[Webkit-unassigned] [Bug 219396] Remove mixed content blocking settings, deprecate insecure-content-detected signals, and automatically upgrade insecure requests
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Feb 16 15:31:41 PST 2024
https://bugs.webkit.org/show_bug.cgi?id=219396
Michael Catanzaro <mcatanzaro at redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |m_finkel at apple.com
--- Comment #4 from Michael Catanzaro <mcatanzaro at redhat.com> ---
I think this is now implemented after bug #268823, albeit only conditionally, behind a runtime preference. This makes it unclear what we should do with the various insecure content detected APIs. The various layers of signals still exist, but are generally unused now.
I'm inclined to deprecate the GTK/WPE API simply to avoid confusion from having API that doesn't do anything anymore. Not sure about the cross-platform bits, though. They're still theoretically useful if you change the runtime setting. And the GTK/WPE ports do allow this via the WebKitFeature API, so in theory, they could still be fired. In practice, though, we can still safely deprecate them; no developers are likely to ever do that, and even if so, it's OK to tell developers "don't do that."
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20240216/653ee31a/attachment.htm>
More information about the webkit-unassigned
mailing list