diff --git a/caps/idl/nsIScriptSecurityManager.idl b/caps/idl/nsIScriptSecurityManager.idl
index f12b7c63fc8..1195ad5d7dc 100644
--- a/caps/idl/nsIScriptSecurityManager.idl
+++ b/caps/idl/nsIScriptSecurityManager.idl
@@ -9,7 +9,7 @@
 interface nsIURI;
 interface nsIChannel;
 
-[scriptable, uuid(bd94820d-4fd5-4d57-a40e-406ee72d27b7)]
+[scriptable, uuid(cdb27711-492b-4973-938b-de81ac124658)]
 interface nsIScriptSecurityManager : nsIXPCSecurityManager
 {
     ///////////////// Security Checks //////////////////
@@ -84,6 +84,21 @@ interface nsIScriptSecurityManager : nsIXPCSecurityManager
                                    in nsIURI uri,
                                    in unsigned long flags);
 
+    /**
+     * Check that content from "from" can load "uri".
+     *
+     * Will return error code NS_ERROR_DOM_BAD_URI if the load request
+     * should be denied.
+     *
+     * @param from the URI causing the load
+     * @param uri the URI that is being loaded
+     * @param flags the permission set, see above
+     *
+     * @deprecated Use checkLoadURIWithPrincipal instead of this function.
+     */
+    [deprecated] void checkLoadURI(in nsIURI from, in nsIURI uri,
+                                   in unsigned long flags);
+
     /**
      * Similar to checkLoadURIWithPrincipal but there are two differences:
      *
@@ -97,6 +112,15 @@ interface nsIScriptSecurityManager : nsIXPCSecurityManager
                                       in AUTF8String uri,
                                       in unsigned long flags);
 
+    /**
+     * Same as CheckLoadURI but takes string arguments for ease of use
+     * by scripts
+     *
+     * @deprecated Use checkLoadURIStrWithPrincipal instead of this function.
+     */
+    [deprecated] void checkLoadURIStr(in AUTF8String from, in AUTF8String uri,
+                                      in unsigned long flags);
+
     /**
      * Check that the function 'funObj' is allowed to run on 'targetObj'
      *
@@ -236,18 +260,6 @@ interface nsIScriptSecurityManager : nsIXPCSecurityManager
     [noscript,notxpcom] nsIPrincipal getCxSubjectPrincipal(in JSContextPtr cx);
     [noscript,notxpcom] nsIPrincipal getCxSubjectPrincipalAndFrame(in JSContextPtr cx,
                                                                    out JSStackFramePtr fp);
-
-
-    const unsigned long NO_APP_ID = 0;
-    const unsigned long UNKNOWN_APP_ID = 4294967295; // PR_UINT32_MAX
-
-    /**
-     * Returns the extended origin for the uri.
-     * appId can be NO_APP_ID, UNKWOWN_APP_ID or a valid app id.
-     * inMozBrowser has to be true if the uri is inside a mozbrowser iframe.
-     */
-    AUTF8String getExtendedOrigin(in nsIURI uri, in unsigned long appId,
-                                  in boolean inMozBrowser);
 };
 
 %{C++
diff --git a/caps/include/nsPrincipal.h b/caps/include/nsPrincipal.h
index 82b9ce5a9c6..5b691f1d672 100644
--- a/caps/include/nsPrincipal.h
+++ b/caps/include/nsPrincipal.h
@@ -153,11 +153,6 @@ public:
   virtual void GetScriptLocation(nsACString& aStr) MOZ_OVERRIDE;
   void SetURI(nsIURI* aURI);
 
-  /**
-   * Computes the puny-encoded origin of aURI.
-   */
-  static nsresult GetOriginForURI(nsIURI* aURI, char **aOrigin);
-
   nsCOMPtr<nsIURI> mDomain;
   nsCOMPtr<nsIURI> mCodebase;
   // If mCodebaseImmutable is true, mCodebase is non-null and immutable
diff --git a/caps/src/nsPrincipal.cpp b/caps/src/nsPrincipal.cpp
index 1df8feb065e..b516e6a07e4 100644
--- a/caps/src/nsPrincipal.cpp
+++ b/caps/src/nsPrincipal.cpp
@@ -656,17 +656,18 @@ nsPrincipal::GetScriptLocation(nsACString &aStr)
   }
 }
 
-/* static */ nsresult
-nsPrincipal::GetOriginForURI(nsIURI* aURI, char **aOrigin)
+NS_IMETHODIMP
+nsPrincipal::GetOrigin(char **aOrigin)
 {
-  if (!aURI) {
-    return NS_ERROR_FAILURE;
-  }
-
   *aOrigin = nsnull;
 
-  nsCOMPtr<nsIURI> origin = NS_GetInnermostURI(aURI);
+  nsCOMPtr<nsIURI> origin;
+  if (mCodebase) {
+    origin = NS_GetInnermostURI(mCodebase);
+  }
+  
   if (!origin) {
+    NS_ASSERTION(mCert, "No Domain or Codebase for a non-cert principal");
     return NS_ERROR_FAILURE;
   }
 
@@ -682,9 +683,8 @@ nsPrincipal::GetOriginForURI(nsIURI* aURI, char **aOrigin)
     rv = origin->GetAsciiHost(hostPort);
     // Some implementations return an empty string, treat it as no support
     // for asciiHost by that implementation.
-    if (hostPort.IsEmpty()) {
+    if (hostPort.IsEmpty())
       rv = NS_ERROR_FAILURE;
-    }
   }
 
   PRInt32 port;
@@ -701,7 +701,6 @@ nsPrincipal::GetOriginForURI(nsIURI* aURI, char **aOrigin)
     nsCAutoString scheme;
     rv = origin->GetScheme(scheme);
     NS_ENSURE_SUCCESS(rv, rv);
-
     *aOrigin = ToNewCString(scheme + NS_LITERAL_CSTRING("://") + hostPort);
   }
   else {
@@ -712,19 +711,12 @@ nsPrincipal::GetOriginForURI(nsIURI* aURI, char **aOrigin)
     // both fall back to GetSpec.  That needs to be fixed.
     rv = origin->GetAsciiSpec(spec);
     NS_ENSURE_SUCCESS(rv, rv);
-
     *aOrigin = ToNewCString(spec);
   }
 
   return *aOrigin ? NS_OK : NS_ERROR_OUT_OF_MEMORY;
 }
 
-NS_IMETHODIMP
-nsPrincipal::GetOrigin(char **aOrigin)
-{
-  return GetOriginForURI(mCodebase, aOrigin);
-}
-
 NS_IMETHODIMP
 nsPrincipal::Equals(nsIPrincipal *aOther, bool *aResult)
 {
diff --git a/caps/src/nsScriptSecurityManager.cpp b/caps/src/nsScriptSecurityManager.cpp
index d2a5b82b90d..d135d87c3a2 100644
--- a/caps/src/nsScriptSecurityManager.cpp
+++ b/caps/src/nsScriptSecurityManager.cpp
@@ -60,7 +60,6 @@
 #include "mozilla/dom/BindingUtils.h"
 #include "mozilla/StandardInteger.h"
 #include "mozilla/ClearOnShutdown.h"
-#include "nsIAppsService.h"
 
 using namespace mozilla;
 using namespace mozilla::dom;
@@ -1263,6 +1262,25 @@ nsScriptSecurityManager::CheckLoadURIFromScript(JSContext *cx, nsIURI *aURI)
     return NS_ERROR_DOM_BAD_URI;
 }
 
+NS_IMETHODIMP
+nsScriptSecurityManager::CheckLoadURI(nsIURI *aSourceURI, nsIURI *aTargetURI,
+                                      PRUint32 aFlags)
+{
+    // FIXME: bug 327244 -- this function should really die...  Really truly.
+    NS_PRECONDITION(aSourceURI, "CheckLoadURI called with null source URI");
+    NS_ENSURE_ARG_POINTER(aSourceURI);
+
+    // Note: this is not _quite_ right if aSourceURI has
+    // NS_NULLPRINCIPAL_SCHEME, but we'll just extract the scheme in
+    // CheckLoadURIWithPrincipal anyway, so this is good enough.  This method
+    // really needs to go away....
+    nsCOMPtr<nsIPrincipal> sourcePrincipal;
+    nsresult rv = CreateCodebasePrincipal(aSourceURI,
+                                          getter_AddRefs(sourcePrincipal));
+    NS_ENSURE_SUCCESS(rv, rv);
+    return CheckLoadURIWithPrincipal(sourcePrincipal, aTargetURI, aFlags);
+}
+
 /**
  * Helper method to handle cases where a flag passed to
  * CheckLoadURIWithPrincipal means denying loading if the given URI has certain
@@ -1569,6 +1587,30 @@ nsScriptSecurityManager::ReportError(JSContext* cx, const nsAString& messageTag,
     return NS_OK;
 }
 
+NS_IMETHODIMP
+nsScriptSecurityManager::CheckLoadURIStr(const nsACString& aSourceURIStr,
+                                         const nsACString& aTargetURIStr,
+                                         PRUint32 aFlags)
+{
+    // FIXME: bug 327244 -- this function should really die...  Really truly.
+    nsCOMPtr<nsIURI> source;
+    nsresult rv = NS_NewURI(getter_AddRefs(source), aSourceURIStr,
+                            nsnull, nsnull, sIOService);
+    NS_ENSURE_SUCCESS(rv, rv);
+
+    // Note: this is not _quite_ right if aSourceURI has
+    // NS_NULLPRINCIPAL_SCHEME, but we'll just extract the scheme in
+    // CheckLoadURIWithPrincipal anyway, so this is good enough.  This method
+    // really needs to go away....
+    nsCOMPtr<nsIPrincipal> sourcePrincipal;
+    rv = CreateCodebasePrincipal(source,
+                                 getter_AddRefs(sourcePrincipal));
+    NS_ENSURE_SUCCESS(rv, rv);
+
+    return CheckLoadURIStrWithPrincipal(sourcePrincipal, aTargetURIStr,
+                                        aFlags);
+}
+
 NS_IMETHODIMP
 nsScriptSecurityManager::CheckLoadURIStrWithPrincipal(nsIPrincipal* aPrincipal,
                                                       const nsACString& aTargetURIStr,
@@ -3552,40 +3594,6 @@ nsScriptSecurityManager::InitPrefs()
     return NS_OK;
 }
 
-NS_IMETHODIMP
-nsScriptSecurityManager::GetExtendedOrigin(nsIURI* aURI,
-                                           PRUint32 aAppId,
-                                           bool aInMozBrowser,
-                                           nsACString& aExtendedOrigin)
-{
-  MOZ_ASSERT(aURI);
-
-  if (aAppId == UNKNOWN_APP_ID) {
-    aExtendedOrigin.Truncate();
-    return NS_OK;
-  }
-
-  // Fallback.
-  if (aAppId == nsIScriptSecurityManager::NO_APP_ID && !aInMozBrowser) {
-    nsCAutoString origin;
-    nsPrincipal::GetOriginForURI(aURI, getter_Copies(origin));
-
-    aExtendedOrigin.Assign(origin);
-    return NS_OK;
-  }
-
-  nsCAutoString origin;
-  nsPrincipal::GetOriginForURI(aURI, getter_Copies(origin));
-
-  // aExtendedOrigin = origin + " " + aAppId + " " + int(aInMozBrowser)
-  aExtendedOrigin.Assign(origin + NS_LITERAL_CSTRING("@"));
-  aExtendedOrigin.AppendInt(aAppId);
-  aExtendedOrigin.Append(aInMozBrowser ? NS_LITERAL_CSTRING("t")
-                                       : NS_LITERAL_CSTRING("f"));
-
-  return NS_OK;
-}
-
 ///////////////////////////////////////////////////////////////////////////////
 // The following code prints the contents of the policy DB to the console.
 #ifdef DEBUG_CAPS_HACKER
diff --git a/caps/tests/mochitest/Makefile.in b/caps/tests/mochitest/Makefile.in
index 2bbc74239de..9773c04f99b 100644
--- a/caps/tests/mochitest/Makefile.in
+++ b/caps/tests/mochitest/Makefile.in
@@ -18,9 +18,6 @@ MOCHITEST_FILES = 	test_bug423375.html \
                 test_disallowInheritPrincipal.html \
                 $(NULL)
 
-MOCHITEST_CHROME_FILES = test_principal_extendedorigin_appid_appstatus.html \
-                         $(NULL)
-
 test_bug292789.html : % : %.in
 	$(PYTHON) $(topsrcdir)/config/Preprocessor.py \
 	     $(AUTOMATION_PPARGS) $(DEFINES) $(ACDEFINES) $< > $@
diff --git a/caps/tests/mochitest/test_principal_extendedorigin_appid_appstatus.html b/caps/tests/mochitest/test_principal_extendedorigin_appid_appstatus.html
deleted file mode 100644
index 4021ef4ee74..00000000000
--- a/caps/tests/mochitest/test_principal_extendedorigin_appid_appstatus.html
+++ /dev/null
@@ -1,143 +0,0 @@
-<!DOCTYPE HTML>
-<html>
-<!--
-https://bugzilla.mozilla.org/show_bug.cgi?id=758258
--->
-<head>
-  <meta charset="utf-8">
-  <title>Test for nsIPrincipal extendedOrigin, appStatus and appId</title>
-  <script type="application/javascript" src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"></script>
-  <link rel="stylesheet" type="text/css" href="chrome://mochikit/content/tests/SimpleTest/test.css"?>
-</head>
-<body>
-<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=758258">Mozilla Bug 758258</a>
-<p id="display"></p>
-<div id="content">
-  
-</div>
-<pre id="test">
-<script type="application/javascript">
-
-/** Test for Bug 758258 **/
-
-SimpleTest.waitForExplicitFinish();
-
-var gData = [
-  {
-    app: "http://example.org/manifest.webapp",
-    origin: "http://example.org",
-  },
-  {
-    app: "https://example.com:443/manifest.webapp",
-    origin: "https://example.com",
-  },
-  {
-    app: "http://test1.example.org/manifest.webapp",
-    origin: "http://test1.example.org",
-  },
-  {
-    app: "http://test1.example.org:8000/manifest.webapp",
-    origin: "http://test1.example.org:8000",
-  },
-  {
-    app: "http://sub1.test1.example.org/manifest.webapp",
-    origin: "http://sub1.test1.example.org",
-  },
-  {
-    app: "http://example.org/foo/manifest.webapp",
-    origin: "http://example.org",
-  },
-  {
-    app: "http://example.org/bar/manifest.webapp",
-    origin: "http://example.org",
-  },
-  {
-    browser: true,
-    origin: "http://example.org",
-  },
-  {
-    origin: "http://example.org",
-  },
-  {
-    app: "http://example.org/wedonthaveanyappinthatdirectory/manifest.webapp",
-    origin: "http://example.org",
-  },
-  {
-    app: "http://example.org/manifest.webapp",
-    origin: "data:text/html,foobar",
-    test: [ "todo-origin" ],
-  },
-  {
-    app: "http://example.org/manifest.webapp",
-    origin: "data:text/html,foobar2",
-    test: [ "todo-origin" ],
-  },
-  {
-    origin: "file:///",
-  },
-  {
-    origin: "file:///tmp",
-  },
-  {
-    app: "http://example.org/manifest.webapp",
-    origin: "file:///",
-  },
-  {
-    app: "http://example.org/manifest.webapp",
-    origin: "file:///tmp",
-  },
-];
-
-var content = document.getElementById('content');
-var checkedCount = 0;
-var checksTodo = gData.length;
-
-function checkPrincipalForIFrame(aFrame, data) {
-  var principal = aFrame.contentDocument.nodePrincipal;
-
-  // TODO: TEMP.
-  if (!data.test) {
-    data.test = [];
-  }
-
-  if (data.test.indexOf('todo-origin') == -1) {
-    is(principal.URI.origin, data.origin, 'the correct URL should have been loaded');
-  }
-
-  checkedCount++;
-  if (checkedCount == checksTodo) {
-    SimpleTest.finish();
-  }
-}
-
-is('appStatus' in document.nodePrincipal, false,
-   'appStatus should not be present in nsIPrincipal');
-is('extendedOrigin' in document.nodePrincipal, false,
-   'extendedOrigin should not be present in nsIPrincipal');
-is('appId' in document.nodePrincipal, false,
-   'appId should not be present in nsIPrincipal');
-
-gData.forEach(function(data) {
-  var iframe = document.createElement('iframe');
-  iframe.checkPrincipal = function() {
-    checkPrincipalForIFrame(this, data);
-  };
-
-  if (data.app) {
-    iframe.setAttribute('mozapp', data.app);
-    iframe.setAttribute('mozbrowser', '');
-  } else if (data.browser) {
-    iframe.setAttribute('mozbrowser', '');
-  }
-
-  iframe.src = data.origin;
-
-  iframe.addEventListener('load', iframe.checkPrincipal.bind(iframe));
-
-  content.appendChild(iframe);
-});
-
-</script>
-</pre>
-</body>
-</html>
diff --git a/content/base/src/contentAreaDropListener.js b/content/base/src/contentAreaDropListener.js
index 964605267d8..870054f3e51 100644
--- a/content/base/src/contentAreaDropListener.js
+++ b/content/base/src/contentAreaDropListener.js
@@ -66,12 +66,12 @@ ContentAreaDropListener.prototype =
     uriString = uriString.replace(/^\s*|\s*$/g, '');
 
     let uri;
-    let ioService = Cc["@mozilla.org/network/io-service;1"]
-                      .getService(Components.interfaces.nsIIOService);
     try {
       // Check that the uri is valid first and return an empty string if not.
       // It may just be plain text and should be ignored here
-      uri = ioService.newURI(uriString, null, null);
+      uri = Cc["@mozilla.org/network/io-service;1"].
+              getService(Components.interfaces.nsIIOService).
+              newURI(uriString, null, null);
     } catch (ex) { }
     if (!uri)
       return uriString;
@@ -85,10 +85,10 @@ ContentAreaDropListener.prototype =
       flags |= secMan.DISALLOW_INHERIT_PRINCIPAL;
 
     // Use file:/// as the default uri so that drops of file URIs are always allowed
-    let principal = sourceNode ? sourceNode.principal
-                               : secMan.getCodebasePrincipal(ioService.newURI("file:///", null, null));
-
-    secMan.checkLoadURIStrWithPrincipal(principal, uriString, flags);
+    if (sourceNode)
+      secMan.checkLoadURIStrWithPrincipal(sourceNode.nodePrincipal, uriString, flags);
+    else
+      secMan.checkLoadURIStr("file:///", uriString, flags);
 
     return uriString;
   },
diff --git a/content/base/src/nsDocument.cpp b/content/base/src/nsDocument.cpp
index 37444f7fb05..2fbb03a8aaf 100644
--- a/content/base/src/nsDocument.cpp
+++ b/content/base/src/nsDocument.cpp
@@ -3087,7 +3087,7 @@ nsDocument::SetHeaderData(nsIAtom* aHeaderField, const nsAString& aData)
       // should really be the same thing).  Note that this code can run
       // before the current URI of the webnavigation has been updated, so we
       // can't assert equality here.
-      refresher->SetupRefreshURIFromHeader(mDocumentURI, NodePrincipal(),
+      refresher->SetupRefreshURIFromHeader(mDocumentURI,
                                            NS_ConvertUTF16toUTF8(aData));
     }
   }
diff --git a/content/base/src/nsFrameLoader.cpp b/content/base/src/nsFrameLoader.cpp
index e38aa243ab5..3dc0df2205f 100644
--- a/content/base/src/nsFrameLoader.cpp
+++ b/content/base/src/nsFrameLoader.cpp
@@ -80,7 +80,6 @@
 #include "mozilla/unused.h"
 #include "mozilla/dom/Element.h"
 #include "mozilla/layout/RenderFrameParent.h"
-#include "nsIAppsService.h"
 
 #include "jsapi.h"
 
@@ -1110,29 +1109,14 @@ nsFrameLoader::SwapWithOtherLoader(nsFrameLoader* aOther,
     return NS_ERROR_NOT_IMPLEMENTED;
   }
 
-  bool ourContentBoundary, otherContentBoundary;
-  ourDocshell->GetIsContentBoundary(&ourContentBoundary);
-  otherDocshell->GetIsContentBoundary(&otherContentBoundary);
-  if (ourContentBoundary != otherContentBoundary) {
+  bool weAreBrowserFrame = false;
+  bool otherIsBrowserFrame = false;
+  ourDocshell->GetIsBrowserFrame(&weAreBrowserFrame);
+  otherDocshell->GetIsBrowserFrame(&otherIsBrowserFrame);
+  if (weAreBrowserFrame != otherIsBrowserFrame) {
     return NS_ERROR_NOT_IMPLEMENTED;
   }
 
-  if (ourContentBoundary) {
-    bool ourIsBrowser, otherIsBrowser;
-    ourDocshell->GetIsBrowserElement(&ourIsBrowser);
-    otherDocshell->GetIsBrowserElement(&otherIsBrowser);
-    if (ourIsBrowser != otherIsBrowser) {
-      return NS_ERROR_NOT_IMPLEMENTED;
-    }
-
-    bool ourIsApp, otherIsApp;
-    ourDocshell->GetIsApp(&ourIsApp);
-    otherDocshell->GetIsApp(&otherIsApp);
-    if (ourIsApp != otherIsApp) {
-      return NS_ERROR_NOT_IMPLEMENTED;
-    }
-  }
-
   if (mInSwap || aOther->mInSwap) {
     return NS_ERROR_NOT_IMPLEMENTED;
   }
@@ -1477,24 +1461,6 @@ nsFrameLoader::MaybeCreateDocShell()
   mDocShell = do_CreateInstance("@mozilla.org/docshell;1");
   NS_ENSURE_TRUE(mDocShell, NS_ERROR_FAILURE);
 
-  if (OwnerIsBrowserFrame() &&
-      mOwnerContent->HasAttr(kNameSpaceID_None, nsGkAtoms::mozapp)) {
-    nsCOMPtr<nsIAppsService> appsService =
-      do_GetService(APPS_SERVICE_CONTRACTID);
-    if (!appsService) {
-      NS_ERROR("Apps Service is not available!");
-      return NS_ERROR_FAILURE;
-    }
-
-    nsAutoString manifest;
-    mOwnerContent->GetAttr(kNameSpaceID_None, nsGkAtoms::mozapp, manifest);
-
-    PRUint32 appId;
-    appsService->GetAppLocalIdByManifestURL(manifest, &appId);
-
-    mDocShell->SetAppId(appId);
-  }
-
   if (!mNetworkCreated) {
     nsCOMPtr<nsIDocShellHistory> history = do_QueryInterface(mDocShell);
     if (history) {
@@ -1597,7 +1563,7 @@ nsFrameLoader::MaybeCreateDocShell()
   EnsureMessageManager();
 
   if (OwnerIsBrowserFrame()) {
-    mDocShell->SetIsBrowser();
+    mDocShell->SetIsBrowserFrame(true);
 
     nsCOMPtr<nsIObserverService> os = services::GetObserverService();
     if (os) {
diff --git a/content/xslt/src/xslt/txMozillaXMLOutput.cpp b/content/xslt/src/xslt/txMozillaXMLOutput.cpp
index afe9df24375..84c986d70bb 100644
--- a/content/xslt/src/xslt/txMozillaXMLOutput.cpp
+++ b/content/xslt/src/xslt/txMozillaXMLOutput.cpp
@@ -241,7 +241,6 @@ txMozillaXMLOutput::endDocument(nsresult aResult)
                 do_QueryInterface(win->GetDocShell());
             if (refURI) {
                 refURI->SetupRefreshURIFromHeader(mDocument->GetDocBaseURI(),
-                                                  mDocument->NodePrincipal(),
                                                   mRefreshString);
             }
         }
diff --git a/docshell/base/nsDSURIContentListener.cpp b/docshell/base/nsDSURIContentListener.cpp
index 5feabc4c572..da67d4de492 100644
--- a/docshell/base/nsDSURIContentListener.cpp
+++ b/docshell/base/nsDSURIContentListener.cpp
@@ -311,9 +311,9 @@ bool nsDSURIContentListener::CheckOneFrameOptionsPolicy(nsIRequest *request,
                parentDocShellItem) {
 
             nsCOMPtr<nsIDocShell> curDocShell = do_QueryInterface(curDocShellItem);
-            bool isContentBoundary;
-            curDocShell->GetIsContentBoundary(&isContentBoundary);
-            if (isContentBoundary) {
+            bool browserFrame = false;
+            curDocShell->GetIsBrowserFrame(&browserFrame);
+            if (browserFrame) {
               break;
             }
 
diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp
index d31fa7877ce..3ac4f9d328c 100644
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@@ -763,7 +763,6 @@ nsDocShell::nsDocShell():
 #ifdef DEBUG
     mInEnsureScriptEnv(false),
 #endif
-    mAppId(nsIScriptSecurityManager::NO_APP_ID),
     mParentCharsetSource(0)
 {
     mHistoryID = ++gDocshellIDCounter;
@@ -5529,7 +5528,6 @@ nsDocShell::ForceRefreshURI(nsIURI * aURI,
 
 nsresult
 nsDocShell::SetupRefreshURIFromHeader(nsIURI * aBaseURI,
-                                      nsIPrincipal* aPrincipal,
                                       const nsACString & aHeader)
 {
     // Refresh headers are parsed with the following format in mind
@@ -5571,8 +5569,6 @@ nsDocShell::SetupRefreshURIFromHeader(nsIURI * aBaseURI,
 
     // when done, seconds is 0 or the given number of seconds
     //            uriAttrib is empty or the URI specified
-    MOZ_ASSERT(aPrincipal);
-
     nsCAutoString uriAttrib;
     PRInt32 seconds = 0;
     bool specifiesSeconds = false;
@@ -5737,8 +5733,9 @@ nsDocShell::SetupRefreshURIFromHeader(nsIURI * aBaseURI,
                             (NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv));
         if (NS_SUCCEEDED(rv)) {
             rv = securityManager->
-                CheckLoadURIWithPrincipal(aPrincipal, uri,
-                                          nsIScriptSecurityManager::LOAD_IS_AUTOMATIC_DOCUMENT_REPLACEMENT);
+                CheckLoadURI(aBaseURI, uri,
+                             nsIScriptSecurityManager::
+                             LOAD_IS_AUTOMATIC_DOCUMENT_REPLACEMENT);
 
             if (NS_SUCCEEDED(rv)) {
                 bool isjs = true;
@@ -5774,16 +5771,8 @@ NS_IMETHODIMP nsDocShell::SetupRefreshURI(nsIChannel * aChannel)
                                             refreshHeader);
 
         if (!refreshHeader.IsEmpty()) {
-            nsCOMPtr<nsIScriptSecurityManager> secMan =
-                do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
-            NS_ENSURE_SUCCESS(rv, rv);
-
-            nsCOMPtr<nsIPrincipal> principal;
-            rv = secMan->GetChannelPrincipal(aChannel, getter_AddRefs(principal));
-            NS_ENSURE_SUCCESS(rv, rv);
-
             SetupReferrerFromChannel(aChannel);
-            rv = SetupRefreshURIFromHeader(mCurrentURI, principal, refreshHeader);
+            rv = SetupRefreshURIFromHeader(mCurrentURI, refreshHeader);
             if (NS_SUCCEEDED(rv)) {
                 return NS_REFRESHURI_HEADER_FOUND;
             }
@@ -12024,145 +12013,52 @@ nsDocShell::GetCanExecuteScripts(bool *aResult)
 }
 
 NS_IMETHODIMP
-nsDocShell::SetIsBrowser()
+nsDocShell::GetIsBrowserFrame(bool *aOut)
 {
-    if (mIsBrowserFrame) {
-        NS_ERROR("You should not call SetIsBrowser() more than once.");
-        return NS_OK;
-    }
+  NS_ENSURE_ARG_POINTER(aOut);
+  *aOut = mIsBrowserFrame;
+  return NS_OK;
+}
 
-    mIsBrowserFrame = true;
+NS_IMETHODIMP
+nsDocShell::SetIsBrowserFrame(bool aValue)
+{
+  // Disallow transitions from browser frame to not-browser-frame.  Once a
+  // browser frame, always a browser frame.  (Otherwise, observers of
+  // docshell-marked-as-browser-frame would have to distinguish between
+  // newly-created browser frames and frames which went from true to false back
+  // to true.)
+  NS_ENSURE_STATE(!mIsBrowserFrame || aValue);
 
+  bool wasBrowserFrame = mIsBrowserFrame;
+  mIsBrowserFrame = aValue;
+  if (aValue && !wasBrowserFrame) {
     nsCOMPtr<nsIObserverService> os = services::GetObserverService();
     if (os) {
-        os->NotifyObservers(GetAsSupports(this),
-                            "docshell-marked-as-browser-frame", NULL);
+      os->NotifyObservers(GetAsSupports(this),
+                          "docshell-marked-as-browser-frame", NULL);
     }
-
-    return NS_OK;
+  }
+  return NS_OK;
 }
 
-nsDocShell::FrameType
-nsDocShell::GetInheritedFrameType()
+NS_IMETHODIMP
+nsDocShell::GetContainedInBrowserFrame(bool *aOut)
 {
-    FrameType type = GetFrameType();
+    *aOut = false;
 
-    if (type != eFrameTypeRegular) {
-        return type;
+    if (mIsBrowserFrame) {
+        *aOut = true;
+        return NS_OK;
     }
 
     nsCOMPtr<nsIDocShellTreeItem> parentAsItem;
     GetSameTypeParent(getter_AddRefs(parentAsItem));
 
     nsCOMPtr<nsIDocShell> parent = do_QueryInterface(parentAsItem);
-    if (!parent) {
-        return eFrameTypeRegular;
-    }
-
-    return static_cast<nsDocShell*>(parent.get())->GetInheritedFrameType();
-}
-
-nsDocShell::FrameType
-nsDocShell::GetFrameType()
-{
-    if (mAppId != nsIScriptSecurityManager::NO_APP_ID) {
-        return eFrameTypeApp;
-    }
-
-    return mIsBrowserFrame ? eFrameTypeBrowser : eFrameTypeRegular;
-}
-
-NS_IMETHODIMP
-nsDocShell::GetIsBrowserElement(bool* aIsBrowser)
-{
-    *aIsBrowser = (GetFrameType() == eFrameTypeBrowser);
-
-    return NS_OK;
-}
-
-NS_IMETHODIMP
-nsDocShell::GetIsApp(bool* aIsApp)
-{
-    *aIsApp = (GetFrameType() == eFrameTypeApp);
-    return NS_OK;
-}
-
-NS_IMETHODIMP
-nsDocShell::GetIsContentBoundary(bool* aIsContentBoundary)
-{
-    switch (GetFrameType()) {
-        case eFrameTypeRegular:
-            *aIsContentBoundary = false;
-            break;
-        case eFrameTypeBrowser:
-        case eFrameTypeApp:
-            *aIsContentBoundary = true;
-            break;
+    if (parent) {
+        return parent->GetContainedInBrowserFrame(aOut);
     }
 
     return NS_OK;
 }
-
-NS_IMETHODIMP
-nsDocShell::GetIsInBrowserElement(bool* aIsInBrowserElement)
-{
-    *aIsInBrowserElement = (GetInheritedFrameType() == eFrameTypeBrowser);
-    return NS_OK;
-}
-
-NS_IMETHODIMP
-nsDocShell::GetIsInApp(bool* aIsInApp)
-{
-    *aIsInApp = (GetInheritedFrameType() == eFrameTypeApp);
-    return NS_OK;
-}
-
-NS_IMETHODIMP
-nsDocShell::GetIsBelowContentBoundary(bool* aIsInContentBoundary)
-{
-    switch (GetInheritedFrameType()) {
-        case eFrameTypeRegular:
-            *aIsInContentBoundary = false;
-            break;
-        case eFrameTypeBrowser:
-        case eFrameTypeApp:
-            *aIsInContentBoundary = true;
-            break;
-    }
-
-    return NS_OK;
-}
-
-NS_IMETHODIMP
-nsDocShell::SetAppId(PRUint32 aAppId)
-{
-    MOZ_ASSERT(mAppId == nsIScriptSecurityManager::NO_APP_ID);
-    MOZ_ASSERT(aAppId != nsIScriptSecurityManager::UNKNOWN_APP_ID);
-
-    mAppId = aAppId;
-    return NS_OK;
-}
-
-NS_IMETHODIMP
-nsDocShell::GetAppId(PRUint32* aAppId)
-{
-    if (mAppId != nsIScriptSecurityManager::NO_APP_ID) {
-        MOZ_ASSERT(GetFrameType() == eFrameTypeApp);
-
-        *aAppId = mAppId;
-        return NS_OK;
-    }
-
-    MOZ_ASSERT(GetFrameType() != eFrameTypeApp);
-
-    nsCOMPtr<nsIDocShellTreeItem> parentAsItem;
-    GetSameTypeParent(getter_AddRefs(parentAsItem));
-
-    nsCOMPtr<nsIDocShell> parent = do_QueryInterface(parentAsItem);
-    if (!parent) {
-        *aAppId = nsIScriptSecurityManager::NO_APP_ID;
-        return NS_OK;
-    }
-
-    return parent->GetAppId(aAppId);
-}
diff --git a/docshell/base/nsDocShell.h b/docshell/base/nsDocShell.h
index 574f08577f6..cd57499032e 100644
--- a/docshell/base/nsDocShell.h
+++ b/docshell/base/nsDocShell.h
@@ -664,15 +664,6 @@ protected:
 
     bool JustStartedNetworkLoad();
 
-    enum FrameType {
-        eFrameTypeRegular  = 0x0, // 0000
-        eFrameTypeBrowser  = 0x1, // 0001
-        eFrameTypeApp      = 0x2  // 0010
-    };
-
-    FrameType GetInheritedFrameType();
-    FrameType GetFrameType();
-
     // hash of session storages, keyed by domain
     nsInterfaceHashtable<nsCStringHashKey, nsIDOMStorage> mStorages;
 
@@ -824,8 +815,6 @@ protected:
 
     nsRefPtr<nsDOMNavigationTiming> mTiming;
 
-    PRUint32 mAppId;
-
 private:
     nsCOMPtr<nsIAtom> mForcedCharset;
     nsCOMPtr<nsIAtom> mParentCharset;
diff --git a/docshell/base/nsIDocShell.idl b/docshell/base/nsIDocShell.idl
index 2f8b2be4037..c19e63afb04 100644
--- a/docshell/base/nsIDocShell.idl
+++ b/docshell/base/nsIDocShell.idl
@@ -39,7 +39,7 @@ interface nsIWebBrowserPrint;
 interface nsIVariant;
 interface nsIPrivacyTransitionObserver;
 
-[scriptable, builtinclass, uuid(c98f0f21-fe96-4f06-9978-0a9422a789fa)]
+[scriptable, builtinclass, uuid(89ea9f32-18ec-413b-9e2c-ce9a4c851b1c)]
 interface nsIDocShell : nsISupports
 {
   /**
@@ -589,64 +589,21 @@ interface nsIDocShell : nsISupports
    */
   void addWeakPrivacyTransitionObserver(in nsIPrivacyTransitionObserver obs);
 
-  /**
-   * Mark the docshell as a browser frame.
-   * This should be used for <iframe mozbrowser> but not for <iframe mozapp>.
+  /*
+   * Is this docshell a browser frame (i.e., does it correspond to an <iframe
+   * mozbrowser>)?  The frameloader is responsible for setting this property
+   * when it initializes the docshell.
    *
-   * This method should not be called more than once.
-   */
-  void setIsBrowser();
-
-  /**
-   * Returns true iff the docshell is marked as a browser frame.
-   */
-  readonly attribute boolean isBrowserElement;
-
-  /**
-   * Returns true iif the docshell is marked as an app frame.
-   */
-  readonly attribute boolean isApp;
-
-  /**
-   * Returns true iif the docshell is marked as a type that behaves like a
-   * content boundary.
-   */
-  readonly attribute boolean isContentBoundary;
-
-  /**
-   * Returns true iif the docshell is inside a browser element.
-   */
-  readonly attribute boolean isInBrowserElement;
-
-  /**
-   * Returns true iif the docshell is inside an application.
-   * However, it will return false if the docshell is inside a browser element
-   * that is inside an application.
-   */
-  readonly attribute boolean isInApp;
-
-  /**
-   * Returns if the docshell has a docshell that behaves as a content boundary
-   * in his parent hierarchy.
-   */
-  readonly attribute boolean isBelowContentBoundary;
-
-  /**
-   * Set the app id this docshell is associated with. It has to be a valid app
-   * id. If the docshell isn't associated with any app, the value should be
-   * nsIScriptSecurityManager::NO_APP_ID.
-   * However, this is the default value if nothing is set.
+   * If so, this docshell should act like a chrome/content boundary for the
+   * purposes of window.top and window.parent.
    *
-   * This method is [noscript] to reduce the scope. It should be used at very
-   * specific moments.
-   *
-   * Calling setAppId() will mark the frame as an app frame.
+   * See also nsIMozBrowserFrame.
    */
-  [noscript] void setAppId(in unsigned long appId);
+  attribute bool isBrowserFrame;
 
-  /**
-   * Returns the app id of the app the docshell is in.
-   * Returns nsIScriptSecurityManager::NO_APP_ID If the docshell is not in an app.
+  /*
+   * Is this docshell contained in an <iframe mozbrowser>, either directly or
+   * indirectly?
    */
-  readonly attribute unsigned long appId;
+  readonly attribute bool containedInBrowserFrame;
 };
diff --git a/docshell/base/nsIRefreshURI.idl b/docshell/base/nsIRefreshURI.idl
index 3dadc183cb7..590c559043f 100644
--- a/docshell/base/nsIRefreshURI.idl
+++ b/docshell/base/nsIRefreshURI.idl
@@ -7,9 +7,8 @@
 #include "nsISupports.idl"
 #include "nsIURI.idl"
 interface nsIChannel;
-interface nsIPrincipal;
 
-[scriptable, uuid(a5e61a3c-51bd-45be-ac0c-e87b71860656)]
+[scriptable, uuid(cb0ad623-6b46-4c09-a473-c1d6ca63d3c7)]
 interface nsIRefreshURI : nsISupports {
     /**
       * Load a uri after waiting for aMillis milliseconds. If the docshell
@@ -56,11 +55,10 @@ interface nsIRefreshURI : nsISupports {
       * the current page finishes loading. 
       *
       * @param aBaseURI base URI to resolve refresh uri with.
-      * @param principal the associated principal
       * @param aHeader  The meta refresh header string.
       */
-    void setupRefreshURIFromHeader(in nsIURI aBaseURI, in nsIPrincipal principal, in ACString aHeader);
-
+    void setupRefreshURIFromHeader(in nsIURI aBaseURI, in ACString aHeader);
+      
     /**
       * Cancels all timer loads.
       */
diff --git a/dom/apps/src/Webapps.jsm b/dom/apps/src/Webapps.jsm
index 8d9a8c379a0..9337dccab69 100644
--- a/dom/apps/src/Webapps.jsm
+++ b/dom/apps/src/Webapps.jsm
@@ -317,8 +317,7 @@ let DOMApplicationRegistry = {
   },
 
   _nextLocalId: function() {
-    let maxLocalId = Ci.nsIScriptSecurityManager.NO_APP_ID;
-
+    let maxLocalId = 0;
     for (let id in this.webapps) {
       if (this.webapps[id].localId > maxLocalId) {
         maxLocalId = this.webapps[id].localId;
@@ -636,7 +635,7 @@ let DOMApplicationRegistry = {
       }
     }
 
-    return Ci.nsIScriptSecurityManager.NO_APP_ID;
+    return 0;
   },
 
   getAllWithoutManifests: function(aCallback) {
diff --git a/dom/base/nsGlobalWindow.cpp b/dom/base/nsGlobalWindow.cpp
index 8c937cd253a..d96ac8c9d18 100644
--- a/dom/base/nsGlobalWindow.cpp
+++ b/dom/base/nsGlobalWindow.cpp
@@ -2965,9 +2965,9 @@ nsGlobalWindow::GetScriptableParent(nsIDOMWindow** aParent)
     return NS_OK;
   }
 
-  bool isContentBoundary = false;
-  mDocShell->GetIsContentBoundary(&isContentBoundary);
-  if (isContentBoundary) {
+  bool isMozBrowser = false;
+  mDocShell->GetIsBrowserFrame(&isMozBrowser);
+  if (isMozBrowser) {
     nsCOMPtr<nsIDOMWindow> parent = static_cast<nsIDOMWindow*>(this);
     parent.swap(*aParent);
     return NS_OK;
@@ -6446,13 +6446,12 @@ nsGlobalWindow::Close()
 {
   FORWARD_TO_OUTER(Close, (), NS_ERROR_NOT_INITIALIZED);
 
-  bool isContentBoundary = false;
+  bool isMozBrowser = false;
   if (mDocShell) {
-    mDocShell->GetIsContentBoundary(&isContentBoundary);
+    mDocShell->GetIsBrowserFrame(&isMozBrowser);
   }
 
-  if ((!isContentBoundary && IsFrame()) ||
-      !mDocShell || IsInModalState()) {
+  if ((!isMozBrowser && IsFrame()) || !mDocShell || IsInModalState()) {
     // window.close() is called on a frame in a frameset, on a window
     // that's already closed, or on a window for which there's
     // currently a modal dialog open. Ignore such calls.
@@ -6981,9 +6980,9 @@ nsGlobalWindow::GetScriptableFrameElement(nsIDOMElement** aFrameElement)
     return NS_OK;
   }
 
-  bool isContentBoundary = false;
-  mDocShell->GetIsContentBoundary(&isContentBoundary);
-  if (isContentBoundary) {
+  bool isMozBrowser = false;
+  mDocShell->GetIsBrowserFrame(&isMozBrowser);
+  if (isMozBrowser) {
     return NS_OK;
   }
 
diff --git a/dom/browser-element/BrowserElementChild.js b/dom/browser-element/BrowserElementChild.js
index ee4ccd0a0ec..84ceda83751 100644
--- a/dom/browser-element/BrowserElementChild.js
+++ b/dom/browser-element/BrowserElementChild.js
@@ -62,7 +62,7 @@ BrowserElementChild.prototype = {
 
     BrowserElementPromptService.mapWindowToBrowserElementChild(content, this);
 
-    docShell.setIsBrowser();
+    docShell.isBrowserFrame = true;
     docShell.QueryInterface(Ci.nsIWebProgress)
             .addProgressListener(this._progressListener,
                                  Ci.nsIWebProgress.NOTIFY_LOCATION |
diff --git a/dom/interfaces/apps/nsIAppsService.idl b/dom/interfaces/apps/nsIAppsService.idl
index 67471e7b6ef..7a6485c0b80 100644
--- a/dom/interfaces/apps/nsIAppsService.idl
+++ b/dom/interfaces/apps/nsIAppsService.idl
@@ -15,16 +15,9 @@ interface mozIDOMApplication;
  * This service allows accessing some DOMApplicationRegistry methods from
  * non-javascript code.
  */
-[scriptable, uuid(1210a0f3-add3-4381-b892-9c102e3afc42)]
+[scriptable, uuid(40e580e7-8891-4eb8-b514-0b5796af4df1)]
 interface nsIAppsService : nsISupports
 {
   mozIDOMApplication getAppByManifestURL(in DOMString manifestURL);
-
-  /**
-   * Returns the |localId| of the app associated with the |manifestURL| passed
-   * in parameter.
-   * Returns nsIScriptSecurityManager::NO_APP_ID if |manifestURL| isn't a valid
-   * installed manifest URL.
-   */
   unsigned long getAppLocalIdByManifestURL(in DOMString manifestURL);
 };
diff --git a/dom/ipc/TabChild.cpp b/dom/ipc/TabChild.cpp
index 66f044cdc87..3a86fd3914f 100644
--- a/dom/ipc/TabChild.cpp
+++ b/dom/ipc/TabChild.cpp
@@ -337,12 +337,12 @@ TabChild::ProvideWindow(nsIDOMWindow* aParent, PRUint32 aChromeFlags,
     // open a modal-type window, we're going to create a new <iframe mozbrowser>
     // and return its window here.
     nsCOMPtr<nsIDocShell> docshell = do_GetInterface(aParent);
-    bool isInContentBoundary = false;
+    bool inBrowserFrame = false;
     if (docshell) {
-      docshell->GetIsBelowContentBoundary(&isInContentBoundary);
+      docshell->GetContainedInBrowserFrame(&inBrowserFrame);
     }
 
-    if (isInContentBoundary &&
+    if (inBrowserFrame &&
         !(aChromeFlags & (nsIWebBrowserChrome::CHROME_MODAL |
                           nsIWebBrowserChrome::CHROME_OPENAS_DIALOG |
                           nsIWebBrowserChrome::CHROME_OPENAS_CHROME))) {
diff --git a/ipc/testshell/XPCShellEnvironment.cpp b/ipc/testshell/XPCShellEnvironment.cpp
index 0e127be3c2e..2a52c57fd6e 100644
--- a/ipc/testshell/XPCShellEnvironment.cpp
+++ b/ipc/testshell/XPCShellEnvironment.cpp
@@ -713,6 +713,14 @@ FullTrustSecMan::CheckLoadURIWithPrincipal(nsIPrincipal *aPrincipal,
     return NS_OK;
 }
 
+NS_IMETHODIMP
+FullTrustSecMan::CheckLoadURI(nsIURI *from,
+                              nsIURI *uri,
+                              PRUint32 flags)
+{
+    return NS_OK;
+}
+
 NS_IMETHODIMP
 FullTrustSecMan::CheckLoadURIStrWithPrincipal(nsIPrincipal *aPrincipal,
                                               const nsACString & uri,
@@ -721,6 +729,14 @@ FullTrustSecMan::CheckLoadURIStrWithPrincipal(nsIPrincipal *aPrincipal,
     return NS_OK;
 }
 
+NS_IMETHODIMP
+FullTrustSecMan::CheckLoadURIStr(const nsACString & from,
+                                 const nsACString & uri,
+                                 PRUint32 flags)
+{
+    return NS_OK;
+}
+
 NS_IMETHODIMP
 FullTrustSecMan::CheckFunctionAccess(JSContext * cx,
                                      void * funObj,
@@ -864,15 +880,6 @@ FullTrustSecMan::GetCxSubjectPrincipalAndFrame(JSContext *cx,
     return mSystemPrincipal;
 }
 
-NS_IMETHODIMP
-FullTrustSecMan::GetExtendedOrigin(nsIURI* aURI, PRUint32 aAppId,
-                                   bool aInMozBrowser,
-                                   nsACString& aExtendedOrigin)
-{
-  aExtendedOrigin.Truncate();
-  return NS_OK;
-}
-
 NS_IMETHODIMP_(nsrefcnt)
 XPCShellDirProvider::AddRef()
 {
diff --git a/js/xpconnect/shell/xpcshell.cpp b/js/xpconnect/shell/xpcshell.cpp
index e84ac1881b9..5d6795d8e63 100644
--- a/js/xpconnect/shell/xpcshell.cpp
+++ b/js/xpconnect/shell/xpcshell.cpp
@@ -1332,6 +1332,13 @@ FullTrustSecMan::CheckLoadURIWithPrincipal(nsIPrincipal *aPrincipal,
     return NS_OK;
 }
 
+/* void checkLoadURI (in nsIURI from, in nsIURI uri, in unsigned long flags); */
+NS_IMETHODIMP
+FullTrustSecMan::CheckLoadURI(nsIURI *from, nsIURI *uri, PRUint32 flags)
+{
+    return NS_OK;
+}
+
 /* void checkLoadURIStrWithPrincipal (in nsIPrincipal aPrincipal, in AUTF8String uri, in unsigned long flags); */
 NS_IMETHODIMP
 FullTrustSecMan::CheckLoadURIStrWithPrincipal(nsIPrincipal *aPrincipal,
@@ -1341,6 +1348,14 @@ FullTrustSecMan::CheckLoadURIStrWithPrincipal(nsIPrincipal *aPrincipal,
     return NS_OK;
 }
 
+/* void checkLoadURIStr (in AUTF8String from, in AUTF8String uri, in unsigned long flags); */
+NS_IMETHODIMP
+FullTrustSecMan::CheckLoadURIStr(const nsACString & from,
+                                 const nsACString & uri, PRUint32 flags)
+{
+    return NS_OK;
+}
+
 /* [noscript] void checkFunctionAccess (in JSContextPtr cx, in voidPtr funObj, in voidPtr targetObj); */
 NS_IMETHODIMP
 FullTrustSecMan::CheckFunctionAccess(JSContext * cx, void * funObj,
@@ -1487,15 +1502,6 @@ FullTrustSecMan::GetCxSubjectPrincipalAndFrame(JSContext *cx, JSStackFrame **fp)
     return mSystemPrincipal;
 }
 
-NS_IMETHODIMP
-FullTrustSecMan::GetExtendedOrigin(nsIURI* aURI, PRUint32 aAppId,
-                                   bool aInMozBrowser,
-                                   nsACString& aExtendedOrigin)
-{
-  aExtendedOrigin.Truncate();
-  return NS_OK;
-}
-
 /***************************************************************************/
 
 // #define TEST_InitClassesWithNewWrappedGlobal
diff --git a/layout/tools/reftest/reftest.js b/layout/tools/reftest/reftest.js
index 0e6833fe67f..33812a2621c 100644
--- a/layout/tools/reftest/reftest.js
+++ b/layout/tools/reftest/reftest.js
@@ -809,14 +809,12 @@ function ReadManifest(aURL, inherited_status)
             }
         }
 
-        var principal = secMan.getCodebasePrincipal(aURL);
-
         if (items[0] == "include") {
             if (items.length != 2 || runHttp)
                 throw "Error 2 in manifest file " + aURL.spec + " line " + lineNo;
             var incURI = gIOService.newURI(items[1], null, listURL);
-            secMan.checkLoadURIWithPrincipal(principal, incURI,
-                                             CI.nsIScriptSecurityManager.DISALLOW_SCRIPT);
+            secMan.checkLoadURI(aURL, incURI,
+                                CI.nsIScriptSecurityManager.DISALLOW_SCRIPT);
             ReadManifest(incURI, expected_status);
         } else if (items[0] == TYPE_LOAD) {
             if (items.length != 2 ||
@@ -824,14 +822,14 @@ function ReadManifest(aURL, inherited_status)
                  expected_status != EXPECTED_DEATH))
                 throw "Error 3 in manifest file " + aURL.spec + " line " + lineNo;
             var [testURI] = runHttp
-                            ? ServeFiles(principal, httpDepth,
+                            ? ServeFiles(aURL, httpDepth,
                                          listURL, [items[1]])
                             : [gIOService.newURI(items[1], null, listURL)];
             var prettyPath = runHttp
                            ? gIOService.newURI(items[1], null, listURL).spec
                            : testURI.spec;
-            secMan.checkLoadURIWithPrincipal(principal, testURI,
-                                             CI.nsIScriptSecurityManager.DISALLOW_SCRIPT);
+            secMan.checkLoadURI(aURL, testURI,
+                                CI.nsIScriptSecurityManager.DISALLOW_SCRIPT);
             gURLs.push( { type: TYPE_LOAD,
                           expected: expected_status,
                           allowSilentFail: allow_silent_fail,
@@ -850,14 +848,14 @@ function ReadManifest(aURL, inherited_status)
             if (items.length != 2)
                 throw "Error 4 in manifest file " + aURL.spec + " line " + lineNo;
             var [testURI] = runHttp
-                            ? ServeFiles(principal, httpDepth,
+                            ? ServeFiles(aURL, httpDepth,
                                          listURL, [items[1]])
                             : [gIOService.newURI(items[1], null, listURL)];
             var prettyPath = runHttp
                            ? gIOService.newURI(items[1], null, listURL).spec
                            : testURI.spec;
-            secMan.checkLoadURIWithPrincipal(principal, testURI,
-                                             CI.nsIScriptSecurityManager.DISALLOW_SCRIPT);
+            secMan.checkLoadURI(aURL, testURI,
+                                CI.nsIScriptSecurityManager.DISALLOW_SCRIPT);
             gURLs.push( { type: TYPE_SCRIPT,
                           expected: expected_status,
                           allowSilentFail: allow_silent_fail,
@@ -876,17 +874,17 @@ function ReadManifest(aURL, inherited_status)
             if (items.length != 3)
                 throw "Error 5 in manifest file " + aURL.spec + " line " + lineNo;
             var [testURI, refURI] = runHttp
-                                  ? ServeFiles(principal, httpDepth,
+                                  ? ServeFiles(aURL, httpDepth,
                                                listURL, [items[1], items[2]])
                                   : [gIOService.newURI(items[1], null, listURL),
                                      gIOService.newURI(items[2], null, listURL)];
             var prettyPath = runHttp
                            ? gIOService.newURI(items[1], null, listURL).spec
                            : testURI.spec;
-            secMan.checkLoadURIWithPrincipal(principal, testURI,
-                                             CI.nsIScriptSecurityManager.DISALLOW_SCRIPT);
-            secMan.checkLoadURIWithPrincipal(principal, refURI,
-                                             CI.nsIScriptSecurityManager.DISALLOW_SCRIPT);
+            secMan.checkLoadURI(aURL, testURI,
+                                CI.nsIScriptSecurityManager.DISALLOW_SCRIPT);
+            secMan.checkLoadURI(aURL, refURI,
+                                CI.nsIScriptSecurityManager.DISALLOW_SCRIPT);
             gURLs.push( { type: items[0],
                           expected: expected_status,
                           allowSilentFail: allow_silent_fail,
@@ -938,7 +936,7 @@ function BuildUseCounts()
     }
 }
 
-function ServeFiles(manifestPrincipal, depth, aURL, files)
+function ServeFiles(manifestURL, depth, aURL, files)
 {
     var listURL = aURL.QueryInterface(CI.nsIFileURL);
     var directory = listURL.file.parent;
@@ -970,8 +968,8 @@ function ServeFiles(manifestPrincipal, depth, aURL, files)
         var testURI = gIOService.newURI(file, null, testbase);
 
         // XXX necessary?  manifestURL guaranteed to be file, others always HTTP
-        secMan.checkLoadURIWithPrincipal(manifestPrincipal, testURI,
-                                         CI.nsIScriptSecurityManager.DISALLOW_SCRIPT);
+        secMan.checkLoadURI(manifestURL, testURI,
+                            CI.nsIScriptSecurityManager.DISALLOW_SCRIPT);
 
         return testURI;
     }
diff --git a/toolkit/components/social/FrameWorker.jsm b/toolkit/components/social/FrameWorker.jsm
index 252ee8a252a..bd812e66498 100644
--- a/toolkit/components/social/FrameWorker.jsm
+++ b/toolkit/components/social/FrameWorker.jsm
@@ -243,7 +243,7 @@ function makeHiddenFrame() {
   // TODO: disable media (bug 759964)
   
   // Mark this docShell as a "browserFrame", to break script access to e.g. window.top
-  docShell.setIsBrowser();
+  docShell.isBrowserFrame = true;
 
   return iframe;
 }
diff --git a/toolkit/content/nsDragAndDrop.js b/toolkit/content/nsDragAndDrop.js
index bbf637706ae..dfbe584ff6e 100644
--- a/toolkit/content/nsDragAndDrop.js
+++ b/toolkit/content/nsDragAndDrop.js
@@ -565,10 +565,11 @@ var nsDragAndDrop = {
       aDraggedText = aDraggedText.replace(/^\s*|\s*$/g, '');
 
       var uri;
-      var ioService = Components.classes["@mozilla.org/network/io-service;1"]
-                                .getService(Components.interfaces.nsIIOService);
+
       try {
-        uri = ioService.newURI(aDraggedText, null, null);
+        uri = Components.classes["@mozilla.org/network/io-service;1"]
+                        .getService(Components.interfaces.nsIIOService)
+                        .newURI(aDraggedText, null, null);
       } catch (e) {
       }
 
@@ -587,12 +588,11 @@ var nsDragAndDrop = {
       var sourceDoc = aDragSession.sourceDocument;
       // Use "file:///" as the default sourceURI so that drops of file:// URIs
       // are always allowed.
-      var principal = sourceDoc ? sourceDoc.nodePrincipal
-                                : secMan.getCodebasePrincipal(ioService.newURI("file:///", null, null));
+      var sourceURI = sourceDoc ? sourceDoc.documentURI : "file:///";
 
       try {
-        secMan.checkLoadURIStrWithPrincipal(principal, aDraggedText,
-                                            nsIScriptSecurityManager.STANDARD);
+        secMan.checkLoadURIStr(sourceURI, aDraggedText,
+                               nsIScriptSecurityManager.STANDARD);
       } catch (e) {
         // Stop event propagation right here.
         aEvent.stopPropagation();
diff --git a/toolkit/identity/Sandbox.jsm b/toolkit/identity/Sandbox.jsm
index 6de75deae07..d7e5d9c9489 100644
--- a/toolkit/identity/Sandbox.jsm
+++ b/toolkit/identity/Sandbox.jsm
@@ -93,7 +93,7 @@ Sandbox.prototype = {
                                       .getInterface(Ci.nsIDocShell);
 
     // Mark this docShell as a "browserFrame", to break script access to e.g. window.top
-    docShell.setIsBrowser();
+    docShell.isBrowserFrame = true;
 
     // Stop about:blank from being loaded.
     docShell.stop(Ci.nsIWebNavigation.STOP_NETWORK);
diff --git a/xpfe/appshell/src/nsContentTreeOwner.cpp b/xpfe/appshell/src/nsContentTreeOwner.cpp
index 0081941dbed..b61e04693f8 100644
--- a/xpfe/appshell/src/nsContentTreeOwner.cpp
+++ b/xpfe/appshell/src/nsContentTreeOwner.cpp
@@ -842,12 +842,12 @@ nsContentTreeOwner::ProvideWindow(nsIDOMWindow* aParent,
   // open a modal-type window, we're going to create a new <iframe mozbrowser>
   // and return its window here.
   nsCOMPtr<nsIDocShell> docshell = do_GetInterface(aParent);
-  bool isInContentBoundary = false;
+  bool inBrowserFrame = false;
   if (docshell) {
-    docshell->GetIsBelowContentBoundary(&isInContentBoundary);
+    docshell->GetContainedInBrowserFrame(&inBrowserFrame);
   }
 
-  if (isInContentBoundary &&
+  if (inBrowserFrame &&
       !(aChromeFlags & (nsIWebBrowserChrome::CHROME_MODAL |
                         nsIWebBrowserChrome::CHROME_OPENAS_DIALOG |
                         nsIWebBrowserChrome::CHROME_OPENAS_CHROME))) {