Bug 1502743 - Replace black/whitelist within caps to block/allowlist r=ckerschb
authorJonathan Kingston <jkt@mozilla.com>
Wed, 31 Oct 2018 17:56:43 +0000
changeset 443784 f3a78d65b0590610e4f863db4dce834303fc8b94
parent 443783 93012cb456171ea24e0480d1591f3673c479d2b4
child 443785 7c5dc48aa9dcf9472a4ffa2a6ee1b3db042f2149
push id34969
push usercbrindusan@mozilla.com
push dateWed, 31 Oct 2018 21:39:53 +0000
treeherdermozilla-central@814414676c25 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersckerschb
bugs1502743
milestone65.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1502743 - Replace black/whitelist within caps to block/allowlist r=ckerschb Differential Revision: https://phabricator.services.mozilla.com/D10013
caps/BasePrincipal.cpp
caps/BasePrincipal.h
caps/DomainPolicy.cpp
caps/DomainPolicy.h
caps/ExpandedPrincipal.cpp
caps/ExpandedPrincipal.h
caps/nsIDomainPolicy.idl
caps/nsIPrincipal.idl
caps/nsIScriptSecurityManager.idl
caps/nsJSPrincipals.cpp
caps/nsScriptSecurityManager.cpp
caps/nsScriptSecurityManager.h
caps/tests/mochitest/test_addonMayLoad.html
caps/tests/mochitest/test_bug292789.html
caps/tests/mochitest/test_disableScript.xul
dom/base/nsDocument.cpp
dom/ipc/ContentChild.cpp
dom/ipc/PContent.ipdl
dom/ipc/tests/browser_domainPolicy.js
dom/media/systemservices/MediaParent.cpp
extensions/cookie/nsPermissionManager.cpp
ipc/glue/BackgroundUtils.cpp
ipc/glue/PBackgroundSharedTypes.ipdlh
toolkit/modules/E10SUtils.jsm
--- a/caps/BasePrincipal.cpp
+++ b/caps/BasePrincipal.cpp
@@ -492,17 +492,17 @@ BasePrincipal::CloneStrippingUserContext
 extensions::WebExtensionPolicy*
 BasePrincipal::ContentScriptAddonPolicy()
 {
   if (!Is<ExpandedPrincipal>()) {
     return nullptr;
   }
 
   auto expanded = As<ExpandedPrincipal>();
-  for (auto& prin : expanded->WhiteList()) {
+  for (auto& prin : expanded->AllowList()) {
     if (auto policy = BasePrincipal::Cast(prin)->AddonPolicy()) {
       return policy;
     }
   }
 
   return nullptr;
 }
 
--- a/caps/BasePrincipal.h
+++ b/caps/BasePrincipal.h
@@ -165,17 +165,17 @@ public:
   inline bool FastSubsumesIgnoringFPD(nsIPrincipal* aOther);
   inline bool FastSubsumesConsideringDomainIgnoringFPD(nsIPrincipal* aOther);
 
   // Returns the principal to inherit when a caller with this principal loads
   // the given URI.
   //
   // For most principal types, this returns the principal itself. For expanded
   // principals, it returns the first sub-principal which subsumes the given URI
-  // (or, if no URI is given, the last whitelist principal).
+  // (or, if no URI is given, the last allowlist principal).
   nsIPrincipal* PrincipalToInherit(nsIURI* aRequestedURI = nullptr);
 
   /**
    * Returns true if this principal's CSP should override a document's CSP for
    * loads that it triggers. Currently true for system principal, for expanded
    * principals which subsume the document principal, and add-on codebase
    * principals regardless of whether they subsume the document principal.
    */
--- a/caps/DomainPolicy.cpp
+++ b/caps/DomainPolicy.cpp
@@ -36,121 +36,121 @@ BroadcastDomainSetChange(DomainSetType a
     SerializeURI(aDomain, uri);
 
     for (uint32_t i = 0; i < parents.Length(); i++) {
         Unused << parents[i]->SendDomainSetChanged(aSetType, aChangeType, uri);
     }
     return NS_OK;
 }
 
-DomainPolicy::DomainPolicy() : mBlacklist(new DomainSet(BLACKLIST))
-                             , mSuperBlacklist(new DomainSet(SUPER_BLACKLIST))
-                             , mWhitelist(new DomainSet(WHITELIST))
-                             , mSuperWhitelist(new DomainSet(SUPER_WHITELIST))
+DomainPolicy::DomainPolicy() : mBlocklist(new DomainSet(BLOCKLIST))
+                             , mSuperBlocklist(new DomainSet(SUPER_BLOCKLIST))
+                             , mAllowlist(new DomainSet(ALLOWLIST))
+                             , mSuperAllowlist(new DomainSet(SUPER_ALLOWLIST))
 {
     if (XRE_IsParentProcess()) {
         BroadcastDomainSetChange(NO_TYPE, ACTIVATE_POLICY);
     }
 }
 
 DomainPolicy::~DomainPolicy()
 {
     // The SSM holds a strong ref to the DomainPolicy until Deactivate() is
     // invoked, so we should never hit the destructor until that happens.
-    MOZ_ASSERT(!mBlacklist && !mSuperBlacklist &&
-               !mWhitelist && !mSuperWhitelist);
+    MOZ_ASSERT(!mBlocklist && !mSuperBlocklist &&
+               !mAllowlist && !mSuperAllowlist);
 }
 
 
 NS_IMETHODIMP
-DomainPolicy::GetBlacklist(nsIDomainSet** aSet)
+DomainPolicy::GetBlocklist(nsIDomainSet** aSet)
 {
-    nsCOMPtr<nsIDomainSet> set = mBlacklist.get();
+    nsCOMPtr<nsIDomainSet> set = mBlocklist.get();
     set.forget(aSet);
     return NS_OK;
 }
 
 NS_IMETHODIMP
-DomainPolicy::GetSuperBlacklist(nsIDomainSet** aSet)
+DomainPolicy::GetSuperBlocklist(nsIDomainSet** aSet)
 {
-    nsCOMPtr<nsIDomainSet> set = mSuperBlacklist.get();
+    nsCOMPtr<nsIDomainSet> set = mSuperBlocklist.get();
     set.forget(aSet);
     return NS_OK;
 }
 
 NS_IMETHODIMP
-DomainPolicy::GetWhitelist(nsIDomainSet** aSet)
+DomainPolicy::GetAllowlist(nsIDomainSet** aSet)
 {
-    nsCOMPtr<nsIDomainSet> set = mWhitelist.get();
+    nsCOMPtr<nsIDomainSet> set = mAllowlist.get();
     set.forget(aSet);
     return NS_OK;
 }
 
 NS_IMETHODIMP
-DomainPolicy::GetSuperWhitelist(nsIDomainSet** aSet)
+DomainPolicy::GetSuperAllowlist(nsIDomainSet** aSet)
 {
-    nsCOMPtr<nsIDomainSet> set = mSuperWhitelist.get();
+    nsCOMPtr<nsIDomainSet> set = mSuperAllowlist.get();
     set.forget(aSet);
     return NS_OK;
 }
 
 NS_IMETHODIMP
 DomainPolicy::Deactivate()
 {
     // Clear the hashtables first to free up memory, since script might
     // hold the doomed sets alive indefinitely.
-    mBlacklist->Clear();
-    mSuperBlacklist->Clear();
-    mWhitelist->Clear();
-    mSuperWhitelist->Clear();
+    mBlocklist->Clear();
+    mSuperBlocklist->Clear();
+    mAllowlist->Clear();
+    mSuperAllowlist->Clear();
 
     // Null them out.
-    mBlacklist = nullptr;
-    mSuperBlacklist = nullptr;
-    mWhitelist = nullptr;
-    mSuperWhitelist = nullptr;
+    mBlocklist = nullptr;
+    mSuperBlocklist = nullptr;
+    mAllowlist = nullptr;
+    mSuperAllowlist = nullptr;
 
     // Inform the SSM.
     nsScriptSecurityManager* ssm = nsScriptSecurityManager::GetScriptSecurityManager();
     if (ssm) {
         ssm->DeactivateDomainPolicy();
     }
     if (XRE_IsParentProcess()) {
         BroadcastDomainSetChange(NO_TYPE, DEACTIVATE_POLICY);
     }
     return NS_OK;
 }
 
 void
 DomainPolicy::CloneDomainPolicy(DomainPolicyClone* aClone)
 {
     aClone->active() = true;
-    mBlacklist->CloneSet(&aClone->blacklist());
-    mSuperBlacklist->CloneSet(&aClone->superBlacklist());
-    mWhitelist->CloneSet(&aClone->whitelist());
-    mSuperWhitelist->CloneSet(&aClone->superWhitelist());
+    mBlocklist->CloneSet(&aClone->blocklist());
+    mSuperBlocklist->CloneSet(&aClone->superBlocklist());
+    mAllowlist->CloneSet(&aClone->allowlist());
+    mSuperAllowlist->CloneSet(&aClone->superAllowlist());
 }
 
 static
 void
 CopyURIs(const InfallibleTArray<URIParams>& aDomains, nsIDomainSet* aSet)
 {
     for (uint32_t i = 0; i < aDomains.Length(); i++) {
         nsCOMPtr<nsIURI> uri = DeserializeURI(aDomains[i]);
         aSet->Add(uri);
     }
 }
 
 void
 DomainPolicy::ApplyClone(const DomainPolicyClone* aClone)
 {
-    CopyURIs(aClone->blacklist(), mBlacklist);
-    CopyURIs(aClone->whitelist(), mWhitelist);
-    CopyURIs(aClone->superBlacklist(), mSuperBlacklist);
-    CopyURIs(aClone->superWhitelist(), mSuperWhitelist);
+    CopyURIs(aClone->blocklist(), mBlocklist);
+    CopyURIs(aClone->allowlist(), mAllowlist);
+    CopyURIs(aClone->superBlocklist(), mSuperBlocklist);
+    CopyURIs(aClone->superAllowlist(), mSuperAllowlist);
 }
 
 static already_AddRefed<nsIURI>
 GetCanonicalClone(nsIURI* aURI)
 {
     nsCOMPtr<nsIURI> clone;
     nsresult rv = NS_MutateURI(aURI)
            .SetUserPass(EmptyCString())
--- a/caps/DomainPolicy.h
+++ b/caps/DomainPolicy.h
@@ -22,20 +22,20 @@ enum DomainSetChangeType{
     DEACTIVATE_POLICY,
     ADD_DOMAIN,
     REMOVE_DOMAIN,
     CLEAR_DOMAINS
 };
 
 enum DomainSetType{
     NO_TYPE,
-    BLACKLIST,
-    SUPER_BLACKLIST,
-    WHITELIST,
-    SUPER_WHITELIST
+    BLOCKLIST,
+    SUPER_BLOCKLIST,
+    ALLOWLIST,
+    SUPER_ALLOWLIST
 };
 
 class DomainSet final : public nsIDomainSet
 {
 public:
     NS_DECL_ISUPPORTS
     NS_DECL_NSIDOMAINSET
 
@@ -56,17 +56,17 @@ class DomainPolicy final : public nsIDom
 public:
     NS_DECL_ISUPPORTS
     NS_DECL_NSIDOMAINPOLICY
     DomainPolicy();
 
 private:
     virtual ~DomainPolicy();
 
-    RefPtr<DomainSet> mBlacklist;
-    RefPtr<DomainSet> mSuperBlacklist;
-    RefPtr<DomainSet> mWhitelist;
-    RefPtr<DomainSet> mSuperWhitelist;
+    RefPtr<DomainSet> mBlocklist;
+    RefPtr<DomainSet> mSuperBlocklist;
+    RefPtr<DomainSet> mAllowlist;
+    RefPtr<DomainSet> mSuperAllowlist;
 };
 
 } /* namespace mozilla */
 
 #endif /* DomainPolicy_h__ */
--- a/caps/ExpandedPrincipal.cpp
+++ b/caps/ExpandedPrincipal.cpp
@@ -40,40 +40,40 @@ struct OriginComparator
     MOZ_ASSERT(NS_SUCCEEDED(rv));
     nsAutoCString originB;
     rv = b->GetOrigin(originB);
     MOZ_ASSERT(NS_SUCCEEDED(rv));
     return a == b;
   }
 };
 
-ExpandedPrincipal::ExpandedPrincipal(nsTArray<nsCOMPtr<nsIPrincipal>> &aWhiteList)
+ExpandedPrincipal::ExpandedPrincipal(nsTArray<nsCOMPtr<nsIPrincipal>> &aAllowList)
   : BasePrincipal(eExpandedPrincipal)
 {
   // We force the principals to be sorted by origin so that ExpandedPrincipal
   // origins can have a canonical form.
   OriginComparator c;
-  for (size_t i = 0; i < aWhiteList.Length(); ++i) {
-    mPrincipals.InsertElementSorted(aWhiteList[i], c);
+  for (size_t i = 0; i < aAllowList.Length(); ++i) {
+    mPrincipals.InsertElementSorted(aAllowList[i], c);
   }
 }
 
 ExpandedPrincipal::ExpandedPrincipal()
   : BasePrincipal(eExpandedPrincipal)
 {
 }
 
 ExpandedPrincipal::~ExpandedPrincipal()
 { }
 
 already_AddRefed<ExpandedPrincipal>
-ExpandedPrincipal::Create(nsTArray<nsCOMPtr<nsIPrincipal>>& aWhiteList,
+ExpandedPrincipal::Create(nsTArray<nsCOMPtr<nsIPrincipal>>& aAllowList,
                           const OriginAttributes& aAttrs)
 {
-  RefPtr<ExpandedPrincipal> ep = new ExpandedPrincipal(aWhiteList);
+  RefPtr<ExpandedPrincipal> ep = new ExpandedPrincipal(aAllowList);
 
   nsAutoCString origin;
   origin.AssignLiteral("[Expanded Principal [");
   for (size_t i = 0; i < ep->mPrincipals.Length(); ++i) {
     if (i != 0) {
       origin.AppendLiteral(", ");
     }
 
@@ -105,17 +105,17 @@ bool
 ExpandedPrincipal::SubsumesInternal(nsIPrincipal* aOther,
                                     BasePrincipal::DocumentDomainConsideration aConsideration)
 {
   // If aOther is an ExpandedPrincipal too, we break it down into its component
   // nsIPrincipals, and check subsumes on each one.
   if (Cast(aOther)->Is<ExpandedPrincipal>()) {
     auto* expanded = Cast(aOther)->As<ExpandedPrincipal>();
 
-    for (auto& other : expanded->WhiteList()) {
+    for (auto& other : expanded->AllowList()) {
       // Use SubsumesInternal rather than Subsumes here, since OriginAttribute
       // checks are only done between non-expanded sub-principals, and we don't
       // need to incur the extra virtual call overhead.
       if (!SubsumesInternal(other, aConsideration)) {
         return false;
       }
     }
     return true;
@@ -153,17 +153,17 @@ ExpandedPrincipal::GetHashValue(uint32_t
 NS_IMETHODIMP
 ExpandedPrincipal::GetURI(nsIURI** aURI)
 {
   *aURI = nullptr;
   return NS_OK;
 }
 
 const nsTArray<nsCOMPtr<nsIPrincipal>>&
-ExpandedPrincipal::WhiteList()
+ExpandedPrincipal::AllowList()
 {
   return mPrincipals;
 }
 
 NS_IMETHODIMP
 ExpandedPrincipal::GetBaseDomain(nsACString& aBaseDomain)
 {
   return NS_ERROR_NOT_AVAILABLE;
@@ -202,17 +202,17 @@ nsIPrincipal*
 ExpandedPrincipal::PrincipalToInherit(nsIURI* aRequestedURI)
 {
   if (aRequestedURI) {
     // If a given sub-principal subsumes the given URI, use that principal for
     // inheritance. In general, this only happens with certain CORS modes, loads
     // with forced principal inheritance, and creation of XML documents from
     // XMLHttpRequests or fetch requests. For URIs that normally inherit a
     // principal (such as data: URIs), we fall back to the last principal in the
-    // whitelist.
+    // allowlist.
     for (const auto& principal : mPrincipals) {
       if (Cast(principal)->MayLoadInternal(aRequestedURI)) {
         return principal;
       }
     }
   }
   return mPrincipals.LastElement();
 }
@@ -311,23 +311,23 @@ ExpandedPrincipal::Write(nsIObjectOutput
 }
 
 nsresult
 ExpandedPrincipal::GetSiteIdentifier(SiteIdentifier& aSite)
 {
   // Call GetSiteIdentifier on each of our principals and return a new
   // ExpandedPrincipal.
 
-  nsTArray<nsCOMPtr<nsIPrincipal>> whitelist;
+  nsTArray<nsCOMPtr<nsIPrincipal>> allowlist;
   for (const auto& principal : mPrincipals) {
     SiteIdentifier site;
     nsresult rv = Cast(principal)->GetSiteIdentifier(site);
     NS_ENSURE_SUCCESS(rv, rv);
-    whitelist.AppendElement(site.GetPrincipal());
+    allowlist.AppendElement(site.GetPrincipal());
   }
 
   RefPtr<ExpandedPrincipal> expandedPrincipal =
-    ExpandedPrincipal::Create(whitelist, OriginAttributesRef());
+    ExpandedPrincipal::Create(allowlist, OriginAttributesRef());
   MOZ_ASSERT(expandedPrincipal, "ExpandedPrincipal::Create returned nullptr?");
 
   aSite.Init(expandedPrincipal);
   return NS_OK;
 }
--- a/caps/ExpandedPrincipal.h
+++ b/caps/ExpandedPrincipal.h
@@ -12,17 +12,17 @@
 #include "nsNetUtil.h"
 #include "mozilla/BasePrincipal.h"
 
 class ExpandedPrincipal : public nsIExpandedPrincipal
                         , public mozilla::BasePrincipal
 {
 public:
   static already_AddRefed<ExpandedPrincipal>
-  Create(nsTArray<nsCOMPtr<nsIPrincipal>>& aWhiteList,
+  Create(nsTArray<nsCOMPtr<nsIPrincipal>>& aAllowList,
          const mozilla::OriginAttributes& aAttrs);
 
   static PrincipalKind Kind() { return eExpandedPrincipal; }
 
   // For use from the XPCOM factory constructor only.  Do not ever use this
   // constructor by hand!
   ExpandedPrincipal();
 
@@ -45,17 +45,17 @@ public:
 
   // Returns the principal to inherit when this principal requests the given
   // URL. See BasePrincipal::PrincipalToInherit.
   nsIPrincipal* PrincipalToInherit(nsIURI* aRequestedURI = nullptr);
 
   nsresult GetSiteIdentifier(mozilla::SiteIdentifier& aSite) override;
 
 protected:
-  explicit ExpandedPrincipal(nsTArray<nsCOMPtr<nsIPrincipal>> &aWhiteList);
+  explicit ExpandedPrincipal(nsTArray<nsCOMPtr<nsIPrincipal>> &aAllowList);
 
   virtual ~ExpandedPrincipal();
 
   bool SubsumesInternal(nsIPrincipal* aOther,
                         DocumentDomainConsideration aConsideration) override;
 
   bool MayLoadInternal(nsIURI* aURI) override;
 
--- a/caps/nsIDomainPolicy.idl
+++ b/caps/nsIDomainPolicy.idl
@@ -18,31 +18,31 @@ class DomainPolicyClone;
 
 [ptr] native DomainPolicyClonePtr(mozilla::dom::DomainPolicyClone);
 [ptr] native DomainPolicyCloneConstPtr(const mozilla::dom::DomainPolicyClone);
 
 /*
  * When a domain policy is instantiated by invoking activateDomainPolicy() on
  * nsIScriptSecurityManager, these domain sets are consulted when each new
  * global is created (they have no effect on already-created globals).
- * If javascript is globally enabled with |javascript.enabled|, the blacklists
- * are consulted. If globally disabled, the whitelists are consulted. Lookups
- * on blacklist and whitelist happen with contains(), and lookups on
- * superBlacklist and superWhitelist happen with containsSuperDomain().
+ * If javascript is globally enabled with |javascript.enabled|, the blocklists
+ * are consulted. If globally disabled, the allowlists are consulted. Lookups
+ * on blocklist and allowlist happen with contains(), and lookups on
+ * superBlocklist and superAllowlist happen with containsSuperDomain().
  *
  * When deactivate() is invoked, the domain sets are emptied, and the
  * nsIDomainPolicy ceases to have any effect on the system.
  */
 [scriptable, builtinclass, uuid(82b24a20-6701-4d40-a0f9-f5dc7321b555)]
 interface nsIDomainPolicy : nsISupports
 {
-    readonly attribute nsIDomainSet blacklist;
-    readonly attribute nsIDomainSet superBlacklist;
-    readonly attribute nsIDomainSet whitelist;
-    readonly attribute nsIDomainSet superWhitelist;
+    readonly attribute nsIDomainSet blocklist;
+    readonly attribute nsIDomainSet superBlocklist;
+    readonly attribute nsIDomainSet allowlist;
+    readonly attribute nsIDomainSet superAllowlist;
 
     void deactivate();
 
     [noscript, notxpcom] void cloneDomainPolicy(in DomainPolicyClonePtr aClone);
     [noscript, notxpcom] void applyClone(in DomainPolicyCloneConstPtr aClone);
 };
 
 [scriptable, builtinclass, uuid(665c981b-0a0f-4229-ac06-a826e02d4f69)]
--- a/caps/nsIPrincipal.idl
+++ b/caps/nsIPrincipal.idl
@@ -357,16 +357,16 @@ interface nsIPrincipal : nsISerializable
 interface nsIExpandedPrincipal : nsISupports
 {
   /**
    * An array of principals that the expanded principal subsumes.
    *
    * When an expanded principal is used as a triggering principal for a
    * request that inherits a security context, one of its constitutent
    * principals is inherited rather than the expanded principal itself. The
-   * last principal in the whitelist is the default principal to inherit.
+   * last principal in the allowlist is the default principal to inherit.
    *
    * Note: this list is not reference counted, it is shared, so
    * should not be changed and should only be used ephemerally.
    */
   [noscript, notxpcom, nostdcall]
-  PrincipalArray WhiteList();
+  PrincipalArray AllowList();
 };
--- a/caps/nsIScriptSecurityManager.idl
+++ b/caps/nsIScriptSecurityManager.idl
@@ -122,21 +122,21 @@ interface nsIScriptSecurityManager : nsI
      * load as well); if any of the versions of this URI is not allowed, this
      * function will return error code NS_ERROR_DOM_BAD_URI.
      */
     void checkLoadURIStrWithPrincipal(in nsIPrincipal aPrincipal,
                                       in AUTF8String uri,
                                       in unsigned long flags);
 
     /**
-     * Returns true if the URI is from a domain that is white-listed through
+     * Returns true if the URI is from a domain that is allow-listed through
      * prefs to be allowed to use file:// URIs.
      * @param aUri the URI to be tested
      */
-    bool inFileURIWhitelist(in nsIURI aUri);
+    bool inFileURIAllowlist(in nsIURI aUri);
 
     ///////////////// Principals ///////////////////////
 
     /**
      * Return the all-powerful system principal.
      */
     nsIPrincipal getSystemPrincipal();
 
@@ -269,16 +269,16 @@ interface nsIScriptSecurityManager : nsI
      */
     [noscript, notxpcom] void cloneDomainPolicy(in DomainPolicyClonePtr aClone);
 
     /**
      * Query mechanism for the above policy.
      *
      * If domainPolicyEnabled is false, this simply returns the current value
      * of javascript.enabled. Otherwise, it returns the same value, but taking
-     * the various blacklist/whitelist exceptions into account.
+     * the various blocklist/allowlist exceptions into account.
      */
     bool policyAllowsScript(in nsIURI aDomain);
 };
 
 %{C++
 #define NS_SCRIPTSECURITYMANAGER_CONTRACTID "@mozilla.org/scriptsecuritymanager;1"
 %}
--- a/caps/nsJSPrincipals.cpp
+++ b/caps/nsJSPrincipals.cpp
@@ -206,17 +206,17 @@ ReadPrincipalInfo(JSStructuredCloneReade
             if (!JS_ReadUint32Pair(aReader, &tag, &unused)) {
                 return false;
             }
 
             PrincipalInfo sub;
             if (!ReadPrincipalInfo(aReader, tag, sub)) {
                 return false;
             }
-            expanded.whitelist().AppendElement(sub);
+            expanded.allowlist().AppendElement(sub);
         }
 
         aInfo = expanded;
     } else if (aTag == SCTAG_DOM_CONTENT_PRINCIPAL) {
         OriginAttributes attrs;
         nsAutoCString spec;
         nsAutoCString originNoSuffix;
         if (!ReadPrincipalInfo(aReader, attrs, spec, originNoSuffix)) {
@@ -302,22 +302,22 @@ WritePrincipalInfo(JSStructuredCloneWrit
                                   EmptyCString());
     }
     if (aInfo.type() == PrincipalInfo::TSystemPrincipalInfo) {
         return JS_WriteUint32Pair(aWriter, SCTAG_DOM_SYSTEM_PRINCIPAL, 0);
     }
     if (aInfo.type() == PrincipalInfo::TExpandedPrincipalInfo) {
         const ExpandedPrincipalInfo& expanded = aInfo;
         if (!JS_WriteUint32Pair(aWriter, SCTAG_DOM_EXPANDED_PRINCIPAL, 0) ||
-            !JS_WriteUint32Pair(aWriter, expanded.whitelist().Length(), 0)) {
+            !JS_WriteUint32Pair(aWriter, expanded.allowlist().Length(), 0)) {
             return false;
         }
 
-        for (uint32_t i = 0; i < expanded.whitelist().Length(); i++) {
-            if (!WritePrincipalInfo(aWriter, expanded.whitelist()[i])) {
+        for (uint32_t i = 0; i < expanded.allowlist().Length(); i++) {
+            if (!WritePrincipalInfo(aWriter, expanded.allowlist()[i])) {
                 return false;
             }
         }
         return true;
     }
 
     MOZ_ASSERT(aInfo.type() == PrincipalInfo::TContentPrincipalInfo);
     const ContentPrincipalInfo& cInfo = aInfo;
--- a/caps/nsScriptSecurityManager.cpp
+++ b/caps/nsScriptSecurityManager.cpp
@@ -700,26 +700,26 @@ nsScriptSecurityManager::CheckLoadURIWit
     }
 
     nsCOMPtr<nsIURI> sourceURI;
     aPrincipal->GetURI(getter_AddRefs(sourceURI));
     if (!sourceURI) {
         auto* basePrin = BasePrincipal::Cast(aPrincipal);
         if (basePrin->Is<ExpandedPrincipal>()) {
             auto expanded = basePrin->As<ExpandedPrincipal>();
-            for (auto& prin : expanded->WhiteList()) {
+            for (auto& prin : expanded->AllowList()) {
                 nsresult rv = CheckLoadURIWithPrincipal(prin,
                                                         aTargetURI,
                                                         aFlags);
                 if (NS_SUCCEEDED(rv)) {
-                    // Allow access if it succeeded with one of the white listed principals
+                    // Allow access if it succeeded with one of the allowlisted principals
                     return NS_OK;
                 }
             }
-            // None of our whitelisted principals worked.
+            // None of our allowlisted principals worked.
             return NS_ERROR_DOM_BAD_URI;
         }
         NS_ERROR("Non-system principals or expanded principal passed to CheckLoadURIWithPrincipal "
                  "must have a URI!");
         return NS_ERROR_UNEXPECTED;
     }
 
     // Automatic loads are not allowed from certain protocols.
@@ -1003,17 +1003,17 @@ nsScriptSecurityManager::CheckLoadURIFla
                 }
 
                 bool accessAllowed = false;
                 rph->AllowContentToAccess(aTargetBaseURI, &accessAllowed);
                 if (accessAllowed) {
                     return NS_OK;
                 }
             } else if (targetScheme.EqualsLiteral("chrome")) {
-                // Allow the load only if the chrome package is whitelisted.
+                // Allow the load only if the chrome package is allowlisted.
                 nsCOMPtr<nsIXULChromeRegistry> reg(
                         do_GetService(NS_CHROMEREGISTRY_CONTRACTID));
                 if (reg) {
                     bool accessAllowed = false;
                     reg->AllowContentToAccess(aTargetBaseURI, &accessAllowed);
                     if (accessAllowed) {
                         return NS_OK;
                     }
@@ -1028,21 +1028,21 @@ nsScriptSecurityManager::CheckLoadURIFla
     }
 
     // Check for target URI pointing to a file
     rv = NS_URIChainHasFlags(aTargetURI,
                              nsIProtocolHandler::URI_IS_LOCAL_FILE,
                              &hasFlags);
     NS_ENSURE_SUCCESS(rv, rv);
     if (hasFlags) {
-        // Allow domains that were whitelisted in the prefs. In 99.9% of cases,
+        // Allow domains that were allowlisted in the prefs. In 99.9% of cases,
         // this array is empty.
-        bool isWhitelisted;
-        MOZ_ALWAYS_SUCCEEDS(InFileURIWhitelist(aSourceURI, &isWhitelisted));
-        if (isWhitelisted) {
+        bool isAllowlisted;
+        MOZ_ALWAYS_SUCCEEDS(InFileURIAllowlist(aSourceURI, &isAllowlisted));
+        if (isAllowlisted) {
             return NS_OK;
         }
 
         // Allow chrome://
         bool isChrome = false;
         if (NS_SUCCEEDED(aSourceBaseURI->SchemeIs("chrome", &isChrome)) && isChrome) {
             return NS_OK;
         }
@@ -1190,23 +1190,23 @@ nsScriptSecurityManager::CheckLoadURIStr
         }
         NS_ENSURE_SUCCESS(rv, rv);
     }
 
     return rv;
 }
 
 NS_IMETHODIMP
-nsScriptSecurityManager::InFileURIWhitelist(nsIURI* aUri, bool* aResult)
+nsScriptSecurityManager::InFileURIAllowlist(nsIURI* aUri, bool* aResult)
 {
     MOZ_ASSERT(aUri);
     MOZ_ASSERT(aResult);
 
     *aResult = false;
-    for (nsIURI* uri : EnsureFileURIWhitelist()) {
+    for (nsIURI* uri : EnsureFileURIAllowlist()) {
         if (EqualOrSubdomain(aUri, uri)) {
             *aResult = true;
             return NS_OK;
         }
     }
 
     return NS_OK;
 }
@@ -1294,17 +1294,17 @@ nsScriptSecurityManager::GetDocShellCode
 NS_IMETHODIMP
 nsScriptSecurityManager::CanCreateWrapper(JSContext *cx,
                                           const nsIID &aIID,
                                           nsISupports *aObj,
                                           nsIClassInfo *aClassInfo)
 {
 // XXX Special case for Exception ?
 
-    // We give remote-XUL whitelisted domains a free pass here. See bug 932906.
+    // We give remote-XUL allowlisted domains a free pass here. See bug 932906.
     JS::Rooted<JS::Realm*> contextRealm(cx, JS::GetCurrentRealmOrNull(cx));
     MOZ_RELEASE_ASSERT(contextRealm);
     if (!xpc::AllowContentXBLScope(contextRealm)) {
         return NS_OK;
     }
 
     if (nsContentUtils::IsCallerChrome()) {
         return NS_OK;
@@ -1528,47 +1528,47 @@ uint32_t SkipUntil(const nsCString& str,
 inline void
 nsScriptSecurityManager::ScriptSecurityPrefChanged(const char* aPref)
 {
     MOZ_ASSERT(mPrefInitialized);
     mIsJavaScriptEnabled =
         Preferences::GetBool(sJSEnabledPrefName, mIsJavaScriptEnabled);
     sStrictFileOriginPolicy =
         Preferences::GetBool(sFileOriginPolicyPrefName, false);
-    mFileURIWhitelist.reset();
+    mFileURIAllowlist.reset();
 }
 
 void
-nsScriptSecurityManager::AddSitesToFileURIWhitelist(const nsCString& aSiteList)
+nsScriptSecurityManager::AddSitesToFileURIAllowlist(const nsCString& aSiteList)
 {
     for (uint32_t base = SkipPast<IsWhitespace>(aSiteList, 0), bound = 0;
          base < aSiteList.Length();
          base = SkipPast<IsWhitespace>(aSiteList, bound))
     {
         // Grab the current site.
         bound = SkipUntil<IsWhitespace>(aSiteList, base);
         nsAutoCString site(Substring(aSiteList, base, bound - base));
 
         // Check if the URI is schemeless. If so, add both http and https.
         nsAutoCString unused;
         if (NS_FAILED(sIOService->ExtractScheme(site, unused))) {
-            AddSitesToFileURIWhitelist(NS_LITERAL_CSTRING("http://") + site);
-            AddSitesToFileURIWhitelist(NS_LITERAL_CSTRING("https://") + site);
+            AddSitesToFileURIAllowlist(NS_LITERAL_CSTRING("http://") + site);
+            AddSitesToFileURIAllowlist(NS_LITERAL_CSTRING("https://") + site);
             continue;
         }
 
         // Convert it to a URI and add it to our list.
         nsCOMPtr<nsIURI> uri;
         nsresult rv = NS_NewURI(getter_AddRefs(uri), site, nullptr, nullptr, sIOService);
         if (NS_SUCCEEDED(rv)) {
-            mFileURIWhitelist.ref().AppendElement(uri);
+            mFileURIAllowlist.ref().AppendElement(uri);
         } else {
             nsCOMPtr<nsIConsoleService> console(do_GetService("@mozilla.org/consoleservice;1"));
             if (console) {
-                nsAutoString msg = NS_LITERAL_STRING("Unable to to add site to file:// URI whitelist: ") +
+                nsAutoString msg = NS_LITERAL_STRING("Unable to to add site to file:// URI allowlist: ") +
                                    NS_ConvertASCIItoUTF16(site);
                 console->LogStringMessage(msg.get());
             }
         }
     }
 }
 
 nsresult
@@ -1652,26 +1652,26 @@ nsScriptSecurityManager::PolicyAllowsScr
     // Compute our rule. If we don't have any domain policy set up that might
     // provide exceptions to this rule, we're done.
     *aRv = mIsJavaScriptEnabled;
     if (!mDomainPolicy) {
         return NS_OK;
     }
 
     // We have a domain policy. Grab the appropriate set of exceptions to the
-    // rule (either the blacklist or the whitelist, depending on whether script
+    // rule (either the blocklist or the allowlist, depending on whether script
     // is enabled or disabled by default).
     nsCOMPtr<nsIDomainSet> exceptions;
     nsCOMPtr<nsIDomainSet> superExceptions;
     if (*aRv) {
-        mDomainPolicy->GetBlacklist(getter_AddRefs(exceptions));
-        mDomainPolicy->GetSuperBlacklist(getter_AddRefs(superExceptions));
+        mDomainPolicy->GetBlocklist(getter_AddRefs(exceptions));
+        mDomainPolicy->GetSuperBlocklist(getter_AddRefs(superExceptions));
     } else {
-        mDomainPolicy->GetWhitelist(getter_AddRefs(exceptions));
-        mDomainPolicy->GetSuperWhitelist(getter_AddRefs(superExceptions));
+        mDomainPolicy->GetAllowlist(getter_AddRefs(exceptions));
+        mDomainPolicy->GetSuperAllowlist(getter_AddRefs(superExceptions));
     }
 
     bool contains;
     rv = exceptions->Contains(aURI, &contains);
     NS_ENSURE_SUCCESS(rv, rv);
     if (contains) {
         *aRv = !*aRv;
         return NS_OK;
@@ -1681,29 +1681,29 @@ nsScriptSecurityManager::PolicyAllowsScr
     if (contains) {
         *aRv = !*aRv;
     }
 
     return NS_OK;
 }
 
 const nsTArray<nsCOMPtr<nsIURI>>&
-nsScriptSecurityManager::EnsureFileURIWhitelist()
+nsScriptSecurityManager::EnsureFileURIAllowlist()
 {
-    if (mFileURIWhitelist.isSome()) {
-        return mFileURIWhitelist.ref();
+    if (mFileURIAllowlist.isSome()) {
+        return mFileURIAllowlist.ref();
     }
 
     //
     // Rebuild the set of principals for which we allow file:// URI loads. This
     // implements a small subset of an old pref-based CAPS people that people
     // have come to depend on. See bug 995943.
     //
 
-    mFileURIWhitelist.emplace();
+    mFileURIAllowlist.emplace();
     nsAutoCString policies;
     mozilla::Preferences::GetCString("capability.policy.policynames", policies);
     for (uint32_t base = SkipPast<IsWhitespaceOrComma>(policies, 0), bound = 0;
          base < policies.Length();
          base = SkipPast<IsWhitespaceOrComma>(policies, bound))
     {
         // Grab the current policy name.
         bound = SkipUntil<IsWhitespaceOrComma>(policies, base);
@@ -1720,13 +1720,13 @@ nsScriptSecurityManager::EnsureFileURIWh
         }
 
         // Grab the list of domains associated with this policy.
         nsCString domainPrefName = NS_LITERAL_CSTRING("capability.policy.") +
                                    policyName +
                                    NS_LITERAL_CSTRING(".sites");
         nsAutoCString siteList;
         Preferences::GetCString(domainPrefName.get(), siteList);
-        AddSitesToFileURIWhitelist(siteList);
+        AddSitesToFileURIAllowlist(siteList);
     }
 
-    return mFileURIWhitelist.ref();
+    return mFileURIAllowlist.ref();
 }
--- a/caps/nsScriptSecurityManager.h
+++ b/caps/nsScriptSecurityManager.h
@@ -95,38 +95,38 @@ private:
 
     nsresult
     InitPrefs();
 
     void
     ScriptSecurityPrefChanged(const char* aPref = nullptr);
 
     inline void
-    AddSitesToFileURIWhitelist(const nsCString& aSiteList);
+    AddSitesToFileURIAllowlist(const nsCString& aSiteList);
 
     nsresult GetChannelResultPrincipal(nsIChannel* aChannel,
                                        nsIPrincipal** aPrincipal,
                                        bool aIgnoreSandboxing);
 
     nsresult
     CheckLoadURIFlags(nsIURI* aSourceURI, nsIURI* aTargetURI, nsIURI* aSourceBaseURI,
                       nsIURI* aTargetBaseURI, uint32_t aFlags, bool aFromPrivateWindow);
 
-    // Returns the file URI whitelist, initializing it if it has not been
+    // Returns the file URI allowlist, initializing it if it has not been
     // initialized.
-    const nsTArray<nsCOMPtr<nsIURI>>& EnsureFileURIWhitelist();
+    const nsTArray<nsCOMPtr<nsIURI>>& EnsureFileURIAllowlist();
 
     nsCOMPtr<nsIPrincipal> mSystemPrincipal;
     bool mPrefInitialized;
     bool mIsJavaScriptEnabled;
 
-    // List of URIs whose domains and sub-domains are whitelisted to allow
+    // List of URIs whose domains and sub-domains are allowlisted to allow
     // access to file: URIs.  Lazily initialized; isNothing() when not yet
     // initialized.
-    mozilla::Maybe<nsTArray<nsCOMPtr<nsIURI>>> mFileURIWhitelist;
+    mozilla::Maybe<nsTArray<nsCOMPtr<nsIURI>>> mFileURIAllowlist;
 
     // This machinery controls new-style domain policies. The old-style
     // policy machinery will be removed soon.
     nsCOMPtr<nsIDomainPolicy> mDomainPolicy;
 
     static bool sStrictFileOriginPolicy;
 
     static nsIIOService    *sIOService;
--- a/caps/tests/mochitest/test_addonMayLoad.html
+++ b/caps/tests/mochitest/test_addonMayLoad.html
@@ -60,26 +60,26 @@ https://bugzilla.mozilla.org/show_bug.cg
 
   function uriForDomain(d) { return d + "/tests/caps/tests/mochitest/file_data.txt"; }
 
   tryLoad(addonA, uriForDomain("http://test4.example.org"))
   .then(function(success) {
     ok(!success, "cross-origin load should fail for addon A");
     return tryLoad(addonA, uriForDomain("http://test1.example.org"));
   }).then(function(success) {
-    ok(success, "whitelisted cross-origin load of test1 should succeed for addon A");
+    ok(success, "allowlisted cross-origin load of test1 should succeed for addon A");
     return tryLoad(addonB, uriForDomain("http://test1.example.org"));
   }).then(function(success) {
-    ok(!success, "non-whitelisted cross-origin load of test1 should fail for addon B");
+    ok(!success, "non-allowlisted cross-origin load of test1 should fail for addon B");
     return tryLoad(addonB, uriForDomain("http://test2.example.org"));
   }).then(function(success) {
-    ok(success, "whitelisted cross-origin load of test2 should succeed for addon B");
+    ok(success, "allowlisted cross-origin load of test2 should succeed for addon B");
     return tryLoad(addonA, uriForDomain("http://test2.example.org"));
   }).then(function(success) {
-    ok(!success, "non-whitelisted cross-origin load of test2 should fail for addon A");
+    ok(!success, "non-allowlisted cross-origin load of test2 should fail for addon A");
     SimpleTest.finish();
   }, function(e) {
     ok(false, "Rejected promise chain: " + e);
     SimpleTest.finish();
   });
 
   </script>
 </head>
--- a/caps/tests/mochitest/test_bug292789.html
+++ b/caps/tests/mochitest/test_bug292789.html
@@ -16,17 +16,17 @@ https://bugzilla.mozilla.org/show_bug.cg
   <script type="application/javascript" src="chrome://mozapps/content/extensions/blocklist.js"></script>
   <script id="resjs" type="application/javascript"></script>
 </div>
 <pre id="test">
 <script class="testbody" type="text/javascript">
 
 /** Test for Bug 292789
  **
- ** Selectively allow access to whitelisted chrome packages
+ ** Selectively allow access to allowlisted chrome packages
  ** even for ALLOW_CHROME mechanisms (<script>, <img> etc)
  **/
 
 /* import-globals-from ../../../toolkit/content/treeUtils.js */
 
 SimpleTest.waitForExplicitFinish();
 
 let ChromeUtils = {
--- a/caps/tests/mochitest/test_disableScript.xul
+++ b/caps/tests/mochitest/test_disableScript.xul
@@ -244,18 +244,18 @@ https://bugzilla.mozilla.org/show_bug.cg
     window.policy = ssm.activateDomainPolicy();
     ok(policy instanceof Ci.nsIDomainPolicy, "Got a policy");
     try {
       ssm.activateDomainPolicy();
       ok(false, "Should have thrown");
     } catch (e) {
       ok(true, "can't have two live domain policies");
     }
-    var sbRef = policy.superBlacklist;
-    isnot(sbRef, null, "superBlacklist non-null");
+    var sbRef = policy.superBlocklist;
+    isnot(sbRef, null, "superBlocklist non-null");
     ok(!sbRef.contains(makeURI('http://www.example.com')));
     sbRef.add(makeURI('http://www.example.com/foopy'));
     ok(sbRef.contains(makeURI('http://www.example.com')));
     sbRef.remove(makeURI('http://www.example.com'));
     ok(!sbRef.contains(makeURI('http://www.example.com')));
     sbRef.add(makeURI('http://www.example.com/foopy/this.that/'));
     ok(sbRef.contains(makeURI('http://www.example.com/baz')));
     ok(!sbRef.contains(makeURI('https://www.example.com')));
@@ -268,28 +268,28 @@ https://bugzilla.mozilla.org/show_bug.cg
     ok(!sbRef.containsSuperDomain(makeURI('http://com/this.that/')));
     ok(!sbRef.containsSuperDomain(makeURI('https://foo.www.example.com')));
     ok(sbRef.contains(makeURI('http://www.example.com')));
     policy.deactivate();
     is(ssm.domainPolicyActive, false, "back to inactive");
     ok(!sbRef.contains(makeURI('http://www.example.com')),
        "Disabling domain policy clears the set");
     policy = ssm.activateDomainPolicy();
-    ok(policy.superBlacklist);
-    isnot(sbRef, policy.superBlacklist, "Mint new sets each time!");
+    ok(policy.superBlocklist);
+    isnot(sbRef, policy.superBlocklist, "Mint new sets each time!");
     policy.deactivate();
-    is(policy.blacklist, null, "blacklist nulled out");
+    is(policy.blocklist, null, "blocklist nulled out");
     policy = ssm.activateDomainPolicy();
-    isnot(policy.blacklist, null, "non-null again");
-    isnot(policy.blacklist, sbRef, "freshly minted");
+    isnot(policy.blocklist, null, "non-null again");
+    isnot(policy.blocklist, sbRef, "freshly minted");
     policy.deactivate();
 
     //
     // Now, create and apply a mock-policy. We check the same policy both as
-    // a blacklist and as a whitelist.
+    // a blocklist and as a allowlist.
     //
 
     window.testPolicy = {
       // The policy.
       exceptions: ['http://test1.example.com', 'http://example.com'],
       superExceptions: ['http://test2.example.org', 'https://test1.example.com'],
 
       // The testcases.
@@ -298,30 +298,30 @@ https://bugzilla.mozilla.org/show_bug.cg
                'https://sub1.test1.example.com'],
 
       notExempt: ['http://test2.example.com', 'http://sub1.test1.example.com',
                   'http://www.example.com', 'https://test2.example.com',
                   'https://example.com', 'http://test1.example.org'],
     };
 
     policy = ssm.activateDomainPolicy();
-    info("Testing Blacklist-style Domain Policy");
+    info("Testing Blocklist-style Domain Policy");
     return testDomainPolicy(true, testPolicy.exceptions,
                             testPolicy.superExceptions, testPolicy.exempt,
-                            testPolicy.notExempt, policy.blacklist,
-                            policy.superBlacklist, rootWin);
+                            testPolicy.notExempt, policy.blocklist,
+                            policy.superBlocklist, rootWin);
   }).then(function() {
     policy.deactivate();
     policy = ssm.activateDomainPolicy();
-    info("Testing Whitelist-style Domain Policy");
+    info("Testing Allowlist-style Domain Policy");
     setScriptEnabledForBrowser(false);
     return testDomainPolicy(false, testPolicy.exceptions,
                             testPolicy.superExceptions, testPolicy.exempt,
-                            testPolicy.notExempt, policy.whitelist,
-                            policy.superWhitelist, rootWin);
+                            testPolicy.notExempt, policy.allowlist,
+                            policy.superAllowlist, rootWin);
   }).then(function() {
     setScriptEnabledForBrowser(true);
     policy.deactivate();
 
     SimpleTest.finish();
     });
   }
 
--- a/dom/base/nsDocument.cpp
+++ b/dom/base/nsDocument.cpp
@@ -2413,17 +2413,17 @@ nsIDocument::MaybeDowngradePrincipal(nsI
   // automatically downgrade it to the last principal it subsumes (which is the
   // extension principal, in the case of extension content scripts).
   auto* basePrin = BasePrincipal::Cast(aPrincipal);
   if (basePrin->Is<ExpandedPrincipal>()) {
     MOZ_DIAGNOSTIC_ASSERT(false, "Should never try to create a document with "
                                  "an expanded principal");
 
     auto* expanded = basePrin->As<ExpandedPrincipal>();
-    return do_AddRef(expanded->WhiteList().LastElement());
+    return do_AddRef(expanded->AllowList().LastElement());
   }
 
   if (nsContentUtils::IsSystemPrincipal(aPrincipal)) {
     // We basically want the parent document here, but because this is very
     // early in the load, GetParentDocument() returns null, so we use the
     // docshell hierarchy to get this information instead.
     if (mDocumentContainer) {
       nsCOMPtr<nsIDocShellTreeItem> parentDocShellItem;
--- a/dom/ipc/ContentChild.cpp
+++ b/dom/ipc/ContentChild.cpp
@@ -1588,17 +1588,17 @@ StartMacOSContentSandbox()
   info.hasFilePrivileges = isFileProcess;
   info.shouldLog = Preferences::GetBool("security.sandbox.logging.enabled") ||
                    PR_GetEnv("MOZ_SANDBOX_LOGGING");
   info.appPath.assign(appPath.get());
   info.hasAudio = !Preferences::GetBool("media.cubeb.sandbox");
   info.hasWindowServer = !Preferences::GetBool(
       "security.sandbox.content.mac.disconnect-windowserver");
 
-  // These paths are used to whitelist certain directories used by the testing
+  // These paths are used to allowlist certain directories used by the testing
   // system. They should not be considered a public API, and are only intended
   // for use in automation.
   nsAutoCString testingReadPath1;
   Preferences::GetCString("security.sandbox.content.mac.testing_read_path1",
                           testingReadPath1);
   if (!testingReadPath1.IsEmpty()) {
     info.testingReadPath1.assign(testingReadPath1.get());
   }
@@ -2951,27 +2951,27 @@ ContentChild::RecvDomainSetChanged(const
   if (aChangeType == DEACTIVATE_POLICY) {
     mPolicy->Deactivate();
     mPolicy = nullptr;
     return IPC_OK();
   }
 
   nsCOMPtr<nsIDomainSet> set;
   switch(aSetType) {
-    case BLACKLIST:
-      mPolicy->GetBlacklist(getter_AddRefs(set));
+    case BLOCKLIST:
+      mPolicy->GetBlocklist(getter_AddRefs(set));
       break;
-    case SUPER_BLACKLIST:
-      mPolicy->GetSuperBlacklist(getter_AddRefs(set));
+    case SUPER_BLOCKLIST:
+      mPolicy->GetSuperBlocklist(getter_AddRefs(set));
       break;
-    case WHITELIST:
-      mPolicy->GetWhitelist(getter_AddRefs(set));
+    case ALLOWLIST:
+      mPolicy->GetAllowlist(getter_AddRefs(set));
       break;
-    case SUPER_WHITELIST:
-      mPolicy->GetSuperWhitelist(getter_AddRefs(set));
+    case SUPER_ALLOWLIST:
+      mPolicy->GetSuperAllowlist(getter_AddRefs(set));
       break;
     default:
       MOZ_ASSERT_UNREACHABLE("Unexpected setType");
       return IPC_FAIL_NO_REASON(this);
   }
 
   MOZ_ASSERT(set);
 
--- a/dom/ipc/PContent.ipdl
+++ b/dom/ipc/PContent.ipdl
@@ -189,20 +189,20 @@ struct ClipboardCapabilities {
 union FileDescOrError {
     FileDescriptor;
     nsresult;
 };
 
 struct DomainPolicyClone
 {
     bool        active;
-    URIParams[] blacklist;
-    URIParams[] whitelist;
-    URIParams[] superBlacklist;
-    URIParams[] superWhitelist;
+    URIParams[] blocklist;
+    URIParams[] allowlist;
+    URIParams[] superBlocklist;
+    URIParams[] superAllowlist;
 };
 
 struct AndroidSystemInfo
 {
     nsString device;
     nsString manufacturer;
     nsString release_version;
     nsString hardware;
--- a/dom/ipc/tests/browser_domainPolicy.js
+++ b/dom/ipc/tests/browser_domainPolicy.js
@@ -104,30 +104,30 @@ async function test_domainPolicy() {
       var rootFrame = content.document.getElementById('root');
       utils.navigateFrame(rootFrame, ipcArgs.domain + path).then(() => {
         deferred.resolve(utils.checkScriptEnabled(rootFrame.contentWindow, false));
       });
       return deferred.promise;
     }
   }
 
-  info("Testing simple blacklist policy");
+  info("Testing simple blocklist policy");
 
   info("Creating child process first, activating domainPolicy after");
   currentTask = initProcess();
   await currentTask;
   activateDomainPolicy();
-  var bl = policy.blacklist;
+  var bl = policy.blocklist;
   bl.add(Services.io.newURI('http://example.com'));
   currentTask = runTest(testDomain("http://example.com"));
   checkAndCleanup(await currentTask);
 
   info("Activating domainPolicy first, creating child process after");
   activateDomainPolicy();
-  var bl = policy.blacklist;
+  var bl = policy.blocklist;
   bl.add(Services.io.newURI('http://example.com'));
   currentTask = initProcess();
   await currentTask;
   currentTask = runTest(testDomain("http://example.com"));
   checkAndCleanup(await currentTask);
 
   function testList(expectEnabled, list) {
     ipcArgs.expectEnabled = expectEnabled;
@@ -164,50 +164,50 @@ async function test_domainPolicy() {
      exempt: ['http://test1.example.com', 'http://example.com',
               'http://test2.example.org', 'http://sub1.test2.example.org',
               'https://sub1.test1.example.com'],
      notExempt: ['http://test2.example.com', 'http://sub1.test1.example.com',
                  'http://www.example.com', 'https://test2.example.com',
                  'https://example.com', 'http://test1.example.org'],
   };
 
-  function activate(isBlack, exceptions, superExceptions) {
+  function activate(isBlock, exceptions, superExceptions) {
     activateDomainPolicy();
-    let set = isBlack ? policy.blacklist : policy.whitelist;
-    let superSet = isBlack ? policy.superBlacklist : policy.superWhitelist;
-    for (var e of exceptions)
-      set.add(makeURI(e));
-    for (var e of superExceptions)
-      superSet.add(makeURI(e));
-  };
+						let set = isBlock ? policy.blocklist : policy.allowlist;
+						let superSet = isBlock ? policy.superBlocklist : policy.superAllowlist;
+						for (var e of exceptions)
+							set.add(makeURI(e));
+						for (var e of superExceptions)
+							superSet.add(makeURI(e));
+					};
 
-  info("Testing Blacklist-style Domain Policy");
-  info("Activating domainPolicy first, creating child process after");
-  activate(true, testPolicy.exceptions, testPolicy.superExceptions);
-  currentTask = initProcess();
-  await currentTask;
-  let results = [];
-  currentTask = runTest(testList(true, testPolicy.notExempt));
-  results = results.concat(await currentTask);
-  currentTask = runTest(testList(false, testPolicy.exempt));
-  results = results.concat(await currentTask);
-  checkAndCleanup(results);
+					info("Testing Blocklist-style Domain Policy");
+					info("Activating domainPolicy first, creating child process after");
+					activate(true, testPolicy.exceptions, testPolicy.superExceptions);
+					currentTask = initProcess();
+					await currentTask;
+					let results = [];
+					currentTask = runTest(testList(true, testPolicy.notExempt));
+					results = results.concat(await currentTask);
+					currentTask = runTest(testList(false, testPolicy.exempt));
+					results = results.concat(await currentTask);
+					checkAndCleanup(results);
 
-  info("Creating child process first, activating domainPolicy after");
-  currentTask = initProcess();
-  await currentTask;
-  activate(true, testPolicy.exceptions, testPolicy.superExceptions);
-  results = [];
-  currentTask = runTest(testList(true, testPolicy.notExempt));
-  results = results.concat(await currentTask);
-  currentTask = runTest(testList(false, testPolicy.exempt));
-  results = results.concat(await currentTask);
-  checkAndCleanup(results);
+					info("Creating child process first, activating domainPolicy after");
+					currentTask = initProcess();
+					await currentTask;
+					activate(true, testPolicy.exceptions, testPolicy.superExceptions);
+					results = [];
+					currentTask = runTest(testList(true, testPolicy.notExempt));
+					results = results.concat(await currentTask);
+					currentTask = runTest(testList(false, testPolicy.exempt));
+					results = results.concat(await currentTask);
+					checkAndCleanup(results);
 
-  info("Testing Whitelist-style Domain Policy");
+					info("Testing Allowlist-style Domain Policy");
   deferred = Promise.defer();
   currentTask = deferred.promise;
   SpecialPowers.pushPrefEnv({set:[["javascript.enabled", false]]}, () => { return deferred.resolve()});
   await currentTask;
 
   info("Activating domainPolicy first, creating child process after");
   activate(false, testPolicy.exceptions, testPolicy.superExceptions);
   currentTask = initProcess();
--- a/dom/media/systemservices/MediaParent.cpp
+++ b/dom/media/systemservices/MediaParent.cpp
@@ -134,19 +134,19 @@ class OriginKeyStore : public nsISupport
         }
 
         case ipc::PrincipalInfo::TExpandedPrincipalInfo: {
           const ipc::ExpandedPrincipalInfo& info =
             aPrincipalInfo.get_ExpandedPrincipalInfo();
 
           aString.AssignLiteral("[Expanded Principal [");
 
-          for (uint32_t i = 0; i < info.whitelist().Length(); i++) {
+          for (uint32_t i = 0; i < info.allowlist().Length(); i++) {
             nsAutoCString str;
-            PrincipalInfoToString(info.whitelist()[i], str);
+            PrincipalInfoToString(info.allowlist()[i], str);
 
             if (i != 0) {
               aString.AppendLiteral(", ");
             }
 
             aString.Append(str);
           }
 
--- a/extensions/cookie/nsPermissionManager.cpp
+++ b/extensions/cookie/nsPermissionManager.cpp
@@ -2392,22 +2392,22 @@ nsPermissionManager::CommonTestPermissio
   if (HasDefaultPref(aType)) {
     int32_t defaultPermission = nsIPermissionManager::UNKNOWN_ACTION;
     nsresult rv = mDefaultPrefBranch->GetIntPref(aType, &defaultPermission);
     if (NS_SUCCEEDED(rv)) {
       *aPermission = defaultPermission;
     }
   }
 
-  // For expanded principals, we want to iterate over the whitelist and see
+  // For expanded principals, we want to iterate over the allowlist and see
   // if the permission is granted for any of them.
   auto* basePrin = BasePrincipal::Cast(aPrincipal);
   if (basePrin && basePrin->Is<ExpandedPrincipal>()) {
     auto ep = basePrin->As<ExpandedPrincipal>();
-    for (auto& prin : ep->WhiteList()) {
+    for (auto& prin : ep->AllowList()) {
       uint32_t perm;
       nsresult rv = CommonTestPermission(prin, aType, &perm,
                                          aExactHostMatch, aIncludingSession);
       NS_ENSURE_SUCCESS(rv, rv);
       if (perm == nsIPermissionManager::ALLOW_ACTION) {
         *aPermission = perm;
         return NS_OK;
       } else if (perm == nsIPermissionManager::PROMPT_ACTION) {
--- a/ipc/glue/BackgroundUtils.cpp
+++ b/ipc/glue/BackgroundUtils.cpp
@@ -107,30 +107,30 @@ PrincipalInfoToPrincipal(const Principal
       }
 
       return principal.forget();
     }
 
     case PrincipalInfo::TExpandedPrincipalInfo: {
       const ExpandedPrincipalInfo& info = aPrincipalInfo.get_ExpandedPrincipalInfo();
 
-      nsTArray<nsCOMPtr<nsIPrincipal>> whitelist;
-      nsCOMPtr<nsIPrincipal> wlPrincipal;
+      nsTArray<nsCOMPtr<nsIPrincipal>> allowlist;
+      nsCOMPtr<nsIPrincipal> alPrincipal;
 
-      for (uint32_t i = 0; i < info.whitelist().Length(); i++) {
-        wlPrincipal = PrincipalInfoToPrincipal(info.whitelist()[i], &rv);
+      for (uint32_t i = 0; i < info.allowlist().Length(); i++) {
+        alPrincipal = PrincipalInfoToPrincipal(info.allowlist()[i], &rv);
         if (NS_WARN_IF(NS_FAILED(rv))) {
           return nullptr;
         }
-        // append that principal to the whitelist
-        whitelist.AppendElement(wlPrincipal);
+        // append that principal to the allowlist
+        allowlist.AppendElement(alPrincipal);
       }
 
       RefPtr<ExpandedPrincipal> expandedPrincipal =
-        ExpandedPrincipal::Create(whitelist, info.attrs());
+        ExpandedPrincipal::Create(allowlist, info.attrs());
       if (!expandedPrincipal) {
         NS_WARNING("could not instantiate expanded principal");
         return nullptr;
       }
 
       principal = expandedPrincipal;
       return principal.forget();
     }
@@ -189,31 +189,31 @@ PrincipalToPrincipalInfo(nsIPrincipal* a
     return NS_OK;
   }
 
   // might be an expanded principal
   auto* basePrin = BasePrincipal::Cast(aPrincipal);
   if (basePrin->Is<ExpandedPrincipal>()) {
     auto* expanded = basePrin->As<ExpandedPrincipal>();
 
-    nsTArray<PrincipalInfo> whitelistInfo;
+    nsTArray<PrincipalInfo> allowlistInfo;
     PrincipalInfo info;
 
-    for (auto& prin : expanded->WhiteList()) {
+    for (auto& prin : expanded->AllowList()) {
       rv = PrincipalToPrincipalInfo(prin, &info);
       if (NS_WARN_IF(NS_FAILED(rv))) {
         return rv;
       }
-      // append that spec to the whitelist
-      whitelistInfo.AppendElement(info);
+      // append that spec to the allowlist
+      allowlistInfo.AppendElement(info);
     }
 
     *aPrincipalInfo =
       ExpandedPrincipalInfo(aPrincipal->OriginAttributesRef(),
-                            std::move(whitelistInfo));
+                            std::move(allowlistInfo));
     return NS_OK;
   }
 
   // must be a content principal
 
   nsCOMPtr<nsIURI> uri;
   rv = aPrincipal->GetURI(getter_AddRefs(uri));
   if (NS_WARN_IF(NS_FAILED(rv))) {
--- a/ipc/glue/PBackgroundSharedTypes.ipdlh
+++ b/ipc/glue/PBackgroundSharedTypes.ipdlh
@@ -31,17 +31,17 @@ struct NullPrincipalInfo
 {
   OriginAttributes attrs;
   nsCString spec;
 };
 
 struct ExpandedPrincipalInfo
 {
   OriginAttributes attrs;
-  PrincipalInfo[] whitelist;
+  PrincipalInfo[] allowlist;
 };
 
 union PrincipalInfo
 {
   ContentPrincipalInfo;
   SystemPrincipalInfo;
   NullPrincipalInfo;
   ExpandedPrincipalInfo;
--- a/toolkit/modules/E10SUtils.jsm
+++ b/toolkit/modules/E10SUtils.jsm
@@ -42,17 +42,17 @@ const PRIVILEGED_REMOTE_TYPE = "privileg
 // This must start with the WEB_REMOTE_TYPE above.
 const LARGE_ALLOCATION_REMOTE_TYPE = "webLargeAllocation";
 const DEFAULT_REMOTE_TYPE = WEB_REMOTE_TYPE;
 
 function validatedWebRemoteType(aPreferredRemoteType, aTargetUri, aCurrentUri) {
   // If the domain is whitelisted to allow it to use file:// URIs, then we have
   // to run it in a file content process, in case it uses file:// sub-resources.
   const sm = Services.scriptSecurityManager;
-  if (sm.inFileURIWhitelist(aTargetUri)) {
+  if (sm.inFileURIAllowlist(aTargetUri)) {
     return FILE_REMOTE_TYPE;
   }
 
   if (!aPreferredRemoteType) {
     return WEB_REMOTE_TYPE;
   }
 
   if (aPreferredRemoteType.startsWith(WEB_REMOTE_TYPE)) {