Changeset 202640 in webkit
- Timestamp:
- Jun 29, 2016 12:19:24 PM (8 years ago)
- Location:
- trunk
- Files:
-
- 4 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebKit2/ChangeLog
r202638 r202640 1 2016-06-29 Alex Christensen <achristensen@webkit.org> 2 3 WKWebView should ask WKNavigationDelegate about bad ssl certificates 4 https://bugs.webkit.org/show_bug.cgi?id=159176 5 rdar://problem/26864882 6 7 Reviewed by Sam Weinig. 8 9 This can be tested manually by visiting a site in MiniBrowser that has invalid ssl certificates, but we don't have proper ssl testing yet. 10 Before this change, we would just open the site as if nothing were invalid, now we call the WKNavigationDelegate's didReceiveAuthenticationChallenge 11 like we did before using NSURLSession, and we do not open the page, also like we did before using NSURLSession. 12 13 * NetworkProcess/NetworkLoad.cpp: 14 (WebKit::NetworkLoad::continueCanAuthenticateAgainstProtectionSpace): 15 When using NSURLConnection and responding to canAuthenticateAgainstProtectionSpace with YES, 16 we get an NSURLAuthenticationChallenge when a bad ssl certificate is encountered in the handshake. 17 When using NSURLSession, we want to call webView:didReceiveAuthenticationChallenge:completionHandler: in this case. 18 The default implementation of NavigationState::NavigationClient::canAuthenticateAgainstProtectionSpace returns true 19 if there is an implementation of webView:didReceiveAuthenticationChallenge:completionHandler: in its WKNavigationDelegate. 20 Internal clients can implement _webView:canAuthenticateAgainstProtectionSpace: 21 and Safari uses canHandleHTTPSServerTrustEvaluation, so it will be unaffected. 22 1 23 2016-06-29 Beth Dakin <bdakin@apple.com> 2 24 -
trunk/Source/WebKit2/NetworkProcess/NetworkLoad.cpp
r202511 r202640 353 353 return; 354 354 } 355 356 if (m_challenge->protectionSpace().authenticationScheme() == ProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested) { 357 completionHandler(AuthenticationChallengeDisposition::UseCredential, serverTrustCredential(*m_challenge)); 358 return; 359 } 360 355 361 356 if (m_parameters.clientCredentialPolicy == DoNotAskClientForAnyCredentials) { 362 357 completionHandler(AuthenticationChallengeDisposition::UseCredential, { }); -
trunk/Tools/ChangeLog
r202622 r202640 1 2016-06-29 Alex Christensen <achristensen@webkit.org> 2 3 WKWebView should ask WKNavigationDelegate about bad ssl certificates 4 https://bugs.webkit.org/show_bug.cgi?id=159176 5 6 Reviewed by Sam Weinig. 7 8 * MiniBrowser/mac/WK2BrowserWindowController.m: 9 (-[WK2BrowserWindowController webView:didFinishLoadingNavigation:]): 10 (-[WK2BrowserWindowController webView:didReceiveAuthenticationChallenge:completionHandler:]): 11 (-[WK2BrowserWindowController webView:didFailNavigation:withError:]): 12 1 13 2016-06-29 Carlos Alberto Lopez Perez <clopez@igalia.com> 2 14 -
trunk/Tools/MiniBrowser/mac/WK2BrowserWindowController.m
r199630 r202640 568 568 } 569 569 570 - (void)webView:(WKWebView *)webView didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential *__nullable credential))completionHandler 571 { 572 LOG(@"didReceiveAuthenticationChallenge: %@", challenge); 573 completionHandler(NSURLSessionAuthChallengeRejectProtectionSpace, nil); 574 } 575 570 576 - (void)webView:(WKWebView *)webView didFailNavigation:(WKNavigation *)navigation withError:(NSError *)error 571 577 {
Note: See TracChangeset
for help on using the changeset viewer.