[Webkit-unassigned] [Bug 113755] New: [Soup]TLS error bad certificate check in case of redirections
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Apr 2 00:36:55 PDT 2013
https://bugs.webkit.org/show_bug.cgi?id=113755
Summary: [Soup]TLS error bad certificate check in case of
redirections
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
OS/Version: Unspecified
Status: UNCONFIRMED
Severity: Normal
Priority: P2
Component: WebKit EFL
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: youennf at gmail.com
CC: demarchi at webkit.org
ResourceHandleSoup::handleUnignoredTLSErrors currently checks whether TLS errors are ignorable or not.
In case of a redirection, the URL that is used to do the check is the initial request URL, not the URL used after the redirection.
This may cause two potential issues:
1. If a certificate is added in the list of authorized certificates for a domain N1, it will not be found in case of a redirection from a domain N2 to N1.
2. If TLS errors are skipped for a domain N1, TLS errors will also be skipped for a domain N2 in case of a redirection from N1 to N2.
EWebLauncher has this behavior when enforcing TLS errors checks (setIgnoreSSLErrors(false)) and registering a self-signed certificate to a specific domain.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list