Bug 251689

Summary: [GLib] Remove WebKitTLSErrorsPolicy
Product: WebKit Reporter: Michael Catanzaro <mcatanzaro>
Component: WebKitGTKAssignee: Nobody <webkit-unassigned>
Status: RESOLVED WONTFIX    
Severity: Normal CC: bugs-noreply, cgarcia, mcatanzaro
Priority: P2    
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on:    
Bug Blocks: 210100    

Description Michael Catanzaro 2023-02-03 08:00:43 PST 
I don't think we need WebKitTLSErrorsPolicy anymore since the web is a better place than it was 15 years ago. Applications that want to ignore a particular error can still use webkit_network_session_allow_tls_certificate_for_host(), which should suffice.
Comment 1 Carlos Garcia Campos 2023-02-03 22:54:57 PST 
I don't think we should remove it. I'm sure people will complain and ask us to bring it back. Being FAIL the default is enough.
Comment 2 Michael Catanzaro 2023-02-04 06:48:55 PST 
Really don't think there exists any valid use-case for this API in 2023. What's wrong with telling applications to use webkit_network_session_allow_tls_certificate_for_host() for bypassing certificate errors?
Comment 3 Michael Catanzaro 2023-02-06 07:48:34 PST 
So even though I don't think apps should be using this, it's not really a big deal to expose since it's pretty small.