diff --git a/caps/src/nsScriptSecurityManager.cpp b/caps/src/nsScriptSecurityManager.cpp
index eed9d27eaa2b..ca75bcf36691 100644
--- a/caps/src/nsScriptSecurityManager.cpp
+++ b/caps/src/nsScriptSecurityManager.cpp
@@ -3324,41 +3324,6 @@ nsScriptSecurityManager::Observe(nsISupports* aObject, const char* aTopic,
     return rv;
 }
 
-///////////////////////////////////
-// Default ObjectPrincipalFinder //
-///////////////////////////////////
-
-// The default JSSecurityCallbacks::findObjectPrincipals is necessary since
-// scripts run (and ask for object principals) during startup before
-// nsJSRuntime::Init() has been called (which resets findObjectPrincipals).
-
-// Defined NS_EXPORT for linkage with debug-only assert in xpcshell
-NS_EXPORT JSPrincipals *
-NS_DefaultObjectPrincipalFinder(JSContext *cx, JSObject *obj)
-{
-    nsScriptSecurityManager *ssm = nsScriptSecurityManager::GetScriptSecurityManager();
-    if (!ssm) {
-        return nsnull;
-    }
-
-    nsCOMPtr<nsIPrincipal> principal;
-    nsresult rv = ssm->GetObjectPrincipal(cx, obj, getter_AddRefs(principal));
-    if (NS_FAILED(rv) || !principal) {
-        return nsnull;
-    }
-
-    JSPrincipals *jsPrincipals = nsnull;
-    principal->GetJSPrincipals(cx, &jsPrincipals);
-
-    // nsIPrincipal::GetJSPrincipals() returns a strong reference to the
-    // JS principals, but the caller of this function expects a weak
-    // reference. So we need to release here.
-
-    JSPRINCIPALS_DROP(cx, jsPrincipals);
-
-    return jsPrincipals;
-}
-
 /////////////////////////////////////////////
 // Constructor, Destructor, Initialization //
 /////////////////////////////////////////////
@@ -3431,7 +3396,7 @@ nsresult nsScriptSecurityManager::Init()
     static JSSecurityCallbacks securityCallbacks = {
         CheckObjectAccess,
         NULL,
-        NS_DefaultObjectPrincipalFinder,
+        NULL,
         ContentSecurityPolicyPermitsJSAction
     };
 
diff --git a/content/base/src/contentSecurityPolicy.js b/content/base/src/contentSecurityPolicy.js
index 2c45e79c11dc..4ba5ac541550 100644
--- a/content/base/src/contentSecurityPolicy.js
+++ b/content/base/src/contentSecurityPolicy.js
@@ -68,7 +68,6 @@ function ContentSecurityPolicy() {
   this._policy._allowInlineScripts = true;
   this._policy._allowEval = true;
 
-  this._requestHeaders = []; 
   this._request = "";
   this._docRequest = null;
   CSPdebug("CSP POLICY INITED TO 'default-src *'");
@@ -211,13 +210,6 @@ ContentSecurityPolicy.prototype = {
       var reqVersion = internalChannel.getRequestVersion(reqMaj, reqMin);
       this._request += " HTTP/" + reqMaj.value + "." + reqMin.value;
     }
-
-    // grab the request headers
-    var self = this;
-    aChannel.visitRequestHeaders({
-      visitHeader: function(aHeader, aValue) {
-        self._requestHeaders.push(aHeader + ": " + aValue);
-      }});
   },
 
 /* ........ Methods .............. */
@@ -270,21 +262,13 @@ ContentSecurityPolicy.prototype = {
       // {
       //   csp-report: {
       //     request: "GET /index.html HTTP/1.1",
-      //     request-headers: "Host: example.com
-      //                       User-Agent: ...
-      //                       ...",
       //     blocked-uri: "...",
       //     violated-directive: "..."
       //   }
       // }
-      var strHeaders = "";
-      for (let i in this._requestHeaders) {
-        strHeaders += this._requestHeaders[i] + "\n";
-      }
       var report = {
         'csp-report': {
           'request': this._request,
-          'request-headers': strHeaders,
           'blocked-uri': (blockedUri instanceof Ci.nsIURI ?
                           blockedUri.asciiSpec : blockedUri),
           'violated-directive': violatedDirective
diff --git a/content/base/src/nsFrameLoader.cpp b/content/base/src/nsFrameLoader.cpp
index 8205e292d92d..2f4bd5a05443 100644
--- a/content/base/src/nsFrameLoader.cpp
+++ b/content/base/src/nsFrameLoader.cpp
@@ -1628,8 +1628,6 @@ nsFrameLoader::GetWindowDimensions(nsRect& aRect)
 
   nsCOMPtr<nsIDocShellTreeItem> parentAsItem(do_QueryInterface(parentAsWebNav));
 
-  NS_ASSERTION(mIsTopLevelContent, "Outer dimensions must be taken only from TopLevel content");
-
   nsCOMPtr<nsIDocShellTreeOwner> parentOwner;
   if (NS_FAILED(parentAsItem->GetTreeOwner(getter_AddRefs(parentOwner))) ||
       !parentOwner) {
diff --git a/embedding/android/AndroidManifest.xml.in b/embedding/android/AndroidManifest.xml.in
index 76c2f052b720..6f10cc73c879 100644
--- a/embedding/android/AndroidManifest.xml.in
+++ b/embedding/android/AndroidManifest.xml.in
@@ -4,7 +4,8 @@
       package="@ANDROID_PACKAGE_NAME@"
       android:installLocation="auto"
       android:versionCode="@ANDROID_VERSION_CODE@"
-      android:versionName="@MOZ_APP_VERSION@">
+      android:versionName="@MOZ_APP_VERSION@"
+      android:sharedUserId="@MOZ_ANDROID_SHARED_ID@">
     <uses-sdk android:minSdkVersion="5"
               android:targetSdkVersion="5"/>
 
diff --git a/embedding/android/Makefile.in b/embedding/android/Makefile.in
index ae13449013fa..dd8f9cda55d6 100644
--- a/embedding/android/Makefile.in
+++ b/embedding/android/Makefile.in
@@ -101,9 +101,17 @@ GARBAGE_DIRS += classes res
 ifeq ($(MOZ_APP_NAME),fennec)
 ICON_PATH = $(topsrcdir)/$(MOZ_BRANDING_DIRECTORY)/content/fennec_48x48.png
 ICON_PATH_HDPI = $(topsrcdir)/$(MOZ_BRANDING_DIRECTORY)/content/fennec_72x72.png
+ifeq (org.mozilla.fennec_unofficial,$(ANDROID_PACKAGE_NAME))
+DEFINES += -DMOZ_ANDROID_SHARED_ID="org.mozilla.fennec_unofficial.sharedID"
+else ifeq (,$(MOZ_OFFICIAL_BRANDING))
+DEFINES += -DMOZ_ANDROID_SHARED_ID="org.mozilla.fennec.sharedID"
+else
+DEFINES += -DMOZ_ANDROID_SHARED_ID="org.mozilla.firefox.sharedID"
+endif
 else
 ICON_PATH = $(topsrcdir)/$(MOZ_BRANDING_DIRECTORY)/content/icon48.png
 ICON_PATH_HDPI = $(topsrcdir)/$(MOZ_BRANDING_DIRECTORY)/content/icon64.png
+DEFINES += -DMOZ_ANDROID_SHARED_ID="$(ANDROID_PACKAGE_NAME).sharedID"
 endif
 
 RES_LAYOUT = \
diff --git a/js/src/xpconnect/shell/xpcshell.cpp b/js/src/xpconnect/shell/xpcshell.cpp
index 935f5adffca8..2623fb7c76e3 100644
--- a/js/src/xpconnect/shell/xpcshell.cpp
+++ b/js/src/xpconnect/shell/xpcshell.cpp
@@ -1750,10 +1750,6 @@ FindObjectPrincipals(JSContext *cx, JSObject *obj)
     return gJSPrincipals;
 }
 
-// defined in nsScriptSecurityManager.cpp
-NS_IMPORT JSPrincipals *
-NS_DefaultObjectPrincipalFinder(JSContext *cx, JSObject *obj);
-
 int
 main(int argc, char **argv, char **envp)
 {
@@ -1907,7 +1903,7 @@ main(int argc, char **argv, char **envp)
 
         JSSecurityCallbacks *cb = JS_GetRuntimeSecurityCallbacks(rt);
         NS_ASSERTION(cb, "We are assuming that nsScriptSecurityManager::Init() has been run");
-        NS_ASSERTION(cb->findObjectPrincipals == NS_DefaultObjectPrincipalFinder, "Your pigeon is in my hole!");
+        NS_ASSERTION(!cb->findObjectPrincipals, "Your pigeon is in my hole!");
         cb->findObjectPrincipals = FindObjectPrincipals;
 
 #ifdef TEST_TranslateThis
diff --git a/widget/src/cocoa/TextInputHandler.mm b/widget/src/cocoa/TextInputHandler.mm
index 0baeb735014f..6da1e5eaccb6 100644
--- a/widget/src/cocoa/TextInputHandler.mm
+++ b/widget/src/cocoa/TextInputHandler.mm
@@ -184,7 +184,7 @@ GetCharacters(const NSString* aString)
 static const char*
 GetCharacters(const CFStringRef aString)
 {
-  NSString* str = reinterpret_cast<const NSString*>(aString);
+  const NSString* str = reinterpret_cast<const NSString*>(aString);
   return GetCharacters(str);
 }