<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[202640] trunk</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/202640">202640</a></dd>
<dt>Author</dt> <dd>commit-queue@webkit.org</dd>
<dt>Date</dt> <dd>2016-06-29 12:19:24 -0700 (Wed, 29 Jun 2016)</dd>
</dl>
<h3>Log Message</h3>
<pre>WKWebView should ask WKNavigationDelegate about bad ssl certificates
https://bugs.webkit.org/show_bug.cgi?id=159176
Source/WebKit2:
rdar://problem/26864882
Patch by Alex Christensen <achristensen@webkit.org> on 2016-06-29
Reviewed by Sam Weinig.
This can be tested manually by visiting a site in MiniBrowser that has invalid ssl certificates, but we don't have proper ssl testing yet.
Before this change, we would just open the site as if nothing were invalid, now we call the WKNavigationDelegate's didReceiveAuthenticationChallenge
like we did before using NSURLSession, and we do not open the page, also like we did before using NSURLSession.
* NetworkProcess/NetworkLoad.cpp:
(WebKit::NetworkLoad::continueCanAuthenticateAgainstProtectionSpace):
When using NSURLConnection and responding to canAuthenticateAgainstProtectionSpace with YES,
we get an NSURLAuthenticationChallenge when a bad ssl certificate is encountered in the handshake.
When using NSURLSession, we want to call webView:didReceiveAuthenticationChallenge:completionHandler: in this case.
The default implementation of NavigationState::NavigationClient::canAuthenticateAgainstProtectionSpace returns true
if there is an implementation of webView:didReceiveAuthenticationChallenge:completionHandler: in its WKNavigationDelegate.
Internal clients can implement _webView:canAuthenticateAgainstProtectionSpace:
and Safari uses canHandleHTTPSServerTrustEvaluation, so it will be unaffected.
Tools:
Patch by Alex Christensen <achristensen@webkit.org> on 2016-06-29
Reviewed by Sam Weinig.
* MiniBrowser/mac/WK2BrowserWindowController.m:
(-[WK2BrowserWindowController webView:didFinishLoadingNavigation:]):
(-[WK2BrowserWindowController webView:didReceiveAuthenticationChallenge:completionHandler:]):
(-[WK2BrowserWindowController webView:didFailNavigation:withError:]):</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkSourceWebKit2ChangeLog">trunk/Source/WebKit2/ChangeLog</a></li>
<li><a href="#trunkSourceWebKit2NetworkProcessNetworkLoadcpp">trunk/Source/WebKit2/NetworkProcess/NetworkLoad.cpp</a></li>
<li><a href="#trunkToolsChangeLog">trunk/Tools/ChangeLog</a></li>
<li><a href="#trunkToolsMiniBrowsermacWK2BrowserWindowControllerm">trunk/Tools/MiniBrowser/mac/WK2BrowserWindowController.m</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkSourceWebKit2ChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/ChangeLog (202639 => 202640)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/ChangeLog 2016-06-29 18:49:17 UTC (rev 202639)
+++ trunk/Source/WebKit2/ChangeLog 2016-06-29 19:19:24 UTC (rev 202640)
</span><span class="lines">@@ -1,3 +1,25 @@
</span><ins>+2016-06-29 Alex Christensen <achristensen@webkit.org>
+
+ WKWebView should ask WKNavigationDelegate about bad ssl certificates
+ https://bugs.webkit.org/show_bug.cgi?id=159176
+ rdar://problem/26864882
+
+ Reviewed by Sam Weinig.
+
+ This can be tested manually by visiting a site in MiniBrowser that has invalid ssl certificates, but we don't have proper ssl testing yet.
+ Before this change, we would just open the site as if nothing were invalid, now we call the WKNavigationDelegate's didReceiveAuthenticationChallenge
+ like we did before using NSURLSession, and we do not open the page, also like we did before using NSURLSession.
+
+ * NetworkProcess/NetworkLoad.cpp:
+ (WebKit::NetworkLoad::continueCanAuthenticateAgainstProtectionSpace):
+ When using NSURLConnection and responding to canAuthenticateAgainstProtectionSpace with YES,
+ we get an NSURLAuthenticationChallenge when a bad ssl certificate is encountered in the handshake.
+ When using NSURLSession, we want to call webView:didReceiveAuthenticationChallenge:completionHandler: in this case.
+ The default implementation of NavigationState::NavigationClient::canAuthenticateAgainstProtectionSpace returns true
+ if there is an implementation of webView:didReceiveAuthenticationChallenge:completionHandler: in its WKNavigationDelegate.
+ Internal clients can implement _webView:canAuthenticateAgainstProtectionSpace:
+ and Safari uses canHandleHTTPSServerTrustEvaluation, so it will be unaffected.
+
</ins><span class="cx"> 2016-06-29 Beth Dakin <bdakin@apple.com>
</span><span class="cx">
</span><span class="cx"> Delete WKElementInfo since it's not used
</span></span></pre></div>
<a id="trunkSourceWebKit2NetworkProcessNetworkLoadcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/NetworkProcess/NetworkLoad.cpp (202639 => 202640)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/NetworkProcess/NetworkLoad.cpp 2016-06-29 18:49:17 UTC (rev 202639)
+++ trunk/Source/WebKit2/NetworkProcess/NetworkLoad.cpp 2016-06-29 19:19:24 UTC (rev 202640)
</span><span class="lines">@@ -352,12 +352,7 @@
</span><span class="cx"> completionHandler(AuthenticationChallengeDisposition::RejectProtectionSpace, { });
</span><span class="cx"> return;
</span><span class="cx"> }
</span><del>-
- if (m_challenge->protectionSpace().authenticationScheme() == ProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested) {
- completionHandler(AuthenticationChallengeDisposition::UseCredential, serverTrustCredential(*m_challenge));
- return;
- }
-
</del><ins>+
</ins><span class="cx"> if (m_parameters.clientCredentialPolicy == DoNotAskClientForAnyCredentials) {
</span><span class="cx"> completionHandler(AuthenticationChallengeDisposition::UseCredential, { });
</span><span class="cx"> return;
</span></span></pre></div>
<a id="trunkToolsChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Tools/ChangeLog (202639 => 202640)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Tools/ChangeLog 2016-06-29 18:49:17 UTC (rev 202639)
+++ trunk/Tools/ChangeLog 2016-06-29 19:19:24 UTC (rev 202640)
</span><span class="lines">@@ -1,3 +1,15 @@
</span><ins>+2016-06-29 Alex Christensen <achristensen@webkit.org>
+
+ WKWebView should ask WKNavigationDelegate about bad ssl certificates
+ https://bugs.webkit.org/show_bug.cgi?id=159176
+
+ Reviewed by Sam Weinig.
+
+ * MiniBrowser/mac/WK2BrowserWindowController.m:
+ (-[WK2BrowserWindowController webView:didFinishLoadingNavigation:]):
+ (-[WK2BrowserWindowController webView:didReceiveAuthenticationChallenge:completionHandler:]):
+ (-[WK2BrowserWindowController webView:didFailNavigation:withError:]):
+
</ins><span class="cx"> 2016-06-29 Carlos Alberto Lopez Perez <clopez@igalia.com>
</span><span class="cx">
</span><span class="cx"> [GTK] Add missing install dependency after r202619
</span></span></pre></div>
<a id="trunkToolsMiniBrowsermacWK2BrowserWindowControllerm"></a>
<div class="modfile"><h4>Modified: trunk/Tools/MiniBrowser/mac/WK2BrowserWindowController.m (202639 => 202640)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Tools/MiniBrowser/mac/WK2BrowserWindowController.m 2016-06-29 18:49:17 UTC (rev 202639)
+++ trunk/Tools/MiniBrowser/mac/WK2BrowserWindowController.m 2016-06-29 19:19:24 UTC (rev 202640)
</span><span class="lines">@@ -567,6 +567,12 @@
</span><span class="cx"> LOG(@"didFinishLoadingNavigation: %@", navigation);
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+- (void)webView:(WKWebView *)webView didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential *__nullable credential))completionHandler
+{
+ LOG(@"didReceiveAuthenticationChallenge: %@", challenge);
+ completionHandler(NSURLSessionAuthChallengeRejectProtectionSpace, nil);
+}
+
</ins><span class="cx"> - (void)webView:(WKWebView *)webView didFailNavigation:(WKNavigation *)navigation withError:(NSError *)error
</span><span class="cx"> {
</span><span class="cx"> LOG(@"didFailNavigation: %@, error %@", navigation, error);
</span></span></pre>
</div>
</div>
</body>
</html>