[webkit-changes] [WebKit/WebKit] c0e1cd: [WebAuthn] Navigator matches excludedCredentials f...
Commit Queue
noreply at github.com
Tue Mar 5 14:59:56 PST 2024
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: c0e1cd6ea54e260139397056ccc5cf2f199aa7f0
https://github.com/WebKit/WebKit/commit/c0e1cd6ea54e260139397056ccc5cf2f199aa7f0
Author: Pascoe <pascoe at apple.com>
Date: 2024-03-05 (Tue, 05 Mar 2024)
Changed paths:
M Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm
Log Message:
-----------
[WebAuthn] Navigator matches excludedCredentials for deleted passkeys in 30 day grace period
https://bugs.webkit.org/show_bug.cgi?id=264097
rdar://118182303
Reviewed by Charlie Wolfe.
In order to avoid matching recently deleted passkeys in the local authenticator, we match only
against the group "com.apple.webkit.webauthn." This works because recently deleted passkeys
are moved to another group, "com.apple.webkit.webauthn-recently-deleted."
* Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:
(WebKit::LocalAuthenticatorInternal::getExistingCredentials):
Canonical link: https://commits.webkit.org/275711@main
To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications
More information about the webkit-changes
mailing list