mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
gecko-dev/security/manager/ssl/security-prefs.js

142 строки
6.1 KiB
JavaScript
Исходник Обычный вид История

Bug 716478 - update licence to MPL 2.
2012-05-21 15:12:37 +04:00
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
Bug 1076983 - Disabling SSL 3.0 with pref
2014-10-15 04:17:35 +04:00
pref("security.tls.version.min", 1);
Bug 1310516 - Enable TLS 1.3, r=keeler MozReview-Commit-ID: FrI7fZBIn2w --HG-- extra : rebase_source : 2884d9df4210903a87aa6bb496aae9a3f2b3a683
2016-11-04 06:46:02 +03:00
pref("security.tls.version.max", 4);
Bug 1084025 - Disable insecure version fallback. r=dkeeler
2014-12-09 01:19:04 +03:00
pref("security.tls.version.fallback-limit", 3);
Bug 1128227 - Add a static TLS insecure fallback whitelist. r=keeler
2015-02-07 07:03:23 +03:00
pref("security.tls.insecure_fallback_hosts", "");
Bug 1264578 - NSS support for http with TLS 1.3. r=keeler --HG-- extra : rebase_source : 26b322f6d6f8e0160087c5214024dc9cccd328f9
2016-08-19 12:01:00 +03:00
pref("security.tls.enable_0rtt_data", false);
Bug 1201024 - Disable unrestricted RC4 fallback and add RC4-only servers to the fallback whitelist. r=cykesiopka
2015-09-03 15:50:52 +03:00
Bug 535649 - Implement UI around CVE-2009-3555 and draft-rescorla-tls-renegotiation, r=rrelyea == NSS 3.12.6 will block some renegotiation attempts on SSL sockets by default == This patch does not yet implement new UI by default, but adds 4 new prefs to get fine grained control (blocking/allowing, displaying broken state) == One of the prefs is a temporary pref that is supposed to go away at some point in the future
2010-02-07 15:09:51 +03:00
pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
pref("security.ssl.require_safe_negotiation", false);
bug 700693 - OCSP stapling PSM changes r=bsmith
2013-06-18 03:45:49 +04:00
pref("security.ssl.enable_ocsp_stapling", true);
Bug 942729, Part 1: Re-enable TLS False Start, r=mcmanus --HG-- extra : rebase_source : 9908b1cbc3a30e9868739a10a705de8dbf30c5e1
2013-11-21 01:49:33 +04:00
pref("security.ssl.enable_false_start", true);
Bug 1047594 - Enable http2 and alpn by default r=mcmanus r=dkeeler a=kwierso
2014-08-08 02:53:09 +04:00
pref("security.ssl.enable_alpn", true);
Bug 535649 - Implement UI around CVE-2009-3555 and draft-rescorla-tls-renegotiation, r=rrelyea == NSS 3.12.6 will block some renegotiation attempts on SSL sockets by default == This patch does not yet implement new UI by default, but adds 4 new prefs to get fine grained control (blocking/allowing, displaying broken state) == One of the prefs is a temporary pref that is supposed to go away at some point in the future
2010-02-07 15:09:51 +03:00
Bug 937789: Display SSL/TLS cipher suite prefs in about:config again, r=briansmith --HG-- extra : rebase_source : 552f45bd2d854e047b53a90588be91d0d859b2da
2013-12-04 08:00:37 +04:00
pref("security.ssl3.ecdhe_rsa_aes_128_gcm_sha256", true);
pref("security.ssl3.ecdhe_ecdsa_aes_128_gcm_sha256", true);
Bug 1247860 - Enable ChaCha20/Poly1305 cipher suites r=emk,keeler
2016-02-26 14:37:19 +03:00
pref("security.ssl3.ecdhe_ecdsa_chacha20_poly1305_sha256", true);
pref("security.ssl3.ecdhe_rsa_chacha20_poly1305_sha256", true);
Bug 975832 - Enable AES-256 variants of the AES-128 GCM cipher suites we have already enabled. r=keeler
2016-06-04 02:19:29 +03:00
pref("security.ssl3.ecdhe_ecdsa_aes_256_gcm_sha384", true);
pref("security.ssl3.ecdhe_rsa_aes_256_gcm_sha384", true);
Bug 937789: Display SSL/TLS cipher suite prefs in about:config again, r=briansmith --HG-- extra : rebase_source : 552f45bd2d854e047b53a90588be91d0d859b2da
2013-12-04 08:00:37 +04:00
pref("security.ssl3.ecdhe_rsa_aes_128_sha", true);
pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", true);
pref("security.ssl3.ecdhe_rsa_aes_256_sha", true);
pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", true);
pref("security.ssl3.dhe_rsa_aes_128_sha", true);
pref("security.ssl3.dhe_rsa_aes_256_sha", true);
pref("security.ssl3.rsa_aes_128_sha", true);
pref("security.ssl3.rsa_aes_256_sha", true);
pref("security.ssl3.rsa_des_ede3_sha", true);
Bug 1264675 - Add content signature root hash to security preferences r=keeler,r=ulfr MozReview-Commit-ID: 256b3zC6h1K
2016-04-15 14:04:14 +03:00
pref("security.content.signature.root_hash",
"97:E8:BA:9C:F1:2F:B3:DE:53:CC:42:A4:E6:57:7E:D6:4D:F4:93:C2:47:B4:14:FE:A0:36:81:8D:38:23:56:0E");
bug 295922 change default for "select cert automatically", r/sr=biesi, blocking1.9+
2008-03-07 13:52:21 +03:00
pref("security.default_personal_cert", "Ask Every Time");
Bug 431819, IMAP/POP/SMTP/LDAP with SSL client auth, Thunderbird repeatedly prompts for client certificate (applies to firefox with SSL client auth, too) r=relyea for an earlier patch that was checked in to mozilla-1.8.x more than a year ago r=honzab on the diff on top of that earlier patch a=beltzner for landing on restricted trunk
2009-05-21 02:21:51 +04:00
pref("security.remember_cert_checkbox_default_setting", true);
Moving files out of security/base at request of security team. The new home for these files is in netwerk. Bug 53648. r=scc. a=gagan,brendan.
2000-09-22 08:42:20 +04:00
pref("security.ask_for_password", 0);
pref("security.password_lifetime", 30);
Relanding Necko Changes. Revising nsIChannel to allow for overlapped i/o. This consists of three parts: 1. Factoring nsIChannel into a protocol specific part, the nsIChannel, and a socket specific, the nsITransport. 2. Derive the nsIChannel from a nsIRequest. 2. Changes the notification system from necko and the URILoader to pass the nsIRequest interface instead of nsIChannel interface. This goal stems from wanting to be able to have active AsyncRead and AsyncWrite operations on nsSocketTransport. This is desired because it would greatly simplify the task of maintaining persistent/reusable socket connections for FTP, HTTP, and Imap (and potentially other protocols). The problem with the existing nsIChannel interface is that it does not allow one to selectively suspend just one of the read or write operations while keeping the other active. r=darin@netscape.com sr=rpotts@netscape.com
2001-02-21 23:38:08 +03:00
bug 1282871 - import the Family Safety root by default when applicable r=mgoodwin Enabling this feature should make https sites work in Firefox on Windows 8.1 for user accounts where Microsoft Family Safety features have been enabled (whereas previously Firefox would show a connection untrusted error page). MozReview-Commit-ID: JH5Gn9lCYDA --HG-- extra : rebase_source : 755c498471fe581456384b1bf7b187fe46d66b97
2016-06-29 00:18:26 +03:00
// The supported values of this pref are:
// 0: disable detecting Family Safety mode and importing the root
// 1: only attempt to detect Family Safety mode (don't import the root)
// 2: detect Family Safety mode and import the root
// (This is only relevant to Windows 8.1)
pref("security.family_safety.mode", 2);
bug 1298883 - make security.enterprise_roots.enabled appear in about:config r=jcj This pref controls whether or not the platform looks for and trusts enterprise roots (currently only available on Windows). Adding it to security-prefs.js will make it appear in about:config, which is a much more straightforward user experience (previously users would have to add it manually). It is still disabled by default. MozReview-Commit-ID: 6pQkh2gTNTF --HG-- extra : rebase_source : 5479492f3a9f802d1fc02c6d3fdc3d54c81f8fe9
2016-11-16 00:52:26 +03:00
pref("security.enterprise_roots.enabled", false);
bug 1366100 - disable OCSP fetching for DV certificates in nightly r=jaws,jcj After this change, the platform will only fetch OCSP responses for EV certificates (in nightly). MozReview-Commit-ID: 3d9kzCYmnsa --HG-- extra : rebase_source : e0cbbf6615e1ba813461dd13350f40ae7e0fbc07
2017-05-24 03:07:51 +03:00
// The supported values of this pref are:
// 0: do not fetch OCSP
// 1: fetch OCSP for DV and EV certificates
// 2: fetch OCSP only for EV certificates
#ifdef RELEASE_OR_BETA
Bug 110161, enable OCSP by defaultr=cbiesinger, sr=mconnor
2007-06-05 23:27:42 +04:00
pref("security.OCSP.enabled", 1);
bug 1366100 - disable OCSP fetching for DV certificates in nightly r=jaws,jcj After this change, the platform will only fetch OCSP responses for EV certificates (in nightly). MozReview-Commit-ID: 3d9kzCYmnsa --HG-- extra : rebase_source : e0cbbf6615e1ba813461dd13350f40ae7e0fbc07
2017-05-24 03:07:51 +03:00
#else
pref("security.OCSP.enabled", 2);
#endif
Bug 110161. Code related to the plan to enable OCSP by default.r=rrelyea, toolkit r=mconnor
2007-05-31 03:13:28 +04:00
pref("security.OCSP.require", false);
Bug 932176: Add preference to control whether OCSP GET is used, off by default, r=cviecco --HG-- extra : rebase_source : 7cbc273155d04bc64a110eda9216c6f727ce0c18
2013-10-25 01:32:09 +04:00
pref("security.OCSP.GET.enabled", false);
bug 1361201 - decrease OCSP soft timeout to 1 second on prerelease builds r=jcj MozReview-Commit-ID: ENYyG8ZeXYe --HG-- extra : rebase_source : 5c30b914a39a2dce89190c7d5db703952408aae3
2017-05-02 03:05:31 +03:00
#ifdef RELEASE_OR_BETA
bug 1352262 - make OCSP timeout values configurable r=Cykesiopka,jcj The default OCSP timeout for soft-fail DV is still 2 seconds. This patch makes it configurable on the interval (0, 5] seconds. The default OCSP timeout for EV and hard-fail DV is still 10 seconds. This patch makes it configurable on the interval (0, 20] seconds. MozReview-Commit-ID: CPd8pwYrJhj --HG-- extra : rebase_source : 45bd7d06ea013f0a776ea18be9408dedb18271d8
2017-04-01 01:21:40 +03:00
pref("security.OCSP.timeoutMilliseconds.soft", 2000);
bug 1361201 - decrease OCSP soft timeout to 1 second on prerelease builds r=jcj MozReview-Commit-ID: ENYyG8ZeXYe --HG-- extra : rebase_source : 5c30b914a39a2dce89190c7d5db703952408aae3
2017-05-02 03:05:31 +03:00
#else
pref("security.OCSP.timeoutMilliseconds.soft", 1000);
#endif
bug 1352262 - make OCSP timeout values configurable r=Cykesiopka,jcj The default OCSP timeout for soft-fail DV is still 2 seconds. This patch makes it configurable on the interval (0, 5] seconds. The default OCSP timeout for EV and hard-fail DV is still 10 seconds. This patch makes it configurable on the interval (0, 20] seconds. MozReview-Commit-ID: CPd8pwYrJhj --HG-- extra : rebase_source : 45bd7d06ea013f0a776ea18be9408dedb18271d8
2017-04-01 01:21:40 +03:00
pref("security.OCSP.timeoutMilliseconds.hard", 10000);
Bug 846489 - Part 2 - create NetError UI, implement report send functionality. r=felipc@gmail.com
2014-10-30 14:52:00 +03:00
Bug 1228451 - Set short-lived cert lifetime to the max OCSP response lifetime. r=keeler --HG-- extra : commitid : LMpRTyagmR3 extra : rebase_source : 3fe739c7d448b4a587a31eded6e7cd2cf4334afe
2015-12-01 01:05:07 +03:00
pref("security.pki.cert_short_lifetime_in_days", 10);
bug 1254667 - change certificate verification SHA1 policy to "allow for locally-installed roots" r=jcj Before this patch, the default policy for the use of SHA1 in certificate signatures was "allow all" due to compatibility concerns. After gathering telemetry, we are confident that we can enforce the policy of "allow for locally-installed roots" (or certificates valid before 2016) without too much breakage. MozReview-Commit-ID: 8GxtgdbaS3P --HG-- extra : rebase_source : d1bed911f2d5d40229ea06556fee0848668e98b6
2016-03-28 22:52:40 +03:00
// NB: Changes to this pref affect CERT_CHAIN_SHA1_POLICY_STATUS telemetry.
// See the comment in CertVerifier.cpp.
bug 1330043 - disable SHA-1 in signatures on certificates issued by publicly-trusted roots r=jcj Unfortunately, this doesn't cover delegated OCSP responder certificates. While gathering telemetry on the use of SHA-1, we encountered bug 1183822 (basically, that the method of gathering telemetry was causing OCSP verification failures due to delegated responders signed with SHA-1). As a temporary solution, we changed the verifier to always allow SHA-1 for OCSP certificates when verifying an OCSP response. Consequently, we now have no idea what the compatibility impact of disabling SHA-1 in OCSP responder certificates will be, so it's probably not a good idea to do that right now. Even if someone does manage to forge an OCSP responder certificate using a SHA-1 collision, they will have about as much power as an active network attacker blocking OCSP requests or injecting bad stapled OCSP responses, so this isn't a disaster. MozReview-Commit-ID: 10r23W1APiR --HG-- extra : rebase_source : dc003c4812677c40882506b1b6b1e1f68d7e6e92
2017-01-11 01:48:30 +03:00
// 3 = only allow SHA-1 for certificates issued by an imported root.
pref("security.pki.sha1_enforcement_level", 3);
Bug 1228451 - Set short-lived cert lifetime to the max OCSP response lifetime. r=keeler --HG-- extra : commitid : LMpRTyagmR3 extra : rebase_source : 3fe739c7d448b4a587a31eded6e7cd2cf4334afe
2015-12-01 01:05:07 +03:00
bug 1245280 - add policy mechanism to optionally enforce BRs for falling back to subject CN r=Cykesiopka,mgoodwin MozReview-Commit-ID: 7xT6JGpOH1g --HG-- extra : rebase_source : 0def29e8be898a2d975ee4390b3bc6a193766b1b
2016-02-09 21:14:27 +03:00
// security.pki.name_matching_mode controls how the platform matches hostnames
// to name information in TLS certificates. The possible values are:
// 0: always fall back to the subject common name if necessary (as in, if the
// subject alternative name extension is either not present or does not
// contain any DNS names or IP addresses)
// 1: fall back to the subject common name for certificates valid before 23
// August 2016 if necessary
bug 1267463 - add a more nuanced subject common name fallback option for prerelease channels r=Cykesiopka,jcj MozReview-Commit-ID: 1vHXrPAHTRm --HG-- extra : rebase_source : dddd8ae973d1d793890bbfc44d9fe84ef4a47ee2
2016-04-26 01:55:18 +03:00
// 2: fall back to the subject common name for certificates valid before 23
// August 2015 if necessary
// 3: only use name information from the subject alternative name extension
Bug 1304829 - rename RELEASE_BUILD to RELEASE_OR_BETA: main part. r=ted,Mossop MozReview-Commit-ID: 1lCt0xTMV5O
2016-10-08 12:14:49 +03:00
#ifdef RELEASE_OR_BETA
bug 1245280 - add policy mechanism to optionally enforce BRs for falling back to subject CN r=Cykesiopka,mgoodwin MozReview-Commit-ID: 7xT6JGpOH1g --HG-- extra : rebase_source : 0def29e8be898a2d975ee4390b3bc6a193766b1b
2016-02-09 21:14:27 +03:00
pref("security.pki.name_matching_mode", 1);
#else
pref("security.pki.name_matching_mode", 2);
#endif
bug 982932 - only allow Netscape-stepUp to be used for serverAuth for old CA certificates r=Cykesiopka,jcj MozReview-Commit-ID: 88JhIU1pUji --HG-- rename : security/manager/ssl/tests/unit/test_cert_eku/ee-int-nsSGC.pem.certspec => security/manager/ssl/tests/unit/test_cert_eku/ee-int-nsSGC-recent.pem.certspec rename : security/manager/ssl/tests/unit/test_cert_eku/int-nsSGC.pem.certspec => security/manager/ssl/tests/unit/test_cert_eku/int-nsSGC-recent.pem.certspec extra : rebase_source : 2f6251679a6f31cccb6d88bb51c567de9cc9bc76
2016-05-06 02:11:11 +03:00
// security.pki.netscape_step_up_policy controls how the platform handles the
// id-Netscape-stepUp OID in extended key usage extensions of CA certificates.
// 0: id-Netscape-stepUp is always considered equivalent to id-kp-serverAuth
// 1: it is considered equivalent when the notBefore is before 23 August 2016
// 2: similarly, but for 23 August 2015
// 3: it is never considered equivalent
Bug 1304829 - rename RELEASE_BUILD to RELEASE_OR_BETA: main part. r=ted,Mossop MozReview-Commit-ID: 1lCt0xTMV5O
2016-10-08 12:14:49 +03:00
#ifdef RELEASE_OR_BETA
bug 982932 - only allow Netscape-stepUp to be used for serverAuth for old CA certificates r=Cykesiopka,jcj MozReview-Commit-ID: 88JhIU1pUji --HG-- rename : security/manager/ssl/tests/unit/test_cert_eku/ee-int-nsSGC.pem.certspec => security/manager/ssl/tests/unit/test_cert_eku/ee-int-nsSGC-recent.pem.certspec rename : security/manager/ssl/tests/unit/test_cert_eku/int-nsSGC.pem.certspec => security/manager/ssl/tests/unit/test_cert_eku/int-nsSGC-recent.pem.certspec extra : rebase_source : 2f6251679a6f31cccb6d88bb51c567de9cc9bc76
2016-05-06 02:11:11 +03:00
pref("security.pki.netscape_step_up_policy", 1);
#else
pref("security.pki.netscape_step_up_policy", 2);
#endif
Bug 1293231 - Certificate Transparency - basic telemetry reports; r=Cykesiopka,keeler MozReview-Commit-ID: EGvuZADObJo --HG-- extra : rebase_source : 9a059c9f8e2fdf9bfc693b0b5649808b1beeb67b
2016-08-11 13:41:50 +03:00
// Configures Certificate Transparency support mode:
// 0: Fully disabled.
// 1: Only collect telemetry. CT qualification checks are not performed.
bug 1353216 - disable certificate transparency processing for performance concerns r=jcj MozReview-Commit-ID: 2k7FwC5RCWC --HG-- extra : rebase_source : 00abdf845929f247bdbb1007a94928f18f8194f4
2017-04-12 20:13:29 +03:00
pref("security.pki.certificate_transparency.mode", 0);
Bug 1293231 - Certificate Transparency - basic telemetry reports; r=Cykesiopka,keeler MozReview-Commit-ID: EGvuZADObJo --HG-- extra : rebase_source : 9a059c9f8e2fdf9bfc693b0b5649808b1beeb67b
2016-08-11 13:41:50 +03:00
Bug 1231681 - "Implement window.u2f interface". r=baku, r=dkeeler
2016-02-09 18:43:00 +03:00
pref("security.webauth.u2f", false);
Bug 1244960 - Complete FIDO u2f NSSToken (Part 1). r=keeler, r=baku - Merge in test changes from Bug 1255784. - Remove the unnecessary mutex - Stop doing direct memory work in NSS Token - Clean up direct memory work in ContentParent - In order to store persistent crypto parameters, the NSSToken had to move onto the main thread and be interfaced with via IDL/IPDL. - Support Register/Sign via NSS using a long-lived secret key - Rename the softtoken/usbtoken "enable" prefs, because of hierarchy issues with the WebIDL Pref shadowing. - Also orders the includes on nsNSSModule.cpp - Attestation Certificates are in Part 2. Updates per keeler review comments: - Use //-style comments everywhere - Refactor the PrivateKeyFromKeyHandle method - Rename the logging and fix extraneous NS_WARN_IF/logging combinations - Other updates from review April 11-12: - Correct usage of the "usageCount" flag for PK11_UnwrapPrivKey - Rebase up to latest April 15: - Rebase to latest MozReview-Commit-ID: 6T8jNmwFvHJ --HG-- extra : transplant_source : w%26%CES%2Cu%04%3EAl%04%2Cb%E2v%C9%08%3A%CC%F4
2016-04-15 19:29:12 +03:00
pref("security.webauth.u2f_enable_softtoken", false);
pref("security.webauth.u2f_enable_usbtoken", false);
Bug 1330138 - Differentiate prefs for u2f and webauthn apis; r=jcj r=baku MozReview-Commit-ID: EUpleNqjFKQ
2017-01-12 01:09:03 +03:00
pref("security.webauth.webauthn", false);
pref("security.webauth.webauthn_enable_softtoken", false);
pref("security.webauth.webauthn_enable_usbtoken", false);
Bug 1231681 - "Implement window.u2f interface". r=baku, r=dkeeler
2016-02-09 18:43:00 +03:00
Bug 846489 - Part 2 - create NetError UI, implement report send functionality. r=felipc@gmail.com
2014-10-30 14:52:00 +03:00
pref("security.ssl.errorReporting.enabled", true);
Bug 1120377 - Update preferences so TLS error reports are POSTed to the new data pipeline. r=keeler MozReview-Commit-ID: K1xZp4RQjEo
2016-06-14 17:56:41 +03:00
pref("security.ssl.errorReporting.url", "https://incoming.telemetry.mozilla.org/submit/sslreports/");
Bug 846489 - Part 2 - create NetError UI, implement report send functionality. r=felipc@gmail.com
2014-10-30 14:52:00 +03:00
pref("security.ssl.errorReporting.automatic", false);
Bug 1285052 - Enforce a maximum max-age for HPKP r=keeler MozReview-Commit-ID: 1LD02GkqzTe --HG-- extra : rebase_source : 127c9dd479b6a48e72da378a4df357a1bba1e6f3
2016-07-07 02:16:29 +03:00
// Impose a maximum age on HPKP headers, to avoid sites getting permanently
// blacking themselves out by setting a bad pin. (60 days by default)
// https://tools.ietf.org/html/rfc7469#section-4.1
pref("security.cert_pinning.max_max_age_seconds", 5184000);
Bug 1246540 - HSTS Priming Proof of Concept. r=ckerschb, r=mayhemer, r=jld, r=smaug, r=dkeeler, r=jmaher, p=ally HSTS priming changes the order of mixed-content blocking and HSTS upgrades, and adds a priming request to check if a mixed-content load is accesible over HTTPS and the server supports upgrading via the Strict-Transport-Security header. Every call site that uses AsyncOpen2 passes through the mixed-content blocker, and has a LoadInfo. If the mixed-content blocker marks the load as needing HSTS priming, nsHttpChannel will build and send an HSTS priming request on the same URI with the scheme upgraded to HTTPS. If the server allows the upgrade, then channel performs an internal redirect to the HTTPS URI, otherwise use the result of mixed-content blocker to allow or block the load. nsISiteSecurityService adds an optional boolean out parameter to determine if the HSTS state is already cached for negative assertions. If the host has been probed within the previous 24 hours, no HSTS priming check will be sent. MozReview-Commit-ID: ES1JruCtDdX --HG-- extra : rebase_source : 2ac6c93c49f2862fc0b9e595eb0598cd1ea4bedf
2016-09-27 18:27:00 +03:00
Bug 1335134 - pref security.mixed_content.send_hsts_priming to false r=mayhemer MozReview-Commit-ID: DKPmIrEhyo0 --HG-- extra : rebase_source : 3023ae737d7013eab3b149c320e3f1072fb19e88
2017-01-30 22:28:51 +03:00
// HSTS Priming
Bug 1246540 - HSTS Priming Proof of Concept. r=ckerschb, r=mayhemer, r=jld, r=smaug, r=dkeeler, r=jmaher, p=ally HSTS priming changes the order of mixed-content blocking and HSTS upgrades, and adds a priming request to check if a mixed-content load is accesible over HTTPS and the server supports upgrading via the Strict-Transport-Security header. Every call site that uses AsyncOpen2 passes through the mixed-content blocker, and has a LoadInfo. If the mixed-content blocker marks the load as needing HSTS priming, nsHttpChannel will build and send an HSTS priming request on the same URI with the scheme upgraded to HTTPS. If the server allows the upgrade, then channel performs an internal redirect to the HTTPS URI, otherwise use the result of mixed-content blocker to allow or block the load. nsISiteSecurityService adds an optional boolean out parameter to determine if the HSTS state is already cached for negative assertions. If the host has been probed within the previous 24 hours, no HSTS priming check will be sent. MozReview-Commit-ID: ES1JruCtDdX --HG-- extra : rebase_source : 2ac6c93c49f2862fc0b9e595eb0598cd1ea4bedf
2016-09-27 18:27:00 +03:00
// If a request is mixed-content, send an HSTS priming request to attempt to
// see if it is available over HTTPS.
Bug 1335134 - pref security.mixed_content.send_hsts_priming to false r=mayhemer MozReview-Commit-ID: DKPmIrEhyo0 --HG-- extra : rebase_source : 3023ae737d7013eab3b149c320e3f1072fb19e88
2017-01-30 22:28:51 +03:00
// Don't change the order of evaluation of mixed-content and HSTS upgrades in
Bug 1385035 - Turn on HSTS priming in EARLY_BETA_OR_EARLIER. r=ckerschb MozReview-Commit-ID: CnLY4HC3Eb4
2017-07-27 18:51:00 +03:00
// order to be most compatible with current standards in Release
Bug 1335134 - pref security.mixed_content.send_hsts_priming to false r=mayhemer MozReview-Commit-ID: DKPmIrEhyo0 --HG-- extra : rebase_source : 3023ae737d7013eab3b149c320e3f1072fb19e88
2017-01-30 22:28:51 +03:00
pref("security.mixed_content.send_hsts_priming", false);
Bug 1246540 - HSTS Priming Proof of Concept. r=ckerschb, r=mayhemer, r=jld, r=smaug, r=dkeeler, r=jmaher, p=ally HSTS priming changes the order of mixed-content blocking and HSTS upgrades, and adds a priming request to check if a mixed-content load is accesible over HTTPS and the server supports upgrading via the Strict-Transport-Security header. Every call site that uses AsyncOpen2 passes through the mixed-content blocker, and has a LoadInfo. If the mixed-content blocker marks the load as needing HSTS priming, nsHttpChannel will build and send an HSTS priming request on the same URI with the scheme upgraded to HTTPS. If the server allows the upgrade, then channel performs an internal redirect to the HTTPS URI, otherwise use the result of mixed-content blocker to allow or block the load. nsISiteSecurityService adds an optional boolean out parameter to determine if the HSTS state is already cached for negative assertions. If the host has been probed within the previous 24 hours, no HSTS priming check will be sent. MozReview-Commit-ID: ES1JruCtDdX --HG-- extra : rebase_source : 2ac6c93c49f2862fc0b9e595eb0598cd1ea4bedf
2016-09-27 18:27:00 +03:00
pref("security.mixed_content.use_hsts", false);
Bug 1385035 - Turn on HSTS priming in EARLY_BETA_OR_EARLIER. r=ckerschb MozReview-Commit-ID: CnLY4HC3Eb4
2017-07-27 18:51:00 +03:00
#ifdef EARLY_BETA_OR_EARLIER
Bug 1246540 - HSTS Priming Proof of Concept. r=ckerschb, r=mayhemer, r=jld, r=smaug, r=dkeeler, r=jmaher, p=ally HSTS priming changes the order of mixed-content blocking and HSTS upgrades, and adds a priming request to check if a mixed-content load is accesible over HTTPS and the server supports upgrading via the Strict-Transport-Security header. Every call site that uses AsyncOpen2 passes through the mixed-content blocker, and has a LoadInfo. If the mixed-content blocker marks the load as needing HSTS priming, nsHttpChannel will build and send an HSTS priming request on the same URI with the scheme upgraded to HTTPS. If the server allows the upgrade, then channel performs an internal redirect to the HTTPS URI, otherwise use the result of mixed-content blocker to allow or block the load. nsISiteSecurityService adds an optional boolean out parameter to determine if the HSTS state is already cached for negative assertions. If the host has been probed within the previous 24 hours, no HSTS priming check will be sent. MozReview-Commit-ID: ES1JruCtDdX --HG-- extra : rebase_source : 2ac6c93c49f2862fc0b9e595eb0598cd1ea4bedf
2016-09-27 18:27:00 +03:00
// Change the order of evaluation so HSTS upgrades happen before
// mixed-content blocking
Bug 1335134 - pref security.mixed_content.send_hsts_priming to false r=mayhemer MozReview-Commit-ID: DKPmIrEhyo0 --HG-- extra : rebase_source : 3023ae737d7013eab3b149c320e3f1072fb19e88
2017-01-30 22:28:51 +03:00
pref("security.mixed_content.send_hsts_priming", true);
Bug 1246540 - HSTS Priming Proof of Concept. r=ckerschb, r=mayhemer, r=jld, r=smaug, r=dkeeler, r=jmaher, p=ally HSTS priming changes the order of mixed-content blocking and HSTS upgrades, and adds a priming request to check if a mixed-content load is accesible over HTTPS and the server supports upgrading via the Strict-Transport-Security header. Every call site that uses AsyncOpen2 passes through the mixed-content blocker, and has a LoadInfo. If the mixed-content blocker marks the load as needing HSTS priming, nsHttpChannel will build and send an HSTS priming request on the same URI with the scheme upgraded to HTTPS. If the server allows the upgrade, then channel performs an internal redirect to the HTTPS URI, otherwise use the result of mixed-content blocker to allow or block the load. nsISiteSecurityService adds an optional boolean out parameter to determine if the HSTS state is already cached for negative assertions. If the host has been probed within the previous 24 hours, no HSTS priming check will be sent. MozReview-Commit-ID: ES1JruCtDdX --HG-- extra : rebase_source : 2ac6c93c49f2862fc0b9e595eb0598cd1ea4bedf
2016-09-27 18:27:00 +03:00
pref("security.mixed_content.use_hsts", true);
#endif
Bug 1335134 - pref security.mixed_content.send_hsts_priming to false r=mayhemer MozReview-Commit-ID: DKPmIrEhyo0 --HG-- extra : rebase_source : 3023ae737d7013eab3b149c320e3f1072fb19e88
2017-01-30 22:28:51 +03:00
// Approximately 1 week default cache for HSTS priming failures, in seconds
Bug 1339669 - Update security.mixed_content.hsts_priming_cache_timeout default r=mayhemer MozReview-Commit-ID: CNFrPUyrdO8 --HG-- extra : rebase_source : 858da20cf65369ede5908b07921dfba501956b84
2017-02-16 04:48:59 +03:00
pref ("security.mixed_content.hsts_priming_cache_timeout", 604800);
Bug 1374443 - Decrease HSTS priming timeout to 2s r=ckerschb MozReview-Commit-ID: 7brYAUXwHvE --HG-- extra : rebase_source : 4ef6f27cc855b828ac742f2990dc12668bd910aa
2017-06-20 00:35:27 +03:00
// Force the channel to timeout in 2 seconds if we have not received
Bug 1335134 - pref security.mixed_content.send_hsts_priming to false r=mayhemer MozReview-Commit-ID: DKPmIrEhyo0 --HG-- extra : rebase_source : 3023ae737d7013eab3b149c320e3f1072fb19e88
2017-01-30 22:28:51 +03:00
// expects a time in milliseconds
Bug 1374443 - Decrease HSTS priming timeout to 2s r=ckerschb MozReview-Commit-ID: 7brYAUXwHvE --HG-- extra : rebase_source : 4ef6f27cc855b828ac742f2990dc12668bd910aa
2017-06-20 00:35:27 +03:00
pref ("security.mixed_content.hsts_priming_request_timeout", 2000);