Title: [198715] trunk/Source/WebKit2
- Revision
- 198715
- Author
- m...@apple.com
- Date
- 2016-03-26 00:31:46 -0700 (Sat, 26 Mar 2016)
Log Message
Treat SHA-1-signed certificates as insecure by default.
Reviewed by Sam Weinig.
* UIProcess/API/APIPageConfiguration.h: Initialize m_treatsSHA1SignedCertificatesAsInsecure
to true.
* UIProcess/API/Cocoa/WKWebViewConfiguration.mm:
(-[WKWebViewConfiguration init]): Initialize _treatsSHA1SignedCertificatesAsInsecure to YES.
Modified Paths
Diff
Modified: trunk/Source/WebKit2/ChangeLog (198714 => 198715)
--- trunk/Source/WebKit2/ChangeLog 2016-03-26 07:08:21 UTC (rev 198714)
+++ trunk/Source/WebKit2/ChangeLog 2016-03-26 07:31:46 UTC (rev 198715)
@@ -1,3 +1,14 @@
+2016-03-26 Dan Bernstein <m...@apple.com>
+
+ Treat SHA-1-signed certificates as insecure by default.
+
+ Reviewed by Sam Weinig.
+
+ * UIProcess/API/APIPageConfiguration.h: Initialize m_treatsSHA1SignedCertificatesAsInsecure
+ to true.
+ * UIProcess/API/Cocoa/WKWebViewConfiguration.mm:
+ (-[WKWebViewConfiguration init]): Initialize _treatsSHA1SignedCertificatesAsInsecure to YES.
+
2016-03-25 Dean Jackson <d...@apple.com>
Remove use of extern "C" to include QuartzCore files
Modified: trunk/Source/WebKit2/UIProcess/API/APIPageConfiguration.h (198714 => 198715)
--- trunk/Source/WebKit2/UIProcess/API/APIPageConfiguration.h 2016-03-26 07:08:21 UTC (rev 198714)
+++ trunk/Source/WebKit2/UIProcess/API/APIPageConfiguration.h 2016-03-26 07:31:46 UTC (rev 198715)
@@ -105,7 +105,7 @@
// Once we get rid of it we should get rid of this configuration parameter as well.
WebCore::SessionID m_sessionID;
- bool m_treatsSHA1SignedCertificatesAsInsecure = false;
+ bool m_treatsSHA1SignedCertificatesAsInsecure = true;
#if PLATFORM(IOS)
bool m_alwaysRunsAtForegroundPriority = false;
#endif
Modified: trunk/Source/WebKit2/UIProcess/API/Cocoa/WKWebViewConfiguration.mm (198714 => 198715)
--- trunk/Source/WebKit2/UIProcess/API/Cocoa/WKWebViewConfiguration.mm 2016-03-26 07:08:21 UTC (rev 198714)
+++ trunk/Source/WebKit2/UIProcess/API/Cocoa/WKWebViewConfiguration.mm 2016-03-26 07:31:46 UTC (rev 198715)
@@ -175,6 +175,7 @@
_convertsPositionStyleOnCopy = NO;
_allowsMetaRefresh = YES;
_allowUniversalAccessFromFileURLs = NO;
+ _treatsSHA1SignedCertificatesAsInsecure = YES;
return self;
}
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes