<html>
<head>
<base href="https://bugs.webkit.org/" />
</head>
<body><span class="vcard"><a class="email" href="mailto:cgarcia@igalia.com" title="Carlos Garcia Campos <cgarcia@igalia.com>"> <span class="fn">Carlos Garcia Campos</span></a>
</span> changed
<a class="bz_bug_link
bz_status_NEW "
title="NEW - [GStreamer] Certificate database missing when accessing HTTPS via WebKitWebSourceGStreamer"
href="https://bugs.webkit.org/show_bug.cgi?id=163166">bug 163166</a>
<br>
<table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>What</th>
<th>Removed</th>
<th>Added</th>
</tr>
<tr>
<td style="text-align:right;">CC</td>
<td>
</td>
<td>cgarcia@igalia.com
</td>
</tr>
<tr>
<td style="text-align:right;">Summary</td>
<td>REGRESSION(r202615): [GStreamer] Certificate database missing when accessing HTTPS via WebKitWebSourceGStreamer
</td>
<td>[GStreamer] Certificate database missing when accessing HTTPS via WebKitWebSourceGStreamer
</td>
</tr></table>
<p>
<div>
<b><a class="bz_bug_link
bz_status_NEW "
title="NEW - [GStreamer] Certificate database missing when accessing HTTPS via WebKitWebSourceGStreamer"
href="https://bugs.webkit.org/show_bug.cgi?id=163166#c3">Comment # 3</a>
on <a class="bz_bug_link
bz_status_NEW "
title="NEW - [GStreamer] Certificate database missing when accessing HTTPS via WebKitWebSourceGStreamer"
href="https://bugs.webkit.org/show_bug.cgi?id=163166">bug 163166</a>
from <span class="vcard"><a class="email" href="mailto:cgarcia@igalia.com" title="Carlos Garcia Campos <cgarcia@igalia.com>"> <span class="fn">Carlos Garcia Campos</span></a>
</span></b>
<pre>This is not a regression of r202615, In r202615 we only moved loads that are started in a secondary thread to another secondary thread to avoid deadlocks because of the GST locks. But before, those loas were still done in the web process using a ResourceHandle, but in the main thread. Ideally, we would not be doing those loads at all, but since our source element is public (and can't be made private with current GST APIs), we end up doing those loads. Because of that we have this second path were we use a ResourceHandle to do the loads like the souphttpsrc element would do. HLS code in GST uses a source element to download the manifest and fragments, but when using the souphttpsrc element, it also rejects connections to invalid certificates, because souphttpsrc uses ssl strict by default. So, I don't think we should be using the TLS exceptions added via API for these loads, because they don't belong to WebKit, but to GST. What I think that could have happened is that we
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are the assignee for the bug.</li>
</ul>
</body>
</html>