Title: [109338] trunk/Source/WebKit2
- Revision
- 109338
- Author
- ser...@webkit.org
- Date
- 2012-03-01 04:51:43 -0800 (Thu, 01 Mar 2012)
Log Message
[WK2] [GTK] [libsoup] SoupSession should use system CA
https://bugs.webkit.org/show_bug.cgi?id=79657
Reviewed by Martin Robinson.
SoupSession sould use system CA list to validate SSL
certificates. Do not use strict certificate validation though as
we want clients to decide whether or not accept/decline invalid
certificates (API to be added later).
No new tests required as current behaviour does not change at all
as we continue to accept invalid certificates by default.
* WebProcess/gtk/WebProcessMainGtk.cpp:
(WebKit::WebProcessMainGtk):
Modified Paths
Diff
Modified: trunk/Source/WebKit2/ChangeLog (109337 => 109338)
--- trunk/Source/WebKit2/ChangeLog 2012-03-01 12:40:24 UTC (rev 109337)
+++ trunk/Source/WebKit2/ChangeLog 2012-03-01 12:51:43 UTC (rev 109338)
@@ -1,3 +1,21 @@
+2012-03-01 Sergio Villar Senin <svil...@igalia.com>
+
+ [WK2] [GTK] [libsoup] SoupSession should use system CA
+ https://bugs.webkit.org/show_bug.cgi?id=79657
+
+ Reviewed by Martin Robinson.
+
+ SoupSession sould use system CA list to validate SSL
+ certificates. Do not use strict certificate validation though as
+ we want clients to decide whether or not accept/decline invalid
+ certificates (API to be added later).
+
+ No new tests required as current behaviour does not change at all
+ as we continue to accept invalid certificates by default.
+
+ * WebProcess/gtk/WebProcessMainGtk.cpp:
+ (WebKit::WebProcessMainGtk):
+
2012-03-01 Carlos Garcia Campos <cgar...@igalia.com>
Unreviewed. Fix WebKit2 GTK+ build.
Modified: trunk/Source/WebKit2/WebProcess/gtk/WebProcessMainGtk.cpp (109337 => 109338)
--- trunk/Source/WebKit2/WebProcess/gtk/WebProcessMainGtk.cpp 2012-03-01 12:40:24 UTC (rev 109337)
+++ trunk/Source/WebKit2/WebProcess/gtk/WebProcessMainGtk.cpp 2012-03-01 12:51:43 UTC (rev 109338)
@@ -64,6 +64,12 @@
SoupSession* session = WebCore::ResourceHandle::defaultSession();
soup_session_add_feature_by_type(session, WEB_TYPE_AUTH_DIALOG);
+ // Despite using system CAs to validate certificates we're
+ // accepting invalid certificates by default. New API will be
+ // added later to let client accept/discard invalid certificates.
+ g_object_set(session, SOUP_SESSION_SSL_USE_SYSTEM_CA_FILE, TRUE,
+ SOUP_SESSION_SSL_STRICT, FALSE, NULL);
+
RunLoop::run();
return 0;
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes