diff --git a/dom/network/src/TCPSocketParent.cpp b/dom/network/src/TCPSocketParent.cpp
index 99fceff80a0..014e0479dd5 100644
--- a/dom/network/src/TCPSocketParent.cpp
+++ b/dom/network/src/TCPSocketParent.cpp
@@ -44,15 +44,8 @@ NS_INTERFACE_MAP_END
 
 bool
 TCPSocketParent::Init(const nsString& aHost, const uint16_t& aPort, const bool& aUseSSL,
-                      const nsString& aBinaryType, PBrowserParent* aBrowser)
+                      const nsString& aBinaryType)
 {
-  // We don't have browser actors in xpcshell, and hence can't run automated
-  // tests without this loophole.
-  if (aBrowser && !AssertAppProcessPermission(aBrowser, "tcp-socket")) {
-    FireInteralError(this, __LINE__);
-    return true;
-  }
-
   nsresult rv;
   mIntermediary = do_CreateInstance("@mozilla.org/tcp-socket-intermediary;1", &rv);
   if (NS_FAILED(rv)) {
diff --git a/dom/network/src/TCPSocketParent.h b/dom/network/src/TCPSocketParent.h
index eccc553c1f9..82c4f80a25b 100644
--- a/dom/network/src/TCPSocketParent.h
+++ b/dom/network/src/TCPSocketParent.h
@@ -27,8 +27,7 @@ public:
   TCPSocketParent() : mIntermediaryObj(nullptr), mIPCOpen(true) {}
 
   bool Init(const nsString& aHost, const uint16_t& aPort,
-            const bool& useSSL, const nsString& aBinaryType,
-            PBrowserParent* aBrowser);
+            const bool& useSSL, const nsString& aBinaryType);
 
   virtual bool RecvSuspend() MOZ_OVERRIDE;
   virtual bool RecvResume() MOZ_OVERRIDE;
diff --git a/netwerk/ipc/NeckoParent.cpp b/netwerk/ipc/NeckoParent.cpp
index f8f8c9a326d..0bf17fd51d7 100644
--- a/netwerk/ipc/NeckoParent.cpp
+++ b/netwerk/ipc/NeckoParent.cpp
@@ -17,6 +17,7 @@
 #include "mozilla/dom/network/TCPSocketParent.h"
 #include "mozilla/ipc/URIUtils.h"
 #include "mozilla/LoadContext.h"
+#include "mozilla/AppProcessChecker.h"
 #include "nsPrintfCString.h"
 #include "nsHTMLDNSPrefetch.h"
 #include "nsIAppsService.h"
@@ -274,6 +275,11 @@ NeckoParent::AllocPTCPSocket(const nsString& aHost,
                    KILLING CHILD PROCESS\n");
     return nullptr;
   }
+  if (aBrowser && !AssertAppProcessPermission(aBrowser, "tcp-socket")) {
+    printf_stderr("NeckoParent::AllocPTCPSocket: FATAL error: app doesn't permit tcp-socket connections \
+                   KILLING CHILD PROCESS\n");
+    return nullptr;
+  }
   TCPSocketParent* p = new TCPSocketParent();
   p->AddRef();
   return p;
@@ -288,7 +294,7 @@ NeckoParent::RecvPTCPSocketConstructor(PTCPSocketParent* aActor,
                                        PBrowserParent* aBrowser)
 {
   return static_cast<TCPSocketParent*>(aActor)->
-      Init(aHost, aPort, useSSL, aBinaryType, aBrowser);
+      Init(aHost, aPort, useSSL, aBinaryType);
 }
 
 bool