Bug 209522

Summary:

[Cocoa] Avoid logging sensitive information for all network sessions

Product:

WebKit

Reporter:

Brent Fulgham <bfulgham>

Component:

WebKit2

Assignee:

Brent Fulgham <bfulgham>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

achristensen, bfulgham, pvollan, webkit-bug-importer, wilander

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

See Also:

https://bugs.webkit.org/show_bug.cgi?id=212551

Bug Depends on:

Bug Blocks:

211266

Attachments:

Description	Flags
Patch	none

Brent Fulgham

Reported 2020-03-24 16:54:31 PDT

We avoid logging sensitive information (such as visited URLs) on production builds and for ephemeral sessions. We should also avoid such logging for engineering and prerelease builds to reduce the possibility of personally identifiable information being retained in logs.

Attachments
Patch (2.35 KB, patch) 2020-03-24 16:58 PDT, Brent Fulgham	no flags	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Brent Fulgham

Comment 1 2020-03-24 16:56:17 PDT

<rdar://problem/54807157>

Brent Fulgham

Comment 2 2020-03-24 16:58:15 PDT

Created attachment 394442 [details] Patch

Brent Fulgham

Comment 3 2020-03-24 20:34:39 PDT

The Windows test case failure is not related to this Cocoa-only change.

EWS

Comment 4 2020-03-25 10:27:07 PDT

Committed r258994: <https://trac.webkit.org/changeset/258994> All reviewed patches have been landed. Closing bug and clearing flags on attachment 394442 [details].

Note You need to log in before you can comment on or make changes to this bug.