summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--application/basilisk/app/profile/basilisk.js3
-rw-r--r--application/palemoon/components/preferences/security.xul8
-rw-r--r--application/palemoon/locales/en-US/chrome/browser/preferences/security.dtd2
-rw-r--r--modules/libpref/init/all.js3
-rw-r--r--netwerk/protocol/http/nsHttpChannel.cpp9
-rw-r--r--netwerk/protocol/http/nsHttpChannel.h4
6 files changed, 2 insertions, 27 deletions
diff --git a/application/basilisk/app/profile/basilisk.js b/application/basilisk/app/profile/basilisk.js
index c326698ded..eeec29eb90 100644
--- a/application/basilisk/app/profile/basilisk.js
+++ b/application/basilisk/app/profile/basilisk.js
@@ -580,9 +580,6 @@ pref("network.captive-portal-service.enabled", true);
// If true, network link events will change the value of navigator.onLine
pref("network.manage-offline-status", true);
-// Enable opportunistic encryption by default
-pref("network.http.opportunistic-encryption", true);
-
// We want to make sure mail URLs are handled externally...
pref("network.protocol-handler.external.mailto", true); // for mail
pref("network.protocol-handler.external.news", true); // for news
diff --git a/application/palemoon/components/preferences/security.xul b/application/palemoon/components/preferences/security.xul
index d9c3dd55da..d3d321b16c 100644
--- a/application/palemoon/components/preferences/security.xul
+++ b/application/palemoon/components/preferences/security.xul
@@ -49,10 +49,6 @@
<preference id="security.cert_pinning.enforcement_level"
name="security.cert_pinning.enforcement_level"
type="int"/>
-
- <preference id="network.http.opportunistic-encryption"
- name="network.http.opportunistic-encryption"
- type="bool"/>
<!-- XSS Filter -->
<!--
@@ -148,10 +144,6 @@
oncommand="gSecurityPane.updateHPKPPref();"/>
</vbox>
</groupbox>
-
- <checkbox id="enableOpEnc"
- label="&enableOpEnc.label;"
- preference="network.http.opportunistic-encryption" />
<!-- XSS Filter -->
<!--
diff --git a/application/palemoon/locales/en-US/chrome/browser/preferences/security.dtd b/application/palemoon/locales/en-US/chrome/browser/preferences/security.dtd
index d88c55dc59..2bd3b3aecf 100644
--- a/application/palemoon/locales/en-US/chrome/browser/preferences/security.dtd
+++ b/application/palemoon/locales/en-US/chrome/browser/preferences/security.dtd
@@ -40,8 +40,6 @@
<!ENTITY enableHPKP.label "Enable Certificate Key Pinning (HPKP)">
<!ENTITY enableHPKP.accesskey "C">
-<!ENTITY enableOpEnc.label "Enable Opportunistic Encryption">
-
<!ENTITY XSSFilt.label "XSS Filter">
<!ENTITY enableXSSFilt.label "Enable XSS filter">
<!ENTITY enableXSSFilt.accesskey "f">
diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js
index 8dbbefb6e9..d64357e057 100644
--- a/modules/libpref/init/all.js
+++ b/modules/libpref/init/all.js
@@ -1374,9 +1374,6 @@ pref("network.tickle-wifi.delay", 16);
// Turn off interprocess security checks. Needed to run xpcshell tests.
pref("network.disable.ipc.security", false);
-// Send upgrade-insecure-requests HTTP header?
-pref("network.http.opportunistic-encryption", false);
-
// Default action for unlisted external protocol handlers
pref("network.protocol-handler.external-default", true); // OK to load
pref("network.protocol-handler.warn-external-default", true); // warn before load
diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp
index cfc2ee2610..bb0b3ca774 100644
--- a/netwerk/protocol/http/nsHttpChannel.cpp
+++ b/netwerk/protocol/http/nsHttpChannel.cpp
@@ -313,15 +313,11 @@ nsHttpChannel::nsHttpChannel()
, mPushedStream(nullptr)
, mLocalBlocklist(false)
, mWarningReporter(nullptr)
- , mSendUpgradeRequest(false)
, mDidReval(false)
{
LOG(("Creating nsHttpChannel [this=%p]\n", this));
mChannelCreationTime = PR_Now();
mChannelCreationTimestamp = TimeStamp::Now();
-
- mSendUpgradeRequest =
- Preferences::GetBool("network.http.opportunistic-encryption", false);
}
nsHttpChannel::~nsHttpChannel()
@@ -381,9 +377,8 @@ nsHttpChannel::Connect()
mLoadInfo->GetExternalContentPolicyType() :
nsIContentPolicy::TYPE_OTHER;
- if (mSendUpgradeRequest &&
- (type == nsIContentPolicy::TYPE_DOCUMENT ||
- type == nsIContentPolicy::TYPE_SUBDOCUMENT)) {
+ if (type == nsIContentPolicy::TYPE_DOCUMENT ||
+ type == nsIContentPolicy::TYPE_SUBDOCUMENT) {
rv = SetRequestHeader(NS_LITERAL_CSTRING("Upgrade-Insecure-Requests"),
NS_LITERAL_CSTRING("1"), false);
NS_ENSURE_SUCCESS(rv, rv);
diff --git a/netwerk/protocol/http/nsHttpChannel.h b/netwerk/protocol/http/nsHttpChannel.h
index 152cf1503d..2e24d6e81c 100644
--- a/netwerk/protocol/http/nsHttpChannel.h
+++ b/netwerk/protocol/http/nsHttpChannel.h
@@ -597,10 +597,6 @@ private:
HttpChannelSecurityWarningReporter* mWarningReporter;
RefPtr<ADivertableParentChannel> mParentChannel;
-
- // Whether we send opportunistic encryption requests.
- bool mSendUpgradeRequest;
-
protected:
virtual void DoNotifyListenerCleanup() override;