[Webkit-unassigned] [Bug 226171] New: [WebAuthn] User verification flag not honored during registration

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon May 24 02:31:42 PDT 2021 

https://bugs.webkit.org/show_bug.cgi?id=226171

            Bug ID: 226171
           Summary: [WebAuthn] User verification flag not honored during
                    registration
           Product: WebKit
           Version: Safari 14
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebCore Misc.
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: pvanstaden at entersekt.com

Created attachment 429515

  --> https://bugs.webkit.org/attachment.cgi?id=429515&action=review

Expected dialog.

When using the `navigator.credentials.create` call and passing in `authenticatorSelection.userVerification` as `required` there is divergent behavior.

Start with a token that have already been registered, it works fine.

If you have a token that have not yet been initialized, the browser is supposed to show a set pin screen. As shown here in attachment called `Expected dialog`

Safari seems to return the userVerification flag as false when an uninitialized token is used.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20210524/5b968ba6/attachment.htm>

More information about the webkit-unassigned mailing list