Remove the enable-net-security-expiration option (see issue #2622)

The implementation of this option was removed in commit 67b61c4. Certificate transparency is disabled by default for Chromium embedders. Details at: https://chromium.googlesource.com/chromium/src/+/master/net/docs/certificate-transparency.md#Supporting-Certificate-Transparency-for-Embedders
2019-10-29 11:36:26 -04:00 · 2019-10-29 11:36:26 -04:00 · 65f97a60ad
parent 4f07cba011
commit 65f97a60ad
5 changed files with 0 additions and 35 deletions
--- a/include/internal/cef_types.h
+++ b/include/internal/cef_types.h
@ -385,19 +385,6 @@ typedef struct _cef_settings_t {
  ///
  int ignore_certificate_errors;

-  ///
-  // Set to true (1) to enable date-based expiration of built in network
-  // security information (i.e. certificate transparency logs, HSTS preloading
-  // and pinning information). Enabling this option improves network security
-  // but may cause HTTPS load failures when using CEF binaries built more than
-  // 10 weeks in the past. See https://www.certificate-transparency.org/ and
-  // https://www.chromium.org/hsts for details. Also configurable using the
-  // "enable-net-security-expiration" command-line switch. Can be overridden for
-  // individual CefRequestContext instances via the
-  // CefRequestContextSettings.enable_net_security_expiration value.
-  ///
-  int enable_net_security_expiration;
-
  ///
  // Background color used for the browser before a document is loaded and when
  // no document color is specified. The alpha component must be either fully
@ -479,17 +466,6 @@ typedef struct _cef_request_context_settings_t {
  ///
  int ignore_certificate_errors;

-  ///
-  // Set to true (1) to enable date-based expiration of built in network
-  // security information (i.e. certificate transparency logs, HSTS preloading
-  // and pinning information). Enabling this option improves network security
-  // but may cause HTTPS load failures when using CEF binaries built more than
-  // 10 weeks in the past. See https://www.certificate-transparency.org/ and
-  // https://www.chromium.org/hsts for details. Can be set globally using the
-  // CefSettings.enable_net_security_expiration value.
-  ///
-  int enable_net_security_expiration;
-
  ///
  // Comma delimited ordered list of language codes without any whitespace that
  // will be used in the "Accept-Language" HTTP header. Can be set globally
--- a/include/internal/cef_types_wrappers.h
+++ b/include/internal/cef_types_wrappers.h
@ -603,8 +603,6 @@ struct CefSettingsTraits {
    target->remote_debugging_port = src->remote_debugging_port;
    target->uncaught_exception_stack_size = src->uncaught_exception_stack_size;
    target->ignore_certificate_errors = src->ignore_certificate_errors;
-    target->enable_net_security_expiration =
-        src->enable_net_security_expiration;
    target->background_color = src->background_color;

    cef_string_set(src->accept_language_list.str,
@ -639,8 +637,6 @@ struct CefRequestContextSettingsTraits {
    target->persist_session_cookies = src->persist_session_cookies;
    target->persist_user_preferences = src->persist_user_preferences;
    target->ignore_certificate_errors = src->ignore_certificate_errors;
-    target->enable_net_security_expiration =
-        src->enable_net_security_expiration;
    cef_string_set(src->accept_language_list.str,
                   src->accept_language_list.length,
                   &target->accept_language_list, copy);
--- a/libcef/browser/context.cc
+++ b/libcef/browser/context.cc
@ -533,9 +533,6 @@ void CefContext::PopulateRequestContextSettings(
  settings->ignore_certificate_errors =
      settings_.ignore_certificate_errors ||
      command_line->HasSwitch(switches::kIgnoreCertificateErrors);
-  settings->enable_net_security_expiration =
-      settings_.enable_net_security_expiration ||
-      command_line->HasSwitch(switches::kEnableNetSecurityExpiration);
  CefString(&settings->accept_language_list) =
      CefString(&settings_.accept_language_list);
 }
--- a/libcef/common/cef_switches.cc
+++ b/libcef/common/cef_switches.cc
@ -113,9 +113,6 @@ const char kPluginPolicy_Block[] = "block";
 // Expose preferences used only by unit tests.
 const char kEnablePreferenceTesting[] = "enable-preference-testing";

-// Enable date-based expiration of built in network security information.
-const char kEnableNetSecurityExpiration[] = "enable-net-security-expiration";
-
 // Enable print preview.
 extern const char kEnablePrintPreview[] = "enable-print-preview";

--- a/libcef/common/cef_switches.h
+++ b/libcef/common/cef_switches.h
@ -51,7 +51,6 @@ extern const char kPluginPolicy_Allow[];
 extern const char kPluginPolicy_Detect[];
 extern const char kPluginPolicy_Block[];
 extern const char kEnablePreferenceTesting[];
-extern const char kEnableNetSecurityExpiration[];
 extern const char kEnablePrintPreview[];

 #if defined(OS_MACOSX)