Hi, I tried to build the latest WebKitGTK 1.1.10 on OpenSolaris lately and it works with some patching (will post the patch for review after apache standard C++ library is integrated into OpenSolaris which WebKitGTK depends on). The test program GtkLauncher also runs fine here.
WebKitGTK's default backend was cURL back to 1.0.x timeframe. WebKitGTK doesn't support https by default at that time. However, users can set the environment WEBKIT_IGNORE_SSL_ERRORS to ignore the ssl certificate check. The latest WebKitGTK 1.1.10 has switched to use libsoup as the default backend (The HTTP Authentication dialog looks good BTW). And it supports https by default. As I check the WebKitGTK source code, WebKitGTK calls soup_session_async_new to create SoupSession. With this session, WebKitGTK accepts all SSL certificates automatically instead of checking against certain SSL Certificate Authorities. This approach looks not so secure, for Epiphany for example. Is there any plan to improve this situation in the future development (Maybe before GNOME 2.28 release)? Is there any setting to disable https support for now like we did for cURL backend? Thanks & Best Regards, -Alfred _______________________________________________ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
