Auto merge of #12035 - alex:patch-1, r=frewsxcv

Disable TLS compression

<!-- Please describe your changes on the following line: -->

---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy` does not report any errors
- [ ] These changes fix #__ (github issue number if applicable).

<!-- Either: -->
- [ ] There are tests for these changes OR
- [ ] These changes do not require tests because _____

<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->

This prevents the CRIME attack.

<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.io/review_button.svg" height="35" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/12035)
<!-- Reviewable:end -->

components/net/connector.rs

@@ -4,7 +4,7 @@
 
 use hyper::client::Pool;
 use hyper::net::{HttpStream, HttpsConnector, SslClient};
-use openssl::ssl::{SSL_OP_NO_SSLV2, SSL_OP_NO_SSLV3, SSL_VERIFY_PEER};
+use openssl::ssl::{SSL_OP_NO_COMPRESSION, SSL_OP_NO_SSLV2, SSL_OP_NO_SSLV3, SSL_VERIFY_PEER};
 use openssl::ssl::{Ssl, SslContext, SslMethod, SslStream};
 use std::sync::Arc;
 use util::resource_files::resources_dir_path;
@@ -31,7 +31,7 @@ pub fn create_http_connector() -> Arc<Pool<Connector>> {
     let mut context = SslContext::new(SslMethod::Sslv23).unwrap();
     context.set_CA_file(&resources_dir_path().join("certs")).unwrap();
     context.set_cipher_list(DEFAULT_CIPHERS).unwrap();
-    context.set_options(SSL_OP_NO_SSLV2 | SSL_OP_NO_SSLV3);
+    context.set_options(SSL_OP_NO_SSLV2 | SSL_OP_NO_SSLV3 | SSL_OP_NO_COMPRESSION);
     let connector = HttpsConnector::new(ServoSslClient {
         context: Arc::new(context)
     });