[Webkit-unassigned] [Bug 135241] New: [Cocoa] WebProtectionSpace::receivesCredentialSecurely incorrectly returns false in some cases
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Jul 24 10:06:54 PDT 2014
https://bugs.webkit.org/show_bug.cgi?id=135241
Summary: [Cocoa] WebProtectionSpace::receivesCredentialSecurely
incorrectly returns false in some cases
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
OS/Version: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: WebKit2
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: mitz at webkit.org
CC: ap at webkit.org, beidson at apple.com
WebProtectionSpace::receivesCredentialSecurely uses the generic test in WebCore::ProtectionSpace (perhaps soon to be in ProtectionSpaceBase), rather than -[NSURLProtectionSpace receivesCredentialSecurely]. This leads to false negatives, such as in the case of an HTTP server with NEGO/NTLM authentication. This causes the authentication sheet in Safari to falsely say that the password will be sent unencrypted.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list