[Webkit-unassigned] [Bug 276338] New: [Cocoa] Recognize a second entitlement to allow non-Lockdown Mode processes to launch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Jul 8 13:53:59 PDT 2024
https://bugs.webkit.org/show_bug.cgi?id=276338
Bug ID: 276338
Summary: [Cocoa] Recognize a second entitlement to allow
non-Lockdown Mode processes to launch
Product: WebKit
Version: WebKit Local Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Keywords: InRadar
Severity: Normal
Priority: P2
Component: WebKit Misc.
Assignee: webkit-unassigned at lists.webkit.org
Reporter: bfulgham at webkit.org
CC: webkit-bug-importer at group.apple.com
Applications using `WKWebView` that have the `com.apple.developer.web-browser` entitlement can request that a particular page be loaded outside of Lockdown Mode. This allows users to bypass LDM on sites that don't work well under that restricted set of features.
We would like to permit some system processes to launch a plain WKWebView in lockdown mode because of similar compatibility issues. We do not want to use the `web-browser` entitlement, since we do not want the other powerful features that entitlement grants.
We are adding a managed entitlement to support this restricted use case: `com.apple.private.allow-ldm-exempt-webview`
This patch recognizes this new entitlement as an alternative to `com.apple.developer.web-browser` for this specific case.
<rdar://127464996>
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20240708/c5e9b5a2/attachment.htm>
More information about the webkit-unassigned
mailing list