Bug 1259947 - Add services.kinto.* and security.onecrl.* to SeaMonkey (from Firefox bug 1227956, bug 1224531, bug 1016555). r=Ratty, a=Ratty for comm-aurora
authorrsx11m <rsx11m.pub@gmail.com>
Tue, 05 Apr 2016 18:37:33 -0500
changeset 26972 543f24c95987b32fce1f10b650e6d85f314979ce
parent 26971 fe2b54b6a3edc5f54860223fb4746cde34b28698
child 26973 b6a6be98c8ee5bb75da5dcdab4ccdff31115fc99
push id1850
push userclokep@gmail.com
push dateWed, 08 Mar 2017 19:29:12 +0000
treeherdercomm-esr52@028df196b2d9 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersRatty, Ratty
bugs1259947, 1227956, 1224531, 1016555
Bug 1259947 - Add services.kinto.* and security.onecrl.* to SeaMonkey (from Firefox bug 1227956, bug 1224531, bug 1016555). r=Ratty, a=Ratty for comm-aurora
suite/browser/browser-prefs.js
--- a/suite/browser/browser-prefs.js
+++ b/suite/browser/browser-prefs.js
@@ -617,24 +617,40 @@ pref("extensions.logging.enabled", false
 pref("extensions.strictCompatibility", false);
 
 // Specifies a minimum maxVersion an addon needs to say it's compatible with
 // for it to be compatible by default.
 pref("extensions.minCompatibleAppVersion", "2.1");
 
 // Blocklist preferences
 pref("extensions.blocklist.enabled", true);
+// OneCRL freshness checking depends on this value, so if you change it,
+// please also update security.onecrl.maximum_staleness_in_seconds.
 pref("extensions.blocklist.interval", 86400);
 // Controls what level the blocklist switches from warning about items to forcibly
 // blocking them.
 pref("extensions.blocklist.level", 2);
 pref("extensions.blocklist.url", "https://blocklist.addons.mozilla.org/blocklist/3/%APP_ID%/%APP_VERSION%/%PRODUCT%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VERSION%/%DISTRIBUTION%/%DISTRIBUTION_VERSION%/%PING_COUNT%/%TOTAL_PING_COUNT%/%DAYS_SINCE_LAST_PING%/");
 pref("extensions.blocklist.detailsURL", "https://www.mozilla.com/%LOCALE%/blocklist/");
 pref("extensions.blocklist.itemURL", "https://blocklist.addons.mozilla.org/%LOCALE%/%APP%/blocked/%blockID%");
 
+// Kinto blocklist preferences
+pref("services.kinto.base", "https://firefox.settings.services.mozilla.com/v1");
+pref("services.kinto.changes.path", "/buckets/monitor/collections/changes/records");
+pref("services.kinto.bucket", "blocklists");
+pref("services.kinto.onecrl.collection", "certificates");
+pref("services.kinto.onecrl.checked", 0);
+
+// For now, let's keep kinto update out of the release channel.
+#ifdef RELEASE_BUILD
+pref("services.kinto.update_enabled", false);
+#else
+pref("services.kinto.update_enabled", true);
+#endif
+
 // Update preferences for installed Extensions and Themes.
 // Symmetric (can be overridden by individual extensions),
 // e.g.
 //  extensions.{GUID}.update.enabled
 //  extensions.{GUID}.update.url
 //  extensions.{GUID}.update.interval
 //  extensions.{GUID}.update.autoUpdateDefault
 //  .. etc ..
@@ -830,16 +846,20 @@ pref("security.warn_submit_insecure", fa
 pref("security.warn_viewing_mixed", false);
 pref("security.warn_mixed_active_content", true);
 pref("security.warn_mixed_display_content", true);
 // Block insecure active content on https pages
 pref("security.mixed_content.block_active_content", true);
 // Turn on the CSP 1.0 parser for Content Security Policy headers
 pref("security.csp.speccompliant", true);
 
+// Required blocklist freshness for OneCRL OCSP bypass
+// (default is 1.25x extensions.blocklist.interval, or 30 hours)
+pref("security.onecrl.maximum_staleness_in_seconds", 108000);
+
 pref("geo.wifi.uri", "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%");
 
 // FAQ URLs
 pref("browser.geolocation.warning.infoURL", "http://www.seamonkey-project.org/doc/2.0/geolocation");
 
 pref("browser.rights.version", 1);
 pref("browser.rights.1.shown", false);