225146 – onerror event not triggered when origin uses TLS 1.0/1.1

Bug 225146 - onerror event not triggered when origin uses TLS 1.0/1.1

Summary: onerror event not triggered when origin uses TLS 1.0/1.1

Status:	NEW

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	Images (show other bugs)
Version:	Safari 14
Hardware:	All All

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2021-04-28 02:34 PDT by Tomáš Dvořák
Modified:	2021-05-05 02:35 PDT (History)
CC List:	6 users (show)

See Also:

Attachments
Simple script that demonstrates the issue (1.10 KB, text/html) 2021-04-28 02:34 PDT, Tomáš Dvořák	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Tomáš Dvořák 2021-04-28 02:34:51 PDT

Created attachment 427248 [details]
Simple script that demonstrates the issue

When you try to load an image from the origin which uses an obsolete version of the TLS (1.0 and 1.1) image will not be loaded and thus `onerror` event should be fired. 
It does not happen. I am attaching a simple script that demonstrates this issue.

The problem also persists in Safari 13.

Comment 1 Alexey Proskuryakov 2021-04-29 13:37:35 PDT

Weird. I can reproduce.

Comment 2 Alex Christensen 2021-04-29 20:22:26 PDT

Very strange.  This is probably related to r265835 which Safari hits in this case.  It's especially strange because we are getting a NSURLErrorCancelled after cancelling the authentication challenge.  Needs more investigation.

We should probably fix it, but there is a straightforward workaround: use TLS 1.2 or 1.3

Comment 3 Radar WebKit Bug Importer 2021-05-05 02:35:13 PDT

<rdar://problem/77548636>