Closed Bug 1154068 Opened 5 years ago Closed 5 years ago
rename relaxed to insecure scheme and add more runtime checks
we used the term relaxed for http:// over tls; but someitmes we also enforced the authentication if alt-svc changed the host involved. That was all done correctly but the term relaxed wasn't very accurate in those cases. For clarity rename "relaxed" to be "insecureScheme". Also add a runtime check (with debug assert) to paths to enforce that bit isn't set where it shouldn't be (it isn't known to be). This doesn't change any existing behavior
You need to log in before you can comment on or make changes to this bug.