#863 part 2: Make opportunistic encryption opt-in for UXP

This exposes the new pref and also sets the Alt-Svc pref for OE to false.
Basilisk gets a default opt-in for both to stay close to Firefox.

2 files changed, 8 insertions, 1 deletions

diff --git a/application/basilisk/app/profile/basilisk.js b/application/basilisk/app/profile/basilisk.js
index eeec29eb9..cff5f599f 100644
--- a/application/basilisk/app/profile/basilisk.js
+++ b/application/basilisk/app/profile/basilisk.js
@@ -580,6 +580,10 @@ pref("network.captive-portal-service.enabled", true);
 // If true, network link events will change the value of navigator.onLine
 pref("network.manage-offline-status", true);
 
+// Enable opportunistic encryption by default
+pref("network.http.altsvc.oe", true);
+pref("network.http.upgrade-insecure-requests", true);
+
 // We want to make sure mail URLs are handled externally...
 pref("network.protocol-handler.external.mailto", true); // for mail
 pref("network.protocol-handler.external.news", true);   // for news
diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js
index d64357e05..378745ea4 100644
--- a/modules/libpref/init/all.js
+++ b/modules/libpref/init/all.js
@@ -1593,7 +1593,10 @@ pref("network.http.spdy.default-hpack-buffer", 65536); // 64k
 // alt-svc allows separation of transport routing from
 // the origin host without using a proxy.
 pref("network.http.altsvc.enabled", true);
-pref("network.http.altsvc.oe", true);
+// Opportunistic encryption use of alt-svc
+pref("network.http.altsvc.oe", false);
+// Send upgrade-insecure-requests HTTP header?
+pref("network.http.upgrade-insecure-requests", false);
 
 pref("network.http.diagnostics", false);