bug 748809 - remove nsIAssociatedContentSecurity and nsISecurityInfoProvider r=mayhemer,jrmuizel
authorDana Keeler <dkeeler@mozilla.com>
Thu, 13 Sep 2018 17:13:43 +0000
changeset 436272 be7177f566cb1981a0e436571542f2fc3db1197f
parent 436271 703fc4a46434e1af755a52a9baa8ca29423271f9
child 436273 d9eb5d5160d0bd758138a9e1da3cc12d8edb96fb
push id34632
push usernerli@mozilla.com
push dateFri, 14 Sep 2018 03:30:35 +0000
treeherdermozilla-central@03bf654b9641 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmayhemer, jrmuizel
bugs748809, 832834
milestone64.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
bug 748809 - remove nsIAssociatedContentSecurity and nsISecurityInfoProvider r=mayhemer,jrmuizel nsIAssociatedContentSecurity and nsISecurityInfoProvider are unused as of bug 832834, so this patch removes them. Differential Revision: https://phabricator.services.mozilla.com/D5693
image/imgRequest.cpp
image/imgRequest.h
image/imgRequestProxy.cpp
image/imgRequestProxy.h
netwerk/base/moz.build
netwerk/base/nsISecurityInfoProvider.idl
netwerk/protocol/http/HttpChannelChild.cpp
netwerk/protocol/http/HttpChannelChild.h
netwerk/protocol/http/HttpChannelParent.cpp
netwerk/protocol/http/HttpChannelParent.h
netwerk/protocol/http/PHttpChannel.ipdl
security/manager/ssl/TransportSecurityInfo.cpp
security/manager/ssl/TransportSecurityInfo.h
security/manager/ssl/moz.build
security/manager/ssl/nsIAssociatedContentSecurity.idl
--- a/image/imgRequest.cpp
+++ b/image/imgRequest.cpp
@@ -61,17 +61,16 @@ imgRequest::imgRequest(imgLoader* aLoade
  , mValidator(nullptr)
  , mInnerWindowId(0)
  , mCORSMode(imgIRequest::CORS_NONE)
  , mReferrerPolicy(mozilla::net::RP_Unset)
  , mImageErrorCode(NS_OK)
  , mMutex("imgRequest")
  , mProgressTracker(new ProgressTracker())
  , mIsMultiPartChannel(false)
- , mGotData(false)
  , mIsInCache(false)
  , mDecodeRequested(false)
  , mNewPartPending(false)
  , mHadInsecureRedirect(false)
 {
   LOG_FUNC(gImgLog, "imgRequest::imgRequest()");
 }
 
@@ -468,27 +467,16 @@ imgRequest::IsData() const
 }
 
 nsresult
 imgRequest::GetImageErrorCode()
 {
   return mImageErrorCode;
 }
 
-nsresult
-imgRequest::GetSecurityInfo(nsISupports** aSecurityInfo)
-{
-  LOG_FUNC(gImgLog, "imgRequest::GetSecurityInfo");
-
-  // Missing security info means this is not a security load
-  // i.e. it is not an error when security info is missing
-  NS_IF_ADDREF(*aSecurityInfo = mSecurityInfo);
-  return NS_OK;
-}
-
 void
 imgRequest::RemoveFromCache()
 {
   LOG_SCOPE(gImgLog, "imgRequest::RemoveFromCache");
 
   bool isInCache = false;
 
   {
@@ -590,23 +578,16 @@ imgRequest::BoostPriority(uint32_t aCate
   if (newRequestedCategory & imgIRequest::CATEGORY_DISPLAY) {
     delta += nsISupportsPriority::PRIORITY_HIGH;
   }
 
   AdjustPriorityInternal(delta);
   mBoostCategoriesRequested |= newRequestedCategory;
 }
 
-bool
-imgRequest::HasTransferredData() const
-{
-  MutexAutoLock lock(mMutex);
-  return mGotData;
-}
-
 void
 imgRequest::SetIsInCache(bool aInCache)
 {
   LOG_FUNC_WITH_PARAM(gImgLog,
                       "imgRequest::SetIsCacheable", "aInCache", aInCache);
   MutexAutoLock lock(mMutex);
   mIsInCache = aInCache;
 }
@@ -792,18 +773,16 @@ imgRequest::OnStartRequest(nsIRequest* a
     MOZ_ASSERT(multiPartChannel, "Should have mRequest unless we're multipart");
     nsCOMPtr<nsIChannel> baseChannel;
     multiPartChannel->GetBaseChannel(getter_AddRefs(baseChannel));
     mRequest = baseChannel;
   }
 
   nsCOMPtr<nsIChannel> channel(do_QueryInterface(aRequest));
   if (channel) {
-    channel->GetSecurityInfo(getter_AddRefs(mSecurityInfo));
-
     /* Get our principal */
     nsCOMPtr<nsIScriptSecurityManager>
       secMan = nsContentUtils::GetSecurityManager();
     if (secMan) {
       nsresult rv =
         secMan->GetChannelResultPrincipal(channel, getter_AddRefs(mPrincipal));
       if (NS_FAILED(rv)) {
         return rv;
@@ -1167,17 +1146,16 @@ imgRequest::OnDataAvailable(nsIRequest* 
   RefPtr<Image> image;
   RefPtr<ProgressTracker> progressTracker;
   bool isMultipart = false;
   bool newPartPending = false;
 
   // Retrieve and update our state.
   {
     MutexAutoLock lock(mMutex);
-    mGotData = true;
     image = mImage;
     progressTracker = mProgressTracker;
     isMultipart = mIsMultiPartChannel;
     newPartPending = mNewPartPending;
     mNewPartPending = false;
   }
 
   // If this is a new part, we need to sniff its content type and create an
--- a/image/imgRequest.h
+++ b/image/imgRequest.h
@@ -152,19 +152,16 @@ public:
   nsresult GetURI(nsIURI** aURI);
   nsresult GetFinalURI(nsIURI** aURI);
   bool IsScheme(const char* aScheme) const;
   bool IsChrome() const;
   bool IsData() const;
 
   nsresult GetImageErrorCode(void);
 
-  /// Returns true if we've received any data.
-  bool HasTransferredData() const;
-
   /// Returns a non-owning pointer to this imgRequest's MIME type.
   const char* GetMimeType() const { return mContentType.get(); }
 
   /// @return the priority of the underlying network request, or
   /// PRIORITY_NORMAL if it doesn't support nsISupportsPriority.
   int32_t Priority() const;
 
   /// Adjust the priority of the underlying network request by @aDelta on behalf
@@ -173,18 +170,16 @@ public:
 
   void BoostPriority(uint32_t aCategory);
 
   /// Returns a weak pointer to the underlying request.
   nsIRequest* GetRequest() const { return mRequest; }
 
   nsITimedChannel* GetTimedChannel() const { return mTimedChannel; }
 
-  nsresult GetSecurityInfo(nsISupports** aSecurityInfoOut);
-
   imgCacheValidator* GetValidator() const { return mValidator; }
   void SetValidator(imgCacheValidator* aValidator) { mValidator = aValidator; }
 
   void* LoadId() const { return mLoadId; }
   void SetLoadId(void* aLoadId) { mLoadId = aLoadId; }
 
   /// Reset the cache entry after we've dropped our reference to it. Used by
   /// imgLoader when our cache entry is re-requested after we've dropped our
@@ -238,17 +233,16 @@ private:
   nsCOMPtr<nsIURI> mFinalURI;
   // The principal which triggered the load of this image. Generally either
   // the principal of the document the image is being loaded into, or of the
   // stylesheet which specified the image to load. Used when validating for CORS.
   nsCOMPtr<nsIPrincipal> mTriggeringPrincipal;
   // The principal of this image.
   nsCOMPtr<nsIPrincipal> mPrincipal;
   nsCOMPtr<nsIProperties> mProperties;
-  nsCOMPtr<nsISupports> mSecurityInfo;
   nsCOMPtr<nsIChannel> mChannel;
   nsCOMPtr<nsIInterfaceRequestor> mPrevChannelSink;
   nsCOMPtr<nsIApplicationCache> mApplicationCache;
 
   nsCOMPtr<nsITimedChannel> mTimedChannel;
 
   nsCString mContentType;
 
@@ -286,16 +280,15 @@ private:
   mutable mozilla::Mutex mMutex;
 
   // Member variables protected by mMutex. Note that *all* flags in our bitfield
   // are protected by mMutex; if you're adding a new flag that isn'protected, it
   // must not be a part of this bitfield.
   RefPtr<ProgressTracker> mProgressTracker;
   RefPtr<Image> mImage;
   bool mIsMultiPartChannel : 1;
-  bool mGotData : 1;
   bool mIsInCache : 1;
   bool mDecodeRequested : 1;
   bool mNewPartPending : 1;
   bool mHadInsecureRedirect : 1;
 };
 
 #endif // mozilla_image_imgRequest_h
--- a/image/imgRequestProxy.cpp
+++ b/image/imgRequestProxy.cpp
@@ -98,17 +98,16 @@ RequestBehaviour::GetProgressTracker() c
 NS_IMPL_ADDREF(imgRequestProxy)
 NS_IMPL_RELEASE(imgRequestProxy)
 
 NS_INTERFACE_MAP_BEGIN(imgRequestProxy)
   NS_INTERFACE_MAP_ENTRY_AMBIGUOUS(nsISupports, imgIRequest)
   NS_INTERFACE_MAP_ENTRY(imgIRequest)
   NS_INTERFACE_MAP_ENTRY(nsIRequest)
   NS_INTERFACE_MAP_ENTRY(nsISupportsPriority)
-  NS_INTERFACE_MAP_ENTRY(nsISecurityInfoProvider)
   NS_INTERFACE_MAP_ENTRY_CONDITIONAL(nsITimedChannel,
                                      TimedChannel() != nullptr)
 NS_INTERFACE_MAP_END
 
 imgRequestProxy::imgRequestProxy() :
   mBehaviour(new RequestBehaviour),
   mURI(nullptr),
   mListener(nullptr),
@@ -990,41 +989,16 @@ imgRequestProxy::AdjustPriority(int32_t 
   // We don't require |!mCanceled| here. This may be called even if we're
   // cancelled, because it's invoked as part of the process of removing an image
   // from the load group.
   NS_ENSURE_STATE(GetOwner());
   GetOwner()->AdjustPriority(this, priority);
   return NS_OK;
 }
 
-/** nsISecurityInfoProvider methods **/
-
-NS_IMETHODIMP
-imgRequestProxy::GetSecurityInfo(nsISupports** _retval)
-{
-  if (GetOwner()) {
-    return GetOwner()->GetSecurityInfo(_retval);
-  }
-
-  *_retval = nullptr;
-  return NS_OK;
-}
-
-NS_IMETHODIMP
-imgRequestProxy::GetHasTransferredData(bool* hasData)
-{
-  if (GetOwner()) {
-    *hasData = GetOwner()->HasTransferredData();
-  } else {
-    // The safe thing to do is to claim we have data
-    *hasData = true;
-  }
-  return NS_OK;
-}
-
 static const char*
 NotificationTypeToString(int32_t aType)
 {
   switch(aType)
   {
     case imgINotificationObserver::SIZE_AVAILABLE: return "SIZE_AVAILABLE";
     case imgINotificationObserver::FRAME_UPDATE: return "FRAME_UPDATE";
     case imgINotificationObserver::FRAME_COMPLETE: return "FRAME_COMPLETE";
--- a/image/imgRequestProxy.h
+++ b/image/imgRequestProxy.h
@@ -3,17 +3,16 @@
  * This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #ifndef mozilla_image_imgRequestProxy_h
 #define mozilla_image_imgRequestProxy_h
 
 #include "imgIRequest.h"
-#include "nsISecurityInfoProvider.h"
 
 #include "nsILoadGroup.h"
 #include "nsISupportsPriority.h"
 #include "nsITimedChannel.h"
 #include "nsCOMPtr.h"
 #include "nsThreadUtils.h"
 #include "mozilla/TimeStamp.h"
 #include "mozilla/UniquePtr.h"
@@ -44,32 +43,30 @@ namespace image {
 class Image;
 class ProgressTracker;
 } // namespace image
 } // namespace mozilla
 
 class imgRequestProxy : public imgIRequest,
                         public mozilla::image::IProgressObserver,
                         public nsISupportsPriority,
-                        public nsISecurityInfoProvider,
                         public nsITimedChannel
 {
 protected:
   virtual ~imgRequestProxy();
 
 public:
   typedef mozilla::image::Image Image;
   typedef mozilla::image::ProgressTracker ProgressTracker;
 
   MOZ_DECLARE_REFCOUNTED_TYPENAME(imgRequestProxy)
   NS_DECL_ISUPPORTS
   NS_DECL_IMGIREQUEST
   NS_DECL_NSIREQUEST
   NS_DECL_NSISUPPORTSPRIORITY
-  NS_DECL_NSISECURITYINFOPROVIDER
   // nsITimedChannel declared below
 
   imgRequestProxy();
 
   // Callers to Init or ChangeOwner are required to call NotifyListener after
   // (although not immediately after) doing so.
   nsresult Init(imgRequest* aOwner,
                 nsILoadGroup* aLoadGroup,
--- a/netwerk/base/moz.build
+++ b/netwerk/base/moz.build
@@ -92,17 +92,16 @@ XPIDL_SOURCES += [
     'nsIRequest.idl',
     'nsIRequestContext.idl',
     'nsIRequestObserver.idl',
     'nsIRequestObserverProxy.idl',
     'nsIResumableChannel.idl',
     'nsISecCheckWrapChannel.idl',
     'nsISecureBrowserUI.idl',
     'nsISecurityEventSink.idl',
-    'nsISecurityInfoProvider.idl',
     'nsISensitiveInfoHiddenURI.idl',
     'nsISerializationHelper.idl',
     'nsIServerSocket.idl',
     'nsISimpleStreamListener.idl',
     'nsISocketFilter.idl',
     'nsISocketTransport.idl',
     'nsISocketTransportService.idl',
     'nsISpeculativeConnect.idl',
deleted file mode 100644
--- a/netwerk/base/nsISecurityInfoProvider.idl
+++ /dev/null
@@ -1,21 +0,0 @@
-/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
- 
-#include "nsISupports.idl"
-
-[scriptable, uuid(b8cc9126-9319-4415-afd9-b82220d453ed)]
-interface nsISecurityInfoProvider : nsISupports
-{
-  /**
-   * The security info for this provider, if any.
-   */
-  readonly attribute nsISupports securityInfo;
-
-  /**
-   * Whether this provider has transferred data.  If it hasn't, its
-   * security info should be ignored.
-   */
-  readonly attribute boolean hasTransferredData;
-};
--- a/netwerk/protocol/http/HttpChannelChild.cpp
+++ b/netwerk/protocol/http/HttpChannelChild.cpp
@@ -289,17 +289,16 @@ NS_INTERFACE_MAP_BEGIN(HttpChannelChild)
   NS_INTERFACE_MAP_ENTRY(nsIClassOfService)
   NS_INTERFACE_MAP_ENTRY(nsIProxiedChannel)
   NS_INTERFACE_MAP_ENTRY(nsITraceableChannel)
   NS_INTERFACE_MAP_ENTRY(nsIApplicationCacheContainer)
   NS_INTERFACE_MAP_ENTRY(nsIApplicationCacheChannel)
   NS_INTERFACE_MAP_ENTRY(nsIAsyncVerifyRedirectCallback)
   NS_INTERFACE_MAP_ENTRY(nsIChildChannel)
   NS_INTERFACE_MAP_ENTRY(nsIHttpChannelChild)
-  NS_INTERFACE_MAP_ENTRY_CONDITIONAL(nsIAssociatedContentSecurity, GetAssociatedContentSecurity())
   NS_INTERFACE_MAP_ENTRY(nsIDivertableChannel)
   NS_INTERFACE_MAP_ENTRY(nsIThreadRetargetableRequest)
   NS_INTERFACE_MAP_ENTRY_CONCRETE(HttpChannelChild)
 NS_INTERFACE_MAP_END_INHERITING(HttpBaseChannel)
 
 //-----------------------------------------------------------------------------
 // HttpChannelChild::PHttpChannelChild
 //-----------------------------------------------------------------------------
@@ -3472,98 +3471,16 @@ HttpChannelChild::SetChooseApplicationCa
 NS_IMETHODIMP
 HttpChannelChild::MarkOfflineCacheEntryAsForeign()
 {
   SendMarkOfflineCacheEntryAsForeign();
   return NS_OK;
 }
 
 //-----------------------------------------------------------------------------
-// HttpChannelChild::nsIAssociatedContentSecurity
-//-----------------------------------------------------------------------------
-
-bool
-HttpChannelChild::GetAssociatedContentSecurity(
-                    nsIAssociatedContentSecurity** _result)
-{
-  if (!mSecurityInfo)
-    return false;
-
-  nsCOMPtr<nsIAssociatedContentSecurity> assoc =
-      do_QueryInterface(mSecurityInfo);
-  if (!assoc)
-    return false;
-
-  if (_result)
-    assoc.forget(_result);
-  return true;
-}
-
-NS_IMETHODIMP
-HttpChannelChild::GetCountSubRequestsBrokenSecurity(
-                    int32_t *aSubRequestsBrokenSecurity)
-{
-  nsCOMPtr<nsIAssociatedContentSecurity> assoc;
-  if (!GetAssociatedContentSecurity(getter_AddRefs(assoc)))
-    return NS_OK;
-
-  return assoc->GetCountSubRequestsBrokenSecurity(aSubRequestsBrokenSecurity);
-}
-NS_IMETHODIMP
-HttpChannelChild::SetCountSubRequestsBrokenSecurity(
-                    int32_t aSubRequestsBrokenSecurity)
-{
-  nsCOMPtr<nsIAssociatedContentSecurity> assoc;
-  if (!GetAssociatedContentSecurity(getter_AddRefs(assoc)))
-    return NS_OK;
-
-  return assoc->SetCountSubRequestsBrokenSecurity(aSubRequestsBrokenSecurity);
-}
-
-NS_IMETHODIMP
-HttpChannelChild::GetCountSubRequestsNoSecurity(int32_t *aSubRequestsNoSecurity)
-{
-  nsCOMPtr<nsIAssociatedContentSecurity> assoc;
-  if (!GetAssociatedContentSecurity(getter_AddRefs(assoc)))
-    return NS_OK;
-
-  return assoc->GetCountSubRequestsNoSecurity(aSubRequestsNoSecurity);
-}
-NS_IMETHODIMP
-HttpChannelChild::SetCountSubRequestsNoSecurity(int32_t aSubRequestsNoSecurity)
-{
-  nsCOMPtr<nsIAssociatedContentSecurity> assoc;
-  if (!GetAssociatedContentSecurity(getter_AddRefs(assoc)))
-    return NS_OK;
-
-  return assoc->SetCountSubRequestsNoSecurity(aSubRequestsNoSecurity);
-}
-
-NS_IMETHODIMP
-HttpChannelChild::Flush()
-{
-  nsCOMPtr<nsIAssociatedContentSecurity> assoc;
-  if (!GetAssociatedContentSecurity(getter_AddRefs(assoc)))
-    return NS_OK;
-
-  nsresult rv;
-  int32_t broken, no;
-
-  rv = assoc->GetCountSubRequestsBrokenSecurity(&broken);
-  NS_ENSURE_SUCCESS(rv, rv);
-  rv = assoc->GetCountSubRequestsNoSecurity(&no);
-  NS_ENSURE_SUCCESS(rv, rv);
-
-  if (mIPCOpen)
-    SendUpdateAssociatedContentSecurity(broken, no);
-
-  return NS_OK;
-}
-
-//-----------------------------------------------------------------------------
 // HttpChannelChild::nsIHttpChannelChild
 //-----------------------------------------------------------------------------
 
 NS_IMETHODIMP HttpChannelChild::AddCookiesToRequest()
 {
   HttpBaseChannel::AddCookiesToRequest();
   return NS_OK;
 }
--- a/netwerk/protocol/http/HttpChannelChild.h
+++ b/netwerk/protocol/http/HttpChannelChild.h
@@ -23,17 +23,16 @@
 #include "nsIProgressEventSink.h"
 #include "nsICacheInfoChannel.h"
 #include "nsIApplicationCache.h"
 #include "nsIApplicationCacheChannel.h"
 #include "nsIUploadChannel2.h"
 #include "nsIResumableChannel.h"
 #include "nsIProxiedChannel.h"
 #include "nsIAsyncVerifyRedirectCallback.h"
-#include "nsIAssociatedContentSecurity.h"
 #include "nsIChildChannel.h"
 #include "nsIHttpChannelChild.h"
 #include "nsIDivertableChannel.h"
 #include "nsIThreadRetargetableRequest.h"
 #include "mozilla/net/DNS.h"
 
 using mozilla::Telemetry::LABELS_HTTP_CHILD_OMT_STATS;
 
@@ -55,32 +54,30 @@ class SyntheticDiversionListener;
 
 class HttpChannelChild final : public PHttpChannelChild
                              , public HttpBaseChannel
                              , public HttpAsyncAborter<HttpChannelChild>
                              , public nsICacheInfoChannel
                              , public nsIProxiedChannel
                              , public nsIApplicationCacheChannel
                              , public nsIAsyncVerifyRedirectCallback
-                             , public nsIAssociatedContentSecurity
                              , public nsIChildChannel
                              , public nsIHttpChannelChild
                              , public nsIDivertableChannel
                              , public nsIThreadRetargetableRequest
                              , public NeckoTargetHolder
 {
   virtual ~HttpChannelChild();
 public:
   NS_DECL_ISUPPORTS_INHERITED
   NS_DECL_NSICACHEINFOCHANNEL
   NS_DECL_NSIPROXIEDCHANNEL
   NS_DECL_NSIAPPLICATIONCACHECONTAINER
   NS_DECL_NSIAPPLICATIONCACHECHANNEL
   NS_DECL_NSIASYNCVERIFYREDIRECTCALLBACK
-  NS_DECL_NSIASSOCIATEDCONTENTSECURITY
   NS_DECL_NSICHILDCHANNEL
   NS_DECL_NSIHTTPCHANNELCHILD
   NS_DECL_NSIDIVERTABLECHANNEL
   NS_DECL_NSITHREADRETARGETABLEREQUEST
   NS_DECLARE_STATIC_IID_ACCESSOR(HTTP_CHANNEL_CHILD_IID)
 
   HttpChannelChild();
 
@@ -182,18 +179,16 @@ protected:
   mozilla::ipc::IPCResult RecvAttachStreamFilter(Endpoint<extensions::PStreamFilterParent>&& aEndpoint) override;
 
   mozilla::ipc::IPCResult RecvCancelDiversion() override;
 
   mozilla::ipc::IPCResult RecvCancelRedirected() override;
 
   virtual void ActorDestroy(ActorDestroyReason aWhy) override;
 
-  MOZ_MUST_USE bool
-  GetAssociatedContentSecurity(nsIAssociatedContentSecurity** res = nullptr);
   virtual void DoNotifyListenerCleanup() override;
 
   virtual void DoAsyncAbort(nsresult aStatus) override;
 
   nsresult
   AsyncCall(void (HttpChannelChild::*funcPtr)(),
             nsRunnableMethod<HttpChannelChild> **retval = nullptr) override {
     // Normally, this method would just be implemented directly, but clang
--- a/netwerk/protocol/http/HttpChannelParent.cpp
+++ b/netwerk/protocol/http/HttpChannelParent.cpp
@@ -24,17 +24,16 @@
 #include "nsHttpHandler.h"
 #include "nsNetCID.h"
 #include "nsNetUtil.h"
 #include "nsISupportsPriority.h"
 #include "nsIAuthPromptProvider.h"
 #include "nsIBackgroundChannelRegistrar.h"
 #include "nsSerializationHelper.h"
 #include "nsISerializable.h"
-#include "nsIAssociatedContentSecurity.h"
 #include "nsIApplicationCacheService.h"
 #include "mozilla/ipc/InputStreamUtils.h"
 #include "mozilla/ipc/URIUtils.h"
 #include "SerializedLoadContext.h"
 #include "nsIAuthInformation.h"
 #include "nsIAuthPromptCallback.h"
 #include "nsIContentPolicy.h"
 #include "mozilla/ipc/BackgroundUtils.h"
@@ -874,27 +873,16 @@ mozilla::ipc::IPCResult
 HttpChannelParent::RecvSetCacheTokenCachedCharset(const nsCString& charset)
 {
   if (mCacheEntry)
     mCacheEntry->SetMetaDataElement("charset", charset.get());
   return IPC_OK();
 }
 
 mozilla::ipc::IPCResult
-HttpChannelParent::RecvUpdateAssociatedContentSecurity(const int32_t& broken,
-                                                       const int32_t& no)
-{
-  if (mAssociatedContentSecurity) {
-    mAssociatedContentSecurity->SetCountSubRequestsBrokenSecurity(broken);
-    mAssociatedContentSecurity->SetCountSubRequestsNoSecurity(no);
-  }
-  return IPC_OK();
-}
-
-mozilla::ipc::IPCResult
 HttpChannelParent::RecvRedirect2Verify(const nsresult& aResult,
                                        const RequestHeaderTuples& changedHeaders,
                                        const ChildLoadInfoForwarderArgs& aLoadInfoForwarder,
                                        const uint32_t& loadFlags,
                                        const uint32_t& referrerPolicy,
                                        const OptionalURIParams& aReferrerURI,
                                        const OptionalURIParams& aAPIRedirectURI,
                                        const OptionalCorsPreflightArgs& aCorsPreflightArgs,
@@ -1066,17 +1054,16 @@ HttpChannelParent::ContinueRedirect2Veri
     mRedirectCallback->OnRedirectVerifyCallback(aResult);
     mRedirectCallback = nullptr;
   }
 }
 
 mozilla::ipc::IPCResult
 HttpChannelParent::RecvDocumentChannelCleanup(const bool& clearCacheEntry)
 {
-  // From now on only using mAssociatedContentSecurity.  Free everything else.
   CleanupBackgroundChannel(); // Background channel can be closed.
   mChannel = nullptr;          // Reclaim some memory sooner.
   if (clearCacheEntry) {
     mCacheEntry = nullptr;  // Else we'll block other channels reading same URI
   }
   return IPC_OK();
 }
 
@@ -2393,17 +2380,16 @@ HttpChannelParent::GetAuthPrompt(uint32_
 }
 
 void
 HttpChannelParent::UpdateAndSerializeSecurityInfo(nsACString& aSerializedSecurityInfoOut)
 {
   nsCOMPtr<nsISupports> secInfoSupp;
   mChannel->GetSecurityInfo(getter_AddRefs(secInfoSupp));
   if (secInfoSupp) {
-    mAssociatedContentSecurity = do_QueryInterface(secInfoSupp);
     nsCOMPtr<nsISerializable> secInfoSer = do_QueryInterface(secInfoSupp);
     if (secInfoSer) {
       NS_SerializeToString(secInfoSer, aSerializedSecurityInfoOut);
     }
   }
 }
 
 bool
--- a/netwerk/protocol/http/HttpChannelParent.h
+++ b/netwerk/protocol/http/HttpChannelParent.h
@@ -18,17 +18,16 @@
 #include "nsIParentRedirectingChannel.h"
 #include "nsIProgressEventSink.h"
 #include "nsHttpChannel.h"
 #include "nsIAuthPromptProvider.h"
 #include "mozilla/dom/ipc/IdType.h"
 #include "nsIDeprecationWarner.h"
 
 class nsICacheEntry;
-class nsIAssociatedContentSecurity;
 
 #define HTTP_CHANNEL_PARENT_IID \
   { 0x982b2372, 0x7aa5, 0x4e8a, \
       { 0xbd, 0x9f, 0x89, 0x74, 0xd7, 0xf0, 0x58, 0xeb } }
 
 namespace mozilla {
 
 namespace dom{
@@ -195,18 +194,16 @@ protected:
                                                       const RequestHeaderTuples& changedHeaders,
                                                       const ChildLoadInfoForwarderArgs& aLoadInfoForwarder,
                                                       const uint32_t& loadFlags,
                                                       const uint32_t& referrerPolicy,
                                                       const OptionalURIParams& aReferrerURI,
                                                       const OptionalURIParams& apiRedirectUri,
                                                       const OptionalCorsPreflightArgs& aCorsPreflightArgs,
                                                       const bool& aChooseAppcache) override;
-  virtual mozilla::ipc::IPCResult RecvUpdateAssociatedContentSecurity(const int32_t& broken,
-                                                   const int32_t& no) override;
   virtual mozilla::ipc::IPCResult RecvDocumentChannelCleanup(const bool& clearCacheEntry) override;
   virtual mozilla::ipc::IPCResult RecvMarkOfflineCacheEntryAsForeign() override;
   virtual mozilla::ipc::IPCResult RecvDivertOnDataAvailable(const nsCString& data,
                                          const uint64_t& offset,
                                          const uint32_t& count) override;
   virtual mozilla::ipc::IPCResult RecvDivertOnStopRequest(const nsresult& statusCode) override;
   virtual mozilla::ipc::IPCResult RecvDivertComplete() override;
   virtual mozilla::ipc::IPCResult RecvCrossProcessRedirectDone(const nsresult& aResult) override;
@@ -274,17 +271,16 @@ private:
 
   friend class HttpBackgroundChannelParent;
   friend class DivertDataAvailableEvent;
   friend class DivertStopRequestEvent;
   friend class DivertCompleteEvent;
 
   RefPtr<HttpBaseChannel>       mChannel;
   nsCOMPtr<nsICacheEntry>       mCacheEntry;
-  nsCOMPtr<nsIAssociatedContentSecurity>  mAssociatedContentSecurity;
 
   nsCOMPtr<nsIChannel> mRedirectChannel;
   nsCOMPtr<nsIAsyncVerifyRedirectCallback> mRedirectCallback;
 
   nsAutoPtr<class nsHttpChannel::OfflineCacheEntryAsForeignMarker> mOfflineForeignMarker;
   nsCOMPtr<nsILoadContext> mLoadContext;
   RefPtr<nsHttpHandler>  mHttpHandler;
 
--- a/netwerk/protocol/http/PHttpChannel.ipdl
+++ b/netwerk/protocol/http/PHttpChannel.ipdl
@@ -30,18 +30,16 @@ protocol PHttpChannel
 parent:
   // Note: channels are opened during construction, so no open method here:
   // see PNecko.ipdl
 
   async SetClassOfService(uint32_t cos);
 
   async SetCacheTokenCachedCharset(nsCString charset);
 
-  async UpdateAssociatedContentSecurity(int32_t broken,
-                                        int32_t no);
   async Suspend();
   async Resume();
 
   async Cancel(nsresult status);
 
   // Reports approval/veto of redirect by child process redirect observers
   async Redirect2Verify(nsresult result, RequestHeaderTuples changedHeaders,
                         ChildLoadInfoForwarderArgs loadInfoForwarder,
--- a/security/manager/ssl/TransportSecurityInfo.cpp
+++ b/security/manager/ssl/TransportSecurityInfo.cpp
@@ -49,27 +49,24 @@ TransportSecurityInfo::TransportSecurity
   , mIsNotValidAtThisTime(false)
   , mIsUntrusted(false)
   , mIsEV(false)
   , mHasIsEVStatus(false)
   , mHaveCipherSuiteAndProtocol(false)
   , mHaveCertErrorBits(false)
   , mMutex("TransportSecurityInfo::mMutex")
   , mSecurityState(nsIWebProgressListener::STATE_IS_INSECURE)
-  , mSubRequestsBrokenSecurity(0)
-  , mSubRequestsNoSecurity(0)
   , mErrorCode(0)
   , mPort(0)
 {
 }
 
 NS_IMPL_ISUPPORTS(TransportSecurityInfo,
                   nsITransportSecurityInfo,
                   nsIInterfaceRequestor,
-                  nsIAssociatedContentSecurity,
                   nsISerializable,
                   nsIClassInfo)
 
 void
 TransportSecurityInfo::SetHostName(const char* host)
 {
   mHostName.Assign(host);
 }
@@ -113,54 +110,16 @@ TransportSecurityInfo::GetSecurityState(
 
 void
 TransportSecurityInfo::SetSecurityState(uint32_t aState)
 {
   mSecurityState = aState;
 }
 
 NS_IMETHODIMP
-TransportSecurityInfo::GetCountSubRequestsBrokenSecurity(
-  int32_t *aSubRequestsBrokenSecurity)
-{
-  *aSubRequestsBrokenSecurity = mSubRequestsBrokenSecurity;
-  return NS_OK;
-}
-
-NS_IMETHODIMP
-TransportSecurityInfo::SetCountSubRequestsBrokenSecurity(
-  int32_t aSubRequestsBrokenSecurity)
-{
-  mSubRequestsBrokenSecurity = aSubRequestsBrokenSecurity;
-  return NS_OK;
-}
-
-NS_IMETHODIMP
-TransportSecurityInfo::GetCountSubRequestsNoSecurity(
-  int32_t *aSubRequestsNoSecurity)
-{
-  *aSubRequestsNoSecurity = mSubRequestsNoSecurity;
-  return NS_OK;
-}
-
-NS_IMETHODIMP
-TransportSecurityInfo::SetCountSubRequestsNoSecurity(
-  int32_t aSubRequestsNoSecurity)
-{
-  mSubRequestsNoSecurity = aSubRequestsNoSecurity;
-  return NS_OK;
-}
-
-NS_IMETHODIMP
-TransportSecurityInfo::Flush()
-{
-  return NS_OK;
-}
-
-NS_IMETHODIMP
 TransportSecurityInfo::GetErrorCodeString(nsAString& aErrorString)
 {
   MutexAutoLock lock(mMutex);
 
   const char* codeName = PR_ErrorToName(mErrorCode);
   aErrorString.Truncate();
   if (codeName) {
     aErrorString = NS_ConvertASCIItoUTF16(codeName);
@@ -204,21 +163,23 @@ TransportSecurityInfo::Write(nsIObjectOu
   }
 
   MutexAutoLock lock(mMutex);
 
   rv = aStream->Write32(mSecurityState);
   if (NS_FAILED(rv)) {
     return rv;
   }
-  rv = aStream->Write32(mSubRequestsBrokenSecurity);
+  // mSubRequestsBrokenSecurity was removed in bug 748809
+  rv = aStream->Write32(0);
   if (NS_FAILED(rv)) {
     return rv;
   }
-  rv = aStream->Write32(mSubRequestsNoSecurity);
+  // mSubRequestsNoSecurity was removed in bug 748809
+  rv = aStream->Write32(0);
   if (NS_FAILED(rv)) {
     return rv;
   }
   rv = aStream->Write32(static_cast<uint32_t>(mErrorCode));
   if (NS_FAILED(rv)) {
     return rv;
   }
 
@@ -406,36 +367,28 @@ TransportSecurityInfo::Read(nsIObjectInp
   }
 
   MutexAutoLock lock(mMutex);
 
   rv = aStream->Read32(&mSecurityState);
   if (NS_FAILED(rv)) {
     return rv;
   }
-  uint32_t subRequestsBrokenSecurity;
-  rv = aStream->Read32(&subRequestsBrokenSecurity);
+  // mSubRequestsBrokenSecurity was removed in bug 748809
+  uint32_t unusedSubRequestsBrokenSecurity;
+  rv = aStream->Read32(&unusedSubRequestsBrokenSecurity);
   if (NS_FAILED(rv)) {
     return rv;
   }
-  if (subRequestsBrokenSecurity >
-      static_cast<uint32_t>(std::numeric_limits<int32_t>::max())) {
-    return NS_ERROR_UNEXPECTED;
-  }
-  mSubRequestsBrokenSecurity = subRequestsBrokenSecurity;
-  uint32_t subRequestsNoSecurity;
-  rv = aStream->Read32(&subRequestsNoSecurity);
+  // mSubRequestsNoSecurity was removed in bug 748809
+  uint32_t unusedSubRequestsNoSecurity;
+  rv = aStream->Read32(&unusedSubRequestsNoSecurity);
   if (NS_FAILED(rv)) {
     return rv;
   }
-  if (subRequestsNoSecurity >
-        static_cast<uint32_t>(std::numeric_limits<int32_t>::max())) {
-    return NS_ERROR_UNEXPECTED;
-  }
-  mSubRequestsNoSecurity = subRequestsNoSecurity;
   uint32_t errorCode;
   rv = aStream->Read32(&errorCode);
   if (NS_FAILED(rv)) {
     return rv;
   }
   // PRErrorCode will be a negative value
   mErrorCode = static_cast<PRErrorCode>(errorCode);
 
--- a/security/manager/ssl/TransportSecurityInfo.h
+++ b/security/manager/ssl/TransportSecurityInfo.h
@@ -10,46 +10,43 @@
 #include "CertVerifier.h" // For CertificateTransparencyInfo
 #include "ScopedNSSTypes.h"
 #include "certt.h"
 #include "mozilla/Assertions.h"
 #include "mozilla/BasePrincipal.h"
 #include "mozilla/Mutex.h"
 #include "mozilla/RefPtr.h"
 #include "nsDataHashtable.h"
-#include "nsIAssociatedContentSecurity.h"
 #include "nsIClassInfo.h"
 #include "nsIInterfaceRequestor.h"
 #include "nsITransportSecurityInfo.h"
 #include "nsNSSCertificate.h"
 #include "nsString.h"
 #include "pkix/pkixtypes.h"
 
 namespace mozilla { namespace psm {
 
 enum class EVStatus {
   NotEV = 0,
   EV = 1,
 };
 
 class TransportSecurityInfo : public nsITransportSecurityInfo
                             , public nsIInterfaceRequestor
-                            , public nsIAssociatedContentSecurity
                             , public nsISerializable
                             , public nsIClassInfo
 {
 protected:
   virtual ~TransportSecurityInfo() {}
 public:
   TransportSecurityInfo();
 
   NS_DECL_THREADSAFE_ISUPPORTS
   NS_DECL_NSITRANSPORTSECURITYINFO
   NS_DECL_NSIINTERFACEREQUESTOR
-  NS_DECL_NSIASSOCIATEDCONTENTSECURITY
   NS_DECL_NSISERIALIZABLE
   NS_DECL_NSICLASSINFO
 
   void SetSecurityState(uint32_t aState);
 
   inline int32_t GetErrorCode()
   {
     int32_t result;
@@ -108,18 +105,16 @@ public:
 private:
   mutable ::mozilla::Mutex mMutex;
 
 protected:
   nsCOMPtr<nsIInterfaceRequestor> mCallbacks;
 
 private:
   uint32_t mSecurityState;
-  int32_t mSubRequestsBrokenSecurity;
-  int32_t mSubRequestsNoSecurity;
 
   PRErrorCode mErrorCode;
 
   int32_t mPort;
   nsCString mHostName;
   OriginAttributes mOriginAttributes;
 
   nsCOMPtr<nsIX509Cert> mServerCert;
--- a/security/manager/ssl/moz.build
+++ b/security/manager/ssl/moz.build
@@ -5,17 +5,16 @@
 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
 
 TEST_DIRS += [ 'tests' ]
 
 XPIDL_SOURCES += [
     'nsIASN1Object.idl',
     'nsIASN1PrintableItem.idl',
     'nsIASN1Sequence.idl',
-    'nsIAssociatedContentSecurity.idl',
     'nsIBadCertListener2.idl',
     'nsICertBlocklist.idl',
     'nsICertificateDialogs.idl',
     'nsICertOverrideService.idl',
     'nsIClientAuthDialogs.idl',
     'nsIContentSignatureVerifier.idl',
     'nsICryptoHash.idl',
     'nsICryptoHMAC.idl',
deleted file mode 100644
--- a/security/manager/ssl/nsIAssociatedContentSecurity.idl
+++ /dev/null
@@ -1,23 +0,0 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-/**
- * This interface is used to cache associated (sub) content security
- * state. That is determined asynchronously based on callback notification
- * while loading the content and its sub content particles. 
- *
- * Some optimizations like bfcaching removes these callback notifications
- * and therefor the subcontent state could not be determined. In such
- * a case it is loaded from this object stored in nsIChannel.securityInfo.
- */
-
-#include "nsISupports.idl"
-
-[scriptable, uuid(a8285dae-f125-454f-9d1b-089e3f01b2c4)]
-interface nsIAssociatedContentSecurity : nsISupports
-{
-  attribute long countSubRequestsBrokenSecurity;
-  attribute long countSubRequestsNoSecurity;
-  void flush();
-};