diff options
author | Moonchild <mcwerewolf@gmail.com> | 2018-05-30 12:47:56 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-05-30 12:47:56 +0200 |
commit | 0bc4fff184ecb1cff61dec0d450c4b7a0384a868 (patch) | |
tree | 7512b05f873bcfe8d0f79c34370d0bebad70a07f /modules | |
parent | 4eb5b2baa62773279fb594ac53c1d368432fa75e (diff) | |
parent | a66e6d874933612dc4682f1a834771d3ad240978 (diff) | |
download | uxp-0bc4fff184ecb1cff61dec0d450c4b7a0384a868.tar.gz |
Merge pull request #412 from g4jc/hsts_priming_removal_backport
Remove support and tests for HSTS priming from the tree. Fixes #384
Diffstat (limited to 'modules')
-rw-r--r-- | modules/libpref/init/all.js | 17 |
1 files changed, 0 insertions, 17 deletions
diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js index 16ab85485c..4fdc2676a7 100644 --- a/modules/libpref/init/all.js +++ b/modules/libpref/init/all.js @@ -5437,23 +5437,6 @@ pref("media.block-autoplay-until-in-foreground", false); pref("layout.css.servo.enabled", true); #endif -// HSTS Priming -// If a request is mixed-content, send an HSTS priming request to attempt to -// see if it is available over HTTPS. -#ifdef RELEASE_OR_BETA -// Don't change the order of evaluation of mixed-content and HSTS upgrades in -// order to be most compatible with current standards -pref("security.mixed_content.send_hsts_priming", false); -pref("security.mixed_content.use_hsts", false); -#else -// Change the order of evaluation so HSTS upgrades happen before -// mixed-content blocking -pref("security.mixed_content.send_hsts_priming", true); -pref("security.mixed_content.use_hsts", true); -#endif -// Approximately 1 week default cache for HSTS priming failures -pref ("security.mixed_content.hsts_priming_cache_timeout", 10080); - // TODO: Bug 1380959: Block toplevel data: URI navigations // If true, all toplevel data: URI navigations will be blocked. // Please note that manually entering a data: URI in the |