[webkit-reviews] review granted: [Bug 134878] [iOS] Networking process writes persistent credentials to the keychain : [Attachment 234838] Use a session-persistent credential instead of a permanent one
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sun Jul 13 20:52:40 PDT 2014
Alexey Proskuryakov <ap at webkit.org> has granted mitz at webkit.org
<mitz at webkit.org>'s request for review:
Bug 134878: [iOS] Networking process writes persistent credentials to the
keychain
https://bugs.webkit.org/show_bug.cgi?id=134878
Attachment 234838: Use a session-persistent credential instead of a permanent
one
https://bugs.webkit.org/attachment.cgi?id=234838&action=review
------- Additional Comments from Alexey Proskuryakov <ap at webkit.org>
View in context: https://bugs.webkit.org/attachment.cgi?id=234838&action=review
It's going to be sad without shimming. Perhaps we should indicate why we fail,
so that developers know why their APIs don't work as expected?
I think that there is a way to implement shimming though, see
<rdar://problem/11965615>.
> Source/WebKit2/Shared/Authentication/AuthenticationManager.cpp:119
> +#if PLATFORM(IOS)
I'm somewhat torn about suggesting to move this to
ResourceHandle::receivedCredential(), where we have very similar code.
Existing code seems like it probably doesn't handle downloading.
> Source/WebKit2/Shared/Authentication/AuthenticationManager.cpp:122
> + if (credential.persistence() == CredentialPersistencePermanent) {
Do proxy credentials go through this code path? I suspect that they do, and
that we very much do want to store them persistently anyway.
More information about the webkit-reviews
mailing list