Created attachment 395242 [details] Patch

Comment on attachment 395242 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=395242&action=review Seems reasonable to me though I'd love a cdumez or bradee-oh review > Source/WebKit/UIProcess/API/Cocoa/WKWebViewConfiguration.mm:921 > +- (BOOL)_loadsFromNetwork Is this a good name? It really means "allowsLoadingFromHTTPFamilySchemes", right? (what about web sockets, WKURLSchemeHandlers that happen to hit the network, etc...) > Source/WebKit/UIProcess/API/Cocoa/WKWebViewConfiguration.mm:931 > +- (BOOL)_loadsSubresources Are we consistent in this capitalization of subresources?

Created attachment 395243 [details] Patch

_loadsFromNetwork prevents http, https, ws, and wss loads. This is to fix rdar://problem/19426383 which was fixed using bundle SPI that did not block web sockets. This does block web sockets, as verified by the test, which counts the number of requests. If it did not block web sockets, the server would see a "request" from the web socket. We are quite consistent in our capitalization of Subresources.

Ah, I see the WebSocket change now.

Committed r259392: <https://trac.webkit.org/changeset/259392> All reviewed patches have been landed. Closing bug and clearing flags on attachment 395243 [details].

<rdar://problem/61215964>