Changeset 251979 in webkit
- Timestamp:
- Nov 3, 2019 11:33:28 PM (4 years ago)
- Location:
- trunk/Source/WebKit
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebKit/ChangeLog
r251976 r251979 1 2019-11-03 Jiewen Tan <jiewen_tan@apple.com> 2 3 [WebAuthn] CtapAuthenticator::tryDowngrade should distinguish requestData().options 4 https://bugs.webkit.org/show_bug.cgi?id=203771 5 <rdar://problem/56832618> 6 7 Reviewed by Brent Fulgham. 8 9 CtapAuthenticator::tryDowngrade assumes the request is a getAssertion request. This is true 10 for most cases but not for Google's registration. For Google's registration, a quirk is 11 implemented to use U2F commands for registration if GoogleLegacyAppIdSupportExtension asks 12 us to do so. 13 14 No tests given there is no way to simulate google.com in our test infrastructures. 15 16 * UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp: 17 (WebKit::CtapAuthenticator::tryDowngrade): 18 1 19 2019-11-03 Tim Horton <timothy_horton@apple.com> 2 20 -
trunk/Source/WebKit/UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp
r251317 r251979 108 108 if (m_info.versions().find(ProtocolVersion::kU2f) == m_info.versions().end()) 109 109 return false; 110 if (! isConvertibleToU2fSignCommand(WTF::get<PublicKeyCredentialRequestOptions>(requestData().options)))110 if (!observer()) 111 111 return false; 112 if (!observer()) 112 113 bool isConvertible = false; 114 WTF::switchOn(requestData().options, [&](const PublicKeyCredentialCreationOptions& options) { 115 isConvertible = isConvertibleToU2fRegisterCommand(options); 116 }, [&](const PublicKeyCredentialRequestOptions& options) { 117 isConvertible = isConvertibleToU2fSignCommand(options); 118 }); 119 if (!isConvertible) 113 120 return false; 114 121
Note: See TracChangeset
for help on using the changeset viewer.