196831 2019-04-11 14:45:30 -0700 Always set _allowsSensitiveLogging to NO 2019-04-15 13:15:22 -0700 1 1 1 Unclassified WebKit WebKit2 WebKit Nightly Build Unspecified Unspecified NEW P2 Normal --- 1 saam saam achristensen ggaren jberlin krollin mjs rniwa oldest_to_newest 1526475 0 saam 2019-04-11 14:45:30 -0700 ... 1526479 1 367243 saam 2019-04-11 14:52:08 -0700 Created attachment 367243 patch Hopefully it builds. I still need to test it. Based on the documentation in: https://developer.apple.com/documentation/foundation/nsurlsessionconfiguration/1411560-defaultsessionconfiguration?language=objc "Modifying the returned session configuration object does not affect any configuration objects returned by future calls to this method, and does not change the default behavior for existing sessions. It is therefore always safe to use the returned object as a starting point for additional customization." I think this patch is safe to do without affecting other users of "defaultSessionConfiguration". 1527353 2 achristensen 2019-04-15 13:15:22 -0700 (In reply to Saam Barati from comment #1) > Created attachment 367243 [details] > I think this patch is safe to do without affecting other users of > "defaultSessionConfiguration". There are no other users of defaultSessionConfiguration in the network process. This patch will disallow sensitive logging in all WKWebViews and have no other effects. 367243 2019-04-11 14:52:08 -0700 2019-04-11 15:38:00 -0700 patch c-backup.diff text/plain 1958 saam SW5kZXg6IFNvdXJjZS9XZWJLaXQvQ2hhbmdlTG9nCj09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFNvdXJjZS9XZWJL aXQvQ2hhbmdlTG9nCShyZXZpc2lvbiAyNDQxOTUpCisrKyBTb3VyY2UvV2ViS2l0L0NoYW5nZUxv Zwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDEzIEBACisyMDE5LTA0LTExICBTYWFtIGJhcmF0 aSAgPHNiYXJhdGlAYXBwbGUuY29tPgorCisgICAgICAgIEFsd2F5cyBzZXQgX2FsbG93c1NlbnNp dGl2ZUxvZ2dpbmcgdG8gTk8KKyAgICAgICAgaHR0cHM6Ly9idWdzLndlYmtpdC5vcmcvc2hvd19i dWcuY2dpP2lkPTE5NjgzMQorCisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgor CisgICAgICAgICogTmV0d29ya1Byb2Nlc3MvY29jb2EvTmV0d29ya1Nlc3Npb25Db2NvYS5tbToK KyAgICAgICAgKFdlYktpdDo6Y29uZmlndXJhdGlvbkZvclNlc3Npb25JRCk6CisKIDIwMTktMDQt MTEgIEFudHRpIEtvaXZpc3RvICA8YW50dGlAYXBwbGUuY29tPgogCiAgICAgICAgIFJFR1JFU1NJ T046IGNoYW5naW5nIGlQYWQgb3JpZW50YXRpb24gb24gYmxvZ2dlci5jb20gY3Jhc2hlcyB1bmRl ciBSZW1vdGVTY3JvbGxpbmdDb29yZGluYXRvclByb3h5Ojplc3RhYmxpc2hMYXllclRyZWVTY3Jv bGxpbmdSZWxhdGlvbnMoKQpJbmRleDogU291cmNlL1dlYktpdC9OZXR3b3JrUHJvY2Vzcy9jb2Nv YS9OZXR3b3JrU2Vzc2lvbkNvY29hLm1tCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFNvdXJjZS9XZWJLaXQvTmV0 d29ya1Byb2Nlc3MvY29jb2EvTmV0d29ya1Nlc3Npb25Db2NvYS5tbQkocmV2aXNpb24gMjQ0MTk1 KQorKysgU291cmNlL1dlYktpdC9OZXR3b3JrUHJvY2Vzcy9jb2NvYS9OZXR3b3JrU2Vzc2lvbkNv Y29hLm1tCSh3b3JraW5nIGNvcHkpCkBAIC04MDYsMTUgKzgwNiwxOCBAQCBzdGF0aWMgYm9vbCBz ZXNzaW9uc0NyZWF0ZWQgPSBmYWxzZTsKIAogc3RhdGljIE5TVVJMU2Vzc2lvbkNvbmZpZ3VyYXRp b24gKmNvbmZpZ3VyYXRpb25Gb3JTZXNzaW9uSUQoY29uc3QgUEFMOjpTZXNzaW9uSUQmIHNlc3Np b24pCiB7CisgICAgTlNVUkxTZXNzaW9uQ29uZmlndXJhdGlvbiAqY29uZmlndXJhdGlvbjsKICAg ICBpZiAoc2Vzc2lvbi5pc0VwaGVtZXJhbCgpKSB7Ci0gICAgICAgIE5TVVJMU2Vzc2lvbkNvbmZp Z3VyYXRpb24gKmNvbmZpZ3VyYXRpb24gPSBbTlNVUkxTZXNzaW9uQ29uZmlndXJhdGlvbiBlcGhl bWVyYWxTZXNzaW9uQ29uZmlndXJhdGlvbl07CisgICAgICAgIGNvbmZpZ3VyYXRpb24gPSBbTlNV UkxTZXNzaW9uQ29uZmlndXJhdGlvbiBlcGhlbWVyYWxTZXNzaW9uQ29uZmlndXJhdGlvbl07CiAg ICAgICAgIGNvbmZpZ3VyYXRpb24uX3Nob3VsZFNraXBQcmVmZXJyZWRDbGllbnRDZXJ0aWZpY2F0 ZUxvb2t1cCA9IFlFUzsKKyAgICB9IGVsc2UKKyAgICAgICAgY29uZmlndXJhdGlvbiA9IFtOU1VS TFNlc3Npb25Db25maWd1cmF0aW9uIGRlZmF1bHRTZXNzaW9uQ29uZmlndXJhdGlvbl07CisKICNp ZiBIQVZFKEFMTE9XU19TRU5TSVRJVkVfTE9HR0lORykKLSAgICAgICAgY29uZmlndXJhdGlvbi5f YWxsb3dzU2Vuc2l0aXZlTG9nZ2luZyA9IE5POworICAgIGNvbmZpZ3VyYXRpb24uX2FsbG93c1Nl bnNpdGl2ZUxvZ2dpbmcgPSBOTzsKICNlbmRpZgotICAgICAgICByZXR1cm4gY29uZmlndXJhdGlv bjsKLSAgICB9Ci0gICAgcmV0dXJuIFtOU1VSTFNlc3Npb25Db25maWd1cmF0aW9uIGRlZmF1bHRT ZXNzaW9uQ29uZmlndXJhdGlvbl07CisKKyAgICByZXR1cm4gY29uZmlndXJhdGlvbjsKIH0KIAog Y29uc3QgU3RyaW5nJiBOZXR3b3JrU2Vzc2lvbkNvY29hOjpzb3VyY2VBcHBsaWNhdGlvbkJ1bmRs ZUlkZW50aWZpZXIoKSBjb25zdAo=