diff options
| author | wolfbeast <mcwerewolf@wolfbeast.com> | 2019-11-14 12:13:54 +0100 |
|---|---|---|
| committer | wolfbeast <mcwerewolf@wolfbeast.com> | 2019-11-14 12:13:54 +0100 |
| commit | 0a8dff525669a5f974e29bf03daba744b2d84e47 (patch) | |
| tree | 280dd3616fbf74f767082f882b07bcac9dd790bf /netwerk/base | |
| parent | c3144281b5c83b5e7c8657a563e45dc08d491e4a (diff) | |
| download | UXP-0a8dff525669a5f974e29bf03daba744b2d84e47.tar UXP-0a8dff525669a5f974e29bf03daba744b2d84e47.tar.gz UXP-0a8dff525669a5f974e29bf03daba744b2d84e47.tar.lz UXP-0a8dff525669a5f974e29bf03daba744b2d84e47.tar.xz UXP-0a8dff525669a5f974e29bf03daba744b2d84e47.zip | |
Issue #1289 - Part 1: Add a pref to disable HPKP header processing.
Diffstat (limited to 'netwerk/base')
| -rw-r--r-- | netwerk/base/security-prefs.js | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/netwerk/base/security-prefs.js b/netwerk/base/security-prefs.js index ef78ddccb..702315d43 100644 --- a/netwerk/base/security-prefs.js +++ b/netwerk/base/security-prefs.js @@ -132,6 +132,14 @@ pref("security.cert_pinning.process_headers_from_non_builtin_roots", false); // blacking themselves out by setting a bad pin. (60 days by default) // https://tools.ietf.org/html/rfc7469#section-4.1 pref("security.cert_pinning.max_max_age_seconds", 5184000); +// Controls whether or not HPKP (the HTTP Public Key Pinning header) is enabled. +// If true, the header is processed and collected HPKP information is consulted +// when looking for pinning information. +// If false, the header is not processed and collected HPKP information is not +// consulted when looking for pinning information. Preloaded pins are not +// affected by this preference. +// Default: false +pref("security.cert_pinning.hpkp.enabled", false); // If a request is mixed-content, send an HSTS priming request to attempt to // see if it is available over HTTPS. |