Post

Replies

Boosts

Views

Activity

ProxyConfiguration in WKWebView doesn't allow trusting self-signed certificate
I have an HTTP3 relay setup and I'm trying to get WKWebView traffic to use it. The relay has a self-signed certificate for TLS traffic. When using URLSession to make a call, everything works as expected, but in WKWebView, it doesn't. Here is how I setup my ProxyConfiguration let options = NWProtocolTLS.Options() // sample options to trust any certificate for testing sec_protocol_options_set_verify_block(options.securityProtocolOptions, { (sec_protocol_metadata, sec_trust, sec_protocol_verify_complete) in sec_protocol_verify_complete(true) }, DispatchQueue.global()) let relayServer = ProxyConfiguration.RelayHop(http3RelayEndpoint: relayEndpoint, tlsOptions: options) let relayConfig = ProxyConfiguration(relayHops: [relayServer]) I connect that to my webview by simply doing the following: let configuration = WKWebViewConfiguration() configuration.websiteDataStore = WKWebsiteDataStore.nonPersistent() configuration.websiteDataStore.proxyConfigurations = [relayConfig] let webView = WKWebView(frame: .zero, configuration: configuration) The sec_protocol_options_set_verify_block is never called for the WKWebView (it is when I use URLSession) I get the following error in XCode [pageProxyID=7, webPageID=8, PID=73105] WebPageProxy::didFailProvisionalLoadForFrame: frameID=1, isMainFrame=1, domain=NSURLErrorDomain, code=-1202, isMainFrame=1, willInternallyHandleFailure=0 Is there some API I am missing to get the webview to do custom TLS validation with an HTTP3 relay?
2
3
719
Apr ’24