import changes from `dev' branch of rmottola/Arctic-Fox:

- Bug 904479 - Added createPromiseWithId() that returns id of resolver r=kanru,nsm (2ac672d882)
- Bug 1166580 - Disable mozHasPendingMessage tests on non-browser platform. r=me (03c689964b)
- Bug 1162281 - Invalid system message handler in an App Manifest can break the entire system. r=fabrice (e192a95f9c)
- Bug 1198988 - Turn off some useless dump() calls r=ferjm (34fc83b236)
- Bug 1164498: Remove |DispatchBluetoothReply|, r=btian (6143335efa)
- Bug 1001757 - Add ability to store core apps outside of profile on desktop b2g; r=fabrice (f6b605e7aa)
- Bug 1155245 - Set the app status correctly for hosted certified apps in developer mode. r=fabrice (131178b80e)
- Bug 1179052 - Add some raptor markers to b2g gecko startup r=gwagner (222256fad8)
- Bug 1163904 - handle -url command line argument. r=fabrice (ee61af1ff9)
- Bug 1167275 - JS error in shell.js handleCmdLine() r=me (32e75c604f)
- Bug 1167197 - Fix GMPProvider on Android r=cpearce Bug 1181209 - Make changes to Gecko needed for b2gdroid to boot. r=fabrice (b35d3a372f)
- Bug 1158544 - Remove FTPChannelChild::mWasOpened and make the base class mWasOpened protected; r=mcmanus (9111e1bc00)
- Bug 1171716 - Part 2: Use NS_ReleaseOnMainThread in nsBaseChannel. r=froydnj (f138124f14)
- partial of Bug 1177175 - Add a UITour target inside the TP panel. (603cc719b3)
- Bug 1175545 - Dont process alt-svc on 421 r=hurley (ad0f2f6e91)
- Bug 1191291 - convert nsHttpChannel::RetargetDeliveryTo warning to log r=michal.novotny (b9c6003df8)
- Bug 1182487 - Don't try to write to HTTP cache entry in nsHttpChannel when entry is open for reading only. r=michal (b36d7014a0)
- Bug 1173069 - Don't accumulate the cache hit telemetry for intercepted channels; r=mayhemer,jdm (aaed79183d)
- Bug 1208755 HttpBaseChannel::ShouldIntercept() should not assume every channel has a LoadInfo. r=ckerschb (d55be94901)
- Bug 1201229 - Return an empty string for a header when an error occurs; r=dragana (256d0462c8)
- Bug 1048048 - add preload content policy types - web platform test updates (r=dveditz) (baa1004dd6)
- Bug 1048048 - add preload content policy types - csp changes (r=dveditz) (17914dadba)
- Bug 1048048 - add preload content policy types for stylesheets (r=cam) (29af13263a)
- Bug 1048048 - add preload content policy types (r=ehsan) (f58a32d51b)
- Bug 1201747 - Don't inspect the subject principal in StorageAllowedForPrincipal. r=mystor (4f2c100882)
- Bug 1176829 - Remove custom elements base element queue. r=smaug (03a520c13d)
- Bug 1176829 follow-up, finish removing unused member to fix bustage. CLOSED TREE (29c6150af8)
- Bug 1179909: Build fix. r=me CLOSED TREE (40e3bdb971)
- Bug 1188932 - Allow the User-Agent header to be explicitly set by requests, r=bkelly, r=jgraham (37aacbd37d)

dom/base/nsContentUtils.cpp

@@ -95,7 +95,6 @@
 #include "nsHostObjectProtocolHandler.h"
 #include "nsHtml5Module.h"
 #include "nsHtml5StringParser.h"
-#include "nsIAppShell.h"
 #include "nsIAsyncVerifyRedirectCallback.h"
 #include "nsICategoryManager.h"
 #include "nsIChannelEventSink.h"
@@ -357,7 +356,6 @@ namespace {
 
 static NS_DEFINE_CID(kParserServiceCID, NS_PARSERSERVICE_CID);
 static NS_DEFINE_CID(kCParserCID, NS_PARSER_CID);
-static NS_DEFINE_CID(kAppShellCID, NS_APPSHELL_CID);
 
 static PLDHashTable* sEventListenerManagersHash;
 
@@ -5266,7 +5264,6 @@ nsContentUtils::LeaveMicroTask()
   MOZ_ASSERT(NS_IsMainThread());
   if (--sMicroTaskLevel == 0) {
     PerformMainThreadMicroTaskCheckpoint();
-    nsDocument::ProcessBaseElementQueue();
   }
 }
 
@@ -7173,7 +7170,7 @@ nsContentUtils::IsForbiddenSystemRequestHeader(const nsACString& aHeader)
     "access-control-request-method", "connection", "content-length",
     "cookie", "cookie2", "content-transfer-encoding", "date", "dnt",
     "expect", "host", "keep-alive", "origin", "referer", "te", "trailer",
-    "transfer-encoding", "upgrade", "user-agent", "via"
+    "transfer-encoding", "upgrade", "via"
   };
   for (uint32_t i = 0; i < ArrayLength(kInvalidHeaders); ++i) {
     if (aHeader.LowerCaseEqualsASCII(kInvalidHeaders[i])) {
@@ -7972,13 +7969,13 @@ nsContentUtils::GetWindowRoot(nsIDocument* aDoc)
   return nullptr;
 }
 
-
 /* static */
 nsContentPolicyType
 nsContentUtils::InternalContentPolicyTypeToExternal(nsContentPolicyType aType)
 {
   switch (aType) {
   case nsIContentPolicy::TYPE_INTERNAL_SCRIPT:
+  case nsIContentPolicy::TYPE_INTERNAL_SCRIPT_PRELOAD:
   case nsIContentPolicy::TYPE_INTERNAL_WORKER:
   case nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER:
   case nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER:
@@ -8001,6 +7998,14 @@ nsContentUtils::InternalContentPolicyTypeToExternal(nsContentPolicyType aType)
   case nsIContentPolicy::TYPE_INTERNAL_EVENTSOURCE:
     return nsIContentPolicy::TYPE_XMLHTTPREQUEST;
 
+  case nsIContentPolicy::TYPE_INTERNAL_IMAGE:
+  case nsIContentPolicy::TYPE_INTERNAL_IMAGE_PRELOAD:
+    return nsIContentPolicy::TYPE_IMAGE;
+
+  case nsIContentPolicy::TYPE_INTERNAL_STYLESHEET:
+  case nsIContentPolicy::TYPE_INTERNAL_STYLESHEET_PRELOAD:
+    return nsIContentPolicy::TYPE_STYLESHEET;
+
   default:
     return aType;
   }
@@ -8211,28 +8216,17 @@ nsContentUtils::InternalStorageAllowedForPrincipal(nsIPrincipal* aPrincipal,
     access = std::min(StorageAccess::eSessionScoped, access);
   }
 
-  // If the caller is chrome privileged, then it is allowed to access any
-  // storage it likes, no matter whether the storage for that window/principal
-  // would normally be permitted.
-  if (IsSystemPrincipal(SubjectPrincipal())) {
-    return access;
-  }
-
-  if (!SubjectPrincipal()->Subsumes(aPrincipal)) {
-    NS_WARNING("A principal is attempting to access storage for a principal "
-               "which it doesn't subsume!");
-    return StorageAccess::eDeny;
-  }
-
   // About URIs are allowed to access storage, even if they don't have chrome
   // privileges. If this is not desired, than the consumer will have to
   // implement their own restriction functionality.
   nsCOMPtr<nsIURI> uri;
-  MOZ_ALWAYS_TRUE(NS_SUCCEEDED(aPrincipal->GetURI(getter_AddRefs(uri))));
-  bool isAbout = false;
-  MOZ_ALWAYS_TRUE(NS_SUCCEEDED(uri->SchemeIs("about", &isAbout)));
-  if (isAbout) {
-    return access;
+  nsresult rv = aPrincipal->GetURI(getter_AddRefs(uri));
+  if (NS_SUCCEEDED(rv) && uri) {
+    bool isAbout = false;
+    MOZ_ALWAYS_TRUE(NS_SUCCEEDED(uri->SchemeIs("about", &isAbout)));
+    if (isAbout) {
+      return access;
+    }
   }
 
   nsCOMPtr<nsIPermissionManager> permissionManager =