summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@wolfbeast.com>2020-03-27 23:27:07 +0100
committerwolfbeast <mcwerewolf@wolfbeast.com>2020-04-14 13:16:38 +0200
commita43537487366b4d5c8afce67d0b6e05b9be04dd7 (patch)
treed3cfdafdcf131bb956c9fad336a811630e9a5fd4
parent04cfc091daa555aa17b474d7a374f8fd52d71d28 (diff)
downloadUXP-a43537487366b4d5c8afce67d0b6e05b9be04dd7.tar
UXP-a43537487366b4d5c8afce67d0b6e05b9be04dd7.tar.gz
UXP-a43537487366b4d5c8afce67d0b6e05b9be04dd7.tar.lz
UXP-a43537487366b4d5c8afce67d0b6e05b9be04dd7.tar.xz
UXP-a43537487366b4d5c8afce67d0b6e05b9be04dd7.zip
Issue #1498 - Part 6: Remove STS preloadlist pref.
-rw-r--r--modules/libpref/init/all.js2
-rw-r--r--security/manager/ssl/nsSiteSecurityService.cpp7
-rw-r--r--security/manager/ssl/nsSiteSecurityService.h1
3 files changed, 0 insertions, 10 deletions
diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js
index d7aa8133f..172278d2e 100644
--- a/modules/libpref/init/all.js
+++ b/modules/libpref/init/all.js
@@ -2037,8 +2037,6 @@ pref("network.proxy.autoconfig_retry_interval_max", 300); // 5 minutes
// Master switch for HSTS usage (security <-> privacy tradeoff)
pref("network.stricttransportsecurity.enabled", true);
-// Use the HSTS preload list by default
-pref("network.stricttransportsecurity.preloadlist", true);
// Use JS mDNS as a fallback
pref("network.mdns.use_js_fallback", false);
diff --git a/security/manager/ssl/nsSiteSecurityService.cpp b/security/manager/ssl/nsSiteSecurityService.cpp
index 8617d00fe..f78be1bad 100644
--- a/security/manager/ssl/nsSiteSecurityService.cpp
+++ b/security/manager/ssl/nsSiteSecurityService.cpp
@@ -200,7 +200,6 @@ const uint64_t kSixtyDaysInSeconds = 60 * 24 * 60 * 60;
nsSiteSecurityService::nsSiteSecurityService()
: mMaxMaxAge(kSixtyDaysInSeconds)
- , mUsePreloadList(true)
, mUseStsService(true)
, mPreloadListTimeOffset(0)
, mHPKPEnabled(false)
@@ -228,10 +227,6 @@ nsSiteSecurityService::Init()
"security.cert_pinning.max_max_age_seconds", kSixtyDaysInSeconds);
mozilla::Preferences::AddStrongObserver(this,
"security.cert_pinning.max_max_age_seconds");
- mUsePreloadList = mozilla::Preferences::GetBool(
- "network.stricttransportsecurity.preloadlist", true);
- mozilla::Preferences::AddStrongObserver(this,
- "network.stricttransportsecurity.preloadlist");
mHPKPEnabled = mozilla::Preferences::GetBool(
"security.cert_pinning.hpkp.enabled", false);
mozilla::Preferences::AddStrongObserver(this,
@@ -1247,8 +1242,6 @@ nsSiteSecurityService::Observe(nsISupports *subject,
}
if (strcmp(topic, NS_PREFBRANCH_PREFCHANGE_TOPIC_ID) == 0) {
- mUsePreloadList = mozilla::Preferences::GetBool(
- "network.stricttransportsecurity.preloadlist", true);
mUseStsService = mozilla::Preferences::GetBool(
"network.stricttransportsecurity.enabled", true);
mPreloadListTimeOffset =
diff --git a/security/manager/ssl/nsSiteSecurityService.h b/security/manager/ssl/nsSiteSecurityService.h
index b7e66503b..3cc428e2e 100644
--- a/security/manager/ssl/nsSiteSecurityService.h
+++ b/security/manager/ssl/nsSiteSecurityService.h
@@ -145,7 +145,6 @@ private:
bool aIsPreload);
uint64_t mMaxMaxAge;
- bool mUsePreloadList;
bool mUseStsService;
int64_t mPreloadListTimeOffset;
bool mHPKPEnabled;