mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-22 09:45:41 +00:00
f7a8b4c054
The published recommendation of L1 for WebAuthn changed the visibility/focus listening behaviors to a SHOULD [1], and Chromium, for reasons like our SoftU2F bug [0], opted to not interrupt on tabswitch/visibility change. Let's do the same thing. This changes the visibility mechanism to set a flag on an ongoing transaction, and then, upon multiple calls to the FIDO/U2F functions, only aborts if visibility had changed. Otherwise, subsequent callers return early. This is harder to explain than it is really to use as a user. I think. At least, my testing feels natural when I'm working within two windows, both potentially prompting WebAuthn. Note: This also affects FIDO U2F API. [0] https://bugzilla.mozilla.org/show_bug.cgi?id=1448408#c0 [1] https://www.w3.org/TR/webauthn-1/#abortoperation Differential Revision: https://phabricator.services.mozilla.com/D25160 --HG-- extra : moz-landing-system : lando |
||
---|---|---|
.. | ||
browser | ||
pkijs | ||
.eslintrc.js | ||
cbor.js | ||
get_assertion_dead_object.html | ||
mochitest.ini | ||
test_webauthn_abort_signal.html | ||
test_webauthn_attestation_conveyance.html | ||
test_webauthn_authenticator_selection.html | ||
test_webauthn_authenticator_transports.html | ||
test_webauthn_get_assertion_dead_object.html | ||
test_webauthn_get_assertion.html | ||
test_webauthn_isexternalctap2securitykeysupported.html | ||
test_webauthn_isplatformauthenticatoravailable.html | ||
test_webauthn_loopback.html | ||
test_webauthn_make_credential.html | ||
test_webauthn_no_token.html | ||
test_webauthn_override_request.html | ||
test_webauthn_sameorigin.html | ||
test_webauthn_store_credential.html | ||
u2futil.js |