Bug 1253108 - Enable ESLint "strict" rule for PSM. r=keeler
authorCykesiopka <cykesiopka.bmo@gmail.com>
Sat, 19 Mar 2016 03:07:13 -0700
changeset 289971 5d3a8a8f017842b11d0c2b969586b59280e20f4c
parent 289970 422d5142ae422a67797f9d04488b538ebf90cbb5
child 289972 9daacc9d25600491dacef965c3927d306deef931
push id30112
push usercbook@mozilla.com
push dateWed, 23 Mar 2016 15:25:32 +0000
treeherdermozilla-central@6202ade0e6d6 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerskeeler
bugs1253108
milestone48.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1253108 - Enable ESLint "strict" rule for PSM. r=keeler MozReview-Commit-ID: 4wElZ8Guq9z
security/manager/.eslintrc.json
security/manager/pki/resources/content/certManager.js
security/manager/pki/resources/content/certpicker.js
security/manager/pki/resources/content/choosetoken.js
security/manager/pki/resources/content/clientauthask.js
security/manager/pki/resources/content/createCertInfo.js
security/manager/pki/resources/content/deletecert.js
security/manager/pki/resources/content/device_manager.js
security/manager/pki/resources/content/downloadcert.js
security/manager/pki/resources/content/editcerts.js
security/manager/pki/resources/content/exceptionDialog.js
security/manager/pki/resources/content/password.js
security/manager/pki/resources/content/pippki.js
security/manager/pki/resources/content/protectedAuth.js
security/manager/pki/resources/content/resetpassword.js
security/manager/pki/resources/content/viewCertDetails.js
security/manager/ssl/tests/mochitest/browser/browser_bug627234_perwindowpb.js
security/manager/ssl/tests/mochitest/browser/browser_certViewer.js
security/manager/ssl/tests/mochitest/browser/browser_certificateManagerLeak.js
security/manager/ssl/tests/mochitest/browser/head.js
security/manager/ssl/tests/mochitest/mixedcontent/backward.html
security/manager/ssl/tests/mochitest/mixedcontent/bug329869.js
security/manager/ssl/tests/mochitest/mixedcontent/bug383369step2.html
security/manager/ssl/tests/mochitest/mixedcontent/bug383369step3.html
security/manager/ssl/tests/mochitest/mixedcontent/iframe.html
security/manager/ssl/tests/mochitest/mixedcontent/iframe2.html
security/manager/ssl/tests/mochitest/mixedcontent/mixedContentTest.js
security/manager/ssl/tests/mochitest/mixedcontent/test_bug329869.html
security/manager/ssl/tests/mochitest/mixedcontent/test_bug383369.html
security/manager/ssl/tests/mochitest/mixedcontent/test_bug455367.html
security/manager/ssl/tests/mochitest/mixedcontent/test_bug472986.html
security/manager/ssl/tests/mochitest/mixedcontent/test_bug477118.html
security/manager/ssl/tests/mochitest/mixedcontent/test_bug521461.html
security/manager/ssl/tests/mochitest/mixedcontent/test_cssBefore1.html
security/manager/ssl/tests/mochitest/mixedcontent/test_cssContent1.html
security/manager/ssl/tests/mochitest/mixedcontent/test_cssContent2.html
security/manager/ssl/tests/mochitest/mixedcontent/test_documentWrite1.html
security/manager/ssl/tests/mochitest/mixedcontent/test_documentWrite2.html
security/manager/ssl/tests/mochitest/mixedcontent/test_dynDelayedUnsecurePicture.html
security/manager/ssl/tests/mochitest/mixedcontent/test_dynDelayedUnsecureXHR.html
security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureBackground.html
security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureIframeRedirect.html
security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecurePicture.html
security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecurePicturePreload.html
security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureRedirect.html
security/manager/ssl/tests/mochitest/mixedcontent/test_innerHtmlDelayedUnsecurePicture.html
security/manager/ssl/tests/mochitest/mixedcontent/test_innerHtmlUnsecurePicture.html
security/manager/ssl/tests/mochitest/mixedcontent/test_javascriptPicture.html
security/manager/ssl/tests/mochitest/mixedcontent/test_secureAll.html
security/manager/ssl/tests/mochitest/mixedcontent/test_securePicture.html
security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureBackground.html
security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureCSS.html
security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframe.html
security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframe2.html
security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframeMetaRedirect.html
security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframeRedirect.html
security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePicture.html
security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePictureDup.html
security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePictureInIframe.html
security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureRedirect.html
security/manager/ssl/tests/mochitest/mixedcontent/unsecurePictureDup.html
security/manager/ssl/tests/mochitest/stricttransportsecurity/nosts_bootstrap.html
security/manager/ssl/tests/mochitest/stricttransportsecurity/plain_bootstrap.html
security/manager/ssl/tests/mochitest/stricttransportsecurity/subdom_bootstrap.html
security/manager/ssl/tests/mochitest/stricttransportsecurity/test_stricttransportsecurity.html
security/manager/ssl/tests/mochitest/stricttransportsecurity/test_sts_privatebrowsing_perwindowpb.html
security/manager/ssl/tests/unit/sss_readstate_child_worker.js
security/manager/ssl/tests/unit/test_cert_blocklist.js
security/manager/ssl/tests/unit/test_datasignatureverifier.js
security/manager/ssl/tests/unit/test_hash_algorithms.js
security/manager/ssl/tests/unit/test_hash_algorithms_wrap.js
security/manager/ssl/tests/unit/test_pinning_dynamic.js
security/manager/ssl/tests/unit/test_pinning_header_parsing.js
security/manager/ssl/tests/unit/test_sss_eviction.js
security/manager/ssl/tests/unit/test_sss_readstate.js
security/manager/ssl/tests/unit/test_sss_readstate_child.js
security/manager/ssl/tests/unit/test_sss_readstate_empty.js
security/manager/ssl/tests/unit/test_sss_readstate_garbage.js
security/manager/ssl/tests/unit/test_sss_readstate_huge.js
security/manager/ssl/tests/unit/test_sss_savestate.js
security/manager/ssl/tests/unit/test_sts_ipv4_ipv6.js
security/manager/ssl/tests/unit/test_sts_preloadlist_perwindowpb.js
security/manager/ssl/tests/unit/test_sts_preloadlist_selfdestruct.js
security/manager/tools/dumpGoogleRoots.js
security/manager/tools/genRootCAHashes.js
security/manager/tools/getHSTSPreloadList.js
security/manager/tools/makeCNNICHashes.js
--- a/security/manager/.eslintrc.json
+++ b/security/manager/.eslintrc.json
@@ -172,16 +172,19 @@
 
     // Require spaces after return, throw and case
     // Note: Replaced by keyword-spacing in ESLint v2.0.
     "space-return-throw-case": 2,
 
     // ++ and -- should not need spacing
     "space-unary-ops": [2, { "words": true, "nonwords": false }],
 
+    // Require "use strict" to be defined globally in the script.
+    "strict": [2, "global"],
+
     // No comparisons to NaN
     "use-isnan": 2,
 
     // Only check typeof against valid results
     "valid-typeof": 2
   },
   "env": {
     "browser": true
--- a/security/manager/pki/resources/content/certManager.js
+++ b/security/manager/pki/resources/content/certManager.js
@@ -1,12 +1,13 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 /* import-globals-from pippki.js */
+"use strict";
 
 const nsIFilePicker = Components.interfaces.nsIFilePicker;
 const nsFilePicker = "@mozilla.org/filepicker;1";
 const nsIX509CertDB = Components.interfaces.nsIX509CertDB;
 const nsX509CertDB = "@mozilla.org/security/x509certdb;1";
 const nsIX509Cert = Components.interfaces.nsIX509Cert;
 const nsICertTree = Components.interfaces.nsICertTree;
 const nsCertTree = "@mozilla.org/security/nsCertTree;1";
--- a/security/manager/pki/resources/content/certpicker.js
+++ b/security/manager/pki/resources/content/certpicker.js
@@ -1,13 +1,14 @@
 /* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 /* import-globals-from pippki.js */
+"use strict";
 
 const nsIDialogParamBlock = Components.interfaces.nsIDialogParamBlock;
 
 var dialogParams;
 var itemCount = 0;
 
 function onLoad()
 {
--- a/security/manager/pki/resources/content/choosetoken.js
+++ b/security/manager/pki/resources/content/choosetoken.js
@@ -1,14 +1,15 @@
 /* -*- indent-tabs-mode: nil; js-indent-level: 2 -*-
  *
  * This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 /* import-globals-from pippki.js */
+"use strict";
 
 const nsIDialogParamBlock = Components.interfaces.nsIDialogParamBlock;
 
 var dialogParams;
 
 function onLoad()
 {
   dialogParams = window.arguments[0].QueryInterface(nsIDialogParamBlock);
--- a/security/manager/pki/resources/content/clientauthask.js
+++ b/security/manager/pki/resources/content/clientauthask.js
@@ -1,14 +1,15 @@
 /* -*- tab-width: 2; indent-tabs-mode: nil; js-indent-level: 2 -*-
  *
  * This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 /* import-globals-from pippki.js */
+"use strict";
 
 const nsIDialogParamBlock = Components.interfaces.nsIDialogParamBlock;
 
 var dialogParams;
 var itemCount = 0;
 var rememberBox;
 
 function onLoad()
--- a/security/manager/pki/resources/content/createCertInfo.js
+++ b/security/manager/pki/resources/content/createCertInfo.js
@@ -1,14 +1,15 @@
 /* -*- indent-tabs-mode: nil; js-indent-level: 2 -*-
  *
  * This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 /* import-globals-from pippki.js */
+"use strict";
 
 var keygenThread;
 
 function onLoad()
 {
   keygenThread = window.arguments[0].QueryInterface(Components.interfaces.nsIKeygenThread);
 
   if (!keygenThread) {
--- a/security/manager/pki/resources/content/deletecert.js
+++ b/security/manager/pki/resources/content/deletecert.js
@@ -1,12 +1,13 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 /* import-globals-from pippki.js */
+"use strict";
 
 const nsIX509Cert = Components.interfaces.nsIX509Cert;
 const nsX509CertDB = "@mozilla.org/security/x509certdb;1";
 const nsIX509CertDB = Components.interfaces.nsIX509CertDB;
 const nsIDialogParamBlock = Components.interfaces.nsIDialogParamBlock;
 
 var certdb;
 var gParams;
--- a/security/manager/pki/resources/content/device_manager.js
+++ b/security/manager/pki/resources/content/device_manager.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 const nsIFilePicker = Components.interfaces.nsIFilePicker;
 const nsFilePicker = "@mozilla.org/filepicker;1";
 const nsIPKCS11Slot = Components.interfaces.nsIPKCS11Slot;
 const nsIPKCS11Module = Components.interfaces.nsIPKCS11Module;
 const nsPKCS11ModuleDB = "@mozilla.org/security/pkcs11moduledb;1";
 const nsIPKCS11ModuleDB = Components.interfaces.nsIPKCS11ModuleDB;
 const nsIPK11Token = Components.interfaces.nsIPK11Token;
--- a/security/manager/pki/resources/content/downloadcert.js
+++ b/security/manager/pki/resources/content/downloadcert.js
@@ -1,12 +1,13 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 /* import-globals-from pippki.js */
+"use strict";
 
 const nsIDialogParamBlock = Components.interfaces.nsIDialogParamBlock;
 const nsIX509Cert = Components.interfaces.nsIX509Cert;
 
 var params;
 var caName;
 var cert;
 
--- a/security/manager/pki/resources/content/editcerts.js
+++ b/security/manager/pki/resources/content/editcerts.js
@@ -1,12 +1,13 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 /* import-globals-from pippki.js */
+"use strict";
 
 const nsIX509Cert = Components.interfaces.nsIX509Cert;
 const nsX509CertDB = "@mozilla.org/security/x509certdb;1";
 const nsIX509CertDB = Components.interfaces.nsIX509CertDB;
 
 var certdb;
 var cert;
 
--- a/security/manager/pki/resources/content/exceptionDialog.js
+++ b/security/manager/pki/resources/content/exceptionDialog.js
@@ -1,12 +1,13 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 /* import-globals-from pippki.js */
+"use strict";
 
 var gDialog;
 var gBundleBrand;
 var gPKIBundle;
 var gSSLStatus;
 var gCert;
 var gChecking;
 var gBroken;
--- a/security/manager/pki/resources/content/password.js
+++ b/security/manager/pki/resources/content/password.js
@@ -1,11 +1,13 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
+
 const nsPK11TokenDB = "@mozilla.org/security/pk11tokendb;1";
 const nsIPK11TokenDB = Components.interfaces.nsIPK11TokenDB;
 const nsIDialogParamBlock = Components.interfaces.nsIDialogParamBlock;
 const nsPKCS11ModuleDB = "@mozilla.org/security/pkcs11moduledb;1";
 const nsIPKCS11ModuleDB = Components.interfaces.nsIPKCS11ModuleDB;
 const nsIPKCS11Slot = Components.interfaces.nsIPKCS11Slot;
 const nsIPK11Token = Components.interfaces.nsIPK11Token;
 
--- a/security/manager/pki/resources/content/pippki.js
+++ b/security/manager/pki/resources/content/pippki.js
@@ -1,13 +1,14 @@
 /* -*- indent-tabs-mode: nil; js-indent-level: 2 -*-
  *
  * This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 /*
  * These are helper functions to be included
  * pippki UI js files.
  */
 
 function setText(id, value) {
   let element = document.getElementById(id);
--- a/security/manager/pki/resources/content/protectedAuth.js
+++ b/security/manager/pki/resources/content/protectedAuth.js
@@ -1,12 +1,13 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 /* import-globals-from pippki.js */
+"use strict";
 
 function onLoad()
 {
   let protectedAuthThread =
     window.arguments[0].QueryInterface(Components.interfaces.nsIProtectedAuthThread);
 
   if (!protectedAuthThread) {
     window.close();
--- a/security/manager/pki/resources/content/resetpassword.js
+++ b/security/manager/pki/resources/content/resetpassword.js
@@ -1,12 +1,13 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 /* import-globals-from pippki.js */
+"use strict";
 
 const nsPK11TokenDB = "@mozilla.org/security/pk11tokendb;1";
 const nsIPK11TokenDB = Components.interfaces.nsIPK11TokenDB;
 const nsIDialogParamBlock = Components.interfaces.nsIDialogParamBlock;
 
 var tokenName;
 
 function onLoad()
--- a/security/manager/pki/resources/content/viewCertDetails.js
+++ b/security/manager/pki/resources/content/viewCertDetails.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 const nsIX509Cert = Components.interfaces.nsIX509Cert;
 const nsX509CertDB = "@mozilla.org/security/x509certdb;1";
 const nsIX509CertDB = Components.interfaces.nsIX509CertDB;
 const nsPK11TokenDB = "@mozilla.org/security/pk11tokendb;1";
 const nsIPK11TokenDB = Components.interfaces.nsIPK11TokenDB;
 const nsIASN1Object = Components.interfaces.nsIASN1Object;
 const nsIASN1Sequence = Components.interfaces.nsIASN1Sequence;
--- a/security/manager/ssl/tests/mochitest/browser/browser_bug627234_perwindowpb.js
+++ b/security/manager/ssl/tests/mochitest/browser/browser_bug627234_perwindowpb.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 var FakeSSLStatus = function() {
 };
 
 FakeSSLStatus.prototype = {
   serverCert: null,
   cipherName: null,
   keyLength: 2048,
--- a/security/manager/ssl/tests/mochitest/browser/browser_certViewer.js
+++ b/security/manager/ssl/tests/mochitest/browser/browser_certViewer.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 var gBugWindow;
 
 function onLoad() {
   gBugWindow.removeEventListener("load", onLoad);
   gBugWindow.addEventListener("unload", onUnload);
   gBugWindow.close();
 }
--- a/security/manager/ssl/tests/mochitest/browser/browser_certificateManagerLeak.js
+++ b/security/manager/ssl/tests/mochitest/browser/browser_certificateManagerLeak.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 var gBugWindow;
 
 function onLoad() {
   gBugWindow.removeEventListener("load", onLoad);
   gBugWindow.addEventListener("unload", onUnload);
   gBugWindow.close();
 }
--- a/security/manager/ssl/tests/mochitest/browser/head.js
+++ b/security/manager/ssl/tests/mochitest/browser/head.js
@@ -1,9 +1,11 @@
 /* Any copyright is dedicated to the Public Domain.
    http://creativecommons.org/publicdomain/zero/1.0/ */
+"use strict";
+
 function whenNewWindowLoaded(aOptions, aCallback) {
   let win = OpenBrowserWindow(aOptions);
   win.addEventListener("load", function onLoad() {
     win.removeEventListener("load", onLoad, false);
     aCallback(win);
   }, false);
 }
--- a/security/manager/ssl/tests/mochitest/mixedcontent/backward.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/backward.html
@@ -1,13 +1,13 @@
 <!DOCTYPE HTML>
 <html>
 <head>
   <script type="text/javascript">
-
+  "use strict";
   window.onload = function()
   {
     window.setTimeout(function()
     {
       SpecialPowers.wrap(window).QueryInterface(SpecialPowers.Ci.nsIInterfaceRequestor)
         .getInterface(SpecialPowers.Ci.nsIWebNavigation)
         .goBack();
     }, 100);
--- a/security/manager/ssl/tests/mochitest/mixedcontent/bug329869.js
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/bug329869.js
@@ -1,5 +1,7 @@
 /* import-globals-from mixedContentTest.js */
+"use strict";
+
 document.open();
 document.write("This is insecure XSS script " + document.cookie);
 isSecurityState("broken", "security broken after document write from unsecure script");
 finish();
--- a/security/manager/ssl/tests/mochitest/mixedcontent/bug383369step2.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/bug383369step2.html
@@ -3,16 +3,17 @@
 <head>
   <title>Bug 383369 test, step 2</title>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/does_not_exist.css">
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   window.onload = function runTest() {
     window.setTimeout(function () {
       window.location =
         "https://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/bug383369step3.html?runtest";
     }, 0);
   };
 
--- a/security/manager/ssl/tests/mochitest/mixedcontent/bug383369step3.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/bug383369step3.html
@@ -3,16 +3,17 @@
 <head>
   <title>Bug 383369 test, final step</title>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   function runTest()
   {
     isSecurityState("secure", "secure page after insecure download and insecure subcontent still secure");
     finish();
   }
 
   function afterNavigationTest()
--- a/security/manager/ssl/tests/mochitest/mixedcontent/iframe.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/iframe.html
@@ -1,12 +1,13 @@
 <!DOCTYPE HTML>
 <html>
 <head>
 </head>
 
 <body>
   This is frame 1: 
   <script>
+    "use strict";
     document.write(location.href);
   </script>
 </body>
 </html>
--- a/security/manager/ssl/tests/mochitest/mixedcontent/iframe2.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/iframe2.html
@@ -1,13 +1,14 @@
 <!DOCTYPE HTML>
 <html>
 <head>
 </head>
 
 <body>
   This is frame 2: 
   <script>
+    "use strict";
     document.write(location.href);
   </script>
   <iframe src="http://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/iframe.html"></iframe>
 </body>
 </html>
--- a/security/manager/ssl/tests/mochitest/mixedcontent/mixedContentTest.js
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/mixedContentTest.js
@@ -1,8 +1,10 @@
+"use strict";
+
 /**
  * Helper script for mixed content testing. It opens a new top-level window
  * from a secure origin and '?runtest' query. That tells us to run the test
  * body, function runTest(). Then we wait for call of finish(). On its first
  * call it loads helper page 'backward.html' that immediately navigates
  * back to the test secure test. This checks the bfcache. We got second call
  * to onload and this time we call afterNavigationTest() function to let the
  * test check security state after re-navigation back. Then we again wait for
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_bug329869.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_bug329869.html
@@ -3,16 +3,17 @@
 <head>
   <title>dymanic script load</title>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   hasMixedActiveContent = true;
 
   function runTest()
   {
     isSecurityState("secure");
     window.setTimeout(function () {
       var newElement = document.createElement("script");
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_bug383369.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_bug383369.html
@@ -3,16 +3,17 @@
 <head>
   <title>Bug 383369 test</title>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   // We want to start this test from an insecure context
   loadAsInsecure = true;
   // We don't want to go through the navigation back/forward test
   bypassNavigationTest = true;
 
   function runTest()
   {
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_bug455367.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_bug455367.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   function runTest()
   {
     isSecurityState("broken", "broken");
     finish();
   }
 
   function afterNavigationTest()
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_bug472986.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_bug472986.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   SimpleTest.expectAssertions(0, 4);
 
   // Clear the default onload assigned to test start because we must
   // wait for replaced image to load and only after that test the security state
   var onLoadFunction = window.onload;
   window.onload = function()
   {
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_bug477118.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_bug477118.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   function runTest()
   {
     isSecurityState("secure", "data <img> doesn't break security");
     finish();
   }
 
   function afterNavigationTest()
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_bug521461.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_bug521461.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   loadAsInsecure = true;
 
   function runTest()
   {
     window.location = "https://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/nocontent.sjs";
     window.setTimeout(function() {
       isSecurityState("insecure", "location.href doesn't effect the security state");
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_cssBefore1.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_cssBefore1.html
@@ -13,16 +13,17 @@
     p:before
     {
       content: url(http://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/moonsurface.jpg);
     }
   </style>
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   function runTest()
   {
     isSecurityState("broken", "insecure content added by :before styling breaks security");
     finish();
   }
 
   function afterNavigationTest()
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_cssContent1.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_cssContent1.html
@@ -14,16 +14,17 @@
     p
     {
       content: url(http://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/moonsurface.jpg);
     }
   </style>
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   function runTest()
   {
     isSecurityState("broken", "insecure content added by :before styling breaks security");
     finish();
   }
 
   function afterNavigationTest()
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_cssContent2.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_cssContent2.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   if (navigator.platform.startsWith("Mac")) {
     SimpleTest.expectAssertions(0, 1);
   }
 
   function runTest()
   {
     isSecurityState("secure");
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_documentWrite1.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_documentWrite1.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   function runTest()
   {
     isSecurityState("broken", "insecure <img> written dynamically breaks security");
     finish();
   }
 
   function afterNavigationTest()
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_documentWrite2.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_documentWrite2.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   hasMixedActiveContent = true;
 
   function runTest()
   {
     isSecurityState("broken", "insecure iframe written dynamically breaks security");
     finish();
   }
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_dynDelayedUnsecurePicture.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynDelayedUnsecurePicture.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   function runTest()
   {
     isSecurityState("secure");
     window.setTimeout(function() {
       // Don't do this synchronously from onload handler
       document.getElementById("image1").src =
         "http://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/moonsurface.jpg";
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_dynDelayedUnsecureXHR.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynDelayedUnsecureXHR.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   hasMixedActiveContent = true;
 
   function runTest()
   {
     isSecurityState("secure");
     window.setTimeout(() => {
       try {
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureBackground.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureBackground.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   // This test, as is, equals to https://kuix.de/misc/test17/358438.php
 
   function runTest()
   {
     isSecurityState("secure");
     document.body.background =
       "http://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/moonsurface.jpg";
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureIframeRedirect.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureIframeRedirect.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   hasMixedActiveContent = true;
 
   function runTest()
   {
     isSecurityState("secure");
     var self = window;
     var iframe = document.getElementById("iframe1");
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecurePicture.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecurePicture.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   // This test, as is, equals to https://kuix.de/misc/test17/358438.php
 
   function runTest()
   {
     isSecurityState("secure");
     document.getElementById("image1").src =
       "http://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/moonsurface.jpg";
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecurePicturePreload.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecurePicturePreload.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   (new Image()).src =
     "http://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/moonsurface.jpg";
 
   function runTest()
   {
     isSecurityState("broken", "(new Image()).src='http://...' changed to broken");
     finish();
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureRedirect.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureRedirect.html
@@ -3,16 +3,17 @@
 <head>
   <title>img.src changes to unsecure redirect test</title>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   function runTest()
   {
     isSecurityState("secure");
     document.getElementById("image1").src =
       "https://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/imgunsecredirect.sjs";
 
     window.setTimeout(function() {
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_innerHtmlDelayedUnsecurePicture.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_innerHtmlDelayedUnsecurePicture.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   function runTest()
   {
     isSecurityState("secure");
 
     window.setTimeout(function () {
       document.getElementById("buddy").innerHTML =
         "<img id='image1' src='http://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/moonsurface.jpg' />";
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_innerHtmlUnsecurePicture.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_innerHtmlUnsecurePicture.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   function runTest()
   {
     isSecurityState("secure");
 
     document.getElementById("buddy").innerHTML =
       "<img id='image1' src='http://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/moonsurface.jpg' />";
 
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_javascriptPicture.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_javascriptPicture.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   function runTest()
   {
     isSecurityState("secure", "javascript: <img> should not break security");
     finish();
   }
 
   function afterNavigationTest()
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_secureAll.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_secureAll.html
@@ -10,16 +10,17 @@
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <link rel="stylesheet" type="text/css"
     href="https://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/somestyle.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   // Navigation test goes over an insecure page, test state leak
   navigateToInsecure = true;
 
   function runTest()
   {
     isSecurityState("secure", "insecure <img> load breaks security");
     finish();
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_securePicture.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_securePicture.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   loadAsInsecure = true;
 
   function runTest()
   {
     isSecurityState("insecure", "left insecure");
     finish();
   }
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureBackground.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureBackground.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   // This test, as is, equals to https://kuix.de/misc/test17/358438.php
 
   function runTest()
   {
     isSecurityState("broken", "security broken");
     finish();
   }
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureCSS.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureCSS.html
@@ -10,16 +10,17 @@
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <link rel="stylesheet" type="text/css"
     href="http://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/somestyle.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   hasMixedActiveContent = true;
 
   function runTest()
   {
     isSecurityState("broken", "insecure <img> load breaks security");
     finish();
   }
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframe.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframe.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   hasMixedActiveContent = true;
 
   function runTest()
   {
     isSecurityState("broken", "insecure <iframe> load breaks security");
     finish();
   }
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframe2.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframe2.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   hasMixedActiveContent = true;
 
   function runTest()
   {
     isSecurityState("broken", "insecure <iframe> load breaks security");
     finish();
   }
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframeMetaRedirect.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframeMetaRedirect.html
@@ -3,16 +3,17 @@
 <head>
   <title>Unsecure redirect iframe load</title>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   function runTest()
   {
     window.setTimeout(function()
     {
       isSecurityState("broken", "insecure meta-tag <iframe> load breaks security");
       finish();
     }, 500);
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframeRedirect.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframeRedirect.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   hasMixedActiveContent = true;
 
   function runTest()
   {
     isSecurityState("broken", "insecure <iframe> load breaks security");
     finish();
   }
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePicture.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePicture.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   function runTest()
   {
     isSecurityState("broken", "insecure <img> load breaks security");
     finish();
   }
 
   function afterNavigationTest()
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePictureDup.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePictureDup.html
@@ -3,16 +3,17 @@
 <head>
   <title>Unsecure img load in two windows</title>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   openTwoWindows = true;
   testPage = "unsecurePictureDup.html";
 
   </script>
 </head>
 
 <body>
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePictureInIframe.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePictureInIframe.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   hasMixedActiveContent = true;
 
   function runTest()
   {
     isSecurityState("broken", "insecure <img> in an <iframe> load breaks security");
     finish();
   }
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureRedirect.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureRedirect.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   hasMixedActiveContent = true;
 
   function runTest()
   {
     isSecurityState("broken", "insecure <img> load breaks security");
     finish();
   }
--- a/security/manager/ssl/tests/mochitest/mixedcontent/unsecurePictureDup.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/unsecurePictureDup.html
@@ -7,16 +7,17 @@
   <script type="text/javascript" src="/MochiKit/Style.js"></script>
   <script type="text/javascript" src="/MochiKit/Signal.js"></script>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <script type="text/javascript" src="mixedContentTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
   /* import-globals-from mixedContentTest.js */
+  "use strict";
 
   function runTest()
   {
     isSecurityState("broken", "insecure <img> load breaks security");
     finish();
   }
 
   function afterNavigationTest()
--- a/security/manager/ssl/tests/mochitest/stricttransportsecurity/nosts_bootstrap.html
+++ b/security/manager/ssl/tests/mochitest/stricttransportsecurity/nosts_bootstrap.html
@@ -2,16 +2,17 @@
    - License, v. 2.0. If a copy of the MPL was not distributed with this
    - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
 
 <!DOCTYPE HTML>
 <html>
   <head>
     <title>STS test iframe</title>
     <script>
+      "use strict";
       let windowRef = window;
       window.addEventListener("load", function() {
         windowRef.parent.postMessage("BOOTSTRAP plain",
                                      "http://mochi.test:8888");
       }, false);
     </script>
   </head>
   <body>
--- a/security/manager/ssl/tests/mochitest/stricttransportsecurity/plain_bootstrap.html
+++ b/security/manager/ssl/tests/mochitest/stricttransportsecurity/plain_bootstrap.html
@@ -2,16 +2,17 @@
    - License, v. 2.0. If a copy of the MPL was not distributed with this
    - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
 
 <!DOCTYPE HTML>
 <html>
   <head>
     <title>STS test iframe</title>
     <script>
+      "use strict";
       let windowRef = window;
       window.addEventListener("load", function() {
         windowRef.parent.postMessage("BOOTSTRAP plain",
                                      "http://mochi.test:8888");
       }, false);
     </script>
   </head>
   <body>
--- a/security/manager/ssl/tests/mochitest/stricttransportsecurity/subdom_bootstrap.html
+++ b/security/manager/ssl/tests/mochitest/stricttransportsecurity/subdom_bootstrap.html
@@ -2,16 +2,17 @@
    - License, v. 2.0. If a copy of the MPL was not distributed with this
    - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
 
 <!DOCTYPE HTML>
 <html>
   <head>
     <title>STS test iframe</title>
     <script>
+      "use strict";
       let windowRef = window;
       window.addEventListener("load", function() {
         windowRef.parent.postMessage("BOOTSTRAP subdom",
                                      "http://mochi.test:8888");
       }, false);
     </script>
   </head>
   <body>
--- a/security/manager/ssl/tests/mochitest/stricttransportsecurity/test_stricttransportsecurity.html
+++ b/security/manager/ssl/tests/mochitest/stricttransportsecurity/test_stricttransportsecurity.html
@@ -5,16 +5,18 @@
 <!DOCTYPE HTML>
 <html>
 <head>
   <title>opens additional content that should be converted to https</title>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 
   <script class="testbody" type="text/javascript">
+  "use strict";
+
   SimpleTest.waitForExplicitFinish();
 
   const STSPATH = "/tests/security/manager/ssl/tests/mochitest/stricttransportsecurity";
 
   // initialized manually here
   var testsleft = {'plain': 4, 'subdom': 4};
   var roundsLeft = 2;
 
--- a/security/manager/ssl/tests/mochitest/stricttransportsecurity/test_sts_privatebrowsing_perwindowpb.html
+++ b/security/manager/ssl/tests/mochitest/stricttransportsecurity/test_sts_privatebrowsing_perwindowpb.html
@@ -2,19 +2,22 @@
    - License, v. 2.0. If a copy of the MPL was not distributed with this
    - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
 
 <!DOCTYPE HTML>
 <html>
 <head>
   <title>opens additional content that should be converted to https</title>
   <script type="application/javascript" src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"></script>
-  <link rel="stylesheet" type="text/css" href="chrome://mochikit/content/tests/SimpleTest/test.css"?>
+  <link rel="stylesheet" type="text/css"
+        href="chrome://mochikit/content/tests/SimpleTest/test.css"/>
 
   <script class="testbody" type="text/javascript">
+  "use strict";
+
   SimpleTest.waitForExplicitFinish();
 
   const Cc = Components.classes;
   const Ci = Components.interfaces;
   const STSPATH = "/tests/security/manager/ssl/tests/mochitest/stricttransportsecurity";
   const NUM_TEST_FRAMES = 4;
   const CONTENT_PAGE =
     "http://mochi.test:8888/chrome/security/manager/ssl/tests/mochitest/stricttransportsecurity/page_blank.html";
--- a/security/manager/ssl/tests/unit/sss_readstate_child_worker.js
+++ b/security/manager/ssl/tests/unit/sss_readstate_child_worker.js
@@ -1,9 +1,10 @@
 /* import-globals-from head_psm.js */
+"use strict";
 
 function run_test() {
   var SSService = Cc["@mozilla.org/ssservice;1"]
                     .getService(Ci.nsISiteSecurityService);
 
   ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
                              "expired.example.com", 0));
   ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
--- a/security/manager/ssl/tests/unit/test_cert_blocklist.js
+++ b/security/manager/ssl/tests/unit/test_cert_blocklist.js
@@ -1,12 +1,13 @@
 /* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 // This test checks a number of things:
 // * it ensures that data loaded from revocations.txt on startup is present
 // * it ensures that certItems in blocklist.xml are persisted correctly
 // * it ensures that items in the CertBlocklist are seen as revoked by the
 //   cert verifier
 // * it does a sanity check to ensure other cert verifier behavior is
 //   unmodified
--- a/security/manager/ssl/tests/unit/test_datasignatureverifier.js
+++ b/security/manager/ssl/tests/unit/test_datasignatureverifier.js
@@ -1,9 +1,9 @@
-const DSV = Ci.nsIDataSignatureVerifier;
+"use strict";
 
 var keys = [
 // RSA key
 "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDK426erD/H3XtsjvaB5+PJqbhj" +
 "Zc9EDI5OCJS8R3FIObJ9ZHJK1TXeaE7JWqt9WUmBWTEFvwS+FI9vWu8058N9CHhD" +
 "NyeP6i4LuUYjTURnn7Yw/IgzyIJ2oKsYa32RuxAyteqAWqPT/J63wBixIeCxmysf" +
 "awB/zH4KaPiY3vnrzQIDAQAB",
 
--- a/security/manager/ssl/tests/unit/test_hash_algorithms.js
+++ b/security/manager/ssl/tests/unit/test_hash_algorithms.js
@@ -1,8 +1,10 @@
+"use strict";
+
 var ScriptableUnicodeConverter =
   Components.Constructor("@mozilla.org/intl/scriptableunicodeconverter",
                          "nsIScriptableUnicodeConverter");
 var CryptoHash =
   Components.Constructor("@mozilla.org/security/hash;1",
                          "nsICryptoHash",
                          "initWithString");
 
--- a/security/manager/ssl/tests/unit/test_hash_algorithms_wrap.js
+++ b/security/manager/ssl/tests/unit/test_hash_algorithms_wrap.js
@@ -1,3 +1,5 @@
+"use strict";
+
 function run_test() {
   run_test_in_child("test_hash_algorithms.js");
 }
--- a/security/manager/ssl/tests/unit/test_pinning_dynamic.js
+++ b/security/manager/ssl/tests/unit/test_pinning_dynamic.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 // The purpose of this test is to create a site security service state file
 // and see that the site security service reads it properly.
 
 function writeLine(aLine, aOutputStream) {
   aOutputStream.write(aLine, aLine.length);
 }
 
--- a/security/manager/ssl/tests/unit/test_pinning_header_parsing.js
+++ b/security/manager/ssl/tests/unit/test_pinning_header_parsing.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 // The purpose of this test is to check that parsing of HPKP headers
 // is correct.
 
 var profileDir = do_get_profile();
 const certdb = Cc["@mozilla.org/security/x509certdb;1"]
                  .getService(Ci.nsIX509CertDB);
 var gSSService = Cc["@mozilla.org/ssservice;1"]
--- a/security/manager/ssl/tests/unit/test_sss_eviction.js
+++ b/security/manager/ssl/tests/unit/test_sss_eviction.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 // The purpose of this test is to check that a frequently visited site
 // will not be evicted over an infrequently visited site.
 
 var gSSService = null;
 var gProfileDir = null;
 
 function do_state_written(aSubject, aTopic, aData) {
--- a/security/manager/ssl/tests/unit/test_sss_readstate.js
+++ b/security/manager/ssl/tests/unit/test_sss_readstate.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 // The purpose of this test is to create a site security service state file
 // and see that the site security service reads it properly.
 
 function writeLine(aLine, aOutputStream) {
   aOutputStream.write(aLine, aLine.length);
 }
 
--- a/security/manager/ssl/tests/unit/test_sss_readstate_child.js
+++ b/security/manager/ssl/tests/unit/test_sss_readstate_child.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 // The purpose of this test is to create a site security service state file
 // and see that the site security service reads it properly. We also verify
 // that state changes are reflected in the child process.
 
 function writeLine(aLine, aOutputStream) {
   aOutputStream.write(aLine, aLine.length);
 }
--- a/security/manager/ssl/tests/unit/test_sss_readstate_empty.js
+++ b/security/manager/ssl/tests/unit/test_sss_readstate_empty.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 // The purpose of this test is to create an empty site security service state
 // file and see that the site security service doesn't fail when reading it.
 
 var gSSService = null;
 
 function checkStateRead(aSubject, aTopic, aData) {
   // nonexistent.example.com should never be an HSTS host
--- a/security/manager/ssl/tests/unit/test_sss_readstate_garbage.js
+++ b/security/manager/ssl/tests/unit/test_sss_readstate_garbage.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 // The purpose of this test is to create a mostly bogus site security service
 // state file and see that the site security service handles it properly.
 
 function writeLine(aLine, aOutputStream) {
   aOutputStream.write(aLine, aLine.length);
 }
 
--- a/security/manager/ssl/tests/unit/test_sss_readstate_huge.js
+++ b/security/manager/ssl/tests/unit/test_sss_readstate_huge.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 // The purpose of this test is to create a site security service state file
 // that is too large and see that the site security service reads it properly
 // (this means discarding all entries after the 1024th).
 
 function writeLine(aLine, aOutputStream) {
   aOutputStream.write(aLine, aLine.length);
 }
--- a/security/manager/ssl/tests/unit/test_sss_savestate.js
+++ b/security/manager/ssl/tests/unit/test_sss_savestate.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 // The purpose of this test is to see that the site security service properly
 // writes its state file.
 
 const EXPECTED_ENTRIES = 6;
 const EXPECTED_HSTS_COLUMNS = 3;
 const EXPECTED_HPKP_COLUMNS = 4;
 var gProfileDir = null;
--- a/security/manager/ssl/tests/unit/test_sts_ipv4_ipv6.js
+++ b/security/manager/ssl/tests/unit/test_sts_ipv4_ipv6.js
@@ -1,8 +1,10 @@
+"use strict";
+
 function check_ip(s, v, ip) {
   let sslStatus = new FakeSSLStatus();
   ok(!s.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, ip, 0));
 
   let str = "https://";
   if (v == 6) {
     str += "[";
   }
--- a/security/manager/ssl/tests/unit/test_sts_preloadlist_perwindowpb.js
+++ b/security/manager/ssl/tests/unit/test_sts_preloadlist_perwindowpb.js
@@ -1,13 +1,14 @@
 // This test attempts to use only domains that are likely to remain on the
 // preload list for a long time. Currently this includes bugzilla.mozilla.org
 // and login.persona.org because they are Mozilla properties and we are
 // invested in HSTS. Additionally, www.torproject.org was deemed likely to
 // continue to use HSTS.
+"use strict";
 
 var gSSService = Cc["@mozilla.org/ssservice;1"]
                    .getService(Ci.nsISiteSecurityService);
 
 function Observer() {}
 Observer.prototype = {
   observe: function(subject, topic, data) {
     if (topic == "last-pb-context-exited") {
--- a/security/manager/ssl/tests/unit/test_sts_preloadlist_selfdestruct.js
+++ b/security/manager/ssl/tests/unit/test_sts_preloadlist_selfdestruct.js
@@ -1,10 +1,11 @@
 // This test uses bugzilla.mozilla.org given that it is likely to remain
 // on the preload list for a long time.
+"use strict";
 
 function run_test() {
   let SSService = Cc["@mozilla.org/ssservice;1"]
                     .getService(Ci.nsISiteSecurityService);
 
   // check that a host on the preload list is identified as an sts host
   ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
                             "bugzilla.mozilla.org", 0));
--- a/security/manager/tools/dumpGoogleRoots.js
+++ b/security/manager/tools/dumpGoogleRoots.js
@@ -1,24 +1,23 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 // This file is a helper script that generates the list of certificates that
 // make up the preloaded pinset for Google properties.
 //
 // How to run this file:
 // 1. [obtain firefox source code]
 // 2. [build/obtain firefox binaries]
 // 3. run `[path to]/run-mozilla.sh [path to]/xpcshell dumpGoogleRoots.js'
 // 4. [paste the output into the appropriate section in
 //     security/manager/tools/PreloadedHPKPins.json]
 
-// <https://developer.mozilla.org/en/XPConnect/xpcshell/HOWTO>
-// <https://bugzilla.mozilla.org/show_bug.cgi?id=546628>
 var Cc = Components.classes;
 var Ci = Components.interfaces;
 
 function downloadRoots() {
   let req = Cc["@mozilla.org/xmlextras/xmlhttprequest;1"]
               .createInstance(Ci.nsIXMLHttpRequest);
   req.open("GET", "https://pki.google.com/roots.pem", false);
   try {
--- a/security/manager/tools/genRootCAHashes.js
+++ b/security/manager/tools/genRootCAHashes.js
@@ -1,20 +1,19 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 // How to run this file:
 // 1. [obtain firefox source code]
 // 2. [build/obtain firefox binaries]
 // 3. run `[path to]/run-mozilla.sh [path to]/xpcshell genRootCAHashes.js \
 //                                  [absolute path to]/RootHashes.inc'
 
-// <https://developer.mozilla.org/en/XPConnect/xpcshell/HOWTO>
-// <https://bugzilla.mozilla.org/show_bug.cgi?id=546628>
 var Cc = Components.classes;
 var Ci = Components.interfaces;
 var Cu = Components.utils;
 var Cr = Components.results;
 
 const nsX509CertDB = "@mozilla.org/security/x509certdb;1";
 const CertDb = Components.classes[nsX509CertDB].getService(Ci.nsIX509CertDB);
 
--- a/security/manager/tools/getHSTSPreloadList.js
+++ b/security/manager/tools/getHSTSPreloadList.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 // How to run this file:
 // 1. [obtain firefox source code]
 // 2. [build/obtain firefox binaries]
 // 3. run `[path to]/run-mozilla.sh [path to]/xpcshell \
 //                                  [path to]/getHSTSPreloadlist.js \
 //                                  [absolute path to]/nsSTSPreloadlist.inc'
 // Note: Running this file outputs a new nsSTSPreloadlist.inc in the current
--- a/security/manager/tools/makeCNNICHashes.js
+++ b/security/manager/tools/makeCNNICHashes.js
@@ -1,11 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
 
 // How to run this file:
 // 1. [obtain CNNIC-issued certificates to be whitelisted]
 // 2. [obtain firefox source code]
 // 3. [build/obtain firefox binaries]
 // 4. run `[path to]/run-mozilla.sh [path to]/xpcshell makeCNNICHashes.js \
 //                                  [path to]/intermediatesFile
 //                                  [path to]/certlist'