Bug 1374443 - Decrease HSTS priming timeout to 2s r?ckerschb
MozReview-Commit-ID: 7brYAUXwHvE
--- a/modules/libpref/init/all.js
+++ b/modules/libpref/init/all.js
@@ -5649,19 +5649,19 @@ pref("security.mixed_content.use_hsts",
#else
// Change the order of evaluation so HSTS upgrades happen before
// mixed-content blocking
pref("security.mixed_content.send_hsts_priming", true);
pref("security.mixed_content.use_hsts", true);
#endif
// Approximately 1 week default cache for HSTS priming failures, in seconds
pref("security.mixed_content.hsts_priming_cache_timeout", 604800);
-// Force the channel to timeout in 3 seconds if we have not received
+// Force the channel to timeout in 2 seconds if we have not received
// expects a time in milliseconds
-pref("security.mixed_content.hsts_priming_request_timeout", 3000);
+pref("security.mixed_content.hsts_priming_request_timeout", 2000);
// TODO: Bug 1324406: Treat 'data:' documents as unique, opaque origins
// If true, data: URIs will be treated as unique opaque origins, hence will use
// a NullPrincipal as the security context.
// Otherwise it will inherit the origin from parent node, this is the legacy
// behavior of Firefox.
pref("security.data_uri.unique_opaque_origin", false);
--- a/netwerk/protocol/http/HSTSPrimerListener.cpp
+++ b/netwerk/protocol/http/HSTSPrimerListener.cpp
@@ -26,18 +26,19 @@ namespace mozilla {
namespace net {
using namespace mozilla;
NS_IMPL_ISUPPORTS(HSTSPrimingListener, nsIStreamListener,
nsIRequestObserver, nsIInterfaceRequestor,
nsITimerCallback)
-// default to 3000ms, same as the preference
-uint32_t HSTSPrimingListener::sHSTSPrimingTimeout = 3000;
+// default to 2000ms, same as the preference
+// security.mixed_content.hsts_priming_request_timeout
+uint32_t HSTSPrimingListener::sHSTSPrimingTimeout = 2000;
HSTSPrimingListener::HSTSPrimingListener(nsIHstsPrimingCallback* aCallback)
: mCallback(aCallback)
{
static nsresult rv =
Preferences::AddUintVarCache(&sHSTSPrimingTimeout,
"security.mixed_content.hsts_priming_request_timeout");
--- a/security/manager/ssl/security-prefs.js
+++ b/security/manager/ssl/security-prefs.js
@@ -132,11 +132,11 @@ pref("security.mixed_content.use_hsts",
#else
// Change the order of evaluation so HSTS upgrades happen before
// mixed-content blocking
pref("security.mixed_content.send_hsts_priming", true);
pref("security.mixed_content.use_hsts", true);
#endif
// Approximately 1 week default cache for HSTS priming failures, in seconds
pref ("security.mixed_content.hsts_priming_cache_timeout", 604800);
-// Force the channel to timeout in 3 seconds if we have not received
+// Force the channel to timeout in 2 seconds if we have not received
// expects a time in milliseconds
-pref ("security.mixed_content.hsts_priming_request_timeout", 3000);
+pref ("security.mixed_content.hsts_priming_request_timeout", 2000);