140412 – WKWebView should provide an API to allow canceling requests based on SSL certificates information before cookies are sent to the server.

NEW 140412

WKWebView should provide an API to allow canceling requests based on SSL certificates information before cookies are sent to the server.

https://bugs.webkit.org/show_bug.cgi?id=140412

Summary WKWebView should provide an API to allow canceling requests based on SSL cert...

Eugene But

Reported 2015-01-13 14:14:50 PST

This API is necessary if host app wants to implement certificate blacklisting feature. webView:didReceiveAuthenticationChallenge:completionHandler: is not suitable for that. It provides all required information but it's called after the cookies were sent to the server and if host app believes that certificate is compromised it's too late to cancel the request as cookies were gone.

Attachments
Add attachment proposed patch, testcase, etc.

Eugene But

Comment 1 2015-01-13 14:26:31 PST

Also reported to Apple Radar: rdar://19462148

Benjamin Poulain

Comment 2 2015-06-15 12:33:47 PDT

(In reply to comment #1) > Also reported to Apple Radar: rdar://19462148 The radar does not match this bug report.

Radar WebKit Bug Importer

Comment 3 2015-06-15 12:34:04 PDT

<rdar://problem/21387703>

Note You need to log in before you can comment on or make changes to this bug.

Status NEW

Resolution

Priority P2

Severity Normal

Classification Unclassified

Version 528+ (Nightly build)

Hardware iPhone / iPad

OS All

Product WebKit

Component WebKit2

Assignee

Nobody

Reported

2015-01-13 14:14 PST

Modified

2015-06-15 12:34 PDT History

CC List

2 users Show

URL

Keywords InRadar

Depends on

Blocks