Issue #1498 - Part 3: Remove support for storing "knockout" values.

author: wolfbeast <mcwerewolf@wolfbeast.com> 2020-03-27 15:07:34 +0100
committer: wolfbeast <mcwerewolf@wolfbeast.com> 2020-03-27 15:07:34 +0100
commit: 9c4aef8675858dde7d48fb565dedf5699a83e570 (patch)
tree: 9c8a503e19f4db230a8e0dddce90675c32f0a70f /security
parent: e54e59827f3b20cffbca503de5af7869039a55b2 (diff)
download: UXP-9c4aef8675858dde7d48fb565dedf5699a83e570.tar
UXP-9c4aef8675858dde7d48fb565dedf5699a83e570.tar.gz
UXP-9c4aef8675858dde7d48fb565dedf5699a83e570.tar.lz
UXP-9c4aef8675858dde7d48fb565dedf5699a83e570.tar.xz
UXP-9c4aef8675858dde7d48fb565dedf5699a83e570.zip
2 files changed, 4 insertions, 10 deletions
diff --git a/security/manager/ssl/nsISiteSecurityService.idl b/security/manager/ssl/nsISiteSecurityService.idl
index b61577152..6b2e47d38 100644
--- a/security/manager/ssl/nsISiteSecurityService.idl
+++ b/security/manager/ssl/nsISiteSecurityService.idl
@@ -106,13 +106,10 @@ interface nsISiteSecurityService : nsISupports
      * @param aURI    the URI of the target host
      * @param aFlags  options for this request as defined in nsISocketProvider:
      *                  NO_PERMANENT_STORAGE
-     * @param force   if set, forces no-HSTS state by writing a knockout value,
-     *                overriding any preload list state
      */
     void removeState(in uint32_t aType,
                      in nsIURI aURI,
-                     in uint32_t aFlags,
-                     [optional] in boolean force);
+                     in uint32_t aFlags);
 
     /**
      * See isSecureURI
diff --git a/security/manager/ssl/nsSiteSecurityService.cpp b/security/manager/ssl/nsSiteSecurityService.cpp
index 922202527..ab2a3dd0b 100644
--- a/security/manager/ssl/nsSiteSecurityService.cpp
+++ b/security/manager/ssl/nsSiteSecurityService.cpp
@@ -326,11 +326,9 @@ nsSiteSecurityService::SetHSTSState(uint32_t aType,
     return NS_OK;
   }
 
-  // If max-age is zero, the host is no longer considered HSTS. If the host was
-  // preloaded, we store an entry indicating that this host is not HSTS, causing
-  // the preloaded information to be ignored.
+  // If max-age is zero, the host is no longer considered HSTS.
   if (maxage == 0) {
-    return RemoveState(aType, aSourceURI, flags, true);
+    return RemoveState(aType, aSourceURI, flags);
   }
 
   MOZ_ASSERT((aHSTSState == SecurityPropertySet ||
@@ -358,8 +356,7 @@ nsSiteSecurityService::SetHSTSState(uint32_t aType,
 }
 
 NS_IMETHODIMP
-nsSiteSecurityService::RemoveState(uint32_t aType, nsIURI* aURI,
-                                   uint32_t aFlags, bool force = false)
+nsSiteSecurityService::RemoveState(uint32_t aType, nsIURI* aURI, uint32_t aFlags)
 {
    // Child processes are not allowed direct access to this.
    if (!XRE_IsParentProcess()) {
author	wolfbeast <mcwerewolf@wolfbeast.com>	2020-03-27 15:07:34 +0100
committer	wolfbeast <mcwerewolf@wolfbeast.com>	2020-03-27 15:07:34 +0100
commit	9c4aef8675858dde7d48fb565dedf5699a83e570 (patch)
tree	9c8a503e19f4db230a8e0dddce90675c32f0a70f /security
parent	e54e59827f3b20cffbca503de5af7869039a55b2 (diff)
download	UXP-9c4aef8675858dde7d48fb565dedf5699a83e570.tar UXP-9c4aef8675858dde7d48fb565dedf5699a83e570.tar.gz UXP-9c4aef8675858dde7d48fb565dedf5699a83e570.tar.lz UXP-9c4aef8675858dde7d48fb565dedf5699a83e570.tar.xz UXP-9c4aef8675858dde7d48fb565dedf5699a83e570.zip