From b357661a41c1b045a1e5263246d0ee824461cfbe Mon Sep 17 00:00:00 2001
From: Thomas Espach <tespach@duckduckgo.com>
Date: Wed, 4 Oct 2023 11:14:41 +0100
Subject: [PATCH] Replace insecure self.url?.absoluteString with secure
 alternative: frame.securityOrigin.host.

---
 DuckDuckGo/TabViewController.swift | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/DuckDuckGo/TabViewController.swift b/DuckDuckGo/TabViewController.swift
index 5a1a383922..60e61d310f 100644
--- a/DuckDuckGo/TabViewController.swift
+++ b/DuckDuckGo/TabViewController.swift
@@ -1109,7 +1109,7 @@ extension TabViewController: WKNavigationDelegate {
     
     private func onWebpageDidFinishLoading() {
         os_log("webpageLoading finished", log: .generalLog, type: .debug)
-                
+            
         tabModel.link = link
         delegate?.tabLoadingStateDidChange(tab: self)
 
@@ -1916,8 +1916,8 @@ extension TabViewController: WKUIDelegate {
         let alert = WebJSAlert(domain: frame.request.url?.host
                                // in case the web view is navigating to another host
                                ?? webView.backForwardList.currentItem?.url.host
-                               ?? self.url?.absoluteString
-                               ?? "",
+                               // secure fall-back
+                               ?? frame.securityOrigin.host,
                                message: message,
                                alertType: .alert(handler: completionHandler))
         self.present(alert)