Bug 145886

Summary:

Make -[WKWebView _certificateChain] public.

Product:

WebKit

Reporter:

Eugene But <eugenebut>

Component:

WebKit2

Assignee:

mitz

Status:

RESOLVED FIXED

Severity:

Normal

CC:

andersca, mitz, sam, stuartmorgan

Priority:

Keywords:

InRadar

Version:

528+ (Nightly build)

Hardware:

iPhone / iPad

OS:

All

Attachments:

Description	Flags
Add a certificateChain property to WKWebView	sam: review+
Add a certificateChain property to WKWebView	sam: review+

Description Eugene But 2015-06-11 11:09:29 PDT

Making _certificateChain API public will simplify implementation of security UI (https lock) for web browsers.

In WebKit nightly build webView:didReceiveAuthenticationChallenge:completionHandler: provides certs chain.
However it is not called on every navigation. It means that if app needs to know
the certs of current page it has to maintain persistent cache: host-name: cert-chain.

The certs are already cached by WebKit, so storing this cache twice is additional overhead.

rdar://21342465

Comment 1 Eugene But 2015-06-12 13:05:30 PDT

webView:didReceiveAuthenticationChallenge:completionHandler: does not provide information about the frame which loads a resource. Hence caching certs, so they can be reused later for lock icon is not viable.

Without certificateChain public API correct implementation of security lock is not possible.

Comment 2 mitz 2015-06-20 16:16:58 PDT

Created attachment 255301 [details]
Add a certificateChain property to WKWebView

Comment 3 mitz 2015-06-21 09:46:55 PDT

Created attachment 255327 [details]
Add a certificateChain property to WKWebView

Revised to make the property non-nullable

Comment 4 mitz 2015-06-23 09:47:21 PDT

Fixed in <http://trac.webkit.org/r185876>.