Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use ephemeralSessionConfiguration on iOS for the default session configuration #131

Closed
petrdvorak opened this issue Aug 15, 2018 · 1 comment
Closed

Use ephemeralSessionConfiguration on iOS for the default session configuration #131

petrdvorak opened this issue Aug 15, 2018 · 1 comment
Assignees
@hvge
Labels
ios
Milestone
0.19.1

Comments

@petrdvorak
Copy link
Member

While we currently perform the necessary setup to mitigate the biggest issues, using ephemeralSessionConfiguration could help us be safer.
@petrdvorak petrdvorak added the ios label Aug 15, 2018
@hvge
Copy link
Member

hvge commented Aug 15, 2018

As a part of this I would also change how we handle PA2ClientSslValidationStrategy. Currently, the delegate is called for all types of authentication challenges, but the protocol has SSL in the name. So we should allow only NSURLAuthenticationMethodServerTrust challenges to be passed to the delegate.

I would rather target this change to some possible bugfix 0.19.1 release than to 2018.12. The reason is that for 2018.12 we need a more significant rework on internal networking.

But whatever we do, we should change the session to ephemeral one.

@hvge hvge added this to the 0.19.1 milestone Aug 16, 2018
hvge added a commit that referenced this issue Aug 31, 2018
@hvge
IOS: Fixed #131: Changed NSURLSession configuration to ephemeral one.
801a4f8 
validateSslForSession is now called only for server trust challenges.
@hvge hvge mentioned this issue Aug 31, 2018
Merged
@hvge hvge closed this as completed in #133 Aug 31, 2018
hvge added a commit that referenced this issue Aug 31, 2018
@hvge
IOS: Fixed #131: Changed NSURLSession configuration to ephemeral one.
cc3d15b 
validateSslForSession is now called only for server trust challenges.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hvge hvge

Labels
ios
Projects
None yet
Milestone
0.19.1
Development

No branches or pull requests
2 participants
@petrdvorak @hvge