Looking at the patch for `document.lastModified`, I looked at all the uses of [PR_LocalTimeParameters](https://searchfox.org/mozilla-central/search?q=symbol:PR_LocalTimeParameters&redirect=false) and found [this one](https://searchfox.org/mozilla-central/rev/f63ca2952da98e0817bdae0ddf1314281a497106/dom/xslt/xslt/txEXSLTFunctions.cpp#593) that looks sketchy. My concern would be that an attacker could render a XSLT document using a function that formats a datetime; then reads that XSLT document (cause it's same origin) and gets the timezone out.