merge mozilla-central to autoland. r=merge a=merge
authorSebastian Hengst <archaeopteryx@coole-files.de>
Sat, 04 Nov 2017 10:59:37 +0100
changeset 443446 6d0ba331fc8e6e146f3ed9933ec564dfd08dcc8e
parent 443445 92df2c3c1e1a2a5824368c1471e838436ad43d92 (current diff)
parent 443442 14fd26761bc4d10c5334abe50d7b6f3a5908f08d (diff)
child 443447 be1d69e97c5a7d389348ae92ab7361109f23cd8c
push id1618
push userCallek@gmail.com
push dateThu, 11 Jan 2018 17:45:48 +0000
treeherdermozilla-release@882ca853e05a [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmerge, merge
milestone58.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
merge mozilla-central to autoland. r=merge a=merge
browser/config/tooltool-manifests/win32/vs2017.manifest
browser/config/tooltool-manifests/win64/vs2017.manifest
dom/interfaces/xul/nsIDOMXULImageElement.idl
dom/plugins/base/PluginPRLibrary.cpp
dom/plugins/base/PluginPRLibrary.h
js/src/tests/js1_8_5/extensions/is-generator.js
modules/libpref/test/unit/test_extprefs.js
new file mode 100644
--- /dev/null
+++ b/accessible/base/XULMap.h
@@ -0,0 +1,5 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+XULMAP(image, New_MaybeImageOrToolbarButtonAccessible)
--- a/accessible/base/nsAccessibilityService.cpp
+++ b/accessible/base/nsAccessibilityService.cpp
@@ -245,16 +245,34 @@ static Accessible*
 New_HTMLTableHeaderCellIfScope(nsIContent* aContent, Accessible* aContext)
 {
   if (aContext->IsTableRow() && aContext->GetContent() == aContent->GetParent() &&
       aContent->HasAttr(kNameSpaceID_None, nsGkAtoms::scope))
     return new HTMLTableHeaderCellAccessibleWrap(aContent, aContext->Document());
   return nullptr;
 }
 
+#ifdef MOZ_XUL
+static Accessible*
+New_MaybeImageOrToolbarButtonAccessible(nsIContent* aContent,
+                                        Accessible* aContext)
+{
+  if (aContent->HasAttr(kNameSpaceID_None, nsGkAtoms::onclick)) {
+    return new XULToolbarButtonAccessible(aContent, aContext->Document());
+  }
+
+  // Don't include nameless images in accessible tree.
+  if (!aContent->HasAttr(kNameSpaceID_None, nsGkAtoms::tooltiptext)) {
+    return nullptr;
+  }
+
+  return new ImageAccessibleWrap(aContent, aContext->Document());
+}
+#endif
+
 ////////////////////////////////////////////////////////////////////////////////
 // Markup maps array.
 
 #define Attr(name, value) \
   { &nsGkAtoms::name, &nsGkAtoms::value }
 
 #define AttrFromDOM(name, DOMAttrName) \
   { &nsGkAtoms::name, nullptr, &nsGkAtoms::DOMAttrName }
@@ -264,32 +282,47 @@ New_HTMLTableHeaderCellIfScope(nsIConten
 
 #define MARKUPMAP(atom, new_func, r, ... ) \
   { &nsGkAtoms::atom, new_func, static_cast<a11y::role>(r), { __VA_ARGS__ } },
 
 static const MarkupMapInfo sMarkupMapList[] = {
   #include "MarkupMap.h"
 };
 
+#ifdef MOZ_XUL
+#define XULMAP(atom, new_func) \
+  { &nsGkAtoms::atom, new_func },
+
+static const XULMarkupMapInfo sXULMapList[] = {
+  #include "XULMap.h"
+};
+#endif
+
 #undef Attr
 #undef AttrFromDOM
 #undef AttrFromDOMIf
 #undef MARKUPMAP
+#ifdef MOZ_XUL
+#undef XULMAP
+#endif
 
 ////////////////////////////////////////////////////////////////////////////////
 // nsAccessibilityService
 ////////////////////////////////////////////////////////////////////////////////
 
 nsAccessibilityService *nsAccessibilityService::gAccessibilityService = nullptr;
 ApplicationAccessible* nsAccessibilityService::gApplicationAccessible = nullptr;
 xpcAccessibleApplication* nsAccessibilityService::gXPCApplicationAccessible = nullptr;
 uint32_t nsAccessibilityService::gConsumers = 0;
 
 nsAccessibilityService::nsAccessibilityService() :
   DocManager(), FocusManager(), mMarkupMaps(ArrayLength(sMarkupMapList))
+#ifdef MOZ_XUL
+  , mXULMarkupMaps(ArrayLength(sXULMapList))
+#endif
 {
 }
 
 nsAccessibilityService::~nsAccessibilityService()
 {
   NS_ASSERTION(IsShutdown(), "Accessibility wasn't shutdown!");
   gAccessibilityService = nullptr;
 }
@@ -1157,19 +1190,30 @@ nsAccessibilityService::CreateAccessible
       if (deckFrame && deckFrame->GetSelectedBox() != frame) {
         if (aIsSubtreeHidden)
           *aIsSubtreeHidden = true;
 
         return nullptr;
       }
     }
 
+#ifdef MOZ_XUL
+    // Prefer to use XUL to decide if and what kind of accessible to create.
+    const XULMarkupMapInfo* xulMap =
+      mXULMarkupMaps.Get(content->NodeInfo()->NameAtom());
+    if (xulMap && xulMap->new_func) {
+      newAcc = xulMap->new_func(content, aContext);
+    }
+#endif
+
     // XBL bindings may use @role attribute to point the accessible type
     // they belong to.
-    newAcc = CreateAccessibleByType(content, document);
+    if (!newAcc) {
+      newAcc = CreateAccessibleByType(content, document);
+    }
 
     // Any XUL box can be used as tabpanel, make sure we create a proper
     // accessible for it.
     if (!newAcc && aContext->IsXULTabpanels() &&
         content->GetParent() == aContext->GetContent()) {
       LayoutFrameType frameType = frame->Type();
       if (frameType == LayoutFrameType::Box ||
           frameType == LayoutFrameType::Scroll) {
@@ -1271,16 +1315,21 @@ nsAccessibilityService::Init()
   if (!eventListenerService)
     return false;
 
   eventListenerService->AddListenerChangeListener(this);
 
   for (uint32_t i = 0; i < ArrayLength(sMarkupMapList); i++)
     mMarkupMaps.Put(*sMarkupMapList[i].tag, &sMarkupMapList[i]);
 
+#ifdef MOZ_XUL
+  for (uint32_t i = 0; i < ArrayLength(sXULMapList); i++)
+    mXULMarkupMaps.Put(*sXULMapList[i].tag, &sXULMapList[i]);
+#endif
+
 #ifdef A11Y_LOG
   logging::CheckEnv();
 #endif
 
   gAccessibilityService = this;
   NS_ADDREF(gAccessibilityService); // will release in Shutdown()
 
   if (XRE_IsParentProcess()) {
@@ -1416,29 +1465,16 @@ nsAccessibilityService::CreateAccessible
       accessible = new XULTabpanelsAccessible(aContent, aDoc);
 
   } else if (role.EqualsLiteral("xul:dropmarker")) {
       accessible = new XULDropmarkerAccessible(aContent, aDoc);
 
   } else if (role.EqualsLiteral("xul:groupbox")) {
       accessible = new XULGroupboxAccessible(aContent, aDoc);
 
-  } else if (role.EqualsLiteral("xul:image")) {
-    if (aContent->HasAttr(kNameSpaceID_None, nsGkAtoms::onclick)) {
-      accessible = new XULToolbarButtonAccessible(aContent, aDoc);
-
-    } else {
-      // Don't include nameless images in accessible tree.
-      if (!aContent->HasAttr(kNameSpaceID_None,
-                             nsGkAtoms::tooltiptext))
-        return nullptr;
-
-      accessible = new ImageAccessibleWrap(aContent, aDoc);
-    }
-
   } else if (role.EqualsLiteral("xul:link")) {
     accessible = new XULLinkAccessible(aContent, aDoc);
 
   } else if (role.EqualsLiteral("xul:listbox")) {
       accessible = new XULListboxAccessibleWrap(aContent, aDoc);
 
   } else if (role.EqualsLiteral("xul:listcell")) {
     // Only create cells if there's more than one per row.
--- a/accessible/base/nsAccessibilityService.h
+++ b/accessible/base/nsAccessibilityService.h
@@ -62,16 +62,23 @@ struct MarkupAttrInfo {
 
 struct MarkupMapInfo {
   nsStaticAtom** tag;
   New_Accessible* new_func;
   a11y::role role;
   MarkupAttrInfo attrs[4];
 };
 
+#ifdef MOZ_XUL
+struct XULMarkupMapInfo {
+  nsStaticAtom** tag;
+  New_Accessible* new_func;
+};
+#endif
+
 } // namespace a11y
 } // namespace mozilla
 
 class nsAccessibilityService final : public mozilla::a11y::DocManager,
                                      public mozilla::a11y::FocusManager,
                                      public mozilla::a11y::SelectionManager,
                                      public nsIListenerChangeListener,
                                      public nsIObserver
@@ -306,16 +313,19 @@ private:
   static mozilla::a11y::xpcAccessibleApplication* gXPCApplicationAccessible;
 
   /**
    * Contains a set of accessibility service consumers.
    */
   static uint32_t gConsumers;
 
   nsDataHashtable<nsPtrHashKey<const nsAtom>, const mozilla::a11y::MarkupMapInfo*> mMarkupMaps;
+#ifdef MOZ_XUL
+  nsDataHashtable<nsPtrHashKey<const nsAtom>, const mozilla::a11y::XULMarkupMapInfo*> mXULMarkupMaps;
+#endif
 
   friend nsAccessibilityService* GetAccService();
   friend nsAccessibilityService* GetOrCreateAccService(uint32_t);
   friend void MaybeShutdownAccService(uint32_t);
   friend mozilla::a11y::FocusManager* mozilla::a11y::FocusMgr();
   friend mozilla::a11y::SelectionManager* mozilla::a11y::SelectionMgr();
   friend mozilla::a11y::ApplicationAccessible* mozilla::a11y::ApplicationAcc();
   friend mozilla::a11y::xpcAccessibleApplication* mozilla::a11y::XPCApplicationAcc();
--- a/accessible/tests/mochitest/role/test_general.xul
+++ b/accessible/tests/mochitest/role/test_general.xul
@@ -13,16 +13,21 @@
           src="../common.js"></script>
   <script type="application/javascript"
           src="../role.js"></script>
 
   <script type="application/javascript">
   <![CDATA[
     function doTest()
     {
+      ok(!isAccessible("image"),
+                      "image without tooltiptext shouldn't be accessible.");
+      testRole("image-tooltiptext", ROLE_GRAPHIC);
+      testRole("image-onclick", ROLE_PUSHBUTTON);
+
       ok(!isAccessible("statusbarpanel"),
                       "statusbarpanel shouldn't be accessible.");
       testRole("statusbarpanel-iconic", ROLE_PUSHBUTTON);
       testRole("statusbarpanel-iconic-text", ROLE_PUSHBUTTON);
       testRole("statusbar", ROLE_STATUSBAR);
 
       SimpleTest.finish();
     }
@@ -42,16 +47,20 @@
     </a>
   <p id="display"></p>
     <div id="content" style="display: none">
     </div>
     <pre id="test">
     </pre>
   </body>
 
+  <image id="image" src="../moz.png"/>
+  <image id="image-tooltiptext" src="../moz.png" tooltiptext="hello"/>
+  <image id="image-onclick" src="../moz.png" onclick=""/>
+
   <statusbarpanel id="statusbarpanel"></statusbarpanel>
   <statusbarpanel id="statusbarpanel-iconic" class="statusbarpanel-iconic"></statusbarpanel>
   <statusbarpanel id="statusbarpanel-iconic-text" class="statusbarpanel-iconic-text"></statusbarpanel>
   <statusbar id="statusbar"></statusbar>
 
   </hbox>
 </window>
 
--- a/accessible/tests/mochitest/tree/a11y.ini
+++ b/accessible/tests/mochitest/tree/a11y.ini
@@ -29,16 +29,17 @@ skip-if = true # Bug 561508
 [test_dockids.html]
 [test_filectrl.html]
 [test_formctrl.html]
 skip-if = buildapp == "mulet"
 [test_formctrl.xul]
 [test_gencontent.html]
 [test_groupbox.xul]
 [test_iframe.html]
+[test_image.xul]
 [test_img.html]
 [test_invalid_img.xhtml]
 [test_invalidationlist.html]
 [test_list.html]
 [test_map.html]
 [test_media.html]
 skip-if = buildapp == "mulet"
 [test_select.html]
new file mode 100644
--- /dev/null
+++ b/accessible/tests/mochitest/tree/test_image.xul
@@ -0,0 +1,59 @@
+<?xml version="1.0"?>
+<?xml-stylesheet href="chrome://global/skin" type="text/css"?>
+<?xml-stylesheet href="chrome://mochikit/content/tests/SimpleTest/test.css"
+                 type="text/css"?>
+
+<window xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
+        title="Accessible XUL textbox and textarea hierarchy tests">
+
+  <script type="application/javascript"
+          src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js" />
+
+  <script type="application/javascript"
+          src="../common.js" />
+  <script type="application/javascript"
+          src="../role.js" />
+  <script type="application/javascript"
+          src="../events.js" />
+
+  <script type="application/javascript">
+  <![CDATA[
+    ////////////////////////////////////////////////////////////////////////////
+    // Test
+
+    function doTest()
+    {
+      var accTree = {
+        role: ROLE_GRAPHIC,
+        children: []
+      };
+      testAccessibleTree("image", accTree);
+
+      SimpleTest.finish()
+    }
+
+    SimpleTest.waitForExplicitFinish();
+    addA11yLoadEvent(doTest);
+  ]]>
+  </script>
+
+  <hbox flex="1" style="overflow: auto;">
+    <body xmlns="http://www.w3.org/1999/xhtml">
+      <a target="_blank"
+         href="https://bugzilla.mozilla.org/show_bug.cgi?id=1403231"
+         title="Remove the image XBL binding">
+        Mozilla Bug 1403231
+      </a><br/>
+      <p id="display"></p>
+      <div id="content" style="display: none">
+      </div>
+      <pre id="test">
+      </pre>
+    </body>
+
+    <vbox flex="1">
+      <image id="image" src="../moz.png" tooltiptext="hello"/>
+    </vbox>
+  </hbox>
+
+</window>
--- a/accessible/windows/msaa/Compatibility.cpp
+++ b/accessible/windows/msaa/Compatibility.cpp
@@ -163,17 +163,17 @@ uint32_t Compatibility::sConsumers = Com
 
 void
 Compatibility::Init()
 {
   // Note we collect some AT statistics/telemetry here for convenience.
 
   HMODULE jawsHandle = ::GetModuleHandleW(L"jhook");
   if (jawsHandle)
-    sConsumers |= (IsModuleVersionLessThan(jawsHandle, 20, 0)) ?
+    sConsumers |= (IsModuleVersionLessThan(jawsHandle, 19, 0)) ?
                    OLDJAWS : JAWS;
 
   if (::GetModuleHandleW(L"gwm32inc"))
     sConsumers |= WE;
 
   if (::GetModuleHandleW(L"dolwinhk"))
     sConsumers |= DOLPHIN;
 
--- a/browser/components/shell/test/test_headless_screenshot.html
+++ b/browser/components/shell/test/test_headless_screenshot.html
@@ -27,16 +27,21 @@ https://bugzilla.mozilla.org/show_bug.cg
     const prefsPath = OS.Path.join(profilePath, mochiPrefsName);
     const firefoxArgs = ["-profile", profilePath, "-no-remote"];
 
     await OS.File.makeDir(profilePath);
     await OS.File.copy(mochiPrefsPath, prefsPath);
     let proc = await Subprocess.call({
       command: firefoxExe,
       arguments: firefoxArgs.concat(args),
+      // Disable leak detection to avoid intermittent failure bug 1331152.
+      environmentAppend: true,
+      environment: {
+        ASAN_OPTIONS: "detect_leaks=0:quarantine_size=50331648:malloc_context_size=5",
+      },
     });
     let stdout;
     while ((stdout = await proc.stdout.readString())) {
       dump(">>> " + stdout + "\n");
     }
     let {exitCode} = await proc.wait();
     is(exitCode, 0, "Firefox process should exit with code 0");
     await OS.File.removeDir(profilePath);
--- a/browser/config/mozconfigs/win32/clang
+++ b/browser/config/mozconfigs/win32/clang
@@ -4,12 +4,12 @@ MOZ_AUTOMATION_L10N_CHECK=0
 
 . "$topsrcdir/build/mozconfig.win-common"
 . "$topsrcdir/browser/config/mozconfigs/common"
 
 ac_add_options --enable-optimize
 
 ac_add_options --enable-clang-plugin
 
-. $topsrcdir/build/win32/mozconfig.vs2015-win64
+. $topsrcdir/build/win32/mozconfig.vs-latest
 
 . "$topsrcdir/build/mozconfig.common.override"
 . "$topsrcdir/build/mozconfig.clang-cl"
--- a/browser/config/mozconfigs/win32/clang-debug
+++ b/browser/config/mozconfigs/win32/clang-debug
@@ -5,12 +5,12 @@ MOZ_AUTOMATION_L10N_CHECK=0
 . "$topsrcdir/build/mozconfig.win-common"
 . "$topsrcdir/browser/config/mozconfigs/common"
 
 ac_add_options --enable-optimize
 ac_add_options --enable-debug
 
 ac_add_options --enable-clang-plugin
 
-. $topsrcdir/build/win32/mozconfig.vs2015-win64
+. $topsrcdir/build/win32/mozconfig.vs-latest
 
 . "$topsrcdir/build/mozconfig.common.override"
 . "$topsrcdir/build/mozconfig.clang-cl"
--- a/browser/config/mozconfigs/win32/debug-static-analysis
+++ b/browser/config/mozconfigs/win32/debug-static-analysis
@@ -5,12 +5,12 @@ MOZ_AUTOMATION_L10N_CHECK=0
 . "$topsrcdir/build/mozconfig.win-common"
 . "$topsrcdir/browser/config/mozconfigs/common"
 
 ac_add_options --enable-debug
 ac_add_options --enable-dmd
 
 ac_add_options --enable-clang-plugin
 
-. $topsrcdir/build/win32/mozconfig.vs2015-win64
+. $topsrcdir/build/win32/mozconfig.vs-latest
 
 . "$topsrcdir/build/mozconfig.common.override"
 . "$topsrcdir/build/mozconfig.clang-cl"
--- a/browser/config/mozconfigs/win64/clang
+++ b/browser/config/mozconfigs/win64/clang
@@ -6,12 +6,12 @@ MOZ_AUTOMATION_PACKAGE_TEST=0
 
 ac_add_options --target=x86_64-pc-mingw32
 ac_add_options --host=x86_64-pc-mingw32
 
 ac_add_options --enable-optimize
 
 ac_add_options --enable-clang-plugin
 
-. $topsrcdir/build/win64/mozconfig.vs2015
+. $topsrcdir/build/win64/mozconfig.vs-latest
 
 . "$topsrcdir/build/mozconfig.common.override"
 . "$topsrcdir/build/mozconfig.clang-cl"
--- a/browser/config/mozconfigs/win64/clang-debug
+++ b/browser/config/mozconfigs/win64/clang-debug
@@ -7,12 +7,12 @@ MOZ_AUTOMATION_PACKAGE_TEST=0
 ac_add_options --target=x86_64-pc-mingw32
 ac_add_options --host=x86_64-pc-mingw32
 
 ac_add_options --enable-optimize
 ac_add_options --enable-debug
 
 ac_add_options --enable-clang-plugin
 
-. $topsrcdir/build/win64/mozconfig.vs2015
+. $topsrcdir/build/win64/mozconfig.vs-latest
 
 . "$topsrcdir/build/mozconfig.common.override"
 . "$topsrcdir/build/mozconfig.clang-cl"
--- a/browser/config/mozconfigs/win64/debug-asan
+++ b/browser/config/mozconfigs/win64/debug-asan
@@ -1,16 +1,16 @@
 MOZ_AUTOMATION_L10N_CHECK=0
 
 . "$topsrcdir/build/mozconfig.win-common"
 . "$topsrcdir/browser/config/mozconfigs/common"
 
 ac_add_options --enable-debug
 ac_add_options --enable-optimize="-O1"
 
-. "$topsrcdir/build/win64/mozconfig.vs2015"
+. "$topsrcdir/build/win64/mozconfig.vs-latest"
 
 . "$topsrcdir/build/win64/mozconfig.asan"
 
 export MOZ_PACKAGE_JSSHELL=1
 export MOZ_PKG_SPECIAL=asan
 
 . "$topsrcdir/build/mozconfig.common.override"
--- a/browser/config/mozconfigs/win64/nightly-asan
+++ b/browser/config/mozconfigs/win64/nightly-asan
@@ -1,16 +1,16 @@
 MOZ_AUTOMATION_L10N_CHECK=0
 
 . "$topsrcdir/build/mozconfig.win-common"
 . "$topsrcdir/browser/config/mozconfigs/common"
 
 ac_add_options --disable-debug
 ac_add_options --enable-optimize="-O2 -gline-tables-only"
 
-. "$topsrcdir/build/win64/mozconfig.vs2015"
+. "$topsrcdir/build/win64/mozconfig.vs-latest"
 
 . "$topsrcdir/build/win64/mozconfig.asan"
 
 export MOZ_PACKAGE_JSSHELL=1
 export MOZ_PKG_SPECIAL=asan
 
 . "$topsrcdir/build/mozconfig.common.override"
--- a/browser/config/tooltool-manifests/win32/build-clang-cl.manifest
+++ b/browser/config/tooltool-manifests/win32/build-clang-cl.manifest
@@ -1,15 +1,15 @@
 [
   {
-    "version": "Visual Studio 2015 Update 3 14.0.25425.01 / SDK 10.0.14393.0",
-    "size": 326656969,
-    "digest": "babc414ffc0457d27f5a1ed24a8e4873afbe2f1c1a4075469a27c005e1babc3b2a788f643f825efedff95b79686664c67ec4340ed535487168a3482e68559bc7",
+    "version": "Visual Studio 2017 15.4.2 / SDK 10.0.15063.0",
+    "digest": "18700889e6b5e81613b9cf57ce4e0d46a6ee45bb4c5c33bae2604a5275326128775b8a032a1eb178c5db973746d565340c4e36d98375789e1d5bd836ab16ba58",
+    "size": 303146863,
     "algorithm": "sha512",
-    "filename": "vs2015u3.zip",
+    "filename": "vs2017_15.4.2.zip",
     "unpack": true
   },
   {
     "version": "SVN 1.9.4, repacked from SlikSvn (https://sliksvn.com/download/)",
     "size": 3934520,
     "digest": "d3b8f74936857ecbf542e403ed6835938a31d65302985729cbfa7191bf2cf94138565cefcc2f31517098013fbfc51868348863a55b588250902f9dec214dbc42",
     "algorithm": "sha512",
     "filename": "svn194.zip",
--- a/browser/config/tooltool-manifests/win32/releng.manifest
+++ b/browser/config/tooltool-manifests/win32/releng.manifest
@@ -1,21 +1,21 @@
 [
   {
     "size": 266240,
     "digest": "bb345b0e700ffab4d09436981f14b5de84da55a3f18a7f09ebc4364a4488acdeab8d46f447b12ac70f2da1444a68b8ce8b8675f0dae2ccf845e966d1df0f0869",
     "algorithm": "sha512",
     "filename": "mozmake.exe"
   },
   {
-    "version": "Visual Studio 2017 15.4.1 / SDK 10.0.16299.0",
-    "digest": "b22783f94d8c1304f9640e0cf0c614175c3f2e21f084bb08a31d5b3dc2f387e38a6917170eeb37e6446f191f2d685ca69c5e935f9d18ef41d16abf3a3b981d63",
-    "size": 322544627,
+    "version": "Visual Studio 2017 15.4.2 / SDK 10.0.15063.0",
+    "digest": "18700889e6b5e81613b9cf57ce4e0d46a6ee45bb4c5c33bae2604a5275326128775b8a032a1eb178c5db973746d565340c4e36d98375789e1d5bd836ab16ba58",
+    "size": 303146863,
     "algorithm": "sha512",
-    "filename": "vs2017_15.4.1.zip",
+    "filename": "vs2017_15.4.2.zip",
     "unpack": true
   },
   {
     "version": "makecab rev d2bc6797648b7a834782714a55d339d2fd4e58c8",
     "algorithm": "sha512",
     "visibility": "public",
     "filename": "makecab.tar.bz2",
     "unpack": true,
deleted file mode 100644
--- a/browser/config/tooltool-manifests/win32/vs2017.manifest
+++ /dev/null
@@ -1,25 +0,0 @@
-[
-  {
-    "size": 266240,
-    "digest": "bb345b0e700ffab4d09436981f14b5de84da55a3f18a7f09ebc4364a4488acdeab8d46f447b12ac70f2da1444a68b8ce8b8675f0dae2ccf845e966d1df0f0869",
-    "algorithm": "sha512",
-    "filename": "mozmake.exe"
-  },
-  {
-    "version": "Visual Studio 2017 15.4.1 / SDK 10.0.16299.0",
-    "digest": "b22783f94d8c1304f9640e0cf0c614175c3f2e21f084bb08a31d5b3dc2f387e38a6917170eeb37e6446f191f2d685ca69c5e935f9d18ef41d16abf3a3b981d63",
-    "size": 322544627,
-    "algorithm": "sha512",
-    "filename": "vs2017_15.4.1.zip",
-    "unpack": true
-  },
-  {
-    "version": "makecab rev d2bc6797648b7a834782714a55d339d2fd4e58c8",
-    "algorithm": "sha512",
-    "visibility": "public",
-    "filename": "makecab.tar.bz2",
-    "unpack": true,
-    "digest": "196ac6a567c85559957dfe511c3d8654d23c94d5603259e19ccafe9d71e0e4ccee63ccc9a778f2699654b786cda54266108b7d4db543d01bb0b42545b4e6ec75",
-    "size": 297118
-  }
-]
--- a/browser/config/tooltool-manifests/win64/releng.manifest
+++ b/browser/config/tooltool-manifests/win64/releng.manifest
@@ -1,21 +1,21 @@
 [
   {
     "size": 266240,
     "digest": "bb345b0e700ffab4d09436981f14b5de84da55a3f18a7f09ebc4364a4488acdeab8d46f447b12ac70f2da1444a68b8ce8b8675f0dae2ccf845e966d1df0f0869",
     "algorithm": "sha512",
     "filename": "mozmake.exe"
   },
   {
-    "version": "Visual Studio 2017 15.4.1 / SDK 10.0.16299.0",
-    "digest": "b22783f94d8c1304f9640e0cf0c614175c3f2e21f084bb08a31d5b3dc2f387e38a6917170eeb37e6446f191f2d685ca69c5e935f9d18ef41d16abf3a3b981d63",
-    "size": 322544627,
+    "version": "Visual Studio 2017 15.4.2 / SDK 10.0.15063.0",
+    "digest": "18700889e6b5e81613b9cf57ce4e0d46a6ee45bb4c5c33bae2604a5275326128775b8a032a1eb178c5db973746d565340c4e36d98375789e1d5bd836ab16ba58",
+    "size": 303146863,
     "algorithm": "sha512",
-    "filename": "vs2017_15.4.1.zip",
+    "filename": "vs2017_15.4.2.zip",
     "unpack": true
   },
   {
     "version": "makecab rev d2bc6797648b7a834782714a55d339d2fd4e58c8",
     "algorithm": "sha512",
     "visibility": "public",
     "filename": "makecab.tar.bz2",
     "unpack": true,
deleted file mode 100644
--- a/browser/config/tooltool-manifests/win64/vs2017.manifest
+++ /dev/null
@@ -1,25 +0,0 @@
-[
-  {
-    "size": 266240,
-    "digest": "bb345b0e700ffab4d09436981f14b5de84da55a3f18a7f09ebc4364a4488acdeab8d46f447b12ac70f2da1444a68b8ce8b8675f0dae2ccf845e966d1df0f0869",
-    "algorithm": "sha512",
-    "filename": "mozmake.exe"
-  },
-  {
-    "version": "Visual Studio 2017 15.4.1 / SDK 10.0.16299.0",
-    "digest": "b22783f94d8c1304f9640e0cf0c614175c3f2e21f084bb08a31d5b3dc2f387e38a6917170eeb37e6446f191f2d685ca69c5e935f9d18ef41d16abf3a3b981d63",
-    "size": 322544627,
-    "algorithm": "sha512",
-    "filename": "vs2017_15.4.1.zip",
-    "unpack": true
-  },
-  {
-    "version": "makecab rev d2bc6797648b7a834782714a55d339d2fd4e58c8",
-    "algorithm": "sha512",
-    "visibility": "public",
-    "filename": "makecab.tar.bz2",
-    "unpack": true,
-    "digest": "196ac6a567c85559957dfe511c3d8654d23c94d5603259e19ccafe9d71e0e4ccee63ccc9a778f2699654b786cda54266108b7d4db543d01bb0b42545b4e6ec75",
-    "size": 297118
-  }
-]
--- a/build/build-clang/build-clang.py
+++ b/build/build-clang/build-clang.py
@@ -510,17 +510,17 @@ if __name__ == "__main__":
             os.environ['LD_LIBRARY_PATH'] = '%s/lib64/' % gcc_dir
     elif is_windows():
         extra_cflags = []
         extra_cxxflags = []
         # clang-cl would like to figure out what it's supposed to be emulating
         # by looking at an MSVC install, but we don't really have that here.
         # Force things on.
         extra_cflags2 = []
-        extra_cxxflags2 = ['-fms-compatibility-version=19.00.24213', '-Xclang', '-std=c++14']
+        extra_cxxflags2 = ['-fms-compatibility-version=19.11.25547', '-Xclang', '-std=c++14']
         extra_asmflags = []
         extra_ldflags = []
 
     if osx_cross_compile:
         # undo the damage done in the is_linux() block above, and also simulate
         # the is_darwin() block above.
         extra_cflags = []
         extra_cxxflags = ["-stdlib=libc++"]
--- a/build/build-clang/clang-win32.json
+++ b/build/build-clang/clang-win32.json
@@ -5,10 +5,14 @@
     "build_type": "Release",
     "assertions": false,
     "llvm_repo": "https://llvm.org/svn/llvm-project/llvm/trunk",
     "clang_repo": "https://llvm.org/svn/llvm-project/cfe/trunk",
     "compiler_repo": "https://llvm.org/svn/llvm-project/compiler-rt/trunk",
     "libcxx_repo": "https://llvm.org/svn/llvm-project/libcxx/trunk",
     "python_path": "c:/mozilla-build/python/python.exe",
     "cc": "cl.exe",
-    "cxx": "cl.exe"
+    "cxx": "cl.exe",
+    "patches": [
+      "build/src/build/build-clang/msvc-host-x64.patch",
+      "build/src/build/build-clang/loosen-msvc-detection.patch"
+    ]
 }
--- a/build/build-clang/clang-win64.json
+++ b/build/build-clang/clang-win64.json
@@ -6,10 +6,13 @@
     "assertions": false,
     "llvm_repo": "https://llvm.org/svn/llvm-project/llvm/trunk",
     "clang_repo": "https://llvm.org/svn/llvm-project/cfe/trunk",
     "compiler_repo": "https://llvm.org/svn/llvm-project/compiler-rt/trunk",
     "libcxx_repo": "https://llvm.org/svn/llvm-project/libcxx/trunk",
     "python_path": "c:/mozilla-build/python/python.exe",
     "cc": "cl.exe",
     "cxx": "cl.exe",
-    "ml": "ml64.exe"
+    "ml": "ml64.exe",
+    "patches": [
+      "build/src/build/build-clang/loosen-msvc-detection.patch"
+    ]
 }
new file mode 100644
--- /dev/null
+++ b/build/build-clang/loosen-msvc-detection.patch
@@ -0,0 +1,22 @@
+In a proper VS install, the path to cl.exe looks like:
+...\VC\Tools\MSVC\14.11.25503\bin\HostX64\x64\cl.exe
+
+In our automation, the path is just:
+...\VC\bin\HostX64\x64\cl.exe
+
+Clang tries to do some sanity-checking to make sure that the cl.exe it finds is the Microsoft compiler and not some other program. But the checks are a little too strict for us, so just look for "bin\Host*\*\cl.exe".
+
+diff --git a/clang/lib/Driver/ToolChains/MSVC.cpp b/clang/lib/Driver/ToolChains/MSVC.cpp
+index 7978a6941cb..0159e89fa27 100644
+--- a/clang/lib/Driver/ToolChains/MSVC.cpp
++++ b/clang/lib/Driver/ToolChains/MSVC.cpp
+@@ -152,8 +152,7 @@ static bool findVCToolChainViaEnvironment(std::string &Path,
+         // path components with these prefixes when walking backwards through
+         // the path.
+         // Note: empty strings match anything.
+-        llvm::StringRef ExpectedPrefixes[] = {"",     "Host",  "bin", "",
+-                                              "MSVC", "Tools", "VC"};
++        llvm::StringRef ExpectedPrefixes[] = {"", "Host",  "bin"};
+ 
+         auto It = llvm::sys::path::rbegin(PathEntry);
+         auto End = llvm::sys::path::rend(PathEntry);
new file mode 100644
--- /dev/null
+++ b/build/build-clang/msvc-host-x64.patch
@@ -0,0 +1,17 @@
+When looking for a linker, 32-bit clang-cl.exe wants to use the 32-bit-native link.exe located in Hostx86/x86, but this executable does not exist in our releng package, because we only use 64-bit-host toolchains.
+
+This patch makes clang-cl use the Hostx64/x86 linker instead. Ideally we wouldn't be using 32-bit clang-cl.exe in the first place. Bug 1414287 is on file to do so and remove this hack.
+
+diff --git a/clang/lib/Driver/ToolChains/MSVC.cpp b/clang/lib/Driver/ToolChains/MSVC.cpp
+--- a/clang/lib/Driver/ToolChains/MSVC.cpp
++++ b/clang/lib/Driver/ToolChains/MSVC.cpp
+@@ -817,8 +816,7 @@
+   switch (Type) {
+   case SubDirectoryType::Bin:
+     if (VSLayout == ToolsetLayout::VS2017OrNewer) {
+-      const bool HostIsX64 =
+-          llvm::Triple(llvm::sys::getProcessTriple()).isArch64Bit();
++      const bool HostIsX64 = true;
+       const char *const HostName = HostIsX64 ? "HostX64" : "HostX86";
+       llvm::sys::path::append(Path, "bin", HostName, SubdirName);
+     } else { // OlderVS or DevDivInternal
--- a/build/moz.configure/toolchain.configure
+++ b/build/moz.configure/toolchain.configure
@@ -506,21 +506,21 @@ def check_compiler(compiler, language, t
                 append_flag('-std=c++14')
             # GCC 4.9 indicates that it implements draft C++14 features
             # instead of the full language.
             elif info.type == 'gcc' and not \
                 (info.language_version == draft_cxx14_version or
                  info.language_version == cxx14_version):
                 append_flag('-std=gnu++14')
 
-    # We force clang-cl to emulate Visual C++ 2015 Update 3.
-    if info.type == 'clang-cl' and info.version != '19.00.24213':
+    # We force clang-cl to emulate Visual C++ 2017 version 15.4
+    if info.type == 'clang-cl' and info.version != '19.11.25547':
         # This flag is a direct clang-cl flag that doesn't need -Xclang,
         # add it directly.
-        flags.append('-fms-compatibility-version=19.00.24213')
+        flags.append('-fms-compatibility-version=19.11.25547')
 
     # Check compiler target
     # --------------------------------------------------------------------
     if not info.cpu or info.cpu != target.cpu:
         if info.type == 'clang':
             append_flag('--target=%s' % target.toolchain)
         elif info.type == 'gcc':
             same_arch_different_bits = (
--- a/build/win32/mozconfig.vs2017
+++ b/build/win32/mozconfig.vs2017
@@ -1,25 +1,25 @@
 if [ -z "${VSPATH}" ]; then
     TOOLTOOL_DIR=${TOOLTOOL_DIR:-$topsrcdir}
-    VSPATH="$(cd ${TOOLTOOL_DIR} && pwd)/vs2017_15.4.1"
+    VSPATH="$(cd ${TOOLTOOL_DIR} && pwd)/vs2017_15.4.2"
 fi
 
 if [ -d "${VSPATH}" ]; then
     VSWINPATH="$(cd ${VSPATH} && pwd -W)"
 
     export WINDOWSSDKDIR="${VSWINPATH}/SDK"
     export WIN32_REDIST_DIR="${VSPATH}/VC/redist/x86/Microsoft.VC141.CRT"
     export WIN_UCRT_REDIST_DIR="${VSPATH}/SDK/Redist/ucrt/DLLs/x86"
 
-    export PATH="${VSPATH}/VC/bin/Hostx86/x86:${VSPATH}/VC/bin/Hostx64/x86:${VSPATH}/VC/bin/Hostx64/x64:${VSPATH}/SDK/bin/10.0.16299.0/x64:${VSPATH}/DIA SDK/bin:${PATH}"
+    export PATH="${VSPATH}/VC/bin/Hostx86/x86:${VSPATH}/VC/bin/Hostx64/x86:${VSPATH}/VC/bin/Hostx64/x64:${VSPATH}/SDK/bin/10.0.15063.0/x64:${VSPATH}/DIA SDK/bin:${PATH}"
     export PATH="${VSPATH}/VC/redist/x86/Microsoft.VC141.CRT:${VSPATH}/SDK/Redist/ucrt/DLLs/x86:${PATH}"
 
-    export INCLUDE="${VSPATH}/VC/include:${VSPATH}/VC/atlmfc/include:${VSPATH}/SDK/Include/10.0.16299.0/ucrt:${VSPATH}/SDK/Include/10.0.16299.0/shared:${VSPATH}/SDK/Include/10.0.16299.0/um:${VSPATH}/SDK/Include/10.0.16299.0/winrt:${VSPATH}/DIA SDK/include"
-    export LIB="${VSPATH}/VC/lib/x86:${VSPATH}/VC/atlmfc/lib/x86:${VSPATH}/SDK/Lib/10.0.16299.0/ucrt/x86:${VSPATH}/SDK/Lib/10.0.16299.0/um/x86:${VSPATH}/DIA SDK/lib"
+    export INCLUDE="${VSPATH}/VC/include:${VSPATH}/VC/atlmfc/include:${VSPATH}/SDK/Include/10.0.15063.0/ucrt:${VSPATH}/SDK/Include/10.0.15063.0/shared:${VSPATH}/SDK/Include/10.0.15063.0/um:${VSPATH}/SDK/Include/10.0.15063.0/winrt:${VSPATH}/DIA SDK/include"
+    export LIB="${VSPATH}/VC/lib/x86:${VSPATH}/VC/atlmfc/lib/x86:${VSPATH}/SDK/Lib/10.0.15063.0/ucrt/x86:${VSPATH}/SDK/Lib/10.0.15063.0/um/x86:${VSPATH}/DIA SDK/lib"
 fi
 
 . $topsrcdir/build/mozconfig.vs-common
 
 mk_export_correct_style WINDOWSSDKDIR
 mk_export_correct_style WIN32_REDIST_DIR
 mk_export_correct_style WIN_UCRT_REDIST_DIR
 mk_export_correct_style PATH
--- a/build/win64/mozconfig.vs2017
+++ b/build/win64/mozconfig.vs2017
@@ -1,24 +1,24 @@
 if [ -z "${VSPATH}" ]; then
     TOOLTOOL_DIR=${TOOLTOOL_DIR:-$topsrcdir}
-    VSPATH="$(cd ${TOOLTOOL_DIR} && pwd)/vs2017_15.4.1"
+    VSPATH="$(cd ${TOOLTOOL_DIR} && pwd)/vs2017_15.4.2"
 fi
 
 if [ -d "${VSPATH}" ]; then
     VSWINPATH="$(cd ${VSPATH} && pwd -W)"
 
     export WINDOWSSDKDIR="${VSWINPATH}/SDK"
     export WIN32_REDIST_DIR=${VSPATH}/VC/redist/x64/Microsoft.VC141.CRT
     export WIN_UCRT_REDIST_DIR="${VSPATH}/SDK/Redist/ucrt/DLLs/x64"
 
-    export PATH="${VSPATH}/VC/bin/Hostx64/x64:${VSPATH}/SDK/bin/10.0.16299.0/x64:${VSPATH}/VC/redist/x64/Microsoft.VC141.CRT:${VSPATH}/SDK/Redist/ucrt/DLLs/x64:${VSPATH}/DIA SDK/bin/amd64:${PATH}"
+    export PATH="${VSPATH}/VC/bin/Hostx64/x64:${VSPATH}/SDK/bin/10.0.15063.0/x64:${VSPATH}/VC/redist/x64/Microsoft.VC141.CRT:${VSPATH}/SDK/Redist/ucrt/DLLs/x64:${VSPATH}/DIA SDK/bin/amd64:${PATH}"
 
-    export INCLUDE="${VSPATH}/VC/include:${VSPATH}/VC/atlmfc/include:${VSPATH}/SDK/Include/10.0.16299.0/ucrt:${VSPATH}/SDK/Include/10.0.16299.0/shared:${VSPATH}/SDK/Include/10.0.16299.0/um:${VSPATH}/SDK/Include/10.0.16299.0/winrt:${VSPATH}/DIA SDK/include"
-    export LIB="${VSPATH}/VC/lib/x64:${VSPATH}/VC/atlmfc/lib/x64:${VSPATH}/SDK/Lib/10.0.16299.0/ucrt/x64:${VSPATH}/SDK/Lib/10.0.16299.0/um/x64:${VSPATH}/DIA SDK/lib/amd64"
+    export INCLUDE="${VSPATH}/VC/include:${VSPATH}/VC/atlmfc/include:${VSPATH}/SDK/Include/10.0.15063.0/ucrt:${VSPATH}/SDK/Include/10.0.15063.0/shared:${VSPATH}/SDK/Include/10.0.15063.0/um:${VSPATH}/SDK/Include/10.0.15063.0/winrt:${VSPATH}/DIA SDK/include"
+    export LIB="${VSPATH}/VC/lib/x64:${VSPATH}/VC/atlmfc/lib/x64:${VSPATH}/SDK/Lib/10.0.15063.0/ucrt/x64:${VSPATH}/SDK/Lib/10.0.15063.0/um/x64:${VSPATH}/DIA SDK/lib/amd64"
 fi
 
 . $topsrcdir/build/mozconfig.vs-common
 
 mk_export_correct_style WINDOWSSDKDIR
 mk_export_correct_style WIN32_REDIST_DIR
 mk_export_correct_style WIN_UCRT_REDIST_DIR
 mk_export_correct_style PATH
--- a/caps/BasePrincipal.cpp
+++ b/caps/BasePrincipal.cpp
@@ -8,16 +8,17 @@
 
 #include "nsDocShell.h"
 #include "nsIContentSecurityPolicy.h"
 #include "nsIObjectInputStream.h"
 #include "nsIObjectOutputStream.h"
 #include "nsIStandardURL.h"
 
 #include "ContentPrincipal.h"
+#include "ExpandedPrincipal.h"
 #include "nsNetUtil.h"
 #include "nsIURIWithPrincipal.h"
 #include "NullPrincipal.h"
 #include "nsScriptSecurityManager.h"
 #include "nsServiceManagerUtils.h"
 
 #include "mozilla/dom/ChromeUtils.h"
 #include "mozilla/dom/CSPDictionariesBinding.h"
@@ -352,16 +353,27 @@ bool
 BasePrincipal::AddonHasPermission(const nsAtom* aPerm)
 {
   if (auto policy = AddonPolicy()) {
     return policy->HasPermission(aPerm);
   }
   return false;
 }
 
+nsIPrincipal*
+BasePrincipal::PrincipalToInherit(nsIURI* aRequestedURI,
+                                  bool aAllowIfInheritsPrincipal)
+{
+  if (Is<ExpandedPrincipal>()) {
+    return As<ExpandedPrincipal>()->PrincipalToInherit(aRequestedURI,
+                                                       aAllowIfInheritsPrincipal);
+  }
+  return this;
+}
+
 already_AddRefed<BasePrincipal>
 BasePrincipal::CreateCodebasePrincipal(nsIURI* aURI,
                                        const OriginAttributes& aAttrs)
 {
   MOZ_ASSERT(aURI);
 
   nsAutoCString originNoSuffix;
   nsresult rv =
--- a/caps/BasePrincipal.h
+++ b/caps/BasePrincipal.h
@@ -120,16 +120,28 @@ public:
 
   // Call these to avoid the cost of virtual dispatch.
   inline bool FastEquals(nsIPrincipal* aOther);
   inline bool FastEqualsConsideringDomain(nsIPrincipal* aOther);
   inline bool FastSubsumes(nsIPrincipal* aOther);
   inline bool FastSubsumesConsideringDomain(nsIPrincipal* aOther);
   inline bool FastSubsumesConsideringDomainIgnoringFPD(nsIPrincipal* aOther);
 
+  // Returns the principal to inherit when a caller with this principal loads
+  // the given URI.
+  //
+  // For most principal types, this returns the principal itself. For expanded
+  // principals, it returns the first sub-principal which subsumes the given URI
+  // (or, if no URI is given, the last whitelist principal).
+  //
+  // The aAllowIfInheritsPrincipal argument is passed through to CheckMayLoad()
+  // to determine which consistituent principals may load the requested URI.
+  nsIPrincipal* PrincipalToInherit(nsIURI* aRequestedURI = nullptr,
+                                   bool aAllowIfInheritsPrincipal = true);
+
   /**
    * Returns true if this principal's CSP should override a document's CSP for
    * loads that it triggers. Currently true only for expanded principals which
    * subsume the document principal.
    */
   bool OverridesCSP(nsIPrincipal* aDocumentPrincipal)
   {
     return mKind == eExpandedPrincipal && FastSubsumes(aDocumentPrincipal);
--- a/caps/ExpandedPrincipal.cpp
+++ b/caps/ExpandedPrincipal.cpp
@@ -175,16 +175,31 @@ ExpandedPrincipal::AddonHasPermission(co
   for (size_t i = 0; i < mPrincipals.Length(); ++i) {
     if (BasePrincipal::Cast(mPrincipals[i])->AddonHasPermission(aPerm)) {
       return true;
     }
   }
   return false;
 }
 
+nsIPrincipal*
+ExpandedPrincipal::PrincipalToInherit(nsIURI* aRequestedURI,
+                                      bool aAllowIfInheritsPrincipal)
+{
+  if (aRequestedURI) {
+    for (const auto& principal : mPrincipals) {
+      if (NS_SUCCEEDED(principal->CheckMayLoad(aRequestedURI, false,
+                                               aAllowIfInheritsPrincipal))) {
+        return principal;
+      }
+    }
+  }
+  return mPrincipals.LastElement();
+}
+
 nsresult
 ExpandedPrincipal::GetScriptLocation(nsACString& aStr)
 {
   aStr.AssignLiteral("[Expanded Principal [");
   for (size_t i = 0; i < mPrincipals.Length(); ++i) {
     if (i != 0) {
       aStr.AppendLiteral(", ");
     }
--- a/caps/ExpandedPrincipal.h
+++ b/caps/ExpandedPrincipal.h
@@ -32,16 +32,21 @@ public:
   NS_IMETHOD GetURI(nsIURI** aURI) override;
   NS_IMETHOD GetDomain(nsIURI** aDomain) override;
   NS_IMETHOD SetDomain(nsIURI* aDomain) override;
   NS_IMETHOD GetBaseDomain(nsACString& aBaseDomain) override;
   NS_IMETHOD GetAddonId(nsAString& aAddonId) override;
   virtual bool AddonHasPermission(const nsAtom* aPerm) override;
   virtual nsresult GetScriptLocation(nsACString &aStr) override;
 
+  // Returns the principal to inherit when this principal requests the given
+  // URL. See BasePrincipal::PrincipalToInherit.
+  nsIPrincipal* PrincipalToInherit(nsIURI* aRequestedURI = nullptr,
+                                   bool aAllowIfInheritsPrincipal = true);
+
 protected:
   explicit ExpandedPrincipal(nsTArray<nsCOMPtr<nsIPrincipal>> &aWhiteList);
 
   virtual ~ExpandedPrincipal();
 
   bool SubsumesInternal(nsIPrincipal* aOther,
                         DocumentDomainConsideration aConsideration) override;
 
--- a/caps/nsIPrincipal.idl
+++ b/caps/nsIPrincipal.idl
@@ -332,14 +332,20 @@ interface nsIPrincipal : nsISerializable
  * content and a well defined set of other domains, without the risk of
  * leaking out a system principal to the content. See: Bug 734891
  */
 [uuid(f3e177Df-6a5e-489f-80a7-2dd1481471d8)]
 interface nsIExpandedPrincipal : nsISupports
 {
   /**
    * An array of principals that the expanded principal subsumes.
+   *
+   * When an expanded principal is used as a triggering principal for a
+   * request that inherits a security context, one of its constitutent
+   * principals is inherited rather than the expanded principal itself. The
+   * last principal in the whitelist is the default principal to inherit.
+   *
    * Note: this list is not reference counted, it is shared, so
    * should not be changed and should only be used ephemerally.
    */
   [noscript, notxpcom, nostdcall]
   PrincipalArray WhiteList();
 };
--- a/caps/nsScriptSecurityManager.cpp
+++ b/caps/nsScriptSecurityManager.cpp
@@ -225,20 +225,19 @@ InheritAndSetCSPOnPrincipalIfNeeded(nsIC
 
   bool isSrcDoc = URISpec.EqualsLiteral("about:srcdoc");
   bool isData = (NS_SUCCEEDED(uri->SchemeIs("data", &isData)) && isData);
 
   if (!isSrcDoc && !isData) {
     return;
   }
 
-  nsCOMPtr<nsIPrincipal> principalToInherit = loadInfo->PrincipalToInherit();
-  if (!principalToInherit) {
-    principalToInherit = loadInfo->TriggeringPrincipal();
-  }
+  nsCOMPtr<nsIPrincipal> principalToInherit =
+    loadInfo->FindPrincipalToInherit(aChannel);
+
   nsCOMPtr<nsIContentSecurityPolicy> originalCSP;
   principalToInherit->GetCsp(getter_AddRefs(originalCSP));
   if (!originalCSP) {
     return;
   }
 
   // if the principalToInherit had a CSP, add it to the before
   // created NullPrincipal (unless it already has one)
@@ -259,20 +258,18 @@ nsresult
 nsScriptSecurityManager::GetChannelResultPrincipal(nsIChannel* aChannel,
                                                    nsIPrincipal** aPrincipal,
                                                    bool aIgnoreSandboxing)
 {
   NS_PRECONDITION(aChannel, "Must have channel!");
   // Check whether we have an nsILoadInfo that says what we should do.
   nsCOMPtr<nsILoadInfo> loadInfo = aChannel->GetLoadInfo();
   if (loadInfo && loadInfo->GetForceInheritPrincipalOverruleOwner()) {
-    nsCOMPtr<nsIPrincipal> principalToInherit = loadInfo->PrincipalToInherit();
-    if (!principalToInherit) {
-      principalToInherit = loadInfo->TriggeringPrincipal();
-    }
+    nsCOMPtr<nsIPrincipal> principalToInherit =
+      loadInfo->FindPrincipalToInherit(aChannel);
     principalToInherit.forget(aPrincipal);
     return NS_OK;
   }
 
   nsCOMPtr<nsISupports> owner;
   aChannel->GetOwner(getter_AddRefs(owner));
   if (owner) {
     CallQueryInterface(owner, aPrincipal);
@@ -294,39 +291,36 @@ nsScriptSecurityManager::GetChannelResul
       // Check if SEC_FORCE_INHERIT_PRINCIPAL was dropped because of
       // sandboxing:
       if (loadInfo->GetLoadingSandboxed() &&
         loadInfo->GetForceInheritPrincipalDropped()) {
         forceInherit = true;
       }
     }
     if (forceInherit) {
-      nsCOMPtr<nsIPrincipal> principalToInherit = loadInfo->PrincipalToInherit();
-      if (!principalToInherit) {
-        principalToInherit = loadInfo->TriggeringPrincipal();
-      }
+      nsCOMPtr<nsIPrincipal> principalToInherit =
+        loadInfo->FindPrincipalToInherit(aChannel);
       principalToInherit.forget(aPrincipal);
       return NS_OK;
     }
 
     auto securityMode = loadInfo->GetSecurityMode();
     // The data: inheritance flags should only apply to the initial load,
     // not to loads that it might have redirected to.
     if (loadInfo->RedirectChain().IsEmpty() &&
         (securityMode == nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_INHERITS ||
          securityMode == nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_INHERITS ||
          securityMode == nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS)) {
 
       nsCOMPtr<nsIURI> uri;
       nsresult rv = NS_GetFinalChannelURI(aChannel, getter_AddRefs(uri));
       NS_ENSURE_SUCCESS(rv, rv);
-      nsCOMPtr<nsIPrincipal> principalToInherit = loadInfo->PrincipalToInherit();
-      if (!principalToInherit) {
-        principalToInherit = loadInfo->TriggeringPrincipal();
-      }
+
+      nsCOMPtr<nsIPrincipal> principalToInherit =
+        loadInfo->FindPrincipalToInherit(aChannel);
       bool inheritForAboutBlank = loadInfo->GetAboutBlankInherits();
 
       if (nsContentUtils::ChannelShouldInheritPrincipal(principalToInherit,
                                                         uri,
                                                         inheritForAboutBlank,
                                                         false)) {
         principalToInherit.forget(aPrincipal);
         return NS_OK;
--- a/devtools/client/inspector/markup/markup.js
+++ b/devtools/client/inspector/markup/markup.js
@@ -193,20 +193,24 @@ MarkupView.prototype = {
    */
   _onToolboxPickerCanceled: function () {
     if (this._selectedContainer) {
       scrollIntoViewIfNeeded(this._selectedContainer.editor.elt);
     }
   },
 
   isDragging: false,
+  _draggedContainer: null,
 
   _onMouseMove: function (event) {
     let target = event.target;
 
+    if (this._draggedContainer) {
+      this._draggedContainer.onMouseMove(event);
+    }
     // Auto-scroll if we're dragging.
     if (this.isDragging) {
       event.preventDefault();
       this._autoScroll(event);
       return;
     }
 
     // Show the current container as hovered and highlight it.
@@ -324,17 +328,21 @@ MarkupView.prototype = {
     if (container instanceof MarkupElementContainer) {
       // With the newly found container, delegate the tooltip content creation
       // and decision to show or not the tooltip
       container._buildEventTooltipContent(event.target,
         this.eventDetailsTooltip);
     }
   },
 
-  _onMouseUp: function () {
+  _onMouseUp: function (event) {
+    if (this._draggedContainer) {
+      this._draggedContainer.onMouseUp(event);
+    }
+
     this.indicateDropTarget(null);
     this.indicateDragTarget(null);
     if (this._autoScrollAnimationFrame) {
       this.win.cancelAnimationFrame(this._autoScrollAnimationFrame);
     }
   },
 
   _onCollapseAttributesPrefChange: function () {
--- a/devtools/client/inspector/markup/test/head.js
+++ b/devtools/client/inspector/markup/test/head.js
@@ -518,17 +518,17 @@ function* simulateNodeDrag(inspector, se
 
   // _onMouseDown selects the node, so make sure to wait for the
   // inspector-updated event if the current selection was different.
   if (inspector.selection.nodeFront !== container.node) {
     yield inspector.once("inspector-updated");
   }
 
   info("Simulate mouseMove on element " + selector);
-  container._onMouseMove({
+  container.onMouseMove({
     pageX: scrollX + rect.x + xOffset,
     pageY: scrollY + rect.y + yOffset
   });
 }
 
 /**
  * Simulate dropping a MarkupContainer by calling its mouseup handler. This is
  * meant to be called after simulateNodeDrag has been called.
@@ -536,17 +536,17 @@ function* simulateNodeDrag(inspector, se
  * @param {String|MarkupContainer} selector The selector to identify the node or
  * the MarkupContainer for this node.
  */
 function* simulateNodeDrop(inspector, selector) {
   info("Simulate mouseUp on element " + selector);
   let container = typeof selector === "string"
                   ? yield getContainerForSelector(selector, inspector)
                   : selector;
-  container._onMouseUp();
+  container.onMouseUp();
   inspector.markup._onMouseUp();
 }
 
 /**
  * Simulate drag'n'dropping a MarkupContainer by calling its mousedown,
  * mousemove and mouseup handlers.
  * @param {InspectorPanel} inspector The current inspector-panel instance.
  * @param {String|MarkupContainer} selector The selector to identify the node or
--- a/devtools/client/inspector/markup/views/markup-container.js
+++ b/devtools/client/inspector/markup/views/markup-container.js
@@ -52,24 +52,20 @@ MarkupContainer.prototype = {
     this.htmlElt = this.win.document.documentElement;
 
     this.buildMarkup(type);
 
     this.elt.container = this;
 
     this._onMouseDown = this._onMouseDown.bind(this);
     this._onToggle = this._onToggle.bind(this);
-    this._onMouseUp = this._onMouseUp.bind(this);
-    this._onMouseMove = this._onMouseMove.bind(this);
     this._onKeyDown = this._onKeyDown.bind(this);
 
     // Binding event listeners
     this.elt.addEventListener("mousedown", this._onMouseDown);
-    this.win.addEventListener("mouseup", this._onMouseUp, true);
-    this.win.addEventListener("mousemove", this._onMouseMove, true);
     this.elt.addEventListener("dblclick", this._onToggle);
     if (this.expander) {
       this.expander.addEventListener("click", this._onToggle);
     }
 
     // Marking the node as shown or hidden
     this.updateIsDisplayed();
   },
@@ -519,24 +515,27 @@ MarkupContainer.prototype = {
       this.markup.inspector.followAttributeLink(type, link);
       return;
     }
 
     // Start node drag & drop (if the mouse moved, see _onMouseMove).
     if (isLeftClick && this.isDraggable()) {
       this._isPreDragging = true;
       this._dragStartY = event.pageY;
+      this.markup._draggedContainer = this;
     }
   },
 
   /**
    * On mouse up, stop dragging.
+   * This handler is called from the markup view, to reduce number of listeners.
    */
-  _onMouseUp: Task.async(function* () {
+  onMouseUp: Task.async(function* () {
     this._isPreDragging = false;
+    this.markup._draggedContainer = null;
 
     if (this.isDragging) {
       this.cancelDragging();
 
       let dropTargetNodes = this.markup.dropTargetNodes;
 
       if (!dropTargetNodes) {
         return;
@@ -545,18 +544,19 @@ MarkupContainer.prototype = {
       yield this.markup.walker.insertBefore(this.node, dropTargetNodes.parent,
                                             dropTargetNodes.nextSibling);
       this.markup.emit("drop-completed");
     }
   }),
 
   /**
    * On mouse move, move the dragged element and indicate the drop target.
+   * This handler is called from the markup view, to reduce number of listeners.
    */
-  _onMouseMove: function (event) {
+  onMouseMove: function (event) {
     // If this is the first move after mousedown, only start dragging after the
     // mouse has travelled a few pixels and then indicate the start position.
     let initialDiff = Math.abs(event.pageY - this._dragStartY);
     if (this._isPreDragging && initialDiff >= DRAG_DROP_MIN_INITIAL_DISTANCE) {
       this._isPreDragging = false;
       this.isDragging = true;
 
       // If this is the last child, use the closing <div.tag-line> of parent as
@@ -717,19 +717,19 @@ MarkupContainer.prototype = {
    * Get rid of event listeners and references, when the container is no longer
    * needed
    */
   destroy: function () {
     // Remove event listeners
     this.elt.removeEventListener("mousedown", this._onMouseDown);
     this.elt.removeEventListener("dblclick", this._onToggle);
     this.tagLine.removeEventListener("keydown", this._onKeyDown, true);
-    if (this.win) {
-      this.win.removeEventListener("mouseup", this._onMouseUp, true);
-      this.win.removeEventListener("mousemove", this._onMouseMove, true);
+
+    if (this.markup._draggedContainer === this) {
+      this.markup._draggedContainer = null;
     }
 
     this.win = null;
     this.htmlElt = null;
 
     if (this.expander) {
       this.expander.removeEventListener("click", this._onToggle);
     }
--- a/docshell/base/nsDSURIContentListener.cpp
+++ b/docshell/base/nsDSURIContentListener.cpp
@@ -9,21 +9,84 @@
 #include "nsIChannel.h"
 #include "nsServiceManagerUtils.h"
 #include "nsDocShellCID.h"
 #include "nsIWebNavigationInfo.h"
 #include "nsIDocument.h"
 #include "nsIDOMWindow.h"
 #include "nsIHttpChannel.h"
 #include "nsError.h"
+#include "nsContentSecurityManager.h"
 #include "nsDocShellLoadTypes.h"
+#include "nsIInterfaceRequestor.h"
 #include "nsIMultiPartChannel.h"
 
 using namespace mozilla;
 
+NS_IMPL_ADDREF(MaybeCloseWindowHelper)
+NS_IMPL_RELEASE(MaybeCloseWindowHelper)
+
+NS_INTERFACE_MAP_BEGIN(MaybeCloseWindowHelper)
+  NS_INTERFACE_MAP_ENTRY(nsISupports)
+NS_INTERFACE_MAP_END
+
+MaybeCloseWindowHelper::MaybeCloseWindowHelper(nsIInterfaceRequestor* aContentContext)
+  : mContentContext(aContentContext)
+  , mWindowToClose(nullptr)
+  , mTimer(nullptr)
+  , mShouldCloseWindow(false)
+{
+}
+
+MaybeCloseWindowHelper::~MaybeCloseWindowHelper()
+{
+}
+
+void
+MaybeCloseWindowHelper::SetShouldCloseWindow(bool aShouldCloseWindow)
+{
+  mShouldCloseWindow = aShouldCloseWindow;
+}
+
+nsIInterfaceRequestor*
+MaybeCloseWindowHelper::MaybeCloseWindow()
+{
+  nsCOMPtr<nsPIDOMWindowOuter> window = do_GetInterface(mContentContext);
+  NS_ENSURE_TRUE(window, mContentContext);
+
+  if (mShouldCloseWindow) {
+    // Reset the window context to the opener window so that the dependent
+    // dialogs have a parent
+    nsCOMPtr<nsPIDOMWindowOuter> opener = window->GetOpener();
+
+    if (opener && !opener->Closed()) {
+      mContentContext = do_GetInterface(opener);
+
+      // Now close the old window.  Do it on a timer so that we don't run
+      // into issues trying to close the window before it has fully opened.
+      NS_ASSERTION(!mTimer, "mTimer was already initialized once!");
+      NS_NewTimerWithCallback(getter_AddRefs(mTimer), this, 0, nsITimer::TYPE_ONE_SHOT);
+      mWindowToClose = window;
+    }
+  }
+  return mContentContext;
+}
+
+NS_IMETHODIMP
+MaybeCloseWindowHelper::Notify(nsITimer* timer)
+{
+  NS_ASSERTION(mWindowToClose, "No window to close after timer fired");
+
+  mWindowToClose->Close();
+  mWindowToClose = nullptr;
+  mTimer = nullptr;
+
+  return NS_OK;
+}
+
 nsDSURIContentListener::nsDSURIContentListener(nsDocShell* aDocShell)
   : mDocShell(aDocShell)
   , mExistingJPEGRequest(nullptr)
   , mParentContentListener(nullptr)
 {
 }
 
 nsDSURIContentListener::~nsDSURIContentListener()
@@ -81,16 +144,35 @@ nsDSURIContentListener::DoContent(const 
   *aAbortProcess = false;
 
   // determine if the channel has just been retargeted to us...
   nsLoadFlags loadFlags = 0;
   nsCOMPtr<nsIChannel> aOpenedChannel = do_QueryInterface(aRequest);
 
   if (aOpenedChannel) {
     aOpenedChannel->GetLoadFlags(&loadFlags);
+
+    // block top-level data URI navigations if triggered by the web
+    if (!nsContentSecurityManager::AllowTopLevelNavigationToDataURI(aOpenedChannel)) {
+      // logging to console happens within AllowTopLevelNavigationToDataURI
+      aRequest->Cancel(NS_ERROR_DOM_BAD_URI);
+      *aAbortProcess = true;
+      // close the window since the navigation to a data URI was blocked
+      if (mDocShell) {
+        nsCOMPtr<nsIInterfaceRequestor> contentContext =
+          do_QueryInterface(mDocShell->GetWindow());
+        if (contentContext) {
+          RefPtr<MaybeCloseWindowHelper> maybeCloseWindowHelper =
+            new MaybeCloseWindowHelper(contentContext);
+          maybeCloseWindowHelper->SetShouldCloseWindow(true);
+          maybeCloseWindowHelper->MaybeCloseWindow();
+        }
+      }
+      return NS_OK; 
+    }
   }
 
   if (loadFlags & nsIChannel::LOAD_RETARGETED_DOCUMENT_URI) {
     // XXX: Why does this not stop the content too?
     mDocShell->Stop(nsIWebNavigation::STOP_NETWORK);
 
     mDocShell->SetLoadType(aIsContentPreferred ? LOAD_LINK : LOAD_NORMAL);
   }
--- a/docshell/base/nsDSURIContentListener.h
+++ b/docshell/base/nsDSURIContentListener.h
@@ -5,19 +5,64 @@
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #ifndef nsDSURIContentListener_h__
 #define nsDSURIContentListener_h__
 
 #include "nsCOMPtr.h"
 #include "nsIURIContentListener.h"
 #include "nsWeakReference.h"
+#include "nsITimer.h"
 
 class nsDocShell;
+class nsIInterfaceRequestor;
 class nsIWebNavigationInfo;
+class nsPIDOMWindowOuter;
+
+// Helper Class to eventually close an already openend window
+class MaybeCloseWindowHelper final
+  : public nsITimerCallback
+{
+public:
+  NS_DECL_ISUPPORTS
+  NS_DECL_NSITIMERCALLBACK
+
+  explicit MaybeCloseWindowHelper(nsIInterfaceRequestor* aContentContext);
+
+  /**
+   * Closes the provided window async (if mShouldCloseWindow is true)
+   * and returns its opener if the window was just openend.
+   */
+  nsIInterfaceRequestor* MaybeCloseWindow();
+
+  void SetShouldCloseWindow(bool aShouldCloseWindow);
+
+protected:
+  ~MaybeCloseWindowHelper();
+
+private:
+  /**
+   * The dom window associated to handle content.
+   */
+  nsCOMPtr<nsIInterfaceRequestor> mContentContext;
+
+  /**
+   * Used to close the window on a timer, to avoid any exceptions that are
+   * thrown if we try to close the window before it's fully loaded.
+   */
+  nsCOMPtr<nsPIDOMWindowOuter> mWindowToClose;
+  nsCOMPtr<nsITimer> mTimer;
+
+  /**
+   * This is set based on whether the channel indicates that a new window
+   * was opened, e.g. for a download, or was blocked. If so, then we
+   * close it.
+   */
+  bool mShouldCloseWindow;
+};
 
 class nsDSURIContentListener final
   : public nsIURIContentListener
   , public nsSupportsWeakReference
 {
   friend class nsDocShell;
 
 public:
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@@ -9962,29 +9962,16 @@ nsDocShell::InternalLoad(nsIURI* aURI,
       // an iframe since that's more common.
       contentType = nsIContentPolicy::TYPE_INTERNAL_IFRAME;
     }
   } else {
     contentType = nsIContentPolicy::TYPE_DOCUMENT;
     isTargetTopLevelDocShell = true;
   }
 
-  nsIDocument* doc = mContentViewer ? mContentViewer->GetDocument()
-                                    : nullptr;
-  if (!nsContentSecurityManager::AllowTopLevelNavigationToDataURI(
-        aURI,
-        contentType,
-        aTriggeringPrincipal,
-        doc,
-        (aLoadType == LOAD_NORMAL_EXTERNAL),
-        !aFileName.IsVoid())) {
-    // logging to console happens within AllowTopLevelNavigationToDataURI
-    return NS_OK;
-  }
-
   // If there's no targetDocShell, that means we are about to create a new
   // window (or aWindowTarget is empty). Perform a content policy check before
   // creating the window. Please note for all other docshell loads
   // content policy checks are performed within the contentSecurityManager
   // when the channel is about to be openend.
   if (!targetDocShell && !aWindowTarget.IsEmpty()) {
     MOZ_ASSERT(contentType == nsIContentPolicy::TYPE_DOCUMENT,
                "opening a new window requires type to be TYPE_DOCUMENT");
@@ -10103,16 +10090,19 @@ nsDocShell::InternalLoad(nsIURI* aURI,
 
         nsCOMPtr<nsIDocShellTreeItem> parent;
         treeItem->GetSameTypeParent(getter_AddRefs(parent));
         parent.swap(treeItem);
       } while (treeItem);
     }
   }
 
+  nsIDocument* doc = mContentViewer ? mContentViewer->GetDocument()
+                                    : nullptr;
+
   const bool isDocumentAuxSandboxed = doc &&
     (doc->GetSandboxFlags() & SANDBOXED_AUXILIARY_NAVIGATION);
 
   if (aURI && mLoadURIDelegate &&
       (!targetDocShell || targetDocShell == static_cast<nsIDocShell*>(this))) {
     // Dispatch only load requests for the current or a new window to the
     // delegate, e.g., to allow for GeckoView apps to handle the load event
     // outside of Gecko.
@@ -11187,16 +11177,17 @@ nsDocShell::DoURILoad(nsIURI* aURI,
       new LoadInfo(loadingWindow, aTriggeringPrincipal, topLevelLoadingContext,
                    securityFlags) :
       new LoadInfo(loadingPrincipal, aTriggeringPrincipal, loadingNode,
                    securityFlags, aContentPolicyType);
 
   if (aPrincipalToInherit) {
     loadInfo->SetPrincipalToInherit(aPrincipalToInherit);
   }
+  loadInfo->SetLoadTriggeredFromExternal(aLoadFromExternal);
 
   // We have to do this in case our OriginAttributes are different from the
   // OriginAttributes of the parent document. Or in case there isn't a
   // parent document.
   bool isTopLevelDoc = mItemType == typeContent &&
                        (aContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT ||
                         GetIsMozBrowser());
 
--- a/dom/base/nsDocument.cpp
+++ b/dom/base/nsDocument.cpp
@@ -2500,20 +2500,20 @@ nsDocument::MaybeDowngradePrincipal(nsIP
     return nullptr;
   }
 
   // We can't load a document with an expanded principal. If we're given one,
   // automatically downgrade it to the last principal it subsumes (which is the
   // extension principal, in the case of extension content scripts).
   auto* basePrin = BasePrincipal::Cast(aPrincipal);
   if (basePrin->Is<ExpandedPrincipal>()) {
+    MOZ_DIAGNOSTIC_ASSERT(false, "Should never try to create a document with "
+                                 "an expanded principal");
+
     auto* expanded = basePrin->As<ExpandedPrincipal>();
-
-    MOZ_ASSERT(expanded->WhiteList().Length() > 0);
-
     return do_AddRef(expanded->WhiteList().LastElement());
   }
 
   if (!sChromeInContentPrefCached) {
     sChromeInContentPrefCached = true;
     Preferences::AddBoolVarCache(&sChromeInContentAllowed,
                                  kChromeInContentPref, false);
   }
--- a/dom/bindings/Codegen.py
+++ b/dom/bindings/Codegen.py
@@ -11393,17 +11393,17 @@ class CGProxySpecialOperation(CGPerSigna
 
         # We pass len(arguments) as the final argument so that the
         # CGPerSignatureCall won't do any argument conversion of its own.
         CGPerSignatureCall.__init__(self, returnType, arguments, nativeName,
                                     False, descriptor, operation,
                                     len(arguments), resultVar=resultVar,
                                     objectName="proxy")
 
-        if operation.isSetter() or operation.isCreator():
+        if operation.isSetter():
             # arguments[0] is the index or name of the item that we're setting.
             argument = arguments[1]
             info = getJSToNativeConversionInfo(
                 argument.type, descriptor,
                 treatNullAs=argument.treatNullAs,
                 sourceDescription=("value being assigned to %s setter" %
                                    descriptor.interface.identifier.name))
             if argumentHandleValue is None:
@@ -11820,18 +11820,16 @@ class CGDOMJSProxyHandler_defineProperty
         ClassMethod.__init__(self, "defineProperty", "bool", args, virtual=True, override=True, const=True)
         self.descriptor = descriptor
 
     def getBody(self):
         set = ""
 
         indexedSetter = self.descriptor.operations['IndexedSetter']
         if indexedSetter:
-            if self.descriptor.operations['IndexedCreator'] is not indexedSetter:
-                raise TypeError("Can't handle creator that's different from the setter")
             set += fill(
                 """
                 uint32_t index = GetArrayIndexFromId(cx, id);
                 if (IsArrayIndex(index)) {
                   *defined = true;
                   $*{callSetter}
                   return opresult.succeed();
                 }
@@ -11852,18 +11850,16 @@ class CGDOMJSProxyHandler_defineProperty
                 """)
 
         namedSetter = self.descriptor.operations['NamedSetter']
         if namedSetter:
             if self.descriptor.hasUnforgeableMembers:
                 raise TypeError("Can't handle a named setter on an interface "
                                 "that has unforgeables.  Figure out how that "
                                 "should work!")
-            if self.descriptor.operations['NamedCreator'] is not namedSetter:
-                raise TypeError("Can't handle creator that's different from the setter")
             # If we support indexed properties, we won't get down here for
             # indices, so we can just do our setter unconditionally here.
             set += fill(
                 """
                 *defined = true;
                 $*{callSetter}
 
                 return opresult.succeed();
@@ -12332,37 +12328,30 @@ class CGDOMJSProxyHandler_setCustom(Clas
         # always call the NamedSetter and never do anything else.
         namedSetter = self.descriptor.operations['NamedSetter']
         if (namedSetter is not None and
             self.descriptor.interface.getExtendedAttribute('OverrideBuiltins')):
             # Check assumptions.
             if self.descriptor.supportsIndexedProperties():
                 raise ValueError("In interface " + self.descriptor.name + ": " +
                                  "Can't cope with [OverrideBuiltins] and an indexed getter")
-            if self.descriptor.operations['NamedCreator'] is not namedSetter:
-                raise ValueError("In interface " + self.descriptor.name + ": " +
-                                 "Can't cope with named setter that is not also a named creator")
             if self.descriptor.hasUnforgeableMembers:
                 raise ValueError("In interface " + self.descriptor.name + ": " +
                                  "Can't cope with [OverrideBuiltins] and unforgeable members")
 
             callSetter = CGProxyNamedSetter(self.descriptor, argumentHandleValue="v")
             return (assertion +
                     callSetter.define() +
                     "*done = true;\n"
                     "return true;\n")
 
         # As an optimization, if we are going to call an IndexedSetter, go
         # ahead and call it and have done.
         indexedSetter = self.descriptor.operations['IndexedSetter']
         if indexedSetter is not None:
-            if self.descriptor.operations['IndexedCreator'] is not indexedSetter:
-                raise ValueError("In interface " + self.descriptor.name + ": " +
-                                 "Can't cope with indexed setter that is not " +
-                                 "also an indexed creator")
             setIndexed = fill(
                 """
                 uint32_t index = GetArrayIndexFromId(cx, id);
                 if (IsArrayIndex(index)) {
                   $*{callSetter}
                   *done = true;
                   return true;
                 }
@@ -15011,19 +15000,16 @@ class CGBindingImplClass(CGClass):
                 self.methodDecls.append(cgGetter(descriptor, m))
                 if not m.readonly:
                     self.methodDecls.append(cgSetter(descriptor, m))
 
         # Now do the special operations
         def appendSpecialOperation(name, op):
             if op is None:
                 return
-            if name == "IndexedCreator" or name == "NamedCreator":
-                # These are identical to the setters
-                return
             assert len(op.signatures()) == 1
             returnType, args = op.signatures()[0]
             # Make a copy of the args, since we plan to modify them.
             args = list(args)
             if op.isGetter() or op.isDeleter():
                 # This is a total hack.  The '&' belongs with the
                 # type, not the name!  But it works, and is simpler
                 # than trying to somehow make this pretty.
--- a/dom/bindings/Configuration.py
+++ b/dom/bindings/Configuration.py
@@ -388,21 +388,19 @@ class Descriptor(DescriptorProvider):
                          not self.interface.isNamespace() and
                          desc.get('concrete', True))
         self.hasUnforgeableMembers = (self.concrete and
                                       any(MemberIsUnforgeable(m, self) for m in
                                           self.interface.members))
         self.operations = {
             'IndexedGetter': None,
             'IndexedSetter': None,
-            'IndexedCreator': None,
             'IndexedDeleter': None,
             'NamedGetter': None,
             'NamedSetter': None,
-            'NamedCreator': None,
             'NamedDeleter': None,
             'Stringifier': None,
             'LegacyCaller': None,
             'Jsonifier': None
             }
 
         # Stringifiers and jsonifiers need to be set up whether an interface is
         # concrete or not, because they're actually prototype methods and hence
@@ -449,18 +447,16 @@ class Descriptor(DescriptorProvider):
                             assert m.isNamed()
                             operation = 'Named' + operation
                         addOperation(operation, m)
 
                     if m.isGetter():
                         addIndexedOrNamedOperation('Getter', m)
                     if m.isSetter():
                         addIndexedOrNamedOperation('Setter', m)
-                    if m.isCreator():
-                        addIndexedOrNamedOperation('Creator', m)
                     if m.isDeleter():
                         addIndexedOrNamedOperation('Deleter', m)
                     if m.isLegacycaller() and iface != self.interface:
                         raise TypeError("We don't support legacycaller on "
                                         "non-leaf interface %s.\n%s" %
                                         (iface, iface.location))
 
                 iface.setUserData('hasConcreteDescendant', True)
@@ -469,25 +465,23 @@ class Descriptor(DescriptorProvider):
             self.proxy = (self.supportsIndexedProperties() or
                           (self.supportsNamedProperties() and
                            not self.hasNamedPropertiesObject) or
                           self.hasNonOrdinaryGetPrototypeOf())
 
             if self.proxy:
                 if (not self.operations['IndexedGetter'] and
                     (self.operations['IndexedSetter'] or
-                     self.operations['IndexedDeleter'] or
-                     self.operations['IndexedCreator'])):
+                     self.operations['IndexedDeleter'])):
                     raise SyntaxError("%s supports indexed properties but does "
                                       "not have an indexed getter.\n%s" %
                                       (self.interface, self.interface.location))
                 if (not self.operations['NamedGetter'] and
                     (self.operations['NamedSetter'] or
-                     self.operations['NamedDeleter'] or
-                     self.operations['NamedCreator'])):
+                     self.operations['NamedDeleter'])):
                     raise SyntaxError("%s supports named properties but does "
                                       "not have a named getter.\n%s" %
                                       (self.interface, self.interface.location))
                 iface = self.interface
                 while iface:
                     iface.setUserData('hasProxyDescendant', True)
                     iface = iface.parent
 
--- a/dom/bindings/parser/WebIDL.py
+++ b/dom/bindings/parser/WebIDL.py
@@ -1090,34 +1090,32 @@ class IDLInterfaceOrNamespace(IDLObjectW
             isAncestor = False
             while testInterface:
                 self.maplikeOrSetlikeOrIterable.checkCollisions(testInterface.members,
                                                                 isAncestor)
                 isAncestor = True
                 testInterface = testInterface.parent
 
         # Ensure that there's at most one of each {named,indexed}
-        # {getter,setter,creator,deleter}, at most one stringifier,
+        # {getter,setter,deleter}, at most one stringifier,
         # and at most one legacycaller.  Note that this last is not
         # quite per spec, but in practice no one overloads
         # legacycallers.  Also note that in practice we disallow
         # indexed deleters, but it simplifies some other code to
-        # treat deleter analogously to getter/setter/creator by
+        # treat deleter analogously to getter/setter by
         # prefixing it with "named".
         specialMembersSeen = {}
         for member in self.members:
             if not member.isMethod():
                 continue
 
             if member.isGetter():
                 memberType = "getters"
             elif member.isSetter():
                 memberType = "setters"
-            elif member.isCreator():
-                memberType = "creators"
             elif member.isDeleter():
                 memberType = "deleters"
             elif member.isStringifier():
                 memberType = "stringifiers"
             elif member.isJsonifier():
                 memberType = "jsonifiers"
             elif member.isLegacycaller():
                 memberType = "legacycallers"
@@ -1153,18 +1151,18 @@ class IDLInterfaceOrNamespace(IDLObjectW
                     raise WebIDLError(
                         "Interface with [LegacyUnenumerableNamedProperties] "
                         "inherits from another interface with "
                         "[LegacyUnenumerableNamedProperties]",
                         [self.location, ancestor.location])
                 ancestor = ancestor.parent
 
         if self._isOnGlobalProtoChain:
-            # Make sure we have no named setters, creators, or deleters
-            for memberType in ["setter", "creator", "deleter"]:
+            # Make sure we have no named setters or deleters
+            for memberType in ["setter", "deleter"]:
                 memberId = "named " + memberType + "s"
                 if memberId in specialMembersSeen:
                     raise WebIDLError("Interface with [Global] has a named %s" %
                                       memberType,
                                       [self.location,
                                        specialMembersSeen[memberId].location])
             # Make sure we're not [OverrideBuiltins]
             if self.getExtendedAttribute("OverrideBuiltins"):
@@ -4615,30 +4613,29 @@ class IDLMethodOverload:
         return deps
 
 
 class IDLMethod(IDLInterfaceMember, IDLScope):
 
     Special = enum(
         'Getter',
         'Setter',
-        'Creator',
         'Deleter',
         'LegacyCaller',
         base=IDLInterfaceMember.Special
     )
 
     NamedOrIndexed = enum(
         'Neither',
         'Named',
         'Indexed'
     )
 
     def __init__(self, location, identifier, returnType, arguments,
-                 static=False, getter=False, setter=False, creator=False,
+                 static=False, getter=False, setter=False,
                  deleter=False, specialType=NamedOrIndexed.Neither,
                  legacycaller=False, stringifier=False, jsonifier=False,
                  maplikeOrSetlikeOrIterable=None, htmlConstructor=False):
         # REVIEW: specialType is NamedOrIndexed -- wow, this is messed up.
         IDLInterfaceMember.__init__(self, location, identifier,
                                     IDLInterfaceMember.Tags.Method)
 
         self._hasOverloads = False
@@ -4649,18 +4646,16 @@ class IDLMethod(IDLInterfaceMember, IDLS
         self._overloads = [IDLMethodOverload(returnType, arguments, location)]
 
         assert isinstance(static, bool)
         self._static = static
         assert isinstance(getter, bool)
         self._getter = getter
         assert isinstance(setter, bool)
         self._setter = setter
-        assert isinstance(creator, bool)
-        self._creator = creator
         assert isinstance(deleter, bool)
         self._deleter = deleter
         assert isinstance(legacycaller, bool)
         self._legacycaller = legacycaller
         assert isinstance(stringifier, bool)
         self._stringifier = stringifier
         assert isinstance(jsonifier, bool)
         self._jsonifier = jsonifier
@@ -4691,17 +4686,17 @@ class IDLMethod(IDLInterfaceMember, IDLS
             overload = self._overloads[0]
             arguments = overload.arguments
             assert len(arguments) == 1
             assert (arguments[0].type == BuiltinTypes[IDLBuiltinType.Types.domstring] or
                     arguments[0].type == BuiltinTypes[IDLBuiltinType.Types.unsigned_long])
             assert not arguments[0].optional and not arguments[0].variadic
             assert not self._getter or not overload.returnType.isVoid()
 
-        if self._setter or self._creator:
+        if self._setter:
             assert len(self._overloads) == 1
             arguments = self._overloads[0].arguments
             assert len(arguments) == 2
             assert (arguments[0].type == BuiltinTypes[IDLBuiltinType.Types.domstring] or
                     arguments[0].type == BuiltinTypes[IDLBuiltinType.Types.unsigned_long])
             assert not arguments[0].optional and not arguments[0].variadic
             assert not arguments[1].optional and not arguments[1].variadic
 
@@ -4724,19 +4719,16 @@ class IDLMethod(IDLInterfaceMember, IDLS
         self._static = True
 
     def isGetter(self):
         return self._getter
 
     def isSetter(self):
         return self._setter
 
-    def isCreator(self):
-        return self._creator
-
     def isDeleter(self):
         return self._deleter
 
     def isNamed(self):
         assert (self._specialType == IDLMethod.NamedOrIndexed.Named or
                 self._specialType == IDLMethod.NamedOrIndexed.Indexed)
         return self._specialType == IDLMethod.NamedOrIndexed.Named
 
@@ -4759,17 +4751,16 @@ class IDLMethod(IDLInterfaceMember, IDLS
         True if this method was generated as part of a
         maplike/setlike/etc interface (e.g. has/get methods)
         """
         return self.maplikeOrSetlikeOrIterable is not None
 
     def isSpecial(self):
         return (self.isGetter() or
                 self.isSetter() or
-                self.isCreator() or
                 self.isDeleter() or
                 self.isLegacycaller() or
                 self.isStringifier() or
                 self.isJsonifier())
 
     def isHTMLConstructor(self):
         return self._htmlConstructor
 
@@ -4815,18 +4806,16 @@ class IDLMethod(IDLInterfaceMember, IDLS
             raise WebIDLError("Overloaded identifier %s appears with different values of the 'legacycaller' attribute" % method.identifier,
                               [method.location])
 
         # Can't overload special things!
         assert not self.isGetter()
         assert not method.isGetter()
         assert not self.isSetter()
         assert not method.isSetter()
-        assert not self.isCreator()
-        assert not method.isCreator()
         assert not self.isDeleter()
         assert not method.isDeleter()
         assert not self.isStringifier()
         assert not method.isStringifier()
         assert not self.isJsonifier()
         assert not method.isJsonifier()
         assert not self.isHTMLConstructor()
         assert not method.isHTMLConstructor()
@@ -5272,17 +5261,16 @@ class Tokenizer(object):
         "jsonifier": "JSONIFIER",
         "unrestricted": "UNRESTRICTED",
         "attribute": "ATTRIBUTE",
         "readonly": "READONLY",
         "inherit": "INHERIT",
         "static": "STATIC",
         "getter": "GETTER",
         "setter": "SETTER",
-        "creator": "CREATOR",
         "deleter": "DELETER",
         "legacycaller": "LEGACYCALLER",
         "optional": "OPTIONAL",
         "...": "ELLIPSIS",
         "::": "SCOPE",
         "Date": "DATE",
         "DOMString": "DOMSTRING",
         "ByteString": "BYTESTRING",
@@ -5987,23 +5975,22 @@ class Parser(Tokenizer):
 
         stringifier = IDLInterfaceMember.Special.Stringifier in p[1]
         # If stringifier is there that's all that's allowed.  This is disallowed
         # by the parser, so we can assert here.
         assert not stringifier or len(qualifiers) == 1
 
         getter = True if IDLMethod.Special.Getter in p[1] else False
         setter = True if IDLMethod.Special.Setter in p[1] else False
-        creator = True if IDLMethod.Special.Creator in p[1] else False
         deleter = True if IDLMethod.Special.Deleter in p[1] else False
         legacycaller = True if IDLMethod.Special.LegacyCaller in p[1] else False
 
         if getter or deleter:
-            if setter or creator:
-                raise WebIDLError("getter and deleter are incompatible with setter and creator",
+            if setter:
+                raise WebIDLError("getter and deleter are incompatible with setter",
                                   [self.getLocation(p, 1)])
 
         (returnType, identifier, arguments) = p[2]
 
         assert isinstance(returnType, IDLType)
 
         specialType = IDLMethod.NamedOrIndexed.Neither
 
@@ -6028,72 +6015,67 @@ class Parser(Tokenizer):
                 raise WebIDLError("%s cannot have %s argument" %
                                   ("getter" if getter else "deleter",
                                    "optional" if arguments[0].optional else "variadic"),
                                   [arguments[0].location])
         if getter:
             if returnType.isVoid():
                 raise WebIDLError("getter cannot have void return type",
                                   [self.getLocation(p, 2)])
-        if setter or creator:
+        if setter:
             if len(arguments) != 2:
-                raise WebIDLError("%s has wrong number of arguments" %
-                                  ("setter" if setter else "creator"),
+                raise WebIDLError("setter has wrong number of arguments",
                                   [self.getLocation(p, 2)])
             argType = arguments[0].type
             if argType == BuiltinTypes[IDLBuiltinType.Types.domstring]:
                 specialType = IDLMethod.NamedOrIndexed.Named
             elif argType == BuiltinTypes[IDLBuiltinType.Types.unsigned_long]:
                 specialType = IDLMethod.NamedOrIndexed.Indexed
             else:
-                raise WebIDLError("%s has wrong argument type (must be DOMString or UnsignedLong)" %
-                                  ("setter" if setter else "creator"),
+                raise WebIDLError("settter has wrong argument type (must be DOMString or UnsignedLong)",
                                   [arguments[0].location])
             if arguments[0].optional or arguments[0].variadic:
-                raise WebIDLError("%s cannot have %s argument" %
-                                  ("setter" if setter else "creator",
-                                   "optional" if arguments[0].optional else "variadic"),
+                raise WebIDLError("setter cannot have %s argument" %
+                                   ("optional" if arguments[0].optional else "variadic"),
                                   [arguments[0].location])
             if arguments[1].optional or arguments[1].variadic:
-                raise WebIDLError("%s cannot have %s argument" %
-                                  ("setter" if setter else "creator",
-                                   "optional" if arguments[1].optional else "variadic"),
+                raise WebIDLError("setter cannot have %s argument" %
+                                   ("optional" if arguments[1].optional else "variadic"),
                                   [arguments[1].location])
 
         if stringifier:
             if len(arguments) != 0:
                 raise WebIDLError("stringifier has wrong number of arguments",
                                   [self.getLocation(p, 2)])
             if not returnType.isDOMString():
                 raise WebIDLError("stringifier must have DOMString return type",
                                   [self.getLocation(p, 2)])
 
         # identifier might be None.  This is only permitted for special methods.
         if not identifier:
-            if (not getter and not setter and not creator and
+            if (not getter and not setter and
                 not deleter and not legacycaller and not stringifier):
                 raise WebIDLError("Identifier required for non-special methods",
                                   [self.getLocation(p, 2)])
 
             location = BuiltinLocation("<auto-generated-identifier>")
             identifier = IDLUnresolvedIdentifier(
                 location,
-                "__%s%s%s%s%s%s%s" %
+                "__%s%s%s%s%s%s" %
                 ("named" if specialType == IDLMethod.NamedOrIndexed.Named else
                  "indexed" if specialType == IDLMethod.NamedOrIndexed.Indexed else "",
                  "getter" if getter else "",
                  "setter" if setter else "",
                  "deleter" if deleter else "",
-                 "creator" if creator else "",
                  "legacycaller" if legacycaller else "",
                  "stringifier" if stringifier else ""),
                 allowDoubleUnderscore=True)
 
         method = IDLMethod(self.getLocation(p, 2), identifier, returnType, arguments,
-                           static=static, getter=getter, setter=setter, creator=creator,
+                           static=static, getter=getter, setter=setter,
                            deleter=deleter, specialType=specialType,
                            legacycaller=legacycaller, stringifier=stringifier)
         p[0] = method
 
     def p_Stringifier(self, p):
         """
             Operation : STRINGIFIER SEMICOLON
         """
@@ -6159,22 +6141,16 @@ class Parser(Tokenizer):
         p[0] = IDLMethod.Special.Getter
 
     def p_SpecialSetter(self, p):
         """
             Special : SETTER
         """
         p[0] = IDLMethod.Special.Setter
 
-    def p_SpecialCreator(self, p):
-        """
-            Special : CREATOR
-        """
-        p[0] = IDLMethod.Special.Creator
-
     def p_SpecialDeleter(self, p):
         """
             Special : DELETER
         """
         p[0] = IDLMethod.Special.Deleter
 
     def p_SpecialLegacyCaller(self, p):
         """
@@ -6256,17 +6232,16 @@ class Parser(Tokenizer):
         p[0].addExtendedAttributes(p[1])
 
     def p_ArgumentName(self, p):
         """
             ArgumentName : IDENTIFIER
                          | ATTRIBUTE
                          | CALLBACK
                          | CONST
-                         | CREATOR
                          | DELETER
                          | DICTIONARY
                          | ENUM
                          | EXCEPTION
                          | GETTER
                          | IMPLEMENTS
                          | INHERIT
                          | INTERFACE
@@ -6406,17 +6381,16 @@ class Parser(Tokenizer):
                   | BYTESTRING
                   | USVSTRING
                   | ANY
                   | ATTRIBUTE
                   | BOOLEAN
                   | BYTE
                   | LEGACYCALLER
                   | CONST
-                  | CREATOR
                   | DELETER
                   | DOUBLE
                   | EXCEPTION
                   | FALSE
                   | FLOAT
                   | GETTER
                   | IMPLEMENTS
                   | INHERIT
--- a/dom/bindings/parser/tests/test_cereactions.py
+++ b/dom/bindings/parser/tests/test_cereactions.py
@@ -101,31 +101,16 @@ def WebIDLTest(parser, harness):
     harness.ok(threw,
                "Should have thrown for [CEReactions] used on a named getter")
 
     parser = parser.reset()
     threw = False
     try:
         parser.parse("""
           interface Foo {
-            [CEReactions] creator boolean (DOMString name, boolean value);
-          };
-        """)
-        results = parser.finish()
-    except:
-        threw = True
-
-    harness.ok(threw,
-               "Should have thrown for [CEReactions] used on a named creator")
-
-    parser = parser.reset()
-    threw = False
-    try:
-        parser.parse("""
-          interface Foo {
             [CEReactions] legacycaller double compute(double x);
           };
         """)
         results = parser.finish()
     except:
         threw = True
 
     harness.ok(threw,
--- a/dom/bindings/parser/tests/test_constructor.py
+++ b/dom/bindings/parser/tests/test_constructor.py
@@ -6,30 +6,29 @@ def WebIDLTest(parser, harness):
                    "Should be an IDLArgument")
         harness.check(argument.identifier.QName(), QName, "Argument has the right QName")
         harness.check(argument.identifier.name, name, "Argument has the right name")
         harness.check(str(argument.type), type, "Argument has the right return type")
         harness.check(argument.optional, optional, "Argument has the right optional value")
         harness.check(argument.variadic, variadic, "Argument has the right variadic value")
 
     def checkMethod(method, QName, name, signatures,
-                    static=True, getter=False, setter=False, creator=False,
+                    static=True, getter=False, setter=False,
                     deleter=False, legacycaller=False, stringifier=False,
                     chromeOnly=False, htmlConstructor=False):
         harness.ok(isinstance(method, WebIDL.IDLMethod),
                    "Should be an IDLMethod")
         harness.ok(method.isMethod(), "Method is a method")
         harness.ok(not method.isAttr(), "Method is not an attr")
         harness.ok(not method.isConst(), "Method is not a const")
         harness.check(method.identifier.QName(), QName, "Method has the right QName")
         harness.check(method.identifier.name, name, "Method has the right name")
         harness.check(method.isStatic(), static, "Method has the correct static value")
         harness.check(method.isGetter(), getter, "Method has the correct getter value")
         harness.check(method.isSetter(), setter, "Method has the correct setter value")
-        harness.check(method.isCreator(), creator, "Method has the correct creator value")
         harness.check(method.isDeleter(), deleter, "Method has the correct deleter value")
         harness.check(method.isLegacycaller(), legacycaller, "Method has the correct legacycaller value")
         harness.check(method.isStringifier(), stringifier, "Method has the correct stringifier value")
         harness.check(method.getExtendedAttribute("ChromeOnly") is not None, chromeOnly, "Method has the correct value for ChromeOnly")
         harness.check(method.isHTMLConstructor(), htmlConstructor, "Method has the correct htmlConstructor value")
         harness.check(len(method.signatures()), len(signatures), "Method has the correct number of signatures")
 
         sigpairs = zip(method.signatures(), signatures)
--- a/dom/bindings/parser/tests/test_duplicate_qualifiers.py
+++ b/dom/bindings/parser/tests/test_duplicate_qualifiers.py
@@ -25,30 +25,16 @@ def WebIDLTest(parser, harness):
     except:
         threw = True
 
     harness.ok(threw, "Should have thrown.")
 
     threw = False
     try:
         parser.parse("""
-            interface DuplicateQualifiers3 {
-              creator creator byte foo(unsigned long index, byte value);
-            };
-        """)
-
-        results = parser.finish()
-    except:
-        threw = True
-
-    harness.ok(threw, "Should have thrown.")
-
-    threw = False
-    try:
-        parser.parse("""
             interface DuplicateQualifiers4 {
               deleter deleter byte foo(unsigned long index);
             };
         """)
 
         results = parser.finish()
     except:
         threw = True
@@ -63,22 +49,8 @@ def WebIDLTest(parser, harness):
             };
         """)
 
         results = parser.finish()
     except:
         threw = True
 
     harness.ok(threw, "Should have thrown.")
-
-    threw = False
-    try:
-        results = parser.parse("""
-            interface DuplicateQualifiers6 {
-              creator setter creator byte foo(unsigned long index, byte value);
-            };
-        """)
-
-        results = parser.finish()
-    except:
-        threw = True
-
-    harness.ok(threw, "Should have thrown.")
--- a/dom/bindings/parser/tests/test_global_extended_attr.py
+++ b/dom/bindings/parser/tests/test_global_extended_attr.py
@@ -34,34 +34,16 @@ def WebIDLTest(parser, harness):
 
     parser = parser.reset()
     threw = False
     try:
         parser.parse("""
           [Global]
           interface Foo {
             getter any(DOMString name);
-            creator void(DOMString name, any arg);
-          };
-        """)
-        results = parser.finish()
-    except:
-        threw = True
-
-    harness.ok(threw,
-               "Should have thrown for [Global] used on an interface with a "
-               "named creator")
-
-    parser = parser.reset()
-    threw = False
-    try:
-        parser.parse("""
-          [Global]
-          interface Foo {
-            getter any(DOMString name);
             deleter void(DOMString name);
           };
         """)
         results = parser.finish()
     except:
         threw = True
 
     harness.ok(threw,
--- a/dom/bindings/parser/tests/test_method.py
+++ b/dom/bindings/parser/tests/test_method.py
@@ -36,29 +36,28 @@ def WebIDLTest(parser, harness):
                    "Should be an IDLArgument")
         harness.check(argument.identifier.QName(), QName, "Argument has the right QName")
         harness.check(argument.identifier.name, name, "Argument has the right name")
         harness.check(str(argument.type), type, "Argument has the right return type")
         harness.check(argument.optional, optional, "Argument has the right optional value")
         harness.check(argument.variadic, variadic, "Argument has the right variadic value")
 
     def checkMethod(method, QName, name, signatures,
-                    static=False, getter=False, setter=False, creator=False,
+                    static=False, getter=False, setter=False,
                     deleter=False, legacycaller=False, stringifier=False):
         harness.ok(isinstance(method, WebIDL.IDLMethod),
                    "Should be an IDLMethod")
         harness.ok(method.isMethod(), "Method is a method")
         harness.ok(not method.isAttr(), "Method is not an attr")
         harness.ok(not method.isConst(), "Method is not a const")
         harness.check(method.identifier.QName(), QName, "Method has the right QName")
         harness.check(method.identifier.name, name, "Method has the right name")
         harness.check(method.isStatic(), static, "Method has the correct static value")
         harness.check(method.isGetter(), getter, "Method has the correct getter value")
         harness.check(method.isSetter(), setter, "Method has the correct setter value")
-        harness.check(method.isCreator(), creator, "Method has the correct creator value")
         harness.check(method.isDeleter(), deleter, "Method has the correct deleter value")
         harness.check(method.isLegacycaller(), legacycaller, "Method has the correct legacycaller value")
         harness.check(method.isStringifier(), stringifier, "Method has the correct stringifier value")
         harness.check(len(method.signatures()), len(signatures), "Method has the correct number of signatures")
 
         sigpairs = zip(method.signatures(), signatures)
         for (gotSignature, expectedSignature) in sigpairs:
             (gotRetType, gotArgs) = gotSignature
--- a/dom/bindings/parser/tests/test_special_method_signature_mismatch.py
+++ b/dom/bindings/parser/tests/test_special_method_signature_mismatch.py
@@ -217,78 +217,8 @@ def WebIDLTest(parser, harness):
             };
         """)
 
         results = parser.finish()
     except:
         threw = True
 
     harness.ok(threw, "Should have thrown.")
-
-    threw = False
-    try:
-        parser.parse("""
-            interface SpecialMethodSignatureMismatch20 {
-              creator long long foo(long index, long long value);
-            };
-        """)
-
-        results = parser.finish()
-    except:
-        threw = True
-
-    harness.ok(threw, "Should have thrown.")
-
-    threw = False
-    try:
-        parser.parse("""
-            interface SpecialMethodSignatureMismatch22 {
-              creator boolean foo(unsigned long index, boolean value, long long extraArg);
-            };
-        """)
-
-        results = parser.finish()
-    except:
-        threw = True
-
-    harness.ok(threw, "Should have thrown.")
-
-    threw = False
-    try:
-        parser.parse("""
-            interface SpecialMethodSignatureMismatch23 {
-              creator boolean foo(unsigned long index, boolean... value);
-            };
-        """)
-
-        results = parser.finish()
-    except:
-        threw = True
-
-    harness.ok(threw, "Should have thrown.")
-
-    threw = False
-    try:
-        parser.parse("""
-            interface SpecialMethodSignatureMismatch24 {
-              creator boolean foo(unsigned long index, optional boolean value);
-            };
-        """)
-
-        results = parser.finish()
-    except:
-        threw = True
-
-    harness.ok(threw, "Should have thrown.")
-
-    threw = False
-    try:
-        parser.parse("""
-            interface SpecialMethodSignatureMismatch25 {
-              creator boolean foo();
-            };
-        """)
-
-        results = parser.finish()
-    except:
-        threw = True
-
-    harness.ok(threw, "Should have thrown.")
--- a/dom/bindings/parser/tests/test_special_methods.py
+++ b/dom/bindings/parser/tests/test_special_methods.py
@@ -1,76 +1,63 @@
 import WebIDL
 
 def WebIDLTest(parser, harness):
     parser.parse("""
         interface SpecialMethods {
           getter long long (unsigned long index);
           setter long long (unsigned long index, long long value);
-          creator long long (unsigned long index, long long value);
           getter boolean (DOMString name);
           setter boolean (DOMString name, boolean value);
-          creator boolean (DOMString name, boolean value);
           deleter boolean (DOMString name);
           readonly attribute unsigned long length;
         };
 
         interface SpecialMethodsCombination {
-          setter creator long long (unsigned long index, long long value);
           getter deleter boolean (DOMString name);
-          setter creator boolean (DOMString name, boolean value);
         };
     """)
 
     results = parser.finish()
 
     def checkMethod(method, QName, name,
-                    static=False, getter=False, setter=False, creator=False,
+                    static=False, getter=False, setter=False,
                     deleter=False, legacycaller=False, stringifier=False):
         harness.ok(isinstance(method, WebIDL.IDLMethod),
                    "Should be an IDLMethod")
         harness.check(method.identifier.QName(), QName, "Method has the right QName")
         harness.check(method.identifier.name, name, "Method has the right name")
         harness.check(method.isStatic(), static, "Method has the correct static value")
         harness.check(method.isGetter(), getter, "Method has the correct getter value")
         harness.check(method.isSetter(), setter, "Method has the correct setter value")
-        harness.check(method.isCreator(), creator, "Method has the correct creator value")
         harness.check(method.isDeleter(), deleter, "Method has the correct deleter value")
         harness.check(method.isLegacycaller(), legacycaller, "Method has the correct legacycaller value")
         harness.check(method.isStringifier(), stringifier, "Method has the correct stringifier value")
 
     harness.check(len(results), 2, "Expect 2 interfaces")
 
     iface = results[0]
-    harness.check(len(iface.members), 8, "Expect 8 members")
+    harness.check(len(iface.members), 6, "Expect 6 members")
 
     checkMethod(iface.members[0], "::SpecialMethods::__indexedgetter", "__indexedgetter",
                 getter=True)
     checkMethod(iface.members[1], "::SpecialMethods::__indexedsetter", "__indexedsetter",
                 setter=True)
-    checkMethod(iface.members[2], "::SpecialMethods::__indexedcreator", "__indexedcreator",
-                creator=True)
-    checkMethod(iface.members[3], "::SpecialMethods::__namedgetter", "__namedgetter",
+    checkMethod(iface.members[2], "::SpecialMethods::__namedgetter", "__namedgetter",
                 getter=True)
-    checkMethod(iface.members[4], "::SpecialMethods::__namedsetter", "__namedsetter",
+    checkMethod(iface.members[3], "::SpecialMethods::__namedsetter", "__namedsetter",
                 setter=True)
-    checkMethod(iface.members[5], "::SpecialMethods::__namedcreator", "__namedcreator",
-                creator=True)
-    checkMethod(iface.members[6], "::SpecialMethods::__nameddeleter", "__nameddeleter",
+    checkMethod(iface.members[4], "::SpecialMethods::__nameddeleter", "__nameddeleter",
                 deleter=True)
 
     iface = results[1]
-    harness.check(len(iface.members), 3, "Expect 3 members")
+    harness.check(len(iface.members), 1, "Expect 1 member")
 
-    checkMethod(iface.members[0], "::SpecialMethodsCombination::__indexedsettercreator",
-                "__indexedsettercreator", setter=True, creator=True)
-    checkMethod(iface.members[1], "::SpecialMethodsCombination::__namedgetterdeleter",
+    checkMethod(iface.members[0], "::SpecialMethodsCombination::__namedgetterdeleter",
                 "__namedgetterdeleter", getter=True, deleter=True)
-    checkMethod(iface.members[2], "::SpecialMethodsCombination::__namedsettercreator",
-                "__namedsettercreator", setter=True, creator=True)
 
     parser = parser.reset();
 
     threw = False
     try:
         parser.parse(
             """
             interface IndexedDeleter {
--- a/dom/bindings/parser/tests/test_special_methods_uniqueness.py
+++ b/dom/bindings/parser/tests/test_special_methods_uniqueness.py
@@ -30,33 +30,18 @@ def WebIDLTest(parser, harness):
         threw = True
 
     harness.ok(threw, "Should have thrown.")
 
     threw = False
     try:
         parser.parse("""
             interface SpecialMethodUniqueness1 {
-              setter creator boolean (DOMString name);
-              creator boolean (DOMString name);
+              setter boolean (DOMString name);
+              setter boolean (DOMString name);
             };
         """)
 
         results = parser.finish()
     except:
         threw = True
 
     harness.ok(threw, "Should have thrown.")
-
-    threw = False
-    try:
-        parser.parse("""
-            interface SpecialMethodUniqueness1 {
-              setter boolean (DOMString name);
-              creator setter boolean (DOMString name);
-            };
-        """)
-
-        results = parser.finish()
-    except:
-        threw = True
-
-    harness.ok(threw, "Should have thrown.")
--- a/dom/bindings/test/TestCodeGen.webidl
+++ b/dom/bindings/test/TestCodeGen.webidl
@@ -1206,50 +1206,50 @@ interface TestIndexedGetterInterface {
 
 interface TestNamedGetterInterface {
   getter DOMString (DOMString name);
 };
 
 interface TestIndexedGetterAndSetterAndNamedGetterInterface {
   getter DOMString (DOMString myName);
   getter long (unsigned long index);
-  setter creator void (unsigned long index, long arg);
+  setter void (unsigned long index, long arg);
   readonly attribute unsigned long length;
 };
 
 interface TestIndexedAndNamedGetterInterface {
   getter long (unsigned long index);
   getter DOMString namedItem(DOMString name);
   readonly attribute unsigned long length;
 };
 
 interface TestIndexedSetterInterface {
-  setter creator void setItem(unsigned long idx, DOMString item);
+  setter void setItem(unsigned long idx, DOMString item);
   getter DOMString (unsigned long idx);
   readonly attribute unsigned long length;
 };
 
 interface TestNamedSetterInterface {
-  setter creator void (DOMString myName, TestIndexedSetterInterface item);
+  setter void (DOMString myName, TestIndexedSetterInterface item);
   getter TestIndexedSetterInterface (DOMString name);
 };
 
 interface TestIndexedAndNamedSetterInterface {
-  setter creator void (unsigned long index, TestIndexedSetterInterface item);
+  setter void (unsigned long index, TestIndexedSetterInterface item);
   getter TestIndexedSetterInterface (unsigned long index);
   readonly attribute unsigned long length;
-  setter creator void setNamedItem(DOMString name, TestIndexedSetterInterface item);
+  setter void setNamedItem(DOMString name, TestIndexedSetterInterface item);
   getter TestIndexedSetterInterface (DOMString name);
 };
 
 interface TestIndexedAndNamedGetterAndSetterInterface : TestIndexedSetterInterface {
   getter long item(unsigned long index);
   getter DOMString namedItem(DOMString name);
-  setter creator void (unsigned long index, long item);
-  setter creator void (DOMString name, DOMString item);
+  setter void (unsigned long index, long item);
+  setter void (DOMString name, DOMString item);
   stringifier DOMString ();
   readonly attribute unsigned long length;
 };
 
 interface TestNamedDeleterInterface {
   deleter void (DOMString name);
   getter long (DOMString name);
 };
@@ -1305,15 +1305,15 @@ interface TestWorkerExposedInterface {
   [NeedsCallerType] attribute boolean needsCallerTypeAttr;
 };
 
 [HTMLConstructor]
 interface TestHTMLConstructorInterface {
 };
 
 interface TestCEReactionsInterface {
-  [CEReactions] setter creator void (unsigned long index, long item);
-  [CEReactions] setter creator void (DOMString name, DOMString item);
+  [CEReactions] setter void (unsigned long index, long item);
+  [CEReactions] setter void (DOMString name, DOMString item);
   [CEReactions] deleter void (DOMString name);
   getter long item(unsigned long index);
   getter DOMString (DOMString name);
   readonly attribute unsigned long length;
 };
--- a/dom/bindings/test/TestExampleGen.webidl
+++ b/dom/bindings/test/TestExampleGen.webidl
@@ -814,22 +814,22 @@ interface TestExampleInterface {
   [NeedsWindowsUndef]
   const unsigned long NO_ERROR = 0xffffffff;
 
   // If you add things here, add them to TestCodeGen and TestJSImplGen as well
 };
 
 interface TestExampleProxyInterface {
   getter long longIndexedGetter(unsigned long ix);
-  setter creator void longIndexedSetter(unsigned long y, long z);
+  setter void longIndexedSetter(unsigned long y, long z);
   readonly attribute unsigned long length;
   stringifier DOMString myStringifier();
   getter short shortNameGetter(DOMString nom);
   deleter void (DOMString nomnom);
-  setter creator void shortNamedSetter(DOMString me, short value);
+  setter void shortNamedSetter(DOMString me, short value);
 };
 
 [Exposed=(Window,Worker)]
 interface TestExampleWorkerInterface {
   [NeedsSubjectPrincipal] void needsSubjectPrincipalMethod();
   [NeedsSubjectPrincipal] attribute boolean needsSubjectPrincipalAttr;
   [NeedsCallerType] void needsCallerTypeMethod();
   [NeedsCallerType] attribute boolean needsCallerTypeAttr;
--- a/dom/interfaces/xul/moz.build
+++ b/dom/interfaces/xul/moz.build
@@ -12,17 +12,16 @@ XPIDL_SOURCES += [
     'nsIDOMXULCheckboxElement.idl',
     'nsIDOMXULCommandDispatcher.idl',
     'nsIDOMXULCommandEvent.idl',
     'nsIDOMXULContainerElement.idl',
     'nsIDOMXULControlElement.idl',
     'nsIDOMXULDescriptionElement.idl',
     'nsIDOMXULDocument.idl',
     'nsIDOMXULElement.idl',
-    'nsIDOMXULImageElement.idl',
     'nsIDOMXULLabeledControlEl.idl',
     'nsIDOMXULLabelElement.idl',
     'nsIDOMXULMenuListElement.idl',
     'nsIDOMXULMultSelectCntrlEl.idl',
     'nsIDOMXULPopupElement.idl',
     'nsIDOMXULRelatedElement.idl',
     'nsIDOMXULSelectCntrlEl.idl',
     'nsIDOMXULSelectCntrlItemEl.idl',
deleted file mode 100644
--- a/dom/interfaces/xul/nsIDOMXULImageElement.idl
+++ /dev/null
@@ -1,12 +0,0 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#include "nsIDOMElement.idl"
-#include "nsIDOMXULElement.idl"
-
-[scriptable, uuid(0a391077-c509-49d2-af73-72e2114edd65)]
-interface nsIDOMXULImageElement : nsISupports {
-  attribute DOMString src;
-};
-
--- a/dom/ipc/TabChild.cpp
+++ b/dom/ipc/TabChild.cpp
@@ -460,16 +460,24 @@ TabChild::TabChild(nsIContentChild* aMan
   }
   mCoalesceMouseMoveEvents =
     Preferences::GetBool("dom.event.coalesce_mouse_move");
   if (mCoalesceMouseMoveEvents) {
     mCoalescedMouseEventFlusher = new CoalescedMouseMoveFlusher(this);
   }
 }
 
+const CompositorOptions&
+TabChild::GetCompositorOptions() const
+{
+  // If you're calling this before mCompositorOptions is set, well.. don't.
+  MOZ_ASSERT(mCompositorOptions);
+  return mCompositorOptions.ref();
+}
+
 bool
 TabChild::AsyncPanZoomEnabled() const
 {
   // This might get called by the TouchEvent::PrefEnabled code before we have
   // mCompositorOptions populated (bug 1370089). In that case we just assume
   // APZ is enabled because we're in a content process (because TabChild) and
   // APZ is probably going to be enabled here since e10s is enabled.
   return mCompositorOptions ? mCompositorOptions->UseAPZ() : true;
@@ -2945,17 +2953,17 @@ TabChild::InitRenderingState(const Textu
 }
 
 bool
 TabChild::CreateRemoteLayerManager(mozilla::layers::PCompositorBridgeChild* aCompositorChild)
 {
   MOZ_ASSERT(aCompositorChild);
 
   bool success = false;
-  if (gfxVars::UseWebRender()) {
+  if (mCompositorOptions->UseWebRender()) {
     success = mPuppetWidget->CreateRemoteLayerManager([&] (LayerManager* aLayerManager) -> bool {
       MOZ_ASSERT(aLayerManager->AsWebRenderLayerManager());
       return aLayerManager->AsWebRenderLayerManager()->Initialize(aCompositorChild,
                                                                   wr::AsPipelineId(mLayersId),
                                                                   &mTextureFactoryIdentifier);
     });
   } else {
     nsTArray<LayersBackend> ignored;
--- a/dom/ipc/TabChild.h
+++ b/dom/ipc/TabChild.h
@@ -680,16 +680,17 @@ public:
 
   bool IPCOpen() const { return mIPCOpen; }
 
   bool ParentIsActive() const
   {
     return mParentIsActive;
   }
 
+  const mozilla::layers::CompositorOptions& GetCompositorOptions() const;
   bool AsyncPanZoomEnabled() const;
 
   virtual ScreenIntSize GetInnerSize() override;
 
   // Call RecvShow(nsIntSize(0, 0)) and block future calls to RecvShow().
   void DoFakeShow(const TextureFactoryIdentifier& aTextureFactoryIdentifier,
                   const uint64_t& aLayersId,
                   const mozilla::layers::CompositorOptions& aCompositorOptions,
--- a/dom/jsurl/nsJSProtocolHandler.cpp
+++ b/dom/jsurl/nsJSProtocolHandler.cpp
@@ -153,20 +153,17 @@ nsresult nsJSThunk::EvaluateScript(nsICh
     // Get principal of code for execution
     nsCOMPtr<nsISupports> owner;
     aChannel->GetOwner(getter_AddRefs(owner));
     nsCOMPtr<nsIPrincipal> principal = do_QueryInterface(owner);
     if (!principal) {
         nsCOMPtr<nsILoadInfo> loadInfo;
         aChannel->GetLoadInfo(getter_AddRefs(loadInfo));
         if (loadInfo && loadInfo->GetForceInheritPrincipal()) {
-            principal = loadInfo->PrincipalToInherit();
-            if (!principal) {
-                principal = loadInfo->TriggeringPrincipal();
-            }
+            principal = loadInfo->FindPrincipalToInherit(aChannel);
         } else {
             // No execution without a principal!
             NS_ASSERTION(!owner, "Non-principal owner?");
             NS_WARNING("No principal to execute JS with");
             return NS_ERROR_DOM_RETVAL_UNDEFINED;
         }
     }
 
--- a/dom/media/mediasource/ContainerParser.cpp
+++ b/dom/media/mediasource/ContainerParser.cpp
@@ -123,17 +123,16 @@ public:
   explicit WebMContainerParser(const MediaContainerType& aType)
     : ContainerParser(aType)
     , mParser(0)
     , mOffset(0)
   {
   }
 
   static const unsigned NS_PER_USEC = 1000;
-  static const unsigned USEC_PER_SEC = 1000000;
 
   MediaResult IsInitSegmentPresent(MediaByteBuffer* aData) override
   {
     ContainerParser::IsInitSegmentPresent(aData);
     if (aData->Length() < 4) {
       return NS_ERROR_NOT_AVAILABLE;
     }
 
deleted file mode 100644
--- a/dom/plugins/base/PluginPRLibrary.cpp
+++ /dev/null
@@ -1,306 +0,0 @@
-/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*-
- * vim: sw=2 ts=8 et :
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#include "mozilla/Assertions.h"
-#include "mozilla/PluginPRLibrary.h"
-#include "nsNPAPIPluginInstance.h"
-
-// Some plugins on Windows, notably Quake Live, implement NP_Initialize using
-// cdecl instead of the documented stdcall. In order to work around this,
-// we force the caller to use a frame pointer.
-#if defined(XP_WIN) && defined(_M_IX86)
-#include <malloc.h>
-
-// gNotOptimized exists so that the compiler will not optimize the alloca
-// below.
-static int gNotOptimized;
-#define CALLING_CONVENTION_HACK void* foo MOZ_UNUSED_ATTRIBUTE = _alloca(gNotOptimized);
-#else
-#define CALLING_CONVENTION_HACK
-#endif
-
-using namespace mozilla::layers;
-
-namespace mozilla {
-#if defined(XP_UNIX) && !defined(XP_MACOSX)
-nsresult
-PluginPRLibrary::NP_Initialize(NPNetscapeFuncs* bFuncs,
-                               NPPluginFuncs* pFuncs, NPError* error)
-{
-  if (mNP_Initialize) {
-    *error = mNP_Initialize(bFuncs, pFuncs);
-  } else {
-    NP_InitializeFunc pfNP_Initialize = (NP_InitializeFunc)
-      PR_FindFunctionSymbol(mLibrary, "NP_Initialize");
-    if (!pfNP_Initialize)
-      return NS_ERROR_FAILURE;
-    *error = pfNP_Initialize(bFuncs, pFuncs);
-  }
-
-
-  // Save pointers to functions that get called through PluginLibrary itself.
-  mNPP_New = pFuncs->newp;
-  mNPP_ClearSiteData = pFuncs->clearsitedata;
-  mNPP_GetSitesWithData = pFuncs->getsiteswithdata;
-  return NS_OK;
-}
-#else
-nsresult
-PluginPRLibrary::NP_Initialize(NPNetscapeFuncs* bFuncs, NPError* error)
-{
-  CALLING_CONVENTION_HACK
-
-  if (mNP_Initialize) {
-    *error = mNP_Initialize(bFuncs);
-  } else {
-    NP_InitializeFunc pfNP_Initialize = (NP_InitializeFunc)
-      PR_FindFunctionSymbol(mLibrary, "NP_Initialize");
-    if (!pfNP_Initialize)
-      return NS_ERROR_FAILURE;
-    *error = pfNP_Initialize(bFuncs);
-  }
-
-  return NS_OK;
-}
-#endif
-
-nsresult
-PluginPRLibrary::NP_Shutdown(NPError* error)
-{
-  CALLING_CONVENTION_HACK
-
-  if (mNP_Shutdown) {
-    *error = mNP_Shutdown();
-  } else {
-    NP_ShutdownFunc pfNP_Shutdown = (NP_ShutdownFunc)
-      PR_FindFunctionSymbol(mLibrary, "NP_Shutdown");
-    if (!pfNP_Shutdown)
-      return NS_ERROR_FAILURE;
-    *error = pfNP_Shutdown();
-  }
-
-  return NS_OK;
-}
-
-nsresult
-PluginPRLibrary::NP_GetMIMEDescription(const char** mimeDesc)
-{
-  CALLING_CONVENTION_HACK
-
-  if (mNP_GetMIMEDescription) {
-    *mimeDesc = mNP_GetMIMEDescription();
-  }
-  else {
-    NP_GetMIMEDescriptionFunc pfNP_GetMIMEDescription =
-      (NP_GetMIMEDescriptionFunc)
-      PR_FindFunctionSymbol(mLibrary, "NP_GetMIMEDescription");
-    if (!pfNP_GetMIMEDescription) {
-      *mimeDesc = "";
-      return NS_ERROR_FAILURE;
-    }
-    *mimeDesc = pfNP_GetMIMEDescription();
-  }
-
-  return NS_OK;
-}
-
-nsresult
-PluginPRLibrary::NP_GetValue(void *future, NPPVariable aVariable,
-			     void *aValue, NPError* error)
-{
-#if defined(XP_UNIX) && !defined(XP_MACOSX)
-  if (mNP_GetValue) {
-    *error = mNP_GetValue(future, aVariable, aValue);
-  } else {
-    NP_GetValueFunc pfNP_GetValue = (NP_GetValueFunc)PR_FindFunctionSymbol(mLibrary, "NP_GetValue");
-    if (!pfNP_GetValue)
-      return NS_ERROR_FAILURE;
-    *error = pfNP_GetValue(future, aVariable, aValue);
-  }
-  return NS_OK;
-#else
-  return NS_ERROR_NOT_IMPLEMENTED;
-#endif
-}
-
-#if defined(XP_WIN) || defined(XP_MACOSX)
-nsresult
-PluginPRLibrary::NP_GetEntryPoints(NPPluginFuncs* pFuncs, NPError* error)
-{
-  CALLING_CONVENTION_HACK
-
-  if (mNP_GetEntryPoints) {
-    *error = mNP_GetEntryPoints(pFuncs);
-  } else {
-    NP_GetEntryPointsFunc pfNP_GetEntryPoints = (NP_GetEntryPointsFunc)
-      PR_FindFunctionSymbol(mLibrary, "NP_GetEntryPoints");
-    if (!pfNP_GetEntryPoints)
-      return NS_ERROR_FAILURE;
-    *error = pfNP_GetEntryPoints(pFuncs);
-  }
-
-  // Save pointers to functions that get called through PluginLibrary itself.
-  mNPP_New = pFuncs->newp;
-  mNPP_ClearSiteData = pFuncs->clearsitedata;
-  mNPP_GetSitesWithData = pFuncs->getsiteswithdata;
-  return NS_OK;
-}
-#endif
-
-nsresult
-PluginPRLibrary::NPP_New(NPMIMEType pluginType, NPP instance,
-			 int16_t argc, char* argn[],
-			 char* argv[], NPSavedData* saved,
-			 NPError* error)
-{
-  if (!mNPP_New)
-    return NS_ERROR_FAILURE;
-
-  *error = mNPP_New(pluginType, instance, NP_EMBED, argc, argn, argv, saved);
-  return NS_OK;
-}
-
-nsresult
-PluginPRLibrary::NPP_ClearSiteData(const char* site, uint64_t flags,
-                                   uint64_t maxAge, nsCOMPtr<nsIClearSiteDataCallback> callback)
-{
-  if (!mNPP_ClearSiteData) {
-    return NS_ERROR_NOT_AVAILABLE;
-  }
-
-  NPError result = mNPP_ClearSiteData(site, flags, maxAge);
-
-  nsresult rv;
-  switch (result) {
-  case NPERR_NO_ERROR:
-    rv = NS_OK;
-    break;
-  case NPERR_TIME_RANGE_NOT_SUPPORTED:
-    rv = NS_ERROR_PLUGIN_TIME_RANGE_NOT_SUPPORTED;
-    break;
-  case NPERR_MALFORMED_SITE:
-    rv = NS_ERROR_INVALID_ARG;
-    break;
-  default:
-    rv = NS_ERROR_FAILURE;
-  }
-  callback->Callback(rv);
-  return NS_OK;
-}
-
-nsresult
-PluginPRLibrary::NPP_GetSitesWithData(nsCOMPtr<nsIGetSitesWithDataCallback> callback)
-{
-  if (!mNPP_GetSitesWithData) {
-    return NS_ERROR_NOT_AVAILABLE;
-  }
-
-  char** sites = mNPP_GetSitesWithData();
-  if (!sites) {
-    return NS_OK;
-  }
-  InfallibleTArray<nsCString> result;
-  char** iterator = sites;
-  while (*iterator) {
-    result.AppendElement(*iterator);
-    free(*iterator);
-    ++iterator;
-  }
-  callback->SitesWithData(result);
-  free(sites);
-
-  return NS_OK;
-}
-
-nsresult
-PluginPRLibrary::AsyncSetWindow(NPP instance, NPWindow* window)
-{
-  nsNPAPIPluginInstance* inst = (nsNPAPIPluginInstance*)instance->ndata;
-  NS_ENSURE_TRUE(inst, NS_ERROR_NULL_POINTER);
-  return NS_ERROR_NOT_IMPLEMENTED;
-}
-
-nsresult
-PluginPRLibrary::GetImageContainer(NPP instance, ImageContainer** aContainer)
-{
-  return NS_ERROR_NOT_IMPLEMENTED;
-}
-
-#if defined(XP_MACOSX)
-nsresult
-PluginPRLibrary::IsRemoteDrawingCoreAnimation(NPP instance, bool *aDrawing)
-{
-  nsNPAPIPluginInstance* inst = (nsNPAPIPluginInstance*)instance->ndata;
-  NS_ENSURE_TRUE(inst, NS_ERROR_NULL_POINTER);
-  *aDrawing = false;
-  return NS_OK;
-}
-#endif
-#if defined(XP_MACOSX) || defined(XP_WIN)
-nsresult
-PluginPRLibrary::ContentsScaleFactorChanged(NPP instance, double aContentsScaleFactor)
-{
-  nsNPAPIPluginInstance* inst = (nsNPAPIPluginInstance*)instance->ndata;
-  NS_ENSURE_TRUE(inst, NS_ERROR_NULL_POINTER);
-  return NS_OK;
-}
-#endif
-
-nsresult
-PluginPRLibrary::GetImageSize(NPP instance, nsIntSize* aSize)
-{
-  return NS_ERROR_NOT_IMPLEMENTED;
-}
-
-nsresult
-PluginPRLibrary::SetBackgroundUnknown(NPP instance)
-{
-  nsNPAPIPluginInstance* inst = (nsNPAPIPluginInstance*)instance->ndata;
-  NS_ENSURE_TRUE(inst, NS_ERROR_NULL_POINTER);
-  NS_ERROR("Unexpected use of async APIs for in-process plugin.");
-  return NS_ERROR_NOT_IMPLEMENTED;
-}
-
-nsresult
-PluginPRLibrary::BeginUpdateBackground(NPP instance, const nsIntRect&,
-                                       DrawTarget** aDrawTarget)
-{
-  nsNPAPIPluginInstance* inst = (nsNPAPIPluginInstance*)instance->ndata;
-  NS_ENSURE_TRUE(inst, NS_ERROR_NULL_POINTER);
-  NS_ERROR("Unexpected use of async APIs for in-process plugin.");
-  *aDrawTarget = nullptr;
-  return NS_OK;
-}
-
-nsresult
-PluginPRLibrary::EndUpdateBackground(NPP instance, const nsIntRect&)
-{
-  MOZ_CRASH("This should never be called");
-  return NS_ERROR_NOT_AVAILABLE;
-}
-
-#if defined(XP_WIN)
-nsresult
-PluginPRLibrary::GetScrollCaptureContainer(NPP aInstance, ImageContainer** aContainer)
-{
-  return NS_ERROR_NOT_IMPLEMENTED;
-}
-#endif
-
-nsresult
-PluginPRLibrary::HandledWindowedPluginKeyEvent(
-                   NPP aInstance,
-                   const NativeEventData& aNativeKeyData,
-                   bool aIsConsumed)
-{
-  nsNPAPIPluginInstance* instance = (nsNPAPIPluginInstance*)aInstance->ndata;
-  if (NS_WARN_IF(!instance)) {
-    return NS_ERROR_NULL_POINTER;
-  }
-  return NS_OK;
-}
-
-} // namespace mozilla
deleted file mode 100644
--- a/dom/plugins/base/PluginPRLibrary.h
+++ /dev/null
@@ -1,158 +0,0 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
- * vim: sw=4 ts=4 et :
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#ifndef PluginPRLibrary_h
-#define PluginPRLibrary_h 1
-
-#include "mozilla/PluginLibrary.h"
-#include "nsNPAPIPlugin.h"
-#include "npfunctions.h"
-
-namespace mozilla {
-
-class PluginPRLibrary : public PluginLibrary
-{
-public:
-    PluginPRLibrary(const char* aFilePath, PRLibrary* aLibrary) :
-#if defined(XP_UNIX) && !defined(XP_MACOSX)
-        mNP_Initialize(nullptr),
-#else
-        mNP_Initialize(nullptr),
-#endif
-        mNP_Shutdown(nullptr),
-        mNP_GetMIMEDescription(nullptr),
-#if defined(XP_UNIX) && !defined(XP_MACOSX)
-        mNP_GetValue(nullptr),
-#endif
-#if defined(XP_WIN) || defined(XP_MACOSX)
-        mNP_GetEntryPoints(nullptr),
-#endif
-        mNPP_New(nullptr),
-        mNPP_ClearSiteData(nullptr),
-        mNPP_GetSitesWithData(nullptr),
-        mLibrary(aLibrary),
-        mFilePath(aFilePath)
-    {
-        NS_ASSERTION(mLibrary, "need non-null lib");
-        // addref here??
-    }
-
-    virtual ~PluginPRLibrary()
-    {
-        // unref here??
-    }
-
-    virtual void SetPlugin(nsNPAPIPlugin*) override { }
-
-    virtual bool HasRequiredFunctions() override {
-        mNP_Initialize = (NP_InitializeFunc)
-            PR_FindFunctionSymbol(mLibrary, "NP_Initialize");
-        if (!mNP_Initialize)
-            return false;
-
-        mNP_Shutdown = (NP_ShutdownFunc)
-            PR_FindFunctionSymbol(mLibrary, "NP_Shutdown");
-        if (!mNP_Shutdown)
-            return false;
-
-        mNP_GetMIMEDescription = (NP_GetMIMEDescriptionFunc)
-            PR_FindFunctionSymbol(mLibrary, "NP_GetMIMEDescription");
-#ifndef XP_MACOSX
-        if (!mNP_GetMIMEDescription)
-            return false;
-#endif
-
-#if defined(XP_UNIX) && !defined(XP_MACOSX)
-        mNP_GetValue = (NP_GetValueFunc)
-            PR_FindFunctionSymbol(mLibrary, "NP_GetValue");
-        if (!mNP_GetValue)
-            return false;
-#endif
-
-#if defined(XP_WIN) || defined(XP_MACOSX)
-        mNP_GetEntryPoints = (NP_GetEntryPointsFunc)
-            PR_FindFunctionSymbol(mLibrary, "NP_GetEntryPoints");
-        if (!mNP_GetEntryPoints)
-            return false;
-#endif
-        return true;
-    }
-
-#if defined(XP_UNIX) && !defined(XP_MACOSX)
-    virtual nsresult NP_Initialize(NPNetscapeFuncs* aNetscapeFuncs,
-                                   NPPluginFuncs* aFuncs, NPError* aError) override;
-#else
-    virtual nsresult NP_Initialize(NPNetscapeFuncs* aNetscapeFuncs,
-                                   NPError* aError) override;
-#endif
-
-    virtual nsresult NP_Shutdown(NPError* aError) override;
-    virtual nsresult NP_GetMIMEDescription(const char** aMimeDesc) override;
-
-    virtual nsresult NP_GetValue(void* aFuture, NPPVariable aVariable,
-                                 void* aValue, NPError* aError) override;
-
-#if defined(XP_WIN) || defined(XP_MACOSX)
-    virtual nsresult NP_GetEntryPoints(NPPluginFuncs* aFuncs, NPError* aError) override;
-#endif
-
-    virtual nsresult NPP_New(NPMIMEType aPluginType, NPP aInstance,
-                             int16_t aArgc, char* aArgn[],
-                             char* aArgv[], NPSavedData* aSaved,
-                             NPError* aError) override;
-
-    virtual nsresult NPP_ClearSiteData(const char* aSite, uint64_t aFlags,
-                                       uint64_t aMaxAge, nsCOMPtr<nsIClearSiteDataCallback> callback) override;
-    virtual nsresult NPP_GetSitesWithData(nsCOMPtr<nsIGetSitesWithDataCallback> callback) override;
-
-    virtual nsresult AsyncSetWindow(NPP aInstance, NPWindow* aWindow) override;
-    virtual nsresult GetImageContainer(NPP aInstance, mozilla::layers::ImageContainer** aContainer) override;
-    virtual nsresult GetImageSize(NPP aInstance, nsIntSize* aSize) override;
-    virtual bool IsOOP() override { return false; }
-#if defined(XP_MACOSX)
-    virtual nsresult IsRemoteDrawingCoreAnimation(NPP aInstance, bool* aDrawing) override;
-#endif
-#if defined(XP_MACOSX) || defined(XP_WIN)
-    virtual nsresult ContentsScaleFactorChanged(NPP aInstance, double aContentsScaleFactor) override;
-#endif
-    virtual nsresult SetBackgroundUnknown(NPP instance) override;
-    virtual nsresult BeginUpdateBackground(NPP instance, const nsIntRect&,
-                                           DrawTarget** aDrawTarget) override;
-    virtual nsresult EndUpdateBackground(NPP instance,
-                                         const nsIntRect&) override;
-    virtual void DidComposite(NPP aInstance) override { }
-    virtual void GetLibraryPath(nsACString& aPath) { aPath.Assign(mFilePath); }
-    virtual nsresult GetRunID(uint32_t* aRunID) override { return NS_ERROR_NOT_IMPLEMENTED; }
-    virtual void SetHasLocalInstance() override { }
-#if defined(XP_WIN)
-    virtual nsresult GetScrollCaptureContainer(NPP aInstance, mozilla::layers::ImageContainer** aContainer) override;
-#endif
-    virtual nsresult HandledWindowedPluginKeyEvent(
-                       NPP aInstance,
-                       const mozilla::NativeEventData& aNativeKeyData,
-                       bool aIsCOnsumed) override;
-
-private:
-    NP_InitializeFunc mNP_Initialize;
-    NP_ShutdownFunc mNP_Shutdown;
-    NP_GetMIMEDescriptionFunc mNP_GetMIMEDescription;
-#if defined(XP_UNIX) && !defined(XP_MACOSX)
-    NP_GetValueFunc mNP_GetValue;
-#endif
-#if defined(XP_WIN) || defined(XP_MACOSX)
-    NP_GetEntryPointsFunc mNP_GetEntryPoints;
-#endif
-    NPP_NewProcPtr mNPP_New;
-    NPP_ClearSiteDataPtr mNPP_ClearSiteData;
-    NPP_GetSitesWithDataPtr mNPP_GetSitesWithData;
-    PRLibrary* mLibrary;
-    nsCString mFilePath;
-};
-
-
-} // namespace mozilla
-
-#endif  // ifndef PluginPRLibrary_h
--- a/dom/plugins/base/moz.build
+++ b/dom/plugins/base/moz.build
@@ -28,29 +28,24 @@ EXPORTS += [
     'nsPluginInstanceOwner.h',
     'nsPluginLogging.h',
     'nsPluginNativeWindow.h',
     'nsPluginsCID.h',
     'nsPluginsDir.h',
     'nsPluginTags.h',
 ]
 
-EXPORTS.mozilla += [
-    'PluginPRLibrary.h',
-]
-
 UNIFIED_SOURCES += [
     'nsJSNPRuntime.cpp',
     'nsNPAPIPluginInstance.cpp',
     'nsNPAPIPluginStreamListener.cpp',
     'nsPluginInstanceOwner.cpp',
     'nsPluginModule.cpp',
     'nsPluginStreamListenerPeer.cpp',
     'nsPluginTags.cpp',
-    'PluginPRLibrary.cpp',
 ]
 
 SOURCES += [
     'nsNPAPIPlugin.cpp', # Conflict with X11 headers
     'nsPluginHost.cpp',  # Conflict with NS_NPAPIPLUGIN_CALLBACK
 ]
 
 if CONFIG['OS_ARCH'] == 'WINNT':
--- a/dom/plugins/base/nsNPAPIPlugin.cpp
+++ b/dom/plugins/base/nsNPAPIPlugin.cpp
@@ -71,19 +71,16 @@
 
 #include "nsNetUtil.h"
 #include "nsNetCID.h"
 
 #include "mozilla/Mutex.h"
 #include "mozilla/PluginLibrary.h"
 using mozilla::PluginLibrary;
 
-#include "mozilla/PluginPRLibrary.h"
-using mozilla::PluginPRLibrary;
-
 #include "mozilla/plugins/PluginModuleParent.h"
 using mozilla::plugins::PluginModuleChromeParent;
 using mozilla::plugins::PluginModuleContentParent;
 
 #ifdef MOZ_X11
 #include "mozilla/X11Util.h"
 #endif
 
@@ -199,39 +196,30 @@ nsNPAPIPlugin::~nsNPAPIPlugin()
 void
 nsNPAPIPlugin::PluginCrashed(const nsAString& pluginDumpID,
                              const nsAString& browserDumpID)
 {
   RefPtr<nsPluginHost> host = nsPluginHost::GetInst();
   host->PluginCrashed(this, pluginDumpID, browserDumpID);
 }
 
-bool
-nsNPAPIPlugin::RunPluginOOP(const nsPluginTag *aPluginTag)
-{
-  return true;
-}
-
 inline PluginLibrary*
 GetNewPluginLibrary(nsPluginTag *aPluginTag)
 {
   AUTO_PROFILER_LABEL("GetNewPluginLibrary", OTHER);
 
   if (!aPluginTag) {
     return nullptr;
   }
 
   if (XRE_IsContentProcess()) {
     return PluginModuleContentParent::LoadModule(aPluginTag->mId, aPluginTag);
   }
 
-  if (nsNPAPIPlugin::RunPluginOOP(aPluginTag)) {
-    return PluginModuleChromeParent::LoadModule(aPluginTag->mFullPath.get(), aPluginTag->mId, aPluginTag);
-  }
-  return new PluginPRLibrary(aPluginTag->mFullPath.get(), aPluginTag->mLibrary);
+  return PluginModuleChromeParent::LoadModule(aPluginTag->mFullPath.get(), aPluginTag->mId, aPluginTag);
 }
 
 // Creates an nsNPAPIPlugin object. One nsNPAPIPlugin object exists per plugin (not instance).
 nsresult
 nsNPAPIPlugin::CreatePlugin(nsPluginTag *aPluginTag, nsNPAPIPlugin** aResult)
 {
   AUTO_PROFILER_LABEL("nsNPAPIPlugin::CreatePlugin", OTHER);
   *aResult = nullptr;
--- a/dom/plugins/base/nsNPAPIPlugin.h
+++ b/dom/plugins/base/nsNPAPIPlugin.h
@@ -51,18 +51,16 @@ public:
 
   // The IPC mechanism notifies the nsNPAPIPlugin if the plugin
   // crashes and is no longer usable. pluginDumpID/browserDumpID are
   // the IDs of respective minidumps that were written, or empty if no
   // minidump was written.
   void PluginCrashed(const nsAString& pluginDumpID,
                      const nsAString& browserDumpID);
 
-  static bool RunPluginOOP(const nsPluginTag *aPluginTag);
-
   nsresult Shutdown();
 
   static nsresult RetainStream(NPStream *pstream, nsISupports **aRetainedPeer);
 
 private:
   ~nsNPAPIPlugin();
 
   NPPluginFuncs mPluginFuncs;
--- a/dom/plugins/base/nsPluginHost.cpp
+++ b/dom/plugins/base/nsPluginHost.cpp
@@ -1205,31 +1205,16 @@ nsPluginHost::FindNativePluginForExtensi
   // Re-fetch the matching type because of how FindPreferredPlugin works...
   preferredPlugin->HasExtension(aExtension, aMimeType);
   return preferredPlugin;
 }
 
 static nsresult CreateNPAPIPlugin(nsPluginTag *aPluginTag,
                                   nsNPAPIPlugin **aOutNPAPIPlugin)
 {
-  // If this is an in-process plugin we'll need to load it here if we haven't already.
-  if (!nsNPAPIPlugin::RunPluginOOP(aPluginTag)) {
-    if (aPluginTag->mFullPath.IsEmpty())
-      return NS_ERROR_FAILURE;
-    nsCOMPtr<nsIFile> file = do_CreateInstance("@mozilla.org/file/local;1");
-    file->InitWithPath(NS_ConvertUTF8toUTF16(aPluginTag->mFullPath));
-    nsPluginFile pluginFile(file);
-    PRLibrary* pluginLibrary = nullptr;
-
-    if (NS_FAILED(pluginFile.LoadPlugin(&pluginLibrary)) || !pluginLibrary)
-      return NS_ERROR_FAILURE;
-
-    aPluginTag->mLibrary = pluginLibrary;
-  }
-
   nsresult rv;
   rv = nsNPAPIPlugin::CreatePlugin(aPluginTag, aOutNPAPIPlugin);
 
   return rv;
 }
 
 nsresult nsPluginHost::EnsurePluginLoaded(nsPluginTag* aPluginTag)
 {
@@ -2133,24 +2118,16 @@ nsresult nsPluginHost::ScanPluginsDirect
     }
 
     // do it if we still want it
     if (!seenBefore) {
       // We have a valid new plugin so report that plugins have changed.
       *aPluginsChanged = true;
     }
 
-    // Avoid adding different versions of the same plugin if they are running
-    // in-process, otherwise we risk undefined behaviour.
-    if (!nsNPAPIPlugin::RunPluginOOP(pluginTag)) {
-      if (HaveSamePlugin(pluginTag)) {
-        continue;
-      }
-    }
-
     // Don't add the same plugin again if it hasn't changed
     if (nsPluginTag* duplicate = FirstPluginWithPath(pluginTag->mFullPath)) {
       if (pluginTag->mLastModifiedTime == duplicate->mLastModifiedTime) {
         continue;
       }
     }
 
     // If we're not creating a plugin list, simply looking for changes,
--- a/dom/plugins/ipc/PluginModuleChild.cpp
+++ b/dom/plugins/ipc/PluginModuleChild.cpp
@@ -296,18 +296,16 @@ PluginModuleChild::InitForChrome(const s
     CommonInit();
 
     if (!Open(aChannel, aParentPid, aIOLoop)) {
         return false;
     }
 
     GetIPCChannel()->SetAbortOnError(true);
 
-    // TODO: use PluginPRLibrary here
-
 #if defined(OS_LINUX) || defined(OS_BSD) || defined(OS_SOLARIS)
     mShutdownFunc =
         (NP_PLUGINSHUTDOWN) PR_FindFunctionSymbol(mLibrary, "NP_Shutdown");
 
     // create the new plugin handler
 
     mInitializeFunc =
         (NP_PLUGINUNIXINIT) PR_FindFunctionSymbol(mLibrary, "NP_Initialize");
--- a/dom/security/nsContentSecurityManager.cpp
+++ b/dom/security/nsContentSecurityManager.cpp
@@ -14,78 +14,88 @@
 #include "nsContentUtils.h"
 #include "nsCORSListenerProxy.h"
 #include "nsIStreamListener.h"
 #include "nsIDocument.h"
 #include "nsMixedContentBlocker.h"
 #include "nsCDefaultURIFixup.h"
 #include "nsIURIFixup.h"
 #include "nsIImageLoadingContent.h"
-#include "NullPrincipal.h"
 
 #include "mozilla/dom/Element.h"
+#include "mozilla/dom/TabChild.h"
 
 NS_IMPL_ISUPPORTS(nsContentSecurityManager,
                   nsIContentSecurityManager,
                   nsIChannelEventSink)
 
 /* static */ bool
-nsContentSecurityManager::AllowTopLevelNavigationToDataURI(
-  nsIURI* aURI,
-  nsContentPolicyType aContentPolicyType,
-  nsIPrincipal* aTriggeringPrincipal,
-  nsIDocument* aDoc,
-  bool aLoadFromExternal,
-  bool aIsDownLoad)
+nsContentSecurityManager::AllowTopLevelNavigationToDataURI(nsIChannel* aChannel)
 {
   // Let's block all toplevel document navigations to a data: URI.
   // In all cases where the toplevel document is navigated to a
   // data: URI the triggeringPrincipal is a codeBasePrincipal, or
   // a NullPrincipal. In other cases, e.g. typing a data: URL into
   // the URL-Bar, the triggeringPrincipal is a SystemPrincipal;
   // we don't want to block those loads. Only exception, loads coming
   // from an external applicaton (e.g. Thunderbird) don't load
   // using a codeBasePrincipal, but we want to block those loads.
   if (!mozilla::net::nsIOService::BlockToplevelDataUriNavigations()) {
     return true;
   }
-  if (aContentPolicyType != nsIContentPolicy::TYPE_DOCUMENT || aIsDownLoad) {
+  nsCOMPtr<nsILoadInfo> loadInfo = aChannel->GetLoadInfo();
+  if (!loadInfo) {
     return true;
   }
+  if (loadInfo->GetExternalContentPolicyType() != nsIContentPolicy::TYPE_DOCUMENT) {
+    return true;
+  }
+  nsCOMPtr<nsIURI> uri;
+  nsresult rv = NS_GetFinalChannelURI(aChannel, getter_AddRefs(uri));
+  NS_ENSURE_SUCCESS(rv, true);
   bool isDataURI =
-    (NS_SUCCEEDED(aURI->SchemeIs("data", &isDataURI)) && isDataURI);
+    (NS_SUCCEEDED(uri->SchemeIs("data", &isDataURI)) && isDataURI);
   if (!isDataURI) {
     return true;
   }
   // Whitelist data: images as long as they are not SVGs
   nsAutoCString filePath;
-  aURI->GetFilePath(filePath);
+  uri->GetFilePath(filePath);
   if (StringBeginsWith(filePath, NS_LITERAL_CSTRING("image/")) &&
       !StringBeginsWith(filePath, NS_LITERAL_CSTRING("image/svg+xml"))) {
     return true;
   }
-  // Whitelist data: PDFs
-  if (StringBeginsWith(filePath, NS_LITERAL_CSTRING("application/pdf"))) {
+  // Whitelist data: PDFs and JSON
+  if (StringBeginsWith(filePath, NS_LITERAL_CSTRING("application/pdf")) ||
+      StringBeginsWith(filePath, NS_LITERAL_CSTRING("application/json"))) {
     return true;
   }
-  if (!aLoadFromExternal &&
-      nsContentUtils::IsSystemPrincipal(aTriggeringPrincipal)) {
+  // Redirecting to a toplevel data: URI is not allowed, hence we make
+  // sure the RedirectChain is empty.
+  if (!loadInfo->GetLoadTriggeredFromExternal() &&
+      nsContentUtils::IsSystemPrincipal(loadInfo->TriggeringPrincipal()) &&
+      loadInfo->RedirectChain().IsEmpty()) {
     return true;
   }
   nsAutoCString dataSpec;
-  aURI->GetSpec(dataSpec);
+  uri->GetSpec(dataSpec);
   if (dataSpec.Length() > 50) {
     dataSpec.Truncate(50);
     dataSpec.AppendLiteral("...");
   }
+  nsCOMPtr<nsITabChild> tabChild = do_QueryInterface(loadInfo->ContextForTopLevelLoad());
+  nsCOMPtr<nsIDocument> doc;
+  if (tabChild) {
+    doc = static_cast<mozilla::dom::TabChild*>(tabChild.get())->GetDocument();
+  }
   NS_ConvertUTF8toUTF16 specUTF16(NS_UnescapeURL(dataSpec));
   const char16_t* params[] = { specUTF16.get() };
   nsContentUtils::ReportToConsole(nsIScriptError::warningFlag,
                                   NS_LITERAL_CSTRING("DATA_URI_BLOCKED"),
-                                  aDoc,
+                                  doc,
                                   nsContentUtils::eSECURITY_PROPERTIES,
                                   "BlockTopLevelDataURINavigation",
                                   params, ArrayLength(params));
   return false;
 }
 
 static nsresult
 ValidateSecurityFlags(nsILoadInfo* aLoadInfo)
@@ -571,39 +581,16 @@ nsContentSecurityManager::AsyncOnChannel
   if (loadInfo && loadInfo->GetEnforceSecurity()) {
     nsresult rv = CheckChannel(aNewChannel);
     if (NS_FAILED(rv)) {
       aOldChannel->Cancel(rv);
       return rv;
     }
   }
 
-  // Redirecting to a toplevel data: URI is not allowed, hence we pass
-  // a NullPrincipal as the TriggeringPrincipal to
-  // AllowTopLevelNavigationToDataURI() which definitely blocks any
-  // data: URI load.
-  nsCOMPtr<nsILoadInfo> newLoadInfo = aNewChannel->GetLoadInfo();
-  if (newLoadInfo) {
-    nsCOMPtr<nsIURI> uri;
-    nsresult rv = NS_GetFinalChannelURI(aNewChannel, getter_AddRefs(uri));
-    NS_ENSURE_SUCCESS(rv, rv);
-    nsCOMPtr<nsIPrincipal> nullTriggeringPrincipal = NullPrincipal::Create();
-    if (!nsContentSecurityManager::AllowTopLevelNavigationToDataURI(
-          uri,
-          newLoadInfo->GetExternalContentPolicyType(),
-          nullTriggeringPrincipal,
-          nullptr, // no doc available, log to browser console
-          false,
-          false)) {
-        // logging to console happens within AllowTopLevelNavigationToDataURI
-      aOldChannel->Cancel(NS_ERROR_DOM_BAD_URI);
-      return NS_ERROR_DOM_BAD_URI;
-    }
-  }
-
   // Also verify that the redirecting server is allowed to redirect to the
   // given URI
   nsCOMPtr<nsIPrincipal> oldPrincipal;
   nsContentUtils::GetSecurityManager()->
     GetChannelResultPrincipal(aOldChannel, getter_AddRefs(oldPrincipal));
 
   nsCOMPtr<nsIURI> newURI;
   Unused << NS_GetFinalChannelURI(aNewChannel, getter_AddRefs(newURI));
--- a/dom/security/nsContentSecurityManager.h
+++ b/dom/security/nsContentSecurityManager.h
@@ -28,22 +28,17 @@ public:
   NS_DECL_NSICONTENTSECURITYMANAGER
   NS_DECL_NSICHANNELEVENTSINK
 
   nsContentSecurityManager() {}
 
   static nsresult doContentSecurityCheck(nsIChannel* aChannel,
                                          nsCOMPtr<nsIStreamListener>& aInAndOutListener);
 
-  static bool AllowTopLevelNavigationToDataURI(nsIURI* aURI,
-                                               nsContentPolicyType aContentPolicyType,
-                                               nsIPrincipal* aTriggeringPrincipal,
-                                               nsIDocument* aDoc,
-                                               bool aLoadFromExternal,
-                                               bool aIsDownload);
+  static bool AllowTopLevelNavigationToDataURI(nsIChannel* aChannel);
 
 private:
   static nsresult CheckChannel(nsIChannel* aChannel);
 
   virtual ~nsContentSecurityManager() {}
 
 };
 
--- a/dom/security/test/general/browser.ini
+++ b/dom/security/test/general/browser.ini
@@ -1,8 +1,11 @@
 [DEFAULT]
 [browser_test_toplevel_data_navigations.js]
 support-files =
   file_toplevel_data_navigations.sjs
   file_toplevel_data_meta_redirect.html
 [browser_test_data_download.js]
 support-files =
   file_data_download.html
+[browser_test_data_text_csv.js]
+support-files =
+  file_data_text_csv.html
new file mode 100644
--- /dev/null
+++ b/dom/security/test/general/browser_test_data_text_csv.js
@@ -0,0 +1,37 @@
+"use strict";
+
+const kTestPath = getRootDirectory(gTestPath)
+                  .replace("chrome://mochitests/content", "http://example.com")
+const kTestURI = kTestPath + "file_data_text_csv.html";
+
+function addWindowListener(aURL, aCallback) {
+  Services.wm.addListener({
+    onOpenWindow(aXULWindow) {
+      info("window opened, waiting for focus");
+      Services.wm.removeListener(this);
+      var domwindow = aXULWindow.QueryInterface(Ci.nsIInterfaceRequestor)
+                                .getInterface(Ci.nsIDOMWindow);
+      waitForFocus(function() {
+        is(domwindow.document.location.href, aURL, "should have seen the right window open");
+        aCallback(domwindow);
+      }, domwindow);
+    },
+    onCloseWindow(aXULWindow) { },
+    onWindowTitleChange(aXULWindow, aNewTitle) { }
+  });
+}
+
+function test() {
+  waitForExplicitFinish();
+  Services.prefs.setBoolPref("security.data_uri.block_toplevel_data_uri_navigations", true);
+  registerCleanupFunction(function() {
+    Services.prefs.clearUserPref("security.data_uri.block_toplevel_data_uri_navigations");
+  });
+  addWindowListener("chrome://mozapps/content/downloads/unknownContentType.xul", function(win) {
+    is(win.document.getElementById("location").value, "text/csv;foo,bar,foobar",
+       "file name of download should match");
+     win.close();
+     finish();
+  });
+  gBrowser.loadURI(kTestURI);
+}
new file mode 100644
--- /dev/null
+++ b/dom/security/test/general/file_data_text_csv.html
@@ -0,0 +1,14 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <title>Test open data:text/csv</title>
+</head>
+<body>
+  <a href="data:text/csv;foo,bar,foobar" id="testlink">test text/csv</a>
+  <script>
+    // click the link to have the downoad panel appear
+    let testlink = document.getElementById("testlink");
+    testlink.click();
+  </script>
+  </body>
+</html>
--- a/dom/security/test/general/mochitest.ini
+++ b/dom/security/test/general/mochitest.ini
@@ -12,8 +12,10 @@ support-files =
 [test_nosniff.html]
 [test_block_script_wrong_mime.html]
 [test_block_toplevel_data_navigation.html]
 skip-if = toolkit == 'android' # intermittent failure
 [test_block_toplevel_data_img_navigation.html]
 skip-if = toolkit == 'android' # intermittent failure
 [test_allow_opening_data_pdf.html]
 skip-if = toolkit == 'android'
+[test_allow_opening_data_json.html]
+skip-if = toolkit == 'android'
new file mode 100644
--- /dev/null
+++ b/dom/security/test/general/test_allow_opening_data_json.html
@@ -0,0 +1,39 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <meta charset="utf-8">
+  <title>Bug 1403814: Allow toplevel data URI navigation data:application/json</title>
+  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<script class="testbody" type="text/javascript">
+
+SimpleTest.waitForExplicitFinish();
+
+function test_toplevel_data_json() {
+  const DATA_JSON = "data:application/json,{'my_json_key':'my_json_value'}";
+
+  let win = window.open(DATA_JSON);
+  let wrappedWin = SpecialPowers.wrap(win);
+
+  // Unfortunately we can't detect whether the JSON has loaded or not using some
+  // event, hence we are constantly polling location.href till we see that
+  // the data: URI appears. Test times out on failure.
+  var jsonLoaded = setInterval(function() {
+    if (wrappedWin.document.location.href.startsWith("data:application/json")) {
+      clearInterval(jsonLoaded);
+      ok(true, "navigating to data:application/json allowed");
+      wrappedWin.close();
+      SimpleTest.finish();
+    }
+  }, 200);
+}
+
+SpecialPowers.pushPrefEnv({
+  set: [["security.data_uri.block_toplevel_data_uri_navigations", true]]
+}, test_toplevel_data_json);
+
+</script>
+</body>
+</html>
--- a/dom/security/test/general/test_block_toplevel_data_img_navigation.html
+++ b/dom/security/test/general/test_block_toplevel_data_img_navigation.html
@@ -29,23 +29,25 @@ function test_toplevel_data_image() {
     test_toplevel_data_image_svg();
   }, 1000);
 }
 
 function test_toplevel_data_image_svg() {
   const DATA_SVG =
     "data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIxNiIgaGVpZ2h0PSIxNiIgdmlld0JveD0iMCAwIDE2IDE2Ij4KICA8cGF0aCBkPSJNOCwxMkwzLDcsNCw2bDQsNCw0LTQsMSwxWiIgZmlsbD0iIzZBNkE2QSIgLz4KPC9zdmc+Cg==";
   let win2 = window.open(DATA_SVG);
-  let wrappedWin2 = SpecialPowers.wrap(win2);
-  setTimeout(function () {
-    isnot(wrappedWin2.document.documentElement.localName, "svg",
-          "Loading data:image/svg+xml should be blocked");
-    wrappedWin2.close();
-    SimpleTest.finish();
-  }, 1000);
+  // Unfortunately we can't detect whether the window was closed using some event,
+  // hence we are constantly polling till we see that win == null.
+  // Test times out on failure.
+  var win2Closed = setInterval(function() {
+    if (win2 == null || win2.closed) {
+      clearInterval(win2Closed);
+      ok(true, "Loading data:image/svg+xml should be blocked");
+      SimpleTest.finish();
+    }
+  }, 200);
 }
-
 // fire up the tests
 test_toplevel_data_image();
 
 </script>
 </body>
 </html>
--- a/dom/security/test/general/test_block_toplevel_data_navigation.html
+++ b/dom/security/test/general/test_block_toplevel_data_navigation.html
@@ -16,26 +16,22 @@ SimpleTest.registerCleanupFunction(() =>
 
 SimpleTest.waitForExplicitFinish();
 SimpleTest.requestFlakyTimeout("have to test that top level data: URI navgiation is blocked");
 
 function test1() {
   // simple data: URI click navigation should be prevented
   let TEST_FILE = "file_block_toplevel_data_navigation.html";
   let win1 = window.open(TEST_FILE);
-  var readyStateCheckInterval = setInterval(function() {
-    let state = win1.document.readyState;
-    if (state === "interactive" || state === "complete") {
-      clearInterval(readyStateCheckInterval);
-      ok(win1.document.body.innerHTML.indexOf("test1:") !== -1,
-         "toplevel data: URI navigation through click() should be blocked");
-      win1.close();
-      test2();
-    }
-  }, 200);
+  setTimeout(function () {
+    ok(SpecialPowers.wrap(win1).document.body.innerHTML.indexOf("test1:") !== -1,
+      "toplevel data: URI navigation through click() should be blocked");
+    win1.close();
+    test2();
+  }, 1000);
 }
 
 function test2() {
   // data: URI in iframe which opens data: URI in _blank should be blocked 
   let win2 = window.open("file_block_toplevel_data_navigation2.html");
   window.addEventListener("message", receiveMessage);
   function receiveMessage(event) {
     window.removeEventListener("message", receiveMessage);
--- a/dom/webidl/DOMStringMap.webidl
+++ b/dom/webidl/DOMStringMap.webidl
@@ -10,12 +10,12 @@
  * Opera Software ASA. You are granted a license to use, reproduce
  * and create derivative works of this document.
  */
 
 [OverrideBuiltins]
 interface DOMStringMap {
   getter DOMString (DOMString name);
   [CEReactions, Throws]
-  setter creator void (DOMString name, DOMString value);
+  setter void (DOMString name, DOMString value);
   [CEReactions]
   deleter void (DOMString name);
 };
--- a/dom/webidl/HTMLOptionsCollection.webidl
+++ b/dom/webidl/HTMLOptionsCollection.webidl
@@ -9,16 +9,16 @@
  * Copyright © 2012 W3C® (MIT, ERCIM, Keio), All Rights Reserved. W3C
  * liability, trademark and document use rules apply.
  */
 
 interface HTMLOptionsCollection : HTMLCollection {
   [CEReactions]
            attribute unsigned long length;
   [CEReactions, Throws]
-  setter creator void (unsigned long index, HTMLOptionElement? option);
+  setter void (unsigned long index, HTMLOptionElement? option);
   [CEReactions, Throws]
   void add((HTMLOptionElement or HTMLOptGroupElement) element, optional (HTMLElement or long)? before = null);
   [CEReactions, Throws]
   void remove(long index);
   [Throws]
            attribute long selectedIndex;
 };
--- a/dom/webidl/HTMLSelectElement.webidl
+++ b/dom/webidl/HTMLSelectElement.webidl
@@ -35,17 +35,17 @@ interface HTMLSelectElement : HTMLElemen
            attribute unsigned long length;
   getter Element? item(unsigned long index);
   HTMLOptionElement? namedItem(DOMString name);
   [CEReactions, Throws]
   void add((HTMLOptionElement or HTMLOptGroupElement) element, optional (HTMLElement or long)? before = null);
   [CEReactions]
   void remove(long index);
   [CEReactions, Throws]
-  setter creator void (unsigned long index, HTMLOptionElement? option);
+  setter void (unsigned long index, HTMLOptionElement? option);
 
   readonly attribute HTMLCollection selectedOptions;
   [SetterThrows, Pure]
            attribute long selectedIndex;
   [Pure]
            attribute DOMString value;
 
   readonly attribute boolean willValidate;
--- a/dom/webidl/MozStorageAsyncStatementParams.webidl
+++ b/dom/webidl/MozStorageAsyncStatementParams.webidl
@@ -10,13 +10,13 @@ interface MozStorageAsyncStatementParams
 
   [Throws]
   getter any(unsigned long index);
 
   [Throws]
   getter any(DOMString name);
 
   [Throws]
-  setter creator void(unsigned long index, any arg);
+  setter void(unsigned long index, any arg);
 
   [Throws]
-  setter creator void(DOMString name, any arg);
+  setter void(DOMString name, any arg);
 };
--- a/dom/webidl/MozStorageStatementParams.webidl
+++ b/dom/webidl/MozStorageStatementParams.webidl
@@ -10,13 +10,13 @@ interface MozStorageStatementParams
 
   [Throws]
   getter any(unsigned long index);
 
   [Throws]
   getter any(DOMString name);
 
   [Throws]
-  setter creator void(unsigned long index, any arg);
+  setter void(unsigned long index, any arg);
 
   [Throws]
-  setter creator void(DOMString name, any arg);
+  setter void(DOMString name, any arg);
 };
--- a/dom/webidl/Storage.webidl
+++ b/dom/webidl/Storage.webidl
@@ -17,17 +17,17 @@ interface Storage {
 
   [Throws, NeedsSubjectPrincipal]
   DOMString? key(unsigned long index);
 
   [Throws, NeedsSubjectPrincipal]
   getter DOMString? getItem(DOMString key);
 
   [Throws, NeedsSubjectPrincipal]
-  setter creator void setItem(DOMString key, DOMString value);
+  setter void setItem(DOMString key, DOMString value);
 
   [Throws, NeedsSubjectPrincipal]
   deleter void removeItem(DOMString key);
 
   [Throws, NeedsSubjectPrincipal]
   void clear();
 
   [ChromeOnly]
--- a/dom/webidl/XULElement.webidl
+++ b/dom/webidl/XULElement.webidl
@@ -75,16 +75,20 @@ interface XULElement : Element {
   attribute DOMString ref;
 
   // Tooltip and status info
   [SetterThrows]
   attribute DOMString tooltipText;
   [SetterThrows]
   attribute DOMString statusText;
 
+  // Properties for images
+  [SetterThrows]
+  attribute DOMString src;
+
   attribute boolean allowEvents;
 
   readonly attribute MozRDFCompositeDataSource? database;
   readonly attribute XULTemplateBuilder?        builder;
   [Throws]
   readonly attribute MozRDFResource?            resource;
   [Throws, ChromeOnly]
   readonly attribute XULControllers             controllers;
--- a/dom/xhr/XMLHttpRequestMainThread.cpp
+++ b/dom/xhr/XMLHttpRequestMainThread.cpp
@@ -2495,42 +2495,16 @@ XMLHttpRequestMainThread::CreateChannel(
 
     // Set the initiator type
     nsCOMPtr<nsITimedChannel> timedChannel(do_QueryInterface(httpChannel));
     if (timedChannel) {
       timedChannel->SetInitiatorType(NS_LITERAL_STRING("xmlhttprequest"));
     }
   }
 
-  // Using the provided principal as the triggeringPrincipal is fine, since we
-  // want to be able to access any of the origins that the principal has access
-  // to during the security checks, but we don't want a document to inherit an
-  // expanded principal, so in that case we need to select the principal in the
-  // expanded principal's whitelist that can load our URL as principalToInherit.
-  nsCOMPtr<nsIPrincipal> resultingDocumentPrincipal(mPrincipal);
-  nsCOMPtr<nsIExpandedPrincipal> ep = do_QueryInterface(mPrincipal);
-  if (ep) {
-    MOZ_ASSERT(!(secFlags & nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_INHERITS));
-    bool dataInherits = (secFlags &
-      (nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_INHERITS |
-       nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS)) != 0;
-    for (const auto& principal : ep->WhiteList()) {
-      if (NS_SUCCEEDED(principal->CheckMayLoad(mRequestURL, false, dataInherits))) {
-        resultingDocumentPrincipal = principal;
-        break;
-      }
-    }
-  }
-
-  nsCOMPtr<nsILoadInfo> loadInfo = mChannel->GetLoadInfo();
-  if (loadInfo) {
-    rv = loadInfo->SetPrincipalToInherit(resultingDocumentPrincipal);
-    NS_ENSURE_SUCCESS(rv, rv);
-  }
-
   return NS_OK;
 }
 
 void
 XMLHttpRequestMainThread::MaybeLowerChannelPriority()
 {
   nsCOMPtr<nsIDocument> doc = GetDocumentIfCurrent();
   if (!doc) {
--- a/dom/xul/nsXULElement.h
+++ b/dom/xul/nsXULElement.h
@@ -659,16 +659,24 @@ public:
     void GetStatusText(DOMString& aValue) const
     {
         GetXULAttr(nsGkAtoms::statustext, aValue);
     }
     void SetStatusText(const nsAString& aValue, mozilla::ErrorResult& rv)
     {
         SetXULAttr(nsGkAtoms::statustext, aValue, rv);
     }
+    void GetSrc(DOMString& aValue) const
+    {
+        GetXULAttr(nsGkAtoms::src, aValue);
+    }
+    void SetSrc(const nsAString& aValue, mozilla::ErrorResult& rv)
+    {
+        SetXULAttr(nsGkAtoms::src, aValue, rv);
+    }
     bool AllowEvents() const
     {
         return BoolAttrIsTrue(nsGkAtoms::allowevents);
     }
     void SetAllowEvents(bool aAllowEvents)
     {
         SetXULBoolAttr(nsGkAtoms::allowevents, aAllowEvents);
     }
--- a/gfx/ipc/GPUParent.cpp
+++ b/gfx/ipc/GPUParent.cpp
@@ -326,16 +326,27 @@ GPUParent::RecvGetDeviceStatus(GPUDevice
 #else
   aOut->gpuDevice() = null_t();
 #endif
 
   return IPC_OK();
 }
 
 mozilla::ipc::IPCResult
+GPUParent::RecvSimulateDeviceReset(GPUDeviceData* aOut)
+{
+#if defined(XP_WIN)
+  DeviceManagerDx::Get()->ForceDeviceReset(ForcedDeviceResetReason::COMPOSITOR_UPDATED);
+  DeviceManagerDx::Get()->MaybeResetAndReacquireDevices();
+#endif
+  RecvGetDeviceStatus(aOut);
+  return IPC_OK();
+}
+
+mozilla::ipc::IPCResult
 GPUParent::RecvNewContentCompositorManager(Endpoint<PCompositorManagerParent>&& aEndpoint)
 {
   CompositorManagerParent::Create(Move(aEndpoint));
   return IPC_OK();
 }
 
 mozilla::ipc::IPCResult
 GPUParent::RecvNewContentImageBridge(Endpoint<PImageBridgeParent>&& aEndpoint)
--- a/gfx/ipc/GPUParent.h
+++ b/gfx/ipc/GPUParent.h
@@ -43,16 +43,17 @@ public:
   mozilla::ipc::IPCResult RecvInitProfiler(Endpoint<PProfilerChild>&& aEndpoint) override;
   mozilla::ipc::IPCResult RecvUpdatePref(const GfxPrefSetting& pref) override;
   mozilla::ipc::IPCResult RecvUpdateVar(const GfxVarUpdate& pref) override;
   mozilla::ipc::IPCResult RecvNewContentCompositorManager(Endpoint<PCompositorManagerParent>&& aEndpoint) override;
   mozilla::ipc::IPCResult RecvNewContentImageBridge(Endpoint<PImageBridgeParent>&& aEndpoint) override;
   mozilla::ipc::IPCResult RecvNewContentVRManager(Endpoint<PVRManagerParent>&& aEndpoint) override;
   mozilla::ipc::IPCResult RecvNewContentVideoDecoderManager(Endpoint<PVideoDecoderManagerParent>&& aEndpoint) override;
   mozilla::ipc::IPCResult RecvGetDeviceStatus(GPUDeviceData* aOutStatus) override;
+  mozilla::ipc::IPCResult RecvSimulateDeviceReset(GPUDeviceData* aOutStatus) override;
   mozilla::ipc::IPCResult RecvAddLayerTreeIdMapping(const LayerTreeIdMapping& aMapping) override;
   mozilla::ipc::IPCResult RecvRemoveLayerTreeIdMapping(const LayerTreeIdMapping& aMapping) override;
   mozilla::ipc::IPCResult RecvNotifyGpuObservers(const nsCString& aTopic) override;
   mozilla::ipc::IPCResult RecvRequestMemoryReport(
     const uint32_t& generation,
     const bool& anonymize,
     const bool& minimizeMemoryUsage,
     const MaybeFileDesc& DMDFile) override;
--- a/gfx/ipc/GPUProcessManager.cpp
+++ b/gfx/ipc/GPUProcessManager.cpp
@@ -416,16 +416,20 @@ GPUProcessManager::ResetCompositors()
 
 void
 GPUProcessManager::SimulateDeviceReset()
 {
   // Make sure we rebuild environment and configuration for accelerated features.
   gfxPlatform::GetPlatform()->CompositorUpdated();
 
   if (mProcess) {
+    GPUDeviceData data;
+    if (mGPUChild->SendSimulateDeviceReset(&data)) {
+      gfxPlatform::GetPlatform()->ImportGPUDeviceData(data);
+    }
     OnRemoteProcessDeviceReset(mProcess);
   } else {
     OnInProcessDeviceReset();
   }
 }
 
 void
 GPUProcessManager::DisableWebRender(wr::WebRenderError aError)
--- a/gfx/ipc/PGPU.ipdl
+++ b/gfx/ipc/PGPU.ipdl
@@ -75,16 +75,20 @@ parent:
   // Called to notify the GPU process of who owns a layersId.
   sync AddLayerTreeIdMapping(LayerTreeIdMapping mapping);
   async RemoveLayerTreeIdMapping(LayerTreeIdMapping mapping);
 
   // Request the current DeviceStatus from the GPU process. This blocks until
   // one is available (i.e., Init has completed).
   sync GetDeviceStatus() returns (GPUDeviceData status);
 
+  // Request to simulate device reset and to get the updated DeviceStatus from
+  // the GPU process. This blocks until one is available (i.e., Init has completed).
+  sync SimulateDeviceReset() returns (GPUDeviceData status);
+
   // Have a message be broadcasted to the GPU process by the GPU process
   // observer service.
   async NotifyGpuObservers(nsCString aTopic);
 
   async RequestMemoryReport(uint32_t generation,
                             bool anonymize,
                             bool minimizeMemoryUsage,
                             MaybeFileDesc DMDFile);
--- a/gfx/layers/Compositor.cpp
+++ b/gfx/layers/Compositor.cpp
@@ -618,16 +618,28 @@ Compositor::IsValid() const
   return !!mParent;
 }
 
 void
 Compositor::SetDispAcquireFence(Layer* aLayer)
 {
 }
 
+void
+Compositor::UnlockAfterComposition(TextureHost* aTexture)
+{
+  TextureSourceProvider::UnlockAfterComposition(aTexture);
+
+  // If this is being called after we shutdown the compositor, we must finish
+  // read unlocking now to prevent a cycle.
+  if (IsDestroyed()) {
+    ReadUnlockTextures();
+  }
+}
+
 bool
 Compositor::NotifyNotUsedAfterComposition(TextureHost* aTextureHost)
 {
   if (IsDestroyed() || AsBasicCompositor()) {
     return false;
   }
   return TextureSourceProvider::NotifyNotUsedAfterComposition(aTextureHost);
 }
--- a/gfx/layers/Compositor.h
+++ b/gfx/layers/Compositor.h
@@ -462,16 +462,17 @@ public:
   virtual Compositor* AsCompositor() override {
     return this;
   }
 
   TimeStamp GetLastCompositionEndTime() const override {
     return mLastCompositionEndTime;
   }
 
+  void UnlockAfterComposition(TextureHost* aTexture) override;
   bool NotifyNotUsedAfterComposition(TextureHost* aTextureHost) override;
 
   /**
    * Notify the compositor that composition is being paused. This allows the
    * compositor to temporarily release any resources.
    * Between calling Pause and Resume, compositing may fail.
    */
   virtual void Pause() {}
--- a/gfx/layers/ipc/CompositorBridgeParent.cpp
+++ b/gfx/layers/ipc/CompositorBridgeParent.cpp
@@ -1472,16 +1472,17 @@ CompositorBridgeParent::NewCompositor(co
         compositor = new BasicCompositor(this, mWidget);
       }
 #ifdef XP_WIN
     } else if (aBackendHints[i] == LayersBackend::LAYERS_D3D11) {
       compositor = new CompositorD3D11(this, mWidget);
 #endif
     }
     nsCString failureReason;
+    MOZ_ASSERT(!gfxVars::UseWebRender() || aBackendHints[i] == LayersBackend::LAYERS_BASIC);
     if (compositor && compositor->Initialize(&failureReason)) {
       if (failureReason.IsEmpty()){
         failureReason = "SUCCESS";
       }
 
       // should only report success here
       if (aBackendHints[i] == LayersBackend::LAYERS_OPENGL){
         Telemetry::Accumulate(Telemetry::OPENGL_COMPOSITING_FAILURE_ID, failureReason);
--- a/gfx/layers/ipc/ImageBridgeParent.cpp
+++ b/gfx/layers/ipc/ImageBridgeParent.cpp
@@ -64,37 +64,37 @@ ImageBridgeParent::Setup()
 ImageBridgeParent::ImageBridgeParent(MessageLoop* aLoop,
                                      ProcessId aChildProcessId)
   : mMessageLoop(aLoop)
   , mSetChildThreadPriority(false)
   , mClosed(false)
   , mCompositorThreadHolder(CompositorThreadHolder::GetSingleton())
 {
   MOZ_ASSERT(NS_IsMainThread());
-
-  // creates the map only if it has not been created already, so it is safe
-  // with several bridges
-  {
-    MonitorAutoLock lock(*sImageBridgesLock);
-    sImageBridges[aChildProcessId] = this;
-  }
   SetOtherProcessId(aChildProcessId);
 }
 
 ImageBridgeParent::~ImageBridgeParent()
 {
 }
 
 /* static */ ImageBridgeParent*
 ImageBridgeParent::CreateSameProcess()
 {
+  base::ProcessId pid = base::GetCurrentProcId();
   RefPtr<ImageBridgeParent> parent =
-    new ImageBridgeParent(CompositorThreadHolder::Loop(), base::GetCurrentProcId());
+    new ImageBridgeParent(CompositorThreadHolder::Loop(), pid);
   parent->mSelfRef = parent;
 
+  {
+    MonitorAutoLock lock(*sImageBridgesLock);
+    MOZ_RELEASE_ASSERT(sImageBridges.count(pid) == 0);
+    sImageBridges[pid] = parent;
+  }
+
   sImageBridgeParentSingleton = parent;
   return parent;
 }
 
 /* static */ bool
 ImageBridgeParent::CreateForGPUProcess(Endpoint<PImageBridgeParent>&& aEndpoint)
 {
   MOZ_ASSERT(XRE_GetProcessType() == GeckoProcessType_GPU);
@@ -252,16 +252,38 @@ ImageBridgeParent::CreateForContent(Endp
 }
 
 void
 ImageBridgeParent::Bind(Endpoint<PImageBridgeParent>&& aEndpoint)
 {
   if (!aEndpoint.Bind(this))
     return;
   mSelfRef = this;
+
+  // If the child process ID was reused by the OS before the ImageBridgeParent
+  // object was destroyed, we need to clean it up first.
+  RefPtr<ImageBridgeParent> oldActor;
+  {
+    MonitorAutoLock lock(*sImageBridgesLock);
+    ImageBridgeMap::const_iterator i = sImageBridges.find(OtherPid());
+    if (i != sImageBridges.end()) {
+      oldActor = i->second;
+    }
+  }
+
+  // We can't hold the lock during Close because it erases itself from the map.
+  if (oldActor) {
+    MOZ_RELEASE_ASSERT(!oldActor->mClosed);
+    oldActor->Close();
+  }
+
+  {
+    MonitorAutoLock lock(*sImageBridgesLock);
+    sImageBridges[OtherPid()] = this;
+  }
 }
 
 mozilla::ipc::IPCResult ImageBridgeParent::RecvWillClose()
 {
   // If there is any texture still alive we have to force it to deallocate the
   // device data (GL textures, etc.) now because shortly after SenStop() returns
   // on the child side the widget will be destroyed along with it's associated
   // GL context.
--- a/gfx/layers/ipc/LayerTransactionParent.cpp
+++ b/gfx/layers/ipc/LayerTransactionParent.cpp
@@ -872,16 +872,20 @@ LayerTransactionParent::Attach(Layer* aL
   HostLayer* layer = aLayer->AsHostLayer();
   if (!layer) {
     return false;
   }
 
   TextureSourceProvider* provider =
     static_cast<HostLayerManager*>(aLayer->Manager())->GetTextureSourceProvider();
 
+  MOZ_ASSERT(!aCompositable->AsWebRenderImageHost());
+  if (aCompositable->AsWebRenderImageHost()) {
+    gfxCriticalNote << "Use WebRenderImageHost at LayerTransactionParent.";
+  }
   if (!layer->SetCompositableHost(aCompositable)) {
     // not all layer types accept a compositable, see bug 967824
     return false;
   }
   aCompositable->Attach(aLayer,
                         provider,
                         aIsAsync
                           ? CompositableHost::ALLOW_REATTACH
--- a/gfx/layers/wr/WebRenderBridgeParent.cpp
+++ b/gfx/layers/wr/WebRenderBridgeParent.cpp
@@ -795,18 +795,23 @@ WebRenderBridgeParent::RecvAddPipelineId
     }
     host = imageBridge->FindCompositable(aHandle);
   } else {
     host = FindCompositable(aHandle);
   }
   if (!host) {
     return IPC_FAIL_NO_REASON(this);
   }
-  MOZ_ASSERT(host->AsWebRenderImageHost());
+
   WebRenderImageHost* wrHost = host->AsWebRenderImageHost();
+  MOZ_ASSERT(wrHost);
+  if (!wrHost) {
+    gfxCriticalNote << "Incompatible CompositableHost at WebRenderBridgeParent.";
+  }
+
   if (!wrHost) {
     return IPC_OK();
   }
 
   wrHost->SetWrBridge(this);
   wrHost->EnableUseAsyncImagePipeline();
   mAsyncCompositables.Put(wr::AsUint64(aPipelineId), wrHost);
   mAsyncImageManager->AddAsyncImagePipeline(aPipelineId, wrHost);
@@ -838,16 +843,22 @@ WebRenderBridgeParent::RecvAddExternalIm
 {
   if (mDestroyed) {
     return IPC_OK();
   }
   MOZ_ASSERT(!mExternalImageIds.Get(wr::AsUint64(aImageId)).get());
 
   RefPtr<CompositableHost> host = FindCompositable(aHandle);
   WebRenderImageHost* wrHost = host->AsWebRenderImageHost();
+
+  MOZ_ASSERT(wrHost);
+  if (!wrHost) {
+    gfxCriticalNote << "Incompatible CompositableHost for external image at WebRenderBridgeParent.";
+  }
+
   if (!wrHost) {
     return IPC_OK();
   }
 
   wrHost->SetWrBridge(this);
   mExternalImageIds.Put(wr::AsUint64(aImageId), wrHost);
 
   return IPC_OK();
--- a/ipc/glue/BackgroundUtils.cpp
+++ b/ipc/glue/BackgroundUtils.cpp
@@ -399,16 +399,17 @@ LoadInfoToLoadInfoArgs(nsILoadInfo *aLoa
       aLoadInfo->GetOriginAttributes(),
       redirectChainIncludingInternalRedirects,
       redirectChain,
       ancestorPrincipals,
       aLoadInfo->AncestorOuterWindowIDs(),
       aLoadInfo->CorsUnsafeHeaders(),
       aLoadInfo->GetForcePreflight(),
       aLoadInfo->GetIsPreflight(),
+      aLoadInfo->GetLoadTriggeredFromExternal(),
       aLoadInfo->GetForceHSTSPriming(),
       aLoadInfo->GetMixedContentWouldBlock(),
       aLoadInfo->GetIsHSTSPriming(),
       aLoadInfo->GetIsHSTSPrimingUpgrade()
       );
 
   return NS_OK;
 }
@@ -506,16 +507,17 @@ LoadInfoArgsToLoadInfo(const OptionalLoa
                           loadInfoArgs.originAttributes(),
                           redirectChainIncludingInternalRedirects,
                           redirectChain,
                           Move(ancestorPrincipals),
                           loadInfoArgs.ancestorOuterWindowIDs(),
                           loadInfoArgs.corsUnsafeHeaders(),
                           loadInfoArgs.forcePreflight(),
                           loadInfoArgs.isPreflight(),
+                          loadInfoArgs.loadTriggeredFromExternal(),
                           loadInfoArgs.forceHSTSPriming(),
                           loadInfoArgs.mixedContentWouldBlock(),
                           loadInfoArgs.isHSTSPriming(),
                           loadInfoArgs.isHSTSPrimingUpgrade()
                           );
 
    loadInfo.forget(outLoadInfo);
    return NS_OK;
--- a/ipc/ipdl/sync-messages.ini
+++ b/ipc/ipdl/sync-messages.ini
@@ -925,16 +925,18 @@ description =
 [PRemoteSpellcheckEngine::CheckAndSuggest]
 description =
 [PRemoteSpellcheckEngine::SetDictionary]
 description =
 [PGPU::AddLayerTreeIdMapping]
 description =
 [PGPU::GetDeviceStatus]
 description =
+[PGPU::SimulateDeviceReset]
+description =
 [PAPZCTreeManager::ReceiveMultiTouchInputEvent]
 description =
 [PAPZCTreeManager::ReceiveMouseInputEvent]
 description =
 [PAPZCTreeManager::ReceivePanGestureInputEvent]
 description =
 [PAPZCTreeManager::ReceivePinchGestureInputEvent]
 description =
--- a/js/src/builtin/Object.cpp
+++ b/js/src/builtin/Object.cpp
@@ -1530,39 +1530,32 @@ ProtoGetter(JSContext* cx, unsigned argc
     RootedObject proto(cx);
     if (!GetPrototype(cx, obj, &proto))
         return false;
 
     args.rval().setObjectOrNull(proto);
     return true;
 }
 
-namespace js {
-size_t sSetProtoCalled = 0;
-} // namespace js
-
 static bool
 ProtoSetter(JSContext* cx, unsigned argc, Value* vp)
 {
     CallArgs args = CallArgsFromVp(argc, vp);
 
     HandleValue thisv = args.thisv();
     if (thisv.isNullOrUndefined()) {
         ReportIncompatible(cx, args);
         return false;
     }
     if (thisv.isPrimitive()) {
         // Mutating a boxed primitive's [[Prototype]] has no side effects.
         args.rval().setUndefined();
         return true;
     }
 
-    if (!cx->runningWithTrustedPrincipals())
-        ++sSetProtoCalled;
-
     Rooted<JSObject*> obj(cx, &args.thisv().toObject());
 
     /* Do nothing if __proto__ isn't being set to an object or null. */
     if (args.length() == 0 || !args[0].isObjectOrNull()) {
         args.rval().setUndefined();
         return true;
     }
 
--- a/js/src/devtools/automation/winbuildenv.sh
+++ b/js/src/devtools/automation/winbuildenv.sh
@@ -5,17 +5,17 @@ mk_add_options() {
   echo "$@"
 }
 
 topsrcdir="$SOURCE"
 
 # Tooltool installs in parent of topsrcdir for spidermonkey builds.
 # Resolve that path since the mozconfigs assume tooltool installs in
 # topsrcdir.
-export VSPATH="$(cd ${topsrcdir}/.. && pwd)/vs2017_15.4.1"
+export VSPATH="$(cd ${topsrcdir}/.. && pwd)/vs2017_15.4.2"
 
 # When running on a developer machine, several variables will already
 # have the right settings and we will need to keep them since the
 # Windows mozconfigs overwrite them.
 echo "export ORIGINAL_INCLUDE=$INCLUDE"
 echo "export ORIGINAL_LIB=$LIB"
 echo "export ORIGINAL_LIBPATH=$LIBPATH"
 
--- a/js/src/gc/GCEnum.h
+++ b/js/src/gc/GCEnum.h
@@ -67,21 +67,22 @@ enum class AbortReason {
     D(IncrementalMarkAllThenFinish, 9) \
     D(IncrementalMultipleSlices, 10)   \
     D(IncrementalMarkingValidator, 11) \
     D(ElementsBarrier, 12)             \
     D(CheckHashTablesOnMinorGC, 13)    \
     D(Compact, 14)                     \
     D(CheckHeapAfterGC, 15)            \
     D(CheckNursery, 16)                \
-    D(IncrementalSweepThenFinish, 17)
+    D(IncrementalSweepThenFinish, 17)  \
+    D(CheckGrayMarking, 18)
 
 enum class ZealMode {
 #define ZEAL_MODE(name, value) name = value,
     JS_FOR_EACH_ZEAL_MODE(ZEAL_MODE)
 #undef ZEAL_MODE
-    Limit = 17
+    Limit = 18
 };
 
 } /* namespace gc */
 } /* namespace js */
 
 #endif /* gc_GCEnum_h */
--- a/js/src/gc/Verifier.cpp
+++ b/js/src/gc/Verifier.cpp
@@ -556,24 +556,38 @@ HeapCheckTracerBase::traceHeap(AutoLockF
             stack.back().processed = true;
             TraceChildren(this, item.thing);
         }
     }
 
     return !oom;
 }
 
+static const char*
+GetCellColorName(Cell* cell)
+{
+    if (cell->isMarkedBlack())
+        return "black";
+    if (cell->isMarkedGray())
+        return "gray";
+    return "white";
+}
+
 void
 HeapCheckTracerBase::dumpCellInfo(Cell* cell)
 {
     auto kind = cell->getTraceKind();
-    fprintf(stderr, "%s", GCTraceKindToAscii(kind));
-    if (kind == JS::TraceKind::Object)
-        fprintf(stderr, " %s", static_cast<JSObject*>(cell)->getClass()->name);
+    JSObject* obj = kind == JS::TraceKind::Object ? static_cast<JSObject*>(cell) : nullptr;
+
+    fprintf(stderr, "%s %s", GetCellColorName(cell), GCTraceKindToAscii(kind));
+    if (obj)
+        fprintf(stderr, " %s", obj->getClass()->name);
     fprintf(stderr, " %p", cell);
+    if (obj)
+        fprintf(stderr, " (compartment %p)", obj->compartment());
 }
 
 void
 HeapCheckTracerBase::dumpCellPath()
 {
     const char* name = contextName();
     for (int index = parentIndex; index != -1; index = stack[index].parentIndex) {
         const WorkItem& parent = stack[index];
@@ -637,17 +651,17 @@ js::gc::CheckHeapAfterGC(JSRuntime* rt)
     AutoTraceSession session(rt, JS::HeapState::Tracing);
     CheckHeapTracer tracer(rt);
     if (tracer.init())
         tracer.check(session.lock);
 }
 
 #endif /* JSGC_HASH_TABLE_CHECKS */
 
-#ifdef DEBUG
+#if defined(JS_GC_ZEAL) || defined(DEBUG)
 
 class CheckGrayMarkingTracer final : public HeapCheckTracerBase
 {
   public:
     explicit CheckGrayMarkingTracer(JSRuntime* rt);
     bool check(AutoLockForExclusiveAccess& lock);
 
   private:
@@ -665,20 +679,26 @@ void
 CheckGrayMarkingTracer::checkCell(Cell* cell)
 {
     Cell* parent = parentCell();
     if (!parent)
         return;
 
     if (parent->isMarkedBlack() && cell->isMarkedGray()) {
         failures++;
+
         fprintf(stderr, "Found black to gray edge to ");
         dumpCellInfo(cell);
         fprintf(stderr, "\n");
         dumpCellPath();
+
+        if (cell->getTraceKind() == JS::TraceKind::Object) {
+            fprintf(stderr, "\n");
+            DumpObject(static_cast<JSObject*>(cell), stderr);
+        }
     }
 }
 
 bool
 CheckGrayMarkingTracer::check(AutoLockForExclusiveAccess& lock)
 {
     if (!traceHeap(lock))
         return true; // Ignore failure.
@@ -698,9 +718,9 @@ js::CheckGrayMarkingState(JSRuntime* rt)
     AutoTraceSession session(rt, JS::HeapState::Tracing);
     CheckGrayMarkingTracer tracer(rt);
     if (!tracer.init())
         return true; // Ignore failure
 
     return tracer.check(session.lock);
 }
 
-#endif // DEBUG
+#endif // defined(JS_GC_ZEAL) || defined(DEBUG)
new file mode 100644
--- /dev/null
+++ b/js/src/jit-test/tests/gc/bug-1413914.js
@@ -0,0 +1,4 @@
+let a = grayRoot();
+a[0] = {};
+gczeal(18);
+gc();
--- a/js/src/jit/BaselineIC.cpp
+++ b/js/src/jit/BaselineIC.cpp
@@ -1697,17 +1697,17 @@ DoSetPropFallback(JSContext* cx, Baselin
             }
         }
     }
 
     if (op == JSOP_INITPROP ||
         op == JSOP_INITLOCKEDPROP ||
         op == JSOP_INITHIDDENPROP)
     {
-        if (!InitPropertyOperation(cx, op, obj, id, rhs))
+        if (!InitPropertyOperation(cx, op, obj, name, rhs))
             return false;
     } else if (op == JSOP_SETNAME ||
                op == JSOP_STRICTSETNAME ||
                op == JSOP_SETGNAME ||
                op == JSOP_STRICTSETGNAME)
     {
         if (!SetNameOperation(cx, script, pc, obj, rhs))
             return false;
--- a/js/src/jit/VMFunctions.cpp
+++ b/js/src/jit/VMFunctions.cpp
@@ -464,17 +464,17 @@ CharCodeAt(JSContext* cx, HandleString s
 JSFlatString*
 StringFromCharCode(JSContext* cx, int32_t code)
 {
     char16_t c = char16_t(code);
 
     if (StaticStrings::hasUnit(c))
         return cx->staticStrings().getUnit(c);
 
-    return NewStringCopyN<CanGC>(cx, &c, 1);
+    return NewStringCopyNDontDeflate<CanGC>(cx, &c, 1);
 }
 
 JSString*
 StringFromCodePoint(JSContext* cx, int32_t codePoint)
 {
     RootedValue rval(cx, Int32Value(codePoint));
     if (!str_fromCodePoint_one_arg(cx, rval, &rval))
         return nullptr;
--- a/js/src/jsdate.cpp
+++ b/js/src/jsdate.cpp
@@ -424,41 +424,57 @@ EquivalentYearForDST(int year)
     /*
      * Years and leap years on which Jan 1 is a Sunday, Monday, etc.
      *
      * yearStartingWith[0][i] is an example non-leap year where
      * Jan 1 appears on Sunday (i == 0), Monday (i == 1), etc.
      *
      * yearStartingWith[1][i] is an example leap year where
      * Jan 1 appears on Sunday (i == 0), Monday (i == 1), etc.
+     *
+     * Keep two different mappings, one for past years (< 1970), and a
+     * different one for future years (> 2037).
      */
-    static const int yearStartingWith[2][7] = {
+    static const int pastYearStartingWith[2][7] = {
         {1978, 1973, 1974, 1975, 1981, 1971, 1977},
         {1984, 1996, 1980, 1992, 1976, 1988, 1972}
     };
+    static const int futureYearStartingWith[2][7] = {
+        {2034, 2035, 2030, 2031, 2037, 2027, 2033},
+        {2012, 2024, 2036, 2020, 2032, 2016, 2028}
+    };
 
     int day = int(DayFromYear(year) + 4) % 7;
     if (day < 0)
         day += 7;
 
+    const auto& yearStartingWith = year < 1970 ? pastYearStartingWith : futureYearStartingWith;
     return yearStartingWith[IsLeapYear(year)][day];
 }
 
+// Return true if |t| is representable as a 32-bit time_t variable, that means
+// the year is in [1970, 2038).
+static bool
+IsRepresentableAsTime32(double t)
+{
+    return 0.0 <= t && t < 2145916800000.0;
+}
+
 /* ES5 15.9.1.8. */
 static double
 DaylightSavingTA(double t)
 {
     if (!IsFinite(t))
         return GenericNaN();
 
     /*
      * If earlier than 1970 or after 2038, potentially beyond the ken of
      * many OSes, map it to an equivalent year before asking.
      */
-    if (t < 0.0 || t > 2145916800000.0) {
+    if (!IsRepresentableAsTime32(t)) {
         int year = EquivalentYearForDST(int(YearFromTime(t)));
         double day = MakeDay(year, MonthFromTime(t), DateFromTime(t));
         t = MakeDate(day, TimeWithinDay(t));
     }
 
     int64_t utcMilliseconds = static_cast<int64_t>(t);
     int64_t offsetMilliseconds = DateTimeInfo::getDSTOffsetMilliseconds(utcMilliseconds);
     return static_cast<double>(offsetMilliseconds);
@@ -2616,16 +2632,28 @@ ToPRMJTime(double localTime, double utcT
     prtm.tm_wday = int8_t(WeekDay(localTime));
     prtm.tm_year = year;
     prtm.tm_yday = int16_t(DayWithinYear(localTime, year));
     prtm.tm_isdst = (DaylightSavingTA(utcTime) != 0);
 
     return prtm;
 }
 
+static size_t
+FormatTime(char* buf, int buflen, const char* fmt, double utcTime, double localTime)
+{
+    PRMJTime prtm = ToPRMJTime(localTime, utcTime);
+    int eqivalentYear = IsRepresentableAsTime32(utcTime)
+                        ? prtm.tm_year
+                        : EquivalentYearForDST(prtm.tm_year);
+    int offsetInSeconds = (int) floor((localTime - utcTime) / msPerSecond);
+
+    return PRMJ_FormatTime(buf, buflen, fmt, &prtm, eqivalentYear, offsetInSeconds);
+}
+
 enum class FormatSpec {
     DateTime,
     Date,
     Time
 };
 
 static bool
 FormatDate(JSContext* cx, double utcTime, FormatSpec format, MutableHandleValue rval)
@@ -2658,18 +2686,17 @@ FormatDate(JSContext* cx, double utcTime
              * operating-system dependence on strftime (which PRMJ_FormatTime
              * calls, for %Z only.)  win32 prints PST as
              * 'Pacific Standard Time.'  This way we always know what we're
              * getting, and can parse it if we produce it.  The OS time zone
              * string is included as a comment.
              */
 
             /* get a time zone string from the OS to include as a comment. */
-            PRMJTime prtm = ToPRMJTime(localTime, utcTime);
-            size_t tzlen = PRMJ_FormatTime(tzbuf, sizeof tzbuf, "(%Z)", &prtm);
+            size_t tzlen = FormatTime(tzbuf, sizeof tzbuf, "(%Z)", utcTime, localTime);
             if (tzlen != 0) {
                 /*
                  * Decide whether to use the resulting time zone string.
                  *
                  * Reject it if it contains any non-ASCII or non-printable
                  * characters.  It's then likely in some other character
                  * encoding, and we probably won't display it correctly.
                  */
@@ -2739,20 +2766,19 @@ ToLocaleFormatHelper(JSContext* cx, Hand
 {
     double utcTime = obj->as<DateObject>().UTCTime().toNumber();
 
     char buf[100];
     if (!IsFinite(utcTime)) {
         strcpy(buf, js_NaN_date_str);
     } else {
         double localTime = LocalTime(utcTime);
-        PRMJTime prtm = ToPRMJTime(localTime, utcTime);
 
         /* Let PRMJTime format it. */
-        size_t result_len = PRMJ_FormatTime(buf, sizeof buf, format, &prtm);
+        size_t result_len = FormatTime(buf, sizeof buf, format, utcTime, localTime);
 
         /* If it failed, default to toString. */
         if (result_len == 0)
             return FormatDate(cx, utcTime, FormatSpec::DateTime, rval);
 
         /* Hacked check against undesired 2-digit year 00/00/00 form. */
         if (strcmp(format, "%x") == 0 && result_len >= 6 &&
             /* Format %x means use OS settings, which may have 2-digit yr, so
--- a/js/src/jsfriendapi.cpp
+++ b/js/src/jsfriendapi.cpp
@@ -523,32 +523,16 @@ js::SetReservedSlotWithBarrier(JSObject*
 }
 
 void
 js::SetPreserveWrapperCallback(JSContext* cx, PreserveWrapperCallback callback)
 {
     cx->runtime()->preserveWrapperCallback = callback;
 }
 
-/*
- * The below code is for temporary telemetry use. It can be removed when
- * sufficient data has been harvested.
- */
-
-namespace js {
-// Defined in vm/GlobalObject.cpp.
-extern size_t sSetProtoCalled;
-} // namespace js
-
-JS_FRIEND_API(size_t)
-JS_SetProtoCalled(JSContext*)
-{
-    return sSetProtoCalled;
-}
-
 JS_FRIEND_API(unsigned)
 JS_PCToLineNumber(JSScript* script, jsbytecode* pc, unsigned* columnp)
 {
     return PCToLineNumber(script, pc, columnp);
 }
 
 JS_FRIEND_API(bool)
 JS_IsDeadWrapper(JSObject* obj)
--- a/js/src/jsfriendapi.h
+++ b/js/src/jsfriendapi.h
@@ -66,19 +66,16 @@ JS_NewObjectWithUniqueType(JSContext* cx
  * attached to them.
  */
 extern JS_FRIEND_API(JSObject*)
 JS_NewObjectWithoutMetadata(JSContext* cx, const JSClass* clasp, JS::Handle<JSObject*> proto);
 
 extern JS_FRIEND_API(uint32_t)
 JS_ObjectCountDynamicSlots(JS::HandleObject obj);
 
-extern JS_FRIEND_API(size_t)
-JS_SetProtoCalled(JSContext* cx);
-
 extern JS_FRIEND_API(bool)
 JS_NondeterministicGetWeakMapKeys(JSContext* cx, JS::HandleObject obj, JS::MutableHandleObject ret);
 
 extern JS_FRIEND_API(bool)
 JS_NondeterministicGetWeakSetKeys(JSContext* cx, JS::HandleObject obj, JS::MutableHandleObject ret);
 
 // Raw JSScript* because this needs to be callable from a signal handler.
 extern JS_FRIEND_API(unsigned)
@@ -527,17 +524,17 @@ IterateGrayObjects(JS::Zone* zone, GCThi
 
 /**
  * Invoke cellCallback on every gray JSObject in the given zone while cycle
  * collection is in progress.
  */
 extern JS_FRIEND_API(void)
 IterateGrayObjectsUnderCC(JS::Zone* zone, GCThingCallback cellCallback, void* data);
 
-#ifdef DEBUG
+#if defined(JS_GC_ZEAL) || defined(DEBUG)
 // Trace the heap and check there are no black to gray edges. These are
 // not allowed since the cycle collector could throw away the gray thing and
 // leave a dangling pointer.
 //
 // This doesn't trace weak maps as these are handled separately.
 extern JS_FRIEND_API(bool)
 CheckGrayMarkingState(JSRuntime* rt);
 #endif
--- a/js/src/jsfun.cpp
+++ b/js/src/jsfun.cpp
@@ -1735,38 +1735,23 @@ JSFunction::maybeRelazify(JSRuntime* rt)
         MOZ_ASSERT(isSelfHostedBuiltin());
         MOZ_ASSERT(isExtended());
         MOZ_ASSERT(getExtendedSlot(LAZY_FUNCTION_NAME_SLOT).toString()->isAtom());
     }
 
     comp->scheduleDelazificationForDebugger();
 }
 
-static bool
-fun_isGenerator(JSContext* cx, unsigned argc, Value* vp)
-{
-    CallArgs args = CallArgsFromVp(argc, vp);
-    JSFunction* fun;
-    if (!IsFunctionObject(args.thisv(), &fun)) {
-        args.rval().setBoolean(false);
-        return true;
-    }
-
-    args.rval().setBoolean(fun->isGenerator());
-    return true;
-}
-
 const JSFunctionSpec js::function_methods[] = {
 #if JS_HAS_TOSOURCE
     JS_FN(js_toSource_str,   fun_toSource,   0,0),
 #endif
     JS_FN(js_toString_str,   fun_toString,   0,0),
     JS_FN(js_apply_str,      fun_apply,      2,0),
     JS_FN(js_call_str,       fun_call,       1,0),
-    JS_FN("isGenerator",     fun_isGenerator,0,0),
     JS_SELF_HOSTED_FN("bind", "FunctionBind", 2, 0),
     JS_SYM_FN(hasInstance, fun_symbolHasInstance, 1, JSPROP_READONLY | JSPROP_PERMANENT),
     JS_FS_END
 };
 
 // ES2018 draft rev 2aea8f3e617b49df06414eb062ab44fad87661d3
 // 19.2.1.1.1 CreateDynamicFunction( constructor, newTarget, kind, args )
 static bool
--- a/js/src/jsgc.cpp
+++ b/js/src/jsgc.cpp
@@ -998,17 +998,18 @@ const char* gc::ZealModeHelpText =
     "    9: (IncrementalMarkAllThenFinish) Incremental GC in two slices: 1) mark all 2) new marking and finish\n"
     "   10: (IncrementalMultipleSlices) Incremental GC in multiple slices\n"
     "   11: (IncrementalMarkingValidator) Verify incremental marking\n"
     "   12: (ElementsBarrier) Always use the individual element post-write barrier, regardless of elements size\n"
     "   13: (CheckHashTablesOnMinorGC) Check internal hashtables on minor GC\n"
     "   14: (Compact) Perform a shrinking collection every N allocations\n"
     "   15: (CheckHeapAfterGC) Walk the heap to check its integrity after every GC\n"
     "   16: (CheckNursery) Check nursery integrity on minor GC\n"
-    "   17: (IncrementalSweepThenFinish) Incremental GC in two slices: 1) start sweeping 2) finish collection\n";
+    "   17: (IncrementalSweepThenFinish) Incremental GC in two slices: 1) start sweeping 2) finish collection\n"
+    "   18: (CheckGrayMarking) Check gray marking invariants after every GC\n";
 
 // The set of zeal modes that control incremental slices. These modes are
 // mutually exclusive.
 static const mozilla::EnumSet<ZealMode> IncrementalSliceZealModes = {
     ZealMode::IncrementalRootsThenFinish,
     ZealMode::IncrementalMarkAllThenFinish,
     ZealMode::IncrementalMultipleSlices,
     ZealMode::IncrementalSweepThenFinish
@@ -7505,16 +7506,19 @@ GCRuntime::collect(bool nonincrementalBy
     if (reason == JS::gcreason::COMPARTMENT_REVIVED)
         maybeDoCycleCollection();
 
 #ifdef JS_GC_ZEAL
     if (rt->hasZealMode(ZealMode::CheckHeapAfterGC)) {
         gcstats::AutoPhase ap(rt->gc.stats(), gcstats::PhaseKind::TRACE_HEAP);
         CheckHeapAfterGC(rt);
     }
+    if (rt->hasZealMode(ZealMode::CheckGrayMarking)) {
+        MOZ_RELEASE_ASSERT(CheckGrayMarkingState(rt));
+    }
 #endif
 }
 
 js::AutoEnqueuePendingParseTasksAfterGC::~AutoEnqueuePendingParseTasksAfterGC()
 {
     if (!OffThreadParsingMustWaitForGC(gc_.rt))
         EnqueuePendingParseTasksAfterGC(gc_.rt);
 }
--- a/js/src/jsobj.cpp
+++ b/js/src/jsobj.cpp
@@ -3406,17 +3406,17 @@ dumpValue(const Value& v, js::GenericPri
         out.put("null");
     else if (v.isUndefined())
         out.put("undefined");
     else if (v.isInt32())
         out.printf("%d", v.toInt32());
     else if (v.isDouble())
         out.printf("%g", v.toDouble());
     else if (v.isString())
-        v.toString()->dump(out);
+        v.toString()->dumpNoNewline(out);
     else if (v.isSymbol())
         v.toSymbol()->dump(out);
     else if (v.isObject() && v.toObject().is<JSFunction>()) {
         JSFunction* fun = &v.toObject().as<JSFunction>();
         if (fun->displayAtom()) {
             out.put("<function ");
             EscapedStringPrinter(out, fun->displayAtom(), 0);
         } else {
@@ -3487,47 +3487,51 @@ js::DumpId(jsid id, js::GenericPrinter& 
     dumpValue(IdToValue(id), out);
     out.putChar('\n');
 }
 
 static void
 DumpProperty(const NativeObject* obj, Shape& shape, js::GenericPrinter& out)
 {
     jsid id = shape.propid();
+    if (JSID_IS_ATOM(id))
+        JSID_TO_ATOM(id)->dumpCharsNoNewline(out);
+    else if (JSID_IS_INT(id))
+       out.printf("%d", JSID_TO_INT(id));
+    else if (JSID_IS_SYMBOL(id))
+        JSID_TO_SYMBOL(id)->dump(out);
+    else
+        out.printf("id %p", reinterpret_cast<void*>(JSID_BITS(id)));
+
+    if (shape.isDataProperty()) {
+        out.printf(": ");
+        dumpValue(obj->getSlot(shape.maybeSlot()), out);
+    }
+
+    out.printf(" (shape %p", (void*) &shape);
+
     uint8_t attrs = shape.attributes();
-
-    out.printf("    ((js::Shape*) %p) ", (void*) &shape);
-    if (attrs & JSPROP_ENUMERATE) out.put("enumerate ");
-    if (attrs & JSPROP_READONLY) out.put("readonly ");
-    if (attrs & JSPROP_PERMANENT) out.put("permanent ");
+    if (attrs & JSPROP_ENUMERATE) out.put(" enumerate");
+    if (attrs & JSPROP_READONLY) out.put(" readonly");
+    if (attrs & JSPROP_PERMANENT) out.put(" permanent");
 
     if (shape.hasGetterValue())
-        out.printf("getterValue=%p ", (void*) shape.getterObject());
+        out.printf(" getterValue %p", shape.getterObject());
     else if (!shape.hasDefaultGetter())
-        out.printf("getterOp=%p ", JS_FUNC_TO_DATA_PTR(void*, shape.getterOp()));
+        out.printf(" getterOp %p", JS_FUNC_TO_DATA_PTR(void*, shape.getterOp()));
 
     if (shape.hasSetterValue())
-        out.printf("setterValue=%p ", (void*) shape.setterObject());
+        out.printf(" setterValue %p", shape.setterObject());
     else if (!shape.hasDefaultSetter())
-        out.printf("setterOp=%p ", JS_FUNC_TO_DATA_PTR(void*, shape.setterOp()));
-
-    if (JSID_IS_ATOM(id) || JSID_IS_INT(id) || JSID_IS_SYMBOL(id))
-        dumpValue(js::IdToValue(id), out);
-    else
-        out.printf("unknown jsid %p", (void*) JSID_BITS(id));
-
-    uint32_t slot = shape.isDataProperty() ? shape.maybeSlot() : SHAPE_INVALID_SLOT;
-    out.printf(": slot %d", slot);
-    if (shape.isDataProperty()) {
-        out.put(" = ");
-        dumpValue(obj->getSlot(slot), out);
-    } else if (slot != SHAPE_INVALID_SLOT) {
-        out.printf(" (INVALID!)");
-    }
-    out.putChar('\n');
+        out.printf(" setterOp %p", JS_FUNC_TO_DATA_PTR(void*, shape.setterOp()));
+
+    if (shape.isDataProperty())
+        out.printf(" slot %d", shape.maybeSlot());
+
+    out.printf(")\n");
 }
 
 bool
 JSObject::uninlinedIsProxy() const
 {
     return is<ProxyObject>();
 }
 
@@ -3537,111 +3541,105 @@ JSObject::uninlinedNonProxyIsExtensible(
     return nonProxyIsExtensible();
 }
 
 void
 JSObject::dump(js::GenericPrinter& out) const
 {
     const JSObject* obj = this;
     JSObject* globalObj = &global();
-    out.printf("object %p from global %p [%s]\n", (void*) obj,
-            (void*) globalObj, globalObj->getClass()->name);
+    out.printf("object %p\n", obj);
+    out.printf("  global %p [%s]\n", globalObj, globalObj->getClass()->name);
+
     const Class* clasp = obj->getClass();
-    out.printf("class %p %s\n", (const void*)clasp, clasp->name);
+    out.printf("  class %p %s\n", clasp, clasp->name);
 
     if (obj->hasLazyGroup()) {
-        out.put("lazy group\n");
+        out.put("  lazy group\n");
     } else {
         const ObjectGroup* group = obj->group();
-        out.printf("group %p\n", (const void*)group);
+        out.printf("  group %p\n", group);
     }
 
-    out.put("flags:");
+    out.put("  flags:");
     if (obj->isDelegate()) out.put(" delegate");
     if (!obj->is<ProxyObject>() && !obj->nonProxyIsExtensible()) out.put(" not_extensible");
     if (obj->maybeHasInterestingSymbolProperty()) out.put(" maybe_has_interesting_symbol");
     if (obj->isBoundFunction()) out.put(" bound_function");
     if (obj->isQualifiedVarObj()) out.put(" varobj");
     if (obj->isUnqualifiedVarObj()) out.put(" unqualified_varobj");
     if (obj->isIteratedSingleton()) out.put(" iterated_singleton");
     if (obj->isNewGroupUnknown()) out.put(" new_type_unknown");
     if (obj->hasUncacheableProto()) out.put(" has_uncacheable_proto");
     if (obj->hasStaticPrototype() && obj->staticPrototypeIsImmutable())
         out.put(" immutable_prototype");
 
-    if (obj->isNative()) {
-        const NativeObject* nobj = &obj->as<NativeObject>();
+    const NativeObject* nobj = obj->isNative() ? &obj->as<NativeObject>() : nullptr;
+    if (nobj) {
         if (nobj->inDictionaryMode())
             out.put(" inDictionaryMode");
         if (nobj->hasShapeTable())
             out.put(" hasShapeTable");
         if (nobj->hadElementsAccess())
             out.put(" had_elements_access");
         if (nobj->isIndexed())
             out.put(" indexed");
         if (nobj->wasNewScriptCleared())
             out.put(" new_script_cleared");
+    } else {
+        out.put(" not_native\n");
     }
     out.putChar('\n');
 
-    if (obj->isNative()) {
-        const NativeObject* nobj = &obj->as<NativeObject>();
-        uint32_t slots = nobj->getDenseInitializedLength();
-        if (slots) {
-            out.put("elements\n");
-            for (uint32_t i = 0; i < slots; i++) {
-                out.printf(" %3d: ", i);
-                dumpValue(nobj->getDenseElement(i), out);
-                out.putChar('\n');
-                out.flush();
-            }
-        }
-    }
-
-    out.put("proto ");
+    out.put("  proto ");
     TaggedProto proto = obj->taggedProto();
     if (proto.isDynamic())
         out.put("<dynamic>");
     else
         dumpValue(ObjectOrNullValue(proto.toObjectOrNull()), out);
     out.putChar('\n');
 
-    if (clasp->flags & JSCLASS_HAS_PRIVATE)
-        out.printf("private %p\n", obj->as<NativeObject>().getPrivate());
-
-    if (!obj->isNative())
-        out.put("not native\n");
-
-    uint32_t reservedEnd = JSCLASS_RESERVED_SLOTS(clasp);
-    uint32_t slots = obj->isNative() ? obj->as<NativeObject>().slotSpan() : 0;
-    uint32_t stop = obj->isNative() ? reservedEnd : slots;
-    if (stop > 0)
-        out.printf(obj->isNative() ? "reserved slots:\n" : "slots:\n");
-    for (uint32_t i = 0; i < stop; i++) {
-        out.printf(" %3d ", i);
-        if (i < reservedEnd)
-            out.printf("(reserved) ");
-        out.put("= ");
-        dumpValue(obj->as<NativeObject>().getSlot(i), out);
-        out.putChar('\n');
-    }
-
-    if (obj->isNative()) {
-        out.put("properties:\n");
+    if (nobj) {
+        if (clasp->flags & JSCLASS_HAS_PRIVATE)
+            out.printf("  private %p\n", nobj->getPrivate());
+
+        uint32_t reserved = JSCLASS_RESERVED_SLOTS(clasp);
+        if (reserved) {
+            out.printf("  reserved slots:\n");
+            for (uint32_t i = 0; i < reserved; i++) {
+                out.printf("    %3d ", i);
+                out.put(": ");
+                dumpValue(nobj->getSlot(i), out);
+                out.putChar('\n');
+            }
+        }
+
+        out.put("  properties:\n");
         Vector<Shape*, 8, SystemAllocPolicy> props;
-        for (Shape::Range<NoGC> r(obj->as<NativeObject>().lastProperty()); !r.empty(); r.popFront()) {
+        for (Shape::Range<NoGC> r(nobj->lastProperty()); !r.empty(); r.popFront()) {
             if (!props.append(&r.front())) {
                 out.printf("(OOM while appending properties)\n");
                 break;
             }
         }
-        for (size_t i = props.length(); i-- != 0;)
-            DumpProperty(&obj->as<NativeObject>(), *props[i], out);
+        for (size_t i = props.length(); i-- != 0;) {
+            out.printf("    ");
+            DumpProperty(nobj, *props[i], out);
+        }
+
+        uint32_t slots = nobj->getDenseInitializedLength();
+        if (slots) {
+            out.put("  elements:\n");
+            for (uint32_t i = 0; i < slots; i++) {
+                out.printf("    %3d: ", i);
+                dumpValue(nobj->getDenseElement(i), out);
+                out.putChar('\n');
+            }
+        }
     }
-    out.putChar('\n');
 }
 
 // For debuggers.
 void
 JSObject::dump() const
 {
     Fprinter out(stderr);
     dump(out);
--- a/js/src/tests/ecma/extensions/15-1.js
+++ b/js/src/tests/ecma/extensions/15-1.js
@@ -28,28 +28,26 @@ writeHeaderToLog( SECTION + " "+ TITLE);
 /*
   new TestCase( "Function.prototype.__proto__", Object.prototype,   Function.prototype.__proto__ );
   new TestCase( "Array.prototype.__proto__",    Object.prototype,   Array.prototype.__proto__ );
   new TestCase( "String.prototype.__proto__",   Object.prototype,   String.prototype.__proto__ );
   new TestCase( "Boolean.prototype.__proto__",  Object.prototype,   Boolean.prototype.__proto__ );
   new TestCase( "Number.prototype.__proto__",   Object.prototype,   Number.prototype.__proto__ );
 //    new TestCase( "Math.prototype.__proto__",     Object.prototype,   Math.prototype.__proto__ );
 new TestCase( "Date.prototype.__proto__",     Object.prototype,   Date.prototype.__proto__ );
-new TestCase( "TestCase.prototype.__proto__", Object.prototype,   TestCase.prototype.__proto__ );
 
 new TestCase( "MyObject.prototype.__proto__", Object.prototype,   MyObject.prototype.__proto__ );
 */
 new TestCase( "Function.prototype.__proto__ == Object.prototype", true,   Function.prototype.__proto__ == Object.prototype );
 new TestCase( "Array.prototype.__proto__ == Object.prototype",    true,   Array.prototype.__proto__ == Object.prototype );
 new TestCase( "String.prototype.__proto__ == Object.prototype",   true,   String.prototype.__proto__ == Object.prototype );
 new TestCase( "Boolean.prototype.__proto__ == Object.prototype",  true,   Boolean.prototype.__proto__ == Object.prototype );
 new TestCase( "Number.prototype.__proto__ == Object.prototype",   true,   Number.prototype.__proto__ == Object.prototype );
 //    new TestCase( "Math.prototype.__proto__ == Object.prototype",     true,   Math.prototype.__proto__ == Object.prototype );
 new TestCase( "Date.prototype.__proto__ == Object.prototype",     true,   Date.prototype.__proto__ == Object.prototype );
-new TestCase( "TestCase.prototype.__proto__ == Object.prototype", true,   TestCase.prototype.__proto__ == Object.prototype );
 
 new TestCase( "MyObject.prototype.__proto__ == Object.prototype", true,   MyObject.prototype.__proto__ == Object.prototype );
 
 
 test();
 
 
 function MyObject( value ) {
new file mode 100644
--- /dev/null
+++ b/js/src/tests/ecma_6/Date/time-zone-2038-pst.js
@@ -0,0 +1,59 @@
+// |reftest| skip-if(!xulRuntime.shell)
+
+// Note: The default time zone is set to PST8PDT for all jstests (when run in the shell).
+
+assertEq(/^(PST|PDT)$/.test(getTimeZone()), true);
+
+const Month = {
+    January: 0,
+    February: 1,
+    March: 2,
+    April: 3,
+    May: 4,
+    June: 5,
+    July: 6,
+    August: 7,
+    September: 8,
+    October: 9,
+    November: 10,
+    December: 11,
+};
+
+// U.S. daylight saving rules changed in 2007, excerpt from tzdata's
+// northamerica file:
+// NAME  FROM  TO    IN   ON       AT    SAVE  LETTER/S   
+// US    1967  2006  Oct  lastSun  2:00  0     S
+// US    1967  1973  Apr  lastSun  2:00  1:00  D
+// US    1974  only  Jan  6        2:00  1:00  D
+// US    1975  only  Feb  23       2:00  1:00  D
+// US    1976  1986  Apr  lastSun  2:00  1:00  D
+// US    1987  2006  Apr  Sun>=1   2:00  1:00  D
+// US    2007  max   Mar  Sun>=8   2:00  1:00  D
+// US    2007  max   Nov  Sun>=1   2:00  0     S
+
+
+// When 2040 is mapped to 1984, the old U.S. rules are applied, i.e. DST isn't
+// yet observed on March 31. If mapped to 2012, the new U.S. rules are applied
+// and DST is already observed, which is the expected behaviour.
+// A similar effect is visible in November.
+// NOTE: This test expects that 2012 and 2040 use the same DST rules. If this
+//       ever changes, the test needs to be updated accordingly.
+{
+    let dt1 = new Date(2040, Month.March, 31);
+    assertEq(dt1.toString(), "Sat Mar 31 2040 00:00:00 GMT-0700 (PDT)");
+
+    let dt2 = new Date(2040, Month.November, 1);
+    assertEq(dt2.toString(), "Thu Nov 01 2040 00:00:00 GMT-0700 (PDT)");
+}
+
+// 2038 is mapped to 2027 instead of 1971.
+{
+    let dt1 = new Date(2038, Month.March, 31);
+    assertEq(dt1.toString(), "Wed Mar 31 2038 00:00:00 GMT-0700 (PDT)");
+
+    let dt2 = new Date(2038, Month.November, 1);
+    assertEq(dt2.toString(), "Mon Nov 01 2038 00:00:00 GMT-0700 (PDT)");
+}
+
+if (typeof reportCompare === "function")
+    reportCompare(true, true);
deleted file mode 100644
--- a/js/src/tests/js1_8_5/extensions/is-generator.js
+++ /dev/null
@@ -1,23 +0,0 @@
-/*
- * Any copyright is dedicated to the Public Domain.
- * http://creativecommons.org/licenses/publicdomain/
- */
-
-/*
- * Bug 648355: Function.prototype.isGenerator
- */
-
-reportCompare(true, "isGenerator" in Function.prototype, "Function.prototype.isGenerator present");
-
-reportCompare(false, (function(){}).isGenerator(), "lambda is not a generator fn");
-reportCompare(false, Function.prototype.toString.isGenerator(), "native is not a generator fn");
-reportCompare(false, (function(){with(obj){}}).isGenerator(), "heavyweight is not a generator fn");
-reportCompare(false, (function(){obj}).isGenerator(), "upvar function is not a generator fn");
-
-reportCompare(true, (function*(){yield}).isGenerator(), "simple generator fn");
-reportCompare(true, (function*(){with(obj){yield}}).isGenerator(), "heavyweight generator fn");
-reportCompare(true, (function*(){yield; obj}).isGenerator(), "upvar generator fn");
-
-reportCompare(false, Function.prototype.isGenerator.call(42), "number is not a generator fn");
-reportCompare(false, Function.prototype.isGenerator.call({}), "vanilla object is not a generator fn");
-reportCompare(false, Function.prototype.isGenerator.call(new Date()), "date object is not a generator fn");
--- a/js/src/tests/jstests.list
+++ b/js/src/tests/jstests.list
@@ -470,19 +470,16 @@ skip script test262/language/expressions
 skip script test262/language/expressions/class/async-gen-method-yield-star-sync-next.js
 skip script test262/language/expressions/class/async-gen-method-static-yield-star-sync-next.js
 
 
 ###########################################################
 # Tests disabled due to issues in test262 importer script #
 ###########################################################
 
-# https://bugzilla.mozilla.org/show_bug.cgi?id=1346080
-skip script test262/intl402/PluralRules/prototype/select/tainting.js
-
 # test262 importer merges all includes in a per directory shell.js file, breaking this harness test case.
 skip script test262/harness/detachArrayBuffer.js
 
 
 ####################################################
 # Tests disabled due to invalid test expectations  #
 ####################################################
 
--- a/js/src/tests/shell.js
+++ b/js/src/tests/shell.js
@@ -317,39 +317,30 @@
    * Same as `new TestCase(description, expect, actual)`, except it doesn't
    * return the newly created test case object.
    */
   function AddTestCase(description, expect, actual) {
     new TestCase(description, expect, actual);
   }
   global.AddTestCase = AddTestCase;
 
-  var testCasesCounter = 0;
   var testCasesArray = [];
 
   function TestCase(d, e, a, r) {
     this.description = d;
     this.expect = e;
     this.actual = a;
     this.passed = getTestCaseResult(e, a);
     this.reason = typeof r !== 'undefined' ? String(r) : '';
-    ObjectDefineProperty(
-      testCasesArray,
-      testCasesCounter++,
-      {
-        __proto__: null,
-        value: this,
-        enumerable: true,
-        configurable: true,
-        writable: true
-      }
-    );
+
+    ArrayPush(testCasesArray, this);
   }
   global.TestCase = TestCase;
 
+  TestCase.prototype = ObjectCreate(null);
   TestCase.prototype.testPassed = (function TestCase_testPassed() { return this.passed; });
   TestCase.prototype.testFailed = (function TestCase_testFailed() { return !this.passed; });
   TestCase.prototype.testDescription = (function TestCase_testDescription() { return this.description + ' ' + this.reason; });
 
   function getTestCaseResult(expected, actual) {
     if (typeof expected !== typeof actual)
       return false;
     if (typeof expected !== 'number')
--- a/js/src/vm/Interpreter-inl.h
+++ b/js/src/vm/Interpreter-inl.h
@@ -394,24 +394,26 @@ InitGlobalLexicalOperation(JSContext* cx
     MOZ_ASSERT(*pc == JSOP_INITGLEXICAL);
     Rooted<LexicalEnvironmentObject*> lexicalEnv(cx, lexicalEnvArg);
     RootedShape shape(cx, lexicalEnv->lookup(cx, script->getName(pc)));
     MOZ_ASSERT(shape);
     lexicalEnv->setSlotWithType(cx, shape, value);
 }
 
 inline bool
-InitPropertyOperation(JSContext* cx, JSOp op, HandleObject obj, HandleId id, HandleValue rhs)
+InitPropertyOperation(JSContext* cx, JSOp op, HandleObject obj, HandlePropertyName name,
+                      HandleValue rhs)
 {
     if (obj->is<PlainObject>() || obj->is<JSFunction>()) {
         unsigned propAttrs = GetInitDataPropAttrs(op);
-        return NativeDefineDataProperty(cx, obj.as<NativeObject>(), id, rhs, propAttrs);
+        return NativeDefineDataProperty(cx, obj.as<NativeObject>(), name, rhs, propAttrs);
     }
 
-    MOZ_ASSERT(obj->as<UnboxedPlainObject>().layout().lookup(id));
+    MOZ_ASSERT(obj->as<UnboxedPlainObject>().layout().lookup(name));
+    RootedId id(cx, NameToId(name));
     return PutProperty(cx, obj, id, rhs, false);
 }
 
 inline bool
 DefVarOperation(JSContext* cx, HandleObject varobj, HandlePropertyName dn, unsigned attrs)
 {
     MOZ_ASSERT(varobj->isQualifiedVarObj());
 
--- a/js/src/vm/Interpreter.cpp
+++ b/js/src/vm/Interpreter.cpp
@@ -3773,22 +3773,19 @@ CASE(JSOP_INITHIDDENPROP)
                   "initprop and inithiddenprop must be the same size");
     /* Load the property's initial value into rval. */
     MOZ_ASSERT(REGS.stackDepth() >= 2);
     ReservedRooted<Value> rval(&rootValue0, REGS.sp[-1]);
 
     /* Load the object being initialized into lval/obj. */
     ReservedRooted<JSObject*> obj(&rootObject0, &REGS.sp[-2].toObject());
 
-    PropertyName* name = script->getName(REGS.pc);
-
-    RootedId& id = rootId0;
-    id = NameToId(name);
-
-    if (!InitPropertyOperation(cx, JSOp(*REGS.pc), obj, id, rval))
+    ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS.pc));
+
+    if (!InitPropertyOperation(cx, JSOp(*REGS.pc), obj, name, rval))
         goto error;
 
     REGS.sp--;
 }
 END_CASE(JSOP_INITPROP)
 
 CASE(JSOP_INITELEM)
 CASE(JSOP_INITHIDDENELEM)
--- a/js/src/vm/String.cpp
+++ b/js/src/vm/String.cpp
@@ -155,33 +155,39 @@ JSString::dump()
 {
     js::Fprinter out(stderr);
     dump(out);
 }
 
 void
 JSString::dump(js::GenericPrinter& out)
 {
+    dumpNoNewline(out);
+    out.putChar('\n');
+}
+
+void
+JSString::dumpNoNewline(js::GenericPrinter& out)
+{
     if (JSLinearString* linear = ensureLinear(nullptr)) {
         AutoCheckCannotGC nogc;
         if (hasLatin1Chars()) {
             const Latin1Char* chars = linear->latin1Chars(nogc);
             out.printf("JSString* (%p) = Latin1Char * (%p) = ", (void*) this,
                     (void*) chars);
             dumpChars(chars, length(), out);
         } else {
             const char16_t* chars = linear->twoByteChars(nogc);
             out.printf("JSString* (%p) = char16_t * (%p) = ", (void*) this,
                     (void*) chars);
             dumpChars(chars, length(), out);
         }
     } else {
         out.put("(oom in JSString::dump)");
     }
-    out.putChar('\n');
 }
 
 
 void
 JSString::dumpRepresentation(js::GenericPrinter& out, int indent) const
 {
     if      (isRope())          asRope()        .dumpRepresentation(out, indent);
     else if (isDependent())     asDependent()   .dumpRepresentation(out, indent);
--- a/js/src/vm/String.h
+++ b/js/src/vm/String.h
@@ -524,16 +524,17 @@ class JSString : public js::gc::TenuredC
         return offsetof(JSString, d.s.u2.nonInlineCharsTwoByte);
     }
 
     static const JS::TraceKind TraceKind = JS::TraceKind::String;
 
 #ifdef DEBUG
     void dump(); // Debugger-friendly stderr dump.
     void dump(js::GenericPrinter& out);
+    void dumpNoNewline(js::GenericPrinter& out);
     void dumpCharsNoNewline(js::GenericPrinter& out);
     void dumpRepresentation(js::GenericPrinter& out, int indent) const;
     void dumpRepresentationHeader(js::GenericPrinter& out, int indent, const char* subclass) const;
 
     template <typename CharT>
     static void dumpChars(const CharT* s, size_t len, js::GenericPrinter& out);
 
     bool equals(const char* s);
--- a/js/src/vm/Time.cpp
+++ b/js/src/vm/Time.cpp
@@ -256,22 +256,22 @@ PRMJ_InvalidParameterHandler(const wchar
                              uintptr_t      pReserved)
 {
     /* empty */
 }
 #endif
 
 /* Format a time value into a buffer. Same semantics as strftime() */
 size_t
-PRMJ_FormatTime(char* buf, int buflen, const char* fmt, PRMJTime* prtm)
+PRMJ_FormatTime(char* buf, int buflen, const char* fmt, const PRMJTime* prtm,
+                int equivalentYear, int offsetInSeconds)
 {
     size_t result = 0;
 #if defined(XP_UNIX) || defined(XP_WIN)
     struct tm a;
-    int fake_tm_year = 0;
 #ifdef XP_WIN
     _invalid_parameter_handler oldHandler;
 #ifndef __MINGW32__
     int oldReportMode;
 #endif // __MINGW32__
 #endif //XP_WIN
 
     memset(&a, 0, sizeof(struct tm));
@@ -284,16 +284,17 @@ PRMJ_FormatTime(char* buf, int buflen, c
     a.tm_wday = prtm->tm_wday;
 
     /*
      * On systems where |struct tm| has members tm_gmtoff and tm_zone, we
      * must fill in those values, or else strftime will return wrong results
      * (e.g., bug 511726, bug 554338).
      */
 #if defined(HAVE_LOCALTIME_R) && defined(HAVE_TM_ZONE_TM_GMTOFF)
+    char emptyTimeZoneId[] = "";
     {
         /*
          * Fill out |td| to the time represented by |prtm|, leaving the
          * timezone fields zeroed out. localtime_r will then fill in the
          * timezone fields for that local time according to the system's
          * timezone parameters.
          */
         struct tm td;
@@ -302,33 +303,49 @@ PRMJ_FormatTime(char* buf, int buflen, c
         td.tm_min = prtm->tm_min;
         td.tm_hour = prtm->tm_hour;
         td.tm_mday = prtm->tm_mday;
         td.tm_mon = prtm->tm_mon;
         td.tm_wday = prtm->tm_wday;
         td.tm_year = prtm->tm_year - 1900;
         td.tm_yday = prtm->tm_yday;
         td.tm_isdst = prtm->tm_isdst;
+
         time_t t = mktime(&td);
-        localtime_r(&t, &td);
+
+        // If |prtm| cannot be represented in |time_t| the year is probably
+        // out of range, try again with the DST equivalent year.
+        if (t == static_cast<time_t>(-1)) {
+            td.tm_year = equivalentYear - 1900;
+            t = mktime(&td);
+        }
 
-        a.tm_gmtoff = td.tm_gmtoff;
-        a.tm_zone = td.tm_zone;
+        // If either mktime or localtime_r failed, fill in the fallback time
+        // zone offset |offsetInSeconds| and set the time zone identifier to
+        // the empty string.
+        if (t != static_cast<time_t>(-1) && localtime_r(&t, &td)) {
+            a.tm_gmtoff = td.tm_gmtoff;
+            a.tm_zone = td.tm_zone;
+        } else {
+            a.tm_gmtoff = offsetInSeconds;
+            a.tm_zone = emptyTimeZoneId;
+        }
     }
 #endif
 
     /*
      * Years before 1900 and after 9999 cause strftime() to abort on Windows.
      * To avoid that we replace it with FAKE_YEAR_BASE + year % 100 and then
      * replace matching substrings in the strftime() result with the real year.
      * Note that FAKE_YEAR_BASE should be a multiple of 100 to make 2-digit
      * year formats (%y) work correctly (since we won't find the fake year
      * in that case).
      */
-#define FAKE_YEAR_BASE 9900
+    constexpr int FAKE_YEAR_BASE = 9900;
+    int fake_tm_year = 0;
     if (prtm->tm_year < 1900 || prtm->tm_year > 9999) {
         fake_tm_year = FAKE_YEAR_BASE + prtm->tm_year % 100;
         a.tm_year = fake_tm_year - 1900;
     }
     else {
         a.tm_year = prtm->tm_year - 1900;
     }
     a.tm_yday = prtm->tm_yday;
--- a/js/src/vm/Time.h
+++ b/js/src/vm/Time.h
@@ -49,17 +49,18 @@ extern void
 PRMJ_NowShutdown();
 #else
 inline void
 PRMJ_NowShutdown() {}
 #endif
 
 /* Format a time value into a buffer. Same semantics as strftime() */
 extern size_t
-PRMJ_FormatTime(char* buf, int buflen, const char* fmt, PRMJTime* tm);
+PRMJ_FormatTime(char* buf, int buflen, const char* fmt, const PRMJTime* tm,
+                int equivalentYear, int offsetInSeconds);
 
 
 /**
  * Requesting the number of cycles from the CPU.
  *
  * `rdtsc`, or Read TimeStamp Cycle, is an instruction provided by
  * x86-compatible CPUs that lets processes request the number of
  * cycles spent by the CPU executing instructions since the CPU was
--- a/js/xpconnect/src/XPCComponents.cpp
+++ b/js/xpconnect/src/XPCComponents.cpp
@@ -3052,22 +3052,17 @@ nsXPCComponents_Utils::GetWatchdogTimest
 
 NS_IMETHODIMP
 nsXPCComponents_Utils::GetJSEngineTelemetryValue(JSContext* cx, MutableHandleValue rval)
 {
     RootedObject obj(cx, JS_NewPlainObject(cx));
     if (!obj)
         return NS_ERROR_OUT_OF_MEMORY;
 
-    unsigned attrs = JSPROP_ENUMERATE | JSPROP_READONLY | JSPROP_PERMANENT;
-
-    size_t i = JS_SetProtoCalled(cx);
-    RootedValue v(cx, DoubleValue(i));
-    if (!JS_DefineProperty(cx, obj, "setProto", v, attrs))
-        return NS_ERROR_OUT_OF_MEMORY;
+    // No JS engine telemetry in use at the moment.
 
     rval.setObject(*obj);
     return NS_OK;
 }
 
 bool
 xpc::CloneInto(JSContext* aCx, HandleValue aValue, HandleValue aScope,
                HandleValue aOptions, MutableHandleValue aCloned)
--- a/js/xpconnect/tests/chrome/test_xrayToJS.xul
+++ b/js/xpconnect/tests/chrome/test_xrayToJS.xul
@@ -230,17 +230,17 @@ https://bugzilla.mozilla.org/show_bug.cg
       gConstructorProperties[c] = constructorProps([]);
   }
   // toString and toSource only live on the parent proto (Error.prototype).
   gPrototypeProperties['Error'].push('toString');
   gPrototypeProperties['Error'].push('toSource');
 
   gPrototypeProperties['Function'] =
     ["constructor", "toSource", "toString", "apply", "call", "bind",
-     "isGenerator", "length", "name", "arguments", "caller", Symbol.hasInstance];
+     "length", "name", "arguments", "caller", Symbol.hasInstance];
   gConstructorProperties['Function'] = constructorProps([])
 
   gPrototypeProperties['RegExp'] =
     ["constructor", "toSource", "toString", "compile", "exec", "test",
      Symbol.match, Symbol.replace, Symbol.search, Symbol.split,
      "flags", "global", "ignoreCase", "multiline", "source", "sticky", "unicode"];
   gConstructorProperties['RegExp'] =
     constructorProps(["input", "lastMatch", "lastParen",
--- a/js/xpconnect/wrappers/XrayWrapper.cpp
+++ b/js/xpconnect/wrappers/XrayWrapper.cpp
@@ -711,16 +711,18 @@ JSXrayTraits::resolveOwnProperty(JSConte
 
     return true;
 }
 
 bool
 JSXrayTraits::delete_(JSContext* cx, HandleObject wrapper, HandleId id, ObjectOpResult& result)
 {
     RootedObject holder(cx, ensureHolder(cx, wrapper));
+    if (!holder)
+        return false;
 
     // If we're using Object Xrays, we allow callers to attempt to delete any
     // property from the underlying object that they are able to resolve. Note
     // that this deleting may fail if the property is non-configurable.
     JSProtoKey key = getProtoKey(holder);
     bool isObjectOrArrayInstance = (key == JSProto_Object || key == JSProto_Array) &&
                                    !isPrototype(holder);
     if (isObjectOrArrayInstance) {
@@ -949,16 +951,19 @@ JSXrayTraits::enumerateNames(JSContext* 
 }
 
 bool
 JSXrayTraits::construct(JSContext* cx, HandleObject wrapper,
                         const JS::CallArgs& args, const js::Wrapper& baseInstance)
 {
     JSXrayTraits& self = JSXrayTraits::singleton;
     JS::RootedObject holder(cx, self.ensureHolder(cx, wrapper));
+    if (!holder)
+        return false;
+
     if (self.getProtoKey(holder) == JSProto_Function) {
         JSProtoKey standardConstructor = constructorFor(holder);
         if (standardConstructor == JSProto_Null)
             return baseInstance.construct(cx, wrapper, args);
 
         const js::Class* clasp = js::ProtoKeyToClass(standardConstructor);
         MOZ_ASSERT(clasp);
         if (!(clasp->flags & JSCLASS_HAS_XRAYED_CONSTRUCTOR))
--- a/layout/tools/reftest/reftestcommandline.py
+++ b/layout/tools/reftest/reftestcommandline.py
@@ -66,17 +66,17 @@ class ReftestArgumentsParser(argparse.Ar
                           dest="extraProfileFiles",
                           default=[],
                           help="copy specified files/dirs to testing profile")
 
         self.add_argument("--timeout",
                           action="store",
                           dest="timeout",
                           type=int,
-                          default=5 * 60,  # 5 minutes per bug 479518
+                          default=300,  # 5 minutes per bug 479518
                           help="reftest will timeout in specified number of seconds. "
                                "[default %(default)s].")
 
         self.add_argument("--leak-threshold",
                           action="store",
                           type=int,
                           dest="defaultLeakThreshold",
                           default=0,
--- a/layout/tools/reftest/runreftest.py
+++ b/layout/tools/reftest/runreftest.py
@@ -790,20 +790,28 @@ class RefTest(object):
 
                 # browser environment
                 browserEnv = self.buildBrowserEnv(options, profileDir)
 
                 self.log.info("Running with e10s: {}".format(options.e10s))
                 status, startAfter = self.runApp(profile,
                                                  binary=options.app,
                                                  cmdargs=cmdargs,
-                                                 # give the JS harness 30 seconds to deal with
-                                                 # its own timeouts
                                                  env=browserEnv,
-                                                 timeout=options.timeout + 30.0,
+                                                 # We generally want the JS harness or marionette
+                                                 # to handle timeouts if they can.
+                                                 # The default JS harness timeout is currently
+                                                 # 300 seconds (default options.timeout).
+                                                 # The default Marionette socket timeout is
+                                                 # currently 360 seconds.
+                                                 # Give the JS harness extra time to deal with
+                                                 # its own timeouts and try to usually exceed
+                                                 # the 360 second marionette socket timeout.
+                                                 # See bug 479518 and bug 1414063.
+                                                 timeout=options.timeout + 70.0,
                                                  symbolsPath=options.symbolsPath,
                                                  options=options,
                                                  debuggerInfo=debuggerInfo)
                 self.log.info("Process mode: {}".format('e10s' if options.e10s else 'non-e10s'))
                 mozleak.process_leak_log(self.leakLogFile,
                                          leak_thresholds=options.leakThresholds,
                                          stack_fixer=get_stack_fixer_function(options.utilityPath,
                                                                               options.symbolsPath))
--- a/modules/libpref/Preferences.cpp
+++ b/modules/libpref/Preferences.cpp
@@ -2533,30 +2533,17 @@ nsPrefBranch::GetComplexValue(const char
 
   if (aType.Equals(NS_GET_IID(nsISupportsString))) {
     nsCOMPtr<nsISupportsString> theString(
       do_CreateInstance(NS_SUPPORTS_STRING_CONTRACTID, &rv));
 
     if (NS_SUCCEEDED(rv)) {
       // Debugging to see why we end up with very long strings here with
       // some addons, see bug 836263.
-      nsAutoString wdata;
-      if (!AppendUTF8toUTF16(utf8String, wdata, mozilla::fallible)) {
-#ifdef MOZ_CRASHREPORTER
-        nsCOMPtr<nsICrashReporter> cr =
-          do_GetService("@mozilla.org/toolkit/crash-reporter;1");
-        if (cr) {
-          cr->AnnotateCrashReport(NS_LITERAL_CSTRING("bug836263-size"),
-                                  nsPrintfCString("%x", utf8String.Length()));
-          cr->RegisterAppMemory(uint64_t(utf8String.BeginReading()),
-                                std::min(0x1000U, utf8String.Length()));
-        }
-#endif
-        MOZ_CRASH("bug836263");
-      }
+      NS_ConvertUTF8toUTF16 wdata(utf8String);
       theString->SetData(wdata);
       theString.forget(reinterpret_cast<nsISupportsString**>(aRetVal));
     }
     return rv;
   }
 
   NS_WARNING("nsPrefBranch::GetComplexValue - Unsupported interface type");
   return NS_NOINTERFACE;
@@ -3850,17 +3837,16 @@ Preferences::Init()
     mozilla::services::GetObserverService();
   if (!observerService) {
     return Err("GetObserverService() failed (1)");
   }
 
   observerService->AddObserver(this, "profile-before-change-telemetry", true);
   rv = observerService->AddObserver(this, "profile-before-change", true);
 
-  observerService->AddObserver(this, "load-extension-defaults", true);
   observerService->AddObserver(this, "suspend_process_notification", true);
 
   if (NS_FAILED(rv)) {
     return Err("AddObserver(\"profile-before-change\") failed");
   }
 
   return Ok();
 }
@@ -3914,19 +3900,16 @@ Preferences::Observe(nsISupports* aSubje
   } else if (!nsCRT::strcmp(aTopic, "profile-before-change-telemetry")) {
     // It's possible that a profile-before-change observer after ours
     // set a pref. A blocking save here re-saves if necessary and also waits
     // for any pending saves to complete.
     SavePrefFileBlocking();
     MOZ_ASSERT(!mDirty, "Preferences should not be dirty");
     mProfileShutdown = true;
 
-  } else if (!strcmp(aTopic, "load-extension-defaults")) {
-    pref_LoadPrefsInDirList(NS_EXT_PREFS_DEFAULTS_DIR_LIST);
-
   } else if (!nsCRT::strcmp(aTopic, "reload-default-prefs")) {
     // Reload the default prefs from file.
     Unused << pref_InitInitialObjects();
 
   } else if (!nsCRT::strcmp(aTopic, "suspend_process_notification")) {
     // Our process is being suspended. The OS may wake our process later,
     // or it may kill the process. In case our process is going to be killed
     // from the suspended state, we save preferences before suspending.
@@ -4022,64 +4005,16 @@ Preferences::SavePrefFileAsynchronous()
 
 NS_IMETHODIMP
 Preferences::SavePrefFile(nsIFile* aFile)
 {
   // This is the method accessible from service API. Make it off main thread.
   return SavePrefFileInternal(aFile, SaveMethod::Asynchronous);
 }
 
-static nsresult
-ReadExtensionPrefs(nsIFile* aFile)
-{
-  nsresult rv;
-  nsCOMPtr<nsIZipReader> reader = do_CreateInstance(kZipReaderCID, &rv);
-  NS_ENSURE_SUCCESS(rv, rv);
-
-  rv = reader->Open(aFile);
-  NS_ENSURE_SUCCESS(rv, rv);
-
-  nsCOMPtr<nsIUTF8StringEnumerator> files;
-  rv = reader->FindEntries(
-    nsDependentCString("defaults/preferences/*.(J|j)(S|s)$"),
-    getter_AddRefs(files));
-  NS_ENSURE_SUCCESS(rv, rv);
-
-  char buffer[4096];
-
-  bool more;
-  while (NS_SUCCEEDED(rv = files->HasMore(&more)) && more) {
-    nsAutoCString entry;
-    rv = files->GetNext(entry);
-    NS_ENSURE_SUCCESS(rv, rv);
-
-    nsCOMPtr<nsIInputStream> stream;
-    rv = reader->GetInputStream(entry, getter_AddRefs(stream));
-    NS_ENSURE_SUCCESS(rv, rv);
-
-    uint64_t avail;
-    uint32_t read;
-
-    PrefParseState ps;
-    PREF_InitParseState(&ps, PREF_ReaderCallback, ReportToConsole, nullptr);
-    while (NS_SUCCEEDED(rv = stream->Available(&avail)) && avail) {
-      rv = stream->Read(buffer, 4096, &read);
-      if (NS_FAILED(rv)) {
-        NS_WARNING("Pref stream read failed");
-        break;
-      }
-
-      PREF_ParseBuf(&ps, buffer, read);
-    }
-    PREF_FinalizeParseState(&ps);
-  }
-
-  return rv;
-}
-
 void
 Preferences::SetPreference(const PrefSetting& aPref)
 {
   const char* prefName = aPref.name().get();
   const dom::MaybePrefValue& defaultValue = aPref.defaultValue();
   const dom::MaybePrefValue& userValue = aPref.userValue();
 
   if (defaultValue.type() == dom::MaybePrefValue::TPrefValue) {
@@ -4544,25 +4479,18 @@ pref_LoadPrefsInDirList(const char* aLis
       continue;
     }
 
     nsCOMPtr<nsIFile> path = do_QueryInterface(elem);
     if (!path) {
       continue;
     }
 
-    nsAutoCString leaf;
-    path->GetNativeLeafName(leaf);
-
     // Do we care if a file provided by this process fails to load?
-    if (Substring(leaf, leaf.Length() - 4).EqualsLiteral(".xpi")) {
-      ReadExtensionPrefs(path);
-    } else {
-      pref_LoadPrefsInDir(path, nullptr, 0);
-    }
+    pref_LoadPrefsInDir(path, nullptr, 0);
   }
 
   return NS_OK;
 }
 
 static nsresult
 pref_ReadPrefFromJar(nsZipArchive* aJarReader, const char* aName)
 {
@@ -4768,20 +4696,16 @@ pref_InitInitialObjects()
 
   nsCOMPtr<nsIObserverService> observerService =
     mozilla::services::GetObserverService();
   NS_ENSURE_SUCCESS(rv, Err("GetObserverService() failed (2)"));
 
   observerService->NotifyObservers(
     nullptr, NS_PREFSERVICE_APPDEFAULTS_TOPIC_ID, nullptr);
 
-  rv = pref_LoadPrefsInDirList(NS_EXT_PREFS_DEFAULTS_DIR_LIST);
-  NS_ENSURE_SUCCESS(
-    rv, Err("pref_LoadPrefsInDirList(NS_EXT_PREFS_DEFAULTS_DIR_LIST) failed"));
-
   return Ok();
 }
 
 //----------------------------------------------------------------------------
 // Static utilities
 //----------------------------------------------------------------------------
 
 /* static */ nsresult
@@ -5380,18 +5304,16 @@ static mozilla::Module::CIDEntry kPrefCI
   { &kRelativeFilePrefCID, false, nullptr, nsRelativeFilePrefConstructor },
   { nullptr }
 };
 
 static mozilla::Module::ContractIDEntry kPrefContracts[] = {
   { NS_PREFSERVICE_CONTRACTID, &kPrefServiceCID },
   { NS_PREFLOCALIZEDSTRING_CONTRACTID, &kPrefLocalizedStringCID },
   { NS_RELATIVEFILEPREF_CONTRACTID, &kRelativeFilePrefCID },
-  // compatibility for extension that uses old service
-  { "@mozilla.org/preferences;1", &kPrefServiceCID },
   { nullptr }
 };
 
 static void
 UnloadPrefsModule()
 {
   Preferences::Shutdown();
 }
--- a/modules/libpref/nsIPrefService.idl
+++ b/modules/libpref/nsIPrefService.idl
@@ -142,14 +142,13 @@ interface nsIPrefService : nsISupports
 /**
  * Notification sent when resetPrefs has been called, but before the actual
  * reset process occurs.
  */
 #define NS_PREFSERVICE_RESET_TOPIC_ID "prefservice:before-reset"
 
 /**
  * Notification sent when after reading app-provided default
- * preferences, but before user profile override defaults or extension
- * defaults are loaded.
+ * preferences, but before user profile override defaults are loaded.
  */
 #define NS_PREFSERVICE_APPDEFAULTS_TOPIC_ID "prefservice:after-app-defaults"
 
 %}
deleted file mode 100644
--- a/modules/libpref/test/unit/test_extprefs.js
+++ /dev/null
@@ -1,70 +0,0 @@
-/* Any copyright is dedicated to the Public Domain.
- * http://creativecommons.org/licenses/publicdomain/  */
-
-Components.utils.import("resource://gre/modules/XPCOMUtils.jsm");
-Components.utils.import("resource://gre/modules/Services.jsm");
-
-// The profile directory is already set up in the head_ files.
-
-function arrayenumerator(a)
-{
-  return {
-    i_: 0,
-    QueryInterface: XPCOMUtils.generateQI([Ci.nsISimpleEnumerator]),
-    hasMoreElements: function ae_hasMoreElements() {
-      return this.i_ < a.length;
-    },
-    getNext: function ae_getNext() {
-      return a[this.i_++];
-    }
-  };
-}
-
-function run_test() {
-  var ps = Cc["@mozilla.org/preferences-service;1"].
-    getService(Ci.nsIPrefService).QueryInterface(Ci.nsIPrefBranch);
-
-  var extprefs = [do_get_file("extdata")];
-  
-  var extProvider = {
-    QueryInterface: XPCOMUtils.generateQI([Ci.nsIDirectoryServiceProvider,
-                                           Ci.nsIDirectoryServiceProvider2]),
-    getFile: function ep_getFile() {
-      throw Cr.NS_ERROR_FAILURE;
-    },
-    
-    getFiles: function ep_getFiles(key) {
-      if (key != "ExtPrefDL")
-        throw Cr.NS_ERROR_FAILURE;
-
-      return arrayenumerator(extprefs);
-    }
-  };
-  
-  let prefFile = do_get_file("data/testPref.js");
-
-  do_check_throws(function() {
-    ps.getBoolPref("testExtPref.bool");
-  }, Cr.NS_ERROR_UNEXPECTED);
-  do_check_throws(function() {
-    ps.getBoolPref("testPref.bool1");
-  }, Cr.NS_ERROR_UNEXPECTED);
-  
-  ps.readUserPrefsFromFile(prefFile);
-
-  do_check_true(ps.getBoolPref("testPref.bool1"));
-  ps.setBoolPref("testPref.bool1", false);
-  do_check_false(ps.getBoolPref("testPref.bool1"));
-  
-  dirSvc.registerProvider(extProvider);
-  Services.obs.notifyObservers(null, "load-extension-defaults");
-
-  // The extension default should be available.
-  do_check_true(ps.getBoolPref("testExtPref.bool"));
-
-  // The extension default should not override existing user prefs
-  do_check_false(ps.getBoolPref("testPref.bool2"));
-
-  // The extension default should not modify existing set values
-  do_check_false(ps.getBoolPref("testPref.bool1"));
-}
--- a/modules/libpref/test/unit/xpcshell.ini
+++ b/modules/libpref/test/unit/xpcshell.ini
@@ -9,11 +9,10 @@ support-files =
 [test_bug506224.js]
 [test_bug577950.js]
 [test_bug790374.js]
 [test_stickyprefs.js]
 support-files = data/testPrefSticky.js data/testPrefStickyUser.js
 [test_changeType.js]
 [test_defaultValues.js]
 [test_dirtyPrefs.js]
-[test_extprefs.js]
 [test_libPrefs.js]
 [test_bug1354613.js]
--- a/netwerk/base/LoadInfo.cpp
+++ b/netwerk/base/LoadInfo.cpp
@@ -2,16 +2,17 @@
 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "mozilla/LoadInfo.h"
 
 #include "mozilla/Assertions.h"
+#include "mozilla/dom/TabChild.h"
 #include "mozilla/dom/ToJSValue.h"
 #include "mozIThirdPartyUtil.h"
 #include "nsFrameLoader.h"
 #include "nsIContentSecurityPolicy.h"
 #include "nsIDocShell.h"
 #include "nsIDocument.h"
 #include "nsIDOMDocument.h"
 #include "nsIFrameLoader.h"
@@ -63,16 +64,17 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadin
   , mParentOuterWindowID(0)
   , mTopOuterWindowID(0)
   , mFrameOuterWindowID(0)
   , mEnforceSecurity(false)
   , mInitialSecurityCheckDone(false)
   , mIsThirdPartyContext(false)
   , mForcePreflight(false)
   , mIsPreflight(false)
+  , mLoadTriggeredFromExternal(false)
   , mForceHSTSPriming(false)
   , mMixedContentWouldBlock(false)
   , mIsHSTSPriming(false)
   , mIsHSTSPrimingUpgrade(false)
 {
   MOZ_ASSERT(mLoadingPrincipal);
   MOZ_ASSERT(mTriggeringPrincipal);
 
@@ -245,16 +247,17 @@ LoadInfo::LoadInfo(nsPIDOMWindowOuter* a
   , mParentOuterWindowID(0)
   , mTopOuterWindowID(0)
   , mFrameOuterWindowID(0)
   , mEnforceSecurity(false)
   , mInitialSecurityCheckDone(false)
   , mIsThirdPartyContext(false) // NB: TYPE_DOCUMENT implies not third-party.
   , mForcePreflight(false)
   , mIsPreflight(false)
+  , mLoadTriggeredFromExternal(false)
   , mForceHSTSPriming(false)
   , mMixedContentWouldBlock(false)
   , mIsHSTSPriming(false)
   , mIsHSTSPrimingUpgrade(false)
 {
   // Top-level loads are never third-party
   // Grab the information we can out of the window.
   MOZ_ASSERT(aOuterWindow);
@@ -319,16 +322,17 @@ LoadInfo::LoadInfo(const LoadInfo& rhs)
   , mRedirectChainIncludingInternalRedirects(
       rhs.mRedirectChainIncludingInternalRedirects)
   , mRedirectChain(rhs.mRedirectChain)
   , mAncestorPrincipals(rhs.mAncestorPrincipals)
   , mAncestorOuterWindowIDs(rhs.mAncestorOuterWindowIDs)
   , mCorsUnsafeHeaders(rhs.mCorsUnsafeHeaders)
   , mForcePreflight(rhs.mForcePreflight)
   , mIsPreflight(rhs.mIsPreflight)
+  , mLoadTriggeredFromExternal(rhs.mLoadTriggeredFromExternal)
   , mForceHSTSPriming(rhs.mForceHSTSPriming)
   , mMixedContentWouldBlock(rhs.mMixedContentWouldBlock)
   , mIsHSTSPriming(rhs.mIsHSTSPriming)
   , mIsHSTSPrimingUpgrade(rhs.mIsHSTSPrimingUpgrade)
 {
 }
 
 LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
@@ -354,16 +358,17 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadin
                    const OriginAttributes& aOriginAttributes,
                    RedirectHistoryArray& aRedirectChainIncludingInternalRedirects,
                    RedirectHistoryArray& aRedirectChain,
                    nsTArray<nsCOMPtr<nsIPrincipal>>&& aAncestorPrincipals,
                    const nsTArray<uint64_t>& aAncestorOuterWindowIDs,
                    const nsTArray<nsCString>& aCorsUnsafeHeaders,
                    bool aForcePreflight,
                    bool aIsPreflight,
+                   bool aLoadTriggeredFromExternal,
                    bool aForceHSTSPriming,
                    bool aMixedContentWouldBlock,
                    bool aIsHSTSPriming,
                    bool aIsHSTSPrimingUpgrade)
   : mLoadingPrincipal(aLoadingPrincipal)
   , mTriggeringPrincipal(aTriggeringPrincipal)
   , mPrincipalToInherit(aPrincipalToInherit)
   , mResultPrincipalURI(aResultPrincipalURI)
@@ -383,16 +388,17 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadin
   , mInitialSecurityCheckDone(aInitialSecurityCheckDone)
   , mIsThirdPartyContext(aIsThirdPartyContext)
   , mOriginAttributes(aOriginAttributes)
   , mAncestorPrincipals(Move(aAncestorPrincipals))
   , mAncestorOuterWindowIDs(aAncestorOuterWindowIDs)
   , mCorsUnsafeHeaders(aCorsUnsafeHeaders)
   , mForcePreflight(aForcePreflight)
   , mIsPreflight(aIsPreflight)
+  , mLoadTriggeredFromExternal(aLoadTriggeredFromExternal)
   , mForceHSTSPriming (aForceHSTSPriming)
   , mMixedContentWouldBlock(aMixedContentWouldBlock)
   , mIsHSTSPriming(aIsHSTSPriming)
   , mIsHSTSPrimingUpgrade(aIsHSTSPrimingUpgrade)
 {
   // Only top level TYPE_DOCUMENT loads can have a null loadingPrincipal
   MOZ_ASSERT(mLoadingPrincipal || aContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT);
   MOZ_ASSERT(mTriggeringPrincipal);
@@ -497,16 +503,36 @@ LoadInfo::SetPrincipalToInherit(nsIPrinc
 }
 
 nsIPrincipal*
 LoadInfo::PrincipalToInherit()
 {
   return mPrincipalToInherit;
 }
 
+nsIPrincipal*
+LoadInfo::FindPrincipalToInherit(nsIChannel* aChannel)
+{
+  if (mPrincipalToInherit) {
+    return mPrincipalToInherit;
+  }
+
+  nsCOMPtr<nsIURI> uri = mResultPrincipalURI;
+  if (!uri) {
+    Unused << aChannel->GetOriginalURI(getter_AddRefs(uri));
+  }
+
+  bool dataInherits = mSecurityFlags & (SEC_REQUIRE_SAME_ORIGIN_DATA_INHERITS |
+                                        SEC_ALLOW_CROSS_ORIGIN_DATA_INHERITS |
+                                        SEC_REQUIRE_CORS_DATA_INHERITS);
+
+  auto prin = BasePrincipal::Cast(mTriggeringPrincipal);
+  return prin->PrincipalToInherit(uri, dataInherits);
+}
+
 NS_IMETHODIMP
 LoadInfo::GetSandboxedLoadingPrincipal(nsIPrincipal** aPrincipal)
 {
   if (!(mSecurityFlags & nsILoadInfo::SEC_SANDBOXED)) {
     *aPrincipal = nullptr;
     return NS_OK;
   }
 
@@ -978,16 +1004,33 @@ LoadInfo::SetUpgradeInsecureRequests()
 NS_IMETHODIMP
 LoadInfo::GetIsPreflight(bool* aIsPreflight)
 {
   *aIsPreflight = mIsPreflight;
   return NS_OK;
 }
 
 NS_IMETHODIMP
+LoadInfo::SetLoadTriggeredFromExternal(bool aLoadTriggeredFromExternal)
+{
+  MOZ_ASSERT(!aLoadTriggeredFromExternal ||
+             mInternalContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT,
+             "can only set load triggered from external for TYPE_DOCUMENT");
+  mLoadTriggeredFromExternal = aLoadTriggeredFromExternal;
+  return NS_OK;
+}
+
+NS_IMETHODIMP
+LoadInfo::GetLoadTriggeredFromExternal(bool* aLoadTriggeredFromExternal)
+{
+  *aLoadTriggeredFromExternal = mLoadTriggeredFromExternal;
+  return NS_OK;
+}
+
+NS_IMETHODIMP
 LoadInfo::GetForceHSTSPriming(bool* aForceHSTSPriming)
 {
   *aForceHSTSPriming = mForceHSTSPriming;
   return NS_OK;
 }
 
 NS_IMETHODIMP
 LoadInfo::GetMixedContentWouldBlock(bool *aMixedContentWouldBlock)
--- a/netwerk/base/LoadInfo.h
+++ b/netwerk/base/LoadInfo.h
@@ -115,16 +115,17 @@ private:
            const OriginAttributes& aOriginAttributes,
            RedirectHistoryArray& aRedirectChainIncludingInternalRedirects,
            RedirectHistoryArray& aRedirectChain,
            nsTArray<nsCOMPtr<nsIPrincipal>>&& aAncestorPrincipals,
            const nsTArray<uint64_t>& aAncestorOuterWindowIDs,
            const nsTArray<nsCString>& aUnsafeHeaders,
            bool aForcePreflight,
            bool aIsPreflight,
+           bool aLoadTriggeredFromExternal,
            bool aForceHSTSPriming,
            bool aMixedContentWouldBlock,
            bool aIsHSTSPriming,
            bool aIsHSTSPrimingUpgrade);
   LoadInfo(const LoadInfo& rhs);
 
   NS_IMETHOD GetRedirects(JSContext* aCx, JS::MutableHandle<JS::Value> aRedirects,
                           const RedirectHistoryArray& aArra);
@@ -170,16 +171,17 @@ private:
   OriginAttributes                 mOriginAttributes;
   RedirectHistoryArray             mRedirectChainIncludingInternalRedirects;
   RedirectHistoryArray             mRedirectChain;
   nsTArray<nsCOMPtr<nsIPrincipal>> mAncestorPrincipals;
   nsTArray<uint64_t>               mAncestorOuterWindowIDs;
   nsTArray<nsCString>              mCorsUnsafeHeaders;
   bool                             mForcePreflight;
   bool                             mIsPreflight;
+  bool                             mLoadTriggeredFromExternal;
 
   bool                             mForceHSTSPriming : 1;
   bool                             mMixedContentWouldBlock : 1;
   bool                             mIsHSTSPriming: 1;
   bool                             mIsHSTSPrimingUpgrade: 1;
 };
 
 } // namespace net
--- a/netwerk/base/nsILoadInfo.idl
+++ b/netwerk/base/nsILoadInfo.idl
@@ -2,16 +2,17 @@
  * vim: ft=cpp tw=78 sw=2 et ts=2 sts=2 cin
  * This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "nsISupports.idl"
 #include "nsIContentPolicy.idl"
 
+interface nsIChannel;
 interface nsIDOMDocument;
 interface nsINode;
 interface nsIPrincipal;
 interface nsIRedirectHistoryEntry;
 interface nsIURI;
 %{C++
 #include "nsTArray.h"
 #include "mozilla/BasePrincipal.h"
@@ -295,16 +296,23 @@ interface nsILoadInfo : nsISupports
 
   /**
    * A C++-friendly version of principalToInherit.
    */
   [noscript, notxpcom, nostdcall, binaryname(PrincipalToInherit)]
   nsIPrincipal binaryPrincipalToInherit();
 
   /**
+   * Finds the correct principal to inherit for the given channel, based on
+   * the values of PrincipalToInherit and TriggeringPrincipal.
+   */
+  [noscript, notxpcom, nostdcall]
+  nsIPrincipal FindPrincipalToInherit(in nsIChannel aChannel);
+
+  /**
    * This is the ownerDocument of the LoadingNode. Unless the LoadingNode
    * is a Document, in which case the LoadingDocument is the same as the
    * LoadingNode.
    *
    * For top-level loads, and for loads originating from workers, the
    * LoadingDocument is null. When the LoadingDocument is not null, the
    * LoadingPrincipal is set to the principal of the LoadingDocument.
    */
@@ -594,16 +602,23 @@ interface nsILoadInfo : nsISupports
    * Please note, once the flag is set to true it must remain true
    * throughout the lifetime of the channel. Trying to set it
    * to anything else than true will be discarded.
    *
    */
   [infallible] attribute boolean initialSecurityCheckDone;
 
   /**
+   * Returns true if the load was triggered from an external application
+   * (e.g. Thunderbird). Please note that this flag will only ever be true
+   * if the load is of TYPE_DOCUMENT. 
+   */
+  [infallible] attribute boolean loadTriggeredFromExternal;
+
+  /**
    * Whenever a channel gets redirected, append the redirect history entry of
    * the channel which contains principal referrer and remote address [before
    * the channels got redirected] to the loadinfo, so that at every point this
    * array provides us information about all the redirects this channel went
    * through.
    * @param entry, the nsIRedirectHistoryEntry before the channel
    *         got redirected.
    * @param aIsInternalRedirect should be true if the channel is going
--- a/netwerk/cache2/CacheFileMetadata.cpp
+++ b/netwerk/cache2/CacheFileMetadata.cpp
@@ -258,18 +258,20 @@ CacheFileMetadata::WriteMetadata(uint32_
 
   mWriteBuf = static_cast<char *>(malloc(CalcMetadataSize(mElementsSize,
                                                           mHashCount)));
   if (!mWriteBuf) {
     return NS_ERROR_OUT_OF_MEMORY;
   }
 
   char *p = mWriteBuf + sizeof(uint32_t);
-  memcpy(p, mHashArray, mHashCount * sizeof(CacheHash::Hash16_t));
-  p += mHashCount * sizeof(CacheHash::Hash16_t);
+  if (mHashCount) {
+    memcpy(p, mHashArray, mHashCount * sizeof(CacheHash::Hash16_t));
+    p += mHashCount * sizeof(CacheHash::Hash16_t);
+  }
   mMetaHdr.WriteToBuf(p);
   p += sizeof(CacheFileMetadataHeader);
   memcpy(p, mKey.get(), mKey.Length());
   p += mKey.Length();
   *p = 0;
   p++;
   memcpy(p, mBuf, mElementsSize);
   p += mElementsSize;
--- a/netwerk/ipc/NeckoChannelParams.ipdlh
+++ b/netwerk/ipc/NeckoChannelParams.ipdlh
@@ -65,16 +65,17 @@ struct LoadInfoArgs
    * See nsILoadInfo.idl for details.
    */
   PrincipalInfo[]             ancestorPrincipals;
   uint64_t[]                  ancestorOuterWindowIDs;
 
   nsCString[]                 corsUnsafeHeaders;
   bool                        forcePreflight;
   bool                        isPreflight;
+  bool                        loadTriggeredFromExternal;
   bool                        forceHSTSPriming;
   bool                        mixedContentWouldBlock;
   bool                        isHSTSPriming;
   bool                        isHSTSPrimingUpgrade;
 };
 
 /**
  * Not every channel necessarily has a loadInfo attached.
--- a/python/mozbuild/mozbuild/test/configure/test_toolchain_configure.py
+++ b/python/mozbuild/mozbuild/test/configure/test_toolchain_configure.py
@@ -247,17 +247,17 @@ VS_PLATFORM_X86_64 = {
 # Note: In reality, the -std=gnu* options are only supported when preceded by
 # -Xclang.
 CLANG_CL_3_9 = (CLANG_BASE('3.9.0') + VS('18.00.00000') + DEFAULT_C11 +
                 SUPPORTS_GNU99 + SUPPORTS_GNUXX11 + SUPPORTS_CXX14) + {
     '*.cpp': {
         '__STDC_VERSION__': False,
         '__cplusplus': '201103L',
     },
-    '-fms-compatibility-version=19.00.24213': VS('19.00.24213')[None],
+    '-fms-compatibility-version=19.11.25547': VS('19.11.25547')[None],
 }
 
 CLANG_CL_PLATFORM_X86 = FakeCompiler(VS_PLATFORM_X86, GCC_PLATFORM_X86[None])
 CLANG_CL_PLATFORM_X86_64 = FakeCompiler(VS_PLATFORM_X86_64, GCC_PLATFORM_X86_64[None])
 
 LIBRARY_NAME_INFOS = {
     'linux-gnu': {
         'DLL_PREFIX': 'lib',
@@ -890,26 +890,26 @@ class WindowsToolchainTest(BaseToolchain
         flags=[],
         version='19.00.24213',
         type='msvc',
         compiler='/usr/bin/cl',
         language='C++',
     )
     CLANG_CL_3_9_RESULT = CompilerResult(
         flags=['-Xclang', '-std=gnu99',
-               '-fms-compatibility-version=19.00.24213'],
-        version='19.00.24213',
+               '-fms-compatibility-version=19.11.25547'],
+        version='19.11.25547',
         type='clang-cl',
         compiler='/usr/bin/clang-cl',
         language='C',
     )
     CLANGXX_CL_3_9_RESULT = CompilerResult(
         flags=['-Xclang', '-std=c++14',
-               '-fms-compatibility-version=19.00.24213'],
-        version='19.00.24213',
+               '-fms-compatibility-version=19.11.25547'],
+        version='19.11.25547',
         type='clang-cl',
         compiler='/usr/bin/clang-cl',
         language='C++',
     )
     CLANG_3_3_RESULT = LinuxToolchainTest.CLANG_3_3_RESULT
     CLANGXX_3_3_RESULT = LinuxToolchainTest.CLANGXX_3_3_RESULT
     CLANG_3_6_RESULT = LinuxToolchainTest.CLANG_3_6_RESULT
     CLANGXX_3_6_RESULT = LinuxToolchainTest.CLANGXX_3_6_RESULT
--- a/security/manager/ssl/StaticHPKPins.h
+++ b/security/manager/ssl/StaticHPKPins.h
@@ -1153,9 +1153,9 @@ static const TransportSecurityPreload kP
   { "za.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
   { "zh.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
 };
 
 // Pinning Preload List Length = 480;
 
 static const int32_t kUnknownId = -1;
 
-static const PRTime kPreloadPKPinsExpirationTime = INT64_C(1518114522653000);
+static const PRTime kPreloadPKPinsExpirationTime = INT64_C(1518201012031000);
--- a/security/manager/ssl/nsSTSPreloadList.errors
+++ b/security/manager/ssl/nsSTSPreloadList.errors
@@ -1,233 +1,258 @@
 06se.com: could not connect to host
 0day.su: could not connect to host
 0x65.net: could not connect to host
+1000serien.com: could not connect to host
 47tech.com: could not connect to host
 4loc.us: could not connect to host
 4x4.lk: could not connect to host
+692b8c32.de: could not connect to host
 8560.be: could not connect to host
 87577.com: could not connect to host
 8887999.com: could not connect to host
 8ack.de: could not connect to host
 8t88.biz: could not connect to host
 91-freedom.com: could not connect to host
 9ss6.com: could not connect to host
 aaronmcguire.me: could not connect to host
 abolition.co: could not connect to host
 abrilect.com: could not connect to host
 accwing.com: could not connect to host
-ackis.duckdns.org: could not connect to host
 acrossgw.com: could not connect to host
 adamfontenot.com: could not connect to host
 adamgold.net: could not connect to host
+adamwallington.co.uk: could not connect to host
+addcrazy.com: could not connect to host
 adzie.xyz: could not connect to host
 aevpn.org: could not connect to host
 agowa338.de: could not connect to host
 akiba-server.info: could not connect to host
 akoww.de: could not connect to host
-akstudentsfirst.org: could not connect to host
 akul.co.in: could not connect to host
 al-f.net: could not connect to host
 alamgir.works: could not connect to host
 alauda-home.de: could not connect to host
 alexandernorth.ch: could not connect to host
+alexey-shamara.ru: could not connect to host
 alexmol.tk: could not connect to host
 alexperry.io: could not connect to host
+alexvdveen.nl: could not connect to host
 alilialili.ga: could not connect to host
 alistairstowing.com: could not connect to host
 aljammaz.holdings: could not connect to host
 alphie.me: could not connect to host
 altahrim.net: could not connect to host
 ameho.me: could not connect to host
-americansportsinstitute.org: could not connect to host
 amua.fr: could not connect to host
+anastasia-shamara.ru: could not connect to host
 andiplusben.com: could not connect to host
 andrei-coman.com: could not connect to host
 andrepicard.de: could not connect to host
 annetaan.fi: could not connect to host
 answers-online.ru: could not connect to host
 anyways.at: could not connect to host
 aoku3d.com: could not connect to host
-apcube.com: could not connect to host
 apkoyunlar.club: could not connect to host
 appdrinks.com: could not connect to host
+arawaza.biz: could not connect to host
+arawaza.info: could not connect to host
+area536.com: could not connect to host
 arent.kz: could not connect to host
 arksan.com.tr: could not connect to host
 arminpech.de: could not connect to host
 artisense.de: could not connect to host
 artyland.ru: could not connect to host
 askmagicconch.com: could not connect to host
 assdecoeur.org: could not connect to host
 at1.co: could not connect to host
 athi.pl: could not connect to host
 austinsutphin.com: could not connect to host
 australiancattle.dog: could not connect to host
 autostop-occasions.be: could not connect to host
 avi9526.pp.ua: could not connect to host
 awan.tech: could not connect to host
 awf0.xyz: could not connect to host
-baitulongbaycruises.com: could not connect to host
+b8a.me: could not connect to host
 bakaweb.fr: could not connect to host
 balonmano.co: could not connect to host
 bandarifamily.com: could not connect to host
+barbate.fr: could not connect to host
 bbdos.ru: could not connect to host
 beasel.biz: could not connect to host
 bellavistaoutdoor.com: could not connect to host
 belua.com: could not connect to host
 benjamin-horvath.com: could not connect to host
+benjamin-suess.de: could not connect to host
 benzou-space.com: could not connect to host
 berduri.com: could not connect to host
 berthelier.me: could not connect to host
 bey.io: could not connect to host
 binimo.com: could not connect to host
 bip.gov.sa: could not connect to host
+bitmessage.ch: could not connect to host
+bizeau.ch: could not connect to host
 blackl.net: could not connect to host
 blackscytheconsulting.com: could not connect to host
 blumen-garage.de: could not connect to host
 bm-i.ch: could not connect to host
 bobep.ru: could not connect to host
 bodrumfarm.com: could not connect to host
 bolwerk.com.br: could not connect to host
 borisbesemer.com: could not connect to host
 bouncourseplanner.net: could not connect to host
 brage.info: could not connect to host
-bress.cloud: could not connect to host
+bratteng.me: could not connect to host
 brettabel.com: could not connect to host
 brfvh24.se: could not connect to host
-broersma.com: could not connect to host
-buenotour.ru: could not connect to host
+brunner.ninja: could not connect to host
+bsuess.de: could not connect to host
+buka.jp: could not connect to host
 bullbits.com: could not connect to host
 burlesquemakeup.com: could not connect to host
 businessfurs.info: could not connect to host
 businessmodeler.se: could not connect to host
 buyshoe.org: could not connect to host
 bvexplained.co.uk: could not connect to host
 by1898.com: could not connect to host
 bypass.kr: could not connect to host
 c16t.uk: could not connect to host
 cafesg.net: could not connect to host
 calculatoaresecondhand.xyz: could not connect to host
 callabs.net: could not connect to host
 carlandfaith.com: could not connect to host
-cdeck.net: could not connect to host
+casinoreal.com: could not connect to host
 centos.pub: could not connect to host
+centrationgame.com: could not connect to host
 challengeskins.com: could not connect to host
 chaoticlaw.com: could not connect to host
+charmyadesara.com: could not connect to host
 charonsecurity.com: could not connect to host
 cheah.xyz: could not connect to host
 cheesefusion.com: could not connect to host
 childrendeservebetter.org: could not connect to host
 china-line.org: could not connect to host
 chloehorler.com: could not connect to host
 chosenplaintext.org: could not connect to host
+chsterz.de: could not connect to host
 chziyue.com: could not connect to host
+cjtkfan.club: could not connect to host
 clearchatsandbox.com: could not connect to host
 clearviewwealthprojector.com.au: could not connect to host
 cloudbleed.info: could not connect to host
 cloudimproved.com: could not connect to host
-cloudopt.net: could not connect to host
 cnlic.com: could not connect to host
 coco-cool.fr: could not connect to host
 code.fm: could not connect to host
 codercross.com: could not connect to host
 coffeetocode.me: could not connect to host
 colleencornez.com: could not connect to host
-colo-tech.com: could not connect to host
+coloppe.com: could not connect to host
 comprehensiveihc.com: could not connect to host
 conception.sk: could not connect to host
 conniesacademy.com: could not connect to host
 corinnanese.de: could not connect to host
 cosplayer.com: could not connect to host
 cpaneltips.com: could not connect to host
 crackpfer.de: could not connect to host
 criticalaim.com: could not connect to host
 crystalmachine.net: could not connect to host
 csgo77.com: could not connect to host
 cubela.tech: could not connect to host
 cyberpeace.nl: could not connect to host
 cypherpunk.ws: could not connect to host
 d-bood.site: could not connect to host
 dahlberg.cologne: could not connect to host
 daniel-stahl.net: could not connect to host
+darkdestiny.ch: could not connect to host
 darlastudio66.com: could not connect to host
 datorb.com: could not connect to host
+davidscherzer.at: could not connect to host
 davros.eu: could not connect to host
 davros.ru: could not connect to host
 dawnson.is: could not connect to host
 dawnsonb.com: could not connect to host
 dbcom.ru: could not connect to host
 dcc.moe: could not connect to host
 de-servers.de: could not connect to host
-deanjerkovich.com: could not connect to host
 decoyrouting.com: could not connect to host
 derchris.me: could not connect to host
 derivativeshub.pro: could not connect to host
 dev-talk.eu: could not connect to host
 devkid.net: could not connect to host
 devops.moe: could not connect to host
 dick.red: could not connect to host
 diguass.us: could not connect to host
 dijks.com: could not connect to host
 dirtycat.ru: could not connect to host
 disadattamentolavorativo.it: could not connect to host
 disco-crazy-world.de: could not connect to host
 djangogolf.com: could not connect to host
 dlyl888.com: could not connect to host
 dojifish.space: could not connect to host
+dolphin-hosting.com: could not connect to host
 domengrad.ru: could not connect to host
 dreaming.solutions: could not connect to host
 dreizwosechs.de: could not connect to host
+drighes.com: could not connect to host
 dronexpertos.com: could not connect to host
 droomhuis-in-zuid-holland-kopen.nl: could not connect to host
+dubrovskiy.net: could not connect to host
+dubrovskiy.pro: could not connect to host
 duch.cloud: could not connect to host
 duelsow.eu: could not connect to host
 duks.com.br: could not connect to host
 duo.money: could not connect to host
 duole30.com: could not connect to host
 e-wishlist.net: could not connect to host
 e3q.de: could not connect to host
 eagleridgecampground.com: could not connect to host
 eatfitoutlet.com.br: could not connect to host
-educaid.be: could not connect to host
 eeb98.com: could not connect to host
 eez.ee: could not connect to host
+eggert.org: could not connect to host
 ehuber.info: could not connect to host
 einaros.is: could not connect to host
 eled.io: could not connect to host
-elexel.ru: could not connect to host
+elisabeth-strunz.de: could not connect to host
+elonbase.com: could not connect to host
 elsword.moe: could not connect to host
 energy-drink-magazin.de: could not connect to host
 engg.ca: could not connect to host
 enriquepiraces.com: could not connect to host
 ericdiao.com: could not connect to host
-eriser.fr: could not connect to host
 estan.cn: could not connect to host
 eurostrategy.vn.ua: could not connect to host
 eveshaiwu.com: could not connect to host
 exceed.global: could not connect to host
+faber.org.ru: could not connect to host
 faithwatch.org: could not connect to host
 falkus.net: could not connect to host
 farm24.co.uk: could not connect to host
+feirlane.org: could not connect to host
 fernangp.com: could not connect to host
 filhomes.ph: could not connect to host
 findmybottleshop.com.au: could not connect to host
 firebaseio.com: could not connect to host
 firexarxa.de: could not connect to host
 first-time-offender.com: could not connect to host
 fixate.ru: could not connect to host
 fixmyglitch.com: could not connect to host
+flow.su: could not connect to host
+flucky.xyz: could not connect to host
+flygpost.com: could not connect to host
 foodserve.in: could not connect to host
 forglemmigej.net: could not connect to host
 foshanshequ.com: could not connect to host
 fossewayflowers.co.uk: could not connect to host
 fossewayflowers.com: could not connect to host
 foxmay.co.uk: could not connect to host
 fr0zenbits.io: could not connect to host
 fragnic.com: could not connect to host
+franckyz.com: could not connect to host
 franklinhua.com: could not connect to host
 fransallen.com: could not connect to host
 franzt.ovh: could not connect to host
 freaksites.dk: could not connect to host
 fredliang.cn: could not connect to host
 fredtec.ru: could not connect to host
 freelansir.com: could not connect to host
 freesounding.ru: could not connect to host
@@ -244,27 +269,30 @@ gaiserik.com: could not connect to host
 gala.kiev.ua: could not connect to host
 gam3rs.de: could not connect to host
 game-gentle.com: could not connect to host
 gasbarkenora.com: could not connect to host
 gasnews.net: could not connect to host
 gayforgenji.com: could not connect to host
 gaygeeks.de: could not connect to host
 gbcsummercamps.com: could not connect to host
+gbl.selfip.net: could not connect to host
 gdhzcgs.com: could not connect to host
 geeks.berlin: could not connect to host
 gehrke.nrw: could not connect to host
 generationnext.pl: could not connect to host
 geneve.guide: could not connect to host
-geti2p.com: could not connect to host
+getgeek.ee: could not connect to host
+getgeek.es: could not connect to host
+getgeek.fr: could not connect to host
+getgeek.pl: could not connect to host
 getwarden.net: could not connect to host
 gevaulug.fr: could not connect to host
 gfoss.gr: could not connect to host
 ggss.cf: could not connect to host
-ghaglund.se: could not connect to host
 glasner.photo: could not connect to host
 gnom.me: could not connect to host
 godrive.ga: could not connect to host
 google: could not connect to host
 gottfridsberg.org: could not connect to host
 goukon.ru: could not connect to host
 gozadentro.com: could not connect to host
 gradsm-ci.net: could not connect to host
@@ -274,70 +302,70 @@ greboid.co.uk: could not connect to host
 greboid.com: could not connect to host
 greenpartyofnewmilford.org: could not connect to host
 greenroach.ru: could not connect to host
 gritte.net: could not connect to host
 grizzlys.com: could not connect to host
 gvt2.com: could not connect to host
 gvt3.com: could not connect to host
 hackerchai.com: could not connect to host
-haktec.de: could not connect to host
 halcyonsbastion.com: could not connect to host
 harmfarm.nl: could not connect to host
 hasabig.wang: could not connect to host
 hasalittle.wang: could not connect to host
+hdy.nz: could not connect to host
 heijblok.com: could not connect to host
 hellomouse.tk: could not connect to host
 helpantiaging.com: could not connect to host
 helsingfors.guide: could not connect to host
 hentaimaster.net: could not connect to host
 heptner24.de: could not connect to host
 here.ml: could not connect to host
 hg881.com: could not connect to host
 hiraku.me: could not connect to host
 homophoni.com: could not connect to host
 hoodoo.io: could not connect to host
 hoodoo.tech: could not connect to host
 horvathd.eu: could not connect to host
+hudingyuan.cn: could not connect to host
 hukkatavara.com: could not connect to host
 hundter.com: could not connect to host
-hwcine.com: could not connect to host
 ibase.com: could not connect to host
 iec.pe: could not connect to host
 ifxnet.com: could not connect to host
 ikenmeyer.eu: could not connect to host
 ileat.com: could not connect to host
-illjinx.info: could not connect to host
 imguoguo.com: could not connect to host
 imperdintechnologies.com: could not connect to host
 inexpensivecomputers.net: could not connect to host
 informatik.zone: could not connect to host
 ingalls.run: could not connect to host
 injust.me: could not connect to host
+insblauehinein.nl: could not connect to host
 inscript.pl: could not connect to host
 insouciant.org: could not connect to host
 investorloanshub.com: could not connect to host
 iris-insa.com: could not connect to host
 issuesofconcern.in: could not connect to host
 itpro-mg.de: could not connect to host
 itproject.guru: could not connect to host
 ivanilla.org: could not connect to host
 ivanpolchenko.com: could not connect to host
 ixio.cz: could not connect to host
 jaaxypro.com: could not connect to host
 jakincode.army: could not connect to host
+japan4you.org: could not connect to host
 jaredfraser.com: could not connect to host
 javascriptlab.fr: could not connect to host
 jayharris.ca: could not connect to host
 jbelien.be: could not connect to host
+jean-remy.ch: could not connect to host
 jessevictors.com: could not connect to host
 jhburton.co.uk: could not connect to host
 jie.dance: could not connect to host
-jiyuu-ni.com: could not connect to host
-jiyuu-ni.net: could not connect to host
 jobmedic.com: could not connect to host
 joecod.es: could not connect to host
 johand.io: could not connect to host
 jonathansanchez.pro: could not connect to host
 jonpads.com: could not connect to host
 joostbovee.nl: could not connect to host
 juliawebber.co.za: could not connect to host
 just-pools.co.za: could not connect to host
@@ -348,26 +376,28 @@ kaika-facilitymanagement.de: could not c
 kamikaichimaru.com: could not connect to host
 kanaanonline.org: could not connect to host
 kapo.info: could not connect to host
 karanlyons.com: could not connect to host
 karuneshjohri.com: could not connect to host
 katzen.me: could not connect to host
 kawaiiku.com: could not connect to host
 kawaiiku.de: could not connect to host
+keinanung.nl: could not connect to host
 kenrogers.co: could not connect to host
 kenvix.com: could not connect to host
 keyihao.cn: could not connect to host
-kibriscicek.net: could not connect to host
 kieranweightman.me: could not connect to host
 kikuzuki.org: could not connect to host
 kinepolis-studio.ga: could not connect to host
 kitchenaccessories.pro: could not connect to host
+kjchernov.info: could not connect to host
 kjoglum.me: could not connect to host
 klanggut.at: could not connect to host
+kngk-azs.ru: could not connect to host
 knownsec.cf: could not connect to host
 koketteriet.se: could not connect to host
 kollawat.me: could not connect to host
 konicaprinterdriver.com: could not connect to host
 konventseliten.se: could not connect to host
 kopular.com: could not connect to host
 kousaku.jp: could not connect to host
 kozmik.co: could not connect to host
@@ -380,77 +410,85 @@ lacasa.fr: could not connect to host
 lachawoj.de: could not connect to host
 lathamlabs.com: could not connect to host
 lathamlabs.net: could not connect to host
 lathamlabs.org: could not connect to host
 lavapot.com: could not connect to host
 lazulu.com: could not connect to host
 lcti.biz: could not connect to host
 ldcraft.pw: could not connect to host
+legaltip.eu: could not connect to host
 legitaxi.com: could not connect to host
 leifdreizler.com: could not connect to host
 leiming.co: could not connect to host
 leninalbertop.com.ve: could not connect to host
 lenkunz.me: could not connect to host
 leonardcamacho.me: could not connect to host
 leveredge.net: could not connect to host
 lezdomsm.com: could not connect to host
 lheinrich.org: could not connect to host
 lifenexto.com: could not connect to host
 likenosis.com: could not connect to host
 lingerieonline.com.br: could not connect to host
 linksanitizer.com: could not connect to host
 linksextremist.at: could not connect to host
 linuxcommand.ru: could not connect to host
+linvx.org: could not connect to host
 lissabon.guide: could not connect to host
 littleservice.cn: could not connect to host
 litz.ca: could not connect to host
 litzenberger.ca: could not connect to host
 liukang.tech: could not connect to host
 livnev.me: could not connect to host
 lobosdomain.no-ip.info: could not connect to host
+localhorst.xyz: could not connect to host
+locker3.com: could not connect to host
 logcat.info: could not connect to host
 logic8.ml: could not connect to host
 loss.no: could not connect to host
 lovelytimes.net: could not connect to host
 luav.org: could not connect to host
 lubomirkazakov.com: could not connect to host
-lucasgaland.com: could not connect to host
-luenwarneke.com: could not connect to host
 luisyr.com: could not connect to host
+lukasunger.cz: could not connect to host
+lukasunger.net: could not connect to host
+m4g.ru: could not connect to host
 maartenterpstra.xyz: could not connect to host
 macedopesca.com.br: could not connect to host
 mader.jp: could not connect to host
 madrants.net: could not connect to host
 magnacumlaude.co: could not connect to host
+maik-mahlow.de: could not connect to host
 mail4geek.com: could not connect to host
 markoh.co.uk: could not connect to host
-markus-ullmann.de: could not connect to host
 martin-mattel.com: could not connect to host
 mastodon.my: could not connect to host
 mathijskingma.nl: could not connect to host
+mattwb65.com: could not connect to host
 mcdanieldevelopmentservices.com: could not connect to host
 mchopkins.net: could not connect to host
 mchristopher.com: could not connect to host
 meanevo.com: could not connect to host
 mecanicadom.com: could not connect to host
 mediadandy.com: could not connect to host
 melonstudios.net: could not connect to host
 mentax.net: could not connect to host
 metachris.com: could not connect to host
 metrobriefs.com: could not connect to host
 mhjuma.com: could not connect to host
 mikek.work: could not connect to host
 mingy.ddns.net: could not connect to host
 minitruckin.net: could not connect to host
 miyugirls.com: could not connect to host
+mkfs.fr: could not connect to host
 mmstick.tk: could not connect to host
 modded-minecraft-server-list.com: could not connect to host
 moe-max.jp: could not connect to host
 moobo.xyz: could not connect to host
+mooselook.de: could not connect to host
 morotech.com.br: could not connect to host
 mosaique-lachenaie.fr: could not connect to host
 moskva.guide: could not connect to host
 motomorgen.com: could not connect to host
 motorbiketourhanoi.com: could not connect to host
 mountainadventureseminars.com: could not connect to host
 mowalls.net: could not connect to host
 mpserver12.org: could not connect to host
@@ -466,25 +504,26 @@ nauck.org: could not connect to host
 ncdesigns-studio.com: could not connect to host
 nedcf.org.uk: could not connect to host
 neer.io: could not connect to host
 netica.fr: could not connect to host
 netulo.com: could not connect to host
 nevadafiber.net: could not connect to host
 nexuscorporation.in: could not connect to host
 nfluence.org: could not connect to host
-nhliberty.org: could not connect to host
 nico.st: could not connect to host
 nienfun.com: could not connect to host
 nikolasbradshaw.com: could not connect to host
 niouininon.eu: could not connect to host
+nirada.info: could not connect to host
 niva.synology.me: could not connect to host
 nkb.in.th: could not connect to host
 nlegall.fr: could not connect to host
 nodelab-it.de: could not connect to host
+northwoodsfish.com: could not connect to host
 notesforpebble.com: could not connect to host
 novascan.net: could not connect to host
 novelabs.eu: could not connect to host
 nowremindme.com: could not connect to host
 nstd.net: could not connect to host
 nup.pw: could not connect to host
 obdolbacca.ru: could not connect to host
 oberhof.co: could not connect to host
@@ -492,105 +531,114 @@ off-the-clock.us: could not connect to h
 office-ruru.com: could not connect to host
 oliverspringer.eu: could not connect to host
 onewebdev.info: could not connect to host
 onstud.com: could not connect to host
 onwie.fr: could not connect to host
 opengg.me: could not connect to host
 orangenbaum.at: could not connect to host
 oscsdp.cz: could not connect to host
-ostan-collections.net: could not connect to host
 outetc.com: could not connect to host
 ovnrain.com: could not connect to host
 oxygaming.com: could not connect to host
 oxymc.com: could not connect to host
-palava.tv: could not connect to host
-palavatv.com: could not connect to host
+p4chivtac.com: could not connect to host
+packetcrash.net: could not connect to host
 panj.ws: could not connect to host
 pardnoy.com: could not connect to host
+partridge.tech: could not connect to host
 passrhce.com: could not connect to host
 passrhcsa.com: could not connect to host
 patrickneuro.de: could not connect to host
 pear2pear.de: could not connect to host
 perkbrian.com: could not connect to host
 persjrp.ca: could not connect to host
 persoform.ch: could not connect to host
 pgpmail.cc: could not connect to host
-phi-works.com: could not connect to host
+phasme-2016.com: could not connect to host
 philippa.cool: could not connect to host
 picallo.es: could not connect to host
+picone.com.au: could not connect to host
 pinebaylibrary.org: could not connect to host
 pitfire.io: could not connect to host
-pixipics.com: could not connect to host
 plaasprodukte.com: could not connect to host
 planbox.info: could not connect to host
 playform.cloud: could not connect to host
 plussizereviews.com: could not connect to host
 pointagri.com: could not connect to host
 polit.im: could not connect to host
 poolinstallers.co.za: could not connect to host
 postn.eu: could not connect to host
 pouets.ovh: could not connect to host
 powerentertainment.tv: could not connect to host
+pressography.org: could not connect to host
 privcloud.org: could not connect to host
 projectasterk.com: could not connect to host
 proxydesk.eu: could not connect to host
 proxyweb.us: could not connect to host
 publimepa.it: could not connect to host
+pypa.io: could not connect to host
 pythia.nz: could not connect to host
 qoqo.us: could not connect to host
 qrforex.com: could not connect to host
+qscloud.de: could not connect to host
 qto.net: could not connect to host
 rainbin.com: could not connect to host
-rbqcloud.com: could not connect to host
 real-compare.com: could not connect to host
 realwoo.com: could not connect to host
 reignsphere.net: could not connect to host
 reinaertvandecruys.me: could not connect to host
 reismil.ch: could not connect to host
+relates.link: could not connect to host
 report-to.io: could not connect to host
 report-url.com: could not connect to host
 report-url.io: could not connect to host
 reporturi.com: could not connect to host
 reporturi.io: could not connect to host
 reporturl.com: could not connect to host
 reporturl.io: could not connect to host
 reqognize.com: could not connect to host
 ressl.ch: could not connect to host
 reth.ch: could not connect to host
 retube.ga: could not connect to host
 reykjavik.guide: could not connect to host
 ricknox.com: could not connect to host
 riverweb.gr: could not connect to host
 robomonkey.org: could not connect to host
 roeldevries.me: could not connect to host
+rofrank.space: could not connect to host
 roguesignal.net: could not connect to host
 rohanbassett.com: could not connect to host
 romainmuller.xyz: could not connect to host
 roolevoi.ru: could not connect to host
+rpgmaker.es: could not connect to host
 rs-devdemo.host: could not connect to host
 rsldb.com: could not connect to host
 rubyist.today: could not connect to host
 runcarina.com: could not connect to host
+runementors.com: could not connect to host
 ruobiyi.com: could not connect to host
 safe.moe: could not connect to host
 saferedirectlink.com: could not connect to host
 sallysubs.com: could not connect to host
 salzamt.tk: could not connect to host
 samaritan.tech: could not connect to host
 sanatrans.com: could not connect to host
 sarndipity.com: could not connect to host
-sber.us: could not connect to host
+sbiewald.de: could not connect to host
 scheidtweiler.de: could not connect to host
 scm-2017.org: could not connect to host
 sebastian-lutsch.de: could not connect to host
+secitem.de: could not connect to host
 sectest.ml: could not connect to host
+security.xn--q9jyb4c: could not connect to host
 securitymap.wiki: could not connect to host
 securitysoapbox.com: could not connect to host
 sehnenweh.org: could not connect to host
+selfmade4u.de: could not connect to host
 sellmoretires.com: could not connect to host
 septs.pw: could not connect to host
 serenaden.at: could not connect to host
 servfefe.com: could not connect to host
 sesha.co.za: could not connect to host
 shadowplus.net: could not connect to host
 shadowrocket.net: could not connect to host
 sharevari.com: could not connect to host
@@ -627,125 +675,140 @@ spha.info: could not connect to host
 spicywombat.com: could not connect to host
 spom.net: could not connect to host
 sportsmanadvisor.com: could not connect to host
 stadtgartenla.com: could not connect to host
 statgram.me: could not connect to host
 static-assets.io: could not connect to host
 stbennett.org: could not connect to host
 stefanovski.io: could not connect to host
+steffi-in-australien.com: could not connect to host
 stella-artis-ensemble.at: could not connect to host
 steven-bennett.com: could not connect to host
 stickswag.cf: could not connect to host
 stilettomoda.com.br: could not connect to host
 stpip.com: could not connect to host
+stressfreehousehold.com: could not connect to host
 stylle.me: could not connect to host
 sunjaydhama.com: could not connect to host
+sunn.ie: could not connect to host
 sussexwebdesigns.com: could not connect to host
 sviz.pro: could not connect to host
 takusan.ru: could not connect to host
 talktwincities.com: could not connect to host
 tatsidou.gr: could not connect to host
+tdelmas.eu: could not connect to host
+tdelmas.ovh: could not connect to host
 tdsb.cf: could not connect to host
 tdsbhack.tk: could not connect to host
 techask.it: could not connect to host
 techpit.us: could not connect to host
 telugu4u.net: could not connect to host
 tenispopular.com: could not connect to host
-tf2b.com: could not connect to host
+teracloud.at: could not connect to host
 th3nd.com: could not connect to host
-the-gist.io: could not connect to host
 theprivacysolution.com: could not connect to host
+theroks.com: could not connect to host
 thesehighsandlows.com: could not connect to host
 thinkcash.nl: could not connect to host
+thinkindifferent.net: could not connect to host
 thinktux.net: could not connect to host
 thynx.io: could not connect to host
 tiliaze.info: could not connect to host
 tiliaze.net: could not connect to host
 timysewyn.be: could not connect to host
+tokaido.com: could not connect to host
 topdetoxcleanse.com: could not connect to host
 totallynotaserver.com: could not connect to host
 totch.de: could not connect to host
 totot.net: could not connect to host
 toxicip.com: could not connect to host
 transcendmotor.sg: could not connect to host
 tucidi.net: could not connect to host
+tumelum.de: could not connect to host
 turn-sticks.com: could not connect to host
 twiri.net: could not connect to host
 twotube.ie: could not connect to host
 tyil.work: could not connect to host
 tykoon.com: could not connect to host
 u.nu: could not connect to host
+uberboxen.net: could not connect to host
+udo-luetkemeier.de: could not connect to host
 umsapi.com: could not connect to host
 unicorn.li: could not connect to host
 unsupervised.ca: could not connect to host
+urbackups.com: could not connect to host
 vadik.me: could not connect to host
 valshamar.is: could not connect to host
 vanderstraeten.dynv6.net: could not connect to host
 vapehour.com: could not connect to host
 vapeshopsupply.com: could not connect to host
 varela-electricite.fr: could not connect to host
 venmos.com: could not connect to host
 versfin.net: could not connect to host
+vgatest.nl: could not connect to host
 vinetalk.net: could not connect to host
-vipi.es: could not connect to host
 visiontree.eu: could not connect to host
 vlogge.com: could not connect to host
 vmug.pl: could not connect to host
 vrtouring.org: could not connect to host
+vsx.ch: could not connect to host
 w4.no: could not connect to host
+waixingrenfuli.vip: could not connect to host
 wanashi.com: could not connect to host
 warlions.info: could not connect to host
 wassibauer.com: could not connect to host
 watchweasel.com: could not connect to host
+we.serveftp.net: could not connect to host
 weareincognito.org: could not connect to host
 webart-factory.de: could not connect to host
 webdesigneauclaire.com: could not connect to host
 webtech.com.br: could not connect to host
 webthings.com.br: could not connect to host
 wecanvisit.com: could not connect to host
-weed.ren: could not connect to host
 welby.cat: could not connect to host
 welcomehelp.de: could not connect to host
 werhatunsverraten.eu: could not connect to host
 werkinc.de: could not connect to host
 werkkrew.xyz: could not connect to host
+westeros.hu: could not connect to host
 wetthost.com: could not connect to host
 whilsttraveling.com: could not connect to host
 winnersports.co: could not connect to host
+wireframesoftware.com: could not connect to host
 wissl.org: could not connect to host
 wolfemg.com: could not connect to host
 wolfenland.net: could not connect to host
 woomu.me: could not connect to host
 workemy.com: could not connect to host
 worldfree4.org: could not connect to host
 wp-fastsearch.de: could not connect to host
 wp6.pw: could not connect to host
 www-8887999.com: could not connect to host
 www.re: could not connect to host
 www.sb: could not connect to host
 www.simbolo.co.uk: could not connect to host
 xia100.xyz: could not connect to host
 xiaoyu.net: could not connect to host
 xing.ml: could not connect to host
+xn--8mr166hf6s.xn--fiqs8s: could not connect to host
 xqin.net: could not connect to host
 xtremenutrition.com.br: could not connect to host
 yabrt.cn: could not connect to host
+yaucy.win: could not connect to host
 yffengshi.ml: could not connect to host
 yii2.cc: could not connect to host
 yobbelwobbel.de: could not connect to host
 yoga.is-an-engineer.com: could not connect to host
-yourhair.net: could not connect to host
-yum0.cn: could not connect to host
 yux.fr: could not connect to host
 zaoext.com: could not connect to host
-zenghx.tk: could not connect to host
 zerosource.net: could not connect to host
 zhiin.net: could not connect to host
 ztytian.com: could not connect to host
+zuefle.net: could not connect to host
 zulu7.com: could not connect to host
 zuviel.space: could not connect to host
 zzw.ca: could not connect to host
 0005.com: could not connect to host
 0005aa.com: could not connect to host
 007sascha.de: did not receive HSTS header
 020wifi.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 119"  data: no]
 0222aa.com: could not connect to host
@@ -785,17 +848,17 @@ 12vpn.org: could not connect to host
 12vpnchina.com: could not connect to host
 1391kj.com: did not receive HSTS header
 1396.net: could not connect to host
 1536.cf: could not connect to host
 163pwd.com: could not connect to host
 166166.com: could not connect to host
 16deza.com: did not receive HSTS header
 16packets.com: could not connect to host
-173vpn.cn: could not connect to host
+173vpn.cn: did not receive HSTS header
 173vpns.com: did not receive HSTS header
 188betwarriors.co.uk: could not connect to host
 188trafalgar.ca: did not receive HSTS header
 195gm.com: could not connect to host
 1a-jva.de: could not connect to host
 1atic.com: could not connect to host
 1co-jp.net: did not receive HSTS header
 1cover.com: could not connect to host
@@ -818,37 +881,38 @@ 25daysof.io: could not connect to host
 2859cc.com: could not connect to host
 2acbi-asso.fr: did not receive HSTS header
 2bizi.ru: could not connect to host
 2brokegirls.org: could not connect to host
 2carpros.com: did not receive HSTS header
 2intermediate.co.uk: did not receive HSTS header
 2or3.tk: could not connect to host
 2smart4food.com: did not receive HSTS header
-2ss.jp: did not receive HSTS header
+2ss.jp: could not connect to host
 300651.ru: did not receive HSTS header
 300m.com: did not receive HSTS header
 300mbmovie24.com: did not receive HSTS header
 300mbmovies4u.cc: could not connect to host
 301.website: could not connect to host
 302.nyc: could not connect to host
 314166.com: could not connect to host
 32ph.com: could not connect to host
 33338522.com: could not connect to host
 3338522.com: could not connect to host
 33drugstore.com: could not connect to host
-341.mg: did not receive HSTS header
+341.mg: could not connect to host
 3555aa.com: could not connect to host
 35792.de: could not connect to host
 360gradus.com: did not receive HSTS header
 365.or.jp: could not connect to host
 368mibn.com: could not connect to host
 3778xl.com: did not receive HSTS header
 38sihu.com: could not connect to host
 39sihu.com: could not connect to host
+3ags.de: did not receive HSTS header
 3chit.cf: could not connect to host
 3click-loan.com: could not connect to host
 3d-bastler.de: could not connect to host
 3dcart.com: did not receive HSTS header
 3delivered.com: could not connect to host
 3dproteinimaging.com: did not receive HSTS header
 3sreporting.com: did not receive HSTS header
 404.sh: could not connect to host
@@ -860,17 +924,18 @@ 4448522.com: could not connect to host
 4455software.com: did not receive HSTS header
 44957.com: could not connect to host
 4679.space: could not connect to host
 4azino777.ru: did not receive HSTS header
 4cclothing.com: could not connect to host
 4elements.com: did not receive HSTS header
 4eyes.ch: did not receive HSTS header
 4miners.net: could not connect to host
-4ourty2.org: did not receive HSTS header
+4mybaby.ch: did not receive HSTS header
+4ourty2.org: could not connect to host
 4sqsu.eu: could not connect to host
 4w-performers.link: could not connect to host
 50millionablaze.org: could not connect to host
 513vpn.net: did not receive HSTS header
 517vpn.cn: could not connect to host
 518maicai.com: did not receive HSTS header
 540.co: did not receive HSTS header
 54bf.com: could not connect to host
@@ -1069,28 +1134,30 @@ agate.pw: did not receive HSTS header
 agatheetraphael.fr: could not connect to host
 agbremen.de: did not receive HSTS header
 agdalieso.com.ba: could not connect to host
 agentseeker.ca: did not receive HSTS header
 agevio.com: could not connect to host
 agingstop.net: did not receive HSTS header
 agonswim.com: could not connect to host
 agrias.com.br: did not receive HSTS header
+agrikulturchic.com: did not receive HSTS header
 agrimap.com: did not receive HSTS header
 agro-id.gov.ua: did not receive HSTS header
 agtv.com.br: did not receive HSTS header
 ahabingo.com: did not receive HSTS header
 ahfazahmed.net: did not receive HSTS header
 ahoynetwork.com: did not receive HSTS header
 ahri.ovh: could not connect to host
 ahwatukeefoothillsmontessori.com: did not receive HSTS header
 aicial.co.uk: could not connect to host
 aicial.com.au: could not connect to host
 aidanwoods.com: did not receive HSTS header
 aids.gov: did not receive HSTS header
+aiforsocialmedia.com: did not receive HSTS header
 aifreeze.ru: could not connect to host
 aify.eu: could not connect to host
 ainrb.com: could not connect to host
 aip-marine.com: could not connect to host
 aiponne.com: did not receive HSTS header
 airlea.com: could not connect to host
 airlinecheckins.com: did not receive HSTS header
 airproto.com: did not receive HSTS header
@@ -1102,19 +1169,19 @@ ajmahal.com: could not connect to host
 ajouin.com: could not connect to host
 aka.my: did not receive HSTS header
 akboy.pw: could not connect to host
 akclinics.org: did not receive HSTS header
 akerek.hu: could not connect to host
 akgundemirbas.com: could not connect to host
 akhilindurti.com: could not connect to host
 akkadia.cc: could not connect to host
-akoch.net: could not connect to host
 akombakom.net: could not connect to host
 akselimedia.fi: did not receive HSTS header
+akstudentsfirst.org: did not receive HSTS header
 aktivist.in: did not receive HSTS header
 al-shami.net: could not connect to host
 aladdin.ie: did not receive HSTS header
 alanlee.net: could not connect to host
 alanrickmanflipstable.com: could not connect to host
 alariel.de: did not receive HSTS header
 alarme-gps.ch: could not connect to host
 alarmegps.ch: could not connect to host
@@ -1131,16 +1198,17 @@ alessandro.pw: did not receive HSTS head
 alessandroz.pro: could not connect to host
 alethearose.com: did not receive HSTS header
 alexandre.sh: did not receive HSTS header
 alexbaker.org: did not receive HSTS header
 alexdodge.ca: could not connect to host
 alexvetter.de: could not connect to host
 alfa24.pro: could not connect to host
 alfredxing.com: did not receive HSTS header
+alienation.biz: did not receive HSTS header
 alittlebitcheeky.com: did not receive HSTS header
 aljmz.com: could not connect to host
 alkami.com: did not receive HSTS header
 all-subtitles.com: could not connect to host
 all.tf: could not connect to host
 all4os.com: did not receive HSTS header
 alldaymonitoring.com: could not connect to host
 allemobieleproviders.nl: did not receive HSTS header
@@ -1180,16 +1248,17 @@ alza.sk: did not receive HSTS header
 alzashop.com: did not receive HSTS header
 am8888.top: could not connect to host
 amandaonishi.com: could not connect to host
 amavis.org: did not receive HSTS header
 amcvega.com: did not receive HSTS header
 amerhd.com: did not receive HSTS header
 american-truck-simulator.de: could not connect to host
 american-truck-simulator.net: could not connect to host
+americansportsinstitute.org: did not receive HSTS header
 americanworkwear.nl: did not receive HSTS header
 amigogeek.net: could not connect to host
 amilx.com: could not connect to host
 amilx.org: could not connect to host
 amimoto-ami.com: max-age too low: 3153600
 amin.one: did not receive HSTS header
 amishsecurity.com: could not connect to host
 amitse.com: did not receive HSTS header
@@ -1279,16 +1348,17 @@ anymetrix.io: did not receive HSTS heade
 aocast.info: could not connect to host
 aojf.fr: could not connect to host
 aov.io: could not connect to host
 aozora.moe: could not connect to host
 apachelounge.com: did not receive HSTS header
 apadrinaunolivo.org: did not receive HSTS header
 apaginastore.com.br: could not connect to host
 apeasternpower.com: could not connect to host
+api.intercom.io: did not receive HSTS header
 api.mega.co.nz: could not connect to host
 apibot.de: could not connect to host
 apis.google.com: did not receive HSTS header (error ignored - included regardless)
 apis.world: could not connect to host
 apm.com.tw: did not receive HSTS header
 apmg-certified.com: did not receive HSTS header
 apmg-cyber.com: did not receive HSTS header
 apnakliyat.com: did not receive HSTS header
@@ -1393,32 +1463,33 @@ athaliasoft.com: could not connect to ho
 athenelive.com: could not connect to host
 athensbusinessresources.us: did not receive HSTS header
 athul.xyz: could not connect to host
 atlex.nl: did not receive HSTS header
 atlseccon.com: did not receive HSTS header
 atomic.menu: could not connect to host
 atomik.pro: could not connect to host
 atop.io: could not connect to host
+attendantdesign.com: did not receive HSTS header
 attic118.com: could not connect to host
 attimidesigns.com: did not receive HSTS header
 attogproductions.com: could not connect to host
 au-pair24.de: did not receive HSTS header
 au.search.yahoo.com: max-age too low: 172800
 aubiosales.com: could not connect to host
 aucubin.moe: could not connect to host
 audiovisualdevices.com.au: did not receive HSTS header
 auditmatrix.com: did not receive HSTS header
 augias.org: could not connect to host
 augrandinquisiteur.com: did not receive HSTS header
 aujapan.ru: could not connect to host
 aurainfosec.com: did not receive HSTS header
 aurainfosec.com.au: could not connect to host
 auraredeye.com: could not connect to host
-auraredshield.com: did not receive HSTS header
+auraredshield.com: could not connect to host
 aurora-terraria.org: did not receive HSTS header
 auroratownshipfd.org: could not connect to host
 aurugs.com: did not receive HSTS header
 ausnah.me: could not connect to host
 ausoptic.com.au: max-age too low: 2592000
 aussiecable.org: did not receive HSTS header
 auth.mail.ru: did not receive HSTS header
 authentication.io: could not connect to host
@@ -1439,32 +1510,33 @@ autumnwindsagility.com: could not connec
 auverbox.ovh: could not connect to host
 aux-arts-de-la-table.com: did not receive HSTS header
 auxetek.se: could not connect to host
 auxiliumincrementum.co.uk: could not connect to host
 av.de: did not receive HSTS header
 avadatravel.com: did not receive HSTS header
 avantmfg.com: did not receive HSTS header
 avec-ou-sans-ordonnance.fr: could not connect to host
-aveling-adventure.co.uk: could not connect to host
+aveling-adventure.co.uk: did not receive HSTS header
 avepol.cz: did not receive HSTS header
 avepol.eu: did not receive HSTS header
 aviacao.pt: did not receive HSTS header
 aviodeals.com: could not connect to host
 avmo.pw: did not receive HSTS header
 avonlearningcampus.com: could not connect to host
 avqueen.cn: could not connect to host
 avso.pw: did not receive HSTS header
 avus-automobile.com: did not receive HSTS header
 avxo.pw: did not receive HSTS header
 awanderlustadventure.com: did not receive HSTS header
 awg-mode.de: did not receive HSTS header
 aww.moe: did not receive HSTS header
 awxg.com: could not connect to host
 axado.com.br: did not receive HSTS header
+axelteichmann.net: did not receive HSTS header
 axeny.com: did not receive HSTS header
 axg.io: did not receive HSTS header
 ayahuascaadvisor.com: could not connect to host
 ayor.jp: could not connect to host
 ayor.tech: could not connect to host
 ayuru.info: could not connect to host
 azazy.net: max-age too low: 2592000
 azino777.ru: did not receive HSTS header
@@ -1513,16 +1585,17 @@ banksaround.com: did not receive HSTS he
 banqingdiao.com: could not connect to host
 baobaobooks.net: did not receive HSTS header
 barely.sexy: did not receive HSTS header
 bariller.fr: could not connect to host
 barrelhead.org: could not connect to host
 barrut.me: did not receive HSTS header
 barshout.co.uk: could not connect to host
 barss.io: could not connect to host
+bartbania.com: did not receive HSTS header
 barunisystems.com: could not connect to host
 bashcode.ninja: could not connect to host
 basicsolutionsus.com: did not receive HSTS header
 basilisk.io: could not connect to host
 bassh.net: did not receive HSTS header
 baud.ninja: could not connect to host
 baum.ga: could not connect to host
 baumstark.ca: could not connect to host
@@ -1558,25 +1631,25 @@ beastowner.com: did not receive HSTS hea
 beautyconcept.co: did not receive HSTS header
 beavers.io: could not connect to host
 bebeefy.uk: could not connect to host
 bebesurdoue.com: could not connect to host
 bedabox.com: max-age too low: 0
 bedeta.de: could not connect to host
 bedreid.dk: did not receive HSTS header
 bedrijvenadministratie.nl: could not connect to host
-beehive.govt.nz: did not receive HSTS header
 beerboutique.com.br: could not connect to host
 beetleroadstories.com: could not connect to host
 befundup.com: could not connect to host
 behere.be: could not connect to host
 beholdthehurricane.com: could not connect to host
 beichtgenerator.de: did not receive HSTS header
 beier.io: could not connect to host
 beikeil.de: could not connect to host
+beingmad.org: did not receive HSTS header
 belairsewvac.com: could not connect to host
 belewpictures.com: could not connect to host
 belgien.guide: could not connect to host
 belize-firmengruendung.com: could not connect to host
 belliash.eu.org: did not receive HSTS header
 belltower.io: could not connect to host
 belmontprom.com: could not connect to host
 bemyvictim.com: max-age too low: 2678400
@@ -1640,16 +1713,17 @@ biblerhymes.com: did not receive HSTS he
 bidon.ca: did not receive HSTS header
 bieberium.de: could not connect to host
 biego.cn: did not receive HSTS header
 bielsa.me: could not connect to host
 bienenblog.cc: could not connect to host
 bierbringer.at: could not connect to host
 big-black.de: did not receive HSTS header
 bigbbqbrush.bid: could not connect to host
+bigbounceentertainment.co.uk: did not receive HSTS header
 bigbrownpromotions.com.au: did not receive HSTS header
 biglou.com: max-age too low: 3153600
 bigshinylock.minazo.net: could not connect to host
 biguixhe.net: did not receive HSTS header
 bijouxdegriffe.com.br: could not connect to host
 bikermusic.net: could not connect to host
 bildiri.ci: did not receive HSTS header
 bildschirmflackern.de: did not receive HSTS header
@@ -1662,16 +1736,17 @@ bimbo.com: did not receive HSTS header
 binaryfigments.com: max-age too low: 86400
 binderapp.net: could not connect to host
 bioespuna.eu: did not receive HSTS header
 biofam.ru: did not receive HSTS header
 bioknowme.com: did not receive HSTS header
 bionicspirit.com: could not connect to host
 biophysik-ssl.de: did not receive HSTS header
 birkman.com: did not receive HSTS header
+biscoint.io: did not receive HSTS header
 bismarck.moe: did not receive HSTS header
 bisterfeldt.com: could not connect to host
 bitbit.org: did not receive HSTS header
 bitchan.it: could not connect to host
 bitcoinprivacy.net: did not receive HSTS header
 bitcoinworld.me: could not connect to host
 bitconcepts.co.uk: could not connect to host
 biteoftech.com: did not receive HSTS header
@@ -1701,17 +1776,16 @@ blackburn.link: could not connect to hos
 blackkeg.ca: could not connect to host
 blacklane.com: did not receive HSTS header
 blackly.uk: max-age too low: 0
 blackpayment.ru: could not connect to host
 blackunicorn.wtf: could not connect to host
 blakerandall.xyz: could not connect to host
 blantik.net: could not connect to host
 blauwwit.be: did not receive HSTS header
-blazor.nl: did not receive HSTS header
 blendlecdn.com: could not connect to host
 blenheimchalcot.com: did not receive HSTS header
 blessnet.jp: did not receive HSTS header
 blha303.com.au: could not connect to host
 blidz.com: did not receive HSTS header
 blitzprog.org: did not receive HSTS header
 blmiller.com: could not connect to host
 blocksatz-medien.de: could not connect to host
@@ -1724,17 +1798,17 @@ bloomzoomy.ru: max-age too low: 172800
 blowjs.com: could not connect to host
 bltc.co: could not connect to host
 blubbablasen.de: could not connect to host
 blucas.org: could not connect to host
 blue17.co.uk: did not receive HSTS header
 bluebill.net: did not receive HSTS header
 bluecon.eu: did not receive HSTS header
 bluefrag.com: could not connect to host
-blueglobalmedia.com: could not connect to host
+blueglobalmedia.com: did not receive HSTS header
 blueliv.com: did not receive HSTS header
 bluescloud.xyz: could not connect to host
 bluetenmeer.com: did not receive HSTS header
 bluketing.com: did not receive HSTS header
 bluserv.net: could not connect to host
 bluteklab.com: did not receive HSTS header
 blutroyal.de: could not connect to host
 bm-trading.nl: did not receive HSTS header
@@ -1791,18 +1865,19 @@ branchtrack.com: did not receive HSTS he
 brandnewdays.nl: could not connect to host
 brandon.so: could not connect to host
 brandred.net: could not connect to host
 brandspray.com: could not connect to host
 brasilien.guide: could not connect to host
 brasilmorar.com: could not connect to host
 bratteng.xyz: could not connect to host
 bravz.de: could not connect to host
-bremensaki.com: max-age too low: 2592000
+bremensaki.com: could not connect to host
 brenden.net.au: did not receive HSTS header
+bress.cloud: did not receive HSTS header
 brickoo.com: could not connect to host
 brickyardbuffalo.com: did not receive HSTS header
 bridholm.se: could not connect to host
 brightstarkids.com.au: did not receive HSTS header
 brilliantbuilders.co.uk: did not receive HSTS header
 britzer-toner.de: did not receive HSTS header
 brix.ninja: did not receive HSTS header
 brks.xyz: could not connect to host
@@ -1978,16 +2053,17 @@ cargobay.net: could not connect to host
 caringladies.org: could not connect to host
 carlo.mx: did not receive HSTS header
 carlolly.co.uk: could not connect to host
 carlosalves.info: could not connect to host
 carpliyz.com: could not connect to host
 carroarmato0.be: did not receive HSTS header
 carsforbackpackers.com: could not connect to host
 cartesunicef.be: did not receive HSTS header
+cartoonhd.cc: did not receive HSTS header
 carwashvapeur.be: could not connect to host
 casc.cz: did not receive HSTS header
 casedi.org: max-age too low: 0
 casefall.com: could not connect to host
 cash-pos.com: could not connect to host
 cashmyphone.ch: could not connect to host
 casino-cashflow.ru: did not receive HSTS header
 casinostest.com: could not connect to host
@@ -2043,16 +2119,17 @@ cganx.org: could not connect to host
 cgerstner.eu: could not connect to host
 cgsshelper.tk: could not connect to host
 chahub.com: could not connect to host
 chainmonitor.com: could not connect to host
 championsofregnum.com: did not receive HSTS header
 chancat.blog: max-age too low: 2592000
 chandlerredding.com: did not receive HSTS header
 changetip.com: did not receive HSTS header
+chanshiyu.com: did not receive HSTS header
 chaos.fail: could not connect to host
 chaoswebs.net: did not receive HSTS header
 charityclear.com: did not receive HSTS header
 charitystreet.co.uk: could not connect to host
 charliemcneive.com: could not connect to host
 charlipopkids.com.au: could not connect to host
 charnleyhouse.co.uk: did not receive HSTS header
 charp.eu: could not connect to host
@@ -2160,24 +2237,26 @@ cliftons.com: did not receive HSTS heade
 clinicaferrusbratos.com: did not receive HSTS header
 clintonbloodworth.com: could not connect to host
 clintonbloodworth.io: could not connect to host
 clintwilson.technology: max-age too low: 2592000
 clipped4u.com: could not connect to host
 closient.com: did not receive HSTS header
 cloud-project.com: could not connect to host
 cloud.wtf: could not connect to host
+cloud42.ch: did not receive HSTS header
 cloudapi.vc: could not connect to host
 cloudcert.org: did not receive HSTS header
 cloudcy.net: could not connect to host
 clouddesktop.co.nz: could not connect to host
 cloudey.net: did not receive HSTS header
 cloudfren.com: did not receive HSTS header
 cloudimag.es: could not connect to host
 cloudimprovedtest.com: could not connect to host
+cloudlight.biz: did not receive HSTS header
 cloudlink.club: could not connect to host
 cloudns.com.au: could not connect to host
 clouds.webcam: could not connect to host
 cloudspotterapp.com: did not receive HSTS header
 cloudstoragemaus.com: could not connect to host
 cloudstorm.me: could not connect to host
 cloudstrike.co: could not connect to host
 cloudwalk.io: did not receive HSTS header
@@ -2317,17 +2396,16 @@ cormilu.com.br: did not receive HSTS hea
 coroasdefloresonline.com.br: could not connect to host
 corozanu.ro: did not receive HSTS header
 corpoatletico.com.br: could not connect to host
 corporateencryption.com: could not connect to host
 correctpaardbatterijnietje.nl: did not receive HSTS header
 corruption-mc.net: could not connect to host
 corruption-rsps.net: could not connect to host
 corruption-server.net: could not connect to host
-cortisolsupplement.com: did not receive HSTS header
 costow.club: could not connect to host
 count.sh: could not connect to host
 couponcodeq.com: could not connect to host
 couragewhispers.ca: could not connect to host
 coursdeprogrammation.com: could not connect to host
 coursella.com: did not receive HSTS header
 covenantbank.net: could not connect to host
 coverdat.com: did not receive HSTS header
@@ -2452,17 +2530,17 @@ czbix.com: did not receive HSTS header
 d-rickroll-e.pw: could not connect to host
 d0xq.net: could not connect to host
 d1ves.io: did not receive HSTS header
 d4rkdeagle.tk: could not connect to host
 dabbot.org: did not receive HSTS header
 dad256.tk: could not connect to host
 dadtheimpaler.com: could not connect to host
 dah5.com: did not receive HSTS header
-dahl-pind.dk: could not connect to host
+dahl-pind.dk: did not receive HSTS header
 dai-rin.co.jp: could not connect to host
 dailystormerpodcasts.com: could not connect to host
 daimadi.com: could not connect to host
 daisuki.pw: could not connect to host
 dakerealestate.com: did not receive HSTS header
 dakrib.net: could not connect to host
 daku.gdn: could not connect to host
 dalingk.co: could not connect to host
@@ -2473,26 +2551,28 @@ dancerdates.net: could not connect to ho
 dane-bre.net: did not receive HSTS header
 daniel-du.com: could not connect to host
 daniel-mosquera.com: could not connect to host
 daniel-steuer.de: could not connect to host
 danielcowie.me: could not connect to host
 danieldk.eu: did not receive HSTS header
 danielheal.net: could not connect to host
 danieliancu.com: could not connect to host
+danielkratz.com: did not receive HSTS header
 danielworthy.com: did not receive HSTS header
 danijobs.com: could not connect to host
 danishenanigans.com: could not connect to host
 dankeblog.com: could not connect to host
 danmark.guide: could not connect to host
 dannycrichton.com: did not receive HSTS header
 danrl.de: could not connect to host
 danwillenberg.com: did not receive HSTS header
 daolerp.xyz: could not connect to host
 daplie.com: did not receive HSTS header
+darbi.org: did not receive HSTS header
 dargasia.is: could not connect to host
 dario.im: could not connect to host
 dark-x.cf: could not connect to host
 darkanzali.pl: max-age too low: 0
 darkfriday.ddns.net: could not connect to host
 darkhole.cn: did not receive HSTS header
 darkkeepers.dk: could not connect to host
 darknebula.space: could not connect to host
@@ -2523,24 +2603,25 @@ datortipsen.se: could not connect to hos
 davidandkailey.com: could not connect to host
 davidglidden.eu: did not receive HSTS header
 davidhunter.scot: did not receive HSTS header
 davidnoren.com: did not receive HSTS header
 davidreinhardt.de: could not connect to host
 daylightcompany.com: did not receive HSTS header
 daytonaseaside.com: did not receive HSTS header
 db.gy: could not connect to host
+dbapress.org: did not receive HSTS header
 dbx.ovh: could not connect to host
 dcaracing.nl: could not connect to host
 dccode.gov: could not connect to host
 dccraft.net: could not connect to host
 dcl.re: did not receive HSTS header
 dcuofriends.net: could not connect to host
 dcurt.is: did not receive HSTS header
-dcw.io: could not connect to host
+dcw.io: did not receive HSTS header
 ddatsh.com: did not receive HSTS header
 dden.ca: did not receive HSTS header
 dden.website: did not receive HSTS header
 dden.xyz: did not receive HSTS header
 debank.tv: did not receive HSTS header
 debatch.se: could not connect to host
 debian-vhost.de: did not receive HSTS header
 debiton.dk: could not connect to host
@@ -2551,26 +2632,26 @@ decesus.com: could not connect to host
 decibelios.li: could not connect to host
 decloverly.com: did not receive HSTS header
 deco.me: could not connect to host
 dedicatutiempo.es: could not connect to host
 deepcovelabs.net: could not connect to host
 deepearth.uk: could not connect to host
 deeprecce.link: could not connect to host
 deeprecce.tech: could not connect to host
+deepvalley.tech: did not receive HSTS header
 deetz.nl: did not receive HSTS header
 deetzen.de: did not receive HSTS header
 defcon.org: did not receive HSTS header
 defiler.tk: could not connect to host
 degroetenvanrosaline.nl: did not receive HSTS header
 deight.co: could not connect to host
 deinserverhost.de: did not receive HSTS header
 dekasan.ru: could not connect to host
 delayrefunds.co.uk: could not connect to host
-delbrouck.ch: did not receive HSTS header
 deliverance.co.uk: could not connect to host
 deltaconcepts.de: did not receive HSTS header
 delvj.org: could not connect to host
 demdis.org: could not connect to host
 demilitarized.ninja: could not connect to host
 demo-server.us: could not connect to host
 demo.swedbank.se: did not receive HSTS header
 demomanca.com: did not receive HSTS header
@@ -2648,17 +2729,17 @@ digitaljungle.net: could not connect to 
 digitalnonplus.com: could not connect to host
 digitalquery.com: did not receive HSTS header
 digitalriver.tk: could not connect to host
 digitalskillswap.com: could not connect to host
 dim.lighting: could not connect to host
 dinamoelektrik.com: could not connect to host
 dingcc.me: could not connect to host
 dingcc.org: could not connect to host
-dingcc.xyz: did not receive HSTS header
+dingcc.xyz: could not connect to host
 dinkum.online: could not connect to host
 dipconsultants.com: could not connect to host
 directhskincream.com: could not connect to host
 directorinegocis.cat: could not connect to host
 dirk-weise.de: did not receive HSTS header
 discovery.lookout.com: did not receive HSTS header
 discoveryottawa.ca: could not connect to host
 dise-online.de: did not receive HSTS header
@@ -2700,16 +2781,17 @@ do-do.tk: could not connect to host
 doak.io: could not connect to host
 dobet.in: could not connect to host
 docid.io: could not connect to host
 docket.news: could not connect to host
 doclot.io: did not receive HSTS header
 docset.io: could not connect to host
 docufiel.com: could not connect to host
 docxtemplater.com: did not receive HSTS header
+doenjoylife.com: did not receive HSTS header
 doesmycodehavebugs.today: could not connect to host
 doeswindowssuckforeveryoneorjustme.com: could not connect to host
 dogbox.se: did not receive HSTS header
 dogespeed.ga: could not connect to host
 dogfi.sh: did not receive HSTS header
 doggieholic.net: could not connect to host
 dognlife.com: did not receive HSTS header
 dogoodbehappyllc.com: did not receive HSTS header
@@ -2743,16 +2825,17 @@ doooonoooob.com: could not connect to ho
 dopost.it: could not connect to host
 doridian.com: could not connect to host
 doridian.de: could not connect to host
 doridian.net: did not receive HSTS header
 doridian.org: could not connect to host
 doriginal.es: did not receive HSTS header
 dorkfarm.com: did not receive HSTS header
 dosenbierrepublik.com: did not receive HSTS header
+dosomeworks.biz: did not receive HSTS header
 dot42.no: could not connect to host
 dotadata.me: could not connect to host
 dotspaperie.com: could not connect to host
 doujin.nagoya: could not connect to host
 dovecotadmin.org: could not connect to host
 doveholesband.co.uk: did not receive HSTS header
 dovetailnow.com: could not connect to host
 download.jitsi.org: did not receive HSTS header
@@ -2761,16 +2844,17 @@ doxcelerate.com: max-age too low: 69
 drach.xyz: did not receive HSTS header
 dragonisles.net: could not connect to host
 dragons-of-highlands.cz: could not connect to host
 dragonsmoke.cloud: could not connect to host
 dragonstower.net: could not connect to host
 dragonteam.ninja: could not connect to host
 drakefortreasurer.sexy: could not connect to host
 drakenson.de: did not receive HSTS header
+dralexjimenez.com: did not receive HSTS header
 drastosasports.com.br: could not connect to host
 draw.uy: could not connect to host
 drdevil.ru: could not connect to host
 dreadbyte.com: could not connect to host
 dreamcatcherblog.de: could not connect to host
 dreamlighteyeserum.com: could not connect to host
 dreamsforabetterworld.com.au: did not receive HSTS header
 drewgle.net: could not connect to host
@@ -2808,16 +2892,17 @@ dubik.su: did not receive HSTS header
 dudesunderwear.com.br: could not connect to host
 duelysthub.com: could not connect to host
 duerls.de: did not receive HSTS header
 dukec.me: could not connect to host
 dullsir.com: did not receive HSTS header
 dungi.org: could not connect to host
 duongpho.com: did not receive HSTS header
 duskopy.top: could not connect to host
+dutchessuganda.com: did not receive HSTS header
 dutchrank.com: did not receive HSTS header
 duuu.ch: could not connect to host
 dycontrol.de: could not connect to host
 dylanscott.com.au: did not receive HSTS header
 dynamic-innovations.net: could not connect to host
 dynamize.solutions: could not connect to host
 dyrkar.com: did not receive HSTS header
 dzimejl.sk: did not receive HSTS header
@@ -2903,16 +2988,17 @@ eengezinswoning-in-zeeland-kopen.nl: cou
 eengezinswoning-in-zuid-holland-kopen.nl: could not connect to host
 eengezinswoning-in-zuidplas-kopen.nl: could not connect to host
 eengezinswoning-in-zwartewaterland-kopen.nl: could not connect to host
 eengezinswoningverkopen.nl: could not connect to host
 eenhoorn.ga: could not connect to host
 eesistumine2017.ee: could not connect to host
 efficienthealth.com: did not receive HSTS header
 effortlesshr.com: did not receive HSTS header
+eftcorp.biz: did not receive HSTS header
 egge.com: max-age too low: 0
 egit.co: could not connect to host
 eglek.com: could not connect to host
 ego-world.org: could not connect to host
 ehealthcounselor.com: could not connect to host
 ehipaadev.com: could not connect to host
 ehito.ovh: could not connect to host
 ehrenamt-skpfcw.de: could not connect to host
@@ -3034,17 +3120,17 @@ erclab.kr: could not connect to host
 eressea.xyz: could not connect to host
 ergorium.com: did not receive HSTS header
 ergorium.eu: did not receive HSTS header
 ericbond.net: could not connect to host
 erichalv.com: did not receive HSTS header
 ericyl.com: could not connect to host
 eridanus.uk: could not connect to host
 eriel.com.br: could not connect to host
-erikwalther.eu: could not connect to host
+erikwalther.eu: did not receive HSTS header
 ernaehrungsberatung-zurich.ch: could not connect to host
 ernesto.at: could not connect to host
 eromixx.com: did not receive HSTS header
 erotalia.es: could not connect to host
 erotische-aanbiedingen.nl: could not connect to host
 errolz.com: could not connect to host
 errors.zenpayroll.com: could not connect to host
 ersindemirtas.com: did not receive HSTS header
@@ -3176,19 +3262,20 @@ fam-weyer.de: did not receive HSTS heade
 fame-agency.net: could not connect to host
 familie-sprink.de: could not connect to host
 familie-zimmermann.at: could not connect to host
 familylawhotline.org: did not receive HSTS header
 famio.cn: could not connect to host
 fanflow.com: did not receive HSTS header
 fantasyfootballpundit.com: did not receive HSTS header
 fanyl.cn: could not connect to host
+fanzlive.com: did not receive HSTS header
 farces.com: did not receive HSTS header
-farhadexchange.com: did not receive HSTS header
 farwat.ru: did not receive HSTS header
+fascia.fit: did not receive HSTS header
 fashion.net: did not receive HSTS header
 fashioncare.cz: did not receive HSTS header
 fashionholic.my: did not receive HSTS header
 fasset.jp: could not connect to host
 fastcomcorp.com: did not receive HSTS header
 fastcomcorp.net: did not receive HSTS header
 fastograph.com: could not connect to host
 fastopen.ml: could not connect to host
@@ -3275,17 +3362,16 @@ fitsw.com: did not receive HSTS header
 five.vn: did not receive HSTS header
 fivestarsitters.com: did not receive HSTS header
 fivezerocreative.com: did not receive HSTS header
 fixico-staging.nl: could not connect to host
 fixingdns.com: could not connect to host
 fixtectools.co.za: could not connect to host
 fjruiz.es: did not receive HSTS header
 fkcovering.be: could not connect to host
-fktpm.ru: did not receive HSTS header
 flags.ninja: could not connect to host
 flairbros.at: could not connect to host
 flajshans.cz: did not receive HSTS header
 flamewall.net: could not connect to host
 flamingkeys.com.au: could not connect to host
 flareon.net: could not connect to host
 flatbellyreview.com: max-age too low: 2592000
 flawcheck.com: could not connect to host
@@ -3310,16 +3396,17 @@ flurrybridge.com: did not receive HSTS h
 flushstudios.com: did not receive HSTS header
 flyaces.com: could not connect to host
 fm83.nl: could not connect to host
 fmi.gov: did not receive HSTS header
 fnvsecurity.com: could not connect to host
 fobc-usa.org: did not receive HSTS header
 fojtova.cz: did not receive HSTS header
 fojtovi.cz: did not receive HSTS header
+folkfests.org: did not receive HSTS header
 followback.net: did not receive HSTS header
 fonetiq.io: could not connect to host
 foo: could not connect to host
 food4health.guide: could not connect to host
 foodbuddy.ch: could not connect to host
 foodiebox.no: did not receive HSTS header
 foodies.my: did not receive HSTS header
 foodievenues.com: could not connect to host
@@ -3474,19 +3561,19 @@ gamepader.com: could not connect to host
 gameparade.de: could not connect to host
 gamepiece.com: could not connect to host
 gamers-life.fr: could not connect to host
 gamerslair.org: did not receive HSTS header
 gamerz-point.de: could not connect to host
 gamesdepartment.co.uk: did not receive HSTS header
 gameserver-sponsor.de: did not receive HSTS header
 gamesurferapp.com: could not connect to host
-gamingmedia.eu: could not connect to host
+gamingmedia.eu: did not receive HSTS header
 gampenhof.de: did not receive HSTS header
-gaptek.id: did not receive HSTS header
+gaptek.id: could not connect to host
 gar-nich.net: could not connect to host
 garageon.net: did not receive HSTS header
 garciamartin.me: could not connect to host
 garcinia--cambogia.com: could not connect to host
 garden.trade: could not connect to host
 gardencarezone.com: did not receive HSTS header
 garfieldairlines.net: did not receive HSTS header
 gatapro.net: could not connect to host
@@ -3502,32 +3589,33 @@ geekcast.co.uk: did not receive HSTS hea
 geekmind.org: max-age too low: 172800
 geeks.lgbt: could not connect to host
 geeky.software: could not connect to host
 geemo.top: could not connect to host
 geeq.ch: could not connect to host
 geli-graphics.com: did not receive HSTS header
 gemsoftheworld.org: could not connect to host
 genesischangelog.com: did not receive HSTS header
+geniuszone.biz: did not receive HSTS header
 genossen.ru: could not connect to host
 genshiken.org: could not connect to host
 genuu.com: could not connect to host
 genuxation.com: could not connect to host
 genyaa.com: could not connect to host
 genyhitch.com: did not receive HSTS header
 geoffdev.com: could not connect to host
-geoffreyrichard.com: did not receive HSTS header
+geoffreyrichard.com: could not connect to host
 geopals.net: did not receive HSTS header
 george-brighton.co.uk: could not connect to host
 georgebrighton.co.uk: could not connect to host
 georgesonarthurs.com.au: did not receive HSTS header
 gereja.ga: could not connect to host
 gerencianet.com.br: did not receive HSTS header
 gereon.ch: could not connect to host
-geri.be: did not receive HSTS header
+geri.be: could not connect to host
 gesiwista.net: could not connect to host
 gesunde-smoothies.de: did not receive HSTS header
 get-cctv.com: could not connect to host
 get.zenpayroll.com: did not receive HSTS header
 getable.com: did not receive HSTS header
 getblys.com.au: did not receive HSTS header
 getbooks.co.il: did not receive HSTS header
 getcarefirst.com: did not receive HSTS header
@@ -3555,16 +3643,17 @@ gfm.tech: could not connect to host
 gfournier.ca: could not connect to host
 gfwsb.ml: could not connect to host
 ggss.ml: could not connect to host
 gheorghe-sarcov.ga: could not connect to host
 gheorghesarcov.ga: could not connect to host
 gheorghesarcov.tk: could not connect to host
 ghkim.net: could not connect to host
 ghostcir.com: could not connect to host
+ghrelinblocker.org: did not receive HSTS header
 giakki.eu: could not connect to host
 gianlucapartengo.photography: did not receive HSTS header
 gibraltar-firma.com: did not receive HSTS header
 gidea.nu: could not connect to host
 gietvloergarant.nl: did not receive HSTS header
 giftgofers.com: did not receive HSTS header
 giftservices.nl: could not connect to host
 gigacloud.org: max-age too low: 0
@@ -3580,16 +3669,17 @@ gintenreiter-photography.com: did not re
 giogadesign.com: did not receive HSTS header
 gipsamsfashion.com: could not connect to host
 gipsic.com: did not receive HSTS header
 gis3m.org: did not receive HSTS header
 gistfy.com: could not connect to host
 git-stuff.tk: could not connect to host
 github.party: could not connect to host
 givemyanswer.com: could not connect to host
+givesunlight.com: did not receive HSTS header
 gizzo.sk: could not connect to host
 glass.google.com: did not receive HSTS header (error ignored - included regardless)
 glasslikes.com: did not receive HSTS header
 glentakahashi.com: max-age too low: 0
 glitzmirror.com: could not connect to host
 global-adult-webcams.com: did not receive HSTS header
 globalado.com: could not connect to host
 globalbridge-japan.com: did not receive HSTS header
@@ -3613,17 +3703,16 @@ go4it.solutions: did not receive HSTS he
 goabonga.com: could not connect to host
 goalsetup.com: did not receive HSTS header
 goaltree.ch: did not receive HSTS header
 goarmy.eu: could not connect to host
 goat.chat: did not receive HSTS header
 goat.xyz: max-age too low: 86400
 goben.ch: could not connect to host
 goblins.net: did not receive HSTS header
-godrealms.com: did not receive HSTS header
 goedeke.ml: could not connect to host
 goerner.me: did not receive HSTS header
 goge.site: could not connect to host
 gogenenglish.com: could not connect to host
 gogetssl.com: did not receive HSTS header
 goggs.eu: could not connect to host
 gogold-g.com: could not connect to host
 gokhankesici.com: max-age too low: 10368000
@@ -3631,16 +3720,17 @@ gold24.in: did not receive HSTS header
 goldegg-training.com: did not receive HSTS header
 goldendata.io: could not connect to host
 goldminer.ga: could not connect to host
 goldpros.com: did not receive HSTS header
 golocal-media.de: could not connect to host
 gong8.win: could not connect to host
 gonzalosanchez.mx: did not receive HSTS header
 goodenough.nz: did not receive HSTS header
+goodfurday.ca: did not receive HSTS header
 goodtech.com.br: could not connect to host
 goodwin43.ru: could not connect to host
 google: could not connect to host (error ignored - included regardless)
 googlemail.com: did not receive HSTS header (error ignored - included regardless)
 googleplex.com: did not receive HSTS header (error ignored - included regardless)
 googley.fr: max-age too low: 0
 goolok.com: could not connect to host
 gootlijsten.nl: did not receive HSTS header
@@ -3749,16 +3839,17 @@ guguke.net: did not receive HSTS header
 guilde-vindicta.fr: did not receive HSTS header
 guillaume-leduc.fr: did not receive HSTS header
 guillaumematheron.fr: did not receive HSTS header
 guineafruitcorp.com: could not connect to host
 gulch.in.ua: did not receive HSTS header
 gulenet.com: could not connect to host
 gulfcoast-sandbox.com: could not connect to host
 gulshankumar.net: did not receive HSTS header
+guniram.com: did not receive HSTS header
 gunnarhafdal.com: did not receive HSTS header
 gunnaro.com: could not connect to host
 guntbert.net: could not connect to host
 guoqiang.info: did not receive HSTS header
 gurom.lv: could not connect to host
 gurusupe.com: could not connect to host
 guso.gq: could not connect to host
 guso.ml: could not connect to host
@@ -3938,17 +4029,17 @@ hikinggearlab.com: did not receive HSTS 
 hilinemerchandising.com: did not receive HSTS header
 hillcity.org.nz: did not receive HSTS header
 hilnu.tk: could not connect to host
 hintergedanken.com: did not receive HSTS header
 hipercultura.com: did not receive HSTS header
 hiphopconvention.nl: could not connect to host
 hipnos.net: did not receive HSTS header
 hirefitness.co.uk: did not receive HSTS header
-hirevets.gov: could not connect to host
+hirevets.gov: did not receive HSTS header
 hirokilog.com: could not connect to host
 hititgunesi-tr.com: did not receive HSTS header
 hitoy.org: did not receive HSTS header
 hittipps.com: did not receive HSTS header
 hiv.gov: did not receive HSTS header
 hjw-kunstwerk.de: could not connect to host
 hlyue.com: did not receive HSTS header
 hm1ch.ovh: could not connect to host
@@ -3997,41 +4088,41 @@ hotartup.com: could not connect to host
 hotchillibox.com: max-age too low: 0
 hotchoc.io: did not receive HSTS header
 hotel-tongruben.de: max-age too low: 0
 hotelaustria-wien.at: did not receive HSTS header
 hotelvictoriaoax-mailing.com: did not receive HSTS header
 hotelvillahermosa-mailing.com: did not receive HSTS header
 hotelvue.nl: could not connect to host
 houkago-step.com: did not receive HSTS header
-housemaadiah.org: could not connect to host
+housemaadiah.org: did not receive HSTS header
 housingstudents.org.uk: could not connect to host
 howfargames.com: could not connect to host
 howrandom.org: could not connect to host
 howtocuremysciatica.com: could not connect to host
 hpepub.asia: could not connect to host
 hpepub.com: could not connect to host
 hpepub.org: could not connect to host
 hppub.info: could not connect to host
 hppub.org: could not connect to host
 hppub.site: could not connect to host
+hqhost.net: did not receive HSTS header
 hr-intranet.com: could not connect to host
 hrackydomino.cz: did not receive HSTS header
 hrk.io: could not connect to host
 hsir.me: could not connect to host
 hsts.com.br: could not connect to host
 hsts.date: could not connect to host
 hszhyy120.com: could not connect to host
 html-lab.tk: could not connect to host
 http418.xyz: could not connect to host
 httphacker.com: could not connect to host
 https.ps: could not connect to host
 httpstatuscode418.xyz: could not connect to host
 huangh.com: could not connect to host
-huangjingjing.com: did not receive HSTS header
 huarongdao.com: did not receive HSTS header
 hubert.systems: did not receive HSTS header
 hugocollignon.fr: could not connect to host
 humanesources.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 119"  data: no]
 humankode.com: did not receive HSTS header
 humblefinances.com: did not receive HSTS header
 humeurs.net: could not connect to host
 humortuga.pt: could not connect to host
@@ -4063,16 +4154,17 @@ iamokay.nl: did not receive HSTS header
 iamreubin.co.uk: did not receive HSTS header
 iamveto.com: could not connect to host
 iapws.com: did not receive HSTS header
 iban.is: could not connect to host
 ibarf.nl: did not receive HSTS header
 ibnuwebhost.com: could not connect to host
 icabanken.se: did not receive HSTS header
 icaforsakring.se: did not receive HSTS header
+icasnetwork.com: did not receive HSTS header
 ice.yt: could not connect to host
 icepink.com.br: could not connect to host
 icfl.com.br: could not connect to host
 ich-find-den-g.net: could not connect to host
 ich-mach-druck.eu: did not receive HSTS header
 ichnichtskaufmann.de: could not connect to host
 ichoosebtec.com: did not receive HSTS header
 icity.ly: did not receive HSTS header
@@ -4337,16 +4429,17 @@ izdiwho.com: could not connect to host
 izolight.ch: could not connect to host
 izoox.com: did not receive HSTS header
 izzzorgconcerten.nl: could not connect to host
 j-lsolutions.com: could not connect to host
 j-rickroll-a.pw: could not connect to host
 ja-publications.com: did not receive HSTS header
 jaan.su: could not connect to host
 jabbari.io: did not receive HSTS header
+jaccblog.com: did not receive HSTS header
 jackalworks.com: could not connect to host
 jackdoan.com: did not receive HSTS header
 jackfahnestock.com: could not connect to host
 jacobparry.ca: did not receive HSTS header
 jagido.de: did not receive HSTS header
 jahliveradio.com: could not connect to host
 jamanji.com.ng: could not connect to host
 james-parker.com: did not receive HSTS header
@@ -4409,17 +4502,17 @@ jdav-leipzig.de: could not connect to ho
 jebengotai.com: did not receive HSTS header
 jeff393.com: could not connect to host
 jeffreymagee.com: max-age too low: 0
 jeil-makes.co.kr: could not connect to host
 jellow.nl: did not receive HSTS header
 jenjoit.de: could not connect to host
 jennifercherniack.com: could not connect to host
 jensenbanden.no: could not connect to host
-jeremye77.com: did not receive HSTS header
+jeremye77.com: could not connect to host
 jeroenseegers.com: could not connect to host
 jesorsenville.com: did not receive HSTS header
 jessicabenedictus.nl: could not connect to host
 jessicah.org: could not connect to host
 jesuisformidable.nl: could not connect to host
 jet-code.com: could not connect to host
 jetaprices.com: max-age too low: 0
 jetflex.de: did not receive HSTS header
@@ -4472,17 +4565,16 @@ johnkastler.net: could not connect to ho
 johnmcgovern.com: max-age too low: 43200
 johnrom.com: did not receive HSTS header
 johnverkerk.com: could not connect to host
 jointoweb.com: could not connect to host
 jonas-keidel.de: did not receive HSTS header
 jonasgroth.se: did not receive HSTS header
 jonathan.ir: could not connect to host
 jondarby.com: did not receive HSTS header
-jonfor.net: could not connect to host
 jongha.me: could not connect to host
 jonn.me: could not connect to host
 jonnichols.info: did not receive HSTS header
 jonsno.ws: could not connect to host
 jordanstrustcompany.cn: could not connect to host
 jordanstrustcompany.ru: could not connect to host
 joretapo.fr: could not connect to host
 jorgemesa.me: could not connect to host
@@ -4491,17 +4583,17 @@ josecage.com: could not connect to host
 joshi.su: could not connect to host
 joshplant.co.uk: did not receive HSTS header
 joshstroup.me: could not connect to host
 jotpics.com: could not connect to host
 jottit.com: could not connect to host
 joyjohnston.ca: did not receive HSTS header
 joyqi.com: did not receive HSTS header
 jpaglier.com: could not connect to host
-jpbike.cz: could not connect to host
+jpbike.cz: did not receive HSTS header
 jpeaches.xyz: could not connect to host
 jptun.com: could not connect to host
 jrgold.me: could not connect to host
 jrmd.io: could not connect to host
 jrvar.com: could not connect to host
 jsanders.us: did not receive HSTS header
 jsbentertainment.nl: did not receive HSTS header
 jsg-technologies.de: did not receive HSTS header
@@ -4527,16 +4619,17 @@ junqtion.com: could not connect to host
 jupp0r.de: did not receive HSTS header
 justiceforfathers.com: could not connect to host
 justinlemay.com: could not connect to host
 justlikethat.hosting: did not receive HSTS header
 justnaw.co.uk: could not connect to host
 justudin.com: did not receive HSTS header
 justwood.cz: did not receive HSTS header
 jutella.de: did not receive HSTS header
+jutlander-netbank.dk: did not receive HSTS header
 juvenex.co: could not connect to host
 juwairen.cn: could not connect to host
 jvoice.net: could not connect to host
 jwilsson.me: could not connect to host
 jxm.in: could not connect to host
 jysperm.me: did not receive HSTS header
 jznet.org: could not connect to host
 k-dev.de: could not connect to host
@@ -4558,17 +4651,16 @@ kambodja.guide: could not connect to hos
 kamcvicit.sk: could not connect to host
 kamikano.com: could not connect to host
 kamikatse.net: could not connect to host
 kanada.guide: could not connect to host
 kaneo-gmbh.de: did not receive HSTS header
 kaniklani.co.za: could not connect to host
 kanjo.de: max-age too low: 0
 kanscooking.org: did not receive HSTS header
-kanuvu.de: did not receive HSTS header
 kany.me: did not receive HSTS header
 kanzlei-wirtschaftsrecht.berlin: did not receive HSTS header
 kaohub.com: could not connect to host
 kaplatz.is: could not connect to host
 kapucini.si: max-age too low: 0
 kaputt.com: could not connect to host
 kapverde.guide: could not connect to host
 karaoketonight.com: could not connect to host
@@ -4603,27 +4695,30 @@ kefaloniatoday.com: did not receive HSTS
 kenkoelectric.com: did not receive HSTS header
 kentacademiestrust.org.uk: did not receive HSTS header
 kerangalam.com: did not receive HSTS header
 kerksanders.nl: did not receive HSTS header
 kermadec.blog: could not connect to host
 kermadec.com: max-age too low: 43200
 kermadec.net: max-age too low: 43200
 kernl.us: did not receive HSTS header
+keshausconsulting.com: did not receive HSTS header
 keskeces.com: did not receive HSTS header
 keymaster.lookout.com: did not receive HSTS header
 kfbrussels.be: could not connect to host
 kg-rating.com: could not connect to host
 kgxtech.com: max-age too low: 2592000
 khaganat.net: did not receive HSTS header
 ki-on.net: did not receive HSTS header
 kialo.com: did not receive HSTS header
+kibriscicek.net: did not receive HSTS header
 kickass-proxies.org: could not connect to host
 kickass.al: could not connect to host
 kickasstorrents.gq: did not receive HSTS header
+kickstart.com.pk: did not receive HSTS header
 kid-dachau.de: did not receive HSTS header
 kidkat.cn: could not connect to host
 kiel-media.de: did not receive HSTS header
 kieranjones.uk: did not receive HSTS header
 killerit.in: could not connect to host
 kimana.pe: did not receive HSTS header
 kimberg.co.uk: could not connect to host
 kimpost.org: could not connect to host
@@ -4670,17 +4765,17 @@ klaxn.org: could not connect to host
 klean-ritekc.com: did not receive HSTS header
 kleertjesvoordelig.nl: could not connect to host
 kleinerarchitekturfuehrer.de: could not connect to host
 kleppe.co: could not connect to host
 kletterkater.com: did not receive HSTS header
 klicktojob.de: could not connect to host
 klunkergarten.org: could not connect to host
 knapen.io: max-age too low: 604800
-knccloud.com: did not receive HSTS header
+knccloud.com: could not connect to host
 kngk-transavto.ru: could not connect to host
 knigadel.com: did not receive HSTS header
 knightsbridgegroup.org: could not connect to host
 knowdebt.org: did not receive HSTS header
 knowledgesnap.com: could not connect to host
 knowledgesnapsites.com: could not connect to host
 koddsson.com: did not receive HSTS header
 kode-it.de: could not connect to host
@@ -4907,16 +5002,17 @@ libertyrp.org: did not receive HSTS head
 library.linode.com: did not receive HSTS header
 librechan.net: could not connect to host
 libreduca.com: could not connect to host
 lichess4545.com: did not receive HSTS header
 lichess4545.tv: did not receive HSTS header
 lidlovajogurteka.si: could not connect to host
 liebach.me: did not receive HSTS header
 liemen.net: did not receive HSTS header
+life-time.nl: did not receive HSTS header
 lifecoach.tw: did not receive HSTS header
 lifecoachproviders.com: did not receive HSTS header
 lifeguard.aecom.com: did not receive HSTS header
 lifeinitsownway.com: could not connect to host
 lifeskillsdirect.com: did not receive HSTS header
 lifetimemoneymachine.com: could not connect to host
 lightarmory.com: could not connect to host
 lightning-ashe.com: did not receive HSTS header
@@ -5039,17 +5135,17 @@ loveto.at: could not connect to host
 lovingearth.net: max-age too low: 0
 lowhangingfruitgrabber.com: could not connect to host
 loxis.be: did not receive HSTS header
 lpak.nl: could not connect to host
 lpgram.ga: could not connect to host
 lrhsclubs.com: could not connect to host
 lrhstsa.com: could not connect to host
 ls-a.org: did not receive HSTS header
-lsky.cn: did not receive HSTS header
+lsky.cn: could not connect to host
 lsp-sports.de: did not receive HSTS header
 ltbytes.com: could not connect to host
 ltechnologygroup.com: did not receive HSTS header
 ltu.social: could not connect to host
 lucas-garte.com: did not receive HSTS header
 lucaterzini.com: could not connect to host
 luclu7.pw: could not connect to host
 ludwig.click: did not receive HSTS header
@@ -5106,16 +5202,17 @@ madebymagnitude.com: did not receive HST
 maderwin.com: did not receive HSTS header
 madesoftware.com.br: did not receive HSTS header
 mafamane.com: could not connect to host
 mafiareturns.com: max-age too low: 2592000
 magenx.com: did not receive HSTS header
 magia360.com: did not receive HSTS header
 magneticanvil.com: did not receive HSTS header
 mahamed91.pw: could not connect to host
+mahansexcavating.com: did not receive HSTS header
 mahfouzadedimeji.com: did not receive HSTS header
 mail-settings.google.com: did not receive HSTS header (error ignored - included regardless)
 mail.google.com: did not receive HSTS header (error ignored - included regardless)
 mail.yahoo.com: max-age too low: 60
 mailchuck.com: could not connect to host
 maildragon.com: could not connect to host
 mailgarant.nl: could not connect to host
 mailhost.it: could not connect to host
@@ -5286,16 +5383,17 @@ mealz.com: did not receive HSTS header
 meamod.com: max-age too low: 0
 meat-education.com: could not connect to host
 mebio.us: did not receive HSTS header
 mecenat-cassous.com: did not receive HSTS header
 mechmk1.me: did not receive HSTS header
 medallia.io: could not connect to host
 mediacru.sh: could not connect to host
 mediafinancelab.org: did not receive HSTS header
+mediafocus.biz: did not receive HSTS header
 mediamag.am: max-age too low: 0
 mediastorm.us: could not connect to host
 mediawikicn.org: could not connect to host
 medienservice-fritz.de: did not receive HSTS header
 medirich.co: could not connect to host
 meditek-dv.ru: could not connect to host
 medm-test.com: could not connect to host
 medzinenews.com: did not receive HSTS header
@@ -5347,16 +5445,17 @@ metis.pw: could not connect to host
 metrans-spedition.de: could not connect to host
 metricaid.com: did not receive HSTS header
 metzgerei-birkenhof.de: could not connect to host
 meucosmetico.com.br: could not connect to host
 meuemail.pro: could not connect to host
 mexbt.com: could not connect to host
 mexicanbusinessweb.mx: did not receive HSTS header
 mexicansbook.ru: could not connect to host
+mexicom.org: did not receive HSTS header
 mfcatalin.com: could not connect to host
 mfedderke.com: could not connect to host
 mgdigital.fr: did not receive HSTS header
 mgiay.com: did not receive HSTS header
 mh-bloemen.co.jp: could not connect to host
 mhdsyarif.com: did not receive HSTS header
 mhealthdemocamp.com: could not connect to host
 mhertel.com: did not receive HSTS header
@@ -5525,17 +5624,16 @@ moneycrownmedia.com: could not connect t
 monika-sokol.de: did not receive HSTS header
 monitaure.io: could not connect to host
 monitman.com: did not receive HSTS header
 monsieurbureau.com: did not receive HSTS header
 montanacures.org: could not connect to host
 montanwerk.de: could not connect to host
 montonicms.com: could not connect to host
 moon.lc: could not connect to host
-moonchart.co.uk: did not receive HSTS header
 moonless.net: could not connect to host
 moonloupe.com: could not connect to host
 moosemanstudios.com: could not connect to host
 moov.is: could not connect to host
 moparisthebest.biz: could not connect to host
 moparisthebest.info: could not connect to host
 moparscape.org: did not receive HSTS header
 mopsuite.club: could not connect to host
@@ -5628,47 +5726,54 @@ mybusiness.cm: did not receive HSTS head
 mychocolateweightloss.com: did not receive HSTS header
 mycollab.net: could not connect to host
 mycoted.com: did not receive HSTS header
 mydeos.com: could not connect to host
 mydigipass.com: did not receive HSTS header
 mydnaresults.com: could not connect to host
 mydnatest.com: did not receive HSTS header
 mydriversedge.com: did not receive HSTS header
-myepass.bg: could not connect to host
 myepass.de: could not connect to host
 myfdic.gov: could not connect to host
 mygate.at: could not connect to host
+mygeneral.org: did not receive HSTS header
 mygivingcircle.org: did not receive HSTS header
 mygooder.com: did not receive HSTS header
 mygov.scot: did not receive HSTS header
 myhair.asia: did not receive HSTS header
 myiocc.org: could not connect to host
 myip.tech: max-age too low: 2592000
 mykolab.com: did not receive HSTS header
 mykreuzfahrt.de: could not connect to host
+mylatestnews.org: did not receive HSTS header
+myliveupdates.com: did not receive HSTS header
 mymp3singer.site: did not receive HSTS header
 mynetblog.com: did not receive HSTS header
 myni.io: could not connect to host
 mynigma.org: did not receive HSTS header
 mypagella.com: could not connect to host
 mypagella.eu: could not connect to host
 mypagella.it: could not connect to host
 mypension.ca: could not connect to host
 myphonebox.de: could not connect to host
+myproblog.com: did not receive HSTS header
 myraytech.net: did not receive HSTS header
 myrig.com: did not receive HSTS header
 myrig.net: could not connect to host
 myrsa.in: did not receive HSTS header
 mysecretrewards.com: could not connect to host
 myspa.asia: did not receive HSTS header
 mystery-science-theater-3000.de: could not connect to host
 mysteryblog.de: did not receive HSTS header
 mythlogic.com: did not receive HSTS header
 mythslegendscollection.com: did not receive HSTS header
+mytruecare.org: did not receive HSTS header
+myupdatestar.com: did not receive HSTS header
+myupdatestudio.com: did not receive HSTS header
+myupdatesystems.com: did not receive HSTS header
 myweb360.de: did not receive HSTS header
 myzone.com: did not receive HSTS header
 n-rickroll-e.pw: could not connect to host
 n0psled.nl: could not connect to host
 n2x.in: could not connect to host
 n4l.pw: could not connect to host
 n8ch.net: could not connect to host
 nabru.co.uk: did not receive HSTS header
@@ -5727,17 +5832,17 @@ ndtmarket.place: could not connect to ho
 near.st: did not receive HSTS header
 nearbiwa.com: did not receive HSTS header
 neavision.de: did not receive HSTS header
 nebra.io: could not connect to host
 nebulousenhanced.com: could not connect to host
 nedwave.com: could not connect to host
 nedzad.me: could not connect to host
 neftaly.com: did not receive HSTS header
-negai.moe: did not receive HSTS header
+negai.moe: could not connect to host
 negativzinsen.info: did not receive HSTS header
 neilgreen.net: did not receive HSTS header
 neko-life.com: did not receive HSTS header
 neko-system.com: did not receive HSTS header
 nemno.de: could not connect to host
 nemovement.org: could not connect to host
 neoani.me: could not connect to host
 neofelhz.space: could not connect to host
@@ -5754,16 +5859,17 @@ netherwind.eu: did not receive HSTS head
 nethruster.com: did not receive HSTS header
 netlilo.com: could not connect to host
 netloanusa.com: could not connect to host
 netmagik.com: did not receive HSTS header
 netprofile.com.au: did not receive HSTS header
 netresourcedesign.com: could not connect to host
 netsigna.de: did not receive HSTS header
 nettefoundation.com: could not connect to host
+networkposting.com: did not receive HSTS header
 networx-online.de: could not connect to host
 netzbit.de: could not connect to host
 netzpolitik.org: max-age too low: 2592000
 netztest.at: did not receive HSTS header
 netzvieh.de: did not receive HSTS header
 netzzwerg4u.de: could not connect to host
 neueonlinecasino2016.com: could not connect to host
 neuralgic.net: could not connect to host
@@ -5873,16 +5979,17 @@ nottheonion.net: did not receive HSTS he
 nou.si: could not connect to host
 nouvelle-vague-saint-cast.fr: did not receive HSTS header
 nova-elearning.com: did not receive HSTS header
 novaco.in: max-age too low: 3600
 novacraft.me: did not receive HSTS header
 novatrucking.de: could not connect to host
 novavoidhowl.com: did not receive HSTS header
 novelabs.de: could not connect to host
+novelshouse.com: did not receive HSTS header
 novurania.com: did not receive HSTS header
 nowak.ninja: did not receive HSTS header
 noworrywp.com: could not connect to host
 nowprotein.com: did not receive HSTS header
 nozoe.jp: could not connect to host
 npol.de: could not connect to host
 nq7.pl: could not connect to host
 nrd.li: could not connect to host
@@ -5999,16 +6106,17 @@ onehourloan.com: could not connect to ho
 onehourloan.sg: did not receive HSTS header
 oneiros.cc: could not connect to host
 oneminute.io: did not receive HSTS header
 oneminutefilm.tv: could not connect to host
 onepathnetwork.com: max-age too low: 7776000
 onepluscamps.com: could not connect to host
 onespiritinc.com: did not receive HSTS header
 onet.space: could not connect to host
+onetwentyseven001.com: did not receive HSTS header
 onewpst.com: did not receive HSTS header
 oniichan.us: did not receive HSTS header
 onioncloud.org: could not connect to host
 onionsburg.com: could not connect to host
 online-casino.eu: did not receive HSTS header
 online-wetten.de: did not receive HSTS header
 online.swedbank.se: did not receive HSTS header
 onlinebiller.com: did not receive HSTS header
@@ -6128,16 +6236,18 @@ p3.marketing: did not receive HSTS heade
 p3in.com: did not receive HSTS header
 p8r.de: could not connect to host
 paavolastudio.com: could not connect to host
 pablocamino.tk: could not connect to host
 packlane.com: did not receive HSTS header
 pactocore.org: could not connect to host
 paestbin.com: could not connect to host
 page: could not connect to host
+pagedesignhub.com: did not receive HSTS header
+pagedesignshop.com: did not receive HSTS header
 pagerate.io: did not receive HSTS header
 pagetoimage.com: could not connect to host
 pahlawanpulsa.com: did not receive HSTS header
 paigeglass.com: did not receive HSTS header
 paino.cloud: could not connect to host
 paintingat.com: could not connect to host
 paisaone.com: did not receive HSTS header
 pajonzeck.de: could not connect to host
@@ -6265,16 +6375,17 @@ personalcommunicationsecurity.com: could
 personaldatabasen.no: could not connect to host
 personalinjurylist.com: did not receive HSTS header
 personalizedtouch.co: could not connect to host
 perthdevicelab.com: did not receive HSTS header
 pestalozzishop.com.br: could not connect to host
 pet-nsk.ru: could not connect to host
 petchart.net: could not connect to host
 peterkshultz.com: did not receive HSTS header
+peterlew.is: did not receive HSTS header
 petersmark.com: did not receive HSTS header
 pethub.com: did not receive HSTS header
 petit.site: could not connect to host
 petplum.com: could not connect to host
 petravdbos.nl: did not receive HSTS header
 petrkrapek.cz: did not receive HSTS header
 petrolplus.ru: max-age too low: 7776000
 petrovsky.pro: could not connect to host
@@ -6344,26 +6455,28 @@ pitonarms.com: could not connect to host
 pittonpreschool.com: did not receive HSTS header
 pixdigital.net: did not receive HSTS header
 pixeame.com: did not receive HSTS header
 pixel.google.com: did not receive HSTS header (error ignored - included regardless)
 pixelcode.com.au: could not connect to host
 pixelhero.co.uk: did not receive HSTS header
 pixi.chat: could not connect to host
 pixi.me: did not receive HSTS header
+pixipics.com: did not receive HSTS header
 pizzadoc.ch: could not connect to host
 pizzahut.ru: did not receive HSTS header
 pjbet.mg: did not receive HSTS header
 pkautodesign.com: did not receive HSTS header
 pkschat.com: could not connect to host
 placefade.com: could not connect to host
 placollection.org: could not connect to host
 plaettliaktion.ch: did not receive HSTS header
 planpharmacy.com: could not connect to host
 plant.ml: did not receive HSTS header
+plantrustler.com: did not receive HSTS header
 plass.hamburg: could not connect to host
 plataformadeinformacion.es: max-age too low: 30000
 platform.lookout.com: could not connect to host
 platomania.eu: did not receive HSTS header
 play.google.com: did not receive HSTS header (error ignored - included regardless)
 playerhunter.com: did not receive HSTS header
 playerscout.net: did not receive HSTS header
 playflick.com: could not connect to host
@@ -6391,17 +6504,16 @@ pmnts.io: could not connect to host
 pnukee.com: did not receive HSTS header
 po.gl: did not receive HSTS header
 pochaneko.com: did not receive HSTS header
 pocketsix.com: could not connect to host
 pocloud.homelinux.net: could not connect to host
 podiumsdiskussion.org: did not receive HSTS header
 poiema.com.sg: did not receive HSTS header
 poinsot.beer: could not connect to host
-poinsot.info: did not receive HSTS header
 pointeringles.com: could not connect to host
 pointiswunderland.de: did not receive HSTS header
 pointpro.de: did not receive HSTS header
 pokeduel.me: did not receive HSTS header
 pol.in.th: could not connect to host
 polarityschule.com: did not receive HSTS header
 pole.net.nz: could not connect to host
 polen.guide: could not connect to host
@@ -6445,20 +6557,19 @@ povitria.net: could not connect to host
 power-l.ch: did not receive HSTS header
 power-of-interest.com: did not receive HSTS header
 power99press.com: did not receive HSTS header
 poweroff.win: could not connect to host
 powerplannerapp.com: did not receive HSTS header
 powershift.ne.jp: did not receive HSTS header
 powerxequality.com: could not connect to host
 pozniak.at: did not receive HSTS header
-pozyczka-bez-zaswiadczen.pl: did not receive HSTS header
 ppr-truby.ru: could not connect to host
 ppuu.org: did not receive HSTS header
-ppy3.com: did not receive HSTS header
+ppy3.com: could not connect to host
 pr2studio.com: could not connect to host
 practicallabs.com: could not connect to host
 practodev.com: could not connect to host
 pratinav.xyz: could not connect to host
 prattpokemon.com: could not connect to host
 praxis-research.info: could not connect to host
 precisionaeroimaging.com: did not receive HSTS header
 prediksisydney.com: could not connect to host
@@ -6514,17 +6625,16 @@ projectdp.net: could not connect to host
 projectherogames.xyz: did not receive HSTS header
 projectmercury.space: could not connect to host
 projetoresecia.com: could not connect to host
 promecon-gmbh.de: did not receive HSTS header
 prontocleaners.co.uk: could not connect to host
 prontolight.com: did not receive HSTS header
 prontomovers.co.uk: could not connect to host
 propactrading.com: could not connect to host
-proposalonline.com: did not receive HSTS header
 prosocialmachines.com: could not connect to host
 prosoft.sk: did not receive HSTS header
 prosperident.com: did not receive HSTS header
 protoyou.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 119"  data: no]
 providerlijst.com: did not receive HSTS header
 providerlijst.nl: did not receive HSTS header
 prowhisky.de: did not receive HSTS header
 proximato.com: could not connect to host
@@ -6534,17 +6644,16 @@ proxybay.info: did not receive HSTS head
 proxybay.top: did not receive HSTS header
 proxydesk.net: could not connect to host
 proxyowl.pw: could not connect to host
 proxyrox.com: could not connect to host
 prxio.date: could not connect to host
 prxio.site: could not connect to host
 ps4all.nl: did not receive HSTS header
 pscleaningsolutions.co.uk: could not connect to host
-pseudo.coffee: could not connect to host
 pshostpk.com: did not receive HSTS header
 psicologia.co.ve: could not connect to host
 psw.academy: could not connect to host
 psw.consulting: could not connect to host
 ptn.moscow: could not connect to host
 ptonet.com: could not connect to host
 pubkey.is: could not connect to host
 publications.qld.gov.au: did not receive HSTS header
@@ -6642,17 +6751,16 @@ ramarka.de: could not connect to host
 ramatola.uk: did not receive HSTS header
 ramon-c.nl: could not connect to host
 ramonj.nl: could not connect to host
 randomcage.com: did not receive HSTS header
 randomcloud.net: could not connect to host
 randomhero.cloud: could not connect to host
 randomwinpicker.de: could not connect to host
 randy.pw: could not connect to host
-randy.su: did not receive HSTS header
 ranegroup.hosting: could not connect to host
 rankthespot.com: could not connect to host
 ranktopay.com: did not receive HSTS header
 rannseier.org: did not receive HSTS header
 rany.duckdns.org: could not connect to host
 rany.io: could not connect to host
 rany.pw: could not connect to host
 rapido.nu: did not receive HSTS header
@@ -6677,47 +6785,49 @@ rawstorieslondon.com: could not connect 
 raydan.space: could not connect to host
 raydobe.me: could not connect to host
 raytron.org: could not connect to host
 razeencheng.com: did not receive HSTS header
 razlaw.name: did not receive HSTS header
 razzolini.com.br: could not connect to host
 rbhighinc.org: could not connect to host
 rbose.org: could not connect to host
+rbqcloud.com: did not receive HSTS header
 rbti.me: could not connect to host
 rc-rp.com: did not receive HSTS header
 rc4.io: could not connect to host
 rcafox.com: could not connect to host
 rcorporation.be: did not receive HSTS header
 rcpcbd.com: could not connect to host
 rcvd.io: did not receive HSTS header
 rdns.im: did not receive HSTS header
 rdyrda.fr: could not connect to host
 re-customer.net: did not receive HSTS header
 reachr.com: could not connect to host
 reader.ga: could not connect to host
 readmeeatmedrinkme.com: did not receive HSTS header
 readr.pw: could not connect to host
 reagir43.fr: did not receive HSTS header
+realitycrazy.com: did not receive HSTS header
 realmic.net: could not connect to host
 realmofespionage.com: could not connect to host
 reaper.rip: did not receive HSTS header
 reardenporn.com: could not connect to host
 rebekaesgabor.online: could not connect to host
 rebootmc.com: did not receive HSTS header
 recommended.reviews: could not connect to host
 redair.es: did not receive HSTS header
 redar.xyz: could not connect to host
 reddit.com: did not receive HSTS header
 rede.ca: did not receive HSTS header
 redhorsemountainranch.com: did not receive HSTS header
 redicabo.de: could not connect to host
 redirectman.com: did not receive HSTS header
 redlatam.org: did not receive HSTS header
-redmbk.com: did not receive HSTS header
+redmbk.com: could not connect to host
 redner.cc: did not receive HSTS header
 rednertv.de: did not receive HSTS header
 redports.org: could not connect to host
 redra.ws: did not receive HSTS header
 redy.host: did not receive HSTS header
 referenten.org: did not receive HSTS header
 refitplanner.com: did not receive HSTS header
 reg.ru: did not receive HSTS header
@@ -6747,17 +6857,17 @@ rememberthis.co.za: could not connect to
 remitatm.com: did not receive HSTS header
 remodela.com.ve: could not connect to host
 remonttitekniikka.fi: could not connect to host
 remoteham.com: could not connect to host
 remotestance.com: did not receive HSTS header
 renem.net: max-age too low: 2592000
 rengarenkblog.com: could not connect to host
 renideo.fr: could not connect to host
-renkhosting.com: could not connect to host
+renkhosting.com: did not receive HSTS header
 renlong.org: did not receive HSTS header
 renrenss.com: could not connect to host
 rentacarcluj.xyz: did not receive HSTS header
 rentbrowsertrain.me: could not connect to host
 rentcarassist.com: could not connect to host
 renteater.com: could not connect to host
 rentex.com: did not receive HSTS header
 renyiyou.com: could not connect to host
@@ -6955,17 +7065,17 @@ sanasalud.org: could not connect to host
 sanatfilan.com: did not receive HSTS header
 sandviks.com: did not receive HSTS header
 sanex.ca: could not connect to host
 sanguoxiu.com: could not connect to host
 sanhei.ch: did not receive HSTS header
 sansage.com.br: could not connect to host
 sansdev.com: could not connect to host
 sansemea.com: did not receive HSTS header
-santing.net: did not receive HSTS header
+santing.net: could not connect to host
 santouri.be: could not connect to host
 sapk.fr: could not connect to host
 sarah-beckett-harpist.com: did not receive HSTS header
 sarahsweetlife.com: could not connect to host
 sarahsweger.com: could not connect to host
 sarakas.com: could not connect to host
 sarangsemutbandung.com: could not connect to host
 sarisonproductions.com: did not receive HSTS header
@@ -7034,32 +7144,33 @@ scrambler.in: could not connect to host
 scrapings.net: could not connect to host
 screencaster.io: did not receive HSTS header
 screenresolution.space: could not connect to host
 screensaversplanet.com: did not receive HSTS header
 scribbleserver.com: could not connect to host
 scribe.systems: could not connect to host
 scrion.com: could not connect to host
 script.google.com: did not receive HSTS header (error ignored - included regardless)
-scriptenforcer.net: did not receive HSTS header
+scriptenforcer.net: could not connect to host
 scriptict.nl: could not connect to host
 scrollstory.com: did not receive HSTS header
 sdhmanagementgroup.com: could not connect to host
 sdia.ru: could not connect to host
 sdmoscow.ru: could not connect to host
 sdrobs.com: did not receive HSTS header
 sdsl-speedtest.de: could not connect to host
 seans.cc: did not receive HSTS header
 search-one.de: did not receive HSTS header
 seavancouver.com: could not connect to host
 sebastian-bair.de: could not connect to host
 sebastianhampl.de: could not connect to host
 sebastiensenechal.com: did not receive HSTS header
 sebster.com: did not receive HSTS header
 secandtech.com: could not connect to host
+secanje.nl: did not receive HSTS header
 seccom.ch: did not receive HSTS header
 secnet.ga: could not connect to host
 secondary-survivor.com: could not connect to host
 secondary-survivor.help: could not connect to host
 secondary-survivor.net: could not connect to host
 secondarysurvivor.help: could not connect to host
 secondarysurvivorportal.com: could not connect to host
 secondarysurvivorportal.help: could not connect to host
@@ -7142,16 +7253,17 @@ serverdensity.io: did not receive HSTS h
 servergno.me: did not receive HSTS header
 servermonkey.nl: could not connect to host
 servicevie.com: did not receive HSTS header
 servious.org: could not connect to host
 servu.de: did not receive HSTS header
 seryo.moe: could not connect to host
 seryo.net: could not connect to host
 sessionslogning.dk: could not connect to host
+setkit.net: did not receive HSTS header
 setphaserstostun.org: could not connect to host
 setuid.de: could not connect to host
 setuid.io: did not receive HSTS header
 seyahatsagliksigortalari.com: could not connect to host
 sfashion.si: did not receive HSTS header
 sfhobbies.com.br: could not connect to host
 sfsltd.com: did not receive HSTS header
 sh11.pp.ua: did not receive HSTS header
@@ -7260,29 +7372,31 @@ simpleai.net: max-age too low: 600
 simplelearner.com: could not connect to host
 simplepractice.com: did not receive HSTS header
 simplixos.org: could not connect to host
 simplyenak.com: did not receive HSTS header
 sin30.net: could not connect to host
 sincai666.com: could not connect to host
 sincron.org: could not connect to host
 sinful.pw: could not connect to host
+sinfulforums.net: did not receive HSTS header
 singul4rity.com: could not connect to host
 sinneserweiterung.de: could not connect to host
 sinosky.org: did not receive HSTS header
 siriad.com: could not connect to host
 sirius-lee.net: could not connect to host
 sitehost.io: did not receive HSTS header
 sitennisclub.com: did not receive HSTS header
 siterip.org: could not connect to host
 sites.google.com: did not receive HSTS header (error ignored - included regardless)
 sitesforward.com: did not receive HSTS header
 sitesten.com: did not receive HSTS header
 sixtwentyten.com: did not receive HSTS header
 sizingservers.be: did not receive HSTS header
+sketchywebsite.net: did not receive HSTS header
 ski-insurance.com.au: did not receive HSTS header
 skidstresser.com: did not receive HSTS header
 skillproxy.com: could not connect to host
 skillproxy.net: could not connect to host
 skillproxy.org: could not connect to host
 skk.io: could not connect to host
 skoda-clever-lead.de: could not connect to host
 skoda-nurdiebesten.de: did not receive HSTS header
@@ -7307,16 +7421,17 @@ slattery.co: could not connect to host
 slauber.de: did not receive HSTS header
 sleeklounge.com: did not receive HSTS header
 sleep10.com: could not connect to host
 sleepstar.com.mt: did not receive HSTS header
 slicketl.com: did not receive HSTS header
 slightfuture.click: could not connect to host
 slightfuture.com: did not receive HSTS header
 slix.io: could not connect to host
+slo-net.net: did not receive HSTS header
 slope.haus: could not connect to host
 slovakiana.sk: did not receive HSTS header
 sluplift.com: did not receive HSTS header
 slycurity.de: did not receive HSTS header
 smablo.com: did not receive HSTS header
 smallcdn.rocks: could not connect to host
 smallshopit.com: did not receive HSTS header
 smares.de: did not receive HSTS header
@@ -7394,16 +7509,17 @@ sonyforum.no: did not receive HSTS heade
 soobi.org: did not receive HSTS header
 soply.com: did not receive HSTS header
 soporte.cc: could not connect to host
 sorensen-online.com: could not connect to host
 sosaka.ml: could not connect to host
 sosiolog.com: did not receive HSTS header
 sotor.de: did not receive HSTS header
 soucorneteiro.com.br: could not connect to host
+soulcrazy.org: did not receive HSTS header
 soulfulglamour.uk: could not connect to host
 soundforsound.co.uk: did not receive HSTS header
 sourcelair.com: did not receive HSTS header
 southcoastswords.com: did not receive HSTS header
 southernjamusa.com: did not receive HSTS header
 southgale.condos: could not connect to host
 southside-crew.club: could not connect to host
 southworcestershiregpservices.co.uk: could not connect to host
@@ -7792,17 +7908,17 @@ tedxkmitl.com: could not connect to host
 tefl.io: could not connect to host
 tegelsensanitaironline.nl: did not receive HSTS header
 tehotuotanto.net: did not receive HSTS header
 teknologi.or.id: max-age too low: 0
 teknotes.co.uk: could not connect to host
 tekshrek.com: did not receive HSTS header
 tel-dithmarschen.de: did not receive HSTS header
 teleallarme.ch: could not connect to host
-telefisk.org: could not connect to host
+telefisk.org: did not receive HSTS header
 telefonnummer.online: could not connect to host
 telefoonnummerinfo.nl: could not connect to host
 telescam.com: could not connect to host
 teletra.ru: could not connect to host
 tellingua.com: did not receive HSTS header
 temehu.com: did not receive HSTS header
 tempcraft.net: could not connect to host
 tempo.co: did not receive HSTS header
@@ -7855,16 +7971,17 @@ thebrotherswarde.com: could not connect 
 thecapitalbank.com: did not receive HSTS header
 thecharlestonwaldorf.com: did not receive HSTS header
 thechunk.net: could not connect to host
 theclementinebutchers.com: could not connect to host
 theclubjersey.com: did not receive HSTS header
 thecoffeehouse.xyz: could not connect to host
 thecrochetcottage.net: could not connect to host
 thedrop.pw: did not receive HSTS header
+thedrunkencabbage.com: did not receive HSTS header
 thedystance.com: could not connect to host
 theelitebuzz.com: did not receive HSTS header
 theendofzion.com: did not receive HSTS header
 theescapistswiki.com: could not connect to host
 theeyeopener.com: did not receive HSTS header
 thefarbeyond.com: could not connect to host
 theflowerbasketonline.com: could not connect to host
 thefootballanalyst.com: did not receive HSTS header
@@ -7995,17 +8112,17 @@ tipsyk.ru: could not connect to host
 tiredofeating.com: could not connect to host
 tiremoni.ch: did not receive HSTS header
 tirex.media: did not receive HSTS header
 titanlab.de: could not connect to host
 titanleaf.com: could not connect to host
 titouan.co: did not receive HSTS header
 tittarpuls.se: could not connect to host
 titties.ml: could not connect to host
-tjc.host: did not receive HSTS header
+tjc.host: max-age too low: 2592000
 tjc.wiki: could not connect to host
 tjeckien.guide: could not connect to host
 tjullrich.de: could not connect to host
 tkappertjedemetamorfose.nl: could not connect to host
 tkonstantopoulos.tk: could not connect to host
 tlcdn.net: could not connect to host
 tlo.hosting: could not connect to host
 tlo.link: could not connect to host
@@ -8050,23 +8167,23 @@ tomlankhorst.nl: did not receive HSTS he
 tomli.me: could not connect to host
 tommsy.com: did not receive HSTS header
 tommyads.com: could not connect to host
 tommyweber.de: did not receive HSTS header
 tomphill.co.uk: could not connect to host
 tongmu.me: did not receive HSTS header
 tonyfantjr.com: could not connect to host
 toomanypillows.com: could not connect to host
-tooolroc.org: could not connect to host
 top-stage.net: could not connect to host
 topdeskdev.net: could not connect to host
 topmarine.se: could not connect to host
 topnewstoday.org: could not connect to host
 toppik.com.br: could not connect to host
 topshelfguild.com: could not connect to host
+toptheto.com: did not receive HSTS header
 toptranslation.com: did not receive HSTS header
 torahanytime.com: did not receive HSTS header
 torchl.it: could not connect to host
 torlock.download: could not connect to host
 torproject.org.uk: could not connect to host
 torrentdownloads.bid: did not receive HSTS header
 torrentz.website: could not connect to host
 torsten-schmitz.net: could not connect to host
@@ -8140,22 +8257,24 @@ troo.ly: did not receive HSTS header
 true.ink: did not receive HSTS header
 truebred-labradors.com: did not receive HSTS header
 trunkjunk.co: did not receive HSTS header
 trustedinnovators.com: did not receive HSTS header
 trusteecar.com: did not receive HSTS header
 trustmeimfancy.com: could not connect to host
 trybind.com: could not connect to host
 tryoneday.co: did not receive HSTS header
+tryupdates.com: did not receive HSTS header
 ts2.se: could not connect to host
 ts3.consulting: could not connect to host
 tsecy.com: could not connect to host
 tsgoc.com: did not receive HSTS header
 tsrstore.gq: could not connect to host
 tssouthernpower.com: max-age too low: 0
+tsumegumi.net: did not receive HSTS header
 tsurimap.com: could not connect to host
 tsutsumi-kogyo.jp: could not connect to host
 ttackmedical.com.br: could not connect to host
 tts.co.nz: did not receive HSTS header
 tuamoronline.com: could not connect to host
 tubbutec.de: did not receive HSTS header
 tubepro.de: did not receive HSTS header
 tubetoon.com: did not receive HSTS header
@@ -8290,16 +8409,17 @@ unifei.edu.br: did not receive HSTS head
 uniformecomgas.com.br: could not connect to host
 uniformehumboldt.com.br: did not receive HSTS header
 unikitty-on-tour.com: could not connect to host
 unionstationapp.com: could not connect to host
 unison.com: did not receive HSTS header
 unisyssecurity.com: did not receive HSTS header
 unitlabs.net: could not connect to host
 unitrade-425.co.za: did not receive HSTS header
+universeinform.com: did not receive HSTS header
 university4industry.com: did not receive HSTS header
 univz.com: could not connect to host
 unixtime.pro: could not connect to host
 unknownphenomena.net: could not connect to host
 unleash.pw: max-age too low: 7889231
 unmanaged.space: could not connect to host
 unplugg3r.dk: could not connect to host
 unravel.ie: could not connect to host
@@ -8317,17 +8437,16 @@ uporoops.com: could not connect to host
 uprotect.it: could not connect to host
 upstats.eu: could not connect to host
 uptic.net: did not receive HSTS header
 ur-lauber.de: did not receive HSTS header
 urandom.eu.org: did not receive HSTS header
 urban-garden.lt: could not connect to host
 urban-garden.lv: could not connect to host
 urbanfi.sh: did not receive HSTS header
-urbanstylestaging.com: did not receive HSTS header
 urbpic.com: could not connect to host
 urlchomp.com: did not receive HSTS header
 urphp.com: could not connect to host
 us-immigration.com: did not receive HSTS header
 usaab.org: did not receive HSTS header
 usafuelservice.com: did not receive HSTS header
 usbirthcertificate.com: did not receive HSTS header
 usbtypeccompliant.com: could not connect to host
@@ -8459,16 +8578,17 @@ villasenor.online: did not receive HSTS 
 villenvinkit.com: did not receive HSTS header
 viltsu.net: did not receive HSTS header
 vinasec.se: could not connect to host
 vincentkooijman.at: did not receive HSTS header
 vincentkooijman.nl: did not receive HSTS header
 vinciconps4.it: could not connect to host
 vinsetchampagne.fr: did not receive HSTS header
 vintageheartcoffee.com: did not receive HSTS header
+vinzite.com: did not receive HSTS header
 vio.no: did not receive HSTS header
 violenceinterrupted.org: did not receive HSTS header
 viperdns.com: could not connect to host
 viphospitality.se: could not connect to host
 vipmusic.ga: could not connect to host
 vipnettikasinoklubi.com: could not connect to host
 viral8.jp: could not connect to host
 virginiacrimeanalysisnetwork.org: did not receive HSTS header
@@ -8488,27 +8608,26 @@ vitta.me: did not receive HSTS header
 viva-french.com: did not receive HSTS header
 vivasports.com.br: could not connect to host
 vivocloud.com: could not connect to host
 vizeat.com: did not receive HSTS header
 vizional.com: max-age too low: 0
 vjeff.com: could not connect to host
 vlastimilburian.cz: did not receive HSTS header
 vlora.city: could not connect to host
+vlsk.eu: did not receive HSTS header
 vlvvl.com: did not receive HSTS header
 vm0.eu: did not receive HSTS header
 vmrdev.com: could not connect to host
 voceinveste.com: did not receive HSTS header
-vogler.name: did not receive HSTS header
 voicesuk.co.uk: did not receive HSTS header
 voidserv.net: could not connect to host
 volcrado.com: did not receive HSTS header
 voliere-info.nl: did not receive HSTS header
 volkden.com: could not connect to host
-voltotc.com: did not receive HSTS header
 vonavy-cukor.sk: could not connect to host
 vonavycukor.sk: could not connect to host
 vooreenveiligthuis.nl: did not receive HSTS header
 voorjou.com: did not receive HSTS header
 vorangerie.com: could not connect to host
 vortexhobbies.com: did not receive HSTS header
 vosjesweb.nl: could not connect to host
 vox.vg: did not receive HSTS header
@@ -8577,17 +8696,16 @@ warped.com: did not receive HSTS header
 warrencreative.com: did not receive HSTS header
 warsentech.com: could not connect to host
 warsh.moe: did not receive HSTS header
 watchium.com: did not receive HSTS header
 waterforlife.net.au: did not receive HSTS header
 waterpoint.com.br: could not connect to host
 watersportmarkt.net: did not receive HSTS header
 watsonhall.uk: could not connect to host
-wattechweb.com: did not receive HSTS header
 wave.is: could not connect to host
 wavefloatrooms.com: did not receive HSTS header
 wavefrontsystemstech.com: could not connect to host
 we-bb.com: could not connect to host
 wear2work.nl: did not receive HSTS header
 weaverhairextensions.nl: could not connect to host
 web-industry.fr: could not connect to host
 web-insider.net: could not connect to host
@@ -8604,26 +8722,31 @@ webdesign-kronberg.de: did not receive H
 webdev.mobi: could not connect to host
 webeconomia.it: did not receive HSTS header
 webelement.sk: did not receive HSTS header
 weberjulia.com: could not connect to host
 webfronten.dk: did not receive HSTS header
 webhosting4.net: did not receive HSTS header
 webhostingpros.ml: could not connect to host
 webies.ro: did not receive HSTS header
+webjobposting.com: did not receive HSTS header
 webm.to: could not connect to host
 webmail.mayfirst.org: did not receive HSTS header
 webmaniabr.com: did not receive HSTS header
 webmarketingfestival.it: did not receive HSTS header
 webninja.work: could not connect to host
 webnosql.com: could not connect to host
 webperformance.ru: could not connect to host
+webpostingmart.com: did not receive HSTS header
+webpostingpro.com: did not receive HSTS header
+webpostingreviews.com: did not receive HSTS header
 webproshosting.tk: could not connect to host
 webpublica.pt: could not connect to host
 webrebels.org: could not connect to host
+websandbox.uk: did not receive HSTS header
 webstationservice.fr: could not connect to host
 webstellung.com: max-age too low: 43200
 webstory.xyz: did not receive HSTS header
 webswitch.io: could not connect to host
 webtechgadgetry.com: could not connect to host
 webtiles.co.uk: could not connect to host
 webtobesocial.de: could not connect to host
 webuni.hu: did not receive HSTS header
@@ -8680,16 +8803,17 @@ whiterabbit.org: did not receive HSTS he
 whiterabbitcakery.com: could not connect to host
 whitestagforge.com: did not receive HSTS header
 whoclicks.net: could not connect to host
 whoisapi.online: could not connect to host
 wholebites.com: max-age too low: 7889238
 whoneedstobeprimaried.today: could not connect to host
 whoshotya.de: did not receive HSTS header
 whysuck.com: could not connect to host
+widenews.org: did not receive HSTS header
 wienholding.at: max-age too low: 0
 wieninternational.at: did not receive HSTS header
 wificafehosting.com: did not receive HSTS header
 wifimapa.cz: could not connect to host
 wiiforum.no: did not receive HSTS header
 wiire.me: could not connect to host
 wikiclash.info: could not connect to host
 wikipeter.nl: did not receive HSTS header
@@ -8937,17 +9061,16 @@ yameveo.com: did not receive HSTS header
 yanwh.xyz: did not receive HSTS header
 yaoidreams.com: did not receive HSTS header
 yaporn.tv: did not receive HSTS header
 yard-fu.com: could not connect to host
 yardbird.us: could not connect to host
 yarnhookup.com: did not receive HSTS header
 yasinaydin.net: did not receive HSTS header
 yasutomonodokoiko.com: did not receive HSTS header
-ybresson.com: could not connect to host
 ycc.wtf: could not connect to host
 ycm2.wtf: could not connect to host
 ydy.jp: could not connect to host
 yello.website: could not connect to host
 yenniferallulli.com: could not connect to host
 yenniferallulli.de: could not connect to host
 yenniferallulli.es: did not receive HSTS header
 yenniferallulli.moda: could not connect to host
@@ -8980,16 +9103,17 @@ yooooex.com: did not receive HSTS header
 yoru.me: did not receive HSTS header
 youcontrol.ru: could not connect to host
 youfencun.com: did not receive HSTS header
 youlog.net: could not connect to host
 youngandunited.nl: did not receive HSTS header
 youon.tokyo: could not connect to host
 yourbapp.ch: could not connect to host
 yourcomputer.expert: did not receive HSTS header
+yourhair.net: did not receive HSTS header
 yoursecondphone.co: could not connect to host
 yourstrongbox.com: could not connect to host
 ypiresia.fr: could not connect to host
 ytcuber.xyz: could not connect to host
 ytvwld.de: did not receive HSTS header
 yu7.jp: did not receive HSTS header
 yudan.com.br: could not connect to host
 yufan.me: did not receive HSTS header
@@ -9017,16 +9141,17 @@ zahyantechnologies.com: could not connec
 zakoncontrol.com: did not receive HSTS header
 zamorano.edu: could not connect to host
 zamos.ru: max-age too low: 0
 zaneweb.org: could not connect to host
 zao.fi: could not connect to host
 zaoshanghao-dajia.rhcloud.com: could not connect to host
 zap.yt: did not receive HSTS header
 zarooba.com: could not connect to host
+zary.me: did not receive HSTS header
 zavca.com: did not receive HSTS header
 zbigniewgalucki.eu: did not receive HSTS header
 zcon.nl: could not connect to host
 zdravotnickasluzba.eu: could not connect to host
 zdrowiepaleo.pl: did not receive HSTS header
 zebrababy.cn: could not connect to host
 zebry.nl: could not connect to host
 zecrypto.com: could not connect to host
--- a/security/manager/ssl/nsSTSPreloadList.inc
+++ b/security/manager/ssl/nsSTSPreloadList.inc
@@ -3,17 +3,17 @@
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 /*****************************************************************************/
 /* This is an automatically generated file. If you're not                    */
 /* nsSiteSecurityService.cpp, you shouldn't be #including it.     */
 /*****************************************************************************/
 
 #include <stdint.h>
-const PRTime gPreloadListExpirationTime = INT64_C(1520533710030000);
+const PRTime gPreloadListExpirationTime = INT64_C(1520620198829000);
 %%
 0-1.party, 1
 0.me.uk, 1
 00001.am, 1
 00002.am, 1
 0005pay.com, 1
 0010100.net, 1
 00220022.net, 1
@@ -277,17 +277,16 @@ 365healthworld.com, 1
 365maya.com, 1
 365skulls.com, 1
 3778vip.com, 1
 379700.com, 1
 38888msc.com, 1
 38blog.com, 1
 393335.ml, 1
 398.info, 1
-3ags.de, 1
 3bakayottu.com, 1
 3bigking.com, 1
 3c-d.de, 1
 3chat.org, 1
 3circlefunding.ch, 1
 3countiescastlehire.co.uk, 1
 3cs.ch, 1
 3dm.audio, 1
@@ -345,17 +344,16 @@ 4dbygg.se, 1
 4decor.org, 1
 4freepress.com, 1
 4g-server.eu, 0
 4garage.com.br, 1
 4host.ch, 1
 4hvac.com, 1
 4loc.us, 1
 4mm.org, 1
-4mybaby.ch, 1
 4plebs.moe, 1
 4project.co.il, 1
 4share.tv, 1
 4sics.se, 1
 4th-ave-studio.com, 1
 4u.services, 1
 4u2ore.net, 1
 4vf.de, 1
@@ -963,17 +961,16 @@ agourahillselectrical.com, 1
 agowa.eu, 1
 agowa338.de, 1
 agrarking.com, 1
 agrarking.de, 1
 agrarshop4u.de, 1
 agrekov.ru, 1
 agreor.com, 1
 agridir.site, 1
-agrikulturchic.com, 1
 agrilinks.org, 1
 agrios.de, 1
 agroglass.com.br, 1
 agroline.by, 1
 agroyard.com.ua, 1
 agsb.ch, 1
 agung-furniture.com, 1
 agwa.name, 1
@@ -1005,17 +1002,16 @@ aicial.com, 1
 aid-web.ch, 1
 aidanmontare.net, 1
 aide-valais.ch, 1
 aiden.link, 1
 aidhan.net, 1
 aidikofflaw.com, 1
 aie.de, 1
 aiesecarad.ro, 1
-aiforsocialmedia.com, 1
 aigcev.org, 1
 aiicy.org, 1
 aiida.se, 1
 aijsk.com, 1
 aikenorganics.com, 1
 aikenpromotions.com, 1
 aikido-club-limburg.de, 1
 aikido-linz.at, 1
@@ -1085,26 +1081,26 @@ akdigitalegesellschaft.de, 0
 akelius.de, 0
 akhras.at, 1
 akiba-server.info, 1
 akihito.com, 1
 akijo.de, 1
 akita-boutique.com, 1
 akita-stream.com, 1
 akkbouncycastles.co.uk, 1
+akoch.net, 1
 akostecki.de, 1
 akovana.com, 1
 akoww.de, 1
 akoya.fi, 1
 akpwebdesign.com, 1
 akr.io, 1
 akritikos.info, 1
 akropolis-ravensburg.de, 1
 akselinurmio.fi, 1
-akstudentsfirst.org, 1
 aktiv-naturheilmittel.at, 1
 aktiv-naturheilmittel.ch, 1
 aktiv-naturheilmittel.de, 1
 aktivace.eu, 1
 aktivierungscenter.de, 1
 akul.co.in, 1
 akutun.cl, 1
 akvorrat.at, 1
@@ -1216,17 +1212,16 @@ aliacraft.net, 1
 aliantsoft.pl, 1
 alibangash.com, 1
 alibip.de, 1
 alice-noutore.com, 1
 alicestudio.it, 1
 alicetone.net, 1
 alicialab.org, 1
 alien.bz, 1
-alienation.biz, 1
 alienstat.com, 1
 alignrs.com, 1
 alilialili.ga, 1
 alinasmusicstudio.com, 1
 alinode.com, 1
 alisonisrealestate.com, 1
 alisonlitchfield.com, 1
 alistairpialek.com, 1
@@ -1420,17 +1415,16 @@ amelandadventure.nl, 1
 americafamilylawcenter.org, 1
 american.dating, 1
 americanbio.com, 1
 americandistribuidora.com, 1
 americanfoundationbr.com, 1
 americanmediainstitute.com, 1
 americanoutlawjeepparts.com, 1
 americansforcommunitydevelopment.org, 1
-americansportsinstitute.org, 1
 americasbasementcontractor.com, 1
 americkykongres.cz, 1
 amerigroup.com, 1
 amerimarkdirect.com, 1
 amerimex.cc, 1
 amesvacuumrepair.com, 1
 amethystcards.co.uk, 1
 amethystdevelopment.co.uk, 1
@@ -1771,17 +1765,16 @@ apertis.org, 1
 aperture-laboratories.science, 1
 aperturesciencelabs.de, 1
 apervita.net, 1
 apexitsolutions.ca, 1
 aphelionentertainment.com, 1
 aphotrax.eu, 1
 api-connect.com, 1
 api-geek.com, 1
-api.intercom.io, 1
 api.lookout.com, 0
 api.recurly.com, 1
 api.simple.com, 0
 api.xero.com, 0
 apiary.blog, 1
 apiary.clothing, 1
 apiary.shop, 1
 apiary.store, 1
@@ -2270,17 +2263,16 @@ atomicbounce.co.uk, 1
 atomism.com, 1
 atorcidabrasileira.com.br, 1
 atplonline.co, 1
 atracaosexshop.com.br, 1
 atraining.ru, 1
 atraverscugy.ch, 1
 atrinik.org, 1
 atte.fi, 1
-attendantdesign.com, 1
 attilagyorffy.com, 1
 attilavandervelde.nl, 1
 attitudes-bureaux.fr, 1
 attogtech.com, 1
 attorney.org.il, 1
 attwood.org, 1
 atulhost.com, 1
 atviras.lt, 0
@@ -2454,17 +2446,16 @@ awin.la, 1
 awk.tw, 1
 awksolutions.com, 1
 awningsaboveus.com, 1
 awomaninherprime.com, 1
 awsmdev.de, 1
 ax25.org, 1
 axel-fischer.net, 1
 axel-fischer.science, 1
-axelteichmann.net, 1
 axem.co.jp, 1
 axialsports.com, 1
 axiomer.com, 1
 axiomer.es, 1
 axiomer.eu, 1
 axiomer.me, 1
 axiomer.net, 1
 axiomer.org, 1
@@ -2711,17 +2702,16 @@ barracuda.com.tr, 1
 barrera.io, 1
 barrett.ag, 1
 barriofut.com, 1
 bars.kh.ua, 1
 barsashop.com.br, 1
 barslecht.com, 1
 barslecht.nl, 1
 barta.me, 1
-bartbania.com, 1
 bartel.ws, 1
 bartelt.name, 1
 bartlamboo.nl, 1
 bartula.de, 1
 bartzutow.xyz, 1
 baruch.me, 1
 bas.co.jp, 1
 bascht.com, 1
@@ -2876,16 +2866,17 @@ bedandbreakfasteuropa.com, 1
 bedfordnissanparts.com, 1
 bedlingtonterrier.com.br, 1
 bedouille.com, 1
 bedrocklinux.org, 1
 bee-line.org.uk, 1
 bee.clothing, 1
 bee.supply, 1
 bee.tools, 1
+beehive.govt.nz, 1
 beehive42.com, 1
 beehive42.eu, 1
 beehive42.net, 1
 beehive42.nl, 1
 beehive42.org, 1
 beehosting.pro, 1
 beekbier.nl, 1
 beekeeper.blog, 1
@@ -2920,17 +2911,16 @@ begabungsfoerderung.info, 1
 begbie.com, 1
 beginner.nl, 1
 behamzdarma.cz, 1
 behoerden-online-dienste.de, 1
 beijing.dating, 1
 beijinglug.club, 1
 beinad.com, 1
 beinad.ru, 1
-beingmad.org, 1
 belacapa.com.br, 1
 belanglos.de, 1
 belani.eu, 1
 belarto.be, 1
 belarto.de, 1
 belarto.es, 1
 belarto.fr, 1
 belarto.it, 1
@@ -3227,17 +3217,16 @@ biergaizi.info, 1
 bierochs.org, 1
 bieser.ch, 1
 biester.pro, 1
 big-andy.co.uk, 1
 big-bounce.co.uk, 1
 big-fluglaerm-hamburg.de, 1
 bigbluedoor.net, 1
 bigbouncebouncycastles.co.uk, 1
-bigbounceentertainment.co.uk, 1
 bigbouncetheory.co.uk, 1
 bigbounceuk.com, 1
 bigclassaction.com, 1
 bigcorporateevents.com, 1
 bigdinosaur.org, 1
 bigerbio.com, 1
 bigfunbouncycastles.com, 1
 biggreenexchange.com, 1
@@ -3352,17 +3341,16 @@ birdymanbestreviews.com, 1
 birgit-rydlewski.de, 1
 birkengarten.ch, 1
 birkhoff.me, 1
 birminghamcastlehire.co.uk, 1
 birminghamsunset.com, 1
 birthdaytip.com, 1
 birthmatters.us, 1
 birzan.org, 1
-biscoint.io, 1
 biscuits-rec.com, 1
 biscuits-shop.com, 1
 bismarck-tb.de, 1
 bison.co, 1
 bissalama.org, 1
 bistrocean.com, 1
 biswas.me, 1
 bit-cloud.de, 1
@@ -3544,16 +3532,17 @@ blankersfamily.com, 1
 blastentertainment.com.au, 1
 blastersklan.com, 1
 blastzoneentertainments.co.uk, 1
 blaudev.es, 1
 blauerhunger.de, 1
 blayne.me, 1
 blayneallan.com, 1
 blazeit.io, 1
+blazor.nl, 1
 bleaching-tipps.de, 1
 bleche-onlineshop.de, 1
 blechinger.io, 1
 blechpirat.name, 1
 blechschmidt.saarland, 1
 blenderrecipereviews.com, 1
 blendle.com, 1
 blendle.nl, 1
@@ -4093,17 +4082,16 @@ breeyn.com, 1
 brefy.com, 1
 brege.org, 1
 bregnedalsystems.dk, 1
 breitbild-beamer.de, 1
 brejoc.com, 1
 brendanscherer.com, 1
 brentacampbell.com, 1
 brentnewbury.com, 1
-bress.cloud, 1
 bressier.fr, 1
 bretcarmichael.com, 1
 brettabel.com, 1
 brettcornwall.com, 1
 brettelliff.com, 1
 brettpemberton.xyz, 1
 bretz-hufer.de, 1
 bretzner.fr, 1
@@ -4747,17 +4735,16 @@ carringtonrealtygroup.com, 1
 carson-aviation-adventures.com, 1
 carsten.pw, 1
 carstenfeuls.de, 1
 carterorland.com, 1
 cartesentreprises-unicef.fr, 1
 carthedral.com, 1
 carto.la, 1
 cartooncastles.ie, 1
-cartoonhd.cc, 1
 cartouche24.eu, 1
 cartucce24.it, 1
 carusorealestate.com, 1
 casa-due-pur.com, 1
 casa-due-pur.de, 1
 casa-due.com, 1
 casa-mea-inteligenta.ro, 1
 casa-su.casa, 1
@@ -5052,17 +5039,16 @@ changesfor.life, 1
 changethislater.com, 1
 chanissue.com, 0
 channeladam.com, 1
 channelcards.com, 1
 channellife.asia, 1
 channellife.co.nz, 1
 channellife.com.au, 1
 chanoyu-gakkai.jp, 1
-chanshiyu.com, 1
 chantalguggenbuhl.ch, 1
 chanz.com, 1
 chaos-inc.de, 1
 chaos.run, 1
 chaoscastles.co.uk, 1
 chaoschemnitz.de, 1
 chaosdorf.de, 1
 chaosfield.at, 1
@@ -5586,33 +5572,31 @@ closetemail.com, 1
 closingholding.com, 1
 cloud-crowd.com.au, 1
 cloud-surfer.net, 1
 cloud.bugatti, 1
 cloud.fail, 1
 cloud.google.com, 1
 cloud.gov, 1
 cloud2go.de, 1
-cloud42.ch, 1
 cloud9bouncycastlehire.com, 1
 cloudapps.digital, 1
 cloudbased.info, 1
 cloudbasedsite.com, 1
 cloudberlin.goip.de, 1
 cloudbleed.info, 1
 cloudbolin.es, 1
 cloudbreaker.de, 1
 cloudcaprice.net, 1
 cloudflare.com, 1
 cloudflareonazure.com, 1
 cloudia.org, 1
 cloudily.com, 1
 cloudimproved.com, 1
 cloudkit.pro, 1
-cloudlight.biz, 1
 cloudmigrator365.com, 1
 cloudnote.cc, 1
 cloudopt.net, 0
 cloudoptimizedsmb.com, 1
 cloudoptimus.com, 1
 cloudpagesforwork.com, 1
 cloudpebble.net, 1
 cloudpengu.in, 1
@@ -6162,16 +6146,17 @@ corpulant.coffee, 1
 corpulantcoffee.com, 1
 corpulent.coffee, 1
 corpulentcoffee.com, 1
 correct.horse, 1
 correiodovale.com.br, 1
 corrupted.io, 1
 corsa-b.uk, 1
 cortexitrecruitment.com, 1
+cortisolsupplement.com, 1
 corvus.eu.org, 1
 coryadum.com, 1
 corytyburski.com, 1
 corzntin.fr, 0
 cosirex.com, 1
 cosmeticappraisal.com, 1
 cosmeticasimple.com, 1
 cosmeticos-naturales.com, 1
@@ -6770,17 +6755,16 @@ daniel-stahl.net, 1
 danielalvarez.net, 1
 danielas.boutique, 1
 danielehniss.de, 1
 danielepestilli.com, 1
 danielhochleitner.de, 1
 danieljamesscott.org, 1
 danieljireh.com, 1
 danielkoster.nl, 1
-danielkratz.com, 1
 danielmarquard.com, 1
 danielmoch.com, 1
 danielmostertman.com, 1
 danielmostertman.nl, 1
 danielrozenberg.com, 1
 danielsblog.org, 1
 danielschreurs.com, 1
 danielstach.cz, 1
@@ -6813,17 +6797,16 @@ danskringsporta.be, 1
 dantransports.fr, 1
 danw.io, 1
 danwin1210.me, 1
 danyabanya.com, 1
 dao.spb.su, 1
 daoro.net, 1
 daphne.informatik.uni-freiburg.de, 1
 daracokorilo.com, 1
-darbi.org, 1
 darbtech.net, 1
 darc-mak.de, 1
 darchoods.net, 0
 darcymarshall.com, 1
 daren.com.br, 1
 dareyou.be, 1
 darinkotter.com, 1
 darioackermann.ch, 1
@@ -6980,17 +6963,16 @@ dawson-floridavilla.co.uk, 1
 day-peak.com, 1
 day.vip, 1
 daylightpirates.org, 1
 dayman.net, 0
 days.one, 1
 daysoftheyear.com, 1
 db-sanity.com, 1
 db-works.nl, 1
-dbapress.org, 1
 dbaron.org, 1
 dbas.cz, 1
 dbcom.ru, 1
 dbdc.us, 1
 dbentertainment.co.uk, 1
 dbgamestudio.com, 1
 dblcastles.co.uk, 1
 dbldub.net, 1
@@ -7116,17 +7098,16 @@ deep.club, 1
 deeparamaraj.com, 1
 deepbluecrafting.co.uk, 1
 deepcreampie.com, 1
 deephill.com, 1
 deeprecce.com, 1
 deepserve.info, 1
 deepsouthsounds.com, 1
 deepspace.dedyn.io, 1
-deepvalley.tech, 1
 deepvision.com.ua, 1
 deepzz.com, 1
 deer.team, 1
 deezeno.com, 1
 def-pos.ru, 1
 defendas.com, 1
 defender-pro.com, 1
 defendinnovation.org, 1
@@ -7166,16 +7147,17 @@ deinfoto.ch, 1
 deitti.net, 1
 dejan.media, 1
 dejandayoff.com, 1
 dejure.org, 1
 dejw.cz, 1
 dekasiba.com, 1
 delahrzolder.nl, 1
 delbecqvo.be, 1
+delbrouck.ch, 1
 deleidscheflesch.nl, 1
 delfic.org, 1
 delhionlinegifts.com, 1
 deliandiver.org, 1
 deliberatedigital.com, 1
 deliciisanatoase.ro, 1
 deliciousmedia.co.uk, 1
 delicioustable.com, 1
@@ -7802,17 +7784,16 @@ doctor.dating, 1
 doctorfox.co.uk, 1
 doctorsonmaps.com, 1
 doctorwho.cz, 1
 docubox.info, 1
 docucopies.com, 1
 doculus.io, 1
 documaniatv.com, 1
 docupet.com, 1
-doenjoylife.com, 1
 does.one, 1
 doesnotscale.com, 1
 dofuspvp.com, 1
 dog-blum.com, 1
 dogan.ch, 0
 dogcratereview.info, 1
 dogear.ch, 1
 dogft.com, 1
@@ -7932,17 +7913,16 @@ dormiu.com, 1
 dormiu.com.br, 1
 dorquelle.com, 1
 dorsetentertainments.co.uk, 1
 dosenkiwi.at, 1
 dosipe.com, 1
 doska.by, 1
 doska.kz, 1
 doska.ru, 1
-dosomeworks.biz, 1
 dossplumbing.co.za, 1
 dostavkakurierom.ru, 1
 dosvientoselectrical.com, 1
 dosyauzantisi.com, 1
 dot.ro, 1
 dotacni-parazit.cz, 1
 dotbigbang.com, 1
 dotbox.org, 1
@@ -8016,17 +7996,16 @@ dragonheartsrpg.com, 1
 dragonkin.net, 1
 dragonschool.org, 1
 dragonwork.me, 1
 drahcro.uk, 1
 drainagebuizen.nl, 0
 drakeluce.com, 1
 drakenprospero.com, 0
 drakfot.se, 1
-dralexjimenez.com, 1
 dramaticpeople.com, 1
 dranderle.com, 1
 dranek.com, 1
 draugr.de, 1
 drawesome.uy, 1
 drawingcode.net, 1
 drawvesly.ovh, 1
 drbethanybarnes.com, 1
@@ -8223,17 +8202,16 @@ duriaux-dentiste.ch, 1
 durys.be, 1
 dusmomente.com, 1
 dustri.org, 1
 dustycloth.com, 1
 dustygroove.com, 1
 dustyspokesbnb.ca, 1
 dutch.desi, 1
 dutch1.nl, 1
-dutchessuganda.com, 1
 dutchrank.nl, 1
 dutchwanderers.nl, 1
 dutchweballiance.nl, 1
 dutyfreeonboard.com, 1
 duyao.de, 0
 dv189.com, 1
 dvbris.co.uk, 1
 dvbris.com, 1
@@ -8544,17 +8522,16 @@ effective-altruist.com, 1
 effectivecoffee.com, 1
 effectiveosgi.com, 1
 effectivepapers.com, 1
 effex.ru, 1
 effishiency.com, 1
 effizienta.ch, 1
 efflam.net, 1
 eft.boutique, 1
-eftcorp.biz, 1
 egablo.black, 1
 egami.ch, 1
 eganassociates.com.au, 1
 egb.at, 0
 egbert.net, 1
 egeozcan.com, 1
 egfl.org.uk, 1
 egg-ortho.ch, 1
@@ -8988,17 +8965,17 @@ epicvistas.de, 1
 epicwalnutcreek.com, 1
 epilis.gr, 1
 epiphyte.network, 1
 epistas.com, 1
 epistas.de, 1
 epizentrum.work, 1
 epizentrum.works, 1
 epmcentroitalia.it, 1
-epoch.com, 0
+epoch.com, 1
 epolitiker.com, 1
 epos-distributor.co.uk, 1
 eposbirmingham.co.uk, 1
 eposbrighton.co.uk, 1
 eposbristol.co.uk, 1
 eposcardiff.co.uk, 1
 eposcloud.net, 1
 eposkent.co.uk, 1
@@ -9656,42 +9633,41 @@ fantasticpestcontrolmelbourne.com.au, 1
 fantasycastles.co.uk, 1
 fantasyescortsbirmingham.co.uk, 1
 fantasypartyhire.com.au, 1
 fantasyspectrum.com, 1
 fantopia.club, 1
 fanvoice.com, 1
 fanyue123.tk, 1
 fanz.pro, 1
-fanzlive.com, 1
 fap.no, 1
 faq.ie, 1
 faq.lookout.com, 0
 fara.gov, 1
 faraslot8.com, 1
 faraslot8.net, 1
 farcecrew.de, 1
 faretravel.co.uk, 1
 farfallapets.com.br, 1
 farfetchos.com, 1
 fargtorget.se, 1
+farhadexchange.com, 1
 farhood.org, 1
 farid.is, 1
 farkas.bz, 1
 farm24.co.uk, 1
 farmacia.pt, 1
 farmaciaformula.com.br, 1
 farmacialaboratorio.it, 1
 farmer.dating, 1
 farmkazuto.com, 1
 faroes.net, 1
 faroes.org, 1
 farrel-f.id, 1
 farsil.eu, 1
-fascia.fit, 1
 fasdoutreach.ca, 1
 fashion4ever.pl, 1
 fashiondock.de, 0
 fashionoutfits24.com, 1
 fashionunited.be, 1
 fashionunited.cl, 1
 fashionunited.com, 1
 fashionunited.com.ar, 1
@@ -10064,16 +10040,17 @@ fixthetimeline.org, 1
 fixvoltage.ru, 1
 fizz.buzz, 0
 fj.search.yahoo.com, 0
 fj.simple.com, 0
 fjharcu.com, 1
 fjugstad.com, 1
 fkcdn.de, 1
 fkfev.de, 1
+fktpm.ru, 1
 fl0000.com, 1
 fl010.com, 1
 fl0111.com, 1
 fl0222.com, 1
 fl0333.com, 1
 fl0555.com, 1
 fl0666.com, 1
 fl0777.com, 1
@@ -10240,17 +10217,16 @@ foia.gov, 1
 fokan.be, 1
 fokan.ch, 1
 fokkusu.fi, 1
 fol.tf, 1
 foliekonsulenten.dk, 1
 folioapp.io, 1
 foljeton.dk, 1
 folkadelic.de, 1
-folkfests.org, 1
 follandviolins.com, 1
 followerrocket.com, 1
 followersya.com, 1
 followthatpage.com, 1
 folv.es, 1
 fondanastasia.ru, 1
 fondationwiggli.ch, 1
 fondy.eu, 1
@@ -11070,17 +11046,16 @@ genetargetsolutions.com.au, 1
 genetidyne.com, 1
 geneve-naturisme.ch, 1
 geneve.guide, 1
 genevoise-entretien.ch, 1
 genfaerd.dk, 1
 genia-life.de, 1
 genie-seiner-generation.de, 1
 geniusteacher.in, 1
-geniuszone.biz, 1
 genneve.com, 1
 genomequestlive.com, 1
 genoog.com, 1
 genosse-einhorn.de, 1
 gensend.com, 1
 genshiken-itb.org, 1
 genslerapps.com, 1
 genslerwisp.com, 1
@@ -11228,17 +11203,16 @@ ggx.us, 1
 gh16.com.ar, 1
 gha.st, 1
 ghaglund.se, 1
 ghcif.de, 1
 ghi.gov, 1
 ghislainphu.fr, 1
 ghostblog.info, 1
 ghrelinblocker.info, 1
-ghrelinblocker.org, 1
 ghuntley.com, 1
 giacomodrago.com, 1
 giacomodrago.it, 1
 giacomopelagatti.it, 1
 gianproperties.com, 1
 giant-panda.com, 1
 giant-powerfit.co.uk, 1
 giant-tortoise.com, 1
@@ -11308,17 +11282,16 @@ gittigidiyor.com, 1
 gittr.ch, 1
 giunchi.net, 1
 giuseppemacario.men, 1
 givastar.com, 1
 giveattheoffice.org, 0
 giveme.online, 1
 given2.com, 1
 giverang.com, 1
-givesunlight.com, 1
 givingnexus.org, 0
 gix.net.pl, 1
 gixtools.co.uk, 1
 gixtools.com, 1
 gixtools.net, 1
 gixtools.uk, 1
 gizmo.ovh, 1
 gj-bochum.de, 1
@@ -11429,16 +11402,17 @@ goanalyse.co.uk, 1
 goapunks.net, 1
 goatcloud.com, 1
 gobouncy.co.uk, 1
 gobouncy.com, 1
 gocardless.com, 1
 gochu.se, 1
 gocleanerslondon.co.uk, 1
 godesigner.ru, 1
+godrealms.com, 1
 godrive.ga, 1
 godsofhell.com, 1
 godsofhell.de, 1
 goededoelkerstkaarten.nl, 1
 goedverzekerd.net, 1
 goemail.me, 1
 goerres2014.de, 1
 goetemp.de, 1
@@ -11478,17 +11452,16 @@ gondawa.com, 1
 gongjianwei.com, 1
 gongjuhao.com, 1
 gonkar.com, 1
 gonx.dk, 1
 goo.gl, 1
 good-tips.pro, 1
 gooday.life, 1
 goodfeels.net, 1
-goodfurday.ca, 1
 goodmengroup.de, 1
 goods-memo.net, 1
 goodsex4all.com.br, 1
 goodvibesblog.com, 1
 google, 1
 google-analytics.com, 1
 google.ax, 1
 googleandroid.cz, 1
@@ -11823,17 +11796,16 @@ guinea-pig.co, 1
 guineapigmustach.es, 1
 gulenbase.no, 1
 gulfstream.ru, 1
 gulleyperformancecenter.com, 1
 gume4you.com, 1
 gumi.ca, 1
 gummibande.noip.me, 1
 gunhunter.com, 1
-guniram.com, 1
 gunwatch.co.uk, 1
 guphi.net, 0
 gurkan.in, 1
 gurmel.ru, 1
 gurochan.ch, 1
 guru-naradi.cz, 1
 gurueffect.com, 1
 gus.host, 1
@@ -12816,17 +12788,16 @@ hozinga.de, 1
 hp-work.net, 1
 hp42.de, 1
 hpac-portal.com, 1
 hpbn.co, 1
 hpeditor.tk, 1
 hpisavageforum.com, 1
 hpkp-faq.de, 1
 hpnow.com.br, 1
-hqhost.net, 0
 hqq.tv, 1
 hqwebhosting.tk, 1
 hr98.tk, 1
 hrabogados.com, 1
 hraesvelg.net, 1
 hranicka.cz, 1
 hrbatypes.cz, 1
 hrdns.de, 0
@@ -12877,16 +12848,17 @@ httpswatch.ca, 1
 httpswatch.com, 1
 httptest.net, 1
 hu.search.yahoo.com, 0
 hua-in.com, 1
 huagati.com, 1
 huahinpropertylisting.com, 1
 huang.nu, 1
 huangguancq.com, 1
+huangjingjing.com, 1
 huangzenghao.cn, 1
 huangzenghao.com, 1
 huaxueba.com, 1
 huberulrich.de, 1
 hubok.net, 1
 huchet.me, 1
 hudhaifahgoga.co.za, 1
 hudingyuan.cn, 1
@@ -13062,17 +13034,16 @@ ibrom.eu, 1
 ibron.co, 0
 ibsafrica.co.za, 1
 ibsglobal.co.za, 1
 ic-lighting.com.au, 1
 ic3.gov, 1
 icafecash.com, 1
 icanhasht.ml, 1
 icarlos.net, 1
-icasnetwork.com, 1
 icbemp.gov, 1
 iccpublisher.com, 1
 icebat.dyndns.org, 1
 iceberg.academy, 1
 icebound.cc, 1
 icebound.win, 1
 icecars.net, 1
 iceloch.com, 1
@@ -13122,17 +13093,17 @@ idcrane.com, 1
 iddconnect.com, 1
 iddconnect.org, 1
 ideadozz.hu, 1
 idealinflatablehire.co.uk, 1
 idealtruss.com, 1
 idealtruss.com.tw, 1
 idealwhite.space, 1
 ideashop.com, 1
-ideaweb.de, 0
+ideaweb.de, 1
 ideaweblab.com, 0
 idemo.in, 1
 idensys.nl, 1
 identifyme.net, 1
 identity-hash.online, 1
 identitytheft.gov, 1
 idexxpublicationportal.com, 1
 idgard.de, 1
@@ -14103,17 +14074,16 @@ jaba.hosting, 1
 jabbas.eu, 1
 jabber.at, 1
 jabberfr.org, 1
 jabberzac.org, 1
 jaberg-rutschi.ch, 1
 jabergrutschi.ch, 1
 jability.ovh, 1
 jabjab.de, 1
-jaccblog.com, 1
 jacekowski.org, 1
 jackdawphoto.co.uk, 1
 jackdelik.de, 1
 jackf.me, 1
 jackingramnissanparts.com, 1
 jackpothappy.com, 1
 jackrusselterrier.com.br, 1
 jackyliao123.tk, 1
@@ -14603,16 +14573,17 @@ jonathandowning.uk, 0
 jonathandupree.com, 1
 jonathanmassacand.ch, 1
 jonathanreyes.com, 1
 jonathansanchez.pro, 1
 jonathanwisdom.com, 1
 jondevin.com, 1
 jonesborostatebank.com, 0
 jonferwerda.net, 1
+jonfor.net, 1
 jongbloed.nl, 1
 jongcs.com, 1
 jonilar.com, 1
 jonirrings.com, 1
 jonkermedia.nl, 1
 jonlabelle.com, 1
 jonnybarnes.uk, 1
 jonnystoten.com, 1
@@ -14831,17 +14802,16 @@ justinellingwood.com, 1
 justinharrison.ca, 1
 justinho.com, 1
 justmy.website, 1
 justnu.se, 1
 justpaste.it, 1
 justupdate.me, 1
 justyy.com, 1
 justzz.xyz, 1
-jutlander-netbank.dk, 1
 jutlander.dk, 1
 juventusclublugano.ch, 1
 juventusmania1897.com, 1
 juwelierstoopman.nl, 1
 juzgalo.com, 1
 jva-wuerzburg.de, 1
 jvanerp.nl, 1
 jvbouncycastlehire.co.uk, 1
@@ -14967,16 +14937,17 @@ kanmitao.com, 1
 kanna.cf, 1
 kannchen.de, 1
 kanotijd.nl, 1
 kantankye.nl, 1
 kantanmt.com, 1
 kantorad.io, 1
 kantorkita.net, 1
 kantorosobisty.pl, 1
+kanuvu.de, 1
 kanzashi.com, 1
 kanzlei-sixt.de, 1
 kanzshop.com, 1
 kaomojis.net, 1
 kap-genial.de, 1
 kapo.info, 1
 kappit.dk, 1
 kapseli.net, 1
@@ -15180,17 +15151,16 @@ kerem.xyz, 1
 kerforhome.com, 1
 kerijacoby.com, 1
 kernel-error.de, 1
 kernelpanics.nl, 1
 kerp.se, 0
 kerrfrequencycombs.org, 1
 kerstkaart.nl, 1
 kerus.net, 1
-keshausconsulting.com, 1
 kesslerwine.com, 1
 kesteren.com, 1
 kesteren.org, 1
 ketamine.co.uk, 1
 ketosecology.co.uk, 1
 kettner.com, 1
 ketty-voyance.com, 1
 kevinapease.com, 1
@@ -15242,22 +15212,20 @@ khoury-dulla.ch, 1
 khs1994.com, 1
 kiadoapartman.hu, 1
 kiahoriane.com, 1
 kiano.net, 1
 kiapartscenter.net, 1
 kiapartsdepartment.com, 1
 kiapps.ovh, 1
 kibibit.net, 1
-kibriscicek.net, 1
 kick-in.nl, 1
 kickasscanadians.ca, 1
 kickedmycat.com, 1
 kickerplaza.nl, 1
-kickstart.com.pk, 0
 kidbacker.com, 1
 kiddyboom.ua, 1
 kids-at-home.ch, 1
 kids-castles.com, 1
 kidsforsavingearth.org, 1
 kidsinwoods-interfacesouth.org, 1
 kidsmark.net, 1
 kidsneversleep.com, 1
@@ -16472,17 +16440,16 @@ lidong.me, 1
 lidow.eu, 1
 liduan.com, 1
 liduan.net, 1
 liebel.org, 1
 liebestarot.at, 1
 lied8.eu, 1
 liehuojun.com, 1
 lifanov.com, 1
-life-time.nl, 1
 lifebetweenlives.com.au, 1
 lifecism.com, 1
 lifeinhex.com, 1
 lifekiss.ru, 1
 lifemarque.co.uk, 1
 lifematenutrition.com, 1
 lifemstyle.com, 1
 lifenexto.com, 1
@@ -17254,17 +17221,16 @@ magneticattraction.com.au, 1
 magnets.jp, 1
 magnettracker.com, 1
 magnoliadoulas.com, 1
 magnoliasib.ru, 0
 magnoliastrong.com, 1
 magwin.co.uk, 1
 magyarokegyhelyen.hu, 1
 mahai.me, 1
-mahansexcavating.com, 1
 mahatmayoga.org, 1
 mahefa.co.uk, 1
 mahjong.org, 1
 mahrer.net, 1
 maidofhonorcleaning.net, 1
 maiebanatulfruncea.com, 1
 maik-mahlow.de, 1
 mail-rotter.de, 1
@@ -17878,17 +17844,16 @@ media-courses.com, 1
 media-instance.ru, 1
 media-pi.com, 1
 mediaarea.net, 1
 mediablaster.com, 1
 mediaburst.co.uk, 1
 mediadandy.com, 1
 mediadex.be, 1
 mediaexpert.fr, 1
-mediafocus.biz, 1
 mediagenic.ch, 1
 mediagrand.net, 1
 mediajurnal.com, 1
 medialab.nrw, 1
 mediamarkt.pl, 1
 mediapart.fr, 1
 mediaselection.eu, 1
 mediationculturelleclp.ch, 1
@@ -18139,17 +18104,16 @@ metsasta.com, 1
 meu-smartphone.com, 1
 meu-solutions.com, 1
 meulike.us, 1
 meupedido.online, 1
 meusigno.com, 1
 mevo.xyz, 1
 mevs.cz, 1
 mexican.dating, 1
-mexicom.org, 1
 mexior.nl, 1
 meyeraviation.com, 1
 mf-fischer.de, 1
 mfgod.com, 1
 mfiles.pl, 1
 mflodin.se, 1
 mfrsgb45.org, 1
 mft.global, 1
@@ -18705,16 +18669,17 @@ montsaintaignan.fr, 1
 montychristie.com, 1
 moo.la, 1
 moobo.co.jp, 1
 moobo.xyz, 1
 moodfoods.com, 1
 moodzshop.com, 1
 moojp.co.jp, 1
 moonagic.com, 1
+moonchart.co.uk, 1
 moondrop.org, 1
 moonmelo.com, 1
 moonraptor.co.uk, 1
 moonraptor.com, 1
 moonrhythm.info, 1
 moonrhythm.io, 1
 moonshyne.org, 1
 moonvpn.org, 1
@@ -19146,54 +19111,52 @@ mydevolo.com, 1
 mydevolo.de, 1
 mydigitalweek.com, 1
 mydjsongbook.com, 1
 mydmdi.com, 1
 mydocserve.com, 1
 mydreamlifelab.com, 1
 myeberspaecher.com, 1
 myeffect.today, 1
+myepass.bg, 1
 myfantasysportstalk.com, 1
 myfappening.org, 1
 myfedloan.org, 1
 myfirenet.com, 1
 myfloridadeferredcomp.com, 1
 myforfaitmobile.com, 1
 myfreemp3.click, 1
 myfrenchtattoo.fr, 1
 myfunworld.de, 1
 myg21.com, 1
 mygadgetguardian.lookout.com, 0
 mygalgame.com, 1
 mygallery.homelinux.net, 1
 mygaysitges.com, 1
-mygeneral.org, 1
 mygeotrip.com, 1
 mygoldennetwork.com, 1
 mygpsite.com, 1
 mygreatjob.eu, 1
 mygreatjobs.de, 1
 mygretchen.de, 1
 mygrotto.org, 1
 mygymer.ch, 1
 myhealthreviews.com, 1
 myhostname.net, 1
 myimds.com, 1
 myimmitracker.com, 1
 myjumparoo.co.uk, 1
 mykeepsake.xyz, 0
 myki.co, 1
 mykontool.de, 1
-mylatestnews.org, 1
 mylawyer.be, 1
 myleanfactory.de, 1
 mylene-chandelier.me, 1
 mylifeabundant.com, 1
 mylighthost.com, 1
-myliveupdates.com, 1
 mylocalsearch.co.uk, 1
 mylookout.com, 0
 mymadina.com, 1
 mymb.pm, 1
 mymed.de, 1
 mymed.eu, 1
 mymotor.nl, 1
 mymp3singer.co, 1
@@ -19234,17 +19197,16 @@ myownwebinar.com, 1
 mypanier.com, 1
 mypaperwriter.com, 1
 mypayoffloan.com, 1
 myperfumecollection.com, 1
 mypillcard.com, 1
 myplaceonline.com, 1
 mypress.mx, 1
 myprintcard.de, 1
-myproblog.com, 1
 myptsite.com, 1
 mypup.nl, 1
 myrandomtips.com, 1
 myranicol.com, 1
 myrealestatemate.com.au, 1
 myrekber.co.id, 1
 myrent.quebec, 1
 myrepublic.co.id, 1
@@ -19285,23 +19247,19 @@ mythengay.ch, 1
 mythicdelirium.com, 1
 mytraiteurs.com, 1
 mytravelblog.de, 1
 mytripcar.co.uk, 1
 mytripcar.com, 1
 mytripcar.de, 1
 mytripcar.es, 1
 mytripcar.fr, 1
-mytruecare.org, 1
 mytty.net, 1
 mytweeps.com, 1
 myulog.net, 1
-myupdatestar.com, 1
-myupdatestudio.com, 1
-myupdatesystems.com, 1
 myusagepayments.com, 1
 myvacompany.com, 1
 myvirtualserver.com, 1
 myvoipnews.com, 1
 myvpl.com, 1
 mywari.com, 1
 mywebinar.io, 1
 myworkinfo.com, 0
@@ -19723,17 +19681,16 @@ netweaver.uk, 1
 netwerkmanager.nl, 0
 network-notes.com, 1
 network23.nl, 1
 networkersdiary.com, 1
 networking4all.com, 0
 networkingnexus.net, 1
 networkingphoenix.com, 1
 networkmarketingpro.com, 1
-networkposting.com, 1
 networth.at, 1
 netzfrauen.org, 1
 netzspielplatz.de, 1
 netzwerkwerk.de, 1
 neuch.info, 1
 neuflizeobc.net, 1
 neuhaus-city.de, 1
 neurobiology.com, 1
@@ -20181,17 +20138,16 @@ novadermis.es, 1
 novafreixo.pt, 1
 novaopcaofestas.com.br, 1
 novascan.net, 1
 novawave.ca, 1
 novecity.com, 1
 novelabs.eu, 1
 novelfeed.com, 1
 novelinglife.net, 1
-novelshouse.com, 1
 novelvyretraite.fr, 1
 novfishing.ru, 1
 novilaw.com, 1
 novinhabucetuda.com, 1
 novoresume.com, 1
 novtest.ru, 1
 nowcost.com, 1
 nowhere.dk, 1
@@ -20587,17 +20543,16 @@ onefour.ga, 0
 onelawsuit.com, 1
 onemid.net, 1
 onemoonmedia.de, 1
 oneononeonone.de, 1
 oneononeonone.tv, 1
 onestepfootcare.com, 1
 onestopcastles.co.uk, 1
 onetech.it, 1
-onetwentyseven001.com, 1
 oneway.ga, 1
 onewaymail.com, 1
 oneweb.hu, 1
 onewebdev.info, 1
 oneworldbank.com, 1
 onfarma.it, 1
 onguardonline.gov, 1
 onhub1.com, 1
@@ -20984,19 +20939,17 @@ padovani.de, 1
 padrepio.in, 1
 padzilla.com, 1
 paedlink.ca, 1
 paf-events.ch, 1
 pagalworld.la, 1
 pagalworld.me, 1
 page-builders.com, 1
 pageantsnews.com, 1
-pagedesignhub.com, 1
 pagedesignpro.com, 1
-pagedesignshop.com, 1
 pagedesignweb.com, 1
 pagefulloflies.io, 1
 pages-tocaven.com, 1
 pagewizz.com, 0
 pagiamtzis.com, 1
 pagina.com.mx, 1
 paginapolitica.ro, 1
 pagure.io, 1
@@ -21510,17 +21463,16 @@ petelew.is, 1
 peter.org.ua, 1
 peterandjoelle.co.uk, 1
 peterboers.info, 1
 peterdavehello.org, 1
 peterfolta.net, 1
 peterhuetz.at, 1
 peterhuetz.com, 1
 peterjohnson.io, 1
-peterlew.is, 1
 peternagy.ie, 1
 petersontoscano.com, 1
 pethelpers.org, 1
 petite-maison.ch, 1
 petitsfrenchies.com, 1
 petja.me, 0
 petko.me, 1
 petlife.od.ua, 1
@@ -21810,17 +21762,16 @@ pixelcubed.com, 1
 pixelesque.uk, 1
 pixelfou.com, 1
 pixelgliders.de, 1
 pixelminers.net, 1
 pixelpoint.io, 1
 pixelrain.info, 1
 pixelsquared.us, 1
 pixelurbia.com, 1
-pixipics.com, 0
 pixiv.moe, 1
 pixlfox.com, 1
 pizala.de, 1
 pizzabottle.com, 1
 pizzacook.ch, 1
 pizzafest.ddns.net, 1
 pizzagigant.hu, 1
 pizzeria-mehrhoog.de, 1
@@ -21873,17 +21824,16 @@ planlos.net, 1
 planmemberpartners.com, 1
 planningexcellence.com.au, 1
 plant-gift.jp, 1
 plantarum.com.br, 1
 plantastique.ch, 1
 plantastique.com, 1
 planteforum.no, 1
 plantroon.com, 1
-plantrustler.com, 1
 plaque-funeraire.fr, 1
 plassmann.ws, 1
 plasti-pac.ch, 1
 plasticsurgeryartist.com, 1
 plasvilledescartaveis.com.br, 1
 platformadmin.com, 1
 platinumpeek.com, 1
 platomania.nl, 1
@@ -22009,16 +21959,17 @@ podshrink.de, 1
 poe.digital, 1
 poed.com.au, 1
 poed.net.au, 1
 poedgirl.com, 1
 poeg.cz, 1
 pogoswine.com, 1
 pogrebisky.net, 1
 pogs.us, 1
+poinsot.info, 1
 pointaction.com, 1
 pointagri.com, 1
 pointhost.de, 1
 points4unitedway.com, 1
 pointsixtyfive.com, 1
 pointum.com, 1
 poiru.net, 1
 poitiers-ttacc-86.eu.org, 1
@@ -22201,16 +22152,17 @@ powergridess.com, 0
 powermeter.at, 1
 powersergdatasystems.com, 1
 powersergthisisthewebsitefuckyouscott.com, 1
 powersergunited.com, 1
 powersergunited.org, 1
 powersergusercontent.com, 1
 powerwellness-korecki.de, 1
 pozemedicale.org, 1
+pozyczka-bez-zaswiadczen.pl, 1
 pozytywnyplan.pl, 1
 pozzo-balbi.com, 1
 ppipe.net, 1
 ppmathis.ch, 1
 ppmathis.com, 1
 ppmoon.com, 1
 ppoozl.com, 1
 ppro.com, 1
@@ -22483,16 +22435,17 @@ propepper.net, 1
 propershave.com, 1
 properticons.com, 1
 property-catalogue.eu, 1
 propertygroup.pl, 1
 propertyone.mk, 1
 propipesystem.com, 1
 proplan.co.il, 1
 propmag.co, 1
+proposalonline.com, 1
 propr.no, 1
 propseller.com, 1
 proslimdiets.com, 1
 prospanek.cz, 1
 prospo.co, 1
 prostohobby.ru, 1
 prostye-recepty.com, 1
 prot.ch, 1
@@ -22554,16 +22507,17 @@ psb.cloud, 1
 psb1.org, 1
 psb1911.com, 1
 psb4ukr.org, 1
 psbarrett.com, 1
 psc.gov, 1
 pschierl.com, 1
 psdsfn.com, 1
 pseta.ru, 1
+pseudo.coffee, 1
 psicoexpansao.com.br, 1
 psicologoforensebarcelona.com, 1
 psicologoforensemadrid.com, 1
 psicosalud.online, 1
 psm.org.ph, 1
 psncardplus.be, 1
 psncardplus.com, 1
 psncardplus.dk, 1
@@ -22981,16 +22935,17 @@ randc.org, 1
 random-samplings.org, 1
 randomadversary.com, 1
 randombit.eu, 1
 randombits.co.uk, 1
 randomdysfunctions.com, 1
 randomkoalafacts.com, 1
 randomprecision.co.uk, 1
 randomquotesapp.com, 1
+randy.su, 1
 rangde.org, 1
 ranking-deli.jp, 1
 ranos.org, 1
 rantanda.com, 1
 ranzbak.nl, 1
 rapdogg.com, 1
 rapenroer.com, 1
 rapenroer.nl, 1
@@ -23047,17 +23002,16 @@ raymondjcox.com, 0
 rayworks.de, 1
 razberry.kr, 1
 rb-china.net, 1
 rbensch.com, 1
 rbflote.lv, 1
 rbltracker.com, 1
 rbmafrica.co.za, 1
 rbnet.xyz, 1
-rbqcloud.com, 1
 rbran.com, 1
 rbtvshitstorm.is, 1
 rburchell.com, 1
 rbxcatalog.com, 1
 rc-offi.net, 1
 rc-shop.ch, 1
 rc7.ch, 1
 rca.fr, 1
@@ -23104,17 +23058,16 @@ realestateonehowell.com, 1
 realestateradioshow.com, 1
 realfamilyincest.com, 1
 realgarant-shop.de, 0
 realhorsegirls.net, 1
 realhost.name, 1
 realitea.co.uk, 1
 reality.news, 1
 reality0ne.com, 0
-realitycrazy.com, 1
 reallifeforums.com, 1
 realloc.me, 1
 really-simple-ssl.com, 1
 really.ai, 1
 really.io, 1
 reallyreally.io, 1
 realmofespionage.xyz, 1
 realraghavgupta.com, 1
@@ -24667,17 +24620,16 @@ sebastiaperis.com, 1
 sebi.cf, 1
 sebi.org, 1
 sec-mails.de, 1
 sec-research.com, 1
 sec-wiki.com, 1
 sec.ec, 1
 sec.gd, 1
 sec3ure.co.uk, 1
-secanje.nl, 1
 secboom.com, 1
 seccomp.ru, 1
 secctexasgiving.org, 0
 seceye.cn, 1
 secgui.de, 1
 sech.me, 1
 secitem.at, 1
 secitem.de, 1
@@ -24944,17 +24896,16 @@ serw.org, 1
 seryovpn.com, 1
 seryox.com, 1
 sesha.co.za, 1
 sesslerimmo.ch, 1
 setfix.de, 1
 sethcaplan.com, 1
 sethvargo.com, 1
 seti-germany.de, 1
-setkit.net, 1
 settberg.de, 1
 setterirlandes.com.br, 1
 settleapp.co, 1
 setuid0.kr, 1
 setyoursite.nl, 1
 seven-purple.com, 1
 sevencooks.com, 1
 sevenet.pl, 1
@@ -25425,17 +25376,16 @@ simumiehet.com, 1
 simus.fr, 1
 sin-nombre-alleria.de, 1
 sin.swiss, 1
 sinaryuda.web.id, 1
 sinatrafamily.com, 1
 sinefili.com, 1
 sinergy.ch, 1
 sinfield.com, 0
-sinfulforums.net, 1
 singaporemint.com, 1
 singapurfirma.com, 1
 singee.site, 1
 singel.ch, 1
 singerwang.com, 1
 single-in-stuttgart.de, 1
 singles-aus-hamburg.de, 1
 singles-berlin.de, 1
@@ -25511,17 +25461,16 @@ skates.guru, 1
 skatingchina.com, 1
 skatn.de, 1
 skazka.ru, 1
 skday.com, 1
 skeeley.com, 1
 skei.org, 1
 skepticalsports.com, 1
 sketchmyroom.com, 1
-sketchywebsite.net, 1
 skhire.co.uk, 1
 skhoop.cz, 1
 skia.org, 0
 skifairview.com, 1
 skigebiete-test.de, 1
 skiinstructor.services, 1
 skile.ru, 1
 skilldetector.com, 1