mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 1335134 - pref security.mixed_content.send_hsts_priming to false r=mayhemer 

MozReview-Commit-ID: DKPmIrEhyo0

--HG--
extra : rebase_source : 3023ae737d7013eab3b149c320e3f1072fb19e88
This commit is contained in:
Kate McKinley 2017-01-30 11:28:51 -08:00
Родитель 4c289030c1
Коммит 931d2ffa10
2 изменённых файлов: 12 добавлений и 3 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

3
modules/libpref/init/all.js
Просмотреть файл

@ -5544,14 +5544,15 @@ pref("layout.css.servo.enabled", true);
// HSTS Priming // HSTS Priming
// If a request is mixed-content, send an HSTS priming request to attempt to // If a request is mixed-content, send an HSTS priming request to attempt to
// see if it is available over HTTPS. // see if it is available over HTTPS.
pref("security.mixed_content.send_hsts_priming", true);
#ifdef RELEASE_OR_BETA #ifdef RELEASE_OR_BETA
// Don't change the order of evaluation of mixed-content and HSTS upgrades in // Don't change the order of evaluation of mixed-content and HSTS upgrades in
// order to be most compatible with current standards // order to be most compatible with current standards
pref("security.mixed_content.send_hsts_priming", false);
pref("security.mixed_content.use_hsts", false); pref("security.mixed_content.use_hsts", false);
#else #else
// Change the order of evaluation so HSTS upgrades happen before // Change the order of evaluation so HSTS upgrades happen before
// mixed-content blocking // mixed-content blocking
pref("security.mixed_content.send_hsts_priming", true);
pref("security.mixed_content.use_hsts", true); pref("security.mixed_content.use_hsts", true);
#endif #endif
// Approximately 1 week default cache for HSTS priming failures, in seconds // Approximately 1 week default cache for HSTS priming failures, in seconds

12
netwerk/base/security-prefs.js
Просмотреть файл

@ -107,14 +107,22 @@ pref("security.ssl.errorReporting.automatic", false);
// https://tools.ietf.org/html/rfc7469#section-4.1 // https://tools.ietf.org/html/rfc7469#section-4.1
pref("security.cert_pinning.max_max_age_seconds", 5184000); pref("security.cert_pinning.max_max_age_seconds", 5184000);
// HSTS Priming
// If a request is mixed-content, send an HSTS priming request to attempt to // If a request is mixed-content, send an HSTS priming request to attempt to
// see if it is available over HTTPS. // see if it is available over HTTPS.
pref("security.mixed_content.send_hsts_priming", true);
#ifdef RELEASE_OR_BETA #ifdef RELEASE_OR_BETA
// Don't change the order of evaluation of mixed-content and HSTS upgrades // Don't change the order of evaluation of mixed-content and HSTS upgrades in
// order to be most compatible with current standards
pref("security.mixed_content.send_hsts_priming", false);
pref("security.mixed_content.use_hsts", false); pref("security.mixed_content.use_hsts", false);
#else #else
// Change the order of evaluation so HSTS upgrades happen before // Change the order of evaluation so HSTS upgrades happen before
// mixed-content blocking // mixed-content blocking
pref("security.mixed_content.send_hsts_priming", true);
pref("security.mixed_content.use_hsts", true); pref("security.mixed_content.use_hsts", true);
#endif #endif
// Approximately 1 week default cache for HSTS priming failures, in seconds
pref ("security.mixed_content.hsts_priming_cache_timeout", 10080);
// Force the channel to timeout in 3 seconds if we have not received
// expects a time in milliseconds
pref ("security.mixed_content.hsts_priming_request_timeout", 3000);