187158 – ENHANCEMENT REQUEST(iOS 11.4): Add support 3rd Party Certificate Pinning to WKWebView

Bug 187158 - ENHANCEMENT REQUEST(iOS 11.4): Add support 3rd Party Certificate Pinning to WKWebView

Summary: ENHANCEMENT REQUEST(iOS 11.4): Add support 3rd Party Certificate Pinning to W...

Status:	NEW

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	Page Loading (show other bugs)
Version:	Safari 11
Hardware:	iPhone / iPad iOS 11

Importance:	P2 Blocker
Assignee:	Nobody

URL:
Keywords:

Depends on:
Blocks:

Reported:	2018-06-28 14:48 PDT by Rob Sturtz
Modified:	2018-06-29 02:30 PDT (History)
CC List:	4 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Rob Sturtz 2018-06-28 14:48:40 PDT

The majority of Workday customers are configured to use multi-factor authorization which requires leaving the Workday app to go to Duo or a similar authorization app. Workday would like to migrate to WKWebView in place of our current UIWebView implementation, however, some Workday customers are very security conscious and require the use of 3rd party certificate pinning. This is something that is currently only available with UIWebView. Since the roll out of iOS 11.3, we have been receiving an increasing number of customer support cases that end users cannot successfully complete two factor authentication since UIWebView controller no longer supports maintaining an active connection. This is something that Duo WebView (and other mutlifactor authentication providers) use to look for confirmation of authentication. 

We are requesting Apple to add support for 3rd party certificate pinning to WKWebView. We cannot migrate to WKWebView until support is added, as it would prevent some of our customers from being able to login unless they were to compromise their security policies, which from our customer’s perspective is not a viable option.