From 1f9ab3a6e6e3f1e79b482c0540c98859bbc71350 Mon Sep 17 00:00:00 2001 From: wolfbeast Date: Fri, 18 Jan 2019 22:43:29 +0100 Subject: Remove NS_IMPL_CYCLE_COLLECTION_TRAVERSE_SCRIPT_OBJECTS --- netwerk/base/nsUDPSocket.cpp | 1 - 1 file changed, 1 deletion(-) (limited to 'netwerk/base') diff --git a/netwerk/base/nsUDPSocket.cpp b/netwerk/base/nsUDPSocket.cpp index 06ecbf9ee..8b6a81bf5 100644 --- a/netwerk/base/nsUDPSocket.cpp +++ b/netwerk/base/nsUDPSocket.cpp @@ -172,7 +172,6 @@ NS_IMPL_CYCLE_COLLECTION_TRACE_BEGIN(nsUDPMessage) NS_IMPL_CYCLE_COLLECTION_TRACE_END NS_IMPL_CYCLE_COLLECTION_TRAVERSE_BEGIN(nsUDPMessage) - NS_IMPL_CYCLE_COLLECTION_TRAVERSE_SCRIPT_OBJECTS NS_IMPL_CYCLE_COLLECTION_TRAVERSE_END NS_IMPL_CYCLE_COLLECTION_UNLINK_BEGIN(nsUDPMessage) -- cgit v1.2.3 From 6567bb631a78033b6b4cc32bc93e07d837652276 Mon Sep 17 00:00:00 2001 From: wolfbeast Date: Thu, 7 Feb 2019 12:58:13 +0100 Subject: Never let "localhost" get sent to a proxy. Also make "No proxy for" editable always when usable. --- netwerk/base/nsProtocolProxyService.cpp | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'netwerk/base') diff --git a/netwerk/base/nsProtocolProxyService.cpp b/netwerk/base/nsProtocolProxyService.cpp index 26eca0e88..237a2a3bd 100644 --- a/netwerk/base/nsProtocolProxyService.cpp +++ b/netwerk/base/nsProtocolProxyService.cpp @@ -1841,6 +1841,13 @@ nsProtocolProxyService::Resolve_Internal(nsIChannel *channel, if (mPACMan && mPACMan->IsPACURI(uri)) return NS_OK; + // If proxies are enabled and this host:port combo is supposed to use a + // proxy, check for a proxy. + if ((mProxyConfig == PROXYCONFIG_DIRECT) || + !CanUseProxy(uri, info.defaultPort)) { + return NS_OK; + } + bool mainThreadOnly; if (mSystemProxySettings && mProxyConfig == PROXYCONFIG_SYSTEM && -- cgit v1.2.3 From 8beab28bfff78ccefc8677c5bdddd6f60c544600 Mon Sep 17 00:00:00 2001 From: wolfbeast Date: Sun, 10 Feb 2019 08:51:40 +0100 Subject: Expose TLS 1.3 cipher suite prefs. --- netwerk/base/security-prefs.js | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'netwerk/base') diff --git a/netwerk/base/security-prefs.js b/netwerk/base/security-prefs.js index 7d63267a6..ea0b2236d 100644 --- a/netwerk/base/security-prefs.js +++ b/netwerk/base/security-prefs.js @@ -17,6 +17,11 @@ pref("security.ssl.false_start.require-npn", false); pref("security.ssl.enable_npn", true); pref("security.ssl.enable_alpn", true); +// TLS 1.3 cipher suites +pref("security.tls13.aes_128_gcm_sha256", true); +pref("security.tls13.chacha20_poly1305_sha256", true); +pref("security.tls13.aes_256_gcm_sha384", true); + // TLS 1.0-1.2 cipher suites pref("security.ssl3.ecdhe_rsa_aes_128_gcm_sha256", true); pref("security.ssl3.ecdhe_ecdsa_aes_128_gcm_sha256", true); @@ -36,11 +41,14 @@ pref("security.ssl3.rsa_camellia_128_sha", true); pref("security.ssl3.rsa_camellia_256_sha", true); pref("security.ssl3.rsa_aes_128_sha", true); pref("security.ssl3.rsa_aes_256_sha", true); -// Weak / deprecated + +// Deprecated pref("security.ssl3.dhe_rsa_aes_256_sha", false); pref("security.ssl3.dhe_rsa_aes_128_sha", false); pref("security.ssl3.rsa_aes_128_gcm_sha256", false); pref("security.ssl3.rsa_aes_128_sha256", false); + +// Weak/broken (requires fallback_hosts) pref("security.ssl3.rsa_des_ede3_sha", false); pref("security.ssl3.rsa_rc4_128_sha", false); pref("security.ssl3.rsa_rc4_128_md5", false); -- cgit v1.2.3 From d791dfed61bbc963351e5965657a3b13d4e6dceb Mon Sep 17 00:00:00 2001 From: wolfbeast Date: Thu, 14 Mar 2019 13:07:00 +0100 Subject: Remove unused SSL errorReporting prefs Resolves #1003. --- netwerk/base/security-prefs.js | 4 ---- 1 file changed, 4 deletions(-) (limited to 'netwerk/base') diff --git a/netwerk/base/security-prefs.js b/netwerk/base/security-prefs.js index ea0b2236d..ef78ddccb 100644 --- a/netwerk/base/security-prefs.js +++ b/netwerk/base/security-prefs.js @@ -117,10 +117,6 @@ pref("security.webauth.u2f", false); pref("security.webauth.u2f_enable_softtoken", false); pref("security.webauth.u2f_enable_usbtoken", false); -pref("security.ssl.errorReporting.enabled", true); -pref("security.ssl.errorReporting.url", "https://incoming.telemetry.mozilla.org/submit/sslreports/"); -pref("security.ssl.errorReporting.automatic", false); - // OCSP must-staple pref("security.ssl.enable_ocsp_must_staple", true); -- cgit v1.2.3 From b9a8bca64d7a9ae1f950a953ac2985bf7dcc4eff Mon Sep 17 00:00:00 2001 From: wolfbeast Date: Mon, 1 Apr 2019 00:09:12 +0200 Subject: Remove some HPUX leftovers. Resolves #185 --- netwerk/base/nsStandardURL.h | 1 - 1 file changed, 1 deletion(-) (limited to 'netwerk/base') diff --git a/netwerk/base/nsStandardURL.h b/netwerk/base/nsStandardURL.h index 0ca345572..eba85528c 100644 --- a/netwerk/base/nsStandardURL.h +++ b/netwerk/base/nsStandardURL.h @@ -72,7 +72,6 @@ public: static void InitGlobalObjects(); static void ShutdownGlobalObjects(); -public: /* internal -- HPUX compiler can't handle this being private */ // // location and length of an url segment relative to mSpec // -- cgit v1.2.3