Re: ATS fails for one subdomain, succeeds for another
Re: ATS fails for one subdomain, succeeds for another
- Subject: Re: ATS fails for one subdomain, succeeds for another
- From: "Quinn \"The Eskimo!\"" <email@hidden>
- Date: Tue, 05 Dec 2017 21:00:22 +0000
On 5 Dec 2017, at 14:35, Daniel Jalkut <email@hidden> wrote:
> Do you have any insights about logic the system uses when deciding whether to
> cache the information, and at which level of the frameworks it’s done?
Gosh, this stuff has got complex in recent years. Last I checked:
* Yes, this is all done by CFNetwork
* Specifically, HSTS cache info is managed by `nsurlstoraged`
* It’s stored in a file (`HSTS.plist`?) in the Caches directory
* It’s subject to security partitioning, so there’s a different store per user
and that’s further separated for sandboxed apps
IMPORTANT: All of the above are implementation details and thus subject to
change.
> Do you think it might be a bug, or at least an opportunity for improvement,
> that the system is not caching my HSTS-compliant target (sub)domain?
To offer an educated opinion on that I’d have to look into your exact issue in
detail, and that’d take more time that I have available for mailing list work
(although you could always open a DTS tech support incident for this).
<https://developer.apple.com/support/technical/>
Share and Enjoy
--
Quinn "The Eskimo!" <http://www.apple.com/developer/>
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden