[Webkit-unassigned] [Bug 140412] New: WKWebView should provide an API to allow canceling requests based on SSL certificates information before cookies are sent to the server.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Jan 13 14:14:50 PST 2015
https://bugs.webkit.org/show_bug.cgi?id=140412
Bug ID: 140412
Summary: WKWebView should provide an API to allow canceling
requests based on SSL certificates information before
cookies are sent to the server.
Classification: Unclassified
Product: WebKit
Version: 528+ (Nightly build)
Hardware: iOS
OS: All
Status: NEW
Severity: Normal
Priority: P2
Component: WebKit2
Assignee: webkit-unassigned at lists.webkit.org
Reporter: eugenebut at chromium.org
This API is necessary if host app wants to implement certificate blacklisting feature.
webView:didReceiveAuthenticationChallenge:completionHandler: is not suitable for that.
It provides all required information but it's called after the cookies were sent to the server and if host app believes that certificate is compromised it's too late to cancel the request as cookies were gone.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20150113/b03c8d2e/attachment-0002.html>
More information about the webkit-unassigned
mailing list