Backed out 9 changesets (bug 1622111) for causing mochitest failures in dom/animation/test/mozilla/test_restyles.html CLOSED TREE

Backed out changeset c244160797f8 (bug 1622111)
Backed out changeset dd9209f6bd8b (bug 1622111)
Backed out changeset d694c9e7061f (bug 1622111)
Backed out changeset 486aae809f6d (bug 1622111)
Backed out changeset 709266168c41 (bug 1622111)
Backed out changeset ca0d47bb86a8 (bug 1622111)
Backed out changeset caa735c8bb91 (bug 1622111)
Backed out changeset 12397711ab25 (bug 1622111)
Backed out changeset b66002fd1480 (bug 1622111)

docshell/base/nsDocShell.cpp

@@ -37,7 +37,6 @@
 #include "mozilla/StaticPrefs_dom.h"
 #include "mozilla/StaticPrefs_extensions.h"
 #include "mozilla/StaticPrefs_privacy.h"
-#include "mozilla/StaticPrefs_security.h"
 #include "mozilla/StaticPrefs_ui.h"
 #include "mozilla/StaticPrefs_fission.h"
 #include "mozilla/StartupTimeline.h"
@@ -9874,9 +9873,8 @@ nsresult nsDocShell::DoURILoad(nsDocShellLoadState* aLoadState,
         true,  // aInheritForAboutBlank
         isSrcdoc);
 
-    bool isURIUniqueOrigin =
-        StaticPrefs::security_data_uri_unique_opaque_origin() &&
-        SchemeIsData(aLoadState->URI());
+    bool isURIUniqueOrigin = nsIOService::IsDataURIUniqueOpaqueOrigin() &&
+                             SchemeIsData(aLoadState->URI());
     inheritPrincipal = inheritAttrs && !isURIUniqueOrigin;
   }
 

dom/animation/AnimationUtils.cpp

@@ -9,6 +9,7 @@
 #include "mozilla/dom/Document.h"
 #include "mozilla/dom/KeyframeEffect.h"
 #include "mozilla/EffectSet.h"
+#include "mozilla/Preferences.h"
 #include "nsDebug.h"
 #include "nsAtom.h"
 #include "nsIContent.h"
@@ -57,6 +58,20 @@ Document* AnimationUtils::GetDocumentFromGlobal(JSObject* aGlobalObject) {
   return win->GetDoc();
 }
 
+/* static */
+bool AnimationUtils::IsOffscreenThrottlingEnabled() {
+  static bool sOffscreenThrottlingEnabled;
+  static bool sPrefCached = false;
+
+  if (!sPrefCached) {
+    sPrefCached = true;
+    Preferences::AddBoolVarCache(&sOffscreenThrottlingEnabled,
+                                 "dom.animations.offscreen-throttling");
+  }
+
+  return sOffscreenThrottlingEnabled;
+}
+
 /* static */
 bool AnimationUtils::FrameHasAnimatedScale(const nsIFrame* aFrame) {
   EffectSet* effectSet = EffectSet::GetEffectSetForFrame(

dom/animation/AnimationUtils.h

@@ -73,6 +73,11 @@ class AnimationUtils {
    */
   static Document* GetDocumentFromGlobal(JSObject* aGlobalObject);
 
+  /**
+   * Checks if offscreen animation throttling is enabled.
+   */
+  static bool IsOffscreenThrottlingEnabled();
+
   /**
    * Returns true if the given frame has an animated scale.
    */

dom/animation/KeyframeEffect.cpp

@@ -1838,7 +1838,7 @@ void KeyframeEffect::SetAnimation(Animation* aAnimation) {
 }
 
 bool KeyframeEffect::CanIgnoreIfNotVisible() const {
-  if (StaticPrefs::dom_animations_offscreen_throttling()) {
+  if (!AnimationUtils::IsOffscreenThrottlingEnabled()) {
     return false;
   }
 

dom/base/Navigator.cpp

@@ -28,7 +28,6 @@
 #include "nsContentUtils.h"
 #include "nsUnicharUtils.h"
 #include "mozilla/Preferences.h"
-#include "mozilla/StaticPrefs_dom.h"
 #include "mozilla/StaticPrefs_media.h"
 #include "mozilla/StaticPrefs_network.h"
 #include "mozilla/StaticPrefs_privacy.h"
@@ -111,9 +110,21 @@
 namespace mozilla {
 namespace dom {
 
+static bool sVibratorEnabled = false;
+static uint32_t sMaxVibrateMS = 0;
+static uint32_t sMaxVibrateListLen = 0;
 static const nsLiteralCString kVibrationPermissionType =
     NS_LITERAL_CSTRING("vibration");
 
+/* static */
+void Navigator::Init() {
+  Preferences::AddBoolVarCache(&sVibratorEnabled, "dom.vibrator.enabled", true);
+  Preferences::AddUintVarCache(&sMaxVibrateMS, "dom.vibrator.max_vibrate_ms",
+                               10000);
+  Preferences::AddUintVarCache(&sMaxVibrateListLen,
+                               "dom.vibrator.max_vibrate_list_len", 128);
+}
+
 Navigator::Navigator(nsPIDOMWindowInner* aWindow) : mWindow(aWindow) {}
 
 Navigator::~Navigator() { Invalidate(); }
@@ -747,18 +758,17 @@ bool Navigator::Vibrate(const nsTArray<uint32_t>& aPattern) {
 
   nsTArray<uint32_t> pattern(aPattern);
 
-  if (pattern.Length() > StaticPrefs::dom_vibrator_max_vibrate_list_len()) {
-    pattern.SetLength(StaticPrefs::dom_vibrator_max_vibrate_list_len());
+  if (pattern.Length() > sMaxVibrateListLen) {
+    pattern.SetLength(sMaxVibrateListLen);
   }
 
   for (size_t i = 0; i < pattern.Length(); ++i) {
-    pattern[i] =
-        std::min(StaticPrefs::dom_vibrator_max_vibrate_ms(), pattern[i]);
+    pattern[i] = std::min(sMaxVibrateMS, pattern[i]);
   }
 
-  // The spec says we check dom.vibrator.enabled after we've done the sanity
+  // The spec says we check sVibratorEnabled after we've done the sanity
   // checking on the pattern.
-  if (!StaticPrefs::dom_vibrator_enabled()) {
+  if (!sVibratorEnabled) {
     return true;
   }
 

dom/base/Navigator.h

@@ -91,6 +91,8 @@ class Navigator final : public nsISupports, public nsWrapperCache {
   NS_DECL_CYCLE_COLLECTING_ISUPPORTS
   NS_DECL_CYCLE_COLLECTION_SCRIPT_HOLDER_CLASS(Navigator)
 
+  static void Init();
+
   void Invalidate();
   nsPIDOMWindowInner* GetWindow() const { return mWindow; }
 

dom/base/nsGlobalWindowInner.cpp

@@ -2813,7 +2813,14 @@ bool nsGlobalWindowInner::DoResolve(
   // We support a cut-down Components.interfaces in case websites are
   // using Components.interfaces.nsIFoo.CONSTANT_NAME for the ones
   // that have constants.
-  if (StaticPrefs::dom_use_components_shim() &&
+  static bool watchingComponentsPref = false;
+  static bool useComponentsShim = false;
+  if (!watchingComponentsPref) {
+    watchingComponentsPref = true;
+    Preferences::AddBoolVarCache(&useComponentsShim, "dom.use_components_shim",
+                                 true);
+  }
+  if (useComponentsShim &&
       aId == XPCJSRuntime::Get()->GetStringID(XPCJSContext::IDX_COMPONENTS)) {
     return ResolveComponentsShim(aCx, aObj, aDesc);
   }

dom/base/nsObjectLoadingContent.cpp

@@ -89,7 +89,6 @@
 #include "mozilla/net/UrlClassifierFeatureFactory.h"
 #include "mozilla/LoadInfo.h"
 #include "mozilla/PresShell.h"
-#include "mozilla/StaticPrefs_security.h"
 #include "nsChannelClassifier.h"
 #include "nsFocusManager.h"
 #include "ReferrerInfo.h"
@@ -2277,8 +2276,7 @@ nsresult nsObjectLoadingContent::OpenChannel() {
       nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL;
 
   bool isURIUniqueOrigin =
-      StaticPrefs::security_data_uri_unique_opaque_origin() &&
-      mURI->SchemeIs("data");
+      nsIOService::IsDataURIUniqueOpaqueOrigin() && mURI->SchemeIs("data");
 
   if (inherit && !isURIUniqueOrigin) {
     securityFlags |= nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;

dom/clients/manager/ClientManager.cpp

@@ -9,6 +9,7 @@
 #include "ClientHandle.h"
 #include "ClientManagerChild.h"
 #include "ClientManagerOpChild.h"
+#include "ClientPrefs.h"
 #include "ClientSource.h"
 #include "mozilla/dom/WorkerPrivate.h"
 #include "mozilla/ipc/BackgroundChild.h"
@@ -247,6 +248,8 @@ void ClientManager::Startup() {
 #ifdef MOZ_DIAGNOSTIC_ASSERT_ENABLED
   sClientManagerThreadLocalIndexDuplicate = sClientManagerThreadLocalIndex;
 #endif
+
+  ClientPrefsInit();
 }
 
 // static

dom/clients/manager/ClientPrefs.cpp

@@ -0,0 +1,30 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ClientPrefs.h"
+
+#include "mozilla/Preferences.h"
+
+namespace mozilla {
+namespace dom {
+
+namespace {
+
+bool gDataURLUniqueOpaqueOrigin = false;
+
+}  // anonymous namespace
+
+void ClientPrefsInit() {
+  Preferences::AddBoolVarCache(&gDataURLUniqueOpaqueOrigin,
+                               "security.data_uri.unique_opaque_origin", false);
+}
+
+bool ClientPrefsGetDataURLUniqueOpaqueOrigin() {
+  return gDataURLUniqueOpaqueOrigin;
+}
+
+}  // namespace dom
+}  // namespace mozilla

dom/clients/manager/ClientPrefs.h

@@ -0,0 +1,19 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#ifndef _mozilla_dom_ClientPrefs_h
+#define _mozilla_dom_ClientPrefs_h
+
+namespace mozilla {
+namespace dom {
+
+void ClientPrefsInit();
+
+bool ClientPrefsGetAllowUniqueOpaqueOrigin();
+
+}  // namespace dom
+}  // namespace mozilla
+
+#endif  // _mozilla_dom_ClientPrefs_h

dom/clients/manager/ClientValidation.cpp

@@ -6,7 +6,7 @@
 
 #include "ClientValidation.h"
 
-#include "mozilla/StaticPrefs_security.h"
+#include "ClientPrefs.h"
 #include "mozilla/net/MozURL.h"
 
 namespace mozilla {
@@ -111,7 +111,7 @@ bool ClientIsValidCreationURL(const PrincipalInfo& aPrincipalInfo,
 
       // We have some tests that use data: URL windows without an opaque
       // origin.  This should only happen when a pref is set.
-      if (!StaticPrefs::security_data_uri_unique_opaque_origin() &&
+      if (!ClientPrefsGetDataURLUniqueOpaqueOrigin() &&
           scheme.LowerCaseEqualsLiteral("data")) {
         return true;
       }
@@ -135,7 +135,7 @@ bool ClientIsValidCreationURL(const PrincipalInfo& aPrincipalInfo,
              scheme.LowerCaseEqualsLiteral("javascript") ||
              scheme.LowerCaseEqualsLiteral("view-source") ||
 
-             (!StaticPrefs::security_data_uri_unique_opaque_origin() &&
+             (!ClientPrefsGetDataURLUniqueOpaqueOrigin() &&
               scheme.LowerCaseEqualsLiteral("data"));
     }
     case PrincipalInfo::TNullPrincipalInfo: {

dom/clients/manager/moz.build

@@ -36,6 +36,7 @@ UNIFIED_SOURCES += [
   'ClientNavigateOpChild.cpp',
   'ClientNavigateOpParent.cpp',
   'ClientOpenWindowUtils.cpp',
+  'ClientPrefs.cpp',
   'ClientPrincipalUtils.cpp',
   'ClientSource.cpp',
   'ClientSourceChild.cpp',

dom/events/Clipboard.cpp

@@ -12,7 +12,6 @@
 #include "mozilla/dom/DataTransfer.h"
 #include "mozilla/dom/DataTransferItemList.h"
 #include "mozilla/dom/DataTransferItem.h"
-#include "mozilla/StaticPrefs_dom.h"
 #include "nsIClipboard.h"
 #include "nsComponentManagerUtils.h"
 #include "nsITransferable.h"
@@ -191,11 +190,17 @@ bool Clipboard::ReadTextEnabled(JSContext* aCx, JSObject* aGlobal) {
 
 /* static */
 bool Clipboard::IsTestingPrefEnabled() {
-  bool clipboardTestingEnabled =
-      StaticPrefs::dom_events_testing_asyncClipboard_DoNotUseDirectly();
+  static bool sPrefCached = false;
+  static bool sPrefCacheValue = false;
+
+  if (!sPrefCached) {
+    sPrefCached = true;
+    Preferences::AddBoolVarCache(&sPrefCacheValue,
+                                 "dom.events.testing.asyncClipboard");
+  }
   MOZ_LOG(GetClipboardLog(), LogLevel::Debug,
-          ("Clipboard, Is testing enabled? %d\n", clipboardTestingEnabled));
-  return clipboardTestingEnabled;
+          ("Clipboard, Is testing enabled? %d\n", sPrefCacheValue));
+  return sPrefCacheValue;
 }
 
 NS_IMPL_CYCLE_COLLECTION_CLASS(Clipboard)

dom/events/DataTransfer.cpp

@@ -44,6 +44,8 @@
 #include "nsNetUtil.h"
 #include "nsReadableUtils.h"
 
+#define MOZ_CALLS_ENABLED_PREF "dom.datatransfer.mozAtAPIs"
+
 namespace mozilla {
 namespace dom {
 
@@ -1543,9 +1545,17 @@ void DataTransfer::SetMode(DataTransfer::Mode aMode) {
 
 /* static */
 bool DataTransfer::MozAtAPIsEnabled(JSContext* aCx, JSObject* aObj /*unused*/) {
+  // Read the pref
+  static bool sPrefCached = false;
+  static bool sPrefCacheValue = false;
+
+  if (!sPrefCached) {
+    sPrefCached = true;
+    Preferences::AddBoolVarCache(&sPrefCacheValue, MOZ_CALLS_ENABLED_PREF);
+  }
+
   // We can expose moz* APIs if we are chrome code or if pref is enabled
-  return nsContentUtils::IsSystemCaller(aCx) ||
-         StaticPrefs::dom_datatransfer_mozAtAPIs_DoNotUseDirectly();
+  return nsContentUtils::IsSystemCaller(aCx) || sPrefCacheValue;
 }
 
 }  // namespace dom

dom/events/IMEStateManager.cpp

@@ -13,9 +13,9 @@
 #include "mozilla/EventListenerManager.h"
 #include "mozilla/EventStates.h"
 #include "mozilla/MouseEvents.h"
+#include "mozilla/Preferences.h"
 #include "mozilla/PresShell.h"
 #include "mozilla/StaticPrefs_dom.h"
-#include "mozilla/StaticPrefs_intl.h"
 #include "mozilla/TextComposition.h"
 #include "mozilla/TextEvents.h"
 #include "mozilla/ToString.h"
@@ -76,9 +76,15 @@ InputContext::Origin IMEStateManager::sOrigin = InputContext::ORIGIN_MAIN;
 InputContext IMEStateManager::sActiveChildInputContext;
 bool IMEStateManager::sInstalledMenuKeyboardListener = false;
 bool IMEStateManager::sIsGettingNewIMEState = false;
+bool IMEStateManager::sCheckForIMEUnawareWebApps = false;
 
 // static
 void IMEStateManager::Init() {
+  Preferences::AddBoolVarCache(
+      &sCheckForIMEUnawareWebApps,
+      "intl.ime.hack.on_ime_unaware_apps.fire_key_events_for_composition",
+      false);
+
   sOrigin = XRE_IsParentProcess() ? InputContext::ORIGIN_MAIN
                                   : InputContext::ORIGIN_CONTENT;
   ResetActiveChildInputContext();
@@ -1256,11 +1262,9 @@ void IMEStateManager::SetIMEState(const IMEState& aState,
   InputContext context;
   context.mIMEState = aState;
   context.mOrigin = aOrigin;
-  context.mMayBeIMEUnaware =
-      context.mIMEState.IsEditable() &&
-      StaticPrefs::
-          intl_ime_hack_on_ime_unaware_apps_fire_key_events_for_composition() &&
-      MayBeIMEUnawareWebApp(aContent);
+  context.mMayBeIMEUnaware = context.mIMEState.IsEditable() &&
+                             sCheckForIMEUnawareWebApps &&
+                             MayBeIMEUnawareWebApp(aContent);
 
   context.mHasHandledUserInput =
       aPresContext && aPresContext->PresShell()->HasHandledUserInput();

dom/events/PointerEventHandler.cpp

@@ -15,6 +15,8 @@ namespace mozilla {
 
 using namespace dom;
 
+static bool sPointerEventImplicitCapture = false;
+
 Maybe<int32_t> PointerEventHandler::sSpoofedPointerId;
 
 class PointerInfo final {
@@ -41,6 +43,17 @@ static nsClassHashtable<nsUint32HashKey, PointerCaptureInfo>*
 // primaryState
 static nsClassHashtable<nsUint32HashKey, PointerInfo>* sActivePointersIds;
 
+/* static */
+void PointerEventHandler::Initialize() {
+  static bool initialized = false;
+  if (initialized) {
+    return;
+  }
+  initialized = true;
+  Preferences::AddBoolVarCache(&sPointerEventImplicitCapture,
+                               "dom.w3c_pointer_events.implicit_capture", true);
+}
+
 /* static */
 void PointerEventHandler::InitializeStatics() {
   MOZ_ASSERT(!sPointerCaptureList, "InitializeStatics called multiple times!");
@@ -61,7 +74,7 @@ void PointerEventHandler::ReleaseStatics() {
 /* static */
 bool PointerEventHandler::IsPointerEventImplicitCaptureForTouchEnabled() {
   return StaticPrefs::dom_w3c_pointer_events_enabled() &&
-         StaticPrefs::dom_w3c_pointer_events_implicit_capture();
+         sPointerEventImplicitCapture;
 }
 
 /* static */

dom/events/PointerEventHandler.h

@@ -35,6 +35,10 @@ class PointerCaptureInfo final {
 
 class PointerEventHandler final {
  public:
+  // Called in PresShell::Initialize to initialize pointer event related
+  // preferences.
+  static void Initialize();
+
   // Called in nsLayoutStatics::Initialize/Shutdown to initialize pointer event
   // related static variables.
   static void InitializeStatics();

dom/security/nsMixedContentBlocker.cpp

@@ -36,7 +36,6 @@
 #include "mozilla/BasePrincipal.h"
 #include "mozilla/Logging.h"
 #include "mozilla/StaticPrefs_dom.h"
-#include "mozilla/StaticPrefs_security.h"
 #include "mozilla/Telemetry.h"
 #include "mozilla/dom/ContentChild.h"
 #include "mozilla/ipc/URIUtils.h"
@@ -47,6 +46,18 @@ using namespace mozilla::dom;
 
 enum nsMixedContentBlockerMessageType { eBlocked = 0x00, eUserOverride = 0x01 };
 
+// Is mixed script blocking (fonts, plugin content, scripts, stylesheets,
+// iframes, websockets, XHR) enabled?
+bool nsMixedContentBlocker::sBlockMixedScript = false;
+
+bool nsMixedContentBlocker::sBlockMixedObjectSubrequest = false;
+
+// Is mixed display content blocking (images, audio, video) enabled?
+bool nsMixedContentBlocker::sBlockMixedDisplay = false;
+
+// Is mixed display content upgrading (images, audio, video) enabled?
+bool nsMixedContentBlocker::sUpgradeMixedDisplay = false;
+
 // Whitelist of hostnames that should be considered secure contexts even when
 // served over http:// or ws://
 nsCString* nsMixedContentBlocker::sSecurecontextWhitelist = nullptr;
@@ -206,6 +217,24 @@ class nsMixedContentEvent : public Runnable {
   bool mRootHasSecureConnection;
 };
 
+nsMixedContentBlocker::nsMixedContentBlocker() {
+  // Cache the pref for mixed script blocking
+  Preferences::AddBoolVarCache(&sBlockMixedScript,
+                               "security.mixed_content.block_active_content");
+
+  Preferences::AddBoolVarCache(
+      &sBlockMixedObjectSubrequest,
+      "security.mixed_content.block_object_subrequest");
+
+  // Cache the pref for mixed display blocking
+  Preferences::AddBoolVarCache(&sBlockMixedDisplay,
+                               "security.mixed_content.block_display_content");
+
+  // Cache the pref for mixed display upgrading
+  Preferences::AddBoolVarCache(
+      &sUpgradeMixedDisplay, "security.mixed_content.upgrade_display_content");
+}
+
 nsMixedContentBlocker::~nsMixedContentBlocker() = default;
 
 NS_IMPL_ISUPPORTS(nsMixedContentBlocker, nsIContentPolicy, nsIChannelEventSink)
@@ -506,9 +535,8 @@ nsresult nsMixedContentBlocker::ShouldLoad(
     nsISupports* aRequestingContext, const nsACString& aMimeGuess,
     nsIPrincipal* aRequestPrincipal, int16_t* aDecision) {
   // Asserting that we are on the main thread here and hence do not have to lock
-  // and unlock security.mixed_content.block_active_content and
-  // security.mixed_content.block_display_content before reading/writing to
-  // them.
+  // and unlock sBlockMixedScript and sBlockMixedDisplay before reading/writing
+  // to them.
   MOZ_ASSERT(NS_IsMainThread());
 
   bool isPreload = nsContentUtils::IsPreloadType(aContentType);
@@ -615,7 +643,7 @@ nsresult nsMixedContentBlocker::ShouldLoad(
       classification = eMixedDisplay;
       break;
     case TYPE_OBJECT_SUBREQUEST:
-      if (StaticPrefs::security_mixed_content_block_object_subrequest()) {
+      if (sBlockMixedObjectSubrequest) {
         classification = eMixedScript;
       } else {
         classification = eMixedDisplay;
@@ -830,7 +858,7 @@ nsresult nsMixedContentBlocker::ShouldLoad(
   // be upgraded to https before fetching any data from the netwerk.
   bool isUpgradableDisplayType =
       nsContentUtils::IsUpgradableDisplayType(aContentType) &&
-      StaticPrefs::security_mixed_content_upgrade_display_content();
+      ShouldUpgradeMixedDisplayContent();
   if (isHttpScheme && isUpgradableDisplayType) {
     *aDecision = ACCEPT;
     return NS_OK;
@@ -988,15 +1016,14 @@ nsresult nsMixedContentBlocker::ShouldLoad(
 
   // set hasMixedContentObjectSubrequest on this object if necessary
   if (aContentType == TYPE_OBJECT_SUBREQUEST) {
-    if (!StaticPrefs::security_mixed_content_block_object_subrequest()) {
+    if (!sBlockMixedObjectSubrequest) {
       rootDoc->WarnOnceAbout(Document::eMixedDisplayObjectSubrequest);
     }
   }
 
   // If the content is display content, and the pref says display content should
   // be blocked, block it.
-  if (StaticPrefs::security_mixed_content_block_display_content() &&
-      classification == eMixedDisplay) {
+  if (sBlockMixedDisplay && classification == eMixedDisplay) {
     if (allowMixedContent) {
       LogMixedContentMessage(classification, aContentLocation, rootDoc,
                              eUserOverride);
@@ -1050,8 +1077,7 @@ nsresult nsMixedContentBlocker::ShouldLoad(
     }
     return NS_OK;
 
-  } else if (StaticPrefs::security_mixed_content_block_active_content() &&
-             classification == eMixedScript) {
+  } else if (sBlockMixedScript && classification == eMixedScript) {
     // If the content is active content, and the pref says active content should
     // be blocked, block it unless the user has choosen to override the pref
     if (allowMixedContent) {
@@ -1237,3 +1263,7 @@ void nsMixedContentBlocker::AccumulateMixedContentHSTS(
     }
   }
 }
+
+bool nsMixedContentBlocker::ShouldUpgradeMixedDisplayContent() {
+  return sUpgradeMixedDisplay;
+}

dom/security/nsMixedContentBlocker.h

@@ -45,7 +45,7 @@ class nsMixedContentBlocker : public nsIContentPolicy,
   NS_DECL_NSICONTENTPOLICY
   NS_DECL_NSICHANNELEVENTSINK
 
-  nsMixedContentBlocker() = default;
+  nsMixedContentBlocker();
 
   // See:
   // https://w3c.github.io/webappsec-secure-contexts/#is-origin-trustworthy
@@ -76,10 +76,15 @@ class nsMixedContentBlocker : public nsIContentPolicy,
 
   static bool URISafeToBeLoadedInSecureContext(nsIURI* aURI);
 
+  static bool ShouldUpgradeMixedDisplayContent();
   static void OnPrefChange(const char* aPref, void* aClosure);
   static void GetSecureContextWhiteList(nsACString& aList);
   static void Shutdown();
 
+  static bool sBlockMixedScript;
+  static bool sBlockMixedObjectSubrequest;
+  static bool sBlockMixedDisplay;
+  static bool sUpgradeMixedDisplay;
   static bool sSecurecontextWhitelistCached;
   static nsCString* sSecurecontextWhitelist;
 };

dom/workers/ScriptLoader.cpp

@@ -159,7 +159,7 @@ nsresult ChannelFromScriptURL(
 
   bool isData = uri->SchemeIs("data");
   bool isURIUniqueOrigin =
-      StaticPrefs::security_data_uri_unique_opaque_origin() && isData;
+      net::nsIOService::IsDataURIUniqueOpaqueOrigin() && isData;
   if (inheritAttrs && !isURIUniqueOrigin) {
     secFlags |= nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
   }

layout/base/PresShell.cpp

@@ -853,6 +853,8 @@ PresShell::PresShell(Document* aDocument)
   mReflowCountMgr->SetPresShell(this);
 #endif
   mLastOSWake = mLoadBegin = TimeStamp::Now();
+
+  PointerEventHandler::Initialize();
 }
 
 NS_INTERFACE_TABLE_HEAD(PresShell)

layout/build/nsLayoutStatics.cpp

@@ -163,6 +163,7 @@ nsresult nsLayoutStatics::Initialize() {
 
   nsGlobalWindowInner::Init();
   nsGlobalWindowOuter::Init();
+  Navigator::Init();
 
   rv = nsContentUtils::Init();
   if (NS_FAILED(rv)) {

mobile/android/app/mobile.js

@@ -393,6 +393,9 @@ pref("security.alternate_certificate_error_page", "certerror");
 
 pref("security.warn_viewing_mixed", false); // Warning is disabled.  See Bug 616712.
 
+// Block insecure active content on https pages
+pref("security.mixed_content.block_active_content", true);
+
 // Enable pinning
 pref("security.cert_pinning.enforcement_level", 1);
 

modules/libpref/init/StaticPrefList.yaml

@@ -1329,12 +1329,6 @@
   value: false
   mirror: always
 
-# Checks if offscreen animation throttling is enabled.
-- name: dom.animations.offscreen-throttling
-  type: bool
-  value: true
-  mirror: always
-
 # Is support for automatically removing replaced filling animations enabled?
 - name: dom.animations-api.autoremove.enabled
   type: bool
@@ -1453,14 +1447,6 @@
   value: false
   mirror: always
 
-# Disable moz* APIs in DataTransfer.
-# Should be accessed via DataTransfer::MozAtAPIsEnabled.
-- name: dom.datatransfer.mozAtAPIs
-  type: bool
-  value: false
-  mirror: always
-  do_not_use_directly: true
-
 # Any how many seconds we allow external protocol URLs in iframe when not in
 # single events
 - name: dom.delay.block_external_protocol_in_iframes
@@ -1566,14 +1552,6 @@
   value: false
   mirror: always
 
-# Should only be enabled in tests.
-# Access with Clipboard::IsTestingPrefEnabled().
-- name: dom.events.testing.asyncClipboard
-  type: bool
-  value: false
-  mirror: always
-  do_not_use_directly: true
-
 # This pref controls whether or not the `protected` dataTransfer state is
 # enabled. If the `protected` dataTransfer stae is disabled, then the
 # DataTransfer will be read-only whenever it should be protected, and will not
@@ -2673,27 +2651,6 @@
   value: 5000
   mirror: always
 
-# Whether to shim a Components object on untrusted windows.
-- name: dom.use_components_shim
-  type: bool
-  value: @IS_NOT_NIGHTLY_BUILD@
-  mirror: always
-
-- name: dom.vibrator.enabled
-  type: bool
-  value: true
-  mirror: always
-
-- name: dom.vibrator.max_vibrate_ms
-  type: uint32_t
-  value: 10000
-  mirror: always
-
-- name: dom.vibrator.max_vibrate_list_len
-  type: uint32_t
-  value: 128
-  mirror: always
-
 # Is support for Window.visualViewport enabled?
 - name: dom.visualviewport.enabled
   type: bool
@@ -2941,12 +2898,6 @@
   value: true
   mirror: always
 
-# W3C pointer events draft.
-- name: dom.w3c_pointer_events.implicit_capture
-  type: bool
-  value: false
-  mirror: always
-
 # Is support for Navigator.webdriver enabled?
 - name: dom.webdriver.enabled
   type: bool
@@ -4466,18 +4417,6 @@
   value: @IS_ANDROID@
   mirror: always
 
-# Android-specific pref to control if keydown and keyup events are fired even
-# during composition.  Note that those prefs are ignored if
-# dom.keyboardevent.dispatch_during_composition is false.
-- name: intl.ime.hack.on_ime_unaware_apps.fire_key_events_for_composition
-  type: bool
-# If true and intl.ime.hack.on_any_apps.fire_key_events_for_composition is
-# false, dispatch the keydown and keyup events only on IME-unaware web apps.
-# So, this supports web apps which listen to only keydown or keyup events
-# to get a change to do something at every text input.
-  value: @IS_ANDROID@
-  mirror: always
-
 #---------------------------------------------------------------------------
 # Prefs starting with "javascript."
 #---------------------------------------------------------------------------
@@ -8001,16 +7940,6 @@
   value: 40
   mirror: always
 
-# TODO: Bug 1324406: Treat 'data:' documents as unique, opaque origins
-# If true, data: URIs will be treated as unique opaque origins, hence will use
-# a NullPrincipal as the security context.
-# Otherwise it will inherit the origin from parent node, this is the legacy
-# behavior of Firefox.
-- name: security.data_uri.unique_opaque_origin
-  type: bool
-  value: true
-  mirror: always
-
 # Allowed by default so it doesn't affect Thunderbird/SeaMonkey, but
 # not allowed for Firefox Desktop in firefox.js
 - name: security.allow_parent_unrestricted_js_loads
@@ -8032,31 +7961,6 @@
   value: true
   mirror: always
 
-# Pref to block mixed scripts (fonts, plugin content, scripts, stylesheets,
-# iframes, websockets, XHR).
-- name: security.mixed_content.block_active_content
-  type: bool
-  value: @IS_ANDROID@
-  mirror: always
-
-# Pref to block sub requests that happen within an object.
-- name: security.mixed_content.block_object_subrequest
-  type: bool
-  value: false
-  mirror: always
-
-# Pref for mixed display content blocking (images, audio, video).
-- name: security.mixed_content.block_display_content
-  type: bool
-  value: false
-  mirror: always
-
-# Pref for mixed display content upgrading (images, audio, video).
-- name: security.mixed_content.upgrade_display_content
-  type: bool
-  value: false
-  mirror: always
-
 # Whether strict file origin policy is in effect. "False" is traditional.
 - name: security.fileuri.strict_origin_policy
   type: RelaxedAtomicBool

modules/libpref/init/all.js

@@ -1047,6 +1047,13 @@ pref("dom.select_popup_in_parent.enabled", false);
 
 pref("dom.cycle_collector.incremental", true);
 
+// Whether to shim a Components object on untrusted windows.
+#ifdef NIGHTLY_BUILD
+  pref("dom.use_components_shim", false);
+#else // NIGHTLY_BUILD
+  pref("dom.use_components_shim", true);
+#endif // NIGHTLY_BUILD
+
 // Disable popups from plugins by default
 //   0 = openAllowed
 //   1 = openControlled
@@ -2037,6 +2044,19 @@ pref("intl.fallbackCharsetList.ISO-8859-1", "windows-1252");
 pref("font.language.group",                 "chrome://global/locale/intl.properties");
 pref("font.cjk_pref_fallback_order",        "zh-cn,zh-hk,zh-tw,ja,ko");
 
+// Android-specific pref to control if keydown and keyup events are fired even
+// in during composition.  Note that those prefs are ignored if
+// "dom.keyboardevent.dispatch_during_composition" is false.
+#ifdef MOZ_WIDGET_ANDROID
+  // If true and intl.ime.hack.on_any_apps.fire_key_events_for_composition is
+  // false, dispatch the keydown and keyup events only on IME-unaware web apps.
+  // So, this supports web apps which listen to only keydown or keyup events
+  // to get a change to do something at every text input.
+  pref("intl.ime.hack.on_ime_unaware_apps.fire_key_events_for_composition", true);
+#else
+  pref("intl.ime.hack.on_ime_unaware_apps.fire_key_events_for_composition", false);
+#endif // MOZ_WIDGET_ANDROID
+
 // If you use legacy Chinese IME which puts an ideographic space to composition
 // string as placeholder, this pref might be useful.  If this is true and when
 // web contents forcibly commits composition (e.g., moving focus), the
@@ -2274,6 +2294,16 @@ pref("security.notification_enable_delay", 500);
   pref("security.disallow_non_local_systemprincipal_in_tests", false);
 #endif
 
+// Mixed content blocking
+pref("security.mixed_content.block_active_content", false);
+pref("security.mixed_content.block_display_content", false);
+
+// Upgrade mixed display content before it's blocked
+pref("security.mixed_content.upgrade_display_content", false);
+
+// Block sub requests that happen within an object
+pref("security.mixed_content.block_object_subrequest", false);
+
 // Sub-resource integrity
 pref("security.sri.enable", true);
 
@@ -2553,6 +2583,9 @@ pref("layout.testing.overlay-scrollbars.always-visible", false);
 // pref to control whether layout warnings that are hit quite often are enabled
 pref("layout.spammy_warnings.enabled", false);
 
+// Pref to throttle offsreen animations
+pref("dom.animations.offscreen-throttling", true);
+
 // if true, allow plug-ins to override internal imglib decoder mime types in full-page mode
 pref("plugin.override_internal_types", false);
 
@@ -4149,6 +4182,10 @@ pref("full-screen-api.warning.delay", 500);
 // time for the warning box stays on the screen before sliding out, unit: ms
 pref("pointer-lock-api.warning.timeout", 3000);
 
+pref("dom.vibrator.enabled", true);
+pref("dom.vibrator.max_vibrate_ms", 10000);
+pref("dom.vibrator.max_vibrate_list_len", 128);
+
 // Push
 
 pref("dom.push.loglevel", "Error");
@@ -4189,6 +4226,9 @@ pref("dom.push.http2.reset_retry_count_after_ms", 60000);
 pref("dom.push.http2.maxRetries", 2);
 pref("dom.push.http2.retryInterval", 5000);
 
+// W3C pointer events draft
+pref("dom.w3c_pointer_events.implicit_capture", false);
+
 // W3C MediaDevices devicechange fake event
 pref("media.ondevicechange.fakeDeviceChangeEvent.enabled", false);
 
@@ -4593,6 +4633,13 @@ pref("dom.maxHardwareConcurrency", 16);
   pref("osfile.reset_worker_delay", 30000);
 #endif
 
+// TODO: Bug 1324406: Treat 'data:' documents as unique, opaque origins
+// If true, data: URIs will be treated as unique opaque origins, hence will use
+// a NullPrincipal as the security context.
+// Otherwise it will inherit the origin from parent node, this is the legacy
+// behavior of Firefox.
+pref("security.data_uri.unique_opaque_origin", true);
+
 // If true, all toplevel data: URI navigations will be blocked.
 // Please note that manually entering a data: URI in the
 // URL-Bar will not be blocked when flipping this pref.
@@ -4662,6 +4709,12 @@ pref("dom.noopener.newprocess.enabled", true);
 // loops with faulty converters involved.
 pref("general.document_open_conversion_depth_limit", 20);
 
+// Should only be enabled in tests
+pref("dom.events.testing.asyncClipboard", false);
+
+// Disable moz* APIs in DataTransfer
+pref("dom.datatransfer.mozAtAPIs", false);
+
 pref("fission.rebuild_frameloaders_on_remoteness_change", true);
 
 // Support for legacy customizations that rely on checking the

netwerk/base/LoadInfo.cpp

@@ -20,7 +20,6 @@
 #include "mozilla/net/CookieJarSettings.h"
 #include "mozilla/NullPrincipal.h"
 #include "mozilla/StaticPrefs_network.h"
-#include "mozilla/StaticPrefs_security.h"
 #include "mozIThirdPartyUtil.h"
 #include "nsFrameLoader.h"
 #include "nsFrameLoaderOwner.h"
@@ -279,7 +278,7 @@ LoadInfo::LoadInfo(
 
     if (nsContentUtils::IsUpgradableDisplayType(externalType)) {
       if (mLoadingPrincipal->SchemeIs("https")) {
-        if (StaticPrefs::security_mixed_content_upgrade_display_content()) {
+        if (nsMixedContentBlocker::ShouldUpgradeMixedDisplayContent()) {
           mBrowserUpgradeInsecureRequests = true;
         } else {
           mBrowserWouldUpgradeInsecureRequests = true;

netwerk/base/nsIOService.cpp

@@ -182,6 +182,7 @@ static const char kProfileDoChange[] = "profile-do-change";
 uint32_t nsIOService::gDefaultSegmentSize = 4096;
 uint32_t nsIOService::gDefaultSegmentCount = 24;
 
+bool nsIOService::sIsDataURIUniqueOpaqueOrigin = false;
 bool nsIOService::sBlockToplevelDataUriNavigations = false;
 
 ////////////////////////////////////////////////////////////////////////////////
@@ -281,6 +282,8 @@ nsresult nsIOService::Init() {
   } else
     NS_WARNING("failed to get observer service");
 
+  Preferences::AddBoolVarCache(&sIsDataURIUniqueOpaqueOrigin,
+                               "security.data_uri.unique_opaque_origin", false);
   Preferences::AddBoolVarCache(
       &sBlockToplevelDataUriNavigations,
       "security.data_uri.block_toplevel_data_uri_navigations", false);
@@ -1946,6 +1949,11 @@ nsIOService::SpeculativeAnonymousConnect(nsIURI* aURI, nsIPrincipal* aPrincipal,
   return SpeculativeConnectInternal(aURI, aPrincipal, aCallbacks, true);
 }
 
+/*static*/
+bool nsIOService::IsDataURIUniqueOpaqueOrigin() {
+  return sIsDataURIUniqueOpaqueOrigin;
+}
+
 /*static*/
 bool nsIOService::BlockToplevelDataUriNavigations() {
   return sBlockToplevelDataUriNavigations;

netwerk/base/nsIOService.h

@@ -227,6 +227,7 @@ class nsIOService final : public nsIIOService,
   Mutex mMutex;
   nsTArray<int32_t> mRestrictedPortList;
 
+  static bool sIsDataURIUniqueOpaqueOrigin;
   static bool sBlockToplevelDataUriNavigations;
 
   uint32_t mTotalRequests;

netwerk/ipc/DocumentLoadListener.cpp

@@ -37,7 +37,6 @@
 #include "nsIViewSourceChannel.h"
 #include "nsIOService.h"
 #include "mozilla/dom/WindowGlobalParent.h"
-#include "mozilla/StaticPrefs_security.h"
 
 mozilla::LazyLogModule gDocumentChannelLog("DocumentChannel");
 #define LOG(fmt) MOZ_LOG(gDocumentChannelLog, mozilla::LogLevel::Verbose, fmt)
@@ -269,9 +268,8 @@ already_AddRefed<LoadInfo> DocumentLoadListener::CreateLoadInfo(
         true,  // aInheritForAboutBlank
         isSrcdoc);
 
-    bool isURIUniqueOrigin =
-        StaticPrefs::security_data_uri_unique_opaque_origin() &&
-        SchemeIsData(aLoadState->URI());
+    bool isURIUniqueOrigin = nsIOService::IsDataURIUniqueOpaqueOrigin() &&
+                             SchemeIsData(aLoadState->URI());
     inheritPrincipal = inheritAttrs && !isURIUniqueOrigin;
   }
 

netwerk/protocol/http/nsHttpChannel.cpp

@@ -8225,7 +8225,7 @@ nsresult nsHttpChannel::ContinueOnStopRequest(nsresult aStatus, bool aIsFromNet,
     // Browser upgrading is disabled and the content is already HTTPS
     upgradeKey = NS_LITERAL_CSTRING("disabledNoReason");
     // Checks "security.mixed_content.upgrade_display_content" is true
-    if (StaticPrefs::security_mixed_content_upgrade_display_content()) {
+    if (nsMixedContentBlocker::ShouldUpgradeMixedDisplayContent()) {
       if (mLoadInfo->GetBrowserUpgradeInsecureRequests()) {
         // HTTP content the browser has upgraded to HTTPS
         upgradeKey = NS_LITERAL_CSTRING("enabledUpgrade");
@@ -8243,7 +8243,7 @@ nsresult nsHttpChannel::ContinueOnStopRequest(nsresult aStatus, bool aIsFromNet,
     upgradeKey = NS_LITERAL_CSTRING("disabledUpgrade");
   } else {
     // HTTP content that wouldn't upgrade
-    upgradeKey = StaticPrefs::security_mixed_content_upgrade_display_content()
+    upgradeKey = nsMixedContentBlocker::ShouldUpgradeMixedDisplayContent()
                      ? NS_LITERAL_CSTRING("enabledWont")
                      : NS_LITERAL_CSTRING("disabledWont");
   }