Don't disable TLS 1.3 for update checks
Original:
When constructing the request for the
update.xml
file TLS 1.3 is disabled:// Disable cutting edge features, like TLS 1.3, where middleboxes might brick us this._request.channel.QueryInterface(Ci.nsIHttpChannelInternal).beConservative = true;
The tests on the Internet maintain that the machines behind aus1 do not support TLS 1.3 (weasel tells me our machines behind aus1 do support TLS 1.3). Be that as it may, we should offer TLS 1.3. (This got mentioned as part of BLRG-PT-18-007 in the Firefox updater audit (https://bugzilla.mozilla.org/attachment.cgi?id=8985197) as well).
Per @lavamind ( #29252 (comment 2821144) ) we should be able to revert this now.
Edited by richard