зеркало из https://github.com/mozilla/gecko-dev.git
a841102f18
As Chrome has removed support for the HPKP (HTTP Public Key Pinning) header, continuing to support it in Firefox is a compatibility risk. This patch adds the preference "security.cert_pinning.hpkp.enabled" and sets it to false by default. As such, the platform will no longer process the HPKP header nor consult any cached HPKP information for certificate pins. Preloaded (statically-compiled) pins are still enabled in Firefox by default. This patch also disables dynamically setting pins via our remote security settings infrastructure, as it uses the same backend and represents similar compatibility risk. Differential Revision: https://phabricator.services.mozilla.com/D52773 --HG-- extra : moz-landing-system : lando |
||
|---|---|---|
| .. | ||
| apps | ||
| certverifier | ||
| ct | ||
| mac/hardenedruntime | ||
| manager | ||
| nss | ||
| sandbox | ||
| .eslintrc.js | ||
| generate_certdata.py | ||
| generate_mapfile.py | ||
| moz.build | ||
| nss.symbols | ||