Bug 1953851 - [devtools] Update the MDN links r=devtools-reviewers,nchevobbe,cookie-reviewers,valentin,fluent-reviewers,shtrom,zeid,anti-tracking-reviewers,translations-reviewers,android-reviewers,flod,bvandersloot,jonalmeida,tthibaud

Differential Revision: https://phabricator.services.mozilla.com/D241589

browser/locales/en-US/browser/firefoxRelay.ftl

@@ -3,7 +3,7 @@
 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
 
 ## Error messages for failed HTTP web requests.
-## https://developer.mozilla.org/en-US/docs/Web/HTTP/Status#client_error_responses
+## https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Status#client_error_responses
 ## Variables:
 ##   $status (Number) - HTTP status code, for example 403
 

devtools/client/locales/en-US/inspector.properties

@@ -352,7 +352,7 @@ inspectorSearchHTML.nextButton.title=Next result
 # shown in the inspector contextual-menu for the item that lets users copy
 # the URL embedding the image data encoded in Base 64 (what we name
 # here Image Data URL). For more information:
-# https://developer.mozilla.org/en-US/docs/Web/HTTP/data_URIs
+# https://developer.mozilla.org/en-US/docs/Web/URI/Reference/Schemes/data
 inspectorImageDataUri.label=Image Data-URL
 
 # LOCALIZATION NOTE (inspectorShowDOMProperties.label): This is the label

devtools/client/locales/en-US/netmonitor.properties

@@ -608,7 +608,7 @@ netmonitor.toolbar.cookies=Cookies
 # LOCALIZATION NOTE (netmonitor.toolbar.setCookies): This is the label displayed
 # in the network table toolbar, above the "set cookies" column.
 # Set-Cookie is a HTTP response header. This string is the plural form of it.
-# See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie
+# See https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Set-Cookie
 netmonitor.toolbar.setCookies=Set-Cookies
 
 # LOCALIZATION NOTE (netmonitor.toolbar.scheme): This is the label displayed

devtools/client/netmonitor/src/utils/doc-utils.js

@@ -109,7 +109,7 @@ const SUPPORTED_HEADERS = [
 ];
 
 const MDN_URL = "https://developer.mozilla.org/docs/";
-const MDN_STATUS_CODES_LIST_URL = `${MDN_URL}Web/HTTP/Status`;
+const MDN_STATUS_CODES_LIST_URL = `${MDN_URL}Web/HTTP/Reference/Status`;
 const getGAParams = (panelId = "netmonitor") => {
   return `?utm_source=mozilla&utm_medium=devtools-${panelId}&utm_campaign=default`;
 };
@@ -130,7 +130,7 @@ function getHeadersURL(header) {
     item => item.toLowerCase() === lowerCaseHeader
   );
   return idx > -1
-    ? `${MDN_URL}Web/HTTP/Headers/${SUPPORTED_HEADERS[idx] + getGAParams()}`
+    ? `${MDN_URL}Web/HTTP/Reference/Headers/${SUPPORTED_HEADERS[idx] + getGAParams()}`
     : null;
 }
 
@@ -144,7 +144,7 @@ function getHeadersURL(header) {
 function getHTTPStatusCodeURL(statusCode, panelId) {
   return (
     (SUPPORTED_HTTP_CODES.includes(statusCode)
-      ? `${MDN_URL}Web/HTTP/Status/${statusCode}`
+      ? `${MDN_URL}Web/HTTP/Reference/Status/${statusCode}`
       : MDN_STATUS_CODES_LIST_URL) + getGAParams(panelId)
   );
 }
@@ -214,7 +214,7 @@ function getCORSErrorURL(reason) {
     [1015, "CORSMissingAllowHeaderFromPreflight"],
   ]);
   const urlFrag = reasonMap.get(reason) || "";
-  return `${MDN_URL}Web/HTTP/CORS/Errors/${urlFrag}`;
+  return `${MDN_URL}Web/HTTP/Guides/CORS/Errors/${urlFrag}`;
 }
 
 module.exports = {

devtools/client/netmonitor/test/xpcshell/test_doc-utils.js

@@ -29,7 +29,7 @@ function run_test() {
   info("Checking for supported headers");
   equal(
     getHeadersURL("Accept"),
-    `${MDN_URL}Web/HTTP/Headers/Accept${GTM_PARAMS_NM}`
+    `${MDN_URL}Web/HTTP/Reference/Headers/Accept${GTM_PARAMS_NM}`
   );
   info("Checking for unsupported headers");
   equal(getHeadersURL("Width"), null);
@@ -37,12 +37,12 @@ function run_test() {
   info("Checking for supported status code");
   equal(
     getHTTPStatusCodeURL("200", "webconsole"),
-    `${MDN_URL}Web/HTTP/Status/200${GTM_PARAMS_WC}`
+    `${MDN_URL}Web/HTTP/Reference/Status/200${GTM_PARAMS_WC}`
   );
   info("Checking for unsupported status code");
   equal(
     getHTTPStatusCodeURL("999", "webconsole"),
-    `${MDN_URL}Web/HTTP/Status${GTM_PARAMS_WC}`
+    `${MDN_URL}Web/HTTP/Reference/Status${GTM_PARAMS_WC}`
   );
 
   equal(

devtools/client/shared/components/test/chrome/test_notification_box_04.html

@@ -32,7 +32,7 @@ window.onload = async function () {
     const notificationBox = TestUtils.renderIntoDocument(boxElement);
     const notificationNode = ReactDOM.findDOMNode(notificationBox);
 
-    const mdnLink = "https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS/Errors"
+    const mdnLink = "https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CORS/Errors"
 
     const mdnLinkButton = {mdnUrl: mdnLink, label: "learn more about error" }
 

devtools/client/webconsole/test/browser/browser_webconsole_cors_errors.js

@@ -12,7 +12,7 @@ requestLongerTimeout(2);
 const TEST_URI =
   "http://example.com/browser/devtools/client/webconsole/test/browser/test-network-request.html";
 const BASE_CORS_ERROR_URL =
-  "https://developer.mozilla.org/docs/Web/HTTP/CORS/Errors/";
+  "https://developer.mozilla.org/docs/Web/HTTP/Guides/CORS/Errors/";
 const BASE_CORS_ERROR_URL_PARAMS = new URLSearchParams({
   utm_source: "devtools",
   utm_medium: "firefox-cors-errors",

devtools/client/webconsole/test/browser/browser_webconsole_hsts_invalid-headers.js

@@ -11,7 +11,7 @@ const SJS_URL =
   "https://example.com/browser/devtools/client/webconsole/" +
   "/test/browser/test_hsts-invalid-headers.sjs";
 const LEARN_MORE_URI =
-  "https://developer.mozilla.org/docs/Web/HTTP/Headers/" +
+  "https://developer.mozilla.org/docs/Web/HTTP/Reference/Headers/" +
   "Strict-Transport-Security" +
   DOCS_GA_PARAMS;
 

devtools/client/webconsole/test/browser/browser_webconsole_network_messages_status_code.js

@@ -14,7 +14,8 @@ const {
   l10n,
 } = require("resource://devtools/client/webconsole/utils/messages.js");
 const LEARN_MORE_URI =
-  "https://developer.mozilla.org/docs/Web/HTTP/Status/200" + GA_PARAMS;
+  "https://developer.mozilla.org/docs/Web/HTTP/Reference/Status/200" +
+  GA_PARAMS;
 
 pushPref(NET_PREF, true);
 pushPref(XHR_PREF, true);

devtools/client/webconsole/test/browser/browser_webconsole_warning_group_cookies.js

@@ -36,10 +36,10 @@ add_task(async function testSameSiteCookieMessage() {
     {
       pref: false,
       message1:
-        "Cookie “a” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite",
+        "Cookie “a” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Reference/Headers/Set-Cookie#samesitesamesite-value",
       typeMessage1: ".warn",
       message2:
-        "Cookie “b” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite",
+        "Cookie “b” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Reference/Headers/Set-Cookie#samesitesamesite-value",
     },
   ];
 

devtools/docs/contributor/frontend/csp.md

@@ -1,5 +1,5 @@
 
-The DevTools toolbox is loaded in an iframe pointing to about:devtools-toolbox. This iframe has a [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) (CSP) applied, which will mitigate potential attacks. However this may limit the resources that can be loaded in the toolbox documenth.
+The DevTools toolbox is loaded in an iframe pointing to about:devtools-toolbox. This iframe has a [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CSP) (CSP) applied, which will mitigate potential attacks. However this may limit the resources that can be loaded in the toolbox documenth.
 
 # Current DevTools CSP
 
@@ -12,7 +12,7 @@ This means:
 - `chrome://` and `resource://` are allowed for any resource
 - `chrome://` and `resource://` and `data://` are allowed for images
 
-For more information about which resources and requests are in scope of the CSP, you can read the [default-src documentation on MDN](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/default-src).
+For more information about which resources and requests are in scope of the CSP, you can read the [default-src documentation on MDN](https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Content-Security-Policy/default-src).
 
 # Scope of the DevTools CSP
 

devtools/docs/user/network_monitor/inspecting_web_sockets/index.rst

@@ -12,7 +12,7 @@ When you are inspecting a web app that utilizes a web socket connection, the web
 .. image:: wsi-filter.png
   :alt: WS filter in the network inspector
 
-You can use the WS button to filter the list for just web socket connections. Only requests with the `101 status code <https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/101>`_ (WebSocket Protocol Handshake) are visible, which indicates that the server is switching to a web socket connection.
+You can use the WS button to filter the list for just web socket connections. Only requests with the `101 status code <https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Status/101>`_ (WebSocket Protocol Handshake) are visible, which indicates that the server is switching to a web socket connection.
 
 Clicking on a web socket request opens the usual sidebar to reveal additional details. Choose the **Response** tab to inspect web socket frames sent and received through the selected connection.
 

devtools/docs/user/network_monitor/request_details/index.rst

@@ -48,7 +48,7 @@ This includes:
   - Status: The response status code for the request; click the "?" icon to go to the reference page for the status code.
   - Version: The version of HTTP used.
   - Transferred: The amount of data transferred for the request.
-  - Referrer policy: The value of the `Referrer-policy header <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy>`_.
+  - Referrer policy: The value of the `Referrer-policy header <https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Referrer-Policy>`_.
 
 - **HTTP Early hints response headers** (when the request includes early hints)
 - **HTTP Response headers**
@@ -84,16 +84,16 @@ The following information is shown only when the section is expanded:
 The following information is shown in both the collapsed and the expanded states:
 
 
-- **Status:** The `HTTP response code <https://developer.mozilla.org/en-US/docs/Web/HTTP/Status>`_ for the request.
+- **Status:** The `HTTP response code <https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Status>`_ for the request.
 - **Version**: The HTTP version used
 - **Transferred**: The amount of data transferred with the request
-- The **Referrer Policy**, which governs which referrer information, sent in the `Referer <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referer>`_ header, should be included with requests. (See `Referrer-Policy <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy>`_ for a description of possible values)
+- The **Referrer Policy**, which governs which referrer information, sent in the `Referer <https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Referer>`_ header, should be included with requests. (See `Referrer-Policy <https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Referrer-Policy>`_ for a description of possible values)
 - **Blocking**: If the request is to a site that is associated with a known tracker, an icon and a message are shown; otherwise, this field is not shown.
 
 Early hints response headers
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-The `Early hints <https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/103>`_ response headers section shows the headers provided by HTTP 103 informational response. For each line in the early hints response headers section, a question mark links to the documentation for that response header, if one is available.
+The `Early hints <https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Status/103>`_ response headers section shows the headers provided by HTTP 103 informational response. For each line in the early hints response headers section, a question mark links to the documentation for that response header, if one is available.
 
 A **Raw** toggle button in the section heading controls whether the headers are shown with formatting, or as plain, unformatted text.
 
@@ -464,7 +464,7 @@ The *Request Timing* section breaks a network request down into the following su
 Server Timing
 ~~~~~~~~~~~~~
 
-New in Firefox 71, the *Server Timing* section lists any information provided in the `Server-Timing <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Server-Timing>`_ header — this is used to surface any backend server timing metrics you've recorded (e.g. database read/write, CPU time, file system access, etc.).
+The *Server Timing* section lists any information provided in the `Server-Timing <https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Server-Timing>`_ header — this is used to surface any backend server timing metrics you've recorded (e.g. database read/write, CPU time, file system access, etc.).
 
 The header takes a series of descriptions and durations, which can be anything you like. In the above screenshot for example, the highlighted request's ``Server-Timing`` header contains 4 items — *data*, *markup*, *total*, and *miss*.
 

devtools/docs/user/responsive_design_mode/index.rst

@@ -106,7 +106,7 @@ Just above the viewport there is a label "no device selected"; click this to see
 - Touch event simulation
 
 
-Additionally, Firefox sets the `User-Agent <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/User-Agent>`_ HTTP request header to identify itself as the default browser on the selected device. For example, if you've selected an iPhone, then Firefox identifies itself as Safari. The `navigator.userAgent <https://developer.mozilla.org/en-US/docs/Web/API/Navigator/userAgent>`_ property is set to the same value.
+Additionally, Firefox sets the `User-Agent <https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/User-Agent>`_ HTTP request header to identify itself as the default browser on the selected device. For example, if you've selected an iPhone, then Firefox identifies itself as Safari. The `navigator.userAgent <https://developer.mozilla.org/en-US/docs/Web/API/Navigator/userAgent>`_ property is set to the same value.
 
 .. raw:: html
 

devtools/docs/user/web_console/console_messages/index.rst

@@ -190,10 +190,10 @@ The complete list of security messages is as follows:
     - The page contained mixed display content: that is, the main page was served over HTTPS, but asked the browser to load "display content", such as images, over HTTP. The browser loaded this display content. `Mixed Content <https://developer.mozilla.org/en-US/docs/Web/Security/Mixed_content>`_ for more details.
 
   * - This site specified both an X-Content-Security-Policy/Report-Only header and a Content-Security-Policy/Report-Only header. The X-Content-Security-Policy/Report-Only header(s) will be ignored.
-    - See `Content Security Policy <https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP>`_ for more details.
+    - See `Content Security Policy <https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CSP>`_ for more details.
 
   * - The X-Content-Security-Policy and X-Content-Security-Report-Only headers will be deprecated in the future. Please use the Content-Security-Policy and Content-Security-Report-Only headers with CSP spec compliant syntax instead.
-    - See `Content Security Policy <https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP>`_ for more details.
+    - See `Content Security Policy <https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CSP>`_ for more details.
 
   * - Password fields present on an insecure (http://) page. This is a security risk that allows user login credentials to be stolen.
     - Pages containing login forms must be served over HTTPS, not HTTP.
@@ -205,7 +205,7 @@ The complete list of security messages is as follows:
     - iframes containing login forms must be served over HTTPS, not HTTP.
 
   * - The site specified an invalid Strict-Transport-Security header.
-    - See `HTTP Strict Transport Security <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security>`_ for more details.
+    - See `HTTP Strict Transport Security <https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Strict-Transport-Security>`_ for more details.
 
   * - This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.
 

devtools/server/actors/errordocs.js

@@ -126,15 +126,15 @@ const INSECURE_PASSWORDS_LEARN_MORE =
 const PUBLIC_KEY_PINS_LEARN_MORE =
   "https://developer.mozilla.org/docs/Web/HTTP/Public_Key_Pinning";
 const STRICT_TRANSPORT_SECURITY_LEARN_MORE =
-  "https://developer.mozilla.org/docs/Web/HTTP/Headers/Strict-Transport-Security";
+  "https://developer.mozilla.org/docs/Web/HTTP/Reference/Headers/Strict-Transport-Security";
 const MIME_TYPE_MISMATCH_LEARN_MORE =
-  "https://developer.mozilla.org/docs/Web/HTTP/Headers/X-Content-Type-Options";
+  "https://developer.mozilla.org/docs/Web/HTTP/Reference/Headers/X-Content-Type-Options";
 const SOURCE_MAP_LEARN_MORE =
   "https://firefox-source-docs.mozilla.org/devtools-user/debugger/source_map_errors/";
 const TLS_LEARN_MORE =
   "https://blog.mozilla.org/security/2018/10/15/removing-old-versions-of-tls/";
 const X_FRAME_OPTIONS_LEARN_MORE =
-  "https://developer.mozilla.org/docs/Web/HTTP/Headers/X-Frame-Options";
+  "https://developer.mozilla.org/docs/Web/HTTP/Reference/Headers/X-Frame-Options";
 const REQUEST_STORAGE_ACCESS_LEARN_MORE =
   "https://developer.mozilla.org/docs/Web/API/Document/requestStorageAccess";
 const DOCTYPE_MODES_LEARN_MORE =
@@ -161,7 +161,7 @@ const ErrorCategories = {
 };
 
 const baseCorsErrorUrl =
-  "https://developer.mozilla.org/docs/Web/HTTP/CORS/Errors/";
+  "https://developer.mozilla.org/docs/Web/HTTP/Guides/CORS/Errors/";
 const corsParams =
   "?utm_source=devtools&utm_medium=firefox-cors-errors&utm_campaign=default";
 const CorsErrorDocs = {

mobile/android/android-components/components/support/utils/src/main/java/mozilla/components/support/utils/DownloadUtils.kt

@@ -57,7 +57,7 @@ object DownloadUtils {
      * Format as defined in RFC 2616 and RFC 5987
      * Both inline and attachment types are supported.
      * More details can be found
-     * https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Disposition
+     * https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Content-Disposition
      *
      * The first segment is the [contentDispositionType], there you can find the documentation,
      * Next, it's the filename segment, where we have a filename="filename.ext"

mobile/android/android-components/docs/_posts/2020-05-28-engine-version-feature-flags.md

@@ -39,7 +39,7 @@ engine.version.metadata // a1
 
 Note that for GeckoView versions we are using the `MOZILLA_VERSION` that GeckoView exposes (e.g. `78.0a1`) which can be different from version of the maven dependency (e.g. `78.0.20200528032513`).
 
-In `browser-engine-system`, which is using `WebView`, we are parsing the Chrome version from the [User-Agent](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/User-Agent).
+In `browser-engine-system`, which is using `WebView`, we are parsing the Chrome version from the [User-Agent](https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/User-Agent).
 
 ```Kotlin
 // Mozilla/5.0 (Linux; Android 10) Build/RPP2.200227.014.A1; wv)

mots.yaml

@@ -8,7 +8,7 @@
 # documentation and how to modify this file.
 repo: mozilla-central
 created_at: '2021-10-14T12:50:40.073465'
-updated_at: '2025-03-26T03:42:10.702051+00:00'
+updated_at: '2025-04-01T14:21:39.951774+00:00'
 export:
   path: ./docs/mots/index.rst
   format: rst
@@ -2870,7 +2870,8 @@ modules:
       - netwerk/protocol/http/**/*
     meta:
       group: dev-platform
-      url: https://developer.mozilla.org/docs/Web/HTTP/Headers/User-Agent/Firefox
+      url:
+        https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/User-Agent/Firefox
       components:
         - 'Core::Networking: HTTP'
     owners:
@@ -4540,5 +4541,5 @@ modules:
         - Ryan Tilder
       group: dev-platform
 hashes:
-  config: 67ba7c16fafd3456d27a3d7cbf1bf741bc7afc87
-  export: df3168a61c61e5945f0312688eb917cc58bc14fc
+  config: 1f1a65ce9444d293f1f1b8fc74b954bea0aa5a27
+  export: 26b31fcb1ebef52108b7df136973ebf35a4ddc5b

netwerk/cookie/CookieParser.cpp

@@ -27,8 +27,8 @@ constexpr auto CONSOLE_REJECTION_CATEGORY = "cookiesRejection"_ns;
 constexpr auto CONSOLE_SAMESITE_CATEGORY = "cookieSameSite"_ns;
 constexpr auto CONSOLE_INVALID_ATTRIBUTE_CATEGORY = "cookieInvalidAttribute"_ns;
 constexpr auto SAMESITE_MDN_URL =
-    "https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/"
-    u"SameSite"_ns;
+    "https://developer.mozilla.org/docs/Web/HTTP/Reference/Headers/Set-Cookie#"
+    u"samesitesamesite-value"_ns;
 
 namespace mozilla {
 namespace net {

netwerk/docs/early_hints.md

@@ -1,7 +1,7 @@
 # Early Hints
 
 [Early Hints](https://html.spec.whatwg.org/multipage/semantics.html#early-hints) is an informational HTTP status code allowing server to send headers likely to appear in the final response before sending the final response.
-This is used to send [Link headers](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Link) to start `preconnect`s and `preload`s.
+This is used to send [Link headers](https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Link) to start `preconnect`s and `preload`s.
 
 This document is about the implementation details of Early Hints in Firefox.
 We focus on the `preload` feature, as it is the main feature interacting with classes.

netwerk/docs/necko_lingo.md

@@ -116,7 +116,7 @@ RFC 6555/8305 – connecting via IPv4 and IPv6 simultaneously. \
 We implement this in a [different](https://searchfox.org/mozilla-central/rev/23e7e940337d0e0b29aabe0080e4992d3860c940/netwerk/protocol/http/DnsAndConnectSocket.cpp#202-206) way.
 
 ## HSTS
-HTTP [Strict Transport Security](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security). \
+HTTP [Strict Transport Security](https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Strict-Transport-Security). \
 HSTS preload - a list of websites that will be upgraded to HTTPS without first needing a response.
 
 

python/mozboot/mozboot/android.py

@@ -195,7 +195,7 @@ def download_internal(
     with open(download_file_path, "ab") as file:
         # 64 KB/s should be fine on even the slowest internet connections
         chunk_size = 1024 * 64
-        # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Range#directives
+        # https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Range#directives
         resume_header = (
             {"Range": f"bytes={resume_from_byte_pos}-"}
             if resume_from_byte_pos

testing/mozbase/mozproxy/mozproxy/backends/mitm/scripts/inject-deterministic.py

@@ -36,8 +36,7 @@ class AddDeterministic:
 
         Note:
         For more background information on CSP and nonce, please refer to
-        https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/
-        Content-Security-Policy/script-src
+        https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Content-Security-Policy/script-src
         https://developers.google.com/web/fundamentals/security/csp/
         """
 
@@ -72,8 +71,7 @@ class AddDeterministic:
 
         Note:
         For more background information on CSP, please refer to
-        https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/
-        Content-Security-Policy/script-src
+        https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Content-Security-Policy/script-src
         https://developers.google.com/web/fundamentals/security/csp/
         """
 

testing/web-platform/tests/content-security-policy/navigation/to-javascript-parent-initiated-child-csp.html

@@ -24,7 +24,7 @@
 
   const kIframeURLPath = "support/frame-with-csp.sub.html";
 
-  // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/Sources#unsafe-inline
+  // https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Content-Security-Policy#unsafe-inline
   document.getElementById("iframeWithScriptSrcUnsafeInline").src =
     encodeURIWithApostrophes(kIframeURLPath + "?csp=script-src 'unsafe-inline'");
   document.getElementById("iframeWithScriptSrcNone").src =

toolkit/components/antitracking/docs/data-sanitization/index.md

@@ -23,7 +23,7 @@ All browsers allow fine grained control over website cookies and storages via th
 
 This is a browser UX feature and is therefore not standardized. It is not part of the web platform.
 
-There is a standardized HTTP header that sites can send to clear associated browser cache, cookies and storage: [Clear-Site-Data](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Clear-Site-Data). However, Firefox no longer allows sites to clear caches via the header since [Bug 1671182](https://bugzilla.mozilla.org/show_bug.cgi?id=1671182).
+There is a standardized HTTP header that sites can send to clear associated browser cache, cookies and storage: [Clear-Site-Data](https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Clear-Site-Data). However, Firefox no longer allows sites to clear caches via the header since [Bug 1671182](https://bugzilla.mozilla.org/show_bug.cgi?id=1671182).
 
 ### How does it fit into our vision of “Zero Privacy Leaks?”
 

toolkit/components/ml/vendor/transformers-dev.js

@@ -31802,14 +31802,14 @@ async function getFile(urlOrPath) {
 }
 
 const ERROR_MAPPING = {
-    // 4xx errors (https://developer.mozilla.org/en-US/docs/Web/HTTP/Status#client_error_responses)
+    // 4xx errors (https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Status#client_error_responses)
     400: 'Bad request error occurred while trying to load file',
     401: 'Unauthorized access to file',
     403: 'Forbidden access to file',
     404: 'Could not locate file',
     408: 'Request timeout error occurred while trying to load file',
 
-    // 5xx errors (https://developer.mozilla.org/en-US/docs/Web/HTTP/Status#server_error_responses)
+    // 5xx errors (https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Status#server_error_responses)
     500: 'Internal server error error occurred while trying to load file',
     502: 'Bad gateway error occurred while trying to load file',
     503: 'Service unavailable error occurred while trying to load file',

toolkit/components/resistfingerprinting/nsRFPService.cpp

@@ -923,7 +923,7 @@ void nsRFPService::GetSpoofedUserAgent(nsACString& userAgent) {
   // used as fingerprinting sources to identify individuals.
   // Reference of the format of User Agent:
   // https://developer.mozilla.org/en-US/docs/Web/API/NavigatorID/userAgent
-  // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/User-Agent
+  // https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/User-Agent
 
   // These magic numbers are the lengths of the UA string literals below.
   // Assume three-digit Firefox version numbers so we have room to grow.

toolkit/components/translations/actors/TranslationsParent.sys.mjs

@@ -1002,7 +1002,7 @@ export class TranslationsParent extends JSWindowActorParent {
 
   /**
    * The "Accept-Language" values that the localizer or user has indicated for
-   * the preferences for the web. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Accept-Language
+   * the preferences for the web. https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Accept-Language
    *
    * Note that this preference always has English in the fallback chain, even if the
    * user doesn't actually speak English, and to other languages they potentially do

toolkit/content/aboutNetError.mjs

@@ -74,7 +74,8 @@ const KNOWN_ERROR_TITLE_IDS = new Set([
 /* global KNOWN_ERROR_MESSAGE_IDS */
 const ERROR_MESSAGES_FTL = "toolkit/neterror/nsserrors.ftl";
 
-const MDN_DOCS_HEADERS = "https://developer.mozilla.org/docs/Web/HTTP/Headers/";
+const MDN_DOCS_HEADERS =
+  "https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/";
 const COOP_MDN_DOCS = MDN_DOCS_HEADERS + "Cross-Origin-Opener-Policy";
 const COEP_MDN_DOCS = MDN_DOCS_HEADERS + "Cross-Origin-Embedder-Policy";
 const HTTPS_UPGRADES_MDN_DOCS = "https://support.mozilla.org/kb/https-upgrades";