summaryrefslogtreecommitdiffstats
path: root/modules
diff options
context:
space:
mode:
authorMoonchild <mcwerewolf@gmail.com>2018-05-30 12:47:56 +0200
committerGitHub <noreply@github.com>2018-05-30 12:47:56 +0200
commit9f6194d00034f0bd67d2b8c97fd26586d2a7a9ed (patch)
tree7512b05f873bcfe8d0f79c34370d0bebad70a07f /modules
parent6e8846622a79549542adaca58d741d9263daf686 (diff)
parentbd851735628cd6b07285e87fa60081e9d11a3b7e (diff)
downloadUXP-9f6194d00034f0bd67d2b8c97fd26586d2a7a9ed.tar
UXP-9f6194d00034f0bd67d2b8c97fd26586d2a7a9ed.tar.gz
UXP-9f6194d00034f0bd67d2b8c97fd26586d2a7a9ed.tar.lz
UXP-9f6194d00034f0bd67d2b8c97fd26586d2a7a9ed.tar.xz
UXP-9f6194d00034f0bd67d2b8c97fd26586d2a7a9ed.zip
Merge pull request #412 from g4jc/hsts_priming_removal_backport
Remove support and tests for HSTS priming from the tree. Fixes #384
Diffstat (limited to 'modules')
-rw-r--r--modules/libpref/init/all.js17
1 files changed, 0 insertions, 17 deletions
diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js
index 16ab85485..4fdc2676a 100644
--- a/modules/libpref/init/all.js
+++ b/modules/libpref/init/all.js
@@ -5437,23 +5437,6 @@ pref("media.block-autoplay-until-in-foreground", false);
pref("layout.css.servo.enabled", true);
#endif
-// HSTS Priming
-// If a request is mixed-content, send an HSTS priming request to attempt to
-// see if it is available over HTTPS.
-#ifdef RELEASE_OR_BETA
-// Don't change the order of evaluation of mixed-content and HSTS upgrades in
-// order to be most compatible with current standards
-pref("security.mixed_content.send_hsts_priming", false);
-pref("security.mixed_content.use_hsts", false);
-#else
-// Change the order of evaluation so HSTS upgrades happen before
-// mixed-content blocking
-pref("security.mixed_content.send_hsts_priming", true);
-pref("security.mixed_content.use_hsts", true);
-#endif
-// Approximately 1 week default cache for HSTS priming failures
-pref ("security.mixed_content.hsts_priming_cache_timeout", 10080);
-
// TODO: Bug 1380959: Block toplevel data: URI navigations
// If true, all toplevel data: URI navigations will be blocked.
// Please note that manually entering a data: URI in the