mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-21 01:05:45 +00:00
bce88244c0
Credential Management defines a parameter `sameOriginWithAncestors` which is set true if the responsible document is not either in a top-level browsing context, or is in a nested context whose heirarchy is all loaded from the same origin as the top-level context [1][2]. The individual credential types of CredMan can use this flag to make decisions on whether to error or not. Our Credential Management implementation right now is a shim to Web Authentication, which says that if `sameOriginWithAncestors` is false, return `"NotAllowedError"`. This ensures that https://webauthn.bin.coffee/iframe.html works, but the cross-origin https://u2f.bin.coffee/iframe-webauthn.html does not. [1] https://w3c.github.io/webappsec-credential-management/#algorithm-request [2] https://w3c.github.io/webappsec-credential-management/#algorithm-create [3] https://w3c.github.io/webauthn/#createCredential [4] https://w3c.github.io/webauthn/#getAssertion MozReview-Commit-ID: KIyakgl0kGv --HG-- extra : rebase_source : dace4f4d73823913bff759fce8255da8e18ad5e3
25 lines
650 B
Python
25 lines
650 B
Python
# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*-
|
|
# vim: set filetype=python:
|
|
# This Source Code Form is subject to the terms of the Mozilla Public
|
|
# License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
|
|
with Files("**"):
|
|
BUG_COMPONENT = ("Core", "DOM: Device Interfaces")
|
|
|
|
EXPORTS.mozilla.dom += [
|
|
'Credential.h',
|
|
'CredentialsContainer.h',
|
|
]
|
|
|
|
UNIFIED_SOURCES += [
|
|
'Credential.cpp',
|
|
'CredentialsContainer.cpp',
|
|
]
|
|
|
|
include('/ipc/chromium/chromium-config.mozbuild')
|
|
|
|
FINAL_LIBRARY = 'xul'
|
|
|
|
MOCHITEST_MANIFESTS += ['tests/mochitest/mochitest.ini']
|