[Webkit-unassigned] [Bug 241517] New: [webauthn] Enums should be DOMStrings

[bugzilla-daemon at webkit.org]

https://bugs.webkit.org/show_bug.cgi?id=241517

            Bug ID: 241517
           Summary: [webauthn] Enums should be DOMStrings
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKit Misc.
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: nsatragno at gmail.com

WebAuthn enums should be DOMStrings instead, see the discussion on the spec [1]. If a value is not valid, it should be treated as not present (which usually means it should be converted into the default). This applies to AuthenticatorAttachment, ResidentKeyRequirement, UserVerificationRequirement, and AttestationConveyancePreference.

The spec does not prescribe this, but it might be worth issuing a warning if an unknown value is detected to aid debugging.

Example code:

navigator.credentials.create({
    publicKey: {
        challenge: new Uint8Array(),
        authenticatorSelection: {
            authenticatorAttachment: "not a valid member",
        },
        rp: { name: "rp" },
        user: { displayName: "display", name: "user", id: new Uint8Array() },
        pubKeyCredParams: [],
    }
})

This throws TypeError but it should instead be equivalent to having an empty authenticatorAttachment, and maybe issue a warning instead.

[1] https://github.com/w3c/webauthn/issues/1738

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20220610/f552d02c/attachment.htm>