Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 35c9c0e8123fe88456fab96be5fdf19edac5c010
https://github.com/WebKit/WebKit/commit/35c9c0e8123fe88456fab96be5fdf19edac5c010
Author: Matthew Finkel <sys...@apple.com>
Date: 2024-10-11 (Fri, 11 Oct 2024)
Changed paths:
M Source/WebCore/loader/cache/CachedResourceLoader.cpp
M Tools/TestWebKitAPI/Tests/WebKitCocoa/Navigation.mm
Log Message:
-----------
Allow loading any secure resources when HTTPSOnly is enabled
https://bugs.webkit.org/show_bug.cgi?id=281231
rdar://137452788
Reviewed by Timothy Hatcher and Alex Christensen.
Currently, https is the only allowed scheme when HTTPSOnly is enabled. This
prevents loading a page with any other URL that is considered secure because we
can't upgrade it to a secure connection and we can't fallback to a non-secure
connection (these concepts don't really make sense for a local scheme). This
change consults the scheme registry to check if the protocol is considered
secure.
Combined changes:
* Source/WebCore/loader/cache/CachedResourceLoader.cpp:
(WebCore::CachedResourceLoader::requestResource):
* Tools/TestWebKitAPI/Tests/WebKitCocoa/Navigation.mm:
(TEST(WKNavigation, HTTPSOnlyNonHTTPSSecureSchemes)):
Canonical link: https://commits.webkit.org/285019@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
