summaryrefslogtreecommitdiffstats
path: root/security/manager/ssl/nsIWeakCryptoOverride.idl
diff options
context:
space:
mode:
Diffstat (limited to 'security/manager/ssl/nsIWeakCryptoOverride.idl')
-rw-r--r--security/manager/ssl/nsIWeakCryptoOverride.idl45
1 files changed, 45 insertions, 0 deletions
diff --git a/security/manager/ssl/nsIWeakCryptoOverride.idl b/security/manager/ssl/nsIWeakCryptoOverride.idl
new file mode 100644
index 000000000..7e3aa663f
--- /dev/null
+++ b/security/manager/ssl/nsIWeakCryptoOverride.idl
@@ -0,0 +1,45 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "nsISupports.idl"
+
+%{C++
+#define NS_WEAKCRYPTOOVERRIDE_CONTRACTID "@mozilla.org/security/weakcryptooverride;1"
+%}
+
+/**
+ * This represents the fallback whitelist for
+ * weak crypto servers such as RC4-only.
+ */
+[scriptable, uuid(27b4d3df-8f15-4eb4-a35f-474e911b61e7)]
+interface nsIWeakCryptoOverride : nsISupports {
+ /**
+ * Add a weak crypto override for the given hostname.
+ * Main thread only.
+ *
+ * @param aHostName The host (punycode) this mapping belongs to
+ * @param aPrivate The override info will used for the private browsing
+ * session and no information will be written to the disk.
+ * @param aTemporary The override info will not persist between sessions.
+ * Ignored if aPrivate is true.
+ */
+ void addWeakCryptoOverride(in ACString aHostName,
+ in boolean aPrivate,
+ [optional] in boolean aTemporary);
+
+ /**
+ * Remove a weak crypto override for the given hostname:port.
+ * Main thread only.
+ *
+ * @param aHostName The host (punycode) whose entry should be cleared.
+ * @param aPort The port whose entry should be cleared.
+ * @param aPrivate The override info will used for the private browsing
+ * session.
+ */
+ void removeWeakCryptoOverride(in ACString aHostName,
+ in int32_t aPort,
+ in boolean aPrivate);
+};