Bug 913734 - Remove now-unused policy machinery. r=mrbkap
authorBobby Holley <bobbyholley@gmail.com>
Fri, 13 Dec 2013 19:15:43 -0800
changeset 160495 4df87ccf0f5d6e6e54844aade43f1eb210fdbbe5
parent 160494 6c4dd8d796c672109929405770246a8acb40188f
child 160496 4dcc22e19dee436d6aa010fd14c3c3b8ef7ace4c
push id25834
push userphilringnalda@gmail.com
push dateSun, 15 Dec 2013 02:20:53 +0000
treeherdermozilla-central@9fcc6330dc69 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmrbkap
bugs913734
milestone29.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 913734 - Remove now-unused policy machinery. r=mrbkap
caps/idl/nsIPrincipal.idl
caps/include/nsPrincipal.h
caps/include/nsScriptSecurityManager.h
caps/src/nsNullPrincipal.cpp
caps/src/nsPrincipal.cpp
caps/src/nsScriptSecurityManager.cpp
caps/src/nsSystemPrincipal.cpp
modules/libpref/src/init/all.js
--- a/caps/idl/nsIPrincipal.idl
+++ b/caps/idl/nsIPrincipal.idl
@@ -15,17 +15,17 @@ struct JSPrincipals;
 
 interface nsIURI;
 interface nsIContentSecurityPolicy;
 
 [ptr] native JSContext(JSContext);
 [ptr] native JSPrincipals(JSPrincipals);
 [ptr] native PrincipalArray(nsTArray<nsCOMPtr<nsIPrincipal> >);
 
-[scriptable, builtinclass, uuid(551bf53d-203c-4ac4-8c0b-40aa7b5f1ad6)]
+[scriptable, builtinclass, uuid(f09d8a53-a6c8-4f68-b329-9a76a709d24e)]
 interface nsIPrincipal : nsISerializable
 {
     /**
      * Returns whether the other principal is equivalent to this principal.
      * Principals are considered equal if they are the same principal, or
      * they have the same origin.
      */
     boolean equals(in nsIPrincipal other);
@@ -48,31 +48,16 @@ interface nsIPrincipal : nsISerializable
     %}
 
     /**
      * Returns a hash value for the principal.
      */
     [noscript] readonly attribute unsigned long hashValue;
 
     /**
-     * The domain security policy of the principal.
-     */
-    // XXXcaa should this be here?  The script security manager is the only
-    // thing that should care about this.  Wouldn't storing this data in one
-    // of the hashtables in nsScriptSecurityManager be better?
-    // XXXbz why is this writable?  Who should have write access to this?  What
-    // happens if this principal is in our hashtable and we pass it out of the
-    // security manager and someone writes to this field?  Especially if they
-    // write garbage?  If we need to give someone other than the security
-    // manager a way to set this (which I question, since it can increase the
-    // permissions of a page) it should be a |void clearSecurityPolicy()|
-    // method.
-    [noscript] attribute voidPtr securityPolicy;
-
-    /**
      * The codebase URI to which this principal pertains.  This is
      * generally the document URI.
      */
     readonly attribute nsIURI URI;
 
     /**
      * The domain URI to which this principal pertains.
      * This is congruent with HTMLDocument.domain, and may be null.
--- a/caps/include/nsPrincipal.h
+++ b/caps/include/nsPrincipal.h
@@ -13,45 +13,40 @@
 #include "nsTArray.h"
 #include "nsAutoPtr.h"
 #include "nsIProtocolHandler.h"
 #include "nsNetUtil.h"
 #include "nsScriptSecurityManager.h"
 
 class nsIObjectInputStream;
 class nsIObjectOutputStream;
-class DomainPolicy; 
 
 class nsBasePrincipal : public nsJSPrincipals
 {
 public:
   nsBasePrincipal();
 
 protected:
   virtual ~nsBasePrincipal();
 
 public:
   NS_IMETHOD_(nsrefcnt) AddRef(void);
   NS_IMETHOD_(nsrefcnt) Release(void);
-  NS_IMETHOD GetSecurityPolicy(void** aSecurityPolicy);
-  NS_IMETHOD SetSecurityPolicy(void* aSecurityPolicy);
   NS_IMETHOD GetCsp(nsIContentSecurityPolicy** aCsp);
   NS_IMETHOD SetCsp(nsIContentSecurityPolicy* aCsp);
 public:
 
   static const char sInvalid[];
 
 protected:
 
 #ifdef DEBUG
   virtual void dumpImpl() = 0;
 #endif
 
-  DomainPolicy* mSecurityPolicy;
-
   nsCOMPtr<nsIContentSecurityPolicy> mCSP;
 };
 
 class nsPrincipal : public nsBasePrincipal
 {
 public:
   NS_DECL_ISUPPORTS_INHERITED
   NS_DECL_NSISERIALIZABLE
--- a/caps/include/nsScriptSecurityManager.h
+++ b/caps/include/nsScriptSecurityManager.h
@@ -23,276 +23,17 @@
 #include <stdint.h>
 
 class nsIDocShell;
 class nsString;
 class nsIClassInfo;
 class nsIIOService;
 class nsIStringBundle;
 class nsSystemPrincipal;
-struct ClassPolicy;
 class ClassInfoData;
-class DomainPolicy;
-
-/////////////////////
-// PrincipalKey //
-/////////////////////
-
-class PrincipalKey : public PLDHashEntryHdr
-{
-public:
-    typedef const nsIPrincipal* KeyType;
-    typedef const nsIPrincipal* KeyTypePointer;
-
-    PrincipalKey(const nsIPrincipal* key)
-      : mKey(const_cast<nsIPrincipal*>(key))
-    {
-    }
-
-    PrincipalKey(const PrincipalKey& toCopy)
-      : mKey(toCopy.mKey)
-    {
-    } 
-
-    ~PrincipalKey()
-    {
-    }
-
-    KeyType GetKey() const
-    {
-        return mKey;
-    }
-
-    bool KeyEquals(KeyTypePointer aKey) const
-    {
-        bool eq;
-        mKey->Equals(const_cast<nsIPrincipal*>(aKey),
-                     &eq);
-        return eq;
-    }
-
-    static KeyTypePointer KeyToPointer(KeyType aKey)
-    {
-        return aKey;
-    }
-
-    static PLDHashNumber HashKey(KeyTypePointer aKey)
-    {
-        uint32_t hash;
-        const_cast<nsIPrincipal*>(aKey)->GetHashValue(&hash);
-        return PLDHashNumber(hash);
-    }
-
-    enum { ALLOW_MEMMOVE = true };
-
-private:
-    nsCOMPtr<nsIPrincipal> mKey;
-};
-
-////////////////////
-// Policy Storage //
-////////////////////
-
-// Property Policy
-union SecurityLevel
-{
-    intptr_t   level;
-    char*      capability;
-};
-
-// Security levels
-// These values all have the low bit set (except UNDEFINED_ACCESS)
-// to distinguish them from pointer values, because no pointer
-// to allocated memory ever has the low bit set. A SecurityLevel
-// contains either one of these constants or a pointer to a string
-// representing the name of a capability.
-
-#define SCRIPT_SECURITY_UNDEFINED_ACCESS 0
-#define SCRIPT_SECURITY_ACCESS_IS_SET_BIT 1
-#define SCRIPT_SECURITY_NO_ACCESS \
-  ((1 << 0) | SCRIPT_SECURITY_ACCESS_IS_SET_BIT)
-#define SCRIPT_SECURITY_SAME_ORIGIN_ACCESS \
-  ((1 << 1) | SCRIPT_SECURITY_ACCESS_IS_SET_BIT)
-#define SCRIPT_SECURITY_ALL_ACCESS \
-  ((1 << 2) | SCRIPT_SECURITY_ACCESS_IS_SET_BIT)
-
-#define SECURITY_ACCESS_LEVEL_FLAG(_sl) \
-           ((_sl.level == 0) || \
-            (_sl.level & SCRIPT_SECURITY_ACCESS_IS_SET_BIT))
-
-
-struct PropertyPolicy : public PLDHashEntryHdr
-{
-    JSString       *key;  // interned string
-    SecurityLevel  mGet;
-    SecurityLevel  mSet;
-};
-
-static bool
-InitPropertyPolicyEntry(PLDHashTable *table,
-                     PLDHashEntryHdr *entry,
-                     const void *key)
-{
-    PropertyPolicy* pp = (PropertyPolicy*)entry;
-    pp->key = (JSString *)key;
-    pp->mGet.level = SCRIPT_SECURITY_UNDEFINED_ACCESS;
-    pp->mSet.level = SCRIPT_SECURITY_UNDEFINED_ACCESS;
-    return true;
-}
-
-static void
-ClearPropertyPolicyEntry(PLDHashTable *table, PLDHashEntryHdr *entry)
-{
-    PropertyPolicy* pp = (PropertyPolicy*)entry;
-    pp->key = nullptr;
-}
-
-// Class Policy
-#define NO_POLICY_FOR_CLASS (ClassPolicy*)1
-
-struct ClassPolicy : public PLDHashEntryHdr
-{
-    char* key;
-    PLDHashTable* mPolicy;
-
-    // Note: the DomainPolicy owns us, so if if dies we will too.  Hence no
-    // need to refcount it here (and in fact, we'd probably leak if we tried).
-    DomainPolicy* mDomainWeAreWildcardFor;
-};
-
-static void
-ClearClassPolicyEntry(PLDHashTable *table, PLDHashEntryHdr *entry)
-{
-    ClassPolicy* cp = (ClassPolicy *)entry;
-    if (cp->key)
-    {
-        PL_strfree(cp->key);
-        cp->key = nullptr;
-    }
-    PL_DHashTableDestroy(cp->mPolicy);
-}
-
-// Note: actual impl is going to be after the DomainPolicy class definition,
-// since we need to access members of DomainPolicy in the impl
-static void
-MoveClassPolicyEntry(PLDHashTable *table,
-                     const PLDHashEntryHdr *from,
-                     PLDHashEntryHdr *to);
-
-static bool
-InitClassPolicyEntry(PLDHashTable *table,
-                     PLDHashEntryHdr *entry,
-                     const void *key)
-{
-    static PLDHashTableOps classPolicyOps =
-    {
-        PL_DHashAllocTable,
-        PL_DHashFreeTable,
-        PL_DHashVoidPtrKeyStub,
-        PL_DHashMatchEntryStub,
-        PL_DHashMoveEntryStub,
-        ClearPropertyPolicyEntry,
-        PL_DHashFinalizeStub,
-        InitPropertyPolicyEntry
-    };
-
-    ClassPolicy* cp = (ClassPolicy*)entry;
-    cp->mDomainWeAreWildcardFor = nullptr;
-    cp->key = PL_strdup((const char*)key);
-    if (!cp->key)
-        return false;
-    cp->mPolicy = PL_NewDHashTable(&classPolicyOps, nullptr,
-                                   sizeof(PropertyPolicy), 16);
-    if (!cp->mPolicy) {
-        PL_strfree(cp->key);
-        cp->key = nullptr;
-        return false;
-    }
-    return true;
-}
-
-// Domain Policy
-class DomainPolicy : public PLDHashTable
-{
-public:
-    DomainPolicy() : mWildcardPolicy(nullptr),
-                     mRefCount(0)
-    {
-        mGeneration = sGeneration;
-    }
-
-    bool Init()
-    {
-        static const PLDHashTableOps domainPolicyOps =
-        {
-            PL_DHashAllocTable,
-            PL_DHashFreeTable,
-            PL_DHashStringKey,
-            PL_DHashMatchStringKey,
-            MoveClassPolicyEntry,
-            ClearClassPolicyEntry,
-            PL_DHashFinalizeStub,
-            InitClassPolicyEntry
-        };
-
-        return PL_DHashTableInit(this, &domainPolicyOps, nullptr,
-                                 sizeof(ClassPolicy), 16);
-    }
-
-    ~DomainPolicy()
-    {
-        PL_DHashTableFinish(this);
-        NS_ASSERTION(mRefCount == 0, "Wrong refcount in DomainPolicy dtor");
-    }
-
-    void Hold()
-    {
-        mRefCount++;
-    }
-
-    void Drop()
-    {
-        if (--mRefCount == 0)
-            delete this;
-    }
-    
-    static void InvalidateAll()
-    {
-        sGeneration++;
-    }
-    
-    bool IsInvalid()
-    {
-        return mGeneration != sGeneration; 
-    }
-    
-    ClassPolicy* mWildcardPolicy;
-
-private:
-    uint32_t mRefCount;
-    uint32_t mGeneration;
-    static uint32_t sGeneration;
-};
-
-static void
-MoveClassPolicyEntry(PLDHashTable *table,
-                     const PLDHashEntryHdr *from,
-                     PLDHashEntryHdr *to)
-{
-    memcpy(to, from, table->entrySize);
-
-    // Now update the mDefaultPolicy pointer that points to us, if any.
-    ClassPolicy* cp = static_cast<ClassPolicy*>(to);
-    if (cp->mDomainWeAreWildcardFor) {
-        NS_ASSERTION(cp->mDomainWeAreWildcardFor->mWildcardPolicy ==
-                     static_cast<const ClassPolicy*>(from),
-                     "Unexpected wildcard policy on mDomainWeAreWildcardFor");
-        cp->mDomainWeAreWildcardFor->mWildcardPolicy = cp;
-    }
-}
 
 /////////////////////////////
 // nsScriptSecurityManager //
 /////////////////////////////
 #define NS_SCRIPTSECURITYMANAGER_CID \
 { 0x7ee2a4c0, 0x4b93, 0x17d3, \
 { 0xba, 0x18, 0x00, 0x60, 0xb0, 0xf1, 0x99, 0xa2 }}
 
@@ -399,23 +140,16 @@ private:
                             const char* aClassName, jsid aProperty);
 
     nsresult
     CheckSameOriginDOMProp(nsIPrincipal* aSubject, 
                            nsIPrincipal* aObject,
                            uint32_t aAction);
 
     nsresult
-    LookupPolicy(nsIPrincipal* principal,
-                 ClassInfoData& aClassData,
-                 JS::Handle<jsid> aProperty,
-                 uint32_t aAction,
-                 SecurityLevel* result);
-
-    nsresult
     GetCodebasePrincipalInternal(nsIURI* aURI, uint32_t aAppId,
                                  bool aInMozBrowser,
                                  nsIPrincipal** result);
 
     nsresult
     CreateCodebasePrincipal(nsIURI* aURI, uint32_t aAppId, bool aInMozBrowser,
                             nsIPrincipal** result);
 
@@ -463,34 +197,22 @@ private:
                         const char* aObjectSecurityLevel);
 
     nsresult
     Init();
 
     nsresult
     InitPrefs();
 
-    nsresult
-    InitPolicies();
-
-    nsresult
-    InitDomainPolicy(JSContext* cx, const char* aPolicyName,
-                     DomainPolicy* aDomainPolicy);
-
     inline void
     ScriptSecurityPrefChanged();
 
-    nsObjectHashtable* mOriginToPolicyMap;
-    DomainPolicy* mDefaultPolicy;
-    nsObjectHashtable* mCapabilities;
-
     nsCOMPtr<nsIPrincipal> mSystemPrincipal;
     bool mPrefInitialized;
     bool mIsJavaScriptEnabled;
-    bool mPolicyPrefsChanged;
 
     // This machinery controls new-style domain policies. The old-style
     // policy machinery will be removed soon.
     nsCOMPtr<nsIDomainPolicy> mDomainPolicy;
 
     static bool sStrictFileOriginPolicy;
 
     static nsIIOService    *sIOService;
--- a/caps/src/nsNullPrincipal.cpp
+++ b/caps/src/nsNullPrincipal.cpp
@@ -141,39 +141,16 @@ nsNullPrincipal::EqualsIgnoringDomain(ns
 
 NS_IMETHODIMP
 nsNullPrincipal::GetHashValue(uint32_t *aResult)
 {
   *aResult = (NS_PTR_TO_INT32(this) >> 2);
   return NS_OK;
 }
 
-NS_IMETHODIMP
-nsNullPrincipal::GetSecurityPolicy(void** aSecurityPolicy)
-{
-  // Leftover from old security model, a "security policy" is a set of
-  // rules for property access that can override the SOP. Policies are
-  // associated with origins and since nsNullPinricipals never get the
-  // same origin twice, it's not possible to specify a "security
-  // policy" for it.  Hence, we do not cache the security policy.
-  *aSecurityPolicy = nullptr;
-  return NS_OK;
-}
-
-NS_IMETHODIMP
-nsNullPrincipal::SetSecurityPolicy(void* aSecurityPolicy)
-{
-  // Leftover from old security model, a "security policy" is a set of
-  // rules for property access that can override the SOP. Policies are
-  // associated with origins and since nsNullPinricipals never get the
-  // same origin twice, it's not possible to specify a "security
-  // policy" for it.  Hence, we do not cache the security policy.
-  return NS_OK;
-}
-
 NS_IMETHODIMP 
 nsNullPrincipal::GetURI(nsIURI** aURI)
 {
   return NS_EnsureSafeToReturn(mURI, aURI);
 }
 
 NS_IMETHODIMP
 nsNullPrincipal::GetCsp(nsIContentSecurityPolicy** aCsp)
--- a/caps/src/nsPrincipal.cpp
+++ b/caps/src/nsPrincipal.cpp
@@ -64,56 +64,31 @@ nsBasePrincipal::Release()
   NS_LOG_RELEASE(this, count, "nsBasePrincipal");
   if (count == 0) {
     delete this;
   }
 
   return count;
 }
 
-nsBasePrincipal::nsBasePrincipal() : mSecurityPolicy(nullptr)
+nsBasePrincipal::nsBasePrincipal()
 {
   if (!gIsObservingCodeBasePrincipalSupport) {
     nsresult rv =
       Preferences::AddBoolVarCache(&gCodeBasePrincipalSupport,
                                    "signed.applets.codebase_principal_support",
                                    false);
     gIsObservingCodeBasePrincipalSupport = NS_SUCCEEDED(rv);
     NS_WARN_IF_FALSE(gIsObservingCodeBasePrincipalSupport,
                      "Installing gCodeBasePrincipalSupport failed!");
   }
 }
 
 nsBasePrincipal::~nsBasePrincipal(void)
 {
-  SetSecurityPolicy(nullptr); 
-}
-
-NS_IMETHODIMP
-nsBasePrincipal::GetSecurityPolicy(void** aSecurityPolicy)
-{
-  if (mSecurityPolicy && mSecurityPolicy->IsInvalid()) 
-    SetSecurityPolicy(nullptr);
-  
-  *aSecurityPolicy = (void *) mSecurityPolicy;
-  return NS_OK;
-}
-
-NS_IMETHODIMP
-nsBasePrincipal::SetSecurityPolicy(void* aSecurityPolicy)
-{
-  DomainPolicy *newPolicy = reinterpret_cast<DomainPolicy *>(aSecurityPolicy);
-  if (newPolicy)
-    newPolicy->Hold();
- 
-  if (mSecurityPolicy)
-    mSecurityPolicy->Drop();
-  
-  mSecurityPolicy = newPolicy;
-  return NS_OK;
 }
 
 NS_IMETHODIMP
 nsBasePrincipal::GetCsp(nsIContentSecurityPolicy** aCsp)
 {
   NS_IF_ADDREF(*aCsp = mCSP);
   return NS_OK;
 }
@@ -401,19 +376,16 @@ nsPrincipal::GetDomain(nsIURI** aDomain)
 }
 
 NS_IMETHODIMP
 nsPrincipal::SetDomain(nsIURI* aDomain)
 {
   mDomain = NS_TryToMakeImmutable(aDomain);
   mDomainImmutable = URIIsImmutable(mDomain);
 
-  // Domain has changed, forget cached security policy
-  SetSecurityPolicy(nullptr);
-
   // Recompute all wrappers between compartments using this principal and other
   // non-chrome compartments.
   AutoSafeJSContext cx;
   JSPrincipals *principals = nsJSPrincipals::get(static_cast<nsIPrincipal*>(this));
   bool success = js::RecomputeWrappers(cx, js::ContentCompartmentsOnly(),
                                        js::CompartmentsWithPrincipals(principals));
   NS_ENSURE_TRUE(success, NS_ERROR_FAILURE);
   success = js::RecomputeWrappers(cx, js::CompartmentsWithPrincipals(principals),
@@ -527,20 +499,16 @@ nsPrincipal::Read(nsIObjectInputStream* 
   return NS_OK;
 }
 
 NS_IMETHODIMP
 nsPrincipal::Write(nsIObjectOutputStream* aStream)
 {
   NS_ENSURE_STATE(mCodebase);
 
-  // mSecurityPolicy is an optimization; it'll get looked up again as needed.
-  // Don't bother saving and restoring it, esp. since it might change if
-  // preferences change.
-
   nsresult rv = NS_WriteOptionalCompoundObject(aStream, mCodebase, NS_GET_IID(nsIURI),
                                                true);
   if (NS_FAILED(rv)) {
     return rv;
   }
 
   rv = NS_WriteOptionalCompoundObject(aStream, mDomain, NS_GET_IID(nsIURI),
                                       true);
--- a/caps/src/nsScriptSecurityManager.cpp
+++ b/caps/src/nsScriptSecurityManager.cpp
@@ -190,19 +190,16 @@ inline void SetPendingException(JSContex
     JS_ReportError(cx, "%s", aMsg);
 }
 
 inline void SetPendingException(JSContext *cx, const PRUnichar *aMsg)
 {
     JS_ReportError(cx, "%hs", aMsg);
 }
 
-// DomainPolicy members
-uint32_t DomainPolicy::sGeneration = 0;
-
 // Helper class to get stuff from the ClassInfo and not waste extra time with
 // virtual method calls for things it has already gotten
 class ClassInfoData
 {
 public:
     ClassInfoData(nsIClassInfo *aClassInfo, const char *aName)
         : mClassInfo(aClassInfo),
           mName(const_cast<char *>(aName)),
@@ -343,81 +340,16 @@ nsScriptSecurityManager::GetCxSubjectPri
     nsresult rv = NS_ERROR_FAILURE;
     nsIPrincipal *principal = GetSubjectPrincipal(cx, &rv);
     if (NS_FAILED(rv))
         return nullptr;
 
     return principal;
 }
 
-////////////////////
-// Policy Storage //
-////////////////////
-
-// Table of security levels
-static bool
-DeleteCapability(nsHashKey *aKey, void *aData, void* closure)
-{
-    NS_Free(aData);
-    return true;
-}
-
-//-- Per-Domain Policy - applies to one or more protocols or hosts
-struct DomainEntry
-{
-    DomainEntry(const char* aOrigin,
-                DomainPolicy* aDomainPolicy) : mOrigin(aOrigin),
-                                               mDomainPolicy(aDomainPolicy),
-                                               mNext(nullptr)
-    {
-        mDomainPolicy->Hold();
-    }
-
-    ~DomainEntry()
-    {
-        mDomainPolicy->Drop();
-    }
-
-    bool Matches(const char *anOrigin)
-    {
-        int len = strlen(anOrigin);
-        int thisLen = mOrigin.Length();
-        if (len < thisLen)
-            return false;
-        if (mOrigin.RFindChar(':', thisLen-1, 1) != -1)
-        //-- Policy applies to all URLs of this scheme, compare scheme only
-            return mOrigin.EqualsIgnoreCase(anOrigin, thisLen);
-
-        //-- Policy applies to a particular host; compare domains
-        if (!mOrigin.Equals(anOrigin + (len - thisLen)))
-            return false;
-        if (len == thisLen)
-            return true;
-        char charBefore = anOrigin[len-thisLen-1];
-        return (charBefore == '.' || charBefore == ':' || charBefore == '/');
-    }
-
-    nsCString         mOrigin;
-    DomainPolicy*     mDomainPolicy;
-    DomainEntry*      mNext;
-};
-
-static bool
-DeleteDomainEntry(nsHashKey *aKey, void *aData, void* closure)
-{
-    DomainEntry *entry = (DomainEntry*) aData;
-    do
-    {
-        DomainEntry *next = entry->mNext;
-        delete entry;
-        entry = next;
-    } while (entry);
-    return true;
-}
-
 /////////////////////////////
 // nsScriptSecurityManager //
 /////////////////////////////
 
 ////////////////////////////////////
 // Methods implementing ISupports //
 ////////////////////////////////////
 NS_IMPL_ISUPPORTS4(nsScriptSecurityManager,
@@ -952,196 +884,16 @@ nsScriptSecurityManager::CheckSameOrigin
         return NS_ERROR_DOM_PROP_ACCESS_DENIED;
 
     /*
     ** Access tests failed, so now report error.
     */
     return NS_ERROR_DOM_PROP_ACCESS_DENIED;
 }
 
-nsresult
-nsScriptSecurityManager::LookupPolicy(nsIPrincipal* aPrincipal,
-                                      ClassInfoData& aClassData,
-                                      JS::Handle<jsid> aProperty,
-                                      uint32_t aAction,
-                                      SecurityLevel* result)
-{
-    AutoJSContext cx;
-    nsresult rv;
-    JS::RootedId property(cx, aProperty);
-    result->level = SCRIPT_SECURITY_UNDEFINED_ACCESS;
-
-    DomainPolicy* dpolicy = nullptr;
-    //-- Initialize policies if necessary
-    if (mPolicyPrefsChanged)
-    {
-        if (!mPrefInitialized) {
-            rv = InitPrefs();
-            NS_ENSURE_SUCCESS(rv, rv);
-        }
-        rv = InitPolicies();
-        if (NS_FAILED(rv))
-            return rv;
-    }
-    else
-    {
-        aPrincipal->GetSecurityPolicy((void**)&dpolicy);
-    }
-
-    if (!dpolicy && mOriginToPolicyMap)
-    {
-        //-- Look up the relevant domain policy, if any
-        if (nsCOMPtr<nsIExpandedPrincipal> exp = do_QueryInterface(aPrincipal)) 
-        {
-            // For expanded principals domain origin is not defined so let's just
-            // use the default policy
-            dpolicy = mDefaultPolicy;
-        }
-        else
-        {
-            nsAutoCString origin;
-            rv = GetPrincipalDomainOrigin(aPrincipal, origin);
-            NS_ENSURE_SUCCESS(rv, rv);
- 
-            char *start = origin.BeginWriting();
-            const char *nextToLastDot = nullptr;
-            const char *lastDot = nullptr;
-            const char *colon = nullptr;
-            char *p = start;
-
-            //-- search domain (stop at the end of the string or at the 3rd slash)
-            for (uint32_t slashes=0; *p; p++)
-            {
-                if (*p == '/' && ++slashes == 3) 
-                {
-                    *p = '\0'; // truncate at 3rd slash
-                    break;
-                }
-                if (*p == '.')
-                {
-                    nextToLastDot = lastDot;
-                    lastDot = p;
-                } 
-                else if (!colon && *p == ':')
-                    colon = p;
-            }
-
-            nsCStringKey key(nextToLastDot ? nextToLastDot+1 : start);
-            DomainEntry *de = (DomainEntry*) mOriginToPolicyMap->Get(&key);
-            if (!de)
-            {
-                nsAutoCString scheme(start, colon-start+1);
-                nsCStringKey schemeKey(scheme);
-                de = (DomainEntry*) mOriginToPolicyMap->Get(&schemeKey);
-            }
-
-            while (de)
-            {
-                if (de->Matches(start))
-                {
-                    dpolicy = de->mDomainPolicy;
-                    break;
-                }
-                de = de->mNext;
-            }
-
-            if (!dpolicy)
-                dpolicy = mDefaultPolicy;
-        }
-
-        aPrincipal->SetSecurityPolicy((void*)dpolicy);
-    }
-
-    ClassPolicy* cpolicy = static_cast<ClassPolicy*>
-                             (PL_DHashTableOperate(dpolicy,
-                                                      aClassData.GetName(),
-                                                      PL_DHASH_LOOKUP));
-
-    if (PL_DHASH_ENTRY_IS_FREE(cpolicy))
-        cpolicy = NO_POLICY_FOR_CLASS;
-
-    NS_ASSERTION(JSID_IS_INT(property) || JSID_IS_OBJECT(property) ||
-                 JSID_IS_STRING(property), "Property must be a valid id");
-
-    // Only atomized strings are stored in the policies' hash tables.
-    if (!JSID_IS_STRING(property))
-        return NS_OK;
-
-    JS::RootedString propertyKey(cx, JSID_TO_STRING(property));
-
-    // We look for a PropertyPolicy in the following places:
-    // 1)  The ClassPolicy for our class we got from our DomainPolicy
-    // 2)  The mWildcardPolicy of our DomainPolicy
-    // 3)  The ClassPolicy for our class we got from mDefaultPolicy
-    // 4)  The mWildcardPolicy of our mDefaultPolicy
-    PropertyPolicy* ppolicy = nullptr;
-    if (cpolicy != NO_POLICY_FOR_CLASS)
-    {
-        ppolicy = static_cast<PropertyPolicy*>
-                             (PL_DHashTableOperate(cpolicy->mPolicy,
-                                                      propertyKey,
-                                                      PL_DHASH_LOOKUP));
-    }
-
-    // If there is no class policy for this property, and we have a wildcard
-    // policy, try that.
-    if (dpolicy->mWildcardPolicy &&
-        (!ppolicy || PL_DHASH_ENTRY_IS_FREE(ppolicy)))
-    {
-        ppolicy =
-            static_cast<PropertyPolicy*>
-                       (PL_DHashTableOperate(dpolicy->mWildcardPolicy->mPolicy,
-                                                propertyKey,
-                                                PL_DHASH_LOOKUP));
-    }
-
-    // If dpolicy is not the defauly policy and there's no class or wildcard
-    // policy for this property, check the default policy for this class and
-    // the default wildcard policy
-    if (dpolicy != mDefaultPolicy &&
-        (!ppolicy || PL_DHASH_ENTRY_IS_FREE(ppolicy)))
-    {
-        cpolicy = static_cast<ClassPolicy*>
-                             (PL_DHashTableOperate(mDefaultPolicy,
-                                                      aClassData.GetName(),
-                                                      PL_DHASH_LOOKUP));
-
-        if (PL_DHASH_ENTRY_IS_BUSY(cpolicy))
-        {
-            ppolicy =
-                static_cast<PropertyPolicy*>
-                           (PL_DHashTableOperate(cpolicy->mPolicy,
-                                                    propertyKey,
-                                                    PL_DHASH_LOOKUP));
-        }
-
-        if ((!ppolicy || PL_DHASH_ENTRY_IS_FREE(ppolicy)) &&
-            mDefaultPolicy->mWildcardPolicy)
-        {
-            ppolicy =
-              static_cast<PropertyPolicy*>
-                         (PL_DHashTableOperate(mDefaultPolicy->mWildcardPolicy->mPolicy,
-                                                  propertyKey,
-                                                  PL_DHASH_LOOKUP));
-        }
-    }
-
-    if (!ppolicy || PL_DHASH_ENTRY_IS_FREE(ppolicy))
-        return NS_OK;
-
-    // Get the correct security level from the property policy
-    if (aAction == nsIXPCSecurityManager::ACCESS_SET_PROPERTY)
-        *result = ppolicy->mSet;
-    else
-        *result = ppolicy->mGet;
-
-    return NS_OK;
-}
-
-
 NS_IMETHODIMP
 nsScriptSecurityManager::CheckLoadURIFromScript(JSContext *cx, nsIURI *aURI)
 {
     // Get principal of currently executing script.
     nsresult rv;
     nsIPrincipal* principal = GetSubjectPrincipal(cx, &rv);
     if (NS_FAILED(rv))
         return rv;
@@ -1980,22 +1732,20 @@ nsScriptSecurityManager::AsyncOnChannelR
 
 
 /////////////////////////////////////
 // Method implementing nsIObserver //
 /////////////////////////////////////
 const char sJSEnabledPrefName[] = "javascript.enabled";
 const char sFileOriginPolicyPrefName[] =
     "security.fileuri.strict_origin_policy";
-static const char sPolicyPrefix[] = "capability.policy.";
 
 static const char* kObservedPrefs[] = {
   sJSEnabledPrefName,
   sFileOriginPolicyPrefName,
-  sPolicyPrefix,
   nullptr
 };
 
 
 NS_IMETHODIMP
 nsScriptSecurityManager::Observe(nsISupports* aObject, const char* aTopic,
                                  const PRUnichar* aMessage)
 {
@@ -2005,34 +1755,25 @@ nsScriptSecurityManager::Observe(nsISupp
 
     static const char jsPrefix[] = "javascript.";
     static const char securityPrefix[] = "security.";
     if ((PL_strncmp(message, jsPrefix, sizeof(jsPrefix)-1) == 0) ||
         (PL_strncmp(message, securityPrefix, sizeof(securityPrefix)-1) == 0) )
     {
         ScriptSecurityPrefChanged();
     }
-    else if (PL_strncmp(message, sPolicyPrefix, sizeof(sPolicyPrefix)-1) == 0)
-    {
-        // This will force re-initialization of the pref table
-        mPolicyPrefsChanged = true;
-    }
     return rv;
 }
 
 /////////////////////////////////////////////
 // Constructor, Destructor, Initialization //
 /////////////////////////////////////////////
 nsScriptSecurityManager::nsScriptSecurityManager(void)
-    : mOriginToPolicyMap(nullptr),
-      mDefaultPolicy(nullptr),
-      mCapabilities(nullptr),
-      mPrefInitialized(false),
-      mIsJavaScriptEnabled(false),
-      mPolicyPrefsChanged(true)
+    : mPrefInitialized(false)
+    , mIsJavaScriptEnabled(false)
 {
     static_assert(sizeof(intptr_t) == sizeof(void*),
                   "intptr_t and void* have different lengths on this platform. "
                   "This may cause a security failure with the SecurityLevel union.");
 }
 
 nsresult nsScriptSecurityManager::Init()
 {
@@ -2074,20 +1815,16 @@ nsresult nsScriptSecurityManager::Init()
     return NS_OK;
 }
 
 static StaticRefPtr<nsScriptSecurityManager> gScriptSecMan;
 
 nsScriptSecurityManager::~nsScriptSecurityManager(void)
 {
     Preferences::RemoveObservers(this, kObservedPrefs);
-    delete mOriginToPolicyMap;
-    if(mDefaultPolicy)
-        mDefaultPolicy->Drop();
-    delete mCapabilities;
     if (mDomainPolicy)
         mDomainPolicy->Deactivate();
     MOZ_ASSERT(!mDomainPolicy);
 }
 
 void
 nsScriptSecurityManager::Shutdown()
 {
@@ -2135,304 +1872,16 @@ nsSystemPrincipal *
 nsScriptSecurityManager::SystemPrincipalSingletonConstructor()
 {
     nsIPrincipal *sysprin = nullptr;
     if (gScriptSecMan)
         NS_ADDREF(sysprin = gScriptSecMan->mSystemPrincipal);
     return static_cast<nsSystemPrincipal*>(sysprin);
 }
 
-nsresult
-nsScriptSecurityManager::InitPolicies()
-{
-    //-- Clear mOriginToPolicyMap: delete mapped DomainEntry items,
-    //-- whose dtor decrements refcount of stored DomainPolicy object
-    delete mOriginToPolicyMap;
-    
-    //-- Marks all the survivor DomainPolicy objects (those cached
-    //-- by nsPrincipal objects) as invalid: they will be released
-    //-- on first nsPrincipal::GetSecurityPolicy() attempt.
-    DomainPolicy::InvalidateAll();
-    
-    //-- Release old default policy
-    if(mDefaultPolicy) {
-        mDefaultPolicy->Drop();
-        mDefaultPolicy = nullptr;
-    }
-    
-    //-- Initialize a new mOriginToPolicyMap
-    mOriginToPolicyMap =
-      new nsObjectHashtable(nullptr, nullptr, DeleteDomainEntry, nullptr);
-    if (!mOriginToPolicyMap)
-        return NS_ERROR_OUT_OF_MEMORY;
-
-    //-- Create, refcount and initialize a new default policy 
-    mDefaultPolicy = new DomainPolicy();
-    if (!mDefaultPolicy)
-        return NS_ERROR_OUT_OF_MEMORY;
-
-    mDefaultPolicy->Hold();
-    if (!mDefaultPolicy->Init())
-        return NS_ERROR_UNEXPECTED;
-
-    //-- Initialize the table of security levels
-    if (!mCapabilities)
-    {
-        mCapabilities = 
-          new nsObjectHashtable(nullptr, nullptr, DeleteCapability, nullptr);
-        if (!mCapabilities)
-            return NS_ERROR_OUT_OF_MEMORY;
-    }
-
-    // Get a JS context - we need it to create internalized strings later.
-    AutoSafeJSContext cx;
-    nsresult rv = InitDomainPolicy(cx, "default", mDefaultPolicy);
-    NS_ENSURE_SUCCESS(rv, rv);
-
-    nsAdoptingCString policyNames =
-        Preferences::GetCString("capability.policy.policynames");
-
-    nsAdoptingCString defaultPolicyNames =
-        Preferences::GetCString("capability.policy.default_policynames");
-    policyNames += NS_LITERAL_CSTRING(" ") + defaultPolicyNames;
-
-    //-- Initialize domain policies
-    char* policyCurrent = policyNames.BeginWriting();
-    bool morePolicies = true;
-    while (morePolicies)
-    {
-        while(*policyCurrent == ' ' || *policyCurrent == ',')
-            policyCurrent++;
-        if (*policyCurrent == '\0')
-            break;
-        char* nameBegin = policyCurrent;
-
-        while(*policyCurrent != '\0' && *policyCurrent != ' ' && *policyCurrent != ',')
-            policyCurrent++;
-
-        morePolicies = (*policyCurrent != '\0');
-        *policyCurrent = '\0';
-        policyCurrent++;
-
-        nsAutoCString sitesPrefName(
-            NS_LITERAL_CSTRING(sPolicyPrefix) +
-            nsDependentCString(nameBegin) +
-            NS_LITERAL_CSTRING(".sites"));
-        nsAdoptingCString domainList =
-            Preferences::GetCString(sitesPrefName.get());
-        if (!domainList) {
-            continue;
-        }
-
-        DomainPolicy* domainPolicy = new DomainPolicy();
-        if (!domainPolicy)
-            return NS_ERROR_OUT_OF_MEMORY;
-
-        if (!domainPolicy->Init())
-        {
-            delete domainPolicy;
-            return NS_ERROR_UNEXPECTED;
-        }
-        domainPolicy->Hold();
-        //-- Parse list of sites and create an entry in mOriginToPolicyMap for each
-        char* domainStart = domainList.BeginWriting();
-        char* domainCurrent = domainStart;
-        char* lastDot = nullptr;
-        char* nextToLastDot = nullptr;
-        bool moreDomains = true;
-        while (moreDomains)
-        {
-            if (*domainCurrent == ' ' || *domainCurrent == '\0')
-            {
-                moreDomains = (*domainCurrent != '\0');
-                *domainCurrent = '\0';
-                nsCStringKey key(nextToLastDot ? nextToLastDot+1 : domainStart);
-                DomainEntry *newEntry = new DomainEntry(domainStart, domainPolicy);
-                if (!newEntry)
-                {
-                    domainPolicy->Drop();
-                    return NS_ERROR_OUT_OF_MEMORY;
-                }
-                DomainEntry *existingEntry = (DomainEntry *)
-                    mOriginToPolicyMap->Get(&key);
-                if (!existingEntry)
-                    mOriginToPolicyMap->Put(&key, newEntry);
-                else
-                {
-                    if (existingEntry->Matches(domainStart))
-                    {
-                        newEntry->mNext = existingEntry;
-                        mOriginToPolicyMap->Put(&key, newEntry);
-                    }
-                    else
-                    {
-                        while (existingEntry->mNext)
-                        {
-                            if (existingEntry->mNext->Matches(domainStart))
-                            {
-                                newEntry->mNext = existingEntry->mNext;
-                                existingEntry->mNext = newEntry;
-                                break;
-                            }
-                            existingEntry = existingEntry->mNext;
-                        }
-                        if (!existingEntry->mNext)
-                            existingEntry->mNext = newEntry;
-                    }
-                }
-                domainStart = domainCurrent + 1;
-                lastDot = nextToLastDot = nullptr;
-            }
-            else if (*domainCurrent == '.')
-            {
-                nextToLastDot = lastDot;
-                lastDot = domainCurrent;
-            }
-            domainCurrent++;
-        }
-
-        rv = InitDomainPolicy(cx, nameBegin, domainPolicy);
-        domainPolicy->Drop();
-        if (NS_FAILED(rv))
-            return rv;
-    }
-
-    // Reset the "dirty" flag
-    mPolicyPrefsChanged = false;
-
-    return NS_OK;
-}
-
-
-nsresult
-nsScriptSecurityManager::InitDomainPolicy(JSContext* cx,
-                                          const char* aPolicyName,
-                                          DomainPolicy* aDomainPolicy)
-{
-    nsresult rv;
-    nsAutoCString policyPrefix(NS_LITERAL_CSTRING(sPolicyPrefix) +
-                               nsDependentCString(aPolicyName) +
-                               NS_LITERAL_CSTRING("."));
-    uint32_t prefixLength = policyPrefix.Length() - 1; // subtract the '.'
-
-    uint32_t prefCount;
-    char** prefNames;
-    nsIPrefBranch* branch = Preferences::GetRootBranch();
-    NS_ASSERTION(branch, "failed to get the root pref branch");
-    rv = branch->GetChildList(policyPrefix.get(), &prefCount, &prefNames);
-    if (NS_FAILED(rv)) return rv;
-    if (prefCount == 0)
-        return NS_OK;
-
-    //-- Populate the policy
-    uint32_t currentPref = 0;
-    for (; currentPref < prefCount; currentPref++)
-    {
-        // Get the class name
-        const char* start = prefNames[currentPref] + prefixLength + 1;
-        char* end = PL_strchr(start, '.');
-        if (!end) // malformed pref, bail on this one
-            continue;
-        static const char sitesStr[] = "sites";
-
-        // We dealt with "sites" in InitPolicies(), so no need to do
-        // that again...
-        if (PL_strncmp(start, sitesStr, sizeof(sitesStr)-1) == 0)
-            continue;
-
-        // Get the pref value
-        nsAdoptingCString prefValue =
-            Preferences::GetCString(prefNames[currentPref]);
-        if (!prefValue) {
-            continue;
-        }
-
-        SecurityLevel secLevel;
-        if (PL_strcasecmp(prefValue, "noAccess") == 0)
-            secLevel.level = SCRIPT_SECURITY_NO_ACCESS;
-        else if (PL_strcasecmp(prefValue, "allAccess") == 0)
-            secLevel.level = SCRIPT_SECURITY_ALL_ACCESS;
-        else if (PL_strcasecmp(prefValue, "sameOrigin") == 0)
-            secLevel.level = SCRIPT_SECURITY_SAME_ORIGIN_ACCESS;
-        else 
-        {  //-- pref value is the name of a capability
-            nsCStringKey secLevelKey(prefValue);
-            secLevel.capability =
-                reinterpret_cast<char*>(mCapabilities->Get(&secLevelKey));
-            if (!secLevel.capability)
-            {
-                secLevel.capability = NS_strdup(prefValue);
-                if (!secLevel.capability)
-                    break;
-                mCapabilities->Put(&secLevelKey, 
-                                   secLevel.capability);
-            }
-        }
-
-        *end = '\0';
-        // Find or store this class in the classes table
-        ClassPolicy* cpolicy = 
-          static_cast<ClassPolicy*>
-                     (PL_DHashTableOperate(aDomainPolicy, start,
-                                              PL_DHASH_ADD));
-        if (!cpolicy)
-            break;
-
-        // If this is the wildcard class (class '*'), save it in mWildcardPolicy
-        // (we leave it stored in the hashtable too to take care of the cleanup)
-        if ((*start == '*') && (end == start + 1)) {
-            aDomainPolicy->mWildcardPolicy = cpolicy;
-
-            // Make sure that cpolicy knows about aDomainPolicy so it can reset
-            // the mWildcardPolicy pointer as needed if it gets moved in the
-            // hashtable.
-            cpolicy->mDomainWeAreWildcardFor = aDomainPolicy;
-        }
-
-        // Get the property name
-        start = end + 1;
-        end = PL_strchr(start, '.');
-        if (end)
-            *end = '\0';
-
-        JSString* propertyKey = ::JS_InternString(cx, start);
-        if (!propertyKey)
-            return NS_ERROR_OUT_OF_MEMORY;
-
-        // Store this property in the class policy
-        PropertyPolicy* ppolicy = 
-          static_cast<PropertyPolicy*>
-                     (PL_DHashTableOperate(cpolicy->mPolicy, propertyKey,
-                                              PL_DHASH_ADD));
-        if (!ppolicy)
-            break;
-
-        if (end) // The pref specifies an access mode
-        {
-            start = end + 1;
-            if (PL_strcasecmp(start, "set") == 0)
-                ppolicy->mSet = secLevel;
-            else
-                ppolicy->mGet = secLevel;
-        }
-        else
-        {
-            if (ppolicy->mGet.level == SCRIPT_SECURITY_UNDEFINED_ACCESS)
-                ppolicy->mGet = secLevel;
-            if (ppolicy->mSet.level == SCRIPT_SECURITY_UNDEFINED_ACCESS)
-                ppolicy->mSet = secLevel;
-        }
-    }
-
-    NS_FREE_XPCOM_ALLOCATED_POINTER_ARRAY(prefCount, prefNames);
-    if (currentPref < prefCount) // Loop exited early because of out-of-memory error
-        return NS_ERROR_OUT_OF_MEMORY;
-    return NS_OK;
-}
-
 inline void
 nsScriptSecurityManager::ScriptSecurityPrefChanged()
 {
     // JavaScript defaults to enabled in failure cases.
     mIsJavaScriptEnabled = true;
 
     sStrictFileOriginPolicy = true;
 
--- a/caps/src/nsSystemPrincipal.cpp
+++ b/caps/src/nsSystemPrincipal.cpp
@@ -148,29 +148,16 @@ nsSystemPrincipal::GetDomain(nsIURI** aD
 
 NS_IMETHODIMP
 nsSystemPrincipal::SetDomain(nsIURI* aDomain)
 {
   return NS_OK;
 }
 
 NS_IMETHODIMP
-nsSystemPrincipal::GetSecurityPolicy(void** aSecurityPolicy)
-{
-    *aSecurityPolicy = nullptr;
-    return NS_OK;
-}
-
-NS_IMETHODIMP
-nsSystemPrincipal::SetSecurityPolicy(void* aSecurityPolicy)
-{
-    return NS_OK;
-}
-
-NS_IMETHODIMP
 nsSystemPrincipal::GetJarPrefix(nsACString& aJarPrefix)
 {
   aJarPrefix.Truncate();
   return NS_OK;
 }
 
 NS_IMETHODIMP
 nsSystemPrincipal::GetAppStatus(uint16_t* aAppStatus)
--- a/modules/libpref/src/init/all.js
+++ b/modules/libpref/src/init/all.js
@@ -657,182 +657,16 @@ pref("extensions.spellcheck.inline.max-m
 
 pref("editor.use_custom_colors", false);
 pref("editor.singleLine.pasteNewlines",      2);
 pref("editor.use_css",                       false);
 pref("editor.css.default_length_unit",       "px");
 pref("editor.resizing.preserve_ratio",       true);
 pref("editor.positioning.offset",            0);
 
-
-// Default Capability Preferences: Security-Critical! 
-// Editing these may create a security risk - be sure you know what you're doing
-//pref("capability.policy.default.barprop.visible.set", "UniversalXPConnect");
-
-pref("capability.policy.default_policynames", "mailnews");
-
-pref("capability.policy.default.DOMException.code", "allAccess");
-pref("capability.policy.default.DOMException.message", "allAccess");
-pref("capability.policy.default.DOMException.name", "allAccess");
-pref("capability.policy.default.DOMException.result", "allAccess");
-pref("capability.policy.default.DOMException.toString.get", "allAccess");
-
-pref("capability.policy.default.History.back.get", "allAccess");
-pref("capability.policy.default.History.current", "UniversalXPConnect");
-pref("capability.policy.default.History.forward.get", "allAccess");
-pref("capability.policy.default.History.go.get", "allAccess");
-pref("capability.policy.default.History.item", "UniversalXPConnect");
-pref("capability.policy.default.History.next", "UniversalXPConnect");
-pref("capability.policy.default.History.previous", "UniversalXPConnect");
-pref("capability.policy.default.History.toString", "UniversalXPConnect");
-
-pref("capability.policy.default.Location.hash.set", "allAccess");
-pref("capability.policy.default.Location.href.set", "allAccess");
-pref("capability.policy.default.Location.replace.get", "allAccess");
-
-pref("capability.policy.default.Window.blur.get", "allAccess");
-pref("capability.policy.default.Window.close.get", "allAccess");
-pref("capability.policy.default.Window.closed.get", "allAccess");
-pref("capability.policy.default.Window.focus.get", "allAccess");
-pref("capability.policy.default.Window.frames.get", "allAccess");
-pref("capability.policy.default.Window.history.get", "allAccess");
-pref("capability.policy.default.Window.length.get", "allAccess");
-pref("capability.policy.default.Window.location", "allAccess");
-pref("capability.policy.default.Window.opener.get", "allAccess");
-pref("capability.policy.default.Window.parent.get", "allAccess");
-pref("capability.policy.default.Window.postMessage.get", "allAccess");
-pref("capability.policy.default.Window.self.get", "allAccess");
-pref("capability.policy.default.Window.top.get", "allAccess");
-pref("capability.policy.default.Window.window.get", "allAccess");
-
-pref("capability.policy.default.Selection.addSelectionListener", "UniversalXPConnect");
-pref("capability.policy.default.Selection.removeSelectionListener", "UniversalXPConnect");
-
-// Restrictions on the DOM for mail/news - see bugs 66938 and 84545
-pref("capability.policy.mailnews.sites", "mailbox: imap: news:");
-
-pref("capability.policy.mailnews.*.attributes.get", "noAccess");
-pref("capability.policy.mailnews.*.baseURI.get", "noAccess");
-pref("capability.policy.mailnews.*.data.get", "noAccess");
-pref("capability.policy.mailnews.*.getAttribute", "noAccess");
-pref("capability.policy.mailnews.HTMLDivElement.getAttribute", "sameOrigin");
-pref("capability.policy.mailnews.*.getAttributeNS", "noAccess");
-pref("capability.policy.mailnews.*.getAttributeNode", "noAccess");
-pref("capability.policy.mailnews.*.getAttributeNodeNS", "noAccess");
-pref("capability.policy.mailnews.*.getNamedItem", "noAccess");
-pref("capability.policy.mailnews.*.getNamedItemNS", "noAccess");
-pref("capability.policy.mailnews.*.host.get", "noAccess");
-pref("capability.policy.mailnews.*.hostname.get", "noAccess");
-pref("capability.policy.mailnews.*.href.get", "noAccess");
-pref("capability.policy.mailnews.*.innerHTML.get", "noAccess");
-pref("capability.policy.mailnews.*.lowSrc.get", "noAccess");
-pref("capability.policy.mailnews.*.nodeValue.get", "noAccess");
-pref("capability.policy.mailnews.*.pathname.get", "noAccess");
-pref("capability.policy.mailnews.*.protocol.get", "noAccess");
-pref("capability.policy.mailnews.*.src.get", "noAccess");
-pref("capability.policy.mailnews.*.substringData.get", "noAccess");
-pref("capability.policy.mailnews.*.text.get", "noAccess");
-pref("capability.policy.mailnews.*.textContent", "noAccess");
-pref("capability.policy.mailnews.*.title.get", "noAccess");
-pref("capability.policy.mailnews.*.wholeText", "noAccess");
-pref("capability.policy.mailnews.DOMException.toString", "noAccess");
-pref("capability.policy.mailnews.HTMLAnchorElement.toString", "noAccess");
-pref("capability.policy.mailnews.HTMLDocument.domain", "noAccess");
-pref("capability.policy.mailnews.HTMLDocument.URL", "noAccess");
-pref("capability.policy.mailnews.*.documentURI", "noAccess");
-pref("capability.policy.mailnews.Location.toString", "noAccess");
-pref("capability.policy.mailnews.Range.toString", "noAccess");
-pref("capability.policy.mailnews.Window.blur", "noAccess");
-pref("capability.policy.mailnews.Window.focus", "noAccess");
-pref("capability.policy.mailnews.Window.innerWidth.set", "noAccess");
-pref("capability.policy.mailnews.Window.innerHeight.set", "noAccess");
-pref("capability.policy.mailnews.Window.moveBy", "noAccess");
-pref("capability.policy.mailnews.Window.moveTo", "noAccess");
-pref("capability.policy.mailnews.Window.name.set", "noAccess");
-pref("capability.policy.mailnews.Window.outerHeight.set", "noAccess");
-pref("capability.policy.mailnews.Window.outerWidth.set", "noAccess");
-pref("capability.policy.mailnews.Window.resizeBy", "noAccess");
-pref("capability.policy.mailnews.Window.resizeTo", "noAccess");
-pref("capability.policy.mailnews.Window.screenX.set", "noAccess");
-pref("capability.policy.mailnews.Window.screenY.set", "noAccess");
-pref("capability.policy.mailnews.Window.sizeToContent", "noAccess");
-pref("capability.policy.mailnews.document.load", "noAccess");
-pref("capability.policy.mailnews.XMLHttpRequest.channel", "noAccess");
-pref("capability.policy.mailnews.XMLHttpRequest.getInterface", "noAccess");
-pref("capability.policy.mailnews.XMLHttpRequest.responseXML", "noAccess");
-pref("capability.policy.mailnews.XMLHttpRequest.responseText", "noAccess");
-pref("capability.policy.mailnews.XMLHttpRequest.status", "noAccess");
-pref("capability.policy.mailnews.XMLHttpRequest.statusText", "noAccess");
-pref("capability.policy.mailnews.XMLHttpRequest.abort", "noAccess");
-pref("capability.policy.mailnews.XMLHttpRequest.getAllResponseHeaders", "noAccess");
-pref("capability.policy.mailnews.XMLHttpRequest.getResponseHeader", "noAccess");
-pref("capability.policy.mailnews.XMLHttpRequest.open", "noAccess");
-pref("capability.policy.mailnews.XMLHttpRequest.send", "noAccess");
-pref("capability.policy.mailnews.XMLHttpRequest.setRequestHeader", "noAccess");
-pref("capability.policy.mailnews.XMLHttpRequest.readyState", "noAccess");
-pref("capability.policy.mailnews.XMLHttpRequest.overrideMimeType", "noAccess");
-pref("capability.policy.mailnews.XMLHttpRequest.onload", "noAccess");
-pref("capability.policy.mailnews.XMLHttpRequest.onerror", "noAccess");
-pref("capability.policy.mailnews.XMLHttpRequest.onreadystatechange", "noAccess");
-pref("capability.policy.mailnews.XMLSerializer.serializeToString", "noAccess");
-pref("capability.policy.mailnews.XMLSerializer.serializeToStream", "noAccess");
-pref("capability.policy.mailnews.DOMParser.parseFromString", "noAccess");
-pref("capability.policy.mailnews.DOMParser.parseFromStream", "noAccess");
-pref("capability.policy.mailnews.SOAPCall.transportURI", "noAccess");
-pref("capability.policy.mailnews.SOAPCall.verifySourceHeader", "noAccess");
-pref("capability.policy.mailnews.SOAPCall.invoke", "noAccess");
-pref("capability.policy.mailnews.SOAPCall.asyncInvoke", "noAccess");
-pref("capability.policy.mailnews.SOAPResponse.fault", "noAccess");
-pref("capability.policy.mailnews.SOAPEncoding.styleURI", "noAccess");
-pref("capability.policy.mailnews.SOAPEncoding.getAssociatedEncoding", "noAccess");
-pref("capability.policy.mailnews.SOAPEncoding.setEncoder", "noAccess");
-pref("capability.policy.mailnews.SOAPEncoding.getEncoder", "noAccess");
-pref("capability.policy.mailnews.SOAPEncoding.setDecoder", "noAccess");
-pref("capability.policy.mailnews.SOAPEncoding.setDecoder", "noAccess");
-pref("capability.policy.mailnews.SOAPEncoding.getDecoder", "noAccess");
-pref("capability.policy.mailnews.SOAPEncoding.defaultEncoder", "noAccess");
-pref("capability.policy.mailnews.SOAPEncoding.defaultDecoder", "noAccess");
-pref("capability.policy.mailnews.SOAPEncoding.schemaCollection", "noAccess");
-pref("capability.policy.mailnews.SOAPEncoding.encode", "noAccess");
-pref("capability.policy.mailnews.SOAPEncoding.decode", "noAccess");
-pref("capability.policy.mailnews.SOAPEncoding.mapSchemaURI", "noAccess");
-pref("capability.policy.mailnews.SOAPEncoding.unmapSchemaURI", "noAccess");
-pref("capability.policy.mailnews.SOAPEncoding.getInternalSchemaURI", "noAccess");
-pref("capability.policy.mailnews.SOAPEncoding.getExternalSchemaURI", "noAccess");
-pref("capability.policy.mailnews.SOAPFault.element", "noAccess");
-pref("capability.policy.mailnews.SOAPFault.faultNamespaceURI", "noAccess");
-pref("capability.policy.mailnews.SOAPFault.faultCode", "noAccess");
-pref("capability.policy.mailnews.SOAPFault.faultString", "noAccess");
-pref("capability.policy.mailnews.SOAPFault.faultActor", "noAccess");
-pref("capability.policy.mailnews.SOAPFault.detail", "noAccess");
-pref("capability.policy.mailnews.SOAPHeaderBlock.actorURI", "noAccess");
-pref("capability.policy.mailnews.SOAPHeaderBlock.mustUnderstand", "noAccess");
-pref("capability.policy.mailnews.SOAPParameter", "noAccess");
-pref("capability.policy.mailnews.SOAPPropertyBagMutator.propertyBag", "noAccess");
-pref("capability.policy.mailnews.SOAPPropertyBagMutator.addProperty", "noAccess");
-pref("capability.policy.mailnews.SchemaLoader.load", "noAccess");
-pref("capability.policy.mailnews.SchemaLoader.loadAsync", "noAccess");
-pref("capability.policy.mailnews.SchemaLoader.processSchemaElement", "noAccess");
-pref("capability.policy.mailnews.SchemaLoader.onLoad", "noAccess");
-pref("capability.policy.mailnews.SchemaLoader.onError", "noAccess");
-pref("capability.policy.mailnews.WSDLLoader.load", "noAccess");
-pref("capability.policy.mailnews.WSDLLoader.loadAsync", "noAccess");
-pref("capability.policy.mailnews.WSDLLoader.onLoad", "noAccess");
-pref("capability.policy.mailnews.WSDLLoader.onError", "noAccess");
-pref("capability.policy.mailnews.WebServiceProxyFactory.createProxy", "noAccess");
-pref("capability.policy.mailnews.WebServiceProxyFactory.createProxyAsync", "noAccess");
-pref("capability.policy.mailnews.WebServiceProxyFactory.onLoad", "noAccess");
-pref("capability.policy.mailnews.WebServiceProxyFactory.onError", "noAccess");
-
-// XMLExtras
-pref("capability.policy.default.XMLHttpRequest.channel", "noAccess");
-pref("capability.policy.default.XMLHttpRequest.getInterface", "noAccess");
-pref("capability.policy.default.XMLHttpRequest.open-uri", "allAccess");
-pref("capability.policy.default.DOMParser.parseFromStream", "noAccess");
-
 // Scripts & Windows prefs
 pref("dom.disable_image_src_set",           false);
 pref("dom.disable_window_flip",             false);
 pref("dom.disable_window_move_resize",      false);
 pref("dom.disable_window_status_change",    false);
 
 pref("dom.disable_window_open_feature.titlebar",    false);
 pref("dom.disable_window_open_feature.close",       false);