From d58930d925e61cb23839d40ac384246d6e2d2332 Mon Sep 17 00:00:00 2001
From: wolfbeast <mcwerewolf@gmail.com>
Date: Tue, 29 May 2018 17:27:27 +0200
Subject: Fix sec pref locations and enable HPKP checking by default.

Some prefs were incorrectly in all.js (ocsp and hpkp)
---
 modules/libpref/init/all.js | 10 ----------
 1 file changed, 10 deletions(-)

(limited to 'modules/libpref')

diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js
index 18e23ff2eb..16ab85485c 100644
--- a/modules/libpref/init/all.js
+++ b/modules/libpref/init/all.js
@@ -2158,19 +2158,9 @@ pref("security.block_script_with_wrong_mime", true);
 // Block images of wrong MIME for XCTO: nosniff.
 pref("security.xcto_nosniff_block_images", false);
 
-// OCSP must-staple
-pref("security.ssl.enable_ocsp_must_staple", true);
-
 // Insecure Form Field Warning
 pref("security.insecure_field_warning.contextual.enabled", false);
 
-// Disable pinning checks by default.
-pref("security.cert_pinning.enforcement_level", 0);
-// Do not process hpkp headers rooted by not built in roots by default.
-// This is to prevent accidental pinning from MITM devices and is used
-// for tests.
-pref("security.cert_pinning.process_headers_from_non_builtin_roots", false);
-
 // If set to true, allow view-source URIs to be opened from URIs that share
 // their protocol with the inner URI of the view-source URI
 pref("security.view-source.reachable-from-inner-protocol", false);
-- 
cgit v1.2.3