Bug 1305902 - Enable public key pinning in Seamonkey. r=frg
authorIan Neal <iann_cvs@blueyonder.co.uk>
Sat, 28 Sep 2019 13:35:10 +0200
changeset 36989 4c0e993fd09fb6d6ba8c2544063ec25f57d6112e
parent 36988 cf1ff42f545cc2506090d537a96f10a388d30d99
child 36990 433afb979a4ed54826d0d6ab46542caacf22726b
push id395
push userclokep@gmail.com
push dateMon, 02 Dec 2019 19:38:57 +0000
reviewersfrg
bugs1305902
Bug 1305902 - Enable public key pinning in Seamonkey. r=frg
suite/browser/browser-prefs.js
--- a/suite/browser/browser-prefs.js
+++ b/suite/browser/browser-prefs.js
@@ -818,16 +818,18 @@ pref("security.warn_leaving_secure", fal
 pref("security.warn_submit_insecure", false);
 pref("security.warn_viewing_mixed", false);
 pref("security.warn_mixed_active_content", true);
 pref("security.warn_mixed_display_content", true);
 // Block insecure active content on https pages
 pref("security.mixed_content.block_active_content", true);
 // Turn on the CSP 1.0 parser for Content Security Policy headers
 pref("security.csp.speccompliant", true);
+// 1 = allow MITM for certificate pinning checks.
+pref("security.cert_pinning.enforcement_level", 1);
 
 pref("geo.wifi.uri", "https://www.googleapis.com/geolocation/v1/geolocate?key=%GOOGLE_LOCATION_SERVICE_API_KEY%");
 
 // Some of these prefs are specified even though they may be redundant; they are given
 // here for clarity and end-user experiments with platform-provided geolocation.
 #ifdef XP_MACOSX
 pref("geo.provider.use_corelocation", false);
 #endif