Backout opportunistic encryption changes.

Apparently there is some functional and naming confusion here. Backing out to re-land after evaluation and possible changes. Tag #863.
2026-05-26 13:58:49 +00:00 · 2018-11-04 23:39:37 +01:00
parent 58b93e265b
commit e53942ffe8
6 changed files with 2 additions and 27 deletions
@@ -580,9 +580,6 @@ pref("network.captive-portal-service.enabled", true);
 // If true, network link events will change the value of navigator.onLine
 pref("network.manage-offline-status", true);

-// Enable opportunistic encryption by default
-pref("network.http.opportunistic-encryption", true);
-
 // We want to make sure mail URLs are handled externally...
 pref("network.protocol-handler.external.mailto", true); // for mail
 pref("network.protocol-handler.external.news", true);   // for news
@@ -49,10 +49,6 @@
      <preference id="security.cert_pinning.enforcement_level"
                  name="security.cert_pinning.enforcement_level"
                  type="int"/>
-                  
-      <preference id="network.http.opportunistic-encryption"
-                  name="network.http.opportunistic-encryption"
-                  type="bool"/>
      
      <!-- XSS Filter -->
      <!--
@@ -148,10 +144,6 @@
                  oncommand="gSecurityPane.updateHPKPPref();"/>
      </vbox>
    </groupbox>
-    
-    <checkbox id="enableOpEnc"
-              label="&enableOpEnc.label;"
-              preference="network.http.opportunistic-encryption" />

    <!-- XSS Filter -->
    <!--
@@ -40,8 +40,6 @@
 <!ENTITY  enableHPKP.label           "Enable Certificate Key Pinning (HPKP)">
 <!ENTITY  enableHPKP.accesskey       "C">

-<!ENTITY  enableOpEnc.label          "Enable Opportunistic Encryption">
-
 <!ENTITY  XSSFilt.label              "XSS Filter">
 <!ENTITY  enableXSSFilt.label        "Enable XSS filter">
 <!ENTITY  enableXSSFilt.accesskey    "f">
@@ -1374,9 +1374,6 @@ pref("network.tickle-wifi.delay", 16);
 // Turn off interprocess security checks. Needed to run xpcshell tests.
 pref("network.disable.ipc.security", false);

-// Send upgrade-insecure-requests HTTP header?
-pref("network.http.opportunistic-encryption", false);
-
 // Default action for unlisted external protocol handlers
 pref("network.protocol-handler.external-default", true);      // OK to load
 pref("network.protocol-handler.warn-external-default", true); // warn before load
@@ -313,15 +313,11 @@ nsHttpChannel::nsHttpChannel()
    , mPushedStream(nullptr)
    , mLocalBlocklist(false)
    , mWarningReporter(nullptr)
-    , mSendUpgradeRequest(false)
    , mDidReval(false)
 {
    LOG(("Creating nsHttpChannel [this=%p]\n", this));
    mChannelCreationTime = PR_Now();
    mChannelCreationTimestamp = TimeStamp::Now();
-    
-    mSendUpgradeRequest = 
-      Preferences::GetBool("network.http.opportunistic-encryption", false);
 }

 nsHttpChannel::~nsHttpChannel()
@@ -381,9 +377,8 @@ nsHttpChannel::Connect()
                               mLoadInfo->GetExternalContentPolicyType() :
                               nsIContentPolicy::TYPE_OTHER;

-    if (mSendUpgradeRequest &&
-        (type == nsIContentPolicy::TYPE_DOCUMENT ||
-         type == nsIContentPolicy::TYPE_SUBDOCUMENT)) {
+    if (type == nsIContentPolicy::TYPE_DOCUMENT ||
+        type == nsIContentPolicy::TYPE_SUBDOCUMENT) {
        rv = SetRequestHeader(NS_LITERAL_CSTRING("Upgrade-Insecure-Requests"),
                              NS_LITERAL_CSTRING("1"), false);
        NS_ENSURE_SUCCESS(rv, rv);
@@ -597,10 +597,6 @@ private:
    HttpChannelSecurityWarningReporter* mWarningReporter;

    RefPtr<ADivertableParentChannel> mParentChannel;
-    
-    // Whether we send opportunistic encryption requests.
-    bool mSendUpgradeRequest;
-
 protected:
    virtual void DoNotifyListenerCleanup() override;