Bug 1253108 - Enable ESLint "strict" rule for PSM. r=keeler
authorCykesiopka <cykesiopka.bmo@gmail.com>
Sat, 19 Mar 2016 03:07:13 -0700
changeset 290030 5d3a8a8f017842b11d0c2b969586b59280e20f4c
parent 290029 422d5142ae422a67797f9d04488b538ebf90cbb5
child 290031 9daacc9d25600491dacef965c3927d306deef931
push id19656
push usergwagner@mozilla.com
push dateMon, 04 Apr 2016 13:43:23 +0000
treeherderb2g-inbound@e99061fde28a [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerskeeler
bugs1253108
milestone48.0a1
Bug 1253108 - Enable ESLint "strict" rule for PSM. r=keeler MozReview-Commit-ID: 4wElZ8Guq9z
security/manager/.eslintrc.json
security/manager/pki/resources/content/certManager.js
security/manager/pki/resources/content/certpicker.js
security/manager/pki/resources/content/choosetoken.js
security/manager/pki/resources/content/clientauthask.js
security/manager/pki/resources/content/createCertInfo.js
security/manager/pki/resources/content/deletecert.js
security/manager/pki/resources/content/device_manager.js
security/manager/pki/resources/content/downloadcert.js
security/manager/pki/resources/content/editcerts.js
security/manager/pki/resources/content/exceptionDialog.js
security/manager/pki/resources/content/password.js
security/manager/pki/resources/content/pippki.js
security/manager/pki/resources/content/protectedAuth.js
security/manager/pki/resources/content/resetpassword.js
security/manager/pki/resources/content/viewCertDetails.js
security/manager/ssl/tests/mochitest/browser/browser_bug627234_perwindowpb.js
security/manager/ssl/tests/mochitest/browser/browser_certViewer.js
security/manager/ssl/tests/mochitest/browser/browser_certificateManagerLeak.js
security/manager/ssl/tests/mochitest/browser/head.js
security/manager/ssl/tests/mochitest/mixedcontent/backward.html
security/manager/ssl/tests/mochitest/mixedcontent/bug329869.js
security/manager/ssl/tests/mochitest/mixedcontent/bug383369step2.html
security/manager/ssl/tests/mochitest/mixedcontent/bug383369step3.html
security/manager/ssl/tests/mochitest/mixedcontent/iframe.html
security/manager/ssl/tests/mochitest/mixedcontent/iframe2.html
security/manager/ssl/tests/mochitest/mixedcontent/mixedContentTest.js
security/manager/ssl/tests/mochitest/mixedcontent/test_bug329869.html
security/manager/ssl/tests/mochitest/mixedcontent/test_bug383369.html
security/manager/ssl/tests/mochitest/mixedcontent/test_bug455367.html
security/manager/ssl/tests/mochitest/mixedcontent/test_bug472986.html
security/manager/ssl/tests/mochitest/mixedcontent/test_bug477118.html
security/manager/ssl/tests/mochitest/mixedcontent/test_bug521461.html
security/manager/ssl/tests/mochitest/mixedcontent/test_cssBefore1.html
security/manager/ssl/tests/mochitest/mixedcontent/test_cssContent1.html
security/manager/ssl/tests/mochitest/mixedcontent/test_cssContent2.html
security/manager/ssl/tests/mochitest/mixedcontent/test_documentWrite1.html
security/manager/ssl/tests/mochitest/mixedcontent/test_documentWrite2.html
security/manager/ssl/tests/mochitest/mixedcontent/test_dynDelayedUnsecurePicture.html
security/manager/ssl/tests/mochitest/mixedcontent/test_dynDelayedUnsecureXHR.html
security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureBackground.html
security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureIframeRedirect.html
security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecurePicture.html
security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecurePicturePreload.html
security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureRedirect.html
security/manager/ssl/tests/mochitest/mixedcontent/test_innerHtmlDelayedUnsecurePicture.html
security/manager/ssl/tests/mochitest/mixedcontent/test_innerHtmlUnsecurePicture.html
security/manager/ssl/tests/mochitest/mixedcontent/test_javascriptPicture.html
security/manager/ssl/tests/mochitest/mixedcontent/test_secureAll.html
security/manager/ssl/tests/mochitest/mixedcontent/test_securePicture.html
security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureBackground.html
security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureCSS.html
security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframe.html
security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframe2.html
security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframeMetaRedirect.html
security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframeRedirect.html
security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePicture.html
security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePictureDup.html
security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePictureInIframe.html
security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureRedirect.html
security/manager/ssl/tests/mochitest/mixedcontent/unsecurePictureDup.html
security/manager/ssl/tests/mochitest/stricttransportsecurity/nosts_bootstrap.html
security/manager/ssl/tests/mochitest/stricttransportsecurity/plain_bootstrap.html
security/manager/ssl/tests/mochitest/stricttransportsecurity/subdom_bootstrap.html
security/manager/ssl/tests/mochitest/stricttransportsecurity/test_stricttransportsecurity.html
security/manager/ssl/tests/mochitest/stricttransportsecurity/test_sts_privatebrowsing_perwindowpb.html
security/manager/ssl/tests/unit/sss_readstate_child_worker.js
security/manager/ssl/tests/unit/test_cert_blocklist.js
security/manager/ssl/tests/unit/test_datasignatureverifier.js
security/manager/ssl/tests/unit/test_hash_algorithms.js
security/manager/ssl/tests/unit/test_hash_algorithms_wrap.js
security/manager/ssl/tests/unit/test_pinning_dynamic.js
security/manager/ssl/tests/unit/test_pinning_header_parsing.js
security/manager/ssl/tests/unit/test_sss_eviction.js
security/manager/ssl/tests/unit/test_sss_readstate.js
security/manager/ssl/tests/unit/test_sss_readstate_child.js
security/manager/ssl/tests/unit/test_sss_readstate_empty.js
security/manager/ssl/tests/unit/test_sss_readstate_garbage.js
security/manager/ssl/tests/unit/test_sss_readstate_huge.js
security/manager/ssl/tests/unit/test_sss_savestate.js
security/manager/ssl/tests/unit/test_sts_ipv4_ipv6.js
security/manager/ssl/tests/unit/test_sts_preloadlist_perwindowpb.js
security/manager/ssl/tests/unit/test_sts_preloadlist_selfdestruct.js
security/manager/tools/dumpGoogleRoots.js
security/manager/tools/genRootCAHashes.js
security/manager/tools/getHSTSPreloadList.js
security/manager/tools/makeCNNICHashes.js
--- a/security/manager/.eslintrc.json
+++ b/security/manager/.eslintrc.json
@@ -172,16 +172,19 @@
 
     // Require spaces after return, throw and case
     // Note: Replaced by keyword-spacing in ESLint v2.0.
     "space-return-throw-case": 2,
 
     // ++ and -- should not need spacing
     "space-unary-ops": [2, { "words": true, "nonwords": false }],
 
+    // Require "use strict" to be defined globally in the script.
+    "strict": [2, "global"],
+
     // No comparisons to NaN
     "use-isnan": 2,
 
     // Only check typeof against valid results
     "valid-typeof": 2
   },
   "env": {
     "browser": true
--- a/security/manager/pki/resources/content/certManager.js
+++ b/security/manager/pki/resources/content/certManager.js
@@ -1,12 +1,13 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 /* import-globals-from pippki.js */
+"use strict";
 
 const nsIFilePicker = Components.interfaces.nsIFilePicker;
 const nsFilePicker = "@mozilla.org/filepicker;1";
 const nsIX509CertDB = Components.interfaces.nsIX509CertDB;
 const nsX509CertDB = "@mozilla.org/security/x509certdb;1";
 const nsIX509Cert = Components.interfaces.nsIX509Cert;
 const nsICertTree = Components.interfaces.nsICertTree;
 const nsCertTree = "@mozilla.org/security/nsCertTree;1";
--- a/security/manager/pki/resources/content/certpicker.js
+++ b/security/manager/pki/resources/content/certpicker.js
@@ -1,13 +1,14 @@
 /* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 /* import-globals-from pippki.js */
+"use strict";
 
 const nsIDialogParamBlock = Components.interfaces.nsIDialogParamBlock;
 
 var dialogParams;
 var itemCount = 0;
 
 function onLoad()
 {
--- a/security/manager/pki/resources/content/choosetoken.js
+++ b/security/manager/pki/resources/content/choosetoken.js
@@ -1,14 +1,15 @@
 /* -*- indent-tabs-mode: nil; js-indent-level: 2 -*-
  *
  * This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 /* import-globals-from pippki.js */
+"use strict";
 
 const nsIDialogParamBlock = Components.interfaces.nsIDialogParamBlock;
 
 var dialogParams;
 
 function onLoad()
 {
   dialogParams = window.arguments[0].QueryInterface(nsIDialogParamBlock);
--- a/security/manager/pki/resources/content/clientauthask.js
+++ b/security/manager/pki/resources/content/clientauthask.js
@@ -1,14 +1,15 @@
 /* -*- tab-width: 2; indent-tabs-mode: nil; js-indent-level: 2 -*-
  *
  * This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 /* import-globals-from pippki.js */
+"use strict";
 
 const nsIDialogParamBlock = Components.interfaces.nsIDialogParamBlock;
 
 var dialogParams;
 var itemCount = 0;
 var rememberBox;
 
 function onLoad()
--- a/security/manager/pki/resources/content/createCertInfo.js
+++ b/security/manager/pki/resources/content/createCertInfo.js
@@ -1,14 +1,15 @@
 /* -*- indent-tabs-mode: nil; js-indent-level: 2 -*-
  *
  * This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 /* import-globals-from pippki.js */
+"use strict";
 
 var keygenThread;
 
 function onLoad()
 {
   keygenThread = window.arguments[0].QueryInterface(Components.interfaces.nsIKeygenThread);
 
   if (!keygenThread) {
--- a/security/manager/pki/resources/content/deletecert.js
+++ b/security/manager/pki/resources/content/deletecert.js
@@ -1,12 +1,13 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 /* import-globals-from pippki.js */
+"use strict";
 
 const nsIX509Cert = Components.interfaces.nsIX509Cert;
 const nsX509CertDB = "@mozilla.org/security/x509certdb;1";
 const nsIX509CertDB = Components.interfaces.nsIX509CertDB;
 const nsIDialogParamBlock = Components.interfaces.nsIDialogParamBlock;
 
 var certdb;
 var gParams;
--- a/security/manager/pki/resources/content/device_manager.js
+++ b/security/manager/pki/resources/content/device_manager.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 const nsIFilePicker = Components.interfaces.nsIFilePicker;
 const nsFilePicker = "@mozilla.org/filepicker;1";
 const nsIPKCS11Slot = Components.interfaces.nsIPKCS11Slot;
 const nsIPKCS11Module = Components.interfaces.nsIPKCS11Module;
 const nsPKCS11ModuleDB = "@mozilla.org/security/pkcs11moduledb;1";
 const nsIPKCS11ModuleDB = Components.interfaces.nsIPKCS11ModuleDB;
 const nsIPK11Token = Components.interfaces.nsIPK11Token;
--- a/security/manager/pki/resources/content/downloadcert.js
+++ b/security/manager/pki/resources/content/downloadcert.js
@@ -1,12 +1,13 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 /* import-globals-from pippki.js */
+"use strict";
 
 const nsIDialogParamBlock = Components.interfaces.nsIDialogParamBlock;
 const nsIX509Cert = Components.interfaces.nsIX509Cert;
 
 var params;
 var caName;
 var cert;
 
--- a/security/manager/pki/resources/content/editcerts.js
+++ b/security/manager/pki/resources/content/editcerts.js
@@ -1,12 +1,13 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 /* import-globals-from pippki.js */
+"use strict";
 
 const nsIX509Cert = Components.interfaces.nsIX509Cert;
 const nsX509CertDB = "@mozilla.org/security/x509certdb;1";
 const nsIX509CertDB = Components.interfaces.nsIX509CertDB;
 
 var certdb;
 var cert;
 
--- a/security/manager/pki/resources/content/exceptionDialog.js
+++ b/security/manager/pki/resources/content/exceptionDialog.js
@@ -1,12 +1,13 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 /* import-globals-from pippki.js */
+"use strict";
 
 var gDialog;
 var gBundleBrand;
 var gPKIBundle;
 var gSSLStatus;
 var gCert;
 var gChecking;
 var gBroken;
--- a/security/manager/pki/resources/content/password.js
+++ b/security/manager/pki/resources/content/password.js
@@ -1,11 +1,13 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
+
 const nsPK11TokenDB = "@mozilla.org/security/pk11tokendb;1";
 const nsIPK11TokenDB = Components.interfaces.nsIPK11TokenDB;
 const nsIDialogParamBlock = Components.interfaces.nsIDialogParamBlock;
 const nsPKCS11ModuleDB = "@mozilla.org/security/pkcs11moduledb;1";
 const nsIPKCS11ModuleDB = Components.interfaces.nsIPKCS11ModuleDB;
 const nsIPKCS11Slot = Components.interfaces.nsIPKCS11Slot;
 const nsIPK11Token = Components.interfaces.nsIPK11Token;
 
--- a/security/manager/pki/resources/content/pippki.js
+++ b/security/manager/pki/resources/content/pippki.js
@@ -1,13 +1,14 @@
 /* -*- indent-tabs-mode: nil; js-indent-level: 2 -*-
  *
  * This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 /*
  * These are helper functions to be included
  * pippki UI js files.
  */
 
 function setText(id, value) {
   let element = document.getElementById(id);
--- a/security/manager/pki/resources/content/protectedAuth.js
+++ b/security/manager/pki/resources/content/protectedAuth.js
@@ -1,12 +1,13 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 /* import-globals-from pippki.js */
+"use strict";
 
 function onLoad()
 {
   let protectedAuthThread =
     window.arguments[0].QueryInterface(Components.interfaces.nsIProtectedAuthThread);
 
   if (!protectedAuthThread) {
     window.close();
--- a/security/manager/pki/resources/content/resetpassword.js
+++ b/security/manager/pki/resources/content/resetpassword.js
@@ -1,12 +1,13 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 /* import-globals-from pippki.js */
+"use strict";
 
 const nsPK11TokenDB = "@mozilla.org/security/pk11tokendb;1";
 const nsIPK11TokenDB = Components.interfaces.nsIPK11TokenDB;
 const nsIDialogParamBlock = Components.interfaces.nsIDialogParamBlock;
 
 var tokenName;
 
 function onLoad()
--- a/security/manager/pki/resources/content/viewCertDetails.js
+++ b/security/manager/pki/resources/content/viewCertDetails.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 const nsIX509Cert = Components.interfaces.nsIX509Cert;
 const nsX509CertDB = "@mozilla.org/security/x509certdb;1";
 const nsIX509CertDB = Components.interfaces.nsIX509CertDB;
 const nsPK11TokenDB = "@mozilla.org/security/pk11tokendb;1";
 const nsIPK11TokenDB = Components.interfaces.nsIPK11TokenDB;
 const nsIASN1Object = Components.interfaces.nsIASN1Object;
 const nsIASN1Sequence = Components.interfaces.nsIASN1Sequence;
--- a/security/manager/ssl/tests/mochitest/browser/browser_bug627234_perwindowpb.js
+++ b/security/manager/ssl/tests/mochitest/browser/browser_bug627234_perwindowpb.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 var FakeSSLStatus = function() {
 };
 
 FakeSSLStatus.prototype = {
   serverCert: null,
   cipherName: null,
   keyLength: 2048,
--- a/security/manager/ssl/tests/mochitest/browser/browser_certViewer.js
+++ b/security/manager/ssl/tests/mochitest/browser/browser_certViewer.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 var gBugWindow;
 
 function onLoad() {
   gBugWindow.removeEventListener("load", onLoad);
   gBugWindow.addEventListener("unload", onUnload);
   gBugWindow.close();
 }
--- a/security/manager/ssl/tests/mochitest/browser/browser_certificateManagerLeak.js
+++ b/security/manager/ssl/tests/mochitest/browser/browser_certificateManagerLeak.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 var gBugWindow;
 
 function onLoad() {
   gBugWindow.removeEventListener("load", onLoad);
   gBugWindow.addEventListener("unload", onUnload);
   gBugWindow.close();
 }
--- a/security/manager/ssl/tests/mochitest/browser/head.js
+++ b/security/manager/ssl/tests/mochitest/browser/head.js
@@ -1,9 +1,11 @@
 /* Any copyright is dedicated to the Public Domain.
    http://creativecommons.org/publicdomain/zero/1.0/ */
+"use strict";
+
 function whenNewWindowLoaded(aOptions, aCallback) {
   let win = OpenBrowserWindow(aOptions);
   win.addEventListener("load", function onLoad() {
     win.removeEventListener("load", onLoad, false);
     aCallback(win);
   }, false);
 }
--- a/security/manager/ssl/tests/mochitest/mixedcontent/backward.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/backward.html
@@ -1,13 +1,13 @@
 <!DOCTYPE HTML>
 <html>
 <head>
   <script type="text/javascript">
-
+  "use strict";
   window.onload = function()
   {
     window.setTimeout(function()
     {
       SpecialPowers.wrap(window).QueryInterface(SpecialPowers.Ci.nsIInterfaceRequestor)
         .getInterface(SpecialPowers.Ci.nsIWebNavigation)
         .goBack();
     }, 100);
--- a/security/manager/ssl/tests/mochitest/mixedcontent/bug329869.js
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/bug329869.js
@@ -1,5 +1,7 @@
 /* import-globals-from mixedContentTest.js */
+"use strict";
+
 document.open();
 document.write("This is insecure XSS script " + document.cookie);
 isSecurityState("broken", "security broken after document write from unsecure script");
 finish();
--- a/security/manager/ssl/tests/mochitest/mixedcontent/bug383369step2.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/bug383369step2.html
@@ -3,16 +3,17 @@
 <head>
   <title>Bug 383369 test, step 2</title>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/does_not_exist.css">
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   window.onload = function runTest() {
     window.setTimeout(function () {
       window.location =
         "https://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/bug383369step3.html?runtest";
     }, 0);
   };
 
--- a/security/manager/ssl/tests/mochitest/mixedcontent/bug383369step3.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/bug383369step3.html
@@ -3,16 +3,17 @@
 <head>
   <title>Bug 383369 test, final step</title>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   function runTest()
   {
     isSecurityState("secure", "secure page after insecure download and insecure subcontent still secure");
     finish();
   }
 
   function afterNavigationTest()
--- a/security/manager/ssl/tests/mochitest/mixedcontent/iframe.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/iframe.html
@@ -1,12 +1,13 @@
 <!DOCTYPE HTML>
 <html>
 <head>
 </head>
 
 <body>
   This is frame 1: 
   <script>
+    "use strict";
     document.write(location.href);
   </script>
 </body>
 </html>
--- a/security/manager/ssl/tests/mochitest/mixedcontent/iframe2.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/iframe2.html
@@ -1,13 +1,14 @@
 <!DOCTYPE HTML>
 <html>
 <head>
 </head>
 
 <body>
   This is frame 2: 
   <script>
+    "use strict";
     document.write(location.href);
   </script>
   <iframe src="http://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/iframe.html"></iframe>
 </body>
 </html>
--- a/security/manager/ssl/tests/mochitest/mixedcontent/mixedContentTest.js
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/mixedContentTest.js
@@ -1,8 +1,10 @@
+"use strict";
+
 /**
  * Helper script for mixed content testing. It opens a new top-level window
  * from a secure origin and '?runtest' query. That tells us to run the test
  * body, function runTest(). Then we wait for call of finish(). On its first
  * call it loads helper page 'backward.html' that immediately navigates
  * back to the test secure test. This checks the bfcache. We got second call
  * to onload and this time we call afterNavigationTest() function to let the
  * test check security state after re-navigation back. Then we again wait for
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_bug329869.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_bug329869.html
@@ -3,16 +3,17 @@
 <head>
   <title>dymanic script load</title>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   hasMixedActiveContent = true;
 
   function runTest()
   {
     isSecurityState("secure");
     window.setTimeout(function () {
       var newElement = document.createElement("script");
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_bug383369.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_bug383369.html
@@ -3,16 +3,17 @@
 <head>
   <title>Bug 383369 test</title>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   // We want to start this test from an insecure context
   loadAsInsecure = true;
   // We don't want to go through the navigation back/forward test
   bypassNavigationTest = true;
 
   function runTest()
   {
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_bug455367.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_bug455367.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   function runTest()
   {
     isSecurityState("broken", "broken");
     finish();
   }
 
   function afterNavigationTest()
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_bug472986.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_bug472986.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   SimpleTest.expectAssertions(0, 4);
 
   // Clear the default onload assigned to test start because we must
   // wait for replaced image to load and only after that test the security state
   var onLoadFunction = window.onload;
   window.onload = function()
   {
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_bug477118.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_bug477118.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   function runTest()
   {
     isSecurityState("secure", "data <img> doesn't break security");
     finish();
   }
 
   function afterNavigationTest()
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_bug521461.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_bug521461.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   loadAsInsecure = true;
 
   function runTest()
   {
     window.location = "https://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/nocontent.sjs";
     window.setTimeout(function() {
       isSecurityState("insecure", "location.href doesn't effect the security state");
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_cssBefore1.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_cssBefore1.html
@@ -13,16 +13,17 @@
     p:before
     {
       content: url(http://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/moonsurface.jpg);
     }
   </style>
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   function runTest()
   {
     isSecurityState("broken", "insecure content added by :before styling breaks security");
     finish();
   }
 
   function afterNavigationTest()
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_cssContent1.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_cssContent1.html
@@ -14,16 +14,17 @@
     p
     {
       content: url(http://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/moonsurface.jpg);
     }
   </style>
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   function runTest()
   {
     isSecurityState("broken", "insecure content added by :before styling breaks security");
     finish();
   }
 
   function afterNavigationTest()
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_cssContent2.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_cssContent2.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   if (navigator.platform.startsWith("Mac")) {
     SimpleTest.expectAssertions(0, 1);
   }
 
   function runTest()
   {
     isSecurityState("secure");
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_documentWrite1.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_documentWrite1.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   function runTest()
   {
     isSecurityState("broken", "insecure <img> written dynamically breaks security");
     finish();
   }
 
   function afterNavigationTest()
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_documentWrite2.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_documentWrite2.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   hasMixedActiveContent = true;
 
   function runTest()
   {
     isSecurityState("broken", "insecure iframe written dynamically breaks security");
     finish();
   }
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_dynDelayedUnsecurePicture.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynDelayedUnsecurePicture.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   function runTest()
   {
     isSecurityState("secure");
     window.setTimeout(function() {
       // Don't do this synchronously from onload handler
       document.getElementById("image1").src =
         "http://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/moonsurface.jpg";
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_dynDelayedUnsecureXHR.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynDelayedUnsecureXHR.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   hasMixedActiveContent = true;
 
   function runTest()
   {
     isSecurityState("secure");
     window.setTimeout(() => {
       try {
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureBackground.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureBackground.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   // This test, as is, equals to https://kuix.de/misc/test17/358438.php
 
   function runTest()
   {
     isSecurityState("secure");
     document.body.background =
       "http://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/moonsurface.jpg";
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureIframeRedirect.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureIframeRedirect.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   hasMixedActiveContent = true;
 
   function runTest()
   {
     isSecurityState("secure");
     var self = window;
     var iframe = document.getElementById("iframe1");
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecurePicture.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecurePicture.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   // This test, as is, equals to https://kuix.de/misc/test17/358438.php
 
   function runTest()
   {
     isSecurityState("secure");
     document.getElementById("image1").src =
       "http://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/moonsurface.jpg";
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecurePicturePreload.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecurePicturePreload.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   (new Image()).src =
     "http://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/moonsurface.jpg";
 
   function runTest()
   {
     isSecurityState("broken", "(new Image()).src='http://...' changed to broken");
     finish();
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureRedirect.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureRedirect.html
@@ -3,16 +3,17 @@
 <head>
   <title>img.src changes to unsecure redirect test</title>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   function runTest()
   {
     isSecurityState("secure");
     document.getElementById("image1").src =
       "https://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/imgunsecredirect.sjs";
 
     window.setTimeout(function() {
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_innerHtmlDelayedUnsecurePicture.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_innerHtmlDelayedUnsecurePicture.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   function runTest()
   {
     isSecurityState("secure");
 
     window.setTimeout(function () {
       document.getElementById("buddy").innerHTML =
         "<img id='image1' src='http://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/moonsurface.jpg' />";
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_innerHtmlUnsecurePicture.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_innerHtmlUnsecurePicture.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   function runTest()
   {
     isSecurityState("secure");
 
     document.getElementById("buddy").innerHTML =
       "<img id='image1' src='http://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/moonsurface.jpg' />";
 
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_javascriptPicture.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_javascriptPicture.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   function runTest()
   {
     isSecurityState("secure", "javascript: <img> should not break security");
     finish();
   }
 
   function afterNavigationTest()
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_secureAll.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_secureAll.html
@@ -10,16 +10,17 @@
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <link rel="stylesheet" type="text/css"
     href="https://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/somestyle.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   // Navigation test goes over an insecure page, test state leak
   navigateToInsecure = true;
 
   function runTest()
   {
     isSecurityState("secure", "insecure <img> load breaks security");
     finish();
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_securePicture.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_securePicture.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   loadAsInsecure = true;
 
   function runTest()
   {
     isSecurityState("insecure", "left insecure");
     finish();
   }
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureBackground.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureBackground.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   // This test, as is, equals to https://kuix.de/misc/test17/358438.php
 
   function runTest()
   {
     isSecurityState("broken", "security broken");
     finish();
   }
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureCSS.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureCSS.html
@@ -10,16 +10,17 @@
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <link rel="stylesheet" type="text/css"
     href="http://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/somestyle.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   hasMixedActiveContent = true;
 
   function runTest()
   {
     isSecurityState("broken", "insecure <img> load breaks security");
     finish();
   }
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframe.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframe.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   hasMixedActiveContent = true;
 
   function runTest()
   {
     isSecurityState("broken", "insecure <iframe> load breaks security");
     finish();
   }
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframe2.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframe2.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   hasMixedActiveContent = true;
 
   function runTest()
   {
     isSecurityState("broken", "insecure <iframe> load breaks security");
     finish();
   }
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframeMetaRedirect.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframeMetaRedirect.html
@@ -3,16 +3,17 @@
 <head>
   <title>Unsecure redirect iframe load</title>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   function runTest()
   {
     window.setTimeout(function()
     {
       isSecurityState("broken", "insecure meta-tag <iframe> load breaks security");
       finish();
     }, 500);
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframeRedirect.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframeRedirect.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   hasMixedActiveContent = true;
 
   function runTest()
   {
     isSecurityState("broken", "insecure <iframe> load breaks security");
     finish();
   }
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePicture.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePicture.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   function runTest()
   {
     isSecurityState("broken", "insecure <img> load breaks security");
     finish();
   }
 
   function afterNavigationTest()
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePictureDup.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePictureDup.html
@@ -3,16 +3,17 @@
 <head>
   <title>Unsecure img load in two windows</title>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   openTwoWindows = true;
   testPage = "unsecurePictureDup.html";
 
   </script>
 </head>
 
 <body>
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePictureInIframe.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePictureInIframe.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   hasMixedActiveContent = true;
 
   function runTest()
   {
     isSecurityState("broken", "insecure <img> in an <iframe> load breaks security");
     finish();
   }
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureRedirect.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureRedirect.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   hasMixedActiveContent = true;
 
   function runTest()
   {
     isSecurityState("broken", "insecure <img> load breaks security");
     finish();
   }
--- a/security/manager/ssl/tests/mochitest/mixedcontent/unsecurePictureDup.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/unsecurePictureDup.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   function runTest()
   {
     isSecurityState("broken", "insecure <img> load breaks security");
     finish();
   }
 
   function afterNavigationTest()
--- a/security/manager/ssl/tests/mochitest/stricttransportsecurity/nosts_bootstrap.html
+++ b/security/manager/ssl/tests/mochitest/stricttransportsecurity/nosts_bootstrap.html
@@ -2,16 +2,17 @@
    - License, v. 2.0. If a copy of the MPL was not distributed with this
    - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
 
 <!DOCTYPE HTML>
 <html>
   <head>
     <title>STS test iframe</title>
     <script>
+      "use strict";
       let windowRef = window;
       window.addEventListener("load", function() {
         windowRef.parent.postMessage("BOOTSTRAP plain",
                                      "http://mochi.test:8888");
       }, false);
     </script>
   </head>
   <body>
--- a/security/manager/ssl/tests/mochitest/stricttransportsecurity/plain_bootstrap.html
+++ b/security/manager/ssl/tests/mochitest/stricttransportsecurity/plain_bootstrap.html
@@ -2,16 +2,17 @@
    - License, v. 2.0. If a copy of the MPL was not distributed with this
    - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
 
 <!DOCTYPE HTML>
 <html>
   <head>
     <title>STS test iframe</title>
     <script>
+      "use strict";
       let windowRef = window;
       window.addEventListener("load", function() {
         windowRef.parent.postMessage("BOOTSTRAP plain",
                                      "http://mochi.test:8888");
       }, false);
     </script>
   </head>
   <body>
--- a/security/manager/ssl/tests/mochitest/stricttransportsecurity/subdom_bootstrap.html
+++ b/security/manager/ssl/tests/mochitest/stricttransportsecurity/subdom_bootstrap.html
@@ -2,16 +2,17 @@
    - License, v. 2.0. If a copy of the MPL was not distributed with this
    - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
 
 <!DOCTYPE HTML>
 <html>
   <head>
     <title>STS test iframe</title>
     <script>
+      "use strict";
       let windowRef = window;
       window.addEventListener("load", function() {
         windowRef.parent.postMessage("BOOTSTRAP subdom",
                                      "http://mochi.test:8888");
       }, false);
     </script>
   </head>
   <body>
--- a/security/manager/ssl/tests/mochitest/stricttransportsecurity/test_stricttransportsecurity.html
+++ b/security/manager/ssl/tests/mochitest/stricttransportsecurity/test_stricttransportsecurity.html
@@ -5,16 +5,18 @@
 <!DOCTYPE HTML>
 <html>
 <head>
   <title>opens additional content that should be converted to https</title>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
+  "use strict";
+
   SimpleTest.waitForExplicitFinish();
 
   const STSPATH = "/tests/security/manager/ssl/tests/mochitest/stricttransportsecurity";
 
   // initialized manually here
   var testsleft = {'plain': 4, 'subdom': 4};
   var roundsLeft = 2;
 
--- a/security/manager/ssl/tests/mochitest/stricttransportsecurity/test_sts_privatebrowsing_perwindowpb.html
+++ b/security/manager/ssl/tests/mochitest/stricttransportsecurity/test_sts_privatebrowsing_perwindowpb.html
@@ -2,19 +2,22 @@
    - License, v. 2.0. If a copy of the MPL was not distributed with this
    - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
 
 <!DOCTYPE HTML>
 <html>
 <head>
   <title>opens additional content that should be converted to https</title>
   <script type="application/javascript" src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"></script>
-  <link rel="stylesheet" type="text/css" href="chrome://mochikit/content/tests/SimpleTest/test.css"?>
+  <link rel="stylesheet" type="text/css"
+        href="chrome://mochikit/content/tests/SimpleTest/test.css"/>
 
   <script class="testbody" type="text/javascript">
+  "use strict";
+
   SimpleTest.waitForExplicitFinish();
 
   const Cc = Components.classes;
   const Ci = Components.interfaces;
   const STSPATH = "/tests/security/manager/ssl/tests/mochitest/stricttransportsecurity";
   const NUM_TEST_FRAMES = 4;
   const CONTENT_PAGE =
     "http://mochi.test:8888/chrome/security/manager/ssl/tests/mochitest/stricttransportsecurity/page_blank.html";
--- a/security/manager/ssl/tests/unit/sss_readstate_child_worker.js
+++ b/security/manager/ssl/tests/unit/sss_readstate_child_worker.js
@@ -1,9 +1,10 @@
 /* import-globals-from head_psm.js */
+"use strict";
 
 function run_test() {
   var SSService = Cc["@mozilla.org/ssservice;1"]
                     .getService(Ci.nsISiteSecurityService);
 
   ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
                              "expired.example.com", 0));
   ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
--- a/security/manager/ssl/tests/unit/test_cert_blocklist.js
+++ b/security/manager/ssl/tests/unit/test_cert_blocklist.js
@@ -1,12 +1,13 @@
 /* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 // This test checks a number of things:
 // * it ensures that data loaded from revocations.txt on startup is present
 // * it ensures that certItems in blocklist.xml are persisted correctly
 // * it ensures that items in the CertBlocklist are seen as revoked by the
 //   cert verifier
 // * it does a sanity check to ensure other cert verifier behavior is
 //   unmodified
--- a/security/manager/ssl/tests/unit/test_datasignatureverifier.js
+++ b/security/manager/ssl/tests/unit/test_datasignatureverifier.js
@@ -1,9 +1,9 @@
-const DSV = Ci.nsIDataSignatureVerifier;
+"use strict";
 
 var keys = [
 // RSA key
 "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDK426erD/H3XtsjvaB5+PJqbhj" +
 "Zc9EDI5OCJS8R3FIObJ9ZHJK1TXeaE7JWqt9WUmBWTEFvwS+FI9vWu8058N9CHhD" +
 "NyeP6i4LuUYjTURnn7Yw/IgzyIJ2oKsYa32RuxAyteqAWqPT/J63wBixIeCxmysf" +
 "awB/zH4KaPiY3vnrzQIDAQAB",
 
--- a/security/manager/ssl/tests/unit/test_hash_algorithms.js
+++ b/security/manager/ssl/tests/unit/test_hash_algorithms.js
@@ -1,8 +1,10 @@
+"use strict";
+
 var ScriptableUnicodeConverter =
   Components.Constructor("@mozilla.org/intl/scriptableunicodeconverter",
                          "nsIScriptableUnicodeConverter");
 var CryptoHash =
   Components.Constructor("@mozilla.org/security/hash;1",
                          "nsICryptoHash",
                          "initWithString");
 
--- a/security/manager/ssl/tests/unit/test_hash_algorithms_wrap.js
+++ b/security/manager/ssl/tests/unit/test_hash_algorithms_wrap.js
@@ -1,3 +1,5 @@
+"use strict";
+
 function run_test() {
   run_test_in_child("test_hash_algorithms.js");
 }
--- a/security/manager/ssl/tests/unit/test_pinning_dynamic.js
+++ b/security/manager/ssl/tests/unit/test_pinning_dynamic.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 // The purpose of this test is to create a site security service state file
 // and see that the site security service reads it properly.
 
 function writeLine(aLine, aOutputStream) {
   aOutputStream.write(aLine, aLine.length);
 }
 
--- a/security/manager/ssl/tests/unit/test_pinning_header_parsing.js
+++ b/security/manager/ssl/tests/unit/test_pinning_header_parsing.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 // The purpose of this test is to check that parsing of HPKP headers
 // is correct.
 
 var profileDir = do_get_profile();
 const certdb = Cc["@mozilla.org/security/x509certdb;1"]
                  .getService(Ci.nsIX509CertDB);
 var gSSService = Cc["@mozilla.org/ssservice;1"]
--- a/security/manager/ssl/tests/unit/test_sss_eviction.js
+++ b/security/manager/ssl/tests/unit/test_sss_eviction.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 // The purpose of this test is to check that a frequently visited site
 // will not be evicted over an infrequently visited site.
 
 var gSSService = null;
 var gProfileDir = null;
 
 function do_state_written(aSubject, aTopic, aData) {
--- a/security/manager/ssl/tests/unit/test_sss_readstate.js
+++ b/security/manager/ssl/tests/unit/test_sss_readstate.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 // The purpose of this test is to create a site security service state file
 // and see that the site security service reads it properly.
 
 function writeLine(aLine, aOutputStream) {
   aOutputStream.write(aLine, aLine.length);
 }
 
--- a/security/manager/ssl/tests/unit/test_sss_readstate_child.js
+++ b/security/manager/ssl/tests/unit/test_sss_readstate_child.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 // The purpose of this test is to create a site security service state file
 // and see that the site security service reads it properly. We also verify
 // that state changes are reflected in the child process.
 
 function writeLine(aLine, aOutputStream) {
   aOutputStream.write(aLine, aLine.length);
 }
--- a/security/manager/ssl/tests/unit/test_sss_readstate_empty.js
+++ b/security/manager/ssl/tests/unit/test_sss_readstate_empty.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 // The purpose of this test is to create an empty site security service state
 // file and see that the site security service doesn't fail when reading it.
 
 var gSSService = null;
 
 function checkStateRead(aSubject, aTopic, aData) {
   // nonexistent.example.com should never be an HSTS host
--- a/security/manager/ssl/tests/unit/test_sss_readstate_garbage.js
+++ b/security/manager/ssl/tests/unit/test_sss_readstate_garbage.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 // The purpose of this test is to create a mostly bogus site security service
 // state file and see that the site security service handles it properly.
 
 function writeLine(aLine, aOutputStream) {
   aOutputStream.write(aLine, aLine.length);
 }
 
--- a/security/manager/ssl/tests/unit/test_sss_readstate_huge.js
+++ b/security/manager/ssl/tests/unit/test_sss_readstate_huge.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 // The purpose of this test is to create a site security service state file
 // that is too large and see that the site security service reads it properly
 // (this means discarding all entries after the 1024th).
 
 function writeLine(aLine, aOutputStream) {
   aOutputStream.write(aLine, aLine.length);
 }
--- a/security/manager/ssl/tests/unit/test_sss_savestate.js
+++ b/security/manager/ssl/tests/unit/test_sss_savestate.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 // The purpose of this test is to see that the site security service properly
 // writes its state file.
 
 const EXPECTED_ENTRIES = 6;
 const EXPECTED_HSTS_COLUMNS = 3;
 const EXPECTED_HPKP_COLUMNS = 4;
 var gProfileDir = null;
--- a/security/manager/ssl/tests/unit/test_sts_ipv4_ipv6.js
+++ b/security/manager/ssl/tests/unit/test_sts_ipv4_ipv6.js
@@ -1,8 +1,10 @@
+"use strict";
+
 function check_ip(s, v, ip) {
   let sslStatus = new FakeSSLStatus();
   ok(!s.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, ip, 0));
 
   let str = "https://";
   if (v == 6) {
     str += "[";
   }
--- a/security/manager/ssl/tests/unit/test_sts_preloadlist_perwindowpb.js
+++ b/security/manager/ssl/tests/unit/test_sts_preloadlist_perwindowpb.js
@@ -1,13 +1,14 @@
 // This test attempts to use only domains that are likely to remain on the
 // preload list for a long time. Currently this includes bugzilla.mozilla.org
 // and login.persona.org because they are Mozilla properties and we are
 // invested in HSTS. Additionally, www.torproject.org was deemed likely to
 // continue to use HSTS.
+"use strict";
 
 var gSSService = Cc["@mozilla.org/ssservice;1"]
                    .getService(Ci.nsISiteSecurityService);
 
 function Observer() {}
 Observer.prototype = {
   observe: function(subject, topic, data) {
     if (topic == "last-pb-context-exited") {
--- a/security/manager/ssl/tests/unit/test_sts_preloadlist_selfdestruct.js
+++ b/security/manager/ssl/tests/unit/test_sts_preloadlist_selfdestruct.js
@@ -1,10 +1,11 @@
 // This test uses bugzilla.mozilla.org given that it is likely to remain
 // on the preload list for a long time.
+"use strict";
 
 function run_test() {
   let SSService = Cc["@mozilla.org/ssservice;1"]
                     .getService(Ci.nsISiteSecurityService);
 
   // check that a host on the preload list is identified as an sts host
   ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
                             "bugzilla.mozilla.org", 0));
--- a/security/manager/tools/dumpGoogleRoots.js
+++ b/security/manager/tools/dumpGoogleRoots.js
@@ -1,24 +1,23 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 // This file is a helper script that generates the list of certificates that
 // make up the preloaded pinset for Google properties.
 //
 // How to run this file:
 // 1. [obtain firefox source code]
 // 2. [build/obtain firefox binaries]
 // 3. run `[path to]/run-mozilla.sh [path to]/xpcshell dumpGoogleRoots.js'
 // 4. [paste the output into the appropriate section in
 //     security/manager/tools/PreloadedHPKPins.json]
 
-// <https://developer.mozilla.org/en/XPConnect/xpcshell/HOWTO>
-// <https://bugzilla.mozilla.org/show_bug.cgi?id=546628>
 var Cc = Components.classes;
 var Ci = Components.interfaces;
 
 function downloadRoots() {
   let req = Cc["@mozilla.org/xmlextras/xmlhttprequest;1"]
               .createInstance(Ci.nsIXMLHttpRequest);
   req.open("GET", "https://pki.google.com/roots.pem", false);
   try {
--- a/security/manager/tools/genRootCAHashes.js
+++ b/security/manager/tools/genRootCAHashes.js
@@ -1,20 +1,19 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 // How to run this file:
 // 1. [obtain firefox source code]
 // 2. [build/obtain firefox binaries]
 // 3. run `[path to]/run-mozilla.sh [path to]/xpcshell genRootCAHashes.js \
 //                                  [absolute path to]/RootHashes.inc'
 
-// <https://developer.mozilla.org/en/XPConnect/xpcshell/HOWTO>
-// <https://bugzilla.mozilla.org/show_bug.cgi?id=546628>
 var Cc = Components.classes;
 var Ci = Components.interfaces;
 var Cu = Components.utils;
 var Cr = Components.results;
 
 const nsX509CertDB = "@mozilla.org/security/x509certdb;1";
 const CertDb = Components.classes[nsX509CertDB].getService(Ci.nsIX509CertDB);
 
--- a/security/manager/tools/getHSTSPreloadList.js
+++ b/security/manager/tools/getHSTSPreloadList.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 // How to run this file:
 // 1. [obtain firefox source code]
 // 2. [build/obtain firefox binaries]
 // 3. run `[path to]/run-mozilla.sh [path to]/xpcshell \
 //                                  [path to]/getHSTSPreloadlist.js \
 //                                  [absolute path to]/nsSTSPreloadlist.inc'
 // Note: Running this file outputs a new nsSTSPreloadlist.inc in the current
--- a/security/manager/tools/makeCNNICHashes.js
+++ b/security/manager/tools/makeCNNICHashes.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 // How to run this file:
 // 1. [obtain CNNIC-issued certificates to be whitelisted]
 // 2. [obtain firefox source code]
 // 3. [build/obtain firefox binaries]
 // 4. run `[path to]/run-mozilla.sh [path to]/xpcshell makeCNNICHashes.js \
 //                                  [path to]/intermediatesFile
 //                                  [path to]/certlist'