[webkit-gtk] Upgrading to newer version of webkit - need help.

Niranjan Rao nhrdls at gmail.com
Mon Jan 12 08:49:27 PST 2015


Thank you Michael,

I forgot to mention, we are using Webkit2

For poodle, we do export the environment variable - same entry you have 
mentioned. In fact you gave us the string back in November.
This fixed some sites, but broke others. Right now we enable/disable 
environment variable based on site. Based on your comments, this may not 
help us more in that direction.

If you still want (as you mentioned on Nov 17th mail on same list), I 
can try to get you list of sites where it breaks.

Regards,

Niranjan

On 01/09/2015 07:13 PM, Michael Catanzaro wrote:
> On Fri, Jan 9, 2015 at 7:26 PM, Niranjan Rao <nhrdls at gmail.com> wrote:
>> Greetings, Right now we are on 2.2.6 version and we are thinking of 
>> upgrading. Most interesting stuff for us is POODLE vulnerability fix.
>
> You can mitigate POODLE without any update by setting an environment 
> variable before launching the browser:
>
> export 
> G_TLS_GNUTLS_PRIORITY=NORMAL:%COMPAT:%LATEST_RECORD_VERSION:-VERS-SSL3.0
>
> If you upgrade to 2.4.8 and use the WebKit2 API, you won't need to do 
> that anymore, but if you use the WebKit1 API, you must still do that 
> for yourself. For WebKit1 applications, consider setting it with 
> setenv() on the very first line of main(). See [1] for more info on this.
>
>> The site mentions three versions 2.4.8/2.7.3/2.6.4. Which version 
>> should be use?
>
> 2.7.3 is the unstable version. You don't want that. The odd second 
> digit indicates that it's unstable, even indicates stable.
>
> 2.6.4 is the latest stable version, but 2.4.8 is the last version with 
> the WebKit1 API. If your application uses WebKit1, you need to stick 
> with 2.4.x until you have updated it to use the WebKit2 API. 2.6.x and 
> 2.4.x are parallel-installable for this reason.
>
>> We have a custom extension working for version 2.2.6. Should be 
>> expect any surprises for the extension if we upgrade to newer version?
>
> 2.2.x -> 2.4.x should be easy and relatively safe (there will be the 
> usual mix of bugfixes and new bugs). Both of these versions include 
> both the WebKit1 and WebKit2 API, to make it easier to transition. 
> Then you can upgrade to 2.6.x once your app has been ported to WebKit2 
> (if it hasn't been already).
>
>> Right now we are on Ubuntu 12.04. We did compile/install all the 
>> required dependencies needed for 2.2.6 that were not part of standard 
>> Ubuntu repositories - mostly newer versions of libraries. Will latest 
>> code run Ubuntu 12.04 if we manage to install dependencies?
>
> If you can install all the dependencies, then it will probably work 
> fine. Good luck.
>
> Michael
>
> [1] https://lists.webkit.org/pipermail/webkit-gtk/2014-October/002110.html

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-gtk/attachments/20150112/064ad75b/attachment.html>


More information about the webkit-gtk mailing list