[webkit-reviews] review granted: [Bug 237380] [WebAuthn] Completion handler is not called when WebAuthn invoked without proper entitlements : [Attachment 453646] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Mar 2 13:28:30 PST 2022
Chris Dumez <cdumez at apple.com> has granted Brent Fulgham
<bfulgham at webkit.org>'s request for review:
Bug 237380: [WebAuthn] Completion handler is not called when WebAuthn invoked
without proper entitlements
https://bugs.webkit.org/show_bug.cgi?id=237380
Attachment 453646: Patch
https://bugs.webkit.org/attachment.cgi?id=453646&action=review
--- Comment #7 from Chris Dumez <cdumez at apple.com> ---
Comment on attachment 453646
--> https://bugs.webkit.org/attachment.cgi?id=453646
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=453646&action=review
r=me
> Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp:88
> + WEBAUTHN_RELEASE_LOG("makeCredential: The
'navigator.credentials.create' API is only permitted in applications with the
'com.apple.developer.web-browser' entitlement.");
Is this an error? If so, could we add a WEBAUTHN_RELEASE_LOG_ERROR (which calls
RELEASE_LOG_ERROR internally) and call that instead?
If this is something we should pay attention to, making them stand out in the
logs could be useful. Same comment for other logging you added in this file.
>
Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp:138
> + RELEASE_LOG(WebAuthn, "%p - [webPageID=%" PRIu64 "]
WebAuthenticatorCoordinator::isUserVerifyingPlatformAuthenticatorAvailable:
WebAuthn is only permitted in applications with the
'com.apple.developer.web-browser' entitlement.", this, PAGE_ID);
Why is this one not using WEBAUTHN_RELEASE_LOG() ?
More information about the webkit-reviews
mailing list