Bug 216585

Summary: Move TLS certificate bypass SPI from WebProcessPool to WebsiteDataStore
Product: WebKit Reporter: Alex Christensen <achristensen>
Component: New BugsAssignee: Alex Christensen <achristensen>
Status: RESOLVED FIXED    
Severity: Normal CC: berto, cgarcia, ews-watchlist, ggaren, gustavo, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
ews-feeder: commit-queue-
Patch
none
Patch
none
Patch
none
Patch none

Description Alex Christensen 2020-09-15 14:39:17 PDT 
Move TLS certificate bypass SPI from WebProcessPool to WebsiteDataStore
Comment 1 Alex Christensen 2020-09-15 14:45:19 PDT 
Created attachment 408865 [details]
Patch
Comment 2 Geoffrey Garen 2020-09-15 14:46:06 PDT 
Comment on attachment 408865 [details]
Patch

r=me
Comment 3 Alex Christensen 2020-09-15 14:57:14 PDT 
Created attachment 408866 [details]
Patch
Comment 4 EWS Watchlist 2020-09-15 14:57:52 PDT 
Thanks for the patch. If this patch contains new public API please make sure it follows the guidelines for new WebKit2 GTK+ API. See https://trac.webkit.org/wiki/WebKitGTK/AddingNewWebKit2API
Comment 5 Alex Christensen 2020-09-15 15:10:09 PDT 
Created attachment 408867 [details]
Patch
Comment 6 Alex Christensen 2020-09-15 16:54:26 PDT 
Comment on attachment 408867 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=408867&action=review

> Source/WebKit/UIProcess/API/Cocoa/WKWebsiteDataStore.mm:636
> +- (void)_allowTLSCertificate:(NSArray *)certificateChain forHost:(NSString *)host

I'm going to call this _allowCertificateChain:forHost: because a certificate is one element of the array.
Comment 7 Alex Christensen 2020-09-15 16:58:34 PDT 
Comment on attachment 408867 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=408867&action=review

>> Source/WebKit/UIProcess/API/Cocoa/WKWebsiteDataStore.mm:636
>> +- (void)_allowTLSCertificate:(NSArray *)certificateChain forHost:(NSString *)host
> 
> I'm going to call this _allowCertificateChain:forHost: because a certificate is one element of the array.

_allowTLSCertificateChain
Comment 8 Alex Christensen 2020-09-15 17:28:10 PDT 
Created attachment 408880 [details]
Patch
Comment 9 Carlos Garcia Campos 2020-09-16 05:29:09 PDT 
Comment on attachment 408880 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=408880&action=review

> Source/WebKit/UIProcess/API/glib/WebKitWebContext.cpp:1628
> -    context->priv->processPool->allowSpecificHTTPSCertificateForHost(webCertificateInfo.ptr(), String::fromUTF8(host));
> +    WebsiteDataStore::defaultDataStore()->allowSpecificHTTPSCertificateForHost(webCertificateInfo.ptr(), String::fromUTF8(host));

This should be:

auto& websiteDataStore = webkitWebsiteDataManagerGetDataStore(context->priv->websiteDataManager.get());
websiteDataStore.allowSpecificHTTPSCertificateForHost(webCertificateInfo.ptr(), String::fromUTF8(host));

The GLib API doesn't use the default data store.
Comment 10 Alex Christensen 2020-09-16 09:28:52 PDT 
Created attachment 408927 [details]
Patch
Comment 11 EWS 2020-09-16 11:21:10 PDT 
Committed r267155: <https://trac.webkit.org/changeset/267155>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 408927 [details].
Comment 12 Radar WebKit Bug Importer 2020-09-16 11:22:15 PDT 
<rdar://problem/69001622>