Backed out 2 changesets (bug 1558394) for nsDocShellLoadState related bustage CLOSED TREE
authorBogdan Tara <btara@mozilla.com>
Thu, 14 May 2020 15:17:32 +0300
changeset 593608 c6808d59644cf49ca9e1f97815b616e18af33d71
parent 593607 ce86fc54910a501d9d6f961eb4467decb297e5d9
child 593609 0f25ea609ea6efd8b0e5710f32021a17a8dc8af7
push id13186
push userffxbld-merge
push dateMon, 01 Jun 2020 09:52:46 +0000
treeherdermozilla-beta@3e7c70a1e4a1 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
bugs1558394
milestone78.0a1
backs out5889105bd08941784888442e638829a2561f900c
80a0ea17c9f8c6db0b01918d5d3e7b2f4b90c3be
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Backed out 2 changesets (bug 1558394) for nsDocShellLoadState related bustage CLOSED TREE Backed out changeset 5889105bd089 (bug 1558394) Backed out changeset 80a0ea17c9f8 (bug 1558394)
browser/base/content/browser.js
docshell/base/nsDocShell.cpp
docshell/base/nsDocShellLoadState.cpp
docshell/base/nsDocShellLoadState.h
dom/base/IframeSandboxKeywordList.h
dom/base/LocationBase.cpp
dom/base/nsSandboxFlags.h
dom/clients/manager/ClientNavigateOpChild.cpp
dom/ipc/DOMTypes.ipdlh
dom/locales/en-US/chrome/security/security.properties
dom/webidl/LoadURIOptions.webidl
ipc/glue/BackgroundUtils.cpp
modules/libpref/init/StaticPrefList.yaml
netwerk/base/LoadInfo.cpp
netwerk/base/LoadInfo.h
netwerk/base/TRRLoadInfo.cpp
netwerk/base/nsILoadInfo.idl
netwerk/ipc/DocumentLoadListener.cpp
netwerk/ipc/NeckoChannelParams.ipdlh
testing/web-platform/meta/html/semantics/embedded-content/the-iframe-element/__dir__.ini
testing/web-platform/meta/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_anchor_download_block_downloads.sub.tentative.html.ini
testing/web-platform/meta/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_navigation_download_block_downloads.sub.tentative.html.ini
testing/web-platform/tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_anchor_download_block_downloads.sub.tentative.html
testing/web-platform/tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_navigation_download_allow_downloads.sub.tentative.html
testing/web-platform/tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_navigation_download_block_downloads.sub.tentative.html
toolkit/components/windowwatcher/nsWindowWatcher.cpp
uriloader/exthandler/nsExternalHelperAppService.cpp
uriloader/exthandler/nsExternalHelperAppService.h
xpcom/ds/StaticAtoms.py
--- a/browser/base/content/browser.js
+++ b/browser/base/content/browser.js
@@ -1501,17 +1501,17 @@ function _loadURI(browser, uri, params =
   }
 
   let { triggeringPrincipal, referrerInfo, postData, userContextId, csp } =
     params || {};
   let loadFlags =
     params.loadFlags || params.flags || Ci.nsIWebNavigation.LOAD_FLAGS_NONE;
   let hasValidUserGestureActivation =
     document.hasValidTransientUserGestureActivation;
-  let triggeringSandboxFlags = document.sandboxFlags;
+
   if (!triggeringPrincipal) {
     throw new Error("Must load with a triggering Principal");
   }
 
   if (userContextId && userContextId != browser.getAttribute("usercontextid")) {
     throw new Error("Cannot load with mismatched userContextId");
   }
 
@@ -1543,17 +1543,16 @@ function _loadURI(browser, uri, params =
   }
   let loadURIOptions = {
     triggeringPrincipal,
     csp,
     loadFlags,
     referrerInfo,
     postData,
     hasValidUserGestureActivation,
-    triggeringSandboxFlags,
   };
   try {
     if (!mustChangeProcess) {
       browser.webNavigation.loadURI(uri, loadURIOptions);
     } else {
       // Check if the current browser is allowed to unload.
       let { permitUnload, timedOut } = browser.permitUnload();
       if (!timedOut && !permitUnload) {
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@@ -3885,25 +3885,23 @@ nsresult nsDocShell::LoadErrorPage(nsIUR
     // Abandon mLSHE's BFCache entry and create a new one.  This way, if
     // we go back or forward to another SHEntry with the same doc
     // identifier, the error page won't persist.
     mLSHE->AbandonBFCacheEntry();
   }
 
   RefPtr<nsDocShellLoadState> loadState = new nsDocShellLoadState(aErrorURI);
   loadState->SetTriggeringPrincipal(nsContentUtils::GetSystemPrincipal());
-  if (mBrowsingContext) {
-    loadState->SetTriggeringSandboxFlags(mBrowsingContext->GetSandboxFlags());
-  }
   loadState->SetLoadType(LOAD_ERROR_PAGE);
   loadState->SetFirstParty(true);
   loadState->SetSourceBrowsingContext(mBrowsingContext);
   loadState->SetHasValidUserGestureActivation(
       mBrowsingContext &&
       mBrowsingContext->HasValidTransientUserGestureActivation());
+
   return InternalLoad(loadState, nullptr, nullptr);
 }
 
 NS_IMETHODIMP
 nsDocShell::Reload(uint32_t aReloadFlags) {
   if (!IsNavigationAllowed()) {
     return NS_OK;  // JS may not handle returning of an error code
   }
@@ -3946,17 +3944,16 @@ nsDocShell::Reload(uint32_t aReloadFlags
     nsAutoString srcdoc;
     nsIURI* baseURI = nullptr;
     nsCOMPtr<nsIURI> originalURI;
     nsCOMPtr<nsIURI> resultPrincipalURI;
     bool loadReplace = false;
 
     nsIPrincipal* triggeringPrincipal = doc->NodePrincipal();
     nsCOMPtr<nsIContentSecurityPolicy> csp = doc->GetCsp();
-    uint32_t triggeringSandboxFlags = doc->GetSandboxFlags();
 
     nsAutoString contentTypeHint;
     doc->GetContentType(contentTypeHint);
 
     if (doc->IsSrcdocDocument()) {
       doc->GetSrcdocData(srcdoc);
       flags |= INTERNAL_LOAD_FLAGS_IS_SRCDOC;
       baseURI = doc->GetBaseURI();
@@ -3989,17 +3986,16 @@ nsDocShell::Reload(uint32_t aReloadFlags
     emplacedResultPrincipalURI.emplace(std::move(resultPrincipalURI));
 
     RefPtr<nsDocShellLoadState> loadState = new nsDocShellLoadState(currentURI);
     loadState->SetReferrerInfo(mReferrerInfo);
     loadState->SetOriginalURI(originalURI);
     loadState->SetMaybeResultPrincipalURI(emplacedResultPrincipalURI);
     loadState->SetLoadReplace(loadReplace);
     loadState->SetTriggeringPrincipal(triggeringPrincipal);
-    loadState->SetTriggeringSandboxFlags(triggeringSandboxFlags);
     loadState->SetPrincipalToInherit(triggeringPrincipal);
     loadState->SetCsp(csp);
     loadState->SetLoadFlags(flags);
     loadState->SetTypeHint(NS_ConvertUTF16toUTF8(contentTypeHint));
     loadState->SetLoadType(loadType);
     loadState->SetFirstParty(true);
     loadState->SetSrcdocData(srcdoc);
     loadState->SetSourceBrowsingContext(mBrowsingContext);
@@ -5023,17 +5019,16 @@ nsDocShell::ForceRefreshURI(nsIURI* aURI
     }
     principal = doc->NodePrincipal();
   }
   loadState->SetTriggeringPrincipal(principal);
   if (doc) {
     loadState->SetCsp(doc->GetCsp());
     loadState->SetHasValidUserGestureActivation(
         doc->HasValidTransientUserGestureActivation());
-    loadState->SetTriggeringSandboxFlags(doc->GetSandboxFlags());
   }
 
   loadState->SetPrincipalIsExplicit(true);
 
   /* Check if this META refresh causes a redirection
    * to another site.
    */
   bool equalUri = false;
@@ -8161,18 +8156,16 @@ nsresult nsDocShell::PerformRetargeting(
       aLoadState->GetMaybeResultPrincipalURI(resultPrincipalURI);
 
       loadState->SetMaybeResultPrincipalURI(resultPrincipalURI);
       loadState->SetKeepResultPrincipalURIIfSet(
           aLoadState->KeepResultPrincipalURIIfSet());
       // LoadReplace will always be false due to asserts above, skip setting
       // it.
       loadState->SetTriggeringPrincipal(aLoadState->TriggeringPrincipal());
-      loadState->SetTriggeringSandboxFlags(
-          aLoadState->TriggeringSandboxFlags());
       loadState->SetCsp(aLoadState->Csp());
       loadState->SetInheritPrincipal(
           aLoadState->HasLoadFlags(INTERNAL_LOAD_FLAGS_INHERIT_PRINCIPAL));
       // Explicit principal because we do not want any guesses as to what the
       // principal to inherit is: it should be aTriggeringPrincipal.
       loadState->SetPrincipalIsExplicit(true);
       loadState->SetLoadType(LOAD_LINK);
       loadState->SetForceAllowDataURI(
@@ -9635,17 +9628,16 @@ nsresult nsDocShell::DoURILoad(nsDocShel
   // in case this docshell load was triggered by a valid transient user gesture,
   // or also the load originates from external, then we pass that information on
   // to the loadinfo, which allows e.g. setting Sec-Fetch-User request headers.
   if (mBrowsingContext->HasValidTransientUserGestureActivation() ||
       aLoadState->HasValidUserGestureActivation() ||
       aLoadState->HasLoadFlags(LOAD_FLAGS_FROM_EXTERNAL)) {
     loadInfo->SetHasValidUserGestureActivation(true);
   }
-  loadInfo->SetTriggeringSandboxFlags(aLoadState->TriggeringSandboxFlags());
 
   /* Get the cache Key from SH */
   uint32_t cacheKey = 0;
   if (mLSHE) {
     cacheKey = mLSHE->GetCacheKey();
   } else if (mOSHE) {  // for reload cases
     cacheKey = mOSHE->GetCacheKey();
   }
@@ -11886,21 +11878,16 @@ nsresult nsDocShell::OnLinkClickSync(
     }
   }
 
   // if the triggeringPrincipal is not passed explicitly, then we
   // fall back to using doc->NodePrincipal() as the triggeringPrincipal.
   nsCOMPtr<nsIPrincipal> triggeringPrincipal =
       aTriggeringPrincipal ? aTriggeringPrincipal : aContent->NodePrincipal();
 
-  uint32_t triggeringSandboxFlags = 0;
-  if (mBrowsingContext) {
-    triggeringSandboxFlags = mBrowsingContext->GetSandboxFlags();
-  }
-
   nsCOMPtr<nsIContentSecurityPolicy> csp = aCsp;
   if (!csp) {
     // Currently, if no csp is passed explicitly we fall back to querying the
     // CSP from the document.
     csp = aContent->GetCsp();
   }
 
   uint32_t flags = INTERNAL_LOAD_FLAGS_NONE;
@@ -11991,17 +11978,16 @@ nsresult nsDocShell::OnLinkClickSync(
 
   nsCOMPtr<nsIReferrerInfo> referrerInfo =
       isElementAnchorOrArea ? new ReferrerInfo(*aContent->AsElement())
                             : new ReferrerInfo(*referrerDoc);
 
   RefPtr<nsDocShellLoadState> loadState = new nsDocShellLoadState(aURI);
   loadState->SetReferrerInfo(referrerInfo);
   loadState->SetTriggeringPrincipal(triggeringPrincipal);
-  loadState->SetTriggeringSandboxFlags(triggeringSandboxFlags);
   loadState->SetPrincipalToInherit(aContent->NodePrincipal());
   loadState->SetCsp(csp);
   loadState->SetLoadFlags(flags);
   loadState->SetTarget(aTargetSpec);
   loadState->SetTypeHint(NS_ConvertUTF16toUTF8(typeHint));
   loadState->SetFileName(aFileName);
   loadState->SetPostDataStream(aPostDataStream);
   loadState->SetHeadersStream(aHeadersDataStream);
--- a/docshell/base/nsDocShellLoadState.cpp
+++ b/docshell/base/nsDocShellLoadState.cpp
@@ -89,17 +89,16 @@ nsDocShellLoadState::nsDocShellLoadState
       mLoadType(LOAD_NORMAL),
       mTarget(),
       mSrcdocData(VoidString()),
       mLoadFlags(0),
       mFirstParty(false),
       mHasValidUserGestureActivation(false),
       mTypeHint(VoidCString()),
       mFileName(VoidString()),
-      mTriggeringSandboxFlags(0),
       mIsFromProcessingFrameAttributes(false),
       mLoadIdentifier(0) {
   MOZ_ASSERT(aURI, "Cannot create a LoadState with a null URI!");
 }
 
 nsDocShellLoadState::nsDocShellLoadState(
     const DocShellLoadStateInit& aLoadState) {
   MOZ_ASSERT(aLoadState.URI(), "Cannot create a LoadState with a null URI!");
@@ -124,17 +123,16 @@ nsDocShellLoadState::nsDocShellLoadState
   mReferrerInfo = aLoadState.ReferrerInfo();
   mURI = aLoadState.URI();
   mOriginalURI = aLoadState.OriginalURI();
   mSourceBrowsingContext = aLoadState.SourceBrowsingContext();
   mBaseURI = aLoadState.BaseURI();
   mTriggeringPrincipal = aLoadState.TriggeringPrincipal();
   mPrincipalToInherit = aLoadState.PrincipalToInherit();
   mStoragePrincipalToInherit = aLoadState.StoragePrincipalToInherit();
-  mTriggeringSandboxFlags = aLoadState.TriggeringSandboxFlags();
   mCsp = aLoadState.Csp();
   mOriginalURIString = aLoadState.OriginalURIString();
   mCancelContentJSEpoch = aLoadState.CancelContentJSEpoch();
   mPostDataStream = aLoadState.PostDataStream();
   mHeadersStream = aLoadState.HeadersStream();
   mSrcdocData = aLoadState.SrcdocData();
   mLoadIdentifier = aLoadState.LoadIdentifier();
   if (!aLoadState.SHEntry() || !StaticPrefs::fission_sessionHistoryInParent()) {
@@ -346,17 +344,16 @@ nsresult nsDocShellLoadState::CreateFrom
   } else {
     loadState->SetLoadType(MAKE_LOAD_TYPE(LOAD_NORMAL, loadFlags));
   }
 
   loadState->SetLoadFlags(extraFlags);
   loadState->SetFirstParty(true);
   loadState->SetHasValidUserGestureActivation(
       aLoadURIOptions.mHasValidUserGestureActivation);
-  loadState->SetTriggeringSandboxFlags(aLoadURIOptions.mTriggeringSandboxFlags);
   loadState->SetPostDataStream(postData);
   loadState->SetHeadersStream(aLoadURIOptions.mHeaders);
   loadState->SetBaseURI(aLoadURIOptions.mBaseURI);
   loadState->SetTriggeringPrincipal(aLoadURIOptions.mTriggeringPrincipal);
   loadState->SetCsp(aLoadURIOptions.mCsp);
   loadState->SetForceAllowDataURI(forceAllowDataURI);
   loadState->SetOriginalURIString(uriString);
   if (aLoadURIOptions.mCancelContentJSEpoch) {
@@ -450,24 +447,16 @@ void nsDocShellLoadState::SetStoragePrin
 }
 
 void nsDocShellLoadState::SetCsp(nsIContentSecurityPolicy* aCsp) {
   mCsp = aCsp;
 }
 
 nsIContentSecurityPolicy* nsDocShellLoadState::Csp() const { return mCsp; }
 
-void nsDocShellLoadState::SetTriggeringSandboxFlags(uint32_t flags) {
-  mTriggeringSandboxFlags = flags;
-}
-
-uint32_t nsDocShellLoadState::TriggeringSandboxFlags() const {
-  return mTriggeringSandboxFlags;
-}
-
 bool nsDocShellLoadState::InheritPrincipal() const { return mInheritPrincipal; }
 
 void nsDocShellLoadState::SetInheritPrincipal(bool aInheritPrincipal) {
   mInheritPrincipal = aInheritPrincipal;
 }
 
 bool nsDocShellLoadState::PrincipalIsExplicit() const {
   return mPrincipalIsExplicit;
@@ -874,17 +863,16 @@ DocShellLoadStateInit nsDocShellLoadStat
       mIsFromProcessingFrameAttributes;
   loadState.URI() = mURI;
   loadState.OriginalURI() = mOriginalURI;
   loadState.SourceBrowsingContext() = mSourceBrowsingContext;
   loadState.BaseURI() = mBaseURI;
   loadState.TriggeringPrincipal() = mTriggeringPrincipal;
   loadState.PrincipalToInherit() = mPrincipalToInherit;
   loadState.StoragePrincipalToInherit() = mStoragePrincipalToInherit;
-  loadState.TriggeringSandboxFlags() = mTriggeringSandboxFlags;
   loadState.Csp() = mCsp;
   loadState.OriginalURIString() = mOriginalURIString;
   loadState.CancelContentJSEpoch() = mCancelContentJSEpoch;
   loadState.ReferrerInfo() = mReferrerInfo;
   loadState.PostDataStream() = mPostDataStream;
   loadState.HeadersStream() = mHeadersStream;
   loadState.SrcdocData() = mSrcdocData;
   loadState.ResultPrincipalURI() = mResultPrincipalURI;
--- a/docshell/base/nsDocShellLoadState.h
+++ b/docshell/base/nsDocShellLoadState.h
@@ -90,20 +90,16 @@ class nsDocShellLoadState final {
   bool LoadReplace() const;
 
   void SetLoadReplace(bool aLoadReplace);
 
   nsIPrincipal* TriggeringPrincipal() const;
 
   void SetTriggeringPrincipal(nsIPrincipal* aTriggeringPrincipal);
 
-  uint32_t TriggeringSandboxFlags() const;
-
-  void SetTriggeringSandboxFlags(uint32_t aTriggeringSandboxFlags);
-
   nsIContentSecurityPolicy* Csp() const;
 
   void SetCsp(nsIContentSecurityPolicy* aCsp);
 
   bool InheritPrincipal() const;
 
   void SetInheritPrincipal(bool aInheritPrincipal);
 
@@ -280,21 +276,16 @@ class nsDocShellLoadState final {
   // load to occur. In most cases the referrer and the triggeringPrincipal's URI
   // will be identical.
   //
   // Please note that this is the principal that is used for security checks. If
   // the argument aURI is provided by the web, then please do not pass a
   // SystemPrincipal as the triggeringPrincipal.
   nsCOMPtr<nsIPrincipal> mTriggeringPrincipal;
 
-  // The SandboxFlags of the load, that are, the SandboxFlags of the entity
-  // responsible for causing the load to occur. Most likely this are the
-  // SandboxFlags of the document that started the load.
-  uint32_t mTriggeringSandboxFlags;
-
   // The CSP of the load, that is, the CSP of the entity responsible for causing
   // the load to occur. Most likely this is the CSP of the document that started
   // the load. In case the entity starting the load did not use a CSP, then mCsp
   // can be null. Please note that this is also the CSP that will be applied to
   // the load in case the load encounters a server side redirect.
   nsCOMPtr<nsIContentSecurityPolicy> mCsp;
 
   // If a refresh is caused by http-equiv="refresh" we want to set
--- a/dom/base/IframeSandboxKeywordList.h
+++ b/dom/base/IframeSandboxKeywordList.h
@@ -21,9 +21,8 @@ SANDBOX_KEYWORD("allow-orientation-lock"
                 SANDBOXED_ORIENTATION_LOCK)
 SANDBOX_KEYWORD("allow-popups", allowpopups, SANDBOXED_AUXILIARY_NAVIGATION)
 SANDBOX_KEYWORD("allow-modals", allowmodals, SANDBOXED_MODALS)
 SANDBOX_KEYWORD("allow-popups-to-escape-sandbox", allowpopupstoescapesandbox,
                 SANDBOX_PROPAGATES_TO_AUXILIARY_BROWSING_CONTEXTS)
 SANDBOX_KEYWORD("allow-presentation", allowpresentation, SANDBOXED_PRESENTATION)
 SANDBOX_KEYWORD("allow-storage-access-by-user-activation",
                 allowstorageaccessbyuseractivatetion, SANDBOXED_STORAGE_ACCESS)
-SANDBOX_KEYWORD("allow-downloads", allowdownloads, SANDBOXED_ALLOW_DOWNLOADS)
--- a/dom/base/LocationBase.cpp
+++ b/dom/base/LocationBase.cpp
@@ -94,17 +94,16 @@ already_AddRefed<nsDocShellLoadState> Lo
     principal->EqualsURI(docOriginalURI, &urisEqual);
   }
   if (urisEqual) {
     referrerInfo = new ReferrerInfo(docCurrentURI, referrerPolicy);
   } else {
     principal->CreateReferrerInfo(referrerPolicy, getter_AddRefs(referrerInfo));
   }
   loadState->SetTriggeringPrincipal(triggeringPrincipal);
-  loadState->SetTriggeringSandboxFlags(doc->GetSandboxFlags());
   loadState->SetCsp(doc->GetCsp());
   if (referrerInfo) {
     loadState->SetReferrerInfo(referrerInfo);
   }
   loadState->SetHasValidUserGestureActivation(
       doc->HasValidTransientUserGestureActivation());
 
   return loadState.forget();
--- a/dom/base/nsSandboxFlags.h
+++ b/dom/base/nsSandboxFlags.h
@@ -111,17 +111,10 @@ const unsigned long SANDBOXED_ORIENTATIO
  */
 const unsigned long SANDBOXED_PRESENTATION = 0x4000;
 
 /**
  * This flag disables access to the first-party storage area by user activation.
  */
 const unsigned long SANDBOXED_STORAGE_ACCESS = 0x8000;
 
-/**
- * This flag disables content from initiating or instantiating downloads,
- * whether through downloading hyperlinks or through navigation that gets
- * handled as a download.
- */
-const unsigned long SANDBOXED_ALLOW_DOWNLOADS = 0x10000;
-
-const unsigned long SANDBOX_ALL_FLAGS = 0xFFFFFF;
+const unsigned long SANDBOX_ALL_FLAGS = 0xFFFF;
 #endif
--- a/dom/clients/manager/ClientNavigateOpChild.cpp
+++ b/dom/clients/manager/ClientNavigateOpChild.cpp
@@ -243,17 +243,17 @@ RefPtr<ClientOpPromise> ClientNavigateOp
     CopyableErrorResult result;
     result.ThrowInvalidStateError(
         "Document's browsing context has been discarded");
     return ClientOpPromise::CreateAndReject(result, __func__);
   }
 
   RefPtr<nsDocShellLoadState> loadState = new nsDocShellLoadState(url);
   loadState->SetTriggeringPrincipal(principal);
-  loadState->SetTriggeringSandboxFlags(doc->GetSandboxFlags());
+
   loadState->SetCsp(doc->GetCsp());
 
   auto referrerInfo = MakeRefPtr<ReferrerInfo>(*doc);
   loadState->SetReferrerInfo(referrerInfo);
   loadState->SetLoadType(LOAD_STOP_CONTENT);
   loadState->SetSourceBrowsingContext(docShell->GetBrowsingContext());
   loadState->SetLoadFlags(nsIWebNavigation::LOAD_FLAGS_NONE);
   loadState->SetFirstParty(true);
--- a/dom/ipc/DOMTypes.ipdlh
+++ b/dom/ipc/DOMTypes.ipdlh
@@ -266,20 +266,16 @@ struct DocShellLoadStateInit
   // of the document that started the load. In case the entity starting the
   // load did not use a CSP, then Csp can be null. Please note that this is
   // also the CSP that will be applied to the load in case the load
   // encounters a server side redirect.
   nsIContentSecurityPolicy Csp;
 
   MaybeDiscardedBrowsingContext SourceBrowsingContext;
 
-  // The TriggineringSandboxFlags are the SandboxFlags of the entity
-  // responsible for causing the load to occur.
-  uint32_t TriggeringSandboxFlags;
-
   nsCString? OriginalURIString;
   int32_t? CancelContentJSEpoch;
 
   nsIInputStream PostDataStream;
   nsIInputStream HeadersStream;
 
   nsString SrcdocData; // useless without sourcedocshell
   // This might be missing if serialization of session history entries is
--- a/dom/locales/en-US/chrome/security/security.properties
+++ b/dom/locales/en-US/chrome/security/security.properties
@@ -128,11 +128,8 @@ XFrameOptionsDeny=The loading of “%2$S” in a frame is denied by “X-Frame-Options“ directive set to “%1$S“.
 
 # HTTPS-Only Mode
 # LOCALIZATION NOTE: %1$S is the URL of the upgraded request; %2$S is the upgraded scheme.
 HTTPSOnlyUpgradeRequest = Upgrading insecure request “%1$S” to use “%2$S”.
 # LOCALIZATION NOTE: %1$S is the URL of request.
 HTTPSOnlyNoUpgradeException = Not upgrading insecure request “%1$S” because it is exempt.
 # LOCALIZATION NOTE: %1$S is the URL of the failed request; %2$S is an error-code.
 HTTPSOnlyFailedRequest = Upgrading insecure request “%1$S” failed. (%2$S)
-
-IframeSandboxBlockedDownload = Download was blocked because the triggering iframe has the sandbox flag set.
-IframeSandboxDeprecatedDownload = Downloading content inside sandboxed iframes is deprecated and will be blocked soon.
--- a/dom/webidl/LoadURIOptions.webidl
+++ b/dom/webidl/LoadURIOptions.webidl
@@ -64,18 +64,13 @@ dictionary LoadURIOptions {
 
   /**
    * Set to indicate that the URI to be loaded was triggered by a user
    * action. (Mostly used in the context of Sec-Fetch-User).
    */
   boolean hasValidUserGestureActivation = false;
 
   /**
-   * The SandboxFlags of the entity thats
-   * responsible for causing the load.
-   */
-  long triggeringSandboxFlags = 0;
-  /**
    * If non-0, a value to pass to nsIDocShell::setCancelContentJSEpoch
    * when initiating the load.
    */
   long cancelContentJSEpoch = 0;
 };
--- a/ipc/glue/BackgroundUtils.cpp
+++ b/ipc/glue/BackgroundUtils.cpp
@@ -507,17 +507,16 @@ nsresult LoadInfoToLoadInfoArgs(nsILoadI
     maybeCspToInheritInfo.emplace(cspToInheritInfo);
   }
 
   *aOptionalLoadInfoArgs = Some(LoadInfoArgs(
       loadingPrincipalInfo, triggeringPrincipalInfo, principalToInheritInfo,
       sandboxedLoadingPrincipalInfo, topLevelPrincipalInfo,
       topLevelStorageAreaPrincipalInfo, optionalResultPrincipalURI,
       aLoadInfo->GetSecurityFlags(), aLoadInfo->GetSandboxFlags(),
-      aLoadInfo->GetTriggeringSandboxFlags(),
       aLoadInfo->InternalContentPolicyType(),
       static_cast<uint32_t>(aLoadInfo->GetTainting()),
       aLoadInfo->GetBlockAllMixedContent(),
       aLoadInfo->GetUpgradeInsecureRequests(),
       aLoadInfo->GetBrowserUpgradeInsecureRequests(),
       aLoadInfo->GetBrowserWouldUpgradeInsecureRequests(),
       aLoadInfo->GetForceAllowDataURI(),
       aLoadInfo->GetAllowInsecureRedirectToDataURI(),
@@ -733,17 +732,17 @@ nsresult LoadInfoArgsToLoadInfo(
   }
 
   RefPtr<mozilla::LoadInfo> loadInfo = new mozilla::LoadInfo(
       loadingPrincipal, triggeringPrincipal, principalToInherit,
       sandboxedLoadingPrincipal, topLevelPrincipal,
       topLevelStorageAreaPrincipal, resultPrincipalURI, cookieJarSettings,
       cspToInherit, clientInfo, reservedClientInfo, initialClientInfo,
       controller, loadInfoArgs.securityFlags(), loadInfoArgs.sandboxFlags(),
-      loadInfoArgs.triggeringSandboxFlags(), loadInfoArgs.contentPolicyType(),
+      loadInfoArgs.contentPolicyType(),
       static_cast<LoadTainting>(loadInfoArgs.tainting()),
       loadInfoArgs.blockAllMixedContent(),
       loadInfoArgs.upgradeInsecureRequests(),
       loadInfoArgs.browserUpgradeInsecureRequests(),
       loadInfoArgs.browserWouldUpgradeInsecureRequests(),
       loadInfoArgs.forceAllowDataURI(),
       loadInfoArgs.allowInsecureRedirectToDataURI(),
       loadInfoArgs.bypassCORSChecks(),
@@ -806,17 +805,16 @@ void LoadInfoToParentLoadInfoForwarder(
 
   *aForwarderArgsOut = ParentLoadInfoForwarderArgs(
       aLoadInfo->GetAllowInsecureRedirectToDataURI(),
       aLoadInfo->GetBypassCORSChecks(), ipcController, tainting,
       aLoadInfo->GetSkipContentSniffing(), aLoadInfo->GetHttpsOnlyStatus(),
       aLoadInfo->GetHasValidUserGestureActivation(),
       aLoadInfo->GetAllowDeprecatedSystemRequests(),
       aLoadInfo->GetParserCreatedScript(),
-      aLoadInfo->GetTriggeringSandboxFlags(),
       aLoadInfo->GetServiceWorkerTaintingSynthesized(),
       aLoadInfo->GetDocumentHasUserInteracted(),
       aLoadInfo->GetDocumentHasLoaded(),
       aLoadInfo->GetAllowListFutureDocumentsCreatedFromThisRedirectChain(),
       cookieJarSettingsArgs, aLoadInfo->GetRequestBlockingReason(),
       aLoadInfo->GetHasStoragePermission(),
       aLoadInfo->GetIsThirdPartyContextToTopWindow());
 }
@@ -846,20 +844,16 @@ nsresult MergeParentLoadInfoForwarder(
   }
 
   rv = aLoadInfo->SetSkipContentSniffing(aForwarderArgs.skipContentSniffing());
   NS_ENSURE_SUCCESS(rv, rv);
 
   rv = aLoadInfo->SetHttpsOnlyStatus(aForwarderArgs.httpsOnlyStatus());
   NS_ENSURE_SUCCESS(rv, rv);
 
-  rv = aLoadInfo->SetTriggeringSandboxFlags(
-      aForwarderArgs.triggeringSandboxFlags());
-  NS_ENSURE_SUCCESS(rv, rv);
-
   rv = aLoadInfo->SetHasValidUserGestureActivation(
       aForwarderArgs.hasValidUserGestureActivation());
   NS_ENSURE_SUCCESS(rv, rv);
 
   rv = aLoadInfo->SetAllowDeprecatedSystemRequests(
       aForwarderArgs.allowDeprecatedSystemRequests());
   NS_ENSURE_SUCCESS(rv, rv);
 
--- a/modules/libpref/init/StaticPrefList.yaml
+++ b/modules/libpref/init/StaticPrefList.yaml
@@ -1428,22 +1428,16 @@
   mirror: always
 
 # Block multiple external protocol URLs in iframes per single event.
 - name: dom.block_external_protocol_in_iframes
   type: bool
   value: true
   mirror: always
 
-# Block all downloads in iframes with the sandboxed attribute
-- name: dom.block_download_in_sandboxed_iframes
-  type: bool
-  value: @IS_NIGHTLY_BUILD@
-  mirror: always
-
 # Block multiple window.open() per single event.
 - name: dom.block_multiple_popups
   type: bool
   value: true
   mirror: always
 
 # The maximum number of popup that is allowed to be opened. Set to -1 for no
 # limit.
--- a/netwerk/base/LoadInfo.cpp
+++ b/netwerk/base/LoadInfo.cpp
@@ -68,17 +68,16 @@ LoadInfo::LoadInfo(
                                                 : mLoadingPrincipal.get()),
       mPrincipalToInherit(nullptr),
       mClientInfo(aLoadingClientInfo),
       mController(aController),
       mLoadingContext(do_GetWeakReference(aLoadingContext)),
       mContextForTopLevelLoad(nullptr),
       mSecurityFlags(aSecurityFlags),
       mSandboxFlags(aSandboxFlags),
-      mTriggeringSandboxFlags(0),
       mInternalContentPolicyType(aContentPolicyType),
       mTainting(LoadTainting::Basic),
       mBlockAllMixedContent(false),
       mUpgradeInsecureRequests(false),
       mBrowserUpgradeInsecureRequests(false),
       mBrowserWouldUpgradeInsecureRequests(false),
       mForceAllowDataURI(false),
       mAllowInsecureRedirectToDataURI(false),
@@ -346,17 +345,16 @@ LoadInfo::LoadInfo(nsPIDOMWindowOuter* a
                    nsISupports* aContextForTopLevelLoad,
                    nsSecurityFlags aSecurityFlags, uint32_t aSandboxFlags)
     : mLoadingPrincipal(nullptr),
       mTriggeringPrincipal(aTriggeringPrincipal),
       mPrincipalToInherit(nullptr),
       mContextForTopLevelLoad(do_GetWeakReference(aContextForTopLevelLoad)),
       mSecurityFlags(aSecurityFlags),
       mSandboxFlags(aSandboxFlags),
-      mTriggeringSandboxFlags(0),
       mInternalContentPolicyType(nsIContentPolicy::TYPE_DOCUMENT),
       mTainting(LoadTainting::Basic),
       mBlockAllMixedContent(false),
       mUpgradeInsecureRequests(false),
       mBrowserUpgradeInsecureRequests(false),
       mBrowserWouldUpgradeInsecureRequests(false),
       mForceAllowDataURI(false),
       mAllowInsecureRedirectToDataURI(false),
@@ -453,17 +451,16 @@ LoadInfo::LoadInfo(dom::CanonicalBrowsin
                    uint64_t aOuterWindowID, nsSecurityFlags aSecurityFlags,
                    uint32_t aSandboxFlags)
     : mLoadingPrincipal(nullptr),
       mTriggeringPrincipal(aTriggeringPrincipal),
       mPrincipalToInherit(nullptr),
       mContextForTopLevelLoad(nullptr),
       mSecurityFlags(aSecurityFlags),
       mSandboxFlags(aSandboxFlags),
-      mTriggeringSandboxFlags(0),
       mInternalContentPolicyType(nsIContentPolicy::TYPE_DOCUMENT),
       mTainting(LoadTainting::Basic),
       mBlockAllMixedContent(false),
       mUpgradeInsecureRequests(false),
       mBrowserUpgradeInsecureRequests(false),
       mBrowserWouldUpgradeInsecureRequests(false),
       mForceAllowDataURI(false),
       mAllowInsecureRedirectToDataURI(false),
@@ -735,17 +732,16 @@ LoadInfo::LoadInfo(const LoadInfo& rhs)
       // mReservedClientInfo must be handled specially during redirect
       // mInitialClientInfo must be handled specially during redirect
       mController(rhs.mController),
       mPerformanceStorage(rhs.mPerformanceStorage),
       mLoadingContext(rhs.mLoadingContext),
       mContextForTopLevelLoad(rhs.mContextForTopLevelLoad),
       mSecurityFlags(rhs.mSecurityFlags),
       mSandboxFlags(rhs.mSandboxFlags),
-      mTriggeringSandboxFlags(rhs.mTriggeringSandboxFlags),
       mInternalContentPolicyType(rhs.mInternalContentPolicyType),
       mTainting(rhs.mTainting),
       mBlockAllMixedContent(rhs.mBlockAllMixedContent),
       mUpgradeInsecureRequests(rhs.mUpgradeInsecureRequests),
       mBrowserUpgradeInsecureRequests(rhs.mBrowserUpgradeInsecureRequests),
       mBrowserWouldUpgradeInsecureRequests(
           rhs.mBrowserWouldUpgradeInsecureRequests),
       mForceAllowDataURI(rhs.mForceAllowDataURI),
@@ -801,19 +797,19 @@ LoadInfo::LoadInfo(
     nsIPrincipal* aTopLevelStorageAreaPrincipal, nsIURI* aResultPrincipalURI,
     nsICookieJarSettings* aCookieJarSettings,
     nsIContentSecurityPolicy* aCspToInherit,
     const Maybe<ClientInfo>& aClientInfo,
     const Maybe<ClientInfo>& aReservedClientInfo,
     const Maybe<ClientInfo>& aInitialClientInfo,
     const Maybe<ServiceWorkerDescriptor>& aController,
     nsSecurityFlags aSecurityFlags, uint32_t aSandboxFlags,
-    uint32_t aTriggeringSandboxFlags, nsContentPolicyType aContentPolicyType,
-    LoadTainting aTainting, bool aBlockAllMixedContent,
-    bool aUpgradeInsecureRequests, bool aBrowserUpgradeInsecureRequests,
+    nsContentPolicyType aContentPolicyType, LoadTainting aTainting,
+    bool aBlockAllMixedContent, bool aUpgradeInsecureRequests,
+    bool aBrowserUpgradeInsecureRequests,
     bool aBrowserWouldUpgradeInsecureRequests, bool aForceAllowDataURI,
     bool aAllowInsecureRedirectToDataURI, bool aBypassCORSChecks,
     bool aSkipContentPolicyCheckForWebRequest,
     bool aForceInheritPrincipalDropped, uint64_t aInnerWindowID,
     uint64_t aOuterWindowID, uint64_t aParentOuterWindowID,
     uint64_t aTopOuterWindowID, uint64_t aFrameOuterWindowID,
     uint64_t aBrowsingContextID, uint64_t aFrameBrowsingContextID,
     bool aInitialSecurityCheckDone, bool aIsThirdPartyContext,
@@ -843,17 +839,16 @@ LoadInfo::LoadInfo(
       mCspToInherit(aCspToInherit),
       mClientInfo(aClientInfo),
       mReservedClientInfo(aReservedClientInfo),
       mInitialClientInfo(aInitialClientInfo),
       mController(aController),
       mLoadingContext(do_GetWeakReference(aLoadingContext)),
       mSecurityFlags(aSecurityFlags),
       mSandboxFlags(aSandboxFlags),
-      mTriggeringSandboxFlags(aTriggeringSandboxFlags),
       mInternalContentPolicyType(aContentPolicyType),
       mTainting(aTainting),
       mBlockAllMixedContent(aBlockAllMixedContent),
       mUpgradeInsecureRequests(aUpgradeInsecureRequests),
       mBrowserUpgradeInsecureRequests(aBrowserUpgradeInsecureRequests),
       mBrowserWouldUpgradeInsecureRequests(
           aBrowserWouldUpgradeInsecureRequests),
       mForceAllowDataURI(aForceAllowDataURI),
@@ -1083,28 +1078,16 @@ LoadInfo::GetSecurityFlags(nsSecurityFla
 
 NS_IMETHODIMP
 LoadInfo::GetSandboxFlags(uint32_t* aResult) {
   *aResult = mSandboxFlags;
   return NS_OK;
 }
 
 NS_IMETHODIMP
-LoadInfo::GetTriggeringSandboxFlags(uint32_t* aResult) {
-  *aResult = mTriggeringSandboxFlags;
-  return NS_OK;
-}
-
-NS_IMETHODIMP
-LoadInfo::SetTriggeringSandboxFlags(uint32_t aFlags) {
-  mTriggeringSandboxFlags = aFlags;
-  return NS_OK;
-}
-
-NS_IMETHODIMP
 LoadInfo::GetSecurityMode(uint32_t* aFlags) {
   *aFlags =
       (mSecurityFlags & (nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_INHERITS |
                          nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_IS_BLOCKED |
                          nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_INHERITS |
                          nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL |
                          nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS));
   return NS_OK;
--- a/netwerk/base/LoadInfo.h
+++ b/netwerk/base/LoadInfo.h
@@ -141,17 +141,16 @@ class LoadInfo final : public nsILoadInf
            nsIURI* aResultPrincipalURI,
            nsICookieJarSettings* aCookieJarSettings,
            nsIContentSecurityPolicy* aCspToInherit,
            const Maybe<mozilla::dom::ClientInfo>& aClientInfo,
            const Maybe<mozilla::dom::ClientInfo>& aReservedClientInfo,
            const Maybe<mozilla::dom::ClientInfo>& aInitialClientInfo,
            const Maybe<mozilla::dom::ServiceWorkerDescriptor>& aController,
            nsSecurityFlags aSecurityFlags, uint32_t aSandboxFlags,
-           uint32_t aTriggeringSandboxFlags,
            nsContentPolicyType aContentPolicyType, LoadTainting aTainting,
            bool aBlockAllMixedContent, bool aUpgradeInsecureRequests,
            bool aBrowserUpgradeInsecureRequests,
            bool aBrowserWouldUpgradeInsecureRequests, bool aForceAllowDataURI,
            bool aAllowInsecureRedirectToDataURI, bool aBypassCORSChecks,
            bool aSkipContentPolicyCheckForWebRequest,
            bool aForceInheritPrincipalDropped, uint64_t aInnerWindowID,
            uint64_t aOuterWindowID, uint64_t aParentOuterWindowID,
@@ -226,17 +225,16 @@ class LoadInfo final : public nsILoadInf
   Maybe<mozilla::dom::ClientInfo> mInitialClientInfo;
   Maybe<mozilla::dom::ServiceWorkerDescriptor> mController;
   RefPtr<mozilla::dom::PerformanceStorage> mPerformanceStorage;
 
   nsWeakPtr mLoadingContext;
   nsWeakPtr mContextForTopLevelLoad;
   nsSecurityFlags mSecurityFlags;
   uint32_t mSandboxFlags;
-  uint32_t mTriggeringSandboxFlags;
   nsContentPolicyType mInternalContentPolicyType;
   LoadTainting mTainting;
   bool mBlockAllMixedContent;
   bool mUpgradeInsecureRequests;
   bool mBrowserUpgradeInsecureRequests;
   bool mBrowserWouldUpgradeInsecureRequests;
   bool mForceAllowDataURI;
   bool mAllowInsecureRedirectToDataURI;
--- a/netwerk/base/TRRLoadInfo.cpp
+++ b/netwerk/base/TRRLoadInfo.cpp
@@ -87,24 +87,16 @@ NS_IMETHODIMP
 TRRLoadInfo::GetSecurityFlags(nsSecurityFlags* aResult) {
   return NS_ERROR_NOT_IMPLEMENTED;
 }
 
 NS_IMETHODIMP
 TRRLoadInfo::GetSandboxFlags(uint32_t* aResult) {
   return NS_ERROR_NOT_IMPLEMENTED;
 }
-NS_IMETHODIMP
-TRRLoadInfo::GetTriggeringSandboxFlags(uint32_t* aResult) {
-  return NS_ERROR_NOT_IMPLEMENTED;
-}
-NS_IMETHODIMP
-TRRLoadInfo::SetTriggeringSandboxFlags(uint32_t aResult) {
-  return NS_ERROR_NOT_IMPLEMENTED;
-}
 
 NS_IMETHODIMP
 TRRLoadInfo::GetSecurityMode(uint32_t* aFlags) {
   return NS_ERROR_NOT_IMPLEMENTED;
 }
 
 NS_IMETHODIMP
 TRRLoadInfo::GetIsInThirdPartyContext(bool* aIsInThirdPartyContext) {
--- a/netwerk/base/nsILoadInfo.idl
+++ b/netwerk/base/nsILoadInfo.idl
@@ -407,22 +407,16 @@ interface nsILoadInfo : nsISupports
 %}
 
   /**
    * The sandboxFlags of that channel.
    */
   [infallible] readonly attribute unsigned long sandboxFlags;
 
   /**
-  *   The TriggingSandboxFlags are the SandboxFlags of the entity
-  *   responsible for causing the load to occur.
-  */
-  [infallible] attribute unsigned long triggeringSandboxFlags;
-
-  /**
    * Allows to query only the security mode bits from above.
    */
   [infallible] readonly attribute unsigned long securityMode;
 
   /**
    * This flag is used for any browsing context where we should not sniff
    * the content type. E.g if an iframe has the XCTO nosniff header, then
    * that flag is set to true so we skip content sniffing for that browsing
--- a/netwerk/ipc/DocumentLoadListener.cpp
+++ b/netwerk/ipc/DocumentLoadListener.cpp
@@ -351,17 +351,16 @@ already_AddRefed<LoadInfo> DocumentLoadL
     OriginAttributes attrs;
     aBrowsingContext->GetOriginAttributes(attrs);
     loadInfo = new LoadInfo(aBrowsingContext, aLoadState->TriggeringPrincipal(),
                             attrs, aOuterWindowId, securityFlags, sandboxFlags);
   }
 
   loadInfo->SetHasValidUserGestureActivation(
       aLoadState->HasValidUserGestureActivation());
-  loadInfo->SetTriggeringSandboxFlags(aLoadState->TriggeringSandboxFlags());
 
   return loadInfo.forget();
 }
 
 CanonicalBrowsingContext* DocumentLoadListener::GetBrowsingContext() {
   if (!mParentChannelListener) {
     return nullptr;
   }
--- a/netwerk/ipc/NeckoChannelParams.ipdlh
+++ b/netwerk/ipc/NeckoChannelParams.ipdlh
@@ -74,17 +74,16 @@ struct LoadInfoArgs
   PrincipalInfo               triggeringPrincipalInfo;
   PrincipalInfo?              principalToInheritInfo;
   PrincipalInfo?              sandboxedLoadingPrincipalInfo;
   PrincipalInfo?              topLevelPrincipalInfo;
   PrincipalInfo?              topLevelStorageAreaPrincipalInfo;
   URIParams?                  resultPrincipalURI;
   uint32_t                    securityFlags;
   uint32_t                    sandboxFlags;
-  uint32_t                    triggeringSandboxFlags;
   uint32_t                    contentPolicyType;
   uint32_t                    tainting;
   bool                        blockAllMixedContent;
   bool                        upgradeInsecureRequests;
   bool                        browserUpgradeInsecureRequests;
   bool                        browserWouldUpgradeInsecureRequests;
   bool                        forceAllowDataURI;
   bool                        allowInsecureRedirectToDataURI;
@@ -202,19 +201,16 @@ struct ParentLoadInfoForwarderArgs
   // and all requests will be cancelled. Setting this flag to true prevents
   // the request from being cancelled.
   bool allowDeprecatedSystemRequests;
 
   // Only ever returns true if the loadinfo is of TYPE_SCRIPT and
   // the script was created by the HTML parser.
   bool parserCreatedScript;
 
-  // Sandbox Flags of the Document that triggered the load
-  uint32_t triggeringSandboxFlags;
-
   // We must also note that the tainting value was explicitly set
   // by the service worker.
   bool serviceWorkerTaintingSynthesized;
 
   bool documentHasUserInteracted;
   bool documentHasLoaded;
   bool allowListFutureDocumentsCreatedFromThisRedirectChain;
 
--- a/testing/web-platform/meta/html/semantics/embedded-content/the-iframe-element/__dir__.ini
+++ b/testing/web-platform/meta/html/semantics/embedded-content/the-iframe-element/__dir__.ini
@@ -1,1 +1,1 @@
-prefs: [dom.targetBlankNoOpener.enabled:false, dom.block_download_in_sandboxed_iframes:true ]
+prefs: [dom.targetBlankNoOpener.enabled:false]
new file mode 100644
--- /dev/null
+++ b/testing/web-platform/meta/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_anchor_download_block_downloads.sub.tentative.html.ini
@@ -0,0 +1,4 @@
+[iframe_sandbox_anchor_download_block_downloads.sub.tentative.html]
+  [<a download> triggered download in sandbox is blocked.]
+    expected: FAIL
+
new file mode 100644
--- /dev/null
+++ b/testing/web-platform/meta/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_navigation_download_block_downloads.sub.tentative.html.ini
@@ -0,0 +1,6 @@
+[iframe_sandbox_navigation_download_block_downloads.sub.tentative.html]
+  [Navigation resulted download in sandbox is blocked.]
+    expected:
+      if (os == "mac") and not debug: ["PASS", "FAIL"]
+      FAIL
+
--- a/testing/web-platform/tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_anchor_download_block_downloads.sub.tentative.html
+++ b/testing/web-platform/tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_anchor_download_block_downloads.sub.tentative.html
@@ -14,37 +14,18 @@ async_test(t => {
     const token = "{{$id:uuid()}}";
     var iframe = document.createElement("iframe");
     iframe.srcdoc = "<a>Download</a>";
     iframe.sandbox = "allow-same-origin";
     iframe.onload = t.step_func(function () {
         iframe.contentWindow.addEventListener(
             "unload", t.unreached_func("Unexpected navigation."));
         var anchor = iframe.contentDocument.getElementsByTagName('a')[0];
-        anchor.href = "support/download_stash.py?token=" + token + "&finish-delay=" + StreamDownloadFinishDelay();
-        anchor.download = null;
-        anchor.click();
-        AssertDownloadFailure(t, token, StreamDownloadFinishDelay() + DownloadVerifyDelay());
-    });
-
-    document.body.appendChild(iframe);
-}, "<a download> triggered download in sandbox is blocked.");
-
-async_test(t => {
-    const token = "{{$id:uuid()}}";
-    var iframe = document.createElement("iframe");
-    iframe.srcdoc = "<a>Download</a>";
-    iframe.sandbox = "allow-same-origin";
-    iframe.onload = t.step_func(function () {
-        iframe.contentWindow.addEventListener(
-            "unload", t.unreached_func("Unexpected navigation."));
-        var anchor = iframe.contentDocument.getElementsByTagName('a')[0];
-        anchor.href = "support/download_stash.py?token=" + token ;
+        anchor.href = "support/download_stash.py?token=" + token;
         anchor.download = null;
         anchor.click();
         AssertDownloadFailure(t, token, DownloadVerifyDelay());
     });
 
     document.body.appendChild(iframe);
-}, "<a download> triggered download in sandbox is blocked before a request is made");
-
+}, "<a download> triggered download in sandbox is blocked.");
 </script>
 </body>
--- a/testing/web-platform/tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_navigation_download_allow_downloads.sub.tentative.html
+++ b/testing/web-platform/tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_navigation_download_allow_downloads.sub.tentative.html
@@ -25,28 +25,10 @@ async_test(t => {
         // detecting a socket close.
         anchor.href = "support/download_stash.py?token=" + token + "&finish-delay=" + StreamDownloadFinishDelay();
         anchor.click();
         AssertDownloadSuccess(t, token, StreamDownloadFinishDelay() + DownloadVerifyDelay());
     });
 
     document.body.appendChild(iframe);
 }, "Navigation resulted download in sandbox is allowed by allow-downloads.");
-
-async_test(t => {
-    const token = "{{$id:uuid()}}";
-    var iframe = document.createElement("iframe");
-
-    const folder = location.origin+"/html/semantics/embedded-content/the-iframe-element/";
-    const href = `${folder}support/download_stash.py?token=${token}&finish-delay=${StreamDownloadFinishDelay() }`;
-    const objectDoc =`<a href="${href}">download</a>
-    <${"script"}> document.querySelector("a").click(); </${"script"}>`;
-
-    iframe.srcdoc = `<object data='data:text/html,${objectDoc}'></object>`;
-    iframe.sandbox = "allow-same-origin  allow-scripts allow-downloads";
-    iframe.addEventListener("load",()=>{
-        AssertDownloadSuccess(t, token, StreamDownloadFinishDelay() + DownloadVerifyDelay());
-    })
-    document.body.appendChild(iframe);
-}, "Navigation resulted download in sandbox from <object> is allowed by allow-downloads.");
-
 </script>
 </body>
--- a/testing/web-platform/tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_navigation_download_block_downloads.sub.tentative.html
+++ b/testing/web-platform/tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_navigation_download_block_downloads.sub.tentative.html
@@ -24,29 +24,10 @@ async_test(t => {
         // detecting a socket close.
         anchor.href = "support/download_stash.py?token=" + token + "&finish-delay=" + StreamDownloadFinishDelay();
         anchor.click();
         AssertDownloadFailure(t, token, StreamDownloadFinishDelay() + DownloadVerifyDelay());
     });
 
     document.body.appendChild(iframe);
 }, "Navigation resulted download in sandbox is blocked.");
-
-
-async_test(t => {
-    const token = "{{$id:uuid()}}";
-    var iframe = document.createElement("iframe");
-
-    const folder = location.origin+"/html/semantics/embedded-content/the-iframe-element/";
-    const href = `${folder}support/download_stash.py?token=${token}&finish-delay=${StreamDownloadFinishDelay() }`;
-    const objectDoc =`<a href="${href}">download</a>
-    <${"script"}> document.querySelector("a").click(); </${"script"}>`;
-
-    iframe.srcdoc = `<object data='data:text/html,${objectDoc}'></object>`;
-    iframe.sandbox = "allow-same-origin  allow-scripts";
-    iframe.addEventListener("load",()=>{
-        AssertDownloadFailure(t, token, StreamDownloadFinishDelay() + DownloadVerifyDelay());
-    })
-    document.body.appendChild(iframe);
-}, "Navigation resulted download in sandbox from <object> is blocked.");
-
 </script>
 </body>
--- a/toolkit/components/windowwatcher/nsWindowWatcher.cpp
+++ b/toolkit/components/windowwatcher/nsWindowWatcher.cpp
@@ -1147,19 +1147,16 @@ nsresult nsWindowWatcher::OpenWindowInte
     // the original LoadState. See Bug 1515433.
     loadState->SetURI(uriToLoad);
   } else if (uriToLoad && aNavigate && !loadState) {
     loadState = new nsDocShellLoadState(uriToLoad);
 
     loadState->SetSourceBrowsingContext(parentBC);
     loadState->SetHasValidUserGestureActivation(
         parentBC && parentBC->HasValidTransientUserGestureActivation());
-    if (parentBC) {
-      loadState->SetTriggeringSandboxFlags(parentBC->GetSandboxFlags());
-    }
 
     if (subjectPrincipal) {
       loadState->SetTriggeringPrincipal(subjectPrincipal);
     }
 #ifndef ANDROID
     MOZ_ASSERT(subjectPrincipal,
                "nsWindowWatcher: triggeringPrincipal required");
 #endif
--- a/uriloader/exthandler/nsExternalHelperAppService.cpp
+++ b/uriloader/exthandler/nsExternalHelperAppService.cpp
@@ -40,18 +40,16 @@
 #include "nsIRequest.h"
 #include "nsDirectoryServiceDefs.h"
 #include "nsIInterfaceRequestor.h"
 #include "nsThreadUtils.h"
 #include "nsIMutableArray.h"
 #include "nsIRedirectHistoryEntry.h"
 #include "nsOSHelperAppService.h"
 #include "nsOSHelperAppServiceChild.h"
-#include "nsSandboxFlags.h"
-#include "nsIConsoleService.h"
 
 // used to access our datastore of user-configured helper applications
 #include "nsIHandlerService.h"
 #include "nsIMIMEInfo.h"
 #include "nsIHelperAppLauncherDialog.h"
 #include "nsIContentDispatchChooser.h"
 #include "nsNetUtil.h"
 #include "nsIPrivateBrowsingChannel.h"
@@ -1530,42 +1528,16 @@ NS_IMETHODIMP nsExternalAppHandler::OnSt
   }
 
   // Get content length
   if (aChannel) {
     aChannel->GetContentLength(&mContentLength);
   }
 
   if (mBrowsingContext) {
-    nsCOMPtr<nsILoadInfo> loadinfo = aChannel->LoadInfo();
-    uint32_t triggeringFlags = loadinfo->GetTriggeringSandboxFlags();
-    uint32_t currentflags = mBrowsingContext->SandboxFlags();
-
-    if ((triggeringFlags & SANDBOXED_ALLOW_DOWNLOADS) ||
-        (currentflags & SANDBOXED_ALLOW_DOWNLOADS)) {
-      // If we encounter a download from within a sandboxed iframe, we
-      // cancel the request if dom.block_download_in_sandboxed_iframes is
-      // prefed on. Otherwise we log a warning that downloads within sandboxed
-      // iframes will be blocked soon.
-      nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(request);
-
-      if (StaticPrefs::dom_block_download_in_sandboxed_iframes()) {
-        mCanceled = true;
-        request->Cancel(NS_ERROR_ABORT);
-
-        if (httpChannel) {
-          LogMessageToConsole(httpChannel, "IframeSandboxBlockedDownload");
-        }
-        return NS_OK;
-      }
-      if (httpChannel) {
-        LogMessageToConsole(httpChannel, "IframeSandboxDeprecatedDownload");
-      }
-    }
-
     mMaybeCloseWindowHelper = new MaybeCloseWindowHelper(mBrowsingContext);
     mMaybeCloseWindowHelper->SetShouldCloseWindow(mShouldCloseWindow);
 
     nsCOMPtr<nsIPropertyBag2> props(do_QueryInterface(request, &rv));
     // Determine whether a new window was opened specifically for this request
     if (props) {
       bool tmp = false;
       if (NS_SUCCEEDED(props->GetPropertyAsBool(
@@ -1956,53 +1928,16 @@ nsExternalAppHandler::OnDataAvailable(ns
 
       // Cancel the download.
       Cancel(rv);
     }
   }
   return rv;
 }
 
-void nsExternalAppHandler::LogMessageToConsole(nsIHttpChannel* aChannel,
-                                               const char* aMsg) {
-  nsCOMPtr<nsIURI> uri;
-  nsresult rv = aChannel->GetURI(getter_AddRefs(uri));
-  if (NS_FAILED(rv)) {
-    return;
-  }
-  uint64_t windowID = 0;
-  rv = aChannel->GetTopLevelContentWindowId(&windowID);
-  if (NS_WARN_IF(NS_FAILED(rv))) {
-    return;
-  }
-  if (!windowID) {
-    nsCOMPtr<nsILoadGroup> loadGroup;
-    rv = aChannel->GetLoadGroup(getter_AddRefs(loadGroup));
-    if (NS_WARN_IF(NS_FAILED(rv))) {
-      return;
-    }
-
-    if (loadGroup) {
-      windowID = nsContentUtils::GetInnerWindowID(loadGroup);
-    }
-  }
-
-  nsAutoString localizedMsg;
-  AutoTArray<nsString, 0> params;
-  rv = nsContentUtils::FormatLocalizedString(
-      nsContentUtils::eSECURITY_PROPERTIES, aMsg, params, localizedMsg);
-  if (NS_WARN_IF(NS_FAILED(rv))) {
-    return;
-  }
-
-  nsContentUtils::ReportToConsoleByWindowID(
-      localizedMsg, nsIScriptError::warningFlag, NS_LITERAL_CSTRING("Security"),
-      windowID, uri);
-}
-
 NS_IMETHODIMP nsExternalAppHandler::OnStopRequest(nsIRequest* request,
                                                   nsresult aStatus) {
   LOG(
       ("nsExternalAppHandler::OnStopRequest\n"
        "  mCanceled=%d, mTransfer=0x%p, aStatus=0x%08" PRIX32 "\n",
        mCanceled, mTransfer.get(), static_cast<uint32_t>(aStatus)));
 
   mStopRequestIssued = true;
--- a/uriloader/exthandler/nsExternalHelperAppService.h
+++ b/uriloader/exthandler/nsExternalHelperAppService.h
@@ -19,17 +19,16 @@
 #include "nsINamed.h"
 #include "nsIStreamListener.h"
 #include "nsIFile.h"
 #include "nsString.h"
 #include "nsIInterfaceRequestor.h"
 #include "nsIInterfaceRequestorUtils.h"
 #include "nsIChannel.h"
 #include "nsIBackgroundFileSaver.h"
-#include "nsIHttpChannel.h"
 
 #include "nsCOMPtr.h"
 #include "nsIObserver.h"
 #include "nsCOMArray.h"
 #include "nsWeakReference.h"
 #include "mozilla/Attributes.h"
 
 class nsExternalAppHandler;
@@ -436,18 +435,16 @@ class nsExternalAppHandler final : publi
 
   typedef enum { kReadError, kWriteError, kLaunchError } ErrorType;
   /**
    * Utility function to send proper error notification to web progress listener
    */
   void SendStatusChange(ErrorType type, nsresult aStatus, nsIRequest* aRequest,
                         const nsString& path);
 
-  void LogMessageToConsole(nsIHttpChannel* aChannel, const char* aMsg);
-
   /**
    * Set in nsHelperDlgApp.js. This is always null after the user has chosen an
    * action.
    */
   nsCOMPtr<nsIWebProgressListener2> mDialogProgressListener;
   /**
    * Set once the user has chosen an action. This is null after the download
    * has been canceled or completes.
--- a/xpcom/ds/StaticAtoms.py
+++ b/xpcom/ds/StaticAtoms.py
@@ -71,17 +71,16 @@ STATIC_ATOMS = [
     Atom("address", "address"),
     Atom("adoptedsheetclones", "adoptedsheetclones"),
     Atom("after", "after"),
     Atom("align", "align"),
     Atom("alink", "alink"),
     Atom("all", "all"),
     Atom("allow", "allow"),
     Atom("allowdirs", "allowdirs"),
-    Atom("allowdownloads", "allow-downloads"),
     Atom("allowevents", "allowevents"),
     Atom("allowforms", "allow-forms"),
     Atom("allowfullscreen", "allowfullscreen"),
     Atom("allowmodals", "allow-modals"),
     Atom("alloworientationlock", "allow-orientation-lock"),
     Atom("allowpaymentrequest", "allowpaymentrequest"),
     Atom("allowpointerlock", "allow-pointer-lock"),
     Atom("allowpopupstoescapesandbox", "allow-popups-to-escape-sandbox"),