[webkit-reviews] review granted: [Bug 175147] [Win] DRT should only allow any https certificate for localhost. : [Attachment 317144] Patch

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Aug 18 09:28:58 PDT 2017


Brent Fulgham <bfulgham at webkit.org> has granted Per Arne Vollan
<pvollan at apple.com>'s request for review:
Bug 175147: [Win] DRT should only allow any https certificate for localhost.
https://bugs.webkit.org/show_bug.cgi?id=175147

Attachment 317144: Patch

https://bugs.webkit.org/attachment.cgi?id=317144&action=review




--- Comment #7 from Brent Fulgham <bfulgham at webkit.org> ---
Comment on attachment 317144
  --> https://bugs.webkit.org/attachment.cgi?id=317144
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=317144&action=review

r=me assuming you add the Radar reference I requested.

> Source/WebCore/platform/network/cf/ResourceHandleCFNet.cpp:183
>	   CFDictionaryAddValue(sslProps.get(),
kCFStreamSSLValidatesCertificateChain, kCFBooleanFalse);

Is this a bug in CFNetwork on Windows? Can you add a <rdar> reference for this,
if it is?

> Tools/DumpRenderTree/win/DumpRenderTree.cpp:1217
> +	   request->setAllowsAnyHTTPSCertificate();

This is a harmless check, but I'm not sure it's necessary since DRT only runs
against servers we specify.


More information about the webkit-reviews mailing list