Bug 1310127 - Part 1: Use MOZ_MUST_USE in netwerk/protocol/http r?mcmanus draft
authorWei-Cheng Pan <wpan@mozilla.com>
Tue, 27 Dec 2016 15:22:07 +0800
changeset 494448 f8a26f4f5e6951c533948896ef3e0d537baff289
parent 493721 8d026c60151005ad942e3d4389318fe28a0c8c54
child 494449 1899accff47aba41c6244b8db82495811f4218ef
push id48029
push userbmo:wpan@mozilla.com
push dateTue, 07 Mar 2017 03:35:29 +0000
reviewersmcmanus
bugs1310127
milestone54.0a1
Bug 1310127 - Part 1: Use MOZ_MUST_USE in netwerk/protocol/http r?mcmanus Add MOZ_MUST_USE attirbute to headers and idl files. MozReview-Commit-ID: 7nZQlZoDrv2
netwerk/protocol/http/ASpdySession.h
netwerk/protocol/http/CacheControlParser.h
netwerk/protocol/http/Http2Compression.h
netwerk/protocol/http/Http2Push.h
netwerk/protocol/http/Http2Session.h
netwerk/protocol/http/Http2Stream.h
netwerk/protocol/http/HttpBaseChannel.h
netwerk/protocol/http/HttpChannelChild.h
netwerk/protocol/http/HttpChannelParent.h
netwerk/protocol/http/HttpChannelParentListener.h
netwerk/protocol/http/InterceptedChannel.h
netwerk/protocol/http/NullHttpChannel.h
netwerk/protocol/http/NullHttpTransaction.h
netwerk/protocol/http/PSpdyPush.h
netwerk/protocol/http/TunnelUtils.h
netwerk/protocol/http/nsAHttpConnection.h
netwerk/protocol/http/nsAHttpTransaction.h
netwerk/protocol/http/nsCORSListenerProxy.h
netwerk/protocol/http/nsHttp.h
netwerk/protocol/http/nsHttpAuthCache.h
netwerk/protocol/http/nsHttpAuthManager.h
netwerk/protocol/http/nsHttpChannel.h
netwerk/protocol/http/nsHttpChannelAuthProvider.h
netwerk/protocol/http/nsHttpChunkedDecoder.h
netwerk/protocol/http/nsHttpConnection.h
netwerk/protocol/http/nsHttpConnectionInfo.h
netwerk/protocol/http/nsHttpConnectionMgr.h
netwerk/protocol/http/nsHttpDigestAuth.h
netwerk/protocol/http/nsHttpHandler.h
netwerk/protocol/http/nsHttpHeaderArray.h
netwerk/protocol/http/nsHttpRequestHead.h
netwerk/protocol/http/nsHttpResponseHead.h
netwerk/protocol/http/nsHttpTransaction.h
netwerk/protocol/http/nsIHstsPrimingCallback.idl
netwerk/protocol/http/nsIHttpActivityObserver.idl
netwerk/protocol/http/nsIHttpAuthManager.idl
netwerk/protocol/http/nsIHttpAuthenticableChannel.idl
netwerk/protocol/http/nsIHttpAuthenticator.idl
netwerk/protocol/http/nsIHttpChannel.idl
netwerk/protocol/http/nsIHttpChannelAuthProvider.idl
netwerk/protocol/http/nsIHttpChannelChild.idl
netwerk/protocol/http/nsIHttpChannelInternal.idl
netwerk/protocol/http/nsIHttpEventSink.idl
netwerk/protocol/http/nsIHttpHeaderVisitor.idl
netwerk/protocol/http/nsIHttpProtocolHandler.idl
netwerk/protocol/http/nsIWellKnownOpportunisticUtils.idl
--- a/netwerk/protocol/http/ASpdySession.h
+++ b/netwerk/protocol/http/ASpdySession.h
@@ -16,18 +16,18 @@ class nsISocketTransport;
 namespace mozilla { namespace net {
 
 class ASpdySession : public nsAHttpTransaction
 {
 public:
   ASpdySession();
   virtual ~ASpdySession();
 
-  virtual bool AddStream(nsAHttpTransaction *, int32_t,
-                         bool, nsIInterfaceRequestor *) = 0;
+  virtual MOZ_MUST_USE bool
+  AddStream(nsAHttpTransaction *, int32_t, bool, nsIInterfaceRequestor *) = 0;
   virtual bool CanReuse() = 0;
   virtual bool RoomForMoreStreams() = 0;
   virtual PRIntervalTime IdleTime() = 0;
   virtual uint32_t ReadTimeoutTick(PRIntervalTime now) = 0;
   virtual void DontReuse() = 0;
   virtual uint32_t SpdyVersion() = 0;
 
   static ASpdySession *NewSpdySession(uint32_t version, nsISocketTransport *, bool);
@@ -95,17 +95,17 @@ class SpdyInformation
 public:
   SpdyInformation();
   ~SpdyInformation() {}
 
   static const uint32_t kCount = 1;
 
   // determine the index (0..kCount-1) of the spdy information that
   // correlates to the npn string. NS_FAILED() if no match is found.
-  nsresult GetNPNIndex(const nsACString &npnString, uint32_t *result) const;
+  MOZ_MUST_USE nsresult GetNPNIndex(const nsACString &npnString, uint32_t *result) const;
 
   // determine if a version of the protocol is enabled for index < kCount
   bool ProtocolEnabled(uint32_t index) const;
 
   uint8_t   Version[kCount]; // telemetry enum e.g. SPDY_VERSION_31
   nsCString VersionString[kCount]; // npn string e.g. "spdy/3.1"
 
   // the ALPNCallback function allows the protocol stack to decide whether or
--- a/netwerk/protocol/http/CacheControlParser.h
+++ b/netwerk/protocol/http/CacheControlParser.h
@@ -12,26 +12,26 @@
 namespace mozilla {
 namespace net {
 
 class CacheControlParser final : Tokenizer
 {
 public:
   explicit CacheControlParser(nsACString const &header);
 
-  bool MaxAge(uint32_t *seconds);
-  bool MaxStale(uint32_t *seconds);
-  bool MinFresh(uint32_t *seconds);
+  MOZ_MUST_USE bool MaxAge(uint32_t *seconds);
+  MOZ_MUST_USE bool MaxStale(uint32_t *seconds);
+  MOZ_MUST_USE bool MinFresh(uint32_t *seconds);
   bool NoCache();
   bool NoStore();
 
 private:
   void Directive();
   void IgnoreDirective();
-  bool SecondsValue(uint32_t *seconds, uint32_t defaultVal = 0);
+  MOZ_MUST_USE bool SecondsValue(uint32_t *seconds, uint32_t defaultVal = 0);
 
   bool mMaxAgeSet;
   uint32_t mMaxAge;
   bool mMaxStaleSet;
   uint32_t mMaxStale;
   bool mMinFreshSet;
   uint32_t mMinFresh;
   bool mNoCache;
--- a/netwerk/protocol/http/Http2Compression.h
+++ b/netwerk/protocol/http/Http2Compression.h
@@ -102,45 +102,48 @@ public:
   Http2Decompressor()
   {
     mPeakSizeID = Telemetry::HPACK_PEAK_SIZE_DECOMPRESSOR;
     mPeakCountID = Telemetry::HPACK_PEAK_COUNT_DECOMPRESSOR;
   };
   virtual ~Http2Decompressor() { } ;
 
   // NS_OK: Produces the working set of HTTP/1 formatted headers
-  nsresult DecodeHeaderBlock(const uint8_t *data, uint32_t datalen,
-                             nsACString &output, bool isPush);
+  MOZ_MUST_USE nsresult DecodeHeaderBlock(const uint8_t *data,
+                                          uint32_t datalen, nsACString &output,
+                                          bool isPush);
 
   void GetStatus(nsACString &hdr) { hdr = mHeaderStatus; }
   void GetHost(nsACString &hdr) { hdr = mHeaderHost; }
   void GetScheme(nsACString &hdr) { hdr = mHeaderScheme; }
   void GetPath(nsACString &hdr) { hdr = mHeaderPath; }
   void GetMethod(nsACString &hdr) { hdr = mHeaderMethod; }
 
 private:
-  nsresult DoIndexed();
-  nsresult DoLiteralWithoutIndex();
-  nsresult DoLiteralWithIncremental();
-  nsresult DoLiteralInternal(nsACString &, nsACString &, uint32_t);
-  nsresult DoLiteralNeverIndexed();
-  nsresult DoContextUpdate();
+  MOZ_MUST_USE nsresult DoIndexed();
+  MOZ_MUST_USE nsresult DoLiteralWithoutIndex();
+  MOZ_MUST_USE nsresult DoLiteralWithIncremental();
+  MOZ_MUST_USE nsresult DoLiteralInternal(nsACString &, nsACString &, uint32_t);
+  MOZ_MUST_USE nsresult DoLiteralNeverIndexed();
+  MOZ_MUST_USE nsresult DoContextUpdate();
+
+  MOZ_MUST_USE nsresult DecodeInteger(uint32_t prefixLen, uint32_t &result);
+  MOZ_MUST_USE nsresult OutputHeader(uint32_t index);
+  MOZ_MUST_USE nsresult OutputHeader(const nsACString &name, const nsACString &value);
 
-  nsresult DecodeInteger(uint32_t prefixLen, uint32_t &result);
-  nsresult OutputHeader(uint32_t index);
-  nsresult OutputHeader(const nsACString &name, const nsACString &value);
-
-  nsresult CopyHeaderString(uint32_t index, nsACString &name);
-  nsresult CopyStringFromInput(uint32_t index, nsACString &val);
+  MOZ_MUST_USE nsresult CopyHeaderString(uint32_t index, nsACString &name);
+  MOZ_MUST_USE nsresult CopyStringFromInput(uint32_t index, nsACString &val);
   uint8_t ExtractByte(uint8_t bitsLeft, uint32_t &bytesConsumed);
-  nsresult CopyHuffmanStringFromInput(uint32_t index, nsACString &val);
-  nsresult DecodeHuffmanCharacter(const HuffmanIncomingTable *table, uint8_t &c,
-                                  uint32_t &bytesConsumed, uint8_t &bitsLeft);
-  nsresult DecodeFinalHuffmanCharacter(const HuffmanIncomingTable *table,
-                                       uint8_t &c, uint8_t &bitsLeft);
+  MOZ_MUST_USE nsresult CopyHuffmanStringFromInput(uint32_t index, nsACString &val);
+  MOZ_MUST_USE nsresult
+  DecodeHuffmanCharacter(const HuffmanIncomingTable *table, uint8_t &c,
+                         uint32_t &bytesConsumed, uint8_t &bitsLeft);
+  MOZ_MUST_USE nsresult
+  DecodeFinalHuffmanCharacter(const HuffmanIncomingTable *table, uint8_t &c,
+                              uint8_t &bitsLeft);
 
   nsCString mHeaderStatus;
   nsCString mHeaderHost;
   nsCString mHeaderScheme;
   nsCString mHeaderPath;
   nsCString mHeaderMethod;
 
   // state variables when DecodeBlock() is on the stack
@@ -161,20 +164,23 @@ public:
   {
     mPeakSizeID = Telemetry::HPACK_PEAK_SIZE_COMPRESSOR;
     mPeakCountID = Telemetry::HPACK_PEAK_COUNT_COMPRESSOR;
   };
   virtual ~Http2Compressor() { }
 
   // HTTP/1 formatted header block as input - HTTP/2 formatted
   // header block as output
-  nsresult EncodeHeaderBlock(const nsCString &nvInput,
-                             const nsACString &method, const nsACString &path,
-                             const nsACString &host, const nsACString &scheme,
-                             bool connectForm, nsACString &output);
+  MOZ_MUST_USE nsresult EncodeHeaderBlock(const nsCString &nvInput,
+                                          const nsACString &method,
+                                          const nsACString &path,
+                                          const nsACString &host,
+                                          const nsACString &scheme,
+                                          bool connectForm,
+                                          nsACString &output);
 
   int64_t GetParsedContentLength() { return mParsedContentLength; } // -1 on not found
 
   void SetMaxBufferSize(uint32_t maxBufferSize);
 
 private:
   enum outputCode {
     kNeverIndexedLiteral,
--- a/netwerk/protocol/http/Http2Push.h
+++ b/netwerk/protocol/http/Http2Push.h
@@ -36,36 +36,39 @@ public:
   virtual ~Http2PushedStream() {}
 
   bool GetPushComplete();
 
   // The consumer stream is the synthetic pull stream hooked up to this push
   virtual Http2Stream *GetConsumerStream() override { return mConsumerStream; };
 
   void SetConsumerStream(Http2Stream *aStream);
-  bool GetHashKey(nsCString &key);
+  MOZ_MUST_USE bool GetHashKey(nsCString &key);
 
   // override of Http2Stream
-  nsresult ReadSegments(nsAHttpSegmentReader *,  uint32_t, uint32_t *) override;
-  nsresult WriteSegments(nsAHttpSegmentWriter *, uint32_t, uint32_t *) override;
+  MOZ_MUST_USE nsresult ReadSegments(nsAHttpSegmentReader *,
+                                     uint32_t, uint32_t *) override;
+  MOZ_MUST_USE nsresult WriteSegments(nsAHttpSegmentWriter *,
+                                      uint32_t, uint32_t *) override;
   void AdjustInitialWindow() override;
 
   nsIRequestContext *RequestContext() override { return mRequestContext; };
   void ConnectPushedStream(Http2Stream *consumer);
 
-  bool TryOnPush();
-  static bool TestOnPush(Http2Stream *consumer);
+  MOZ_MUST_USE bool TryOnPush();
+  static MOZ_MUST_USE bool TestOnPush(Http2Stream *consumer);
 
   virtual bool DeferCleanup(nsresult status) override;
   void SetDeferCleanupOnSuccess(bool val) { mDeferCleanupOnSuccess = val; }
 
   bool IsOrphaned(TimeStamp now);
   void OnPushFailed() { mDeferCleanupOnPush = false; mOnPushFailed = true; }
 
-  nsresult GetBufferedData(char *buf, uint32_t count, uint32_t *countWritten);
+  MOZ_MUST_USE nsresult GetBufferedData(char *buf, uint32_t count,
+                                        uint32_t *countWritten);
 
   // overload of Http2Stream
   virtual bool HasSink() override { return !!mConsumerStream; }
 
   nsCString &GetRequestString() { return mRequestString; }
 
 private:
 
@@ -99,17 +102,18 @@ private:
 class Http2PushTransactionBuffer final : public nsAHttpTransaction
 {
 public:
   NS_DECL_ISUPPORTS
   NS_DECL_NSAHTTPTRANSACTION
 
   Http2PushTransactionBuffer();
 
-  nsresult GetBufferedData(char *buf, uint32_t count, uint32_t *countWritten);
+  MOZ_MUST_USE nsresult GetBufferedData(char *buf, uint32_t count,
+                                        uint32_t *countWritten);
   void SetPushStream(Http2PushedStream *stream) { mPushStream = stream; }
 
 private:
   virtual ~Http2PushTransactionBuffer();
 
   const static uint32_t kDefaultBufferSize = 4096;
 
   nsresult mStatus;
--- a/netwerk/protocol/http/Http2Session.h
+++ b/netwerk/protocol/http/Http2Session.h
@@ -40,18 +40,18 @@ public:
   NS_DECL_THREADSAFE_ISUPPORTS
   NS_DECL_NSAHTTPTRANSACTION
   NS_DECL_NSAHTTPCONNECTION(mConnection)
   NS_DECL_NSAHTTPSEGMENTREADER
   NS_DECL_NSAHTTPSEGMENTWRITER
 
  Http2Session(nsISocketTransport *, uint32_t version, bool attemptingEarlyData);
 
-  bool AddStream(nsAHttpTransaction *, int32_t,
-                 bool, nsIInterfaceRequestor *) override;
+  MOZ_MUST_USE bool AddStream(nsAHttpTransaction *, int32_t,
+                              bool, nsIInterfaceRequestor *) override;
   bool CanReuse() override { return !mShouldGoAway && !mClosed; }
   bool RoomForMoreStreams() override;
   uint32_t SpdyVersion() override;
 
   // When the connection is active this is called up to once every 1 second
   // return the interval (in seconds) that the connection next wants to
   // have this invoked. It might happen sooner depending on the needs of
   // other connections.
@@ -197,52 +197,53 @@ public:
   // overload of nsAHttpConnection
   void TransactionHasDataToWrite(nsAHttpTransaction *) override;
   void TransactionHasDataToRecv(nsAHttpTransaction *) override;
 
   // a similar version for Http2Stream
   void TransactionHasDataToWrite(Http2Stream *);
 
   // an overload of nsAHttpSegementReader
-  virtual nsresult CommitToSegmentSize(uint32_t size, bool forceCommitment) override;
-  nsresult BufferOutput(const char *, uint32_t, uint32_t *);
+  virtual MOZ_MUST_USE nsresult CommitToSegmentSize(uint32_t size,
+                                                    bool forceCommitment) override;
+  MOZ_MUST_USE nsresult BufferOutput(const char *, uint32_t, uint32_t *);
   void     FlushOutputQueue();
   uint32_t AmountOfOutputBuffered() { return mOutputQueueUsed - mOutputQueueSent; }
 
   uint32_t GetServerInitialStreamWindow() { return mServerInitialStreamWindow; }
 
-  bool TryToActivate(Http2Stream *stream);
+  MOZ_MUST_USE bool TryToActivate(Http2Stream *stream);
   void ConnectPushedStream(Http2Stream *stream);
   void ConnectSlowConsumer(Http2Stream *stream);
 
-  nsresult ConfirmTLSProfile();
-  static bool ALPNCallback(nsISupports *securityInfo);
+  MOZ_MUST_USE nsresult ConfirmTLSProfile();
+  static MOZ_MUST_USE bool ALPNCallback(nsISupports *securityInfo);
 
   uint64_t Serial() { return mSerial; }
 
   void PrintDiagnostics (nsCString &log) override;
 
   // Streams need access to these
   uint32_t SendingChunkSize() { return mSendingChunkSize; }
   uint32_t PushAllowance() { return mPushAllowance; }
   Http2Compressor *Compressor() { return &mCompressor; }
   nsISocketTransport *SocketTransport() { return mSocketTransport; }
   int64_t ServerSessionWindow() { return mServerSessionWindow; }
   void DecrementServerSessionWindow (uint32_t bytes) { mServerSessionWindow -= bytes; }
   uint32_t InitialRwin() { return mInitialRwin; }
 
   void SendPing() override;
-  bool MaybeReTunnel(nsAHttpTransaction *) override;
+  MOZ_MUST_USE bool MaybeReTunnel(nsAHttpTransaction *) override;
   bool UseH2Deps() { return mUseH2Deps; }
 
   // overload of nsAHttpTransaction
-  nsresult ReadSegmentsAgain(nsAHttpSegmentReader *, uint32_t, uint32_t *, bool *) override final;
-  nsresult WriteSegmentsAgain(nsAHttpSegmentWriter *, uint32_t , uint32_t *, bool *) override final;
-  bool Do0RTT() override final { return true; }
-  nsresult Finish0RTT(bool aRestart, bool aAlpnChanged) override final;
+  MOZ_MUST_USE nsresult ReadSegmentsAgain(nsAHttpSegmentReader *, uint32_t, uint32_t *, bool *) override final;
+  MOZ_MUST_USE nsresult WriteSegmentsAgain(nsAHttpSegmentWriter *, uint32_t , uint32_t *, bool *) override final;
+  MOZ_MUST_USE bool Do0RTT() override final { return true; }
+  MOZ_MUST_USE nsresult Finish0RTT(bool aRestart, bool aAlpnChanged) override final;
 
 private:
 
   // These internal states do not correspond to the states of the HTTP/2 specification
   enum internalStateType {
     BUFFERING_OPENING_SETTINGS,
     BUFFERING_FRAME_HEADER,
     BUFFERING_CONTROL_FRAME,
@@ -252,60 +253,62 @@ private:
     DISCARDING_DATA_FRAME,
     PROCESSING_COMPLETE_HEADERS,
     PROCESSING_CONTROL_RST_STREAM,
     NOT_USING_NETWORK
   };
 
   static const uint8_t kMagicHello[24];
 
-  nsresult    ResponseHeadersComplete();
+  MOZ_MUST_USE nsresult ResponseHeadersComplete();
   uint32_t    GetWriteQueueSize();
   void        ChangeDownstreamState(enum internalStateType);
   void        ResetDownstreamState();
-  nsresult    ReadyToProcessDataFrame(enum internalStateType);
-  nsresult    UncompressAndDiscard(bool);
+  MOZ_MUST_USE nsresult ReadyToProcessDataFrame(enum internalStateType);
+  MOZ_MUST_USE nsresult UncompressAndDiscard(bool);
   void        GeneratePing(bool);
   void        GenerateSettingsAck();
   void        GeneratePriority(uint32_t, uint8_t);
   void        GenerateRstStream(uint32_t, uint32_t);
   void        GenerateGoAway(uint32_t);
   void        CleanupStream(Http2Stream *, nsresult, errorType);
   void        CleanupStream(uint32_t, nsresult, errorType);
   void        CloseStream(Http2Stream *, nsresult);
   void        SendHello();
   void        RemoveStreamFromQueues(Http2Stream *);
-  nsresult    ParsePadding(uint8_t &, uint16_t &);
+  MOZ_MUST_USE nsresult ParsePadding(uint8_t &, uint16_t &);
 
   void        SetWriteCallbacks();
   void        RealignOutputQueue();
 
   void        ProcessPending();
-  nsresult    ProcessConnectedPush(Http2Stream *, nsAHttpSegmentWriter *,
-                                   uint32_t, uint32_t *);
-  nsresult    ProcessSlowConsumer(Http2Stream *, nsAHttpSegmentWriter *,
-                                  uint32_t, uint32_t *);
+  MOZ_MUST_USE nsresult ProcessConnectedPush(Http2Stream *,
+                                             nsAHttpSegmentWriter *,
+                                             uint32_t, uint32_t *);
+  MOZ_MUST_USE nsresult ProcessSlowConsumer(Http2Stream *,
+                                            nsAHttpSegmentWriter *,
+                                            uint32_t, uint32_t *);
 
-  nsresult    SetInputFrameDataStream(uint32_t);
+  MOZ_MUST_USE nsresult SetInputFrameDataStream(uint32_t);
   void        CreatePriorityNode(uint32_t, uint32_t, uint8_t, const char *);
   bool        VerifyStream(Http2Stream *, uint32_t);
   void        SetNeedsCleanup();
 
   void        UpdateLocalRwin(Http2Stream *stream, uint32_t bytes);
   void        UpdateLocalStreamWindow(Http2Stream *stream, uint32_t bytes);
   void        UpdateLocalSessionWindow(uint32_t bytes);
 
   void        MaybeDecrementConcurrent(Http2Stream *stream);
   bool        RoomForMoreConcurrent();
   void        IncrementConcurrent(Http2Stream *stream);
   void        QueueStream(Http2Stream *stream);
 
   // a wrapper for all calls to the nshttpconnection level segment writer. Used
   // to track network I/O for timeout purposes
-  nsresult   NetworkRead(nsAHttpSegmentWriter *, char *, uint32_t, uint32_t *);
+  MOZ_MUST_USE nsresult NetworkRead(nsAHttpSegmentWriter *, char *, uint32_t, uint32_t *);
 
   void Shutdown();
 
   // This is intended to be nsHttpConnectionMgr:nsConnectionHandle taken
   // from the first transaction on this session. That object contains the
   // pointer to the real network-level nsHttpConnection object.
   RefPtr<nsAHttpConnection> mConnection;
 
--- a/netwerk/protocol/http/Http2Stream.h
+++ b/netwerk/protocol/http/Http2Stream.h
@@ -49,18 +49,20 @@ public:
   Http2Stream(nsAHttpTransaction *, Http2Session *, int32_t);
 
   uint32_t StreamID() { return mStreamID; }
   Http2PushedStream *PushSource() { return mPushSource; }
 
   stateType HTTPState() { return mState; }
   void SetHTTPState(stateType val) { mState = val; }
 
-  virtual nsresult ReadSegments(nsAHttpSegmentReader *,  uint32_t, uint32_t *);
-  virtual nsresult WriteSegments(nsAHttpSegmentWriter *, uint32_t, uint32_t *);
+  virtual MOZ_MUST_USE nsresult ReadSegments(nsAHttpSegmentReader *,
+                                             uint32_t, uint32_t *);
+  virtual MOZ_MUST_USE nsresult WriteSegments(nsAHttpSegmentWriter *,
+                                              uint32_t, uint32_t *);
   virtual bool DeferCleanup(nsresult status);
 
   // The consumer stream is the synthetic pull stream hooked up to this stream
   // http2PushedStream overrides it
   virtual Http2Stream *GetConsumerStream() { return nullptr; };
 
   const nsAFlatCString &Origin() const { return mOrigin; }
   const nsAFlatCString &Host() const { return mHeaderHost; }
@@ -106,19 +108,21 @@ public:
   void SetAllHeadersReceived();
   void UnsetAllHeadersReceived() { mAllHeadersReceived = 0; }
   bool AllHeadersReceived() { return mAllHeadersReceived; }
 
   void UpdateTransportSendEvents(uint32_t count);
   void UpdateTransportReadEvents(uint32_t count);
 
   // NS_ERROR_ABORT terminates stream, other failure terminates session
-  nsresult ConvertResponseHeaders(Http2Decompressor *, nsACString &,
-                                  nsACString &, int32_t &);
-  nsresult ConvertPushHeaders(Http2Decompressor *, nsACString &, nsACString &);
+  MOZ_MUST_USE nsresult ConvertResponseHeaders(Http2Decompressor *,
+                                               nsACString &,
+                                               nsACString &, int32_t &);
+  MOZ_MUST_USE nsresult ConvertPushHeaders(Http2Decompressor *, nsACString &,
+                                           nsACString &);
 
   bool AllowFlowControlledWrite();
   void UpdateServerReceiveWindow(int32_t delta);
   int64_t ServerReceiveWindow() { return mServerReceiveWindow; }
 
   void DecrementClientReceiveWindow(uint32_t delta) {
     mClientReceiveWindow -= delta;
     mLocalUnacked += delta;
@@ -142,22 +146,22 @@ public:
   // A pull stream has an implicit sink, a pushed stream has a sink
   // once it is matched to a pull stream.
   virtual bool HasSink() { return true; }
 
   virtual ~Http2Stream();
 
   Http2Session *Session() { return mSession; }
 
-  static nsresult MakeOriginURL(const nsACString &origin,
-                                RefPtr<nsStandardURL> &url);
+  static MOZ_MUST_USE nsresult MakeOriginURL(const nsACString &origin,
+                                             RefPtr<nsStandardURL> &url);
 
-  static nsresult MakeOriginURL(const nsACString &scheme,
-                                const nsACString &origin,
-                                RefPtr<nsStandardURL> &url);
+  static MOZ_MUST_USE nsresult MakeOriginURL(const nsACString &scheme,
+                                             const nsACString &origin,
+                                             RefPtr<nsStandardURL> &url);
 
   // Mirrors nsAHttpTransaction
   bool Do0RTT();
   nsresult Finish0RTT(bool aRestart, bool aAlpnIgnored);
 
 protected:
   static void CreatePushHashKey(const nsCString &scheme,
                                 const nsCString &hostHeader,
@@ -210,28 +214,28 @@ protected:
 
   // Flag is set when stream is queued inside the session due to
   // concurrency limits being exceeded
   uint32_t                     mQueued               : 1;
 
   void     ChangeState(enum upstreamStateType);
 
   virtual void AdjustInitialWindow();
-  nsresult TransmitFrame(const char *, uint32_t *, bool forceCommitment);
+  MOZ_MUST_USE nsresult TransmitFrame(const char *, uint32_t *, bool forceCommitment);
 
 private:
   friend class nsAutoPtr<Http2Stream>;
 
-  nsresult ParseHttpRequestHeaders(const char *, uint32_t, uint32_t *);
-  nsresult GenerateOpen();
+  MOZ_MUST_USE nsresult ParseHttpRequestHeaders(const char *, uint32_t, uint32_t *);
+  MOZ_MUST_USE nsresult GenerateOpen();
 
   void     AdjustPushedPriority();
   void     GenerateDataFrameHeader(uint32_t, bool);
 
-  nsresult BufferInput(uint32_t , uint32_t *);
+  MOZ_MUST_USE nsresult BufferInput(uint32_t , uint32_t *);
 
   // The underlying HTTP transaction. This pointer is used as the key
   // in the Http2Session mStreamTransactionHash so it is important to
   // keep a reference to it as long as this stream is a member of that hash.
   // (i.e. don't change it or release it after it is set in the ctor).
   RefPtr<nsAHttpTransaction> mTransaction;
 
   // The underlying socket transport object is needed to propogate some events
--- a/netwerk/protocol/http/HttpBaseChannel.h
+++ b/netwerk/protocol/http/HttpBaseChannel.h
@@ -105,20 +105,21 @@ public:
   NS_DECL_NSITIMEDCHANNEL
   NS_DECL_NSITHROTTLEDINPUTCHANNEL
   NS_DECL_NSICLASSIFIEDCHANNEL
 
   NS_DECLARE_STATIC_IID_ACCESSOR(HTTP_BASE_CHANNEL_IID)
 
   HttpBaseChannel();
 
-  virtual nsresult Init(nsIURI *aURI, uint32_t aCaps, nsProxyInfo *aProxyInfo,
-                        uint32_t aProxyResolveFlags,
-                        nsIURI *aProxyURI,
-                        const nsID& aChannelId);
+  virtual MOZ_MUST_USE nsresult Init(nsIURI *aURI, uint32_t aCaps,
+                                     nsProxyInfo *aProxyInfo,
+                                     uint32_t aProxyResolveFlags,
+                                     nsIURI *aProxyURI,
+                                     const nsID& aChannelId);
 
   // nsIRequest
   NS_IMETHOD GetName(nsACString& aName) override;
   NS_IMETHOD IsPending(bool *aIsPending) override;
   NS_IMETHOD GetStatus(nsresult *aStatus) override;
   NS_IMETHOD GetLoadGroup(nsILoadGroup **aLoadGroup) override;
   NS_IMETHOD SetLoadGroup(nsILoadGroup *aLoadGroup) override;
   NS_IMETHOD GetLoadFlags(nsLoadFlags *aLoadFlags) override;
@@ -226,17 +227,17 @@ public:
   NS_IMETHOD GetRemotePort(int32_t* port) override;
   NS_IMETHOD GetAllowSpdy(bool *aAllowSpdy) override;
   NS_IMETHOD SetAllowSpdy(bool aAllowSpdy) override;
   NS_IMETHOD GetAllowAltSvc(bool *aAllowAltSvc) override;
   NS_IMETHOD SetAllowAltSvc(bool aAllowAltSvc) override;
   NS_IMETHOD GetBeConservative(bool *aBeConservative) override;
   NS_IMETHOD SetBeConservative(bool aBeConservative) override;
   NS_IMETHOD GetApiRedirectToURI(nsIURI * *aApiRedirectToURI) override;
-  virtual nsresult AddSecurityMessage(const nsAString &aMessageTag, const nsAString &aMessageCategory);
+  virtual MOZ_MUST_USE nsresult AddSecurityMessage(const nsAString &aMessageTag, const nsAString &aMessageCategory);
   NS_IMETHOD TakeAllSecurityMessages(nsCOMArray<nsISecurityConsoleMessage> &aMessages) override;
   NS_IMETHOD GetResponseTimeoutEnabled(bool *aEnable) override;
   NS_IMETHOD SetResponseTimeoutEnabled(bool aEnable) override;
   NS_IMETHOD GetInitialRwin(uint32_t* aRwin) override;
   NS_IMETHOD SetInitialRwin(uint32_t aRwin) override;
   NS_IMETHOD GetNetworkInterfaceId(nsACString& aNetworkInterfaceId) override;
   NS_IMETHOD SetNetworkInterfaceId(const nsACString& aNetworkInterfaceId) override;
   NS_IMETHOD ForcePending(bool aForcePending) override;
@@ -307,17 +308,17 @@ public:
         NS_DECL_ISUPPORTS
         NS_DECL_NSIUTF8STRINGENUMERATOR
 
         nsContentEncodings(nsIHttpChannel* aChannel, const char* aEncodingHeader);
 
     private:
         virtual ~nsContentEncodings();
 
-        nsresult PrepareForNext(void);
+        MOZ_MUST_USE nsresult PrepareForNext(void);
 
         // We do not own the buffer.  The channel owns it.
         const char* mEncodingHeader;
         const char* mCurStart;  // points to start of current header
         const char* mCurEnd;  // points to end of current header
 
         // Hold a ref to our channel so that it can't go away and take the
         // header with it.
@@ -327,30 +328,31 @@ public:
     };
 
     nsHttpResponseHead * GetResponseHead() const { return mResponseHead; }
     nsHttpRequestHead * GetRequestHead() { return &mRequestHead; }
 
     const NetAddr& GetSelfAddr() { return mSelfAddr; }
     const NetAddr& GetPeerAddr() { return mPeerAddr; }
 
-    nsresult OverrideSecurityInfo(nsISupports* aSecurityInfo);
+    MOZ_MUST_USE nsresult OverrideSecurityInfo(nsISupports* aSecurityInfo);
 
 public: /* Necko internal use only... */
     bool IsNavigation();
 
     // Return whether upon a redirect code of httpStatus for method, the
     // request method should be rewritten to GET.
     static bool ShouldRewriteRedirectToGET(uint32_t httpStatus,
                                            nsHttpRequestHead::ParsedMethodType method);
 
     // Like nsIEncodedChannel::DoApplyConversions except context is set to
     // mListenerContext.
-    nsresult DoApplyContentConversions(nsIStreamListener *aNextListener,
-                                       nsIStreamListener **aNewNextListener);
+    MOZ_MUST_USE nsresult
+    DoApplyContentConversions(nsIStreamListener *aNextListener,
+                              nsIStreamListener **aNewNextListener);
 
     // Callback on main thread when NS_AsyncCopy() is finished populating
     // the new mUploadStream.
     void EnsureUploadStreamIsCloneableComplete(nsresult aStatus);
 
     void SetIsTrackingResource()
     {
       mIsTrackingResource = true;
@@ -370,20 +372,19 @@ protected:
   // was fired.
   void NotifySetCookie(char const *aCookie);
 
   mozilla::dom::Performance* GetPerformance();
   nsIURI* GetReferringPage();
   nsPIDOMWindowInner* GetInnerDOMWindow();
 
   void AddCookiesToRequest();
-  virtual nsresult SetupReplacementChannel(nsIURI *,
-                                           nsIChannel *,
-                                           bool preserveMethod,
-                                           uint32_t redirectFlags);
+  virtual MOZ_MUST_USE nsresult
+  SetupReplacementChannel(nsIURI *, nsIChannel *, bool preserveMethod,
+                          uint32_t redirectFlags);
 
   // bundle calling OMR observers and marking flag into one function
   inline void CallOnModifyRequestObservers() {
     gHttpHandler->OnModifyRequest(this);
     mRequestObserversCalled = true;
   }
 
   // Helper function to simplify getting notification callbacks.
@@ -397,17 +398,17 @@ protected:
 
   // Redirect tracking
   // Checks whether or not aURI and mOriginalURI share the same domain.
   bool SameOriginWithOriginalUri(nsIURI *aURI);
 
   // GetPrincipal Returns the channel's URI principal.
   nsIPrincipal *GetURIPrincipal();
 
-  bool BypassServiceWorker() const;
+  MOZ_MUST_USE bool BypassServiceWorker() const;
 
   // Returns true if this channel should intercept the network request and prepare
   // for a possible synthesized response instead.
   bool ShouldIntercept(nsIURI* aURI = nullptr);
 
 #ifdef DEBUG
   // Check if mPrivateBrowsingId matches between LoadInfo and LoadContext.
   void AssertPrivateBrowsingId();
@@ -621,36 +622,36 @@ NS_DEFINE_STATIC_IID_ACCESSOR(HttpBaseCh
 template <class T>
 class HttpAsyncAborter
 {
 public:
   explicit HttpAsyncAborter(T *derived) : mThis(derived), mCallOnResume(0) {}
 
   // Aborts channel: calls OnStart/Stop with provided status, removes channel
   // from loadGroup.
-  nsresult AsyncAbort(nsresult status);
+  MOZ_MUST_USE nsresult AsyncAbort(nsresult status);
 
   // Does most the actual work.
   void HandleAsyncAbort();
 
   // AsyncCall calls a member function asynchronously (via an event).
   // retval isn't refcounted and is set only when event was successfully
   // posted, the event is returned for the purpose of cancelling when needed
-  nsresult AsyncCall(void (T::*funcPtr)(),
-                     nsRunnableMethod<T> **retval = nullptr);
+  MOZ_MUST_USE nsresult AsyncCall(void (T::*funcPtr)(),
+                                  nsRunnableMethod<T> **retval = nullptr);
 private:
   T *mThis;
 
 protected:
   // Function to be called at resume time
   void (T::* mCallOnResume)(void);
 };
 
 template <class T>
-nsresult HttpAsyncAborter<T>::AsyncAbort(nsresult status)
+MOZ_MUST_USE nsresult HttpAsyncAborter<T>::AsyncAbort(nsresult status)
 {
   MOZ_LOG(gHttpLog, LogLevel::Debug,
          ("HttpAsyncAborter::AsyncAbort [this=%p status=%" PRIx32 "]\n",
           mThis, static_cast<uint32_t>(status)));
 
   mThis->mStatus = status;
 
   // if this fails?  Callers ignore our return value anyway....
--- a/netwerk/protocol/http/HttpChannelChild.h
+++ b/netwerk/protocol/http/HttpChannelChild.h
@@ -98,17 +98,17 @@ public:
   NS_IMETHOD ResumeAt(uint64_t startPos, const nsACString& entityID) override;
 
   // IPDL holds a reference while the PHttpChannel protocol is live (starting at
   // AsyncOpen, and ending at either OnStopRequest or any IPDL error, either of
   // which call NeckoChild::DeallocPHttpChannelChild()).
   void AddIPDLReference();
   void ReleaseIPDLReference();
 
-  bool IsSuspended();
+  MOZ_MUST_USE bool IsSuspended();
 
   mozilla::ipc::IPCResult RecvNotifyTrackingProtectionDisabled() override;
   mozilla::ipc::IPCResult RecvNotifyTrackingResource() override;
   void FlushedForDiversion();
   mozilla::ipc::IPCResult RecvSetClassifierMatchedInfo(const ClassifierInfo& aInfo) override;
 
 protected:
   mozilla::ipc::IPCResult RecvOnStartRequest(const nsresult& channelStatus,
@@ -151,17 +151,18 @@ protected:
   mozilla::ipc::IPCResult RecvReportSecurityMessage(const nsString& messageTag,
                                                     const nsString& messageCategory) override;
 
   mozilla::ipc::IPCResult RecvIssueDeprecationWarning(const uint32_t& warning,
                                                       const bool& asError) override;
 
   mozilla::ipc::IPCResult RecvSetPriority(const int16_t& aPriority) override;
 
-  bool GetAssociatedContentSecurity(nsIAssociatedContentSecurity** res = nullptr);
+  MOZ_MUST_USE bool
+  GetAssociatedContentSecurity(nsIAssociatedContentSecurity** res = nullptr);
   virtual void DoNotifyListenerCleanup() override;
 
   NS_IMETHOD GetResponseSynthesized(bool* aSynthesized) override;
 
 private:
 
   class OverrideRunnable : public Runnable {
   public:
@@ -182,17 +183,17 @@ private:
   };
 
   // Sets the event target for future IPC messages. Messages will either be
   // directed to the TabGroup or DocGroup, depending on the LoadInfo associated
   // with the channel. Should be called when a new channel is being set up,
   // before the constructor message is sent to the parent.
   void SetEventTarget();
 
-  nsresult ContinueAsyncOpen();
+  MOZ_MUST_USE nsresult ContinueAsyncOpen();
 
   void DoOnStartRequest(nsIRequest* aRequest, nsISupports* aContext);
   void DoOnStatus(nsIRequest* aRequest, nsresult status);
   void DoOnProgress(nsIRequest* aRequest, int64_t progress, int64_t progressMax);
   void DoOnDataAvailable(nsIRequest* aRequest, nsISupports* aContext, nsIInputStream* aStream,
                          uint64_t offset, uint32_t count);
   void DoPreOnStopRequest(nsresult aStatus);
   void DoOnStopRequest(nsIRequest* aRequest, nsresult aChannelStatus, nsISupports* aContext);
@@ -323,20 +324,20 @@ private:
                       const nsHttpResponseHead& responseHead,
                       const nsACString& securityInfoSerialization,
                       const nsACString& channelId);
   bool Redirect3Complete(OverrideRunnable* aRunnable);
   void DeleteSelf();
 
   // Create a a new channel to be used in a redirection, based on the provided
   // response headers.
-  nsresult SetupRedirect(nsIURI* uri,
-                         const nsHttpResponseHead* responseHead,
-                         const uint32_t& redirectFlags,
-                         nsIChannel** outChannel);
+  MOZ_MUST_USE nsresult SetupRedirect(nsIURI* uri,
+                                      const nsHttpResponseHead* responseHead,
+                                      const uint32_t& redirectFlags,
+                                      nsIChannel** outChannel);
 
   // Perform a redirection without communicating with the parent process at all.
   void BeginNonIPCRedirect(nsIURI* responseURI,
                            const nsHttpResponseHead* responseHead);
 
   // Override the default security info pointer during a non-IPC redirection.
   void OverrideSecurityInfoForNonIPCRedirect(nsISupports* securityInfo);
 
--- a/netwerk/protocol/http/HttpChannelParent.h
+++ b/netwerk/protocol/http/HttpChannelParent.h
@@ -67,23 +67,23 @@ public:
   NS_DECL_NSIDEPRECATIONWARNER
 
   NS_DECLARE_STATIC_IID_ACCESSOR(HTTP_CHANNEL_PARENT_IID)
 
   HttpChannelParent(const dom::PBrowserOrId& iframeEmbedding,
                     nsILoadContext* aLoadContext,
                     PBOverrideStatus aStatus);
 
-  bool Init(const HttpChannelCreationArgs& aOpenArgs);
+  MOZ_MUST_USE bool Init(const HttpChannelCreationArgs& aOpenArgs);
 
   // ADivertableParentChannel functions.
   void DivertTo(nsIStreamListener *aListener) override;
-  nsresult SuspendForDiversion() override;
-  nsresult SuspendMessageDiversion() override;
-  nsresult ResumeMessageDiversion() override;
+  MOZ_MUST_USE nsresult SuspendForDiversion() override;
+  MOZ_MUST_USE nsresult SuspendMessageDiversion() override;
+  MOZ_MUST_USE nsresult ResumeMessageDiversion() override;
 
   // Calls OnStartRequest for "DivertTo" listener, then notifies child channel
   // that it should divert OnDataAvailable and OnStopRequest calls to this
   // parent channel.
   void StartDiversion();
 
   // Handles calling OnStart/Stop if there are errors during diversion.
   // Called asynchronously from FailDiversion.
@@ -91,66 +91,69 @@ public:
 
   // Forwarded to nsHttpChannel::SetApplyConversion.
   void SetApplyConversion(bool aApplyConversion) {
     if (mChannel) {
       mChannel->SetApplyConversion(aApplyConversion);
     }
   }
 
-  nsresult OpenAlternativeOutputStream(const nsACString & type, nsIOutputStream * *_retval);
+  MOZ_MUST_USE nsresult OpenAlternativeOutputStream(const nsACString & type,
+                                                    nsIOutputStream * *_retval);
 
   void InvokeAsyncOpen(nsresult rv);
 
   // Calls SendSetPriority if mIPCClosed is false.
   void DoSendSetPriority(int16_t aValue);
 protected:
   // used to connect redirected-to channel in parent with just created
   // ChildChannel.  Used during redirects.
-  bool ConnectChannel(const uint32_t& channelId, const bool& shouldIntercept);
+  MOZ_MUST_USE bool ConnectChannel(const uint32_t& channelId,
+                                   const bool& shouldIntercept);
 
-  bool DoAsyncOpen(const URIParams&           uri,
-                   const OptionalURIParams&   originalUri,
-                   const OptionalURIParams&   docUri,
-                   const OptionalURIParams&   referrerUri,
-                   const uint32_t&            referrerPolicy,
-                   const OptionalURIParams&   internalRedirectUri,
-                   const OptionalURIParams&   topWindowUri,
-                   const uint32_t&            loadFlags,
-                   const RequestHeaderTuples& requestHeaders,
-                   const nsCString&           requestMethod,
-                   const OptionalIPCStream&   uploadStream,
-                   const bool&                uploadStreamHasHeaders,
-                   const int16_t&             priority,
-                   const uint32_t&            classOfService,
-                   const uint8_t&             redirectionLimit,
-                   const bool&                allowSTS,
-                   const uint32_t&            thirdPartyFlags,
-                   const bool&                doResumeAt,
-                   const uint64_t&            startPos,
-                   const nsCString&           entityID,
-                   const bool&                chooseApplicationCache,
-                   const nsCString&           appCacheClientID,
-                   const bool&                allowSpdy,
-                   const bool&                allowAltSvc,
-                   const bool&                beConservative,
-                   const OptionalLoadInfoArgs& aLoadInfoArgs,
-                   const OptionalHttpResponseHead& aSynthesizedResponseHead,
-                   const nsCString&           aSecurityInfoSerialization,
-                   const uint32_t&            aCacheKey,
-                   const nsCString&           aRequestContextID,
-                   const OptionalCorsPreflightArgs& aCorsPreflightArgs,
-                   const uint32_t&            aInitialRwin,
-                   const bool&                aBlockAuthPrompt,
-                   const bool&                aSuspendAfterSynthesizeResponse,
-                   const bool&                aAllowStaleCacheContent,
-                   const nsCString&           aContentTypeHint,
-                   const nsCString&           aChannelId,
-                   const uint64_t&            aContentWindowId,
-                   const nsCString&           aPreferredAlternativeType);
+  MOZ_MUST_USE bool
+  DoAsyncOpen(const URIParams&           uri,
+              const OptionalURIParams&   originalUri,
+              const OptionalURIParams&   docUri,
+              const OptionalURIParams&   referrerUri,
+              const uint32_t&            referrerPolicy,
+              const OptionalURIParams&   internalRedirectUri,
+              const OptionalURIParams&   topWindowUri,
+              const uint32_t&            loadFlags,
+              const RequestHeaderTuples& requestHeaders,
+              const nsCString&           requestMethod,
+              const OptionalIPCStream&   uploadStream,
+              const bool&                uploadStreamHasHeaders,
+              const int16_t&             priority,
+              const uint32_t&            classOfService,
+              const uint8_t&             redirectionLimit,
+              const bool&                allowSTS,
+              const uint32_t&            thirdPartyFlags,
+              const bool&                doResumeAt,
+              const uint64_t&            startPos,
+              const nsCString&           entityID,
+              const bool&                chooseApplicationCache,
+              const nsCString&           appCacheClientID,
+              const bool&                allowSpdy,
+              const bool&                allowAltSvc,
+              const bool&                beConservative,
+              const OptionalLoadInfoArgs& aLoadInfoArgs,
+              const OptionalHttpResponseHead& aSynthesizedResponseHead,
+              const nsCString&           aSecurityInfoSerialization,
+              const uint32_t&            aCacheKey,
+              const nsCString&           aRequestContextID,
+              const OptionalCorsPreflightArgs& aCorsPreflightArgs,
+              const uint32_t&            aInitialRwin,
+              const bool&                aBlockAuthPrompt,
+              const bool&                aSuspendAfterSynthesizeResponse,
+              const bool&                aAllowStaleCacheContent,
+              const nsCString&           aContentTypeHint,
+              const nsCString&           aChannelId,
+              const uint64_t&            aContentWindowId,
+              const nsCString&           aPreferredAlternativeType);
 
   virtual mozilla::ipc::IPCResult RecvSetPriority(const int16_t& priority) override;
   virtual mozilla::ipc::IPCResult RecvSetClassOfService(const uint32_t& cos) override;
   virtual mozilla::ipc::IPCResult RecvSetCacheTokenCachedCharset(const nsCString& charset) override;
   virtual mozilla::ipc::IPCResult RecvSuspend() override;
   virtual mozilla::ipc::IPCResult RecvResume() override;
   virtual mozilla::ipc::IPCResult RecvCancel(const nsresult& status) override;
   virtual mozilla::ipc::IPCResult RecvRedirect2Verify(const nsresult& result,
@@ -172,30 +175,31 @@ protected:
                                          const uint32_t& count) override;
   virtual mozilla::ipc::IPCResult RecvDivertOnStopRequest(const nsresult& statusCode) override;
   virtual mozilla::ipc::IPCResult RecvDivertComplete() override;
   virtual mozilla::ipc::IPCResult RecvRemoveCorsPreflightCacheEntry(const URIParams& uri,
                                                                     const mozilla::ipc::PrincipalInfo& requestingPrincipal) override;
   virtual void ActorDestroy(ActorDestroyReason why) override;
 
   // Supporting function for ADivertableParentChannel.
-  nsresult ResumeForDiversion();
+  MOZ_MUST_USE nsresult ResumeForDiversion();
 
   // Asynchronously calls NotifyDiversionFailed.
   void FailDiversion(nsresult aErrorCode, bool aSkipResume = true);
 
   friend class HttpChannelParentListener;
   RefPtr<mozilla::dom::TabParent> mTabParent;
 
-  nsresult ReportSecurityMessage(const nsAString& aMessageTag,
-                                 const nsAString& aMessageCategory) override;
+  MOZ_MUST_USE nsresult
+  ReportSecurityMessage(const nsAString& aMessageTag,
+                        const nsAString& aMessageCategory) override;
 
   // Calls SendDeleteSelf and sets mIPCClosed to true because we should not
   // send any more messages after that. Bug 1274886
-  bool DoSendDeleteSelf();
+  MOZ_MUST_USE bool DoSendDeleteSelf();
   // Called to notify the parent channel to not send any more IPC messages.
   virtual mozilla::ipc::IPCResult RecvDeletingChannel() override;
   virtual mozilla::ipc::IPCResult RecvFinishInterceptedRedirect() override;
 
 private:
   void UpdateAndSerializeSecurityInfo(nsACString& aSerializedSecurityInfoOut);
 
   void DivertOnDataAvailable(const nsCString& data,
--- a/netwerk/protocol/http/HttpChannelParentListener.h
+++ b/netwerk/protocol/http/HttpChannelParentListener.h
@@ -42,28 +42,28 @@ public:
   NS_DECL_NSISTREAMLISTENER
   NS_DECL_NSINETWORKINTERCEPTCONTROLLER
 
   NS_DECLARE_STATIC_IID_ACCESSOR(HTTP_CHANNEL_PARENT_LISTENER_IID)
 
   explicit HttpChannelParentListener(HttpChannelParent* aInitialChannel);
 
   // For channel diversion from child to parent.
-  nsresult DivertTo(nsIStreamListener *aListener);
-  nsresult SuspendForDiversion();
+  MOZ_MUST_USE nsresult DivertTo(nsIStreamListener *aListener);
+  MOZ_MUST_USE nsresult SuspendForDiversion();
 
   void SetupInterception(const nsHttpResponseHead& aResponseHead);
   void SetupInterceptionAfterRedirect(bool aShouldIntercept);
   void ClearInterceptedChannel();
 
 private:
   virtual ~HttpChannelParentListener();
 
   // Private partner function to SuspendForDiversion.
-  nsresult ResumeForDiversion();
+  MOZ_MUST_USE nsresult ResumeForDiversion();
 
   // Can be the original HttpChannelParent that created this object (normal
   // case), a different {HTTP|FTP}ChannelParent that we've been redirected to,
   // or some other listener that we have been diverted to via
   // nsIDivertableChannel.
   nsCOMPtr<nsIStreamListener> mNextListener;
   uint32_t mRedirectChannelId;
   // When set, no OnStart/OnData/OnStop calls should be received.
--- a/netwerk/protocol/http/InterceptedChannel.h
+++ b/netwerk/protocol/http/InterceptedChannel.h
@@ -38,18 +38,20 @@ protected:
 
   nsCOMPtr<nsIConsoleReportCollector> mReportCollector;
   nsCOMPtr<nsISupports> mReleaseHandle;
 
   bool mClosed;
 
   void EnsureSynthesizedResponse();
   void DoNotifyController();
-  nsresult DoSynthesizeStatus(uint16_t aStatus, const nsACString& aReason);
-  nsresult DoSynthesizeHeader(const nsACString& aName, const nsACString& aValue);
+  MOZ_MUST_USE nsresult DoSynthesizeStatus(uint16_t aStatus,
+                                           const nsACString& aReason);
+  MOZ_MUST_USE nsresult DoSynthesizeHeader(const nsACString& aName,
+                                           const nsACString& aValue);
 
   virtual ~InterceptedChannelBase();
 public:
   explicit InterceptedChannelBase(nsINetworkInterceptController* aController);
 
   // Notify the interception controller that the channel has been intercepted
   // and prepare the response body output stream.
   virtual void NotifyController() = 0;
--- a/netwerk/protocol/http/NullHttpChannel.h
+++ b/netwerk/protocol/http/NullHttpChannel.h
@@ -33,19 +33,19 @@ class NullHttpChannel final
 
   NullHttpChannel();
 
   // Copies the URI, Principal and Timing-Allow-Origin headers from the
   // passed channel to this object, to be used for resource timing checks
   explicit NullHttpChannel(nsIHttpChannel * chan);
 
   // Same signature as nsHttpChannel::Init
-  nsresult Init(nsIURI *aURI, uint32_t aCaps, nsProxyInfo *aProxyInfo,
-                        uint32_t aProxyResolveFlags,
-                        nsIURI *aProxyURI);
+  MOZ_MUST_USE nsresult Init(nsIURI *aURI, uint32_t aCaps,
+                             nsProxyInfo *aProxyInfo,
+                             uint32_t aProxyResolveFlags, nsIURI *aProxyURI);
 private:
   ~NullHttpChannel() { }
 
 protected:
   nsCOMPtr<nsIURI> mURI;
   nsCOMPtr<nsIURI> mOriginalURI;
 
   nsString  mInitiatorType;
--- a/netwerk/protocol/http/NullHttpTransaction.h
+++ b/netwerk/protocol/http/NullHttpTransaction.h
@@ -33,17 +33,17 @@ public:
   NS_DECLARE_STATIC_IID_ACCESSOR(NS_NULLHTTPTRANSACTION_IID)
   NS_DECL_THREADSAFE_ISUPPORTS
   NS_DECL_NSAHTTPTRANSACTION
 
   NullHttpTransaction(nsHttpConnectionInfo *ci,
                       nsIInterfaceRequestor *callbacks,
                       uint32_t caps);
 
-  bool Claim();
+  MOZ_MUST_USE bool Claim();
 
   // Overload of nsAHttpTransaction methods
   bool IsNullTransaction() override final { return true; }
   NullHttpTransaction *QueryNullTransaction() override final { return this; }
   bool ResponseTimeoutEnabled() const override final {return true; }
   PRIntervalTime ResponseTimeout() override final
   {
     return PR_SecondsToInterval(15);
--- a/netwerk/protocol/http/PSpdyPush.h
+++ b/netwerk/protocol/http/PSpdyPush.h
@@ -38,17 +38,17 @@ class Http2PushedStream;
 
 // One cache per load group
 class SpdyPushCache
 {
 public:
   // The cache holds only weak pointers - no references
   SpdyPushCache();
   virtual ~SpdyPushCache();
-  bool               RegisterPushedStreamHttp2(const nsCString& key,
+  MOZ_MUST_USE bool  RegisterPushedStreamHttp2(const nsCString& key,
                                                Http2PushedStream *stream);
   Http2PushedStream *RemovePushedStreamHttp2(const nsCString& key);
 private:
   nsDataHashtable<nsCStringHashKey, Http2PushedStream *> mHashHttp2;
 };
 
 } // namespace net
 } // namespace mozilla
--- a/netwerk/protocol/http/TunnelUtils.h
+++ b/netwerk/protocol/http/TunnelUtils.h
@@ -113,33 +113,34 @@ public:
   NS_DECL_NSITIMERCALLBACK
 
   TLSFilterTransaction(nsAHttpTransaction *aWrappedTransaction,
                        const char *tlsHost, int32_t tlsPort,
                        nsAHttpSegmentReader *reader,
                        nsAHttpSegmentWriter *writer);
 
   const nsAHttpTransaction *Transaction() const { return mTransaction.get(); }
-  nsresult CommitToSegmentSize(uint32_t size, bool forceCommitment) override;
-  nsresult GetTransactionSecurityInfo(nsISupports **) override;
-  nsresult NudgeTunnel(NudgeTunnelCallback *callback);
-  nsresult SetProxiedTransaction(nsAHttpTransaction *aTrans);
+  MOZ_MUST_USE nsresult CommitToSegmentSize(uint32_t size,
+                                            bool forceCommitment) override;
+  MOZ_MUST_USE nsresult GetTransactionSecurityInfo(nsISupports **) override;
+  MOZ_MUST_USE nsresult NudgeTunnel(NudgeTunnelCallback *callback);
+  MOZ_MUST_USE nsresult SetProxiedTransaction(nsAHttpTransaction *aTrans);
   void     newIODriver(nsIAsyncInputStream *aSocketIn,
                        nsIAsyncOutputStream *aSocketOut,
                        nsIAsyncInputStream **outSocketIn,
                        nsIAsyncOutputStream **outSocketOut);
 
   // nsAHttpTransaction overloads
   bool IsNullTransaction() override;
   NullHttpTransaction *QueryNullTransaction() override;
   nsHttpTransaction *QueryHttpTransaction() override;
   SpdyConnectTransaction *QuerySpdyConnectTransaction() override;
 
 private:
-  nsresult StartTimerCallback();
+  MOZ_MUST_USE nsresult StartTimerCallback();
   void Cleanup();
   int32_t FilterOutput(const char *aBuf, int32_t aAmount);
   int32_t FilterInput(char *aBuf, int32_t aAmount);
 
   static PRStatus GetPeerName(PRFileDesc *fd, PRNetAddr*addr);
   static PRStatus GetSocketOption(PRFileDesc *fd, PRSocketOptionData *data);
   static PRStatus SetSocketOption(PRFileDesc *fd, const PRSocketOptionData *data);
   static int32_t FilterWrite(PRFileDesc *fd, const void *buf, int32_t amount);
@@ -189,32 +190,34 @@ public:
   SpdyConnectTransaction *QuerySpdyConnectTransaction() override { return this; }
 
   // A transaction is forced into plaintext when it is intended to be used as a CONNECT
   // tunnel but the setup fails. The plaintext only carries the CONNECT error.
   void ForcePlainText();
   void MapStreamToHttpConnection(nsISocketTransport *aTransport,
                                  nsHttpConnectionInfo *aConnInfo);
 
-  nsresult ReadSegments(nsAHttpSegmentReader *reader,
-                        uint32_t count, uint32_t *countRead) override final;
-  nsresult WriteSegments(nsAHttpSegmentWriter *writer,
-                         uint32_t count, uint32_t *countWritten) override final;
+  MOZ_MUST_USE nsresult ReadSegments(nsAHttpSegmentReader *reader,
+                                     uint32_t count,
+                                     uint32_t *countRead) override final;
+  MOZ_MUST_USE nsresult WriteSegments(nsAHttpSegmentWriter *writer,
+                                      uint32_t count,
+                                      uint32_t *countWritten) override final;
   nsHttpRequestHead *RequestHead() override final;
   void Close(nsresult reason) override final;
 
   // ConnectedReadyForInput() tests whether the spdy connect transaction is attached to
   // an nsHttpConnection that can properly deal with flow control, etc..
   bool ConnectedReadyForInput();
 
 private:
   friend class InputStreamShim;
   friend class OutputStreamShim;
 
-  nsresult Flush(uint32_t count, uint32_t *countRead);
+  MOZ_MUST_USE nsresult Flush(uint32_t count, uint32_t *countRead);
   void CreateShimError(nsresult code);
 
   nsCString             mConnectString;
   uint32_t              mConnectStringOffset;
 
   nsAHttpConnection    *mSession;
   nsAHttpSegmentReader *mSegmentReader;
 
--- a/netwerk/protocol/http/nsAHttpConnection.h
+++ b/netwerk/protocol/http/nsAHttpConnection.h
@@ -36,33 +36,33 @@ public:
 
     //
     // called by a transaction when the response headers have all been read.
     // the connection can force the transaction to reset it's response headers,
     // and prepare for a new set of response headers, by setting |*reset=TRUE|.
     //
     // @return failure code to close the transaction.
     //
-    virtual nsresult OnHeadersAvailable(nsAHttpTransaction *,
-                                        nsHttpRequestHead *,
-                                        nsHttpResponseHead *,
-                                        bool *reset) = 0;
+    virtual MOZ_MUST_USE nsresult OnHeadersAvailable(nsAHttpTransaction *,
+                                                     nsHttpRequestHead *,
+                                                     nsHttpResponseHead *,
+                                                     bool *reset) = 0;
 
     //
     // called by a transaction to resume either sending or receiving data
     // after a transaction returned NS_BASE_STREAM_WOULD_BLOCK from its
     // ReadSegments/WriteSegments methods.
     //
-    virtual nsresult ResumeSend() = 0;
-    virtual nsresult ResumeRecv() = 0;
+    virtual MOZ_MUST_USE nsresult ResumeSend() = 0;
+    virtual MOZ_MUST_USE nsresult ResumeRecv() = 0;
 
     // called by a transaction to force a "send/recv from network" iteration
     // even if not scheduled by socket associated with connection
-    virtual nsresult ForceSend() = 0;
-    virtual nsresult ForceRecv() = 0;
+    virtual MOZ_MUST_USE nsresult ForceSend() = 0;
+    virtual MOZ_MUST_USE nsresult ForceRecv() = 0;
 
     // After a connection has had ResumeSend() called by a transaction,
     // and it is ready to write to the network it may need to know the
     // transaction that has data to write. This is only an issue for
     // multiplexed protocols like SPDY - h1
     // implicitly has this information in a 1:1 relationship with the
     // transaction(s) they manage.
     virtual void TransactionHasDataToWrite(nsAHttpTransaction *)
@@ -91,34 +91,34 @@ public:
     virtual void CloseTransaction(nsAHttpTransaction *transaction,
                                   nsresult reason) = 0;
 
     // get a reference to the connection's connection info object.
     virtual void GetConnectionInfo(nsHttpConnectionInfo **) = 0;
 
     // get the transport level information for this connection. This may fail
     // if it is in use.
-    virtual nsresult TakeTransport(nsISocketTransport **,
-                                   nsIAsyncInputStream **,
-                                   nsIAsyncOutputStream **) = 0;
+    virtual MOZ_MUST_USE nsresult TakeTransport(nsISocketTransport **,
+                                                nsIAsyncInputStream **,
+                                                nsIAsyncOutputStream **) = 0;
 
     // called by a transaction to get the security info from the socket.
     virtual void GetSecurityInfo(nsISupports **) = 0;
 
     // called by a transaction to determine whether or not the connection is
     // persistent... important in determining the end of a response.
     virtual bool IsPersistent() = 0;
 
     // called to determine or set if a connection has been reused.
     virtual bool IsReused() = 0;
     virtual void DontReuse() = 0;
 
     // called by a transaction when the transaction reads more from the socket
     // than it should have (eg. containing part of the next response).
-    virtual nsresult PushBack(const char *data, uint32_t length) = 0;
+    virtual MOZ_MUST_USE nsresult PushBack(const char *data, uint32_t length) = 0;
 
     // Used to determine if the connection wants read events even though
     // it has not written out a transaction. Used when a connection has issued
     // a preamble such as a proxy ssl CONNECT sequence.
     virtual bool IsProxyConnectInProgress() = 0;
 
     // Used by a transaction to manage the state of previous response bodies on
     // the same connection and work around buggy servers.
@@ -143,25 +143,28 @@ public:
 
     // nsHttp.h version
     virtual uint32_t Version() = 0;
 };
 
 NS_DEFINE_STATIC_IID_ACCESSOR(nsAHttpConnection, NS_AHTTPCONNECTION_IID)
 
 #define NS_DECL_NSAHTTPCONNECTION(fwdObject)                    \
-    nsresult OnHeadersAvailable(nsAHttpTransaction *, nsHttpRequestHead *, nsHttpResponseHead *, bool *reset) override; \
+    MOZ_MUST_USE nsresult OnHeadersAvailable(nsAHttpTransaction *,  \
+                                             nsHttpRequestHead *,   \
+                                             nsHttpResponseHead *,  \
+                                             bool *reset) override; \
     void CloseTransaction(nsAHttpTransaction *, nsresult) override; \
-    nsresult TakeTransport(nsISocketTransport **,    \
-                           nsIAsyncInputStream **,   \
-                           nsIAsyncOutputStream **) override; \
+    MOZ_MUST_USE nsresult TakeTransport(nsISocketTransport **,    \
+                                        nsIAsyncInputStream **,   \
+                                        nsIAsyncOutputStream **) override; \
     bool IsPersistent() override;                         \
     bool IsReused() override;                             \
     void DontReuse() override;                            \
-    nsresult PushBack(const char *, uint32_t) override;   \
+    MOZ_MUST_USE nsresult PushBack(const char *, uint32_t) override; \
     already_AddRefed<nsHttpConnection> TakeHttpConnection() override; \
     /*                                                    \
        Thes methods below have automatic definitions that just forward the \
        function to a lower level connection object        \
     */                                                    \
     void GetConnectionInfo(nsHttpConnectionInfo **result) \
       override                                            \
     {                                                     \
@@ -174,35 +177,35 @@ NS_DEFINE_STATIC_IID_ACCESSOR(nsAHttpCon
     void GetSecurityInfo(nsISupports **result) override   \
     {                                                     \
       if (!(fwdObject)) {                                 \
           *result = nullptr;                              \
           return;                                         \
       }                                                   \
       return (fwdObject)->GetSecurityInfo(result);        \
     }                                                     \
-    nsresult ResumeSend() override     \
+    MOZ_MUST_USE nsresult ResumeSend() override \
     {                                      \
         if (!(fwdObject))                  \
             return NS_ERROR_FAILURE;       \
         return (fwdObject)->ResumeSend();  \
     }                                      \
-    nsresult ResumeRecv() override     \
+    MOZ_MUST_USE nsresult ResumeRecv() override \
     {                                      \
         if (!(fwdObject))                  \
             return NS_ERROR_FAILURE;       \
         return (fwdObject)->ResumeRecv();  \
     }                                      \
-    nsresult ForceSend() override      \
+    MOZ_MUST_USE nsresult ForceSend() override \
     {                                      \
         if (!(fwdObject))                  \
             return NS_ERROR_FAILURE;       \
         return (fwdObject)->ForceSend();   \
     }                                      \
-    nsresult ForceRecv() override      \
+    MOZ_MUST_USE nsresult ForceRecv() override \
     {                                      \
         if (!(fwdObject))                  \
             return NS_ERROR_FAILURE;       \
         return (fwdObject)->ForceRecv();   \
     }                                      \
     nsISocketTransport *Transport()        \
       override                         \
     {                                      \
--- a/netwerk/protocol/http/nsAHttpTransaction.h
+++ b/netwerk/protocol/http/nsAHttpTransaction.h
@@ -63,33 +63,37 @@ public:
 
     // called to notify that a requested DNS cache entry was refreshed.
     virtual void     SetDNSWasRefreshed() = 0;
 
     // called to find out how much request data is available for writing.
     virtual uint64_t Available() = 0;
 
     // called to read request data from the transaction.
-    virtual nsresult ReadSegments(nsAHttpSegmentReader *reader,
-                                  uint32_t count, uint32_t *countRead) = 0;
+    virtual MOZ_MUST_USE nsresult ReadSegments(nsAHttpSegmentReader *reader,
+                                               uint32_t count,
+                                               uint32_t *countRead) = 0;
 
     // called to write response data to the transaction.
-    virtual nsresult WriteSegments(nsAHttpSegmentWriter *writer,
-                                   uint32_t count, uint32_t *countWritten) = 0;
+    virtual MOZ_MUST_USE nsresult WriteSegments(nsAHttpSegmentWriter *writer,
+                                                uint32_t count,
+                                                uint32_t *countWritten) = 0;
 
     // These versions of the functions allow the overloader to specify whether or
     // not it is safe to call *Segments() in a loop while they return OK.
     // The callee should turn again to false if it is not, otherwise leave untouched
-    virtual nsresult ReadSegmentsAgain(nsAHttpSegmentReader *reader,
-                                       uint32_t count, uint32_t *countRead, bool *again)
+    virtual MOZ_MUST_USE nsresult
+    ReadSegmentsAgain(nsAHttpSegmentReader *reader, uint32_t count,
+                      uint32_t *countRead, bool *again)
     {
         return ReadSegments(reader, count, countRead);
     }
-    virtual nsresult WriteSegmentsAgain(nsAHttpSegmentWriter *writer,
-                                   uint32_t count, uint32_t *countWritten, bool *again)
+    virtual MOZ_MUST_USE nsresult
+    WriteSegmentsAgain(nsAHttpSegmentWriter *writer, uint32_t count,
+                       uint32_t *countWritten, bool *again)
     {
         return WriteSegments(writer, count, countWritten);
     }
 
     // called to close the transaction
     virtual void Close(nsresult reason) = 0;
 
     // called to indicate a failure with proxy CONNECT
@@ -107,17 +111,17 @@ public:
     // handle multiple transactions simultaneously (i.e. h2).
     //
     // Returns NS_ERROR_NOT_IMPLEMENTED if the object does not implement
     // sub-transactions.
     //
     // Returns NS_ERROR_ALREADY_OPENED if the subtransactions have been
     // at least partially written and cannot be moved.
     //
-    virtual nsresult TakeSubTransactions(
+    virtual MOZ_MUST_USE nsresult TakeSubTransactions(
         nsTArray<RefPtr<nsAHttpTransaction> > &outTransactions) = 0;
 
     // Occasionally the abstract interface has to give way to base implementations
     // to respect differences between spdy, h2, etc..
     // These Query* (and IsNullTransaction()) functions provide a way to do
     // that without using xpcom or rtti. Any calling code that can't deal with
     // a null response from one of them probably shouldn't be using nsAHttpTransaction
 
@@ -148,40 +152,40 @@ public:
     virtual PRIntervalTime ResponseTimeout();
 
     // conceptually the security info is part of the connection, but sometimes
     // in the case of TLS tunneled within TLS the transaction might present
     // a more specific security info that cannot be represented as a layer in
     // the connection due to multiplexing. This interface represents such an
     // overload. If it returns NS_FAILURE the connection should be considered
     // authoritative.
-    virtual nsresult GetTransactionSecurityInfo(nsISupports **)
+    virtual MOZ_MUST_USE nsresult GetTransactionSecurityInfo(nsISupports **)
     {
         return NS_ERROR_NOT_IMPLEMENTED;
     }
 
     virtual void DisableSpdy() { }
     virtual void ReuseConnectionOnRestartOK(bool) { }
 
     // Returns true if early-data is possible.
-    virtual bool Do0RTT() {
+    virtual MOZ_MUST_USE bool Do0RTT() {
         return false;
     }
     // This function will be called when a tls handshake has been finished and
     // we know whether early-data that was sent has been accepted or not, e.g.
     // do we need to restart a transaction. This will be called only if Do0RTT
     // returns true.
     // If aRestart parameter is true we need to restart the transaction,
     // otherwise the erly-data has been accepted and we can continue the
     // transaction.
     // If aAlpnChanged is true (and we were assuming http/2), we'll need to take
     // the transactions out of the session, rewind them all, and start them back
     // over as http/1 transactions
     // The function will return success or failure of the transaction restart.
-    virtual nsresult Finish0RTT(bool aRestart, bool aAlpnChanged) {
+    virtual MOZ_MUST_USE nsresult Finish0RTT(bool aRestart, bool aAlpnChanged) {
         return NS_ERROR_NOT_IMPLEMENTED;
     }
 };
 
 NS_DEFINE_STATIC_IID_ACCESSOR(nsAHttpTransaction, NS_AHTTPTRANSACTION_IID)
 
 #define NS_DECL_NSAHTTPTRANSACTION \
     void SetConnection(nsAHttpConnection *) override; \
@@ -189,68 +193,69 @@ NS_DEFINE_STATIC_IID_ACCESSOR(nsAHttpTra
     void GetSecurityCallbacks(nsIInterfaceRequestor **) override;       \
     void OnTransportStatus(nsITransport* transport, \
                            nsresult status, int64_t progress) override; \
     bool     IsDone() override; \
     nsresult Status() override; \
     uint32_t Caps() override;   \
     void     SetDNSWasRefreshed() override; \
     uint64_t Available() override; \
-    virtual nsresult ReadSegments(nsAHttpSegmentReader *, uint32_t, uint32_t *) override; \
-    virtual nsresult WriteSegments(nsAHttpSegmentWriter *, uint32_t, uint32_t *) override; \
+    virtual MOZ_MUST_USE nsresult ReadSegments(nsAHttpSegmentReader *, uint32_t, uint32_t *) override; \
+    virtual MOZ_MUST_USE nsresult WriteSegments(nsAHttpSegmentWriter *, uint32_t, uint32_t *) override; \
     virtual void Close(nsresult reason) override;                                \
     nsHttpConnectionInfo *ConnectionInfo() override;                             \
     void     SetProxyConnectFailed() override;                                   \
     virtual nsHttpRequestHead *RequestHead() override;                                   \
     uint32_t Http1xTransactionCount() override;                                  \
-    nsresult TakeSubTransactions(nsTArray<RefPtr<nsAHttpTransaction> > &outTransactions) override;
+    MOZ_MUST_USE nsresult TakeSubTransactions(nsTArray<RefPtr<nsAHttpTransaction> > &outTransactions) override;
 
 //-----------------------------------------------------------------------------
 // nsAHttpSegmentReader
 //-----------------------------------------------------------------------------
 
 class nsAHttpSegmentReader
 {
 public:
     // any returned failure code stops segment iteration
-    virtual nsresult OnReadSegment(const char *segment,
-                                   uint32_t count,
-                                   uint32_t *countRead) = 0;
+    virtual MOZ_MUST_USE nsresult OnReadSegment(const char *segment,
+                                                uint32_t count,
+                                                uint32_t *countRead) = 0;
 
     // Ask the segment reader to commit to accepting size bytes of
     // data from subsequent OnReadSegment() calls or throw hard
     // (i.e. not wouldblock) exceptions. Implementations
     // can return NS_ERROR_FAILURE if they never make commitments of that size
     // (the default), NS_OK if they make the commitment, or
     // NS_BASE_STREAM_WOULD_BLOCK if they cannot make the
     // commitment now but might in the future and forceCommitment is not true .
     // (forceCommitment requires a hard failure or OK at this moment.)
     //
     // SpdySession uses this to make sure frames are atomic.
-    virtual nsresult CommitToSegmentSize(uint32_t size, bool forceCommitment)
+    virtual MOZ_MUST_USE nsresult CommitToSegmentSize(uint32_t size,
+                                                      bool forceCommitment)
     {
         return NS_ERROR_FAILURE;
     }
 };
 
 #define NS_DECL_NSAHTTPSEGMENTREADER \
-    nsresult OnReadSegment(const char *, uint32_t, uint32_t *) override;
+    MOZ_MUST_USE nsresult OnReadSegment(const char *, uint32_t, uint32_t *) override;
 
 //-----------------------------------------------------------------------------
 // nsAHttpSegmentWriter
 //-----------------------------------------------------------------------------
 
 class nsAHttpSegmentWriter
 {
 public:
     // any returned failure code stops segment iteration
-    virtual nsresult OnWriteSegment(char *segment,
-                                    uint32_t count,
-                                    uint32_t *countWritten) = 0;
+    virtual MOZ_MUST_USE nsresult OnWriteSegment(char *segment,
+                                                 uint32_t count,
+                                                 uint32_t *countWritten) = 0;
 };
 
 #define NS_DECL_NSAHTTPSEGMENTWRITER \
-    nsresult OnWriteSegment(char *, uint32_t, uint32_t *) override;
+    MOZ_MUST_USE nsresult OnWriteSegment(char *, uint32_t, uint32_t *) override;
 
 } // namespace net
 } // namespace mozilla
 
 #endif // nsAHttpTransaction_h__
--- a/netwerk/protocol/http/nsCORSListenerProxy.h
+++ b/netwerk/protocol/http/nsCORSListenerProxy.h
@@ -60,39 +60,43 @@ public:
   NS_DECL_NSICHANNELEVENTSINK
   NS_DECL_NSITHREADRETARGETABLESTREAMLISTENER
 
   // Must be called at startup.
   static void Startup();
 
   static void Shutdown();
 
-  nsresult Init(nsIChannel* aChannel, DataURIHandling aAllowDataURI);
+  MOZ_MUST_USE nsresult Init(nsIChannel* aChannel,
+                             DataURIHandling aAllowDataURI);
 
   void SetInterceptController(nsINetworkInterceptController* aInterceptController);
 
 private:
   // Only HttpChannelParent can call RemoveFromCorsPreflightCache
   friend class mozilla::net::HttpChannelParent;
   // Only nsHttpChannel can invoke CORS preflights
   friend class mozilla::net::nsHttpChannel;
 
   static void RemoveFromCorsPreflightCache(nsIURI* aURI,
                                            nsIPrincipal* aRequestingPrincipal);
-  static nsresult StartCORSPreflight(nsIChannel* aRequestChannel,
-                                     nsICorsPreflightCallback* aCallback,
-                                     nsTArray<nsCString>& aACUnsafeHeaders,
-                                     nsIChannel** aPreflightChannel);
+  static MOZ_MUST_USE nsresult
+  StartCORSPreflight(nsIChannel* aRequestChannel,
+                     nsICorsPreflightCallback* aCallback,
+                     nsTArray<nsCString>& aACUnsafeHeaders,
+                     nsIChannel** aPreflightChannel);
 
   ~nsCORSListenerProxy();
 
-  nsresult UpdateChannel(nsIChannel* aChannel, DataURIHandling aAllowDataURI,
-                         UpdateType aUpdateType);
-  nsresult CheckRequestApproved(nsIRequest* aRequest);
-  nsresult CheckPreflightNeeded(nsIChannel* aChannel, UpdateType aUpdateType);
+  MOZ_MUST_USE nsresult UpdateChannel(nsIChannel* aChannel,
+                                      DataURIHandling aAllowDataURI,
+                                      UpdateType aUpdateType);
+  MOZ_MUST_USE nsresult CheckRequestApproved(nsIRequest* aRequest);
+  MOZ_MUST_USE nsresult CheckPreflightNeeded(nsIChannel* aChannel,
+                                             UpdateType aUpdateType);
 
   nsCOMPtr<nsIStreamListener> mOuterListener;
   // The principal that originally kicked off the request
   nsCOMPtr<nsIPrincipal> mRequestingPrincipal;
   // The principal to use for our Origin header ("source origin" in spec terms).
   // This can get changed during redirects, unlike mRequestingPrincipal.
   nsCOMPtr<nsIPrincipal> mOriginHeaderPrincipal;
   nsCOMPtr<nsIInterfaceRequestor> mOuterNotificationCallbacks;
--- a/netwerk/protocol/http/nsHttp.h
+++ b/netwerk/protocol/http/nsHttp.h
@@ -115,17 +115,17 @@ struct nsHttpAtom
     void operator=(const nsHttpAtom &a) { _val = a._val; }
 
     // private
     const char *_val;
 };
 
 struct nsHttp
 {
-    static nsresult CreateAtomTable();
+    static MOZ_MUST_USE nsresult CreateAtomTable();
     static void DestroyAtomTable();
 
     // The mutex is valid any time the Atom Table is valid
     // This mutex is used in the unusual case that the network thread and
     // main thread might access the same data
     static Mutex *GetLock();
 
     // will dynamically add atoms to the table if they don't already exist
@@ -159,22 +159,23 @@ struct nsHttp
     // This function parses a string containing a decimal-valued, non-negative
     // 64-bit integer.  If the value would exceed INT64_MAX, then false is
     // returned.  Otherwise, this function returns true and stores the
     // parsed value in |result|.  The next unparsed character in |input| is
     // optionally returned via |next| if |next| is non-null.
     //
     // TODO(darin): Replace this with something generic.
     //
-    static bool ParseInt64(const char *input, const char **next,
-                             int64_t *result);
+    static MOZ_MUST_USE bool ParseInt64(const char *input, const char **next,
+                                        int64_t *result);
 
     // Variant on ParseInt64 that expects the input string to contain nothing
     // more than the value being parsed.
-    static inline bool ParseInt64(const char *input, int64_t *result) {
+    static inline MOZ_MUST_USE bool ParseInt64(const char *input,
+                                               int64_t *result) {
         const char *next;
         return ParseInt64(input, &next, result) && *next == '\0';
     }
 
     // Return whether the HTTP status code represents a permanent redirect
     static bool IsPermanentRedirect(uint32_t httpStatus);
 
     // Returns the APLN token which represents the used protocol version.
--- a/netwerk/protocol/http/nsHttpAuthCache.h
+++ b/netwerk/protocol/http/nsHttpAuthCache.h
@@ -39,31 +39,35 @@ public:
         , mDomain(nullptr)
     {
     }
     nsHttpAuthIdentity(const char16_t *domain,
                        const char16_t *user,
                        const char16_t *password)
         : mUser(nullptr)
     {
-        Set(domain, user, password);
+        DebugOnly<nsresult> rv = Set(domain, user, password);
+        MOZ_ASSERT(NS_SUCCEEDED(rv));
     }
    ~nsHttpAuthIdentity()
     {
         Clear();
     }
 
     const char16_t *Domain()   const { return mDomain; }
     const char16_t *User()     const { return mUser; }
     const char16_t *Password() const { return mPass; }
 
-    nsresult Set(const char16_t *domain,
-                 const char16_t *user,
-                 const char16_t *password);
-    nsresult Set(const nsHttpAuthIdentity &other) { return Set(other.mDomain, other.mUser, other.mPass); }
+    MOZ_MUST_USE nsresult Set(const char16_t *domain,
+                              const char16_t *user,
+                              const char16_t *password);
+    MOZ_MUST_USE nsresult Set(const nsHttpAuthIdentity &other)
+    {
+      return Set(other.mDomain, other.mUser, other.mPass);
+    }
     void Clear();
 
     bool Equals(const nsHttpAuthIdentity &other) const;
     bool IsEmpty() const { return !mUser; }
 
 private:
     // allocated as one contiguous blob, starting at mUser.
     char16_t *mUser;
@@ -83,41 +87,42 @@ public:
     const char *Challenge()   const { return mChallenge; }
     const char16_t *Domain() const { return mIdent.Domain(); }
     const char16_t *User()   const { return mIdent.User(); }
     const char16_t *Pass()   const { return mIdent.Password(); }
     nsHttpAuthPath *RootPath()      { return mRoot; }
 
     const nsHttpAuthIdentity &Identity() const { return mIdent; }
 
-    nsresult AddPath(const char *aPath);
+    MOZ_MUST_USE nsresult AddPath(const char *aPath);
 
     nsCOMPtr<nsISupports> mMetaData;
 
 private:
     nsHttpAuthEntry(const char *path,
                     const char *realm,
                     const char *creds,
                     const char *challenge,
                     const nsHttpAuthIdentity *ident,
                     nsISupports *metadata)
         : mRoot(nullptr)
         , mTail(nullptr)
         , mRealm(nullptr)
     {
-        Set(path, realm, creds, challenge, ident, metadata);
+        DebugOnly<nsresult> rv = Set(path, realm, creds, challenge, ident, metadata);
+        MOZ_ASSERT(NS_SUCCEEDED(rv));
     }
    ~nsHttpAuthEntry();
 
-    nsresult Set(const char *path,
-                 const char *realm,
-                 const char *creds,
-                 const char *challenge,
-                 const nsHttpAuthIdentity *ident,
-                 nsISupports *metadata);
+    MOZ_MUST_USE nsresult Set(const char *path,
+                              const char *realm,
+                              const char *creds,
+                              const char *challenge,
+                              const nsHttpAuthIdentity *ident,
+                              nsISupports *metadata);
 
     nsHttpAuthIdentity mIdent;
 
     nsHttpAuthPath *mRoot; //root pointer
     nsHttpAuthPath *mTail; //tail pointer
 
     // allocated together in one blob, starting with mRealm.
     char *mRealm;
@@ -142,22 +147,22 @@ private:
     // path can be null, in which case we'll search for an entry
     // with a null path.
     nsHttpAuthEntry *LookupEntryByPath(const char *path);
 
     // realm must not be null
     nsHttpAuthEntry *LookupEntryByRealm(const char *realm);
 
     // if a matching entry is found, then credentials will be changed.
-    nsresult SetAuthEntry(const char *path,
-                          const char *realm,
-                          const char *credentials,
-                          const char *challenge,
-                          const nsHttpAuthIdentity *ident,
-                          nsISupports *metadata);
+    MOZ_MUST_USE nsresult SetAuthEntry(const char *path,
+                                       const char *realm,
+                                       const char *credentials,
+                                       const char *challenge,
+                                       const nsHttpAuthIdentity *ident,
+                                       nsISupports *metadata);
 
     void ClearAuthEntry(const char *realm);
 
     uint32_t EntryCount() { return mList.Length(); }
 
 private:
     nsTArray<nsAutoPtr<nsHttpAuthEntry> > mList;
 
@@ -170,62 +175,62 @@ private:
 //-----------------------------------------------------------------------------
 
 class nsHttpAuthCache
 {
 public:
     nsHttpAuthCache();
    ~nsHttpAuthCache();
 
-    nsresult Init();
+    MOZ_MUST_USE nsresult Init();
 
     // |scheme|, |host|, and |port| are required
     // |path| can be null
     // |entry| is either null or a weak reference
-    nsresult GetAuthEntryForPath(const char *scheme,
-                                 const char *host,
-                                 int32_t     port,
-                                 const char *path,
-                                 nsACString const &originSuffix,
-                                 nsHttpAuthEntry **entry);
+    MOZ_MUST_USE nsresult GetAuthEntryForPath(const char *scheme,
+                                              const char *host,
+                                              int32_t     port,
+                                              const char *path,
+                                              nsACString const &originSuffix,
+                                              nsHttpAuthEntry **entry);
 
     // |scheme|, |host|, and |port| are required
     // |realm| must not be null
     // |entry| is either null or a weak reference
-    nsresult GetAuthEntryForDomain(const char *scheme,
-                                   const char *host,
-                                   int32_t     port,
-                                   const char *realm,
-                                   nsACString const &originSuffix,
-                                   nsHttpAuthEntry **entry);
+    MOZ_MUST_USE nsresult GetAuthEntryForDomain(const char *scheme,
+                                                const char *host,
+                                                int32_t     port,
+                                                const char *realm,
+                                                nsACString const &originSuffix,
+                                                nsHttpAuthEntry **entry);
 
     // |scheme|, |host|, and |port| are required
     // |path| can be null
     // |realm| must not be null
     // if |credentials|, |user|, |pass|, and |challenge| are each
     // null, then the entry is deleted.
-    nsresult SetAuthEntry(const char *scheme,
-                          const char *host,
-                          int32_t     port,
-                          const char *directory,
-                          const char *realm,
-                          const char *credentials,
-                          const char *challenge,
-                          nsACString const &originSuffix,
-                          const nsHttpAuthIdentity *ident,
-                          nsISupports *metadata);
+    MOZ_MUST_USE nsresult SetAuthEntry(const char *scheme,
+                                       const char *host,
+                                       int32_t     port,
+                                       const char *directory,
+                                       const char *realm,
+                                       const char *credentials,
+                                       const char *challenge,
+                                       nsACString const &originSuffix,
+                                       const nsHttpAuthIdentity *ident,
+                                       nsISupports *metadata);
 
     void ClearAuthEntry(const char *scheme,
                         const char *host,
                         int32_t     port,
                         const char *realm,
                         nsACString const &originSuffix);
 
     // expire all existing auth list entries including proxy auths.
-    nsresult ClearAll();
+    MOZ_MUST_USE nsresult ClearAll();
 
 private:
     nsHttpAuthNode *LookupAuthNode(const char *scheme,
                                    const char *host,
                                    int32_t     port,
                                    nsACString const &originSuffix,
                                    nsCString  &key);
 
--- a/netwerk/protocol/http/nsHttpAuthManager.h
+++ b/netwerk/protocol/http/nsHttpAuthManager.h
@@ -15,17 +15,17 @@ class nsHttpAuthCache;
 
 class nsHttpAuthManager : public nsIHttpAuthManager
 {
 public:
   NS_DECL_ISUPPORTS
   NS_DECL_NSIHTTPAUTHMANAGER
 
   nsHttpAuthManager();
-  nsresult Init();
+  MOZ_MUST_USE nsresult Init();
 
 protected:
   virtual ~nsHttpAuthManager();
 
   nsHttpAuthCache *mAuthCache;
   nsHttpAuthCache *mPrivateAuthCache;
 };
 
--- a/netwerk/protocol/http/nsHttpChannel.h
+++ b/netwerk/protocol/http/nsHttpChannel.h
@@ -39,18 +39,19 @@ class nsISSLStatus;
 
 namespace mozilla { namespace net {
 
 class Http2PushedStream;
 
 class HttpChannelSecurityWarningReporter
 {
 public:
-  virtual nsresult ReportSecurityMessage(const nsAString& aMessageTag,
-                                         const nsAString& aMessageCategory) = 0;
+  virtual MOZ_MUST_USE nsresult
+  ReportSecurityMessage(const nsAString& aMessageTag,
+                        const nsAString& aMessageCategory) = 0;
 };
 
 //-----------------------------------------------------------------------------
 // nsHttpChannel
 //-----------------------------------------------------------------------------
 
 // Use to support QI nsIChannel to nsHttpChannel
 #define NS_HTTPCHANNEL_IID                         \
@@ -122,22 +123,24 @@ public:
     NS_IMETHOD GetLoadFlags(nsLoadFlags *aLoadFlags) override;
     NS_IMETHOD GetURI(nsIURI **aURI) override;
     NS_IMETHOD GetNotificationCallbacks(nsIInterfaceRequestor **aCallbacks) override;
     NS_IMETHOD GetLoadGroup(nsILoadGroup **aLoadGroup) override;
     NS_IMETHOD GetRequestMethod(nsACString& aMethod) override;
 
     nsHttpChannel();
 
-    virtual nsresult Init(nsIURI *aURI, uint32_t aCaps, nsProxyInfo *aProxyInfo,
-                          uint32_t aProxyResolveFlags,
-                          nsIURI *aProxyURI,
-                          const nsID& aChannelId) override;
+    virtual MOZ_MUST_USE nsresult Init(nsIURI *aURI, uint32_t aCaps,
+                                       nsProxyInfo *aProxyInfo,
+                                       uint32_t aProxyResolveFlags,
+                                       nsIURI *aProxyURI,
+                                       const nsID& aChannelId) override;
 
-    nsresult OnPush(const nsACString &uri, Http2PushedStream *pushedStream);
+    MOZ_MUST_USE nsresult OnPush(const nsACString &uri,
+                                 Http2PushedStream *pushedStream);
 
     static bool IsRedirectStatus(uint32_t status);
 
 
     // Methods HttpBaseChannel didn't implement for us or that we override.
     //
     // nsIRequest
     NS_IMETHOD Cancel(nsresult status) override;
@@ -171,57 +174,58 @@ public:
     NS_IMETHOD GetConnectEnd(mozilla::TimeStamp *aConnectEnd) override;
     NS_IMETHOD GetRequestStart(mozilla::TimeStamp *aRequestStart) override;
     NS_IMETHOD GetResponseStart(mozilla::TimeStamp *aResponseStart) override;
     NS_IMETHOD GetResponseEnd(mozilla::TimeStamp *aResponseEnd) override;
     // nsICorsPreflightCallback
     NS_IMETHOD OnPreflightSucceeded() override;
     NS_IMETHOD OnPreflightFailed(nsresult aError) override;
 
-    nsresult AddSecurityMessage(const nsAString& aMessageTag,
-                                const nsAString& aMessageCategory) override;
+    MOZ_MUST_USE nsresult
+    AddSecurityMessage(const nsAString& aMessageTag,
+                       const nsAString& aMessageCategory) override;
 
     void SetWarningReporter(HttpChannelSecurityWarningReporter* aReporter)
       { mWarningReporter = aReporter; }
 
 public: /* internal necko use only */
 
     void InternalSetUploadStream(nsIInputStream *uploadStream)
       { mUploadStream = uploadStream; }
     void SetUploadStreamHasHeaders(bool hasHeaders)
       { mUploadStreamHasHeaders = hasHeaders; }
 
-    nsresult SetReferrerWithPolicyInternal(nsIURI *referrer,
-                                           uint32_t referrerPolicy) {
+    MOZ_MUST_USE nsresult
+    SetReferrerWithPolicyInternal(nsIURI *referrer, uint32_t referrerPolicy) {
         nsAutoCString spec;
         nsresult rv = referrer->GetAsciiSpec(spec);
         if (NS_FAILED(rv)) return rv;
         mReferrer = referrer;
         mReferrerPolicy = referrerPolicy;
-        mRequestHead.SetHeader(nsHttp::Referer, spec);
-        return NS_OK;
+        rv = mRequestHead.SetHeader(nsHttp::Referer, spec);
+        return rv;
     }
 
-    nsresult SetTopWindowURI(nsIURI* aTopWindowURI) {
+    MOZ_MUST_USE nsresult SetTopWindowURI(nsIURI* aTopWindowURI) {
         mTopWindowURI = aTopWindowURI;
         return NS_OK;
     }
 
     uint32_t GetRequestTime() const
     {
         return mRequestTime;
     }
 
-    nsresult OpenCacheEntry(bool usingSSL);
-    nsresult ContinueConnect();
+    MOZ_MUST_USE nsresult OpenCacheEntry(bool usingSSL);
+    MOZ_MUST_USE nsresult ContinueConnect();
 
     // If the load is mixed-content, build and send an HSTS priming request.
-    nsresult TryHSTSPriming();
+    MOZ_MUST_USE nsresult TryHSTSPriming();
 
-    nsresult StartRedirectChannelToURI(nsIURI *, uint32_t);
+    MOZ_MUST_USE nsresult StartRedirectChannelToURI(nsIURI *, uint32_t);
 
     // This allows cache entry to be marked as foreign even after channel itself
     // is gone.  Needed for e10s (see HttpChannelParent::RecvDocumentChannelCleanup)
     class OfflineCacheEntryAsForeignMarker {
         nsCOMPtr<nsIApplicationCache> mApplicationCache;
         nsCOMPtr<nsIURI> mCacheURI;
     public:
         OfflineCacheEntryAsForeignMarker(nsIApplicationCache* appCache,
@@ -284,150 +288,152 @@ public:
 
 protected:
     virtual ~nsHttpChannel();
 
 private:
     typedef nsresult (nsHttpChannel::*nsContinueRedirectionFunc)(nsresult result);
 
     bool     RequestIsConditional();
-    nsresult BeginConnect();
-    nsresult ContinueBeginConnectWithResult();
+    MOZ_MUST_USE nsresult BeginConnect();
+    MOZ_MUST_USE nsresult ContinueBeginConnectWithResult();
     void     ContinueBeginConnect();
-    nsresult Connect();
+    MOZ_MUST_USE nsresult Connect();
     void     SpeculativeConnect();
-    nsresult SetupTransaction();
+    MOZ_MUST_USE nsresult SetupTransaction();
     void     SetupTransactionRequestContext();
-    nsresult CallOnStartRequest();
-    nsresult ProcessResponse();
-    void     AsyncContinueProcessResponse();
-    nsresult ContinueProcessResponse1();
-    nsresult ContinueProcessResponse2(nsresult);
-    nsresult ContinueProcessResponse3(nsresult);
-    nsresult ProcessNormal();
-    nsresult ContinueProcessNormal(nsresult);
+    MOZ_MUST_USE nsresult CallOnStartRequest();
+    MOZ_MUST_USE nsresult ProcessResponse();
+    void                  AsyncContinueProcessResponse();
+    MOZ_MUST_USE nsresult ContinueProcessResponse1();
+    MOZ_MUST_USE nsresult ContinueProcessResponse2(nsresult);
+    MOZ_MUST_USE nsresult ContinueProcessResponse3(nsresult);
+    MOZ_MUST_USE nsresult ProcessNormal();
+    MOZ_MUST_USE nsresult ContinueProcessNormal(nsresult);
     void     ProcessAltService();
     bool     ShouldBypassProcessNotModified();
-    nsresult ProcessNotModified();
-    nsresult AsyncProcessRedirection(uint32_t httpStatus);
-    nsresult ContinueProcessRedirection(nsresult);
-    nsresult ContinueProcessRedirectionAfterFallback(nsresult);
-    nsresult ProcessFailedProxyConnect(uint32_t httpStatus);
-    nsresult ProcessFallback(bool *waitingForRedirectCallback);
-    nsresult ContinueProcessFallback(nsresult);
+    MOZ_MUST_USE nsresult ProcessNotModified();
+    MOZ_MUST_USE nsresult AsyncProcessRedirection(uint32_t httpStatus);
+    MOZ_MUST_USE nsresult ContinueProcessRedirection(nsresult);
+    MOZ_MUST_USE nsresult ContinueProcessRedirectionAfterFallback(nsresult);
+    MOZ_MUST_USE nsresult ProcessFailedProxyConnect(uint32_t httpStatus);
+    MOZ_MUST_USE nsresult ProcessFallback(bool *waitingForRedirectCallback);
+    MOZ_MUST_USE nsresult ContinueProcessFallback(nsresult);
     void     HandleAsyncAbort();
-    nsresult EnsureAssocReq();
+    MOZ_MUST_USE nsresult EnsureAssocReq();
     void     ProcessSSLInformation();
     bool     IsHTTPS();
 
-    nsresult ContinueOnStartRequest1(nsresult);
-    nsresult ContinueOnStartRequest2(nsresult);
-    nsresult ContinueOnStartRequest3(nsresult);
+    MOZ_MUST_USE nsresult ContinueOnStartRequest1(nsresult);
+    MOZ_MUST_USE nsresult ContinueOnStartRequest2(nsresult);
+    MOZ_MUST_USE nsresult ContinueOnStartRequest3(nsresult);
 
     // redirection specific methods
     void     HandleAsyncRedirect();
     void     HandleAsyncAPIRedirect();
-    nsresult ContinueHandleAsyncRedirect(nsresult);
+    MOZ_MUST_USE nsresult ContinueHandleAsyncRedirect(nsresult);
     void     HandleAsyncNotModified();
     void     HandleAsyncFallback();
-    nsresult ContinueHandleAsyncFallback(nsresult);
-    nsresult PromptTempRedirect();
-    virtual  nsresult SetupReplacementChannel(nsIURI *, nsIChannel *,
-                                              bool preserveMethod,
-                                              uint32_t redirectFlags) override;
+    MOZ_MUST_USE nsresult ContinueHandleAsyncFallback(nsresult);
+    MOZ_MUST_USE nsresult PromptTempRedirect();
+    virtual MOZ_MUST_USE nsresult
+    SetupReplacementChannel(nsIURI *, nsIChannel *, bool preserveMethod,
+                            uint32_t redirectFlags) override;
 
     // proxy specific methods
-    nsresult ProxyFailover();
-    nsresult AsyncDoReplaceWithProxy(nsIProxyInfo *);
-    nsresult ContinueDoReplaceWithProxy(nsresult);
-    nsresult ResolveProxy();
+    MOZ_MUST_USE nsresult ProxyFailover();
+    MOZ_MUST_USE nsresult AsyncDoReplaceWithProxy(nsIProxyInfo *);
+    MOZ_MUST_USE nsresult ContinueDoReplaceWithProxy(nsresult);
+    MOZ_MUST_USE nsresult ResolveProxy();
 
     // cache specific methods
-    nsresult OnOfflineCacheEntryAvailable(nsICacheEntry *aEntry,
-                                          bool aNew,
-                                          nsIApplicationCache* aAppCache,
-                                          nsresult aResult);
-    nsresult OnNormalCacheEntryAvailable(nsICacheEntry *aEntry,
-                                         bool aNew,
-                                         nsresult aResult);
-    nsresult OpenOfflineCacheEntryForWriting();
-    nsresult OnOfflineCacheEntryForWritingAvailable(nsICacheEntry *aEntry,
-                                                    nsIApplicationCache* aAppCache,
-                                                    nsresult aResult);
-    nsresult OnCacheEntryAvailableInternal(nsICacheEntry *entry,
-                                      bool aNew,
-                                      nsIApplicationCache* aAppCache,
-                                      nsresult status);
-    nsresult GenerateCacheKey(uint32_t postID, nsACString &key);
-    nsresult UpdateExpirationTime();
-    nsresult CheckPartial(nsICacheEntry* aEntry, int64_t *aSize, int64_t *aContentLength);
+    MOZ_MUST_USE nsresult
+    OnOfflineCacheEntryAvailable(nsICacheEntry *aEntry, bool aNew,
+                                 nsIApplicationCache* aAppCache,
+                                 nsresult aResult);
+    MOZ_MUST_USE nsresult OnNormalCacheEntryAvailable(nsICacheEntry *aEntry,
+                                                      bool aNew,
+                                                      nsresult aResult);
+    MOZ_MUST_USE nsresult OpenOfflineCacheEntryForWriting();
+    MOZ_MUST_USE nsresult
+    OnOfflineCacheEntryForWritingAvailable(nsICacheEntry *aEntry,
+                                           nsIApplicationCache* aAppCache,
+                                           nsresult aResult);
+    MOZ_MUST_USE nsresult
+    OnCacheEntryAvailableInternal(nsICacheEntry *entry, bool aNew,
+                                  nsIApplicationCache* aAppCache,
+                                  nsresult status);
+    MOZ_MUST_USE nsresult GenerateCacheKey(uint32_t postID, nsACString &key);
+    MOZ_MUST_USE nsresult UpdateExpirationTime();
+    MOZ_MUST_USE nsresult CheckPartial(nsICacheEntry* aEntry, int64_t *aSize, int64_t *aContentLength);
     bool ShouldUpdateOfflineCacheEntry();
-    nsresult ReadFromCache(bool alreadyMarkedValid);
+    MOZ_MUST_USE nsresult ReadFromCache(bool alreadyMarkedValid);
     void     CloseCacheEntry(bool doomOnFailure);
     void     CloseOfflineCacheEntry();
-    nsresult InitCacheEntry();
+    MOZ_MUST_USE nsresult InitCacheEntry();
     void     UpdateInhibitPersistentCachingFlag();
-    nsresult InitOfflineCacheEntry();
-    nsresult AddCacheEntryHeaders(nsICacheEntry *entry);
-    nsresult FinalizeCacheEntry();
-    nsresult InstallCacheListener(int64_t offset = 0);
-    nsresult InstallOfflineCacheListener(int64_t offset = 0);
+    MOZ_MUST_USE nsresult InitOfflineCacheEntry();
+    MOZ_MUST_USE nsresult AddCacheEntryHeaders(nsICacheEntry *entry);
+    MOZ_MUST_USE nsresult FinalizeCacheEntry();
+    MOZ_MUST_USE nsresult InstallCacheListener(int64_t offset = 0);
+    MOZ_MUST_USE nsresult InstallOfflineCacheListener(int64_t offset = 0);
     void     MaybeInvalidateCacheEntryForSubsequentGet();
     void     AsyncOnExamineCachedResponse();
 
     // Handle the bogus Content-Encoding Apache sometimes sends
     void ClearBogusContentEncodingIfNeeded();
 
     // byte range request specific methods
-    nsresult ProcessPartialContent();
-    nsresult OnDoneReadingPartialCacheEntry(bool *streamDone);
+    MOZ_MUST_USE nsresult ProcessPartialContent();
+    MOZ_MUST_USE nsresult OnDoneReadingPartialCacheEntry(bool *streamDone);
 
-    nsresult DoAuthRetry(nsAHttpConnection *);
+    MOZ_MUST_USE nsresult DoAuthRetry(nsAHttpConnection *);
 
     void     HandleAsyncRedirectChannelToHttps();
-    nsresult StartRedirectChannelToHttps();
-    nsresult ContinueAsyncRedirectChannelToURI(nsresult rv);
-    nsresult OpenRedirectChannel(nsresult rv);
+    MOZ_MUST_USE nsresult StartRedirectChannelToHttps();
+    MOZ_MUST_USE nsresult ContinueAsyncRedirectChannelToURI(nsresult rv);
+    MOZ_MUST_USE nsresult OpenRedirectChannel(nsresult rv);
 
     /**
      * A function that takes care of reading STS and PKP headers and enforcing
      * STS and PKP load rules. After a secure channel is erected, STS and PKP
      * requires the channel to be trusted or any STS or PKP header data on
      * the channel is ignored. This is called from ProcessResponse.
      */
-    nsresult ProcessSecurityHeaders();
+    MOZ_MUST_USE nsresult ProcessSecurityHeaders();
 
     /**
      * Taking care of the Content-Signature header and fail the channel if
      * the signature verification fails or is required but the header is not
      * present.
      * This sets mListener to ContentVerifier, which buffers the entire response
      * before verifying the Content-Signature header. If the verification is
      * successful, the load proceeds as usual. If the verification fails, a
      * NS_ERROR_INVALID_SIGNATURE is thrown and a fallback loaded in nsDocShell
      */
-    nsresult ProcessContentSignatureHeader(nsHttpResponseHead *aResponseHead);
+    MOZ_MUST_USE nsresult
+    ProcessContentSignatureHeader(nsHttpResponseHead *aResponseHead);
 
     /**
      * A function that will, if the feature is enabled, send security reports.
      */
     void ProcessSecurityReport(nsresult status);
 
     /**
      * A function to process a single security header (STS or PKP), assumes
      * some basic sanity checks have been applied to the channel. Called
      * from ProcessSecurityHeaders.
      */
-    nsresult ProcessSingleSecurityHeader(uint32_t aType,
-                                         nsISSLStatus *aSSLStatus,
-                                         uint32_t aFlags);
+    MOZ_MUST_USE nsresult ProcessSingleSecurityHeader(uint32_t aType,
+                                                      nsISSLStatus *aSSLStatus,
+                                                      uint32_t aFlags);
 
     void InvalidateCacheEntryForLocation(const char *location);
     void AssembleCacheKey(const char *spec, uint32_t postID, nsACString &key);
-    nsresult CreateNewURI(const char *loc, nsIURI **newURI);
+    MOZ_MUST_USE nsresult CreateNewURI(const char *loc, nsIURI **newURI);
     void DoInvalidateCacheEntry(nsIURI* aURI);
 
     // Ref RFC2616 13.10: "invalidation... MUST only be performed if
     // the host part is the same as in the Request-URI"
     inline bool HostPartIsTheSame(nsIURI *uri) {
         nsAutoCString tmpHost1, tmpHost2;
         return (NS_SUCCEEDED(mURI->GetAsciiHost(tmpHost1)) &&
                 NS_SUCCEEDED(uri->GetAsciiHost(tmpHost2)) &&
@@ -448,23 +454,25 @@ private:
     // Create a aggregate set of the current notification callbacks
     // and ensure the transaction is updated to use it.
     void UpdateAggregateCallbacks();
 
     static bool HasQueryString(nsHttpRequestHead::ParsedMethodType method, nsIURI * uri);
     bool ResponseWouldVary(nsICacheEntry* entry);
     bool IsResumable(int64_t partialLen, int64_t contentLength,
                      bool ignoreMissingPartialLen = false) const;
-    nsresult MaybeSetupByteRangeRequest(int64_t partialLen, int64_t contentLength,
-                                        bool ignoreMissingPartialLen = false);
-    nsresult SetupByteRangeRequest(int64_t partialLen);
+    MOZ_MUST_USE nsresult
+    MaybeSetupByteRangeRequest(int64_t partialLen, int64_t contentLength,
+                               bool ignoreMissingPartialLen = false);
+    MOZ_MUST_USE nsresult SetupByteRangeRequest(int64_t partialLen);
     void UntieByteRangeRequest();
     void UntieValidationRequest();
-    nsresult OpenCacheInputStream(nsICacheEntry* cacheEntry, bool startBuffering,
-                                  bool checkingAppCacheEntry);
+    MOZ_MUST_USE nsresult OpenCacheInputStream(nsICacheEntry* cacheEntry,
+                                               bool startBuffering,
+                                               bool checkingAppCacheEntry);
 
     void SetPushedStream(Http2PushedStream *stream);
 
     void MaybeWarnAboutAppCache();
 
     void SetLoadGroupUserAgentOverride();
 
     void SetDoNotTrack();
@@ -599,17 +607,17 @@ private:
     // Needed for accurate DNS timing
     RefPtr<nsDNSPrefetch>           mDNSPrefetch;
 
     Http2PushedStream                 *mPushedStream;
     // True if the channel's principal was found on a phishing, malware, or
     // tracking (if tracking protection is enabled) blocklist
     bool                              mLocalBlocklist;
 
-    nsresult WaitForRedirectCallback();
+    MOZ_MUST_USE nsresult WaitForRedirectCallback();
     void PushRedirectAsyncFunc(nsContinueRedirectionFunc func);
     void PopRedirectAsyncFunc(nsContinueRedirectionFunc func);
 
     nsCString mUsername;
 
     // If non-null, warnings should be reported to this object.
     HttpChannelSecurityWarningReporter* mWarningReporter;
 
--- a/netwerk/protocol/http/nsHttpChannelAuthProvider.h
+++ b/netwerk/protocol/http/nsHttpChannelAuthProvider.h
@@ -49,95 +49,98 @@ private:
 
     const char *Host() const      { return mHost.get(); }
     int32_t     Port() const      { return mPort; }
     bool        UsingSSL() const  { return mUsingSSL; }
 
     bool        UsingHttpProxy() const
     { return mProxyInfo && (mProxyInfo->IsHTTP() || mProxyInfo->IsHTTPS()); }
 
-    nsresult PrepareForAuthentication(bool proxyAuth);
-    nsresult GenCredsAndSetEntry(nsIHttpAuthenticator *, bool proxyAuth,
-                                 const char *scheme, const char *host,
-                                 int32_t port, const char *dir,
-                                 const char *realm, const char *challenge,
-                                 const nsHttpAuthIdentity &ident,
-                                 nsCOMPtr<nsISupports> &session, char **result);
-    nsresult GetAuthenticator(const char *challenge, nsCString &scheme,
-                              nsIHttpAuthenticator **auth);
+    MOZ_MUST_USE nsresult PrepareForAuthentication(bool proxyAuth);
+    MOZ_MUST_USE nsresult
+    GenCredsAndSetEntry(nsIHttpAuthenticator *, bool proxyAuth,
+                        const char *scheme, const char *host, int32_t port,
+                        const char *dir, const char *realm,
+                        const char *challenge, const nsHttpAuthIdentity &ident,
+                        nsCOMPtr<nsISupports> &session, char **result);
+    MOZ_MUST_USE nsresult GetAuthenticator(const char *challenge,
+                                           nsCString &scheme,
+                                           nsIHttpAuthenticator **auth);
     void     ParseRealm(const char *challenge, nsACString &realm);
     void     GetIdentityFromURI(uint32_t authFlags, nsHttpAuthIdentity&);
 
     /**
      * Following three methods return NS_ERROR_IN_PROGRESS when
      * nsIAuthPrompt2.asyncPromptAuth method is called. This result indicates
      * the user's decision will be gathered in a callback and is not an actual
      * error.
      */
-    nsresult GetCredentials(const char *challenges, bool proxyAuth,
-                            nsAFlatCString &creds);
-    nsresult GetCredentialsForChallenge(const char *challenge,
-                                        const char *scheme,  bool proxyAuth,
-                                        nsIHttpAuthenticator *auth,
-                                        nsAFlatCString &creds);
-    nsresult PromptForIdentity(uint32_t level, bool proxyAuth,
-                               const char *realm, const char *authType,
-                               uint32_t authFlags, nsHttpAuthIdentity &);
+    MOZ_MUST_USE nsresult GetCredentials(const char *challenges, bool proxyAuth,
+                                         nsAFlatCString &creds);
+    MOZ_MUST_USE nsresult
+    GetCredentialsForChallenge(const char *challenge, const char *scheme,
+                               bool proxyAuth, nsIHttpAuthenticator *auth,
+                               nsAFlatCString &creds);
+    MOZ_MUST_USE nsresult PromptForIdentity(uint32_t level, bool proxyAuth,
+                                            const char *realm,
+                                            const char *authType,
+                                            uint32_t authFlags,
+                                            nsHttpAuthIdentity &);
 
     bool     ConfirmAuth(const nsString &bundleKey, bool doYesNoPrompt);
     void     SetAuthorizationHeader(nsHttpAuthCache *, nsHttpAtom header,
                                     const char *scheme, const char *host,
                                     int32_t port, const char *path,
                                     nsHttpAuthIdentity &ident);
-    nsresult GetCurrentPath(nsACString &);
+    MOZ_MUST_USE nsresult GetCurrentPath(nsACString &);
     /**
      * Return all information needed to build authorization information,
      * all parameters except proxyAuth are out parameters. proxyAuth specifies
      * with what authorization we work (WWW or proxy).
      */
-    nsresult GetAuthorizationMembers(bool proxyAuth, nsCSubstring& scheme,
-                                     const char*& host, int32_t& port,
-                                     nsCSubstring& path,
-                                     nsHttpAuthIdentity*& ident,
-                                     nsISupports**& continuationState);
+    MOZ_MUST_USE nsresult
+    GetAuthorizationMembers(bool proxyAuth, nsCSubstring& scheme,
+                            const char*& host, int32_t& port,
+                            nsCSubstring& path, nsHttpAuthIdentity*& ident,
+                            nsISupports**& continuationState);
     /**
      * Method called to resume suspended transaction after we got credentials
      * from the user. Called from OnAuthAvailable callback or OnAuthCancelled
      * when credentials for next challenge were obtained synchronously.
      */
-    nsresult ContinueOnAuthAvailable(const nsCSubstring& creds);
+    MOZ_MUST_USE nsresult ContinueOnAuthAvailable(const nsCSubstring& creds);
 
-    nsresult DoRedirectChannelToHttps();
+    MOZ_MUST_USE nsresult DoRedirectChannelToHttps();
 
     /**
      * A function that takes care of reading STS headers and enforcing STS
      * load rules.  After a secure channel is erected, STS requires the channel
      * to be trusted or any STS header data on the channel is ignored.
      * This is called from ProcessResponse.
      */
-    nsresult ProcessSTSHeader();
+    MOZ_MUST_USE nsresult ProcessSTSHeader();
 
     // Depending on the pref setting, the authentication dialog may be blocked
     // for all sub-resources, blocked for cross-origin sub-resources, or
     // always allowed for sub-resources.
     // For more details look at the bug 647010.
     bool BlockPrompt();
 
     // Store credentials to the cache when appropriate aFlags are set.
-    nsresult UpdateCache(nsIHttpAuthenticator *aAuth,
-                         const char           *aScheme,
-                         const char           *aHost,
-                         int32_t               aPort,
-                         const char           *aDirectory,
-                         const char           *aRealm,
-                         const char           *aChallenge,
-                         const nsHttpAuthIdentity &aIdent,
-                         const char           *aCreds,
-                         uint32_t              aGenerateFlags,
-                         nsISupports          *aSessionState);
+    MOZ_MUST_USE nsresult UpdateCache(nsIHttpAuthenticator *aAuth,
+                                      const char           *aScheme,
+                                      const char           *aHost,
+                                      int32_t               aPort,
+                                      const char           *aDirectory,
+                                      const char           *aRealm,
+                                      const char           *aChallenge,
+                                      const nsHttpAuthIdentity &aIdent,
+                                      const char           *aCreds,
+                                      uint32_t              aGenerateFlags,
+                                      nsISupports          *aSessionState);
 
 private:
     nsIHttpAuthenticableChannel      *mAuthChannel;  // weak ref
 
     nsCOMPtr<nsIURI>                  mURI;
     nsCOMPtr<nsProxyInfo>             mProxyInfo;
     nsCString                         mHost;
     int32_t                           mPort;
--- a/netwerk/protocol/http/nsHttpChunkedDecoder.h
+++ b/netwerk/protocol/http/nsHttpChunkedDecoder.h
@@ -19,33 +19,33 @@ public:
                            , mChunkRemaining(0)
                            , mReachedEOF(false)
                            , mWaitEOF(false) {}
    ~nsHttpChunkedDecoder() { delete mTrailers; }
 
     bool ReachedEOF() { return mReachedEOF; }
 
     // called by the transaction to handle chunked content.
-    nsresult HandleChunkedContent(char *buf,
-                                  uint32_t count,
-                                  uint32_t *contentRead,
-                                  uint32_t *contentRemaining);
+    MOZ_MUST_USE nsresult HandleChunkedContent(char *buf,
+                                               uint32_t count,
+                                               uint32_t *contentRead,
+                                               uint32_t *contentRemaining);
 
     nsHttpHeaderArray *Trailers() { return mTrailers; }
 
     nsHttpHeaderArray *TakeTrailers() { nsHttpHeaderArray *h = mTrailers;
                                         mTrailers = nullptr;
                                         return h; }
 
     uint32_t GetChunkRemaining() { return mChunkRemaining; }
 
 private:
-    nsresult ParseChunkRemaining(char *buf,
-                                 uint32_t count,
-                                 uint32_t *countRead);
+    MOZ_MUST_USE nsresult ParseChunkRemaining(char *buf,
+                                              uint32_t count,
+                                              uint32_t *countRead);
 
 private:
     nsHttpHeaderArray *mTrailers;
     uint32_t           mChunkRemaining;
     nsCString          mLineBuf; // may hold a partial line
     bool               mReachedEOF;
     bool               mWaitEOF;
 };
--- a/netwerk/protocol/http/nsHttpConnection.h
+++ b/netwerk/protocol/http/nsHttpConnection.h
@@ -61,25 +61,26 @@ public:
 
     nsHttpConnection();
 
     // Initialize the connection:
     //  info        - specifies the connection parameters.
     //  maxHangTime - limits the amount of time this connection can spend on a
     //                single transaction before it should no longer be kept
     //                alive.  a value of 0xffff indicates no limit.
-    nsresult Init(nsHttpConnectionInfo *info, uint16_t maxHangTime,
-                  nsISocketTransport *, nsIAsyncInputStream *,
-                  nsIAsyncOutputStream *, bool connectedTransport,
-                  nsIInterfaceRequestor *, PRIntervalTime);
+    MOZ_MUST_USE nsresult Init(nsHttpConnectionInfo *info, uint16_t maxHangTime,
+                               nsISocketTransport *, nsIAsyncInputStream *,
+                               nsIAsyncOutputStream *, bool connectedTransport,
+                               nsIInterfaceRequestor *, PRIntervalTime);
 
     // Activate causes the given transaction to be processed on this
     // connection.  It fails if there is already an existing transaction unless
     // a multiplexing protocol such as SPDY is being used
-    nsresult Activate(nsAHttpTransaction *, uint32_t caps, int32_t pri);
+    MOZ_MUST_USE nsresult Activate(nsAHttpTransaction *, uint32_t caps,
+                                   int32_t pri);
 
     // Close the underlying socket transport.
     void Close(nsresult reason, bool aIsShutdown = false);
 
     //-------------------------------------------------------------------------
     // XXX document when these are ok to call
 
     bool IsKeepAlive()
@@ -121,38 +122,42 @@ public:
         mForcePlainText = true;
     }
 
     nsISocketTransport   *Transport()      { return mSocketTransport; }
     nsAHttpTransaction   *Transaction()    { return mTransaction; }
     nsHttpConnectionInfo *ConnectionInfo() { return mConnInfo; }
 
     // nsAHttpConnection compatible methods (non-virtual):
-    nsresult OnHeadersAvailable(nsAHttpTransaction *, nsHttpRequestHead *, nsHttpResponseHead *, bool *reset);
-    void     CloseTransaction(nsAHttpTransaction *, nsresult reason, bool aIsShutdown = false);
+    MOZ_MUST_USE nsresult OnHeadersAvailable(nsAHttpTransaction *,
+                                             nsHttpRequestHead *,
+                                             nsHttpResponseHead *, bool *reset);
+    void     CloseTransaction(nsAHttpTransaction *, nsresult reason,
+                              bool aIsShutdown = false);
     void     GetConnectionInfo(nsHttpConnectionInfo **ci) { NS_IF_ADDREF(*ci = mConnInfo); }
-    nsresult TakeTransport(nsISocketTransport **,
-                           nsIAsyncInputStream **,
-                           nsIAsyncOutputStream **);
+    MOZ_MUST_USE nsresult TakeTransport(nsISocketTransport **,
+                                        nsIAsyncInputStream **,
+                                        nsIAsyncOutputStream **);
     void     GetSecurityInfo(nsISupports **);
     bool     IsPersistent() { return IsKeepAlive() && !mDontReuse; }
     bool     IsReused();
     void     SetIsReusedAfter(uint32_t afterMilliseconds);
-    nsresult PushBack(const char *data, uint32_t length);
-    nsresult ResumeSend();
-    nsresult ResumeRecv();
+    MOZ_MUST_USE nsresult PushBack(const char *data, uint32_t length);
+    MOZ_MUST_USE nsresult ResumeSend();
+    MOZ_MUST_USE nsresult ResumeRecv();
     int64_t  MaxBytesRead() {return mMaxBytesRead;}
     uint8_t GetLastHttpResponseVersion() { return mLastHttpResponseVersion; }
 
     friend class HttpConnectionForceIO;
-    nsresult ForceSend();
-    nsresult ForceRecv();
+    MOZ_MUST_USE nsresult ForceSend();
+    MOZ_MUST_USE nsresult ForceRecv();
 
-    static nsresult ReadFromStream(nsIInputStream *, void *, const char *,
-                                   uint32_t, uint32_t, uint32_t *);
+    static MOZ_MUST_USE nsresult ReadFromStream(nsIInputStream *, void *,
+                                                const char *, uint32_t,
+                                                uint32_t, uint32_t *);
 
     // When a persistent connection is in the connection manager idle
     // connection pool, the nsHttpConnection still reads errors and hangups
     // on the socket so that it can be proactively released if the server
     // initiates a termination. Only call on socket thread.
     void BeginIdleMonitoring();
     void EndIdleMonitoring();
 
@@ -186,19 +191,19 @@ public:
     void    PrintDiagnostics(nsCString &log);
 
     void    SetTransactionCaps(uint32_t aCaps) { mTransactionCaps = aCaps; }
 
     // IsExperienced() returns true when the connection has started at least one
     // non null HTTP transaction of any version.
     bool    IsExperienced() { return mExperienced; }
 
-    static nsresult MakeConnectString(nsAHttpTransaction *trans,
-                                      nsHttpRequestHead *request,
-                                      nsACString &result);
+    static MOZ_MUST_USE nsresult MakeConnectString(nsAHttpTransaction *trans,
+                                                   nsHttpRequestHead *request,
+                                                   nsACString &result);
     void    SetupSecondaryTLS();
     void    SetInSpdyTunnel(bool arg);
 
     // Check active connections for traffic (or not). SPDY connections send a
     // ping, ordinary HTTP connections get some time to get traffic to be
     // considered alive.
     void CheckForTraffic(bool check);
 
@@ -215,52 +220,53 @@ private:
     // Value (set in mTCPKeepaliveConfig) indicates which set of prefs to use.
     enum TCPKeepaliveConfig {
       kTCPKeepaliveDisabled = 0,
       kTCPKeepaliveShortLivedConfig,
       kTCPKeepaliveLongLivedConfig
     };
 
     // called to cause the underlying socket to start speaking SSL
-    nsresult InitSSLParams(bool connectingToProxy, bool ProxyStartSSL);
-    nsresult SetupNPNList(nsISSLSocketControl *ssl, uint32_t caps);
+    MOZ_MUST_USE nsresult InitSSLParams(bool connectingToProxy,
+                                        bool ProxyStartSSL);
+    MOZ_MUST_USE nsresult SetupNPNList(nsISSLSocketControl *ssl, uint32_t caps);
 
-    nsresult OnTransactionDone(nsresult reason);
-    nsresult OnSocketWritable();
-    nsresult OnSocketReadable();
+    MOZ_MUST_USE nsresult OnTransactionDone(nsresult reason);
+    MOZ_MUST_USE nsresult OnSocketWritable();
+    MOZ_MUST_USE nsresult OnSocketReadable();
 
-    nsresult SetupProxyConnect();
+    MOZ_MUST_USE nsresult SetupProxyConnect();
 
     PRIntervalTime IdleTime();
     bool     IsAlive();
 
     // Makes certain the SSL handshake is complete and NPN negotiation
     // has had a chance to happen
-    bool     EnsureNPNComplete(nsresult &aOut0RTTWriteHandshakeValue,
-                               uint32_t &aOut0RTTBytesWritten);
+    MOZ_MUST_USE bool EnsureNPNComplete(nsresult &aOut0RTTWriteHandshakeValue,
+                                        uint32_t &aOut0RTTBytesWritten);
     void     SetupSSL();
 
     // Start the Spdy transaction handler when NPN indicates spdy/*
     void     StartSpdy(uint8_t versionLevel);
     // Like the above, but do the bare minimum to do 0RTT data, so we can back
     // it out, if necessary
     void     Start0RTTSpdy(uint8_t versionLevel);
 
     // Helpers for Start*Spdy
     nsresult TryTakeSubTransactions(nsTArray<RefPtr<nsAHttpTransaction> > &list);
     nsresult MoveTransactionsToSpdy(nsresult status, nsTArray<RefPtr<nsAHttpTransaction> > &list);
 
     // Directly Add a transaction to an active connection for SPDY
-    nsresult AddTransaction(nsAHttpTransaction *, int32_t);
+    MOZ_MUST_USE nsresult AddTransaction(nsAHttpTransaction *, int32_t);
 
     // Used to set TCP keepalives for fast detection of dead connections during
     // an initial period, and slower detection for long-lived connections.
-    nsresult StartShortLivedTCPKeepalives();
-    nsresult StartLongLivedTCPKeepalives();
-    nsresult DisableTCPKeepalives();
+    MOZ_MUST_USE nsresult StartShortLivedTCPKeepalives();
+    MOZ_MUST_USE nsresult StartLongLivedTCPKeepalives();
+    MOZ_MUST_USE nsresult DisableTCPKeepalives();
 
 private:
     nsCOMPtr<nsISocketTransport>    mSocketTransport;
     nsCOMPtr<nsIAsyncInputStream>   mSocketIn;
     nsCOMPtr<nsIAsyncOutputStream>  mSocketOut;
 
     nsresult                        mSocketInCondition;
     nsresult                        mSocketOutCondition;
@@ -346,17 +352,17 @@ private:
 
     // Flag to indicate connection is in inital keepalive period (fast detect).
     uint32_t                        mTCPKeepaliveConfig;
     nsCOMPtr<nsITimer>              mTCPKeepaliveTransitionTimer;
 
 private:
     // For ForceSend()
     static void                     ForceSendIO(nsITimer *aTimer, void *aClosure);
-    nsresult                        MaybeForceSendIO();
+    MOZ_MUST_USE nsresult           MaybeForceSendIO();
     bool                            mForceSendPending;
     nsCOMPtr<nsITimer>              mForceSendTimer;
 
     // Helper variable for 0RTT handshake;
     bool                            m0RTTChecked; // Possible 0RTT has been
                                                   // checked.
     bool                            mWaitingFor0RTTResponse; // We have are
                                                              // sending 0RTT
--- a/netwerk/protocol/http/nsHttpConnectionInfo.h
+++ b/netwerk/protocol/http/nsHttpConnectionInfo.h
@@ -77,17 +77,17 @@ public:
     // With overhead rebuilding the hash key. The initial
     // network interface is empty. So you can reduce one call
     // if there's no explicit route after ctor.
     void SetNetworkInterfaceId(const nsACString& aNetworkInterfaceId);
 
     // OK to treat these as an infalible allocation
     nsHttpConnectionInfo* Clone() const;
     void CloneAsDirectRoute(nsHttpConnectionInfo **outParam);
-    nsresult CreateWildCard(nsHttpConnectionInfo **outParam);
+    MOZ_MUST_USE nsresult CreateWildCard(nsHttpConnectionInfo **outParam);
 
     const char *ProxyHost() const { return mProxyInfo ? mProxyInfo->Host().get() : nullptr; }
     int32_t     ProxyPort() const { return mProxyInfo ? mProxyInfo->Port() : -1; }
     const char *ProxyType() const { return mProxyInfo ? mProxyInfo->Type() : nullptr; }
     const char *ProxyUsername() const { return mProxyInfo ? mProxyInfo->Username().get() : nullptr; }
     const char *ProxyPassword() const { return mProxyInfo ? mProxyInfo->Password().get() : nullptr; }
 
     // Compare this connection info to another...
--- a/netwerk/protocol/http/nsHttpConnectionMgr.h
+++ b/netwerk/protocol/http/nsHttpConnectionMgr.h
@@ -52,21 +52,21 @@ public:
     };
 
     //-------------------------------------------------------------------------
     // NOTE: functions below may only be called on the main thread.
     //-------------------------------------------------------------------------
 
     nsHttpConnectionMgr();
 
-    nsresult Init(uint16_t maxConnections,
-                  uint16_t maxPersistentConnectionsPerHost,
-                  uint16_t maxPersistentConnectionsPerProxy,
-                  uint16_t maxRequestDelay);
-    nsresult Shutdown();
+    MOZ_MUST_USE nsresult Init(uint16_t maxConnections,
+                               uint16_t maxPersistentConnectionsPerHost,
+                               uint16_t maxPersistentConnectionsPerProxy,
+                               uint16_t maxRequestDelay);
+    MOZ_MUST_USE nsresult Shutdown();
 
     //-------------------------------------------------------------------------
     // NOTE: functions below may be called on any thread.
     //-------------------------------------------------------------------------
 
     // Schedules next pruning of dead connection to happen after
     // given time.
     void PruneDeadConnectionsAfter(uint32_t time);
@@ -75,80 +75,84 @@ public:
     // there are no more idle connections or active spdy ones
     void ConditionallyStopPruneDeadConnectionsTimer();
 
     // Stops timer used for the read timeout tick if there are no currently
     // active connections.
     void ConditionallyStopTimeoutTick();
 
     // adds a transaction to the list of managed transactions.
-    nsresult AddTransaction(nsHttpTransaction *, int32_t priority);
+    MOZ_MUST_USE nsresult AddTransaction(nsHttpTransaction *, int32_t priority);
 
     // called to reschedule the given transaction.  it must already have been
     // added to the connection manager via AddTransaction.
-    nsresult RescheduleTransaction(nsHttpTransaction *, int32_t priority);
+    MOZ_MUST_USE nsresult RescheduleTransaction(nsHttpTransaction *,
+                                                int32_t priority);
 
     // cancels a transaction w/ the given reason.
-    nsresult CancelTransaction(nsHttpTransaction *, nsresult reason);
-    nsresult CancelTransactions(nsHttpConnectionInfo *, nsresult reason);
+    MOZ_MUST_USE nsresult CancelTransaction(nsHttpTransaction *,
+                                            nsresult reason);
+    MOZ_MUST_USE nsresult CancelTransactions(nsHttpConnectionInfo *,
+                                             nsresult reason);
 
     // called to force the connection manager to prune its list of idle
     // connections.
-    nsresult PruneDeadConnections();
+    MOZ_MUST_USE nsresult PruneDeadConnections();
 
     // called to close active connections with no registered "traffic"
-    nsresult PruneNoTraffic();
+    MOZ_MUST_USE nsresult PruneNoTraffic();
 
     // "VerifyTraffic" means marking connections now, and then check again in
     // N seconds to see if there's been any traffic and if not, kill
     // that connection.
-    nsresult VerifyTraffic();
+    MOZ_MUST_USE nsresult VerifyTraffic();
 
     // Close all idle persistent connections and prevent any active connections
     // from being reused. Optional connection info resets CI specific
     // information such as Happy Eyeballs history.
-    nsresult DoShiftReloadConnectionCleanup(nsHttpConnectionInfo *);
+    MOZ_MUST_USE nsresult DoShiftReloadConnectionCleanup(nsHttpConnectionInfo *);
 
     // called to get a reference to the socket transport service.  the socket
     // transport service is not available when the connection manager is down.
-    nsresult GetSocketThreadTarget(nsIEventTarget **);
+    MOZ_MUST_USE nsresult GetSocketThreadTarget(nsIEventTarget **);
 
     // called to indicate a transaction for the connectionInfo is likely coming
     // soon. The connection manager may use this information to start a TCP
     // and/or SSL level handshake for that resource immediately so that it is
     // ready when the transaction is submitted. No obligation is taken on by the
     // connection manager, nor is the submitter obligated to actually submit a
     // real transaction for this connectionInfo.
-    nsresult SpeculativeConnect(nsHttpConnectionInfo *,
-                                nsIInterfaceRequestor *,
-                                uint32_t caps = 0,
-                                NullHttpTransaction * = nullptr);
+    MOZ_MUST_USE nsresult SpeculativeConnect(nsHttpConnectionInfo *,
+                                             nsIInterfaceRequestor *,
+                                             uint32_t caps = 0,
+                                             NullHttpTransaction * = nullptr);
 
     // called when a connection is done processing a transaction.  if the
     // connection can be reused then it will be added to the idle list, else
     // it will be closed.
-    nsresult ReclaimConnection(nsHttpConnection *conn);
+    MOZ_MUST_USE nsresult ReclaimConnection(nsHttpConnection *conn);
 
     // called by the main thread to execute the taketransport() logic on the
     // socket thread after a 101 response has been received and the socket
     // needs to be transferred to an expectant upgrade listener such as
     // websockets.
-    nsresult CompleteUpgrade(nsAHttpConnection *aConn,
-                             nsIHttpUpgradeListener *aUpgradeListener);
+    MOZ_MUST_USE nsresult
+    CompleteUpgrade(nsAHttpConnection *aConn,
+                    nsIHttpUpgradeListener *aUpgradeListener);
 
     // called to update a parameter after the connection manager has already
     // been initialized.
-    nsresult UpdateParam(nsParamName name, uint16_t value);
+    MOZ_MUST_USE nsresult UpdateParam(nsParamName name, uint16_t value);
 
     // called from main thread to post a new request token bucket
     // to the socket thread
-    nsresult UpdateRequestTokenBucket(EventTokenBucket *aBucket);
+    MOZ_MUST_USE nsresult UpdateRequestTokenBucket(EventTokenBucket *aBucket);
 
     // clears the connection history mCT
-    nsresult ClearConnectionHistory();
+    MOZ_MUST_USE nsresult ClearConnectionHistory();
 
     void ReportFailedToProcess(nsIURI *uri);
 
     // Causes a large amount of connection diagnostic information to be
     // printed to the javascript console
     void PrintDiagnostics();
 
     //-------------------------------------------------------------------------
@@ -158,26 +162,26 @@ public:
     // called to change the connection entry associated with conn from specific into
     // a wildcard (i.e. http2 proxy friendy) mapping
     void MoveToWildCardConnEntry(nsHttpConnectionInfo *specificCI,
                                  nsHttpConnectionInfo *wildcardCI,
                                  nsHttpConnection *conn);
 
     // called to force the transaction queue to be processed once more, giving
     // preference to the specified connection.
-    nsresult ProcessPendingQ(nsHttpConnectionInfo *);
-    bool     ProcessPendingQForEntry(nsHttpConnectionInfo *);
+    MOZ_MUST_USE nsresult ProcessPendingQ(nsHttpConnectionInfo *);
+    MOZ_MUST_USE bool     ProcessPendingQForEntry(nsHttpConnectionInfo *);
 
     // Try and process all pending transactions
-    nsresult ProcessPendingQ();
+    MOZ_MUST_USE nsresult ProcessPendingQ();
 
     // This is used to force an idle connection to be closed and removed from
     // the idle connection list. It is called when the idle connection detects
     // that the network peer has closed the transport.
-    nsresult CloseIdleConnection(nsHttpConnection *);
+    MOZ_MUST_USE nsresult CloseIdleConnection(nsHttpConnection *);
 
     // The connection manager needs to know when a normal HTTP connection has been
     // upgraded to SPDY because the dispatch and idle semantics are a little
     // bit different.
     void ReportSpdyConnection(nsHttpConnection *, bool usingSpdy);
 
     bool GetConnectionData(nsTArray<HttpRetParams> *);
 
@@ -277,22 +281,22 @@ private:
         NS_DECL_NSITRANSPORTEVENTSINK
         NS_DECL_NSIINTERFACEREQUESTOR
         NS_DECL_NSITIMERCALLBACK
 
         nsHalfOpenSocket(nsConnectionEntry *ent,
                          nsAHttpTransaction *trans,
                          uint32_t caps);
 
-        nsresult SetupStreams(nsISocketTransport **,
-                              nsIAsyncInputStream **,
-                              nsIAsyncOutputStream **,
-                              bool isBackup);
-        nsresult SetupPrimaryStreams();
-        nsresult SetupBackupStreams();
+        MOZ_MUST_USE nsresult SetupStreams(nsISocketTransport **,
+                                           nsIAsyncInputStream **,
+                                           nsIAsyncOutputStream **,
+                                           bool isBackup);
+        MOZ_MUST_USE nsresult SetupPrimaryStreams();
+        MOZ_MUST_USE nsresult SetupBackupStreams();
         void     SetupBackupTimer();
         void     CancelBackupTimer();
         void     Abandon();
         double   Duration(TimeStamp epoch);
         nsISocketTransport *SocketTransport() { return mSocketTransport; }
         nsISocketTransport *BackupTransport() { return mBackupTransport; }
 
         nsAHttpTransaction *Transaction() { return mTransaction; }
@@ -365,64 +369,66 @@ private:
     uint16_t mMaxPersistConnsPerProxy;
     uint16_t mMaxRequestDelay; // in seconds
     Atomic<bool, mozilla::Relaxed> mIsShuttingDown;
 
     //-------------------------------------------------------------------------
     // NOTE: these members are only accessed on the socket transport thread
     //-------------------------------------------------------------------------
 
-    bool     ProcessPendingQForEntry(nsConnectionEntry *, bool considerAll);
+    MOZ_MUST_USE bool ProcessPendingQForEntry(nsConnectionEntry *,
+                                              bool considerAll);
     bool     AtActiveConnectionLimit(nsConnectionEntry *, uint32_t caps);
-    nsresult TryDispatchTransaction(nsConnectionEntry *ent,
-                                    bool onlyReusedConnection,
-                                    nsHttpTransaction *trans);
-    nsresult DispatchTransaction(nsConnectionEntry *,
-                                 nsHttpTransaction *,
-                                 nsHttpConnection *);
-    nsresult DispatchAbstractTransaction(nsConnectionEntry *,
-                                         nsAHttpTransaction *,
-                                         uint32_t,
-                                         nsHttpConnection *,
-                                         int32_t);
+    MOZ_MUST_USE nsresult TryDispatchTransaction(nsConnectionEntry *ent,
+                                                 bool onlyReusedConnection,
+                                                 nsHttpTransaction *trans);
+    MOZ_MUST_USE nsresult DispatchTransaction(nsConnectionEntry *,
+                                              nsHttpTransaction *,
+                                              nsHttpConnection *);
+    MOZ_MUST_USE nsresult DispatchAbstractTransaction(nsConnectionEntry *,
+                                                      nsAHttpTransaction *,
+                                                      uint32_t,
+                                                      nsHttpConnection *,
+                                                      int32_t);
     bool     RestrictConnections(nsConnectionEntry *);
-    nsresult ProcessNewTransaction(nsHttpTransaction *);
-    nsresult EnsureSocketThreadTarget();
+    MOZ_MUST_USE nsresult ProcessNewTransaction(nsHttpTransaction *);
+    MOZ_MUST_USE nsresult EnsureSocketThreadTarget();
     void     ClosePersistentConnections(nsConnectionEntry *ent);
     void     ReportProxyTelemetry(nsConnectionEntry *ent);
-    nsresult CreateTransport(nsConnectionEntry *, nsAHttpTransaction *,
-                             uint32_t, bool, bool, bool);
+    MOZ_MUST_USE nsresult CreateTransport(nsConnectionEntry *,
+                                          nsAHttpTransaction *, uint32_t, bool,
+                                          bool, bool);
     void     AddActiveConn(nsHttpConnection *, nsConnectionEntry *);
     void     DecrementActiveConnCount(nsHttpConnection *);
     void     StartedConnect();
     void     RecvdConnect();
 
     nsConnectionEntry *GetOrCreateConnectionEntry(nsHttpConnectionInfo *,
                                                   bool allowWildCard);
 
-    nsresult MakeNewConnection(nsConnectionEntry *ent,
-                               nsHttpTransaction *trans);
+    MOZ_MUST_USE nsresult MakeNewConnection(nsConnectionEntry *ent,
+                                            nsHttpTransaction *trans);
 
     // Manage the preferred spdy connection entry for this address
     nsConnectionEntry *GetSpdyPreferredEnt(nsConnectionEntry *aOriginalEntry);
     nsConnectionEntry *LookupPreferredHash(nsConnectionEntry *ent);
     void               StorePreferredHash(nsConnectionEntry *ent);
     void               RemovePreferredHash(nsConnectionEntry *ent);
     nsHttpConnection  *GetSpdyPreferredConn(nsConnectionEntry *ent);
     nsDataHashtable<nsCStringHashKey, nsConnectionEntry *>   mSpdyPreferredHash;
     nsConnectionEntry *LookupConnectionEntry(nsHttpConnectionInfo *ci,
                                              nsHttpConnection *conn,
                                              nsHttpTransaction *trans);
 
     void               ProcessSpdyPendingQ(nsConnectionEntry *ent);
 
     // used to marshall events to the socket transport thread.
-    nsresult PostEvent(nsConnEventHandler  handler,
-                       int32_t             iparam = 0,
-                       ARefBase            *vparam = nullptr);
+    MOZ_MUST_USE nsresult PostEvent(nsConnEventHandler  handler,
+                                    int32_t             iparam = 0,
+                                    ARefBase            *vparam = nullptr);
 
     // message handlers
     void OnMsgShutdown             (int32_t, ARefBase *);
     void OnMsgShutdownConfirm      (int32_t, ARefBase *);
     void OnMsgNewTransaction       (int32_t, ARefBase *);
     void OnMsgReschedTransaction   (int32_t, ARefBase *);
     void OnMsgCancelTransaction    (int32_t, ARefBase *);
     void OnMsgCancelTransactions   (int32_t, ARefBase *);
--- a/netwerk/protocol/http/nsHttpDigestAuth.h
+++ b/netwerk/protocol/http/nsHttpDigestAuth.h
@@ -36,58 +36,58 @@ class nsHttpDigestAuth final : public ns
     NS_DECL_ISUPPORTS
     NS_DECL_NSIHTTPAUTHENTICATOR
 
     nsHttpDigestAuth();
 
   protected:
     ~nsHttpDigestAuth();
 
-    nsresult ExpandToHex(const char * digest, char * result);
+    MOZ_MUST_USE nsresult ExpandToHex(const char * digest, char * result);
 
-    nsresult CalculateResponse(const char * ha1_digest,
-                               const char * ha2_digest,
-                               const nsAFlatCString & nonce,
-                               uint16_t qop,
-                               const char * nonce_count,
-                               const nsAFlatCString & cnonce,
-                               char * result);
+    MOZ_MUST_USE nsresult CalculateResponse(const char * ha1_digest,
+                                            const char * ha2_digest,
+                                            const nsAFlatCString & nonce,
+                                            uint16_t qop,
+                                            const char * nonce_count,
+                                            const nsAFlatCString & cnonce,
+                                            char * result);
 
-    nsresult CalculateHA1(const nsAFlatCString & username,
-                          const nsAFlatCString & password,
-                          const nsAFlatCString & realm,
-                          uint16_t algorithm,
-                          const nsAFlatCString & nonce,
-                          const nsAFlatCString & cnonce,
-                          char * result);
+    MOZ_MUST_USE nsresult CalculateHA1(const nsAFlatCString & username,
+                                       const nsAFlatCString & password,
+                                       const nsAFlatCString & realm,
+                                       uint16_t algorithm,
+                                       const nsAFlatCString & nonce,
+                                       const nsAFlatCString & cnonce,
+                                       char * result);
 
-    nsresult CalculateHA2(const nsAFlatCString & http_method,
-                          const nsAFlatCString & http_uri_path,
-                          uint16_t qop,
-                          const char * body_digest,
-                          char * result);
+    MOZ_MUST_USE nsresult CalculateHA2(const nsAFlatCString & http_method,
+                                       const nsAFlatCString & http_uri_path,
+                                       uint16_t qop,
+                                       const char * body_digest,
+                                       char * result);
 
-    nsresult ParseChallenge(const char * challenge,
-                            nsACString & realm,
-                            nsACString & domain,
-                            nsACString & nonce,
-                            nsACString & opaque,
-                            bool * stale,
-                            uint16_t * algorithm,
-                            uint16_t * qop);
+    MOZ_MUST_USE nsresult ParseChallenge(const char * challenge,
+                                         nsACString & realm,
+                                         nsACString & domain,
+                                         nsACString & nonce,
+                                         nsACString & opaque,
+                                         bool * stale,
+                                         uint16_t * algorithm,
+                                         uint16_t * qop);
 
     // result is in mHashBuf
-    nsresult MD5Hash(const char *buf, uint32_t len);
+    MOZ_MUST_USE nsresult MD5Hash(const char *buf, uint32_t len);
 
-    nsresult GetMethodAndPath(nsIHttpAuthenticableChannel *,
-                              bool, nsCString &, nsCString &);
+    MOZ_MUST_USE nsresult GetMethodAndPath(nsIHttpAuthenticableChannel *,
+                                           bool, nsCString &, nsCString &);
 
     // append the quoted version of value to aHeaderLine
-    nsresult AppendQuotedString(const nsACString & value,
-                                nsACString & aHeaderLine);
+    MOZ_MUST_USE nsresult AppendQuotedString(const nsACString & value,
+                                             nsACString & aHeaderLine);
 
   protected:
     nsCOMPtr<nsICryptoHash>        mVerifier;
     char                           mHashBuf[DIGEST_LENGTH];
 };
 
 } // namespace net
 } // namespace mozilla
--- a/netwerk/protocol/http/nsHttpHandler.h
+++ b/netwerk/protocol/http/nsHttpHandler.h
@@ -64,20 +64,21 @@ public:
     NS_DECL_NSIPROTOCOLHANDLER
     NS_DECL_NSIPROXIEDPROTOCOLHANDLER
     NS_DECL_NSIHTTPPROTOCOLHANDLER
     NS_DECL_NSIOBSERVER
     NS_DECL_NSISPECULATIVECONNECT
 
     nsHttpHandler();
 
-    nsresult Init();
-    nsresult AddStandardRequestHeaders(nsHttpRequestHead *, bool isSecure);
-    nsresult AddConnectionHeader(nsHttpRequestHead *,
-                                 uint32_t capabilities);
+    MOZ_MUST_USE nsresult Init();
+    MOZ_MUST_USE nsresult AddStandardRequestHeaders(nsHttpRequestHead *,
+                                                    bool isSecure);
+    MOZ_MUST_USE nsresult AddConnectionHeader(nsHttpRequestHead *,
+                                              uint32_t capabilities);
     bool     IsAcceptableEncoding(const char *encoding, bool isSecure);
 
     const nsAFlatCString &UserAgent();
 
     nsHttpVersion  HttpVersion()             { return mHttpVersion; }
     nsHttpVersion  ProxyHttpVersion()        { return mProxyHttpVersion; }
     uint8_t        ReferrerLevel()           { return mReferrerLevel; }
     bool           SpoofReferrerSource()     { return mSpoofReferrerSource; }
@@ -184,60 +185,63 @@ public:
     //
     // - the handler keeps a count of active connections to enforce the
     //   steady-state max-connections pref.
     //
 
     // Called to kick-off a new transaction, by default the transaction
     // will be put on the pending transaction queue if it cannot be
     // initiated at this time.  Callable from any thread.
-    nsresult InitiateTransaction(nsHttpTransaction *trans, int32_t priority)
+    MOZ_MUST_USE nsresult InitiateTransaction(nsHttpTransaction *trans,
+                                              int32_t priority)
     {
         return mConnMgr->AddTransaction(trans, priority);
     }
 
     // Called to change the priority of an existing transaction that has
     // already been initiated.
-    nsresult RescheduleTransaction(nsHttpTransaction *trans, int32_t priority)
+    MOZ_MUST_USE nsresult RescheduleTransaction(nsHttpTransaction *trans,
+                                                int32_t priority)
     {
         return mConnMgr->RescheduleTransaction(trans, priority);
     }
 
     // Called to cancel a transaction, which may or may not be assigned to
     // a connection.  Callable from any thread.
-    nsresult CancelTransaction(nsHttpTransaction *trans, nsresult reason)
+    MOZ_MUST_USE nsresult CancelTransaction(nsHttpTransaction *trans,
+                                            nsresult reason)
     {
         return mConnMgr->CancelTransaction(trans, reason);
     }
 
     // Called when a connection is done processing a transaction.  Callable
     // from any thread.
-    nsresult ReclaimConnection(nsHttpConnection *conn)
+    MOZ_MUST_USE nsresult ReclaimConnection(nsHttpConnection *conn)
     {
         return mConnMgr->ReclaimConnection(conn);
     }
 
-    nsresult ProcessPendingQ(nsHttpConnectionInfo *cinfo)
+    MOZ_MUST_USE nsresult ProcessPendingQ(nsHttpConnectionInfo *cinfo)
     {
         return mConnMgr->ProcessPendingQ(cinfo);
     }
 
-    nsresult ProcessPendingQ()
+    MOZ_MUST_USE nsresult ProcessPendingQ()
     {
         return mConnMgr->ProcessPendingQ();
     }
 
-    nsresult GetSocketThreadTarget(nsIEventTarget **target)
+    MOZ_MUST_USE nsresult GetSocketThreadTarget(nsIEventTarget **target)
     {
         return mConnMgr->GetSocketThreadTarget(target);
     }
 
-    nsresult SpeculativeConnect(nsHttpConnectionInfo *ci,
-                                nsIInterfaceRequestor *callbacks,
-                                uint32_t caps = 0)
+    MOZ_MUST_USE nsresult SpeculativeConnect(nsHttpConnectionInfo *ci,
+                                             nsIInterfaceRequestor *callbacks,
+                                             uint32_t caps = 0)
     {
         TickleWifi(callbacks);
         return mConnMgr->SpeculativeConnect(ci, callbacks, caps);
     }
 
     // Alternate Services Maps are main thread only
     void UpdateAltServiceMapping(AltSvcMapping *map,
                                  nsProxyInfo *proxyInfo,
@@ -256,18 +260,18 @@ public:
     {
         return mConnMgr->GetAltServiceMapping(scheme, host, port, pb, originAttributes);
     }
 
     //
     // The HTTP handler caches pointers to specific XPCOM services, and
     // provides the following helper routines for accessing those services:
     //
-    nsresult GetStreamConverterService(nsIStreamConverterService **);
-    nsresult GetIOService(nsIIOService** service);
+    MOZ_MUST_USE nsresult GetStreamConverterService(nsIStreamConverterService **);
+    MOZ_MUST_USE nsresult GetIOService(nsIIOService** service);
     nsICookieService * GetCookieService(); // not addrefed
     nsISiteSecurityService * GetSSService();
     nsIThrottlingService * GetThrottlingService();
 
     // callable from socket thread only
     uint32_t Get32BitsOfPseudoRandom();
 
     // Called by the channel synchronously during asyncOpen
@@ -297,30 +301,32 @@ public:
     // Called by the channel once headers have been merged with cached headers
     void OnExamineMergedResponse(nsIHttpChannel *chan)
     {
         NotifyObservers(chan, NS_HTTP_ON_EXAMINE_MERGED_RESPONSE_TOPIC);
     }
 
     // Called by channels before a redirect happens. This notifies both the
     // channel's and the global redirect observers.
-    nsresult AsyncOnChannelRedirect(nsIChannel* oldChan, nsIChannel* newChan,
-                               uint32_t flags);
+    MOZ_MUST_USE nsresult AsyncOnChannelRedirect(nsIChannel* oldChan,
+                                                 nsIChannel* newChan,
+                                                 uint32_t flags);
 
     // Called by the channel when the response is read from the cache without
     // communicating with the server.
     void OnExamineCachedResponse(nsIHttpChannel *chan)
     {
         NotifyObservers(chan, NS_HTTP_ON_EXAMINE_CACHED_RESPONSE_TOPIC);
     }
 
     // Generates the host:port string for use in the Host: header as well as the
     // CONNECT line for proxies. This handles IPv6 literals correctly.
-    static nsresult GenerateHostPort(const nsCString& host, int32_t port,
-                                     nsACString& hostLine);
+    static MOZ_MUST_USE nsresult GenerateHostPort(const nsCString& host,
+                                                  int32_t port,
+                                                  nsACString& hostLine);
 
 
     SpdyInformation *SpdyInfo() { return &mSpdyInfo; }
     bool IsH2MandatorySuiteEnabled() { return mH2MandatorySuiteEnabled; }
 
     // Returns true if content-signature test pref is set such that they are
     // NOT enforced on remote newtabs.
     bool NewTabContentSignaturesDisabled()
@@ -364,21 +370,21 @@ private:
 
     //
     // Useragent/prefs helper methods
     //
     void     BuildUserAgent();
     void     InitUserAgentComponents();
     void     PrefsChanged(nsIPrefBranch *prefs, const char *pref);
 
-    nsresult SetAccept(const char *);
-    nsresult SetAcceptLanguages(const char *);
-    nsresult SetAcceptEncodings(const char *, bool mIsSecure);
+    MOZ_MUST_USE nsresult SetAccept(const char *);
+    MOZ_MUST_USE nsresult SetAcceptLanguages(const char *);
+    MOZ_MUST_USE nsresult SetAcceptEncodings(const char *, bool mIsSecure);
 
-    nsresult InitConnectionMgr();
+    MOZ_MUST_USE nsresult InitConnectionMgr();
 
     void     NotifyObservers(nsIHttpChannel *chan, const char *event);
 
 private:
 
     // cached services
     nsMainThreadPtrHandle<nsIIOService>              mIOService;
     nsMainThreadPtrHandle<nsIStreamConverterService> mStreamConvSvc;
@@ -572,18 +578,18 @@ private:
 private:
     // For Rate Pacing Certain Network Events. Only assign this pointer on
     // socket thread.
     void MakeNewRequestTokenBucket();
     RefPtr<EventTokenBucket> mRequestTokenBucket;
 
 public:
     // Socket thread only
-    nsresult SubmitPacedRequest(ATokenBucketEvent *event,
-                                nsICancelable **cancel)
+    MOZ_MUST_USE nsresult SubmitPacedRequest(ATokenBucketEvent *event,
+                                             nsICancelable **cancel)
     {
         MOZ_ASSERT(PR_GetCurrentThread() == gSocketThread);
         if (!mRequestTokenBucket) {
             return NS_ERROR_NOT_AVAILABLE;
         }
         return mRequestTokenBucket->SubmitEvent(event, cancel);
     }
 
@@ -603,26 +609,27 @@ public:
         }
     }
 
 private:
     RefPtr<Tickler> mWifiTickler;
     void TickleWifi(nsIInterfaceRequestor *cb);
 
 private:
-    nsresult SpeculativeConnectInternal(nsIURI *aURI,
-                                        nsIPrincipal *aPrincipal,
-                                        nsIInterfaceRequestor *aCallbacks,
-                                        bool anonymous);
+    MOZ_MUST_USE nsresult
+    SpeculativeConnectInternal(nsIURI *aURI,
+                               nsIPrincipal *aPrincipal,
+                               nsIInterfaceRequestor *aCallbacks,
+                               bool anonymous);
 
     // UUID generator for channelIds
     nsCOMPtr<nsIUUIDGenerator> mUUIDGen;
 
 public:
-    nsresult NewChannelId(nsID *channelId);
+    MOZ_MUST_USE nsresult NewChannelId(nsID *channelId);
 };
 
 extern nsHttpHandler *gHttpHandler;
 
 //-----------------------------------------------------------------------------
 // nsHttpsHandler - thin wrapper to distinguish the HTTP handler from the
 //                  HTTPS handler (even though they share the same impl).
 //-----------------------------------------------------------------------------
@@ -639,15 +646,15 @@ public:
     NS_DECL_THREADSAFE_ISUPPORTS
     NS_DECL_NSIPROTOCOLHANDLER
     NS_FORWARD_NSIPROXIEDPROTOCOLHANDLER (gHttpHandler->)
     NS_FORWARD_NSIHTTPPROTOCOLHANDLER    (gHttpHandler->)
     NS_FORWARD_NSISPECULATIVECONNECT     (gHttpHandler->)
 
     nsHttpsHandler() { }
 
-    nsresult Init();
+    MOZ_MUST_USE nsresult Init();
 };
 
 } // namespace net
 } // namespace mozilla
 
 #endif // nsHttpHandler_h__
--- a/netwerk/protocol/http/nsHttpHeaderArray.h
+++ b/netwerk/protocol/http/nsHttpHeaderArray.h
@@ -44,34 +44,37 @@ public:
         eVarietyRequestDefault,
         // Used only for response header.
         eVarietyResponseNetOriginalAndResponse,
         eVarietyResponseNetOriginal,
         eVarietyResponse
     };
 
     // Used by internal setters: to set header from network use SetHeaderFromNet
-    nsresult SetHeader(nsHttpAtom header, const nsACString &value,
-                       bool merge, HeaderVariety variety);
+    MOZ_MUST_USE nsresult SetHeader(nsHttpAtom header, const nsACString &value,
+                                    bool merge, HeaderVariety variety);
 
     // Used by internal setters to set an empty header
-    nsresult SetEmptyHeader(nsHttpAtom header, HeaderVariety variety);
+    MOZ_MUST_USE nsresult SetEmptyHeader(nsHttpAtom header,
+                                         HeaderVariety variety);
 
     // Merges supported headers. For other duplicate values, determines if error
     // needs to be thrown or 1st value kept.
     // For the response header we keep the original headers as well.
-    nsresult SetHeaderFromNet(nsHttpAtom header, const nsACString &value,
-                              bool response);
+    MOZ_MUST_USE nsresult SetHeaderFromNet(nsHttpAtom header,
+                                           const nsACString &value,
+                                           bool response);
 
-    nsresult SetResponseHeaderFromCache(nsHttpAtom header, const nsACString &value,
-                                        HeaderVariety variety);
+    MOZ_MUST_USE nsresult SetResponseHeaderFromCache(nsHttpAtom header,
+                                                     const nsACString &value,
+                                                     HeaderVariety variety);
 
-    nsresult GetHeader(nsHttpAtom header, nsACString &value) const;
-    nsresult GetOriginalHeader(nsHttpAtom aHeader,
-                               nsIHttpHeaderVisitor *aVisitor);
+    MOZ_MUST_USE nsresult GetHeader(nsHttpAtom header, nsACString &value) const;
+    MOZ_MUST_USE nsresult GetOriginalHeader(nsHttpAtom aHeader,
+                                            nsIHttpHeaderVisitor *aVisitor);
     void     ClearHeader(nsHttpAtom h);
 
     // Find the location of the given header value, or null if none exists.
     const char *FindHeaderValue(nsHttpAtom header, const char *value) const
     {
         return nsHttp::FindToken(PeekHeader(header), value,
                                  HTTP_HEADER_VALUE_SEPS);
     }
@@ -87,23 +90,24 @@ public:
     enum VisitorFilter
     {
         eFilterAll,
         eFilterSkipDefault,
         eFilterResponse,
         eFilterResponseOriginal
     };
 
-    nsresult VisitHeaders(nsIHttpHeaderVisitor *visitor, VisitorFilter filter = eFilterAll);
+    MOZ_MUST_USE nsresult VisitHeaders(nsIHttpHeaderVisitor *visitor,
+                                       VisitorFilter filter = eFilterAll);
 
     // parse a header line, return the header atom and a pointer to the
     // header value (the substring of the header line -- do not free).
-    static nsresult ParseHeaderLine(const nsACString& line,
-                                    nsHttpAtom *header=nullptr,
-                                    nsACString* value=nullptr);
+    static MOZ_MUST_USE nsresult ParseHeaderLine(const nsACString& line,
+                                                 nsHttpAtom *header=nullptr,
+                                                 nsACString* value=nullptr);
 
     void Flatten(nsACString &, bool pruneProxyHeaders, bool pruneTransients);
     void FlattenOriginalHeader(nsACString &);
 
     uint32_t Count() const { return mHeaders.Length(); }
 
     const char *PeekHeaderAt(uint32_t i, nsHttpAtom &header) const;
 
@@ -133,20 +137,22 @@ public:
         return mHeaders == aOther.mHeaders;
     }
 
 private:
     // LookupEntry function will never return eVarietyResponseNetOriginal.
     // It will ignore original headers from the network.
     int32_t LookupEntry(nsHttpAtom header, const nsEntry **) const;
     int32_t LookupEntry(nsHttpAtom header, nsEntry **);
-    nsresult MergeHeader(nsHttpAtom header, nsEntry *entry,
-                         const nsACString &value, HeaderVariety variety);
-    nsresult SetHeader_internal(nsHttpAtom header, const nsACString &value,
-                                HeaderVariety variety);
+    MOZ_MUST_USE nsresult MergeHeader(nsHttpAtom header, nsEntry *entry,
+                                      const nsACString &value,
+                                      HeaderVariety variety);
+    MOZ_MUST_USE nsresult SetHeader_internal(nsHttpAtom header,
+                                             const nsACString &value,
+                                             HeaderVariety variety);
 
     // Header cannot be merged: only one value possible
     bool    IsSingletonHeader(nsHttpAtom header);
     // For some headers we want to track empty values to prevent them being
     // combined with non-empty ones as a CRLF attack vector
     bool    TrackEmptyHeader(nsHttpAtom header);
 
     // Subset of singleton headers: should never see multiple, different
@@ -222,17 +228,17 @@ nsHttpHeaderArray::IsSingletonHeader(nsH
 inline bool
 nsHttpHeaderArray::TrackEmptyHeader(nsHttpAtom header)
 {
     return header == nsHttp::Content_Length ||
            header == nsHttp::Location ||
            header == nsHttp::Access_Control_Allow_Origin;
 }
 
-inline nsresult
+inline MOZ_MUST_USE nsresult
 nsHttpHeaderArray::MergeHeader(nsHttpAtom header,
                                nsEntry *entry,
                                const nsACString &value,
                                nsHttpHeaderArray::HeaderVariety variety)
 {
     if (value.IsEmpty())
         return NS_OK;   // merge of empty header = no-op
 
--- a/netwerk/protocol/http/nsHttpRequestHead.h
+++ b/netwerk/protocol/http/nsHttpRequestHead.h
@@ -38,47 +38,50 @@ public:
     void SetMethod(const nsACString &method);
     void SetVersion(nsHttpVersion version);
     void SetRequestURI(const nsCSubstring &s);
     void SetPath(const nsCSubstring &s);
     uint32_t HeaderCount();
 
     // Using this function it is possible to itereate through all headers
     // automatically under one lock.
-    nsresult VisitHeaders(nsIHttpHeaderVisitor *visitor,
-                          nsHttpHeaderArray::VisitorFilter filter =
-                              nsHttpHeaderArray::eFilterAll);
+    MOZ_MUST_USE nsresult
+    VisitHeaders(nsIHttpHeaderVisitor *visitor,
+                 nsHttpHeaderArray::VisitorFilter filter =
+                     nsHttpHeaderArray::eFilterAll);
     void Method(nsACString &aMethod);
     nsHttpVersion Version();
     void RequestURI(nsACString &RequestURI);
     void Path(nsACString &aPath);
     void SetHTTPS(bool val);
     bool IsHTTPS();
 
     void SetOrigin(const nsACString &scheme, const nsACString &host,
                    int32_t port);
     void Origin(nsACString &aOrigin);
 
-    nsresult SetHeader(nsHttpAtom h, const nsACString &v, bool m=false);
-    nsresult SetHeader(nsHttpAtom h, const nsACString &v, bool m,
-                       nsHttpHeaderArray::HeaderVariety variety);
-    nsresult SetEmptyHeader(nsHttpAtom h);
-    nsresult GetHeader(nsHttpAtom h, nsACString &v);
+    MOZ_MUST_USE nsresult SetHeader(nsHttpAtom h, const nsACString &v,
+                                    bool m=false);
+    MOZ_MUST_USE nsresult SetHeader(nsHttpAtom h, const nsACString &v, bool m,
+                                    nsHttpHeaderArray::HeaderVariety variety);
+    MOZ_MUST_USE nsresult SetEmptyHeader(nsHttpAtom h);
+    MOZ_MUST_USE nsresult GetHeader(nsHttpAtom h, nsACString &v);
 
-    nsresult ClearHeader(nsHttpAtom h);
+    MOZ_MUST_USE nsresult ClearHeader(nsHttpAtom h);
     void ClearHeaders();
 
     bool HasHeaderValue(nsHttpAtom h, const char *v);
     // This function returns true if header is set even if it is an empty
     // header.
     bool HasHeader(nsHttpAtom h);
     void Flatten(nsACString &, bool pruneProxyHeaders = false);
 
     // Don't allow duplicate values
-    nsresult SetHeaderOnce(nsHttpAtom h, const char *v, bool merge = false);
+    MOZ_MUST_USE nsresult SetHeaderOnce(nsHttpAtom h, const char *v,
+                                        bool merge = false);
 
     bool IsSafeMethod();
 
     enum ParsedMethodType
     {
         kMethod_Custom,
         kMethod_Get,
         kMethod_Post,
--- a/netwerk/protocol/http/nsHttpResponseHead.h
+++ b/netwerk/protocol/http/nsHttpResponseHead.h
@@ -60,18 +60,19 @@ public:
     bool Immutable();
     /**
      * Full length of the entity. For byte-range requests, this may be larger
      * than ContentLength(), which will only represent the requested part of the
      * entity.
      */
     int64_t TotalEntitySize();
 
-    nsresult SetHeader(nsHttpAtom h, const nsACString &v, bool m=false);
-    nsresult GetHeader(nsHttpAtom h, nsACString &v);
+    MOZ_MUST_USE nsresult SetHeader(nsHttpAtom h, const nsACString &v,
+                                    bool m=false);
+    MOZ_MUST_USE nsresult GetHeader(nsHttpAtom h, nsACString &v);
     void ClearHeader(nsHttpAtom h);
     void ClearHeaders();
     bool HasHeaderValue(nsHttpAtom h, const char *v);
     bool HasHeader(nsHttpAtom h);
 
     void SetContentType(const nsACString &s);
     void SetContentCharset(const nsACString &s);
     void SetContentLength(int64_t);
@@ -85,87 +86,89 @@ public:
 
     // The next 2 functions parse flattened response head and original net headers.
     // They are used when we are reading an entry from the cache.
     //
     // To keep proper order of the original headers we MUST call
     // ParseCachedOriginalHeaders FIRST and then ParseCachedHead.
     //
     // block must be null terminated.
-    nsresult ParseCachedHead(const char *block);
-    nsresult ParseCachedOriginalHeaders(char *block);
+    MOZ_MUST_USE nsresult ParseCachedHead(const char *block);
+    MOZ_MUST_USE nsresult ParseCachedOriginalHeaders(char *block);
 
     // parse the status line.
     void ParseStatusLine(const nsACString &line);
 
     // parse a header line.
-    nsresult ParseHeaderLine(const nsACString &line);
+    MOZ_MUST_USE nsresult ParseHeaderLine(const nsACString &line);
 
     // cache validation support methods
-    nsresult ComputeFreshnessLifetime(uint32_t *);
-    nsresult ComputeCurrentAge(uint32_t now, uint32_t requestTime,
-                               uint32_t *result);
+    MOZ_MUST_USE nsresult ComputeFreshnessLifetime(uint32_t *);
+    MOZ_MUST_USE nsresult ComputeCurrentAge(uint32_t now, uint32_t requestTime,
+                                            uint32_t *result);
     bool MustValidate();
     bool MustValidateIfExpired();
 
     // returns true if the server appears to support byte range requests.
     bool IsResumable();
 
     // returns true if the Expires header has a value in the past relative to the
     // value of the Date header.
     bool ExpiresInPast();
 
     // update headers...
-    nsresult UpdateHeaders(nsHttpResponseHead *headers);
+    MOZ_MUST_USE nsresult UpdateHeaders(nsHttpResponseHead *headers);
 
     // reset the response head to it's initial state
     void Reset();
 
-    nsresult GetAgeValue(uint32_t *result);
-    nsresult GetMaxAgeValue(uint32_t *result);
-    nsresult GetDateValue(uint32_t *result);
-    nsresult GetExpiresValue(uint32_t *result);
-    nsresult GetLastModifiedValue(uint32_t *result);
+    MOZ_MUST_USE nsresult GetAgeValue(uint32_t *result);
+    MOZ_MUST_USE nsresult GetMaxAgeValue(uint32_t *result);
+    MOZ_MUST_USE nsresult GetDateValue(uint32_t *result);
+    MOZ_MUST_USE nsresult GetExpiresValue(uint32_t *result);
+    MOZ_MUST_USE nsresult GetLastModifiedValue(uint32_t *result);
 
     bool operator==(const nsHttpResponseHead& aOther) const;
 
     // Using this function it is possible to itereate through all headers
     // automatically under one lock.
-    nsresult VisitHeaders(nsIHttpHeaderVisitor *visitor,
-                          nsHttpHeaderArray::VisitorFilter filter);
-    nsresult GetOriginalHeader(nsHttpAtom aHeader,
-                               nsIHttpHeaderVisitor *aVisitor);
+    MOZ_MUST_USE nsresult VisitHeaders(nsIHttpHeaderVisitor *visitor,
+                                       nsHttpHeaderArray::VisitorFilter filter);
+    MOZ_MUST_USE nsresult GetOriginalHeader(nsHttpAtom aHeader,
+                                            nsIHttpHeaderVisitor *aVisitor);
 
     bool HasContentType();
     bool HasContentCharset();
 private:
-    nsresult SetHeader_locked(nsHttpAtom h, const nsACString &v,
+    MOZ_MUST_USE nsresult SetHeader_locked(nsHttpAtom h, const nsACString &v,
                               bool m=false);
     void AssignDefaultStatusText();
     void ParseVersion(const char *);
     void ParseCacheControl(const char *);
     void ParsePragma(const char *);
 
     void ParseStatusLine_locked(const nsACString &line);
-    nsresult ParseHeaderLine_locked(const nsACString &line, bool originalFromNetHeaders);
+    MOZ_MUST_USE nsresult ParseHeaderLine_locked(const nsACString &line,
+                                                 bool originalFromNetHeaders);
 
     // these return failure if the header does not exist.
-    nsresult ParseDateHeader(nsHttpAtom header, uint32_t *result) const;
+    MOZ_MUST_USE nsresult ParseDateHeader(nsHttpAtom header,
+                                          uint32_t *result) const;
 
     bool ExpiresInPast_locked() const;
-    nsresult GetAgeValue_locked(uint32_t *result) const;
-    nsresult GetExpiresValue_locked(uint32_t *result) const;
-    nsresult GetMaxAgeValue_locked(uint32_t *result) const;
+    MOZ_MUST_USE nsresult GetAgeValue_locked(uint32_t *result) const;
+    MOZ_MUST_USE nsresult GetExpiresValue_locked(uint32_t *result) const;
+    MOZ_MUST_USE nsresult GetMaxAgeValue_locked(uint32_t *result) const;
 
-    nsresult GetDateValue_locked(uint32_t *result) const
+    MOZ_MUST_USE nsresult GetDateValue_locked(uint32_t *result) const
     {
         return ParseDateHeader(nsHttp::Date, result);
     }
 
-    nsresult GetLastModifiedValue_locked(uint32_t *result) const
+    MOZ_MUST_USE nsresult GetLastModifiedValue_locked(uint32_t *result) const
     {
         return ParseDateHeader(nsHttp::Last_Modified, result);
     }
 
 private:
     // All members must be copy-constructable and assignable
     nsHttpHeaderArray mHeaders;
     nsHttpVersion     mVersion;
--- a/netwerk/protocol/http/nsHttpTransaction.h
+++ b/netwerk/protocol/http/nsHttpTransaction.h
@@ -74,25 +74,25 @@ public:
     //        the dispatch target were notifications should be sent.
     // @param callbacks
     //        the notification callbacks to be given to PSM.
     // @param responseBody
     //        the input stream that will contain the response data.  async
     //        wait on this input stream for data.  on first notification,
     //        headers should be available (check transaction status).
     //
-    nsresult Init(uint32_t               caps,
-                  nsHttpConnectionInfo  *connInfo,
-                  nsHttpRequestHead     *reqHeaders,
-                  nsIInputStream        *reqBody,
-                  bool                   reqBodyIncludesHeaders,
-                  nsIEventTarget        *consumerTarget,
-                  nsIInterfaceRequestor *callbacks,
-                  nsITransportEventSink *eventsink,
-                  nsIAsyncInputStream  **responseBody);
+    MOZ_MUST_USE nsresult Init(uint32_t               caps,
+                               nsHttpConnectionInfo  *connInfo,
+                               nsHttpRequestHead     *reqHeaders,
+                               nsIInputStream        *reqBody,
+                               bool                   reqBodyIncludesHeaders,
+                               nsIEventTarget        *consumerTarget,
+                               nsIInterfaceRequestor *callbacks,
+                               nsITransportEventSink *eventsink,
+                               nsIAsyncInputStream  **responseBody);
 
     // attributes
     nsHttpResponseHead    *ResponseHead()   { return mHaveAllHeaders ? mResponseHead : nullptr; }
     nsISupports           *SecurityInfo()   { return mSecurityInfo; }
 
     nsIEventTarget        *ConsumerTarget() { return mConsumerTarget; }
     nsISupports           *HttpChannel()    { return mChannel; }
 
@@ -159,38 +159,43 @@ public:
     mozilla::TimeStamp GetConnectStart();
     mozilla::TimeStamp GetConnectEnd();
     mozilla::TimeStamp GetRequestStart();
     mozilla::TimeStamp GetResponseStart();
     mozilla::TimeStamp GetResponseEnd();
 
     int64_t GetTransferSize() { return mTransferSize; }
 
-    bool Do0RTT() override;
-    nsresult Finish0RTT(bool aRestart, bool aAlpnChanged /* ignored */) override;
+    MOZ_MUST_USE bool Do0RTT() override;
+    MOZ_MUST_USE nsresult Finish0RTT(bool aRestart, bool aAlpnChanged /* ignored */) override;
 private:
     friend class DeleteHttpTransaction;
     virtual ~nsHttpTransaction();
 
-    nsresult Restart();
+    MOZ_MUST_USE nsresult Restart();
     char    *LocateHttpStart(char *buf, uint32_t len,
                              bool aAllowPartialMatch);
-    nsresult ParseLine(nsACString &line);
-    nsresult ParseLineSegment(char *seg, uint32_t len);
-    nsresult ParseHead(char *, uint32_t count, uint32_t *countRead);
-    nsresult HandleContentStart();
-    nsresult HandleContent(char *, uint32_t count, uint32_t *contentRead, uint32_t *contentRemaining);
-    nsresult ProcessData(char *, uint32_t, uint32_t *);
+    MOZ_MUST_USE nsresult ParseLine(nsACString &line);
+    MOZ_MUST_USE nsresult ParseLineSegment(char *seg, uint32_t len);
+    MOZ_MUST_USE nsresult ParseHead(char *, uint32_t count,
+                                    uint32_t *countRead);
+    MOZ_MUST_USE nsresult HandleContentStart();
+    MOZ_MUST_USE nsresult HandleContent(char *, uint32_t count,
+                                        uint32_t *contentRead,
+                                        uint32_t *contentRemaining);
+    MOZ_MUST_USE nsresult ProcessData(char *, uint32_t, uint32_t *);
     void     DeleteSelfOnConsumerThread();
     void     ReleaseBlockingTransaction();
 
-    static nsresult ReadRequestSegment(nsIInputStream *, void *, const char *,
-                                       uint32_t, uint32_t, uint32_t *);
-    static nsresult WritePipeSegment(nsIOutputStream *, void *, char *,
-                                     uint32_t, uint32_t, uint32_t *);
+    static MOZ_MUST_USE nsresult ReadRequestSegment(nsIInputStream *, void *,
+                                                    const char *, uint32_t,
+                                                    uint32_t, uint32_t *);
+    static MOZ_MUST_USE nsresult WritePipeSegment(nsIOutputStream *, void *,
+                                                  char *, uint32_t, uint32_t,
+                                                  uint32_t *);
 
     bool TimingEnabled() const { return mCaps & NS_HTTP_TIMING_ENABLED; }
 
     bool ResponseTimeoutEnabled() const final;
 
     void DisableSpdy() override;
     void ReuseConnectionOnRestartOK(bool reuseOk) override { mReuseOnRestart = reuseOk; }
 
--- a/netwerk/protocol/http/nsIHstsPrimingCallback.idl
+++ b/netwerk/protocol/http/nsIHstsPrimingCallback.idl
@@ -26,26 +26,26 @@ interface nsIHstsPrimingCallback : nsISu
    * safe to upgrade the request from HTTP to HTTPS. The request may still be
    * blocked based on the user's preferences.
    *
    * May be invoked synchronously if HSTS priming has already been performed
    * for the host.
    *
    * @param aCached whether the result was already in the HSTS cache
    */
-  [noscript, nostdcall]
+  [noscript, nostdcall, must_use]
   void onHSTSPrimingSucceeded(in bool aCached);
 
   /**
    * HSTS priming has seen no STS header, the request itself has failed,
    * or some other failure which does not constitute a positive signal that the
    * site can be upgraded safely to HTTPS. The request may still be allowed
    * based on the user's preferences.
    *
    * May be invoked synchronously if HSTS priming has already been performed
    * for the host.
    *
    * @param aError The error which caused this failure, or NS_ERROR_CONTENT_BLOCKED
    * @param aCached whether the result was already in the HSTS cache
    */
-  [noscript, nostdcall]
+  [noscript, nostdcall, must_use]
   void onHSTSPrimingFailed(in nsresult aError, in bool aCached);
 };
--- a/netwerk/protocol/http/nsIHttpActivityObserver.idl
+++ b/netwerk/protocol/http/nsIHttpActivityObserver.idl
@@ -39,30 +39,31 @@ interface nsIHttpActivityObserver : nsIS
      *        microseconds past the epoch of Jan 1, 1970
      * @param aExtraSizeData
      *        Any extra size data optionally available with
      *        this activity
      * @param aExtraStringData
      *        Any extra string data optionally available with
      *        this activity
      */
+    [must_use]
     void observeActivity(in nsISupports  aHttpChannel,
                          in uint32_t     aActivityType,
                          in uint32_t     aActivitySubtype,
                          in PRTime       aTimestamp,
                          in uint64_t     aExtraSizeData,
                          in ACString     aExtraStringData);
 
     /**
      * This attribute is true when this interface is active and should
      * observe http activities. When false, observeActivity() should not
      * be called. It is present for compatibility reasons and should be
      * implemented only by nsHttpActivityDistributor.
      */
-    readonly attribute boolean isActive;
+    [must_use] readonly attribute boolean isActive;
 
     const unsigned long ACTIVITY_TYPE_SOCKET_TRANSPORT     = 0x0001;
     const unsigned long ACTIVITY_TYPE_HTTP_TRANSACTION     = 0x0002;
 
     const unsigned long ACTIVITY_SUBTYPE_REQUEST_HEADER    = 0x5001;
     const unsigned long ACTIVITY_SUBTYPE_REQUEST_BODY_SENT = 0x5002;
     const unsigned long ACTIVITY_SUBTYPE_RESPONSE_START    = 0x5003;
     const unsigned long ACTIVITY_SUBTYPE_RESPONSE_HEADER   = 0x5004;
--- a/netwerk/protocol/http/nsIHttpAuthManager.idl
+++ b/netwerk/protocol/http/nsIHttpAuthManager.idl
@@ -49,27 +49,27 @@ interface nsIHttpAuthManager : nsISuppor
      *        return value containing user password.
      * @param aIsPrivate
      *        whether to look up a private or public identity (they are
      *        stored separately, for use by private browsing)
      * @param aPrincipal
      *        the principal from which to derive information about which
      *        app/mozbrowser is in use for this request
      */
-    void getAuthIdentity(in ACString aScheme,
-                         in ACString aHost,
-                         in int32_t  aPort,
-                         in ACString aAuthType,
-                         in ACString aRealm,
-                         in ACString aPath,
-                         out AString aUserDomain,
-                         out AString aUserName,
-                         out AString aUserPassword,
-                         [optional] in bool aIsPrivate,
-                         [optional] in nsIPrincipal aPrincipal);
+    [must_use] void getAuthIdentity(in ACString aScheme,
+                                    in ACString aHost,
+                                    in int32_t  aPort,
+                                    in ACString aAuthType,
+                                    in ACString aRealm,
+                                    in ACString aPath,
+                                    out AString aUserDomain,
+                                    out AString aUserName,
+                                    out AString aUserPassword,
+                                    [optional] in bool aIsPrivate,
+                                    [optional] in nsIPrincipal aPrincipal);
 
     /**
      * Store auth identity.
      *
      * @param aScheme
      *        the URL scheme (e.g., "http").  NOTE: for proxy authentication,
      *        this should be "http" (this includes authentication for CONNECT
      *        tunneling).
@@ -91,25 +91,25 @@ interface nsIHttpAuthManager : nsISuppor
      *        optional string containing user password.
      * @param aIsPrivate
      *        whether to store a private or public identity (they are
      *        stored separately, for use by private browsing)
      * @param aPrincipal
      *        the principal from which to derive information about which
      *        app/mozbrowser is in use for this request
      */
-    void setAuthIdentity(in ACString aScheme,
-                         in ACString aHost,
-                         in int32_t  aPort,
-                         in ACString aAuthType,
-                         in ACString aRealm,
-                         in ACString aPath,
-                         in AString  aUserDomain,
-                         in AString  aUserName,
-                         in AString  aUserPassword,
-                         [optional] in boolean aIsPrivate,
-                         [optional] in nsIPrincipal aPrincipal);
+    [must_use] void setAuthIdentity(in ACString aScheme,
+                                    in ACString aHost,
+                                    in int32_t  aPort,
+                                    in ACString aAuthType,
+                                    in ACString aRealm,
+                                    in ACString aPath,
+                                    in AString  aUserDomain,
+                                    in AString  aUserName,
+                                    in AString  aUserPassword,
+                                    [optional] in boolean aIsPrivate,
+                                    [optional] in nsIPrincipal aPrincipal);
 
     /**
      * Clear all auth cache.
      */
-    void clearAll();
+    [must_use] void clearAll();
 };
--- a/netwerk/protocol/http/nsIHttpAuthenticableChannel.idl
+++ b/netwerk/protocol/http/nsIHttpAuthenticableChannel.idl
@@ -11,105 +11,105 @@ interface nsIURI;
 interface nsIInterfaceRequestor;
 
 [scriptable, uuid(701093ac-5c7f-429c-99e3-423b041fccb4)]
 interface nsIHttpAuthenticableChannel : nsIProxiedChannel
 {
     /**
      * If the channel being authenticated is using SSL.
      */
-    readonly attribute boolean isSSL;
+    [must_use] readonly attribute boolean isSSL;
 
     /**
      * Returns if the proxy HTTP method used is CONNECT. If no proxy is being
      * used it must return PR_FALSE.
      */
-    readonly attribute boolean proxyMethodIsConnect;
+    [must_use] readonly attribute boolean proxyMethodIsConnect;
 
     /**
      * Cancels the current request. See nsIRequest.
      */
-    void cancel(in nsresult aStatus);
+    [must_use] void cancel(in nsresult aStatus);
 
     /**
      * The load flags of this request. See nsIRequest.
      */
-    readonly attribute nsLoadFlags loadFlags;
+    [must_use] readonly attribute nsLoadFlags loadFlags;
 
     /**
      * The URI corresponding to the channel. See nsIChannel.
      */
-    readonly attribute nsIURI URI;
+    [must_use] readonly attribute nsIURI URI;
 
     /**
      * The load group of this request. It is here for querying its
      * notificationCallbacks. See nsIRequest.
      */
-    readonly attribute nsILoadGroup loadGroup;
+    [must_use] readonly attribute nsILoadGroup loadGroup;
 
     /**
      * The notification callbacks for the channel. See nsIChannel.
      */
-    readonly attribute nsIInterfaceRequestor notificationCallbacks;
+    [must_use] readonly attribute nsIInterfaceRequestor notificationCallbacks;
 
     /**
      * The HTTP request method. See nsIHttpChannel.
      */
-    readonly attribute ACString requestMethod;
+    [must_use] readonly attribute ACString requestMethod;
 
     /**
      * The "Server" response header.
      * Return NS_ERROR_NOT_AVAILABLE if not available.
      */
-    readonly attribute ACString serverResponseHeader;
+    [must_use] readonly attribute ACString serverResponseHeader;
 
     /**
      * The Proxy-Authenticate response header.
      */
-    readonly attribute ACString proxyChallenges;
+    [must_use] readonly attribute ACString proxyChallenges;
 
     /**
      * The WWW-Authenticate response header.
      */
-    readonly attribute ACString WWWChallenges;
+    [must_use] readonly attribute ACString WWWChallenges;
 
     /**
      * Sets the Proxy-Authorization request header. An empty string
      * will clear it.
      */
-    void setProxyCredentials(in ACString credentials);
+    [must_use] void setProxyCredentials(in ACString credentials);
 
     /**
      * Sets the Authorization request header. An empty string
      * will clear it.
      */
-    void setWWWCredentials(in ACString credentials);
+    [must_use] void setWWWCredentials(in ACString credentials);
 
     /**
      * Called when authentication information is ready and has been set on this
      * object using setWWWCredentials/setProxyCredentials. Implementations can
      * continue with the request and send the given information to the server.
      *
      * It is called asynchronously from
      * nsIHttpChannelAuthProvider::processAuthentication if that method returns
      * NS_ERROR_IN_PROGRESS.
      *
      * @note  Any exceptions thrown from this method should be ignored.
      */
-    void onAuthAvailable();
+    [must_use] void onAuthAvailable();
 
     /**
      * Notifies that the prompt was cancelled. It is called asynchronously
      * from nsIHttpChannelAuthProvider::processAuthentication if that method
      * returns NS_ERROR_IN_PROGRESS.
      *
      * @param userCancel
      *        If the user was cancelled has cancelled the authentication prompt.
      */
-    void onAuthCancelled(in boolean userCancel);
+    [must_use] void onAuthCancelled(in boolean userCancel);
 
     /**
      * Tells the channel to drop and close any sticky connection, since this
      * connection oriented schema cannot be negotiated second time on
      * the same connection.
      */
-    void closeStickyConnection();
+    [must_use] void closeStickyConnection();
 };
--- a/netwerk/protocol/http/nsIHttpAuthenticator.idl
+++ b/netwerk/protocol/http/nsIHttpAuthenticator.idl
@@ -42,16 +42,17 @@ interface nsIHttpAuthenticator : nsISupp
      * @param aSessionState
      *        see description below for generateCredentials.
      * @param aContinuationState
      *        see description below for generateCredentials.
      * @param aInvalidateIdentity
      *        return value indicating whether or not to prompt the user for a
      *        revised identity.
      */
+    [must_use]
     void challengeReceived(in    nsIHttpAuthenticableChannel aChannel,
                            in    string       aChallenge,
                            in    boolean      aProxyAuth,
                            inout nsISupports  aSessionState,
                            inout nsISupports  aContinuationState,
                            out   boolean      aInvalidatesIdentity);
 
     /**
@@ -87,16 +88,17 @@ interface nsIHttpAuthenticator : nsISupp
      *        state held by the channel between consecutive calls to
      *        generateCredentials, assuming multiple calls are required
      *        to authenticate.  this state is held for at most the lifetime of
      *        the channel.
      * @pram aCancel
      *        returns cancellable runnable object which caller can use to cancel
      *        calling aCallback when finished.
      */
+    [must_use]
     void generateCredentialsAsync(in    nsIHttpAuthenticableChannel aChannel,
                                   in    nsIHttpAuthenticatorCallback aCallback,
                                   in    string         aChallenge,
                                   in    boolean        aProxyAuth,
                                   in    wstring        aDomain,
                                   in    wstring        aUser,
                                   in    wstring        aPassword,
                                   in    nsISupports    aSessionState,
@@ -133,16 +135,17 @@ interface nsIHttpAuthenticator : nsISupp
      * @param aContinuationState
      *        state held by the channel between consecutive calls to
      *        generateCredentials, assuming multiple calls are required
      *        to authenticate.  this state is held for at most the lifetime of
      *        the channel.
      * @param aFlags
      *        authenticator may return one of the generate flags bellow.
      */
+    [must_use]
     string generateCredentials(in    nsIHttpAuthenticableChannel aChannel,
                                in    string         aChallenge,
                                in    boolean        aProxyAuth,
                                in    wstring        aDomain,
                                in    wstring        aUser,
                                in    wstring        aPassword,
                                inout nsISupports    aSessionState,
                                inout nsISupports    aContinuationState,
@@ -158,17 +161,17 @@ interface nsIHttpAuthenticator : nsISupp
      * the returned identity because it might not be valid and would overwrite
      * the cached identity.  See bug 542318 comment 32.
      */
     const unsigned long USING_INTERNAL_IDENTITY = (1<<0);
 
     /**
      * Flags defining various properties of the authenticator.
      */
-    readonly attribute unsigned long authFlags;
+    [must_use] readonly attribute unsigned long authFlags;
 
     /**
      * A request based authentication scheme only authenticates an individual
      * request (or a set of requests under the same authentication domain as
      * defined by RFC 2617).  BASIC and DIGEST are request based authentication
      * schemes.
      */
     const unsigned long REQUEST_BASED = (1<<0);
--- a/netwerk/protocol/http/nsIHttpChannel.idl
+++ b/netwerk/protocol/http/nsIHttpChannel.idl
@@ -31,17 +31,17 @@ interface nsIHttpChannel : nsIChannel
      *
      * NOTE: The data for a "POST" or "PUT" request can be configured via
      * nsIUploadChannel; however, after setting the upload data, it may be
      * necessary to set the request method explicitly.  The documentation
      * for nsIUploadChannel has further details.
      *
      * @throws NS_ERROR_IN_PROGRESS if set after the channel has been opened.
      */
-    attribute ACString requestMethod;
+    [must_use] attribute ACString requestMethod;
 
     /**
      * Get/set the HTTP referrer URI.  This is the address (URI) of the
      * resource from which this channel's URI was obtained (see RFC2616 section
      * 14.36).
      *
      * This attribute may only be set before the channel is opened.
      *
@@ -50,17 +50,17 @@ interface nsIHttpChannel : nsIChannel
      * never be sent as the referrer for a plaintext HTTP request).  The
      * implementation is not required to throw an exception when the referrer
      * URI is rejected.
      *
      * @throws NS_ERROR_IN_PROGRESS if set after the channel has been opened.
      * @throws NS_ERROR_FAILURE if used for setting referrer during
      *         visitRequestHeaders. Getting the value will not throw.
      */
-    attribute nsIURI referrer;
+    [must_use] attribute nsIURI referrer;
 
     /**
      * Referrer policies. See ReferrerPolicy.h for more details.
      */
 
 
     /*   The undefined state, or no referrer policy, usually causing a fallback
          to a referrer policy definded elsewhere */
@@ -86,60 +86,61 @@ interface nsIHttpChannel : nsIChannel
          No referrer when request from https->http. */
     const unsigned long REFERRER_POLICY_STRICT_ORIGIN_WHEN_XORIGIN = 8;
 
     /**
      * Get the HTTP referrer policy.  The policy is retrieved from the meta
      * referrer tag, which can be one of many values (see ReferrerPolicy.h for
      * more details).
      */
-    readonly attribute unsigned long referrerPolicy;
+    [must_use] readonly attribute unsigned long referrerPolicy;
 
     /**
      * Set the HTTP referrer URI with a referrer policy.
      * @throws NS_ERROR_FAILURE if called during visitRequestHeaders.
      */
+    [must_use]
     void setReferrerWithPolicy(in nsIURI referrer, in unsigned long referrerPolicy);
 
     /**
      * Returns the network protocol used to fetch the resource as identified
      * by the ALPN Protocol ID.
      *
      * @throws NS_ERROR_NOT_AVAILABLE if called before the response
      *         has been received (before onStartRequest).
      */
-    readonly attribute ACString protocolVersion;
+    [must_use] readonly attribute ACString protocolVersion;
 
     /**
      * size consumed by the response header fields and the response payload body
      */
-    readonly attribute uint64_t transferSize;
+    [must_use] readonly attribute uint64_t transferSize;
 
     /**
      * The size of the message body received by the client,
      * after removing any applied content-codings
      */
-    readonly attribute uint64_t decodedBodySize;
+    [must_use] readonly attribute uint64_t decodedBodySize;
 
     /**
      * The size in octets of the payload body, prior to removing content-codings
      */
-    readonly attribute uint64_t encodedBodySize;
+    [must_use] readonly attribute uint64_t encodedBodySize;
 
     /**
      * Get the value of a particular request header.
      *
      * @param aHeader
      *        The case-insensitive name of the request header to query (e.g.,
      *        "Cache-Control").
      *
      * @return the value of the request header.
      * @throws NS_ERROR_NOT_AVAILABLE if the header is not set.
      */
-    ACString getRequestHeader(in ACString aHeader);
+    [must_use] ACString getRequestHeader(in ACString aHeader);
 
     /**
      * Set the value of a particular request header.
      *
      * This method allows, for example, the cookies module to add "Cookie"
      * headers to the outgoing HTTP request.
      *
      * This method may only be called before the channel is opened.
@@ -159,19 +160,19 @@ interface nsIHttpChannel : nsIChannel
      *        contents of |aValue|.
      *
      * If aValue is empty and aMerge is false, the header will be cleared.
      *
      * @throws NS_ERROR_IN_PROGRESS if called after the channel has been
      *         opened.
      * @throws NS_ERROR_FAILURE if called during visitRequestHeaders.
      */
-    void setRequestHeader(in ACString aHeader,
-                          in ACString aValue,
-                          in boolean aMerge);
+    [must_use] void setRequestHeader(in ACString aHeader,
+                                     in ACString aValue,
+                                     in boolean aMerge);
 
     /**
      * Set a request header with empty value.
      *
      * This should be used with caution in the cases where the behavior of
      * setRequestHeader ignoring empty header values is undesirable.
      *
      * This method may only be called before the channel is opened.
@@ -179,134 +180,135 @@ interface nsIHttpChannel : nsIChannel
      * @param aHeader
      *        The case-insensitive name of the request header to set (e.g.,
      *        "Cookie").
      *
      * @throws NS_ERROR_IN_PROGRESS if called after the channel has been
      *         opened.
      * @throws NS_ERROR_FAILURE if called during visitRequestHeaders.
      */
-    void setEmptyRequestHeader(in ACString aHeader);
+    [must_use] void setEmptyRequestHeader(in ACString aHeader);
 
     /**
      * Call this method to visit all request headers.  Calling setRequestHeader
      * while visiting request headers has undefined behavior.  Don't do it!
      *
      * @param aVisitor
      *        the header visitor instance.
      */
-    void visitRequestHeaders(in nsIHttpHeaderVisitor aVisitor);
+    [must_use] void visitRequestHeaders(in nsIHttpHeaderVisitor aVisitor);
 
     /**
      * Call this method to visit all non-default (UA-provided) request headers.
      * Calling setRequestHeader while visiting request headers has undefined
      * behavior. Don't do it!
      *
      * @param aVisitor
      *        the header visitor instance.
      */
+    [must_use]
     void visitNonDefaultRequestHeaders(in nsIHttpHeaderVisitor aVisitor);
 
     /**
      * This attribute no longer has any effect, it remains for backwards compat
      *
      * @throws NS_ERROR_FAILURE if set after the channel has been opened.
      */
-    attribute boolean allowPipelining;
+    [must_use] attribute boolean allowPipelining;
 
     /**
      * This attribute of the channel indicates whether or not
      * the underlying HTTP transaction should be honor stored Strict Transport
      * Security directives for its principal. It defaults to true. Using
      * OCSP to bootstrap the HTTPs is the likely use case for setting it to
      * false.
      *
      * This attribute may only be set before the channel is opened.
      *
      * @throws NS_ERROR_IN_PROGRESS or NS_ERROR_ALREADY_OPENED
      *         if called after the channel has been opened.
      */
-    attribute boolean allowSTS;
+    [must_use] attribute boolean allowSTS;
 
     /**
      * This attribute specifies the number of redirects this channel is allowed
      * to make.  If zero, the channel will fail to redirect and will generate
      * a NS_ERROR_REDIRECT_LOOP failure status.
      *
      * NOTE: An HTTP redirect results in a new channel being created.  If the
      * new channel supports nsIHttpChannel, then it will be assigned a value
      * to its |redirectionLimit| attribute one less than the value of the
      * redirected channel's |redirectionLimit| attribute.  The initial value
      * for this attribute may be a configurable preference (depending on the
      * implementation).
      */
-    attribute unsigned long redirectionLimit;
+    [must_use] attribute unsigned long redirectionLimit;
 
 
     /**************************************************************************
      * RESPONSE INFO
      *
      * Accessing response info before the onStartRequest event is an error.
      */
 
     /**
      * Get the HTTP response code (e.g., 200).
      *
      * @throws NS_ERROR_NOT_AVAILABLE if called before the response
      *         has been received (before onStartRequest).
      */
-    readonly attribute unsigned long responseStatus;
+    [must_use] readonly attribute unsigned long responseStatus;
 
     /**
      * Get the HTTP response status text (e.g., "OK").
      *
      * NOTE: This returns the raw (possibly 8-bit) text from the server.  There
      * are no assumptions made about the charset of the returned text.  You
      * have been warned!
      *
      * @throws NS_ERROR_NOT_AVAILABLE if called before the response
      *         has been received (before onStartRequest).
      */
-    readonly attribute ACString responseStatusText;
+    [must_use] readonly attribute ACString responseStatusText;
 
     /**
      * Returns true if the HTTP response code indicates success.  The value of
      * nsIRequest::status will be NS_OK even when processing a 404 response
      * because a 404 response may include a message body that (in some cases)
      * should be shown to the user.
      *
      * Use this attribute to distinguish server error pages from normal pages,
      * instead of comparing the response status manually against the set of
      * valid response codes, if that is required by your application.
      *
      * @throws NS_ERROR_NOT_AVAILABLE if called before the response
      *         has been received (before onStartRequest).
      */
-    readonly attribute boolean requestSucceeded;
+    [must_use] readonly attribute boolean requestSucceeded;
 
    /** Indicates whether channel should be treated as the main one for the
     *  current document.  If manually set to true, will always remain true.  Otherwise,
     *  will be true iff LOAD_DOCUMENT_URI is set in the channel's loadflags.
     */
-    attribute boolean isMainDocumentChannel;
+    [must_use] attribute boolean isMainDocumentChannel;
 
     /**
      * Get the value of a particular response header.
      *
      * @param aHeader
      *        The case-insensitive name of the response header to query (e.g.,
      *        "Set-Cookie").
      *
      * @return the value of the response header.
      *
      * @throws NS_ERROR_NOT_AVAILABLE if called before the response
      *         has been received (before onStartRequest) or if the header is
      *         not set in the response.
      */
-    ACString getResponseHeader(in ACString header);
+    [must_use] ACString getResponseHeader(in ACString header);
 
     /**
      * Set the value of a particular response header.
      *
      * This method allows, for example, the HTML content sink to inform the HTTP
      * channel about HTTP-EQUIV headers found in HTML <META> tags.
      *
      * @param aHeader
@@ -327,32 +329,32 @@ interface nsIHttpChannel : nsIChannel
      *
      * @throws NS_ERROR_NOT_AVAILABLE if called before the response
      *         has been received (before onStartRequest).
      * @throws NS_ERROR_ILLEGAL_VALUE if changing the value of this response
      *         header is not allowed.
      * @throws NS_ERROR_FAILURE if called during visitResponseHeaders,
      *         VisitOriginalResponseHeaders or getOriginalResponseHeader.
      */
-    void setResponseHeader(in ACString header,
-                           in ACString value,
-                           in boolean merge);
+    [must_use] void setResponseHeader(in ACString header,
+                                      in ACString value,
+                                      in boolean merge);
 
     /**
      * Call this method to visit all response headers.  Calling
      * setResponseHeader while visiting response headers has undefined
      * behavior.  Don't do it!
      *
      * @param aVisitor
      *        the header visitor instance.
      *
      * @throws NS_ERROR_NOT_AVAILABLE if called before the response
      *         has been received (before onStartRequest).
      */
-    void visitResponseHeaders(in nsIHttpHeaderVisitor aVisitor);
+    [must_use] void visitResponseHeaders(in nsIHttpHeaderVisitor aVisitor);
 
      /**
      * Get the value(s) of a particular response header in the form and order
      * it has been received from the remote peer. There can be multiple headers
      * with the same name.
      *
      * @param aHeader
      *        The case-insensitive name of the response header to query (e.g.,
@@ -360,61 +362,62 @@ interface nsIHttpChannel : nsIChannel
      *
      * @param aVisitor
      *        the header visitor instance.
      *
      * @throws NS_ERROR_NOT_AVAILABLE if called before the response
      *         has been received (before onStartRequest) or if the header is
      *         not set in the response.
      */
-    void getOriginalResponseHeader(in ACString aHeader,
-                                   in nsIHttpHeaderVisitor aVisitor);
+    [must_use] void getOriginalResponseHeader(in ACString aHeader,
+                                              in nsIHttpHeaderVisitor aVisitor);
 
     /**
      * Call this method to visit all response headers in the form and order as
      * they have been received from the remote peer.
      * Calling setResponseHeader while visiting response headers has undefined
      * behavior.  Don't do it!
      *
      * @param aVisitor
      *        the header visitor instance.
      *
      * @throws NS_ERROR_NOT_AVAILABLE if called before the response
      *         has been received (before onStartRequest).
      */
+    [must_use]
     void visitOriginalResponseHeaders(in nsIHttpHeaderVisitor aVisitor);
 
     /**
      * Returns true if the server sent a "Cache-Control: no-store" response
      * header.
      *
      * @throws NS_ERROR_NOT_AVAILABLE if called before the response
      *         has been received (before onStartRequest).
      */
-    boolean isNoStoreResponse();
+    [must_use] boolean isNoStoreResponse();
 
     /**
      * Returns true if the server sent the equivalent of a "Cache-control:
      * no-cache" response header.  Equivalent response headers include:
      * "Pragma: no-cache", "Expires: 0", and "Expires" with a date value
      * in the past relative to the value of the "Date" header.
      *
      * @throws NS_ERROR_NOT_AVAILABLE if called before the response
      *         has been received (before onStartRequest).
      */
-    boolean isNoCacheResponse();
+    [must_use] boolean isNoCacheResponse();
 
     /**
      * Returns true if the server sent a "Cache-Control: private" response
      * header.
      *
      * @throws NS_ERROR_NOT_AVAILABLE if called before the response
      *         has been received (before onStartRequest).
      */
-    boolean isPrivateResponse();
+    [must_use] boolean isPrivateResponse();
 
     /**
      * Instructs the channel to immediately redirect to a new destination.
      * Can only be called on channels that have not yet called their
      * listener's OnStartRequest(). Generally that means the latest time
      * this can be used is one of:
      *    "http-on-examine-response"
      *    "http-on-examine-merged-response"
@@ -434,35 +437,35 @@ interface nsIHttpChannel : nsIChannel
      * rewritten).
      *
      * This method provides no explicit conflict resolution. The last
      * caller to call it wins.
      *
      * @throws NS_ERROR_NOT_AVAILABLE if called after the channel has already
      *         started to deliver the content to its listener.
      */
-    void redirectTo(in nsIURI aTargetURI);
+    [must_use] void redirectTo(in nsIURI aTargetURI);
 
     /**
      * Identifies the request context for this load.
      */
-    [noscript] attribute nsID requestContextID;
+    [noscript, must_use] attribute nsID requestContextID;
 
     /**
      * Unique ID of the channel, shared between parent and child. Needed if
      * the channel activity needs to be monitored across process boundaries,
      * like in devtools net monitor. See bug 1274556.
      */
-    attribute ACString channelId;
+    [must_use] attribute ACString channelId;
 
     /**
      * ID of the top-level document's inner window.  Identifies the content
      * this channels is being load in.
      */
-    attribute uint64_t topLevelContentWindowId;
+    [must_use] attribute uint64_t topLevelContentWindowId;
 
     /**
      * Returns true if the channel has loaded a resource that is on the tracking
      * protection list.  This is only available if the
      * privacy.trackingprotection.annotate_channels pref is set and its value
      * should only be relied on after the channel has established a connection.
      */
     [infallible] readonly attribute boolean isTrackingResource;
--- a/netwerk/protocol/http/nsIHttpChannelAuthProvider.idl
+++ b/netwerk/protocol/http/nsIHttpChannelAuthProvider.idl
@@ -27,17 +27,17 @@ interface nsIHttpAuthenticableChannel;
 
 [scriptable, uuid(788f331b-2e1f-436c-b405-4f88a31a105b)]
 interface nsIHttpChannelAuthProvider : nsICancelable
 {
   /**
    * Initializes the http authentication support for the channel.
    * Implementations must hold a weak reference of the channel.
    */
-  void init(in nsIHttpAuthenticableChannel channel);
+  [must_use] void init(in nsIHttpAuthenticableChannel channel);
 
   /**
    * Upon receipt of a server challenge, this function is called to determine
    * the credentials to send.
    *
    * @param httpStatus
    *        the http status received.
    * @param sslConnectFailed
@@ -48,32 +48,32 @@ interface nsIHttpChannelAuthProvider : n
    *
    * @returns NS_OK if the credentials were got and set successfully.
    *          NS_ERROR_IN_PROGRESS if the credentials are going to be asked to
    *                               the user. The channel reference must be
    *                               alive until the feedback from
    *                               nsIHttpAuthenticableChannel's methods or
    *                               until disconnect be called.
    */
-  void processAuthentication(in unsigned long httpStatus,
-                             in boolean sslConnectFailed);
+  [must_use] void processAuthentication(in unsigned long httpStatus,
+                                        in boolean sslConnectFailed);
 
   /**
    * Add credentials from the http auth cache.
    *
    * @param dontUseCachedWWWCreds
    *    When true, the method will not add any Authorization headers from
    *    the auth cache.
    */
-  void addAuthorizationHeaders(in boolean dontUseCachedWWWCreds);
+  [must_use] void addAuthorizationHeaders(in boolean dontUseCachedWWWCreds);
 
   /**
    * Check if an unnecessary(and maybe malicious) url authentication has been
    * provided.
    */
-  void checkForSuperfluousAuth();
+  [must_use] void checkForSuperfluousAuth();
 
   /**
    * Cancel pending user auth prompts and release the callback and channel
    * weak references.
    */
-  void disconnect(in nsresult status);
+  [must_use] void disconnect(in nsresult status);
 };
--- a/netwerk/protocol/http/nsIHttpChannelChild.idl
+++ b/netwerk/protocol/http/nsIHttpChannelChild.idl
@@ -9,26 +9,28 @@
 [ref] native OptionalCorsPreflightArgsRef(mozilla::OptionalCorsPreflightArgs);
 
 interface nsIPrincipal;
 interface nsIURI;
 
 [uuid(d02b96ed-2789-4f42-a25c-7abe63de7c18)]
 interface nsIHttpChannelChild : nsISupports
 {
-  void addCookiesToRequest();
+  [must_use] void addCookiesToRequest();
 
   // Mark this channel as requiring an interception; this will propagate
   // to the corresponding parent channel when a redirect occurs.
+  [must_use]
   void forceIntercepted(in boolean postRedirectChannelShouldIntercept,
                         in boolean postRedirectChannelShouldUpgrade);
 
   // Headers that the channel client has set via SetRequestHeader.
-  readonly attribute RequestHeaderTuples clientSetRequestHeaders;
+  [must_use] readonly attribute RequestHeaderTuples clientSetRequestHeaders;
 
   // Headers that the channel client has set via SetRequestHeader.
   [notxpcom, nostdcall]
   void GetClientSetCorsPreflightParameters(in OptionalCorsPreflightArgsRef args);
 
   // This method is called by nsCORSListenerProxy if we need to remove
   // an entry from the CORS preflight cache in the parent process.
+  [must_use]
   void removeCorsPreflightCacheEntry(in nsIURI aURI, in nsIPrincipal aRequestingPrincipal);
 };
--- a/netwerk/protocol/http/nsIHttpChannelInternal.idl
+++ b/netwerk/protocol/http/nsIHttpChannelInternal.idl
@@ -24,139 +24,143 @@ interface nsIURI;
 
 /**
  * The callback interface for nsIHttpChannelInternal::HTTPUpgrade()
  */
 
 [scriptable, uuid(5b515449-ab64-4dba-b3cd-da8fc2f83064)]
 interface nsIHttpUpgradeListener : nsISupports
 {
-    void onTransportAvailable(in nsISocketTransport   aTransport,
-                              in nsIAsyncInputStream  aSocketIn,
-                              in nsIAsyncOutputStream aSocketOut);
+    [must_use] void onTransportAvailable(in nsISocketTransport   aTransport,
+                                         in nsIAsyncInputStream  aSocketIn,
+                                         in nsIAsyncOutputStream aSocketOut);
 };
 
 /**
  * Dumping ground for http.  This interface will never be frozen.  If you are
  * using any feature exposed by this interface, be aware that this interface
  * will change and you will be broken.  You have been warned.
  */
 [builtinclass, scriptable, uuid(4e28263d-1e03-46f4-aa5c-9512f91957f9)]
 interface nsIHttpChannelInternal : nsISupports
 {
     /**
      * An http channel can own a reference to the document URI
      */
-    attribute nsIURI documentURI;
+    [must_use] attribute nsIURI documentURI;
 
     /**
      * Get the major/minor version numbers for the request
      */
+    [must_use]
     void getRequestVersion(out unsigned long major, out unsigned long minor);
 
     /**
      * Get the major/minor version numbers for the response
      */
+    [must_use]
     void getResponseVersion(out unsigned long major, out unsigned long minor);
 
     /*
      * Retrieves all security messages from the security message queue
      * and empties the queue after retrieval
      */
-    [noscript] void takeAllSecurityMessages(in securityMessagesArray aMessages);
+    [noscript, must_use]
+    void takeAllSecurityMessages(in securityMessagesArray aMessages);
 
     /**
      * Helper method to set a cookie with a consumer-provided
      * cookie header, _but_ using the channel's other information
      * (URI's, prompters, date headers etc).
      *
      * @param aCookieHeader
      *        The cookie header to be parsed.
      */
-    void setCookie(in string aCookieHeader);
+    [must_use] void setCookie(in string aCookieHeader);
 
     /**
      * Setup this channel as an application cache fallback channel.
      */
-    void setupFallbackChannel(in string aFallbackKey);
+    [must_use] void setupFallbackChannel(in string aFallbackKey);
 
     /**
      * This flag is set to force relevant cookies to be sent with this load
      * even if normally they wouldn't be.
      */
     const unsigned long THIRD_PARTY_FORCE_ALLOW = 1 << 0;
 
     /**
      * When set, these flags modify the algorithm used to decide whether to
      * send 3rd party cookies for a given channel.
      */
-    attribute unsigned long thirdPartyFlags;
+    [must_use] attribute unsigned long thirdPartyFlags;
 
     /**
      * This attribute was added before the "flags" above and is retained here
      * for compatibility. When set to true, has the same effect as
      * THIRD_PARTY_FORCE_ALLOW, described above.
      */
-    attribute boolean forceAllowThirdPartyCookie;
+    [must_use] attribute boolean forceAllowThirdPartyCookie;
 
     /**
      * True iff the channel has been canceled.
      */
-    readonly attribute boolean canceled;
+    [must_use] readonly attribute boolean canceled;
 
     /**
      * External handlers may set this to true to notify the channel
      * that it is open on behalf of a download.
      */
-    attribute boolean channelIsForDownload;
+    [must_use] attribute boolean channelIsForDownload;
 
     /**
      * The local IP address to which this channel is bound, in the
      * format produced by PR_NetAddrToString. May be IPv4 or IPv6.
      * Note: in the presence of NAT, this may not be the same as the
      * address that the remote host thinks it's talking to.
      *
      * May throw NS_ERROR_NOT_AVAILABLE if accessed when the channel's
      * endpoints are not yet determined, or in any case when
      * nsIHttpActivityObserver.isActive is false. See bugs 534698 and 526207.
      */
-    readonly attribute AUTF8String localAddress;
+    [must_use] readonly attribute AUTF8String localAddress;
 
     /**
      * The local port number to which this channel is bound.
      *
      * May throw NS_ERROR_NOT_AVAILABLE if accessed when the channel's
      * endpoints are not yet determined, or in any case when
      * nsIHttpActivityObserver.isActive is false. See bugs 534698 and 526207.
      */
-    readonly attribute int32_t localPort;
+    [must_use] readonly attribute int32_t localPort;
 
     /**
      * The IP address of the remote host that this channel is
      * connected to, in the format produced by PR_NetAddrToString.
      *
      * May throw NS_ERROR_NOT_AVAILABLE if accessed when the channel's
      * endpoints are not yet determined, or in any case when
      * nsIHttpActivityObserver.isActive is false. See bugs 534698 and 526207.
      */
-    readonly attribute AUTF8String remoteAddress;
+    [must_use] readonly attribute AUTF8String remoteAddress;
 
     /**
      * The remote port number that this channel is connected to.
      *
      * May throw NS_ERROR_NOT_AVAILABLE if accessed when the channel's
      * endpoints are not yet determined, or in any case when
      * nsIHttpActivityObserver.isActive is false. See bugs 534698 and 526207.
      */
-    readonly attribute int32_t remotePort;
+    [must_use] readonly attribute int32_t remotePort;
 
     /**
      * Transfer chain of redirected cache-keys.
      */
-    [noscript] void setCacheKeysRedirectChain(in StringArray cacheKeys);
+    [noscript, must_use]
+    void setCacheKeysRedirectChain(in StringArray cacheKeys);
 
     /**
      * HTTPUpgrade allows for the use of HTTP to bootstrap another protocol
      * via the RFC 2616 Upgrade request header in conjunction with a 101 level
      * response. The nsIHttpUpgradeListener will have its
      * onTransportAvailable() method invoked if a matching 101 is processed.
      * The arguments to onTransportAvailable provide the new protocol the low
      * level tranport streams that are no longer used by HTTP.
@@ -165,123 +169,123 @@ interface nsIHttpChannelInternal : nsISu
      * listener gets full control over the socket if and when onTransportAvailable
      * is delievered.
      *
      * @param aProtocolName
      *        The value of the HTTP Upgrade request header
      * @param aListener
      *        The callback object used to handle a successful upgrade
      */
-    void HTTPUpgrade(in ACString aProtocolName,
-                     in nsIHttpUpgradeListener aListener);
+    [must_use] void HTTPUpgrade(in ACString aProtocolName,
+                                in nsIHttpUpgradeListener aListener);
 
     /**
      * Enable/Disable Spdy negotiation on per channel basis.
      * The network.http.spdy.enabled preference is still a pre-requisite
      * for starting spdy.
      */
-    attribute boolean allowSpdy;
+    [must_use] attribute boolean allowSpdy;
 
     /**
      * This attribute en/disables the timeout for the first byte of an HTTP
      * response. Enabled by default.
      */
-    attribute boolean responseTimeoutEnabled;
+    [must_use] attribute boolean responseTimeoutEnabled;
 
     /**
      * If the underlying transport supports RWIN manipulation, this is the
      * intiial window value for the channel. HTTP/2 implements this.
      * 0 means no override from system default. Set before opening channel.
      */
-    attribute unsigned long initialRwin;
+    [must_use] attribute unsigned long initialRwin;
 
     /**
      * Get value of the URI passed to nsIHttpChannel.redirectTo() if any.
      * May return null when redirectTo() has not been called.
      */
-    readonly attribute nsIURI apiRedirectToURI;
+    [must_use] readonly attribute nsIURI apiRedirectToURI;
 
     /**
      * Enable/Disable use of Alternate Services with this channel.
      * The network.http.altsvc.enabled preference is still a pre-requisite.
      */
-    attribute boolean allowAltSvc;
+    [must_use] attribute boolean allowAltSvc;
 
     /**
      * If true, do not use newer protocol features that might have interop problems
      * on the Internet. Intended only for use with critical infra like the updater.
      * default is false.
      */
-    attribute boolean beConservative;
+    [must_use] attribute boolean beConservative;
 
-    readonly attribute PRTime lastModifiedTime;
+    [must_use] readonly attribute PRTime lastModifiedTime;
 
     /**
      * Force a channel that has not been AsyncOpen'ed to skip any check for possible
      * interception and proceed immediately to open a previously-synthesized cache
      * entry using the provided ID.
      */
-    void forceIntercepted(in uint64_t aInterceptionID);
+    [must_use] void forceIntercepted(in uint64_t aInterceptionID);
 
-    readonly attribute boolean responseSynthesized;
+    [must_use] readonly attribute boolean responseSynthesized;
 
     /**
      * Set by nsCORSListenerProxy if credentials should be included in
      * cross-origin requests. false indicates "same-origin", users should still
      * check flag LOAD_ANONYMOUS!
      */
-    attribute boolean corsIncludeCredentials;
+    [must_use] attribute boolean corsIncludeCredentials;
 
     const unsigned long CORS_MODE_SAME_ORIGIN = 0;
     const unsigned long CORS_MODE_NO_CORS = 1;
     const unsigned long CORS_MODE_CORS = 2;
     const unsigned long CORS_MODE_NAVIGATE = 3;
     /**
      * Set by nsCORSListenerProxy to indicate CORS load type. Defaults to CORS_MODE_NO_CORS.
      */
-    attribute unsigned long corsMode;
+    [must_use] attribute unsigned long corsMode;
 
     const unsigned long REDIRECT_MODE_FOLLOW = 0;
     const unsigned long REDIRECT_MODE_ERROR = 1;
     const unsigned long REDIRECT_MODE_MANUAL = 2;
     /**
      * Set to indicate Request.redirect mode exposed during ServiceWorker
      * interception. No policy enforcement is performed by the channel for this
      * value.
      */
-    attribute unsigned long redirectMode;
+    [must_use] attribute unsigned long redirectMode;
 
     const unsigned long FETCH_CACHE_MODE_DEFAULT = 0;
     const unsigned long FETCH_CACHE_MODE_NO_STORE = 1;
     const unsigned long FETCH_CACHE_MODE_RELOAD = 2;
     const unsigned long FETCH_CACHE_MODE_NO_CACHE = 3;
     const unsigned long FETCH_CACHE_MODE_FORCE_CACHE = 4;
     const unsigned long FETCH_CACHE_MODE_ONLY_IF_CACHED = 5;
     /**
      * Set to indicate Request.cache mode, which simulates the fetch API
      * semantics, and is also used for exposing this value to the Web page
      * during service worker interception.
      */
-    attribute unsigned long fetchCacheMode;
+    [must_use] attribute unsigned long fetchCacheMode;
 
     /**
      * The URI of the top-level window that's associated with this channel.
      */
-    readonly attribute nsIURI topWindowURI;
+    [must_use] readonly attribute nsIURI topWindowURI;
 
     /**
      * The network interface id that's associated with this channel.
      */
-    attribute ACString networkInterfaceId;
+    [must_use] attribute ACString networkInterfaceId;
 
     /**
      * Read the proxy URI, which, if non-null, will be used to resolve
      * proxies for this channel.
      */
-    readonly attribute nsIURI proxyURI;
+    [must_use] readonly attribute nsIURI proxyURI;
 
     /**
      * Make cross-origin CORS loads happen with a CORS preflight, and specify
      * the CORS preflight parameters.
      */
     [noscript, notxpcom, nostdcall]
     void setCorsPreflightParameters(in StringArrayRef unsafeHeaders);
 
@@ -292,15 +296,15 @@ interface nsIHttpChannelInternal : nsISu
      * listener.  Must be called before opening the channel, otherwise throws.
      */
     [infallible]
     attribute boolean blockAuthPrompt;
 
     /**
      * Set to indicate Request.integrity.
      */
-    attribute AString integrityMetadata;
+    [must_use] attribute AString integrityMetadata;
 
     /**
      * The connection info's hash key. We use it to test connection separation.
      */
-    readonly attribute ACString connectionInfoHashKey;
+    [must_use] readonly attribute ACString connectionInfoHashKey;
 };
--- a/netwerk/protocol/http/nsIHttpEventSink.idl
+++ b/netwerk/protocol/http/nsIHttpEventSink.idl
@@ -27,11 +27,11 @@ interface nsIURI;
 interface nsIHttpEventSink : nsISupports
 {
     /**
      * Called when a redirect occurs due to a HTTP response like 302.  The
      * redirection may be to a non-http channel.
      *
      * @return failure cancels redirect
      */
-    void onRedirect(in nsIHttpChannel httpChannel,
-                    in nsIChannel newChannel);
+    [must_use] void onRedirect(in nsIHttpChannel httpChannel,
+                               in nsIChannel newChannel);
 };
--- a/netwerk/protocol/http/nsIHttpHeaderVisitor.idl
+++ b/netwerk/protocol/http/nsIHttpHeaderVisitor.idl
@@ -17,10 +17,10 @@ interface nsIHttpHeaderVisitor : nsISupp
      *
      * @param aHeader
      *        the header being visited.
      * @param aValue
      *        the header value (possibly a comma delimited list).
      *
      * @throw any exception to terminate enumeration
      */
-    void visitHeader(in ACString aHeader, in ACString aValue);
+    [must_use] void visitHeader(in ACString aHeader, in ACString aValue);
 };
--- a/netwerk/protocol/http/nsIHttpProtocolHandler.idl
+++ b/netwerk/protocol/http/nsIHttpProtocolHandler.idl
@@ -6,51 +6,51 @@
 #include "nsIProxiedProtocolHandler.idl"
 
 [scriptable, uuid(c48126d9-2ddd-485b-a51a-378e917e75f8)]
 interface nsIHttpProtocolHandler : nsIProxiedProtocolHandler
 {
     /**
      * Get the HTTP advertised user agent string.
      */
-    readonly attribute ACString userAgent;
+    [must_use] readonly attribute ACString userAgent;
 
     /**
      * Get the application name.
 	 *
      * @return The name of this application (eg. "Mozilla").
      */
-    readonly attribute ACString appName;
+    [must_use] readonly attribute ACString appName;
 
     /**
      * Get the application version string.
      *
      * @return The complete version (major and minor) string. (eg. "5.0")
      */
-    readonly attribute ACString appVersion;
+    [must_use] readonly attribute ACString appVersion;
 
     /**
      * Get the current platform.
      *
      * @return The platform this application is running on
      *		   (eg. "Windows", "Macintosh", "X11")
      */
-    readonly attribute ACString platform;
+    [must_use] readonly attribute ACString platform;
 
     /**
      * Get the current oscpu.
      *
      * @return The oscpu this application is running on
      */
-    readonly attribute ACString oscpu;
+    [must_use] readonly attribute ACString oscpu;
 
     /**
      * Get the application comment misc portion.
      */
-    readonly attribute ACString misc;
+    [must_use] readonly attribute ACString misc;
 
 };
 
 %{C++
 // ----------- Categories -----------
 /**
  * At initialization time, the HTTP handler will initialize each service
  * registered under this category:
--- a/netwerk/protocol/http/nsIWellKnownOpportunisticUtils.idl
+++ b/netwerk/protocol/http/nsIWellKnownOpportunisticUtils.idl
@@ -11,16 +11,16 @@
 
 %{C++
 #define NS_WELLKNOWNOPPORTUNISTICUTILS_CONTRACTID "@mozilla.org/network/well-known-opportunistic-utils;1"
 %}
 
 [scriptable, uuid(b4f96c89-5238-450c-8bda-e12c26f1d150)]
 interface nsIWellKnownOpportunisticUtils : nsISupports
 {
-    void verify(in ACString aJSON,
+    [must_use] void verify(in ACString aJSON,
                in ACString  aOrigin,
                in long      aAlternatePort);
 
-   readonly attribute bool valid;
-   readonly attribute bool mixed; /* mixed-scheme */
-   readonly attribute long lifetime;
+    [must_use] readonly attribute bool valid;
+    [must_use] readonly attribute bool mixed; /* mixed-scheme */
+    [must_use] readonly attribute long lifetime;
 };