mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-20 16:55:40 +00:00
deb78e0cce
The semantics of what Firefox implemented for the AppID extension for WebAuthn were wrong. Notably: It was always emitted if the extension were used, and always set to `true`. The specification has more nuance so that RPs can use that result to determine what to validate against. As a reminder since it's been a while, this change has impacts to the WebAuthn Token Manager layer, so there's duplicative changes in the soft token and in the HID token, _and the automated tests only test the soft token_. Manual testing using webauthn.bin.coffee and other test sites are needed to verify behavior in U2FHIDTokenManager. Differential Revision: https://phabricator.services.mozilla.com/D79568 |
||
---|---|---|
.. | ||
browser | ||
pkijs | ||
.eslintrc.js | ||
cbor.js | ||
get_assertion_dead_object.html | ||
mochitest.ini | ||
test_webauthn_abort_signal.html | ||
test_webauthn_attestation_conveyance.html | ||
test_webauthn_authenticator_selection.html | ||
test_webauthn_authenticator_transports.html | ||
test_webauthn_get_assertion_dead_object.html | ||
test_webauthn_get_assertion.html | ||
test_webauthn_isexternalctap2securitykeysupported.html | ||
test_webauthn_isplatformauthenticatoravailable.html | ||
test_webauthn_loopback.html | ||
test_webauthn_make_credential.html | ||
test_webauthn_no_token.html | ||
test_webauthn_override_request.html | ||
test_webauthn_sameorigin.html | ||
test_webauthn_store_credential.html | ||
u2futil.js |