mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-20 16:55:40 +00:00
deb78e0cce
The semantics of what Firefox implemented for the AppID extension for WebAuthn were wrong. Notably: It was always emitted if the extension were used, and always set to `true`. The specification has more nuance so that RPs can use that result to determine what to validate against. As a reminder since it's been a while, this change has impacts to the WebAuthn Token Manager layer, so there's duplicative changes in the soft token and in the HID token, _and the automated tests only test the soft token_. Manual testing using webauthn.bin.coffee and other test sites are needed to verify behavior in U2FHIDTokenManager. Differential Revision: https://phabricator.services.mozilla.com/D79568 |
||
|---|---|---|
| .. | ||
| browser | ||
| pkijs | ||
| .eslintrc.js | ||
| cbor.js | ||
| get_assertion_dead_object.html | ||
| mochitest.ini | ||
| test_webauthn_abort_signal.html | ||
| test_webauthn_attestation_conveyance.html | ||
| test_webauthn_authenticator_selection.html | ||
| test_webauthn_authenticator_transports.html | ||
| test_webauthn_get_assertion_dead_object.html | ||
| test_webauthn_get_assertion.html | ||
| test_webauthn_isexternalctap2securitykeysupported.html | ||
| test_webauthn_isplatformauthenticatoravailable.html | ||
| test_webauthn_loopback.html | ||
| test_webauthn_make_credential.html | ||
| test_webauthn_no_token.html | ||
| test_webauthn_override_request.html | ||
| test_webauthn_sameorigin.html | ||
| test_webauthn_store_credential.html | ||
| u2futil.js | ||