diff options
-rw-r--r-- | application/basilisk/app/profile/basilisk.js | 3 | ||||
-rw-r--r-- | application/palemoon/components/preferences/security.xul | 8 | ||||
-rw-r--r-- | application/palemoon/locales/en-US/chrome/browser/preferences/security.dtd | 2 | ||||
-rw-r--r-- | modules/libpref/init/all.js | 3 | ||||
-rw-r--r-- | netwerk/protocol/http/nsHttpChannel.cpp | 9 | ||||
-rw-r--r-- | netwerk/protocol/http/nsHttpChannel.h | 4 |
6 files changed, 2 insertions, 27 deletions
diff --git a/application/basilisk/app/profile/basilisk.js b/application/basilisk/app/profile/basilisk.js index c326698de..eeec29eb9 100644 --- a/application/basilisk/app/profile/basilisk.js +++ b/application/basilisk/app/profile/basilisk.js @@ -580,9 +580,6 @@ pref("network.captive-portal-service.enabled", true); // If true, network link events will change the value of navigator.onLine pref("network.manage-offline-status", true); -// Enable opportunistic encryption by default -pref("network.http.opportunistic-encryption", true); - // We want to make sure mail URLs are handled externally... pref("network.protocol-handler.external.mailto", true); // for mail pref("network.protocol-handler.external.news", true); // for news diff --git a/application/palemoon/components/preferences/security.xul b/application/palemoon/components/preferences/security.xul index d9c3dd55d..d3d321b16 100644 --- a/application/palemoon/components/preferences/security.xul +++ b/application/palemoon/components/preferences/security.xul @@ -49,10 +49,6 @@ <preference id="security.cert_pinning.enforcement_level" name="security.cert_pinning.enforcement_level" type="int"/> - - <preference id="network.http.opportunistic-encryption" - name="network.http.opportunistic-encryption" - type="bool"/> <!-- XSS Filter --> <!-- @@ -148,10 +144,6 @@ oncommand="gSecurityPane.updateHPKPPref();"/> </vbox> </groupbox> - - <checkbox id="enableOpEnc" - label="&enableOpEnc.label;" - preference="network.http.opportunistic-encryption" /> <!-- XSS Filter --> <!-- diff --git a/application/palemoon/locales/en-US/chrome/browser/preferences/security.dtd b/application/palemoon/locales/en-US/chrome/browser/preferences/security.dtd index d88c55dc5..2bd3b3aec 100644 --- a/application/palemoon/locales/en-US/chrome/browser/preferences/security.dtd +++ b/application/palemoon/locales/en-US/chrome/browser/preferences/security.dtd @@ -40,8 +40,6 @@ <!ENTITY enableHPKP.label "Enable Certificate Key Pinning (HPKP)"> <!ENTITY enableHPKP.accesskey "C"> -<!ENTITY enableOpEnc.label "Enable Opportunistic Encryption"> - <!ENTITY XSSFilt.label "XSS Filter"> <!ENTITY enableXSSFilt.label "Enable XSS filter"> <!ENTITY enableXSSFilt.accesskey "f"> diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js index 8dbbefb6e..d64357e05 100644 --- a/modules/libpref/init/all.js +++ b/modules/libpref/init/all.js @@ -1374,9 +1374,6 @@ pref("network.tickle-wifi.delay", 16); // Turn off interprocess security checks. Needed to run xpcshell tests. pref("network.disable.ipc.security", false); -// Send upgrade-insecure-requests HTTP header? -pref("network.http.opportunistic-encryption", false); - // Default action for unlisted external protocol handlers pref("network.protocol-handler.external-default", true); // OK to load pref("network.protocol-handler.warn-external-default", true); // warn before load diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp index cfc2ee261..bb0b3ca77 100644 --- a/netwerk/protocol/http/nsHttpChannel.cpp +++ b/netwerk/protocol/http/nsHttpChannel.cpp @@ -313,15 +313,11 @@ nsHttpChannel::nsHttpChannel() , mPushedStream(nullptr) , mLocalBlocklist(false) , mWarningReporter(nullptr) - , mSendUpgradeRequest(false) , mDidReval(false) { LOG(("Creating nsHttpChannel [this=%p]\n", this)); mChannelCreationTime = PR_Now(); mChannelCreationTimestamp = TimeStamp::Now(); - - mSendUpgradeRequest = - Preferences::GetBool("network.http.opportunistic-encryption", false); } nsHttpChannel::~nsHttpChannel() @@ -381,9 +377,8 @@ nsHttpChannel::Connect() mLoadInfo->GetExternalContentPolicyType() : nsIContentPolicy::TYPE_OTHER; - if (mSendUpgradeRequest && - (type == nsIContentPolicy::TYPE_DOCUMENT || - type == nsIContentPolicy::TYPE_SUBDOCUMENT)) { + if (type == nsIContentPolicy::TYPE_DOCUMENT || + type == nsIContentPolicy::TYPE_SUBDOCUMENT) { rv = SetRequestHeader(NS_LITERAL_CSTRING("Upgrade-Insecure-Requests"), NS_LITERAL_CSTRING("1"), false); NS_ENSURE_SUCCESS(rv, rv); diff --git a/netwerk/protocol/http/nsHttpChannel.h b/netwerk/protocol/http/nsHttpChannel.h index 152cf1503..2e24d6e81 100644 --- a/netwerk/protocol/http/nsHttpChannel.h +++ b/netwerk/protocol/http/nsHttpChannel.h @@ -597,10 +597,6 @@ private: HttpChannelSecurityWarningReporter* mWarningReporter; RefPtr<ADivertableParentChannel> mParentChannel; - - // Whether we send opportunistic encryption requests. - bool mSendUpgradeRequest; - protected: virtual void DoNotifyListenerCleanup() override; |