Bug 1310127 - Part 1: Use MOZ_MUST_USE in netwerk/protocol/http r=mcmanus
authorWei-Cheng Pan <wpan@mozilla.com>
Tue, 27 Dec 2016 15:22:07 +0800
changeset 346155 c78d25d4024d42d2d85f1fa5c7d3aefdb0026f09
parent 346154 796677a72f952b544c6f90a5b5d3b71930246b38
child 346156 2b04c29e7c67e87c8d3dde9b1b9986d43f9b99d7
push id31459
push usercbook@mozilla.com
push dateTue, 07 Mar 2017 14:05:14 +0000
treeherdermozilla-central@1fb56ba248d5 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmcmanus
bugs1310127
milestone54.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1310127 - Part 1: Use MOZ_MUST_USE in netwerk/protocol/http r=mcmanus Add MOZ_MUST_USE attirbute to headers and idl files. MozReview-Commit-ID: 7nZQlZoDrv2
netwerk/protocol/http/ASpdySession.h
netwerk/protocol/http/CacheControlParser.h
netwerk/protocol/http/Http2Compression.h
netwerk/protocol/http/Http2Push.h
netwerk/protocol/http/Http2Session.h
netwerk/protocol/http/Http2Stream.h
netwerk/protocol/http/HttpBaseChannel.h
netwerk/protocol/http/HttpChannelChild.h
netwerk/protocol/http/HttpChannelParent.h
netwerk/protocol/http/HttpChannelParentListener.h
netwerk/protocol/http/InterceptedChannel.h
netwerk/protocol/http/NullHttpChannel.h
netwerk/protocol/http/NullHttpTransaction.h
netwerk/protocol/http/PSpdyPush.h
netwerk/protocol/http/TunnelUtils.h
netwerk/protocol/http/nsAHttpConnection.h
netwerk/protocol/http/nsAHttpTransaction.h
netwerk/protocol/http/nsCORSListenerProxy.h
netwerk/protocol/http/nsHttp.h
netwerk/protocol/http/nsHttpAuthCache.h
netwerk/protocol/http/nsHttpAuthManager.h
netwerk/protocol/http/nsHttpChannel.h
netwerk/protocol/http/nsHttpChannelAuthProvider.h
netwerk/protocol/http/nsHttpChunkedDecoder.h
netwerk/protocol/http/nsHttpConnection.h
netwerk/protocol/http/nsHttpConnectionInfo.h
netwerk/protocol/http/nsHttpConnectionMgr.h
netwerk/protocol/http/nsHttpDigestAuth.h
netwerk/protocol/http/nsHttpHandler.h
netwerk/protocol/http/nsHttpHeaderArray.h
netwerk/protocol/http/nsHttpRequestHead.h
netwerk/protocol/http/nsHttpResponseHead.h
netwerk/protocol/http/nsHttpTransaction.h
netwerk/protocol/http/nsIHstsPrimingCallback.idl
netwerk/protocol/http/nsIHttpActivityObserver.idl
netwerk/protocol/http/nsIHttpAuthManager.idl
netwerk/protocol/http/nsIHttpAuthenticableChannel.idl
netwerk/protocol/http/nsIHttpAuthenticator.idl
netwerk/protocol/http/nsIHttpChannel.idl
netwerk/protocol/http/nsIHttpChannelAuthProvider.idl
netwerk/protocol/http/nsIHttpChannelChild.idl
netwerk/protocol/http/nsIHttpChannelInternal.idl
netwerk/protocol/http/nsIHttpEventSink.idl
netwerk/protocol/http/nsIHttpHeaderVisitor.idl
netwerk/protocol/http/nsIHttpProtocolHandler.idl
netwerk/protocol/http/nsIWellKnownOpportunisticUtils.idl
--- a/netwerk/protocol/http/ASpdySession.h
+++ b/netwerk/protocol/http/ASpdySession.h
@@ -16,18 +16,18 @@ class nsISocketTransport;
 namespace mozilla { namespace net {
 
 class ASpdySession : public nsAHttpTransaction
 {
 public:
   ASpdySession();
   virtual ~ASpdySession();
 
-  virtual bool AddStream(nsAHttpTransaction *, int32_t,
-                         bool, nsIInterfaceRequestor *) = 0;
+  virtual MOZ_MUST_USE bool
+  AddStream(nsAHttpTransaction *, int32_t, bool, nsIInterfaceRequestor *) = 0;
   virtual bool CanReuse() = 0;
   virtual bool RoomForMoreStreams() = 0;
   virtual PRIntervalTime IdleTime() = 0;
   virtual uint32_t ReadTimeoutTick(PRIntervalTime now) = 0;
   virtual void DontReuse() = 0;
   virtual uint32_t SpdyVersion() = 0;
 
   static ASpdySession *NewSpdySession(uint32_t version, nsISocketTransport *, bool);
@@ -95,17 +95,17 @@ class SpdyInformation
 public:
   SpdyInformation();
   ~SpdyInformation() {}
 
   static const uint32_t kCount = 1;
 
   // determine the index (0..kCount-1) of the spdy information that
   // correlates to the npn string. NS_FAILED() if no match is found.
-  nsresult GetNPNIndex(const nsACString &npnString, uint32_t *result) const;
+  MOZ_MUST_USE nsresult GetNPNIndex(const nsACString &npnString, uint32_t *result) const;
 
   // determine if a version of the protocol is enabled for index < kCount
   bool ProtocolEnabled(uint32_t index) const;
 
   uint8_t   Version[kCount]; // telemetry enum e.g. SPDY_VERSION_31
   nsCString VersionString[kCount]; // npn string e.g. "spdy/3.1"
 
   // the ALPNCallback function allows the protocol stack to decide whether or
--- a/netwerk/protocol/http/CacheControlParser.h
+++ b/netwerk/protocol/http/CacheControlParser.h
@@ -12,26 +12,26 @@
 namespace mozilla {
 namespace net {
 
 class CacheControlParser final : Tokenizer
 {
 public:
   explicit CacheControlParser(nsACString const &header);
 
-  bool MaxAge(uint32_t *seconds);
-  bool MaxStale(uint32_t *seconds);
-  bool MinFresh(uint32_t *seconds);
+  MOZ_MUST_USE bool MaxAge(uint32_t *seconds);
+  MOZ_MUST_USE bool MaxStale(uint32_t *seconds);
+  MOZ_MUST_USE bool MinFresh(uint32_t *seconds);
   bool NoCache();
   bool NoStore();
 
 private:
   void Directive();
   void IgnoreDirective();
-  bool SecondsValue(uint32_t *seconds, uint32_t defaultVal = 0);
+  MOZ_MUST_USE bool SecondsValue(uint32_t *seconds, uint32_t defaultVal = 0);
 
   bool mMaxAgeSet;
   uint32_t mMaxAge;
   bool mMaxStaleSet;
   uint32_t mMaxStale;
   bool mMinFreshSet;
   uint32_t mMinFresh;
   bool mNoCache;
--- a/netwerk/protocol/http/Http2Compression.h
+++ b/netwerk/protocol/http/Http2Compression.h
@@ -102,45 +102,48 @@ public:
   Http2Decompressor()
   {
     mPeakSizeID = Telemetry::HPACK_PEAK_SIZE_DECOMPRESSOR;
     mPeakCountID = Telemetry::HPACK_PEAK_COUNT_DECOMPRESSOR;
   };
   virtual ~Http2Decompressor() { } ;
 
   // NS_OK: Produces the working set of HTTP/1 formatted headers
-  nsresult DecodeHeaderBlock(const uint8_t *data, uint32_t datalen,
-                             nsACString &output, bool isPush);
+  MOZ_MUST_USE nsresult DecodeHeaderBlock(const uint8_t *data,
+                                          uint32_t datalen, nsACString &output,
+                                          bool isPush);
 
   void GetStatus(nsACString &hdr) { hdr = mHeaderStatus; }
   void GetHost(nsACString &hdr) { hdr = mHeaderHost; }
   void GetScheme(nsACString &hdr) { hdr = mHeaderScheme; }
   void GetPath(nsACString &hdr) { hdr = mHeaderPath; }
   void GetMethod(nsACString &hdr) { hdr = mHeaderMethod; }
 
 private:
-  nsresult DoIndexed();
-  nsresult DoLiteralWithoutIndex();
-  nsresult DoLiteralWithIncremental();
-  nsresult DoLiteralInternal(nsACString &, nsACString &, uint32_t);
-  nsresult DoLiteralNeverIndexed();
-  nsresult DoContextUpdate();
+  MOZ_MUST_USE nsresult DoIndexed();
+  MOZ_MUST_USE nsresult DoLiteralWithoutIndex();
+  MOZ_MUST_USE nsresult DoLiteralWithIncremental();
+  MOZ_MUST_USE nsresult DoLiteralInternal(nsACString &, nsACString &, uint32_t);
+  MOZ_MUST_USE nsresult DoLiteralNeverIndexed();
+  MOZ_MUST_USE nsresult DoContextUpdate();
+
+  MOZ_MUST_USE nsresult DecodeInteger(uint32_t prefixLen, uint32_t &result);
+  MOZ_MUST_USE nsresult OutputHeader(uint32_t index);
+  MOZ_MUST_USE nsresult OutputHeader(const nsACString &name, const nsACString &value);
 
-  nsresult DecodeInteger(uint32_t prefixLen, uint32_t &result);
-  nsresult OutputHeader(uint32_t index);
-  nsresult OutputHeader(const nsACString &name, const nsACString &value);
-
-  nsresult CopyHeaderString(uint32_t index, nsACString &name);
-  nsresult CopyStringFromInput(uint32_t index, nsACString &val);
+  MOZ_MUST_USE nsresult CopyHeaderString(uint32_t index, nsACString &name);
+  MOZ_MUST_USE nsresult CopyStringFromInput(uint32_t index, nsACString &val);
   uint8_t ExtractByte(uint8_t bitsLeft, uint32_t &bytesConsumed);
-  nsresult CopyHuffmanStringFromInput(uint32_t index, nsACString &val);
-  nsresult DecodeHuffmanCharacter(const HuffmanIncomingTable *table, uint8_t &c,
-                                  uint32_t &bytesConsumed, uint8_t &bitsLeft);
-  nsresult DecodeFinalHuffmanCharacter(const HuffmanIncomingTable *table,
-                                       uint8_t &c, uint8_t &bitsLeft);
+  MOZ_MUST_USE nsresult CopyHuffmanStringFromInput(uint32_t index, nsACString &val);
+  MOZ_MUST_USE nsresult
+  DecodeHuffmanCharacter(const HuffmanIncomingTable *table, uint8_t &c,
+                         uint32_t &bytesConsumed, uint8_t &bitsLeft);
+  MOZ_MUST_USE nsresult
+  DecodeFinalHuffmanCharacter(const HuffmanIncomingTable *table, uint8_t &c,
+                              uint8_t &bitsLeft);
 
   nsCString mHeaderStatus;
   nsCString mHeaderHost;
   nsCString mHeaderScheme;
   nsCString mHeaderPath;
   nsCString mHeaderMethod;
 
   // state variables when DecodeBlock() is on the stack
@@ -161,20 +164,23 @@ public:
   {
     mPeakSizeID = Telemetry::HPACK_PEAK_SIZE_COMPRESSOR;
     mPeakCountID = Telemetry::HPACK_PEAK_COUNT_COMPRESSOR;
   };
   virtual ~Http2Compressor() { }
 
   // HTTP/1 formatted header block as input - HTTP/2 formatted
   // header block as output
-  nsresult EncodeHeaderBlock(const nsCString &nvInput,
-                             const nsACString &method, const nsACString &path,
-                             const nsACString &host, const nsACString &scheme,
-                             bool connectForm, nsACString &output);
+  MOZ_MUST_USE nsresult EncodeHeaderBlock(const nsCString &nvInput,
+                                          const nsACString &method,
+                                          const nsACString &path,
+                                          const nsACString &host,
+                                          const nsACString &scheme,
+                                          bool connectForm,
+                                          nsACString &output);
 
   int64_t GetParsedContentLength() { return mParsedContentLength; } // -1 on not found
 
   void SetMaxBufferSize(uint32_t maxBufferSize);
 
 private:
   enum outputCode {
     kNeverIndexedLiteral,
--- a/netwerk/protocol/http/Http2Push.h
+++ b/netwerk/protocol/http/Http2Push.h
@@ -36,36 +36,39 @@ public:
   virtual ~Http2PushedStream() {}
 
   bool GetPushComplete();
 
   // The consumer stream is the synthetic pull stream hooked up to this push
   virtual Http2Stream *GetConsumerStream() override { return mConsumerStream; };
 
   void SetConsumerStream(Http2Stream *aStream);
-  bool GetHashKey(nsCString &key);
+  MOZ_MUST_USE bool GetHashKey(nsCString &key);
 
   // override of Http2Stream
-  nsresult ReadSegments(nsAHttpSegmentReader *,  uint32_t, uint32_t *) override;
-  nsresult WriteSegments(nsAHttpSegmentWriter *, uint32_t, uint32_t *) override;
+  MOZ_MUST_USE nsresult ReadSegments(nsAHttpSegmentReader *,
+                                     uint32_t, uint32_t *) override;
+  MOZ_MUST_USE nsresult WriteSegments(nsAHttpSegmentWriter *,
+                                      uint32_t, uint32_t *) override;
   void AdjustInitialWindow() override;
 
   nsIRequestContext *RequestContext() override { return mRequestContext; };
   void ConnectPushedStream(Http2Stream *consumer);
 
-  bool TryOnPush();
-  static bool TestOnPush(Http2Stream *consumer);
+  MOZ_MUST_USE bool TryOnPush();
+  static MOZ_MUST_USE bool TestOnPush(Http2Stream *consumer);
 
   virtual bool DeferCleanup(nsresult status) override;
   void SetDeferCleanupOnSuccess(bool val) { mDeferCleanupOnSuccess = val; }
 
   bool IsOrphaned(TimeStamp now);
   void OnPushFailed() { mDeferCleanupOnPush = false; mOnPushFailed = true; }
 
-  nsresult GetBufferedData(char *buf, uint32_t count, uint32_t *countWritten);
+  MOZ_MUST_USE nsresult GetBufferedData(char *buf, uint32_t count,
+                                        uint32_t *countWritten);
 
   // overload of Http2Stream
   virtual bool HasSink() override { return !!mConsumerStream; }
 
   nsCString &GetRequestString() { return mRequestString; }
 
 private:
 
@@ -99,17 +102,18 @@ private:
 class Http2PushTransactionBuffer final : public nsAHttpTransaction
 {
 public:
   NS_DECL_ISUPPORTS
   NS_DECL_NSAHTTPTRANSACTION
 
   Http2PushTransactionBuffer();
 
-  nsresult GetBufferedData(char *buf, uint32_t count, uint32_t *countWritten);
+  MOZ_MUST_USE nsresult GetBufferedData(char *buf, uint32_t count,
+                                        uint32_t *countWritten);
   void SetPushStream(Http2PushedStream *stream) { mPushStream = stream; }
 
 private:
   virtual ~Http2PushTransactionBuffer();
 
   const static uint32_t kDefaultBufferSize = 4096;
 
   nsresult mStatus;
--- a/netwerk/protocol/http/Http2Session.h
+++ b/netwerk/protocol/http/Http2Session.h
@@ -40,18 +40,18 @@ public:
   NS_DECL_THREADSAFE_ISUPPORTS
   NS_DECL_NSAHTTPTRANSACTION
   NS_DECL_NSAHTTPCONNECTION(mConnection)
   NS_DECL_NSAHTTPSEGMENTREADER
   NS_DECL_NSAHTTPSEGMENTWRITER
 
  Http2Session(nsISocketTransport *, uint32_t version, bool attemptingEarlyData);
 
-  bool AddStream(nsAHttpTransaction *, int32_t,
-                 bool, nsIInterfaceRequestor *) override;
+  MOZ_MUST_USE bool AddStream(nsAHttpTransaction *, int32_t,
+                              bool, nsIInterfaceRequestor *) override;
   bool CanReuse() override { return !mShouldGoAway && !mClosed; }
   bool RoomForMoreStreams() override;
   uint32_t SpdyVersion() override;
 
   // When the connection is active this is called up to once every 1 second
   // return the interval (in seconds) that the connection next wants to
   // have this invoked. It might happen sooner depending on the needs of
   // other connections.
@@ -197,52 +197,53 @@ public:
   // overload of nsAHttpConnection
   void TransactionHasDataToWrite(nsAHttpTransaction *) override;
   void TransactionHasDataToRecv(nsAHttpTransaction *) override;
 
   // a similar version for Http2Stream
   void TransactionHasDataToWrite(Http2Stream *);
 
   // an overload of nsAHttpSegementReader
-  virtual nsresult CommitToSegmentSize(uint32_t size, bool forceCommitment) override;
-  nsresult BufferOutput(const char *, uint32_t, uint32_t *);
+  virtual MOZ_MUST_USE nsresult CommitToSegmentSize(uint32_t size,
+                                                    bool forceCommitment) override;
+  MOZ_MUST_USE nsresult BufferOutput(const char *, uint32_t, uint32_t *);
   void     FlushOutputQueue();
   uint32_t AmountOfOutputBuffered() { return mOutputQueueUsed - mOutputQueueSent; }
 
   uint32_t GetServerInitialStreamWindow() { return mServerInitialStreamWindow; }
 
-  bool TryToActivate(Http2Stream *stream);
+  MOZ_MUST_USE bool TryToActivate(Http2Stream *stream);
   void ConnectPushedStream(Http2Stream *stream);
   void ConnectSlowConsumer(Http2Stream *stream);
 
-  nsresult ConfirmTLSProfile();
-  static bool ALPNCallback(nsISupports *securityInfo);
+  MOZ_MUST_USE nsresult ConfirmTLSProfile();
+  static MOZ_MUST_USE bool ALPNCallback(nsISupports *securityInfo);
 
   uint64_t Serial() { return mSerial; }
 
   void PrintDiagnostics (nsCString &log) override;
 
   // Streams need access to these
   uint32_t SendingChunkSize() { return mSendingChunkSize; }
   uint32_t PushAllowance() { return mPushAllowance; }
   Http2Compressor *Compressor() { return &mCompressor; }
   nsISocketTransport *SocketTransport() { return mSocketTransport; }
   int64_t ServerSessionWindow() { return mServerSessionWindow; }
   void DecrementServerSessionWindow (uint32_t bytes) { mServerSessionWindow -= bytes; }
   uint32_t InitialRwin() { return mInitialRwin; }
 
   void SendPing() override;
-  bool MaybeReTunnel(nsAHttpTransaction *) override;
+  MOZ_MUST_USE bool MaybeReTunnel(nsAHttpTransaction *) override;
   bool UseH2Deps() { return mUseH2Deps; }
 
   // overload of nsAHttpTransaction
-  nsresult ReadSegmentsAgain(nsAHttpSegmentReader *, uint32_t, uint32_t *, bool *) override final;
-  nsresult WriteSegmentsAgain(nsAHttpSegmentWriter *, uint32_t , uint32_t *, bool *) override final;
-  bool Do0RTT() override final { return true; }
-  nsresult Finish0RTT(bool aRestart, bool aAlpnChanged) override final;
+  MOZ_MUST_USE nsresult ReadSegmentsAgain(nsAHttpSegmentReader *, uint32_t, uint32_t *, bool *) override final;
+  MOZ_MUST_USE nsresult WriteSegmentsAgain(nsAHttpSegmentWriter *, uint32_t , uint32_t *, bool *) override final;
+  MOZ_MUST_USE bool Do0RTT() override final { return true; }
+  MOZ_MUST_USE nsresult Finish0RTT(bool aRestart, bool aAlpnChanged) override final;
 
 private:
 
   // These internal states do not correspond to the states of the HTTP/2 specification
   enum internalStateType {
     BUFFERING_OPENING_SETTINGS,
     BUFFERING_FRAME_HEADER,
     BUFFERING_CONTROL_FRAME,
@@ -252,60 +253,62 @@ private:
     DISCARDING_DATA_FRAME,
     PROCESSING_COMPLETE_HEADERS,
     PROCESSING_CONTROL_RST_STREAM,
     NOT_USING_NETWORK
   };
 
   static const uint8_t kMagicHello[24];
 
-  nsresult    ResponseHeadersComplete();
+  MOZ_MUST_USE nsresult ResponseHeadersComplete();
   uint32_t    GetWriteQueueSize();
   void        ChangeDownstreamState(enum internalStateType);
   void        ResetDownstreamState();
-  nsresult    ReadyToProcessDataFrame(enum internalStateType);
-  nsresult    UncompressAndDiscard(bool);
+  MOZ_MUST_USE nsresult ReadyToProcessDataFrame(enum internalStateType);
+  MOZ_MUST_USE nsresult UncompressAndDiscard(bool);
   void        GeneratePing(bool);
   void        GenerateSettingsAck();
   void        GeneratePriority(uint32_t, uint8_t);
   void        GenerateRstStream(uint32_t, uint32_t);
   void        GenerateGoAway(uint32_t);
   void        CleanupStream(Http2Stream *, nsresult, errorType);
   void        CleanupStream(uint32_t, nsresult, errorType);
   void        CloseStream(Http2Stream *, nsresult);
   void        SendHello();
   void        RemoveStreamFromQueues(Http2Stream *);
-  nsresult    ParsePadding(uint8_t &, uint16_t &);
+  MOZ_MUST_USE nsresult ParsePadding(uint8_t &, uint16_t &);
 
   void        SetWriteCallbacks();
   void        RealignOutputQueue();
 
   void        ProcessPending();
-  nsresult    ProcessConnectedPush(Http2Stream *, nsAHttpSegmentWriter *,
-                                   uint32_t, uint32_t *);
-  nsresult    ProcessSlowConsumer(Http2Stream *, nsAHttpSegmentWriter *,
-                                  uint32_t, uint32_t *);
+  MOZ_MUST_USE nsresult ProcessConnectedPush(Http2Stream *,
+                                             nsAHttpSegmentWriter *,
+                                             uint32_t, uint32_t *);
+  MOZ_MUST_USE nsresult ProcessSlowConsumer(Http2Stream *,
+                                            nsAHttpSegmentWriter *,
+                                            uint32_t, uint32_t *);
 
-  nsresult    SetInputFrameDataStream(uint32_t);
+  MOZ_MUST_USE nsresult SetInputFrameDataStream(uint32_t);
   void        CreatePriorityNode(uint32_t, uint32_t, uint8_t, const char *);
   bool        VerifyStream(Http2Stream *, uint32_t);
   void        SetNeedsCleanup();
 
   void        UpdateLocalRwin(Http2Stream *stream, uint32_t bytes);
   void        UpdateLocalStreamWindow(Http2Stream *stream, uint32_t bytes);
   void        UpdateLocalSessionWindow(uint32_t bytes);
 
   void        MaybeDecrementConcurrent(Http2Stream *stream);
   bool        RoomForMoreConcurrent();
   void        IncrementConcurrent(Http2Stream *stream);
   void        QueueStream(Http2Stream *stream);
 
   // a wrapper for all calls to the nshttpconnection level segment writer. Used
   // to track network I/O for timeout purposes
-  nsresult   NetworkRead(nsAHttpSegmentWriter *, char *, uint32_t, uint32_t *);
+  MOZ_MUST_USE nsresult NetworkRead(nsAHttpSegmentWriter *, char *, uint32_t, uint32_t *);
 
   void Shutdown();
 
   // This is intended to be nsHttpConnectionMgr:nsConnectionHandle taken
   // from the first transaction on this session. That object contains the
   // pointer to the real network-level nsHttpConnection object.
   RefPtr<nsAHttpConnection> mConnection;
 
--- a/netwerk/protocol/http/Http2Stream.h
+++ b/netwerk/protocol/http/Http2Stream.h
@@ -49,18 +49,20 @@ public:
   Http2Stream(nsAHttpTransaction *, Http2Session *, int32_t);
 
   uint32_t StreamID() { return mStreamID; }
   Http2PushedStream *PushSource() { return mPushSource; }
 
   stateType HTTPState() { return mState; }
   void SetHTTPState(stateType val) { mState = val; }
 
-  virtual nsresult ReadSegments(nsAHttpSegmentReader *,  uint32_t, uint32_t *);
-  virtual nsresult WriteSegments(nsAHttpSegmentWriter *, uint32_t, uint32_t *);
+  virtual MOZ_MUST_USE nsresult ReadSegments(nsAHttpSegmentReader *,
+                                             uint32_t, uint32_t *);
+  virtual MOZ_MUST_USE nsresult WriteSegments(nsAHttpSegmentWriter *,
+                                              uint32_t, uint32_t *);
   virtual bool DeferCleanup(nsresult status);
 
   // The consumer stream is the synthetic pull stream hooked up to this stream
   // http2PushedStream overrides it
   virtual Http2Stream *GetConsumerStream() { return nullptr; };
 
   const nsAFlatCString &Origin() const { return mOrigin; }
   const nsAFlatCString &Host() const { return mHeaderHost; }
@@ -106,19 +108,21 @@ public:
   void SetAllHeadersReceived();
   void UnsetAllHeadersReceived() { mAllHeadersReceived = 0; }
   bool AllHeadersReceived() { return mAllHeadersReceived; }
 
   void UpdateTransportSendEvents(uint32_t count);
   void UpdateTransportReadEvents(uint32_t count);
 
   // NS_ERROR_ABORT terminates stream, other failure terminates session
-  nsresult ConvertResponseHeaders(Http2Decompressor *, nsACString &,
-                                  nsACString &, int32_t &);
-  nsresult ConvertPushHeaders(Http2Decompressor *, nsACString &, nsACString &);
+  MOZ_MUST_USE nsresult ConvertResponseHeaders(Http2Decompressor *,
+                                               nsACString &,
+                                               nsACString &, int32_t &);
+  MOZ_MUST_USE nsresult ConvertPushHeaders(Http2Decompressor *, nsACString &,
+                                           nsACString &);
 
   bool AllowFlowControlledWrite();
   void UpdateServerReceiveWindow(int32_t delta);
   int64_t ServerReceiveWindow() { return mServerReceiveWindow; }
 
   void DecrementClientReceiveWindow(uint32_t delta) {
     mClientReceiveWindow -= delta;
     mLocalUnacked += delta;
@@ -142,22 +146,22 @@ public:
   // A pull stream has an implicit sink, a pushed stream has a sink
   // once it is matched to a pull stream.
   virtual bool HasSink() { return true; }
 
   virtual ~Http2Stream();
 
   Http2Session *Session() { return mSession; }
 
-  static nsresult MakeOriginURL(const nsACString &origin,
-                                RefPtr<nsStandardURL> &url);
+  static MOZ_MUST_USE nsresult MakeOriginURL(const nsACString &origin,
+                                             RefPtr<nsStandardURL> &url);
 
-  static nsresult MakeOriginURL(const nsACString &scheme,
-                                const nsACString &origin,
-                                RefPtr<nsStandardURL> &url);
+  static MOZ_MUST_USE nsresult MakeOriginURL(const nsACString &scheme,
+                                             const nsACString &origin,
+                                             RefPtr<nsStandardURL> &url);
 
   // Mirrors nsAHttpTransaction
   bool Do0RTT();
   nsresult Finish0RTT(bool aRestart, bool aAlpnIgnored);
 
 protected:
   static void CreatePushHashKey(const nsCString &scheme,
                                 const nsCString &hostHeader,
@@ -210,28 +214,28 @@ protected:
 
   // Flag is set when stream is queued inside the session due to
   // concurrency limits being exceeded
   uint32_t                     mQueued               : 1;
 
   void     ChangeState(enum upstreamStateType);
 
   virtual void AdjustInitialWindow();
-  nsresult TransmitFrame(const char *, uint32_t *, bool forceCommitment);
+  MOZ_MUST_USE nsresult TransmitFrame(const char *, uint32_t *, bool forceCommitment);
 
 private:
   friend class nsAutoPtr<Http2Stream>;
 
-  nsresult ParseHttpRequestHeaders(const char *, uint32_t, uint32_t *);
-  nsresult GenerateOpen();
+  MOZ_MUST_USE nsresult ParseHttpRequestHeaders(const char *, uint32_t, uint32_t *);
+  MOZ_MUST_USE nsresult GenerateOpen();
 
   void     AdjustPushedPriority();
   void     GenerateDataFrameHeader(uint32_t, bool);
 
-  nsresult BufferInput(uint32_t , uint32_t *);
+  MOZ_MUST_USE nsresult BufferInput(uint32_t , uint32_t *);
 
   // The underlying HTTP transaction. This pointer is used as the key
   // in the Http2Session mStreamTransactionHash so it is important to
   // keep a reference to it as long as this stream is a member of that hash.
   // (i.e. don't change it or release it after it is set in the ctor).
   RefPtr<nsAHttpTransaction> mTransaction;
 
   // The underlying socket transport object is needed to propogate some events
--- a/netwerk/protocol/http/HttpBaseChannel.h
+++ b/netwerk/protocol/http/HttpBaseChannel.h
@@ -105,20 +105,21 @@ public:
   NS_DECL_NSITIMEDCHANNEL
   NS_DECL_NSITHROTTLEDINPUTCHANNEL
   NS_DECL_NSICLASSIFIEDCHANNEL
 
   NS_DECLARE_STATIC_IID_ACCESSOR(HTTP_BASE_CHANNEL_IID)
 
   HttpBaseChannel();
 
-  virtual nsresult Init(nsIURI *aURI, uint32_t aCaps, nsProxyInfo *aProxyInfo,
-                        uint32_t aProxyResolveFlags,
-                        nsIURI *aProxyURI,
-                        const nsID& aChannelId);
+  virtual MOZ_MUST_USE nsresult Init(nsIURI *aURI, uint32_t aCaps,
+                                     nsProxyInfo *aProxyInfo,
+                                     uint32_t aProxyResolveFlags,
+                                     nsIURI *aProxyURI,
+                                     const nsID& aChannelId);
 
   // nsIRequest
   NS_IMETHOD GetName(nsACString& aName) override;
   NS_IMETHOD IsPending(bool *aIsPending) override;
   NS_IMETHOD GetStatus(nsresult *aStatus) override;
   NS_IMETHOD GetLoadGroup(nsILoadGroup **aLoadGroup) override;
   NS_IMETHOD SetLoadGroup(nsILoadGroup *aLoadGroup) override;
   NS_IMETHOD GetLoadFlags(nsLoadFlags *aLoadFlags) override;
@@ -226,17 +227,17 @@ public:
   NS_IMETHOD GetRemotePort(int32_t* port) override;
   NS_IMETHOD GetAllowSpdy(bool *aAllowSpdy) override;
   NS_IMETHOD SetAllowSpdy(bool aAllowSpdy) override;
   NS_IMETHOD GetAllowAltSvc(bool *aAllowAltSvc) override;
   NS_IMETHOD SetAllowAltSvc(bool aAllowAltSvc) override;
   NS_IMETHOD GetBeConservative(bool *aBeConservative) override;
   NS_IMETHOD SetBeConservative(bool aBeConservative) override;
   NS_IMETHOD GetApiRedirectToURI(nsIURI * *aApiRedirectToURI) override;
-  virtual nsresult AddSecurityMessage(const nsAString &aMessageTag, const nsAString &aMessageCategory);
+  virtual MOZ_MUST_USE nsresult AddSecurityMessage(const nsAString &aMessageTag, const nsAString &aMessageCategory);
   NS_IMETHOD TakeAllSecurityMessages(nsCOMArray<nsISecurityConsoleMessage> &aMessages) override;
   NS_IMETHOD GetResponseTimeoutEnabled(bool *aEnable) override;
   NS_IMETHOD SetResponseTimeoutEnabled(bool aEnable) override;
   NS_IMETHOD GetInitialRwin(uint32_t* aRwin) override;
   NS_IMETHOD SetInitialRwin(uint32_t aRwin) override;
   NS_IMETHOD GetNetworkInterfaceId(nsACString& aNetworkInterfaceId) override;
   NS_IMETHOD SetNetworkInterfaceId(const nsACString& aNetworkInterfaceId) override;
   NS_IMETHOD ForcePending(bool aForcePending) override;
@@ -307,17 +308,17 @@ public:
         NS_DECL_ISUPPORTS
         NS_DECL_NSIUTF8STRINGENUMERATOR
 
         nsContentEncodings(nsIHttpChannel* aChannel, const char* aEncodingHeader);
 
     private:
         virtual ~nsContentEncodings();
 
-        nsresult PrepareForNext(void);
+        MOZ_MUST_USE nsresult PrepareForNext(void);
 
         // We do not own the buffer.  The channel owns it.
         const char* mEncodingHeader;
         const char* mCurStart;  // points to start of current header
         const char* mCurEnd;  // points to end of current header
 
         // Hold a ref to our channel so that it can't go away and take the
         // header with it.
@@ -327,30 +328,31 @@ public:
     };
 
     nsHttpResponseHead * GetResponseHead() const { return mResponseHead; }
     nsHttpRequestHead * GetRequestHead() { return &mRequestHead; }
 
     const NetAddr& GetSelfAddr() { return mSelfAddr; }
     const NetAddr& GetPeerAddr() { return mPeerAddr; }
 
-    nsresult OverrideSecurityInfo(nsISupports* aSecurityInfo);
+    MOZ_MUST_USE nsresult OverrideSecurityInfo(nsISupports* aSecurityInfo);
 
 public: /* Necko internal use only... */
     bool IsNavigation();
 
     // Return whether upon a redirect code of httpStatus for method, the
     // request method should be rewritten to GET.
     static bool ShouldRewriteRedirectToGET(uint32_t httpStatus,
                                            nsHttpRequestHead::ParsedMethodType method);
 
     // Like nsIEncodedChannel::DoApplyConversions except context is set to
     // mListenerContext.
-    nsresult DoApplyContentConversions(nsIStreamListener *aNextListener,
-                                       nsIStreamListener **aNewNextListener);
+    MOZ_MUST_USE nsresult
+    DoApplyContentConversions(nsIStreamListener *aNextListener,
+                              nsIStreamListener **aNewNextListener);
 
     // Callback on main thread when NS_AsyncCopy() is finished populating
     // the new mUploadStream.
     void EnsureUploadStreamIsCloneableComplete(nsresult aStatus);
 
     void SetIsTrackingResource()
     {
       mIsTrackingResource = true;
@@ -370,20 +372,19 @@ protected:
   // was fired.
   void NotifySetCookie(char const *aCookie);
 
   mozilla::dom::Performance* GetPerformance();
   nsIURI* GetReferringPage();
   nsPIDOMWindowInner* GetInnerDOMWindow();
 
   void AddCookiesToRequest();
-  virtual nsresult SetupReplacementChannel(nsIURI *,
-                                           nsIChannel *,
-                                           bool preserveMethod,
-                                           uint32_t redirectFlags);
+  virtual MOZ_MUST_USE nsresult
+  SetupReplacementChannel(nsIURI *, nsIChannel *, bool preserveMethod,
+                          uint32_t redirectFlags);
 
   // bundle calling OMR observers and marking flag into one function
   inline void CallOnModifyRequestObservers() {
     gHttpHandler->OnModifyRequest(this);
     mRequestObserversCalled = true;
   }
 
   // Helper function to simplify getting notification callbacks.
@@ -397,17 +398,17 @@ protected:
 
   // Redirect tracking
   // Checks whether or not aURI and mOriginalURI share the same domain.
   bool SameOriginWithOriginalUri(nsIURI *aURI);
 
   // GetPrincipal Returns the channel's URI principal.
   nsIPrincipal *GetURIPrincipal();
 
-  bool BypassServiceWorker() const;
+  MOZ_MUST_USE bool BypassServiceWorker() const;
 
   // Returns true if this channel should intercept the network request and prepare
   // for a possible synthesized response instead.
   bool ShouldIntercept(nsIURI* aURI = nullptr);
 
 #ifdef DEBUG
   // Check if mPrivateBrowsingId matches between LoadInfo and LoadContext.
   void AssertPrivateBrowsingId();
@@ -621,36 +622,36 @@ NS_DEFINE_STATIC_IID_ACCESSOR(HttpBaseCh
 template <class T>
 class HttpAsyncAborter
 {
 public:
   explicit HttpAsyncAborter(T *derived) : mThis(derived), mCallOnResume(0) {}
 
   // Aborts channel: calls OnStart/Stop with provided status, removes channel
   // from loadGroup.
-  nsresult AsyncAbort(nsresult status);
+  MOZ_MUST_USE nsresult AsyncAbort(nsresult status);
 
   // Does most the actual work.
   void HandleAsyncAbort();
 
   // AsyncCall calls a member function asynchronously (via an event).
   // retval isn't refcounted and is set only when event was successfully
   // posted, the event is returned for the purpose of cancelling when needed
-  nsresult AsyncCall(void (T::*funcPtr)(),
-                     nsRunnableMethod<T> **retval = nullptr);
+  MOZ_MUST_USE nsresult AsyncCall(void (T::*funcPtr)(),
+                                  nsRunnableMethod<T> **retval = nullptr);
 private:
   T *mThis;
 
 protected:
   // Function to be called at resume time
   void (T::* mCallOnResume)(void);
 };
 
 template <class T>
-nsresult HttpAsyncAborter<T>::AsyncAbort(nsresult status)
+MOZ_MUST_USE nsresult HttpAsyncAborter<T>::AsyncAbort(nsresult status)
 {
   MOZ_LOG(gHttpLog, LogLevel::Debug,
          ("HttpAsyncAborter::AsyncAbort [this=%p status=%" PRIx32 "]\n",
           mThis, static_cast<uint32_t>(status)));
 
   mThis->mStatus = status;
 
   // if this fails?  Callers ignore our return value anyway....
--- a/netwerk/protocol/http/HttpChannelChild.h
+++ b/netwerk/protocol/http/HttpChannelChild.h
@@ -98,17 +98,17 @@ public:
   NS_IMETHOD ResumeAt(uint64_t startPos, const nsACString& entityID) override;
 
   // IPDL holds a reference while the PHttpChannel protocol is live (starting at
   // AsyncOpen, and ending at either OnStopRequest or any IPDL error, either of
   // which call NeckoChild::DeallocPHttpChannelChild()).
   void AddIPDLReference();
   void ReleaseIPDLReference();
 
-  bool IsSuspended();
+  MOZ_MUST_USE bool IsSuspended();
 
   mozilla::ipc::IPCResult RecvNotifyTrackingProtectionDisabled() override;
   mozilla::ipc::IPCResult RecvNotifyTrackingResource() override;
   void FlushedForDiversion();
   mozilla::ipc::IPCResult RecvSetClassifierMatchedInfo(const ClassifierInfo& aInfo) override;
 
 protected:
   mozilla::ipc::IPCResult RecvOnStartRequest(const nsresult& channelStatus,
@@ -151,17 +151,18 @@ protected:
   mozilla::ipc::IPCResult RecvReportSecurityMessage(const nsString& messageTag,
                                                     const nsString& messageCategory) override;
 
   mozilla::ipc::IPCResult RecvIssueDeprecationWarning(const uint32_t& warning,
                                                       const bool& asError) override;
 
   mozilla::ipc::IPCResult RecvSetPriority(const int16_t& aPriority) override;
 
-  bool GetAssociatedContentSecurity(nsIAssociatedContentSecurity** res = nullptr);
+  MOZ_MUST_USE bool
+  GetAssociatedContentSecurity(nsIAssociatedContentSecurity** res = nullptr);
   virtual void DoNotifyListenerCleanup() override;
 
   NS_IMETHOD GetResponseSynthesized(bool* aSynthesized) override;
 
 private:
 
   class OverrideRunnable : public Runnable {
   public:
@@ -182,17 +183,17 @@ private:
   };
 
   // Sets the event target for future IPC messages. Messages will either be
   // directed to the TabGroup or DocGroup, depending on the LoadInfo associated
   // with the channel. Should be called when a new channel is being set up,
   // before the constructor message is sent to the parent.
   void SetEventTarget();
 
-  nsresult ContinueAsyncOpen();
+  MOZ_MUST_USE nsresult ContinueAsyncOpen();
 
   void DoOnStartRequest(nsIRequest* aRequest, nsISupports* aContext);
   void DoOnStatus(nsIRequest* aRequest, nsresult status);
   void DoOnProgress(nsIRequest* aRequest, int64_t progress, int64_t progressMax);
   void DoOnDataAvailable(nsIRequest* aRequest, nsISupports* aContext, nsIInputStream* aStream,
                          uint64_t offset, uint32_t count);
   void DoPreOnStopRequest(nsresult aStatus);
   void DoOnStopRequest(nsIRequest* aRequest, nsresult aChannelStatus, nsISupports* aContext);
@@ -323,20 +324,20 @@ private:
                       const nsHttpResponseHead& responseHead,
                       const nsACString& securityInfoSerialization,
                       const nsACString& channelId);
   bool Redirect3Complete(OverrideRunnable* aRunnable);
   void DeleteSelf();
 
   // Create a a new channel to be used in a redirection, based on the provided
   // response headers.
-  nsresult SetupRedirect(nsIURI* uri,
-                         const nsHttpResponseHead* responseHead,
-                         const uint32_t& redirectFlags,
-                         nsIChannel** outChannel);
+  MOZ_MUST_USE nsresult SetupRedirect(nsIURI* uri,
+                                      const nsHttpResponseHead* responseHead,
+                                      const uint32_t& redirectFlags,
+                                      nsIChannel** outChannel);
 
   // Perform a redirection without communicating with the parent process at all.
   void BeginNonIPCRedirect(nsIURI* responseURI,
                            const nsHttpResponseHead* responseHead);
 
   // Override the default security info pointer during a non-IPC redirection.
   void OverrideSecurityInfoForNonIPCRedirect(nsISupports* securityInfo);
 
--- a/netwerk/protocol/http/HttpChannelParent.h
+++ b/netwerk/protocol/http/HttpChannelParent.h
@@ -67,23 +67,23 @@ public:
   NS_DECL_NSIDEPRECATIONWARNER
 
   NS_DECLARE_STATIC_IID_ACCESSOR(HTTP_CHANNEL_PARENT_IID)
 
   HttpChannelParent(const dom::PBrowserOrId& iframeEmbedding,
                     nsILoadContext* aLoadContext,
                     PBOverrideStatus aStatus);
 
-  bool Init(const HttpChannelCreationArgs& aOpenArgs);
+  MOZ_MUST_USE bool Init(const HttpChannelCreationArgs& aOpenArgs);
 
   // ADivertableParentChannel functions.
   void DivertTo(nsIStreamListener *aListener) override;
-  nsresult SuspendForDiversion() override;
-  nsresult SuspendMessageDiversion() override;
-  nsresult ResumeMessageDiversion() override;
+  MOZ_MUST_USE nsresult SuspendForDiversion() override;
+  MOZ_MUST_USE nsresult SuspendMessageDiversion() override;
+  MOZ_MUST_USE nsresult ResumeMessageDiversion() override;
 
   // Calls OnStartRequest for "DivertTo" listener, then notifies child channel
   // that it should divert OnDataAvailable and OnStopRequest calls to this
   // parent channel.
   void StartDiversion();
 
   // Handles calling OnStart/Stop if there are errors during diversion.
   // Called asynchronously from FailDiversion.
@@ -91,66 +91,69 @@ public:
 
   // Forwarded to nsHttpChannel::SetApplyConversion.
   void SetApplyConversion(bool aApplyConversion) {
     if (mChannel) {
       mChannel->SetApplyConversion(aApplyConversion);
     }
   }
 
-  nsresult OpenAlternativeOutputStream(const nsACString & type, nsIOutputStream * *_retval);
+  MOZ_MUST_USE nsresult OpenAlternativeOutputStream(const nsACString & type,
+                                                    nsIOutputStream * *_retval);
 
   void InvokeAsyncOpen(nsresult rv);
 
   // Calls SendSetPriority if mIPCClosed is false.
   void DoSendSetPriority(int16_t aValue);
 protected:
   // used to connect redirected-to channel in parent with just created
   // ChildChannel.  Used during redirects.
-  bool ConnectChannel(const uint32_t& channelId, const bool& shouldIntercept);
+  MOZ_MUST_USE bool ConnectChannel(const uint32_t& channelId,
+                                   const bool& shouldIntercept);
 
-  bool DoAsyncOpen(const URIParams&           uri,
-                   const OptionalURIParams&   originalUri,
-                   const OptionalURIParams&   docUri,
-                   const OptionalURIParams&   referrerUri,
-                   const uint32_t&            referrerPolicy,
-                   const OptionalURIParams&   internalRedirectUri,
-                   const OptionalURIParams&   topWindowUri,
-                   const uint32_t&            loadFlags,
-                   const RequestHeaderTuples& requestHeaders,
-                   const nsCString&           requestMethod,
-                   const OptionalIPCStream&   uploadStream,
-                   const bool&                uploadStreamHasHeaders,
-                   const int16_t&             priority,
-                   const uint32_t&            classOfService,
-                   const uint8_t&             redirectionLimit,
-                   const bool&                allowSTS,
-                   const uint32_t&            thirdPartyFlags,
-                   const bool&                doResumeAt,
-                   const uint64_t&            startPos,
-                   const nsCString&           entityID,
-                   const bool&                chooseApplicationCache,
-                   const nsCString&           appCacheClientID,
-                   const bool&                allowSpdy,
-                   const bool&                allowAltSvc,
-                   const bool&                beConservative,
-                   const OptionalLoadInfoArgs& aLoadInfoArgs,
-                   const OptionalHttpResponseHead& aSynthesizedResponseHead,
-                   const nsCString&           aSecurityInfoSerialization,
-                   const uint32_t&            aCacheKey,
-                   const nsCString&           aRequestContextID,
-                   const OptionalCorsPreflightArgs& aCorsPreflightArgs,
-                   const uint32_t&            aInitialRwin,
-                   const bool&                aBlockAuthPrompt,
-                   const bool&                aSuspendAfterSynthesizeResponse,
-                   const bool&                aAllowStaleCacheContent,
-                   const nsCString&           aContentTypeHint,
-                   const nsCString&           aChannelId,
-                   const uint64_t&            aContentWindowId,
-                   const nsCString&           aPreferredAlternativeType);
+  MOZ_MUST_USE bool
+  DoAsyncOpen(const URIParams&           uri,
+              const OptionalURIParams&   originalUri,
+              const OptionalURIParams&   docUri,
+              const OptionalURIParams&   referrerUri,
+              const uint32_t&            referrerPolicy,
+              const OptionalURIParams&   internalRedirectUri,
+              const OptionalURIParams&   topWindowUri,
+              const uint32_t&            loadFlags,
+              const RequestHeaderTuples& requestHeaders,
+              const nsCString&           requestMethod,
+              const OptionalIPCStream&   uploadStream,
+              const bool&                uploadStreamHasHeaders,
+              const int16_t&             priority,
+              const uint32_t&            classOfService,
+              const uint8_t&             redirectionLimit,
+              const bool&                allowSTS,
+              const uint32_t&            thirdPartyFlags,
+              const bool&                doResumeAt,
+              const uint64_t&            startPos,
+              const nsCString&           entityID,
+              const bool&                chooseApplicationCache,
+              const nsCString&           appCacheClientID,
+              const bool&                allowSpdy,
+              const bool&                allowAltSvc,
+              const bool&                beConservative,
+              const OptionalLoadInfoArgs& aLoadInfoArgs,
+              const OptionalHttpResponseHead& aSynthesizedResponseHead,
+              const nsCString&           aSecurityInfoSerialization,
+              const uint32_t&            aCacheKey,
+              const nsCString&           aRequestContextID,
+              const OptionalCorsPreflightArgs& aCorsPreflightArgs,
+              const uint32_t&            aInitialRwin,
+              const bool&                aBlockAuthPrompt,
+              const bool&                aSuspendAfterSynthesizeResponse,
+              const bool&                aAllowStaleCacheContent,
+              const nsCString&           aContentTypeHint,
+              const nsCString&           aChannelId,
+              const uint64_t&            aContentWindowId,
+              const nsCString&           aPreferredAlternativeType);
 
   virtual mozilla::ipc::IPCResult RecvSetPriority(const int16_t& priority) override;
   virtual mozilla::ipc::IPCResult RecvSetClassOfService(const uint32_t& cos) override;
   virtual mozilla::ipc::IPCResult RecvSetCacheTokenCachedCharset(const nsCString& charset) override;
   virtual mozilla::ipc::IPCResult RecvSuspend() override;
   virtual mozilla::ipc::IPCResult RecvResume() override;
   virtual mozilla::ipc::IPCResult RecvCancel(const nsresult& status) override;
   virtual mozilla::ipc::IPCResult RecvRedirect2Verify(const nsresult& result,
@@ -172,30 +175,31 @@ protected:
                                          const uint32_t& count) override;
   virtual mozilla::ipc::IPCResult RecvDivertOnStopRequest(const nsresult& statusCode) override;
   virtual mozilla::ipc::IPCResult RecvDivertComplete() override;
   virtual mozilla::ipc::IPCResult RecvRemoveCorsPreflightCacheEntry(const URIParams& uri,
                                                                     const mozilla::ipc::PrincipalInfo& requestingPrincipal) override;
   virtual void ActorDestroy(ActorDestroyReason why) override;
 
   // Supporting function for ADivertableParentChannel.
-  nsresult ResumeForDiversion();
+  MOZ_MUST_USE nsresult ResumeForDiversion();
 
   // Asynchronously calls NotifyDiversionFailed.
   void FailDiversion(nsresult aErrorCode, bool aSkipResume = true);
 
   friend class HttpChannelParentListener;
   RefPtr<mozilla::dom::TabParent> mTabParent;
 
-  nsresult ReportSecurityMessage(const nsAString& aMessageTag,
-                                 const nsAString& aMessageCategory) override;
+  MOZ_MUST_USE nsresult
+  ReportSecurityMessage(const nsAString& aMessageTag,
+                        const nsAString& aMessageCategory) override;
 
   // Calls SendDeleteSelf and sets mIPCClosed to true because we should not
   // send any more messages after that. Bug 1274886
-  bool DoSendDeleteSelf();
+  MOZ_MUST_USE bool DoSendDeleteSelf();
   // Called to notify the parent channel to not send any more IPC messages.
   virtual mozilla::ipc::IPCResult RecvDeletingChannel() override;
   virtual mozilla::ipc::IPCResult RecvFinishInterceptedRedirect() override;
 
 private:
   void UpdateAndSerializeSecurityInfo(nsACString& aSerializedSecurityInfoOut);
 
   void DivertOnDataAvailable(const nsCString& data,
--- a/netwerk/protocol/http/HttpChannelParentListener.h
+++ b/netwerk/protocol/http/HttpChannelParentListener.h
@@ -42,28 +42,28 @@ public:
   NS_DECL_NSISTREAMLISTENER
   NS_DECL_NSINETWORKINTERCEPTCONTROLLER
 
   NS_DECLARE_STATIC_IID_ACCESSOR(HTTP_CHANNEL_PARENT_LISTENER_IID)
 
   explicit HttpChannelParentListener(HttpChannelParent* aInitialChannel);
 
   // For channel diversion from child to parent.
-  nsresult DivertTo(nsIStreamListener *aListener);
-  nsresult SuspendForDiversion();
+  MOZ_MUST_USE nsresult DivertTo(nsIStreamListener *aListener);
+  MOZ_MUST_USE nsresult SuspendForDiversion();
 
   void SetupInterception(const nsHttpResponseHead& aResponseHead);
   void SetupInterceptionAfterRedirect(bool aShouldIntercept);
   void ClearInterceptedChannel();
 
 private:
   virtual ~HttpChannelParentListener();
 
   // Private partner function to SuspendForDiversion.
-  nsresult ResumeForDiversion();
+  MOZ_MUST_USE nsresult ResumeForDiversion();
 
   // Can be the original HttpChannelParent that created this object (normal
   // case), a different {HTTP|FTP}ChannelParent that we've been redirected to,
   // or some other listener that we have been diverted to via
   // nsIDivertableChannel.
   nsCOMPtr<nsIStreamListener> mNextListener;
   uint32_t mRedirectChannelId;
   // When set, no OnStart/OnData/OnStop calls should be received.
--- a/netwerk/protocol/http/InterceptedChannel.h
+++ b/netwerk/protocol/http/InterceptedChannel.h
@@ -38,18 +38,20 @@ protected:
 
   nsCOMPtr<nsIConsoleReportCollector> mReportCollector;
   nsCOMPtr<nsISupports> mReleaseHandle;
 
   bool mClosed;
 
   void EnsureSynthesizedResponse();
   void DoNotifyController();
-  nsresult DoSynthesizeStatus(uint16_t aStatus, const nsACString& aReason);
-  nsresult DoSynthesizeHeader(const nsACString& aName, const nsACString& aValue);
+  MOZ_MUST_USE nsresult DoSynthesizeStatus(uint16_t aStatus,
+                                           const nsACString& aReason);
+  MOZ_MUST_USE nsresult DoSynthesizeHeader(const nsACString& aName,
+                                           const nsACString& aValue);
 
   virtual ~InterceptedChannelBase();
 public:
   explicit InterceptedChannelBase(nsINetworkInterceptController* aController);
 
   // Notify the interception controller that the channel has been intercepted
   // and prepare the response body output stream.
   virtual void NotifyController() = 0;
--- a/netwerk/protocol/http/NullHttpChannel.h
+++ b/netwerk/protocol/http/NullHttpChannel.h
@@ -33,19 +33,19 @@ class NullHttpChannel final
 
   NullHttpChannel();
 
   // Copies the URI, Principal and Timing-Allow-Origin headers from the
   // passed channel to this object, to be used for resource timing checks
   explicit NullHttpChannel(nsIHttpChannel * chan);
 
   // Same signature as nsHttpChannel::Init
-  nsresult Init(nsIURI *aURI, uint32_t aCaps, nsProxyInfo *aProxyInfo,
-                        uint32_t aProxyResolveFlags,
-                        nsIURI *aProxyURI);
+  MOZ_MUST_USE nsresult Init(nsIURI *aURI, uint32_t aCaps,
+                             nsProxyInfo *aProxyInfo,
+                             uint32_t aProxyResolveFlags, nsIURI *aProxyURI);
 private:
   ~NullHttpChannel() { }
 
 protected:
   nsCOMPtr<nsIURI> mURI;
   nsCOMPtr<nsIURI> mOriginalURI;
 
   nsString  mInitiatorType;
--- a/netwerk/protocol/http/NullHttpTransaction.h
+++ b/netwerk/protocol/http/NullHttpTransaction.h
@@ -33,17 +33,17 @@ public:
   NS_DECLARE_STATIC_IID_ACCESSOR(NS_NULLHTTPTRANSACTION_IID)
   NS_DECL_THREADSAFE_ISUPPORTS
   NS_DECL_NSAHTTPTRANSACTION
 
   NullHttpTransaction(nsHttpConnectionInfo *ci,
                       nsIInterfaceRequestor *callbacks,
                       uint32_t caps);
 
-  bool Claim();
+  MOZ_MUST_USE bool Claim();
 
   // Overload of nsAHttpTransaction methods
   bool IsNullTransaction() override final { return true; }
   NullHttpTransaction *QueryNullTransaction() override final { return this; }
   bool ResponseTimeoutEnabled() const override final {return true; }
   PRIntervalTime ResponseTimeout() override final
   {
     return PR_SecondsToInterval(15);
--- a/netwerk/protocol/http/PSpdyPush.h
+++ b/netwerk/protocol/http/PSpdyPush.h
@@ -38,17 +38,17 @@ class Http2PushedStream;
 
 // One cache per load group
 class SpdyPushCache
 {
 public:
   // The cache holds only weak pointers - no references
   SpdyPushCache();
   virtual ~SpdyPushCache();
-  bool               RegisterPushedStreamHttp2(const nsCString& key,
+  MOZ_MUST_USE bool  RegisterPushedStreamHttp2(const nsCString& key,
                                                Http2PushedStream *stream);
   Http2PushedStream *RemovePushedStreamHttp2(const nsCString& key);
 private:
   nsDataHashtable<nsCStringHashKey, Http2PushedStream *> mHashHttp2;
 };
 
 } // namespace net
 } // namespace mozilla
--- a/netwerk/protocol/http/TunnelUtils.h
+++ b/netwerk/protocol/http/TunnelUtils.h
@@ -113,33 +113,34 @@ public:
   NS_DECL_NSITIMERCALLBACK
 
   TLSFilterTransaction(nsAHttpTransaction *aWrappedTransaction,
                        const char *tlsHost, int32_t tlsPort,
                        nsAHttpSegmentReader *reader,
                        nsAHttpSegmentWriter *writer);
 
   const nsAHttpTransaction *Transaction() const { return mTransaction.get(); }
-  nsresult CommitToSegmentSize(uint32_t size, bool forceCommitment) override;
-  nsresult GetTransactionSecurityInfo(nsISupports **) override;
-  nsresult NudgeTunnel(NudgeTunnelCallback *callback);
-  nsresult SetProxiedTransaction(nsAHttpTransaction *aTrans);
+  MOZ_MUST_USE nsresult CommitToSegmentSize(uint32_t size,
+                                            bool forceCommitment) override;
+  MOZ_MUST_USE nsresult GetTransactionSecurityInfo(nsISupports **) override;
+  MOZ_MUST_USE nsresult NudgeTunnel(NudgeTunnelCallback *callback);
+  MOZ_MUST_USE nsresult SetProxiedTransaction(nsAHttpTransaction *aTrans);
   void     newIODriver(nsIAsyncInputStream *aSocketIn,
                        nsIAsyncOutputStream *aSocketOut,
                        nsIAsyncInputStream **outSocketIn,
                        nsIAsyncOutputStream **outSocketOut);
 
   // nsAHttpTransaction overloads
   bool IsNullTransaction() override;
   NullHttpTransaction *QueryNullTransaction() override;
   nsHttpTransaction *QueryHttpTransaction() override;
   SpdyConnectTransaction *QuerySpdyConnectTransaction() override;
 
 private:
-  nsresult StartTimerCallback();
+  MOZ_MUST_USE nsresult StartTimerCallback();
   void Cleanup();
   int32_t FilterOutput(const char *aBuf, int32_t aAmount);
   int32_t FilterInput(char *aBuf, int32_t aAmount);
 
   static PRStatus GetPeerName(PRFileDesc *fd, PRNetAddr*addr);
   static PRStatus GetSocketOption(PRFileDesc *fd, PRSocketOptionData *data);
   static PRStatus SetSocketOption(PRFileDesc *fd, const PRSocketOptionData *data);
   static int32_t FilterWrite(PRFileDesc *fd, const void *buf, int32_t amount);
@@ -189,32 +190,34 @@ public:
   SpdyConnectTransaction *QuerySpdyConnectTransaction() override { return this; }
 
   // A transaction is forced into plaintext when it is intended to be used as a CONNECT
   // tunnel but the setup fails. The plaintext only carries the CONNECT error.
   void ForcePlainText();
   void MapStreamToHttpConnection(nsISocketTransport *aTransport,
                                  nsHttpConnectionInfo *aConnInfo);
 
-  nsresult ReadSegments(nsAHttpSegmentReader *reader,
-                        uint32_t count, uint32_t *countRead) override final;
-  nsresult WriteSegments(nsAHttpSegmentWriter *writer,
-                         uint32_t count, uint32_t *countWritten) override final;
+  MOZ_MUST_USE nsresult ReadSegments(nsAHttpSegmentReader *reader,
+                                     uint32_t count,
+                                     uint32_t *countRead) override final;
+  MOZ_MUST_USE nsresult WriteSegments(nsAHttpSegmentWriter *writer,
+                                      uint32_t count,
+                                      uint32_t *countWritten) override final;
   nsHttpRequestHead *RequestHead() override final;
   void Close(nsresult reason) override final;
 
   // ConnectedReadyForInput() tests whether the spdy connect transaction is attached to
   // an nsHttpConnection that can properly deal with flow control, etc..
   bool ConnectedReadyForInput();
 
 private:
   friend class InputStreamShim;
   friend class OutputStreamShim;
 
-  nsresult Flush(uint32_t count, uint32_t *countRead);
+  MOZ_MUST_USE nsresult Flush(uint32_t count, uint32_t *countRead);
   void CreateShimError(nsresult code);
 
   nsCString             mConnectString;
   uint32_t              mConnectStringOffset;
 
   nsAHttpConnection    *mSession;
   nsAHttpSegmentReader *mSegmentReader;
 
--- a/netwerk/protocol/http/nsAHttpConnection.h
+++ b/netwerk/protocol/http/nsAHttpConnection.h
@@ -36,33 +36,33 @@ public:
 
     //
     // called by a transaction when the response headers have all been read.
     // the connection can force the transaction to reset it's response headers,
     // and prepare for a new set of response headers, by setting |*reset=TRUE|.
     //
     // @return failure code to close the transaction.
     //
-    virtual nsresult OnHeadersAvailable(nsAHttpTransaction *,
-                                        nsHttpRequestHead *,
-                                        nsHttpResponseHead *,
-                                        bool *reset) = 0;
+    virtual MOZ_MUST_USE nsresult OnHeadersAvailable(nsAHttpTransaction *,
+                                                     nsHttpRequestHead *,
+                                                     nsHttpResponseHead *,
+                                                     bool *reset) = 0;
 
     //
     // called by a transaction to resume either sending or receiving data
     // after a transaction returned NS_BASE_STREAM_WOULD_BLOCK from its
     // ReadSegments/WriteSegments methods.
     //
-    virtual nsresult ResumeSend() = 0;
-    virtual nsresult ResumeRecv() = 0;
+    virtual MOZ_MUST_USE nsresult ResumeSend() = 0;
+    virtual MOZ_MUST_USE nsresult ResumeRecv() = 0;
 
     // called by a transaction to force a "send/recv from network" iteration
     // even if not scheduled by socket associated with connection
-    virtual nsresult ForceSend() = 0;
-    virtual nsresult ForceRecv() = 0;
+    virtual MOZ_MUST_USE nsresult ForceSend() = 0;
+    virtual MOZ_MUST_USE nsresult ForceRecv() = 0;
 
     // After a connection has had ResumeSend() called by a transaction,
     // and it is ready to write to the network it may need to know the
     // transaction that has data to write. This is only an issue for
     // multiplexed protocols like SPDY - h1
     // implicitly has this information in a 1:1 relationship with the
     // transaction(s) they manage.
     virtual void TransactionHasDataToWrite(nsAHttpTransaction *)
@@ -91,34 +91,34 @@ public:
     virtual void CloseTransaction(nsAHttpTransaction *transaction,
                                   nsresult reason) = 0;
 
     // get a reference to the connection's connection info object.
     virtual void GetConnectionInfo(nsHttpConnectionInfo **) = 0;
 
     // get the transport level information for this connection. This may fail
     // if it is in use.
-    virtual nsresult TakeTransport(nsISocketTransport **,
-                                   nsIAsyncInputStream **,
-                                   nsIAsyncOutputStream **) = 0;
+    virtual MOZ_MUST_USE nsresult TakeTransport(nsISocketTransport **,
+                                                nsIAsyncInputStream **,
+                                                nsIAsyncOutputStream **) = 0;
 
     // called by a transaction to get the security info from the socket.
     virtual void GetSecurityInfo(nsISupports **) = 0;
 
     // called by a transaction to determine whether or not the connection is
     // persistent... important in determining the end of a response.
     virtual bool IsPersistent() = 0;
 
     // called to determine or set if a connection has been reused.
     virtual bool IsReused() = 0;
     virtual void DontReuse() = 0;
 
     // called by a transaction when the transaction reads more from the socket
     // than it should have (eg. containing part of the next response).
-    virtual nsresult PushBack(const char *data, uint32_t length) = 0;
+    virtual MOZ_MUST_USE nsresult PushBack(const char *data, uint32_t length) = 0;
 
     // Used to determine if the connection wants read events even though
     // it has not written out a transaction. Used when a connection has issued
     // a preamble such as a proxy ssl CONNECT sequence.
     virtual bool IsProxyConnectInProgress() = 0;
 
     // Used by a transaction to manage the state of previous response bodies on
     // the same connection and work around buggy servers.
@@ -143,25 +143,28 @@ public:
 
     // nsHttp.h version
     virtual uint32_t Version() = 0;
 };
 
 NS_DEFINE_STATIC_IID_ACCESSOR(nsAHttpConnection, NS_AHTTPCONNECTION_IID)
 
 #define NS_DECL_NSAHTTPCONNECTION(fwdObject)                    \
-    nsresult OnHeadersAvailable(nsAHttpTransaction *, nsHttpRequestHead *, nsHttpResponseHead *, bool *reset) override; \
+    MOZ_MUST_USE nsresult OnHeadersAvailable(nsAHttpTransaction *,  \
+                                             nsHttpRequestHead *,   \
+                                             nsHttpResponseHead *,  \
+                                             bool *reset) override; \
     void CloseTransaction(nsAHttpTransaction *, nsresult) override; \
-    nsresult TakeTransport(nsISocketTransport **,    \
-                           nsIAsyncInputStream **,   \
-                           nsIAsyncOutputStream **) override; \
+    MOZ_MUST_USE nsresult TakeTransport(nsISocketTransport **,    \
+                                        nsIAsyncInputStream **,   \
+                                        nsIAsyncOutputStream **) override; \
     bool IsPersistent() override;                         \
     bool IsReused() override;                             \
     void DontReuse() override;                            \
-    nsresult PushBack(const char *, uint32_t) override;   \
+    MOZ_MUST_USE nsresult PushBack(const char *, uint32_t) override; \
     already_AddRefed<nsHttpConnection> TakeHttpConnection() override; \
     /*                                                    \
        Thes methods below have automatic definitions that just forward the \
        function to a lower level connection object        \
     */                                                    \
     void GetConnectionInfo(nsHttpConnectionInfo **result) \
       override                                            \
     {                                                     \
@@ -174,35 +177,35 @@ NS_DEFINE_STATIC_IID_ACCESSOR(nsAHttpCon
     void GetSecurityInfo(nsISupports **result) override   \
     {                                                     \
       if (!(fwdObject)) {                                 \
           *result = nullptr;                              \
           return;                                         \
       }                                                   \
       return (fwdObject)->GetSecurityInfo(result);        \
     }                                                     \
-    nsresult ResumeSend() override     \
+    MOZ_MUST_USE nsresult ResumeSend() override \
     {                                      \
         if (!(fwdObject))                  \
             return NS_ERROR_FAILURE;       \
         return (fwdObject)->ResumeSend();  \
     }                                      \
-    nsresult ResumeRecv() override     \
+    MOZ_MUST_USE nsresult ResumeRecv() override \
     {                                      \
         if (!(fwdObject))                  \
             return NS_ERROR_FAILURE;       \
         return (fwdObject)->ResumeRecv();  \
     }                                      \
-    nsresult ForceSend() override      \
+    MOZ_MUST_USE nsresult ForceSend() override \
     {                                      \
         if (!(fwdObject))                  \
             return NS_ERROR_FAILURE;       \
         return (fwdObject)->ForceSend();   \
     }                                      \
-    nsresult ForceRecv() override      \
+    MOZ_MUST_USE nsresult ForceRecv() override \
     {                                      \
         if (!(fwdObject))                  \
             return NS_ERROR_FAILURE;       \
         return (fwdObject)->ForceRecv();   \
     }                                      \
     nsISocketTransport *Transport()        \
       override                         \
     {                                      \
--- a/netwerk/protocol/http/nsAHttpTransaction.h
+++ b/netwerk/protocol/http/nsAHttpTransaction.h
@@ -63,33 +63,37 @@ public:
 
     // called to notify that a requested DNS cache entry was refreshed.
     virtual void     SetDNSWasRefreshed() = 0;
 
     // called to find out how much request data is available for writing.
     virtual uint64_t Available() = 0;
 
     // called to read request data from the transaction.
-    virtual nsresult ReadSegments(nsAHttpSegmentReader *reader,
-                                  uint32_t count, uint32_t *countRead) = 0;
+    virtual MOZ_MUST_USE nsresult ReadSegments(nsAHttpSegmentReader *reader,
+                                               uint32_t count,
+                                               uint32_t *countRead) = 0;
 
     // called to write response data to the transaction.
-    virtual nsresult WriteSegments(nsAHttpSegmentWriter *writer,
-                                   uint32_t count, uint32_t *countWritten) = 0;
+    virtual MOZ_MUST_USE nsresult WriteSegments(nsAHttpSegmentWriter *writer,
+                                                uint32_t count,
+                                                uint32_t *countWritten) = 0;
 
     // These versions of the functions allow the overloader to specify whether or
     // not it is safe to call *Segments() in a loop while they return OK.
     // The callee should turn again to false if it is not, otherwise leave untouched
-    virtual nsresult ReadSegmentsAgain(nsAHttpSegmentReader *reader,
-                                       uint32_t count, uint32_t *countRead, bool *again)
+    virtual MOZ_MUST_USE nsresult
+    ReadSegmentsAgain(nsAHttpSegmentReader *reader, uint32_t count,
+                      uint32_t *countRead, bool *again)
     {
         return ReadSegments(reader, count, countRead);
     }
-    virtual nsresult WriteSegmentsAgain(nsAHttpSegmentWriter *writer,
-                                   uint32_t count, uint32_t *countWritten, bool *again)
+    virtual MOZ_MUST_USE nsresult
+    WriteSegmentsAgain(nsAHttpSegmentWriter *writer, uint32_t count,
+                       uint32_t *countWritten, bool *again)
     {
         return WriteSegments(writer, count, countWritten);
     }
 
     // called to close the transaction
     virtual void Close(nsresult reason) = 0;
 
     // called to indicate a failure with proxy CONNECT
@@ -107,17 +111,17 @@ public:
     // handle multiple transactions simultaneously (i.e. h2).
     //
     // Returns NS_ERROR_NOT_IMPLEMENTED if the object does not implement
     // sub-transactions.
     //
     // Returns NS_ERROR_ALREADY_OPENED if the subtransactions have been
     // at least partially written and cannot be moved.
     //
-    virtual nsresult TakeSubTransactions(
+    virtual MOZ_MUST_USE nsresult TakeSubTransactions(
         nsTArray<RefPtr<nsAHttpTransaction> > &outTransactions) = 0;
 
     // Occasionally the abstract interface has to give way to base implementations
     // to respect differences between spdy, h2, etc..
     // These Query* (and IsNullTransaction()) functions provide a way to do
     // that without using xpcom or rtti. Any calling code that can't deal with
     // a null response from one of them probably shouldn't be using nsAHttpTransaction
 
@@ -148,40 +152,40 @@ public:
     virtual PRIntervalTime ResponseTimeout();
 
     // conceptually the security info is part of the connection, but sometimes
     // in the case of TLS tunneled within TLS the transaction might present
     // a more specific security info that cannot be represented as a layer in
     // the connection due to multiplexing. This interface represents such an
     // overload. If it returns NS_FAILURE the connection should be considered
     // authoritative.
-    virtual nsresult GetTransactionSecurityInfo(nsISupports **)
+    virtual MOZ_MUST_USE nsresult GetTransactionSecurityInfo(nsISupports **)
     {
         return NS_ERROR_NOT_IMPLEMENTED;
     }
 
     virtual void DisableSpdy() { }
     virtual void ReuseConnectionOnRestartOK(bool) { }
 
     // Returns true if early-data is possible.
-    virtual bool Do0RTT() {
+    virtual MOZ_MUST_USE bool Do0RTT() {
         return false;
     }
     // This function will be called when a tls handshake has been finished and
     // we know whether early-data that was sent has been accepted or not, e.g.
     // do we need to restart a transaction. This will be called only if Do0RTT
     // returns true.
     // If aRestart parameter is true we need to restart the transaction,
     // otherwise the erly-data has been accepted and we can continue the
     // transaction.
     // If aAlpnChanged is true (and we were assuming http/2), we'll need to take
     // the transactions out of the session, rewind them all, and start them back
     // over as http/1 transactions
     // The function will return success or failure of the transaction restart.
-    virtual nsresult Finish0RTT(bool aRestart, bool aAlpnChanged) {
+    virtual MOZ_MUST_USE nsresult Finish0RTT(bool aRestart, bool aAlpnChanged) {
         return NS_ERROR_NOT_IMPLEMENTED;
     }
 };
 
 NS_DEFINE_STATIC_IID_ACCESSOR(nsAHttpTransaction, NS_AHTTPTRANSACTION_IID)
 
 #define NS_DECL_NSAHTTPTRANSACTION \
     void SetConnection(nsAHttpConnection *) override; \
@@ -189,68 +193,69 @@ NS_DEFINE_STATIC_IID_ACCESSOR(nsAHttpTra
     void GetSecurityCallbacks(nsIInterfaceRequestor **) override;       \
     void OnTransportStatus(nsITransport* transport, \
                            nsresult status, int64_t progress) override; \
     bool     IsDone() override; \
     nsresult Status() override; \
     uint32_t Caps() override;   \
     void     SetDNSWasRefreshed() override; \
     uint64_t Available() override; \
-    virtual nsresult ReadSegments(nsAHttpSegmentReader *, uint32_t, uint32_t *) override; \
-    virtual nsresult WriteSegments(nsAHttpSegmentWriter *, uint32_t, uint32_t *) override; \
+    virtual MOZ_MUST_USE nsresult ReadSegments(nsAHttpSegmentReader *, uint32_t, uint32_t *) override; \
+    virtual MOZ_MUST_USE nsresult WriteSegments(nsAHttpSegmentWriter *, uint32_t, uint32_t *) override; \
     virtual void Close(nsresult reason) override;                                \
     nsHttpConnectionInfo *ConnectionInfo() override;                             \
     void     SetProxyConnectFailed() override;                                   \
     virtual nsHttpRequestHead *RequestHead() override;                                   \
     uint32_t Http1xTransactionCount() override;                                  \
-    nsresult TakeSubTransactions(nsTArray<RefPtr<nsAHttpTransaction> > &outTransactions) override;
+    MOZ_MUST_USE nsresult TakeSubTransactions(nsTArray<RefPtr<nsAHttpTransaction> > &outTransactions) override;
 
 //-----------------------------------------------------------------------------
 // nsAHttpSegmentReader
 //-----------------------------------------------------------------------------
 
 class nsAHttpSegmentReader
 {
 public:
     // any returned failure code stops segment iteration
-    virtual nsresult OnReadSegment(const char *segment,
-                                   uint32_t count,
-                                   uint32_t *countRead) = 0;
+    virtual MOZ_MUST_USE nsresult OnReadSegment(const char *segment,
+                                                uint32_t count,
+                                                uint32_t *countRead) = 0;
 
     // Ask the segment reader to commit to accepting size bytes of
     // data from subsequent OnReadSegment() calls or throw hard
     // (i.e. not wouldblock) exceptions. Implementations
     // can return NS_ERROR_FAILURE if they never make commitments of that size
     // (the default), NS_OK if they make the commitment, or
     // NS_BASE_STREAM_WOULD_BLOCK if they cannot make the
     // commitment now but might in the future and forceCommitment is not true .
     // (forceCommitment requires a hard failure or OK at this moment.)
     //
     // SpdySession uses this to make sure frames are atomic.
-    virtual nsresult CommitToSegmentSize(uint32_t size, bool forceCommitment)
+    virtual MOZ_MUST_USE nsresult CommitToSegmentSize(uint32_t size,
+                                                      bool forceCommitment)
     {
         return NS_ERROR_FAILURE;
     }
 };
 
 #define NS_DECL_NSAHTTPSEGMENTREADER \
-    nsresult OnReadSegment(const char *, uint32_t, uint32_t *) override;
+    MOZ_MUST_USE nsresult OnReadSegment(const char *, uint32_t, uint32_t *) override;
 
 //-----------------------------------------------------------------------------
 // nsAHttpSegmentWriter
 //-----------------------------------------------------------------------------
 
 class nsAHttpSegmentWriter
 {
 public:
     // any returned failure code stops segment iteration
-    virtual nsresult OnWriteSegment(char *segment,
-                                    uint32_t count,
-                                    uint32_t *countWritten) = 0;
+    virtual MOZ_MUST_USE nsresult OnWriteSegment(char *segment,
+                                                 uint32_t count,
+                                                 uint32_t *countWritten) = 0;
 };
 
 #define NS_DECL_NSAHTTPSEGMENTWRITER \
-    nsresult OnWriteSegment(char *, uint32_t, uint32_t *) override;
+    MOZ_MUST_USE nsresult OnWriteSegment(char *, uint32_t, uint32_t *) override;
 
 } // namespace net
 } // namespace mozilla
 
 #endif // nsAHttpTransaction_h__
--- a/netwerk/protocol/http/nsCORSListenerProxy.h
+++ b/netwerk/protocol/http/nsCORSListenerProxy.h
@@ -60,39 +60,43 @@ public:
   NS_DECL_NSICHANNELEVENTSINK
   NS_DECL_NSITHREADRETARGETABLESTREAMLISTENER
 
   // Must be called at startup.
   static void Startup();
 
   static void Shutdown();
 
-  nsresult Init(nsIChannel* aChannel, DataURIHandling aAllowDataURI);
+  MOZ_MUST_USE nsresult Init(nsIChannel* aChannel,
+                             DataURIHandling aAllowDataURI);
 
   void SetInterceptController(nsINetworkInterceptController* aInterceptController);
 
 private:
   // Only HttpChannelParent can call RemoveFromCorsPreflightCache
   friend class mozilla::net::HttpChannelParent;
   // Only nsHttpChannel can invoke CORS preflights
   friend class mozilla::net::nsHttpChannel;
 
   static void RemoveFromCorsPreflightCache(nsIURI* aURI,
                                            nsIPrincipal* aRequestingPrincipal);
-  static nsresult StartCORSPreflight(nsIChannel* aRequestChannel,
-                                     nsICorsPreflightCallback* aCallback,
-                                     nsTArray<nsCString>& aACUnsafeHeaders,
-                                     nsIChannel** aPreflightChannel);
+  static MOZ_MUST_USE nsresult
+  StartCORSPreflight(nsIChannel* aRequestChannel,
+                     nsICorsPreflightCallback* aCallback,
+                     nsTArray<nsCString>& aACUnsafeHeaders,
+                     nsIChannel** aPreflightChannel);
 
   ~nsCORSListenerProxy();
 
-  nsresult UpdateChannel(nsIChannel* aChannel, DataURIHandling aAllowDataURI,
-                         UpdateType aUpdateType);
-  nsresult CheckRequestApproved(nsIRequest* aRequest);
-  nsresult CheckPreflightNeeded(nsIChannel* aChannel, UpdateType aUpdateType);
+  MOZ_MUST_USE nsresult UpdateChannel(nsIChannel* aChannel,
+                                      DataURIHandling aAllowDataURI,
+                                      UpdateType aUpdateType);
+  MOZ_MUST_USE nsresult CheckRequestApproved(nsIRequest* aRequest);
+  MOZ_MUST_USE nsresult CheckPreflightNeeded(nsIChannel* aChannel,
+                                             UpdateType aUpdateType);
 
   nsCOMPtr<nsIStreamListener> mOuterListener;
   // The principal that originally kicked off the request
   nsCOMPtr<nsIPrincipal> mRequestingPrincipal;
   // The principal to use for our Origin header ("source origin" in spec terms).
   // This can get changed during redirects, unlike mRequestingPrincipal.
   nsCOMPtr<nsIPrincipal> mOriginHeaderPrincipal;
   nsCOMPtr<nsIInterfaceRequestor> mOuterNotificationCallbacks;
--- a/netwerk/protocol/http/nsHttp.h
+++ b/netwerk/protocol/http/nsHttp.h
@@ -115,17 +115,17 @@ struct nsHttpAtom
     void operator=(const nsHttpAtom &a) { _val = a._val; }
 
     // private
     const char *_val;
 };
 
 struct nsHttp
 {
-    static nsresult CreateAtomTable();
+    static MOZ_MUST_USE nsresult CreateAtomTable();
     static void DestroyAtomTable();
 
     // The mutex is valid any time the Atom Table is valid
     // This mutex is used in the unusual case that the network thread and
     // main thread might access the same data
     static Mutex *GetLock();
 
     // will dynamically add atoms to the table if they don't already exist
@@ -159,22 +159,23 @@ struct nsHttp
     // This function parses a string containing a decimal-valued, non-negative
     // 64-bit integer.  If the value would exceed INT64_MAX, then false is
     // returned.  Otherwise, this function returns true and stores the
     // parsed value in |result|.  The next unparsed character in |input| is
     // optionally returned via |next| if |next| is non-null.
     //
     // TODO(darin): Replace this with something generic.
     //
-    static bool ParseInt64(const char *input, const char **next,
-                             int64_t *result);
+    static MOZ_MUST_USE bool ParseInt64(const char *input, const char **next,
+                                        int64_t *result);
 
     // Variant on ParseInt64 that expects the input string to contain nothing
     // more than the value being parsed.
-    static inline bool ParseInt64(const char *input, int64_t *result) {
+    static inline MOZ_MUST_USE bool ParseInt64(const char *input,
+                                               int64_t *result) {
         const char *next;
         return ParseInt64(input, &next, result) && *next == '\0';
     }
 
     // Return whether the HTTP status code represents a permanent redirect
     static bool IsPermanentRedirect(uint32_t httpStatus);
 
     // Returns the APLN token which represents the used protocol version.
--- a/netwerk/protocol/http/nsHttpAuthCache.h
+++ b/netwerk/protocol/http/nsHttpAuthCache.h
@@ -39,31 +39,35 @@ public:
         , mDomain(nullptr)
     {
     }
     nsHttpAuthIdentity(const char16_t *domain,
                        const char16_t *user,
                        const char16_t *password)
         : mUser(nullptr)
     {
-        Set(domain, user, password);
+        DebugOnly<nsresult> rv = Set(domain, user, password);
+        MOZ_ASSERT(NS_SUCCEEDED(rv));
     }
    ~nsHttpAuthIdentity()
     {
         Clear();
     }
 
     const char16_t *Domain()   const { return mDomain; }
     const char16_t *User()     const { return mUser; }
     const char16_t *Password() const { return mPass; }
 
-    nsresult Set(const char16_t *domain,
-                 const char16_t *user,
-                 const char16_t *password);
-    nsresult Set(const nsHttpAuthIdentity &other) { return Set(other.mDomain, other.mUser, other.mPass); }
+    MOZ_MUST_USE nsresult Set(const char16_t *domain,
+                              const char16_t *user,
+                              const char16_t *password);
+    MOZ_MUST_USE nsresult Set(const nsHttpAuthIdentity &other)
+    {
+      return Set(other.mDomain, other.mUser, other.mPass);
+    }
     void Clear();
 
     bool Equals(const nsHttpAuthIdentity &other) const;
     bool IsEmpty() const { return !mUser; }
 
 private:
     // allocated as one contiguous blob, starting at mUser.
     char16_t *mUser;
@@ -83,41 +87,42 @@ public:
     const char *Challenge()   const { return mChallenge; }
     const char16_t *Domain() const { return mIdent.Domain(); }
     const char16_t *User()   const { return mIdent.User(); }
     const char16_t *Pass()   const { return mIdent.Password(); }
     nsHttpAuthPath *RootPath()      { return mRoot; }
 
     const nsHttpAuthIdentity &Identity() const { return mIdent; }
 
-    nsresult AddPath(const char *aPath);
+    MOZ_MUST_USE nsresult AddPath(const char *aPath);
 
     nsCOMPtr<nsISupports> mMetaData;
 
 private:
     nsHttpAuthEntry(const char *path,
                     const char *realm,
                     const char *creds,
                     const char *challenge,
                     const nsHttpAuthIdentity *ident,
                     nsISupports *metadata)
         : mRoot(nullptr)
         , mTail(nullptr)
         , mRealm(nullptr)
     {
-        Set(path, realm, creds, challenge, ident, metadata);
+        DebugOnly<nsresult> rv = Set(path, realm, creds, challenge, ident, metadata);
+        MOZ_ASSERT(NS_SUCCEEDED(rv));
     }
    ~nsHttpAuthEntry();
 
-    nsresult Set(const char *path,
-                 const char *realm,
-                 const char *creds,
-                 const char *challenge,
-                 const nsHttpAuthIdentity *ident,
-                 nsISupports *metadata);
+    MOZ_MUST_USE nsresult Set(const char *path,
+                              const char *realm,
+                              const char *creds,
+                              const char *challenge,
+                              const nsHttpAuthIdentity *ident,
+                              nsISupports *metadata);
 
     nsHttpAuthIdentity mIdent;
 
     nsHttpAuthPath *mRoot; //root pointer
     nsHttpAuthPath *mTail; //tail pointer
 
     // allocated together in one blob, starting with mRealm.
     char *mRealm;
@@ -142,22 +147,22 @@ private:
     // path can be null, in which case we'll search for an entry
     // with a null path.
     nsHttpAuthEntry *LookupEntryByPath(const char *path);
 
     // realm must not be null
     nsHttpAuthEntry *LookupEntryByRealm(const char *realm);
 
     // if a matching entry is found, then credentials will be changed.
-    nsresult SetAuthEntry(const char *path,
-                          const char *realm,
-                          const char *credentials,
-                          const char *challenge,
-                          const nsHttpAuthIdentity *ident,
-                          nsISupports *metadata);
+    MOZ_MUST_USE nsresult SetAuthEntry(const char *path,
+                                       const char *realm,
+                                       const char *credentials,
+                                       const char *challenge,
+                                       const nsHttpAuthIdentity *ident,
+                                       nsISupports *metadata);
 
     void ClearAuthEntry(const char *realm);
 
     uint32_t EntryCount() { return mList.Length(); }
 
 private:
     nsTArray<nsAutoPtr<nsHttpAuthEntry> > mList;
 
@@ -170,62 +175,62 @@ private:
 //-----------------------------------------------------------------------------
 
 class nsHttpAuthCache
 {
 public:
     nsHttpAuthCache();
    ~nsHttpAuthCache();
 
-    nsresult Init();
+    MOZ_MUST_USE nsresult Init();
 
     // |scheme|, |host|, and |port| are required
     // |path| can be null
     // |entry| is either null or a weak reference
-    nsresult GetAuthEntryForPath(const char *scheme,
-                                 const char *host,
-                                 int32_t     port,
-                                 const char *path,
-                                 nsACString const &originSuffix,
-                                 nsHttpAuthEntry **entry);
+    MOZ_MUST_USE nsresult GetAuthEntryForPath(const char *scheme,
+                                              const char *host,
+                                              int32_t     port,
+                                              const char *path,
+                                              nsACString const &originSuffix,
+                                              nsHttpAuthEntry **entry);
 
     // |scheme|, |host|, and |port| are required
     // |realm| must not be null
     // |entry| is either null or a weak reference
-    nsresult GetAuthEntryForDomain(const char *scheme,
-                                   const char *host,
-                                   int32_t     port,
-                                   const char *realm,
-                                   nsACString const &originSuffix,
-                                   nsHttpAuthEntry **entry);
+    MOZ_MUST_USE nsresult GetAuthEntryForDomain(const char *scheme,
+                                                const char *host,
+                                                int32_t     port,
+                                                const char *realm,
+                                                nsACString const &originSuffix,
+                                                nsHttpAuthEntry **entry);
 
     // |scheme|, |host|, and |port| are required
     // |path| can be null
     // |realm| must not be null
     // if |credentials|, |user|, |pass|, and |challenge| are each
     // null, then the entry is deleted.
-    nsresult SetAuthEntry(const char *scheme,
-                          const char *host,
-                          int32_t     port,
-                          const char *directory,
-                          const char *realm,
-                          const char *credentials,
-                          const char *challenge,
-                          nsACString const &originSuffix,
-                          const nsHttpAuthIdentity *ident,
-                          nsISupports *metadata);
+    MOZ_MUST_USE nsresult SetAuthEntry(const char *scheme,
+                                       const char *host,
+                                       int32_t     port,
+                                       const char *directory,
+                                       const char *realm,
+                                       const char *credentials,
+                                       const char *challenge,
+                                       nsACString const &originSuffix,
+                                       const nsHttpAuthIdentity *ident,
+                                       nsISupports *metadata);
 
     void ClearAuthEntry(const char *scheme,
                         const char *host,
                         int32_t     port,
                         const char *realm,
                         nsACString const &originSuffix);
 
     // expire all existing auth list entries including proxy auths.
-    nsresult ClearAll();
+    MOZ_MUST_USE nsresult ClearAll();
 
 private:
     nsHttpAuthNode *LookupAuthNode(const char *scheme,
                                    const char *host,
                                    int32_t     port,
                                    nsACString const &originSuffix,
                                    nsCString  &key);
 
--- a/netwerk/protocol/http/nsHttpAuthManager.h
+++ b/netwerk/protocol/http/nsHttpAuthManager.h
@@ -15,17 +15,17 @@ class nsHttpAuthCache;
 
 class nsHttpAuthManager : public nsIHttpAuthManager
 {
 public:
   NS_DECL_ISUPPORTS
   NS_DECL_NSIHTTPAUTHMANAGER
 
   nsHttpAuthManager();
-  nsresult Init();
+  MOZ_MUST_USE nsresult Init();
 
 protected:
   virtual ~nsHttpAuthManager();
 
   nsHttpAuthCache *mAuthCache;
   nsHttpAuthCache *mPrivateAuthCache;
 };
 
--- a/netwerk/protocol/http/nsHttpChannel.h
+++ b/netwerk/protocol/http/nsHttpChannel.h
@@ -39,18 +39,19 @@ class nsISSLStatus;
 
 namespace mozilla { namespace net {
 
 class Http2PushedStream;
 
 class HttpChannelSecurityWarningReporter
 {
 public:
-  virtual nsresult ReportSecurityMessage(const nsAString& aMessageTag,
-                                         const nsAString& aMessageCategory) = 0;
+  virtual MOZ_MUST_USE nsresult
+  ReportSecurityMessage(const nsAString& aMessageTag,
+                        const nsAString& aMessageCategory) = 0;
 };
 
 //-----------------------------------------------------------------------------
 // nsHttpChannel
 //-----------------------------------------------------------------------------
 
 // Use to support QI nsIChannel to nsHttpChannel
 #define NS_HTTPCHANNEL_IID                         \
@@ -122,22 +123,24 @@ public:
     NS_IMETHOD GetLoadFlags(nsLoadFlags *aLoadFlags) override;
     NS_IMETHOD GetURI(nsIURI **aURI) override;
     NS_IMETHOD GetNotificationCallbacks(nsIInterfaceRequestor **aCallbacks) override;
     NS_IMETHOD GetLoadGroup(nsILoadGroup **aLoadGroup) override;
     NS_IMETHOD GetRequestMethod(nsACString& aMethod) override;
 
     nsHttpChannel();
 
-    virtual nsresult Init(nsIURI *aURI, uint32_t aCaps, nsProxyInfo *aProxyInfo,
-                          uint32_t aProxyResolveFlags,
-                          nsIURI *aProxyURI,
-                          const nsID& aChannelId) override;
+    virtual MOZ_MUST_USE nsresult Init(nsIURI *aURI, uint32_t aCaps,
+                                       nsProxyInfo *aProxyInfo,
+                                       uint32_t aProxyResolveFlags,
+                                       nsIURI *aProxyURI,
+                                       const nsID& aChannelId) override;
 
-    nsresult OnPush(const nsACString &uri, Http2PushedStream *pushedStream);
+    MOZ_MUST_USE nsresult OnPush(const nsACString &uri,
+                                 Http2PushedStream *pushedStream);
 
     static bool IsRedirectStatus(uint32_t status);
 
 
     // Methods HttpBaseChannel didn't implement for us or that we override.
     //
     // nsIRequest
     NS_IMETHOD Cancel(nsresult status) override;
@@ -171,57 +174,58 @@ public:
     NS_IMETHOD GetConnectEnd(mozilla::TimeStamp *aConnectEnd) override;
     NS_IMETHOD GetRequestStart(mozilla::TimeStamp *aRequestStart) override;
     NS_IMETHOD GetResponseStart(mozilla::TimeStamp *aResponseStart) override;
     NS_IMETHOD GetResponseEnd(mozilla::TimeStamp *aResponseEnd) override;
     // nsICorsPreflightCallback
     NS_IMETHOD OnPreflightSucceeded() override;
     NS_IMETHOD OnPreflightFailed(nsresult aError) override;
 
-    nsresult AddSecurityMessage(const nsAString& aMessageTag,
-                                const nsAString& aMessageCategory) override;
+    MOZ_MUST_USE nsresult
+    AddSecurityMessage(const nsAString& aMessageTag,
+                       const nsAString& aMessageCategory) override;
 
     void SetWarningReporter(HttpChannelSecurityWarningReporter* aReporter)
       { mWarningReporter = aReporter; }
 
 public: /* internal necko use only */
 
     void InternalSetUploadStream(nsIInputStream *uploadStream)
       { mUploadStream = uploadStream; }
     void SetUploadStreamHasHeaders(bool hasHeaders)
       { mUploadStreamHasHeaders = hasHeaders; }
 
-    nsresult SetReferrerWithPolicyInternal(nsIURI *referrer,
-                                           uint32_t referrerPolicy) {
+    MOZ_MUST_USE nsresult
+    SetReferrerWithPolicyInternal(nsIURI *referrer, uint32_t referrerPolicy) {
         nsAutoCString spec;
         nsresult rv = referrer->GetAsciiSpec(spec);
         if (NS_FAILED(rv)) return rv;
         mReferrer = referrer;
         mReferrerPolicy = referrerPolicy;
-        mRequestHead.SetHeader(nsHttp::Referer, spec);
-        return NS_OK;
+        rv = mRequestHead.SetHeader(nsHttp::Referer, spec);
+        return rv;
     }
 
-    nsresult SetTopWindowURI(nsIURI* aTopWindowURI) {
+    MOZ_MUST_USE nsresult SetTopWindowURI(nsIURI* aTopWindowURI) {
         mTopWindowURI = aTopWindowURI;
         return NS_OK;
     }
 
     uint32_t GetRequestTime() const
     {
         return mRequestTime;
     }
 
-    nsresult OpenCacheEntry(bool usingSSL);
-    nsresult ContinueConnect();
+    MOZ_MUST_USE nsresult OpenCacheEntry(bool usingSSL);
+    MOZ_MUST_USE nsresult ContinueConnect();
 
     // If the load is mixed-content, build and send an HSTS priming request.
-    nsresult TryHSTSPriming();
+    MOZ_MUST_USE nsresult TryHSTSPriming();
 
-    nsresult StartRedirectChannelToURI(nsIURI *, uint32_t);
+    MOZ_MUST_USE nsresult StartRedirectChannelToURI(nsIURI *, uint32_t);
 
     // This allows cache entry to be marked as foreign even after channel itself
     // is gone.  Needed for e10s (see HttpChannelParent::RecvDocumentChannelCleanup)
     class OfflineCacheEntryAsForeignMarker {
         nsCOMPtr<nsIApplicationCache> mApplicationCache;
         nsCOMPtr<nsIURI> mCacheURI;
     public:
         OfflineCacheEntryAsForeignMarker(nsIApplicationCache* appCache,
@@ -284,150 +288,152 @@ public:
 
 protected:
     virtual ~nsHttpChannel();
 
 private:
     typedef nsresult (nsHttpChannel::*nsContinueRedirectionFunc)(nsresult result);
 
     bool     RequestIsConditional();
-    nsresult BeginConnect();
-    nsresult ContinueBeginConnectWithResult();
+    MOZ_MUST_USE nsresult BeginConnect();
+    MOZ_MUST_USE nsresult ContinueBeginConnectWithResult();
     void     ContinueBeginConnect();
-    nsresult Connect();
+    MOZ_MUST_USE nsresult Connect();
     void     SpeculativeConnect();
-    nsresult SetupTransaction();
+    MOZ_MUST_USE nsresult SetupTransaction();
     void     SetupTransactionRequestContext();
-    nsresult CallOnStartRequest();
-    nsresult ProcessResponse();
-    void     AsyncContinueProcessResponse();
-    nsresult ContinueProcessResponse1();
-    nsresult ContinueProcessResponse2(nsresult);
-    nsresult ContinueProcessResponse3(nsresult);
-    nsresult ProcessNormal();
-    nsresult ContinueProcessNormal(nsresult);
+    MOZ_MUST_USE nsresult CallOnStartRequest();
+    MOZ_MUST_USE nsresult ProcessResponse();
+    void                  AsyncContinueProcessResponse();
+    MOZ_MUST_USE nsresult ContinueProcessResponse1();
+    MOZ_MUST_USE nsresult ContinueProcessResponse2(nsresult);
+    MOZ_MUST_USE nsresult ContinueProcessResponse3(nsresult);
+    MOZ_MUST_USE nsresult ProcessNormal();
+    MOZ_MUST_USE nsresult ContinueProcessNormal(nsresult);
     void     ProcessAltService();
     bool     ShouldBypassProcessNotModified();
-    nsresult ProcessNotModified();
-    nsresult AsyncProcessRedirection(uint32_t httpStatus);
-    nsresult ContinueProcessRedirection(nsresult);
-    nsresult ContinueProcessRedirectionAfterFallback(nsresult);
-    nsresult ProcessFailedProxyConnect(uint32_t httpStatus);
-    nsresult ProcessFallback(bool *waitingForRedirectCallback);
-    nsresult ContinueProcessFallback(nsresult);
+    MOZ_MUST_USE nsresult ProcessNotModified();
+    MOZ_MUST_USE nsresult AsyncProcessRedirection(uint32_t httpStatus);
+    MOZ_MUST_USE nsresult ContinueProcessRedirection(nsresult);
+    MOZ_MUST_USE nsresult ContinueProcessRedirectionAfterFallback(nsresult);
+    MOZ_MUST_USE nsresult ProcessFailedProxyConnect(uint32_t httpStatus);
+    MOZ_MUST_USE nsresult ProcessFallback(bool *waitingForRedirectCallback);
+    MOZ_MUST_USE nsresult ContinueProcessFallback(nsresult);
     void     HandleAsyncAbort();
-    nsresult EnsureAssocReq();
+    MOZ_MUST_USE nsresult EnsureAssocReq();
     void     ProcessSSLInformation();
     bool     IsHTTPS();
 
-    nsresult ContinueOnStartRequest1(nsresult);
-    nsresult ContinueOnStartRequest2(nsresult);
-    nsresult ContinueOnStartRequest3(nsresult);
+    MOZ_MUST_USE nsresult ContinueOnStartRequest1(nsresult);
+    MOZ_MUST_USE nsresult ContinueOnStartRequest2(nsresult);
+    MOZ_MUST_USE nsresult ContinueOnStartRequest3(nsresult);
 
     // redirection specific methods
     void     HandleAsyncRedirect();
     void     HandleAsyncAPIRedirect();
-    nsresult ContinueHandleAsyncRedirect(nsresult);
+    MOZ_MUST_USE nsresult ContinueHandleAsyncRedirect(nsresult);
     void     HandleAsyncNotModified();
     void     HandleAsyncFallback();
-    nsresult ContinueHandleAsyncFallback(nsresult);
-    nsresult PromptTempRedirect();
-    virtual  nsresult SetupReplacementChannel(nsIURI *, nsIChannel *,
-                                              bool preserveMethod,
-                                              uint32_t redirectFlags) override;
+    MOZ_MUST_USE nsresult ContinueHandleAsyncFallback(nsresult);
+    MOZ_MUST_USE nsresult PromptTempRedirect();
+    virtual MOZ_MUST_USE nsresult
+    SetupReplacementChannel(nsIURI *, nsIChannel *, bool preserveMethod,
+                            uint32_t redirectFlags) override;
 
     // proxy specific methods
-    nsresult ProxyFailover();
-    nsresult AsyncDoReplaceWithProxy(nsIProxyInfo *);
-    nsresult ContinueDoReplaceWithProxy(nsresult);
-    nsresult ResolveProxy();
+    MOZ_MUST_USE nsresult ProxyFailover();
+    MOZ_MUST_USE nsresult AsyncDoReplaceWithProxy(nsIProxyInfo *);
+    MOZ_MUST_USE nsresult ContinueDoReplaceWithProxy(nsresult);
+    MOZ_MUST_USE nsresult ResolveProxy();
 
     // cache specific methods
-    nsresult OnOfflineCacheEntryAvailable(nsICacheEntry *aEntry,
-                                          bool aNew,
-                                          nsIApplicationCache* aAppCache,
-                                          nsresult aResult);
-    nsresult OnNormalCacheEntryAvailable(nsICacheEntry *aEntry,
-                                         bool aNew,
-                                         nsresult aResult);
-    nsresult OpenOfflineCacheEntryForWriting();
-    nsresult OnOfflineCacheEntryForWritingAvailable(nsICacheEntry *aEntry,
-                                                    nsIApplicationCache* aAppCache,
-                                                    nsresult aResult);
-    nsresult OnCacheEntryAvailableInternal(nsICacheEntry *entry,
-                                      bool aNew,
-                                      nsIApplicationCache* aAppCache,
-                                      nsresult status);
-    nsresult GenerateCacheKey(uint32_t postID, nsACString &key);
-    nsresult UpdateExpirationTime();
-    nsresult CheckPartial(nsICacheEntry* aEntry, int64_t *aSize, int64_t *aContentLength);
+    MOZ_MUST_USE nsresult
+    OnOfflineCacheEntryAvailable(nsICacheEntry *aEntry, bool aNew,
+                                 nsIApplicationCache* aAppCache,
+                                 nsresult aResult);
+    MOZ_MUST_USE nsresult OnNormalCacheEntryAvailable(nsICacheEntry *aEntry,
+                                                      bool aNew,
+                                                      nsresult aResult);
+    MOZ_MUST_USE nsresult OpenOfflineCacheEntryForWriting();
+    MOZ_MUST_USE nsresult
+    OnOfflineCacheEntryForWritingAvailable(nsICacheEntry *aEntry,
+                                           nsIApplicationCache* aAppCache,
+                                           nsresult aResult);
+    MOZ_MUST_USE nsresult
+    OnCacheEntryAvailableInternal(nsICacheEntry *entry, bool aNew,
+                                  nsIApplicationCache* aAppCache,
+                                  nsresult status);
+    MOZ_MUST_USE nsresult GenerateCacheKey(uint32_t postID, nsACString &key);
+    MOZ_MUST_USE nsresult UpdateExpirationTime();
+    MOZ_MUST_USE nsresult CheckPartial(nsICacheEntry* aEntry, int64_t *aSize, int64_t *aContentLength);
     bool ShouldUpdateOfflineCacheEntry();
-    nsresult ReadFromCache(bool alreadyMarkedValid);
+    MOZ_MUST_USE nsresult ReadFromCache(bool alreadyMarkedValid);
     void     CloseCacheEntry(bool doomOnFailure);
     void     CloseOfflineCacheEntry();
-    nsresult InitCacheEntry();
+    MOZ_MUST_USE nsresult InitCacheEntry();
     void     UpdateInhibitPersistentCachingFlag();
-    nsresult InitOfflineCacheEntry();
-    nsresult AddCacheEntryHeaders(nsICacheEntry *entry);
-    nsresult FinalizeCacheEntry();
-    nsresult InstallCacheListener(int64_t offset = 0);
-    nsresult InstallOfflineCacheListener(int64_t offset = 0);
+    MOZ_MUST_USE nsresult InitOfflineCacheEntry();
+    MOZ_MUST_USE nsresult AddCacheEntryHeaders(nsICacheEntry *entry);
+    MOZ_MUST_USE nsresult FinalizeCacheEntry();
+    MOZ_MUST_USE nsresult InstallCacheListener(int64_t offset = 0);
+    MOZ_MUST_USE nsresult InstallOfflineCacheListener(int64_t offset = 0);
     void     MaybeInvalidateCacheEntryForSubsequentGet();
     void     AsyncOnExamineCachedResponse();
 
     // Handle the bogus Content-Encoding Apache sometimes sends
     void ClearBogusContentEncodingIfNeeded();
 
     // byte range request specific methods
-    nsresult ProcessPartialContent();
-    nsresult OnDoneReadingPartialCacheEntry(bool *streamDone);
+    MOZ_MUST_USE nsresult ProcessPartialContent();
+    MOZ_MUST_USE nsresult OnDoneReadingPartialCacheEntry(bool *streamDone);
 
-    nsresult DoAuthRetry(nsAHttpConnection *);
+    MOZ_MUST_USE nsresult DoAuthRetry(nsAHttpConnection *);
 
     void     HandleAsyncRedirectChannelToHttps();
-    nsresult StartRedirectChannelToHttps();
-    nsresult ContinueAsyncRedirectChannelToURI(nsresult rv);
-    nsresult OpenRedirectChannel(nsresult rv);
+    MOZ_MUST_USE nsresult StartRedirectChannelToHttps();
+    MOZ_MUST_USE nsresult ContinueAsyncRedirectChannelToURI(nsresult rv);
+    MOZ_MUST_USE nsresult OpenRedirectChannel(nsresult rv);
 
     /**
      * A function that takes care of reading STS and PKP headers and enforcing
      * STS and PKP load rules. After a secure channel is erected, STS and PKP
      * requires the channel to be trusted or any STS or PKP header data on
      * the channel is ignored. This is called from ProcessResponse.
      */
-    nsresult ProcessSecurityHeaders();
+    MOZ_MUST_USE nsresult ProcessSecurityHeaders();
 
     /**
      * Taking care of the Content-Signature header and fail the channel if
      * the signature verification fails or is required but the header is not
      * present.
      * This sets mListener to ContentVerifier, which buffers the entire response
      * before verifying the Content-Signature header. If the verification is
      * successful, the load proceeds as usual. If the verification fails, a
      * NS_ERROR_INVALID_SIGNATURE is thrown and a fallback loaded in nsDocShell
      */
-    nsresult ProcessContentSignatureHeader(nsHttpResponseHead *aResponseHead);
+    MOZ_MUST_USE nsresult
+    ProcessContentSignatureHeader(nsHttpResponseHead *aResponseHead);
 
     /**
      * A function that will, if the feature is enabled, send security reports.
      */
     void ProcessSecurityReport(nsresult status);
 
     /**
      * A function to process a single security header (STS or PKP), assumes
      * some basic sanity checks have been applied to the channel. Called
      * from ProcessSecurityHeaders.
      */
-    nsresult ProcessSingleSecurityHeader(uint32_t aType,
-                                         nsISSLStatus *aSSLStatus,
-                                         uint32_t aFlags);
+    MOZ_MUST_USE nsresult ProcessSingleSecurityHeader(uint32_t aType,
+                                                      nsISSLStatus *aSSLStatus,
+                                                      uint32_t aFlags);
 
     void InvalidateCacheEntryForLocation(const char *location);
     void AssembleCacheKey(const char *spec, uint32_t postID, nsACString &key);
-    nsresult CreateNewURI(const char *loc, nsIURI **newURI);
+    MOZ_MUST_USE nsresult CreateNewURI(const char *loc, nsIURI **newURI);
     void DoInvalidateCacheEntry(nsIURI* aURI);
 
     // Ref RFC2616 13.10: "invalidation... MUST only be performed if
     // the host part is the same as in the Request-URI"
     inline bool HostPartIsTheSame(nsIURI *uri) {
         nsAutoCString tmpHost1, tmpHost2;
         return (NS_SUCCEEDED(mURI->GetAsciiHost(tmpHost1)) &&
                 NS_SUCCEEDED(uri->GetAsciiHost(tmpHost2)) &&
@@ -448,23 +454,25 @@ private:
     // Create a aggregate set of the current notification callbacks
     // and ensure the transaction is updated to use it.
     void UpdateAggregateCallbacks();
 
     static bool HasQueryString(nsHttpRequestHead::ParsedMethodType method, nsIURI * uri);
     bool ResponseWouldVary(nsICacheEntry* entry);
     bool IsResumable(int64_t partialLen, int64_t contentLength,
                      bool ignoreMissingPartialLen = false) const;
-    nsresult MaybeSetupByteRangeRequest(int64_t partialLen, int64_t contentLength,
-                                        bool ignoreMissingPartialLen = false);
-    nsresult SetupByteRangeRequest(int64_t partialLen);
+    MOZ_MUST_USE nsresult
+    MaybeSetupByteRangeRequest(int64_t partialLen, int64_t contentLength,
+                               bool ignoreMissingPartialLen = false);
+    MOZ_MUST_USE nsresult SetupByteRangeRequest(int64_t partialLen);
     void UntieByteRangeRequest();
     void UntieValidationRequest();
-    nsresult OpenCacheInputStream(nsICacheEntry* cacheEntry, bool startBuffering,
-                                  bool checkingAppCacheEntry);
+    MOZ_MUST_USE nsresult OpenCacheInputStream(nsICacheEntry* cacheEntry,
+                                               bool startBuffering,
+                                               bool checkingAppCacheEntry);
 
     void SetPushedStream(Http2PushedStream *stream);
 
     void MaybeWarnAboutAppCache();
 
     void SetLoadGroupUserAgentOverride();
 
     void SetDoNotTrack();
@@ -599,17 +607,17 @@ private:
     // Needed for accurate DNS timing
     RefPtr<nsDNSPrefetch>           mDNSPrefetch;
 
     Http2PushedStream                 *mPushedStream;
     // True if the channel's principal was found on a phishing, malware, or
     // tracking (if tracking protection is enabled) blocklist
     bool                              mLocalBlocklist;
 
-    nsresult WaitForRedirectCallback();
+    MOZ_MUST_USE nsresult WaitForRedirectCallback();
     void PushRedirectAsyncFunc(nsContinueRedirectionFunc func);
     void PopRedirectAsyncFunc(nsContinueRedirectionFunc func);
 
     nsCString mUsername;
 
     // If non-null, warnings should be reported to this object.
     HttpChannelSecurityWarningReporter* mWarningReporter;
 
--- a/netwerk/protocol/http/nsHttpChannelAuthProvider.h
+++ b/netwerk/protocol/http/nsHttpChannelAuthProvider.h
@@ -49,95 +49,98 @@ private:
 
     const char *Host() const      { return mHost.get(); }
     int32_t     Port() const      { return mPort; }
     bool        UsingSSL() const  { return mUsingSSL; }
 
     bool        UsingHttpProxy() const
     { return mProxyInfo && (mProxyInfo->IsHTTP() || mProxyInfo->IsHTTPS()); }
 
-    nsresult PrepareForAuthentication(bool proxyAuth);
-    nsresult GenCredsAndSetEntry(nsIHttpAuthenticator *, bool proxyAuth,
-                                 const char *scheme, const char *host,
-                                 int32_t port, const char *dir,
-                                 const char *realm, const char *challenge,
-                                 const nsHttpAuthIdentity &ident,
-                                 nsCOMPtr<nsISupports> &session, char **result);
-    nsresult GetAuthenticator(const char *challenge, nsCString &scheme,
-                              nsIHttpAuthenticator **auth);
+    MOZ_MUST_USE nsresult PrepareForAuthentication(bool proxyAuth);
+    MOZ_MUST_USE nsresult
+    GenCredsAndSetEntry(nsIHttpAuthenticator *, bool proxyAuth,
+                        const char *scheme, const char *host, int32_t port,
+                        const char *dir, const char *realm,
+                        const char *challenge, const nsHttpAuthIdentity &ident,
+                        nsCOMPtr<nsISupports> &session, char **result);
+    MOZ_MUST_USE nsresult GetAuthenticator(const char *challenge,
+                                           nsCString &scheme,
+                                           nsIHttpAuthenticator **auth);
     void     ParseRealm(const char *challenge, nsACString &realm);
     void     GetIdentityFromURI(uint32_t authFlags, nsHttpAuthIdentity&);
 
     /**
      * Following three methods return NS_ERROR_IN_PROGRESS when
      * nsIAuthPrompt2.asyncPromptAuth method is called. This result indicates
      * the user's decision will be gathered in a callback and is not an actual
      * error.
      */
-    nsresult GetCredentials(const char *challenges, bool proxyAuth,
-                            nsAFlatCString &creds);
-    nsresult GetCredentialsForChallenge(const char *challenge,
-                                        const char *scheme,  bool proxyAuth,
-                                        nsIHttpAuthenticator *auth,
-                                        nsAFlatCString &creds);
-    nsresult PromptForIdentity(uint32_t level, bool proxyAuth,
-                               const char *realm, const char *authType,
-                               uint32_t authFlags, nsHttpAuthIdentity &);
+    MOZ_MUST_USE nsresult GetCredentials(const char *challenges, bool proxyAuth,
+                                         nsAFlatCString &creds);
+    MOZ_MUST_USE nsresult
+    GetCredentialsForChallenge(const char *challenge, const char *scheme,
+                               bool proxyAuth, nsIHttpAuthenticator *auth,
+                               nsAFlatCString &creds);
+    MOZ_MUST_USE nsresult PromptForIdentity(uint32_t level, bool proxyAuth,
+                                            const char *realm,
+                                            const char *authType,
+                                            uint32_t authFlags,
+                                            nsHttpAuthIdentity &);
 
     bool     ConfirmAuth(const nsString &bundleKey, bool doYesNoPrompt);
     void     SetAuthorizationHeader(nsHttpAuthCache *, nsHttpAtom header,
                                     const char *scheme, const char *host,
                                     int32_t port, const char *path,
                                     nsHttpAuthIdentity &ident);
-    nsresult GetCurrentPath(nsACString &);
+    MOZ_MUST_USE nsresult GetCurrentPath(nsACString &);
     /**
      * Return all information needed to build authorization information,
      * all parameters except proxyAuth are out parameters. proxyAuth specifies
      * with what authorization we work (WWW or proxy).
      */
-    nsresult GetAuthorizationMembers(bool proxyAuth, nsCSubstring& scheme,
-                                     const char*& host, int32_t& port,
-                                     nsCSubstring& path,
-                                     nsHttpAuthIdentity*& ident,
-                                     nsISupports**& continuationState);
+    MOZ_MUST_USE nsresult
+    GetAuthorizationMembers(bool proxyAuth, nsCSubstring& scheme,
+                            const char*& host, int32_t& port,
+                            nsCSubstring& path, nsHttpAuthIdentity*& ident,
+                            nsISupports**& continuationState);
     /**
      * Method called to resume suspended transaction after we got credentials
      * from the user. Called from OnAuthAvailable callback or OnAuthCancelled
      * when credentials for next challenge were obtained synchronously.
      */
-    nsresult ContinueOnAuthAvailable(const nsCSubstring& creds);
+    MOZ_MUST_USE nsresult ContinueOnAuthAvailable(const nsCSubstring& creds);
 
-    nsresult DoRedirectChannelToHttps();
+    MOZ_MUST_USE nsresult DoRedirectChannelToHttps();
 
     /**
      * A function that takes care of reading STS headers and enforcing STS
      * load rules.  After a secure channel is erected, STS requires the channel
      * to be trusted or any STS header data on the channel is ignored.
      * This is called from ProcessResponse.
      */
-    nsresult ProcessSTSHeader();
+    MOZ_MUST_USE nsresult ProcessSTSHeader();
 
     // Depending on the pref setting, the authentication dialog may be blocked
     // for all sub-resources, blocked for cross-origin sub-resources, or
     // always allowed for sub-resources.
     // For more details look at the bug 647010.
     bool BlockPrompt();
 
     // Store credentials to the cache when appropriate aFlags are set.
-    nsresult UpdateCache(nsIHttpAuthenticator *aAuth,
-                         const char           *aScheme,
-                         const char           *aHost,
-                         int32_t               aPort,
-                         const char           *aDirectory,
-                         const char           *aRealm,
-                         const char           *aChallenge,
-                         const nsHttpAuthIdentity &aIdent,
-                         const char           *aCreds,
-                         uint32_t              aGenerateFlags,
-                         nsISupports          *aSessionState);
+    MOZ_MUST_USE nsresult UpdateCache(nsIHttpAuthenticator *aAuth,
+                                      const char           *aScheme,
+                                      const char           *aHost,
+                                      int32_t               aPort,
+                                      const char           *aDirectory,
+                                      const char           *aRealm,
+                                      const char           *aChallenge,
+                                      const nsHttpAuthIdentity &aIdent,
+                                      const char           *aCreds,
+                                      uint32_t              aGenerateFlags,
+                                      nsISupports          *aSessionState);
 
 private:
     nsIHttpAuthenticableChannel      *mAuthChannel;  // weak ref
 
     nsCOMPtr<nsIURI>                  mURI;
     nsCOMPtr<nsProxyInfo>             mProxyInfo;
     nsCString                         mHost;
     int32_t                           mPort;
--- a/netwerk/protocol/http/nsHttpChunkedDecoder.h
+++ b/netwerk/protocol/http/nsHttpChunkedDecoder.h
@@ -19,33 +19,33 @@ public:
                            , mChunkRemaining(0)
                            , mReachedEOF(false)
                            , mWaitEOF(false) {}
    ~nsHttpChunkedDecoder() { delete mTrailers; }
 
     bool ReachedEOF() { return mReachedEOF; }
 
     // called by the transaction to handle chunked content.
-    nsresult HandleChunkedContent(char *buf,
-                                  uint32_t count,
-                                  uint32_t *contentRead,
-                                  uint32_t *contentRemaining);
+    MOZ_MUST_USE nsresult HandleChunkedContent(char *buf,
+                                               uint32_t count,
+                                               uint32_t *contentRead,
+                                               uint32_t *contentRemaining);
 
     nsHttpHeaderArray *Trailers() { return mTrailers; }
 
     nsHttpHeaderArray *TakeTrailers() { nsHttpHeaderArray *h = mTrailers;
                                         mTrailers = nullptr;
                                         return h; }
 
     uint32_t GetChunkRemaining() { return mChunkRemaining; }
 
 private:
-    nsresult ParseChunkRemaining(char *buf,
-                                 uint32_t count,
-                                 uint32_t *countRead);
+    MOZ_MUST_USE nsresult ParseChunkRemaining(char *buf,
+                                              uint32_t count,
+                                              uint32_t *countRead);
 
 private:
     nsHttpHeaderArray *mTrailers;
     uint32_t           mChunkRemaining;
     nsCString          mLineBuf; // may hold a partial line
     bool               mReachedEOF;
     bool               mWaitEOF;
 };
--- a/netwerk/protocol/http/nsHttpConnection.h
+++ b/netwerk/protocol/http/nsHttpConnection.h
@@ -61,25 +61,26 @@ public:
 
     nsHttpConnection();
 
     // Initialize the connection:
     //  info        - specifies the connection parameters.
     //  maxHangTime - limits the amount of time this connection can spend on a
     //                single transaction before it should no longer be kept
     //                alive.  a value of 0xffff indicates no limit.
-    nsresult Init(nsHttpConnectionInfo *info, uint16_t maxHangTime,
-                  nsISocketTransport *, nsIAsyncInputStream *,
-                  nsIAsyncOutputStream *, bool connectedTransport,
-                  nsIInterfaceRequestor *, PRIntervalTime);
+    MOZ_MUST_USE nsresult Init(nsHttpConnectionInfo *info, uint16_t maxHangTime,
+                               nsISocketTransport *, nsIAsyncInputStream *,
+                               nsIAsyncOutputStream *, bool connectedTransport,
+                               nsIInterfaceRequestor *, PRIntervalTime);
 
     // Activate causes the given transaction to be processed on this
     // connection.  It fails if there is already an existing transaction unless
     // a multiplexing protocol such as SPDY is being used
-    nsresult Activate(nsAHttpTransaction *, uint32_t caps, int32_t pri);
+    MOZ_MUST_USE nsresult Activate(nsAHttpTransaction *, uint32_t caps,
+                                   int32_t pri);
 
     // Close the underlying socket transport.
     void Close(nsresult reason, bool aIsShutdown = false);
 
     //-------------------------------------------------------------------------
     // XXX document when these are ok to call
 
     bool IsKeepAlive()
@@ -121,38 +122,42 @@ public:
         mForcePlainText = true;
     }
 
     nsISocketTransport   *Transport()      { return mSocketTransport; }
     nsAHttpTransaction   *Transaction()    { return mTransaction; }
     nsHttpConnectionInfo *ConnectionInfo() { return mConnInfo; }
 
     // nsAHttpConnection compatible methods (non-virtual):
-    nsresult OnHeadersAvailable(nsAHttpTransaction *, nsHttpRequestHead *, nsHttpResponseHead *, bool *reset);
-    void     CloseTransaction(nsAHttpTransaction *, nsresult reason, bool aIsShutdown = false);
+    MOZ_MUST_USE nsresult OnHeadersAvailable(nsAHttpTransaction *,
+                                             nsHttpRequestHead *,
+                                             nsHttpResponseHead *, bool *reset);
+    void     CloseTransaction(nsAHttpTransaction *, nsresult reason,
+                              bool aIsShutdown = false);
     void     GetConnectionInfo(nsHttpConnectionInfo **ci) { NS_IF_ADDREF(*ci = mConnInfo); }
-    nsresult TakeTransport(nsISocketTransport **,
-                           nsIAsyncInputStream **,
-                           nsIAsyncOutputStream **);
+    MOZ_MUST_USE nsresult TakeTransport(nsISocketTransport **,
+                                        nsIAsyncInputStream **,
+                                        nsIAsyncOutputStream **);
     void     GetSecurityInfo(nsISupports **);
     bool     IsPersistent() { return IsKeepAlive() && !mDontReuse; }
     bool     IsReused();
     void     SetIsReusedAfter(uint32_t afterMilliseconds);
-    nsresult PushBack(const char *data, uint32_t length);
-    nsresult ResumeSend();
-    nsresult ResumeRecv();
+    MOZ_MUST_USE nsresult PushBack(const char *data, uint32_t length);
+    MOZ_MUST_USE nsresult ResumeSend();
+    MOZ_MUST_USE nsresult ResumeRecv();
     int64_t  MaxBytesRead() {return mMaxBytesRead;}
     uint8_t GetLastHttpResponseVersion() { return mLastHttpResponseVersion; }
 
     friend class HttpConnectionForceIO;
-    nsresult ForceSend();
-    nsresult ForceRecv();
+    MOZ_MUST_USE nsresult ForceSend();
+    MOZ_MUST_USE nsresult ForceRecv();
 
-    static nsresult ReadFromStream(nsIInputStream *, void *, const char *,
-                                   uint32_t, uint32_t, uint32_t *);
+    static MOZ_MUST_USE nsresult ReadFromStream(nsIInputStream *, void *,
+                                                const char *, uint32_t,
+                                                uint32_t, uint32_t *);
 
     // When a persistent connection is in the connection manager idle
     // connection pool, the nsHttpConnection still reads errors and hangups
     // on the socket so that it can be proactively released if the server
     // initiates a termination. Only call on socket thread.
     void BeginIdleMonitoring();
     void EndIdleMonitoring();
 
@@ -186,19 +191,19 @@ public:
     void    PrintDiagnostics(nsCString &log);
 
     void    SetTransactionCaps(uint32_t aCaps) { mTransactionCaps = aCaps; }
 
     // IsExperienced() returns true when the connection has started at least one
     // non null HTTP transaction of any version.
     bool    IsExperienced() { return mExperienced; }
 
-    static nsresult MakeConnectString(nsAHttpTransaction *trans,
-                                      nsHttpRequestHead *request,
-                                      nsACString &result);
+    static MOZ_MUST_USE nsresult MakeConnectString(nsAHttpTransaction *trans,
+                                                   nsHttpRequestHead *request,
+                                                   nsACString &result);
     void    SetupSecondaryTLS();
     void    SetInSpdyTunnel(bool arg);
 
     // Check active connections for traffic (or not). SPDY connections send a
     // ping, ordinary HTTP connections get some time to get traffic to be
     // considered alive.
     void CheckForTraffic(bool check);
 
@@ -215,52 +220,53 @@ private:
     // Value (set in mTCPKeepaliveConfig) indicates which set of prefs to use.
     enum TCPKeepaliveConfig {
       kTCPKeepaliveDisabled = 0,
       kTCPKeepaliveShortLivedConfig,
       kTCPKeepaliveLongLivedConfig
     };
 
     // called to cause the underlying socket to start speaking SSL
-    nsresult InitSSLParams(bool connectingToProxy, bool ProxyStartSSL);
-    nsresult SetupNPNList(nsISSLSocketControl *ssl, uint32_t caps);
+    MOZ_MUST_USE nsresult InitSSLParams(bool connectingToProxy,
+                                        bool ProxyStartSSL);
+    MOZ_MUST_USE nsresult SetupNPNList(nsISSLSocketControl *ssl, uint32_t caps);
 
-    nsresult OnTransactionDone(nsresult reason);
-    nsresult OnSocketWritable();
-    nsresult OnSocketReadable();
+    MOZ_MUST_USE nsresult OnTransactionDone(nsresult reason);
+    MOZ_MUST_USE nsresult OnSocketWritable();
+    MOZ_MUST_USE nsresult OnSocketReadable();
 
-    nsresult SetupProxyConnect();
+    MOZ_MUST_USE nsresult SetupProxyConnect();
 
     PRIntervalTime IdleTime();
     bool     IsAlive();
 
     // Makes certain the SSL handshake is complete and NPN negotiation
     // has had a chance to happen
-    bool     EnsureNPNComplete(nsresult &aOut0RTTWriteHandshakeValue,
-                               uint32_t &aOut0RTTBytesWritten);
+    MOZ_MUST_USE bool EnsureNPNComplete(nsresult &aOut0RTTWriteHandshakeValue,
+                                        uint32_t &aOut0RTTBytesWritten);
     void     SetupSSL();
 
     // Start the Spdy transaction handler when NPN indicates spdy/*
     void     StartSpdy(uint8_t versionLevel);
     // Like the above, but do the bare minimum to do 0RTT data, so we can back
     // it out, if necessary
     void     Start0RTTSpdy(uint8_t versionLevel);
 
     // Helpers for Start*Spdy
     nsresult TryTakeSubTransactions(nsTArray<RefPtr<nsAHttpTransaction> > &list);
     nsresult MoveTransactionsToSpdy(nsresult status, nsTArray<RefPtr<nsAHttpTransaction> > &list);
 
     // Directly Add a transaction to an active connection for SPDY
-    nsresult AddTransaction(nsAHttpTransaction *, int32_t);
+    MOZ_MUST_USE nsresult AddTransaction(nsAHttpTransaction *, int32_t);
 
     // Used to set TCP keepalives for fast detection of dead connections during
     // an initial period, and slower detection for long-lived connections.
-    nsresult StartShortLivedTCPKeepalives();
-    nsresult StartLongLivedTCPKeepalives();
-    nsresult DisableTCPKeepalives();
+    MOZ_MUST_USE nsresult StartShortLivedTCPKeepalives();
+    MOZ_MUST_USE nsresult StartLongLivedTCPKeepalives();
+    MOZ_MUST_USE nsresult DisableTCPKeepalives();
 
 private:
     nsCOMPtr<nsISocketTransport>    mSocketTransport;
     nsCOMPtr<nsIAsyncInputStream>   mSocketIn;
     nsCOMPtr<nsIAsyncOutputStream>  mSocketOut;
 
     nsresult                        mSocketInCondition;
     nsresult                        mSocketOutCondition;
@@ -346,17 +352,17 @@ private:
 
     // Flag to indicate connection is in inital keepalive period (fast detect).
     uint32_t                        mTCPKeepaliveConfig;
     nsCOMPtr<nsITimer>              mTCPKeepaliveTransitionTimer;
 
 private:
     // For ForceSend()
     static void                     ForceSendIO(nsITimer *aTimer, void *aClosure);
-    nsresult                        MaybeForceSendIO();
+    MOZ_MUST_USE nsresult           MaybeForceSendIO();
     bool                            mForceSendPending;
     nsCOMPtr<nsITimer>              mForceSendTimer;
 
     // Helper variable for 0RTT handshake;
     bool                            m0RTTChecked; // Possible 0RTT has been
                                                   // checked.
     bool                            mWaitingFor0RTTResponse; // We have are
                                                              // sending 0RTT
--- a/netwerk/protocol/http/nsHttpConnectionInfo.h
+++ b/netwerk/protocol/http/nsHttpConnectionInfo.h
@@ -77,17 +77,17 @@ public:
     // With overhead rebuilding the hash key. The initial
     // network interface is empty. So you can reduce one call
     // if there's no explicit route after ctor.
     void SetNetworkInterfaceId(const nsACString& aNetworkInterfaceId);
 
     // OK to treat these as an infalible allocation
     nsHttpConnectionInfo* Clone() const;
     void CloneAsDirectRoute(nsHttpConnectionInfo **outParam);
-    nsresult CreateWildCard(nsHttpConnectionInfo **outParam);
+    MOZ_MUST_USE nsresult CreateWildCard(nsHttpConnectionInfo **outParam);
 
     const char *ProxyHost() const { return mProxyInfo ? mProxyInfo->Host().get() : nullptr; }
     int32_t     ProxyPort() const { return mProxyInfo ? mProxyInfo->Port() : -1; }
     const char *ProxyType() const { return mProxyInfo ? mProxyInfo->Type() : nullptr; }
     const char *ProxyUsername() const { return mProxyInfo ? mProxyInfo->Username().get() : nullptr; }
     const char *ProxyPassword() const { return mProxyInfo ? mProxyInfo->Password().get() : nullptr; }
 
     // Compare this connection info to another...
--- a/netwerk/protocol/http/nsHttpConnectionMgr.h
+++ b/netwerk/protocol/http/nsHttpConnectionMgr.h
@@ -52,21 +52,21 @@ public:
     };
 
     //-------------------------------------------------------------------------
     // NOTE: functions below may only be called on the main thread.
     //-------------------------------------------------------------------------
 
     nsHttpConnectionMgr();
 
-    nsresult Init(uint16_t maxConnections,
-                  uint16_t maxPersistentConnectionsPerHost,
-                  uint16_t maxPersistentConnectionsPerProxy,
-                  uint16_t maxRequestDelay);
-    nsresult Shutdown();
+    MOZ_MUST_USE nsresult Init(uint16_t maxConnections,
+                               uint16_t maxPersistentConnectionsPerHost,
+                               uint16_t maxPersistentConnectionsPerProxy,
+                               uint16_t maxRequestDelay);
+    MOZ_MUST_USE nsresult Shutdown();
 
     //-------------------------------------------------------------------------
     // NOTE: functions below may be called on any thread.
     //-------------------------------------------------------------------------
 
     // Schedules next pruning of dead connection to happen after
     // given time.
     void PruneDeadConnectionsAfter(uint32_t time);
@@ -75,80 +75,84 @@ public:
     // there are no more idle connections or active spdy ones
     void ConditionallyStopPruneDeadConnectionsTimer();
 
     // Stops timer used for the read timeout tick if there are no currently
     // active connections.
     void ConditionallyStopTimeoutTick();
 
     // adds a transaction to the list of managed transactions.
-    nsresult AddTransaction(nsHttpTransaction *, int32_t priority);
+    MOZ_MUST_USE nsresult AddTransaction(nsHttpTransaction *, int32_t priority);
 
     // called to reschedule the given transaction.  it must already have been
     // added to the connection manager via AddTransaction.
-    nsresult RescheduleTransaction(nsHttpTransaction *, int32_t priority);
+    MOZ_MUST_USE nsresult RescheduleTransaction(nsHttpTransaction *,
+                                                int32_t priority);
 
     // cancels a transaction w/ the given reason.
-    nsresult CancelTransaction(nsHttpTransaction *, nsresult reason);
-    nsresult CancelTransactions(nsHttpConnectionInfo *, nsresult reason);
+    MOZ_MUST_USE nsresult CancelTransaction(nsHttpTransaction *,
+                                            nsresult reason);
+    MOZ_MUST_USE nsresult CancelTransactions(nsHttpConnectionInfo *,
+                                             nsresult reason);
 
     // called to force the connection manager to prune its list of idle
     // connections.
-    nsresult PruneDeadConnections();
+    MOZ_MUST_USE nsresult PruneDeadConnections();
 
     // called to close active connections with no registered "traffic"
-    nsresult PruneNoTraffic();
+    MOZ_MUST_USE nsresult PruneNoTraffic();
 
     // "VerifyTraffic" means marking connections now, and then check again in
     // N seconds to see if there's been any traffic and if not, kill
     // that connection.
-    nsresult VerifyTraffic();
+    MOZ_MUST_USE nsresult VerifyTraffic();
 
     // Close all idle persistent connections and prevent any active connections
     // from being reused. Optional connection info resets CI specific
     // information such as Happy Eyeballs history.
-    nsresult DoShiftReloadConnectionCleanup(nsHttpConnectionInfo *);
+    MOZ_MUST_USE nsresult DoShiftReloadConnectionCleanup(nsHttpConnectionInfo *);
 
     // called to get a reference to the socket transport service.  the socket
     // transport service is not available when the connection manager is down.
-    nsresult GetSocketThreadTarget(nsIEventTarget **);
+    MOZ_MUST_USE nsresult GetSocketThreadTarget(nsIEventTarget **);
 
     // called to indicate a transaction for the connectionInfo is likely coming
     // soon. The connection manager may use this information to start a TCP
     // and/or SSL level handshake for that resource immediately so that it is
     // ready when the transaction is submitted. No obligation is taken on by the
     // connection manager, nor is the submitter obligated to actually submit a
     // real transaction for this connectionInfo.
-    nsresult SpeculativeConnect(nsHttpConnectionInfo *,
-                                nsIInterfaceRequestor *,
-                                uint32_t caps = 0,
-                                NullHttpTransaction * = nullptr);
+    MOZ_MUST_USE nsresult SpeculativeConnect(nsHttpConnectionInfo *,
+                                             nsIInterfaceRequestor *,
+                                             uint32_t caps = 0,
+                                             NullHttpTransaction * = nullptr);
 
     // called when a connection is done processing a transaction.  if the
     // connection can be reused then it will be added to the idle list, else
     // it will be closed.
-    nsresult ReclaimConnection(nsHttpConnection *conn);
+    MOZ_MUST_USE nsresult ReclaimConnection(nsHttpConnection *conn);
 
     // called by the main thread to execute the taketransport() logic on the
     // socket thread after a 101 response has been received and the socket
     // needs to be transferred to an expectant upgrade listener such as
     // websockets.
-    nsresult CompleteUpgrade(nsAHttpConnection *aConn,
-                             nsIHttpUpgradeListener *aUpgradeListener);
+    MOZ_MUST_USE nsresult
+    CompleteUpgrade(nsAHttpConnection *aConn,
+                    nsIHttpUpgradeListener *aUpgradeListener);
 
     // called to update a parameter after the connection manager has already
     // been initialized.
-    nsresult UpdateParam(nsParamName name, uint16_t value);
+    MOZ_MUST_USE nsresult UpdateParam(nsParamName name, uint16_t value);
 
     // called from main thread to post a new request token bucket
     // to the socket thread
-    nsresult UpdateRequestTokenBucket(EventTokenBucket *aBucket);
+    MOZ_MUST_USE nsresult UpdateRequestTokenBucket(EventTokenBucket *aBucket);
 
     // clears the connection history mCT
-    nsresult ClearConnectionHistory();
+    MOZ_MUST_USE nsresult ClearConnectionHistory();
 
     void ReportFailedToProcess(nsIURI *uri);
 
     // Causes a large amount of connection diagnostic information to be
     // printed to the javascript console
     void PrintDiagnostics();
 
     //-------------------------------------------------------------------------
@@ -158,26 +162,26 @@ public:
     // called to change the connection entry associated with conn from specific into
     // a wildcard (i.e. http2 proxy friendy) mapping
     void MoveToWildCardConnEntry(nsHttpConnectionInfo *specificCI,
                                  nsHttpConnectionInfo *wildcardCI,
                                  nsHttpConnection *conn);
 
     // called to force the transaction queue to be processed once more, giving
     // preference to the specified connection.
-    nsresult ProcessPendingQ(nsHttpConnectionInfo *);
-    bool     ProcessPendingQForEntry(nsHttpConnectionInfo *);
+    MOZ_MUST_USE nsresult ProcessPendingQ(nsHttpConnectionInfo *);
+    MOZ_MUST_USE bool     ProcessPendingQForEntry(nsHttpConnectionInfo *);
 
     // Try and process all pending transactions
-    nsresult ProcessPendingQ();
+    MOZ_MUST_USE nsresult ProcessPendingQ();
 
     // This is used to force an idle connection to be closed and removed from
     // the idle connection list. It is called when the idle connection detects
     // that the network peer has closed the transport.
-    nsresult CloseIdleConnection(nsHttpConnection *);
+    MOZ_MUST_USE nsresult CloseIdleConnection(nsHttpConnection *);
 
     // The connection manager needs to know when a normal HTTP connection has been
     // upgraded to SPDY because the dispatch and idle semantics are a little
     // bit different.
     void ReportSpdyConnection(nsHttpConnection *, bool usingSpdy);
 
     bool GetConnectionData(nsTArray<HttpRetParams> *);
 
@@ -277,22 +281,22 @@ private:
         NS_DECL_NSITRANSPORTEVENTSINK
         NS_DECL_NSIINTERFACEREQUESTOR
         NS_DECL_NSITIMERCALLBACK
 
         nsHalfOpenSocket(nsConnectionEntry *ent,
                          nsAHttpTransaction *trans,
                          uint32_t caps);
 
-        nsresult SetupStreams(nsISocketTransport **,
-                              nsIAsyncInputStream **,
-                              nsIAsyncOutputStream **,
-                              bool isBackup);
-        nsresult SetupPrimaryStreams();
-        nsresult SetupBackupStreams();
+        MOZ_MUST_USE nsresult SetupStreams(nsISocketTransport **,
+                                           nsIAsyncInputStream **,
+                                           nsIAsyncOutputStream **,
+                                           bool isBackup);
+        MOZ_MUST_USE nsresult SetupPrimaryStreams();
+        MOZ_MUST_USE nsresult SetupBackupStreams();
         void     SetupBackupTimer();
         void     CancelBackupTimer();
         void     Abandon();
         double   Duration(TimeStamp epoch);
         nsISocketTransport *SocketTransport() { return mSocketTransport; }
         nsISocketTransport *BackupTransport() { return mBackupTransport; }
 
         nsAHttpTransaction *Transaction() { return mTransaction; }
@@ -365,64 +369,66 @@ private:
     uint16_t mMaxPersistConnsPerProxy;
     uint16_t mMaxRequestDelay; // in seconds
     Atomic<bool, mozilla::Relaxed> mIsShuttingDown;
 
     //-------------------------------------------------------------------------
     // NOTE: these members are only accessed on the socket transport thread
     //-------------------------------------------------------------------------
 
-    bool     ProcessPendingQForEntry(nsConnectionEntry *, bool considerAll);
+    MOZ_MUST_USE bool ProcessPendingQForEntry(nsConnectionEntry *,
+                                              bool considerAll);
     bool     AtActiveConnectionLimit(nsConnectionEntry *, uint32_t caps);
-    nsresult TryDispatchTransaction(nsConnectionEntry *ent,
-                                    bool onlyReusedConnection,
-                                    nsHttpTransaction *trans);
-    nsresult DispatchTransaction(nsConnectionEntry *,
-                                 nsHttpTransaction *,
-                                 nsHttpConnection *);
-    nsresult DispatchAbstractTransaction(nsConnectionEntry *,
-                                         nsAHttpTransaction *,
-                                         uint32_t,
-                                         nsHttpConnection *,
-                                         int32_t);
+    MOZ_MUST_USE nsresult TryDispatchTransaction(nsConnectionEntry *ent,
+                                                 bool onlyReusedConnection,
+                                                 nsHttpTransaction *trans);
+    MOZ_MUST_USE nsresult DispatchTransaction(nsConnectionEntry *,
+                                              nsHttpTransaction *,
+                                              nsHttpConnection *);
+    MOZ_MUST_USE nsresult DispatchAbstractTransaction(nsConnectionEntry *,
+                                                      nsAHttpTransaction *,
+                                                      uint32_t,
+                                                      nsHttpConnection *,
+                                                      int32_t);
     bool     RestrictConnections(nsConnectionEntry *);
-    nsresult ProcessNewTransaction(nsHttpTransaction *);
-    nsresult EnsureSocketThreadTarget();
+    MOZ_MUST_USE nsresult ProcessNewTransaction(nsHttpTransaction *);
+    MOZ_MUST_USE nsresult EnsureSocketThreadTarget();
     void     ClosePersistentConnections(nsConnectionEntry *ent);
     void     ReportProxyTelemetry(nsConnectionEntry *ent);
-    nsresult CreateTransport(nsConnectionEntry *, nsAHttpTransaction *,
-                             uint32_t, bool, bool, bool);
+    MOZ_MUST_USE nsresult CreateTransport(nsConnectionEntry *,
+                                          nsAHttpTransaction *, uint32_t, bool,
+                                          bool, bool);
     void     AddActiveConn(nsHttpConnection *, nsConnectionEntry *);
     void     DecrementActiveConnCount(nsHttpConnection *);
     void     StartedConnect();
     void     RecvdConnect();
 
     nsConnectionEntry *GetOrCreateConnectionEntry(nsHttpConnectionInfo *,
                                                   bool allowWildCard);
 
-    nsresult MakeNewConnection(nsConnectionEntry *ent,
-                               nsHttpTransaction *trans);
+    MOZ_MUST_USE nsresult MakeNewConnection(nsConnectionEntry *ent,
+                                            nsHttpTransaction *trans);
 
     // Manage the preferred spdy connection entry for this address
     nsConnectionEntry *GetSpdyPreferredEnt(nsConnectionEntry *aOriginalEntry);
     nsConnectionEntry *LookupPreferredHash(nsConnectionEntry *ent);
     void               StorePreferredHash(nsConnectionEntry *ent);
     void               RemovePreferredHash(nsConnectionEntry *ent);
     nsHttpConnection  *GetSpdyPreferredConn(nsConnectionEntry *ent);
     nsDataHashtable<nsCStringHashKey, nsConnectionEntry *>   mSpdyPreferredHash;
     nsConnectionEntry *LookupConnectionEntry(nsHttpConnectionInfo *ci,
                                              nsHttpConnection *conn,
                                              nsHttpTransaction *trans);
 
     void               ProcessSpdyPendingQ(nsConnectionEntry *ent);
 
     // used to marshall events to the socket transport thread.
-    nsresult PostEvent(nsConnEventHandler  handler,
-                       int32_t             iparam = 0,
-                       ARefBase            *vparam = nullptr);
+    MOZ_MUST_USE nsresult PostEvent(nsConnEventHandler  handler,
+                                    int32_t             iparam = 0,
+                                    ARefBase            *vparam = nullptr);
 
     // message handlers
     void OnMsgShutdown             (int32_t, ARefBase *);
     void OnMsgShutdownConfirm      (int32_t, ARefBase *);
     void OnMsgNewTransaction       (int32_t, ARefBase *);
     void OnMsgReschedTransaction   (int32_t, ARefBase *);
     void OnMsgCancelTransaction    (int32_t, ARefBase *);
     void OnMsgCancelTransactions   (int32_t, ARefBase *);
--- a/netwerk/protocol/http/nsHttpDigestAuth.h
+++ b/netwerk/protocol/http/nsHttpDigestAuth.h
@@ -36,58 +36,58 @@ class nsHttpDigestAuth final : public ns
     NS_DECL_ISUPPORTS
     NS_DECL_NSIHTTPAUTHENTICATOR
 
     nsHttpDigestAuth();
 
   protected:
     ~nsHttpDigestAuth();
 
-    nsresult ExpandToHex(const char * digest, char * result);
+    MOZ_MUST_USE nsresult ExpandToHex(const char * digest, char * result);
 
-    nsresult CalculateResponse(const char * ha1_digest,
-                               const char * ha2_digest,
-                               const nsAFlatCString & nonce,
-                               uint16_t qop,
-                               const char * nonce_count,
-                               const nsAFlatCString & cnonce,
-                               char * result);
+    MOZ_MUST_USE nsresult CalculateResponse(const char * ha1_digest,
+                                            const char * ha2_digest,
+                                            const nsAFlatCString & nonce,
+                                            uint16_t qop,
+                                            const char * nonce_count,
+                                            const nsAFlatCString & cnonce,
+                                            char * result);
 
-    nsresult CalculateHA1(const nsAFlatCString & username,
-                          const nsAFlatCString & password,
-                          const nsAFlatCString & realm,
-                          uint16_t algorithm,
-                          const nsAFlatCString & nonce,
-                          const nsAFlatCString & cnonce,
-                          char * result);
+    MOZ_MUST_USE nsresult CalculateHA1(const nsAFlatCString & username,
+                                       const nsAFlatCString & password,
+                                       const nsAFlatCString & realm,
+                                       uint16_t algorithm,
+                                       const nsAFlatCString & nonce,
+                                       const nsAFlatCString & cnonce,
+                                       char * result);
 
-    nsresult CalculateHA2(const nsAFlatCString & http_method,
-                          const nsAFlatCString & http_uri_path,
-                          uint16_t qop,
-                          const char * body_digest,
-                          char * result);
+    MOZ_MUST_USE nsresult CalculateHA2(const nsAFlatCString & http_method,
+                                       const nsAFlatCString & http_uri_path,
+                                       uint16_t qop,
+                                       const char * body_digest,
+                                       char * result);
 
-    nsresult ParseChallenge(const char * challenge,
-                            nsACString & realm,
-                            nsACString & domain,
-                            nsACString & nonce,
-                            nsACString & opaque,
-                            bool * stale,
-                            uint16_t * algorithm,
-                            uint16_t * qop);
+    MOZ_MUST_USE nsresult ParseChallenge(const char * challenge,
+                                         nsACString & realm,
+                                         nsACString & domain,
+                                         nsACString & nonce,
+                                         nsACString & opaque,
+                                         bool * stale,
+                                         uint16_t * algorithm,
+                                         uint16_t * qop);
 
     // result is in mHashBuf
-    nsresult MD5Hash(const char *buf, uint32_t len);
+    MOZ_MUST_USE nsresult MD5Hash(const char *buf, uint32_t len);
 
-    nsresult GetMethodAndPath(nsIHttpAuthenticableChannel *,
-                              bool, nsCString &, nsCString &);
+    MOZ_MUST_USE nsresult GetMethodAndPath(nsIHttpAuthenticableChannel *,
+                                           bool, nsCString &, nsCString &);
 
     // append the quoted version of value to aHeaderLine
-    nsresult AppendQuotedString(const nsACString & value,
-                                nsACString & aHeaderLine);
+    MOZ_MUST_USE nsresult AppendQuotedString(const nsACString & value,
+                                             nsACString & aHeaderLine);
 
   protected:
     nsCOMPtr<nsICryptoHash>        mVerifier;
     char                           mHashBuf[DIGEST_LENGTH];
 };
 
 } // namespace net
 } // namespace mozilla
--- a/netwerk/protocol/http/nsHttpHandler.h
+++ b/netwerk/protocol/http/nsHttpHandler.h
@@ -64,20 +64,21 @@ public:
     NS_DECL_NSIPROTOCOLHANDLER
     NS_DECL_NSIPROXIEDPROTOCOLHANDLER
     NS_DECL_NSIHTTPPROTOCOLHANDLER
     NS_DECL_NSIOBSERVER
     NS_DECL_NSISPECULATIVECONNECT
 
     nsHttpHandler();
 
-    nsresult Init();
-    nsresult AddStandardRequestHeaders(nsHttpRequestHead *, bool isSecure);
-    nsresult AddConnectionHeader(nsHttpRequestHead *,
-                                 uint32_t capabilities);
+    MOZ_MUST_USE nsresult Init();
+    MOZ_MUST_USE nsresult AddStandardRequestHeaders(nsHttpRequestHead *,
+                                                    bool isSecure);
+    MOZ_MUST_USE nsresult AddConnectionHeader(nsHttpRequestHead *,
+                                              uint32_t capabilities);
     bool     IsAcceptableEncoding(const char *encoding, bool isSecure);
 
     const nsAFlatCString &UserAgent();
 
     nsHttpVersion  HttpVersion()             { return mHttpVersion; }
     nsHttpVersion  ProxyHttpVersion()        { return mProxyHttpVersion; }
     uint8_t        ReferrerLevel()           { return mReferrerLevel; }
     bool           SpoofReferrerSource()     { return mSpoofReferrerSource; }
@@ -184,60 +185,63 @@ public:
     //
     // - the handler keeps a count of active connections to enforce the
     //   steady-state max-connections pref.
     //
 
     // Called to kick-off a new transaction, by default the transaction
     // will be put on the pending transaction queue if it cannot be
     // initiated at this time.  Callable from any thread.
-    nsresult InitiateTransaction(nsHttpTransaction *trans, int32_t priority)
+    MOZ_MUST_USE nsresult InitiateTransaction(nsHttpTransaction *trans,
+                                              int32_t priority)
     {
         return mConnMgr->AddTransaction(trans, priority);
     }
 
     // Called to change the priority of an existing transaction that has
     // already been initiated.
-    nsresult RescheduleTransaction(nsHttpTransaction *trans, int32_t priority)
+    MOZ_MUST_USE nsresult RescheduleTransaction(nsHttpTransaction *trans,
+                                                int32_t priority)
     {
         return mConnMgr->RescheduleTransaction(trans, priority);
     }
 
     // Called to cancel a transaction, which may or may not be assigned to
     // a connection.  Callable from any thread.
-    nsresult CancelTransaction(nsHttpTransaction *trans, nsresult reason)
+    MOZ_MUST_USE nsresult CancelTransaction(nsHttpTransaction *trans,
+                                            nsresult reason)
     {
         return mConnMgr->CancelTransaction(trans, reason);
     }
 
     // Called when a connection is done processing a transaction.  Callable
     // from any thread.
-    nsresult ReclaimConnection(nsHttpConnection *conn)
+    MOZ_MUST_USE nsresult ReclaimConnection(nsHttpConnection *conn)
     {
         return mConnMgr->ReclaimConnection(conn);
     }
 
-    nsresult ProcessPendingQ(nsHttpConnectionInfo *cinfo)
+    MOZ_MUST_USE nsresult ProcessPendingQ(nsHttpConnectionInfo *cinfo)
     {
         return mConnMgr->ProcessPendingQ(cinfo);
     }
 
-    nsresult ProcessPendingQ()
+    MOZ_MUST_USE nsresult ProcessPendingQ()
     {
         return mConnMgr->ProcessPendingQ();
     }
 
-    nsresult GetSocketThreadTarget(nsIEventTarget **target)
+    MOZ_MUST_USE nsresult GetSocketThreadTarget(nsIEventTarget **target)
     {
         return mConnMgr->GetSocketThreadTarget(target);
     }
 
-    nsresult SpeculativeConnect(nsHttpConnectionInfo *ci,
-                                nsIInterfaceRequestor *callbacks,
-                                uint32_t caps = 0)
+    MOZ_MUST_USE nsresult SpeculativeConnect(nsHttpConnectionInfo *ci,
+                                             nsIInterfaceRequestor *callbacks,
+                                             uint32_t caps = 0)
     {
         TickleWifi(callbacks);
         return mConnMgr->SpeculativeConnect(ci, callbacks, caps);
     }
 
     // Alternate Services Maps are main thread only
     void UpdateAltServiceMapping(AltSvcMapping *map,
                                  nsProxyInfo *proxyInfo,
@@ -256,18 +260,18 @@ public:
     {
         return mConnMgr->GetAltServiceMapping(scheme, host, port, pb, originAttributes);
     }
 
     //
     // The HTTP handler caches pointers to specific XPCOM services, and
     // provides the following helper routines for accessing those services:
     //
-    nsresult GetStreamConverterService(nsIStreamConverterService **);
-    nsresult GetIOService(nsIIOService** service);
+    MOZ_MUST_USE nsresult GetStreamConverterService(nsIStreamConverterService **);
+    MOZ_MUST_USE nsresult GetIOService(nsIIOService** service);
     nsICookieService * GetCookieService(); // not addrefed
     nsISiteSecurityService * GetSSService();
     nsIThrottlingService * GetThrottlingService();
 
     // callable from socket thread only
     uint32_t Get32BitsOfPseudoRandom();
 
     // Called by the channel synchronously during asyncOpen
@@ -297,30 +301,32 @@ public:
     // Called by the channel once headers have been merged with cached headers
     void OnExamineMergedResponse(nsIHttpChannel *chan)
     {
         NotifyObservers(chan, NS_HTTP_ON_EXAMINE_MERGED_RESPONSE_TOPIC);
     }
 
     // Called by channels before a redirect happens. This notifies both the
     // channel's and the global redirect observers.
-    nsresult AsyncOnChannelRedirect(nsIChannel* oldChan, nsIChannel* newChan,
-                               uint32_t flags);
+    MOZ_MUST_USE nsresult AsyncOnChannelRedirect(nsIChannel* oldChan,
+                                                 nsIChannel* newChan,
+                                                 uint32_t flags);
 
     // Called by the channel when the response is read from the cache without
     // communicating with the server.
     void OnExamineCachedResponse(nsIHttpChannel *chan)
     {
         NotifyObservers(chan, NS_HTTP_ON_EXAMINE_CACHED_RESPONSE_TOPIC);
     }
 
     // Generates the host:port string for use in the Host: header as well as the
     // CONNECT line for proxies. This handles IPv6 literals correctly.
-    static nsresult GenerateHostPort(const nsCString& host, int32_t port,
-                                     nsACString& hostLine);
+    static MOZ_MUST_USE nsresult GenerateHostPort(const nsCString& host,
+                                                  int32_t port,
+                                                  nsACString& hostLine);
 
 
     SpdyInformation *SpdyInfo() { return &mSpdyInfo; }
     bool IsH2MandatorySuiteEnabled() { return mH2MandatorySuiteEnabled; }
 
     // returns true in between Init and Shutdown states
     bool Active() { return mHandlerActive; }
 
@@ -357,21 +363,21 @@ private:
 
     //
     // Useragent/prefs helper methods
     //
     void     BuildUserAgent();
     void     InitUserAgentComponents();
     void     PrefsChanged(nsIPrefBranch *prefs, const char *pref);
 
-    nsresult SetAccept(const char *);
-    nsresult SetAcceptLanguages(const char *);
-    nsresult SetAcceptEncodings(const char *, bool mIsSecure);
+    MOZ_MUST_USE nsresult SetAccept(const char *);
+    MOZ_MUST_USE nsresult SetAcceptLanguages(const char *);
+    MOZ_MUST_USE nsresult SetAcceptEncodings(const char *, bool mIsSecure);
 
-    nsresult InitConnectionMgr();
+    MOZ_MUST_USE nsresult InitConnectionMgr();
 
     void     NotifyObservers(nsIHttpChannel *chan, const char *event);
 
 private:
 
     // cached services
     nsMainThreadPtrHandle<nsIIOService>              mIOService;
     nsMainThreadPtrHandle<nsIStreamConverterService> mStreamConvSvc;
@@ -562,18 +568,18 @@ private:
 private:
     // For Rate Pacing Certain Network Events. Only assign this pointer on
     // socket thread.
     void MakeNewRequestTokenBucket();
     RefPtr<EventTokenBucket> mRequestTokenBucket;
 
 public:
     // Socket thread only
-    nsresult SubmitPacedRequest(ATokenBucketEvent *event,
-                                nsICancelable **cancel)
+    MOZ_MUST_USE nsresult SubmitPacedRequest(ATokenBucketEvent *event,
+                                             nsICancelable **cancel)
     {
         MOZ_ASSERT(PR_GetCurrentThread() == gSocketThread);
         if (!mRequestTokenBucket) {
             return NS_ERROR_NOT_AVAILABLE;
         }
         return mRequestTokenBucket->SubmitEvent(event, cancel);
     }
 
@@ -593,26 +599,27 @@ public:
         }
     }
 
 private:
     RefPtr<Tickler> mWifiTickler;
     void TickleWifi(nsIInterfaceRequestor *cb);
 
 private:
-    nsresult SpeculativeConnectInternal(nsIURI *aURI,
-                                        nsIPrincipal *aPrincipal,
-                                        nsIInterfaceRequestor *aCallbacks,
-                                        bool anonymous);
+    MOZ_MUST_USE nsresult
+    SpeculativeConnectInternal(nsIURI *aURI,
+                               nsIPrincipal *aPrincipal,
+                               nsIInterfaceRequestor *aCallbacks,
+                               bool anonymous);
 
     // UUID generator for channelIds
     nsCOMPtr<nsIUUIDGenerator> mUUIDGen;
 
 public:
-    nsresult NewChannelId(nsID *channelId);
+    MOZ_MUST_USE nsresult NewChannelId(nsID *channelId);
 };
 
 extern nsHttpHandler *gHttpHandler;
 
 //-----------------------------------------------------------------------------
 // nsHttpsHandler - thin wrapper to distinguish the HTTP handler from the
 //                  HTTPS handler (even though they share the same impl).
 //-----------------------------------------------------------------------------
@@ -629,15 +636,15 @@ public:
     NS_DECL_THREADSAFE_ISUPPORTS
     NS_DECL_NSIPROTOCOLHANDLER
     NS_FORWARD_NSIPROXIEDPROTOCOLHANDLER (gHttpHandler->)
     NS_FORWARD_NSIHTTPPROTOCOLHANDLER    (gHttpHandler->)
     NS_FORWARD_NSISPECULATIVECONNECT     (gHttpHandler->)
 
     nsHttpsHandler() { }
 
-    nsresult Init();
+    MOZ_MUST_USE nsresult Init();
 };
 
 } // namespace net
 } // namespace mozilla
 
 #endif // nsHttpHandler_h__
--- a/netwerk/protocol/http/nsHttpHeaderArray.h
+++ b/netwerk/protocol/http/nsHttpHeaderArray.h
@@ -44,34 +44,37 @@ public:
         eVarietyRequestDefault,
         // Used only for response header.
         eVarietyResponseNetOriginalAndResponse,
         eVarietyResponseNetOriginal,
         eVarietyResponse
     };
 
     // Used by internal setters: to set header from network use SetHeaderFromNet
-    nsresult SetHeader(nsHttpAtom header, const nsACString &value,
-                       bool merge, HeaderVariety variety);
+    MOZ_MUST_USE nsresult SetHeader(nsHttpAtom header, const nsACString &value,
+                                    bool merge, HeaderVariety variety);
 
     // Used by internal setters to set an empty header
-    nsresult SetEmptyHeader(nsHttpAtom header, HeaderVariety variety);
+    MOZ_MUST_USE nsresult SetEmptyHeader(nsHttpAtom header,
+                                         HeaderVariety variety);
 
     // Merges supported headers. For other duplicate values, determines if error
     // needs to be thrown or 1st value kept.
     // For the response header we keep the original headers as well.
-    nsresult SetHeaderFromNet(nsHttpAtom header, const nsACString &value,
-                              bool response);
+    MOZ_MUST_USE nsresult SetHeaderFromNet(nsHttpAtom header,
+                                           const nsACString &value,
+                                           bool response);
 
-    nsresult SetResponseHeaderFromCache(nsHttpAtom header, const nsACString &value,
-                                        HeaderVariety variety);
+    MOZ_MUST_USE nsresult SetResponseHeaderFromCache(nsHttpAtom header,
+                                                     const nsACString &value,
+                                                     HeaderVariety variety);
 
-    nsresult GetHeader(nsHttpAtom header, nsACString &value) const;
-    nsresult GetOriginalHeader(nsHttpAtom aHeader,
-                               nsIHttpHeaderVisitor *aVisitor);
+    MOZ_MUST_USE nsresult GetHeader(nsHttpAtom header, nsACString &value) const;
+    MOZ_MUST_USE nsresult GetOriginalHeader(nsHttpAtom aHeader,
+                                            nsIHttpHeaderVisitor *aVisitor);
     void     ClearHeader(nsHttpAtom h);
 
     // Find the location of the given header value, or null if none exists.
     const char *FindHeaderValue(nsHttpAtom header, const char *value) const
     {
         return nsHttp::FindToken(PeekHeader(header), value,
                                  HTTP_HEADER_VALUE_SEPS);
     }
@@ -87,23 +90,24 @@ public:
     enum VisitorFilter
     {
         eFilterAll,
         eFilterSkipDefault,
         eFilterResponse,
         eFilterResponseOriginal
     };
 
-    nsresult VisitHeaders(nsIHttpHeaderVisitor *visitor, VisitorFilter filter = eFilterAll);
+    MOZ_MUST_USE nsresult VisitHeaders(nsIHttpHeaderVisitor *visitor,
+                                       VisitorFilter filter = eFilterAll);
 
     // parse a header line, return the header atom and a pointer to the
     // header value (the substring of the header line -- do not free).
-    static nsresult ParseHeaderLine(const nsACString& line,
-                                    nsHttpAtom *header=nullptr,
-                                    nsACString* value=nullptr);
+    static MOZ_MUST_USE nsresult ParseHeaderLine(const nsACString& line,
+                                                 nsHttpAtom *header=nullptr,
+                                                 nsACString* value=nullptr);
 
     void Flatten(nsACString &, bool pruneProxyHeaders, bool pruneTransients);
     void FlattenOriginalHeader(nsACString &);
 
     uint32_t Count() const { return mHeaders.Length(); }
 
     const char *PeekHeaderAt(uint32_t i, nsHttpAtom &header) const;
 
@@ -133,20 +137,22 @@ public:
         return mHeaders == aOther.mHeaders;
     }
 
 private:
     // LookupEntry function will never return eVarietyResponseNetOriginal.
     // It will ignore original headers from the network.
     int32_t LookupEntry(nsHttpAtom header, const nsEntry **) const;
     int32_t LookupEntry(nsHttpAtom header, nsEntry **);
-    nsresult MergeHeader(nsHttpAtom header, nsEntry *entry,
-                         const nsACString &value, HeaderVariety variety);
-    nsresult SetHeader_internal(nsHttpAtom header, const nsACString &value,
-                                HeaderVariety variety);
+    MOZ_MUST_USE nsresult MergeHeader(nsHttpAtom header, nsEntry *entry,
+                                      const nsACString &value,
+                                      HeaderVariety variety);
+    MOZ_MUST_USE nsresult SetHeader_internal(nsHttpAtom header,
+                                             const nsACString &value,
+                                             HeaderVariety variety);
 
     // Header cannot be merged: only one value possible
     bool    IsSingletonHeader(nsHttpAtom header);
     // For some headers we want to track empty values to prevent them being
     // combined with non-empty ones as a CRLF attack vector
     bool    TrackEmptyHeader(nsHttpAtom header);
 
     // Subset of singleton headers: should never see multiple, different
@@ -222,17 +228,17 @@ nsHttpHeaderArray::IsSingletonHeader(nsH
 inline bool
 nsHttpHeaderArray::TrackEmptyHeader(nsHttpAtom header)
 {
     return header == nsHttp::Content_Length ||
            header == nsHttp::Location ||
            header == nsHttp::Access_Control_Allow_Origin;
 }
 
-inline nsresult
+inline MOZ_MUST_USE nsresult
 nsHttpHeaderArray::MergeHeader(nsHttpAtom header,
                                nsEntry *entry,
                                const nsACString &value,
                                nsHttpHeaderArray::HeaderVariety variety)
 {
     if (value.IsEmpty())
         return NS_OK;   // merge of empty header = no-op
 
--- a/netwerk/protocol/http/nsHttpRequestHead.h
+++ b/netwerk/protocol/http/nsHttpRequestHead.h
@@ -38,47 +38,50 @@ public:
     void SetMethod(const nsACString &method);
     void SetVersion(nsHttpVersion version);
     void SetRequestURI(const nsCSubstring &s);
     void SetPath(const nsCSubstring &s);
     uint32_t HeaderCount();
 
     // Using this function it is possible to itereate through all headers
     // automatically under one lock.
-    nsresult VisitHeaders(nsIHttpHeaderVisitor *visitor,
-                          nsHttpHeaderArray::VisitorFilter filter =
-                              nsHttpHeaderArray::eFilterAll);
+    MOZ_MUST_USE nsresult
+    VisitHeaders(nsIHttpHeaderVisitor *visitor,
+                 nsHttpHeaderArray::VisitorFilter filter =
+                     nsHttpHeaderArray::eFilterAll);
     void Method(nsACString &aMethod);
     nsHttpVersion Version();
     void RequestURI(nsACString &RequestURI);
     void Path(nsACString &aPath);
     void SetHTTPS(bool val);
     bool IsHTTPS();
 
     void SetOrigin(const nsACString &scheme, const nsACString &host,
                    int32_t port);
     void Origin(nsACString &aOrigin);
 
-    nsresult SetHeader(nsHttpAtom h, const nsACString &v, bool m=false);
-    nsresult SetHeader(nsHttpAtom h, const nsACString &v, bool m,
-                       nsHttpHeaderArray::HeaderVariety variety);
-    nsresult SetEmptyHeader(nsHttpAtom h);
-    nsresult GetHeader(nsHttpAtom h, nsACString &v);
+    MOZ_MUST_USE nsresult SetHeader(nsHttpAtom h, const nsACString &v,
+                                    bool m=false);
+    MOZ_MUST_USE nsresult SetHeader(nsHttpAtom h, const nsACString &v, bool m,
+                                    nsHttpHeaderArray::HeaderVariety variety);
+    MOZ_MUST_USE nsresult SetEmptyHeader(nsHttpAtom h);
+    MOZ_MUST_USE nsresult GetHeader(nsHttpAtom h, nsACString &v);
 
-    nsresult ClearHeader(nsHttpAtom h);
+    MOZ_MUST_USE nsresult ClearHeader(nsHttpAtom h);
     void ClearHeaders();
 
     bool HasHeaderValue(nsHttpAtom h, const char *v);
     // This function returns true if header is set even if it is an empty
     // header.
     bool HasHeader(nsHttpAtom h);
     void Flatten(nsACString &, bool pruneProxyHeaders = false);
 
     // Don't allow duplicate values
-    nsresult SetHeaderOnce(nsHttpAtom h, const char *v, bool merge = false);
+    MOZ_MUST_USE nsresult SetHeaderOnce(nsHttpAtom h, const char *v,
+                                        bool merge = false);
 
     bool IsSafeMethod();
 
     enum ParsedMethodType
     {
         kMethod_Custom,
         kMethod_Get,
         kMethod_Post,
--- a/netwerk/protocol/http/nsHttpResponseHead.h
+++ b/netwerk/protocol/http/nsHttpResponseHead.h
@@ -60,18 +60,19 @@ public:
     bool Immutable();
     /**
      * Full length of the entity. For byte-range requests, this may be larger
      * than ContentLength(), which will only represent the requested part of the
      * entity.
      */
     int64_t TotalEntitySize();
 
-    nsresult SetHeader(nsHttpAtom h, const nsACString &v, bool m=false);
-    nsresult GetHeader(nsHttpAtom h, nsACString &v);
+    MOZ_MUST_USE nsresult SetHeader(nsHttpAtom h, const nsACString &v,
+                                    bool m=false);
+    MOZ_MUST_USE nsresult GetHeader(nsHttpAtom h, nsACString &v);
     void ClearHeader(nsHttpAtom h);
     void ClearHeaders();
     bool HasHeaderValue(nsHttpAtom h, const char *v);
     bool HasHeader(nsHttpAtom h);
 
     void SetContentType(const nsACString &s);
     void SetContentCharset(const nsACString &s);
     void SetContentLength(int64_t);
@@ -85,87 +86,89 @@ public:
 
     // The next 2 functions parse flattened response head and original net headers.
     // They are used when we are reading an entry from the cache.
     //
     // To keep proper order of the original headers we MUST call
     // ParseCachedOriginalHeaders FIRST and then ParseCachedHead.
     //
     // block must be null terminated.
-    nsresult ParseCachedHead(const char *block);
-    nsresult ParseCachedOriginalHeaders(char *block);
+    MOZ_MUST_USE nsresult ParseCachedHead(const char *block);
+    MOZ_MUST_USE nsresult ParseCachedOriginalHeaders(char *block);
 
     // parse the status line.
     void ParseStatusLine(const nsACString &line);
 
     // parse a header line.
-    nsresult ParseHeaderLine(const nsACString &line);
+    MOZ_MUST_USE nsresult ParseHeaderLine(const nsACString &line);
 
     // cache validation support methods
-    nsresult ComputeFreshnessLifetime(uint32_t *);
-    nsresult ComputeCurrentAge(uint32_t now, uint32_t requestTime,
-                               uint32_t *result);
+    MOZ_MUST_USE nsresult ComputeFreshnessLifetime(uint32_t *);
+    MOZ_MUST_USE nsresult ComputeCurrentAge(uint32_t now, uint32_t requestTime,
+                                            uint32_t *result);
     bool MustValidate();
     bool MustValidateIfExpired();
 
     // returns true if the server appears to support byte range requests.
     bool IsResumable();
 
     // returns true if the Expires header has a value in the past relative to the
     // value of the Date header.
     bool ExpiresInPast();
 
     // update headers...
-    nsresult UpdateHeaders(nsHttpResponseHead *headers);
+    MOZ_MUST_USE nsresult UpdateHeaders(nsHttpResponseHead *headers);
 
     // reset the response head to it's initial state
     void Reset();
 
-    nsresult GetAgeValue(uint32_t *result);
-    nsresult GetMaxAgeValue(uint32_t *result);
-    nsresult GetDateValue(uint32_t *result);
-    nsresult GetExpiresValue(uint32_t *result);
-    nsresult GetLastModifiedValue(uint32_t *result);
+    MOZ_MUST_USE nsresult GetAgeValue(uint32_t *result);
+    MOZ_MUST_USE nsresult GetMaxAgeValue(uint32_t *result);
+    MOZ_MUST_USE nsresult GetDateValue(uint32_t *result);
+    MOZ_MUST_USE nsresult GetExpiresValue(uint32_t *result);
+    MOZ_MUST_USE nsresult GetLastModifiedValue(uint32_t *result);
 
     bool operator==(const nsHttpResponseHead& aOther) const;
 
     // Using this function it is possible to itereate through all headers
     // automatically under one lock.
-    nsresult VisitHeaders(nsIHttpHeaderVisitor *visitor,
-                          nsHttpHeaderArray::VisitorFilter filter);
-    nsresult GetOriginalHeader(nsHttpAtom aHeader,
-                               nsIHttpHeaderVisitor *aVisitor);
+    MOZ_MUST_USE nsresult VisitHeaders(nsIHttpHeaderVisitor *visitor,
+                                       nsHttpHeaderArray::VisitorFilter filter);
+    MOZ_MUST_USE nsresult GetOriginalHeader(nsHttpAtom aHeader,
+                                            nsIHttpHeaderVisitor *aVisitor);
 
     bool HasContentType();
     bool HasContentCharset();
 private:
-    nsresult SetHeader_locked(nsHttpAtom h, const nsACString &v,
+    MOZ_MUST_USE nsresult SetHeader_locked(nsHttpAtom h, const nsACString &v,
                               bool m=false);
     void AssignDefaultStatusText();
     void ParseVersion(const char *);
     void ParseCacheControl(const char *);
     void ParsePragma(const char *);
 
     void ParseStatusLine_locked(const nsACString &line);
-    nsresult ParseHeaderLine_locked(const nsACString &line, bool originalFromNetHeaders);
+    MOZ_MUST_USE nsresult ParseHeaderLine_locked(const nsACString &line,
+                                                 bool originalFromNetHeaders);
 
     // these return failure if the header does not exist.
-    nsresult ParseDateHeader(nsHttpAtom header, uint32_t *result) const;
+    MOZ_MUST_USE nsresult ParseDateHeader(nsHttpAtom header,
+                                          uint32_t *result) const;
 
     bool ExpiresInPast_locked() const;
-    nsresult GetAgeValue_locked(uint32_t *result) const;
-    nsresult GetExpiresValue_locked(uint32_t *result) const;
-    nsresult GetMaxAgeValue_locked(uint32_t *result) const;
+    MOZ_MUST_USE nsresult GetAgeValue_locked(uint32_t *result) const;
+    MOZ_MUST_USE nsresult GetExpiresValue_locked(uint32_t *result) const;
+    MOZ_MUST_USE nsresult GetMaxAgeValue_locked(uint32_t *result) const;
 
-    nsresult GetDateValue_locked(uint32_t *result) const
+    MOZ_MUST_USE nsresult GetDateValue_locked(uint32_t *result) const
     {
         return ParseDateHeader(nsHttp::Date, result);
     }
 
-    nsresult GetLastModifiedValue_locked(uint32_t *result) const
+    MOZ_MUST_USE nsresult GetLastModifiedValue_locked(uint32_t *result) const
     {
         return ParseDateHeader(nsHttp::Last_Modified, result);
     }
 
 private:
     // All members must be copy-constructable and assignable
     nsHttpHeaderArray mHeaders;
     nsHttpVersion     mVersion;
--- a/netwerk/protocol/http/nsHttpTransaction.h
+++ b/netwerk/protocol/http/nsHttpTransaction.h
@@ -74,25 +74,25 @@ public:
     //        the dispatch target were notifications should be sent.
     // @param callbacks
     //        the notification callbacks to be given to PSM.
     // @param responseBody
     //        the input stream that will contain the response data.  async
     //        wait on this input stream for data.  on first notification,
     //        headers should be available (check transaction status).
     //
-    nsresult Init(uint32_t               caps,
-                  nsHttpConnectionInfo  *connInfo,
-                  nsHttpRequestHead     *reqHeaders,
-                  nsIInputStream        *reqBody,
-                  bool                   reqBodyIncludesHeaders,
-                  nsIEventTarget        *consumerTarget,
-                  nsIInterfaceRequestor *callbacks,
-                  nsITransportEventSink *eventsink,
-                  nsIAsyncInputStream  **responseBody);
+    MOZ_MUST_USE nsresult Init(uint32_t               caps,
+                               nsHttpConnectionInfo  *connInfo,
+                               nsHttpRequestHead     *reqHeaders,
+                               nsIInputStream        *reqBody,
+                               bool                   reqBodyIncludesHeaders,
+                               nsIEventTarget        *consumerTarget,
+                               nsIInterfaceRequestor *callbacks,
+                               nsITransportEventSink *eventsink,
+                               nsIAsyncInputStream  **responseBody);
 
     // attributes
     nsHttpResponseHead    *ResponseHead()   { return mHaveAllHeaders ? mResponseHead : nullptr; }
     nsISupports           *SecurityInfo()   { return mSecurityInfo; }
 
     nsIEventTarget        *ConsumerTarget() { return mConsumerTarget; }
     nsISupports           *HttpChannel()    { return mChannel; }
 
@@ -159,38 +159,43 @@ public:
     mozilla::TimeStamp GetConnectStart();
     mozilla::TimeStamp GetConnectEnd();
     mozilla::TimeStamp GetRequestStart();
     mozilla::TimeStamp GetResponseStart();
     mozilla::TimeStamp GetResponseEnd();
 
     int64_t GetTransferSize() { return mTransferSize; }
 
-    bool Do0RTT() override;
-    nsresult Finish0RTT(bool aRestart, bool aAlpnChanged /* ignored */) override;
+    MOZ_MUST_USE bool Do0RTT() override;
+    MOZ_MUST_USE nsresult Finish0RTT(bool aRestart, bool aAlpnChanged /* ignored */) override;
 private:
     friend class DeleteHttpTransaction;
     virtual ~nsHttpTransaction();
 
-    nsresult Restart();
+    MOZ_MUST_USE nsresult Restart();
     char    *LocateHttpStart(char *buf, uint32_t len,
                              bool aAllowPartialMatch);
-    nsresult ParseLine(nsACString &line);
-    nsresult ParseLineSegment(char *seg, uint32_t len);
-    nsresult ParseHead(char *, uint32_t count, uint32_t *countRead);
-    nsresult HandleContentStart();
-    nsresult HandleContent(char *, uint32_t count, uint32_t *contentRead, uint32_t *contentRemaining);
-    nsresult ProcessData(char *, uint32_t, uint32_t *);
+    MOZ_MUST_USE nsresult ParseLine(nsACString &line);
+    MOZ_MUST_USE nsresult ParseLineSegment(char *seg, uint32_t len);
+    MOZ_MUST_USE nsresult ParseHead(char *, uint32_t count,
+                                    uint32_t *countRead);
+    MOZ_MUST_USE nsresult HandleContentStart();
+    MOZ_MUST_USE nsresult HandleContent(char *, uint32_t count,
+                                        uint32_t *contentRead,
+                                        uint32_t *contentRemaining);
+    MOZ_MUST_USE nsresult ProcessData(char *, uint32_t, uint32_t *);
     void     DeleteSelfOnConsumerThread();
     void     ReleaseBlockingTransaction();
 
-    static nsresult ReadRequestSegment(nsIInputStream *, void *, const char *,
-                                       uint32_t, uint32_t, uint32_t *);
-    static nsresult WritePipeSegment(nsIOutputStream *, void *, char *,
-                                     uint32_t, uint32_t, uint32_t *);
+    static MOZ_MUST_USE nsresult ReadRequestSegment(nsIInputStream *, void *,
+                                                    const char *, uint32_t,
+                                                    uint32_t, uint32_t *);
+    static MOZ_MUST_USE nsresult WritePipeSegment(nsIOutputStream *, void *,
+                                                  char *, uint32_t, uint32_t,
+                                                  uint32_t *);
 
     bool TimingEnabled() const { return mCaps & NS_HTTP_TIMING_ENABLED; }
 
     bool ResponseTimeoutEnabled() const final;
 
     void DisableSpdy() override;
     void ReuseConnectionOnRestartOK(bool reuseOk) override { mReuseOnRestart = reuseOk; }
 
--- a/netwerk/protocol/http/nsIHstsPrimingCallback.idl
+++ b/netwerk/protocol/http/nsIHstsPrimingCallback.idl
@@ -26,26 +26,26 @@ interface nsIHstsPrimingCallback : nsISu
    * safe to upgrade the request from HTTP to HTTPS. The request may still be
    * blocked based on the user's preferences.
    *
    * May be invoked synchronously if HSTS priming has already been performed
    * for the host.
    *
    * @param aCached whether the result was already in the HSTS cache
    */
-  [noscript, nostdcall]
+  [noscript, nostdcall, must_use]
   void onHSTSPrimingSucceeded(in bool aCached);
 
   /**
    * HSTS priming has seen no STS header, the request itself has failed,
    * or some other failure which does not constitute a positive signal that the
    * site can be upgraded safely to HTTPS. The request may still be allowed
    * based on the user's preferences.
    *
    * May be invoked synchronously if HSTS priming has already been performed
    * for the host.
    *
    * @param aError The error which caused this failure, or NS_ERROR_CONTENT_BLOCKED
    * @param aCached whether the result was already in the HSTS cache
    */
-  [noscript, nostdcall]
+  [noscript, nostdcall, must_use]
   void onHSTSPrimingFailed(in nsresult aError, in bool aCached);
 };
--- a/netwerk/protocol/http/nsIHttpActivityObserver.idl
+++ b/netwerk/protocol/http/nsIHttpActivityObserver.idl
@@ -39,30 +39,31 @@ interface nsIHttpActivityObserver : nsIS
      *        microseconds past the epoch of Jan 1, 1970
      * @param aExtraSizeData
      *        Any extra size data optionally available with
      *        this activity
      * @param aExtraStringData
      *        Any extra string data optionally available with
      *        this activity
      */
+    [must_use]
     void observeActivity(in nsISupports  aHttpChannel,
                          in uint32_t     aActivityType,
                          in uint32_t     aActivitySubtype,
                          in PRTime       aTimestamp,
                          in uint64_t     aExtraSizeData,
                          in ACString     aExtraStringData);
 
     /**
      * This attribute is true when this interface is active and should
      * observe http activities. When false, observeActivity() should not
      * be called. It is present for compatibility reasons and should be
      * implemented only by nsHttpActivityDistributor.
      */
-    readonly attribute boolean isActive;
+    [must_use] readonly attribute boolean isActive;
 
     const unsigned long ACTIVITY_TYPE_SOCKET_TRANSPORT     = 0x0001;
     const unsigned long ACTIVITY_TYPE_HTTP_TRANSACTION     = 0x0002;
 
     const unsigned long ACTIVITY_SUBTYPE_REQUEST_HEADER    = 0x5001;
     const unsigned long ACTIVITY_SUBTYPE_REQUEST_BODY_SENT = 0x5002;
     const unsigned long ACTIVITY_SUBTYPE_RESPONSE_START    = 0x5003;
     const unsigned long ACTIVITY_SUBTYPE_RESPONSE_HEADER   = 0x5004;
--- a/netwerk/protocol/http/nsIHttpAuthManager.idl
+++ b/netwerk/protocol/http/nsIHttpAuthManager.idl
@@ -49,27 +49,27 @@ interface nsIHttpAuthManager : nsISuppor
      *        return value containing user password.
      * @param aIsPrivate
      *        whether to look up a private or public identity (they are
      *        stored separately, for use by private browsing)
      * @param aPrincipal
      *        the principal from which to derive information about which
      *        app/mozbrowser is in use for this request
      */
-    void getAuthIdentity(in ACString aScheme,
-                         in ACString aHost,
-                         in int32_t  aPort,
-                         in ACString aAuthType,
-                         in ACString aRealm,
-                         in ACString aPath,
-                         out AString aUserDomain,
-                         out AString aUserName,
-                         out AString aUserPassword,
-                         [optional] in bool aIsPrivate,
-                         [optional] in nsIPrincipal aPrincipal);
+    [must_use] void getAuthIdentity(in ACString aScheme,
+                                    in ACString aHost,
+                                    in int32_t  aPort,
+                                    in ACString aAuthType,
+                                    in ACString aRealm,
+                                    in ACString aPath,
+                                    out AString aUserDomain,
+                                    out AString aUserName,
+                                    out AString aUserPassword,
+                                    [optional] in bool aIsPrivate,
+                                    [optional] in nsIPrincipal aPrincipal);
 
     /**
      * Store auth identity.
      *
      * @param aScheme
      *        the URL scheme (e.g., "http").  NOTE: for proxy authentication,
      *        this should be "http" (this includes authentication for CONNECT
      *        tunneling).
@@ -91,25 +91,25 @@ interface nsIHttpAuthManager : nsISuppor
      *        optional string containing user password.
      * @param aIsPrivate
      *        whether to store a private or public identity (they are
      *        stored separately, for use by private browsing)
      * @param aPrincipal
      *        the principal from which to derive information about which
      *        app/mozbrowser is in use for this request
      */
-    void setAuthIdentity(in ACString aScheme,
-                         in ACString aHost,
-                         in int32_t  aPort,
-                         in ACString aAuthType,
-                         in ACString aRealm,
-                         in ACString aPath,
-                         in AString  aUserDomain,
-                         in AString  aUserName,
-                         in AString  aUserPassword,
-                         [optional] in boolean aIsPrivate,
-                         [optional] in nsIPrincipal aPrincipal);
+    [must_use] void setAuthIdentity(in ACString aScheme,
+                                    in ACString aHost,
+                                    in int32_t  aPort,
+                                    in ACString aAuthType,
+                                    in ACString aRealm,
+                                    in ACString aPath,
+                                    in AString  aUserDomain,
+                                    in AString  aUserName,
+                                    in AString  aUserPassword,
+                                    [optional] in boolean aIsPrivate,
+                                    [optional] in nsIPrincipal aPrincipal);
 
     /**
      * Clear all auth cache.
      */
-    void clearAll();
+    [must_use] void clearAll();
 };
--- a/netwerk/protocol/http/nsIHttpAuthenticableChannel.idl
+++ b/netwerk/protocol/http/nsIHttpAuthenticableChannel.idl
@@ -11,105 +11,105 @@ interface nsIURI;
 interface nsIInterfaceRequestor;
 
 [scriptable, uuid(701093ac-5c7f-429c-99e3-423b041fccb4)]
 interface nsIHttpAuthenticableChannel : nsIProxiedChannel
 {
     /**
      * If the channel being authenticated is using SSL.
      */
-    readonly attribute boolean isSSL;
+    [must_use] readonly attribute boolean isSSL;
 
     /**
      * Returns if the proxy HTTP method used is CONNECT. If no proxy is being
      * used it must return PR_FALSE.
      */
-    readonly attribute boolean proxyMethodIsConnect;
+    [must_use] readonly attribute boolean proxyMethodIsConnect;
 
     /**
      * Cancels the current request. See nsIRequest.
      */
-    void cancel(in nsresult aStatus);
+    [must_use] void cancel(in nsresult aStatus);
 
     /**
      * The load flags of this request. See nsIRequest.
      */
-    readonly attribute nsLoadFlags loadFlags;
+    [must_use] readonly attribute nsLoadFlags loadFlags;
 
     /**
      * The URI corresponding to the channel. See nsIChannel.
      */
-    readonly attribute nsIURI URI;
+    [must_use] readonly attribute nsIURI URI;
 
     /**
      * The load group of this request. It is here for querying its
      * notificationCallbacks. See nsIRequest.
      */
-    readonly attribute nsILoadGroup loadGroup;
+    [must_use] readonly attribute nsILoadGroup loadGroup;
 
     /**
      * The notification callbacks for the channel. See nsIChannel.
      */
-    readonly attribute nsIInterfaceRequestor notificationCallbacks;
+    [must_use] readonly attribute nsIInterfaceRequestor notificationCallbacks;
 
     /**
      * The HTTP request method. See nsIHttpChannel.
      */
-    readonly attribute ACString requestMethod;
+    [must_use] readonly attribute ACString requestMethod;
 
     /**
      * The "Server" response header.
      * Return NS_ERROR_NOT_AVAILABLE if not available.
      */
-    readonly attribute ACString serverResponseHeader;
+    [must_use] readonly attribute ACString serverResponseHeader;
 
     /**
      * The Proxy-Authenticate response header.
      */
-    readonly attribute ACString proxyChallenges;
+    [must_use] readonly attribute ACString proxyChallenges;
 
     /**
      * The WWW-Authenticate response header.
      */
-    readonly attribute ACString WWWChallenges;
+    [must_use] readonly attribute ACString WWWChallenges;
 
     /**
      * Sets the Proxy-Authorization request header. An empty string
      * will clear it.
      */
-    void setProxyCredentials(in ACString credentials);
+    [must_use] void setProxyCredentials(in ACString credentials);
 
     /**
      * Sets the Authorization request header. An empty string
      * will clear it.
      */
-    void setWWWCredentials(in ACString credentials);
+    [must_use] void setWWWCredentials(in ACString credentials);
 
     /**
      * Called when authentication information is ready and has been set on this
      * object using setWWWCredentials/setProxyCredentials. Implementations can
      * continue with the request and send the given information to the server.
      *
      * It is called asynchronously from
      * nsIHttpChannelAuthProvider::processAuthentication if that method returns
      * NS_ERROR_IN_PROGRESS.
      *
      * @note  Any exceptions thrown from this method should be ignored.
      */
-    void onAuthAvailable();
+    [must_use] void onAuthAvailable();
 
     /**
      * Notifies that the prompt was cancelled. It is called asynchronously
      * from nsIHttpChannelAuthProvider::processAuthentication if that method
      * returns NS_ERROR_IN_PROGRESS.
      *
      * @param userCancel
      *        If the user was cancelled has cancelled the authentication prompt.
      */
-    void onAuthCancelled(in boolean userCancel);
+    [must_use] void onAuthCancelled(in boolean userCancel);
 
     /**
      * Tells the channel to drop and close any sticky connection, since this
      * connection oriented schema cannot be negotiated second time on
      * the same connection.
      */
-    void closeStickyConnection();
+    [must_use] void closeStickyConnection();
 };
--- a/netwerk/protocol/http/nsIHttpAuthenticator.idl
+++ b/netwerk/protocol/http/nsIHttpAuthenticator.idl
@@ -42,16 +42,17 @@ interface nsIHttpAuthenticator : nsISupp
      * @param aSessionState
      *        see description below for generateCredentials.
      * @param aContinuationState
      *        see description below for generateCredentials.
      * @param aInvalidateIdentity
      *        return value indicating whether or not to prompt the user for a
      *        revised identity.
      */
+    [must_use]
     void challengeReceived(in    nsIHttpAuthenticableChannel aChannel,
                            in    string       aChallenge,
                            in    boolean      aProxyAuth,
                            inout nsISupports  aSessionState,
                            inout nsISupports  aContinuationState,
                            out   boolean      aInvalidatesIdentity);
 
     /**
@@ -87,16 +88,17 @@ interface nsIHttpAuthenticator : nsISupp
      *        state held by the channel between consecutive calls to
      *        generateCredentials, assuming multiple calls are required
      *        to authenticate.  this state is held for at most the lifetime of
      *        the channel.
      * @pram aCancel
      *        returns cancellable runnable object which caller can use to cancel
      *        calling aCallback when finished.
      */
+    [must_use]
     void generateCredentialsAsync(in    nsIHttpAuthenticableChannel aChannel,
                                   in    nsIHttpAuthenticatorCallback aCallback,
                                   in    string         aChallenge,
                                   in    boolean        aProxyAuth,
                                   in    wstring        aDomain,
                                   in    wstring        aUser,
                                   in    wstring        aPassword,
                                   in    nsISupports    aSessionState,
@@ -133,16 +135,17 @@ interface nsIHttpAuthenticator : nsISupp
      * @param aContinuationState
      *        state held by the channel between consecutive calls to
      *        generateCredentials, assuming multiple calls are required
      *        to authenticate.  this state is held for at most the lifetime of
      *        the channel.
      * @param aFlags
      *        authenticator may return one of the generate flags bellow.
      */
+    [must_use]
     string generateCredentials(in    nsIHttpAuthenticableChannel aChannel,
                                in    string         aChallenge,
                                in    boolean        aProxyAuth,
                                in    wstring        aDomain,
                                in    wstring        aUser,
                                in    wstring        aPassword,
                                inout nsISupports    aSessionState,
                                inout nsISupports    aContinuationState,
@@ -158,17 +161,17 @@ interface nsIHttpAuthenticator : nsISupp
      * the returned identity because it might not be valid and would overwrite
      * the cached identity.  See bug 542318 comment 32.
      */
     const unsigned long USING_INTERNAL_IDENTITY = (1<<0);
 
     /**
      * Flags defining various properties of the authenticator.
      */
-    readonly attribute unsigned long authFlags;
+    [must_use] readonly attribute unsigned long authFlags;
 
     /**
      * A request based authentication scheme only authenticates an individual
      * request (or a set of requests under the same authentication domain as
      * defined by RFC 2617).  BASIC and DIGEST are request based authentication
      * schemes.
      */
     const unsigned long REQUEST_BASED = (1<<0);
--- a/netwerk/protocol/http/nsIHttpChannel.idl
+++ b/netwerk/protocol/http/nsIHttpChannel.idl
@@ -31,17 +31,17 @@ interface nsIHttpChannel : nsIChannel
      *
      * NOTE: The data for a "POST" or "PUT" request can be configured via
      * nsIUploadChannel; however, after setting the upload data, it may be
      * necessary to set the request method explicitly.  The documentation
      * for nsIUploadChannel has further details.
      *
      * @throws NS_ERROR_IN_PROGRESS if set after the channel has been opened.
      */
-    attribute ACString requestMethod;
+    [must_use] attribute ACString requestMethod;
 
     /**
      * Get/set the HTTP referrer URI.  This is the address (URI) of the
      * resource from which this channel's URI was obtained (see RFC2616 section
      * 14.36).
      *
      * This attribute may only be set before the channel is opened.
      *
@@ -50,17 +50,17 @@ interface nsIHttpChannel : nsIChannel
      * never be sent as the referrer for a plaintext HTTP request).  The
      * implementation is not required to throw an exception when the referrer
      * URI is rejected.
      *
      * @throws NS_ERROR_IN_PROGRESS if set after the channel has been opened.
      * @throws NS_ERROR_FAILURE if used for setting referrer during
      *         visitRequestHeaders. Getting the value will not throw.
      */
-    attribute nsIURI referrer;
+    [must_use] attribute nsIURI referrer;
 
     /**
      * Referrer policies. See ReferrerPolicy.h for more details.
      */
 
 
     /*   The undefined state, or no referrer policy, usually causing a fallback
          to a referrer policy definded elsewhere */
@@ -86,60 +86,61 @@ interface nsIHttpChannel : nsIChannel
          No referrer when request from https->http. */
     const unsigned long REFERRER_POLICY_STRICT_ORIGIN_WHEN_XORIGIN = 8;
 
     /**
      * Get the HTTP referrer policy.  The policy is retrieved from the meta
      * referrer tag, which can be one of many values (see ReferrerPolicy.h for
      * more details).
      */
-    readonly attribute unsigned long referrerPolicy;
+    [must_use] readonly attribute unsigned long referrerPolicy;
 
     /**
      * Set the HTTP referrer URI with a referrer policy.
      * @throws NS_ERROR_FAILURE if called during visitRequestHeaders.
      */
+    [must_use]
     void setReferrerWithPolicy(in nsIURI referrer, in unsigned long referrerPolicy);
 
     /**
      * Returns the network protocol used to fetch the resource as identified
      * by the ALPN Protocol ID.
      *
      * @throws NS_ERROR_NOT_AVAILABLE if called before the response
      *         has been received (before onStartRequest).
      */
-    readonly attribute ACString protocolVersion;
+    [must_use] readonly attribute ACString protocolVersion;
 
     /**
      * size consumed by the response header fields and the response payload body
      */
-    readonly attribute uint64_t transferSize;
+    [must_use] readonly attribute uint64_t transferSize;
 
     /**
      * The size of the message body received by the client,
      * after removing any applied content-codings
      */
-    readonly attribute uint64_t decodedBodySize;
+    [must_use] readonly attribute uint64_t decodedBodySize;
 
     /**
      * The size in octets of the payload body, prior to removing content-codings
      */
-    readonly attribute uint64_t encodedBodySize;
+    [must_use] readonly attribute uint64_t encodedBodySize;
 
     /**
      * Get the value of a particular request header.
      *
      * @param aHeader
      *        The case-insensitive name of the request header to query (e.g.,
      *        "Cache-Control").
      *
      * @return the value of the request header.
      * @throws NS_ERROR_NOT_AVAILABLE if the header is not set.
      */
-    ACString getRequestHeader(in ACString aHeader);
+    [must_use] ACString getRequestHeader(in ACString aHeader);
 
     /**
      * Set the value of a particular request header.
      *
      * This method allows, for example, the cookies module to add "Cookie"
      * headers to the outgoing HTTP request.
      *
      * This method may only be called before the channel is opened.
@@ -159,19 +160,19 @@ interface nsIHttpChannel : nsIChannel
      *        contents of |aValue|.
      *
      * If aValue is empty and aMerge is false, the header will be cleared.
      *
      * @throws NS_ERROR_IN_PROGRESS if called after the channel has been
      *         opened.
      * @throws NS_ERROR_FAILURE if called during visitRequestHeaders.
      */
-    void setRequestHeader(in ACString aHeader,
-                          in ACString aValue,
-                          in boolean aMerge);
+    [must_use] void setRequestHeader(in ACString aHeader,
+                                     in ACString aValue,
+                                     in boolean aMerge);
 
     /**
      * Set a request header with empty value.
      *
      * This should be used with caution in the cases where the behavior of
      * setRequestHeader ignoring empty header values is undesirable.
      *
      * This method may only be called before the channel is opened.
@@ -179,134 +180,135 @@ interface nsIHttpChannel : nsIChannel
      * @param aHeader
      *        The case-insensitive name of the request header to set (e.g.,
      *        "Cookie").
      *
      * @throws NS_ERROR_IN_PROGRESS if called after the channel has been
      *         opened.
      * @throws NS_ERROR_FAILURE if called during visitRequestHeaders.
      */
-    void setEmptyRequestHeader(in ACString aHeader);
+    [must_use] void setEmptyRequestHeader(in ACString aHeader);
 
     /**
      * Call this method to visit all request headers.  Calling setRequestHeader
      * while visiting request headers has undefined behavior.  Don't do it!
      *
      * @param aVisitor
      *        the header visitor instance.
      */
-    void visitRequestHeaders(in nsIHttpHeaderVisitor aVisitor);
+    [must_use] void visitRequestHeaders(in nsIHttpHeaderVisitor aVisitor);
 
     /**
      * Call this method to visit all non-default (UA-provided) request headers.
      * Calling setRequestHeader while visiting request headers has undefined
      * behavior. Don't do it!
      *
      * @param aVisitor
      *        the header visitor instance.
      */
+    [must_use]
     void visitNonDefaultRequestHeaders(in nsIHttpHeaderVisitor aVisitor);
 
     /**
      * This attribute no longer has any effect, it remains for backwards compat
      *
      * @throws NS_ERROR_FAILURE if set after the channel has been opened.
      */
-    attribute boolean allowPipelining;
+    [must_use] attribute boolean allowPipelining;
 
     /**
      * This attribute of the channel indicates whether or not
      * the underlying HTTP transaction should be honor stored Strict Transport
      * Security directives for its principal. It defaults to true. Using
      * OCSP to bootstrap the HTTPs is the likely use case for setting it to
      * false.
      *
      * This attribute may only be set before the channel is opened.
      *
      * @throws NS_ERROR_IN_PROGRESS or NS_ERROR_ALREADY_OPENED
      *         if called after the channel has been opened.
      */
-    attribute boolean allowSTS;
+    [must_use] attribute boolean allowSTS;
 
     /**
      * This attribute specifies the number of redirects this channel is allowed
      * to make.  If zero, the channel will fail to redirect and will generate
      * a NS_ERROR_REDIRECT_LOOP failure status.
      *
      * NOTE: An HTTP redirect results in a new channel being created.  If the
      * new channel supports nsIHttpChannel, then it will be assigned a value
      * to its |redirectionLimit| attribute one less than the value of the
      * redirected channel's |redirectionLimit| attribute.  The initial value
      * for this attribute may be a configurable preference (depending on the
      * implementation).
      */
-    attribute unsigned long redirectionLimit;
+    [must_use] attribute unsigned long redirectionLimit;
 
 
     /**************************************************************************
      * RESPONSE INFO
      *
      * Accessing response info before the onStartRequest event is an error.
      */
 
     /**
      * Get the HTTP response code (e.g., 200).
      *
      * @throws NS_ERROR_NOT_AVAILABLE if called before the response
      *         has been received (before onStartRequest).
      */
-    readonly attribute unsigned long responseStatus;
+    [must_use] readonly attribute unsigned long responseStatus;
 
     /**
      * Get the HTTP response status text (e.g., "OK").
      *
      * NOTE: This returns the raw (possibly 8-bit) text from the server.  There
      * are no assumptions made about the charset of the returned text.  You
      * have been warned!
      *
      * @throws NS_ERROR_NOT_AVAILABLE if called before the response
      *         has been received (before onStartRequest).
      */
-    readonly attribute ACString responseStatusText;
+    [must_use] readonly attribute ACString responseStatusText;
 
     /**
      * Returns true if the HTTP response code indicates success.  The value of
      * nsIRequest::status will be NS_OK even when processing a 404 response
      * because a 404 response may include a message body that (in some cases)
      * should be shown to the user.
      *
      * Use this attribute to distinguish server error pages from normal pages,
      * instead of comparing the response status manually against the set of
      * valid response codes, if that is required by your application.
      *
      * @throws NS_ERROR_NOT_AVAILABLE if called before the response
      *         has been received (before onStartRequest).
      */
-    readonly attribute boolean requestSucceeded;
+    [must_use] readonly attribute boolean requestSucceeded;
 
    /** Indicates whether channel should be treated as the main one for the
     *  current document.  If manually set to true, will always remain true.  Otherwise,
     *  will be true iff LOAD_DOCUMENT_URI is set in the channel's loadflags.
     */
-    attribute boolean isMainDocumentChannel;
+    [must_use] attribute boolean isMainDocumentChannel;
 
     /**
      * Get the value of a particular response header.
      *
      * @param aHeader
      *        The case-insensitive name of the response header to query (e.g.,
      *        "Set-Cookie").
      *
      * @return the value of the response header.
      *
      * @throws NS_ERROR_NOT_AVAILABLE if called before the response
      *         has been received (before onStartRequest) or if the header is
      *         not set in the response.
      */
-    ACString getResponseHeader(in ACString header);
+    [must_use] ACString getResponseHeader(in ACString header);
 
     /**
      * Set the value of a particular response header.
      *
      * This method allows, for example, the HTML content sink to inform the HTTP
      * channel about HTTP-EQUIV headers found in HTML <META> tags.
      *
      * @param aHeader
@@ -327,32 +329,32 @@ interface nsIHttpChannel : nsIChannel
      *
      * @throws NS_ERROR_NOT_AVAILABLE if called before the response
      *         has been received (before onStartRequest).
      * @throws NS_ERROR_ILLEGAL_VALUE if changing the value of this response
      *         header is not allowed.
      * @throws NS_ERROR_FAILURE if called during visitResponseHeaders,
      *         VisitOriginalResponseHeaders or getOriginalResponseHeader.
      */
-    void setResponseHeader(in ACString header,
-                           in ACString value,
-                           in boolean merge);
+    [must_use] void setResponseHeader(in ACString header,
+                                      in ACString value,
+                                      in boolean merge);
 
     /**
      * Call this method to visit all response headers.  Calling
      * setResponseHeader while visiting response headers has undefined
      * behavior.  Don't do it!
      *
      * @param aVisitor
      *        the header visitor instance.
      *
      * @throws NS_ERROR_NOT_AVAILABLE if called before the response
      *         has been received (before onStartRequest).
      */
-    void visitResponseHeaders(in nsIHttpHeaderVisitor aVisitor);
+    [must_use] void visitResponseHeaders(in nsIHttpHeaderVisitor aVisitor);
 
      /**
      * Get the value(s) of a particular response header in the form and order
      * it has been received from the remote peer. There can be multiple headers
      * with the same name.
      *
      * @param aHeader
      *        The case-insensitive name of the response header to query (e.g.,
@@ -360,61 +362,62 @@ interface nsIHttpChannel : nsIChannel
      *
      * @param aVisitor
      *        the header visitor instance.
      *
      * @throws NS_ERROR_NOT_AVAILABLE if called before the response
      *         has been received (before onStartRequest) or if the header is
      *         not set in the response.
      */
-    void getOriginalResponseHeader(in ACString aHeader,
-                                   in nsIHttpHeaderVisitor aVisitor);
+    [must_use] void getOriginalResponseHeader(in ACString aHeader,
+                                              in nsIHttpHeaderVisitor aVisitor);
 
     /**
      * Call this method to visit all response headers in the form and order as
      * they have been received from the remote peer.
      * Calling setResponseHeader while visiting response headers has undefined
      * behavior.  Don't do it!
      *
      * @param aVisitor
      *        the header visitor instance.
      *
      * @throws NS_ERROR_NOT_AVAILABLE if called before the response
      *         has been received (before onStartRequest).
      */
+    [must_use]
     void visitOriginalResponseHeaders(in nsIHttpHeaderVisitor aVisitor);
 
     /**
      * Returns true if the server sent a "Cache-Control: no-store" response
      * header.
      *
      * @throws NS_ERROR_NOT_AVAILABLE if called before the response
      *         has been received (before onStartRequest).
      */
-    boolean isNoStoreResponse();
+    [must_use] boolean isNoStoreResponse();
 
     /**
      * Returns true if the server sent the equivalent of a "Cache-control:
      * no-cache" response header.  Equivalent response headers include:
      * "Pragma: no-cache", "Expires: 0", and "Expires" with a date value
      * in the past relative to the value of the "Date" header.
      *
      * @throws NS_ERROR_NOT_AVAILABLE if called before the response
      *         has been received (before onStartRequest).
      */
-    boolean isNoCacheResponse();
+    [must_use] boolean isNoCacheResponse();
 
     /**
      * Returns true if the server sent a "Cache-Control: private" response
      * header.
      *
      * @throws NS_ERROR_NOT_AVAILABLE if called before the response
      *         has been received (before onStartRequest).
      */
-    boolean isPrivateResponse();
+    [must_use] boolean isPrivateResponse();
 
     /**
      * Instructs the channel to immediately redirect to a new destination.
      * Can only be called on channels that have not yet called their
      * listener's OnStartRequest(). Generally that means the latest time
      * this can be used is one of:
      *    "http-on-examine-response"
      *    "http-on-examine-merged-response"
@@ -434,35 +437,35 @@ interface nsIHttpChannel : nsIChannel
      * rewritten).
      *
      * This method provides no explicit conflict resolution. The last
      * caller to call it wins.
      *
      * @throws NS_ERROR_NOT_AVAILABLE if called after the channel has already
      *         started to deliver the content to its listener.
      */
-    void redirectTo(in nsIURI aTargetURI);
+    [must_use] void redirectTo(in nsIURI aTargetURI);
 
     /**
      * Identifies the request context for this load.
      */
-    [noscript] attribute nsID requestContextID;
+    [noscript, must_use] attribute nsID requestContextID;
 
     /**
      * Unique ID of the channel, shared between parent and child. Needed if
      * the channel activity needs to be monitored across process boundaries,
      * like in devtools net monitor. See bug 1274556.
      */
-    attribute ACString channelId;
+    [must_use] attribute ACString channelId;
 
     /**
      * ID of the top-level document's inner window.  Identifies the content
      * this channels is being load in.
      */
-    attribute uint64_t topLevelContentWindowId;
+    [must_use] attribute uint64_t topLevelContentWindowId;
 
     /**
      * Returns true if the channel has loaded a resource that is on the tracking
      * protection list.  This is only available if the
      * privacy.trackingprotection.annotate_channels pref is set and its value
      * should only be relied on after the channel has established a connection.
      */
     [infallible] readonly attribute boolean isTrackingResource;
--- a/netwerk/protocol/http/nsIHttpChannelAuthProvider.idl
+++ b/netwerk/protocol/http/nsIHttpChannelAuthProvider.idl
@@ -27,17 +27,17 @@ interface nsIHttpAuthenticableChannel;
 
 [scriptable, uuid(788f331b-2e1f-436c-b405-4f88a31a105b)]
 interface nsIHttpChannelAuthProvider : nsICancelable
 {
   /**
    * Initializes the http authentication support for the channel.
    * Implementations must hold a weak reference of the channel.
    */
-  void init(in nsIHttpAuthenticableChannel channel);
+  [must_use] void init(in nsIHttpAuthenticableChannel channel);
 
   /**
    * Upon receipt of a server challenge, this function is called to determine
    * the credentials to send.
    *
    * @param httpStatus
    *        the http status received.
    * @param sslConnectFailed
@@ -48,32 +48,32 @@ interface nsIHttpChannelAuthProvider : n
    *
    * @returns NS_OK if the credentials were got and set successfully.
    *          NS_ERROR_IN_PROGRESS if the credentials are going to be asked to
    *                               the user. The channel reference must be
    *                               alive until the feedback from
    *                               nsIHttpAuthenticableChannel's methods or
    *                               until disconnect be called.
    */
-  void processAuthentication(in unsigned long httpStatus,
-                             in boolean sslConnectFailed);
+  [must_use] void processAuthentication(in unsigned long httpStatus,
+                                        in boolean sslConnectFailed);
 
   /**
    * Add credentials from the http auth cache.
    *
    * @param dontUseCachedWWWCreds
    *    When true, the method will not add any Authorization headers from
    *    the auth cache.
    */
-  void addAuthorizationHeaders(in boolean dontUseCachedWWWCreds);
+  [must_use] void addAuthorizationHeaders(in boolean dontUseCachedWWWCreds);
 
   /**
    * Check if an unnecessary(and maybe malicious) url authentication has been
    * provided.
    */
-  void checkForSuperfluousAuth();
+  [must_use] void checkForSuperfluousAuth();
 
   /**
    * Cancel pending user auth prompts and release the callback and channel
    * weak references.
    */
-  void disconnect(in nsresult status);
+  [must_use] void disconnect(in nsresult status);
 };
--- a/netwerk/protocol/http/nsIHttpChannelChild.idl
+++ b/netwerk/protocol/http/nsIHttpChannelChild.idl
@@ -9,26 +9,28 @@
 [ref] native OptionalCorsPreflightArgsRef(mozilla::OptionalCorsPreflightArgs);
 
 interface nsIPrincipal;
 interface nsIURI;
 
 [uuid(d02b96ed-2789-4f42-a25c-7abe63de7c18)]
 interface nsIHttpChannelChild : nsISupports
 {
-  void addCookiesToRequest();
+  [must_use] void addCookiesToRequest();
 
   // Mark this channel as requiring an interception; this will propagate
   // to the corresponding parent channel when a redirect occurs.
+  [must_use]
   void forceIntercepted(in boolean postRedirectChannelShouldIntercept,
                         in boolean postRedirectChannelShouldUpgrade);
 
   // Headers that the channel client has set via SetRequestHeader.
-  readonly attribute RequestHeaderTuples clientSetRequestHeaders;
+  [must_use] readonly attribute RequestHeaderTuples clientSetRequestHeaders;
 
   // Headers that the channel client has set via SetRequestHeader.
   [notxpcom, nostdcall]
   void GetClientSetCorsPreflightParameters(in OptionalCorsPreflightArgsRef args);
 
   // This method is called by nsCORSListenerProxy if we need to remove
   // an entry from the CORS preflight cache in the parent process.
+  [must_use]
   void removeCorsPreflightCacheEntry(in nsIURI aURI, in nsIPrincipal aRequestingPrincipal);
 };
--- a/netwerk/protocol/http/nsIHttpChannelInternal.idl
+++ b/netwerk/protocol/http/nsIHttpChannelInternal.idl
@@ -24,139 +24,143 @@ interface nsIURI;
 
 /**
  * The callback interface for nsIHttpChannelInternal::HTTPUpgrade()
  */
 
 [scriptable, uuid(5b515449-ab64-4dba-b3cd-da8fc2f83064)]
 interface nsIHttpUpgradeListener : nsISupports
 {
-    void onTransportAvailable(in nsISocketTransport   aTransport,
-                              in nsIAsyncInputStream  aSocketIn,
-                              in nsIAsyncOutputStream aSocketOut);
+    [must_use] void onTransportAvailable(in nsISocketTransport   aTransport,
+                                         in nsIAsyncInputStream  aSocketIn,
+                                         in nsIAsyncOutputStream aSocketOut);
 };
 
 /**
  * Dumping ground for http.  This interface will never be frozen.  If you are
  * using any feature exposed by this interface, be aware that this interface
  * will change and you will be broken.  You have been warned.
  */
 [builtinclass, scriptable, uuid(4e28263d-1e03-46f4-aa5c-9512f91957f9)]
 interface nsIHttpChannelInternal : nsISupports
 {
     /**
      * An http channel can own a reference to the document URI
      */
-    attribute nsIURI documentURI;
+    [must_use] attribute nsIURI documentURI;
 
     /**
      * Get the major/minor version numbers for the request
      */
+    [must_use]
     void getRequestVersion(out unsigned long major, out unsigned long minor);
 
     /**
      * Get the major/minor version numbers for the response
      */
+    [must_use]
     void getResponseVersion(out unsigned long major, out unsigned long minor);
 
     /*
      * Retrieves all security messages from the security message queue
      * and empties the queue after retrieval
      */
-    [noscript] void takeAllSecurityMessages(in securityMessagesArray aMessages);
+    [noscript, must_use]
+    void takeAllSecurityMessages(in securityMessagesArray aMessages);
 
     /**
      * Helper method to set a cookie with a consumer-provided
      * cookie header, _but_ using the channel's other information
      * (URI's, prompters, date headers etc).
      *
      * @param aCookieHeader
      *        The cookie header to be parsed.
      */
-    void setCookie(in string aCookieHeader);
+    [must_use] void setCookie(in string aCookieHeader);
 
     /**
      * Setup this channel as an application cache fallback channel.
      */
-    void setupFallbackChannel(in string aFallbackKey);
+    [must_use] void setupFallbackChannel(in string aFallbackKey);
 
     /**
      * This flag is set to force relevant cookies to be sent with this load
      * even if normally they wouldn't be.
      */
     const unsigned long THIRD_PARTY_FORCE_ALLOW = 1 << 0;
 
     /**
      * When set, these flags modify the algorithm used to decide whether to
      * send 3rd party cookies for a given channel.
      */
-    attribute unsigned long thirdPartyFlags;
+    [must_use] attribute unsigned long thirdPartyFlags;
 
     /**
      * This attribute was added before the "flags" above and is retained here
      * for compatibility. When set to true, has the same effect as
      * THIRD_PARTY_FORCE_ALLOW, described above.
      */
-    attribute boolean forceAllowThirdPartyCookie;
+    [must_use] attribute boolean forceAllowThirdPartyCookie;
 
     /**
      * True iff the channel has been canceled.
      */
-    readonly attribute boolean canceled;
+    [must_use] readonly attribute boolean canceled;
 
     /**
      * External handlers may set this to true to notify the channel
      * that it is open on behalf of a download.
      */
-    attribute boolean channelIsForDownload;
+    [must_use] attribute boolean channelIsForDownload;
 
     /**
      * The local IP address to which this channel is bound, in the
      * format produced by PR_NetAddrToString. May be IPv4 or IPv6.
      * Note: in the presence of NAT, this may not be the same as the
      * address that the remote host thinks it's talking to.
      *
      * May throw NS_ERROR_NOT_AVAILABLE if accessed when the channel's
      * endpoints are not yet determined, or in any case when
      * nsIHttpActivityObserver.isActive is false. See bugs 534698 and 526207.
      */
-    readonly attribute AUTF8String localAddress;
+    [must_use] readonly attribute AUTF8String localAddress;
 
     /**
      * The local port number to which this channel is bound.
      *
      * May throw NS_ERROR_NOT_AVAILABLE if accessed when the channel's
      * endpoints are not yet determined, or in any case when
      * nsIHttpActivityObserver.isActive is false. See bugs 534698 and 526207.
      */
-    readonly attribute int32_t localPort;
+    [must_use] readonly attribute int32_t localPort;
 
     /**
      * The IP address of the remote host that this channel is
      * connected to, in the format produced by PR_NetAddrToString.
      *
      * May throw NS_ERROR_NOT_AVAILABLE if accessed when the channel's
      * endpoints are not yet determined, or in any case when
      * nsIHttpActivityObserver.isActive is false. See bugs 534698 and 526207.
      */
-    readonly attribute AUTF8String remoteAddress;
+    [must_use] readonly attribute AUTF8String remoteAddress;
 
     /**
      * The remote port number that this channel is connected to.
      *
      * May throw NS_ERROR_NOT_AVAILABLE if accessed when the channel's
      * endpoints are not yet determined, or in any case when
      * nsIHttpActivityObserver.isActive is false. See bugs 534698 and 526207.
      */
-    readonly attribute int32_t remotePort;
+    [must_use] readonly attribute int32_t remotePort;
 
     /**
      * Transfer chain of redirected cache-keys.
      */
-    [noscript] void setCacheKeysRedirectChain(in StringArray cacheKeys);
+    [noscript, must_use]
+    void setCacheKeysRedirectChain(in StringArray cacheKeys);
 
     /**
      * HTTPUpgrade allows for the use of HTTP to bootstrap another protocol
      * via the RFC 2616 Upgrade request header in conjunction with a 101 level
      * response. The nsIHttpUpgradeListener will have its
      * onTransportAvailable() method invoked if a matching 101 is processed.
      * The arguments to onTransportAvailable provide the new protocol the low
      * level tranport streams that are no longer used by HTTP.
@@ -165,123 +169,123 @@ interface nsIHttpChannelInternal : nsISu
      * listener gets full control over the socket if and when onTransportAvailable
      * is delievered.
      *
      * @param aProtocolName
      *        The value of the HTTP Upgrade request header
      * @param aListener
      *        The callback object used to handle a successful upgrade
      */
-    void HTTPUpgrade(in ACString aProtocolName,
-                     in nsIHttpUpgradeListener aListener);
+    [must_use] void HTTPUpgrade(in ACString aProtocolName,
+                                in nsIHttpUpgradeListener aListener);
 
     /**
      * Enable/Disable Spdy negotiation on per channel basis.
      * The network.http.spdy.enabled preference is still a pre-requisite
      * for starting spdy.
      */
-    attribute boolean allowSpdy;
+    [must_use] attribute boolean allowSpdy;
 
     /**
      * This attribute en/disables the timeout for the first byte of an HTTP
      * response. Enabled by default.
      */
-    attribute boolean responseTimeoutEnabled;
+    [must_use] attribute boolean responseTimeoutEnabled;
 
     /**
      * If the underlying transport supports RWIN manipulation, this is the
      * intiial window value for the channel. HTTP/2 implements this.
      * 0 means no override from system default. Set before opening channel.
      */
-    attribute unsigned long initialRwin;
+    [must_use] attribute unsigned long initialRwin;
 
     /**
      * Get value of the URI passed to nsIHttpChannel.redirectTo() if any.
      * May return null when redirectTo() has not been called.
      */
-    readonly attribute nsIURI apiRedirectToURI;
+    [must_use] readonly attribute nsIURI apiRedirectToURI;
 
     /**
      * Enable/Disable use of Alternate Services with this channel.
      * The network.http.altsvc.enabled preference is still a pre-requisite.
      */
-    attribute boolean allowAltSvc;
+    [must_use] attribute boolean allowAltSvc;
 
     /**
      * If true, do not use newer protocol features that might have interop problems
      * on the Internet. Intended only for use with critical infra like the updater.
      * default is false.
      */
-    attribute boolean beConservative;
+    [must_use] attribute boolean beConservative;
 
-    readonly attribute PRTime lastModifiedTime;
+    [must_use] readonly attribute PRTime lastModifiedTime;
 
     /**
      * Force a channel that has not been AsyncOpen'ed to skip any check for possible
      * interception and proceed immediately to open a previously-synthesized cache
      * entry using the provided ID.
      */
-    void forceIntercepted(in uint64_t aInterceptionID);
+    [must_use] void forceIntercepted(in uint64_t aInterceptionID);
 
-    readonly attribute boolean responseSynthesized;
+    [must_use] readonly attribute boolean responseSynthesized;
 
     /**
      * Set by nsCORSListenerProxy if credentials should be included in
      * cross-origin requests. false indicates "same-origin", users should still
      * check flag LOAD_ANONYMOUS!
      */
-    attribute boolean corsIncludeCredentials;
+    [must_use] attribute boolean corsIncludeCredentials;
 
     const unsigned long CORS_MODE_SAME_ORIGIN = 0;
     const unsigned long CORS_MODE_NO_CORS = 1;
     const unsigned long CORS_MODE_CORS = 2;
     const unsigned long CORS_MODE_NAVIGATE = 3;
     /**
      * Set by nsCORSListenerProxy to indicate CORS load type. Defaults to CORS_MODE_NO_CORS.
      */
-    attribute unsigned long corsMode;
+    [must_use] attribute unsigned long corsMode;
 
     const unsigned long REDIRECT_MODE_FOLLOW = 0;
     const unsigned long REDIRECT_MODE_ERROR = 1;
     const unsigned long REDIRECT_MODE_MANUAL = 2;
     /**
      * Set to indicate Request.redirect mode exposed during ServiceWorker
      * interception. No policy enforcement is performed by the channel for this
      * value.
      */
-    attribute unsigned long redirectMode;
+    [must_use] attribute unsigned long redirectMode;
 
     const unsigned long FETCH_CACHE_MODE_DEFAULT = 0;
     const unsigned long FETCH_CACHE_MODE_NO_STORE = 1;
     const unsigned long FETCH_CACHE_MODE_RELOAD = 2;
     const unsigned long FETCH_CACHE_MODE_NO_CACHE = 3;
     const unsigned long FETCH_CACHE_MODE_FORCE_CACHE = 4;
     const unsigned long FETCH_CACHE_MODE_ONLY_IF_CACHED = 5;
     /**
      * Set to indicate Request.cache mode, which simulates the fetch API
      * semantics, and is also used for exposing this value to the Web page
      * during service worker interception.
      */
-    attribute unsigned long fetchCacheMode;
+    [must_use] attribute unsigned long fetchCacheMode;
 
     /**
      * The URI of the top-level window that's associated with this channel.
      */
-    readonly attribute nsIURI topWindowURI;
+    [must_use] readonly attribute nsIURI topWindowURI;
 
     /**
      * The network interface id that's associated with this channel.
      */
-    attribute ACString networkInterfaceId;
+    [must_use] attribute ACString networkInterfaceId;
 
     /**
      * Read the proxy URI, which, if non-null, will be used to resolve
      * proxies for this channel.
      */
-    readonly attribute nsIURI proxyURI;
+    [must_use] readonly attribute nsIURI proxyURI;
 
     /**
      * Make cross-origin CORS loads happen with a CORS preflight, and specify
      * the CORS preflight parameters.
      */
     [noscript, notxpcom, nostdcall]
     void setCorsPreflightParameters(in StringArrayRef unsafeHeaders);
 
@@ -292,15 +296,15 @@ interface nsIHttpChannelInternal : nsISu
      * listener.  Must be called before opening the channel, otherwise throws.
      */
     [infallible]
     attribute boolean blockAuthPrompt;
 
     /**
      * Set to indicate Request.integrity.
      */
-    attribute AString integrityMetadata;
+    [must_use] attribute AString integrityMetadata;
 
     /**
      * The connection info's hash key. We use it to test connection separation.
      */
-    readonly attribute ACString connectionInfoHashKey;
+    [must_use] readonly attribute ACString connectionInfoHashKey;
 };
--- a/netwerk/protocol/http/nsIHttpEventSink.idl
+++ b/netwerk/protocol/http/nsIHttpEventSink.idl
@@ -27,11 +27,11 @@ interface nsIURI;
 interface nsIHttpEventSink : nsISupports
 {
     /**
      * Called when a redirect occurs due to a HTTP response like 302.  The
      * redirection may be to a non-http channel.
      *
      * @return failure cancels redirect
      */
-    void onRedirect(in nsIHttpChannel httpChannel,
-                    in nsIChannel newChannel);
+    [must_use] void onRedirect(in nsIHttpChannel httpChannel,
+                               in nsIChannel newChannel);
 };
--- a/netwerk/protocol/http/nsIHttpHeaderVisitor.idl
+++ b/netwerk/protocol/http/nsIHttpHeaderVisitor.idl
@@ -17,10 +17,10 @@ interface nsIHttpHeaderVisitor : nsISupp
      *
      * @param aHeader
      *        the header being visited.
      * @param aValue
      *        the header value (possibly a comma delimited list).
      *
      * @throw any exception to terminate enumeration
      */
-    void visitHeader(in ACString aHeader, in ACString aValue);
+    [must_use] void visitHeader(in ACString aHeader, in ACString aValue);
 };
--- a/netwerk/protocol/http/nsIHttpProtocolHandler.idl
+++ b/netwerk/protocol/http/nsIHttpProtocolHandler.idl
@@ -6,51 +6,51 @@
 #include "nsIProxiedProtocolHandler.idl"
 
 [scriptable, uuid(c48126d9-2ddd-485b-a51a-378e917e75f8)]
 interface nsIHttpProtocolHandler : nsIProxiedProtocolHandler
 {
     /**
      * Get the HTTP advertised user agent string.
      */
-    readonly attribute ACString userAgent;
+    [must_use] readonly attribute ACString userAgent;
 
     /**
      * Get the application name.
 	 *
      * @return The name of this application (eg. "Mozilla").
      */
-    readonly attribute ACString appName;
+    [must_use] readonly attribute ACString appName;
 
     /**
      * Get the application version string.
      *
      * @return The complete version (major and minor) string. (eg. "5.0")
      */
-    readonly attribute ACString appVersion;
+    [must_use] readonly attribute ACString appVersion;
 
     /**
      * Get the current platform.
      *
      * @return The platform this application is running on
      *		   (eg. "Windows", "Macintosh", "X11")
      */
-    readonly attribute ACString platform;
+    [must_use] readonly attribute ACString platform;
 
     /**
      * Get the current oscpu.
      *
      * @return The oscpu this application is running on
      */
-    readonly attribute ACString oscpu;
+    [must_use] readonly attribute ACString oscpu;
 
     /**
      * Get the application comment misc portion.
      */
-    readonly attribute ACString misc;
+    [must_use] readonly attribute ACString misc;
 
 };
 
 %{C++
 // ----------- Categories -----------
 /**
  * At initialization time, the HTTP handler will initialize each service
  * registered under this category:
--- a/netwerk/protocol/http/nsIWellKnownOpportunisticUtils.idl
+++ b/netwerk/protocol/http/nsIWellKnownOpportunisticUtils.idl
@@ -11,16 +11,16 @@
 
 %{C++
 #define NS_WELLKNOWNOPPORTUNISTICUTILS_CONTRACTID "@mozilla.org/network/well-known-opportunistic-utils;1"
 %}
 
 [scriptable, uuid(b4f96c89-5238-450c-8bda-e12c26f1d150)]
 interface nsIWellKnownOpportunisticUtils : nsISupports
 {
-    void verify(in ACString aJSON,
+    [must_use] void verify(in ACString aJSON,
                in ACString  aOrigin,
                in long      aAlternatePort);
 
-   readonly attribute bool valid;
-   readonly attribute bool mixed; /* mixed-scheme */
-   readonly attribute long lifetime;
+    [must_use] readonly attribute bool valid;
+    [must_use] readonly attribute bool mixed; /* mixed-scheme */
+    [must_use] readonly attribute long lifetime;
 };