1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this file,
3 * You can obtain one at http://mozilla.org/MPL/2.0/. */
7 const EXPORTED_SYMBOLS = ["allowAllCerts"];
9 const { XPCOMUtils } = ChromeUtils.import(
10 "resource://gre/modules/XPCOMUtils.jsm"
13 XPCOMUtils.defineLazyModuleGetters(this, {
14 Preferences: "resource://gre/modules/Preferences.jsm",
17 XPCOMUtils.defineLazyServiceGetter(
20 "@mozilla.org/ssservice;1",
21 "nsISiteSecurityService"
24 XPCOMUtils.defineLazyServiceGetter(
26 "certOverrideService",
27 "@mozilla.org/security/certoverride;1",
28 "nsICertOverrideService"
31 const CERT_PINNING_ENFORCEMENT_PREF = "security.cert_pinning.enforcement_level";
32 const HSTS_PRELOAD_LIST_PREF = "network.stricttransportsecurity.preloadlist";
35 this.allowAllCerts = {};
38 * Disable all security check and allow all certs.
40 allowAllCerts.enable = function() {
41 // make it possible to register certificate overrides for domains
42 // that use HSTS or HPKP
43 Preferences.set(HSTS_PRELOAD_LIST_PREF, false);
44 Preferences.set(CERT_PINNING_ENFORCEMENT_PREF, 0);
46 certOverrideService.setDisableAllSecurityChecksAndLetAttackersInterceptMyData(
52 * Enable all security check.
54 allowAllCerts.disable = function() {
55 certOverrideService.setDisableAllSecurityChecksAndLetAttackersInterceptMyData(
59 Preferences.reset(HSTS_PRELOAD_LIST_PREF);
60 Preferences.reset(CERT_PINNING_ENFORCEMENT_PREF);
62 // clear collected HSTS and HPKP state
63 // through the site security service