From f75e1a465d9cfc9abdd8cae6b0b7dc32c3865670 Mon Sep 17 00:00:00 2001 From: wolfbeast Date: Tue, 29 May 2018 17:27:27 +0200 Subject: Fix sec pref locations and enable HPKP checking by default. Some prefs were incorrectly in all.js (ocsp and hpkp) --- modules/libpref/init/all.js | 10 ---------- 1 file changed, 10 deletions(-) (limited to 'modules') diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js index 18e23ff2eb..16ab85485c 100644 --- a/modules/libpref/init/all.js +++ b/modules/libpref/init/all.js @@ -2158,19 +2158,9 @@ pref("security.block_script_with_wrong_mime", true); // Block images of wrong MIME for XCTO: nosniff. pref("security.xcto_nosniff_block_images", false); -// OCSP must-staple -pref("security.ssl.enable_ocsp_must_staple", true); - // Insecure Form Field Warning pref("security.insecure_field_warning.contextual.enabled", false); -// Disable pinning checks by default. -pref("security.cert_pinning.enforcement_level", 0); -// Do not process hpkp headers rooted by not built in roots by default. -// This is to prevent accidental pinning from MITM devices and is used -// for tests. -pref("security.cert_pinning.process_headers_from_non_builtin_roots", false); - // If set to true, allow view-source URIs to be opened from URIs that share // their protocol with the inner URI of the view-source URI pref("security.view-source.reachable-from-inner-protocol", false); -- cgit v1.2.3