Diff
Modified: trunk/Source/WebCore/ChangeLog (239473 => 239474)
--- trunk/Source/WebCore/ChangeLog 2018-12-21 00:17:13 UTC (rev 239473)
+++ trunk/Source/WebCore/ChangeLog 2018-12-21 00:20:21 UTC (rev 239474)
@@ -1,3 +1,14 @@
+2018-12-20 Chris Dumez <[email protected]>
+
+ Move HTTPS_UPGRADE code behind a runtime flag, off by default
+ https://bugs.webkit.org/show_bug.cgi?id=192937
+
+ Reviewed by Youenn Fablet.
+
+ Move HTTPS_UPGRADE code behind a runtime flag, off by default and drop the build time flag.
+
+ * page/Settings.yaml:
+
2018-12-20 Youenn Fablet <[email protected]>
Remove custom constructors of ReadableStreamDefaultReader and ReadableStreamBYOBReader
Modified: trunk/Source/WebCore/page/Settings.yaml (239473 => 239474)
--- trunk/Source/WebCore/page/Settings.yaml 2018-12-21 00:17:13 UTC (rev 239473)
+++ trunk/Source/WebCore/page/Settings.yaml 2018-12-21 00:20:21 UTC (rev 239474)
@@ -329,6 +329,9 @@
requestAnimationFrameEnabled:
initial: true
+HTTPSUpgradeEnabled:
+ initial: false
+
cookieEnabled:
initial: true
mediaEnabled:
Modified: trunk/Source/WebKit/ChangeLog (239473 => 239474)
--- trunk/Source/WebKit/ChangeLog 2018-12-21 00:17:13 UTC (rev 239473)
+++ trunk/Source/WebKit/ChangeLog 2018-12-21 00:20:21 UTC (rev 239474)
@@ -1,3 +1,35 @@
+2018-12-20 Chris Dumez <[email protected]>
+
+ Move HTTPS_UPGRADE code behind a runtime flag, off by default
+ https://bugs.webkit.org/show_bug.cgi?id=192937
+
+ Reviewed by Youenn Fablet.
+
+ Move HTTPS_UPGRADE code behind a runtime flag, off by default and drop the build time flag.
+
+ * Configurations/WebKit.xcconfig:
+ * DerivedSources.make:
+ * NetworkProcess/NetworkHTTPSUpgradeChecker.cpp:
+ * NetworkProcess/NetworkHTTPSUpgradeChecker.h:
+ * NetworkProcess/NetworkLoadChecker.cpp:
+ (WebKit::NetworkLoadChecker::NetworkLoadChecker):
+ (WebKit::NetworkLoadChecker::applyHTTPSUpgradeIfNeeded const):
+ (WebKit::NetworkLoadChecker::checkRequest):
+ * NetworkProcess/NetworkLoadChecker.h:
+ * NetworkProcess/NetworkProcess.h:
+ (WebKit::NetworkProcess::networkHTTPSUpgradeChecker):
+ * NetworkProcess/NetworkResourceLoadParameters.cpp:
+ (WebKit::NetworkResourceLoadParameters::encode const):
+ (WebKit::NetworkResourceLoadParameters::decode):
+ * NetworkProcess/NetworkResourceLoadParameters.h:
+ * NetworkProcess/NetworkResourceLoader.cpp:
+ * NetworkProcess/PingLoad.cpp:
+ (WebKit::PingLoad::PingLoad):
+ * Shared/WebPreferences.yaml:
+ * WebProcess/Network/WebLoaderStrategy.cpp:
+ (WebKit::WebLoaderStrategy::scheduleLoadFromNetworkProcess):
+ * config.h:
+
2018-12-20 Jiewen Tan <[email protected]>
[WebAuthN] Add a runtime flag for local authenticator
Modified: trunk/Source/WebKit/Configurations/WebKit.xcconfig (239473 => 239474)
--- trunk/Source/WebKit/Configurations/WebKit.xcconfig 2018-12-21 00:17:13 UTC (rev 239473)
+++ trunk/Source/WebKit/Configurations/WebKit.xcconfig 2018-12-21 00:20:21 UTC (rev 239474)
@@ -151,12 +151,9 @@
SECTORDER_FLAGS_Production[sdk=iphoneos*] = -Wl,-order_file,$(SDKROOT)/AppleInternal/OrderFiles/WebKit.order;
SECTORDER_FLAGS_Production[sdk=macosx*] = -Wl,-order_file,mac/WebKit2.order;
-WK_EXCLUDED_HTTPS_UPGRADE_FILE = $(WK_EXCLUDED_HTTPS_UPGRADE_FILE_$(ENABLE_HTTPS_UPGRADE));
-WK_EXCLUDED_HTTPS_UPGRADE_FILE_ = HTTPSUpgradeList.db;
+EXCLUDED_SOURCE_FILE_NAMES = Resources/ios/*;
+EXCLUDED_SOURCE_FILE_NAMES[sdk=iphone*] = PluginProcessShim.dylib SecItemShim.dylib WebProcessShim.dylib *.pdf Resources/mac/* com.apple.WebKit.NetworkProcess.sb com.apple.WebProcess.sb com.apple.WebKit.plugin-common.sb PlugInSandboxProfiles/*.sb;
-EXCLUDED_SOURCE_FILE_NAMES = Resources/ios/* $(WK_EXCLUDED_HTTPS_UPGRADE_FILE);
-EXCLUDED_SOURCE_FILE_NAMES[sdk=iphone*] = PluginProcessShim.dylib SecItemShim.dylib WebProcessShim.dylib *.pdf Resources/mac/* com.apple.WebKit.NetworkProcess.sb com.apple.WebProcess.sb com.apple.WebKit.plugin-common.sb PlugInSandboxProfiles/*.sb $(WK_EXCLUDED_HTTPS_UPGRADE_FILE);
-
INSTALLHDRS_SCRIPT_PHASE = YES;
WK_FRAMEWORK_HEADER_POSTPROCESSING_DISABLED[sdk=macosx*] = $(WK_FRAMEWORK_HEADER_POSTPROCESSING_DISABLED$(WK_MACOS_1014));
Modified: trunk/Source/WebKit/DerivedSources.make (239473 => 239474)
--- trunk/Source/WebKit/DerivedSources.make 2018-12-21 00:17:13 UTC (rev 239473)
+++ trunk/Source/WebKit/DerivedSources.make 2018-12-21 00:20:21 UTC (rev 239474)
@@ -316,8 +316,7 @@
$(WEB_PREFERENCES_PATTERNS) : $(WebKit2)/Scripts/GeneratePreferences.rb $(WEB_PREFERENCES_TEMPLATES) $(WEB_PREFERENCES_COMBINED_INPUT_FILE)
$(RUBY) $< --input $(WEB_PREFERENCES_COMBINED_INPUT_FILE)
-ifeq ($(ENABLE_HTTPS_UPGRADE),ENABLE_HTTPS_UPGRADE)
+VPATH += $(WebKit2)/Shared/HTTPSUpgrade/
all : HTTPSUpgradeList.db
HTTPSUpgradeList.db : HTTPSUpgradeList.txt $(WebKit2)/Scripts/generate-https-upgrade-database.sh
sh $(WebKit2)/Scripts/generate-https-upgrade-database.sh $< $@
-endif # ENABLE_HTTPS_UPGRADE
Modified: trunk/Source/WebKit/NetworkProcess/NetworkHTTPSUpgradeChecker.cpp (239473 => 239474)
--- trunk/Source/WebKit/NetworkProcess/NetworkHTTPSUpgradeChecker.cpp 2018-12-21 00:17:13 UTC (rev 239473)
+++ trunk/Source/WebKit/NetworkProcess/NetworkHTTPSUpgradeChecker.cpp 2018-12-21 00:20:21 UTC (rev 239474)
@@ -26,8 +26,6 @@
#include "config.h"
#include "NetworkHTTPSUpgradeChecker.h"
-#if ENABLE(HTTPS_UPGRADE)
-
#include "Logging.h"
#include <WebCore/SQLiteDatabase.h>
#include <WebCore/SQLiteStatement.h>
@@ -95,13 +93,13 @@
ASSERT(m_didSetupCompleteSuccessfully);
int bindTextResult = m_statement->bindText(1, WTFMove(host));
- ASSERT(bindTextResult == SQLITE_OK);
+ ASSERT_UNUSED(bindTextResult, bindTextResult == SQLITE_OK);
int stepResult = m_statement->step();
ASSERT(stepResult == SQLITE_ROW || stepResult == SQLITE_DONE);
int resetResult = m_statement->reset();
- ASSERT(resetResult == SQLITE_OK);
+ ASSERT_UNUSED(resetResult, resetResult == SQLITE_OK);
bool foundHost = (stepResult == SQLITE_ROW);
RELEASE_LOG_IF_ALLOWED(sessionID, "query - Ran successfully. Result = %s", (foundHost ? "true" : "false"));
@@ -113,4 +111,3 @@
} // namespace WebKit
-#endif // ENABLE(HTTPS_UPGRADE)
Modified: trunk/Source/WebKit/NetworkProcess/NetworkHTTPSUpgradeChecker.h (239473 => 239474)
--- trunk/Source/WebKit/NetworkProcess/NetworkHTTPSUpgradeChecker.h 2018-12-21 00:17:13 UTC (rev 239473)
+++ trunk/Source/WebKit/NetworkProcess/NetworkHTTPSUpgradeChecker.h 2018-12-21 00:20:21 UTC (rev 239474)
@@ -25,8 +25,6 @@
#pragma once
-#if ENABLE(HTTPS_UPGRADE)
-
#include <wtf/UniqueRef.h>
namespace WTF {
@@ -64,4 +62,3 @@
} // namespace WebKit
-#endif // ENABLE(HTTPS_UPGRADE)
Modified: trunk/Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp (239473 => 239474)
--- trunk/Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp 2018-12-21 00:17:13 UTC (rev 239473)
+++ trunk/Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp 2018-12-21 00:20:21 UTC (rev 239474)
@@ -46,7 +46,7 @@
return url.protocolIsData() || url.protocolIsBlob() || !origin || origin->canRequest(url);
}
-NetworkLoadChecker::NetworkLoadChecker(FetchOptions&& options, PAL::SessionID sessionID, uint64_t pageID, uint64_t frameID, HTTPHeaderMap&& originalRequestHeaders, URL&& url, RefPtr<SecurityOrigin>&& sourceOrigin, PreflightPolicy preflightPolicy, String&& referrer, bool shouldCaptureExtraNetworkLoadMetrics, LoadType requestLoadType)
+NetworkLoadChecker::NetworkLoadChecker(FetchOptions&& options, PAL::SessionID sessionID, uint64_t pageID, uint64_t frameID, HTTPHeaderMap&& originalRequestHeaders, URL&& url, RefPtr<SecurityOrigin>&& sourceOrigin, PreflightPolicy preflightPolicy, String&& referrer, bool isHTTPSUpgradeEnabled, bool shouldCaptureExtraNetworkLoadMetrics, LoadType requestLoadType)
: m_options(WTFMove(options))
, m_sessionID(sessionID)
, m_pageID(pageID)
@@ -57,6 +57,7 @@
, m_preflightPolicy(preflightPolicy)
, m_referrer(WTFMove(referrer))
, m_shouldCaptureExtraNetworkLoadMetrics(shouldCaptureExtraNetworkLoadMetrics)
+ , m_isHTTPSUpgradeEnabled(isHTTPSUpgradeEnabled)
, m_requestLoadType(requestLoadType)
{
m_isSameOriginRequest = isSameOrigin(m_url, m_origin.get());
@@ -191,10 +192,10 @@
return ResourceError { String { }, 0, m_url, WTFMove(message), ResourceError::Type::AccessControl };
}
-#if ENABLE(HTTPS_UPGRADE)
void NetworkLoadChecker::applyHTTPSUpgradeIfNeeded(ResourceRequest&& request, CompletionHandler<void(ResourceRequest&&)>&& handler) const
{
- if (m_requestLoadType != LoadType::MainFrame) {
+#if PLATFORM(COCOA)
+ if (!m_isHTTPSUpgradeEnabled || m_requestLoadType != LoadType::MainFrame) {
handler(WTFMove(request));
return;
}
@@ -224,24 +225,24 @@
handler(WTFMove(request));
});
+#else
+ handler(WTFMove(request));
+#endif
}
-#endif // ENABLE(HTTPS_UPGRADE)
void NetworkLoadChecker::checkRequest(ResourceRequest&& request, ContentSecurityPolicyClient* client, ValidationHandler&& handler)
{
ResourceRequest originalRequest = request;
-#if ENABLE(HTTPS_UPGRADE)
applyHTTPSUpgradeIfNeeded(WTFMove(request), [this, client, handler = WTFMove(handler), originalRequest = WTFMove(originalRequest)](auto request) mutable {
-#endif // ENABLE(HTTPS_UPGRADE)
if (auto* contentSecurityPolicy = this->contentSecurityPolicy()) {
- if (isRedirected()) {
+ if (this->isRedirected()) {
auto type = m_options.mode == FetchOptions::Mode::Navigate ? ContentSecurityPolicy::InsecureRequestType::Navigation : ContentSecurityPolicy::InsecureRequestType::Load;
contentSecurityPolicy->upgradeInsecureRequestIfNeeded(request, type);
}
- if (!isAllowedByContentSecurityPolicy(request, client)) {
- handler(accessControlErrorForValidationHandler("Blocked by Content Security Policy."_s));
+ if (!this->isAllowedByContentSecurityPolicy(request, client)) {
+ handler(this->accessControlErrorForValidationHandler("Blocked by Content Security Policy."_s));
return;
}
}
@@ -261,13 +262,9 @@
continueCheckingRequestOrDoSyntheticRedirect(WTFMove(originalRequest), WTFMove(result.value().request), WTFMove(handler));
});
#else
- continueCheckingRequestOrDoSyntheticRedirect(WTFMove(originalRequest), WTFMove(request), WTFMove(handler));
+ this->continueCheckingRequestOrDoSyntheticRedirect(WTFMove(originalRequest), WTFMove(request), WTFMove(handler));
#endif
-
-#if ENABLE(HTTPS_UPGRADE)
});
-#endif // ENABLE(HTTPS_UPGRADE)
-
}
void NetworkLoadChecker::continueCheckingRequestOrDoSyntheticRedirect(ResourceRequest&& originalRequest, ResourceRequest&& currentRequest, ValidationHandler&& handler)
Modified: trunk/Source/WebKit/NetworkProcess/NetworkLoadChecker.h (239473 => 239474)
--- trunk/Source/WebKit/NetworkProcess/NetworkLoadChecker.h 2018-12-21 00:17:13 UTC (rev 239473)
+++ trunk/Source/WebKit/NetworkProcess/NetworkLoadChecker.h 2018-12-21 00:20:21 UTC (rev 239474)
@@ -52,7 +52,7 @@
public:
enum class LoadType : bool { MainFrame, Other };
- NetworkLoadChecker(WebCore::FetchOptions&&, PAL::SessionID, uint64_t pageID, uint64_t frameID, WebCore::HTTPHeaderMap&&, URL&&, RefPtr<WebCore::SecurityOrigin>&&, WebCore::PreflightPolicy, String&& referrer, bool shouldCaptureExtraNetworkLoadMetrics = false, LoadType requestLoadType = LoadType::Other);
+ NetworkLoadChecker(WebCore::FetchOptions&&, PAL::SessionID, uint64_t pageID, uint64_t frameID, WebCore::HTTPHeaderMap&&, URL&&, RefPtr<WebCore::SecurityOrigin>&&, WebCore::PreflightPolicy, String&& referrer, bool isHTTPSUpgradeEnabled = false, bool shouldCaptureExtraNetworkLoadMetrics = false, LoadType requestLoadType = LoadType::Other);
~NetworkLoadChecker();
struct RedirectionTriplet {
@@ -119,9 +119,7 @@
void processContentExtensionRulesForLoad(WebCore::ResourceRequest&&, ContentExtensionCallback&&);
#endif
-#if ENABLE(HTTPS_UPGRADE)
void applyHTTPSUpgradeIfNeeded(WebCore::ResourceRequest&&, CompletionHandler<void(WebCore::ResourceRequest&&)>&&) const;
-#endif // ENABLE(HTTPS_UPGRADE)
WebCore::FetchOptions m_options;
WebCore::StoredCredentialsPolicy m_storedCredentialsPolicy;
@@ -149,6 +147,7 @@
String m_referrer;
bool m_checkContentExtensions { false };
bool m_shouldCaptureExtraNetworkLoadMetrics { false };
+ bool m_isHTTPSUpgradeEnabled { false };
WebCore::NetworkLoadInformation m_loadInformation;
LoadType m_requestLoadType;
Modified: trunk/Source/WebKit/NetworkProcess/NetworkProcess.h (239473 => 239474)
--- trunk/Source/WebKit/NetworkProcess/NetworkProcess.h 2018-12-21 00:17:13 UTC (rev 239473)
+++ trunk/Source/WebKit/NetworkProcess/NetworkProcess.h 2018-12-21 00:20:21 UTC (rev 239474)
@@ -205,9 +205,9 @@
bool parentProcessHasServiceWorkerEntitlement() const { return true; }
#endif
-#if ENABLE(HTTPS_UPGRADE)
- NetworkHTTPSUpgradeChecker& networkHTTPSUpgradeChecker() { return m_networkHTTPSUpgradeChecker; };
-#endif // ENABLE(HTTPS_UPGRADE)
+#if PLATFORM(COCOA)
+ NetworkHTTPSUpgradeChecker& networkHTTPSUpgradeChecker() { return m_networkHTTPSUpgradeChecker; }
+#endif
private:
NetworkProcess();
@@ -398,9 +398,9 @@
HashMap<WebCore::SWServerConnectionIdentifier, WebSWServerConnection*> m_swServerConnections;
#endif
-#if ENABLE(HTTPS_UPGRADE)
+#if PLATFORM(COCOA)
NetworkHTTPSUpgradeChecker m_networkHTTPSUpgradeChecker;
-#endif // ENABLE(HTTPS_UPGRADE)
+#endif
};
} // namespace WebKit
Modified: trunk/Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.cpp (239473 => 239474)
--- trunk/Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.cpp 2018-12-21 00:17:13 UTC (rev 239473)
+++ trunk/Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.cpp 2018-12-21 00:20:21 UTC (rev 239474)
@@ -94,6 +94,7 @@
encoder << shouldEnableCrossOriginResourcePolicy;
encoder << frameAncestorOrigins;
+ encoder << isHTTPSUpgradeEnabled;
#if ENABLE(CONTENT_EXTENSIONS)
encoder << mainDocumentURL;
@@ -204,6 +205,12 @@
if (!decoder.decode(result.frameAncestorOrigins))
return false;
+
+ Optional<bool> isHTTPSUpgradeEnabled;
+ decoder >> isHTTPSUpgradeEnabled;
+ if (!isHTTPSUpgradeEnabled)
+ return false;
+ result.isHTTPSUpgradeEnabled = *isHTTPSUpgradeEnabled;
#if ENABLE(CONTENT_EXTENSIONS)
if (!decoder.decode(result.mainDocumentURL))
Modified: trunk/Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.h (239473 => 239474)
--- trunk/Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.h 2018-12-21 00:17:13 UTC (rev 239473)
+++ trunk/Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.h 2018-12-21 00:20:21 UTC (rev 239474)
@@ -59,6 +59,7 @@
WebCore::PreflightPolicy preflightPolicy { WebCore::PreflightPolicy::Consider };
bool shouldEnableCrossOriginResourcePolicy { false };
Vector<RefPtr<WebCore::SecurityOrigin>> frameAncestorOrigins;
+ bool isHTTPSUpgradeEnabled { false };
#if ENABLE(CONTENT_EXTENSIONS)
URL mainDocumentURL;
Modified: trunk/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp (239473 => 239474)
--- trunk/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp 2018-12-21 00:17:13 UTC (rev 239473)
+++ trunk/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp 2018-12-21 00:20:21 UTC (rev 239474)
@@ -112,7 +112,7 @@
if (synchronousReply || parameters.shouldRestrictHTTPResponseAccess) {
NetworkLoadChecker::LoadType requestLoadType = isMainFrameLoad() ? NetworkLoadChecker::LoadType::MainFrame : NetworkLoadChecker::LoadType::Other;
- m_networkLoadChecker = std::make_unique<NetworkLoadChecker>(FetchOptions { m_parameters.options }, m_parameters.sessionID, m_parameters.webPageID, m_parameters.webFrameID, HTTPHeaderMap { m_parameters.originalRequestHeaders }, URL { m_parameters.request.url() }, m_parameters.sourceOrigin.copyRef(), m_parameters.preflightPolicy, originalRequest().httpReferrer(), shouldCaptureExtraNetworkLoadMetrics(), requestLoadType);
+ m_networkLoadChecker = std::make_unique<NetworkLoadChecker>(FetchOptions { m_parameters.options }, m_parameters.sessionID, m_parameters.webPageID, m_parameters.webFrameID, HTTPHeaderMap { m_parameters.originalRequestHeaders }, URL { m_parameters.request.url() }, m_parameters.sourceOrigin.copyRef(), m_parameters.preflightPolicy, originalRequest().httpReferrer(), m_parameters.isHTTPSUpgradeEnabled, shouldCaptureExtraNetworkLoadMetrics(), requestLoadType);
if (m_parameters.cspResponseHeaders)
m_networkLoadChecker->setCSPResponseHeaders(ContentSecurityPolicyResponseHeaders { m_parameters.cspResponseHeaders.value() });
#if ENABLE(CONTENT_EXTENSIONS)
Added: trunk/Source/WebKit/Shared/HTTPSUpgrade/HTTPSUpgradeList.txt (0 => 239474)
--- trunk/Source/WebKit/Shared/HTTPSUpgrade/HTTPSUpgradeList.txt (rev 0)
+++ trunk/Source/WebKit/Shared/HTTPSUpgrade/HTTPSUpgradeList.txt 2018-12-21 00:20:21 UTC (rev 239474)
@@ -0,0 +1,3 @@
+www.bbc.com
+www.speedtest.net
+www.bea.gov
Modified: trunk/Source/WebKit/Shared/WebPreferences.yaml (239473 => 239474)
--- trunk/Source/WebKit/Shared/WebPreferences.yaml 2018-12-21 00:17:13 UTC (rev 239473)
+++ trunk/Source/WebKit/Shared/WebPreferences.yaml 2018-12-21 00:20:21 UTC (rev 239474)
@@ -35,6 +35,13 @@
type: bool
defaultValue: false
+HTTPSUpgradeEnabled:
+ type: bool
+ defaultValue: false
+ humanReadableName: "Automatic HTTPS upgrade"
+ humanReadableDescription: "Automatic HTTPS upgrade for known supported sites"
+ category: experimental
+
JavaEnabled:
type: bool
defaultValue: false
Modified: trunk/Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp (239473 => 239474)
--- trunk/Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp 2018-12-21 00:17:13 UTC (rev 239473)
+++ trunk/Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp 2018-12-21 00:20:21 UTC (rev 239474)
@@ -281,6 +281,7 @@
loadParameters.maximumBufferingTime = maximumBufferingTime;
loadParameters.options = resourceLoader.options();
loadParameters.preflightPolicy = resourceLoader.options().preflightPolicy;
+ loadParameters.isHTTPSUpgradeEnabled = resourceLoader.frame() ? resourceLoader.frame()->settings().HTTPSUpgradeEnabled() : false;
auto* document = resourceLoader.frame() ? resourceLoader.frame()->document() : nullptr;
if (resourceLoader.options().cspResponseHeaders)
Modified: trunk/Source/WebKit/config.h (239473 => 239474)
--- trunk/Source/WebKit/config.h 2018-12-21 00:17:13 UTC (rev 239473)
+++ trunk/Source/WebKit/config.h 2018-12-21 00:20:21 UTC (rev 239474)
@@ -79,6 +79,3 @@
#endif
#endif
-#ifndef ENABLE_HTTPS_UPGRADE
-#define ENABLE_HTTPS_UPGRADE 0
-#endif
