Backout opportunistic encryption changes.

Apparently there is some functional and naming confusion here.
Backing out to re-land after evaluation and possible changes.
Tag #863.

6 files changed, 2 insertions, 27 deletions

diff --git a/application/basilisk/app/profile/basilisk.js b/application/basilisk/app/profile/basilisk.js
index c326698de..eeec29eb9 100644
--- a/application/basilisk/app/profile/basilisk.js
+++ b/application/basilisk/app/profile/basilisk.js
@@ -580,9 +580,6 @@ pref("network.captive-portal-service.enabled", true);
 // If true, network link events will change the value of navigator.onLine
 pref("network.manage-offline-status", true);
 
-// Enable opportunistic encryption by default
-pref("network.http.opportunistic-encryption", true);
-
 // We want to make sure mail URLs are handled externally...
 pref("network.protocol-handler.external.mailto", true); // for mail
 pref("network.protocol-handler.external.news", true);   // for news
diff --git a/application/palemoon/components/preferences/security.xul b/application/palemoon/components/preferences/security.xul
index d9c3dd55d..d3d321b16 100644
--- a/application/palemoon/components/preferences/security.xul
+++ b/application/palemoon/components/preferences/security.xul
@@ -49,10 +49,6 @@
       <preference id="security.cert_pinning.enforcement_level"
                   name="security.cert_pinning.enforcement_level"
                   type="int"/>
-                  
-      <preference id="network.http.opportunistic-encryption"
-                  name="network.http.opportunistic-encryption"
-                  type="bool"/>
       
       <!-- XSS Filter -->
       <!--
@@ -148,10 +144,6 @@
                   oncommand="gSecurityPane.updateHPKPPref();"/>
       </vbox>
     </groupbox>
-    
-    <checkbox id="enableOpEnc"
-              label="&enableOpEnc.label;"
-              preference="network.http.opportunistic-encryption" />
 
     <!-- XSS Filter -->
     <!--
diff --git a/application/palemoon/locales/en-US/chrome/browser/preferences/security.dtd b/application/palemoon/locales/en-US/chrome/browser/preferences/security.dtd
index d88c55dc5..2bd3b3aec 100644
--- a/application/palemoon/locales/en-US/chrome/browser/preferences/security.dtd
+++ b/application/palemoon/locales/en-US/chrome/browser/preferences/security.dtd
@@ -40,8 +40,6 @@
 <!ENTITY  enableHPKP.label           "Enable Certificate Key Pinning (HPKP)">
 <!ENTITY  enableHPKP.accesskey       "C">
 
-<!ENTITY  enableOpEnc.label          "Enable Opportunistic Encryption">
-
 <!ENTITY  XSSFilt.label              "XSS Filter">
 <!ENTITY  enableXSSFilt.label        "Enable XSS filter">
 <!ENTITY  enableXSSFilt.accesskey    "f">
diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js
index 8dbbefb6e..d64357e05 100644
--- a/modules/libpref/init/all.js
+++ b/modules/libpref/init/all.js
@@ -1374,9 +1374,6 @@ pref("network.tickle-wifi.delay", 16);
 // Turn off interprocess security checks. Needed to run xpcshell tests.
 pref("network.disable.ipc.security", false);
 
-// Send upgrade-insecure-requests HTTP header?
-pref("network.http.opportunistic-encryption", false);
-
 // Default action for unlisted external protocol handlers
 pref("network.protocol-handler.external-default", true);      // OK to load
 pref("network.protocol-handler.warn-external-default", true); // warn before load
diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp
index cfc2ee261..bb0b3ca77 100644
--- a/netwerk/protocol/http/nsHttpChannel.cpp
+++ b/netwerk/protocol/http/nsHttpChannel.cpp
@@ -313,15 +313,11 @@ nsHttpChannel::nsHttpChannel()
     , mPushedStream(nullptr)
     , mLocalBlocklist(false)
     , mWarningReporter(nullptr)
-    , mSendUpgradeRequest(false)
     , mDidReval(false)
 {
     LOG(("Creating nsHttpChannel [this=%p]\n", this));
     mChannelCreationTime = PR_Now();
     mChannelCreationTimestamp = TimeStamp::Now();
-    
-    mSendUpgradeRequest = 
-      Preferences::GetBool("network.http.opportunistic-encryption", false);
 }
 
 nsHttpChannel::~nsHttpChannel()
@@ -381,9 +377,8 @@ nsHttpChannel::Connect()
                                mLoadInfo->GetExternalContentPolicyType() :
                                nsIContentPolicy::TYPE_OTHER;
 
-    if (mSendUpgradeRequest &&
-        (type == nsIContentPolicy::TYPE_DOCUMENT ||
-         type == nsIContentPolicy::TYPE_SUBDOCUMENT)) {
+    if (type == nsIContentPolicy::TYPE_DOCUMENT ||
+        type == nsIContentPolicy::TYPE_SUBDOCUMENT) {
         rv = SetRequestHeader(NS_LITERAL_CSTRING("Upgrade-Insecure-Requests"),
                               NS_LITERAL_CSTRING("1"), false);
         NS_ENSURE_SUCCESS(rv, rv);
diff --git a/netwerk/protocol/http/nsHttpChannel.h b/netwerk/protocol/http/nsHttpChannel.h
index 152cf1503..2e24d6e81 100644
--- a/netwerk/protocol/http/nsHttpChannel.h
+++ b/netwerk/protocol/http/nsHttpChannel.h
@@ -597,10 +597,6 @@ private:
     HttpChannelSecurityWarningReporter* mWarningReporter;
 
     RefPtr<ADivertableParentChannel> mParentChannel;
-    
-    // Whether we send opportunistic encryption requests.
-    bool mSendUpgradeRequest;
-
 protected:
     virtual void DoNotifyListenerCleanup() override;