Bug 1374443 - Decrease HSTS priming timeout to 2s r=ckerschb
authorKate McKinley <kmckinley@mozilla.com>
Mon, 19 Jun 2017 14:35:27 -0700
changeset 365204 71ece2c1e68da6cf4949b57682c2700bab30edfb
parent 365203 81710b0b6ce3ca749a7b0924c8c57a723824f3d5
child 365205 d1baa480be093c42e0a204f7b57020918e77bf56
push id45209
push userkmckinley@mozilla.com
push dateWed, 21 Jun 2017 17:37:25 +0000
treeherderautoland@71ece2c1e68d [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersckerschb
bugs1374443
milestone56.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1374443 - Decrease HSTS priming timeout to 2s r=ckerschb MozReview-Commit-ID: 7brYAUXwHvE
modules/libpref/init/all.js
netwerk/protocol/http/HSTSPrimerListener.cpp
security/manager/ssl/security-prefs.js
--- a/modules/libpref/init/all.js
+++ b/modules/libpref/init/all.js
@@ -5650,19 +5650,19 @@ pref("security.mixed_content.use_hsts", 
 #else
 // Change the order of evaluation so HSTS upgrades happen before
 // mixed-content blocking
 pref("security.mixed_content.send_hsts_priming", true);
 pref("security.mixed_content.use_hsts", true);
 #endif
 // Approximately 1 week default cache for HSTS priming failures, in seconds
 pref("security.mixed_content.hsts_priming_cache_timeout", 604800);
-// Force the channel to timeout in 3 seconds if we have not received
+// Force the channel to timeout in 2 seconds if we have not received
 // expects a time in milliseconds
-pref("security.mixed_content.hsts_priming_request_timeout", 3000);
+pref("security.mixed_content.hsts_priming_request_timeout", 2000);
 
 // TODO: Bug 1324406: Treat 'data:' documents as unique, opaque origins
 // If true, data: URIs will be treated as unique opaque origins, hence will use
 // a NullPrincipal as the security context.
 // Otherwise it will inherit the origin from parent node, this is the legacy
 // behavior of Firefox.
 pref("security.data_uri.unique_opaque_origin", false);
 
--- a/netwerk/protocol/http/HSTSPrimerListener.cpp
+++ b/netwerk/protocol/http/HSTSPrimerListener.cpp
@@ -26,18 +26,19 @@ namespace mozilla {
 namespace net {
 
 using namespace mozilla;
 
 NS_IMPL_ISUPPORTS(HSTSPrimingListener, nsIStreamListener,
                   nsIRequestObserver, nsIInterfaceRequestor,
                   nsITimerCallback)
 
-// default to 3000ms, same as the preference
-uint32_t HSTSPrimingListener::sHSTSPrimingTimeout = 3000;
+// default to 2000ms, same as the preference
+// security.mixed_content.hsts_priming_request_timeout
+uint32_t HSTSPrimingListener::sHSTSPrimingTimeout = 2000;
 
 
 HSTSPrimingListener::HSTSPrimingListener(nsIHstsPrimingCallback* aCallback)
   : mCallback(aCallback)
 {
   static nsresult rv =
     Preferences::AddUintVarCache(&sHSTSPrimingTimeout,
         "security.mixed_content.hsts_priming_request_timeout");
--- a/security/manager/ssl/security-prefs.js
+++ b/security/manager/ssl/security-prefs.js
@@ -132,11 +132,11 @@ pref("security.mixed_content.use_hsts", 
 #else
 // Change the order of evaluation so HSTS upgrades happen before
 // mixed-content blocking
 pref("security.mixed_content.send_hsts_priming", true);
 pref("security.mixed_content.use_hsts", true);
 #endif
 // Approximately 1 week default cache for HSTS priming failures, in seconds
 pref ("security.mixed_content.hsts_priming_cache_timeout", 604800);
-// Force the channel to timeout in 3 seconds if we have not received
+// Force the channel to timeout in 2 seconds if we have not received
 // expects a time in milliseconds
-pref ("security.mixed_content.hsts_priming_request_timeout", 3000);
+pref ("security.mixed_content.hsts_priming_request_timeout", 2000);