RESOLVED FIXED 215626
WKWebViews using fastServerTrustEvaluationEnabled should only allow legacy TLS for main resource loads 
https://bugs.webkit.org/show_bug.cgi?id=215626
Summary WKWebViews using fastServerTrustEvaluationEnabled should only allow legacy TL...
Alex Christensen
Reported 2020-08-18 14:27:30 PDT
WKWebViews using fastServerTrustEvaluationEnabled should only allow legacy TLS for main resource loads
Attachments
Patch (8.06 KB, patch)
2020-08-18 14:38 PDT, Alex Christensen 		no flags
DetailsFormatted DiffDiff
Patch (5.54 KB, patch)
2020-08-18 14:50 PDT, Alex Christensen 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Alex Christensen
Comment 1 2020-08-18 14:38:20 PDT
Created attachment 406811 [details] Patch
Darin Adler
Comment 2 2020-08-18 14:41:02 PDT
Comment on attachment 406811 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=406811&action=review > Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:397 > + if (negotiatedLegacyTLS == NegotiatedLegacyTLS::Yes > + && fastServerTrustEvaluationEnabled > + && !isTopLevelNavigation()) > + return completionHandler(AuthenticationChallengeDisposition::Cancel, { }); Why not do this in NetworkSessionCocoa::continueDidReceiveChallenge rather than passing more state through?
Alex Christensen
Comment 3 2020-08-18 14:50:58 PDT
Created attachment 406813 [details] Patch
Alex Christensen
Comment 4 2020-08-18 14:51:35 PDT
Comment on attachment 406813 [details] Patch Great idea!
EWS
Comment 5 2020-08-18 15:18:25 PDT
Committed r265835: <https://trac.webkit.org/changeset/265835> All reviewed patches have been landed. Closing bug and clearing flags on attachment 406813 [details].
Radar WebKit Bug Importer
Comment 6 2020-08-18 15:19:18 PDT
<rdar://problem/67356569>
Alex Christensen
Comment 7 2020-08-19 18:50:48 PDT
http://trac.webkit.org/r265930
Note You need to log in before you can comment on or make changes to this bug.