From d55b44719f3d99c79ca0aa802bac8e25d322610e Mon Sep 17 00:00:00 2001
From: "caillon%returnzero.com"
 <caillon%returnzero.com@18797224-902f-48f8-a5cc-f745e15eee43>
Date: Fri, 22 Aug 2003 03:06:53 +0000
Subject: [PATCH] Backing out the patch to bug 83536. I will reland this when
 1.6a re-opens. r+sr=jst@netscape.com a=chofmann

git-svn-id: svn://10.0.0.236/trunk@146256 18797224-902f-48f8-a5cc-f745e15eee43
---
 mozilla/caps/idl/Makefile.in                  |   3 +
 mozilla/caps/idl/nsIAggregatePrincipal.idl    |  60 ++
 mozilla/caps/idl/nsICertificatePrincipal.idl  |  53 ++
 mozilla/caps/idl/nsICodebasePrincipal.idl     |  56 ++
 mozilla/caps/idl/nsIPrincipal.idl             | 110 +--
 mozilla/caps/idl/nsIScriptSecurityManager.idl |  19 +-
 mozilla/caps/include/Makefile.in              |  10 +-
 mozilla/caps/include/nsAggregatePrincipal.h   | 116 +++
 mozilla/caps/include/nsBasePrincipal.h        | 122 +++
 mozilla/caps/include/nsCertificatePrincipal.h |  89 +++
 mozilla/caps/include/nsCodebasePrincipal.h    |  93 +++
 mozilla/caps/include/nsJSPrincipals.h         |   9 +-
 .../caps/include/nsScriptSecurityManager.h    | 129 +--
 mozilla/caps/include/nsSystemPrincipal.h      |  50 +-
 mozilla/caps/src/Makefile.in                  |   5 +-
 mozilla/caps/src/nsAggregatePrincipal.cpp     | 479 ++++++++++++
 mozilla/caps/src/nsBasePrincipal.cpp          | 421 ++++++++++
 mozilla/caps/src/nsCertificatePrincipal.cpp   | 227 ++++++
 mozilla/caps/src/nsCodebasePrincipal.cpp      | 311 ++++++++
 mozilla/caps/src/nsJSPrincipals.cpp           |  13 +-
 mozilla/caps/src/nsScriptSecurityManager.cpp  | 740 ++++++++++--------
 mozilla/caps/src/nsSecurityManagerFactory.cpp |  54 +-
 mozilla/caps/src/nsSystemPrincipal.cpp        | 154 +---
 mozilla/content/base/src/nsDocument.cpp       |  20 +-
 mozilla/content/base/src/nsFrameLoader.cpp    |   9 +-
 mozilla/content/base/src/nsGenericElement.cpp |   2 +-
 .../content/base/src/nsNodeInfoManager.cpp    |   1 -
 mozilla/content/base/src/nsNodeInfoManager.h  |   4 +-
 mozilla/content/base/src/nsRange.cpp          |   2 +-
 mozilla/content/base/src/nsScriptLoader.cpp   |  22 +-
 .../events/src/nsEventListenerManager.h       |   1 +
 .../html/document/src/nsHTMLContentSink.cpp   |  17 +-
 .../html/document/src/nsHTMLDocument.cpp      |  86 +-
 .../xml/document/src/nsXMLContentSink.cpp     |  28 +-
 .../xml/document/src/nsXMLDocument.cpp        |  19 +-
 .../xul/document/src/nsXULDocument.cpp        |   2 +-
 mozilla/docshell/base/nsDocShell.cpp          |   8 +-
 mozilla/dom/src/base/nsGlobalWindow.cpp       |  12 +-
 mozilla/dom/src/base/nsJSEnvironment.cpp      |  14 +-
 mozilla/dom/src/base/nsLocation.cpp           |   1 +
 mozilla/dom/src/jsurl/nsJSProtocolHandler.cpp |  44 +-
 .../activex/src/plugin/LegacyPlugin.cpp       |   2 +-
 .../webservices/schema/src/nsSchemaLoader.cpp |   7 +-
 .../security/src/nsWebScriptsAccess.cpp       |  10 +-
 .../soap/src/nsHTTPSOAPTransport.cpp          |  47 +-
 .../webservices/wsdl/src/nsWSDLLoader.cpp     |   7 +-
 .../xmlextras/base/src/nsDOMSerializer.cpp    |   8 +-
 mozilla/js/src/liveconnect/nsCLiveconnect.cpp |   2 +-
 .../xpconnect/loader/mozJSComponentLoader.cpp |   4 +-
 .../xpconnect/loader/mozJSSubScriptLoader.cpp |   2 +-
 mozilla/layout/generic/nsFrameFrame.cpp       |   1 +
 .../layout/html/document/src/nsFrameFrame.cpp |   1 +
 mozilla/modules/libjar/nsJARChannel.cpp       |  21 +-
 mozilla/modules/libpref/src/nsPrefBranch.cpp  |   6 +-
 mozilla/modules/oji/src/ProxyClassLoader.cpp  |   5 +-
 mozilla/modules/oji/src/lcglue.cpp            |   4 +-
 .../modules/oji/src/nsCSecurityContext.cpp    |  73 +-
 mozilla/modules/oji/src/nsJVMManager.cpp      |  15 +-
 .../netwerk/protocol/jar/src/nsJARChannel.cpp |  21 +-
 mozilla/security/manager/ssl/src/nsCrypto.cpp |   4 +-
 mozilla/security/manager/ssl/src/nsCrypto.h   |   2 +-
 .../manager/ssl/src/nsNSSComponent.cpp        |   5 +-
 mozilla/xpinstall/src/CertReader.cpp          |   4 -
 mozilla/xpinstall/src/CertReader.h            |  11 +-
 mozilla/xpinstall/src/nsSoftwareUpdateRun.cpp |   6 +-
 mozilla/xpinstall/src/nsXPITriggerInfo.cpp    |  26 +-
 66 files changed, 2991 insertions(+), 918 deletions(-)
 create mode 100644 mozilla/caps/idl/nsIAggregatePrincipal.idl
 create mode 100644 mozilla/caps/idl/nsICertificatePrincipal.idl
 create mode 100644 mozilla/caps/idl/nsICodebasePrincipal.idl
 create mode 100644 mozilla/caps/include/nsAggregatePrincipal.h
 create mode 100644 mozilla/caps/include/nsBasePrincipal.h
 create mode 100644 mozilla/caps/include/nsCertificatePrincipal.h
 create mode 100644 mozilla/caps/include/nsCodebasePrincipal.h
 create mode 100644 mozilla/caps/src/nsAggregatePrincipal.cpp
 create mode 100644 mozilla/caps/src/nsBasePrincipal.cpp
 create mode 100644 mozilla/caps/src/nsCertificatePrincipal.cpp
 create mode 100644 mozilla/caps/src/nsCodebasePrincipal.cpp

diff --git a/mozilla/caps/idl/Makefile.in b/mozilla/caps/idl/Makefile.in
index 5eb5d4e9163..b4ed527a7bb 100644
--- a/mozilla/caps/idl/Makefile.in
+++ b/mozilla/caps/idl/Makefile.in
@@ -32,6 +32,9 @@ GRE_MODULE	= 1
 XPIDLSRCS	= \
 		nsIScriptSecurityManager.idl \
 		nsIPrincipal.idl \
+		nsICodebasePrincipal.idl \
+		nsICertificatePrincipal.idl \
+		nsIAggregatePrincipal.idl \
 		nsISignatureVerifier.idl \
 		nsISecurityCheckedComponent.idl \
 		$(NULL)
diff --git a/mozilla/caps/idl/nsIAggregatePrincipal.idl b/mozilla/caps/idl/nsIAggregatePrincipal.idl
new file mode 100644
index 00000000000..4a7269afe8f
--- /dev/null
+++ b/mozilla/caps/idl/nsIAggregatePrincipal.idl
@@ -0,0 +1,60 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* ***** BEGIN LICENSE BLOCK *****
+ * Version: NPL 1.1/GPL 2.0/LGPL 2.1
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.1 (the "License"); you may not use this file except in
+ * compliance with the License. You may obtain a copy of the License at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+ * for the specific language governing rights and limitations under the
+ * License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is 
+ * Netscape Communications Corporation.
+ * Portions created by the Initial Developer are Copyright (C) 1999-2000
+ * the Initial Developer. All Rights Reserved.
+ *
+ * Contributor(s):
+ * Mitch Stoltz <mstoltz@netscape.com>
+ *
+ *
+ * Alternatively, the contents of this file may be used under the terms of
+ * either the GNU General Public License Version 2 or later (the "GPL"), or
+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+ * in which case the provisions of the GPL or the LGPL are applicable instead
+ * of those above. If you wish to allow use of your version of this file only
+ * under the terms of either the GPL or the LGPL, and not to allow others to
+ * use your version of this file under the terms of the NPL, indicate your
+ * decision by deleting the provisions above and replace them with the notice
+ * and other provisions required by the GPL or the LGPL. If you do not delete
+ * the provisions above, a recipient may use your version of this file under
+ * the terms of any one of the NPL, the GPL or the LGPL.
+ *
+ * ***** END LICENSE BLOCK ***** */
+/* Defines an interface for aggregate principals. */
+
+%{C++
+#define NS_AGGREGATEPRINCIPAL_CONTRACTID "@mozilla.org/aggregateprincipal;1"
+#define NS_AGGREGATEPRINCIPAL_CLASSNAME "aggregateprincipal"
+%}
+
+#include "nsIPrincipal.idl"
+
+[uuid(1c30a682-1dd2-11b2-ba9b-86a86f300cbc)]
+interface nsIAggregatePrincipal : nsISupports {
+
+    attribute nsIPrincipal certificate;
+    attribute nsIPrincipal codebase;
+    attribute boolean domainChanged;
+    readonly attribute nsIPrincipal originalCodebase;
+    readonly attribute nsIPrincipal primaryChild;
+
+    void intersect(in nsIPrincipal other);
+
+	attribute voidPtr cachedSecurityPolicy;
+};
diff --git a/mozilla/caps/idl/nsICertificatePrincipal.idl b/mozilla/caps/idl/nsICertificatePrincipal.idl
new file mode 100644
index 00000000000..b8249a11bb8
--- /dev/null
+++ b/mozilla/caps/idl/nsICertificatePrincipal.idl
@@ -0,0 +1,53 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* ***** BEGIN LICENSE BLOCK *****
+ * Version: NPL 1.1/GPL 2.0/LGPL 2.1
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.1 (the "License"); you may not use this file except in
+ * compliance with the License. You may obtain a copy of the License at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+ * for the specific language governing rights and limitations under the
+ * License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is 
+ * Netscape Communications Corporation.
+ * Portions created by the Initial Developer are Copyright (C) 1999-2000
+ * the Initial Developer. All Rights Reserved.
+ *
+ * Contributor(s):
+ * Mitchell Stoltz <mstoltz@netscape.com>
+ *
+ *
+ * Alternatively, the contents of this file may be used under the terms of
+ * either the GNU General Public License Version 2 or later (the "GPL"), or
+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+ * in which case the provisions of the GPL or the LGPL are applicable instead
+ * of those above. If you wish to allow use of your version of this file only
+ * under the terms of either the GPL or the LGPL, and not to allow others to
+ * use your version of this file under the terms of the NPL, indicate your
+ * decision by deleting the provisions above and replace them with the notice
+ * and other provisions required by the GPL or the LGPL. If you do not delete
+ * the provisions above, a recipient may use your version of this file under
+ * the terms of any one of the NPL, the GPL or the LGPL.
+ *
+ * ***** END LICENSE BLOCK ***** */
+/* Defines an interface for certificate principals. */
+#include "nsIPrincipal.idl"
+#include "nsIZipReader.idl"
+
+%{C++
+#define NS_CERTIFICATEPRINCIPAL_CONTRACTID "@mozilla.org/certificateprincipal;1"
+#define NS_CERTIFICATEPRINCIPAL_CLASSNAME "certificateprincipal"
+%}
+
+[uuid(ebfefcd0-25e1-11d2-8160-006008119d7a)]
+interface nsICertificatePrincipal : nsISupports {
+
+    readonly attribute string certificateID;
+    attribute string commonName;
+};
diff --git a/mozilla/caps/idl/nsICodebasePrincipal.idl b/mozilla/caps/idl/nsICodebasePrincipal.idl
new file mode 100644
index 00000000000..b684e6cfbb2
--- /dev/null
+++ b/mozilla/caps/idl/nsICodebasePrincipal.idl
@@ -0,0 +1,56 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* ***** BEGIN LICENSE BLOCK *****
+ * Version: NPL 1.1/GPL 2.0/LGPL 2.1
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.1 (the "License"); you may not use this file except in
+ * compliance with the License. You may obtain a copy of the License at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+ * for the specific language governing rights and limitations under the
+ * License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is 
+ * Netscape Communications Corporation.
+ * Portions created by the Initial Developer are Copyright (C) 1999
+ * the Initial Developer. All Rights Reserved.
+ *
+ * Contributor(s):
+ *
+ *
+ * Alternatively, the contents of this file may be used under the terms of
+ * either the GNU General Public License Version 2 or later (the "GPL"), or
+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+ * in which case the provisions of the GPL or the LGPL are applicable instead
+ * of those above. If you wish to allow use of your version of this file only
+ * under the terms of either the GPL or the LGPL, and not to allow others to
+ * use your version of this file under the terms of the NPL, indicate your
+ * decision by deleting the provisions above and replace them with the notice
+ * and other provisions required by the GPL or the LGPL. If you do not delete
+ * the provisions above, a recipient may use your version of this file under
+ * the terms of any one of the NPL, the GPL or the LGPL.
+ *
+ * ***** END LICENSE BLOCK ***** */
+/* Defines an interface for codebase principals. */
+#include "nsIPrincipal.idl"
+interface nsIURI;
+
+%{C++
+#define NS_CODEBASEPRINCIPAL_CONTRACTID "@mozilla.org/codebaseprincipal;1"
+#define NS_CODEBASEPRINCIPAL_CLASSNAME "codebaseprincipal"
+%}
+
+[uuid(829fe440-25e1-11d2-8160-006008119d7a)]
+interface nsICodebasePrincipal : nsISupports {
+
+	readonly attribute nsIURI URI;
+
+	readonly attribute string origin;
+
+	readonly attribute string spec;
+};
+
diff --git a/mozilla/caps/idl/nsIPrincipal.idl b/mozilla/caps/idl/nsIPrincipal.idl
index e8d999d5f8b..84fa7a96af7 100644
--- a/mozilla/caps/idl/nsIPrincipal.idl
+++ b/mozilla/caps/idl/nsIPrincipal.idl
@@ -14,14 +14,12 @@
  *
  * The Original Code is mozilla.org code.
  *
- * The Initial Developer of the Original Code is
+ * The Initial Developer of the Original Code is 
  * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1999-2003
+ * Portions created by the Initial Developer are Copyright (C) 1999-2000
  * the Initial Developer. All Rights Reserved.
  *
  * Contributor(s):
- *   Mitchell Stoltz <mstoltz@netscape.com>
- *   Christopher A. Aillon <christopher@aillon.com>
  *
  *
  * Alternatively, the contents of this file may be used under the terms of
@@ -46,109 +44,41 @@
 struct JSPrincipals;
 %}
 
-interface nsIURI;
-
 [ptr] native JSPrincipals(JSPrincipals);
 
 [uuid(ff9313d0-25e1-11d2-8160-006008119d7a)]
 interface nsIPrincipal : nsISerializable
 {
-    /**
-     * Values of capabilities for each principal. Order is
-     * significant: if an operation is performed on a set
-     * of capabilities, the minimum is computed.
-     */
+    // Values of capabilities for each principal. Order is
+    // significant: if an operation is performed on a set
+    // of capabilities, the minimum is computed.
     const short ENABLE_DENIED                = 1;
     const short ENABLE_UNKNOWN               = 2;
     const short ENABLE_WITH_USER_PERMISSION  = 3;
     const short ENABLE_GRANTED               = 4;
 
-    /**
-     * Returns the security preferences associated with this principal.
-     * prefBranch will be set to the pref branch to which these preferences
-     * pertain.  id is a pseudo-unique identifier, pertaining to either the
-     * certificateID or the origin.  grantedList and deniedList are
-     * space-separated lists of capabilities which were explicitly granted
-     * or denied by a pref.
-     */
-    void getPreferences(out string prefBranch, out string id,
+    string ToString();
+
+    string ToUserVisibleString();
+
+    void GetPreferences(out string prefName, out string id, 
                         out string grantedList, out string deniedList);
 
-    /**
-     * Returns whether the other principal is equivalent to this principal.
-     * Principals are considered equal if they are the same principal,
-     * they have the same origin, or have the same certificate ID
-     */
-    boolean equals(in nsIPrincipal other);
+    boolean Equals(in nsIPrincipal other);
 
-    /**
-     * Returns a hash value for the principal.
-     */
-    readonly attribute unsigned long hashValue;
+    unsigned long HashValue();
 
-    /**
-     * Returns the JS equivalent of the principal.
-     * @see JSPrincipals.h
-     */
-    readonly attribute JSPrincipals jsPrincipals;
+    JSPrincipals GetJSPrincipals();
 
-    /**
-     * The domain security policy of the principal.
-     */
-    // XXXcaa should this be here?  The script security manager is the only
-    // thing that should care about this.  Wouldn't storing this data in one
-    // of the hashtables in nsScriptSecurityManager be better?
-    attribute voidPtr securityPolicy;
+    short CanEnableCapability(in string capability);
 
-    // XXXcaa probably should be turned into {get|set}CapabilityFlags
-    short canEnableCapability(in string capability);
-    void setCanEnableCapability(in string capability, in short canEnable);
-    boolean isCapabilityEnabled(in string capability, in voidPtr annotation);
-    void enableCapability(in string capability, inout voidPtr annotation);
-    void revertCapability(in string capability, inout voidPtr annotation);
-    void disableCapability(in string capability, inout voidPtr annotation);
+    void SetCanEnableCapability(in string capability, in short canEnable);
 
-    /**
-     * The codebase URI to which this principal pertains.  This is
-     * generally the document URI.  Setting this will reset the domain
-     * to null.
-     */
-    attribute nsIURI URI;
+    boolean IsCapabilityEnabled(in string capability, in voidPtr annotation);
+    
+    void EnableCapability(in string capability, inout voidPtr annotation);
 
-    /**
-     * The domain URI to which this principal pertains.
-     * This is congruent with HTMLDocument.domain, and may be null.
-     * Setting this has no effect on the URI.
-     */
-    attribute nsIURI domain;
+    void RevertCapability(in string capability, inout voidPtr annotation);
 
-    /**
-     * The origin of this principal's domain, if non-null, or its
-     * codebase URI otherwise. An origin is defined as:
-     * scheme + host + port.
-     */
-    // XXXcaa this should probably be turned into an nsIURI.
-    // The system principal's origin should be some caps namespace
-    // with a chrome URI.  All of chrome should probably be the same.
-    readonly attribute string origin;
-
-    /**
-     * Whether this principal is associated with a certificate.
-     */
-    readonly attribute boolean hasCertificate;
-
-    /**
-     * The fingerprint ID of this principal's certificate.
-     * Throws if there is no certificate associated with this principal.
-     */
-    // XXXcaa kaie says this may not be unique.  We should probably
-    // consider using something else for this....
-    attribute string certificateID;
-
-    /**
-     * The common name for the certificate.
-     * This pertains to the certificate authority organization.
-     * Throws if there is no certificate associated with this principal.
-     */
-    attribute string commonName;
+    void DisableCapability(in string capability, inout voidPtr annotation);
 };
diff --git a/mozilla/caps/idl/nsIScriptSecurityManager.idl b/mozilla/caps/idl/nsIScriptSecurityManager.idl
index ab01ca2e3d5..633e0ef3409 100644
--- a/mozilla/caps/idl/nsIScriptSecurityManager.idl
+++ b/mozilla/caps/idl/nsIScriptSecurityManager.idl
@@ -134,22 +134,23 @@ interface nsIScriptSecurityManager : nsIXPCSecurityManager
      * executing script. Will return null if there is no script 
      * currently executing.
      */
-    [noscript] nsIPrincipal getSubjectPrincipal();
+    nsIPrincipal getSubjectPrincipal();
 
     /**
      * Return the all-powerful system principal.
      */
-    [noscript] nsIPrincipal getSystemPrincipal();
+    nsIPrincipal getSystemPrincipal();
 
     /**
-     * Return a principal with the specified certificate ID.
+     * Return a principal that can be QI'd to nsICertificatePrincipal.
      */
-    [noscript] nsIPrincipal getCertificatePrincipal(in string CertID);
+    nsIPrincipal getCertificatePrincipal(in string CertID);
 
     /**
-     * Return a principal that has the same origin as aURI.
+     * Return a principal that can be QI'd to nsICodebasePrincipal and 
+     * has the same origin as aURI.
      */
-    [noscript] nsIPrincipal getCodebasePrincipal(in nsIURI aURI);
+    nsIPrincipal getCodebasePrincipal(in nsIURI aURI);
 
     ///////////////// Capabilities API /////////////////////
     /**
@@ -158,13 +159,13 @@ interface nsIScriptSecurityManager : nsIXPCSecurityManager
      * necessary. Returns nsIPrincipal::ENABLE_GRANTED or
      * nsIPrincipal::ENABLE_DENIED based on user's choice.
      */
-    [noscript] short requestCapability(in nsIPrincipal principal,
-                                       in string capability);
+    void requestCapability(in nsIPrincipal principal, in string capability,
+                           out short result);
     
     /**
      * Return true if the currently executing script has 'capability' enabled.
      */
-    boolean isCapabilityEnabled(in string capability);
+    boolean IsCapabilityEnabled(in string capability);
     
     /**
      * Enable 'capability' in the innermost frame of the currently executing
diff --git a/mozilla/caps/include/Makefile.in b/mozilla/caps/include/Makefile.in
index a08770c1886..1b7c9edda60 100644
--- a/mozilla/caps/include/Makefile.in
+++ b/mozilla/caps/include/Makefile.in
@@ -29,8 +29,14 @@ include $(DEPTH)/config/autoconf.mk
 MODULE		= caps
 
 EXPORTS		= \
-            nsJSPrincipals.h \
-            $(NULL)
+		nsBasePrincipal.h \
+		nsSystemPrincipal.h \
+		nsCertificatePrincipal.h \
+		nsCodebasePrincipal.h \
+		nsAggregatePrincipal.h \
+		nsJSPrincipals.h \
+		nsScriptSecurityManager.h \
+		$(NULL)
 
 include $(topsrcdir)/config/rules.mk
 
diff --git a/mozilla/caps/include/nsAggregatePrincipal.h b/mozilla/caps/include/nsAggregatePrincipal.h
new file mode 100644
index 00000000000..cacda09a019
--- /dev/null
+++ b/mozilla/caps/include/nsAggregatePrincipal.h
@@ -0,0 +1,116 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* ***** BEGIN LICENSE BLOCK *****
+ * Version: NPL 1.1/GPL 2.0/LGPL 2.1
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.1 (the "License"); you may not use this file except in
+ * compliance with the License. You may obtain a copy of the License at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+ * for the specific language governing rights and limitations under the
+ * License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is 
+ * Netscape Communications Corporation.
+ * Portions created by the Initial Developer are Copyright (C) 1998-2000
+ * the Initial Developer. All Rights Reserved.
+ *
+ * Contributor(s):
+ *
+ *
+ * Alternatively, the contents of this file may be used under the terms of
+ * either the GNU General Public License Version 2 or later (the "GPL"), or
+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+ * in which case the provisions of the GPL or the LGPL are applicable instead
+ * of those above. If you wish to allow use of your version of this file only
+ * under the terms of either the GPL or the LGPL, and not to allow others to
+ * use your version of this file under the terms of the NPL, indicate your
+ * decision by deleting the provisions above and replace them with the notice
+ * and other provisions required by the GPL or the LGPL. If you do not delete
+ * the provisions above, a recipient may use your version of this file under
+ * the terms of any one of the NPL, the GPL or the LGPL.
+ *
+ * ***** END LICENSE BLOCK ***** */
+
+/* describes aggregate principals which combine the
+   behavior of one or more other principals */
+
+#ifndef _NS_AGGREGATE_PRINCIPAL_H_
+#define _NS_AGGREGATE_PRINCIPAL_H_
+#include "nsIAggregatePrincipal.h"
+#include "nsICertificatePrincipal.h"
+#include "nsICodebasePrincipal.h"
+#include "nsBasePrincipal.h"
+#include "nsCOMPtr.h"
+
+#define NS_AGGREGATEPRINCIPAL_CID \
+{ 0x867cf414, 0x1dd2, 0x11b2, \
+{ 0x82, 0x66, 0xca, 0x64, 0x3b, 0xbc, 0x35, 0x64 }}
+
+/* 867cf414-1dd2-11b2-8266-ca643bbc3564 */
+class nsAggregatePrincipal : public nsIAggregatePrincipal,
+                             public nsICertificatePrincipal,
+                             public nsICodebasePrincipal,
+                             public nsBasePrincipal 
+{
+public:
+
+    NS_DEFINE_STATIC_CID_ACCESSOR(NS_AGGREGATEPRINCIPAL_CID)
+    NS_DECL_ISUPPORTS
+    NS_DECL_NSISERIALIZABLE
+    NS_DECL_NSIAGGREGATEPRINCIPAL
+    NS_DECL_NSICERTIFICATEPRINCIPAL
+    NS_DECL_NSICODEBASEPRINCIPAL
+
+    NS_IMETHOD 
+    ToString(char **result);
+
+    NS_IMETHOD 
+    ToUserVisibleString(char **result);
+
+    NS_IMETHOD 
+    Equals(nsIPrincipal *other, PRBool *result);
+
+    NS_IMETHOD 
+    HashValue(PRUint32 *result);
+
+    NS_IMETHOD 
+    CanEnableCapability(const char *capability, PRInt16 *result);
+
+    NS_IMETHOD 
+    SetCanEnableCapability(const char *capability, PRInt16 canEnable);
+    
+    NS_IMETHOD 
+    IsCapabilityEnabled(const char *capability, void *annotation, 
+                        PRBool *result);
+
+    NS_IMETHOD 
+    EnableCapability(const char *capability, void **annotation);
+
+    NS_IMETHOD 
+    RevertCapability(const char *capability, void **annotation);
+
+    NS_IMETHOD 
+    DisableCapability(const char *capability, void **annotation);
+    
+    NS_IMETHOD 
+    GetPreferences(char** aPrefName, char** aID, 
+                   char** aGrantedList, char** aDeniedList);
+    
+    nsAggregatePrincipal();
+
+    virtual ~nsAggregatePrincipal(void);
+
+protected:
+    nsCOMPtr<nsIPrincipal> mCertificate;
+    nsCOMPtr<nsIPrincipal> mCodebase;
+    nsCOMPtr<nsIPrincipal> mOriginalCodebase;
+    void* mCachedSecurityPolicy;
+    PRPackedBool mDomainChanged;
+};
+
+#endif // _NS_AGGREGATE_PRINCIPAL_H_
diff --git a/mozilla/caps/include/nsBasePrincipal.h b/mozilla/caps/include/nsBasePrincipal.h
new file mode 100644
index 00000000000..56a1fb8cacd
--- /dev/null
+++ b/mozilla/caps/include/nsBasePrincipal.h
@@ -0,0 +1,122 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1999-2000 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ *
+ * Contributors:
+ * Norris Boyd
+ */
+
+/* Shared implementation code for principals. */
+
+#ifndef _NS_BASE_PRINCIPAL_H_
+#define _NS_BASE_PRINCIPAL_H_
+
+#include "jsapi.h"
+#include "nsJSPrincipals.h"
+#include "nsVoidArray.h"
+#include "nsHashtable.h"
+#include "nsIObjectInputStream.h"
+#include "nsIObjectOutputStream.h"
+
+class nsBasePrincipal: public nsIPrincipal {
+public:
+          
+    nsBasePrincipal();
+    
+    virtual ~nsBasePrincipal(void);
+
+    NS_IMETHOD
+    GetJSPrincipals(JSPrincipals **jsprin);
+
+    NS_IMETHOD 
+    CanEnableCapability(const char *capability, PRInt16 *result);
+    
+    NS_IMETHOD 
+    SetCanEnableCapability(const char *capability, PRInt16 canEnable);
+    
+    NS_IMETHOD 
+    IsCapabilityEnabled(const char *capability, void *annotation, 
+                        PRBool *result);
+
+    NS_IMETHOD 
+    EnableCapability(const char *capability, void **annotation);
+
+    NS_IMETHOD 
+    RevertCapability(const char *capability, void **annotation);
+
+    NS_IMETHOD 
+    DisableCapability(const char *capability, void **annotation);
+    
+    NS_IMETHOD 
+    GetPreferences(char** aPrefName, char** aID, 
+                   char** aGrantedList, char** aDeniedList);
+
+    nsresult
+    InitFromPersistent(const char* aPrefName,const char* aID, 
+                       const char* aGrantedList, const char* aDeniedList);
+
+    NS_IMETHOD
+    Read(nsIObjectInputStream* aStream);
+
+    NS_IMETHOD
+    Write(nsIObjectOutputStream* aStream);
+
+    static const char Invalid[];
+
+protected:
+    enum AnnotationValue { AnnotationEnabled=1, AnnotationDisabled };
+
+    NS_IMETHOD
+    SetCapability(const char *capability, void **annotation, 
+                  AnnotationValue value);
+
+    nsJSPrincipals mJSPrincipals;
+    nsVoidArray mAnnotations;
+    nsHashtable *mCapabilities;
+    nsCString mPrefName;
+    static int mCapabilitiesOrdinal;
+};
+
+// special AddRef/Release to unify reference counts between XPCOM 
+//  and JSPrincipals
+
+#define NSBASEPRINCIPALS_ADDREF(className)                                  \
+NS_IMETHODIMP_(nsrefcnt)                                                    \
+className::AddRef(void)                                                     \
+{                                                                           \
+    NS_PRECONDITION(PRInt32(mRefCnt) == 0, "illegal mRefCnt");              \
+    NS_PRECONDITION(PRInt32(mJSPrincipals.refcount) >= 0, "illegal refcnt");\
+    nsrefcnt count = PR_AtomicIncrement((PRInt32 *)&mJSPrincipals.refcount);\
+    NS_LOG_ADDREF(this, count, #className, sizeof(*this));                  \
+    return count;                                                           \
+}
+
+#define NSBASEPRINCIPALS_RELEASE(className)                                 \
+NS_IMETHODIMP_(nsrefcnt)                                                    \
+className::Release(void)                                                    \
+{                                                                           \
+    NS_PRECONDITION(PRInt32(mRefCnt) == 0, "illegal mRefCnt");              \
+    NS_PRECONDITION(0 != mJSPrincipals.refcount, "dup release");            \
+    nsrefcnt count = PR_AtomicDecrement((PRInt32 *)&mJSPrincipals.refcount);\
+    NS_LOG_RELEASE(this, count, #className);                                \
+    if (count == 0) {                                                       \
+        NS_DELETEXPCOM(this);                                               \
+        return 0;                                                           \
+    }                                                                       \
+    return count;                                                           \
+}
+
+#endif // _NS_BASE_PRINCIPAL_H_
diff --git a/mozilla/caps/include/nsCertificatePrincipal.h b/mozilla/caps/include/nsCertificatePrincipal.h
new file mode 100644
index 00000000000..65976044002
--- /dev/null
+++ b/mozilla/caps/include/nsCertificatePrincipal.h
@@ -0,0 +1,89 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* ***** BEGIN LICENSE BLOCK *****
+ * Version: NPL 1.1/GPL 2.0/LGPL 2.1
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.1 (the "License"); you may not use this file except in
+ * compliance with the License. You may obtain a copy of the License at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+ * for the specific language governing rights and limitations under the
+ * License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is 
+ * Netscape Communications Corporation.
+ * Portions created by the Initial Developer are Copyright (C) 1998-2000
+ * the Initial Developer. All Rights Reserved.
+ *
+ * Contributor(s):
+ *
+ *
+ * Alternatively, the contents of this file may be used under the terms of
+ * either the GNU General Public License Version 2 or later (the "GPL"), or
+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+ * in which case the provisions of the GPL or the LGPL are applicable instead
+ * of those above. If you wish to allow use of your version of this file only
+ * under the terms of either the GPL or the LGPL, and not to allow others to
+ * use your version of this file under the terms of the NPL, indicate your
+ * decision by deleting the provisions above and replace them with the notice
+ * and other provisions required by the GPL or the LGPL. If you do not delete
+ * the provisions above, a recipient may use your version of this file under
+ * the terms of any one of the NPL, the GPL or the LGPL.
+ *
+ * ***** END LICENSE BLOCK ***** */
+
+/* describes principals for use with signed scripts */
+
+#ifndef _NS_CERTIFICATE_PRINCIPAL_H_
+#define _NS_CERTIFICATE_PRINCIPAL_H_
+#include "jsapi.h"
+#include "nsICertificatePrincipal.h"
+#include "nsBasePrincipal.h"
+
+class nsIURI;
+
+#define NS_CERTIFICATEPRINCIPAL_CID \
+{ 0x7ee2a4c0, 0x4b91, 0x11d3, \
+{ 0xba, 0x18, 0x00, 0x60, 0xb0, 0xf1, 0x99, 0xa2 }}
+
+class nsCertificatePrincipal : public nsICertificatePrincipal, public nsBasePrincipal 
+{
+public:
+
+    NS_DEFINE_STATIC_CID_ACCESSOR(NS_CERTIFICATEPRINCIPAL_CID)
+    NS_DECL_ISUPPORTS
+    NS_DECL_NSISERIALIZABLE
+    NS_DECL_NSICERTIFICATEPRINCIPAL
+
+    NS_IMETHOD ToString(char **result);
+
+    NS_IMETHOD ToUserVisibleString(char **result);
+    
+    NS_IMETHOD GetPreferences(char** aPrefName, char** aID, 
+                              char** aGrantedList, char** aDeniedList);
+    
+    NS_IMETHOD Equals(nsIPrincipal *other, PRBool *result);
+
+    NS_IMETHOD HashValue(PRUint32 *result);
+
+    NS_IMETHOD CanEnableCapability(const char *capability, PRInt16 *result);
+
+    NS_IMETHOD Init(const char* aCertificateID);
+
+    nsresult InitFromPersistent(const char* aPrefName, const char* aID, 
+                                const char* aGrantedList, const char* aDeniedList);
+
+    nsCertificatePrincipal();
+
+	virtual ~nsCertificatePrincipal(void);
+
+protected:
+    nsCString mCertificateID;
+    nsCString mCommonName;
+};
+
+#endif // _NS_CERTIFICATE_PRINCIPAL_H_
diff --git a/mozilla/caps/include/nsCodebasePrincipal.h b/mozilla/caps/include/nsCodebasePrincipal.h
new file mode 100644
index 00000000000..710c54a6809
--- /dev/null
+++ b/mozilla/caps/include/nsCodebasePrincipal.h
@@ -0,0 +1,93 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* ***** BEGIN LICENSE BLOCK *****
+ * Version: NPL 1.1/GPL 2.0/LGPL 2.1
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.1 (the "License"); you may not use this file except in
+ * compliance with the License. You may obtain a copy of the License at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+ * for the specific language governing rights and limitations under the
+ * License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is 
+ * Netscape Communications Corporation.
+ * Portions created by the Initial Developer are Copyright (C) 1998-2000
+ * the Initial Developer. All Rights Reserved.
+ *
+ * Contributor(s):
+ *
+ *
+ * Alternatively, the contents of this file may be used under the terms of
+ * either the GNU General Public License Version 2 or later (the "GPL"), or
+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+ * in which case the provisions of the GPL or the LGPL are applicable instead
+ * of those above. If you wish to allow use of your version of this file only
+ * under the terms of either the GPL or the LGPL, and not to allow others to
+ * use your version of this file under the terms of the NPL, indicate your
+ * decision by deleting the provisions above and replace them with the notice
+ * and other provisions required by the GPL or the LGPL. If you do not delete
+ * the provisions above, a recipient may use your version of this file under
+ * the terms of any one of the NPL, the GPL or the LGPL.
+ *
+ * ***** END LICENSE BLOCK ***** */
+
+/* describes principals by their orginating URIs */
+
+#ifndef _NS_CODEBASE_PRINCIPAL_H_
+#define _NS_CODEBASE_PRINCIPAL_H_
+
+#include "jsapi.h"
+#include "nsBasePrincipal.h"
+#include "nsICodebasePrincipal.h"
+#include "nsIURI.h"
+#include "nsCOMPtr.h"
+
+#define NS_CODEBASEPRINCIPAL_CID \
+{ 0x7ee2a400, 0x0b91, 0xaad3, \
+{ 0xba, 0x18, 0xd7, 0x60, 0xb0, 0xf1, 0x99, 0xa2 }}
+
+class nsCodebasePrincipal : public nsBasePrincipal, public nsICodebasePrincipal {
+public:
+    
+    NS_DEFINE_STATIC_CID_ACCESSOR(NS_CODEBASEPRINCIPAL_CID)
+        
+    NS_DECL_ISUPPORTS
+    NS_DECL_NSISERIALIZABLE
+    NS_DECL_NSICODEBASEPRINCIPAL
+    
+    NS_IMETHOD ToString(char **result);
+
+    NS_IMETHOD ToUserVisibleString(char **result);
+    
+    NS_IMETHOD GetPreferences(char** aPrefName, char** aID, 
+                              char** aGrantedList, char** aDeniedList);
+    
+    NS_IMETHOD Equals(nsIPrincipal *other, PRBool *result);
+
+    NS_IMETHOD HashValue(PRUint32 *result);
+
+    NS_IMETHOD CanEnableCapability(const char *capability, PRInt16 *result);
+
+    nsCodebasePrincipal();
+    
+    nsresult
+    Init(nsIURI *uri);
+
+    nsresult
+    InitFromPersistent(const char* aPrefName, const char* aID, 
+                       const char* aGrantedList, const char* aDeniedList,
+                       PRBool aTrusted);
+
+    virtual ~nsCodebasePrincipal(void);
+    
+protected:
+    nsCOMPtr<nsIURI> mURI;
+    PRBool mTrusted;
+};
+
+#endif // _NS_CODEBASE_PRINCIPAL_H_
diff --git a/mozilla/caps/include/nsJSPrincipals.h b/mozilla/caps/include/nsJSPrincipals.h
index 76edbe071a4..d7caf860391 100644
--- a/mozilla/caps/include/nsJSPrincipals.h
+++ b/mozilla/caps/include/nsJSPrincipals.h
@@ -36,9 +36,8 @@
  *
  * ***** END LICENSE BLOCK ***** */
 /* describes principals by their orginating uris*/
-
-#ifndef nsJSPrincipals_h__
-#define nsJSPrincipals_h__
+#ifndef _NS_JSPRINCIPALS_H_
+#define _NS_JSPRINCIPALS_H_
 #include "jsapi.h"
 #include "nsIPrincipal.h"
 
@@ -48,8 +47,8 @@ struct nsJSPrincipals : JSPrincipals {
   nsresult Init(char *prin);
   ~nsJSPrincipals(void);
 
-  nsIPrincipal *nsIPrincipalPtr; // [WEAK] it owns us.
+  nsIPrincipal *nsIPrincipalPtr;
 };
 
-#endif /* nsJSPrincipals_h__ */
+#endif /* _NS_JSPRINCIPALS_H_ */
 
diff --git a/mozilla/caps/include/nsScriptSecurityManager.h b/mozilla/caps/include/nsScriptSecurityManager.h
index 2f0053454f3..f7269f98942 100644
--- a/mozilla/caps/include/nsScriptSecurityManager.h
+++ b/mozilla/caps/include/nsScriptSecurityManager.h
@@ -22,7 +22,6 @@
  * Contributor(s):
  *  Norris Boyd  <nboyd@atg.com>
  *  Mitch Stoltz <mstoltz@netscape.com>
- *  Christopher A. Aillon <christopher@aillon.com>
  *
  * Alternatively, the contents of this file may be used under the terms of
  * either the GNU General Public License Version 2 or later (the "GPL"), or
@@ -38,15 +37,14 @@
  *
  * ***** END LICENSE BLOCK ***** */
 
-#ifndef nsScriptSecurityManager_h__
-#define nsScriptSecurityManager_h__
+#ifndef _NS_SCRIPT_SECURITY_MANAGER_H_
+#define _NS_SCRIPT_SECURITY_MANAGER_H_
 
 #include "nsIScriptSecurityManager.h"
 #include "nsIPrincipal.h"
 #include "jsapi.h"
 #include "jsdbgapi.h"
 #include "nsIXPCSecurityManager.h"
-#include "nsInterfaceHashtable.h"
 #include "nsHashtable.h"
 #include "nsCOMPtr.h"
 #include "nsIPrefService.h"
@@ -59,86 +57,44 @@
 class nsIDocShell;
 class nsString;
 class nsIClassInfo;
-class nsIIOService;
-class nsIXPConnect;
 class nsIStringBundle;
 class nsSystemPrincipal;
 struct ClassPolicy;
 
-#if defined(DEBUG_mstoltz) || defined(DEBUG_caillon)
-#define DEBUG_CAPS_HACKER
-#endif
-
-#ifdef DEBUG_CAPS_HACKER
-#define DEBUG_CAPS_CheckPropertyAccessImpl
-#define DEBUG_CAPS_LookupPolicy
-#define DEBUG_CAPS_CheckComponentPermissions
-#endif
-
-#if 0
-#define DEBUG_CAPS_CanCreateWrapper
-#define DEBUG_CAPS_CanCreateInstance
-#define DEBUG_CAPS_CanGetService
-#endif
-
 /////////////////////
-// PrincipalKey //
+// nsIPrincipalKey //
 /////////////////////
 
-class PrincipalKey : public PLDHashEntryHdr
+class nsIPrincipalKey : public nsHashKey
 {
 public:
-    typedef const nsIPrincipal* KeyType;
-    typedef const nsIPrincipal* KeyTypePointer;
-
-    PrincipalKey(const nsIPrincipal* key)
-      : mKey(NS_CONST_CAST(nsIPrincipal*, key))
-    {
+    nsIPrincipalKey(nsIPrincipal* key) {
+        mKey = key;
+        NS_IF_ADDREF(mKey);
     }
-
-    PrincipalKey(const PrincipalKey& toCopy)
-      : mKey(toCopy.mKey)
-    {
-    } 
-
-    ~PrincipalKey()
-    {
+    
+    ~nsIPrincipalKey(void) {
+        NS_IF_RELEASE(mKey);
     }
-
-    KeyType GetKey() const
-    {
-        return mKey;
+    
+    PRUint32 HashCode(void) const {
+        PRUint32 hash;
+        mKey->HashValue(&hash);
+        return hash;
     }
-
-    KeyTypePointer GetKeyPointer() const
-    {
-        return mKey;
-    }
-
-    PRBool KeyEquals(KeyTypePointer aKey) const
-    {
+    
+    PRBool Equals(const nsHashKey* aKey) const {
         PRBool eq;
-        mKey->Equals(NS_CONST_CAST(nsIPrincipal*, aKey),
-                     &eq);
+        mKey->Equals(((nsIPrincipalKey*) aKey)->mKey, &eq);
         return eq;
     }
-
-    static KeyTypePointer KeyToPointer(KeyType aKey)
-    {
-        return aKey;
+    
+    nsHashKey *Clone(void) const {
+        return new nsIPrincipalKey(mKey);
     }
 
-    static PLDHashNumber HashKey(KeyTypePointer aKey)
-    {
-        PRUint32 hash;
-        NS_CONST_CAST(nsIPrincipal*, aKey)->GetHashValue(&hash);
-        return PLDHashNumber(hash);
-    }
-
-    enum { ALLOW_MEMMOVE = PR_TRUE };
-
-private:
-    nsCOMPtr<nsIPrincipal> mKey;
+protected:
+    nsIPrincipal* mKey;
 };
 
 ////////////////////
@@ -258,12 +214,9 @@ class DomainPolicy : public PLDHashTable
 public:
     DomainPolicy() : mWildcardPolicy(nsnull),
                      mRefCount(0)
+                     
     {
-    }
-
-    PRBool Init()
-    {
-        static const PLDHashTableOps domainPolicyOps =
+        static PLDHashTableOps domainPolicyOps =
         {
             PL_DHashAllocTable,
             PL_DHashFreeTable,
@@ -276,8 +229,8 @@ public:
             InitClassPolicyEntry
         };
 
-        return PL_DHashTableInit(this, &domainPolicyOps, nsnull,
-                                 sizeof(ClassPolicy), 16);
+        PL_DHashTableInit(this, &domainPolicyOps, nsnull,
+                          sizeof(ClassPolicy), 16);
     }
 
     ~DomainPolicy()
@@ -446,7 +399,7 @@ private:
     nsresult
     CheckComponentPermissions(JSContext *cx, const nsCID &aCID);
 #endif
-#ifdef DEBUG_CAPS_HACKER
+#ifdef DEBUG_mstoltz
     void
     PrintPolicyDB();
 #endif
@@ -457,8 +410,8 @@ private:
     inline void
     JSEnabledPrefChanged(nsISecurityPref* aSecurityPref);
 
-    static const char sJSEnabledPrefName[];
-    static const char sJSMailEnabledPrefName[];
+    static const char* sJSEnabledPrefName;
+    static const char* sJSMailEnabledPrefName;
 
     nsObjectHashtable* mOriginToPolicyMap;
     DomainPolicy* mDefaultPolicy;
@@ -466,22 +419,20 @@ private:
 
     nsCOMPtr<nsIPrefBranch> mPrefBranch;
     nsCOMPtr<nsISecurityPref> mSecurityPref;
-    nsCOMPtr<nsIPrincipal> mSystemPrincipal;
+    nsIPrincipal* mSystemPrincipal;
     nsCOMPtr<nsIPrincipal> mSystemCertificate;
-    nsInterfaceHashtable<PrincipalKey, nsIPrincipal> mPrincipals;
+    nsSupportsHashtable* mPrincipals;
+    PRBool mIsJavaScriptEnabled;
+    PRBool mIsMailJavaScriptEnabled;
+    PRBool mIsWritingPrefs;
     nsCOMPtr<nsIThreadJSContextStack> mJSContextStack;
-    PRPackedBool mIsJavaScriptEnabled;
-    PRPackedBool mIsMailJavaScriptEnabled;
-    PRPackedBool mIsWritingPrefs;
-    PRPackedBool mPolicyPrefsChanged;
+    PRBool mNameSetRegistered;
+    PRBool mPolicyPrefsChanged;
 #ifdef XPC_IDISPATCH_SUPPORT    
-    PRPackedBool mXPCDefaultGrantAll;
-    static const char sXPCDefaultGrantAllName[];
+    PRBool mXPCDefaultGrantAll;
+    static const char* sXPCDefaultGrantAllName;
 #endif
 
-    static nsIIOService    *sIOService;
-    static nsIXPConnect    *sXPConnect;
     static nsIStringBundle *sStrBundle;
 };
-
-#endif // nsScriptSecurityManager_h__
+#endif /*_NS_SCRIPT_SECURITY_MANAGER_H_*/
diff --git a/mozilla/caps/include/nsSystemPrincipal.h b/mozilla/caps/include/nsSystemPrincipal.h
index dc65780a3b4..ae31356df2c 100644
--- a/mozilla/caps/include/nsSystemPrincipal.h
+++ b/mozilla/caps/include/nsSystemPrincipal.h
@@ -14,7 +14,7 @@
  *
  * The Original Code is mozilla.org code.
  *
- * The Initial Developer of the Original Code is
+ * The Initial Developer of the Original Code is 
  * Netscape Communications Corporation.
  * Portions created by the Initial Developer are Copyright (C) 1999-2000
  * the Initial Developer. All Rights Reserved.
@@ -38,11 +38,10 @@
 
 /* The privileged system principal. */
 
-#ifndef nsSystemPrincipal_h__
-#define nsSystemPrincipal_h__
+#ifndef _NS_SYSTEM_PRINCIPAL_H_
+#define _NS_SYSTEM_PRINCIPAL_H_
 
-#include "nsIPrincipal.h"
-#include "nsJSPrincipals.h"
+#include "nsBasePrincipal.h"
 
 #define NS_SYSTEMPRINCIPAL_CLASSNAME "systemprincipal"
 #define NS_SYSTEMPRINCIPAL_CID \
@@ -51,23 +50,42 @@
 #define NS_SYSTEMPRINCIPAL_CONTRACTID "@mozilla.org/systemprincipal;1"
 
 
-class nsSystemPrincipal : public nsIPrincipal
-{
+class nsSystemPrincipal : public nsBasePrincipal {
 public:
-    NS_DECL_ISUPPORTS_INHERITED
-    NS_DECL_NSIPRINCIPAL
+    
+    NS_DECL_ISUPPORTS
     NS_DECL_NSISERIALIZABLE
+    
+    NS_IMETHOD ToString(char **result);
 
-    nsresult Init();
+    NS_IMETHOD ToUserVisibleString(char **result);
+
+    NS_IMETHOD Equals(nsIPrincipal *other, PRBool *result);
+
+    NS_IMETHOD HashValue(PRUint32 *result);
+
+    NS_IMETHOD CanEnableCapability(const char *capability, PRInt16 *result);
+
+    NS_IMETHOD SetCanEnableCapability(const char *capability, 
+                                      PRInt16 canEnable);
+
+    NS_IMETHOD IsCapabilityEnabled(const char *capability, void * annotation, 
+                                   PRBool *result);
+
+    NS_IMETHOD EnableCapability(const char *capability, void * *annotation);
+
+    NS_IMETHOD RevertCapability(const char *capability, void * *annotation);
+
+    NS_IMETHOD DisableCapability(const char *capability, void * *annotation);
+
+    NS_IMETHOD GetPreferences(char** aPrefName, char** aID, 
+                              char** aGrantedList, char** aDeniedList);
+    
+    NS_IMETHOD Init();
 
     nsSystemPrincipal();
 
-protected:
     virtual ~nsSystemPrincipal(void);
-
-    nsJSPrincipals mJSPrincipals;
-    // XXX Probably unnecessary.  See bug 143559.
-    NS_DECL_OWNINGTHREAD
 };
 
-#endif // nsSystemPrincipal_h__
+#endif // _NS_SYSTEM_PRINCIPAL_H_
diff --git a/mozilla/caps/src/Makefile.in b/mozilla/caps/src/Makefile.in
index d4fccf9899c..390c192b536 100644
--- a/mozilla/caps/src/Makefile.in
+++ b/mozilla/caps/src/Makefile.in
@@ -50,8 +50,11 @@ REQUIRES	= xpcom \
 		  $(NULL)
 
 CPPSRCS		= \
-		nsPrincipal.cpp \
+		nsBasePrincipal.cpp \
 		nsSystemPrincipal.cpp \
+		nsCertificatePrincipal.cpp \
+		nsCodebasePrincipal.cpp \
+		nsAggregatePrincipal.cpp \
 		nsJSPrincipals.cpp \
 		nsScriptSecurityManager.cpp \
 		nsSecurityManagerFactory.cpp \
diff --git a/mozilla/caps/src/nsAggregatePrincipal.cpp b/mozilla/caps/src/nsAggregatePrincipal.cpp
new file mode 100644
index 00000000000..29dc43e36d1
--- /dev/null
+++ b/mozilla/caps/src/nsAggregatePrincipal.cpp
@@ -0,0 +1,479 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* ***** BEGIN LICENSE BLOCK *****
+ * Version: NPL 1.1/GPL 2.0/LGPL 2.1
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.1 (the "License"); you may not use this file except in
+ * compliance with the License. You may obtain a copy of the License at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+ * for the specific language governing rights and limitations under the
+ * License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is 
+ * Netscape Communications Corporation.
+ * Portions created by the Initial Developer are Copyright (C) 1998-2000
+ * the Initial Developer. All Rights Reserved.
+ *
+ * Contributor(s):
+ * Mitch Stoltz <mstoltz@netscape.com>
+ *
+ *
+ * Alternatively, the contents of this file may be used under the terms of
+ * either the GNU General Public License Version 2 or later (the "GPL"), or
+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+ * in which case the provisions of the GPL or the LGPL are applicable instead
+ * of those above. If you wish to allow use of your version of this file only
+ * under the terms of either the GPL or the LGPL, and not to allow others to
+ * use your version of this file under the terms of the NPL, indicate your
+ * decision by deleting the provisions above and replace them with the notice
+ * and other provisions required by the GPL or the LGPL. If you do not delete
+ * the provisions above, a recipient may use your version of this file under
+ * the terms of any one of the NPL, the GPL or the LGPL.
+ *
+ * ***** END LICENSE BLOCK ***** */
+
+/*describes principals which combine one or more principals*/
+#include "nsAggregatePrincipal.h"
+#include "nsIURI.h"
+
+static NS_DEFINE_IID(kIAggregatePrincipalIID, NS_IAGGREGATEPRINCIPAL_IID);
+
+NS_IMPL_QUERY_INTERFACE5_CI(nsAggregatePrincipal, nsIAggregatePrincipal, 
+                            nsICertificatePrincipal, nsICodebasePrincipal,
+                            nsIPrincipal, nsISerializable)
+NS_IMPL_CI_INTERFACE_GETTER5(nsAggregatePrincipal, nsIAggregatePrincipal, 
+                             nsICertificatePrincipal, nsICodebasePrincipal,
+                             nsIPrincipal, nsISerializable)
+
+NSBASEPRINCIPALS_ADDREF(nsAggregatePrincipal);
+NSBASEPRINCIPALS_RELEASE(nsAggregatePrincipal);
+
+//////////////////////////////////////////////////
+// Methods implementing nsICertificatePrincipal //
+//////////////////////////////////////////////////
+NS_IMETHODIMP 
+nsAggregatePrincipal::GetCertificateID(char** aCertificateID)
+{
+    if (!mCertificate)
+    {
+        *aCertificateID = nsnull;
+        return NS_OK;
+    }
+
+    nsCOMPtr<nsICertificatePrincipal> certificate = do_QueryInterface(mCertificate);
+    return certificate->GetCertificateID(aCertificateID);
+}
+
+NS_IMETHODIMP 
+nsAggregatePrincipal::GetCommonName(char** aCommonName)
+{
+    if (!mCertificate)
+    {
+        *aCommonName = nsnull;
+        return NS_OK;
+    }
+
+    nsCOMPtr<nsICertificatePrincipal> certificate = do_QueryInterface(mCertificate);
+    return certificate->GetCommonName(aCommonName);
+}
+
+NS_IMETHODIMP 
+nsAggregatePrincipal::SetCommonName(const char* aCommonName)
+{
+    if (!mCertificate)
+        return NS_ERROR_FAILURE;
+
+    nsCOMPtr<nsICertificatePrincipal> certificate = do_QueryInterface(mCertificate);
+    return certificate->SetCommonName(aCommonName);
+}
+
+///////////////////////////////////////////////
+// Methods implementing nsICodebasePrincipal //
+///////////////////////////////////////////////
+NS_IMETHODIMP 
+nsAggregatePrincipal::GetURI(nsIURI** aURI)
+{
+    if (!mCodebase)
+    {
+        *aURI = nsnull;
+        return NS_ERROR_FAILURE;
+    }
+
+    nsCOMPtr<nsICodebasePrincipal> codebase = do_QueryInterface(mCodebase);
+    return codebase->GetURI(aURI);
+}
+
+NS_IMETHODIMP 
+nsAggregatePrincipal::GetOrigin(char** aOrigin)
+{
+    if (!mCodebase)
+    {
+        *aOrigin = nsnull;
+        return NS_ERROR_FAILURE;
+    }
+
+    nsCOMPtr<nsICodebasePrincipal> codebase = do_QueryInterface(mCodebase);
+    return codebase->GetOrigin(aOrigin);
+}
+
+NS_IMETHODIMP 
+nsAggregatePrincipal::GetSpec(char** aSpec)
+{
+    if (!mCodebase)
+    {
+        *aSpec = nsnull;
+        return NS_ERROR_FAILURE;
+    }
+
+    nsCOMPtr<nsICodebasePrincipal> codebase = do_QueryInterface(mCodebase);
+    return codebase->GetSpec(aSpec);
+}
+
+////////////////////////////////////////////////
+// Methods implementing nsIAggregatePrincipal //
+////////////////////////////////////////////////
+NS_IMETHODIMP 
+nsAggregatePrincipal::GetCertificate(nsIPrincipal** result)
+{
+    *result = mCertificate;
+    NS_IF_ADDREF(*result);
+    return NS_OK;
+}
+
+NS_IMETHODIMP 
+nsAggregatePrincipal::GetCodebase(nsIPrincipal** result)
+{
+    *result = mCodebase;
+    NS_IF_ADDREF(*result);
+    return NS_OK;
+}
+
+NS_IMETHODIMP 
+nsAggregatePrincipal::SetCertificate(nsIPrincipal* aCertificate)
+{
+    nsresult rv;
+    //-- Make sure this really is a certificate principal
+    if (aCertificate)
+    {
+        nsCOMPtr<nsICertificatePrincipal> tempCertificate = 
+            do_QueryInterface(aCertificate, &rv);
+        if (NS_FAILED(rv))
+            return NS_ERROR_FAILURE;
+    }
+
+    //-- If aCertificate is an aggregate, get its underlying certificate
+    nsCOMPtr<nsIAggregatePrincipal> agg = 
+        do_QueryInterface(aCertificate, &rv);
+    if (NS_SUCCEEDED(rv))
+    {
+        nsCOMPtr<nsIPrincipal> underlying;
+        rv = agg->GetCertificate(getter_AddRefs(underlying));
+        if (NS_FAILED(rv)) return NS_ERROR_FAILURE;
+        mCertificate = underlying.get();
+    }
+    else
+        mCertificate = aCertificate;
+    // New certificate, so forget cached security policy
+    mCachedSecurityPolicy = nsnull;
+    return NS_OK;
+}
+
+NS_IMETHODIMP 
+nsAggregatePrincipal::SetCodebase(nsIPrincipal* aCodebase)
+{
+    nsresult rv;
+    nsCOMPtr<nsIPrincipal> newCodebase(aCodebase);
+
+    //-- If newCodebase is an aggregate, get its underlying codebase
+    nsCOMPtr<nsIAggregatePrincipal> agg = 
+        do_QueryInterface(newCodebase, &rv);
+    if (NS_SUCCEEDED(rv))
+    {
+        rv = agg->GetCodebase(getter_AddRefs(newCodebase));
+        if (NS_FAILED(rv)) return NS_ERROR_FAILURE;
+    }
+    else
+    { //-- Make sure this really is a codebase principal
+        nsCOMPtr<nsICodebasePrincipal> tempCodebase = 
+            do_QueryInterface(newCodebase, &rv);
+        if (NS_FAILED(rv))
+            return NS_ERROR_FAILURE;
+    }
+
+    mCodebase = newCodebase;
+
+    //-- If this is the first codebase set, remember it.
+    if (!mOriginalCodebase)
+        mOriginalCodebase = newCodebase;
+    else
+    {
+        mDomainChanged = PR_TRUE;
+        // Codebase has changed, forget cached security policy
+        mCachedSecurityPolicy = nsnull;
+    }
+
+    return NS_OK;
+}
+
+NS_IMETHODIMP 
+nsAggregatePrincipal::GetOriginalCodebase(nsIPrincipal** aOriginalCodebase)
+{
+    NS_ENSURE_ARG_POINTER(aOriginalCodebase);
+
+    *aOriginalCodebase = mOriginalCodebase;
+    NS_IF_ADDREF(*aOriginalCodebase);
+
+    return NS_OK;
+}
+
+NS_IMETHODIMP
+nsAggregatePrincipal::GetPrimaryChild(nsIPrincipal** aPrimaryChild)
+{
+    //-- If a certificate is present, then that's the PrimaryChild principal.
+    //   Otherwise we use the codebase.
+    if (mCertificate)
+        *aPrimaryChild = mCertificate.get();
+    else if (mCodebase)
+        *aPrimaryChild = mCodebase.get();
+    else
+    {
+        *aPrimaryChild = nsnull;
+        return NS_ERROR_FAILURE;
+    }
+
+    NS_IF_ADDREF(*aPrimaryChild);
+    return NS_OK;
+}
+
+NS_IMETHODIMP 
+nsAggregatePrincipal::Intersect(nsIPrincipal* other)
+{
+    NS_ASSERTION(mCodebase, "Principal without codebase");
+
+    if (mCertificate)
+    {
+        PRBool sameCert = PR_FALSE;
+        if (NS_FAILED(mCertificate->Equals(other, &sameCert)))
+            return NS_ERROR_FAILURE;
+        if (!sameCert)
+            SetCertificate(nsnull);
+    }
+    return NS_OK;
+}
+
+NS_IMETHODIMP 
+nsAggregatePrincipal::SetDomainChanged(PRBool aDomainChanged)
+{
+    mDomainChanged = aDomainChanged;
+    return NS_OK;
+}
+
+NS_IMETHODIMP 
+nsAggregatePrincipal::GetDomainChanged(PRBool* aDomainChanged)
+{
+    *aDomainChanged = mDomainChanged;
+    return NS_OK;
+}
+
+NS_IMETHODIMP 
+nsAggregatePrincipal::GetCachedSecurityPolicy(void** aCachedSecurityPolicy)
+{
+    *aCachedSecurityPolicy = mCachedSecurityPolicy;
+    return NS_OK;
+}
+
+NS_IMETHODIMP 
+nsAggregatePrincipal::SetCachedSecurityPolicy(void* aCachedSecurityPolicy)
+{
+    mCachedSecurityPolicy = aCachedSecurityPolicy;
+    return NS_OK;
+}
+
+
+///////////////////////////////////////
+// Methods implementing nsIPrincipal //
+///////////////////////////////////////
+NS_IMETHODIMP 
+nsAggregatePrincipal::ToString(char **result)
+{
+    nsCOMPtr<nsIPrincipal> PrimaryChild;
+    if (NS_FAILED(GetPrimaryChild(getter_AddRefs(PrimaryChild))))
+        return NS_ERROR_FAILURE;
+    return PrimaryChild->ToString(result);
+}
+
+NS_IMETHODIMP 
+nsAggregatePrincipal::ToUserVisibleString(char **result)
+{
+    nsCOMPtr<nsIPrincipal> PrimaryChild;
+    if (NS_FAILED(GetPrimaryChild(getter_AddRefs(PrimaryChild))))
+        return NS_ERROR_FAILURE;
+    return PrimaryChild->ToUserVisibleString(result);
+}
+
+NS_IMETHODIMP
+nsAggregatePrincipal::Equals(nsIPrincipal * other, PRBool * result)
+{
+    *result = PR_FALSE;
+    if (this == other) {
+        *result = PR_TRUE;
+        return NS_OK;
+    }
+    if (!other)
+        return NS_OK;
+    
+    nsresult rv;
+    nsCOMPtr<nsIAggregatePrincipal> otherAgg = 
+        do_QueryInterface(other, &rv);
+    if (NS_FAILED(rv))
+        return NS_OK;
+       //-- Two aggregates are equal if both codebase and certificate are equal
+    PRBool certEqual = PR_TRUE;
+    if (mCertificate)
+    {
+        rv = mCertificate->Equals(other, &certEqual);
+        if(NS_FAILED(rv)) return rv;
+    }
+    PRBool cbEqual = PR_TRUE;
+    if (mCodebase)
+    {
+        rv = mCodebase->Equals(other, &cbEqual);
+        if(NS_FAILED(rv)) return rv;
+    }
+    if (mCertificate || mCodebase) // At least one must be present
+        *result = certEqual && cbEqual;
+    return NS_OK;
+}
+
+NS_IMETHODIMP
+nsAggregatePrincipal::HashValue(PRUint32 *result)
+{
+    nsCOMPtr<nsIPrincipal> PrimaryChild;
+    if (NS_FAILED(GetPrimaryChild(getter_AddRefs(PrimaryChild))))
+        return NS_ERROR_FAILURE;
+    return PrimaryChild->HashValue(result);
+}
+
+NS_IMETHODIMP 
+nsAggregatePrincipal::CanEnableCapability(const char *capability,
+                                          PRInt16 *result)
+{
+    nsCOMPtr<nsIPrincipal> PrimaryChild;
+    if (NS_FAILED(GetPrimaryChild(getter_AddRefs(PrimaryChild))))
+        return NS_ERROR_FAILURE;
+    return PrimaryChild->CanEnableCapability(capability, result);
+}
+
+NS_IMETHODIMP
+nsAggregatePrincipal::SetCanEnableCapability(const char *capability, 
+                                             PRInt16 canEnable)
+{
+    nsCOMPtr<nsIPrincipal> PrimaryChild;
+    if (NS_FAILED(GetPrimaryChild(getter_AddRefs(PrimaryChild))))
+        return NS_ERROR_FAILURE;
+    return PrimaryChild->SetCanEnableCapability(capability, canEnable);
+}   
+
+NS_IMETHODIMP
+nsAggregatePrincipal::IsCapabilityEnabled(const char *capability, void *annotation, 
+                                          PRBool *result)
+{
+    nsCOMPtr<nsIPrincipal> PrimaryChild;
+    if (NS_FAILED(GetPrimaryChild(getter_AddRefs(PrimaryChild))))
+        return NS_ERROR_FAILURE;
+    return PrimaryChild->IsCapabilityEnabled(capability, annotation, result);
+}
+
+NS_IMETHODIMP
+nsAggregatePrincipal::EnableCapability(const char *capability, void **annotation)
+{
+    nsCOMPtr<nsIPrincipal> PrimaryChild;
+    if (NS_FAILED(GetPrimaryChild(getter_AddRefs(PrimaryChild))))
+        return NS_ERROR_FAILURE;
+    return PrimaryChild->EnableCapability(capability, annotation);
+}
+
+NS_IMETHODIMP
+nsAggregatePrincipal::RevertCapability(const char *capability, void **annotation)
+{
+    nsCOMPtr<nsIPrincipal> PrimaryChild;
+    if (NS_FAILED(GetPrimaryChild(getter_AddRefs(PrimaryChild))))
+        return NS_ERROR_FAILURE;
+    return PrimaryChild->RevertCapability(capability, annotation);
+}
+
+NS_IMETHODIMP
+nsAggregatePrincipal::DisableCapability(const char *capability, void **annotation)
+{
+    nsCOMPtr<nsIPrincipal> PrimaryChild;
+    if (NS_FAILED(GetPrimaryChild(getter_AddRefs(PrimaryChild))))
+        return NS_ERROR_FAILURE;
+    return PrimaryChild->DisableCapability(capability, annotation);
+}
+
+NS_IMETHODIMP
+nsAggregatePrincipal::GetPreferences(char** aPrefName, char** aID, 
+                                     char** aGrantedList, char** aDeniedList)
+{
+    nsCOMPtr<nsIPrincipal> PrimaryChild;
+    if (NS_FAILED(GetPrimaryChild(getter_AddRefs(PrimaryChild))))
+        return NS_ERROR_FAILURE;
+    return PrimaryChild->GetPreferences(aPrefName, aID, 
+                                          aGrantedList, aDeniedList);
+}
+
+//////////////////////////////////////////
+// Methods implementing nsISerializable //
+//////////////////////////////////////////
+
+NS_IMETHODIMP
+nsAggregatePrincipal::Read(nsIObjectInputStream* aStream)
+{
+    nsresult rv;
+
+    rv = nsBasePrincipal::Read(aStream);
+    if (NS_FAILED(rv)) return rv;
+
+    rv = NS_ReadOptionalObject(aStream, PR_TRUE, getter_AddRefs(mCertificate));
+    if (NS_FAILED(rv)) return rv;
+
+    rv = NS_ReadOptionalObject(aStream, PR_TRUE, getter_AddRefs(mCodebase));
+    if (NS_FAILED(rv)) return rv;
+
+    return NS_OK;
+}
+
+NS_IMETHODIMP
+nsAggregatePrincipal::Write(nsIObjectOutputStream* aStream)
+{
+    nsresult rv;
+
+    rv = nsBasePrincipal::Write(aStream);
+    if (NS_FAILED(rv)) return rv;
+
+    rv = NS_WriteOptionalObject(aStream, mCertificate, PR_TRUE);
+    if (NS_FAILED(rv)) return rv;
+
+    rv = NS_WriteOptionalCompoundObject(aStream, mCodebase, NS_GET_IID(nsIPrincipal), PR_TRUE);
+    if (NS_FAILED(rv)) return rv;
+
+    return NS_OK;
+}
+
+/////////////////////////////////////////////
+// Constructor, Destructor, initialization //
+/////////////////////////////////////////////
+
+nsAggregatePrincipal::nsAggregatePrincipal() : mCachedSecurityPolicy(nsnull),
+                                               mDomainChanged(PR_FALSE)
+{
+}
+
+nsAggregatePrincipal::~nsAggregatePrincipal()
+{
+}
diff --git a/mozilla/caps/src/nsBasePrincipal.cpp b/mozilla/caps/src/nsBasePrincipal.cpp
new file mode 100644
index 00000000000..71e7b75c9cd
--- /dev/null
+++ b/mozilla/caps/src/nsBasePrincipal.cpp
@@ -0,0 +1,421 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1999-2000 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ * 
+ * Contributor(s):
+ * Norris Boyd
+ * Mitch Stoltz
+ */
+
+#include "nscore.h"
+#include "nsBasePrincipal.h"
+#include "nsScriptSecurityManager.h"
+#include "nsString.h"
+#include "nsReadableUtils.h"
+#include "plstr.h"
+#include "nsCRT.h"
+
+//////////////////////////
+
+nsBasePrincipal::nsBasePrincipal()
+    : mCapabilities(nsnull)
+{
+}
+
+PR_STATIC_CALLBACK(PRBool)
+deleteElement(void* aElement, void *aData)
+{
+    nsHashtable *ht = (nsHashtable *) aElement;
+    delete ht;
+    return PR_TRUE;
+}
+
+nsBasePrincipal::~nsBasePrincipal(void)
+{
+    mAnnotations.EnumerateForwards(deleteElement, nsnull);
+    delete mCapabilities;
+}
+
+NS_IMETHODIMP
+nsBasePrincipal::GetJSPrincipals(JSPrincipals **jsprin)
+{
+    if (mJSPrincipals.nsIPrincipalPtr == nsnull) {
+        mJSPrincipals.nsIPrincipalPtr = this;
+        // No need for a ADDREF since it is a self-reference
+    }
+    *jsprin = &mJSPrincipals;
+    JSPRINCIPALS_HOLD(cx, *jsprin);
+    return NS_OK;
+}
+
+const char
+nsBasePrincipal::Invalid[] = "Invalid";
+
+NS_IMETHODIMP 
+nsBasePrincipal::CanEnableCapability(const char *capability, PRInt16 *result)
+{
+    if (!mCapabilities) {
+        *result = nsIPrincipal::ENABLE_UNKNOWN;
+        return NS_OK;
+    }
+    else // If this principal is marked invalid, can't enable any capabilities
+    {
+        nsCStringKey invalidKey(Invalid);
+        if (mCapabilities->Exists(&invalidKey))
+        {
+           *result = nsIPrincipal::ENABLE_DENIED;
+           return NS_OK;
+        }
+    }
+
+    const char *start = capability;
+    *result = nsIPrincipal::ENABLE_GRANTED;
+    for(;;) {
+        const char *space = PL_strchr(start, ' ');
+        int len = space ? space - start : strlen(start);
+        nsCAutoString capString(start, len);
+        nsCStringKey key(capString);
+        PRInt16 value = (PRInt16)NS_PTR_TO_INT32(mCapabilities->Get(&key));
+        if (value == 0)
+            value = nsIPrincipal::ENABLE_UNKNOWN;
+        if (value < *result)
+            *result = value;
+        if (!space)
+            return NS_OK;
+        start = space + 1;
+    }
+    /* NOTREACHED */
+    return NS_OK;
+}
+
+NS_IMETHODIMP 
+nsBasePrincipal::SetCanEnableCapability(const char *capability, 
+                                        PRInt16 canEnable)
+{
+    if (!mCapabilities) {
+        mCapabilities = new nsHashtable(7);
+        if (!mCapabilities)
+            return NS_ERROR_OUT_OF_MEMORY;
+    }
+    else // If this principal is marked invalid, can't enable any capabilities
+    {
+        nsCStringKey invalidKey(Invalid);
+        if (mCapabilities->Exists(&invalidKey))
+            return NS_OK;
+    }
+
+    if (PL_strcmp(capability, Invalid) == 0)
+        mCapabilities->Reset();
+
+    const char *start = capability;
+    for(;;) {
+        const char *space = PL_strchr(start, ' ');
+        int len = space ? space - start : strlen(start);
+        nsCAutoString capString(start, len);
+        nsCStringKey key(capString);
+        mCapabilities->Put(&key, (void *) canEnable);
+        if (!space)
+            return NS_OK;
+        start = space + 1;
+    }
+    /* NOTREACHED */
+    return NS_OK;
+}
+
+NS_IMETHODIMP 
+nsBasePrincipal::IsCapabilityEnabled(const char *capability, void *annotation, 
+                                     PRBool *result)
+{
+    *result = PR_FALSE;
+    nsHashtable *ht = (nsHashtable *) annotation;
+    if (!ht) {
+        return NS_OK;
+    }
+    const char *start = capability;
+    for(;;) {
+        const char *space = PL_strchr(start, ' ');
+        int len = space ? space - start : strlen(start);
+        nsCAutoString capString(start, len);
+        nsCStringKey key(capString);
+        *result = (ht->Get(&key) == (void *) AnnotationEnabled);
+        if (!*result) {
+            // If any single capability is not enabled, then return false.
+            return NS_OK;
+        }
+        if (!space)
+            return NS_OK;
+        start = space + 1;
+    }
+    return NS_OK;
+}
+
+NS_IMETHODIMP 
+nsBasePrincipal::EnableCapability(const char *capability, void **annotation) 
+{
+    return SetCapability(capability, annotation, AnnotationEnabled);
+}
+
+NS_IMETHODIMP 
+nsBasePrincipal::DisableCapability(const char *capability, void **annotation) 
+{
+    return SetCapability(capability, annotation, AnnotationDisabled);
+}
+
+NS_IMETHODIMP 
+nsBasePrincipal::RevertCapability(const char *capability, void **annotation) 
+{
+    if (*annotation) {
+        nsHashtable *ht = (nsHashtable *) *annotation;
+        const char *start = capability;
+        for(;;) {
+            const char *space = PL_strchr(start, ' ');
+            int len = space ? space - start : strlen(start);
+            nsCAutoString capString(start, len);
+            nsCStringKey key(capString);
+            ht->Remove(&key);
+            if (!space)
+                return NS_OK;
+            start = space + 1;
+        }
+    }
+    return NS_OK;
+}    
+
+NS_IMETHODIMP
+nsBasePrincipal::SetCapability(const char *capability, void **annotation,
+                               AnnotationValue value) 
+{
+    if (*annotation == nsnull) {
+        *annotation = new nsHashtable(5);
+        if (!*annotation)
+             return NS_ERROR_OUT_OF_MEMORY;
+        // This object owns its annotations. Save them so we can release
+        // them when we destroy this object.
+        mAnnotations.AppendElement(*annotation);
+    }
+
+    const char *start = capability;
+    for(;;) {
+        const char *space = PL_strchr(start, ' ');
+        int len = space ? space - start : strlen(start);
+        nsCAutoString capString(start, len);
+        nsCStringKey key(capString);
+        nsHashtable *ht = (nsHashtable *) *annotation;
+        ht->Put(&key, (void *) value);
+        if (!space)
+            return NS_OK;
+        start = space + 1;
+    }
+    /* NOTREACHED */
+    return NS_OK;
+}
+
+int nsBasePrincipal::mCapabilitiesOrdinal = 0;
+
+nsresult
+nsBasePrincipal::InitFromPersistent(const char* aPrefName, const char* aID, 
+                                    const char* aGrantedList, const char* aDeniedList)
+{
+    //-- Empty the capability table
+    if (mCapabilities)
+        mCapabilities->Reset();
+
+    //-- Save the preference name
+    mPrefName = aPrefName;
+
+    const char* ordinalBegin = PL_strpbrk(aPrefName, "1234567890");
+    if (ordinalBegin) {
+        int  n = atoi(ordinalBegin);
+         if (mCapabilitiesOrdinal <= n)
+            mCapabilitiesOrdinal = n+1;
+    }
+    
+    //-- Store the capabilities
+    if (aGrantedList)
+        if(NS_FAILED(SetCanEnableCapability(aGrantedList, nsIPrincipal::ENABLE_GRANTED))) 
+            return NS_ERROR_FAILURE;
+    if (aDeniedList)
+        if(NS_FAILED(SetCanEnableCapability(aDeniedList, nsIPrincipal::ENABLE_DENIED))) 
+            return NS_ERROR_FAILURE;
+    return NS_OK;
+}
+
+struct CapabilityList
+{
+    nsCString* granted;
+    nsCString* denied;
+};
+
+PR_STATIC_CALLBACK(PRBool)
+AppendCapability(nsHashKey *aKey, void *aData, void *capListPtr)
+{
+    CapabilityList* capList = (CapabilityList*)capListPtr;
+    PRInt16 value = (PRInt16)NS_PTR_TO_INT32(aData);
+    nsCStringKey* key = (nsCStringKey *)aKey;
+    if (value == nsIPrincipal::ENABLE_GRANTED)
+    {
+        capList->granted->Append(key->GetString(), key->GetStringLength());
+        capList->granted->Append(' ');
+    }
+    else if (value == nsIPrincipal::ENABLE_DENIED)
+    {
+        capList->denied->Append(key->GetString(), key->GetStringLength());
+        capList->denied->Append(' ');
+    }
+    return PR_TRUE;
+}
+
+NS_IMETHODIMP 
+nsBasePrincipal::GetPreferences(char** aPrefName, char** aID, 
+                                char** aGrantedList, char** aDeniedList)
+{
+    //-- Preference name
+    *aPrefName = ToNewCString(mPrefName);
+    if (!aPrefName)
+        return NS_ERROR_OUT_OF_MEMORY;
+
+    //-- ID
+    if (NS_FAILED(ToString(aID)))
+        return NS_ERROR_FAILURE;
+
+    //-- Capabilities
+    *aGrantedList = nsnull;
+    *aDeniedList = nsnull;
+    if (mCapabilities) {
+        nsCAutoString grantedListStr;
+        nsCAutoString deniedListStr;
+        CapabilityList* capList = new CapabilityList();
+        capList->granted = &grantedListStr;
+        capList->denied = &deniedListStr;        
+        mCapabilities->Enumerate(AppendCapability, (void*)capList);
+        if (!grantedListStr.IsEmpty())
+        {
+            grantedListStr.Truncate(grantedListStr.Length()-1);
+            *aGrantedList = ToNewCString(grantedListStr);
+            if (!*aGrantedList) return NS_ERROR_OUT_OF_MEMORY;
+        }
+        if (!deniedListStr.IsEmpty())
+        {
+            deniedListStr.Truncate(deniedListStr.Length()-1);
+            *aDeniedList = ToNewCString(deniedListStr);
+            if (!*aDeniedList) return NS_ERROR_OUT_OF_MEMORY;
+        }
+    }
+    return NS_OK;
+}
+
+PR_STATIC_CALLBACK(nsresult)
+ReadAnnotationEntry(nsIObjectInputStream* aStream, nsHashKey** aKey,
+                    void** aData)
+{
+    nsresult rv;
+    nsCStringKey* key = new nsCStringKey(aStream, &rv);
+    if (NS_FAILED(rv)) return rv;
+
+    PRUint32 value;
+    rv = aStream->Read32(&value);
+    if (NS_FAILED(rv)) {
+        delete key;
+        return rv;
+    }
+
+    *aKey = key;
+    *aData = (void*) value;
+    return NS_OK;
+}
+
+PR_STATIC_CALLBACK(void)
+FreeAnnotationEntry(nsIObjectInputStream* aStream, nsHashKey* aKey,
+                    void* aData)
+{
+    if (aKey)
+        delete NS_STATIC_CAST(nsCStringKey*, aKey);
+}
+
+nsresult
+nsBasePrincipal::Read(nsIObjectInputStream* aStream)
+{
+    nsresult rv;
+
+    PRUint32 annotationCount;
+    rv = aStream->Read32(&annotationCount);
+    if (NS_FAILED(rv)) return rv;
+
+    for (PRInt32 i = 0, n = PRInt32(annotationCount); i < n; i++) {
+        nsHashtable *ht = new nsHashtable(aStream,
+                                          ReadAnnotationEntry,
+                                          FreeAnnotationEntry,
+                                          &rv);
+        NS_ASSERTION(NS_SUCCEEDED(rv) || ht == nsnull,
+                     "failure but non-null return from nsHashtable ctor!");
+        if (NS_FAILED(rv)) return rv;
+
+        if (!mAnnotations.InsertElementAt(NS_REINTERPRET_CAST(void*, ht), i)) {
+            delete ht;
+            return NS_ERROR_OUT_OF_MEMORY;
+        }
+    }
+
+    PRBool hasCapabilities;
+    rv = aStream->ReadBoolean(&hasCapabilities);
+    if (NS_SUCCEEDED(rv) && hasCapabilities) {
+        mCapabilities = new nsHashtable(aStream,
+                                        ReadAnnotationEntry,
+                                        FreeAnnotationEntry,
+                                        &rv);
+    }
+    if (NS_FAILED(rv)) return rv;
+
+    rv = NS_ReadOptionalCString(aStream, mPrefName);
+    if (NS_FAILED(rv)) return rv;
+
+    return NS_OK;
+}
+
+PR_STATIC_CALLBACK(nsresult)
+WriteScalarValue(nsIObjectOutputStream* aStream, void* aData)
+{
+    PRUint32 value = NS_PTR_TO_INT32(aData);
+
+    return aStream->Write32(value);
+}
+
+nsresult
+nsBasePrincipal::Write(nsIObjectOutputStream* aStream)
+{
+    nsresult rv;
+
+    PRUint32 annotationCount = PRUint32(mAnnotations.Count());
+    rv = aStream->Write32(annotationCount);
+    if (NS_FAILED(rv)) return rv;
+
+    for (PRInt32 i = 0, n = PRInt32(annotationCount); i < n; i++) {
+        nsHashtable *ht = NS_REINTERPRET_CAST(nsHashtable *, mAnnotations[i]);
+        rv = ht->Write(aStream, WriteScalarValue);
+        if (NS_FAILED(rv)) return rv;
+    }
+
+    PRBool hasCapabilities = (mCapabilities != nsnull);
+    rv = aStream->WriteBoolean(hasCapabilities);
+    if (NS_SUCCEEDED(rv) && hasCapabilities)
+        rv = mCapabilities->Write(aStream, WriteScalarValue);
+    if (NS_FAILED(rv)) return rv;
+
+    rv = NS_WriteOptionalStringZ(aStream, mPrefName.get());
+    if (NS_FAILED(rv)) return rv;
+
+    return NS_OK;
+}
diff --git a/mozilla/caps/src/nsCertificatePrincipal.cpp b/mozilla/caps/src/nsCertificatePrincipal.cpp
new file mode 100644
index 00000000000..b8fefcecf58
--- /dev/null
+++ b/mozilla/caps/src/nsCertificatePrincipal.cpp
@@ -0,0 +1,227 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* ***** BEGIN LICENSE BLOCK *****
+ * Version: NPL 1.1/GPL 2.0/LGPL 2.1
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.1 (the "License"); you may not use this file except in
+ * compliance with the License. You may obtain a copy of the License at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+ * for the specific language governing rights and limitations under the
+ * License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is 
+ * Netscape Communications Corporation.
+ * Portions created by the Initial Developer are Copyright (C) 1998-2000
+ * the Initial Developer. All Rights Reserved.
+ *
+ * Contributor(s):
+ * Mitch Stoltz <mstoltz@netscape.com>
+ *
+ *
+ * Alternatively, the contents of this file may be used under the terms of
+ * either the GNU General Public License Version 2 or later (the "GPL"), or
+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+ * in which case the provisions of the GPL or the LGPL are applicable instead
+ * of those above. If you wish to allow use of your version of this file only
+ * under the terms of either the GPL or the LGPL, and not to allow others to
+ * use your version of this file under the terms of the NPL, indicate your
+ * decision by deleting the provisions above and replace them with the notice
+ * and other provisions required by the GPL or the LGPL. If you do not delete
+ * the provisions above, a recipient may use your version of this file under
+ * the terms of any one of the NPL, the GPL or the LGPL.
+ *
+ * ***** END LICENSE BLOCK ***** */
+
+/*describes principals for use in signed scripts*/
+#include "nsCertificatePrincipal.h"
+#include "prmem.h"
+#include "nsCOMPtr.h"
+#include "nsReadableUtils.h"
+#include "nsCRT.h"
+
+static NS_DEFINE_IID(kICertificatePrincipalIID, NS_ICERTIFICATEPRINCIPAL_IID);
+
+NS_IMPL_QUERY_INTERFACE3_CI(nsCertificatePrincipal,
+                            nsICertificatePrincipal,
+                            nsIPrincipal,
+                            nsISerializable)
+NS_IMPL_CI_INTERFACE_GETTER3(nsCertificatePrincipal,
+                             nsICertificatePrincipal,
+                             nsIPrincipal,
+                             nsISerializable)
+
+NSBASEPRINCIPALS_ADDREF(nsCertificatePrincipal);
+NSBASEPRINCIPALS_RELEASE(nsCertificatePrincipal);
+
+//////////////////////////////////////////////////
+// Methods implementing nsICertificatePrincipal //
+//////////////////////////////////////////////////
+NS_IMETHODIMP
+nsCertificatePrincipal::GetCertificateID(char** aCertificateID) 
+{
+    *aCertificateID = ToNewCString(mCertificateID);
+    return *aCertificateID ? NS_OK : NS_ERROR_OUT_OF_MEMORY;
+}
+
+NS_IMETHODIMP
+nsCertificatePrincipal::GetCommonName(char** aCommonName)
+{
+    *aCommonName = ToNewCString(mCommonName);
+    return *aCommonName ? NS_OK : NS_ERROR_OUT_OF_MEMORY;
+}
+
+NS_IMETHODIMP
+nsCertificatePrincipal::SetCommonName(const char* aCommonName)
+{
+    mCommonName = aCommonName;
+    return NS_OK;
+}
+
+///////////////////////////////////////
+// Methods implementing nsIPrincipal //
+///////////////////////////////////////
+NS_IMETHODIMP 
+nsCertificatePrincipal::CanEnableCapability(const char *capability,
+                                            PRInt16 *result)
+{
+    if(NS_FAILED(nsBasePrincipal::CanEnableCapability(capability, result)))
+        return NS_ERROR_FAILURE;
+    if (*result == nsIPrincipal::ENABLE_UNKNOWN)
+        *result = ENABLE_WITH_USER_PERMISSION;
+    return NS_OK;
+}
+
+NS_IMETHODIMP 
+nsCertificatePrincipal::ToString(char **result)
+{
+    return GetCertificateID(result);
+}
+
+NS_IMETHODIMP 
+nsCertificatePrincipal::ToUserVisibleString(char **result)
+{
+    return GetCommonName(result);
+}
+
+NS_IMETHODIMP 
+nsCertificatePrincipal::GetPreferences(char** aPrefName, char** aID, 
+                                       char** aGrantedList, char** aDeniedList)
+{
+    if (mPrefName.IsEmpty()) {
+        mPrefName.Assign("capability.principal.certificate.p");
+        mPrefName.AppendInt(mCapabilitiesOrdinal++);
+        mPrefName.Append(".id");
+    }
+    return nsBasePrincipal::GetPreferences(aPrefName, aID, 
+                                           aGrantedList, aDeniedList);
+}
+
+NS_IMETHODIMP
+nsCertificatePrincipal::Equals(nsIPrincipal * other, PRBool * result)
+{
+    *result = PR_FALSE;
+    if (this == other) {
+        *result = PR_TRUE;
+        return NS_OK;
+    }
+    if (!other)
+        return NS_OK;
+    nsresult rv;
+    nsCOMPtr<nsICertificatePrincipal> otherCertificate = 
+        do_QueryInterface(other, &rv);
+    if (NS_FAILED(rv))
+        return NS_OK;
+    //-- Compare cert ID's
+    char* otherID;
+    rv = otherCertificate->GetCertificateID(&otherID);
+    if (NS_FAILED(rv)) 
+    {
+        PR_FREEIF(otherID);
+        return rv;
+    }
+    *result = mCertificateID.Equals(otherID);
+    PR_FREEIF(otherID);
+    return NS_OK;
+}
+
+NS_IMETHODIMP
+nsCertificatePrincipal::HashValue(PRUint32 *result)
+{
+    char* str;
+    if (NS_FAILED(ToString(&str)) || !str) return NS_ERROR_FAILURE;
+    *result = nsCRT::HashCode(str, nsnull);
+    nsCRT::free(str);
+    return NS_OK;
+}
+
+//////////////////////////////////////////
+// Methods implementing nsISerializable //
+//////////////////////////////////////////
+
+NS_IMETHODIMP
+nsCertificatePrincipal::Read(nsIObjectInputStream* aStream)
+{
+    nsresult rv;
+
+    rv = nsBasePrincipal::Read(aStream);
+    if (NS_FAILED(rv)) return rv;
+
+    rv = aStream->ReadCString(mCertificateID);
+    if (NS_FAILED(rv)) return rv;
+
+    rv = NS_ReadOptionalCString(aStream, mCommonName);
+    if (NS_FAILED(rv)) return rv;
+
+    return NS_OK;
+}
+
+NS_IMETHODIMP
+nsCertificatePrincipal::Write(nsIObjectOutputStream* aStream)
+{
+    nsresult rv;
+
+    rv = nsBasePrincipal::Write(aStream);
+    if (NS_FAILED(rv)) return rv;
+
+    rv = aStream->WriteStringZ(mCertificateID.get());
+    if (NS_FAILED(rv)) return rv;
+
+    rv = NS_WriteOptionalStringZ(aStream, mCommonName.get());
+    if (NS_FAILED(rv)) return rv;
+
+    return NS_OK;
+}
+
+/////////////////////////////////////////////
+// Constructor, Destructor, initialization //
+/////////////////////////////////////////////
+nsresult
+nsCertificatePrincipal::InitFromPersistent(const char* aPrefName, const char*  aCertID, 
+                                           const char* aGrantedList, const char* aDeniedList)
+{
+    if (NS_FAILED(Init(aCertID))) 
+        return NS_ERROR_FAILURE;
+    
+    return nsBasePrincipal::InitFromPersistent(aPrefName, aCertID, 
+                                               aGrantedList, aDeniedList);
+}
+
+NS_IMETHODIMP
+nsCertificatePrincipal::Init(const char* aCertificateID)
+{
+    mCertificateID = aCertificateID;
+    return NS_OK;
+}
+
+nsCertificatePrincipal::nsCertificatePrincipal()
+{
+}
+
+nsCertificatePrincipal::~nsCertificatePrincipal()
+{
+}
diff --git a/mozilla/caps/src/nsCodebasePrincipal.cpp b/mozilla/caps/src/nsCodebasePrincipal.cpp
new file mode 100644
index 00000000000..6ddac6a3394
--- /dev/null
+++ b/mozilla/caps/src/nsCodebasePrincipal.cpp
@@ -0,0 +1,311 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* ***** BEGIN LICENSE BLOCK *****
+ * Version: NPL 1.1/GPL 2.0/LGPL 2.1
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.1 (the "License"); you may not use this file except in
+ * compliance with the License. You may obtain a copy of the License at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+ * for the specific language governing rights and limitations under the
+ * License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is 
+ * Netscape Communications Corporation.
+ * Portions created by the Initial Developer are Copyright (C) 1999-2000
+ * the Initial Developer. All Rights Reserved.
+ *
+ * Contributor(s):
+ *
+ *
+ * Alternatively, the contents of this file may be used under the terms of
+ * either the GNU General Public License Version 2 or later (the "GPL"), or
+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+ * in which case the provisions of the GPL or the LGPL are applicable instead
+ * of those above. If you wish to allow use of your version of this file only
+ * under the terms of either the GPL or the LGPL, and not to allow others to
+ * use your version of this file under the terms of the NPL, indicate your
+ * decision by deleting the provisions above and replace them with the notice
+ * and other provisions required by the GPL or the LGPL. If you do not delete
+ * the provisions above, a recipient may use your version of this file under
+ * the terms of any one of the NPL, the GPL or the LGPL.
+ *
+ * ***** END LICENSE BLOCK ***** */
+
+/* Describes principals by their orginating uris */
+
+#include "nsCodebasePrincipal.h"
+#include "nsIComponentManager.h"
+#include "nsIServiceManager.h"
+#include "nsNetUtil.h"
+#include "nsIURL.h"
+#include "nsIJARURI.h"
+#include "nsCOMPtr.h"
+#include "nsIPrefBranch.h"
+#include "nsIPrefService.h"
+#include "nsXPIDLString.h"
+#include "nsReadableUtils.h"
+#include "nsCRT.h"
+#include "nsScriptSecurityManager.h"
+
+NS_IMPL_QUERY_INTERFACE3_CI(nsCodebasePrincipal,
+                            nsICodebasePrincipal,
+                            nsIPrincipal,
+                            nsISerializable)
+NS_IMPL_CI_INTERFACE_GETTER3(nsCodebasePrincipal,
+                             nsICodebasePrincipal,
+                             nsIPrincipal,
+                             nsISerializable)
+
+NSBASEPRINCIPALS_ADDREF(nsCodebasePrincipal);
+NSBASEPRINCIPALS_RELEASE(nsCodebasePrincipal);
+
+///////////////////////////////////////
+// Methods implementing nsIPrincipal //
+///////////////////////////////////////
+NS_IMETHODIMP
+nsCodebasePrincipal::ToString(char **result)
+{
+    *result = nsnull;
+    PRBool isFile = PR_TRUE;
+    if(NS_FAILED(mURI->SchemeIs("file", &isFile)))
+        return NS_ERROR_FAILURE;
+
+    if (isFile)
+    {
+        nsCOMPtr<nsIURL> url(do_QueryInterface(mURI));
+        if (url)
+        {
+            nsCAutoString directory;
+            nsresult rv = url->GetDirectory(directory);
+            if (NS_FAILED(rv))
+                return rv;
+            nsCAutoString fileName;
+            rv = url->GetFileName(fileName);
+            if (NS_FAILED(rv))
+                return rv;
+            *result =
+                ToNewCString(NS_LITERAL_CSTRING("file://") + directory + fileName);
+            if (!*result)
+                return NS_ERROR_OUT_OF_MEMORY;
+            return NS_OK;
+        }
+    }
+    return GetOrigin(result);
+}
+
+NS_IMETHODIMP
+nsCodebasePrincipal::ToUserVisibleString(char **result)
+{
+    return ToString(result);
+}
+
+NS_IMETHODIMP 
+nsCodebasePrincipal::GetPreferences(char** aPrefName, char** aID, 
+                                    char** aGrantedList, char** aDeniedList)
+{
+    if (mPrefName.IsEmpty())
+	{
+        mPrefName.Assign("capability.principal.codebase.p");
+        mPrefName.AppendInt(mCapabilitiesOrdinal++);
+        mPrefName.Append(".id");
+    }
+    return nsBasePrincipal::GetPreferences(aPrefName, aID, 
+                                           aGrantedList, aDeniedList);
+}
+
+NS_IMETHODIMP
+nsCodebasePrincipal::HashValue(PRUint32 *result)
+{
+    nsXPIDLCString spec;
+    if (NS_FAILED(GetSpec(getter_Copies(spec))))
+        return NS_ERROR_FAILURE;
+    *result = nsCRT::HashCode(spec, nsnull);
+    return NS_OK;
+}
+
+NS_IMETHODIMP 
+nsCodebasePrincipal::CanEnableCapability(const char *capability, 
+                                         PRInt16 *result)
+{
+    // Either this principal must be preconfigured as a trusted source
+    // (mTrusted), or else the codebase principal pref must be enabled
+    if (!mTrusted)
+    {
+        static char pref[] = "signed.applets.codebase_principal_support";
+        nsCOMPtr<nsIPrefBranch> prefBranch(do_GetService(NS_PREFSERVICE_CONTRACTID));
+        if (!prefBranch)
+            return NS_ERROR_FAILURE;
+        PRBool enabled;
+        if (NS_FAILED(prefBranch->GetBoolPref(pref, &enabled)) || !enabled) 
+        {
+            // Deny unless subject is executing from file: or resource: 
+            PRBool isFile = PR_FALSE;
+            PRBool isRes = PR_FALSE;
+
+            if (NS_FAILED(mURI->SchemeIs("file", &isFile)) || 
+                NS_FAILED(mURI->SchemeIs("resource", &isRes)) ||
+                (!isFile && !isRes))
+            {
+                *result = nsIPrincipal::ENABLE_DENIED;
+                return NS_OK;
+            }
+        }
+    }
+    nsBasePrincipal::CanEnableCapability(capability, result);
+    if (*result == nsIPrincipal::ENABLE_UNKNOWN)
+        *result = ENABLE_WITH_USER_PERMISSION;
+    return NS_OK;
+}
+
+///////////////////////////////////////////////
+// Methods implementing nsICodebasePrincipal //
+///////////////////////////////////////////////
+
+NS_IMETHODIMP
+nsCodebasePrincipal::GetURI(nsIURI **uri) 
+{
+    *uri = mURI;
+    NS_ADDREF(*uri);
+    return NS_OK;
+}
+
+NS_IMETHODIMP
+nsCodebasePrincipal::GetOrigin(char **origin) 
+{
+    nsresult rv;
+    nsCAutoString hostPort;
+    if (NS_SUCCEEDED(mURI->GetHostPort(hostPort)))
+    {
+        nsCAutoString scheme;
+        rv = mURI->GetScheme(scheme);
+        NS_ENSURE_SUCCESS(rv, rv);
+        *origin = ToNewCString(scheme + NS_LITERAL_CSTRING("://") + hostPort);
+    }        
+    else
+    {
+        // Some URIs (e.g., nsSimpleURI) don't support host. Just
+        // get the full spec.
+        nsCAutoString spec;
+        rv = mURI->GetSpec(spec);
+        NS_ENSURE_SUCCESS(rv, rv);
+        *origin = ToNewCString(spec);
+    }
+
+    return *origin ? NS_OK : NS_ERROR_OUT_OF_MEMORY;
+}
+
+NS_IMETHODIMP
+nsCodebasePrincipal::GetSpec(char **spec) 
+{
+    nsCAutoString buf;
+    nsresult rv = mURI->GetSpec(buf);
+    if (NS_FAILED(rv)) return rv;
+
+    *spec = ToNewCString(buf);
+    return *spec ? NS_OK : NS_ERROR_OUT_OF_MEMORY;
+}
+
+NS_IMETHODIMP
+nsCodebasePrincipal::Equals(nsIPrincipal *aOther, PRBool *result)
+{
+    if (this == aOther) 
+    {
+	 *result = PR_TRUE;
+	 return NS_OK;
+    }
+    *result = PR_FALSE;
+    if (!aOther)
+        return NS_OK;
+
+    // Get a URI from the other principal
+    nsCOMPtr<nsICodebasePrincipal> otherCodebase(
+        do_QueryInterface(aOther));
+    if (!otherCodebase)
+    {
+        // Other principal is not a codebase, so return false
+        return NS_OK;
+    }
+    nsCOMPtr<nsIURI> otherURI;
+    otherCodebase->GetURI(getter_AddRefs(otherURI));
+
+    NS_ENSURE_TRUE(otherURI, NS_ERROR_FAILURE);
+    return nsScriptSecurityManager::SecurityCompareURIs(mURI,
+                                                        otherURI,
+                                                        result);
+}
+
+//////////////////////////////////////////
+// Methods implementing nsISerializable //
+//////////////////////////////////////////
+
+NS_IMETHODIMP
+nsCodebasePrincipal::Read(nsIObjectInputStream* aStream)
+{
+    nsresult rv;
+
+    rv = nsBasePrincipal::Read(aStream);
+    if (NS_FAILED(rv)) return rv;
+
+    return aStream->ReadObject(PR_TRUE, getter_AddRefs(mURI));
+}
+
+NS_IMETHODIMP
+nsCodebasePrincipal::Write(nsIObjectOutputStream* aStream)
+{
+    nsresult rv;
+
+    rv = nsBasePrincipal::Write(aStream);
+    if (NS_FAILED(rv)) return rv;
+
+    return aStream->WriteCompoundObject(mURI, NS_GET_IID(nsIURI), PR_TRUE);
+}
+
+/////////////////////////////////////////////
+// Constructor, Destructor, initialization //
+/////////////////////////////////////////////
+
+nsCodebasePrincipal::nsCodebasePrincipal() : mTrusted(PR_FALSE)
+{
+}
+
+nsresult
+nsCodebasePrincipal::Init(nsIURI *uri)
+{
+    nsCAutoString codebase;
+    if (uri == nsnull || NS_FAILED(uri->GetSpec(codebase))) 
+        return NS_ERROR_FAILURE;
+    if (NS_FAILED(mJSPrincipals.Init(ToNewCString(codebase))))
+        return NS_ERROR_FAILURE;
+    // JSPrincipals::Init adopts its input
+    mURI = uri;
+    return NS_OK;
+}
+
+// This method overrides nsBasePrincipal::InitFromPersistent
+nsresult
+nsCodebasePrincipal::InitFromPersistent(const char* aPrefName, const char* aURLStr, 
+                                        const char* aGrantedList, const char* aDeniedList,
+                                        PRBool aTrusted)
+{
+    nsresult rv;
+    nsCOMPtr<nsIURI> uri;
+    rv = NS_NewURI(getter_AddRefs(uri), nsDependentCString(aURLStr), nsnull);
+    NS_ASSERTION(NS_SUCCEEDED(rv), "Malformed URI in security.principal preference.");
+    if (NS_FAILED(rv)) return rv;
+
+    if (NS_FAILED(Init(uri))) return NS_ERROR_FAILURE;
+    // XXX: Add check for trusted = SSL only here?
+    mTrusted = aTrusted;
+
+    return nsBasePrincipal::InitFromPersistent(aPrefName, aURLStr, 
+                                               aGrantedList, aDeniedList);
+}
+
+nsCodebasePrincipal::~nsCodebasePrincipal()
+{
+}
diff --git a/mozilla/caps/src/nsJSPrincipals.cpp b/mozilla/caps/src/nsJSPrincipals.cpp
index f505e416508..09e76821235 100644
--- a/mozilla/caps/src/nsJSPrincipals.cpp
+++ b/mozilla/caps/src/nsJSPrincipals.cpp
@@ -35,10 +35,7 @@
  * the terms of any one of the NPL, the GPL or the LGPL.
  *
  * ***** END LICENSE BLOCK ***** */
-
-#include "nsString.h"
-#include "nsIObjectOutputStream.h"
-#include "nsIObjectInputStream.h"
+#include "nsCodebasePrincipal.h"
 #include "nsJSPrincipals.h"
 #include "plstr.h"
 #include "nsXPIDLString.h"
@@ -141,7 +138,7 @@ nsTranscodeJSPrincipals(JSXDRState *xdr, JSPrincipals **jsprinp)
                     nsMemory::Free(olddata);
                     ::JS_XDRMemSetData(xdr, data, size);
 
-                    prin->GetJsPrincipals(jsprinp);
+                    prin->GetJSPrincipals(jsprinp);
                 }
             }
         }
@@ -188,12 +185,6 @@ nsJSPrincipals::nsJSPrincipals()
 nsresult
 nsJSPrincipals::Init(char *aCodebase)
 {
-    if (codebase)
-    {
-        NS_ERROR("Init called twice!");
-        return NS_ERROR_UNEXPECTED;
-    }
-
     codebase = aCodebase;
     return NS_OK;
 }
diff --git a/mozilla/caps/src/nsScriptSecurityManager.cpp b/mozilla/caps/src/nsScriptSecurityManager.cpp
index 1fbaefc2e8f..d052558e9c1 100644
--- a/mozilla/caps/src/nsScriptSecurityManager.cpp
+++ b/mozilla/caps/src/nsScriptSecurityManager.cpp
@@ -23,7 +23,7 @@
  * Norris Boyd
  * Mitch Stoltz
  * Steve Morse
- * Christopher A. Aillon
+ *
  *
  * Alternatively, the contents of this file may be used under the terms of
  * either the GNU General Public License Version 2 or later (the "GPL"), or
@@ -47,7 +47,9 @@
 #include "nspr.h"
 #include "nsJSPrincipals.h"
 #include "nsSystemPrincipal.h"
-#include "nsPrincipal.h"
+#include "nsCodebasePrincipal.h"
+#include "nsCertificatePrincipal.h"
+#include "nsAggregatePrincipal.h"
 #include "nsXPIDLString.h"
 #include "nsCRT.h"
 #include "nsIJSContextStack.h"
@@ -59,7 +61,7 @@
 #include "nsTextFormatter.h"
 #include "nsIStringBundle.h"
 #include "nsNetUtil.h"
-#include "nsIProperties.h"
+#include "nsDirectoryService.h"
 #include "nsDirectoryServiceDefs.h"
 #include "nsIFile.h"
 #include "nsIZipReader.h"
@@ -78,12 +80,14 @@
 #include "nsIJSRuntimeService.h"
 #include "nsIObserverService.h"
 #include "nsIContent.h"
-#include "nsAutoPtr.h"
 
+static NS_DEFINE_IID(kIStringBundleServiceIID, NS_ISTRINGBUNDLESERVICE_IID);
+static NS_DEFINE_IID(kStringBundleServiceCID, NS_STRINGBUNDLESERVICE_CID);
+static NS_DEFINE_CID(kCScriptNameSetRegistryCID,
+                     NS_SCRIPT_NAMESET_REGISTRY_CID);
 static NS_DEFINE_CID(kZipReaderCID, NS_ZIPREADER_CID);
+static NS_DEFINE_IID(kObserverServiceIID, NS_IOBSERVERSERVICE_IID);
 
-nsIIOService    *nsScriptSecurityManager::sIOService = nsnull;
-nsIXPConnect    *nsScriptSecurityManager::sXPConnect = nsnull;
 nsIStringBundle *nsScriptSecurityManager::sStrBundle = nsnull;
 
 ///////////////////////////
@@ -114,10 +118,8 @@ class ClassInfoData
 {
 public:
     ClassInfoData(nsIClassInfo *aClassInfo, const char *aName)
-        : mClassInfo(aClassInfo),
-          mName(NS_CONST_CAST(char *, aName)),
-          mDidGetFlags(PR_FALSE),
-          mMustFreeName(PR_FALSE)
+        : mClassInfo(aClassInfo), mDidGetFlags(PR_FALSE),
+          mName(NS_CONST_CAST(char *, aName)), mMustFreeName(PR_FALSE)
     {
     }
 
@@ -174,10 +176,10 @@ public:
 
 private:
     nsIClassInfo *mClassInfo; // WEAK
+    PRBool mDidGetFlags;
     PRUint32 mFlags;
     char *mName;
-    PRPackedBool mDidGetFlags;
-    PRPackedBool mMustFreeName;
+    PRBool mMustFreeName;
 };
  
 JSContext *
@@ -220,6 +222,7 @@ nsScriptSecurityManager::SecurityCompareURIs(nsIURI* aSourceURI,
                                              nsIURI* aTargetURI,
                                              PRBool* result)
 {
+    nsresult rv;
     *result = PR_FALSE;
 
     if (aSourceURI == aTargetURI)
@@ -227,8 +230,7 @@ nsScriptSecurityManager::SecurityCompareURIs(nsIURI* aSourceURI,
         *result = PR_TRUE;
         return NS_OK;
     }
-
-    if (!aTargetURI) 
+    if (aTargetURI == nsnull) 
     {
         // return false
         return NS_OK;
@@ -252,20 +254,25 @@ nsScriptSecurityManager::SecurityCompareURIs(nsIURI* aSourceURI,
 
     // Compare schemes
     nsCAutoString targetScheme;
-    nsresult rv = targetBaseURI->GetScheme(targetScheme);
+    rv = targetBaseURI->GetScheme(targetScheme);
     nsCAutoString sourceScheme;
     if (NS_SUCCEEDED(rv))
         rv = sourceBaseURI->GetScheme(sourceScheme);
-    if (NS_SUCCEEDED(rv) && targetScheme.Equals(sourceScheme))
+    if (NS_SUCCEEDED(rv) && 
+        targetScheme.Equals(sourceScheme, nsCaseInsensitiveCStringComparator())) 
     {
-        if (targetScheme.Equals(NS_LITERAL_CSTRING("file")))
+        if (targetScheme.Equals(NS_LITERAL_CSTRING("file"),
+            nsCaseInsensitiveCStringComparator()))
         {
             // All file: urls are considered to have the same origin.
             *result = PR_TRUE;
         }
-        else if (targetScheme.Equals(NS_LITERAL_CSTRING("imap")) ||
-                 targetScheme.Equals(NS_LITERAL_CSTRING("mailbox")) ||
-                 targetScheme.Equals(NS_LITERAL_CSTRING("news")))
+        else if (targetScheme.Equals(NS_LITERAL_CSTRING("imap"),
+                                     nsCaseInsensitiveCStringComparator()) ||
+                 targetScheme.Equals(NS_LITERAL_CSTRING("mailbox"),
+                                     nsCaseInsensitiveCStringComparator()) ||
+                 targetScheme.Equals(NS_LITERAL_CSTRING("news"),
+                                     nsCaseInsensitiveCStringComparator()))
         {
             // Each message is a distinct trust domain; use the 
             // whole spec for comparison
@@ -302,22 +309,34 @@ nsScriptSecurityManager::SecurityCompareURIs(nsIURI* aSourceURI,
                 // for that scheme.
                 if (!*result && (sourcePort == -1 || targetPort == -1))
                 {
-                    NS_ENSURE_STATE(sIOService);
-
                     PRInt32 defaultPort;
-                    nsCOMPtr<nsIProtocolHandler> protocolHandler;
-                    rv = sIOService->GetProtocolHandler(sourceScheme.get(),
-                                                        getter_AddRefs(protocolHandler));
-                    if (NS_FAILED(rv))
+                    //XXX had to hard-code the defualt port for http(s) here.
+                    //    remove this after darin fixes bug 113206
+                    if (sourceScheme.Equals(NS_LITERAL_CSTRING("http"),
+                                            nsCaseInsensitiveCStringComparator()))
+                        defaultPort = 80;
+                    else if (sourceScheme.Equals(NS_LITERAL_CSTRING("https"),
+                                                 nsCaseInsensitiveCStringComparator()))
+                        defaultPort = 443;
+                    else
                     {
-                        *result = PR_FALSE;
-                        return NS_OK;
-                    }
+                        nsCOMPtr<nsIIOService> ioService(
+                            do_GetService(NS_IOSERVICE_CONTRACTID));
+                        if (!ioService)
+                            return NS_ERROR_FAILURE;
+                        nsCOMPtr<nsIProtocolHandler> protocolHandler;
+                        rv = ioService->GetProtocolHandler(sourceScheme.get(),
+                                                           getter_AddRefs(protocolHandler));
+                        if (NS_FAILED(rv))
+                        {
+                            *result = PR_FALSE;
+                            return NS_OK;
+                        }
                     
-                    rv = protocolHandler->GetDefaultPort(&defaultPort);
-                    if (NS_FAILED(rv) || defaultPort == -1)
-                        return NS_OK; // No default port for this scheme
-
+                        rv = protocolHandler->GetDefaultPort(&defaultPort);
+                        if (NS_FAILED(rv) || defaultPort == -1)
+                            return NS_OK; // No default port for this scheme
+                    }
                     if (sourcePort == -1)
                         sourcePort = defaultPort;
                     else if (targetPort == -1)
@@ -517,7 +536,9 @@ nsScriptSecurityManager::CheckSameOrigin(JSContext* cx,
         return NS_OK;
     }
 
-    if (sourcePrincipal == mSystemPrincipal)
+    PRBool equals = PR_FALSE;
+    rv = sourcePrincipal->Equals(mSystemPrincipal, &equals);
+    if (NS_SUCCEEDED(rv) && equals)
     {
         // This is a system (chrome) script, so allow access
         return NS_OK;
@@ -526,12 +547,16 @@ nsScriptSecurityManager::CheckSameOrigin(JSContext* cx,
     // Get the original URI from the source principal.
     // This has the effect of ignoring any change to document.domain
     // which must be done to avoid DNS spoofing (bug 154930)
+    nsCOMPtr<nsIAggregatePrincipal> sourceAgg(do_QueryInterface(sourcePrincipal, &rv));
+    NS_ENSURE_SUCCESS(rv, rv); // If it's not a system principal, it must be an aggregate
+    nsCOMPtr<nsIPrincipal> sourceOriginal;
+    rv = sourceAgg->GetOriginalCodebase(getter_AddRefs(sourceOriginal));
+    NS_ENSURE_SUCCESS(rv, rv);
+    nsCOMPtr<nsICodebasePrincipal> sourceCodebase(do_QueryInterface(sourcePrincipal, &rv));
+    NS_ENSURE_SUCCESS(rv, rv);
     nsCOMPtr<nsIURI> sourceURI;
-    sourcePrincipal->GetDomain(getter_AddRefs(sourceURI));
-    if (!sourceURI) {
-      sourcePrincipal->GetURI(getter_AddRefs(sourceURI));
-      NS_ENSURE_TRUE(sourceURI, NS_ERROR_FAILURE);
-    }
+    rv = sourceCodebase->GetURI(getter_AddRefs(sourceURI));
+    NS_ENSURE_TRUE(sourceURI, NS_ERROR_FAILURE);
 
     // Compare origins
     PRBool sameOrigin = PR_FALSE;
@@ -587,7 +612,9 @@ nsScriptSecurityManager::CheckPropertyAccessImpl(PRUint32 aAction,
     if (NS_FAILED(GetSubjectPrincipal(cx, getter_AddRefs(subjectPrincipal))))
         return NS_ERROR_FAILURE;
 
-    if (!subjectPrincipal || subjectPrincipal == mSystemPrincipal)
+    PRBool equals;
+    if (!subjectPrincipal ||
+        NS_SUCCEEDED(subjectPrincipal->Equals(mSystemPrincipal, &equals)) && equals)
         // We have native code or the system principal: just allow access
         return NS_OK;
 
@@ -595,7 +622,7 @@ nsScriptSecurityManager::CheckPropertyAccessImpl(PRUint32 aAction,
     // Hold the class info data here so we don't have to go back to virtual
     // methods all the time
     ClassInfoData classInfoData(aClassInfo, aClassName);
-#ifdef DEBUG_CAPS_CheckPropertyAccessImpl
+#ifdef DEBUG_mstoltz
     nsCAutoString propertyName;
     propertyName.AssignWithConversion((PRUnichar*)JSValIDToString(cx, aProperty));
     printf("### CanAccess(%s.%s, %i) ", classInfoData.GetName(), 
@@ -627,14 +654,14 @@ nsScriptSecurityManager::CheckPropertyAccessImpl(PRUint32 aAction,
         switch (securityLevel.level)
         {
         case SCRIPT_SECURITY_NO_ACCESS:
-#ifdef DEBUG_CAPS_CheckPropertyAccessImpl
+#ifdef DEBUG_mstoltz
             printf("noAccess ");
 #endif
             rv = NS_ERROR_DOM_PROP_ACCESS_DENIED;
             break;
 
         case SCRIPT_SECURITY_ALL_ACCESS:
-#ifdef DEBUG_CAPS_CheckPropertyAccessImpl
+#ifdef DEBUG_mstoltz
             printf("allAccess ");
 #endif
             rv = NS_OK;
@@ -642,7 +669,7 @@ nsScriptSecurityManager::CheckPropertyAccessImpl(PRUint32 aAction,
 
         case SCRIPT_SECURITY_SAME_ORIGIN_ACCESS:
             {
-#ifdef DEBUG_CAPS_CheckPropertyAccessImpl
+#ifdef DEBUG_mstoltz
                 printf("sameOrigin ");
 #endif
                 nsCOMPtr<nsIPrincipal> objectPrincipal;
@@ -671,7 +698,7 @@ nsScriptSecurityManager::CheckPropertyAccessImpl(PRUint32 aAction,
                 break;
             }
         default:
-#ifdef DEBUG_CAPS_CheckPropertyAccessImpl
+#ifdef DEBUG_mstoltz
                 printf("ERROR ");
 #endif
             NS_ERROR("Bad Security Level Value");
@@ -680,7 +707,7 @@ nsScriptSecurityManager::CheckPropertyAccessImpl(PRUint32 aAction,
     }
     else // if SECURITY_ACCESS_LEVEL_FLAG is false, securityLevel is a capability
     {
-#ifdef DEBUG_CAPS_CheckPropertyAccessImpl
+#ifdef DEBUG_mstoltz
         printf("Cap:%s ", securityLevel.capability);
 #endif
         PRBool capabilityEnabled = PR_FALSE;
@@ -704,7 +731,7 @@ nsScriptSecurityManager::CheckPropertyAccessImpl(PRUint32 aAction,
 
     if (NS_SUCCEEDED(rv))
     {
-#ifdef DEBUG_CAPS_CheckPropertyAccessImpl
+#ifdef DEBUG_mstoltz
     printf(" GRANTED.\n");
 #endif
         return rv;
@@ -748,7 +775,7 @@ nsScriptSecurityManager::CheckPropertyAccessImpl(PRUint32 aAction,
         }
     }
     rv = CheckXPCPermissions(aObj, objectSecurityLevel);
-#ifdef DEBUG_CAPS_CheckPropertyAccessImpl
+#ifdef DEBUG_mstoltz
     if(NS_SUCCEEDED(rv))
         printf("CheckXPCPerms GRANTED.\n");
     else
@@ -781,20 +808,21 @@ nsScriptSecurityManager::CheckPropertyAccessImpl(PRUint32 aAction,
         // We need to keep our existing failure rv and not override it
         // with a likely success code from the following string bundle
         // call in order to throw the correct security exception later.
-        nsresult rv2 = sStrBundle->FormatStringFromName(stringName.get(),
+        nsresult rv2 = sStrBundle->FormatStringFromName(PromiseFlatString(stringName).get(),
                                                         formatStrings,
                                                         NS_ARRAY_LENGTH(formatStrings),
                                                         getter_Copies(errorMsg));
         NS_ENSURE_SUCCESS(rv2, rv2);
-
+ 
         JS_SetPendingException(cx,
             STRING_TO_JSVAL(JS_NewUCStringCopyZ(cx,
                 NS_REINTERPRET_CAST(const jschar*, errorMsg.get()))));
 
-        if (sXPConnect)
+        nsCOMPtr<nsIXPConnect> xpc = do_GetService(nsIXPConnect::GetCID());
+        if (xpc)
         {
             nsCOMPtr<nsIXPCNativeCallContext> xpcCallContext;
-            sXPConnect->GetCurrentNativeCallContext(getter_AddRefs(xpcCallContext));
+            xpc->GetCurrentNativeCallContext(getter_AddRefs(xpcCallContext));
             if (xpcCallContext)
                 xpcCallContext->SetExceptionWasThrown(PR_TRUE);
         }
@@ -814,20 +842,8 @@ nsScriptSecurityManager::CheckSameOriginPrincipalInternal(nsIPrincipal* aSubject
     if (aSubject == aObject)
         return NS_OK;
 
-    nsCOMPtr<nsIURI> subjectURI;
-    nsCOMPtr<nsIURI> objectURI;
-    aSubject->GetDomain(getter_AddRefs(subjectURI));
-    if (!subjectURI) {
-      aSubject->GetURI(getter_AddRefs(subjectURI));
-    }
-
-    aObject->GetDomain(getter_AddRefs(objectURI));
-    if (!objectURI) {
-      aObject->GetURI(getter_AddRefs(objectURI));
-    }
-
     PRBool isSameOrigin = PR_FALSE;
-    nsresult rv = SecurityCompareURIs(subjectURI, objectURI, &isSameOrigin);
+    nsresult rv = aSubject->Equals(aObject, &isSameOrigin);
     NS_ENSURE_SUCCESS(rv, rv);
 
     if (isSameOrigin)
@@ -843,23 +859,32 @@ nsScriptSecurityManager::CheckSameOriginPrincipalInternal(nsIPrincipal* aSubject
         if (aIsCheckConnect)
             return NS_OK;
 
-        nsCOMPtr<nsIURI> subjectDomain;
-        aSubject->GetDomain(getter_AddRefs(subjectDomain));
+        nsCOMPtr<nsIAggregatePrincipal> subjectAgg(do_QueryInterface(aSubject, &rv));
+        NS_ENSURE_SUCCESS(rv, rv);
+        PRBool subjectDomainChanged = PR_FALSE;
+        subjectAgg->GetDomainChanged(&subjectDomainChanged);
 
-        nsCOMPtr<nsIURI> objectDomain;
-        aObject->GetDomain(getter_AddRefs(objectDomain));
+        nsCOMPtr<nsIAggregatePrincipal> objectAgg(do_QueryInterface(aObject, &rv));
+        NS_ENSURE_SUCCESS(rv, rv);
+        PRBool objectDomainChanged = PR_FALSE;
+        objectAgg->GetDomainChanged(&objectDomainChanged);
 
         // If both or neither explicitly set their domain, allow the access
-        if (!subjectDomain == !objectDomain)
+        if (!(subjectDomainChanged || objectDomainChanged) ||
+            (subjectDomainChanged && objectDomainChanged))
             return NS_OK;
     }
 
     // Allow access to about:blank
-    nsXPIDLCString origin;
-    rv = aObject->GetOrigin(getter_Copies(origin));
-    NS_ENSURE_SUCCESS(rv, rv);
-    if (nsCRT::strcasecmp(origin, "about:blank") == 0)
-        return NS_OK;
+    nsCOMPtr<nsICodebasePrincipal> objectCodebase(do_QueryInterface(aObject));
+    if (objectCodebase)
+    {
+        nsXPIDLCString origin;
+        rv = objectCodebase->GetOrigin(getter_Copies(origin));
+        NS_ENSURE_SUCCESS(rv, rv);
+        if (nsCRT::strcasecmp(origin, "about:blank") == 0)
+            return NS_OK;
+    }
 
     /*
     ** Access tests failed, so now report error.
@@ -920,17 +945,24 @@ nsScriptSecurityManager::LookupPolicy(nsIPrincipal* aPrincipal,
     }
 
     DomainPolicy* dpolicy = nsnull;
-    aPrincipal->GetSecurityPolicy((void**)&dpolicy);
+    nsCOMPtr<nsIAggregatePrincipal> agg(do_QueryInterface(aPrincipal));
+    NS_ASSERTION(agg, "Subject principal not an aggregate - this shouldn't happen");
+    if (agg)
+        agg->GetCachedSecurityPolicy((void**)&dpolicy);
 
     if (!dpolicy && mOriginToPolicyMap)
     {
         //-- Look up the relevant domain policy, if any
-#ifdef DEBUG_CAPS_LookupPolicy
+#ifdef DEBUG_mstoltz
         printf("DomainLookup ");
 #endif
 
+        nsCOMPtr<nsICodebasePrincipal> codebase(do_QueryInterface(aPrincipal));
+        if (!codebase)
+            return NS_ERROR_FAILURE;
+
         nsXPIDLCString origin;
-        if (NS_FAILED(rv = aPrincipal->GetOrigin(getter_Copies(origin))))
+        if (NS_FAILED(rv = codebase->GetOrigin(getter_Copies(origin))))
             return rv;
  
         const char *start = origin;
@@ -972,7 +1004,7 @@ nsScriptSecurityManager::LookupPolicy(nsIPrincipal* aPrincipal,
         if (!dpolicy)
             dpolicy = mDefaultPolicy;
 
-        aPrincipal->SetSecurityPolicy((void*)dpolicy);
+        agg->SetCachedSecurityPolicy((void*)dpolicy);
     }
 
     ClassPolicy* cpolicy = nsnull;
@@ -986,14 +1018,14 @@ nsScriptSecurityManager::LookupPolicy(nsIPrincipal* aPrincipal,
 
     if (!cpolicy)
     { //-- No cached policy for this class, need to look it up
-#ifdef DEBUG_CAPS_LookupPolicy
+#ifdef DEBUG_mstoltz
         printf("ClassLookup ");
 #endif
 
-        cpolicy = NS_STATIC_CAST(ClassPolicy*,
-                                 PL_DHashTableOperate(dpolicy,
-                                                      aClassName,
-                                                      PL_DHASH_LOOKUP));
+        cpolicy = NS_REINTERPRET_CAST(ClassPolicy*,
+                                      PL_DHashTableOperate(dpolicy,
+                                                           aClassName,
+                                                           PL_DHASH_LOOKUP));
 
         if (PL_DHASH_ENTRY_IS_FREE(cpolicy))
             cpolicy = NO_POLICY_FOR_CLASS;
@@ -1004,10 +1036,10 @@ nsScriptSecurityManager::LookupPolicy(nsIPrincipal* aPrincipal,
     PropertyPolicy* ppolicy = nsnull;
     if (cpolicy != NO_POLICY_FOR_CLASS)
     {
-        ppolicy = NS_STATIC_CAST(PropertyPolicy*,
-                                 PL_DHashTableOperate(cpolicy->mPolicy,
-                                                      (void*)aProperty,
-                                                      PL_DHASH_LOOKUP));
+        ppolicy = NS_REINTERPRET_CAST(PropertyPolicy*,
+                                      PL_DHashTableOperate(cpolicy->mPolicy,
+                                                           (void*)aProperty,
+                                                           PL_DHASH_LOOKUP));
     }
     else
     {
@@ -1019,27 +1051,27 @@ nsScriptSecurityManager::LookupPolicy(nsIPrincipal* aPrincipal,
         if (dpolicy->mWildcardPolicy)
         {
             ppolicy =
-              NS_STATIC_CAST(PropertyPolicy*,
-                             PL_DHashTableOperate(dpolicy->mWildcardPolicy->mPolicy,
-                                                  (void*)aProperty,
-                                                  PL_DHASH_LOOKUP));
+              NS_REINTERPRET_CAST(PropertyPolicy*,
+                                  PL_DHashTableOperate(dpolicy->mWildcardPolicy->mPolicy,
+                                                       (void*)aProperty,
+                                                       PL_DHASH_LOOKUP));
         }
 
         // If there's no wildcard policy, check the default policy for this class
         if (!ppolicy || PL_DHASH_ENTRY_IS_FREE(ppolicy))
         {
-            cpolicy = NS_STATIC_CAST(ClassPolicy*,
-                                     PL_DHashTableOperate(mDefaultPolicy,
-                                                          aClassName,
-                                                          PL_DHASH_LOOKUP));
+            cpolicy = NS_REINTERPRET_CAST(ClassPolicy*,
+                                          PL_DHashTableOperate(mDefaultPolicy,
+                                                               aClassName,
+                                                               PL_DHASH_LOOKUP));
 
             if (PL_DHASH_ENTRY_IS_BUSY(cpolicy))
             {
                 ppolicy =
-                  NS_STATIC_CAST(PropertyPolicy*,
-                                 PL_DHashTableOperate(cpolicy->mPolicy,
-                                                      (void*)aProperty,
-                                                      PL_DHASH_LOOKUP));
+                  NS_REINTERPRET_CAST(PropertyPolicy*,
+                                      PL_DHashTableOperate(cpolicy->mPolicy,
+                                                           (void*)aProperty,
+                                                           PL_DHASH_LOOKUP));
             }
         }
     }
@@ -1070,13 +1102,19 @@ nsScriptSecurityManager::CheckLoadURIFromScript(JSContext *cx, nsIURI *aURI)
         return NS_OK;
 
     // The system principal can load all URIs.
-    if (principal == mSystemPrincipal)
+    PRBool equals = PR_FALSE;
+    if (NS_FAILED(principal->Equals(mSystemPrincipal, &equals)))
+        return NS_ERROR_FAILURE;
+    if (equals)
         return NS_OK;
 
-    // Otherwise, principal should have a codebase URI that we can use to
+    // Otherwise, principal should have a codebase that we can use to
     // do the remaining tests.
+    nsCOMPtr<nsICodebasePrincipal> codebase(do_QueryInterface(principal));
+    if (!codebase)
+        return NS_ERROR_FAILURE;
     nsCOMPtr<nsIURI> uri;
-    if (NS_FAILED(principal->GetURI(getter_AddRefs(uri))))
+    if (NS_FAILED(codebase->GetURI(getter_AddRefs(uri))))
         return NS_ERROR_FAILURE;
     if (NS_SUCCEEDED(CheckLoadURI(uri, aURI, nsIScriptSecurityManager::STANDARD )))
         return NS_OK;
@@ -1125,7 +1163,7 @@ nsScriptSecurityManager::GetBaseURIScheme(nsIURI* aURI, char** aScheme)
     {
         rv = uri->GetPath(path);
         if (NS_FAILED(rv)) return rv;
-        rv = NS_NewURI(getter_AddRefs(uri), path, nsnull, nsnull, sIOService);
+        rv = NS_NewURI(getter_AddRefs(uri), path, nsnull);
         if (NS_FAILED(rv)) return rv;
         rv = uri->GetScheme(scheme);
         if (NS_FAILED(rv)) return rv;
@@ -1329,10 +1367,11 @@ nsScriptSecurityManager::ReportError(JSContext* cx, const nsAString& messageTag,
             STRING_TO_JSVAL(JS_NewUCStringCopyZ(cx,
                 NS_REINTERPRET_CAST(const jschar*, message.get()))));
         // Tell XPConnect that an exception was thrown, if appropriate
-        if (sXPConnect)
+        nsCOMPtr<nsIXPConnect> xpc = do_GetService(nsIXPConnect::GetCID());
+        if (xpc)
         {
             nsCOMPtr<nsIXPCNativeCallContext> xpcCallContext;
-            sXPConnect->GetCurrentNativeCallContext(getter_AddRefs(xpcCallContext));
+            xpc->GetCurrentNativeCallContext(getter_AddRefs(xpcCallContext));
              if (xpcCallContext)
                 xpcCallContext->SetExceptionWasThrown(PR_TRUE);
         }
@@ -1356,14 +1395,10 @@ nsScriptSecurityManager::CheckLoadURIStr(const char* aSourceURIStr, const char*
                                          PRUint32 aFlags)
 {
     nsCOMPtr<nsIURI> source;
-    nsresult rv = NS_NewURI(getter_AddRefs(source),
-                            nsDependentCString(aSourceURIStr),
-                            nsnull, nsnull, sIOService);
+    nsresult rv = NS_NewURI(getter_AddRefs(source), nsDependentCString(aSourceURIStr), nsnull);
     NS_ENSURE_SUCCESS(rv, rv);
     nsCOMPtr<nsIURI> target;
-    rv = NS_NewURI(getter_AddRefs(target),
-                   nsDependentCString(aTargetURIStr),
-                   nsnull, nsnull, sIOService);
+    rv = NS_NewURI(getter_AddRefs(target), nsDependentCString(aTargetURIStr), nsnull);
     NS_ENSURE_SUCCESS(rv, rv);
     return CheckLoadURI(source, target, aFlags);
 }
@@ -1397,7 +1432,8 @@ nsScriptSecurityManager::CheckFunctionAccess(JSContext *aCx, void *aFunObj,
     if (!subject) return NS_ERROR_FAILURE;
 
 
-    if (subject == mSystemPrincipal)
+    PRBool isSystem;
+    if (NS_SUCCEEDED(subject->Equals(mSystemPrincipal, &isSystem)) && isSystem)
         // This is the system principal: just allow access
         return NS_OK;
 
@@ -1422,7 +1458,28 @@ nsScriptSecurityManager::CheckFunctionAccess(JSContext *aCx, void *aFunObj,
     if (subject == object)
         return NS_OK;
 
-    return CheckSameOriginPrincipalInternal(subject, object, PR_TRUE);
+    PRBool isSameOrigin = PR_FALSE;
+    if (NS_FAILED(subject->Equals(object, &isSameOrigin)))
+        return NS_ERROR_FAILURE;
+
+    if (isSameOrigin)
+        return NS_OK;
+
+    // Allow access to about:blank
+    nsCOMPtr<nsICodebasePrincipal> objectCodebase(do_QueryInterface(object));
+    if (objectCodebase)
+    {
+        nsXPIDLCString origin;
+        if (NS_FAILED(objectCodebase->GetOrigin(getter_Copies(origin))))
+            return NS_ERROR_FAILURE;
+        if (nsCRT::strcasecmp(origin, "about:blank") == 0)
+            return NS_OK;
+    }
+
+    /*
+    ** Access tests failed.  Fail silently without a JS exception.
+    */
+    return NS_ERROR_DOM_SECURITY_ERR;
 }
 
 nsresult
@@ -1464,18 +1521,20 @@ nsScriptSecurityManager::CanExecuteScripts(JSContext* cx,
     //-- Always allow chrome pages to run scripts
     //   This is for about: URLs, which are chrome but don't
     //   have the system principal
+    nsresult rv;
     if (!mIsJavaScriptEnabled)
     {
-        nsCOMPtr<nsIURI> principalURI;
-        aPrincipal->GetURI(getter_AddRefs(principalURI));
-        if (principalURI)
+        nsCOMPtr<nsICodebasePrincipal> codebase(do_QueryInterface(aPrincipal));
+        if (codebase)
         {
-            PRBool isChrome = PR_FALSE;
-            principalURI->SchemeIs("chrome", &isChrome);
-            if (isChrome)
+            nsXPIDLCString origin;
+            rv = codebase->GetOrigin(getter_Copies(origin));
+            static const char chromePrefix[] = "chrome:";
+            if (NS_SUCCEEDED(rv) &&
+                (PL_strncmp(origin, chromePrefix, sizeof(chromePrefix)-1) == 0))
             {
                 *result = PR_TRUE;
-                return NS_OK;              
+                return NS_OK;
             }
         }
     }
@@ -1487,53 +1546,60 @@ nsScriptSecurityManager::CanExecuteScripts(JSContext* cx,
     scriptContext->GetGlobalObject(getter_AddRefs(globalObject));
     if (!globalObject) return NS_ERROR_FAILURE;
     
-    nsresult rv;
     nsCOMPtr<nsIDocShell> docshell;
     globalObject->GetDocShell(getter_AddRefs(docshell));
-    nsCOMPtr<nsIDocShellTreeItem> globalObjTreeItem = do_QueryInterface(docshell);
-    if (globalObjTreeItem) 
+    nsCOMPtr<nsIDocShellTreeItem> treeItem;
+    if (docshell) 
     {
-        nsCOMPtr<nsIDocShellTreeItem> treeItem(globalObjTreeItem);
+        treeItem = do_QueryInterface(docshell);
         nsCOMPtr<nsIDocShellTreeItem> parentItem;
-
         // Walk up the docshell tree to see if any containing docshell disallows scripts
-        do
+        do 
         {
             rv = docshell->GetAllowJavascript(result);
             if (NS_FAILED(rv)) return rv;
             if (!*result)
                 return NS_OK; // Do not run scripts
-            treeItem->GetParent(getter_AddRefs(parentItem));
-            treeItem.swap(parentItem);
-            docshell = do_QueryInterface(treeItem);
-#ifdef DEBUG
-            if (treeItem && !docshell) {
-              NS_ERROR("cannot get a docshell from a treeItem!");
+            if (treeItem) 
+            {
+                treeItem->GetParent(getter_AddRefs(parentItem));
+                if (parentItem)
+                {
+                    treeItem = parentItem;
+                    docshell = do_QueryInterface(treeItem, &rv);
+                    NS_ASSERTION(docshell, "cannot get a docshell from a treeItem!");
+                    if (NS_FAILED(rv)) break;
+                }
             }
-#endif // DEBUG
-        } while (treeItem && docshell);
+        } while (parentItem);
     }
 
     //-- See if JS is disabled globally (via prefs)
     *result = mIsJavaScriptEnabled;
-    if (mIsJavaScriptEnabled != mIsMailJavaScriptEnabled && globalObjTreeItem) 
+    if (mIsJavaScriptEnabled != mIsMailJavaScriptEnabled) 
     {
-        nsCOMPtr<nsIDocShellTreeItem> rootItem;
-        globalObjTreeItem->GetRootTreeItem(getter_AddRefs(rootItem));
-        docshell = do_QueryInterface(rootItem);
-        if (docshell) 
+        // Get docshell from the global window again.
+        globalObject->GetDocShell(getter_AddRefs(docshell));
+        treeItem = do_QueryInterface(docshell);
+        if (treeItem) 
         {
-            // Is this script running from mail?
-            PRUint32 appType;
-            rv = docshell->GetAppType(&appType);
-            if (NS_FAILED(rv)) return rv;
-            if (appType == nsIDocShell::APP_TYPE_MAIL) 
+            nsCOMPtr<nsIDocShellTreeItem> rootItem;
+            treeItem->GetRootTreeItem(getter_AddRefs(rootItem));
+            docshell = do_QueryInterface(rootItem);
+            if (docshell) 
             {
-                *result = mIsMailJavaScriptEnabled;
+                // Is this script running from mail?
+                PRUint32 appType;
+                rv = docshell->GetAppType(&appType);
+                if (NS_FAILED(rv)) return rv;
+                if (appType == nsIDocShell::APP_TYPE_MAIL) 
+                {
+                    *result = mIsMailJavaScriptEnabled;
+                }
             }
         }
     }
-
+    
     if (!*result)
         return NS_OK; // Do not run scripts
 
@@ -1576,9 +1642,10 @@ nsScriptSecurityManager::GetSystemPrincipal(nsIPrincipal **result)
         mSystemPrincipal = new nsSystemPrincipal();
         if (!mSystemPrincipal)
             return NS_ERROR_OUT_OF_MEMORY;
+        NS_ADDREF(mSystemPrincipal);
     }
-
-    NS_ADDREF(*result = mSystemPrincipal);
+    *result = mSystemPrincipal;
+    NS_ADDREF(*result);
     return NS_OK;
 }
 
@@ -1611,38 +1678,59 @@ NS_IMETHODIMP
 nsScriptSecurityManager::GetCertificatePrincipal(const char* aCertID,
                                                  nsIPrincipal **result)
 {
+    nsresult rv;
     //-- Create a certificate principal
-    nsRefPtr<nsPrincipal> certificate = new nsPrincipal();
+    nsCertificatePrincipal *certificate = new nsCertificatePrincipal();
     if (!certificate)
         return NS_ERROR_OUT_OF_MEMORY;
+    NS_ADDREF(certificate);
+    if (NS_FAILED(certificate->Init(aCertID)))
+    {
+        NS_RELEASE(certificate);
+        return NS_ERROR_FAILURE;
+    }
+    nsCOMPtr<nsIPrincipal> principal(do_QueryInterface((nsBasePrincipal*)certificate, &rv));
+    NS_RELEASE(certificate);
+    if (NS_FAILED(rv)) return rv;
 
-    nsresult rv = certificate->SetCertificateID(aCertID);
-    if (NS_FAILED(rv))
-        return rv;
+    if (mPrincipals)
+    {
+        // Check to see if we already have this principal.
+        nsIPrincipalKey key(principal);
+        nsCOMPtr<nsIPrincipal> fromTable = (nsIPrincipal *) mPrincipals->Get(&key);
+        if (fromTable)
+            principal = fromTable;
+    }
 
-    nsCOMPtr<nsIPrincipal> principal(certificate);
-
-    // Check to see if we already have this principal.
-    nsCOMPtr<nsIPrincipal> fromTable;
-    mPrincipals.Get(principal, getter_AddRefs(fromTable));
-    if (fromTable)
-        principal = fromTable;
-
-    NS_ADDREF(*result = principal);
+    //-- Bundle this certificate principal into an aggregate principal
+    nsAggregatePrincipal* agg = new nsAggregatePrincipal();
+    if (!agg) return NS_ERROR_OUT_OF_MEMORY;
+    rv = agg->SetCertificate(principal);
+    if (NS_FAILED(rv)) return rv;
+    principal = do_QueryInterface((nsBasePrincipal*)agg, &rv);
+    if (NS_FAILED(rv)) return rv;
 
+    *result = principal;
+    NS_ADDREF(*result);
     return NS_OK;
 }
 
 nsresult
 nsScriptSecurityManager::CreateCodebasePrincipal(nsIURI* aURI, nsIPrincipal **result)
 {
-    nsRefPtr<nsPrincipal> codebase = new nsPrincipal(aURI);
+    nsresult rv = NS_OK;
+    nsCodebasePrincipal *codebase = new nsCodebasePrincipal();
     if (!codebase)
         return NS_ERROR_OUT_OF_MEMORY;
-
-    NS_ADDREF(*result = codebase);
-
-    return NS_OK;
+    NS_ADDREF(codebase);
+    if (NS_FAILED(codebase->Init(aURI)))
+    {
+        NS_RELEASE(codebase);
+        return NS_ERROR_FAILURE;
+    }
+    rv = CallQueryInterface((nsBasePrincipal*)codebase, result);
+    NS_RELEASE(codebase);
+    return rv;
 }
 
 NS_IMETHODIMP
@@ -1654,32 +1742,42 @@ nsScriptSecurityManager::GetCodebasePrincipal(nsIURI *aURI,
     rv = CreateCodebasePrincipal(aURI, getter_AddRefs(principal));
     if (NS_FAILED(rv)) return rv;
 
-    if (mPrincipals.Count() > 0)
+    if (mPrincipals)
     {
         //-- Check to see if we already have this principal.
-        nsCOMPtr<nsIPrincipal> fromTable;
-        mPrincipals.Get(principal, getter_AddRefs(fromTable));
+        nsIPrincipalKey key(principal);
+        nsCOMPtr<nsIPrincipal> fromTable = (nsIPrincipal *) mPrincipals->Get(&key);
         if (fromTable)
             principal = fromTable;
         else //-- Check to see if we have a more general principal
         {
+            nsCOMPtr<nsICodebasePrincipal> codebasePrin(do_QueryInterface(principal));
             nsXPIDLCString originUrl;
-            rv = principal->GetOrigin(getter_Copies(originUrl));
+            rv = codebasePrin->GetOrigin(getter_Copies(originUrl));
             if (NS_FAILED(rv)) return rv;
             nsCOMPtr<nsIURI> newURI;
-            rv = NS_NewURI(getter_AddRefs(newURI), originUrl, nsnull, sIOService);
+            rv = NS_NewURI(getter_AddRefs(newURI), originUrl, nsnull);
             if (NS_FAILED(rv)) return rv;
             nsCOMPtr<nsIPrincipal> principal2;
             rv = CreateCodebasePrincipal(newURI, getter_AddRefs(principal2));
             if (NS_FAILED(rv)) return rv;
-            mPrincipals.Get(principal2, getter_AddRefs(fromTable));
+             nsIPrincipalKey key2(principal2);
+                fromTable = (nsIPrincipal *) mPrincipals->Get(&key2);
             if (fromTable)
                 principal = fromTable;
-        }
+        }		
     }
 
-    NS_IF_ADDREF(*result = principal);
+    //-- Bundle this codebase principal into an aggregate principal
+    nsAggregatePrincipal* agg = new nsAggregatePrincipal();
+    if (!agg) return NS_ERROR_OUT_OF_MEMORY;
+    rv = agg->SetCodebase(principal);
+    if (NS_FAILED(rv)) return rv;
+    principal = do_QueryInterface((nsBasePrincipal*)agg, &rv);
+    if (NS_FAILED(rv)) return rv;
 
+    *result = principal;
+    NS_ADDREF(*result);
     return NS_OK;
 }
 
@@ -1755,8 +1853,8 @@ nsScriptSecurityManager::GetFunctionObjectPrincipal(JSContext *cx,
 
     }
 
-    NS_IF_ADDREF(*result = scriptPrincipal);
-
+    *result = scriptPrincipal.get();
+    NS_IF_ADDREF(*result);
     return NS_OK;
 }
 
@@ -1901,18 +1999,32 @@ nsScriptSecurityManager::doGetObjectPrincipal(JSContext *aCx, JSObject *aObj,
 nsresult
 nsScriptSecurityManager::SavePrincipal(nsIPrincipal* aToSave)
 {
+    nsresult rv;
+    nsCOMPtr<nsIPrincipal> persistent = aToSave;
+    nsCOMPtr<nsIAggregatePrincipal> aggregate(do_QueryInterface(aToSave, &rv));
+    if (NS_SUCCEEDED(rv))
+        if (NS_FAILED(aggregate->GetPrimaryChild(getter_AddRefs(persistent))))
+            return NS_ERROR_FAILURE;
+
     //-- Save to mPrincipals
-    mPrincipals.Put(aToSave, aToSave);
+    if (!mPrincipals)
+    {
+        mPrincipals = new nsSupportsHashtable(31);
+        if (!mPrincipals)
+            return NS_ERROR_OUT_OF_MEMORY;
+    }
+    nsIPrincipalKey key(persistent);
+    mPrincipals->Put(&key, persistent);
 
     //-- Save to prefs
     nsXPIDLCString idPrefName;
     nsXPIDLCString id;
     nsXPIDLCString grantedList;
     nsXPIDLCString deniedList;
-    nsresult rv = aToSave->GetPreferences(getter_Copies(idPrefName),
-                                          getter_Copies(id),
-                                          getter_Copies(grantedList),
-                                          getter_Copies(deniedList));
+    rv = persistent->GetPreferences(getter_Copies(idPrefName),
+                                    getter_Copies(id),
+                                    getter_Copies(grantedList),
+                                    getter_Copies(deniedList));
     if (NS_FAILED(rv)) return NS_ERROR_FAILURE;
 
     nsXPIDLCString grantedPrefName;
@@ -2053,18 +2165,13 @@ nsScriptSecurityManager::CheckConfirmDialog(JSContext* cx, nsIPrincipal* aPrinci
     if (NS_FAILED(rv))
         return PR_FALSE;
 
-    nsXPIDLCString val;
-    PRBool hasCert;
-    aPrincipal->GetHasCertificate(&hasCert);
-    if (hasCert)
-        rv = aPrincipal->GetCommonName(getter_Copies(val));
-    else
-        rv = aPrincipal->GetOrigin(getter_Copies(val));
+    nsXPIDLCString source;
+    rv = aPrincipal->ToUserVisibleString(getter_Copies(source));
 
     if (NS_FAILED(rv))
         return PR_FALSE;
 
-    NS_ConvertUTF8toUTF16 location(val.get());
+    NS_ConvertUTF8toUTF16 location(source.get());
     NS_ConvertUTF8toUTF16 capability(aCapability);
     const PRUnichar *formatStrings[] = { location.get(), capability.get() };
 
@@ -2146,13 +2253,7 @@ nsScriptSecurityManager::EnableCapability(const char *capability)
     if (canEnable != nsIPrincipal::ENABLE_GRANTED)
     {
         nsXPIDLCString val;
-        PRBool hasCert;
-        nsresult rv;
-        principal->GetHasCertificate(&hasCert);
-        if (hasCert)
-            rv = principal->GetCommonName(getter_Copies(val));
-        else
-            rv = principal->GetOrigin(getter_Copies(val));
+        nsresult rv = principal->ToUserVisibleString(getter_Copies(val));
 
         if (NS_FAILED(rv))
             return rv;
@@ -2237,7 +2338,10 @@ nsScriptSecurityManager::SetCanEnableCapability(const char* certificateID,
 #endif
         systemCertFile->AppendNative(NS_LITERAL_CSTRING("systemSignature.jar"));
         if (NS_FAILED(rv)) return NS_ERROR_FAILURE;
-        nsCOMPtr<nsIZipReader> systemCertZip = do_CreateInstance(kZipReaderCID, &rv);
+        nsCOMPtr<nsIZipReader> systemCertZip;
+        rv = nsComponentManager::CreateInstance(kZipReaderCID, nsnull,
+                                                NS_GET_IID(nsIZipReader),
+                                                getter_AddRefs(systemCertZip));
         if (NS_FAILED(rv)) return NS_ERROR_FAILURE;
         systemCertZip->Init(systemCertFile);
         rv = systemCertZip->Open();
@@ -2289,16 +2393,16 @@ nsScriptSecurityManager::CanCreateWrapper(JSContext *cx,
                                           nsIClassInfo *aClassInfo,
                                           void **aPolicy)
 {
-#ifdef DEBUG_CAPS_CanCreateWrapper
+#if 0
     char* iidStr = aIID.ToString();
     printf("### CanCreateWrapper(%s) ", iidStr);
-    nsCRT::free(iidStr);
+    PR_FREEIF(iidStr);
 #endif
 // XXX Special case for nsIXPCException ?
     ClassInfoData objClassInfo = ClassInfoData(aClassInfo, nsnull);
     if (objClassInfo.IsDOMClass())
     {
-#ifdef DEBUG_CAPS_CanCreateWrapper
+#if 0
         printf("DOM class - GRANTED.\n");
 #endif
         return NS_OK;
@@ -2335,16 +2439,7 @@ nsScriptSecurityManager::CanCreateWrapper(JSContext *cx,
         JS_SetPendingException(cx,
             STRING_TO_JSVAL(JS_NewUCStringCopyZ(cx,
                 NS_REINTERPRET_CAST(const jschar*, errorMsg.get()))));
-
-#ifdef DEBUG_CAPS_CanCreateWrapper
-        printf("DENIED.\n");
     }
-    else
-    {
-        printf("GRANTED.\n");
-#endif
-    }
-
     return rv;
 }
 
@@ -2365,7 +2460,7 @@ nsScriptSecurityManager::CheckComponentPermissions(JSContext *cx,
                       Substring(cidTemp, 1, cidTemp.Length() - 2));
     ToUpperCase(cid);
 
-#ifdef DEBUG_CAPS_CheckComponentPermissions
+#ifdef DEBUG_mstoltz
     printf("### CheckComponentPermissions(ClassID.%s) ",cid.get());
 #endif
 
@@ -2387,13 +2482,13 @@ nsScriptSecurityManager::CheckComponentPermissions(JSContext *cx,
 
     if (securityLevel.level == SCRIPT_SECURITY_ALL_ACCESS)
     {
-#ifdef DEBUG_CAPS_CheckComponentPermissions
+#ifdef DEBUG_mstoltz
         printf(" GRANTED.\n");
 #endif
         return NS_OK;
     }
 
-#ifdef DEBUG_CAPS_CheckComponentPermissions
+#ifdef DEBUG_mstoltz
     printf(" DENIED.\n");
 #endif
     return NS_ERROR_DOM_PROP_ACCESS_DENIED;
@@ -2404,12 +2499,6 @@ NS_IMETHODIMP
 nsScriptSecurityManager::CanCreateInstance(JSContext *cx,
                                            const nsCID &aCID)
 {
-#ifdef DEBUG_CAPS_CanCreateInstance
-    char* cidStr = aCID.ToString();
-    printf("### CanCreateInstance(%s) ", cidStr);
-    nsCRT::free(cidStr);
-#endif
-
     nsresult rv = CheckXPCPermissions(nsnull, nsnull);
     if (NS_FAILED(rv))
 #ifdef XPC_IDISPATCH_SUPPORT
@@ -2426,14 +2515,6 @@ nsScriptSecurityManager::CanCreateInstance(JSContext *cx,
         errorMsg.Append(cidStr);
         JS_SetPendingException(cx,
                                STRING_TO_JSVAL(JS_NewStringCopyZ(cx, errorMsg.get())));
-
-#ifdef DEBUG_CAPS_CanCreateInstance
-        printf("DENIED\n");
-    }
-    else
-    {
-        printf("GRANTED\n");
-#endif
     }
     return rv;
 }
@@ -2442,10 +2523,10 @@ NS_IMETHODIMP
 nsScriptSecurityManager::CanGetService(JSContext *cx,
                                        const nsCID &aCID)
 {
-#ifdef DEBUG_CAPS_CanGetService
+#if 0
     char* cidStr = aCID.ToString();
     printf("### CanGetService(%s) ", cidStr);
-    nsCRT::free(cidStr);
+    PR_FREEIF(cidStr);
 #endif
 
     nsresult rv = CheckXPCPermissions(nsnull, nsnull);
@@ -2458,16 +2539,7 @@ nsScriptSecurityManager::CanGetService(JSContext *cx,
         errorMsg.Append(cidStr);
         JS_SetPendingException(cx,
                                STRING_TO_JSVAL(JS_NewStringCopyZ(cx, errorMsg.get())));
-
-#ifdef DEBUG_CAPS_CanGetService
-        printf("DENIED\n");
     }
-    else
-    {
-        printf("GRANTED\n");
-#endif
-    }
-
     return rv;
 }
 
@@ -2581,16 +2653,17 @@ nsScriptSecurityManager::nsScriptSecurityManager(void)
     : mOriginToPolicyMap(nsnull),
       mDefaultPolicy(nsnull),
       mCapabilities(nsnull),
+      mSystemPrincipal(nsnull), mPrincipals(nsnull),
       mIsJavaScriptEnabled(PR_FALSE),
       mIsMailJavaScriptEnabled(PR_FALSE),
       mIsWritingPrefs(PR_FALSE),
+      mNameSetRegistered(PR_FALSE),
       mPolicyPrefsChanged(PR_TRUE)
 #ifdef XPC_IDISPATCH_SUPPORT
       ,mXPCDefaultGrantAll(PR_FALSE)
 #endif
 {
     NS_ASSERTION(sizeof(long) == sizeof(void*), "long and void* have different lengths on this platform. This may cause a security failure.");
-    mPrincipals.Init(31);
 }
 
 
@@ -2607,12 +2680,6 @@ nsresult nsScriptSecurityManager::Init()
     nsresult rv = InitPrefs();
     NS_ENSURE_SUCCESS(rv, rv);
 
-    rv = CallGetService(NS_IOSERVICE_CONTRACTID, &sIOService);
-    NS_ENSURE_SUCCESS(rv, rv);
-
-    rv = CallGetService(nsIXPConnect::GetCID(), &sXPConnect);
-    NS_ENSURE_SUCCESS(rv, rv);
-
     nsCOMPtr<nsIStringBundleService> bundleService = do_GetService(NS_STRINGBUNDLE_CONTRACTID, &rv);
     NS_ENSURE_SUCCESS(rv, rv);
 
@@ -2647,6 +2714,8 @@ nsScriptSecurityManager::~nsScriptSecurityManager(void)
 {
     delete mOriginToPolicyMap;
     delete mDefaultPolicy;
+    NS_IF_RELEASE(mSystemPrincipal);
+    delete mPrincipals;
     delete mCapabilities;
     gScriptSecMan = nsnull;
 }
@@ -2656,8 +2725,6 @@ nsScriptSecurityManager::Shutdown()
 {
     sEnabledID = JSVAL_VOID;
 
-    NS_IF_RELEASE(sIOService);
-    NS_IF_RELEASE(sXPConnect);
     NS_IF_RELEASE(sStrBundle);
 }
 
@@ -2684,8 +2751,16 @@ nsScriptSecurityManager::GetScriptSecurityManager()
             return nsnull;
         }
  
-        rv = sXPConnect->SetDefaultSecurityManager(ssManager,
-                                                   nsIXPCSecurityManager::HOOK_ALL);
+        nsCOMPtr<nsIXPConnect> xpc = do_GetService(nsIXPConnect::GetCID(), &rv);
+        if (NS_FAILED(rv) || !xpc) {
+            NS_WARNING("Failed to get the XPConnect service");
+            delete ssManager;
+            return nsnull;
+        }
+ 
+            rv = xpc->SetDefaultSecurityManager(
+                        NS_STATIC_CAST(nsIXPCSecurityManager*, ssManager),
+                            nsIXPCSecurityManager::HOOK_ALL);
         if (NS_FAILED(rv)) {
             NS_WARNING("Failed to install xpconnect security manager!");
             delete ssManager;
@@ -2712,12 +2787,15 @@ nsScriptSecurityManager::SystemPrincipalSingletonConstructor()
 nsresult
 nsScriptSecurityManager::InitPolicies()
 {
+    nsresult rv;
+
     // Reset the "dirty" flag
     mPolicyPrefsChanged = PR_FALSE;
 
     // Clear any policies cached on XPConnect wrappers
-    NS_ENSURE_STATE(sXPConnect);
-    nsresult rv = sXPConnect->ClearAllWrappedNativeSecurityPolicies();
+    nsCOMPtr<nsIXPConnect> xpc(do_GetService(nsIXPConnect::GetCID(), &rv));
+    if (NS_FAILED(rv)) return rv;
+    rv = xpc->ClearAllWrappedNativeSecurityPolicies();
     if (NS_FAILED(rv)) return rv;
 
     //-- Reset mOriginToPolicyMap
@@ -2727,13 +2805,11 @@ nsScriptSecurityManager::InitPolicies()
 
     //-- Reset and initialize the default policy
     delete mDefaultPolicy;
-    mDefaultPolicy = new DomainPolicy();
+    mDefaultPolicy =
+      new DomainPolicy();
     if (!mOriginToPolicyMap || !mDefaultPolicy)
         return NS_ERROR_OUT_OF_MEMORY;
 
-    if (!mDefaultPolicy->Init())
-        return NS_ERROR_UNEXPECTED;
-
     //-- Initialize the table of security levels
     if (!mCapabilities)
     {
@@ -2789,12 +2865,6 @@ nsScriptSecurityManager::InitPolicies()
         if (!domainPolicy)
             return NS_ERROR_OUT_OF_MEMORY;
 
-        if (!domainPolicy->Init())
-        {
-            delete domainPolicy;
-            return NS_ERROR_UNEXPECTED;
-        }
-
         //-- Parse list of sites and create an entry in mOriginToPolicyMap for each
         char* domainStart = (char*)domainList.get();
         char* domainCurrent = domainStart;
@@ -2810,10 +2880,7 @@ nsScriptSecurityManager::InitPolicies()
                 nsCStringKey key(nextToLastDot ? nextToLastDot+1 : domainStart);
                 DomainEntry *newEntry = new DomainEntry(domainStart, domainPolicy);
                 if (!newEntry)
-                {
-                    delete domainPolicy;
                     return NS_ERROR_OUT_OF_MEMORY;
-                }
 #ifdef DEBUG
                 newEntry->mPolicyName_DEBUG = nameBegin;
 #endif
@@ -2856,11 +2923,10 @@ nsScriptSecurityManager::InitPolicies()
         }
 
         rv = InitDomainPolicy(cx, nameBegin, domainPolicy);
-        if (NS_FAILED(rv))
-            return rv;
+        NS_ENSURE_SUCCESS(rv, rv);
     }
 
-#ifdef DEBUG_CAPS_HACKER
+#ifdef DEBUG_mstoltz
     PrintPolicyDB();
 #endif
     return NS_OK;
@@ -2874,14 +2940,15 @@ nsScriptSecurityManager::InitDomainPolicy(JSContext* cx,
 {
     nsresult rv;
     nsCAutoString policyPrefix(sPolicyPrefix +
-                               nsDependentCString(aPolicyName) +
-                               NS_LITERAL_CSTRING("."));
+			       nsDependentCString(aPolicyName) +
+			       NS_LITERAL_CSTRING("."));
     PRUint32 prefixLength = policyPrefix.Length() - 1; // subtract the '.'
 
+    // XXX fix string use here.
     PRUint32 prefCount;
     char** prefNames;
     rv = mPrefBranch->GetChildList(policyPrefix.get(),
-                                   &prefCount, &prefNames);
+				   &prefCount, &prefNames);
     if (NS_FAILED(rv)) return rv;
     if (prefCount == 0)
         return NS_OK;
@@ -2891,14 +2958,14 @@ nsScriptSecurityManager::InitDomainPolicy(JSContext* cx,
     for (; currentPref < prefCount; currentPref++)
     {
         // Get the class name
-        const char* start = prefNames[currentPref] + prefixLength + 1;
+        const char* start = prefNames[currentPref] + prefixLength +1;
         char* end = PL_strchr(start, '.');
         if (!end) // malformed pref, bail on this one
             continue;
         static const char sitesStr[] = "sites";
 
-        // We dealt with "sites" in InitPolicies(), so no need to do
-        // that again...
+	// We dealt with "sites" in InitPolicies(), so no need to do
+	// that again...
         if (PL_strncmp(start, sitesStr, sizeof(sitesStr)-1) == 0)
             continue;
 
@@ -2934,9 +3001,9 @@ nsScriptSecurityManager::InitDomainPolicy(JSContext* cx,
         *end = '\0';
         // Find or store this class in the classes table
         ClassPolicy* cpolicy = 
-          NS_STATIC_CAST(ClassPolicy*,
-                         PL_DHashTableOperate(aDomainPolicy, start,
-                                              PL_DHASH_ADD));
+          NS_REINTERPRET_CAST(ClassPolicy*,
+                              PL_DHashTableOperate(aDomainPolicy, start,
+                                                   PL_DHASH_ADD));
         if (!cpolicy)
             break;
 
@@ -2959,9 +3026,9 @@ nsScriptSecurityManager::InitDomainPolicy(JSContext* cx,
         const void* ppkey =
           NS_REINTERPRET_CAST(const void*, STRING_TO_JSVAL(propertyKey));
         PropertyPolicy* ppolicy = 
-          NS_STATIC_CAST(PropertyPolicy*,
-                         PL_DHashTableOperate(cpolicy->mPolicy, ppkey,
-                                              PL_DHASH_ADD));
+          NS_REINTERPRET_CAST(PropertyPolicy*,
+                              PL_DHashTableOperate(cpolicy->mPolicy, ppkey,
+                                                   PL_DHASH_ADD));
         if (!ppolicy)
             break;
 
@@ -3054,20 +3121,23 @@ nsScriptSecurityManager::InitPrincipals(PRUint32 aPrefCount, const char** aPrefN
                                          getter_Copies(deniedPrefName));
         if (rv == NS_ERROR_OUT_OF_MEMORY)
             return rv;
-        if (NS_FAILED(rv))
+        else if (NS_FAILED(rv))
             continue;
 
-        nsXPIDLCString grantedList;
-        mSecurityPref->SecurityGetCharPref(grantedPrefName, getter_Copies(grantedList));
-        nsXPIDLCString deniedList;
-        mSecurityPref->SecurityGetCharPref(deniedPrefName, getter_Copies(deniedList));
+        char* grantedList = nsnull;
+        mSecurityPref->SecurityGetCharPref(grantedPrefName, &grantedList);
+        char* deniedList = nsnull;
+        mSecurityPref->SecurityGetCharPref(deniedPrefName, &deniedList);
 
         //-- Delete prefs if their value is the empty string
-        if (id.IsEmpty() || (grantedList.IsEmpty() && deniedList.IsEmpty()))
+        if ((!id || id[0] == '\0') ||
+            ((!grantedList || grantedList[0] == '\0') && (!deniedList || deniedList[0] == '\0')))
         {
             mSecurityPref->SecurityClearUserPref(aPrefNames[c]);
             mSecurityPref->SecurityClearUserPref(grantedPrefName);
             mSecurityPref->SecurityClearUserPref(deniedPrefName);
+            PR_FREEIF(grantedList);
+            PR_FREEIF(deniedList);
             continue;
         }
 
@@ -3075,68 +3145,74 @@ nsScriptSecurityManager::InitPrincipals(PRUint32 aPrefCount, const char** aPrefN
         static const char certificateName[] = "capability.principal.certificate";
         static const char codebaseName[] = "capability.principal.codebase";
         static const char codebaseTrustedName[] = "capability.principal.codebaseTrusted";
-
-        PRBool isCert = PR_FALSE;
-        PRBool isTrusted = PR_FALSE;
-        
-        if (PL_strncmp(aPrefNames[c], certificateName,
-                       sizeof(certificateName) - 1) == 0)
-        {
-            isCert = PR_TRUE;
-        }
-        else if (PL_strncmp(aPrefNames[c], codebaseName,
-                            sizeof(codebaseName) - 1) == 0)
-        {
-            isTrusted = (PL_strncmp(aPrefNames[c], codebaseTrustedName,
-                                    sizeof(codebaseTrustedName) - 1) == 0);
-        }
-        else
-        {
-          NS_ERROR("Not a codebase or a certificate?!");
-        }
-
         nsCOMPtr<nsIPrincipal> principal;
-        nsRefPtr<nsPrincipal> newPrincipal = new nsPrincipal();
-        if (newPrincipal)
+        if (PL_strncmp(aPrefNames[c], certificateName,
+                       sizeof(certificateName)-1) == 0)
         {
-            rv = newPrincipal->InitFromPersistent(aPrefNames[c], id,
-                                                  grantedList, deniedList,
-                                                  isCert, isTrusted);
-            if (NS_SUCCEEDED(rv))
-                principal = do_QueryInterface(newPrincipal);
+            nsCertificatePrincipal *certificate = new nsCertificatePrincipal();
+            if (certificate) {
+                NS_ADDREF(certificate);
+                if (NS_SUCCEEDED(certificate->InitFromPersistent(aPrefNames[c], id,
+                                                                 grantedList, deniedList)))
+                    principal = do_QueryInterface((nsBasePrincipal*)certificate);
+                NS_RELEASE(certificate);
+            }
+        } else if(PL_strncmp(aPrefNames[c], codebaseName,
+                             sizeof(codebaseName)-1) == 0)
+        {
+            nsCodebasePrincipal *codebase = new nsCodebasePrincipal();
+            if (codebase) {
+                NS_ADDREF(codebase);
+                PRBool trusted = (PL_strncmp(aPrefNames[c], codebaseTrustedName,
+                                             sizeof(codebaseTrustedName)-1) == 0);
+                if (NS_SUCCEEDED(codebase->InitFromPersistent(aPrefNames[c], id,
+                                                              grantedList, deniedList,
+                                                              trusted)))
+                    principal = do_QueryInterface((nsBasePrincipal*)codebase);
+                NS_RELEASE(codebase);
+            }
         }
+        PR_FREEIF(grantedList);
+        PR_FREEIF(deniedList);
 
         if (principal)
-            mPrincipals.Put(principal, principal);
+        {
+            if (!mPrincipals)
+            {
+                mPrincipals = new nsSupportsHashtable(31);
+                if (!mPrincipals)
+                    return NS_ERROR_OUT_OF_MEMORY;
+            }
+            nsIPrincipalKey key(principal);
+            mPrincipals->Put(&key, principal);
+        }
     }
     return NS_OK;
 }
 
-const char nsScriptSecurityManager::sJSEnabledPrefName[] =
-    "javascript.enabled";
-const char nsScriptSecurityManager::sJSMailEnabledPrefName[] =
-    "javascript.allow.mailnews";
+const char* nsScriptSecurityManager::sJSEnabledPrefName = "javascript.enabled";
+const char* nsScriptSecurityManager::sJSMailEnabledPrefName = "javascript.allow.mailnews";
 #ifdef XPC_IDISPATCH_SUPPORT
-const char nsScriptSecurityManager::sXPCDefaultGrantAllName[] =
-    "security.classID.allowByDefault";
+const char* nsScriptSecurityManager::sXPCDefaultGrantAllName =
+                "security.classID.allowByDefault";
 #endif
-
 inline void
 nsScriptSecurityManager::JSEnabledPrefChanged(nsISecurityPref* aSecurityPref)
 {
-    PRBool temp;
-    nsresult rv = mSecurityPref->SecurityGetBoolPref(sJSEnabledPrefName, &temp);
-    // JavaScript defaults to enabled in failure cases.
-    mIsJavaScriptEnabled = NS_FAILED(rv) || temp;
-
-    rv = mSecurityPref->SecurityGetBoolPref(sJSMailEnabledPrefName, &temp);
-    // JavaScript in Mail defaults to enabled in failure cases.
-    mIsMailJavaScriptEnabled = NS_FAILED(rv) || temp;
+    if (NS_FAILED(mSecurityPref->SecurityGetBoolPref(sJSEnabledPrefName,
+                                                     &mIsJavaScriptEnabled)))
+        // Default to enabled.
+        mIsJavaScriptEnabled = PR_TRUE;
 
+    if (NS_FAILED(mSecurityPref->SecurityGetBoolPref(sJSMailEnabledPrefName,
+                                                     &mIsMailJavaScriptEnabled)))
+        // Default to enabled.
+        mIsMailJavaScriptEnabled = PR_TRUE;
 #ifdef XPC_IDISPATCH_SUPPORT
-    rv = mSecurityPref->SecurityGetBoolPref(sXPCDefaultGrantAllName, &temp);
-    // Granting XPC Priveleges defaults to disabled in failure cases.
-    mXPCDefaultGrantAll = NS_SUCCEEDED(rv) && temp;
+    if (NS_FAILED(mSecurityPref->SecurityGetBoolPref(sXPCDefaultGrantAllName,
+                                                     &mXPCDefaultGrantAll)))
+        // Default to disabled.
+        mXPCDefaultGrantAll = PR_FALSE;
 #endif
 }
 
@@ -3183,7 +3259,7 @@ nsScriptSecurityManager::InitPrefs()
 
 ///////////////////////////////////////////////////////////////////////////////
 // The following code prints the contents of the policy DB to the console.
-#ifdef DEBUG_CAPS_HACKER
+#ifdef DEBUG_mstoltz
 
 //typedef PLDHashOperator
 //(* PR_CALLBACK PLDHashEnumerator)(PLDHashTable *table, PLDHashEntryHdr *hdr,
diff --git a/mozilla/caps/src/nsSecurityManagerFactory.cpp b/mozilla/caps/src/nsSecurityManagerFactory.cpp
index 39add47548f..2d4eb8c2023 100644
--- a/mozilla/caps/src/nsSecurityManagerFactory.cpp
+++ b/mozilla/caps/src/nsSecurityManagerFactory.cpp
@@ -43,7 +43,9 @@
 #include "nsIScriptSecurityManager.h"
 #include "nsScriptSecurityManager.h"
 #include "nsIPrincipal.h"
-#include "nsPrincipal.h"
+#include "nsAggregatePrincipal.h"
+#include "nsCertificatePrincipal.h"
+#include "nsCodebasePrincipal.h"
 #include "nsSystemPrincipal.h"
 #include "nsIScriptNameSpaceManager.h"
 #include "nsIScriptExternalNameSet.h"
@@ -232,8 +234,8 @@ netscape_security_invalidate(JSContext *cx, JSObject *obj, uintN argc,
 
     //    NS_ASSERTION(cx == GetCurrentContext(), "unexpected context");
 
-    rv = securityManager->SetCanEnableCapability(principalID,
-                                                 nsPrincipal::sInvalid,
+    rv = securityManager->SetCanEnableCapability(principalID, 
+                                                 nsBasePrincipal::Invalid,
                                                  nsIPrincipal::ENABLE_GRANTED);
     if (NS_FAILED(rv))
         return JS_FALSE;
@@ -308,13 +310,17 @@ nsSecurityNameSet::InitializeNameSet(nsIScriptContext* aScriptContext)
 
 
 
-NS_GENERIC_FACTORY_CONSTRUCTOR(nsPrincipal)
+NS_GENERIC_FACTORY_CONSTRUCTOR(nsAggregatePrincipal)
+NS_GENERIC_FACTORY_CONSTRUCTOR(nsCertificatePrincipal)
+NS_GENERIC_FACTORY_CONSTRUCTOR(nsCodebasePrincipal)
 NS_GENERIC_FACTORY_CONSTRUCTOR(nsSecurityNameSet)
 NS_GENERIC_FACTORY_SINGLETON_CONSTRUCTOR(nsSystemPrincipal,
     nsScriptSecurityManager::SystemPrincipalSingletonConstructor)
 
 
-NS_DECL_CLASSINFO(nsPrincipal)
+NS_DECL_CLASSINFO(nsAggregatePrincipal)
+NS_DECL_CLASSINFO(nsCertificatePrincipal)
+NS_DECL_CLASSINFO(nsCodebasePrincipal)
 NS_DECL_CLASSINFO(nsSystemPrincipal)
 
 
@@ -382,16 +388,42 @@ static const nsModuleComponentInfo capsComponentInfo[] =
       nsIClassInfo::MAIN_THREAD_ONLY
     },
 
-    { NS_PRINCIPAL_CLASSNAME, 
-      NS_PRINCIPAL_CID, 
-      NS_PRINCIPAL_CONTRACTID,
-      nsPrincipalConstructor,
+    { NS_AGGREGATEPRINCIPAL_CLASSNAME, 
+      NS_AGGREGATEPRINCIPAL_CID, 
+      NS_AGGREGATEPRINCIPAL_CONTRACTID,
+      nsAggregatePrincipalConstructor,
       nsnull,
       nsnull,
       nsnull,
-      NS_CI_INTERFACE_GETTER_NAME(nsPrincipal),
+      NS_CI_INTERFACE_GETTER_NAME(nsAggregatePrincipal),
       nsnull,
-      &NS_CLASSINFO_NAME(nsPrincipal),
+      &NS_CLASSINFO_NAME(nsAggregatePrincipal),
+      nsIClassInfo::MAIN_THREAD_ONLY | nsIClassInfo::EAGER_CLASSINFO
+    },
+
+    { NS_CERTIFICATEPRINCIPAL_CLASSNAME, 
+      NS_CERTIFICATEPRINCIPAL_CID, 
+      NS_CERTIFICATEPRINCIPAL_CONTRACTID,
+      nsCertificatePrincipalConstructor,
+      nsnull,
+      nsnull,
+      nsnull,
+      NS_CI_INTERFACE_GETTER_NAME(nsCertificatePrincipal),
+      nsnull,
+      &NS_CLASSINFO_NAME(nsCertificatePrincipal),
+      nsIClassInfo::MAIN_THREAD_ONLY | nsIClassInfo::EAGER_CLASSINFO
+    },
+
+    { NS_CODEBASEPRINCIPAL_CLASSNAME, 
+      NS_CODEBASEPRINCIPAL_CID, 
+      NS_CODEBASEPRINCIPAL_CONTRACTID,
+      nsCodebasePrincipalConstructor,
+      nsnull,
+      nsnull,
+      nsnull,
+      NS_CI_INTERFACE_GETTER_NAME(nsCodebasePrincipal),
+      nsnull,
+      &NS_CLASSINFO_NAME(nsCodebasePrincipal),
       nsIClassInfo::MAIN_THREAD_ONLY | nsIClassInfo::EAGER_CLASSINFO
     },
 
diff --git a/mozilla/caps/src/nsSystemPrincipal.cpp b/mozilla/caps/src/nsSystemPrincipal.cpp
index a30c01c4ac5..c5095037fc8 100644
--- a/mozilla/caps/src/nsSystemPrincipal.cpp
+++ b/mozilla/caps/src/nsSystemPrincipal.cpp
@@ -47,53 +47,40 @@
 #include "nsXPIDLString.h"
 #include "nsReadableUtils.h"
 #include "nsCRT.h"
-#include "nsString.h"
 
 
-NS_IMPL_QUERY_INTERFACE2_CI(nsSystemPrincipal,
-                            nsIPrincipal,
-                            nsISerializable)
-NS_IMPL_CI_INTERFACE_GETTER2(nsSystemPrincipal,
-                             nsIPrincipal,
-                             nsISerializable)
+NS_IMPL_QUERY_INTERFACE2_CI(nsSystemPrincipal, nsIPrincipal, nsISerializable)
+NS_IMPL_CI_INTERFACE_GETTER2(nsSystemPrincipal, nsIPrincipal, nsISerializable)
 
-NS_IMETHODIMP_(nsrefcnt) 
-nsSystemPrincipal::AddRef()
-{
-  NS_PRECONDITION(PRInt32(mJSPrincipals.refcount) >= 0, "illegal refcnt");
-  nsrefcnt count = PR_AtomicIncrement((PRInt32 *)&mJSPrincipals.refcount);
-  NS_LOG_ADDREF(this, count, "nsSystemPrincipal", sizeof(*this));
-  return count;
-}
-
-NS_IMETHODIMP_(nsrefcnt)
-nsSystemPrincipal::Release()
-{
-  NS_PRECONDITION(0 != mJSPrincipals.refcount, "dup release");
-  nsrefcnt count = PR_AtomicDecrement((PRInt32 *)&mJSPrincipals.refcount);
-  NS_LOG_RELEASE(this, count, "nsSystemPrincipal");
-  if (count == 0) {
-    NS_DELETEXPCOM(this);
-  }
-
-  return count;
-}
+NSBASEPRINCIPALS_ADDREF(nsSystemPrincipal);
+NSBASEPRINCIPALS_RELEASE(nsSystemPrincipal);
 
 
 ///////////////////////////////////////
 // Methods implementing nsIPrincipal //
 ///////////////////////////////////////
 
+NS_IMETHODIMP
+nsSystemPrincipal::ToString(char **result)
+{
+    nsAutoString buf;
+    buf.Assign(NS_LITERAL_STRING("[System]"));
+
+    *result = ToNewCString(buf);
+    return *result ? NS_OK : NS_ERROR_OUT_OF_MEMORY;
+}
+
+NS_IMETHODIMP
+nsSystemPrincipal::ToUserVisibleString(char **result)
+{
+    return ToString(result);
+}
+
 NS_IMETHODIMP
 nsSystemPrincipal::GetPreferences(char** aPrefName, char** aID, 
                                   char** aGrantedList, char** aDeniedList)
 {
     // The system principal should never be streamed out
-    *aPrefName = nsnull;
-    *aID = nsnull;
-    *aGrantedList = nsnull;
-    *aDeniedList = nsnull;
-
     return NS_ERROR_FAILURE; 
 }
 
@@ -105,7 +92,7 @@ nsSystemPrincipal::Equals(nsIPrincipal *other, PRBool *result)
 }
 
 NS_IMETHODIMP
-nsSystemPrincipal::GetHashValue(PRUint32 *result)
+nsSystemPrincipal::HashValue(PRUint32 *result)
 {
     *result = NS_PTR_TO_INT32(this);
     return NS_OK;
@@ -140,14 +127,12 @@ nsSystemPrincipal::IsCapabilityEnabled(const char *capability,
 NS_IMETHODIMP 
 nsSystemPrincipal::EnableCapability(const char *capability, void **annotation)
 {
-    *annotation = nsnull;
     return NS_OK;
 }
 
 NS_IMETHODIMP 
 nsSystemPrincipal::RevertCapability(const char *capability, void **annotation)
 {
-    *annotation = nsnull;
     return NS_OK;
 }
 
@@ -156,104 +141,9 @@ nsSystemPrincipal::DisableCapability(const char *capability, void **annotation)
 {
     // Can't disable the capabilities of the system principal.
     // XXX might be handy to be able to do so!
-    *annotation = nsnull;
     return NS_ERROR_FAILURE;
 }
 
-NS_IMETHODIMP 
-nsSystemPrincipal::GetURI(nsIURI** aURI)
-{
-    *aURI = nsnull;
-    return NS_OK;
-}
-
-NS_IMETHODIMP 
-nsSystemPrincipal::SetURI(nsIURI* aURI)
-{
-    return NS_OK;
-}
-
-NS_IMETHODIMP 
-nsSystemPrincipal::GetOrigin(char** aOrigin)
-{
-    *aOrigin = ToNewCString(NS_LITERAL_CSTRING("[System]"));
-    return *aOrigin ? NS_OK : NS_ERROR_OUT_OF_MEMORY;
-}
-
-NS_IMETHODIMP 
-nsSystemPrincipal::SetCertificateID(const char* aID)
-{
-    return NS_OK;
-}
-
-
-NS_IMETHODIMP 
-nsSystemPrincipal::GetCertificateID(char** aID)
-{
-    *aID = nsnull;
-    return NS_OK;
-}
-
-NS_IMETHODIMP 
-nsSystemPrincipal::GetCommonName(char** aName)
-{
-    *aName = nsnull;
-    return NS_OK;
-}
-
-NS_IMETHODIMP 
-nsSystemPrincipal::SetCommonName(const char* aName)
-{
-    return NS_OK;
-}
-
-NS_IMETHODIMP 
-nsSystemPrincipal::GetHasCertificate(PRBool* aResult)
-{
-    *aResult = PR_FALSE;
-    return NS_OK;
-}
-
-NS_IMETHODIMP
-nsSystemPrincipal::GetDomain(nsIURI** aDomain)
-{
-    *aDomain = nsnull;
-    return NS_OK;
-}
-
-NS_IMETHODIMP
-nsSystemPrincipal::SetDomain(nsIURI* aDomain)
-{
-  return NS_OK;
-}
-
-NS_IMETHODIMP
-nsSystemPrincipal::GetSecurityPolicy(void** aSecurityPolicy)
-{
-    *aSecurityPolicy = nsnull;
-    return NS_OK;
-}
-
-NS_IMETHODIMP
-nsSystemPrincipal::SetSecurityPolicy(void* aSecurityPolicy)
-{
-    return NS_OK;
-}
-
-NS_IMETHODIMP
-nsSystemPrincipal::GetJsPrincipals(JSPrincipals **jsprin)
-{
-    if (mJSPrincipals.nsIPrincipalPtr == nsnull) {
-        mJSPrincipals.nsIPrincipalPtr = this;
-        // No need for a ADDREF since it is a self-reference
-    }
-
-    *jsprin = &mJSPrincipals;
-    JSPRINCIPALS_HOLD(cx, *jsprin);
-    return NS_OK;
-}
-
-
 //////////////////////////////////////////
 // Methods implementing nsISerializable //
 //////////////////////////////////////////
@@ -280,7 +170,7 @@ nsSystemPrincipal::nsSystemPrincipal()
 {
 }
 
-nsresult
+NS_IMETHODIMP
 nsSystemPrincipal::Init()
 {
     char *codebase = nsCRT::strdup("[System Principal]");
diff --git a/mozilla/content/base/src/nsDocument.cpp b/mozilla/content/base/src/nsDocument.cpp
index e0087b41372..6d24834dec7 100644
--- a/mozilla/content/base/src/nsDocument.cpp
+++ b/mozilla/content/base/src/nsDocument.cpp
@@ -87,7 +87,7 @@
 #include "nsNetUtil.h"     // for NS_MakeAbsoluteURI
 
 #include "nsIScriptSecurityManager.h"
-#include "nsIPrincipal.h"
+#include "nsIAggregatePrincipal.h"
 #include "nsIPrivateDOMImplementation.h"
 
 #include "nsIDOMWindowInternal.h"
@@ -844,22 +844,18 @@ nsDocument::GetPrincipal(nsIPrincipal **aPrincipal)
 NS_IMETHODIMP
 nsDocument::AddPrincipal(nsIPrincipal *aNewPrincipal)
 {
-  NS_PRECONDITION(aNewPrincipal, "Null principal!");
-
+  nsresult rv;
   if (!mPrincipal) {
     nsCOMPtr<nsIPrincipal> principal;
-    nsresult rv = GetPrincipal(getter_AddRefs(principal));
+    rv = GetPrincipal(getter_AddRefs(principal));
     NS_ENSURE_SUCCESS(rv, rv);
   }
 
-  PRBool hasCert;
-  mPrincipal->GetHasCertificate(&hasCert);
-  if (hasCert) {
-    PRBool equal;
-    mPrincipal->Equals(aNewPrincipal, &equal);
-    if (!equal) {
-      mPrincipal->SetCertificateID(nsnull);
-    }
+  nsCOMPtr<nsIAggregatePrincipal> agg(do_QueryInterface(mPrincipal, &rv));
+  if (NS_SUCCEEDED(rv)) {
+    rv = agg->Intersect(aNewPrincipal);
+    if (NS_FAILED(rv))
+      return rv;
   }
 
   return NS_OK;
diff --git a/mozilla/content/base/src/nsFrameLoader.cpp b/mozilla/content/base/src/nsFrameLoader.cpp
index 93f83b3f13f..7ee7994e823 100644
--- a/mozilla/content/base/src/nsFrameLoader.cpp
+++ b/mozilla/content/base/src/nsFrameLoader.cpp
@@ -59,6 +59,7 @@
 #include "nsIWebShell.h"
 
 #include "nsIScriptSecurityManager.h"
+#include "nsICodebasePrincipal.h"
 
 #include "nsIURI.h"
 #include "nsIURL.h"
@@ -202,8 +203,12 @@ nsFrameLoader::LoadFrame()
   // If we were called from script, get the referring URL from the script
 
   if (principal) {
-    rv = principal->GetURI(getter_AddRefs(referrer));
-    NS_ENSURE_SUCCESS(rv, rv);
+    nsCOMPtr<nsICodebasePrincipal> codebase(do_QueryInterface(principal));
+
+    if (codebase) {
+      rv = codebase->GetURI(getter_AddRefs(referrer));
+      NS_ENSURE_SUCCESS(rv, rv);
+    }
 
     // Pass the script principal to the docshell
 
diff --git a/mozilla/content/base/src/nsGenericElement.cpp b/mozilla/content/base/src/nsGenericElement.cpp
index 34c60b10839..e3c83a26925 100644
--- a/mozilla/content/base/src/nsGenericElement.cpp
+++ b/mozilla/content/base/src/nsGenericElement.cpp
@@ -74,7 +74,7 @@
 #include "nsINameSpaceManager.h"
 #include "nsContentList.h"
 #include "nsDOMError.h"
-#include "nsIScriptSecurityManager.h"
+#include "nsScriptSecurityManager.h"
 #include "nsIDOMMutationEvent.h"
 #include "nsMutationEvent.h"
 
diff --git a/mozilla/content/base/src/nsNodeInfoManager.cpp b/mozilla/content/base/src/nsNodeInfoManager.cpp
index 2be66f2e581..57bb093f030 100644
--- a/mozilla/content/base/src/nsNodeInfoManager.cpp
+++ b/mozilla/content/base/src/nsNodeInfoManager.cpp
@@ -43,7 +43,6 @@
 #include "nsIAtom.h"
 #include "nsIDocument.h"
 #include "nsIPrincipal.h"
-#include "nsIURI.h"
 #include "nsISupportsArray.h"
 #include "nsContentUtils.h"
 
diff --git a/mozilla/content/base/src/nsNodeInfoManager.h b/mozilla/content/base/src/nsNodeInfoManager.h
index 360907e4730..d91b2722acc 100644
--- a/mozilla/content/base/src/nsNodeInfoManager.h
+++ b/mozilla/content/base/src/nsNodeInfoManager.h
@@ -42,10 +42,10 @@
 #include "nsINodeInfo.h"
 #include "nsCOMPtr.h"
 #include "plhash.h"
+#include "nsIURI.h"
+#include "nsIPrincipal.h"
 
 class nsNodeInfo;
-class nsIPrincipal;
-class nsIURI;
 
 
 class nsNodeInfoManager : public nsINodeInfoManager
diff --git a/mozilla/content/base/src/nsRange.cpp b/mozilla/content/base/src/nsRange.cpp
index ce4633a115f..d71dac56875 100644
--- a/mozilla/content/base/src/nsRange.cpp
+++ b/mozilla/content/base/src/nsRange.cpp
@@ -61,7 +61,7 @@
 #include "nsParserCIID.h"
 #include "nsIHTMLFragmentContentSink.h"
 #include "nsIEnumerator.h"
-#include "nsIScriptSecurityManager.h"
+#include "nsScriptSecurityManager.h"
 #include "nsIScriptGlobalObject.h"
 #include "nsIScriptContext.h"
 #include "nsIHTMLDocument.h"
diff --git a/mozilla/content/base/src/nsScriptLoader.cpp b/mozilla/content/base/src/nsScriptLoader.cpp
index a67b9de0fc0..add73f16db7 100644
--- a/mozilla/content/base/src/nsScriptLoader.cpp
+++ b/mozilla/content/base/src/nsScriptLoader.cpp
@@ -875,16 +875,18 @@ nsScriptLoader::OnStreamComplete(nsIStreamLoader* aLoader,
     if (channel) {
       nsCOMPtr<nsISupports> owner;
       channel->GetOwner(getter_AddRefs(owner));
-      nsCOMPtr<nsIPrincipal> principal = do_QueryInterface(owner);
-
-      if (principal) {
-        rv = mDocument->AddPrincipal(principal);
-        if (NS_FAILED(rv)) {
-          mPendingRequests.RemoveObject(request);
-          FireScriptAvailable(rv, request, NS_LITERAL_STRING(""));
-          ProcessPendingReqests();
-          return NS_OK;
-        }
+      nsCOMPtr<nsIPrincipal> prin;
+      
+      if (owner) {
+        prin = do_QueryInterface(owner, &rv);
+      }
+      
+      rv = mDocument->AddPrincipal(prin);
+      if (NS_FAILED(rv)) {
+        mPendingRequests.RemoveObject(request);
+        FireScriptAvailable(rv, request, NS_LITERAL_STRING(""));
+        ProcessPendingReqests();
+        return NS_OK;
       }
     }
   }
diff --git a/mozilla/content/events/src/nsEventListenerManager.h b/mozilla/content/events/src/nsEventListenerManager.h
index a7b32b2a1f6..fe143e7e87f 100644
--- a/mozilla/content/events/src/nsEventListenerManager.h
+++ b/mozilla/content/events/src/nsEventListenerManager.h
@@ -42,6 +42,7 @@
 #include "nsIEventListenerManager.h"
 #include "jsapi.h"
 #include "nsCOMPtr.h"
+#include "nsIPrincipal.h"
 #include "nsIDOMEventReceiver.h"
 #include "nsIDOM3EventTarget.h"
 #include "nsHashtable.h"
diff --git a/mozilla/content/html/document/src/nsHTMLContentSink.cpp b/mozilla/content/html/document/src/nsHTMLContentSink.cpp
index cae4c4f5492..28b5a144110 100644
--- a/mozilla/content/html/document/src/nsHTMLContentSink.cpp
+++ b/mozilla/content/html/document/src/nsHTMLContentSink.cpp
@@ -116,6 +116,8 @@
 #include "nsVoidArray.h"
 #include "nsIScriptSecurityManager.h"
 #include "nsIPrincipal.h"
+#include "nsICodebasePrincipal.h"
+#include "nsIAggregatePrincipal.h"
 #include "nsTextFragment.h"
 #include "nsIScriptGlobalObject.h"
 #include "nsIScriptGlobalObjectOwner.h"
@@ -5184,16 +5186,25 @@ HTMLContentSink::ProcessHeaderData(nsIAtom* aHeader, const nsAString& aValue,
       return rv;
     }
 
-    nsCOMPtr<nsIURI> codebaseURI;
-    docPrincipal->GetURI(getter_AddRefs(codebaseURI));
+    nsCOMPtr<nsIAggregatePrincipal> agg(do_QueryInterface(docPrincipal, &rv));
+    // Document principal should always be an aggregate
+    NS_ENSURE_SUCCESS(rv, rv);
 
-    if (!codebaseURI) {
+    nsCOMPtr<nsIPrincipal> originalPrincipal;
+    rv = agg->GetOriginalCodebase(getter_AddRefs(originalPrincipal));
+    nsCOMPtr<nsICodebasePrincipal> originalCodebase =
+      do_QueryInterface(originalPrincipal, &rv);
+    if (NS_FAILED(rv)) {
       // Document's principal is not a codebase (may be system), so
       // can't set cookies
 
       return NS_OK;
     }
 
+    nsCOMPtr<nsIURI> codebaseURI;
+    rv = originalCodebase->GetURI(getter_AddRefs(codebaseURI));
+    NS_ENSURE_SUCCESS(rv, rv);
+
     char *cookie = ToNewUTF8String(aValue);
     nsCOMPtr<nsIScriptGlobalObject> globalObj;
     nsCOMPtr<nsIPrompt> prompt;
diff --git a/mozilla/content/html/document/src/nsHTMLDocument.cpp b/mozilla/content/html/document/src/nsHTMLDocument.cpp
index 79b75b5916b..70da9bf7cef 100644
--- a/mozilla/content/html/document/src/nsHTMLDocument.cpp
+++ b/mozilla/content/html/document/src/nsHTMLDocument.cpp
@@ -85,7 +85,8 @@
 #include "nsIXPConnect.h"
 #include "nsContentList.h"
 #include "nsDOMError.h"
-#include "nsIPrincipal.h"
+#include "nsICodebasePrincipal.h"
+#include "nsIAggregatePrincipal.h"
 #include "nsIScriptSecurityManager.h"
 #include "nsIScrollableView.h"
 
@@ -1896,10 +1897,11 @@ nsHTMLDocument::GetDomainURI(nsIURI **aURI)
   if (NS_FAILED(GetPrincipal(getter_AddRefs(principal))))
     return;
 
-  principal->GetDomain(aURI);
-  if (!*aURI) {
-    principal->GetURI(aURI);
-  }
+  nsCOMPtr<nsICodebasePrincipal> codebase = do_QueryInterface(principal);
+  if (!codebase)
+    return;
+
+  codebase->GetURI(aURI);
 }
 
 
@@ -1971,10 +1973,27 @@ nsHTMLDocument::SetDomain(const nsAString& aDomain)
   if (NS_FAILED(NS_NewURI(getter_AddRefs(newURI), newURIString)))
     return NS_ERROR_FAILURE;
 
-  nsresult rv = mPrincipal->SetDomain(newURI);
+  // Get codebase principal
+  nsresult rv;
+  nsCOMPtr<nsIScriptSecurityManager> securityManager =
+           do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
+  if (NS_FAILED(rv))
+    return NS_ERROR_FAILURE;
+  nsCOMPtr<nsIPrincipal> newCodebase;
+  rv = securityManager->GetCodebasePrincipal(newURI,
+                                             getter_AddRefs(newCodebase));
+    if (NS_FAILED(rv))
+    return NS_ERROR_FAILURE;
+  nsCOMPtr<nsIAggregatePrincipal> agg = do_QueryInterface(mPrincipal, &rv);
+  NS_ASSERTION(NS_SUCCEEDED(rv), "Principal not an aggregate.");
+  if (NS_FAILED(rv))
+    return NS_ERROR_FAILURE;
+
+  rv = agg->SetCodebase(newCodebase);
 
   // Bug 13871: Frameset spoofing - note that document.domain was set
   if (NS_SUCCEEDED(rv)) {
+    agg->SetDomainChanged(PR_TRUE);
     mDomainWasSet = PR_TRUE;
   }
 
@@ -2238,16 +2257,23 @@ nsHTMLDocument::GetCookie(nsAString& aCookie)
   if (service) {
     // Get a URI from the document principal. We use the original
     // codebase in case the codebase was changed by SetDomain
-    nsCOMPtr<nsIURI> codebaseURI;
-    mPrincipal->GetURI(getter_AddRefs(codebaseURI));
-
-    if (!codebaseURI) {
-      // Document's principal is not a codebase (may be system), so
-      // can't set cookies
+    nsCOMPtr<nsIAggregatePrincipal> agg(do_QueryInterface(mPrincipal, &rv));
+    // Document principal should always be an aggregate
+    NS_ENSURE_SUCCESS(rv, rv);
 
+    nsCOMPtr<nsIPrincipal> originalPrincipal;
+    rv = agg->GetOriginalCodebase(getter_AddRefs(originalPrincipal));
+    nsCOMPtr<nsICodebasePrincipal> originalCodebase(
+        do_QueryInterface(originalPrincipal, &rv));
+    if (NS_FAILED(rv)) {
+      // Document's principal is not a codebase, so can't get cookies
       return NS_OK;
     }
 
+    nsCOMPtr<nsIURI> codebaseURI;
+    rv = originalCodebase->GetURI(getter_AddRefs(codebaseURI));
+    NS_ENSURE_SUCCESS(rv, rv);
+
     nsXPIDLCString cookie;
       rv = service->GetCookieString(codebaseURI, mChannel, getter_Copies(cookie));
     if (NS_SUCCEEDED(rv) && cookie)
@@ -2283,16 +2309,25 @@ nsHTMLDocument::SetCookie(const nsAString& aCookie)
       }
     }
 
-    nsCOMPtr<nsIURI> codebaseURI;
-    mPrincipal->GetURI(getter_AddRefs(codebaseURI));
-
-    if (!codebaseURI) {
-      // Document's principal is not a codebase (may be system), so
-      // can't set cookies
+    // Get a URI from the document principal. We use the original
+    // codebase in case the codebase was changed by SetDomain
+    nsCOMPtr<nsIAggregatePrincipal> agg(do_QueryInterface(mPrincipal, &rv));
+    // Document principal should always be an aggregate
+    NS_ENSURE_SUCCESS(rv, rv);
 
+    nsCOMPtr<nsIPrincipal> originalPrincipal;
+    rv = agg->GetOriginalCodebase(getter_AddRefs(originalPrincipal));
+    nsCOMPtr<nsICodebasePrincipal> originalCodebase(
+        do_QueryInterface(originalPrincipal, &rv));
+    if (NS_FAILED(rv)) {
+      // Document's principal is not a codebase, so can't set cookies
       return NS_OK;
     }
 
+    nsCOMPtr<nsIURI> codebaseURI;
+    rv = originalCodebase->GetURI(getter_AddRefs(codebaseURI));
+    NS_ENSURE_SUCCESS(rv, rv);
+
     rv = NS_ERROR_OUT_OF_MEMORY;
     char* cookie = ToNewCString(aCookie);
     if (cookie) {
@@ -2668,12 +2703,19 @@ nsHTMLDocument::ScriptWriteCommon(PRBool aNewlineTerminate)
     rv = secMan->GetSubjectPrincipal(getter_AddRefs(subject));
     NS_ENSURE_SUCCESS(rv, rv);
 
-    if (subject) {
-      nsCOMPtr<nsIURI> subjectURI;
-      subject->GetURI(getter_AddRefs(subjectURI));
+    // why is the above code duplicated below???
+    rv = secMan->GetSubjectPrincipal(getter_AddRefs(subject));
+    NS_ENSURE_SUCCESS(rv, rv);
+
+    if (subject) {
+      nsCOMPtr<nsICodebasePrincipal> codebase = do_QueryInterface(subject);
+      if (codebase) {
+        nsCOMPtr<nsIURI> subjectURI;
+        rv = codebase->GetURI(getter_AddRefs(subjectURI));
+        NS_ENSURE_SUCCESS(rv, rv);
 
-      if (subjectURI) {
         mDocumentURL = subjectURI;
+
         mPrincipal = subject;
       }
     }
diff --git a/mozilla/content/xml/document/src/nsXMLContentSink.cpp b/mozilla/content/xml/document/src/nsXMLContentSink.cpp
index 4a58dae7daf..1323b9efffc 100644
--- a/mozilla/content/xml/document/src/nsXMLContentSink.cpp
+++ b/mozilla/content/xml/document/src/nsXMLContentSink.cpp
@@ -98,6 +98,8 @@
 #include "nsIChannel.h"
 #include "nsIHttpChannel.h"
 #include "nsIPrincipal.h"
+#include "nsIAggregatePrincipal.h"
+#include "nsICodebasePrincipal.h"
 #include "nsXBLAtoms.h"
 #include "nsXMLPrettyPrinter.h"
 
@@ -1072,19 +1074,25 @@ nsXMLContentSink::ProcessHeaderData(nsIAtom* aHeader,const nsAString& aValue,nsI
     // We use the original codebase in case the codebase was changed by SetDomain
     nsCOMPtr<nsIPrincipal> docPrincipal;
     rv = mDocument->GetPrincipal(getter_AddRefs(docPrincipal));
-    if (NS_FAILED(rv) || !docPrincipal) {
-      return rv;
+    if (NS_FAILED(rv)) return rv;
+    if (!docPrincipal) return NS_OK;
+
+    nsCOMPtr<nsIAggregatePrincipal> agg(do_QueryInterface(docPrincipal, &rv));
+    // Document principal should always be an aggregate
+    NS_ENSURE_SUCCESS(rv, rv);
+
+    nsCOMPtr<nsIPrincipal> originalPrincipal;
+    rv = agg->GetOriginalCodebase(getter_AddRefs(originalPrincipal));
+    nsCOMPtr<nsICodebasePrincipal> originalCodebase(
+        do_QueryInterface(originalPrincipal, &rv));
+    if (NS_FAILED(rv)) {
+      // Document's principal is not a codebase (may be system), so can't set cookies
+      return NS_OK; 
     }
 
     nsCOMPtr<nsIURI> codebaseURI;
-    docPrincipal->GetURI(getter_AddRefs(codebaseURI));
-
-    if (!codebaseURI) {
-      // Document's principal is not a codebase (may be system), so
-      // can't set cookies
-
-      return NS_OK;
-    }
+    rv = originalCodebase->GetURI(getter_AddRefs(codebaseURI));
+    NS_ENSURE_SUCCESS(rv, rv);
 
     nsCOMPtr<nsIScriptGlobalObject> globalObj;
     nsCOMPtr<nsIPrompt> prompt;
diff --git a/mozilla/content/xml/document/src/nsXMLDocument.cpp b/mozilla/content/xml/document/src/nsXMLDocument.cpp
index 7c5e93b5971..1f23607df75 100644
--- a/mozilla/content/xml/document/src/nsXMLDocument.cpp
+++ b/mozilla/content/xml/document/src/nsXMLDocument.cpp
@@ -76,8 +76,9 @@
 #include "nsICharsetAlias.h"
 #include "nsNetUtil.h"
 #include "nsDOMError.h"
-#include "nsIScriptSecurityManager.h"
+#include "nsScriptSecurityManager.h"
 #include "nsIPrincipal.h"
+#include "nsIAggregatePrincipal.h"
 #include "nsLayoutCID.h"
 #include "nsDOMAttribute.h"
 #include "nsGUIEvent.h"
@@ -331,7 +332,21 @@ nsXMLDocument::OnRedirect(nsIHttpChannel *aHttpChannel, nsIChannel *aNewChannel)
       return rv;
   }
 
-  return mPrincipal->SetURI(newLocation);
+  nsCOMPtr<nsIPrincipal> newCodebase;
+  rv = secMan->GetCodebasePrincipal(newLocation,
+                                    getter_AddRefs(newCodebase));
+  if (NS_FAILED(rv))
+    return NS_ERROR_FAILURE;
+
+  nsCOMPtr<nsIAggregatePrincipal> agg = do_QueryInterface(mPrincipal, &rv);
+  NS_ASSERTION(NS_SUCCEEDED(rv), "Principal not an aggregate.");
+
+  if (NS_FAILED(rv))
+    return NS_ERROR_FAILURE;
+
+  rv = agg->SetCodebase(newCodebase);
+
+  return rv;
 }
 
 NS_IMETHODIMP
diff --git a/mozilla/content/xul/document/src/nsXULDocument.cpp b/mozilla/content/xul/document/src/nsXULDocument.cpp
index 3ca3f651891..d2820318a30 100644
--- a/mozilla/content/xul/document/src/nsXULDocument.cpp
+++ b/mozilla/content/xul/document/src/nsXULDocument.cpp
@@ -68,7 +68,7 @@
 #include "nsDOMError.h"
 #include "nsIBoxObject.h"
 #include "nsIChromeRegistry.h"
-#include "nsIPrincipal.h"
+#include "nsICodebasePrincipal.h"
 #include "nsIContentSink.h" // for NS_CONTENT_ID_COUNTER_BASE
 #include "nsIScrollableView.h"
 #include "nsIContentViewer.h"
diff --git a/mozilla/docshell/base/nsDocShell.cpp b/mozilla/docshell/base/nsDocShell.cpp
index 50df507063b..85772e3f9ef 100644
--- a/mozilla/docshell/base/nsDocShell.cpp
+++ b/mozilla/docshell/base/nsDocShell.cpp
@@ -52,7 +52,7 @@
 #include "nsIHttpEventSink.h"
 #include "nsIUploadChannel.h"
 #include "nsISecurityEventSink.h"
-#include "nsIScriptSecurityManager.h"
+#include "nsScriptSecurityManager.h"
 #include "nsDocumentCharsetInfoCID.h"
 #include "nsICanvasFrame.h"
 #include "nsContentPolicyUtils.h" // NS_CheckContentLoadPolicy(...)
@@ -105,6 +105,7 @@
 #include "nsIWyciwygChannel.h"
 
 // The following are for bug #13871: Prevent frameset spoofing
+#include "nsICodebasePrincipal.h"
 #include "nsIHTMLDocument.h"
 
 // For reporting errors with the console service.
@@ -954,8 +955,11 @@ PRBool ValidateOrigin(nsIDocShellTreeItem* aOriginTreeItem, nsIDocShellTreeItem*
   rv = targetDocument->GetPrincipal(getter_AddRefs(targetPrincipal));
   NS_ENSURE_TRUE(NS_SUCCEEDED(rv) && targetPrincipal, rv);
 
+  nsCOMPtr<nsICodebasePrincipal> targetCodebasePrincipal(do_QueryInterface(targetPrincipal));
+  NS_ENSURE_TRUE(targetCodebasePrincipal, PR_TRUE);
+
   nsCOMPtr<nsIURI> targetPrincipalURI;
-  rv = targetPrincipal->GetURI(getter_AddRefs(targetPrincipalURI));
+  rv = targetCodebasePrincipal->GetURI(getter_AddRefs(targetPrincipalURI));
   NS_ENSURE_TRUE(NS_SUCCEEDED(rv) && targetPrincipalURI, PR_TRUE);
 
   // Find out if document.domain was set for HTML documents
diff --git a/mozilla/dom/src/base/nsGlobalWindow.cpp b/mozilla/dom/src/base/nsGlobalWindow.cpp
index 3f7f02130de..de9a1b612d4 100644
--- a/mozilla/dom/src/base/nsGlobalWindow.cpp
+++ b/mozilla/dom/src/base/nsGlobalWindow.cpp
@@ -73,6 +73,7 @@
 #include "nsIWidget.h"
 #include "nsIBaseWindow.h"
 #include "nsICharsetConverterManager.h"
+#include "nsICodebasePrincipal.h"
 #include "nsIContent.h"
 #include "nsIWebBrowserPrint.h"
 #include "nsIContentViewerEdit.h"
@@ -4666,13 +4667,12 @@ GlobalWindowImpl::OpenInternal(const nsAString& aUrl,
         if (sSecMan) {
           nsCOMPtr<nsIPrincipal> principal;
           sSecMan->GetSubjectPrincipal(getter_AddRefs(principal));
-          if (principal) {
+          nsCOMPtr<nsICodebasePrincipal> codebasePrin(do_QueryInterface(principal));
+          if (codebasePrin) {
             nsCOMPtr<nsIURI> subjectURI;
-            principal->GetURI(getter_AddRefs(subjectURI));
-            if (subjectURI) {
-              nsCOMPtr<nsPIDOMWindow> domReturnPrivate(do_QueryInterface(domReturn));
-              domReturnPrivate->SetOpenerScriptURL(subjectURI);
-            }
+            codebasePrin->GetURI(getter_AddRefs(subjectURI));
+            nsCOMPtr<nsPIDOMWindow> domReturnPrivate(do_QueryInterface(domReturn));
+            domReturnPrivate->SetOpenerScriptURL(subjectURI);
           }
         }
       }
diff --git a/mozilla/dom/src/base/nsJSEnvironment.cpp b/mozilla/dom/src/base/nsJSEnvironment.cpp
index 40054a56598..f06641edc21 100644
--- a/mozilla/dom/src/base/nsJSEnvironment.cpp
+++ b/mozilla/dom/src/base/nsJSEnvironment.cpp
@@ -628,7 +628,7 @@ nsJSContext::EvaluateStringWithValue(const nsAString& aScript,
   JSPrincipals *jsprin;
   nsCOMPtr<nsIPrincipal> principal = aPrincipal;
   if (aPrincipal) {
-    aPrincipal->GetJsPrincipals(&jsprin);
+    aPrincipal->GetJSPrincipals(&jsprin);
   }
   else {
     nsCOMPtr<nsIScriptGlobalObject> global;
@@ -641,7 +641,7 @@ nsJSContext::EvaluateStringWithValue(const nsAString& aScript,
     rv = objPrincipal->GetPrincipal(getter_AddRefs(principal));
     if (NS_FAILED(rv))
       return NS_ERROR_FAILURE;
-    principal->GetJsPrincipals(&jsprin);
+    principal->GetJSPrincipals(&jsprin);
   }
   // From here on, we must JSPRINCIPALS_DROP(jsprin) before returning...
 
@@ -806,7 +806,7 @@ nsJSContext::EvaluateString(const nsAString& aScript,
   JSPrincipals *jsprin;
   nsCOMPtr<nsIPrincipal> principal = aPrincipal;
   if (aPrincipal) {
-    aPrincipal->GetJsPrincipals(&jsprin);
+    aPrincipal->GetJSPrincipals(&jsprin);
   }
   else {
     nsCOMPtr<nsIScriptGlobalObject> global;
@@ -819,7 +819,7 @@ nsJSContext::EvaluateString(const nsAString& aScript,
     rv = objPrincipal->GetPrincipal(getter_AddRefs(principal));
     if (NS_FAILED(rv))
       return NS_ERROR_FAILURE;
-    principal->GetJsPrincipals(&jsprin);
+    principal->GetJSPrincipals(&jsprin);
   }
   // From here on, we must JSPRINCIPALS_DROP(jsprin) before returning...
 
@@ -919,7 +919,7 @@ nsJSContext::CompileScript(const PRUnichar* aText,
     aScopeObject = ::JS_GetGlobalObject(mContext);
 
   JSPrincipals *jsprin;
-  aPrincipal->GetJsPrincipals(&jsprin);
+  aPrincipal->GetJSPrincipals(&jsprin);
   // From here on, we must JSPRINCIPALS_DROP(jsprin) before returning...
 
   PRBool ok = PR_FALSE;
@@ -1093,7 +1093,7 @@ nsJSContext::CompileEventHandler(void *aTarget, nsIAtom *aName,
                                                        getter_AddRefs(prin));
     NS_ENSURE_SUCCESS(rv, rv);
 
-    prin->GetJsPrincipals(&jsprin);
+    prin->GetJSPrincipals(&jsprin);
     NS_ENSURE_TRUE(jsprin, NS_ERROR_NOT_AVAILABLE);
   }
 
@@ -1146,7 +1146,7 @@ nsJSContext::CompileFunction(void* aTarget,
       nsCOMPtr<nsIPrincipal> prin;
       if (NS_FAILED(globalData->GetPrincipal(getter_AddRefs(prin))))
         return NS_ERROR_FAILURE;
-      prin->GetJsPrincipals(&jsprin);
+      prin->GetJSPrincipals(&jsprin);
     }
   }
 
diff --git a/mozilla/dom/src/base/nsLocation.cpp b/mozilla/dom/src/base/nsLocation.cpp
index 3440e10175d..35f4d4c07d9 100644
--- a/mozilla/dom/src/base/nsLocation.cpp
+++ b/mozilla/dom/src/base/nsLocation.cpp
@@ -58,6 +58,7 @@
 #include "nsEscape.h"
 #include "nsJSUtils.h"
 #include "nsIScriptSecurityManager.h"
+#include "nsICodebasePrincipal.h"
 #include "nsIDOMWindow.h"
 #include "nsIDOMDocument.h"
 #include "nsIDocument.h"
diff --git a/mozilla/dom/src/jsurl/nsJSProtocolHandler.cpp b/mozilla/dom/src/jsurl/nsJSProtocolHandler.cpp
index 7fe1d3074ef..86f5759b9c9 100644
--- a/mozilla/dom/src/jsurl/nsJSProtocolHandler.cpp
+++ b/mozilla/dom/src/jsurl/nsJSProtocolHandler.cpp
@@ -55,6 +55,7 @@
 #include "nsIScriptGlobalObjectOwner.h"
 #include "nsIPrincipal.h"
 #include "nsIScriptSecurityManager.h"
+#include "nsICodebasePrincipal.h"
 #include "nsIInterfaceRequestor.h"
 #include "nsIInterfaceRequestorUtils.h"
 #include "nsIStringStream.h"
@@ -229,21 +230,32 @@ nsresult nsJSThunk::EvaluateScript(nsIChannel *aChannel)
         if (NS_FAILED(rv))
             return rv;
 
-        nsCOMPtr<nsIPrincipal> systemPrincipal;
-        securityManager->GetSystemPrincipal(getter_AddRefs(systemPrincipal));
-        if (principal != systemPrincipal) {
-            rv = securityManager->CheckSameOriginPrincipal(principal,
-                                                           objectPrincipal);
-            if (NS_FAILED(rv)) {
-                nsCOMPtr<nsIConsoleService> console =
-                    do_GetService("@mozilla.org/consoleservice;1");
-                if (console) {
-                    // XXX Localize me!
-                    console->LogStringMessage(
-                        NS_LITERAL_STRING("Attempt to load a javascript: URL from one host\nin a window displaying content from another host\nwas blocked by the security manager.").get());
-                }
+        PRBool equals = PR_FALSE;
+        if ((NS_FAILED(objectPrincipal->Equals(principal, &equals)) || !equals)) {
+            // If the principals aren't equal
 
-                return NS_ERROR_DOM_RETVAL_UNDEFINED;
+            nsCOMPtr<nsIPrincipal> systemPrincipal;
+            securityManager->GetSystemPrincipal(getter_AddRefs(systemPrincipal));
+            if (principal.get() != systemPrincipal.get()) {
+                // and the script to be run does not have the system principal
+
+                nsCOMPtr<nsICodebasePrincipal> 
+                    objectCodebase(do_QueryInterface(objectPrincipal));
+                nsXPIDLCString objectOrigin;
+                rv = objectCodebase->GetOrigin(getter_Copies(objectOrigin));
+                if (PL_strcmp("about:blank", objectOrigin) != 0) {
+                    // and the target window is not about:blank, then
+                    // don't run the script. Print a message to the console and
+                    // return undefined.
+
+                    nsCOMPtr<nsIConsoleService> 
+                        console(do_GetService("@mozilla.org/consoleservice;1"));
+                    if (console) {
+                            console->LogStringMessage(
+                                NS_LITERAL_STRING("Attempt to load a javascript: URL from one host\nin a window displaying content from another host\nwas blocked by the security manager.").get());
+                    }
+                    return NS_ERROR_DOM_RETVAL_UNDEFINED;
+                }
             }
         }
     }
@@ -288,9 +300,9 @@ nsresult nsJSThunk::BringUpConsole(nsIDOMWindow *aDomWindow)
     nsresult rv;
 
     // First, get the Window Mediator service.
-    nsCOMPtr<nsIWindowMediator> windowMediator =
-        do_GetService(kWindowMediatorCID, &rv);
+    nsCOMPtr<nsIWindowMediator> windowMediator;
 
+    windowMediator = do_GetService(kWindowMediatorCID, &rv);
     if (NS_FAILED(rv)) return rv;
 
     // Next, find out whether there's a console already open.
diff --git a/mozilla/embedding/browser/activex/src/plugin/LegacyPlugin.cpp b/mozilla/embedding/browser/activex/src/plugin/LegacyPlugin.cpp
index df1142b4698..1358c9b2c64 100644
--- a/mozilla/embedding/browser/activex/src/plugin/LegacyPlugin.cpp
+++ b/mozilla/embedding/browser/activex/src/plugin/LegacyPlugin.cpp
@@ -404,7 +404,7 @@ MozAxAutoPushJSContext::MozAxAutoPushJSContext(JSContext *cx,
         if (NS_SUCCEEDED(mPushResult))
         {
             JSPrincipals* jsprinc;
-            principal->GetJsPrincipals(&jsprinc);
+            principal->GetJSPrincipals(&jsprinc);
 
             mFrame.script = JS_CompileScriptForPrincipals(cx, JS_GetGlobalObject(cx),
                                                           jsprinc, "", 0, "", 1);
diff --git a/mozilla/extensions/webservices/schema/src/nsSchemaLoader.cpp b/mozilla/extensions/webservices/schema/src/nsSchemaLoader.cpp
index 51c985be89f..0e086a687a7 100644
--- a/mozilla/extensions/webservices/schema/src/nsSchemaLoader.cpp
+++ b/mozilla/extensions/webservices/schema/src/nsSchemaLoader.cpp
@@ -43,7 +43,7 @@
 // XPConnect includes
 #include "nsIXPConnect.h"
 #include "nsIScriptSecurityManager.h"
-#include "nsIPrincipal.h"
+#include "nsICodebasePrincipal.h"
 
 // XPCOM includes
 #include "nsIServiceManager.h"
@@ -813,7 +813,10 @@ nsSchemaLoader::GetResolvedURI(const nsAString& aSchemaURI,
     nsCOMPtr<nsIPrincipal> principal;
     rv = secMan->GetSubjectPrincipal(getter_AddRefs(principal));
     if (NS_SUCCEEDED(rv)) {
-      principal->GetURI(getter_AddRefs(baseURI));
+      nsCOMPtr<nsICodebasePrincipal> codebase = do_QueryInterface(principal);
+      if (codebase) {
+        codebase->GetURI(getter_AddRefs(baseURI));
+      }
     }
     
     rv = NS_NewURI(aURI, aSchemaURI, nsnull, baseURI);
diff --git a/mozilla/extensions/webservices/security/src/nsWebScriptsAccess.cpp b/mozilla/extensions/webservices/security/src/nsWebScriptsAccess.cpp
index f53f10eb50a..2c219d9303b 100755
--- a/mozilla/extensions/webservices/security/src/nsWebScriptsAccess.cpp
+++ b/mozilla/extensions/webservices/security/src/nsWebScriptsAccess.cpp
@@ -43,7 +43,7 @@
 #include "nsIDOMNodeList.h"
 #include "nsIDOMAttr.h"
 #include "nsIDOMNamedNodeMap.h"
-#include "nsIPrincipal.h"
+#include "nsICodebasePrincipal.h"
 #include "nsIURL.h"
 #include "nsReadableUtils.h"
 #include "nsIHttpChannel.h"
@@ -260,7 +260,13 @@ nsWebScriptsAccess::GetCodebaseURI(nsIURI** aCodebase)
   rv = mSecurityManager->GetSubjectPrincipal(getter_AddRefs(principal));
   NS_ENSURE_SUCCESS(rv, rv);
   
-  return principal->GetURI(aCodebase);
+  nsCOMPtr<nsICodebasePrincipal> codebase(do_QueryInterface(principal, &rv));
+  NS_ENSURE_SUCCESS(rv, rv);
+
+  rv = codebase->GetURI(aCodebase);
+  NS_ENSURE_SUCCESS(rv, rv);
+
+  return NS_OK;
 }
 
 nsresult 
diff --git a/mozilla/extensions/webservices/soap/src/nsHTTPSOAPTransport.cpp b/mozilla/extensions/webservices/soap/src/nsHTTPSOAPTransport.cpp
index 086af245308..48fc8cbbbc6 100644
--- a/mozilla/extensions/webservices/soap/src/nsHTTPSOAPTransport.cpp
+++ b/mozilla/extensions/webservices/soap/src/nsHTTPSOAPTransport.cpp
@@ -44,7 +44,7 @@
 #include "nsIURI.h"
 #include "nsNetUtil.h"
 #include "nsIScriptSecurityManager.h"
-#include "nsIPrincipal.h"
+#include "nsICodebasePrincipal.h"
 #include "nsIVariant.h"
 #include "nsString.h"
 #include "nsSOAPUtils.h"
@@ -57,6 +57,7 @@
 #include "nsIWebScriptsAccessService.h"
 #include "nsMemory.h"
 #include "nsIDocument.h"
+#include "nsIAggregatePrincipal.h"
 
 nsHTTPSOAPTransport::nsHTTPSOAPTransport()
 {
@@ -122,15 +123,23 @@ nsresult ChangePrincipal(nsIDOMDocument* aDocument)
     rv = secMgr->GetSubjectPrincipal(getter_AddRefs(subjectPrincipal));
     NS_ENSURE_SUCCESS(rv, rv);
 
-    nsCOMPtr<nsIURI> subjectURI;
-    rv = subjectPrincipal->GetURI(getter_AddRefs(subjectURI));
+    nsCOMPtr<nsIAggregatePrincipal> subjectAgg = 
+      do_QueryInterface(subjectPrincipal, &rv);
     NS_ENSURE_SUCCESS(rv, rv);
-
+       
+    nsCOMPtr<nsIPrincipal> subjectCodebase;
+    rv = subjectAgg->GetOriginalCodebase(getter_AddRefs(subjectCodebase));
+    NS_ENSURE_SUCCESS(rv, rv);
+       
     nsCOMPtr<nsIPrincipal> targetPrincipal;
     rv = targetDoc->GetPrincipal(getter_AddRefs(targetPrincipal));
     NS_ENSURE_SUCCESS(rv, rv);
 
-    rv = targetPrincipal->SetURI(subjectURI);
+    nsCOMPtr<nsIAggregatePrincipal> targetAgg = 
+      do_QueryInterface(targetPrincipal, &rv);
+    NS_ENSURE_SUCCESS(rv, rv);
+
+    rv = targetAgg->SetCodebase(subjectCodebase);
   }
   return rv;
 }
@@ -207,20 +216,24 @@ static nsresult GetTransportURI(nsISOAPCall * aCall, nsAString & aURI)
                               "SOAP_INVOKE_VERIFY_PRINCIPAL", 
                               "Source-verified message cannot be sent without principal.");
       }
-
-      nsCOMPtr<nsIURI> uri;
-      principal->GetURI(getter_AddRefs(uri));
-      if (!uri) {
-        return SOAP_EXCEPTION(NS_ERROR_FAILURE,
-                              "SOAP_INVOKE_VERIFY_URI", 
-                              "Source-verified message cannot be sent without URI.");
-      }
-
-      nsCAutoString spec;
-      rc = uri->GetSpec(spec);
+      nsCOMPtr<nsICodebasePrincipal> codebase = do_QueryInterface(principal,&rc);
       if (NS_FAILED(rc)) 
         return rc;
-      CopyASCIItoUCS2(spec, sourceURI);
+  
+      if (!codebase) {
+        return SOAP_EXCEPTION(NS_ERROR_FAILURE,
+                              "SOAP_INVOKE_VERIFY_CODEBASE", 
+                              "Source-verified message cannot be sent without codebase.");
+      }
+  
+      char* str;
+
+      rc = codebase->GetSpec(&str);
+      if (NS_FAILED(rc)) 
+        return rc;
+      CopyASCIItoUCS2(nsDependentCString(str), sourceURI);
+      nsMemory::Free(str);
+
     }
 
 //  Adding a header to tell the server that it must understand and verify the source of the call
diff --git a/mozilla/extensions/webservices/wsdl/src/nsWSDLLoader.cpp b/mozilla/extensions/webservices/wsdl/src/nsWSDLLoader.cpp
index 63edfe39d5f..a5db5fc88a5 100644
--- a/mozilla/extensions/webservices/wsdl/src/nsWSDLLoader.cpp
+++ b/mozilla/extensions/webservices/wsdl/src/nsWSDLLoader.cpp
@@ -40,7 +40,7 @@
 // XPConnect includes
 #include "nsIXPConnect.h"
 #include "nsIScriptSecurityManager.h"
-#include "nsIPrincipal.h"
+#include "nsICodebasePrincipal.h"
 
 // XPCOM includes
 #include "nsIServiceManager.h"
@@ -218,7 +218,10 @@ nsWSDLLoader::GetResolvedURI(const nsAString& aWSDLURI, const char* aMethod,
     nsCOMPtr<nsIPrincipal> principal;
     rv = secMan->GetSubjectPrincipal(getter_AddRefs(principal));
     if (NS_SUCCEEDED(rv)) {
-      principal->GetURI(getter_AddRefs(baseURI));
+      nsCOMPtr<nsICodebasePrincipal> codebase = do_QueryInterface(principal);
+      if (codebase) {
+        codebase->GetURI(getter_AddRefs(baseURI));
+      }
     }
 
     rv = NS_NewURI(aURI, aWSDLURI, nsnull, baseURI);
diff --git a/mozilla/extensions/xmlextras/base/src/nsDOMSerializer.cpp b/mozilla/extensions/xmlextras/base/src/nsDOMSerializer.cpp
index b34833b8364..c10d745704d 100644
--- a/mozilla/extensions/xmlextras/base/src/nsDOMSerializer.cpp
+++ b/mozilla/extensions/xmlextras/base/src/nsDOMSerializer.cpp
@@ -50,6 +50,7 @@
 
 #include "nsIJSContextStack.h"
 #include "nsIScriptSecurityManager.h"
+#include "nsICodebasePrincipal.h"
 #include "nsIURI.h"
 
 nsDOMSerializer::nsDOMSerializer()
@@ -155,8 +156,11 @@ nsresult CheckSameOrigin(nsIDOMNode *aRoot)
 
       doc->GetPrincipal(getter_AddRefs(principal));
 
-      if (principal) {
-        principal->GetURI(getter_AddRefs(root_uri));
+      nsCOMPtr<nsICodebasePrincipal> codebase_principal =
+        do_QueryInterface(principal);
+
+      if (codebase_principal) {
+        codebase_principal->GetURI(getter_AddRefs(root_uri));
       }
 
       if (root_uri) {
diff --git a/mozilla/js/src/liveconnect/nsCLiveconnect.cpp b/mozilla/js/src/liveconnect/nsCLiveconnect.cpp
index ca44634e78d..8f01e833a33 100644
--- a/mozilla/js/src/liveconnect/nsCLiveconnect.cpp
+++ b/mozilla/js/src/liveconnect/nsCLiveconnect.cpp
@@ -210,7 +210,7 @@ AutoPushJSContext::AutoPushJSContext(nsISupports* aSecuritySupports,
         if (!hasScript)
         {
             JSPrincipals* jsprinc;
-            principal->GetJsPrincipals(&jsprinc);
+            principal->GetJSPrincipals(&jsprinc);
 
             mFrame.script = JS_CompileScriptForPrincipals(cx, JS_GetGlobalObject(cx),
                                                           jsprinc, "", 0, "", 1);
diff --git a/mozilla/js/src/xpconnect/loader/mozJSComponentLoader.cpp b/mozilla/js/src/xpconnect/loader/mozJSComponentLoader.cpp
index d68dada4906..eb13fc1a995 100644
--- a/mozilla/js/src/xpconnect/loader/mozJSComponentLoader.cpp
+++ b/mozilla/js/src/xpconnect/loader/mozJSComponentLoader.cpp
@@ -269,7 +269,7 @@ EvalInSandbox(JSContext *cx, JSObject *obj, uintN argc, jsval *argv,
         NS_FAILED(secman->GetCodebasePrincipal(iURL,
                                                getter_AddRefs(principal))) ||
         !principal ||
-        NS_FAILED(principal->GetJsPrincipals(&jsPrincipals)) ||
+        NS_FAILED(principal->GetJSPrincipals(&jsPrincipals)) ||
         !jsPrincipals) {
         JS_ReportError(cx, "Can't get principals for evalInSandbox");
         return JS_FALSE;
@@ -997,7 +997,7 @@ mozJSComponentLoader::GlobalForLocation(const char *aLocation,
     nsCOMPtr<nsIScriptObjectPrincipal> backstagePass =
       new BackstagePass(mSystemPrincipal);
 
-    rv = mSystemPrincipal->GetJsPrincipals(&jsPrincipals);
+    rv = mSystemPrincipal->GetJSPrincipals(&jsPrincipals);
     if (NS_FAILED(rv) || !jsPrincipals)
         return nsnull;
 
diff --git a/mozilla/js/src/xpconnect/loader/mozJSSubScriptLoader.cpp b/mozilla/js/src/xpconnect/loader/mozJSSubScriptLoader.cpp
index 4ba3cb45874..efd0e19e90d 100644
--- a/mozilla/js/src/xpconnect/loader/mozJSSubScriptLoader.cpp
+++ b/mozilla/js/src/xpconnect/loader/mozJSSubScriptLoader.cpp
@@ -299,7 +299,7 @@ mozJSSubScriptLoader::LoadSubScript (const PRUnichar * /*url*/
     /* we can't hold onto jsPrincipals as a module var because the
      * JSPRINCIPALS_DROP macro takes a JSContext, which we won't have in the
      * destructor */
-    rv = mSystemPrincipal->GetJsPrincipals(&jsPrincipals);
+    rv = mSystemPrincipal->GetJSPrincipals(&jsPrincipals);
     if (NS_FAILED(rv) || !jsPrincipals) {
         delete[] buf;
         return rv;
diff --git a/mozilla/layout/generic/nsFrameFrame.cpp b/mozilla/layout/generic/nsFrameFrame.cpp
index 84b54c47f07..7892b3c2823 100644
--- a/mozilla/layout/generic/nsFrameFrame.cpp
+++ b/mozilla/layout/generic/nsFrameFrame.cpp
@@ -76,6 +76,7 @@
 #include "nsLayoutAtoms.h"
 #include "nsIChromeEventHandler.h"
 #include "nsIScriptSecurityManager.h"
+#include "nsICodebasePrincipal.h"
 #include "nsXPIDLString.h"
 #include "nsIScrollable.h"
 #include "nsINameSpaceManager.h"
diff --git a/mozilla/layout/html/document/src/nsFrameFrame.cpp b/mozilla/layout/html/document/src/nsFrameFrame.cpp
index 84b54c47f07..7892b3c2823 100644
--- a/mozilla/layout/html/document/src/nsFrameFrame.cpp
+++ b/mozilla/layout/html/document/src/nsFrameFrame.cpp
@@ -76,6 +76,7 @@
 #include "nsLayoutAtoms.h"
 #include "nsIChromeEventHandler.h"
 #include "nsIScriptSecurityManager.h"
+#include "nsICodebasePrincipal.h"
 #include "nsXPIDLString.h"
 #include "nsIScrollable.h"
 #include "nsINameSpaceManager.h"
diff --git a/mozilla/modules/libjar/nsJARChannel.cpp b/mozilla/modules/libjar/nsJARChannel.cpp
index 60a4cfbc300..5b6cc816ed1 100644
--- a/mozilla/modules/libjar/nsJARChannel.cpp
+++ b/mozilla/modules/libjar/nsJARChannel.cpp
@@ -22,11 +22,12 @@
 #include "nsMimeTypes.h"
 #include "nsNetUtil.h"
 
-#include "nsIScriptSecurityManager.h"
-#include "nsIPrincipal.h"
+#include "nsScriptSecurityManager.h"
+#include "nsIAggregatePrincipal.h"
 #include "nsIFileURL.h"
 #include "nsIJAR.h"
 
+static NS_DEFINE_CID(kScriptSecurityManagerCID, NS_SCRIPTSECURITYMANAGER_CID);
 static NS_DEFINE_CID(kZipReaderCID, NS_ZIPREADER_CID);
 
 //-----------------------------------------------------------------------------
@@ -423,28 +424,22 @@ nsJARChannel::GetOwner(nsISupports **result)
     if (cert) {
         // Get the codebase principal
         nsCOMPtr<nsIScriptSecurityManager> secMan = 
-                 do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
+                 do_GetService(kScriptSecurityManagerCID, &rv);
         if (NS_FAILED(rv)) return rv;
 
         nsCOMPtr<nsIPrincipal> codebase;
         rv = secMan->GetCodebasePrincipal(mJarBaseURI, 
                                           getter_AddRefs(codebase));
         if (NS_FAILED(rv)) return rv;
-
-        nsCOMPtr<nsIURI> codebaseURI;
-        codebase->GetURI(getter_AddRefs(codebaseURI));
-
-        nsCOMPtr<nsIURI> domainURI;
-        codebase->GetDomain(getter_AddRefs(domainURI));
-        
+    
         // Join the certificate and the codebase
-        rv = cert->SetURI(codebaseURI);
+        nsCOMPtr<nsIAggregatePrincipal> agg = do_QueryInterface(cert, &rv);
         if (NS_FAILED(rv)) return rv;
 
-        rv = cert->SetDomain(domainURI);
+        rv = agg->SetCodebase(codebase);
         if (NS_FAILED(rv)) return rv;
 
-        mOwner = do_QueryInterface(cert, &rv);
+        mOwner = do_QueryInterface(agg, &rv);
         if (NS_FAILED(rv)) return rv;
 
         NS_ADDREF(*result = mOwner);
diff --git a/mozilla/modules/libpref/src/nsPrefBranch.cpp b/mozilla/modules/libpref/src/nsPrefBranch.cpp
index f313c30f9c1..b85e3900b7f 100644
--- a/mozilla/modules/libpref/src/nsPrefBranch.cpp
+++ b/mozilla/modules/libpref/src/nsPrefBranch.cpp
@@ -46,7 +46,7 @@
 #include "nsString.h"
 #include "nsReadableUtils.h"
 #include "nsXPIDLString.h"
-#include "nsIScriptSecurityManager.h"
+#include "nsScriptSecurityManager.h"
 #include "nsIStringBundle.h"
 #include "prefapi.h"
 #include "prmem.h"
@@ -68,6 +68,8 @@ struct PrefCallbackData {
 };
 
 
+static NS_DEFINE_CID(kSecurityManagerCID, NS_SCRIPTSECURITYMANAGER_CID);
+
 // Prototypes
 extern PrefResult pref_UnlockPref(const char *key);
 PR_STATIC_CALLBACK(PLDHashOperator)
@@ -895,7 +897,7 @@ nsresult nsPrefBranch::getValidatedPrefName(const char *aPrefName, const char **
   {
     nsresult rv;
     nsCOMPtr<nsIScriptSecurityManager> secMan = 
-             do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
+             do_GetService(kSecurityManagerCID, &rv);
     PRBool enabled;
 
     if (NS_FAILED(rv))
diff --git a/mozilla/modules/oji/src/ProxyClassLoader.cpp b/mozilla/modules/oji/src/ProxyClassLoader.cpp
index a3909eb4f10..4f82ea23f30 100644
--- a/mozilla/modules/oji/src/ProxyClassLoader.cpp
+++ b/mozilla/modules/oji/src/ProxyClassLoader.cpp
@@ -45,6 +45,7 @@
 #include "nsIServiceManager.h"
 #include "nsIJSContextStack.h"
 #include "nsIPrincipal.h"
+#include "nsICodebasePrincipal.h"
 #include "nsIScriptContext.h"
 #include "nsIScriptGlobalObject.h"
 #include "nsIScriptObjectPrincipal.h"
@@ -69,7 +70,9 @@ static nsresult getScriptCodebase(JSContext* cx, nsIURI* *result)
             nsCOMPtr<nsIPrincipal> principal;
             scriptObjectPrincipal->GetPrincipal(getter_AddRefs(principal));
             if (principal) {
-                return principal->GetURI(result);
+                nsCOMPtr<nsICodebasePrincipal> codebasePrincipal = do_QueryInterface(principal);
+                if (codebasePrincipal)
+                    return codebasePrincipal->GetURI(result);
             }
         }
     }
diff --git a/mozilla/modules/oji/src/lcglue.cpp b/mozilla/modules/oji/src/lcglue.cpp
index 5a205c76cfe..bf98f5b967d 100644
--- a/mozilla/modules/oji/src/lcglue.cpp
+++ b/mozilla/modules/oji/src/lcglue.cpp
@@ -358,7 +358,7 @@ get_JSPrincipals_from_java_caller_impl(JNIEnv *pJNIEnv, JSContext *pJSContext, v
                     rv = ssm->GetCodebasePrincipal(codebaseURI, getter_AddRefs(principal));
                     if (NS_SUCCEEDED(rv)) {
                         JSPrincipals* jsprincipals;
-                        principal->GetJsPrincipals(&jsprincipals);
+                        principal->GetJSPrincipals(&jsprincipals);
                         return jsprincipals;
                     }
                 }
@@ -368,7 +368,7 @@ get_JSPrincipals_from_java_caller_impl(JNIEnv *pJNIEnv, JSContext *pJSContext, v
         nsCOMPtr<nsIPrincipal> principal = do_QueryInterface(credentials);
         if (principal) {
             JSPrincipals* jsprincipals;
-            principal->GetJsPrincipals(&jsprincipals);
+            principal->GetJSPrincipals(&jsprincipals);
             return jsprincipals;
         }
     }
diff --git a/mozilla/modules/oji/src/nsCSecurityContext.cpp b/mozilla/modules/oji/src/nsCSecurityContext.cpp
index e5290d9f77c..f3a507f6c56 100644
--- a/mozilla/modules/oji/src/nsCSecurityContext.cpp
+++ b/mozilla/modules/oji/src/nsCSecurityContext.cpp
@@ -53,7 +53,12 @@
 
 // For GetOrigin()
 
-#include "nsIScriptSecurityManager.h"
+#include "nsCOMPtr.h"
+#include "nsJSPrincipals.h"
+#include "nsSystemPrincipal.h"
+#include "nsCodebasePrincipal.h"
+#include "nsCertificatePrincipal.h"
+#include "nsScriptSecurityManager.h"
 #include "nsIScriptGlobalObject.h"
 #include "nsIServiceManager.h"
 #include "nsIScriptObjectPrincipal.h"
@@ -130,27 +135,39 @@ nsCSecurityContext::GetOrigin(char* buf, int buflen)
         }
     }
 
-    nsXPIDLCString origin;
-    m_pPrincipal->GetOrigin(getter_Copies(origin));
-
-    PRInt32 originlen = origin.Length();
-    if (origin.IsEmpty() || originlen > buflen - 1) {
+    nsCOMPtr<nsICodebasePrincipal> codebase = do_QueryInterface(m_pPrincipal);
+    if (!codebase) 
         return NS_ERROR_FAILURE;
+
+    char* origin=nsnull;
+    codebase->GetOrigin(&origin);
+
+    if (origin) {
+        PRInt32 originlen = (PRInt32) strlen(origin);
+        if (!buf || buflen<=originlen) {
+            if (origin) {
+                nsCRT::free(origin);
+            }
+            return NS_ERROR_FAILURE;
+        }
+
+        // Copy the string into to user supplied buffer. Is there a better
+        // way to do this?
+
+        memcpy(buf,origin,originlen);
+        buf[originlen]=nsnull; // Gotta terminate it.
+        nsCRT::free(origin);
+    } else {
+        *buf = nsnull;
     }
 
-    // Copy the string into to user supplied buffer. Is there a better
-    // way to do this?
-
-    memcpy(buf, origin, originlen);
-    buf[originlen] = nsnull; // Gotta terminate it.
-
     return NS_OK;
 }
 
 NS_METHOD 
 nsCSecurityContext::GetCertificateID(char* buf, int buflen)
 {
-    nsCOMPtr<nsIPrincipal> principal;
+    nsCOMPtr<nsIPrincipal> principal = NULL;
   
     // Get the Script Security Manager.
 
@@ -159,22 +176,28 @@ nsCSecurityContext::GetCertificateID(char* buf, int buflen)
              do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
     if (NS_FAILED(rv) || !secMan) return NS_ERROR_FAILURE;
 
+
     secMan->GetSubjectPrincipal(getter_AddRefs(principal));
-    if (!principal) {
+    nsCOMPtr<nsICertificatePrincipal> cprincipal = do_QueryInterface(principal);
+    if (!cprincipal) 
         return NS_ERROR_FAILURE;
+
+    char* certificate = nsnull;
+    cprincipal->GetCertificateID(&certificate);
+
+    if (certificate) {
+        PRInt32 certlen = (PRInt32) strlen(certificate);
+        if( buflen<=certlen ) {
+            nsCRT::free(certificate);
+            return NS_ERROR_FAILURE;
+        }
+        memcpy(buf,certificate,certlen);
+        buf[certlen]=nsnull;
+        nsCRT::free(certificate);
+    } else {
+        *buf = nsnull;
     }
 
-    nsXPIDLCString certificate;
-    principal->GetCertificateID(getter_Copies(certificate));
-
-    PRInt32 certlen = certificate.Length();
-    if (buflen <= certlen) {
-        return NS_ERROR_FAILURE;
-    }
-
-    memcpy(buf, certificate.get(), certlen);
-    buf[certlen] = nsnull;
-
     return NS_OK;
 }
 
diff --git a/mozilla/modules/oji/src/nsJVMManager.cpp b/mozilla/modules/oji/src/nsJVMManager.cpp
index a646faac9bf..3412fec2393 100644
--- a/mozilla/modules/oji/src/nsJVMManager.cpp
+++ b/mozilla/modules/oji/src/nsJVMManager.cpp
@@ -68,10 +68,14 @@
 #include "nspr.h"
 #include "plstr.h"
 #include "nsCOMPtr.h"
-#include "nsIPrincipal.h"
+//#include "nsJSPrincipals.h"
+//#include "nsSystemPrincipal.h"
+//#include "nsCodebasePrincipal.h"
+#include "nsCertificatePrincipal.h"
 #include "nsIScriptSecurityManager.h"
 #include "nsISignatureVerifier.h"
 
+//#include "nsScriptSecurityManager.h"
 
 extern "C" int XP_PROGRESS_STARTING_JAVA;
 extern "C" int XP_PROGRESS_STARTING_JAVA_DONE;
@@ -967,8 +971,15 @@ nsJVMManager::IsAllPermissionGranted(
     rv = secMan->GetCertificatePrincipal(lastFP, &pIPrincipal);
     if (NS_FAILED(rv)) return PR_FALSE;
 
+    // Get the nsICertificatePrincipal interface so that we can set the
+    // common name. The common name is a user meaningful string.
+    
+    nsCOMPtr<nsICertificatePrincipal> pICertificate = do_QueryInterface(pIPrincipal, &rv);
+    if (NS_FAILED(rv) || !pICertificate) return PR_FALSE;
+
     // Set the common name.
-    rv = pIPrincipal->SetCommonName(lastCN);
+
+    rv = pICertificate->SetCommonName(lastCN);
 
     PRInt16 ret;
 
diff --git a/mozilla/netwerk/protocol/jar/src/nsJARChannel.cpp b/mozilla/netwerk/protocol/jar/src/nsJARChannel.cpp
index 60a4cfbc300..5b6cc816ed1 100644
--- a/mozilla/netwerk/protocol/jar/src/nsJARChannel.cpp
+++ b/mozilla/netwerk/protocol/jar/src/nsJARChannel.cpp
@@ -22,11 +22,12 @@
 #include "nsMimeTypes.h"
 #include "nsNetUtil.h"
 
-#include "nsIScriptSecurityManager.h"
-#include "nsIPrincipal.h"
+#include "nsScriptSecurityManager.h"
+#include "nsIAggregatePrincipal.h"
 #include "nsIFileURL.h"
 #include "nsIJAR.h"
 
+static NS_DEFINE_CID(kScriptSecurityManagerCID, NS_SCRIPTSECURITYMANAGER_CID);
 static NS_DEFINE_CID(kZipReaderCID, NS_ZIPREADER_CID);
 
 //-----------------------------------------------------------------------------
@@ -423,28 +424,22 @@ nsJARChannel::GetOwner(nsISupports **result)
     if (cert) {
         // Get the codebase principal
         nsCOMPtr<nsIScriptSecurityManager> secMan = 
-                 do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
+                 do_GetService(kScriptSecurityManagerCID, &rv);
         if (NS_FAILED(rv)) return rv;
 
         nsCOMPtr<nsIPrincipal> codebase;
         rv = secMan->GetCodebasePrincipal(mJarBaseURI, 
                                           getter_AddRefs(codebase));
         if (NS_FAILED(rv)) return rv;
-
-        nsCOMPtr<nsIURI> codebaseURI;
-        codebase->GetURI(getter_AddRefs(codebaseURI));
-
-        nsCOMPtr<nsIURI> domainURI;
-        codebase->GetDomain(getter_AddRefs(domainURI));
-        
+    
         // Join the certificate and the codebase
-        rv = cert->SetURI(codebaseURI);
+        nsCOMPtr<nsIAggregatePrincipal> agg = do_QueryInterface(cert, &rv);
         if (NS_FAILED(rv)) return rv;
 
-        rv = cert->SetDomain(domainURI);
+        rv = agg->SetCodebase(codebase);
         if (NS_FAILED(rv)) return rv;
 
-        mOwner = do_QueryInterface(cert, &rv);
+        mOwner = do_QueryInterface(agg, &rv);
         if (NS_FAILED(rv)) return rv;
 
         NS_ADDREF(*result = mOwner);
diff --git a/mozilla/security/manager/ssl/src/nsCrypto.cpp b/mozilla/security/manager/ssl/src/nsCrypto.cpp
index 415f0ca6ec0..770f2be4e97 100644
--- a/mozilla/security/manager/ssl/src/nsCrypto.cpp
+++ b/mozilla/security/manager/ssl/src/nsCrypto.cpp
@@ -47,12 +47,12 @@
 #include "nsIPrompt.h"
 #include "nsIFilePicker.h"
 #include "nsJSPrincipals.h"
+#include "nsScriptSecurityManager.h"
 #include "nsIPrincipal.h"
 #include "nsXPIDLString.h"
 #include "nsIGenKeypairInfoDlg.h"
 #include "nsIDOMCryptoDialogs.h"
 #include "jsapi.h"
-#include "jsdbgapi.h"
 #include <ctype.h>
 #include "nsReadableUtils.h"
 #include "pk11func.h"
@@ -1788,7 +1788,7 @@ nsCryptoRunnable::Run()
   nsNSSShutDownPreventionLock locker;
   JSPrincipals *principals;
 
-  nsresult rv = m_args->m_principals->GetJsPrincipals(&principals);
+  nsresult rv = m_args->m_principals->GetJSPrincipals(&principals);
   if (NS_FAILED(rv))
     return NS_ERROR_FAILURE;
 
diff --git a/mozilla/security/manager/ssl/src/nsCrypto.h b/mozilla/security/manager/ssl/src/nsCrypto.h
index 0b76ede8ca4..f99c8c79210 100644
--- a/mozilla/security/manager/ssl/src/nsCrypto.h
+++ b/mozilla/security/manager/ssl/src/nsCrypto.h
@@ -28,6 +28,7 @@
 #include "nsIDOMPkcs11.h"
 #include "nsString.h"
 #include "jsapi.h"
+#include "nsIPrincipal.h"
 
 #define NS_CRYPTO_CLASSNAME "Crypto JavaScript Class"
 #define NS_CRYPTO_CID \
@@ -42,7 +43,6 @@
 class nsIPSMComponent;
 class nsIDOMScriptObjectFactory;
 class nsIEventQueue;
-class nsIPrincipal;
 
 
 class nsCRMFObject : public nsIDOMCRMFObject
diff --git a/mozilla/security/manager/ssl/src/nsNSSComponent.cpp b/mozilla/security/manager/ssl/src/nsNSSComponent.cpp
index d5ac5779cd4..79d45d1a752 100644
--- a/mozilla/security/manager/ssl/src/nsNSSComponent.cpp
+++ b/mozilla/security/manager/ssl/src/nsNSSComponent.cpp
@@ -58,6 +58,7 @@
 #include "nsIWindowWatcher.h"
 #include "nsIPrompt.h"
 #include "nsProxiedService.h"
+#include "nsICertificatePrincipal.h"
 #include "nsReadableUtils.h"
 #include "nsIDateTimeFormat.h"
 #include "prtypes.h"
@@ -1460,11 +1461,13 @@ nsNSSComponent::VerifySignature(const char* aRSABuf, PRUint32 aRSABufLen,
     rv2 = mScriptSecurityManager->GetCertificatePrincipal(fingerprintStr.get(), aPrincipal);
     if (NS_FAILED(rv2) || !*aPrincipal) return rv2;
 
+    nsCOMPtr<nsICertificatePrincipal> certPrincipal = do_QueryInterface(*aPrincipal, &rv2);
+    if (NS_FAILED(rv2)) return rv2;
     nsAutoString orgName;
     rv2 = pCert->GetOrganization(orgName);
     if (NS_FAILED(rv2)) return rv2;
     NS_LossyConvertUCS2toASCII  orgNameStr(orgName);
-    rv2 = (*aPrincipal)->SetCommonName(orgNameStr.get());
+    rv2 = certPrincipal->SetCommonName(orgNameStr.get());
     if (NS_FAILED(rv2)) return rv2;
   }
 
diff --git a/mozilla/xpinstall/src/CertReader.cpp b/mozilla/xpinstall/src/CertReader.cpp
index d375a65cd7d..83722ba96af 100644
--- a/mozilla/xpinstall/src/CertReader.cpp
+++ b/mozilla/xpinstall/src/CertReader.cpp
@@ -42,10 +42,6 @@
 #include "nsIServiceManager.h"
 #include "nsISignatureVerifier.h"
 #include "nsIInputStream.h"
-#include "nsIPrincipal.h"
-#include "nsIURI.h"
-#include "nsPICertNotification.h"
-
 
 #include "nsNetUtil.h"
 
diff --git a/mozilla/xpinstall/src/CertReader.h b/mozilla/xpinstall/src/CertReader.h
index 5558282e00e..22e62a750a3 100644
--- a/mozilla/xpinstall/src/CertReader.h
+++ b/mozilla/xpinstall/src/CertReader.h
@@ -36,12 +36,11 @@
 #include "nsCOMPtr.h"
 #include "nsIStreamListener.h"
 #include "nsString.h"
-
-class nsISignatureVerifier;
-class nsIPrincipal;
-class nsIURI;
-class nsPICertNotification;
-
+#include "nsISignatureVerifier.h"
+#include "nsICertificatePrincipal.h"
+#include "nsIPrincipal.h"
+#include "nsIURI.h"
+#include "nsPICertNotification.h"
 
 class CertReader : public nsIStreamListener
 {
diff --git a/mozilla/xpinstall/src/nsSoftwareUpdateRun.cpp b/mozilla/xpinstall/src/nsSoftwareUpdateRun.cpp
index ba46f66dd0b..6d9e42fd83c 100644
--- a/mozilla/xpinstall/src/nsSoftwareUpdateRun.cpp
+++ b/mozilla/xpinstall/src/nsSoftwareUpdateRun.cpp
@@ -55,6 +55,7 @@
 
 #include "nsIJAR.h"
 #include "nsIPrincipal.h"
+#include "nsICertificatePrincipal.h"
 
 static NS_DEFINE_CID(kSoftwareUpdateCID,  NS_SoftwareUpdate_CID);
 static NS_DEFINE_CID(kEventQueueServiceCID, NS_EVENTQUEUESERVICE_CID);
@@ -81,9 +82,8 @@ nsresult VerifySigning(nsIZipReader* hZip, nsIPrincipal* aPrincipal)
     if (!aPrincipal) 
         return NS_OK; // not signed, but not an error
 
-    PRBool hasCert;
-    aPrincipal->GetHasCertificate(&hasCert);
-    if (!hasCert)
+    nsCOMPtr<nsICertificatePrincipal> cp(do_QueryInterface(aPrincipal));
+    if (!cp) 
         return NS_ERROR_FAILURE;
 
     nsCOMPtr<nsIJAR> jar(do_QueryInterface(hZip));
diff --git a/mozilla/xpinstall/src/nsXPITriggerInfo.cpp b/mozilla/xpinstall/src/nsXPITriggerInfo.cpp
index 0079f645985..d607731cea8 100644
--- a/mozilla/xpinstall/src/nsXPITriggerInfo.cpp
+++ b/mozilla/xpinstall/src/nsXPITriggerInfo.cpp
@@ -1,4 +1,4 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
 /*
  * The contents of this file are subject to the Netscape Public
  * License Version 1.1 (the "License"); you may not use this file
@@ -27,6 +27,7 @@
 #include "nsDebug.h"
 #include "nsIServiceManager.h"
 #include "nsIEventQueueService.h"
+#include "nsICertificatePrincipal.h"
 
 static NS_DEFINE_IID(kEventQueueServiceCID, NS_EVENTQUEUESERVICE_CID);
 
@@ -92,24 +93,15 @@ PRBool nsXPITriggerItem::IsRelativeURL()
 void
 nsXPITriggerItem::SetPrincipal(nsIPrincipal* aPrincipal)
 {
-    mPrincipal = aPrincipal;
+	mPrincipal = aPrincipal;
 
-    // aPrincipal can be null for various failure cases.
-    // see bug 213894 for an example.
-    // nsXPInstallManager::OnCertAvailable can be called with a null principal
-    // and it can also force a null principal.
-    if (!aPrincipal)
-        return;
-
-    PRBool hasCert;
-    aPrincipal->GetHasCertificate(&hasCert);
-    if (hasCert) {
-        nsXPIDLCString cName;
-        aPrincipal->GetCommonName(getter_Copies(cName));
-        mCertName = NS_ConvertUTF8toUCS2(cName);
-    }
+	nsCOMPtr<nsICertificatePrincipal> cp(do_QueryInterface(aPrincipal));
+	if (cp) {
+		nsXPIDLCString cName;
+		cp->GetCommonName(getter_Copies(cName));
+		mCertName = NS_ConvertUTF8toUCS2(cName);
+	}
 }
-
 //
 // nsXPITriggerInfo
 //