diff --git a/core/includes/common.inc b/core/includes/common.inc
old mode 100644
new mode 100755
index 3706049..fa4c0c9
--- a/core/includes/common.inc
+++ b/core/includes/common.inc
@@ -699,19 +699,6 @@ function drupal_site_offline() {
 }
 
 /**
- * Delivers an "access denied" error to the browser.
- *
- * Page callback functions wanting to report an "access denied" message should
- * return MENU_ACCESS_DENIED instead of calling drupal_access_denied(). However,
- * functions that are invoked in contexts where that return value might not
- * bubble up to menu_execute_active_handler() should call
- * drupal_access_denied().
- */
-function drupal_access_denied() {
-  throw new AccessDeniedHttpException();
-}
-
-/**
  * Performs an HTTP request.
  *
  * This is a flexible and powerful HTTP client implementation. Correctly
diff --git a/core/includes/file.inc b/core/includes/file.inc
old mode 100644
new mode 100755
index 73aab5f..92aeddb
--- a/core/includes/file.inc
+++ b/core/includes/file.inc
@@ -1943,8 +1943,8 @@ function file_transfer($uri, $headers) {
  * Call modules that implement hook_file_download() to find out if a file is
  * accessible and what headers it should be transferred with. If one or more
  * modules returned headers the download will start with the returned headers.
- * If a module returns -1 drupal_access_denied() will be returned. If the file
- * exists but no modules responded drupal_access_denied() will be returned.
+ * If a module returns -1 an AccessDeniedHttpException will be thrown. If the file
+ * exists but no modules responded an AccessDeniedHttpException will be thrown.
  * If the file does not exist a NotFoundHttpException will be thrown.
  *
  * @see hook_file_download()
diff --git a/core/modules/aggregator/aggregator.admin.inc b/core/modules/aggregator/aggregator.admin.inc
old mode 100644
new mode 100755
index c064e4f..7759750
--- a/core/modules/aggregator/aggregator.admin.inc
+++ b/core/modules/aggregator/aggregator.admin.inc
@@ -5,6 +5,8 @@
  * Admin page callbacks for the aggregator module.
  */
 
+use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
+
 /**
  * Page callback: Displays the aggregator administration page.
  *
@@ -411,7 +413,7 @@ function aggregator_admin_refresh_feed($feed) {
   //   generation. Add token support to routing: http://drupal.org/node/755584.
   $token = request()->query->get('token');
   if (!isset($token) || !drupal_valid_token($token, 'aggregator/update/' . $feed->fid)) {
-    drupal_access_denied();
+    throw new AccessDeniedHttpException();
   }
 
   aggregator_refresh($feed);
diff --git a/core/modules/book/book.pages.inc b/core/modules/book/book.pages.inc
old mode 100644
new mode 100755
index c00fb6f..3ca79bd
--- a/core/modules/book/book.pages.inc
+++ b/core/modules/book/book.pages.inc
@@ -6,6 +6,7 @@
  */
 
 use Drupal\node\Node;
+use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
 use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
 
 /**
@@ -89,7 +90,7 @@ function book_export_html($nid) {
     }
   }
   else {
-    drupal_access_denied();
+    throw new AccessDeniedHttpException();
   }
 }
 
diff --git a/core/modules/comment/comment.pages.inc b/core/modules/comment/comment.pages.inc
old mode 100644
new mode 100755
index 39b8a24..051fd83
--- a/core/modules/comment/comment.pages.inc
+++ b/core/modules/comment/comment.pages.inc
@@ -6,6 +6,7 @@
  */
 
 use Drupal\node\Node;
+use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
 use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
 
 /**
@@ -113,7 +114,7 @@ function comment_approve($cid) {
   //   generation. Add token support to routing: http://drupal.org/node/755584.
   $token = request()->query->get('token');
   if (!isset($token) || !drupal_valid_token($token, "comment/$cid/approve")) {
-    drupal_access_denied();
+    throw new AccessDeniedHttpException();
   }
 
   if ($comment = comment_load($cid)) {
diff --git a/core/modules/contact/contact.pages.inc b/core/modules/contact/contact.pages.inc
old mode 100644
new mode 100755
index a1c2926..2a27cf1
--- a/core/modules/contact/contact.pages.inc
+++ b/core/modules/contact/contact.pages.inc
@@ -5,6 +5,7 @@
  * Page callbacks for the Contact module.
  */
 
+use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
 use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
 
 /**
@@ -23,8 +24,7 @@ function contact_site_form($form, &$form_state) {
   $window = variable_get('contact_threshold_window', 3600);
   if (!flood_is_allowed('contact', $limit, $window) && !user_access('administer contact forms')) {
     drupal_set_message(t("You cannot send more than %limit messages in @interval. Try again later.", array('%limit' => $limit, '@interval' => format_interval($window))), 'error');
-    drupal_access_denied();
-    drupal_exit();
+    throw new AccessDeniedHttpException();
   }
 
   // Get an array of the categories and the current default category.
@@ -184,8 +184,7 @@ function contact_personal_form($form, &$form_state, $recipient) {
   $window = variable_get('contact_threshold_window', 3600);
   if (!flood_is_allowed('contact', $limit, $window) && !user_access('administer contact forms') && !user_access('administer users')) {
     drupal_set_message(t("You cannot send more than %limit messages in @interval. Try again later.", array('%limit' => $limit, '@interval' => format_interval($window))), 'error');
-    drupal_access_denied();
-    drupal_exit();
+    throw new AccessDeniedHttpException();
   }
 
   drupal_set_title(t('Contact @username', array('@username' => user_format_name($recipient))), PASS_THROUGH);
diff --git a/core/modules/image/image.module b/core/modules/image/image.module
old mode 100644
new mode 100755
index 973f36a..905e6a7
--- a/core/modules/image/image.module
+++ b/core/modules/image/image.module
@@ -7,6 +7,7 @@
 
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpFoundation\StreamedResponse;
+use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
 use Drupal\Core\File\File;
 
 /**
@@ -695,7 +696,7 @@ function image_style_deliver($style, $scheme) {
     else {
       $headers = module_invoke_all('file_download', $image_uri);
       if (in_array(-1, $headers) || empty($headers)) {
-        return drupal_access_denied();
+        throw new AccessDeniedHttpException();
       }
       if (count($headers)) {
         foreach ($headers as $name => $value) {
diff --git a/core/modules/menu/menu.admin.inc b/core/modules/menu/menu.admin.inc
old mode 100644
new mode 100755
index 2e1725d..496ff88
--- a/core/modules/menu/menu.admin.inc
+++ b/core/modules/menu/menu.admin.inc
@@ -5,6 +5,8 @@
  * Administrative page callbacks for menu module.
  */
 
+use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
+
 /**
  * Menu callback which shows an overview page of all the custom menus and their descriptions.
  */
@@ -506,8 +508,7 @@ function menu_delete_menu_page($menu) {
   // System-defined menus may not be deleted.
   $system_menus = menu_list_system_menus();
   if (isset($system_menus[$menu['menu_name']])) {
-    drupal_access_denied();
-    return;
+    throw new AccessDeniedHttpException();
   }
   return drupal_get_form('menu_delete_menu_confirm', $menu);
 }
@@ -616,8 +617,7 @@ function menu_item_delete_page($item) {
   // Links defined via hook_menu may not be deleted. Updated items are an
   // exception, as they can be broken.
   if ($item['module'] == 'system' && !$item['updated']) {
-    drupal_access_denied();
-    return;
+    throw new AccessDeniedHttpException();
   }
   return drupal_get_form('menu_item_delete_form', $item);
 }
diff --git a/core/modules/overlay/overlay.module b/core/modules/overlay/overlay.module
old mode 100644
new mode 100755
index 5fdd453..7fb7e0b
--- a/core/modules/overlay/overlay.module
+++ b/core/modules/overlay/overlay.module
@@ -6,6 +6,7 @@
  */
 
 use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
 
 /**
  * Implements hook_help().
@@ -334,7 +335,7 @@ function overlay_user_dismiss_message() {
   //   generation. Add token support to routing: http://drupal.org/node/755584.
   $token = request()->query->get('token');
   if (!isset($token) || !drupal_valid_token($token, 'overlay')) {
-    drupal_access_denied();
+    throw new AccessDeniedHttpException();
   }
 
   $account = user_load($user->uid);
diff --git a/core/modules/shortcut/shortcut.admin.inc b/core/modules/shortcut/shortcut.admin.inc
old mode 100644
new mode 100755
index 9010f90..9f1888a
--- a/core/modules/shortcut/shortcut.admin.inc
+++ b/core/modules/shortcut/shortcut.admin.inc
@@ -5,6 +5,8 @@
  * Administrative page callbacks for the shortcut module.
  */
 
+use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
+
 /**
  * Returns the maximum number of shortcut "slots" available per shortcut set.
  *
@@ -775,5 +777,5 @@ function shortcut_link_add_inline($shortcut_set) {
     drupal_goto();
   }
 
-  return drupal_access_denied();
+  throw new AccessDeniedHttpException();
 }
diff --git a/core/modules/system/system.admin.inc b/core/modules/system/system.admin.inc
old mode 100644
new mode 100755
index a31e278..33c89f5
--- a/core/modules/system/system.admin.inc
+++ b/core/modules/system/system.admin.inc
@@ -6,6 +6,7 @@
  */
 
 use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
 
 /**
  * Menu callback; Provide the administration overview page.
@@ -280,7 +281,7 @@ function system_theme_enable() {
     }
     drupal_goto('admin/appearance');
   }
-  return drupal_access_denied();
+  throw new AccessDeniedHttpException();
 }
 
 /**
@@ -308,7 +309,7 @@ function system_theme_disable() {
     }
     drupal_goto('admin/appearance');
   }
-  return drupal_access_denied();
+  throw new AccessDeniedHttpException();
 }
 
 /**
@@ -355,7 +356,7 @@ function system_theme_default() {
     }
     drupal_goto('admin/appearance');
   }
-  return drupal_access_denied();
+  throw new AccessDeniedHttpException();
 }
 
 /**
@@ -2303,7 +2304,7 @@ function system_batch_page() {
   $output = _batch_page();
 
   if ($output === FALSE) {
-    drupal_access_denied();
+    throw new AccessDeniedHttpException();
   }
   elseif ($output instanceof Response) {
     return $output;
diff --git a/core/modules/user/user.pages.inc b/core/modules/user/user.pages.inc
old mode 100644
new mode 100755
index 300bbc1..fcda92e
--- a/core/modules/user/user.pages.inc
+++ b/core/modules/user/user.pages.inc
@@ -5,6 +5,8 @@
  * User page callback file for the user module.
  */
 
+use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
+
 /**
  * Menu callback; Retrieve a JSON object containing autocomplete suggestions for existing users.
  */
@@ -157,7 +159,7 @@ function user_pass_reset($form, &$form_state, $uid, $timestamp, $hashed_pass, $a
     else {
       // Deny access, no more clues.
       // Everything will be in the watchdog's URL for the administrator to check.
-      drupal_access_denied();
+      throw new AccessDeniedHttpException();
     }
   }
 }
@@ -480,7 +482,7 @@ function user_cancel_confirm($account, $timestamp = 0, $hashed_pass = '') {
       drupal_goto("user/$account->uid/cancel");
     }
   }
-  drupal_access_denied();
+  throw new AccessDeniedHttpException();
 }
 
 /**