Created attachment 406469 [details] Patch

Comment on attachment 406469 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=406469&action=review r=me > Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm:678 > + if (negotiatedLegacyTLS == NegotiatedLegacyTLS::Yes && task._preconnect) > + return completionHandler(NSURLSessionAuthChallengeCancelAuthenticationChallenge, nil); Seems like we should also check the TLS deprecation feature flag here?

Comment on attachment 406469 [details] Patch There isn't a clean feature flag for this, especially not in the network process. We have systemAllowsLegacyTLSFor, but even if that returns true we want to block the preconnect handshake to fix this bug.

Committed r265573: <https://trac.webkit.org/changeset/265573> All reviewed patches have been landed. Closing bug and clearing flags on attachment 406469 [details].

<rdar://problem/66941740>

This made one API test flaky. No idea why it didn't fail until almost two weeks later, but I investigated it and it's no problem. Fixing it in bug 215791.

Another test needed updating in https://bugs.webkit.org/show_bug.cgi?id=216704