diff --git a/dom/alarm/AlarmsManager.js b/dom/alarm/AlarmsManager.js
index 3e93bee8663b..40c691e03661 100644
--- a/dom/alarm/AlarmsManager.js
+++ b/dom/alarm/AlarmsManager.js
@@ -61,6 +61,9 @@ AlarmsManager.prototype = {
         break;
     }
 
+    // Run JSON.stringify() in the sand box with the principal of the calling
+    // web page to ensure no cross-origin object is involved. A "Permission
+    // Denied" error will be thrown in case of privilege violation.
     let sandbox = new Cu.Sandbox(Cu.getWebIDLCallerPrincipal());
     sandbox.data = aData;
     let data = Cu.evalInSandbox("JSON.stringify(data)", sandbox);
@@ -69,7 +72,7 @@ AlarmsManager.prototype = {
                                 { requestId: this.getRequestId(request),
                                   date: aDate,
                                   ignoreTimezone: isIgnoreTimezone,
-                                  data: data,
+                                  data: JSON.parse(data),
                                   pageURL: this._pageURL,
                                   manifestURL: this._manifestURL });
     return request;
@@ -112,16 +115,13 @@ AlarmsManager.prototype = {
         // We don't need to expose everything to the web content.
         let alarms = [];
         json.alarms.forEach(function trimAlarmInfo(aAlarm) {
-          let sandbox = new Cu.Sandbox(this._principal);
-          sandbox.data = aAlarm.data;
-          let data = Cu.evalInSandbox("JSON.parse(data)", sandbox);
           let alarm = { "id": aAlarm.id,
                         "date": aAlarm.date,
                         "respectTimezone": aAlarm.ignoreTimezone ?
                                              "ignoreTimezone" : "honorTimezone",
-                        "data": data };
+                        "data": aAlarm.data };
           alarms.push(alarm);
-        }.bind(this));
+        });
 
         Services.DOMRequest.fireSuccess(request,
                                         Cu.cloneInto(alarms, this._window));
@@ -159,11 +159,10 @@ AlarmsManager.prototype = {
     // Get the manifest URL if this is an installed app
     let appsService = Cc["@mozilla.org/AppsService;1"]
                         .getService(Ci.nsIAppsService);
+    let principal = aWindow.document.nodePrincipal;
+    this._pageURL = principal.URI.spec;
+    this._manifestURL = appsService.getManifestURLByLocalId(principal.appId);
     this._window = aWindow;
-    this._principal = this._window.document.nodePrincipal;
-    this._pageURL = this._principal.URI.spec;
-    this._manifestURL =
-      appsService.getManifestURLByLocalId(this._principal.appId);
   },
 
   // Called from DOMRequestIpcHelper.
diff --git a/dom/alarm/test/mochitest.ini b/dom/alarm/test/mochitest.ini
index 0a5ca9521e57..0110820eda94 100644
--- a/dom/alarm/test/mochitest.ini
+++ b/dom/alarm/test/mochitest.ini
@@ -16,3 +16,5 @@ skip-if = (buildapp == 'b2g' && toolkit != 'gonk') #Bug 931116, b2g desktop spec
 skip-if = (buildapp == 'b2g' && toolkit != 'gonk') #Bug 931116, b2g desktop specific, initial triage
 [test_bug1015540.html]
 skip-if = (buildapp == 'b2g' && toolkit != 'gonk') #Bug 931116, b2g desktop specific, initial triage
+[test_bug1037079.html]
+skip-if = (buildapp == 'b2g' && toolkit != 'gonk') #Bug 931116, b2g desktop specific, initial triage
diff --git a/dom/alarm/test/test_bug1037079.html b/dom/alarm/test/test_bug1037079.html
new file mode 100644
index 000000000000..3912f7a1a605
--- /dev/null
+++ b/dom/alarm/test/test_bug1037079.html
@@ -0,0 +1,91 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <meta charset="utf-8">
+  <title>Test time alert is fired for Bug 1037079</title>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
+  <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+</head>
+<body>
+<p id="display"></p>
+<div id="content" style="display: none"></div>
+<pre id="test">
+  <script type="application/javascript">
+
+  "use strict";
+
+  function testFireTimeAlert() {
+    var secondsLater = new Date();
+    secondsLater.setSeconds(secondsLater.getSeconds() + 10);
+
+    var domRequest;
+    try {
+      // Set system message handler.
+      navigator.mozSetMessageHandler('alarm', function(message){
+        ok(true, "Time alert has been fired.");
+        SimpleTest.finish();
+      });
+
+      domRequest = navigator.mozAlarms.add(secondsLater, "honorTimezone",
+    		                               {type: "timer"});
+    } catch (e) {
+      ok(false, "Unexpected exception trying to set time alert.");
+
+      return SimpleTest.finish();
+    }
+    domRequest.onsuccess = function(e) {
+      ok(true, "Set time alert. Waiting to be fired.");
+    };
+    domRequest.onerror = function(e) {
+      ok(false, "Unable to set time alert.");
+
+      SimpleTest.finish();
+    };
+  }
+
+  function startTests() {
+    SpecialPowers.pushPrefEnv({
+      "set": [["dom.mozAlarms.enabled", true]]
+    }, function() {
+      var isAllowedToTest = true;
+
+      if (navigator.appVersion.indexOf("Android") !== -1) {
+        ok(true, "mozAlarms is not allowed on Android for now. " +
+                 "TODO Bug 863557.");
+        isAllowedToTest = false;
+      } else if (SpecialPowers.wrap(document).nodePrincipal.appStatus ==
+                 SpecialPowers.Ci.nsIPrincipal.APP_STATUS_NOT_INSTALLED) {
+        ok(true, "mozAlarms is not allowed for non-installed apps. " +
+                 "TODO Bug 876981.");
+        isAllowedToTest = false;
+      }
+
+      if (isAllowedToTest) {
+        ok(true, "Start to test...");
+        testFireTimeAlert();
+      } else {
+        // A sanity check to make sure we must run tests on Firefox OS (B2G).
+        if (navigator.userAgent.indexOf("Mobile") != -1 &&
+            navigator.appVersion.indexOf("Android") == -1) {
+          ok(false, "Should run the test on Firefox OS (B2G)!");
+        }
+
+        SimpleTest.finish();
+      }
+    });
+  }
+
+  SimpleTest.expectAssertions(0, 9);
+  SimpleTest.waitForExplicitFinish();
+  if (SpecialPowers.hasPermission("alarms", document)) {
+    startTests();
+  } else {
+    // Add the permissions and reload so they propogate
+    SpecialPowers.addPermission("alarms", true, document);
+    window.location.reload();
+  }
+
+  </script>
+</pre>
+</body>
+</html>
