Title: [234990] trunk/Source/WebKit
- Revision
- 234990
- Author
- [email protected]
- Date
- 2018-08-17 11:10:41 -0700 (Fri, 17 Aug 2018)
Log Message
Simplify server trust authentication flow
https://bugs.webkit.org/show_bug.cgi?id=188684
Reviewed by Youenn Fablet.
We unnecessarily had the allowsSpecificHTTPSCertificateForHost check at two different abstraction levels.
* NetworkProcess/NetworkLoad.cpp:
(WebKit::NetworkLoad::didReceiveChallenge):
* NetworkProcess/NetworkSession.cpp:
(WebKit::NetworkSession::allowsSpecificHTTPSCertificateForHost): Deleted.
* NetworkProcess/NetworkSession.h:
* NetworkProcess/cocoa/NetworkSessionCocoa.mm:
(-[WKNetworkSessionDelegate URLSession:task:didReceiveChallenge:completionHandler:]):
Modified Paths
Diff
Modified: trunk/Source/WebKit/ChangeLog (234989 => 234990)
--- trunk/Source/WebKit/ChangeLog 2018-08-17 18:09:39 UTC (rev 234989)
+++ trunk/Source/WebKit/ChangeLog 2018-08-17 18:10:41 UTC (rev 234990)
@@ -1,5 +1,22 @@
2018-08-17 Alex Christensen <[email protected]>
+ Simplify server trust authentication flow
+ https://bugs.webkit.org/show_bug.cgi?id=188684
+
+ Reviewed by Youenn Fablet.
+
+ We unnecessarily had the allowsSpecificHTTPSCertificateForHost check at two different abstraction levels.
+
+ * NetworkProcess/NetworkLoad.cpp:
+ (WebKit::NetworkLoad::didReceiveChallenge):
+ * NetworkProcess/NetworkSession.cpp:
+ (WebKit::NetworkSession::allowsSpecificHTTPSCertificateForHost): Deleted.
+ * NetworkProcess/NetworkSession.h:
+ * NetworkProcess/cocoa/NetworkSessionCocoa.mm:
+ (-[WKNetworkSessionDelegate URLSession:task:didReceiveChallenge:completionHandler:]):
+
+2018-08-17 Alex Christensen <[email protected]>
+
Fix API tests after r234985
https://bugs.webkit.org/show_bug.cgi?id=188679
Modified: trunk/Source/WebKit/NetworkProcess/NetworkLoad.cpp (234989 => 234990)
--- trunk/Source/WebKit/NetworkProcess/NetworkLoad.cpp 2018-08-17 18:09:39 UTC (rev 234989)
+++ trunk/Source/WebKit/NetworkProcess/NetworkLoad.cpp 2018-08-17 18:10:41 UTC (rev 234990)
@@ -261,12 +261,6 @@
completionHandler(AuthenticationChallengeDisposition::UseCredential, { });
return;
}
-
-#if PLATFORM(COCOA)
- if (scheme == ProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested
- && NetworkSessionCocoa::allowsSpecificHTTPSCertificateForHost(challenge))
- return completionHandler(AuthenticationChallengeDisposition::UseCredential, serverTrustCredential(challenge));
-#endif
if (auto* pendingDownload = m_task->pendingDownload())
NetworkProcess::singleton().authenticationManager().didReceiveAuthenticationChallenge(*pendingDownload, challenge, WTFMove(completionHandler));
Modified: trunk/Source/WebKit/NetworkProcess/NetworkSession.cpp (234989 => 234990)
--- trunk/Source/WebKit/NetworkProcess/NetworkSession.cpp 2018-08-17 18:09:39 UTC (rev 234989)
+++ trunk/Source/WebKit/NetworkProcess/NetworkSession.cpp 2018-08-17 18:10:41 UTC (rev 234990)
@@ -81,13 +81,4 @@
task->invalidateAndCancel();
}
-bool NetworkSession::allowsSpecificHTTPSCertificateForHost(const WebCore::AuthenticationChallenge& challenge)
-{
-#if PLATFORM(COCOA)
- return NetworkSessionCocoa::allowsSpecificHTTPSCertificateForHost(challenge);
-#else
- return false;
-#endif
-}
-
} // namespace WebKit
Modified: trunk/Source/WebKit/NetworkProcess/NetworkSession.h (234989 => 234990)
--- trunk/Source/WebKit/NetworkProcess/NetworkSession.h 2018-08-17 18:09:39 UTC (rev 234989)
+++ trunk/Source/WebKit/NetworkProcess/NetworkSession.h 2018-08-17 18:10:41 UTC (rev 234990)
@@ -54,8 +54,6 @@
void registerNetworkDataTask(NetworkDataTask& task) { m_dataTaskSet.add(&task); }
void unregisterNetworkDataTask(NetworkDataTask& task) { m_dataTaskSet.remove(&task); }
- static bool allowsSpecificHTTPSCertificateForHost(const WebCore::AuthenticationChallenge&);
-
protected:
NetworkSession(PAL::SessionID);
Modified: trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm (234989 => 234990)
--- trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm 2018-08-17 18:09:39 UTC (rev 234989)
+++ trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm 2018-08-17 18:10:41 UTC (rev 234990)
@@ -330,13 +330,13 @@
return;
}
- // Handle server trust evaluation at platform-level if requested, for performance reasons.
- if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust] && !NetworkProcess::singleton().canHandleHTTPSServerTrustEvaluation()) {
+ if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]) {
if (NetworkSessionCocoa::allowsSpecificHTTPSCertificateForHost(challenge))
- completionHandler(NSURLSessionAuthChallengeUseCredential, [NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust]);
- else
- completionHandler(NSURLSessionAuthChallengeRejectProtectionSpace, nil);
- return;
+ return completionHandler(NSURLSessionAuthChallengeUseCredential, [NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust]);
+
+ // Handle server trust evaluation at platform-level if requested, for performance reasons and to use ATS defaults.
+ if (!NetworkProcess::singleton().canHandleHTTPSServerTrustEvaluation())
+ return completionHandler(NSURLSessionAuthChallengeRejectProtectionSpace, nil);
}
if (auto* networkDataTask = [self existingTask:task]) {
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
