OHTTP with WKWebView not working as expected

I am trying out the new ProxyConfiguration API for OHTTP and didn't get the expected result. I was using it with WKWebView. I have a relay test server that blocks requests to certain urls instead of forwarding them to the gateway. So for example if the user loads test-blocked.com in the web view they'd get an error, while test-allowed.com would be forwarded to the gateway and the website would be loaded. Now in my test using the code from the Ready, set, relay presentation the website would be loaded for both urls (blocked & allowed) and the relay was not hit at all. If I understand the ProxyConfiguration correctly allowFailover is set to false by default which means if anything is wrong (config or otherwise) no content should be loaded for any given url. Is that assumption correct? I tried using the URLSession example as well with the same result. Is the ProxyConfiguration API supposed to work in Beta 2? Are there any gotchas I have to look out for to make this work? Any help or pointers would be appreciated.

Thanks for reporting! This is a known issue in seeds 1 and 2 that should be addressed in the upcoming seeds. Once that is out, you'll also need to specifically add the domains that you expect to use OHTTP with when you create the proxy configuration in a new matchDomains property.

I attempted this with the beta 3 releases earlier today, but unfortunately still encounter the same issue with the OHTTP proxy as the original poster.

I've added code like this to my app:

let configuration = WKWebViewConfiguration()

if #available(iOS 17.0, *) {
    let endpoint = NWEndpoint.url(URL(string: "<relay server URL goes here>")!)
    let hop = ProxyConfiguration.RelayHop(http2RelayEndpoint: endpoint)
    let proxyConfiguration = ProxyConfiguration(obliviousHTTPRelay: hop,
                                                relayResourcePath: "/gateway",
                                                gatewayKeyConfig: keyData, // Fetched earlier from the gateway's /ohttp-keys endpoint
                                                matchDomains: ["example.com"])

    configuration.websiteDataStore.proxyConfigurations = [proxyConfiguration]
}

// ...set configuration on WKWebView, etc...

However, no matter what values I set for matchDomains (including an empty array), the relay server is never hit and the app behaves as if no proxy is set. I'm able to ping the relay server with curl and see requests come in, so that shouldn't be the issue.

I'm able to successfully use other proxy types - I've tried a SOCKS proxy, and it works great. I considered the possibility that my configuration values are wrong, but if that were true I would expect the navigation requests from the web view to fail (which they do when you provide a SOCKS proxy with a bad URL, for instance).

Let me know if I've overlooked something, and thanks for such a nice addition to the WebKit API! ❤️

Can you please attach to the FB:

  • A sysdiagnose attached, taken right after attempting to use the OHTTP proxy
  • The OHTTP config being passed in
OHTTP with WKWebView not working as expected
 
 
Q