See https://bugzilla.mozilla.org/show_bug.cgi?id=1209162#c12 <modified> "When we call DocShellOriginAttributes::InheritFromDocToChildDocShell, this information needs to get additional parameters indicating if it's a mozbrowser iframe or not. If it is a mozbrowser iframe, then we inherit all the OriginAttributes from the document, except for mSignedPkgInBrowser to true. "NeckoOriginAttributes should only clear mSignedPkg if mSignedPkgInBrowser is false. If it is true we leave mSignedPkg as-is."

Jonas also mentioned in https://bugzilla.mozilla.org/show_bug.cgi?id=1209162#c39 "Maybe we should add a function like: DocShellOriginAttributes::InheritFromDocToChildDocShell(PrincipalOriginAttributes& aAttrs, nsIContent* iframeElement) This function could then look at the mozbrowser attributes and set the appropriate values on the docshelloriginattributes."

I suspect we can close this bug, right?