summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@wolfbeast.com>2020-03-27 23:27:07 +0100
committerwolfbeast <mcwerewolf@wolfbeast.com>2020-03-27 23:27:07 +0100
commite9723a6fdbf15f7d61b5a32b0931507ee2cb772e (patch)
tree2839968fbd703ef85dd62b1b0e58f31620444674
parent50ebd35073b58f500f8195aee4ad482eb503f937 (diff)
downloaduxp-e9723a6fdbf15f7d61b5a32b0931507ee2cb772e.tar.gz
Issue #1498 - Part 6: Remove STS preloadlist pref.
-rw-r--r--modules/libpref/init/all.js2
-rw-r--r--security/manager/ssl/nsSiteSecurityService.cpp7
-rw-r--r--security/manager/ssl/nsSiteSecurityService.h1
3 files changed, 0 insertions, 10 deletions
diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js
index a2b00391fa..2e21c307d8 100644
--- a/modules/libpref/init/all.js
+++ b/modules/libpref/init/all.js
@@ -2037,8 +2037,6 @@ pref("network.proxy.autoconfig_retry_interval_max", 300); // 5 minutes
// Master switch for HSTS usage (security <-> privacy tradeoff)
pref("network.stricttransportsecurity.enabled", true);
-// Use the HSTS preload list by default
-pref("network.stricttransportsecurity.preloadlist", true);
// Use JS mDNS as a fallback
pref("network.mdns.use_js_fallback", false);
diff --git a/security/manager/ssl/nsSiteSecurityService.cpp b/security/manager/ssl/nsSiteSecurityService.cpp
index 8617d00fef..f78be1bad1 100644
--- a/security/manager/ssl/nsSiteSecurityService.cpp
+++ b/security/manager/ssl/nsSiteSecurityService.cpp
@@ -200,7 +200,6 @@ const uint64_t kSixtyDaysInSeconds = 60 * 24 * 60 * 60;
nsSiteSecurityService::nsSiteSecurityService()
: mMaxMaxAge(kSixtyDaysInSeconds)
- , mUsePreloadList(true)
, mUseStsService(true)
, mPreloadListTimeOffset(0)
, mHPKPEnabled(false)
@@ -228,10 +227,6 @@ nsSiteSecurityService::Init()
"security.cert_pinning.max_max_age_seconds", kSixtyDaysInSeconds);
mozilla::Preferences::AddStrongObserver(this,
"security.cert_pinning.max_max_age_seconds");
- mUsePreloadList = mozilla::Preferences::GetBool(
- "network.stricttransportsecurity.preloadlist", true);
- mozilla::Preferences::AddStrongObserver(this,
- "network.stricttransportsecurity.preloadlist");
mHPKPEnabled = mozilla::Preferences::GetBool(
"security.cert_pinning.hpkp.enabled", false);
mozilla::Preferences::AddStrongObserver(this,
@@ -1247,8 +1242,6 @@ nsSiteSecurityService::Observe(nsISupports *subject,
}
if (strcmp(topic, NS_PREFBRANCH_PREFCHANGE_TOPIC_ID) == 0) {
- mUsePreloadList = mozilla::Preferences::GetBool(
- "network.stricttransportsecurity.preloadlist", true);
mUseStsService = mozilla::Preferences::GetBool(
"network.stricttransportsecurity.enabled", true);
mPreloadListTimeOffset =
diff --git a/security/manager/ssl/nsSiteSecurityService.h b/security/manager/ssl/nsSiteSecurityService.h
index b7e66503be..3cc428e2ef 100644
--- a/security/manager/ssl/nsSiteSecurityService.h
+++ b/security/manager/ssl/nsSiteSecurityService.h
@@ -145,7 +145,6 @@ private:
bool aIsPreload);
uint64_t mMaxMaxAge;
- bool mUsePreloadList;
bool mUseStsService;
int64_t mPreloadListTimeOffset;
bool mHPKPEnabled;