatedMozBrowser: false }),
     quota: Infinity,
   });
 
@@ -56,7 +56,7 @@ add_task(async function test_pushUnsubscriptionSuccess() {
   await PushService.unregister({
     scope: "https://example.com/page/unregister-success",
     originAttributes: ChromeUtils.originAttributesToSuffix(
-      { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+      { inIsolatedMozBrowser: false }),
   });
   let record = await db.getByKeyID(serverURL + "/subscriptionUnsubscriptionSuccess");
   ok(!record, "Unregister did not remove record");

dom/push/test/xpcshell/test_updateRecordNoEncryptionKeys_ws.js

@@ -70,7 +70,7 @@ add_task(async function test_with_data_enabled() {
   let newRecord = await PushService.register({
     scope: "https://example.com/page/3",
     originAttributes: ChromeUtils.originAttributesToSuffix(
-      { appId: Ci.nsIScriptSecurityManager.NO_APP_ID, inIsolatedMozBrowser: false }),
+      { inIsolatedMozBrowser: false }),
   });
   ok(newRecord.p256dhKey, "Should generate public keys for new records");
 

dom/quota/ActorsParent.cpp

@@ -204,11 +204,6 @@ const char kResourceOriginPrefix[] = "resource://";
 #define TEMPORARY_DIRECTORY_NAME "temporary"
 #define DEFAULT_DIRECTORY_NAME "default"
 
-enum AppId {
-  kNoAppId = nsIScriptSecurityManager::NO_APP_ID,
-  kUnknownAppId = nsIScriptSecurityManager::UNKNOWN_APP_ID
-};
-
 #define STORAGE_FILE_NAME "storage.sqlite"
 
 // The name of the file that we use to load/save the last access time of an
@@ -1656,7 +1651,6 @@ class MOZ_STACK_CLASS OriginParser final {
   const OriginAttributes mOriginAttributes;
   Tokenizer mTokenizer;
 
-  uint32_t mAppId;
   nsCString mScheme;
   nsCString mHost;
   Nullable<uint32_t> mPort;
@@ -1680,7 +1674,6 @@ class MOZ_STACK_CLASS OriginParser final {
       : mOrigin(aOrigin),
         mOriginAttributes(aOriginAttributes),
         mTokenizer(aOrigin, '+'),
-        mAppId(kNoAppId),
         mPort(),
         mSchemeType(eNone),
         mState(eExpectingAppIdOrScheme),
@@ -2030,23 +2023,18 @@ nsresult GetBinaryOutputStream(nsIFile* aFile, FileFlag aFileFlag,
   return NS_OK;
 }
 
-void GetJarPrefix(uint32_t aAppId, bool aInIsolatedMozBrowser,
-                  nsACString& aJarPrefix) {
-  MOZ_ASSERT(aAppId != nsIScriptSecurityManager::UNKNOWN_APP_ID);
-
-  if (aAppId == nsIScriptSecurityManager::UNKNOWN_APP_ID) {
-    aAppId = nsIScriptSecurityManager::NO_APP_ID;
-  }
-
+void GetJarPrefix(bool aInIsolatedMozBrowser, nsACString& aJarPrefix) {
   aJarPrefix.Truncate();
 
   // Fallback.
-  if (aAppId == nsIScriptSecurityManager::NO_APP_ID && !aInIsolatedMozBrowser) {
+  if (!aInIsolatedMozBrowser) {
     return;
   }
 
+  // AppId is an unused b2g identifier. Let's set it to 0 all the time (see bug
+  // 1320404).
   // aJarPrefix = appId + "+" + { 't', 'f' } + "+";
-  aJarPrefix.AppendInt(aAppId);
+  aJarPrefix.AppendInt(nsIScriptSecurityManager::NO_APP_ID);
   aJarPrefix.Append('+');
   aJarPrefix.Append(aInIsolatedMozBrowser ? 't' : 'f');
   aJarPrefix.Append('+');
@@ -2067,8 +2055,7 @@ nsresult CreateDirectoryMetadata(nsIFile* aDirectory, int64_t aTimestamp,
   }
 
   nsCString groupPrefix;
-  GetJarPrefix(groupAttributes.mAppId, groupAttributes.mInIsolatedMozBrowser,
-               groupPrefix);
+  GetJarPrefix(groupAttributes.mInIsolatedMozBrowser, groupPrefix);
 
   nsCString group = groupPrefix + groupNoSuffix;
 
@@ -2081,8 +2068,7 @@ nsresult CreateDirectoryMetadata(nsIFile* aDirectory, int64_t aTimestamp,
   }
 
   nsCString originPrefix;
-  GetJarPrefix(originAttributes.mAppId, originAttributes.mInIsolatedMozBrowser,
-               originPrefix);
+  GetJarPrefix(originAttributes.mInIsolatedMozBrowser, originPrefix);
 
   nsCString origin = originPrefix + originNoSuffix;
 
@@ -9029,14 +9015,7 @@ auto OriginParser::Parse(nsACString& aSpec, OriginAttributes* aAttrs)
   // For IPv6 URL, it should at least have three groups.
   MOZ_ASSERT_IF(mIPGroup > 0, mIPGroup >= 3);
 
-  if (mAppId == kNoAppId) {
-    *aAttrs = mOriginAttributes;
-  } else {
-    MOZ_ASSERT(mOriginAttributes.mAppId == kNoAppId);
-
-    *aAttrs = OriginAttributes(mAppId, mInIsolatedMozBrowser);
-  }
-
+  *aAttrs = mOriginAttributes;
   nsAutoCString spec(mScheme);
 
   if (mSchemeType == eFile) {
@@ -9152,9 +9131,8 @@ void OriginParser::HandleToken(const nsDependentCSubstring& aToken) {
         nsCString token(aToken);
 
         nsresult rv;
-        uint32_t appId = token.ToInteger(&rv);
+        Unused << token.ToInteger(&rv);
         if (NS_SUCCEEDED(rv)) {
-          mAppId = appId;
           mState = eExpectingInMozBrowser;
           return;
         }
@@ -9929,20 +9907,6 @@ nsresult UpgradeStorageFrom1_0To2_0Helper::MaybeRemoveMorgueDirectory(
 nsresult UpgradeStorageFrom1_0To2_0Helper::MaybeRemoveAppsData(
     const OriginProps& aOriginProps, bool* aRemoved) {
   AssertIsOnIOThread();
-
-  // XXX This will need to be reworked as part of bug 1320404 (appId is
-  //     going to be removed from origin attributes).
-  if (aOriginProps.mAttrs.mAppId != kNoAppId &&
-      aOriginProps.mAttrs.mAppId != kUnknownAppId) {
-    nsresult rv = RemoveObsoleteOrigin(aOriginProps);
-    if (NS_WARN_IF(NS_FAILED(rv))) {
-      return rv;
-    }
-
-    *aRemoved = true;
-    return NS_OK;
-  }
-
   *aRemoved = false;
   return NS_OK;
 }

dom/quota/SerializationHelpers.h

@@ -33,7 +33,6 @@ struct ParamTraits<mozilla::OriginAttributesPattern> {
   typedef mozilla::OriginAttributesPattern paramType;
 
   static void Write(Message* aMsg, const paramType& aParam) {
-    WriteParam(aMsg, aParam.mAppId);
     WriteParam(aMsg, aParam.mFirstPartyDomain);
     WriteParam(aMsg, aParam.mInIsolatedMozBrowser);
     WriteParam(aMsg, aParam.mPrivateBrowsingId);
@@ -42,8 +41,7 @@ struct ParamTraits<mozilla::OriginAttributesPattern> {
 
   static bool Read(const Message* aMsg, PickleIterator* aIter,
                    paramType* aResult) {
-    return ReadParam(aMsg, aIter, &aResult->mAppId) &&
-           ReadParam(aMsg, aIter, &aResult->mFirstPartyDomain) &&
+    return ReadParam(aMsg, aIter, &aResult->mFirstPartyDomain) &&
            ReadParam(aMsg, aIter, &aResult->mInIsolatedMozBrowser) &&
            ReadParam(aMsg, aIter, &aResult->mPrivateBrowsingId) &&
            ReadParam(aMsg, aIter, &aResult->mUserContextId);

dom/quota/nsIQuotaManagerService.idl

@@ -109,12 +109,14 @@ interface nsIQuotaManagerService : nsISupports
 
   /**
    * Removes all storages stored for the given pattern. The files may not be
-   * deleted immediately depending on prohibitive concurrent operations.
-   * In terms of locks, it will get an exclusive multi directory lock for given
-   * pattern.  For example, given pattern {"appId":1007} and set of 3 origins
-   * ["http://www.mozilla.org^appId=1007", "http://www.example.org^appId=1007",
-   * "http://www.example.org^appId=1008"], the method will only lock 2 origins
-   * ["http://www.mozilla.org^appId=1007", "http://www.example.org^appId=1007"].
+   * deleted immediately depending on prohibitive concurrent operations.  In
+   * terms of locks, it will get an exclusive multi directory lock for given
+   * pattern.  For example, given pattern {"userContextId":1007} and set of 3
+   * origins ["http://www.mozilla.org^userContextId=1007",
+   * "http://www.example.org^userContextId=1007",
+   * "http://www.example.org^userContextId=1008"], the method will only lock 2
+   * origins ["http://www.mozilla.org^userContextId=1007",
+   * "http://www.example.org^userContextId=1007"].
    *
    * @param aPattern
    *        A pattern for the origins whose storages are to be cleared.

dom/quota/test/gtest/TestQuotaManager.cpp

@@ -48,13 +48,6 @@ TEST(QuotaManager, OriginScope)
     EXPECT_TRUE(originScope.GetOriginNoSuffix().Equals(prefix));
   }
 
-  {
-    NS_NAMED_LITERAL_STRING(pattern, "{\"appId\":1007}");
-    originScope.SetFromJSONPattern(pattern);
-    EXPECT_TRUE(originScope.IsPattern());
-    EXPECT_TRUE(originScope.GetJSONPattern().Equals(pattern));
-  }
-
   {
     originScope.SetFromNull();
     EXPECT_TRUE(originScope.IsNull());
@@ -89,20 +82,6 @@ TEST(QuotaManager, OriginScope)
     }
   }
 
-  {
-    originScope.SetFromJSONPattern(NS_LITERAL_STRING("{\"appId\":1007}"));
-
-    static const OriginTest tests[] = {
-        {"http+++www.mozilla.org^appId=1007", true},
-        {"http+++www.example.org^appId=1007", true},
-        {"http+++www.example.org^appId=1008", false},
-    };
-
-    for (const auto& test : tests) {
-      CheckOriginScopeMatchesOrigin(originScope, test.mOrigin, test.mMatch);
-    }
-  }
-
   {
     originScope.SetFromNull();
 
@@ -110,9 +89,6 @@ TEST(QuotaManager, OriginScope)
         {"http://www.mozilla.org", true},
         {"http://www.mozilla.org^userContextId=1", true},
         {"http://www.example.org^userContextId=1", true},
-        {"http+++www.mozilla.org^appId=1007", true},
-        {"http+++www.example.org^appId=1007", true},
-        {"http+++www.example.org^appId=1008", true},
     };
 
     for (const auto& test : tests) {

dom/quota/test/unit/test_removeAppsUpgrade.js

@@ -1,66 +0,0 @@
-/**
- * Any copyright is dedicated to the Public Domain.
- * http://creativecommons.org/publicdomain/zero/1.0/
- */
-
-var testGenerator = testSteps();
-
-function* testSteps()
-{
-  const origins = [
-    {
-      path: "storage/default/http+++www.mozilla.org",
-      obsolete: false
-    },
-
-    {
-      path: "storage/default/app+++system.gaiamobile.org^appId=1007",
-      obsolete: true
-    },
-
-    {
-      path: "storage/default/https+++developer.cdn.mozilla.net^appId=1007&inBrowser=1",
-      obsolete: true
-    }
-  ];
-
-  info("Clearing");
-
-  clear(continueToNextStepSync);
-  yield undefined;
-
-  info("Installing package");
-
-  installPackage("removeAppsUpgrade_profile");
-
-  info("Checking origin directories");
-
-  for (let origin of origins) {
-    let originDir = getRelativeFile(origin.path);
-
-    let exists = originDir.exists();
-    ok(exists, "Origin directory does exist");
-  }
-
-  info("Initializing");
-
-  let request = init(continueToNextStepSync);
-  yield undefined;
-
-  ok(request.resultCode == NS_OK, "Initialization succeeded");
-
-  info("Checking origin directories");
-
-  for (let origin of origins) {
-    let originDir = getRelativeFile(origin.path);
-
-    let exists = originDir.exists();
-    if (origin.obsolete) {
-      ok(!exists, "Origin directory doesn't exist");
-    } else {
-      ok(exists, "Origin directory does exist");
-    }
-  }
-
-  finishTest();
-}

dom/quota/test/unit/xpcshell.ini

@@ -18,7 +18,6 @@ support-files =
   morgueCleanup_profile.zip
   obsoleteOriginAttributes_profile.zip
   originAttributesUpgrade_profile.zip
-  removeAppsUpgrade_profile.zip
   removeLocalStorage1_profile.zip
   removeLocalStorage2_profile.zip
   storagePersistentUpgrade_profile.zip
@@ -46,7 +45,6 @@ support-files =
 [test_persist_eviction.js]
 [test_persist_globalLimit.js]
 [test_persist_groupLimit.js]
-[test_removeAppsUpgrade.js]
 [test_removeLocalStorage.js]
 [test_simpledb.js]
 [test_specialOrigins.js]

dom/serviceworkers/ServiceWorkerManager.cpp

@@ -1504,12 +1504,6 @@ ServiceWorkerManager::GetServiceWorkerRegistrationInfo(nsIPrincipal* aPrincipal,
   MOZ_ASSERT(aPrincipal);
   MOZ_ASSERT(aURI);
 
-  // XXXnsm Temporary fix until Bug 1171432 is fixed.
-  if (NS_WARN_IF(BasePrincipal::Cast(aPrincipal)->AppId() ==
-                 nsIScriptSecurityManager::UNKNOWN_APP_ID)) {
-    return nullptr;
-  }
-
   nsAutoCString scopeKey;
   nsresult rv = PrincipalToScopeKey(aPrincipal, scopeKey);
   if (NS_FAILED(rv)) {

dom/serviceworkers/ServiceWorkerManager.h

@@ -328,9 +328,8 @@ class ServiceWorkerManager final : public nsIServiceWorkerManager,
   GetServiceWorkerRegistrationInfo(const nsACString& aScopeKey,
                                    nsIURI* aURI) const;
 
-  // This method generates a key using appId and isInElementBrowser from the
-  // principal. We don't use the origin because it can change during the
-  // loading.
+  // This method generates a key using isInElementBrowser from the principal. We
+  // don't use the origin because it can change during the loading.
   static nsresult PrincipalToScopeKey(nsIPrincipal* aPrincipal,
                                       nsACString& aKey);
 

dom/serviceworkers/test/gtest/TestReadWrite.cpp

@@ -159,7 +159,7 @@ TEST(ServiceWorkerRegistrar, TestReadData)
 {
   nsAutoCString buffer(SERVICEWORKERREGISTRAR_VERSION "\n");
 
-  buffer.AppendLiteral("^appId=123&inBrowser=1\n");
+  buffer.AppendLiteral("^inBrowser=1\n");
   buffer.AppendLiteral("https://scope_0.org\ncurrentWorkerURL 0\n");
   buffer.Append(SERVICEWORKERREGISTRAR_TRUE "\n");
   buffer.AppendLiteral("cacheName 0\n");
@@ -208,7 +208,7 @@ TEST(ServiceWorkerRegistrar, TestReadData)
   nsAutoCString suffix0;
   cInfo0.attrs().CreateSuffix(suffix0);
 
-  ASSERT_STREQ("^appId=123&inBrowser=1", suffix0.get());
+  ASSERT_STREQ("^inBrowser=1", suffix0.get());
   ASSERT_STREQ("https://scope_0.org", cInfo0.spec().get());
   ASSERT_STREQ("https://scope_0.org", data[0].scope().get());
   ASSERT_STREQ("currentWorkerURL 0", data[0].currentWorkerURL().get());
@@ -265,7 +265,7 @@ TEST(ServiceWorkerRegistrar, TestWriteData)
   {
     RefPtr<ServiceWorkerRegistrarTest> swr = new ServiceWorkerRegistrarTest;
 
-    for (int i = 0; i < 10; ++i) {
+    for (int i = 0; i < 2; ++i) {
       ServiceWorkerRegistrationData reg;
 
       reg.scope() = nsPrintfCString("https://scope_write_%d.org", i);
@@ -285,7 +285,7 @@ TEST(ServiceWorkerRegistrar, TestWriteData)
 
       nsTArray<mozilla::ipc::ContentSecurityPolicy> policies;
       reg.principal() = mozilla::ipc::ContentPrincipalInfo(
-          mozilla::OriginAttributes(i, i % 2), spec, spec, mozilla::Nothing(),
+          mozilla::OriginAttributes(i % 2), spec, spec, mozilla::Nothing(),
           std::move(policies), spec);
 
       swr->TestRegisterServiceWorker(reg);
@@ -301,16 +301,16 @@ TEST(ServiceWorkerRegistrar, TestWriteData)
   ASSERT_EQ(NS_OK, rv) << "ReadData() should not fail";
 
   const nsTArray<ServiceWorkerRegistrationData>& data = swr->TestGetData();
-  ASSERT_EQ((uint32_t)10, data.Length()) << "10 entries should be found";
+  ASSERT_EQ((uint32_t)2, data.Length()) << "2 entries should be found";
 
-  for (int i = 0; i < 10; ++i) {
+  for (int i = 0; i < 2; ++i) {
     nsAutoCString test;
 
     ASSERT_EQ(data[i].principal().type(),
               mozilla::ipc::PrincipalInfo::TContentPrincipalInfo);
     const mozilla::ipc::ContentPrincipalInfo& cInfo = data[i].principal();
 
-    mozilla::OriginAttributes attrs(i, i % 2);
+    mozilla::OriginAttributes attrs(i % 2);
     nsAutoCString suffix, expectSuffix;
     attrs.CreateSuffix(expectSuffix);
     cInfo.attrs().CreateSuffix(suffix);
@@ -380,7 +380,7 @@ TEST(ServiceWorkerRegistrar, TestVersion2Migration)
   nsAutoCString suffix0;
   cInfo0.attrs().CreateSuffix(suffix0);
 
-  ASSERT_STREQ("^appId=123&inBrowser=1", suffix0.get());
+  ASSERT_STREQ("^inBrowser=1", suffix0.get());
   ASSERT_STREQ("https://scope_0.org", cInfo0.spec().get());
   ASSERT_STREQ("https://scope_0.org", data[0].scope().get());
   ASSERT_STREQ("currentWorkerURL 0", data[0].currentWorkerURL().get());
@@ -450,7 +450,7 @@ TEST(ServiceWorkerRegistrar, TestVersion3Migration)
   nsAutoCString suffix0;
   cInfo0.attrs().CreateSuffix(suffix0);
 
-  ASSERT_STREQ("^appId=123&inBrowser=1", suffix0.get());
+  ASSERT_STREQ("^inBrowser=1", suffix0.get());
   ASSERT_STREQ("https://scope_0.org", cInfo0.spec().get());
   ASSERT_STREQ("https://scope_0.org", data[0].scope().get());
   ASSERT_STREQ("currentWorkerURL 0", data[0].currentWorkerURL().get());
@@ -518,7 +518,7 @@ TEST(ServiceWorkerRegistrar, TestVersion4Migration)
   nsAutoCString suffix0;
   cInfo0.attrs().CreateSuffix(suffix0);
 
-  ASSERT_STREQ("^appId=123&inBrowser=1", suffix0.get());
+  ASSERT_STREQ("^inBrowser=1", suffix0.get());
   ASSERT_STREQ("https://scope_0.org", cInfo0.spec().get());
   ASSERT_STREQ("https://scope_0.org", data[0].scope().get());
   ASSERT_STREQ("currentWorkerURL 0", data[0].currentWorkerURL().get());
@@ -590,7 +590,7 @@ TEST(ServiceWorkerRegistrar, TestVersion5Migration)
   nsAutoCString suffix0;
   cInfo0.attrs().CreateSuffix(suffix0);
 
-  ASSERT_STREQ("^appId=123&inBrowser=1", suffix0.get());
+  ASSERT_STREQ("^inBrowser=1", suffix0.get());
   ASSERT_STREQ("https://scope_0.org", cInfo0.spec().get());
   ASSERT_STREQ("https://scope_0.org", data[0].scope().get());
   ASSERT_STREQ("currentWorkerURL 0", data[0].currentWorkerURL().get());
@@ -664,7 +664,7 @@ TEST(ServiceWorkerRegistrar, TestVersion6Migration)
   nsAutoCString suffix0;
   cInfo0.attrs().CreateSuffix(suffix0);
 
-  ASSERT_STREQ("^appId=123&inBrowser=1", suffix0.get());
+  ASSERT_STREQ("^inBrowser=1", suffix0.get());
   ASSERT_STREQ("https://scope_0.org", cInfo0.spec().get());
   ASSERT_STREQ("https://scope_0.org", data[0].scope().get());
   ASSERT_STREQ("currentWorkerURL 0", data[0].currentWorkerURL().get());
@@ -751,7 +751,7 @@ TEST(ServiceWorkerRegistrar, TestVersion7Migration)
   nsAutoCString suffix0;
   cInfo0.attrs().CreateSuffix(suffix0);
 
-  ASSERT_STREQ("^appId=123&inBrowser=1", suffix0.get());
+  ASSERT_STREQ("^inBrowser=1", suffix0.get());
   ASSERT_STREQ("https://scope_0.org", cInfo0.spec().get());
   ASSERT_STREQ("https://scope_0.org", data[0].scope().get());
   ASSERT_STREQ("currentWorkerURL 0", data[0].currentWorkerURL().get());
@@ -791,7 +791,7 @@ TEST(ServiceWorkerRegistrar, TestDedupeRead)
       "\n");
 
   // unique entries
-  buffer.AppendLiteral("^appId=123&inBrowser=1\n");
+  buffer.AppendLiteral("^inBrowser=1\n");
   buffer.AppendLiteral(
       "spec 0\nhttps://scope_0.org\ncurrentWorkerURL 0\ncacheName 0\n");
   buffer.AppendLiteral(SERVICEWORKERREGISTRAR_TERMINATOR "\n");
@@ -802,12 +802,12 @@ TEST(ServiceWorkerRegistrar, TestDedupeRead)
   buffer.AppendLiteral(SERVICEWORKERREGISTRAR_TERMINATOR "\n");
 
   // dupe entries
-  buffer.AppendLiteral("^appId=123&inBrowser=1\n");
+  buffer.AppendLiteral("^inBrowser=1\n");
   buffer.AppendLiteral(
       "spec 1\nhttps://scope_0.org\ncurrentWorkerURL 0\ncacheName 0\n");
   buffer.AppendLiteral(SERVICEWORKERREGISTRAR_TERMINATOR "\n");
 
-  buffer.AppendLiteral("^appId=123&inBrowser=1\n");
+  buffer.AppendLiteral("^inBrowser=1\n");
   buffer.AppendLiteral(
       "spec 2\nhttps://scope_0.org\ncurrentWorkerURL 0\ncacheName 0\n");
   buffer.AppendLiteral(SERVICEWORKERREGISTRAR_TERMINATOR "\n");
@@ -836,7 +836,7 @@ TEST(ServiceWorkerRegistrar, TestDedupeRead)
   nsAutoCString suffix0;
   cInfo0.attrs().CreateSuffix(suffix0);
 
-  ASSERT_STREQ("^appId=123&inBrowser=1", suffix0.get());
+  ASSERT_STREQ("^inBrowser=1", suffix0.get());
   ASSERT_STREQ("https://scope_0.org", cInfo0.spec().get());
   ASSERT_STREQ("https://scope_0.org", data[0].scope().get());
   ASSERT_STREQ("currentWorkerURL 0", data[0].currentWorkerURL().get());
@@ -874,7 +874,7 @@ TEST(ServiceWorkerRegistrar, TestDedupeWrite)
   {
     RefPtr<ServiceWorkerRegistrarTest> swr = new ServiceWorkerRegistrarTest;
 
-    for (int i = 0; i < 10; ++i) {
+    for (int i = 0; i < 2; ++i) {
       ServiceWorkerRegistrationData reg;
 
       reg.scope() = NS_LITERAL_CSTRING("https://scope_write.dedupe");
@@ -890,7 +890,7 @@ TEST(ServiceWorkerRegistrar, TestDedupeWrite)
 
       nsTArray<mozilla::ipc::ContentSecurityPolicy> policies;
       reg.principal() = mozilla::ipc::ContentPrincipalInfo(
-          mozilla::OriginAttributes(0, false), spec, spec, mozilla::Nothing(),
+          mozilla::OriginAttributes(false), spec, spec, mozilla::Nothing(),
           std::move(policies), spec);
 
       swr->TestRegisterServiceWorker(reg);
@@ -913,19 +913,19 @@ TEST(ServiceWorkerRegistrar, TestDedupeWrite)
             mozilla::ipc::PrincipalInfo::TContentPrincipalInfo);
   const mozilla::ipc::ContentPrincipalInfo& cInfo = data[0].principal();
 
-  mozilla::OriginAttributes attrs(0, false);
+  mozilla::OriginAttributes attrs(false);
   nsAutoCString suffix, expectSuffix;
   attrs.CreateSuffix(expectSuffix);
   cInfo.attrs().CreateSuffix(suffix);
 
   // Last entry passed to RegisterServiceWorkerInternal() should overwrite
-  // previous values.  So expect "9" in values here.
+  // previous values.  So expect "1" in values here.
   ASSERT_STREQ(expectSuffix.get(), suffix.get());
   ASSERT_STREQ("https://scope_write.dedupe", cInfo.spec().get());
   ASSERT_STREQ("https://scope_write.dedupe", data[0].scope().get());
-  ASSERT_STREQ("currentWorkerURL write 9", data[0].currentWorkerURL().get());
+  ASSERT_STREQ("currentWorkerURL write 1", data[0].currentWorkerURL().get());
   ASSERT_EQ(true, data[0].currentWorkerHandlesFetch());
-  ASSERT_STREQ("cacheName write 9",
+  ASSERT_STREQ("cacheName write 1",
                NS_ConvertUTF16toUTF8(data[0].cacheName()).get());
   ASSERT_EQ(nsIServiceWorkerRegistrationInfo::UPDATE_VIA_CACHE_IMPORTS,
             data[0].updateViaCache());

dom/storage/StorageDBUpdater.cpp

@@ -70,6 +70,7 @@ class ExtractOriginData : protected mozilla::Tokenizer {
     origin.Assign(scope);
 
     // Bail out if it isn't appId.
+    // AppId doesn't exist any more but we could have old storage data...
     uint32_t appId;
     if (!ReadInteger(&appId)) {
       return;
@@ -130,7 +131,7 @@ class ExtractOriginData : protected mozilla::Tokenizer {
         }
       }
     } else {
-      OriginAttributes attrs(appId, inIsolatedMozBrowser);
+      OriginAttributes attrs(inIsolatedMozBrowser);
       attrs.CreateSuffix(suffix);
     }
 

dom/storage/StorageUtils.cpp

@@ -118,9 +118,8 @@ nsCString Scheme0Scope(const nsACString& aOriginSuffix,
     MOZ_ASSERT(success);
   }
 
-  if (oa.mAppId != nsIScriptSecurityManager::NO_APP_ID ||
-      oa.mInIsolatedMozBrowser) {
-    result.AppendInt(oa.mAppId);
+  if (oa.mInIsolatedMozBrowser) {
+    result.AppendInt(nsIScriptSecurityManager::NO_APP_ID);
     result.Append(':');
     result.Append(oa.mInIsolatedMozBrowser ? 't' : 'f');
     result.Append(':');
@@ -132,7 +131,6 @@ nsCString Scheme0Scope(const nsACString& aOriginSuffix,
   // with originAttributes and originKey columns) so that switch between
   // schema 1 and 0 always works in both ways.
   nsAutoCString remaining;
-  oa.mAppId = 0;
   oa.mInIsolatedMozBrowser = false;
   oa.CreateSuffix(remaining);
   if (!remaining.IsEmpty()) {

dom/workers/WorkerLoadInfo.cpp

@@ -213,7 +213,7 @@ nsresult WorkerLoadInfo::GetPrincipalsAndLoadGroupFromChannel(
   }
 
   // The principal can change, but it should still match the original
-  // load group's appId and browser element flag.
+  // load group's browser element flag.
   MOZ_ASSERT(NS_LoadGroupMatchesPrincipal(channelLoadGroup, channelPrincipal));
 
   channelPrincipal.forget(aPrincipalOut);

extensions/permissions/nsPermissionManager.cpp

@@ -199,10 +199,9 @@ nsresult GetPrincipalFromOrigin(const nsACString& aOrigin,
   return NS_OK;
 }
 
-nsresult GetPrincipal(nsIURI* aURI, uint32_t aAppId,
-                      bool aIsInIsolatedMozBrowserElement,
+nsresult GetPrincipal(nsIURI* aURI, bool aIsInIsolatedMozBrowserElement,
                       nsIPrincipal** aPrincipal) {
-  mozilla::OriginAttributes attrs(aAppId, aIsInIsolatedMozBrowserElement);
+  mozilla::OriginAttributes attrs(aIsInIsolatedMozBrowserElement);
   nsCOMPtr<nsIPrincipal> principal =
       mozilla::BasePrincipal::CreateCodebasePrincipal(aURI, attrs);
   NS_ENSURE_TRUE(principal, NS_ERROR_FAILURE);
@@ -465,8 +464,7 @@ class MOZ_STACK_CLASS UpgradeIPHostToOriginDB final
 nsresult UpgradeHostToOriginAndInsert(
     const nsACString& aHost, const nsCString& aType, uint32_t aPermission,
     uint32_t aExpireType, int64_t aExpireTime, int64_t aModificationTime,
-    uint32_t aAppId, bool aIsInIsolatedMozBrowserElement,
-    UpgradeHostToOriginHelper* aHelper) {
+    bool aIsInIsolatedMozBrowserElement, UpgradeHostToOriginHelper* aHelper) {
   if (aHost.EqualsLiteral("<file>")) {
     // We no longer support the magic host <file>
     NS_WARNING(
@@ -491,7 +489,7 @@ nsresult UpgradeHostToOriginAndInsert(
     }
 
     nsCOMPtr<nsIPrincipal> principal;
-    rv = GetPrincipal(uri, aAppId, aIsInIsolatedMozBrowserElement,
+    rv = GetPrincipal(uri, aIsInIsolatedMozBrowserElement,
                       getter_AddRefs(principal));
     NS_ENSURE_SUCCESS(rv, rv);
 
@@ -606,7 +604,7 @@ nsresult UpgradeHostToOriginAndInsert(
 
       // We now have a URI which we can make a nsIPrincipal out of
       nsCOMPtr<nsIPrincipal> principal;
-      rv = GetPrincipal(uri, aAppId, aIsInIsolatedMozBrowserElement,
+      rv = GetPrincipal(uri, aIsInIsolatedMozBrowserElement,
                         getter_AddRefs(principal));
       if (NS_WARN_IF(NS_FAILED(rv))) continue;
 
@@ -654,7 +652,7 @@ nsresult UpgradeHostToOriginAndInsert(
                    NS_LITERAL_CSTRING("http://") + hostSegment);
     NS_ENSURE_SUCCESS(rv, rv);
 
-    rv = GetPrincipal(uri, aAppId, aIsInIsolatedMozBrowserElement,
+    rv = GetPrincipal(uri, aIsInIsolatedMozBrowserElement,
                       getter_AddRefs(principal));
     NS_ENSURE_SUCCESS(rv, rv);
 
@@ -669,7 +667,7 @@ nsresult UpgradeHostToOriginAndInsert(
                    NS_LITERAL_CSTRING("https://") + hostSegment);
     NS_ENSURE_SUCCESS(rv, rv);
 
-    rv = GetPrincipal(uri, aAppId, aIsInIsolatedMozBrowserElement,
+    rv = GetPrincipal(uri, aIsInIsolatedMozBrowserElement,
                       getter_AddRefs(principal));
     NS_ENSURE_SUCCESS(rv, rv);
 
@@ -1315,7 +1313,7 @@ nsresult nsPermissionManager::InitDB(bool aRemoveFile) {
           uint32_t expireType;
           int64_t expireTime;
           int64_t modificationTime;
-          uint32_t appId;
+          uint32_t deprecatedAppId;
           bool isInBrowserElement;
           bool hasResult;
 
@@ -1339,7 +1337,7 @@ nsresult nsPermissionManager::InitDB(bool aRemoveFile) {
               migrationError = true;
               continue;
             }
-            appId = static_cast<uint32_t>(stmt->AsInt64(6));
+            deprecatedAppId = static_cast<uint32_t>(stmt->AsInt64(6));  // TODO
             isInBrowserElement = static_cast<bool>(stmt->AsInt32(7));
 
             // Perform the meat of the migration by deferring to the
@@ -1347,7 +1345,7 @@ nsresult nsPermissionManager::InitDB(bool aRemoveFile) {
             UpgradeHostToOriginDBMigration upHelper(mDBConn, &id);
             rv = UpgradeHostToOriginAndInsert(
                 host, type, permission, expireType, expireTime,
-                modificationTime, appId, isInBrowserElement, &upHelper);
+                modificationTime, isInBrowserElement, &upHelper);
             if (NS_FAILED(rv)) {
               NS_WARNING(
                   "Unexpected failure when upgrading migrating permission "
@@ -1504,7 +1502,7 @@ nsresult nsPermissionManager::InitDB(bool aRemoveFile) {
           uint32_t expireType;
           int64_t expireTime;
           int64_t modificationTime;
-          uint32_t appId;
+          uint32_t deprecatedAppId;
           bool isInBrowserElement;
 
           while (NS_SUCCEEDED(stmt->ExecuteStep(&hasResult)) && hasResult) {
@@ -1533,7 +1531,7 @@ nsresult nsPermissionManager::InitDB(bool aRemoveFile) {
             if (NS_WARN_IF(stmt->AsInt64(6) < 0)) {
               continue;
             }
-            appId = static_cast<uint32_t>(stmt->AsInt64(6));
+            deprecatedAppId = static_cast<uint32_t>(stmt->AsInt64(6));  // TODO
             isInBrowserElement = static_cast<bool>(stmt->AsInt32(7));
 
             // Perform the meat of the migration by deferring to the
@@ -1541,7 +1539,7 @@ nsresult nsPermissionManager::InitDB(bool aRemoveFile) {
             UpgradeIPHostToOriginDB upHelper(mDBConn, &id);
             rv = UpgradeHostToOriginAndInsert(
                 host, type, permission, expireType, expireTime,
-                modificationTime, appId, isInBrowserElement, &upHelper);
+                modificationTime, isInBrowserElement, &upHelper);
             if (NS_FAILED(rv)) {
               NS_WARNING(
                   "Unexpected failure when upgrading migrating permission "
@@ -3004,10 +3002,10 @@ nsresult nsPermissionManager::_DoImport(nsIInputStream* inputStream,
       int64_t modificationTime = 0;
 
       UpgradeHostToOriginHostfileImport upHelper(this, operation, id);
-      error = UpgradeHostToOriginAndInsert(
-          lineArray[3], lineArray[1], permission,
-          nsIPermissionManager::EXPIRE_NEVER, 0, modificationTime,
-          nsIScriptSecurityManager::NO_APP_ID, false, &upHelper);
+      error =
+          UpgradeHostToOriginAndInsert(lineArray[3], lineArray[1], permission,
+                                       nsIPermissionManager::EXPIRE_NEVER, 0,
+                                       modificationTime, false, &upHelper);
       if (NS_FAILED(error)) {
         NS_WARNING("There was a problem importing a host permission");
       }

extensions/permissions/test/unit/test_permmanager_cleardata.js

@@ -53,16 +53,14 @@ function run_test()
          .getService(Ci.nsIPermissionManager);
 
   let entries = [
-    { origin: 'http://example.com', originAttributes: { appId: 1 } },
-    { origin: 'http://example.com', originAttributes: { appId: 1, inIsolatedMozBrowser: true } },
     { origin: 'http://example.com', originAttributes: {} },
-    { origin: 'http://example.com', originAttributes: { appId: 2 } },
+    { origin: 'http://example.com', originAttributes: { inIsolatedMozBrowser: true } },
   ];
 
-  // In that case, all permissions from app 1 should be removed but not the other ones.
-  test(entries, getData({appId: 1}), [ pm.UNKNOWN_ACTION, pm.UNKNOWN_ACTION, pm.ALLOW_ACTION, pm.ALLOW_ACTION ]);
+  // In that case, all permissions should be removed.
+  test(entries, getData({}), [ pm.UNKNOWN_ACTION, pm.UNKNOWN_ACTION, pm.ALLOW_ACTION, pm.ALLOW_ACTION ]);
 
-  // In that case, only the permissions of app 1 related to a browserElement should be removed.
+  // In that case, only the permissions related to a browserElement should be removed.
   // All the other permissions should stay.
-  test(entries, getData({appId: 1, inIsolatedMozBrowser: true}), [ pm.ALLOW_ACTION, pm.UNKNOWN_ACTION, pm.ALLOW_ACTION, pm.ALLOW_ACTION ]);
+  test(entries, getData({ inIsolatedMozBrowser: true}), [ pm.ALLOW_ACTION, pm.UNKNOWN_ACTION, pm.ALLOW_ACTION, pm.ALLOW_ACTION ]);
 }

extensions/permissions/test/unit/test_permmanager_defaults.js

@@ -39,7 +39,7 @@ add_task(async function do_test() {
   conv.writeString("host\t" + TEST_PERMISSION + "\t1\t" + TEST_ORIGIN.host + "\n");
   conv.writeString("host\t" + TEST_PERMISSION + "\t1\t" + TEST_ORIGIN_2.host + "\n");
   conv.writeString("origin\t" + TEST_PERMISSION + "\t1\t" + TEST_ORIGIN_3.spec + "\n");
-  conv.writeString("origin\t" + TEST_PERMISSION + "\t1\t" + TEST_ORIGIN.spec + "^appId=1000&inBrowser=1\n");
+  conv.writeString("origin\t" + TEST_PERMISSION + "\t1\t" + TEST_ORIGIN.spec + "^inBrowser=1\n");
   ostream.close();
 
   // Set the preference used by the permission manager so the file is read.
@@ -57,7 +57,7 @@ add_task(async function do_test() {
   let principal2 = Services.scriptSecurityManager.createCodebasePrincipal(TEST_ORIGIN_2, {});
   let principal3 = Services.scriptSecurityManager.createCodebasePrincipal(TEST_ORIGIN_3, {});
 
-  let attrs = {appId: 1000, inIsolatedMozBrowser: true};
+  let attrs = {inIsolatedMozBrowser: true};
   let principal4 = Services.scriptSecurityManager.createCodebasePrincipal(TEST_ORIGIN, attrs);
   let principal5 = Services.scriptSecurityManager.createCodebasePrincipal(TEST_ORIGIN_3, attrs);
 

extensions/permissions/test/unit/test_permmanager_matches.js

@@ -38,44 +38,20 @@ function run_test() {
   let uri4 = NetUtil.newURI("https://hangouts.google.com/#!/hangout");
   let uri5 = NetUtil.newURI("http://google.com:8096/");
 
-  let uri0_n_n = secMan.createCodebasePrincipal(uri0, {});
-  let uri1_n_n = secMan.createCodebasePrincipal(uri1, {});
-  let uri2_n_n = secMan.createCodebasePrincipal(uri2, {});
-  let uri3_n_n = secMan.createCodebasePrincipal(uri3, {});
-  let uri4_n_n = secMan.createCodebasePrincipal(uri4, {});
-  let uri5_n_n = secMan.createCodebasePrincipal(uri5, {});
+  let uri0_n = secMan.createCodebasePrincipal(uri0, {});
+  let uri1_n = secMan.createCodebasePrincipal(uri1, {});
+  let uri2_n = secMan.createCodebasePrincipal(uri2, {});
+  let uri3_n = secMan.createCodebasePrincipal(uri3, {});
+  let uri4_n = secMan.createCodebasePrincipal(uri4, {});
+  let uri5_n = secMan.createCodebasePrincipal(uri5, {});
 
-  let attrs = {appId: 1000};
-  let uri0_1000_n = secMan.createCodebasePrincipal(uri0, attrs);
-  let uri1_1000_n = secMan.createCodebasePrincipal(uri1, attrs);
-  let uri2_1000_n = secMan.createCodebasePrincipal(uri2, attrs);
-  let uri3_1000_n = secMan.createCodebasePrincipal(uri3, attrs);
-  let uri4_1000_n = secMan.createCodebasePrincipal(uri4, attrs);
-  let uri5_1000_n = secMan.createCodebasePrincipal(uri5, attrs);
-
-  attrs = {appId: 1000, inIsolatedMozBrowser: true};
-  let uri0_1000_y = secMan.createCodebasePrincipal(uri0, attrs);
-  let uri1_1000_y = secMan.createCodebasePrincipal(uri1, attrs);
-  let uri2_1000_y = secMan.createCodebasePrincipal(uri2, attrs);
-  let uri3_1000_y = secMan.createCodebasePrincipal(uri3, attrs);
-  let uri4_1000_y = secMan.createCodebasePrincipal(uri4, attrs);
-  let uri5_1000_y = secMan.createCodebasePrincipal(uri5, attrs);
-
-  attrs = {appId: 2000};
-  let uri0_2000_n = secMan.createCodebasePrincipal(uri0, attrs);
-  let uri1_2000_n = secMan.createCodebasePrincipal(uri1, attrs);
-  let uri2_2000_n = secMan.createCodebasePrincipal(uri2, attrs);
-  let uri3_2000_n = secMan.createCodebasePrincipal(uri3, attrs);
-  let uri4_2000_n = secMan.createCodebasePrincipal(uri4, attrs);
-  let uri5_2000_n = secMan.createCodebasePrincipal(uri5, attrs);
-
-  attrs = {appId: 2000, inIsolatedMozBrowser: true};
-  let uri0_2000_y = secMan.createCodebasePrincipal(uri0, attrs);
-  let uri1_2000_y = secMan.createCodebasePrincipal(uri1, attrs);
-  let uri2_2000_y = secMan.createCodebasePrincipal(uri2, attrs);
-  let uri3_2000_y = secMan.createCodebasePrincipal(uri3, attrs);
-  let uri4_2000_y = secMan.createCodebasePrincipal(uri4, attrs);
-  let uri5_2000_y = secMan.createCodebasePrincipal(uri5, attrs);
+  attrs = {inIsolatedMozBrowser: true};
+  let uri0_y_ = secMan.createCodebasePrincipal(uri0, attrs);
+  let uri1_y_ = secMan.createCodebasePrincipal(uri1, attrs);
+  let uri2_y_ = secMan.createCodebasePrincipal(uri2, attrs);
+  let uri3_y_ = secMan.createCodebasePrincipal(uri3, attrs);
+  let uri4_y_ = secMan.createCodebasePrincipal(uri4, attrs);
+  let uri5_y_ = secMan.createCodebasePrincipal(uri5, attrs);
 
   attrs = {userContextId: 1};
   let uri0_1 = secMan.createCodebasePrincipal(uri0, attrs);
@@ -93,88 +69,54 @@ function run_test() {
   let uri4_cnn = secMan.createCodebasePrincipal(uri4, attrs);
   let uri5_cnn = secMan.createCodebasePrincipal(uri5, attrs);
 
-  pm.addFromPrincipal(uri0_n_n, "test/matches", pm.ALLOW_ACTION);
-  let perm_n_n = pm.getPermissionObject(uri0_n_n, "test/matches", true);
+  pm.addFromPrincipal(uri0_n, "test/matches", pm.ALLOW_ACTION);
+  let perm_n = pm.getPermissionObject(uri0_n, "test/matches", true);
   pm.addFromPrincipal(uri0_1000_n, "test/matches", pm.ALLOW_ACTION);
   let perm_1000_n = pm.getPermissionObject(uri0_1000_n, "test/matches", true);
-  pm.addFromPrincipal(uri0_1000_y, "test/matches", pm.ALLOW_ACTION);
-  let perm_1000_y = pm.getPermissionObject(uri0_1000_y, "test/matches", true);
-  pm.addFromPrincipal(uri0_2000_n, "test/matches", pm.ALLOW_ACTION);
-  let perm_2000_n = pm.getPermissionObject(uri0_2000_n, "test/matches", true);
-  pm.addFromPrincipal(uri0_2000_y, "test/matches", pm.ALLOW_ACTION);
-  let perm_2000_y = pm.getPermissionObject(uri0_2000_y, "test/matches", true);
+  pm.addFromPrincipal(uri0_y_, "test/matches", pm.ALLOW_ACTION);
+  let perm_y_ = pm.getPermissionObject(uri0_y_, "test/matches", true);
   pm.addFromPrincipal(uri0_1, "test/matches", pm.ALLOW_ACTION);
-  let perm_1 = pm.getPermissionObject(uri0_n_n, "test/matches", true);
+  let perm_1 = pm.getPermissionObject(uri0_n, "test/matches", true);
   pm.addFromPrincipal(uri0_cnn, "test/matches", pm.ALLOW_ACTION);
-  let perm_cnn = pm.getPermissionObject(uri0_n_n, "test/matches", true);
+  let perm_cnn = pm.getPermissionObject(uri0_n, "test/matches", true);
 
-  matches_always(perm_n_n, [uri0_n_n, uri0_1, uri0_cnn]);
-  matches_weak(perm_n_n, [uri1_n_n, uri1_1, uri1_cnn]);
-  matches_never(perm_n_n, [uri2_n_n, uri3_n_n, uri4_n_n, uri5_n_n,
+  matches_always(perm_n, [uri0_n, uri0_1, uri0_cnn]);
+  matches_weak(perm_n, [uri1_n, uri1_1, uri1_cnn]);
+  matches_never(perm_n, [uri2_n, uri3_n, uri4_n, uri5_n,
                            uri0_1000_n, uri1_1000_n, uri2_1000_n, uri3_1000_n, uri4_1000_n, uri5_1000_n,
-                           uri0_1000_y, uri1_1000_y, uri2_1000_y, uri3_1000_y, uri4_1000_y, uri5_1000_y,
-                           uri0_2000_n, uri1_2000_n, uri2_2000_n, uri3_2000_n, uri4_2000_n, uri5_2000_n,
-                           uri0_2000_y, uri1_2000_y, uri2_2000_y, uri3_2000_y, uri4_2000_y, uri5_2000_y,
+                           uri0_y_, uri1_y_, uri2_y_, uri3_y_, uri4_y_, uri5_y_,
                            uri2_1, uri3_1, uri4_1, uri5_1,
                            uri2_cnn, uri3_cnn, uri4_cnn, uri5_cnn]);
 
   matches_always(perm_1000_n, [uri0_1000_n]);
   matches_weak(perm_1000_n, [uri1_1000_n]);
   matches_never(perm_1000_n, [uri2_1000_n, uri3_1000_n, uri4_1000_n, uri5_1000_n,
-                              uri0_n_n, uri1_n_n, uri2_n_n, uri3_n_n, uri4_n_n, uri5_n_n,
-                              uri0_1000_y, uri1_1000_y, uri2_1000_y, uri3_1000_y, uri4_1000_y, uri5_1000_y,
-                              uri0_2000_n, uri1_2000_n, uri2_2000_n, uri3_2000_n, uri4_2000_n, uri5_2000_n,
-                              uri0_2000_y, uri1_2000_y, uri2_2000_y, uri3_2000_y, uri4_2000_y, uri5_2000_y,
+                              uri0_n, uri1_n, uri2_n, uri3_n, uri4_n, uri5_n,
+                              uri0_y_, uri1_y_, uri2_y_, uri3_y_, uri4_y_, uri5_y_,
                               uri0_1, uri1_1, uri2_1, uri3_1, uri4_1, uri5_1,
                               uri0_cnn, uri1_cnn, uri2_cnn, uri3_cnn, uri4_cnn, uri5_cnn]);
 
-  matches_always(perm_1000_y, [uri0_1000_y]);
-  matches_weak(perm_1000_y, [uri1_1000_y]);
-  matches_never(perm_1000_y, [uri2_1000_y, uri3_1000_y, uri4_1000_y, uri5_1000_y,
-                              uri0_n_n, uri1_n_n, uri2_n_n, uri3_n_n, uri4_n_n, uri5_n_n,
+  matches_always(perm_y_, [uri0_y_]);
+  matches_weak(perm_y_, [uri1_y_]);
+  matches_never(perm_y_, [uri2_y_, uri3_y_, uri4_y_, uri5_y_,
+                              uri0_n, uri1_n, uri2_n, uri3_n, uri4_n, uri5_n,
                               uri0_1000_n, uri1_1000_n, uri2_1000_n, uri3_1000_n, uri4_1000_n, uri5_1000_n,
-                              uri0_2000_n, uri1_2000_n, uri2_2000_n, uri3_2000_n, uri4_2000_n, uri5_2000_n,
-                              uri0_2000_y, uri1_2000_y, uri2_2000_y, uri3_2000_y, uri4_2000_y, uri5_2000_y,
                               uri0_1, uri1_1, uri2_1, uri3_1, uri4_1, uri5_1,
                               uri0_cnn, uri1_cnn, uri2_cnn, uri3_cnn, uri4_cnn, uri5_cnn]);
 
-  matches_always(perm_2000_n, [uri0_2000_n]);
-  matches_weak(perm_2000_n, [uri1_2000_n]);
-  matches_never(perm_2000_n, [uri2_2000_n, uri3_2000_n, uri4_2000_n, uri5_2000_n,
-                              uri0_n_n, uri1_n_n, uri2_n_n, uri3_n_n, uri4_n_n, uri5_n_n,
-                              uri0_2000_y, uri1_2000_y, uri2_2000_y, uri3_2000_y, uri4_2000_y, uri5_2000_y,
-                              uri0_1000_n, uri1_1000_n, uri2_1000_n, uri3_1000_n, uri4_1000_n, uri5_1000_n,
-                              uri0_1000_y, uri1_1000_y, uri2_1000_y, uri3_1000_y, uri4_1000_y, uri5_1000_y,
-                              uri0_1, uri1_1, uri2_1, uri3_1, uri4_1, uri5_1,
-                              uri0_cnn, uri1_cnn, uri2_cnn, uri3_cnn, uri4_cnn, uri5_cnn]);
-
-  matches_always(perm_2000_y, [uri0_2000_y]);
-  matches_weak(perm_2000_y, [uri1_2000_y]);
-  matches_never(perm_2000_y, [uri2_2000_y, uri3_2000_y, uri4_2000_y, uri5_2000_y,
-                              uri0_n_n, uri1_n_n, uri2_n_n, uri3_n_n, uri4_n_n, uri5_n_n,
-                              uri0_2000_n, uri1_2000_n, uri2_2000_n, uri3_2000_n, uri4_2000_n, uri5_2000_n,
-                              uri0_1000_n, uri1_1000_n, uri2_1000_n, uri3_1000_n, uri4_1000_n, uri5_1000_n,
-                              uri0_1000_y, uri1_1000_y, uri2_1000_y, uri3_1000_y, uri4_1000_y, uri5_1000_y,
-                              uri0_1, uri1_1, uri2_1, uri3_1, uri4_1, uri5_1,
-                              uri0_cnn, uri1_cnn, uri2_cnn, uri3_cnn, uri4_cnn, uri5_cnn]);
-
-  matches_always(perm_1, [uri0_n_n, uri0_1, uri0_cnn]);
-  matches_weak(perm_1, [uri1_n_n, uri1_1, uri1_cnn]);
-  matches_never(perm_1, [uri2_n_n, uri3_n_n, uri4_n_n, uri5_n_n,
+  matches_always(perm_1, [uri0_n, uri0_1, uri0_cnn]);
+  matches_weak(perm_1, [uri1_n, uri1_1, uri1_cnn]);
+  matches_never(perm_1, [uri2_n, uri3_n, uri4_n, uri5_n,
                          uri0_1000_n, uri1_1000_n, uri2_1000_n, uri3_1000_n, uri4_1000_n, uri5_1000_n,
-                         uri0_1000_y, uri1_1000_y, uri2_1000_y, uri3_1000_y, uri4_1000_y, uri5_1000_y,
-                         uri0_2000_n, uri1_2000_n, uri2_2000_n, uri3_2000_n, uri4_2000_n, uri5_2000_n,
-                         uri0_2000_y, uri1_2000_y, uri2_2000_y, uri3_2000_y, uri4_2000_y, uri5_2000_y,
+                         uri0_y_, uri1_y_, uri2_y_, uri3_y_, uri4_y_, uri5_y_,
                          uri2_1, uri3_1, uri4_1, uri5_1,
                          uri2_cnn, uri3_cnn, uri4_cnn, uri5_cnn]);
 
-  matches_always(perm_cnn, [uri0_n_n, uri0_1, uri0_cnn]);
-  matches_weak(perm_cnn, [uri1_n_n, uri1_1, uri1_cnn]);
-  matches_never(perm_cnn, [uri2_n_n, uri3_n_n, uri4_n_n, uri5_n_n,
+  matches_always(perm_cnn, [uri0_n, uri0_1, uri0_cnn]);
+  matches_weak(perm_cnn, [uri1_n, uri1_1, uri1_cnn]);
+  matches_never(perm_cnn, [uri2_n, uri3_n, uri4_n, uri5_n,
                            uri0_1000_n, uri1_1000_n, uri2_1000_n, uri3_1000_n, uri4_1000_n, uri5_1000_n,
-                           uri0_1000_y, uri1_1000_y, uri2_1000_y, uri3_1000_y, uri4_1000_y, uri5_1000_y,
-                           uri0_2000_n, uri1_2000_n, uri2_2000_n, uri3_2000_n, uri4_2000_n, uri5_2000_n,
-                           uri0_2000_y, uri1_2000_y, uri2_2000_y, uri3_2000_y, uri4_2000_y, uri5_2000_y,
+                           uri0_y_, uri1_y_, uri2_y_, uri3_y_, uri4_y_, uri5_y_,
                            uri2_1, uri3_1, uri4_1, uri5_1,
                            uri2_cnn, uri3_cnn, uri4_cnn, uri5_cnn]);
 

extensions/permissions/test/unit/test_permmanager_matchesuri.js

@@ -22,7 +22,7 @@ function matches_never(perm, uris) {
   });
 }
 
-function mk_permission(uri, isAppPermission = false) {
+function mk_permission(uri) {
   let pm = Cc["@mozilla.org/permissionmanager;1"].
         getService(Ci.nsIPermissionManager);
 
@@ -30,9 +30,7 @@ function mk_permission(uri, isAppPermission = false) {
         .getService(Ci.nsIScriptSecurityManager);
 
   // Get the permission from the principal!
-  let attrs = {appId: 1000};
-  let principal =
-    secMan.createCodebasePrincipal(uri, isAppPermission ? attrs : {});
+  let principal = secMan.createCodebasePrincipal(uri, {});
 
   pm.addFromPrincipal(principal, "test/matchesuri", pm.ALLOW_ACTION);
   let permission = pm.getPermissionObject(principal, "test/matchesuri", true);

extensions/permissions/test/unit/test_permmanager_migrate_4-7.js

@@ -109,8 +109,7 @@ add_task(async function test() {
     // The http:// entries under foo.com won't be inserted, as there are history entries for foo.com,
     // and http://foo.com or a subdomain are never visited.
     // ["http://foo.com", "A", 1, 0, 0],
-    // ["http://foo.com^appId=1000", "A", 1, 0, 0],
-    // ["http://foo.com^appId=2000&inBrowser=1", "A", 1, 0, 0],
+    // ["http://foo.com^inBrowser=1", "A", 1, 0, 0],
     //
     // Because we search for port/scheme combinations under eTLD+1, we should not have http:// entries
     // for subdomains of foo.com either
@@ -119,18 +118,15 @@ add_task(async function test() {
 
     ["https://foo.com", "A", 1, 0, 0],
     ["https://foo.com", "C", 1, 0, 0],
-    ["https://foo.com^appId=1000", "A", 1, 0, 0],
-    ["https://foo.com^appId=2000&inBrowser=1", "A", 1, 0, 0],
+    ["https://foo.com^inBrowser=1", "A", 1, 0, 0],
     ["https://sub.foo.com", "B", 1, 0, 0],
     ["https://subber.sub.foo.com", "B", 1, 0, 0],
 
     // bar.ca will have both http:// and https:// for all entries, because there are no associated history entries
     ["http://bar.ca", "B", 1, 0, 0],
     ["https://bar.ca", "B", 1, 0, 0],
-    ["http://bar.ca^appId=1000", "B", 1, 0, 0],
-    ["https://bar.ca^appId=1000", "B", 1, 0, 0],
-    ["http://bar.ca^appId=1000&inBrowser=1", "A", 1, 0, 0],
-    ["https://bar.ca^appId=1000&inBrowser=1", "A", 1, 0, 0],
+    ["http://bar.ca^inBrowser=1", "A", 1, 0, 0],
+    ["https://bar.ca^inBrowser=1", "A", 1, 0, 0],
     ["file:///some/path/to/file.html", "A", 1, 0, 0],
     ["file:///another/file.html", "A", 1, 0, 0],
 
@@ -138,8 +134,7 @@ add_task(async function test() {
     // also have these entries
     ["ftp://foo.com:8000", "A", 1, 0, 0],
     ["ftp://foo.com:8000", "C", 1, 0, 0],
-    ["ftp://foo.com:8000^appId=1000", "A", 1, 0, 0],
-    ["ftp://foo.com:8000^appId=2000&inBrowser=1", "A", 1, 0, 0],
+    ["ftp://foo.com:8000^inBrowser=1", "A", 1, 0, 0],
 
     // In addition, because we search for port/scheme combinations under eTLD+1, we should have the
     // following entries

extensions/permissions/test/unit/test_permmanager_migrate_4-7_no_history.js

@@ -144,25 +144,21 @@ add_task(function test() {
   let expected = [
     ["http://foo.com", "A", 1, 0, 0],
     ["http://foo.com", "C", 1, 0, 0],
-    ["http://foo.com^appId=1000", "A", 1, 0, 0],
-    ["http://foo.com^appId=2000&inBrowser=1", "A", 1, 0, 0],
+    ["http://foo.com^inBrowser=1", "A", 1, 0, 0],
     ["http://sub.foo.com", "B", 1, 0, 0],
     ["http://subber.sub.foo.com", "B", 1, 0, 0],
 
     ["https://foo.com", "A", 1, 0, 0],
     ["https://foo.com", "C", 1, 0, 0],
-    ["https://foo.com^appId=1000", "A", 1, 0, 0],
-    ["https://foo.com^appId=2000&inBrowser=1", "A", 1, 0, 0],
+    ["https://foo.com^inBrowser=1", "A", 1, 0, 0],
     ["https://sub.foo.com", "B", 1, 0, 0],
     ["https://subber.sub.foo.com", "B", 1, 0, 0],
 
     // bar.ca will have both http:// and https:// for all entries, because there are no associated history entries
     ["http://bar.ca", "B", 1, 0, 0],
     ["https://bar.ca", "B", 1, 0, 0],
-    ["http://bar.ca^appId=1000", "B", 1, 0, 0],
-    ["https://bar.ca^appId=1000", "B", 1, 0, 0],
-    ["http://bar.ca^appId=1000&inBrowser=1", "A", 1, 0, 0],
-    ["https://bar.ca^appId=1000&inBrowser=1", "A", 1, 0, 0],
+    ["http://bar.ca^inBrowser=1", "A", 1, 0, 0],
+    ["https://bar.ca^inBrowser=1", "A", 1, 0, 0],
     ["file:///some/path/to/file.html", "A", 1, 0, 0],
     ["file:///another/file.html", "A", 1, 0, 0],
 

extensions/permissions/test/unit/test_permmanager_migrate_5-7a.js

@@ -132,7 +132,7 @@ add_task(async function test() {
   let created5 = [
     insertOrigin("https://foo.com", "A", 2, 0, 0, 0),
     insertOrigin("http://foo.com", "A", 2, 0, 0, 0),
-    insertOrigin("http://foo.com^appId=1000&inBrowser=1", "A", 2, 0, 0, 0),
+    insertOrigin("http://foo.com^inBrowser=1", "A", 2, 0, 0, 0),
   ];
 
   // Add some rows to the database
@@ -168,8 +168,7 @@ add_task(async function test() {
     // The http:// entries under foo.com won't be inserted, as there are history entries for foo.com,
     // and http://foo.com or a subdomain are never visited.
     // ["http://foo.com", "A", 1, 0, 0],
-    // ["http://foo.com^appId=1000", "A", 1, 0, 0],
-    // ["http://foo.com^appId=2000&inBrowser=1", "A", 1, 0, 0],
+    // ["http://foo.com^inBrowser=1", "A", 1, 0, 0],
     //
     // Because we search for port/scheme combinations under eTLD+1, we should not have http:// entries
     // for subdomains of foo.com either
@@ -178,18 +177,15 @@ add_task(async function test() {
 
     ["https://foo.com", "A", 1, 0, 0],
     ["https://foo.com", "C", 1, 0, 0],
-    ["https://foo.com^appId=1000", "A", 1, 0, 0],
-    ["https://foo.com^appId=2000&inBrowser=1", "A", 1, 0, 0],
+    ["https://foo.com^inBrowser=1", "A", 1, 0, 0],
     ["https://sub.foo.com", "B", 1, 0, 0],
     ["https://subber.sub.foo.com", "B", 1, 0, 0],
 
     // bar.ca will have both http:// and https:// for all entries, because there are no associated history entries
     ["http://bar.ca", "B", 1, 0, 0],
     ["https://bar.ca", "B", 1, 0, 0],
-    ["http://bar.ca^appId=1000", "B", 1, 0, 0],
-    ["https://bar.ca^appId=1000", "B", 1, 0, 0],
-    ["http://bar.ca^appId=1000&inBrowser=1", "A", 1, 0, 0],
-    ["https://bar.ca^appId=1000&inBrowser=1", "A", 1, 0, 0],
+    ["http://bar.ca^inBrowser=1", "A", 1, 0, 0],
+    ["https://bar.ca^inBrowser=1", "A", 1, 0, 0],
     ["file:///some/path/to/file.html", "A", 1, 0, 0],
     ["file:///another/file.html", "A", 1, 0, 0],
 
@@ -197,8 +193,7 @@ add_task(async function test() {
     // also have these entries
     ["ftp://foo.com:8000", "A", 1, 0, 0],
     ["ftp://foo.com:8000", "C", 1, 0, 0],
-    ["ftp://foo.com:8000^appId=1000", "A", 1, 0, 0],
-    ["ftp://foo.com:8000^appId=2000&inBrowser=1", "A", 1, 0, 0],
+    ["ftp://foo.com:8000^inBrowser=1", "A", 1, 0, 0],
 
     // In addition, because we search for port/scheme combinations under eTLD+1, we should have the
     // following entries

extensions/permissions/test/unit/test_permmanager_migrate_6-7a.js

@@ -132,7 +132,7 @@ add_task(async function test() {
   let created6 = [
     insertOrigin("https://foo.com", "A", 2, 0, 0, 0),
     insertOrigin("http://foo.com", "A", 2, 0, 0, 0),
-    insertOrigin("http://foo.com^appId=1000&inBrowser=1", "A", 2, 0, 0, 0),
+    insertOrigin("http://foo.com^inBrowser=1", "A", 2, 0, 0, 0),
   ];
 
   // Add some rows to the database
@@ -168,8 +168,7 @@ add_task(async function test() {
     // The http:// entries under foo.com won't be inserted, as there are history entries for foo.com,
     // and http://foo.com or a subdomain are never visited.
     // ["http://foo.com", "A", 1, 0, 0],
-    // ["http://foo.com^appId=1000", "A", 1, 0, 0],
-    // ["http://foo.com^appId=2000&inBrowser=1", "A", 1, 0, 0],
+    // ["http://foo.com^inBrowser=1", "A", 1, 0, 0],
     //
     // Because we search for port/scheme combinations under eTLD+1, we should not have http:// entries
     // for subdomains of foo.com either
@@ -178,18 +177,15 @@ add_task(async function test() {
 
     ["https://foo.com", "A", 1, 0, 0],
     ["https://foo.com", "C", 1, 0, 0],
-    ["https://foo.com^appId=1000", "A", 1, 0, 0],
-    ["https://foo.com^appId=2000&inBrowser=1", "A", 1, 0, 0],
+    ["https://foo.com^inBrowser=1", "A", 1, 0, 0],
     ["https://sub.foo.com", "B", 1, 0, 0],
     ["https://subber.sub.foo.com", "B", 1, 0, 0],
 
     // bar.ca will have both http:// and https:// for all entries, because there are no associated history entries
     ["http://bar.ca", "B", 1, 0, 0],
     ["https://bar.ca", "B", 1, 0, 0],
-    ["http://bar.ca^appId=1000", "B", 1, 0, 0],
-    ["https://bar.ca^appId=1000", "B", 1, 0, 0],
-    ["http://bar.ca^appId=1000&inBrowser=1", "A", 1, 0, 0],
-    ["https://bar.ca^appId=1000&inBrowser=1", "A", 1, 0, 0],
+    ["http://bar.ca^inBrowser=1", "A", 1, 0, 0],
+    ["https://bar.ca^inBrowser=1", "A", 1, 0, 0],
     ["file:///some/path/to/file.html", "A", 1, 0, 0],
     ["file:///another/file.html", "A", 1, 0, 0],
 
@@ -197,8 +193,7 @@ add_task(async function test() {
     // also have these entries
     ["ftp://foo.com:8000", "A", 1, 0, 0],
     ["ftp://foo.com:8000", "C", 1, 0, 0],
-    ["ftp://foo.com:8000^appId=1000", "A", 1, 0, 0],
-    ["ftp://foo.com:8000^appId=2000&inBrowser=1", "A", 1, 0, 0],
+    ["ftp://foo.com:8000^inBrowser=1", "A", 1, 0, 0],
 
     // In addition, because we search for port/scheme combinations under eTLD+1, we should have the
     // following entries

extensions/permissions/test/unit/test_permmanager_migrate_7-8.js

@@ -137,7 +137,7 @@ add_task(async function test() {
   let created7 = [
     insertOrigin("https://foo.com", "A", 2, 0, 0, 0),
     insertOrigin("http://foo.com", "A", 2, 0, 0, 0),
-    insertOrigin("http://foo.com^appId=1000&inBrowser=1", "A", 2, 0, 0, 0),
+    insertOrigin("http://foo.com^inBrowser=1", "A", 2, 0, 0, 0),
     insertOrigin("https://192.0.2.235", "A", 2, 0, 0),
   ];
 
@@ -178,7 +178,7 @@ add_task(async function test() {
     // We should have kept the previously migrated entries
     ["https://foo.com", "A", 2, 0, 0, 0],
     ["http://foo.com", "A", 2, 0, 0, 0],
-    ["http://foo.com^appId=1000&inBrowser=1", "A", 2, 0, 0, 0],
+    ["http://foo.com^inBrowser=1", "A", 2, 0, 0, 0],
 
     // Make sure that we also support localhost, and IP addresses
     ["https://localhost:8080", "A", 1, 0, 0],

extensions/permissions/test/unit/test_permmanager_removeforapp.js

@@ -1,99 +0,0 @@
-/* Any copyright is dedicated to the Public Domain.
-   http://creativecommons.org/publicdomain/zero/1.0/ */
-
-function run_test() {
-  // initialize the permission manager service
-  let ssm = Services.scriptSecurityManager;
-  let pm = Services.perms;
-
-  function mkPrin(uri, appId, inIsolatedMozBrowser) {
-    return ssm.createCodebasePrincipal(Services.io.newURI(uri),
-                                       {appId: appId, inIsolatedMozBrowser: inIsolatedMozBrowser});
-  }
-
-  function checkPerms(perms) {
-    perms.forEach((perm) => {
-      // Look up the expected permission
-      Assert.equal(pm.getPermissionObject(mkPrin(perm[0],  perm[1], perm[2]),
-                                          perm[3], true).capability,
-                   perm[4], "Permission is expected in the permission database");
-    });
-
-    // Count the entries
-    let count = 0;
-    let enumerator = Services.perms.enumerator;
-    while (enumerator.hasMoreElements()) { enumerator.getNext(); count++; }
-
-    Assert.equal(count, perms.length, "There should be the right number of permissions in the DB");
-  }
-
-  checkPerms([]);
-
-  let permissions = [
-    ['http://google.com',  1001, false, 'a', 1],
-    ['http://google.com',  1001, false, 'b', 1],
-    ['http://mozilla.com', 1001, false, 'b', 1],
-    ['http://mozilla.com', 1001, false, 'a', 1],
-
-    ['http://google.com',  1001, true, 'a', 1],
-    ['http://google.com',  1001, true, 'b', 1],
-    ['http://mozilla.com', 1001, true, 'b', 1],
-    ['http://mozilla.com', 1001, true, 'a', 1],
-
-    ['http://google.com',  1011, false, 'a', 1],
-    ['http://google.com',  1011, false, 'b', 1],
-    ['http://mozilla.com', 1011, false, 'b', 1],
-    ['http://mozilla.com', 1011, false, 'a', 1],
-  ];
-
-  permissions.forEach((perm) => {
-    pm.addFromPrincipal(mkPrin(perm[0], perm[1], perm[2]), perm[3], perm[4]);
-  });
-
-  checkPerms(permissions);
-
-  let remove_false_perms = [
-    ['http://google.com',  1011, false, 'a', 1],
-    ['http://google.com',  1011, false, 'b', 1],
-    ['http://mozilla.com', 1011, false, 'b', 1],
-    ['http://mozilla.com', 1011, false, 'a', 1],
-  ];
-
-  let attrs = { appId: 1001 };
-  pm.removePermissionsWithAttributes(JSON.stringify(attrs));
-  checkPerms(remove_false_perms);
-
-  let restore = [
-    ['http://google.com',  1001, false, 'a', 1],
-    ['http://google.com',  1001, false, 'b', 1],
-    ['http://mozilla.com', 1001, false, 'b', 1],
-    ['http://mozilla.com', 1001, false, 'a', 1],
-
-    ['http://google.com',  1001, true, 'a', 1],
-    ['http://google.com',  1001, true, 'b', 1],
-    ['http://mozilla.com', 1001, true, 'b', 1],
-    ['http://mozilla.com', 1001, true, 'a', 1],
-  ];
-
-  restore.forEach((perm) => {
-    pm.addFromPrincipal(mkPrin(perm[0],  perm[1], perm[2]), perm[3], perm[4]);
-  });
-  checkPerms(permissions);
-
-  let remove_true_perms = [
-    ['http://google.com',  1001, false, 'a', 1],
-    ['http://google.com',  1001, false, 'b', 1],
-    ['http://mozilla.com', 1001, false, 'b', 1],
-    ['http://mozilla.com', 1001, false, 'a', 1],
-
-    ['http://google.com',  1011, false, 'a', 1],
-    ['http://google.com',  1011, false, 'b', 1],
-    ['http://mozilla.com', 1011, false, 'b', 1],
-    ['http://mozilla.com', 1011, false, 'a', 1],
-  ];
-
-  attrs = { appId: 1001,
-            inIsolatedMozBrowser: true };
-  pm.removePermissionsWithAttributes(JSON.stringify(attrs));
-  checkPerms(remove_true_perms);
-}

extensions/permissions/test/unit/xpcshell.ini

@@ -13,7 +13,6 @@ skip-if = toolkit == 'android'
 [test_permmanager_removebytype.js]
 [test_permmanager_removebytypesince.js]
 [test_permmanager_removesince.js]
-[test_permmanager_removeforapp.js]
 [test_permmanager_load_invalid_entries.js]
 skip-if = debug == true
 [test_permmanager_idn.js]

ipc/glue/BackgroundUtils.cpp

@@ -85,11 +85,7 @@ already_AddRefed<nsIPrincipal> PrincipalInfoToPrincipal(
         return nullptr;
       }
 
-      OriginAttributes attrs;
-      if (info.attrs().mAppId != nsIScriptSecurityManager::UNKNOWN_APP_ID) {
-        attrs = info.attrs();
-      }
-      principal = BasePrincipal::CreateCodebasePrincipal(uri, attrs);
+      principal = BasePrincipal::CreateCodebasePrincipal(uri, info.attrs());
       if (NS_WARN_IF(!principal)) {
         return nullptr;
       }

ipc/glue/ProtocolUtils.h

@@ -969,9 +969,6 @@ Protocol* LoneManagedOrNullAsserts(
   return aManagees.ConstIter().Get()->GetKey();
 }
 
-// appId's are for B2G only currently, where managees.Count() == 1. This is
-// not guaranteed currently in Desktop, so for paths used for desktop,
-// don't assert there's one managee.
 template <typename Protocol>
 Protocol* SingleManagedOrNull(const ManagedContainer<Protocol>& aManagees) {
   if (aManagees.Count() != 1) {

netwerk/base/nsNetUtil.h

@@ -351,7 +351,7 @@ nsresult NS_NewLoadGroup(nsILoadGroup** aResult, nsIPrincipal* aPrincipal);
 
 // Determine if the given loadGroup/principal pair will produce a principal
 // with similar permissions when passed to NS_NewChannel().  This checks for
-// things like making sure the appId and browser element flags match.  Without
+// things like making sure the browser element flag matches.  Without
 // an appropriate load group these values can be lost when getting the result
 // principal back out of the channel.  Null principals are also always allowed
 // as they do not have permissions to actually use the load group.
@@ -631,11 +631,6 @@ bool NS_IsSafeTopLevelNav(nsIChannel* aChannel);
  */
 bool NS_IsSameSiteForeign(nsIChannel* aChannel, nsIURI* aHostURI);
 
-// Constants duplicated from nsIScriptSecurityManager so we avoid having necko
-// know about script security manager.
-#define NECKO_NO_APP_ID 0
-#define NECKO_UNKNOWN_APP_ID UINT32_MAX
-
 // Unique first-party domain for separating the safebrowsing cookie.
 // Note if this value is changed, code in test_cookiejars_safebrowsing.js and
 // nsUrlClassifierHashCompleter.js should also be changed.
@@ -929,9 +924,9 @@ bool NS_ShouldClassifyChannel(nsIChannel* aChannel);
 /**
  * Helper to set the blocking reason on loadinfo of the channel.
  */
-nsresult NS_SetRequestBlockingReason(nsIChannel *channel, uint32_t reason);
-nsresult NS_SetRequestBlockingReason(nsILoadInfo *loadInfo, uint32_t reason);
-nsresult NS_SetRequestBlockingReasonIfNull(nsILoadInfo *loadInfo,
+nsresult NS_SetRequestBlockingReason(nsIChannel* channel, uint32_t reason);
+nsresult NS_SetRequestBlockingReason(nsILoadInfo* loadInfo, uint32_t reason);
+nsresult NS_SetRequestBlockingReasonIfNull(nsILoadInfo* loadInfo,
                                            uint32_t reason);
 
 namespace mozilla {

netwerk/cache2/CacheFileUtils.cpp

@@ -100,7 +100,8 @@ class KeyParser : protected Tokenizer {
         break;
       case 'i': {
         // Leaving to be able to read and understand oldformatted entries
-        if (!ReadInteger(&originAttribs.mAppId)) {
+        uint32_t deprecatedAppId = 0;
+        if (!ReadInteger(&deprecatedAppId)) {
           return false;  // not a valid 32-bit integer
         }
         break;

netwerk/cookie/nsCookieService.cpp

@@ -741,8 +741,7 @@ ConvertAppIdToOriginAttrsSQLFunction::OnFunctionCall(
 
   // Create an originAttributes object by inIsolatedMozBrowser.
   // Then create the originSuffix string from this object.
-  OriginAttributes attrs(nsIScriptSecurityManager::NO_APP_ID,
-                         (inIsolatedMozBrowser ? true : false));
+  OriginAttributes attrs(inIsolatedMozBrowser ? true : false);
   nsAutoCString suffix;
   attrs.CreateSuffix(suffix);
 
@@ -777,7 +776,7 @@ SetAppIdFromOriginAttributesSQLFunction::OnFunctionCall(
   NS_ENSURE_TRUE(success, NS_ERROR_FAILURE);
 
   RefPtr<nsVariant> outVar(new nsVariant());
-  rv = outVar->SetAsInt32(attrs.mAppId);
+  rv = outVar->SetAsInt32(0);  // deprecated appId!
   NS_ENSURE_SUCCESS(rv, rv);
 
   outVar.forget(aResult);

netwerk/ipc/NeckoParent.cpp

@@ -157,7 +157,7 @@ const char* NeckoParent::GetValidatedOriginAttributes(
     if (!aSerialized.IsNotNull()) {
       // If serialized is null, we cannot validate anything. We have to assume
       // that this requests comes from a SystemPrincipal.
-      aAttrs = OriginAttributes(NECKO_NO_APP_ID, false);
+      aAttrs = OriginAttributes(false);
     } else {
       aAttrs = aSerialized.mOriginAttributes;
     }

netwerk/test/unit/head_channels.js

@@ -227,13 +227,11 @@ ChannelEventSink.prototype = {
 /**
  * A helper class to construct origin attributes.
  */
-function OriginAttributes(appId, inIsolatedMozBrowser, privateId) {
-  this.appId = appId;
+function OriginAttributes(inIsolatedMozBrowser, privateId) {
   this.inIsolatedMozBrowser = inIsolatedMozBrowser;
   this.privateBrowsingId = privateId;
 }
 OriginAttributes.prototype = {
-  appId: 0,
   inIsolatedMozBrowser: false,
   privateBrowsingId: 0
 };

netwerk/test/unit/test_auth_jar.js

@@ -10,21 +10,19 @@ function run_test() {
 
   var secMan = Cc["@mozilla.org/scriptsecuritymanager;1"].getService(Ci.nsIScriptSecurityManager);
   const kURI1 = "http://example.com";
-  var app1 = secMan.createCodebasePrincipal(createURI(kURI1), {appId: 1});
-  var app10 = secMan.createCodebasePrincipal(createURI(kURI1),{appId: 10});
-  var app1browser = secMan.createCodebasePrincipal(createURI(kURI1), {appId: 1, inIsolatedMozBrowser: true});
+  var app = secMan.createCodebasePrincipal(createURI(kURI1), {});
+  var appbrowser = secMan.createCodebasePrincipal(createURI(kURI1), {inIsolatedMozBrowser: true});
 
   var am = Cc["@mozilla.org/network/http-auth-manager;1"].
            getService(Ci.nsIHttpAuthManager);
-  am.setAuthIdentity("http", "a.example.com", -1, "basic", "realm", "", "example.com", "user", "pass", false, app1);
-  am.setAuthIdentity("http", "a.example.com", -1, "basic", "realm", "", "example.com", "user3", "pass3", false, app1browser);
-  am.setAuthIdentity("http", "a.example.com", -1, "basic", "realm", "", "example.com", "user2", "pass2", false, app10);
+  am.setAuthIdentity("http", "a.example.com", -1, "basic", "realm", "", "example.com", "user", "pass", false, app);
+  am.setAuthIdentity("http", "a.example.com", -1, "basic", "realm", "", "example.com", "user3", "pass3", false, appbrowser);
 
-  Services.clearData.deleteDataFromOriginAttributesPattern({ appId:1, inIsolatedMozBrowser:true });
+  Services.clearData.deleteDataFromOriginAttributesPattern({ inIsolatedMozBrowser:true });
   
   var domain = {value: ""}, user = {value: ""}, pass = {value: ""};
   try {
-    am.getAuthIdentity("http", "a.example.com", -1, "basic", "realm", "", domain, user, pass, false, app1browser);
+    am.getAuthIdentity("http", "a.example.com", -1, "basic", "realm", "", domain, user, pass, false, appbrowser);
     Assert.equal(false, true); // no identity should be present
   } catch (x) {
     Assert.equal(domain.value, "");
@@ -32,14 +30,8 @@ function run_test() {
     Assert.equal(pass.value, "");
   }
 
-  am.getAuthIdentity("http", "a.example.com", -1, "basic", "realm", "", domain, user, pass, false, app1);
+  am.getAuthIdentity("http", "a.example.com", -1, "basic", "realm", "", domain, user, pass, false, app);
   Assert.equal(domain.value, "example.com");
   Assert.equal(user.value, "user");
   Assert.equal(pass.value, "pass");
-
-
-  am.getAuthIdentity("http", "a.example.com", -1, "basic", "realm", "", domain, user, pass, false, app10);
-  Assert.equal(domain.value, "example.com");
-  Assert.equal(user.value, "user2");
-  Assert.equal(pass.value, "pass2");
 }

netwerk/test/unit/test_cache_jar.js

@@ -16,32 +16,27 @@ function cached_handler(metadata, response) {
   handlers_called++;
 }
 
-function makeChan(url, appId, inIsolatedMozBrowser, userContextId) {
+function makeChan(url, inIsolatedMozBrowser, userContextId) {
   var chan = NetUtil.newChannel({uri: url, loadUsingSystemPrincipal: true})
                     .QueryInterface(Ci.nsIHttpChannel);
-  chan.loadInfo.originAttributes = { appId: appId,
-                                     inIsolatedMozBrowser: inIsolatedMozBrowser,
+  chan.loadInfo.originAttributes = { inIsolatedMozBrowser: inIsolatedMozBrowser,
                                      userContextId: userContextId,
                                    };
   return chan;
 }
 
-// [appId, inIsolatedMozBrowser, userContextId, expected_handlers_called]
+// [inIsolatedMozBrowser, userContextId, expected_handlers_called]
 var firstTests = [
-  [0, false, 0, 1], [0, true, 0, 1], [1, false, 0, 1], [1, true, 0, 1],
-  [0, false, 1, 1], [0, true, 1, 1], [1, false, 1, 1], [1, true, 1, 1]
+  [false, 0, 1], [true, 0, 1], [false, 1, 1], [true, 1, 1],
 ];
 var secondTests = [
-  [0, false, 0, 0], [0, true, 0, 0], [1, false, 0, 0], [1, true, 0, 1],
-  [0, false, 1, 0], [0, true, 1, 0], [1, false, 1, 0], [1, true, 1, 0]
+  [false, 0, 0], [true, 0, 0], [false, 1, 0], [true, 1, 0],
 ];
 var thirdTests = [
-  [0, false, 0, 0], [0, true, 0, 0], [1, false, 0, 1], [1, true, 0, 1],
-  [0, false, 1, 0], [0, true, 1, 0], [1, false, 1, 0], [1, true, 1, 0]
+  [false, 0, 0], [true, 0, 0], [false, 1, 0], [true, 1, 0],
 ];
 var fourthTests = [
-  [0, false, 0, 0], [0, true, 0, 0], [1, false, 0, 0], [1, true, 0, 0],
-  [0, false, 1, 1], [0, true, 1, 0], [1, false, 1, 0], [1, true, 1, 0]
+  [false, 0, 0], [true, 0, 0], [false, 1, 1], [true, 1, 0],
 ];
 
 async function run_all_tests() {
@@ -56,8 +51,8 @@ async function run_all_tests() {
   if (procType != Ci.nsIXULRuntime.PROCESS_TYPE_DEFAULT)
     return;
 
-  let attrs_inBrowser = { appId:1, inIsolatedMozBrowser:true };
-  let attrs_notInBrowser = { appId:1 };
+  let attrs_inBrowser = { inIsolatedMozBrowser:true };
+  let attrs_notInBrowser = { };
 
   Services.clearData.deleteDataFromOriginAttributesPattern(attrs_inBrowser);
 
@@ -97,9 +92,9 @@ function run_test() {
   });
 }
 
-function test_channel(appId, inIsolatedMozBrowser, userContextId, expected) {
+function test_channel(inIsolatedMozBrowser, userContextId, expected) {
   return new Promise(resolve => {
-    var chan = makeChan(URL, appId, inIsolatedMozBrowser, userContextId);
+    var chan = makeChan(URL, inIsolatedMozBrowser, userContextId);
     chan.asyncOpen(new ChannelListener(doneFirstLoad.bind(null, resolve), expected));
   });
 }
@@ -107,7 +102,7 @@ function test_channel(appId, inIsolatedMozBrowser, userContextId, expected) {
 function doneFirstLoad(resolve, req, buffer, expected) {
   // Load it again, make sure it hits the cache
   var oa = req.loadInfo.originAttributes;
-  var chan = makeChan(URL, oa.appId, oa.isInIsolatedMozBrowserElement, oa.userContextId);
+  var chan = makeChan(URL, oa.isInIsolatedMozBrowserElement, oa.userContextId);
   chan.asyncOpen(new ChannelListener(doneSecondLoad.bind(null, resolve), expected));
 }
 

testing/specialpowers/content/SpecialPowersObserver.jsm

@@ -219,13 +219,13 @@ SpecialPowersObserver.prototype._registerObservers = {
         var permission = aSubject.QueryInterface(Ci.nsIPermission);
 
         // specialPowersAPI will consume this value, and it is used as a
-        // fake permission, but only type and principal.appId will be used.
+        // fake permission, but only type will be used.
         //
         // We need to ensure that it looks the same as a real permission,
         // so we fake these properties.
         msg.permission = {
           principal: {
-            originAttributes: {appId: permission.principal.appId},
+            originAttributes: {},
           },
           type: permission.type,
         };

testing/specialpowers/content/specialpowersAPI.js

@@ -979,7 +979,6 @@ SpecialPowersAPI.prototype = {
           for (var j = 0; j < undos.length; j++) {
             var undo = undos[j];
             if (undo.op == this._obsDataMap[aData] &&
-                undo.principal.originAttributes.appId == permission.principal.originAttributes.appId &&
                 undo.type == permission.type) {
               // Remove this undo item if it has been done by others(not
               // specialpowers itself.)

toolkit/content/aboutServiceWorkers.js

@@ -66,13 +66,6 @@ async function display(info, pushService) {
   document.l10n.setAttributes(title, "origin-title", { originTitle: info.principal.origin });
   div.appendChild(title);
 
-  if (info.principal.appId) {
-    let b2gtitle = document.createElement("h3");
-    let trueFalse = info.principal.isInIsolatedMozBrowserElement ? "true" : "false";
-    document.l10n.setAttributes(b2gtitle, "app-title", { appId: info.principal.appId, isInIsolatedElement: trueFalse });
-    div.appendChild(b2gtitle);
-  }
-
   let list = document.createElement("ul");
   div.appendChild(list);
 

toolkit/locales/en-US/toolkit/about/aboutServiceWorkers.ftl

@@ -15,13 +15,6 @@ about-service-workers-warning-no-service-workers = No Service Workers registered
 #   $originTitle: original title
 origin-title = Origin: { $originTitle }
 
-# Show if app id is in isolated browser element, the term "InBrowserElement" should not be translated
-#
-# Variables:
-#   $appId: the application ID
-#   $isInIsolatedElement: "true" or "false" based on if the app id is in isolate element
-app-title = { -brand-short-name } Application ID { $appId } - InBrowserElement { $isInIsolatedElement }
-
 ## These strings are for showing the information of workers.
 ##
 ## Variables: